[SOLVED] SSL support not available, please install an libustream-ssl variant to use this package. " dnscrypt overview page

Hello everyone, I'm trying to build an image for my WR841N v9 with dnscrypt;
last time I built it I had luci-SSL enabled and the DNSCrypt overview page was working just fine... but it was slowing down my device quite a bit, so I decided to disable it but now I get this error in the luci dnscrypt overview page
"SSL support not available, please install an libustream-ssl variant to use this package. "
so I need libustream-ssl.so in order to get it working... since I only have 4 MB flash I need to be careful on what to include (eg. If i enable the openSSL lib, image won't get built because it's too big as explained here, taken from @amq thread:

1. rm .config .config.old
2. make defconfig
3. make menuconfig
(use space to select, make sure you see a star after a selection, not an M; use esc to go back)

_Target Profile - TP-LINK TL-WR841N/ND

Enable:
_LuCI - Collections - luci
_LuCI - Applications - luci-app-upnp
_LuCI - Applications - luci-app-openvpn
_LuCI - Applications - luci-app-qos
_Network - VPN - openvpn-mbedtls
_Advanced configuration options (for developers) - Toolchain options - GCC compiler Version - gcc 6.x
_Global build settings - Strip unnecessary exports from the kernel image, Strip unnecessary functions from libraries

Disable:
_Global build settings - Enable support for printk, Crash logging, Support for paging of anonymous memory (swap), Compile the kernel with debug filesystem enabled, Compile the kernel with symbol tables information, Compile the kernel with debug information, Compile the kernel with SysRq support, Enable printk timestamps
_Kernel modules - Wireless Drivers - kmod-ath9k - Support for Ubiquiti Unify Outdoor+
_Kernel modules - Wireless Drivers - kmod-mac80211 - Export mac80211 internals in DebugFS
_Kernel modules - Wireless Drivers - kmod-ath - Force Atheros drivers to respect the user's regdomain settings

) so I manually enabled the mbed-TLS library which I thought would be one of possible libustream-ssl variant but it doesnt work. isn't TLS supposed to replace SSL? what library do i need to add?
EDIT: I followed this post Continual problem when using DNSCrypt - help!
setting it manually worked

If you get this

Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error loading shared library libsodium.so.18: No such file or directory (needed by /usr/sbin/dnscrypt-proxy)
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_stream_chacha20_xor: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_munlock: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_malloc: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_easy_afternm: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_set_implementation: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_free: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_init: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_onetimeauth_poly1305_init: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_keypair: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_memzero: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_close: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_sign_ed25519_open: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_scalarmult_curve25519: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_easy: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_buf: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_hex2bin: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_beforenm: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_stream_chacha20: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_core_hchacha20: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_stir: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_mlock: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_onetimeauth_poly1305_verify: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_onetimeauth_poly1305_final: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_open_easy_afternm: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_stream: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_random: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_box_open_easy: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_onetimeauth_poly1305_update: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_uniform: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_stream_chacha20_xor_ic: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: sodium_memcmp: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: crypto_scalarmult_base: symbol not found
Sat Dec 30 20:47:38 2017 daemon.err uhttpd[1126]: Error relocating /usr/sbin/dnscrypt-proxy: randombytes_salsa20_implementation: symbol not found

check if you have libsodium.so.18 or another version in /usr/lib/
otherwise do
ln -s /usr/lib/libsodium.so.X /usr/lib/libsodium.so.18

one of the key benefits of the LuCI frontend is the download/refresh of the dnscrypt server list, which is hosted solely on a ssl site.
I will restructure this with the next update - so that only the download button will be disabled - stay tuned.

Alright mate thanks for the quick reply
Could you please tell me what's the lightest SSL library?

I'm using libustream-mbedtls (about 14 k).

oh, thats what Im using as well, but it gives me the error I reported so I thought I have to install an SSL library as well..?

That is a valid SSL library ... please check the output of:

opkg list-installed | grep "libustream"

and check if you find the shared library "libustream-ssl.so" in /lib directory.

I compiled the router image again and the overview page works correctly.. I don't know what was wrong, I only know I had the mbedtls library selected and the overview page was not working.
Manually setting dnscrypt from terminal made it work.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.