Update cURL on ReadyNas Duo v1?

Just to make sure: do you need the updated curl for the Duo v1 or the v2?

-Stefan

Well, there is, but it's not an easy one. So you understand the problem better a short outline:

Your problem is not with cURL - at least not directly. The thing is that TLS v1.2 was invented way after the various SSL/TLS libraries being in use on the ReadyNAS. Since cURL in itself doesn't provide any SSL/TLS support but rather relies on those libraries it wouldn't do to just build a newer version of cURL without updating the libraries. As you already know I did exactly that for Apache - that's why the .bin file also contains libssl 1.0.2 which is necessary for TLS v1.2 support in Apache.

Now one could think that just rebuilding cURL with the same libssl would do the trick. However, php-curl uses libcurl-gnutls for its SSL/TLS support and not libcurl-openssl. So instead of just using OpenSSL 1.0.2 we need a version of gnuTLS that also supports at least TLS v1.2. Unfortunately there's no version of gnuTLS26 (Which is used on the ReadyNAS) that does this. So I need to backport gnuTLS28. As there have been some other advanves in technolgy on the way from gnuTLS26 to gnuTLS28 the latter also requires some more updates libraries to be built. Once that is done I can then build a new version of cURL and its accompanying libraries. And when that is done I can proceed to build a new PHP that uses those libraries so that you can finally not only offer your WordPress site to the world using TLS v1.2 but also get updates from within WordPress from other sites that by now require TLS v1.2.

Or in short: it should be doable but it will take some time. Especially so because I need to build all that stuff on the ReadyNAS itself which isn't the fastest horse around ...

-Stefan