Replacing libustream-mbedtls and wpad-basic-mbedtls packages with openssl variants?

I am planning on getting the WRX36 for home use that would replace a Netgear R7800(an excellent router). I am trying to get a custom snapshot build for it. My question is, can I replace libustream-mbedtls and wpad-basic-mbedtls packages with libustream-openssl20201210 and wpad-openssl?

As far as I can see including both mbedtls and openssl creates conflicts while generating the build. I just want to make sure I don't end up with a router that I cannot SSH into.

You can. But you need to explicitly remove the mbedtls packages with "-".
See the last line below in my current recipe for imagebuilder.

(I use the luci-ssl-openssl that pulls in the libustream-openssl)

make image \
 PROFILE="dynalink_dl-wrx36" \
 PACKAGES="ccrypt diffutils gdbserver htop irqbalance mtr-nojson nano-full \
  openssh-sftp-server patch tcpdump-mini tree wget-ssl \
  block-mount kmod-usb-storage kmod-fs-cifs kmod-fs-exfat libblkid \
  kmod-fs-ext4 kmod-fs-msdos kmod-fs-ntfs3 kmod-nls-cp437 kmod-nls-iso8859-1 \
  kmod-nls-utf8 hostapd-utils wpad-openssl ca-certificates \
  luci-ssl-openssl luci-app-adblock luci-app-bcp38 luci-app-commands \
  luci-app-nlbwmon luci-app-opkg luci-app-sqm luci-app-uhttpd \
  luci-app-statistics collectd-mod-conntrack collectd-mod-cpufreq \
  collectd-mod-ping collectd-mod-thermal collectd-mod-uptime \
  kmod-tun luci-proto-wireguard unetd unet-cli \
  iptables-nft ip6tables-nft ipset \
  qosify kmod-sched-bpf \
  -wpad-basic-mbedtls -libustream-mbedtls -libmbedtls" \
1 Like

If you are UK bases you might consider picking one up for £34,09: link removed

Editie: probably to good to be true. Link removed.

Why not wpad-wolfssl ? Much lighter, not sure if you need something specific on openssl

Omg, I've bought more expensive peanut bags. I cannot find it though cheap here in Spain :frowning:

1 Like

Best of luck with a website that has a trademark of 2005, an address of 8599 S 100 E,Lynn,IN,47355 which is John Schroeder Electric Indiana according to Google, and seems to offer prices that are too good to be true.


I was under the impression that we were moving back to mbedtls away from wolfssl. My 22.03 boxes are using wolfssl, but my snapshot boxes are all mbedtls... I seem to recall some discussion on the dev email list about it, but maybe I'm mis-remembering this?

1 Like

Officially yes, here was the change done:


ok, but 802.11v support should also be added in basic version.

1 Like