× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Re: Update cURL on ReadyNas Duo v1?

dthrevan1
Aspirant

Update cURL on ReadyNas Duo v1?

Hi,

 

Is there anyway to update cURL so TLS 1.2 works on a ReadyNas Duo v1?

 

Thanks

Message 1 of 16
Marc_V
NETGEAR Employee Retired

Re: Update cURL on ReadyNas Duo v1?

@dthrevan1

 

Welcome to the Community!

 

Duo v1 has been out for a while and an update might not be possible thru NETGEAR and updating it might be possible only thru SSH but not sure with any issues. Others might have tried updating theirs thru backend.

 

 

Message 2 of 16
StephenB
Guru

Re: Update cURL on ReadyNas Duo v1?


@Marc_V wrote:

@dthrevan1

 

Duo v1 has been out for a while and an update might not be possible thru NETGEAR and updating it might be possible only thru SSH but not sure with any issues. Others might have tried updating theirs thru backend.

 

 


There is a third-party package to update apache on the v2 NAS (courtesy of @WhoCares_ ), but I haven't seen anything for the v1.

Message 3 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

Can you please link the apache update by @WhoCares I just got a cheap Duo v2 but even that has outdated OpenSSL and curl

Message 4 of 16
StephenB
Guru

Re: Update cURL on ReadyNas Duo v1?


@dthrevan1 wrote:

Can you please link the apache update by @WhoCares I just got a cheap Duo v2 but even that has outdated OpenSSL and curl


https://community.netgear.com/t5/New-ReadyNAS-Users-General/Readynas-duo-V2-unable-to-access-admin-p...

 

Read through the thread - installation of the update seemed a bit rocky for some folks.

Message 5 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

thanks that updated Apache and Frontview connects with TLS 1.2 now, but what about cURL when you are using your NAS to host wordpress it won't even download plugins or connect to the Wordpress API for that matter, just throws TLS errors.

 

Any chance @WhoCares_ will update cURL?

Message 6 of 16
WhoCares_
Mentor

Re: Update cURL on ReadyNas Duo v1?

The problem isn't curl in itself but rather the outdated openssl library on the ReadyNAS. I could of course update both and in fact already did with openssl but totally forgot about curl. I'll check and see what I can do. Remind me please if I forget to report back here within the next 24 hours.

Message 7 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

Thanks! Be great to have a fix so I can use my NAS for wordpress again 🙂

Message 8 of 16
WhoCares_
Mentor

Re: Update cURL on ReadyNas Duo v1?

Just to make sure: do you need the updated curl for the Duo v1 or the v2?

 

-Stefan

Message 9 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

Duo V2

Message 10 of 16
WhoCares_
Mentor

Re: Update cURL on ReadyNas Duo v1?

Ok, and what command/action exactly is failing for you? WordPress itself should work - although there's no recent PHP version available so you'd probably find yourself stuck with PHP 5.6. Other than that I currently don't see why WordPress shouldn't work. Can you give me a list of the software installed on your ReadyNAS either manually or by way of add-ons, please. If you feel the information to be too sensitive for public display you can send it via PM.

 

-Stefan

Message 11 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

Doing a factory reset now, so i don't have the logs available however anything that uses cURL on wordpress throws TLS handshake errors for e.g attempting to download plugins, RSS Feeds and calls to the Wordpress API.

 

From reading the Wordpress documentation a minimum of curl 7.34.0 is required for TLS 1.2 on wordpress.

 

I'll send more info once i re-install everthing again.

 

 

Message 12 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

@WhoCares_ so from the error data I collected, it looks that the problem lies with outdated cURL Version. Current on the NAS it's running 7.21.0 and needs updating to cURL version 7.34.0 or higher.

 

When attempting to download plugins or updates through Wordpress you receive the following error from WP:

 

 

Installation failed: Download failed. cURL error 28: gnutls_handshake() failed: A TLS fatal alert has been received.

 

 

WP Dashboard Errors with Feeds:

 

 

RSS Error: WP HTTP Error: cURL error 28: gnutls_handshake() failed: A TLS fatal alert has been received.

 

 

Php error log shows the following:

 

 

[01-Apr-2021 13:11:36 UTC] PHP Warning:  An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="https://wordpress.org/support/forums/">support forums</a>. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /c/www/kotoracademy/wp-admin/includes/plugin-install.php on line 184

 

 

Finally I installed the TLS 1.2 Compatibility Test plugin, here are the results:

 

tls.jpg

 

Hope this helps you better understand what the problem is.

Message 13 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

So I'm guessing there is no solution?
Message 14 of 16
WhoCares_
Mentor

Re: Update cURL on ReadyNas Duo v1?

Well, there is, but it's not an easy one. So you understand the problem better a short outline:

 

Your problem is not with cURL - at least not directly. The thing is that TLS v1.2 was invented way after the various SSL/TLS libraries being in use on the ReadyNAS. Since cURL in itself doesn't provide any SSL/TLS support but rather relies on those libraries it wouldn't do to just build a newer version of cURL without updating the libraries. As you already know I did exactly that for Apache - that's why the .bin file also contains libssl 1.0.2 which is necessary for TLS v1.2 support in Apache.

Now one could think that just rebuilding cURL with the same libssl would do the trick. However, php-curl uses libcurl-gnutls for its SSL/TLS support and not libcurl-openssl. So instead of just using OpenSSL 1.0.2 we need a version of gnuTLS that also supports at least TLS v1.2. Unfortunately there's no version of gnuTLS26 (Which is used on the ReadyNAS) that does this. So I need to backport gnuTLS28. As there have been some other advanves in technolgy on the way from gnuTLS26 to gnuTLS28 the latter also requires some more updates libraries to be built. Once that is done I can then build a new version of cURL and its accompanying libraries. And when that is done I can proceed to build a new PHP that uses those libraries so that you can finally not only offer your WordPress site to the world using TLS v1.2 but also get updates from within WordPress from other sites that by now require TLS v1.2.

 

Or in short: it should be doable but it will take some time. Especially so because I need to build all that stuff on the ReadyNAS itself which isn't the fastest horse around ...

 

-Stefan

 

Message 15 of 16
dthrevan1
Aspirant

Re: Update cURL on ReadyNas Duo v1?

Sounds like GG then...
Message 16 of 16
Top Contributors
Discussion stats
  • 15 replies
  • 3311 views
  • 0 kudos
  • 4 in conversation
Announcements