[almost resolved..] curl: (27) PRNG seeding failed



  • Hi all, I researched the community blogs but could not find this particular issue.

    I am trying to get the onion to post reports to my Prowl app for a motion detection project.
    I copied my Domoticz script API key and installed the basic curl program on the onion2 with 'opkg install curl'.

    When activating the script I first got nothing but when executing the various lines seperate on the command line I got a "curl: (27) PRNG seeding failed". Then offcourse I checked my onion software and upgraded today to the latest distro.
    (I had to re-install curl after doing that.

    Both times I used this command (API Key obfuscated offcourse..šŸ˜€ šŸ˜ž

    curl https://prowl.weks.net/publicapi/add -F apikey="c0debeefc0debeefcodebeef9999888877770000" -F application="
    test" -F priority="2" -F event="testingtesting" -F description="Test..yes 4 real"

    I checked the curl version on the onion:

    curl -V'
    curl 7.52.1 (mipsel-openwrt-linux-gnu) libcurl/7.52.1 mbedTLS/2.4.0

    In the Curl GitHub the PRNG matter is discussed and it seems solved in version 7.53.1 for both 'curl' and the 'libcurl' components.
    See link * PRNG seeding failed #1268 (refferring to https://github.com/curl/curl/issues/1268)

    The curl error 77 is a bit more problematic. I researched some posts but I assume it needs a bit of 'surgery' on the onion repo if I look at this post:
    https://askubuntu.com/questions/646594/how-to-fix-ca-cert-issues-with-curl-in-ubuntu-14-04
    The file mentioned in the error is not there on the onion. The certificate of the website I try to post to is issued by GeoTrust Inc CA and does not seem to be in the CA list. <resolved partly by opkg install ca-bundle>

    My questions:

    1. Am I doing something wrong to my onion? (šŸŒ‹ )
    2. Does the onion needs to include an update mechanism for installing trusted CAs?
    3. What is a recommended action and beta-test of the possible solution?

    <<edit after post>>
    I used the opkg install ca-bundle from 'https://community.onion.io/topic/1891/error-reading-ca-cert-file' and now I am back to my curl error 27: PRNG seeding failed, so, still stuck.

    Kind regards



  • @Tech49 had the exact same problem, solved it by upgrading both curl and libcurl. It had nothing to do with CAs

    check which library version is being loaded. Here's the output from mine:

    root@Omega:~# curl -V
    curl 7.53.1 (mipsel-openwrt-linux-gnu) libcurl/7.53.1 mbedTLS/2.4.2
    Protocols: file ftp ftps http https
    Features: IPv6 Largefile SSL
    


  • @Venet, thanks, that is in the line of thought. When I did the:

    opkg install curl

    I got the 7.52.1 versions. So I assume the current Omega lib's are pushing that version.

    Did you use another libsource or opkg command to pull the 7.53.1 versions to your Omega?



  • @Venet said in [almost resolved..] curl: (27) PRNG seeding failed:

    root@Omega:~# curl -V
    curl 7.53.1 (mipsel-openwrt-linux-gnu) libcurl/7.53.1 mbedTLS/2.4.2
    Protocols: file ftp ftps http https
    Features: IPv6 Largefile SSL

    I'm also wondering where you got this version from



  • Hi all,

    I actually downloaded curl manually (ipk), from the openwrt (or lede) repository



  • I'm using

    curl 7.52.1 (mipsel-openwrt-linux-gnu) libcurl/7.52.1 mbedTLS/2.5.1
    Protocols: file ftp ftps http https
    Features: IPv6 Largefile SSL
    

    from Onion's repo. Same problem šŸ˜ž

    upd:
    Fixed by

    opkg install http://downloads.lede-project.org/snapshots/packages/mipsel_24kc/base/curl_7.54.1-1_mipsel_24kc.ipk
    opkg install http://downloads.lede-project.org/snapshots/packages/mipsel_24kc/base/libcurl_7.54.1-1_mipsel_24kc.ipk


  • The links are dead because there is a newer version of curl out.

    You can go here:
    https://downloads.lede-project.org/snapshots/packages/mipsel_24kc/base/
    Get a list of the most current stuff (curl/libcurl) download it then install it.


Log in to reply
 

Looks like your connection to Community was lost, please wait while we try to reconnect.