Closed pthall closed 5 years ago
hi, thanks!
Installing with package URLs doesn't work for HTTPS addresses.
i didn't know you could install by URL. actually i don't know the first thing about opkg
:)
the idea of this repo is to be able to bootstrap Entware securely, which i think you did. i don't propose a replacement for busybox ẁget
for other purposes. i suppose u had to install curlize. after bootstrapping Entware you are supposed to do this, and my guess is you haven't. am i right?
Thanks for the information.
I made sure I had followed "Curlize Replacement" - incomplete configuration is not the root cause.
root@DD-WRT:~# opkg install wget ca-certificates
Installing wget (1.20.3-2) to root...
Downloading https://bin.entware.net/armv7sf-k3.2/wget_1.20.3-2_armv7-3.2.ipk
Installing ca-certificates (20190110-1) to root...
Downloading https://bin.entware.net/armv7sf-k3.2/ca-certificates_20190110-1_all.ipk
Configuring wget.
Configuring ca-certificates.
root@DD-WRT:~# ln -sf /opt/bin/wget /opt/bin-override/wget
root@DD-WRT:~# opkg install https://bin.entware.net/armv7sf-k3.2/archive/libsigcxx_2.10.1-1_armv7-3.2.ipk
Collected errors:
* wfopen: https://bin.entware.net/armv7sf-k3.2/archive/libsigcxx_2.10.1-1_armv7-3.2.ipk: No such file or directory.
* pkg_init_from_file: Failed to extract control file from https://bin.entware.net/armv7sf-k3.2/archive/libsigcxx_2.10.1-1_armv7-3.2.ipk.
root@DD-WRT:~# which wget
/opt/bin-override/wget
root@DD-WRT:~# wget --version
GNU Wget 1.20.3 built on linux-gnu.
-cares +digest -gpgme +https +ipv6 -iri +large-file -metalink -nls
+ntlm +opie -psl +ssl/openssl
Wgetrc:
/opt/etc/wgetrc (system)
Compile:
arm-openwrt-linux-gnueabi-gcc -DHAVE_CONFIG_H
-DSYSTEM_WGETRC="/opt/etc/wgetrc" -DLOCALEDIR="/opt/share/locale"
-I. -I../lib -I../lib
-I/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/include
-I/media/ware/Entware.2019.10/staging_dir/toolchain-arm_cortex-a9_gcc-7.4.0_glibc-2.27_eabi/include
-I/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/include
-I/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/include
-DNDEBUG -O2 -pipe -march=armv7-a -mtune=cortex-a9
-fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable
-Wno-error=unused-result -mfloat-abi=soft
Link:
arm-openwrt-linux-gnueabi-gcc
-I/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/include
-I/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/include
-DNDEBUG -O2 -pipe -march=armv7-a -mtune=cortex-a9
-fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable
-Wno-error=unused-result -mfloat-abi=soft
-L/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib
-Wl,-rpath,/opt/lib
-Wl,-rpath-link=/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib
-Wl,--dynamic-linker=/opt/lib/ld-linux.so.3
-L/media/ware/Entware.2019.10/staging_dir/toolchain-arm_cortex-a9_gcc-7.4.0_glibc-2.27_eabi/lib
-L/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib
-lpcre
/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib/libssl.so
/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib/libcrypto.so
-ldl
-L/media/ware/Entware.2019.10/staging_dir/target-arm_cortex-a9_glibc-2.27_eabi/opt/lib
-lz ftp-opie.o openssl.o http-ntlm.o ../lib/libgnu.a
thanks!
this isn't related to this project, it's a peculiarity of Entware's build of opkg. i don't think opkg is meant to be used as opkg install <file>
where <file>
is a URL; i think it's supposed to be a local file, and the underlying fopen() library implementation is trying to fetch URLs (and it doesn't support TLS... of course, so helpful then!). wget or curl you package then install the local file.
thank you again
Good point that this isn't intended to fix all opkg limitations. And thanks for making this in the first place! There is a good "install from URL" example in the opkg doc https://openwrt.org/docs/guide-user/additional-software/opkg#package_manipulation
it's not an opkg limitation. opkg uses wget which should handle TLS. but DD-WRT comes with a toy wget from busybox, so...
Installing with package URLs doesn't work for HTTPS addresses.
Installing with the same URL works if the protocol is changed to HTTP.
HTTPS is used as long as package names are used.