Openwrt 21.02 comes with wolfssl by default.
I would like to switch back to openssl. However, deinstalling wolfssl breaks the installation and the router has to be debricked using TFTP.
Is there a way to switch from wolfssl to openssl?
try to (if needed, force) installing openssl 1st, then uninstalling wolf.
I'm afraid it may not be trivial since this kind of dependency is typically defined in the makefile.
Thus changing the dependency requires to rebuild each package that relies on it.
Note that some packages like OpenVPN provide alternative builds for multiple crypto-backends.
Note that if you have enough flash space, you can leave wolfssl library there, you just add the openssl library, and then provide correct variants of each app that uses SSL.
For some OpenWrt core apps (like uhttpd, uclient-fetch/wget, etc.) the SSL library is hidden behind the ustreamssl library, which converts the generic SSL calls to calls specific to each SSL library variant. so the SSL lib can be changed easily.
You should be able to
- install libopenssl
- install openssl-util
- then remove libustream-wolfssl
- install libustream-openssl
That should take care of LuCI, wget, opkg etc.
Then for wifi:
- remove wpad-wolfssl
- install wpad-openssl
(There are also some extra apps like curl that you need to compile to support openssl.)
Note that you need to restart uhttpd for LuCI, and restart wpad/hostapd/wifi for wifi.
Example:
2 Likes
The step opkg remove libustream-wolfssl fails reporting No packages removed.
How does one do this?