@ynezz
This thread and the narrowing down of curl should be noted as causing issues on 21.02 after upgrading.
Did this using new image (sysupgrade).. but same issue with CURL.. so it's the CURL package that stopped working for HTTPS after updating WoflSSL.. that's the only thing UPGRADED before it stopped working.
Here's where you can report this, or find/search for package related bugs.
Create a Git account and post your tech details.
Thanks will do that
@Bill
somebody has already raised already related issue.. and devs have acknowledge it's broken with the latest 21.02 builds due to changes to wolfssl
For those who came across this and having the same issue.. please see the following links:
Hello!
Yes for:
Model Linksys MR8300 (Dallas)
Architecture ARMv7 Processor rev 5 (v7l)
Target Platform ipq40xx/generic
Firmware Version OpenWrt 21.02.3 r16554-1d4dea6d4f / LuCI openwrt-21.02 branch git-22.245.77575-63bfee6
Kernel Version 5.4.188
The package has stopped working. Tried to downgrade wolf ssl without success. Here my version about packages.
libustream-wolfssl20201210 - 2022-01-16-868fd881-2
libwolfssl5.5.1.99a5b54a - 5.5.1-stable-2
px5g-wolfssl - 4.1
wpad-basic-wolfssl - 2020-06-08-5a8b3662-41
libcurl4 - 7.83.1-2.1
----------------------------
WARNING: Running as root without dropping privileges is NOT recommended.
----------------------------
[W] 1665824889.155379 main.c:236 HTTP/3 is not supported by current libcurl
[W] 1665825129.454036 https_client.c:351 66B8: curl request failed with 0: No error
[W] 1665825129.454089 https_client.c:353 66B8: curl error message: Error reading ca cert file p=�� - mbedTLS: (-0x3E00) PK - Read/write of file failed
[W] 1665825129.454127 https_client.c:380 66B8: No response (probably connection has been closed or timed out)
What OpenWRT are you using? If it's 21.02.x then you might need to manually downgrade the version of curl
and libcurl4
(see this link: https://github.com/openwrt/packages/issues/19547#issuecomment-1271809668).
Although the fix has been committed already for 21.02 branch, somehow it wasn't included on some of the latest (as of this writing) archi release (ex: mipsel_24kc
but is updated packages for curl and libcurl4 was included for mips_24kc
) for 21.02.x. See my post here and here.
Firmware Version OpenWrt 22.03.1 r19777-2853b6d652 / LuCI openwrt-22.03 branch git-22.245.77528-487e58a
Hmmm.. you are already using 22.03 branch which should have working curl
and libcurl
but I'm not sure about the HTTP/3
support.
Can you check what package versions installed in your router for curl
and libcurl
?
$ pkg list-installed | grep curl
curl - 7.85.0-5.1
libcurl4 - 7.85.0-5.1
php8-mod-curl - 8.1.11-1
Have you tried updating/upgrading your curl
and libcurl4
? Checking some of the archi packages for 22.03.1
there should be a 7.85.0-6.1 version. I'm just not sure about your php8-mod-curl
.
opkg list-installed | grep curl
curl - 7.85.0-6.1
libcurl4 - 7.85.0-6.1
php8-mod-curl - 8.1.11-1
I done that but still https-dns-proxy
is not working.
anymore commands to run to diagnose the issue?
Why is this marked as solution? I can't get curl
working again after installing git
in 21.02.
Downgrading won't work either....
$ wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/curl_7.83.1-2.1_x86_64.ipk
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/libcurl4_7.83.1-2.1_x86_64.ipk
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/base/libwolfssl5.2.0.99a5b54a_5.2.0-stable-2_x86_64.ipk
opkg install libwolfssl5.2.0.99a5b54a_5.2.0-stable-2_x86_64.ipk
opkg install libcurl4_7.83.1-2.1_x86_64.ipk
opkg install curl_7.83.1-2.1_x86_64.ipk
Installing libwolfssl5.2.0.99a5b54a (5.2.0-stable-2) to root...
Configuring libwolfssl5.2.0.99a5b54a.
Package libcurl4 (7.83.1-2.1) installed in root is up to date.
Package curl (7.83.1-2.1) installed in root is up to date.
$ opkg list-installed | grep curl
curl - 7.83.1-2.1
libcurl4 - 7.83.1-2.1
$ opkg list-installed | grep wolfssl
libustream-wolfssl20201210 - 2022-01-16-868fd881-2
libwolfssl5.2.0.99a5b54a - 5.2.0-stable-2
libwolfssl5.5.1.99a5b54a - 5.5.1-stable-2
px5g-wolfssl - 4.1
$ opkg remove libwolfssl5.5.1.99a5b54a
No packages removed.
Collected errors:
* print_dependents_warning: Package libwolfssl5.5.1.99a5b54a is depended upon by packages:
* print_dependents_warning: libustream-wolfssl20201210
* print_dependents_warning: px5g-wolfssl
* print_dependents_warning: libcurl4
* print_dependents_warning: These might cease to work if package libwolfssl5.5.1.99a5b54a is removed.
* print_dependents_warning: Force removal of this package with --force-depends.
* print_dependents_warning: Force removal of this package and its dependents
* print_dependents_warning: with --force-removal-of-dependent-packages.
$ curl -sSL https://google.de
curl: (1) Protocol "https" not supported or disabled in libcurl
So is the only way to update to 22.03?
Sorry about that, but I think I accidentally clicked the button. Anyway...
You installed the 7.83.1-2.1
version which is the one broken because of the wolfssl
security update. If you can't see a higher version in the releases for your archi, you need to downgrade to 7.83.1-1
versions for now.
curl - 7.83.1-1
libcurl4 - 7.83.1-1
To do this (excerpt from here: https://github.com/openwrt/packages/issues/19547#issuecomment-1271809668)
Until it's fixed you could use the archive repo:
https://archive.openwrt.org/releases/
https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/ e.g.
and download these packages which aren't affected:
curl - 7.83.1-1 (packages)
libcurl4 - 7.83.1-1 (packages)
libwolfssl5.2.0.99a5b54a - 5.2.0-stable-2 (base)
e.g. for 21.02 x86_64 - step by step: (with typo corrections)
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/curl_7.83.1-1_x86_64.ipk
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/libcurl4_7.83.1-1_x86_64.ipk
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/base/libwolfssl5.2.0.99a5b54a_5.2.0-stable-2_x86_64.ipk
opkg install libwolfssl5.2.0.99a5b54a_5.2.0-stable-2_x86_64.ipk
opkg install libcurl4_7.83.1-1_x86_64.ipk
opkg install curl_7.83.1-1_x86_64.ipk
^^^ NOTE: I corrected the above as the instructions in the comment in github is incorrect.
You might need to also do --force-reinstall
if it won't downgrade the package.
You might need to raise an issue here: https://github.com/openwrt/packages/issues as i'm not sure about your problem. If you do custom build, this might help: https://github.com/openwrt/packages/issues/19547
Are you using a CA file? If not, it may be related to an issue upstream, I'm going to update the package within a few days.