Modify

Opened 22 months ago

Last modified 22 months ago

#22173 new defect

ssl troubles with uclient-fetch

Reported by: dibdot Owned by: developers
Priority: normal Milestone:
Component: base system Version: Trunk
Keywords: Cc:

Description

I've tested different adblock related https download sites with uclient-fetch, all sites are working fine with the full wget package:

root@pi2wrt:~$ uclient-fetch -O- https://adaway.org/hosts.txt
Downloading 'https://adaway.org/hosts.txt'
Connecting to 91.250.99.24:443
Connection error: Connection failed

root@pi2wrt:~$ uclient-fetch -O- https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
Downloading 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
Connecting to 104.155.11.149:443
(null)                   0   - stalled -
Connection reset prematurely

root@pi2wrt:~$ uclient-fetch -O- https://feodotracker.abuse.ch/blocklist/?download=domainblocklist
Downloading 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist'
Connecting to 104.155.11.149:443
(null)                   0   - stalled -
Connection reset prematurely
root@pi2wrt:~$ cat /etc/openwrt_release 
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='Bleeding Edge'
DISTRIB_REVISION='r49114'
DISTRIB_CODENAME='designated_driver'
DISTRIB_TARGET='brcm2708/bcm2709'
DISTRIB_DESCRIPTION='OpenWrt Designated Driver r49114'
DISTRIB_TAINTS='no-all'
root@pi2wrt:~$ opkg list-installed
libuclient - 2016-01-28-2e0918c7e0612449024caaaa8d44fb2d7a33f5f3
uclient-fetch - 2016-01-28-2e0918c7e0612449024caaaa8d44fb2d7a33f5f3
libustream-polarssl - 2016-02-21-6ba14990e63fc956e8aff3b0b09be1fd3aaa6d75

Attachments (0)

Change History (2)

comment:1 Changed 22 months ago by hnyman

I tested uclient-fetch with all three ustream ssl variants: openssl, polarssl and mdebtls
Both openssl and mbedtls were able to download the three links above, but the polarssl variant failed all three.

fails: libustream-polarssl - 2016-02-21-6ba14990e63fc956e8aff3b0b09be1fd3aaa6d75
ok: libustream-openssl - 2016-02-21-6ba14990e63fc956e8aff3b0b09be1fd3aaa6d75
ok: libustream-mbedtls - 2016-02-21-6ba14990e63fc956e8aff3b0b09be1fd3aaa6d75

uclient-fetch - 2016-01-28-2e0918c7e0612449024caaaa8d44fb2d7a33f5f3

DD trunk rev49114, ar71xx

Developers should maybe consider switching the default from the old polarssl to its newer version mdebtls as soon as the different dependent programs have been converted to support mbedtls. (px5g and openvpn are probably the two most critical apps.)

comment:2 Changed 22 months ago by stangri

In addition to hnyman's comment,
ok: libustream-cyassl - 2016-02-21-6ba14990e63fc956e8aff3b0b09be1fd3aaa6d75
DD trunk r49088, ar71xx.

Might be related to this: https://www.mail-archive.com/openwrt-devel@lists.openwrt.org/msg37272.html

Last edited 22 months ago by stangri (previous) (diff)

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.