Thanks will do that
somebody has already raised already related issue.. and devs have acknowledge it's broken with the latest 21.02 builds due to changes to wolfssl
For those who came across this and having the same issue.. please see the following links:
Model Linksys MR8300 (Dallas) Architecture ARMv7 Processor rev 5 (v7l) Target Platform ipq40xx/generic Firmware Version OpenWrt 21.02.3 r16554-1d4dea6d4f / LuCI openwrt-21.02 branch git-22.245.77575-63bfee6 Kernel Version 5.4.188
The package has stopped working. Tried to downgrade wolf ssl without success. Here my version about packages.
libustream-wolfssl20201210 - 2022-01-16-868fd881-2 libwolfssl126.96.36.199a5b54a - 5.5.1-stable-2 px5g-wolfssl - 4.1 wpad-basic-wolfssl - 2020-06-08-5a8b3662-41
libcurl4 - 7.83.1-2.1
---------------------------- WARNING: Running as root without dropping privileges is NOT recommended. ---------------------------- [W] 1665824889.155379 main.c:236 HTTP/3 is not supported by current libcurl [W] 1665825129.454036 https_client.c:351 66B8: curl request failed with 0: No error [W] 1665825129.454089 https_client.c:353 66B8: curl error message: Error reading ca cert file p=�� - mbedTLS: (-0x3E00) PK - Read/write of file failed [W] 1665825129.454127 https_client.c:380 66B8: No response (probably connection has been closed or timed out)
What OpenWRT are you using? If it's 21.02.x then you might need to manually downgrade the version of
libcurl4 (see this link: https://github.com/openwrt/packages/issues/19547#issuecomment-1271809668).
Although the fix has been committed already for 21.02 branch, somehow it wasn't included on some of the latest (as of this writing) archi release (ex:
mipsel_24kc but is updated packages for curl and libcurl4 was included for
mips_24kc) for 21.02.x. See my post here and here.
Firmware Version OpenWrt 22.03.1 r19777-2853b6d652 / LuCI openwrt-22.03 branch git-22.245.77528-487e58a
Hmmm.. you are already using 22.03 branch which should have working
libcurl but I'm not sure about the
Can you check what package versions installed in your router for
$ pkg list-installed | grep curl
curl - 7.85.0-5.1 libcurl4 - 7.85.0-5.1 php8-mod-curl - 8.1.11-1
Have you tried updating/upgrading your
libcurl4? Checking some of the archi packages for
22.03.1 there should be a 7.85.0-6.1 version. I'm just not sure about your
opkg list-installed | grep curl curl - 7.85.0-6.1 libcurl4 - 7.85.0-6.1 php8-mod-curl - 8.1.11-1
I done that but still
https-dns-proxy is not working.
anymore commands to run to diagnose the issue?
Why is this marked as solution? I can't get
curl working again after installing
git in 21.02.
Downgrading won't work either....
$ wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/curl_7.83.1-2.1_x86_64.ipk wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/libcurl4_7.83.1-2.1_x86_64.ipk wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/base/libwolfssl188.8.131.52a5b54a_5.2.0-stable-2_x86_64.ipk opkg install libwolfssl184.108.40.206a5b54a_5.2.0-stable-2_x86_64.ipk opkg install libcurl4_7.83.1-2.1_x86_64.ipk opkg install curl_7.83.1-2.1_x86_64.ipk Installing libwolfssl220.127.116.11a5b54a (5.2.0-stable-2) to root... Configuring libwolfssl18.104.22.168a5b54a. Package libcurl4 (7.83.1-2.1) installed in root is up to date. Package curl (7.83.1-2.1) installed in root is up to date. $ opkg list-installed | grep curl curl - 7.83.1-2.1 libcurl4 - 7.83.1-2.1 $ opkg list-installed | grep wolfssl libustream-wolfssl20201210 - 2022-01-16-868fd881-2 libwolfssl22.214.171.124a5b54a - 5.2.0-stable-2 libwolfssl126.96.36.199a5b54a - 5.5.1-stable-2 px5g-wolfssl - 4.1 $ opkg remove libwolfssl188.8.131.52a5b54a No packages removed. Collected errors: * print_dependents_warning: Package libwolfssl184.108.40.206a5b54a is depended upon by packages: * print_dependents_warning: libustream-wolfssl20201210 * print_dependents_warning: px5g-wolfssl * print_dependents_warning: libcurl4 * print_dependents_warning: These might cease to work if package libwolfssl220.127.116.11a5b54a is removed. * print_dependents_warning: Force removal of this package with --force-depends. * print_dependents_warning: Force removal of this package and its dependents * print_dependents_warning: with --force-removal-of-dependent-packages. $ curl -sSL https://google.de curl: (1) Protocol "https" not supported or disabled in libcurl
So is the only way to update to 22.03?
Sorry about that, but I think I accidentally clicked the button. Anyway...
You installed the
7.83.1-2.1 version which is the one broken because of the
wolfssl security update. If you can't see a higher version in the releases for your archi, you need to downgrade to
7.83.1-1 versions for now.
curl - 7.83.1-1 libcurl4 - 7.83.1-1
To do this (excerpt from here: https://github.com/openwrt/packages/issues/19547#issuecomment-1271809668)
Until it's fixed you could use the archive repo:
and download these packages which aren't affected:
curl - 7.83.1-1 (packages) libcurl4 - 7.83.1-1 (packages) libwolfssl18.104.22.168a5b54a - 5.2.0-stable-2 (base)
e.g. for 21.02 x86_64 - step by step: (with typo corrections)
wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/curl_7.83.1-1_x86_64.ipk wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/packages/libcurl4_7.83.1-1_x86_64.ipk wget -q https://archive.openwrt.org/releases/21.02.3/packages/x86_64/base/libwolfssl22.214.171.124a5b54a_5.2.0-stable-2_x86_64.ipk opkg install libwolfssl126.96.36.199a5b54a_5.2.0-stable-2_x86_64.ipk opkg install libcurl4_7.83.1-1_x86_64.ipk opkg install curl_7.83.1-1_x86_64.ipk
^^^ NOTE: I corrected the above as the instructions in the comment in github is incorrect.
You might need to also do
--force-reinstall if it won't downgrade the package.
You might need to raise an issue here: https://github.com/openwrt/packages/issues as i'm not sure about your problem. If you do custom build, this might help: https://github.com/openwrt/packages/issues/19547
Are you using a CA file? If not, it may be related to an issue upstream, I'm going to update the package within a few days.
How to check that? If you need any info, you can share commands with me. I am more than happy to run them for you. I am noob in linux and openwrt, started using openwrt just for high pings in game. SQM solved the issue and I was blown away.
I am running this build on my pi4 router.
I've sent PRs for main and 22.03 branches with the fix for the garbage in the ca cert file name, given the logs you have provided it should solve the problem: https://github.com/openwrt/packages/pull/19611 https://github.com/openwrt/packages/pull/19612. I'll leave them for others to review/provide feedback for a day or so before merging.
The repo owner for your custom image can also manually build the new package from the updated sources.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.