It seems curl has stopped working after installing the latest patches of wolfssl. To test I tried https://www.google.com/ and got the following response.
Protocol "https" not supported or disabled in libcurl
Other packages stopped working after like the following: banIP banIP-0.7.10[12611]: f_down ::: name: doh_4, url: https://raw.githubusercontent.com/dibdot/DoH-IP-blocklists/master/doh-ipv4.txt, rule: /^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{print "add doh_4 "$1}, rc: 1, log: curl: (1) Protocol "https" not supported or disabled in libcurl
I was assuming latest stable, but the same question applies to 21.02. I compile myself and I stay away from the ABI meltdown that WolfSSL is wherever possible, so I cannot share any personal experiences - not anymore.
Extra complication is that opkg isn't really designed to be a full-fledged package manager.
Tell me more about the implications of removing WolfSSL from your system?
I am curious because I am really just run openssh client/server & openssl things (like luci-ssl-nginx). I haven't jumped ship yet and removed anything WolfSSL because I am afraid I will break something. I think the fact that OpenWRT comes with wolfssl & dropbear just confused me and my keys to the point that I just went with openssl and openssh because it just worked and never looked back.
Just curious if you found any issues with removing wolfssl packages?
I can't remove it on mine and use openssl instead unless I change my whole setup (reformat all my routers and re-configure everything). My WiFi setups uses the wolfssl packages.
You'd need to switch to OpenSSL yes, but you need enough storage for that. AFAIK what you'd need is wpad-openssl instead of the wolfssl flavour, and yes LuCI with OpenSSL support, if you'd like. There's very little added value to use OpenSSH though.
The other viable alternative for space constrained systems is mbedTLS, but unfortunately LuCI hostapd does (not yet) support it. There's a PR in the works for it, I believe.
Excuse my french, but WolfSSL has been a crazy clusterfuck from day one. There were no doubt sound reasons to prefer it instead of mbedTLS, but I am not privy to them. I've seen the breakage though that comes from WolfSSL 'not doing' maintenance releases and basically just bumping you to a major release if you need fixes.
There is one reason and one reason alone, hostapd needs ether openssl or wolfssl to support WPA3/ SAE; mbedtls support for hostapd is only just being developed (somewhere between proof-of-concept and RFC stage of patches). Compared to openssl, wolfssl is at least a third smaller - but its track record is …below average…, to phrase it mildly.
Well don’t do that. Unless you want to live on the edge of life. Install a new image instead.
It has been a lot of treads lately in the forum with the same question “I upgraded and now It doesn’t work”, read those if you want background info.
I think upgrade is the only way to get the newer, unaffected wolfssl packages, I tried a 22.03.0 image today and it still contained the affected, older packages.
FWIW I run a script in cron / manually that includes dependencies on curl . The script completes as desired yet I did not expect it to after reading the OP's post. Perhaps something else is afoot?