Snapshot update issue with

Updating my experimental generic x86 with auc this morning failed with an error.

Collected errors:
 * check_data_file_clashes: Package libustream-mbedtls20201210 wants to install file /home/aparcar/asu/worker1/cache/SNAPSHOT/x86/64/build_dir/target-x86_64_musl/root-x86/lib/
        But that file is already provided by package  * libustream-wolfssl20201210
 * opkg_install_cmd: Cannot install package luci-ssl.

I think I saw something about mbedtls on the dev email list in the last week or two, but I can't find it now. Can this be resolved with a simple opkg remove libustream-wolfssl20201210 or is there more I need to do?

Some context:

$ ubus call system board
        "kernel": "5.15.90",
        "hostname": "rtr02",
        "system": "Intel(R) Celeron(R) N5105 @ 2.00GHz",
        "model": "Default string Default string",
        "board_name": "default-string-default-string",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "SNAPSHOT",
                "revision": "r21950-90dbdb4941",
                "target": "x86/64",
                "description": "OpenWrt SNAPSHOT r21950-90dbdb4941"

Maybe this commit?;a=commit;h=4bcc3fd3d222bfe545beb3906da9de860fcb83bd

1 Like

I think this question is still relevant.

your error is due to auc including all current packages in your current firmware image, while OpenWrt changed the default SSL from wolfssl to mbedtls. Auc includes the old/present wolfssl things and simultaneously the new defaults cause mbedtls variants of some packages to be included.

So, you should tell auc to exclude the wolfssl variant of libustream.
The same goes also for px5g-wolfssl etc. wolfssl related stuff.


Yup, that was my suspicion, thanks for the confirmation!

Just a follow up on the actual commands I used to effect the solution:

opkg update
opkg download libmbedtls12 libubox20220927 libustream-mbedtls20201210
opkg remove luci-ssl px5g-wolfssl libustream-wolfssl20201210 libwolfssl5.5.4.e624513f
opkg install --offline-root / ~/*.ipk
auc -y

... after reboot ...

$ grep RELEASE /etc/os-release
OPENWRT_RELEASE="OpenWrt SNAPSHOT r22000-6bc675c0be"

EDIT: Note that you must run (and verify) the opkg download before you do the remove, as remove kills your certs and you won't be able to do any downloads again until you've installed the new ones with the subsequent opkg install ....

1 Like

that fixed it

1 Like

Also running into this issue :frowning:
Latest master

I generate my .config from this file:





cat .config | grep libustream
# CONFIG_PACKAGE_libustream-openssl is not set

Error message

* check_data_file_clashes: Package libustream-wolfssl20201210 wants to install file ******/openwrt/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/root-mvebu/lib/
        But that file is already provided by package  * libustream-mbedtls20201210
 * opkg_install_cmd: Cannot install package libustream-wolfssl20201210.

EDIT: Ignore below

Ok, so apprently this line adds in CONFIG_DEFAULT_libustream-wolfssl=y
I had to manually set CONFIG_PACKAGE_libustream-wolfssl=n to resolve this, but is this intended?

luci-ssl brings in mbedtls, but doesn't disable wolfssl

@neheb a bit of fallout?

There shouldn't be.
As far as I can see in sources, the global default was changed quite properly from wolfssl to mbedtls.

I would more suspect a somehow dirty build environment, not updated sources, or something similar.

@dominick-han might delete tmp/ and let the package data there get recreated.

It doesn't.
Here is the proof with the up-to-date master r22063-f490295bf2

perus@ub2210:/Openwrt/wrt3200$ ./scripts/ 

perus@ub2210:/Openwrt/wrt3200$ cat .config
# Use "make defconfig" to expand this to a full .config

perus@ub2210:/Openwrt/wrt3200$ make defconfig
# configuration written to .config

perus@ub2210:/Openwrt/wrt3200$ grep -E "mbedtls|wolfssl" .config
# CONFIG_PACKAGE_micropython-mbedtls is not set
# CONFIG_PACKAGE_libzip-mbedtls is not set
# CONFIG_PACKAGE_libuhttpd-mbedtls is not set
# CONFIG_PACKAGE_libuhttpd-wolfssl is not set
# CONFIG_PACKAGE_libuwsc-mbedtls is not set
# CONFIG_PACKAGE_libuwsc-wolfssl is not set
# Option details in source code: include/mbedtls/mbedtls_config.h
# CONFIG_PACKAGE_libwolfssl is not set
# CONFIG_PACKAGE_libustream-wolfssl is not set
# CONFIG_PACKAGE_libwebsockets-mbedtls is not set
# CONFIG_PACKAGE_umurmur-mbedtls is not set
# CONFIG_PACKAGE_openvpn-mbedtls is not set
# CONFIG_PACKAGE_openvpn-wolfssl is not set
# CONFIG_PACKAGE_eapol-test-mbedtls is not set
# CONFIG_PACKAGE_eapol-test-wolfssl is not set
# CONFIG_PACKAGE_hostapd-basic-mbedtls is not set
# CONFIG_PACKAGE_hostapd-basic-wolfssl is not set
# CONFIG_PACKAGE_hostapd-mbedtls is not set
# CONFIG_PACKAGE_hostapd-wolfssl is not set
# CONFIG_PACKAGE_wpa-supplicant-mbedtls is not set
# CONFIG_PACKAGE_wpa-supplicant-mesh-mbedtls is not set
# CONFIG_PACKAGE_wpa-supplicant-mesh-wolfssl is not set
# CONFIG_PACKAGE_wpa-supplicant-wolfssl is not set
# CONFIG_PACKAGE_wpad-basic-wolfssl is not set
# CONFIG_PACKAGE_wpad-mbedtls is not set
# CONFIG_PACKAGE_wpad-mesh-mbedtls is not set
# CONFIG_PACKAGE_wpad-mesh-wolfssl is not set
# CONFIG_PACKAGE_wpad-wolfssl is not set
# CONFIG_PACKAGE_shairport-sync-mbedtls is not set
# CONFIG_PACKAGE_px5g-mbedtls is not set
# CONFIG_PACKAGE_px5g-wolfssl is not set
# CONFIG_PACKAGE_rtty-mbedtls is not set
# CONFIG_PACKAGE_rtty-wolfssl is not set
# CONFIG_PACKAGE_cache-domains-mbedtls is not set
# CONFIG_PACKAGE_cache-domains-wolfssl is not set
# CONFIG_PACKAGE_mbedtls-util is not set
1 Like

Yeah, deleting and cloning again worked, thanks!

Somehow make distclean didn't work :confused: I did git clean -dfx too

Hi @hnyman ,

There is exactly the same problem with Dynalink /openwrt image. I know that you are also active in Dynalink thread. I get exactly the same error message when trying to install luci-ssl-openssl on a freshly upgraded snapshot image without any additional packages. Do you know how to fix this issue just by using the master snapshot build?
Is there anyway to cleanup the image, so it does not result in the same error when installing luci-ssl-openssl?

just opkg remove the libustream-mbedtls (or libustream-wolfssl) package before installing the luci-ssl-openssl.
(note that removing the old SSL capability prevents new downloads, so first install openssl, then download the libustream-openssl .ipk package, then opkg remove libustream-mbedtls, and then opkg install libustream-openssl.
Then you should be able to install luci-ssl-openssl.

Or use opkg force options to force the libustream-openssl installation from SSH console.
(or just force luci-ssl-openssl)

opkg install --force-overwrite luci-ssl-openssl

I normally build with toolchain from sources, so it is about this:

# CONFIG_PACKAGE_wpad-basic-mbedtls is not set 
# CONFIG_PACKAGE_libustream-mbedtls is not set 

For Dynalink, I have used imagebuilder, and there you need similar actions of disabling/removing mbedtls stuff from the image and selecting openssl variants of all components:

make image \
 PROFILE="dynalink_dl-wrx36" \
 PACKAGES=" wget-ssl hostapd-utils wpad-openssl ca-certificates luci-ssl-openssl \
  -wpad-basic-mbedtls -libustream-mbedtls -libmbedtls" \
1 Like

Thank you very much @hnyman :slight_smile:

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.