Check build's DL file OpenVPN & OpenSSL versions directl

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
Sam1789
DD-WRT User


Joined: 14 Oct 2016
Posts: 311

PostPosted: Sat Aug 10, 2019 20:29    Post subject: Check build's DL file OpenVPN & OpenSSL versions directl Reply with quote
Is there a way to check what versions of OpenVPN and OpenSSL are in a build without having to install it?

If so, it would certainly be a time saver. And let us decide better which builds to install and try out.

I've looked inside a few builds DL with a hex editor but haven't found anything that seems to show this.

Poking around, I can find multiple entries for "vpn" or "ssl"
but nothing that would seem to associate an actual build number.

Wish Brain Slayer would tell us more about each build he puts out.
But over the 5 years I've been using dd-wrt and been on the forum,
I've not seen reliable details from BS for new builds
on more than a few rare occasions.

Now we have the added problem of builds growing bigger and causing even more problems.
We need more interaction from BS. Also imNSho the svn forum/threads are nigh on
impossible to follow and certainly often "rather cryptic".

As I run multiple routers (mutliple brands and models), updates are not a trivial task.
So maybe it does effect me more than others.

Brain Slayer can you provide us more information, please.

Is this something the Mods can help with?

Also from the questions I've asked on this over the last weeks,
it seems that BS is NOT staying current with the latest releases for OpenSSL or Open VPN.
And current builds lag behind 1 -3 releases, particularly with the openSSL releases.

Sam

_________________
multi-tier router stack
wrt 3200's for speed & cpu power, NG R6300v2's for WiFi AP's,
wrt 1200v2 for one of my secure subnets.
wrt54GLs for ad'l 3rd tier machines.
Sponsor
d0ug
DD-WRT Guru


Joined: 31 Jul 2015
Posts: 757

PostPosted: Sat Aug 10, 2019 20:59    Post subject: Reply with quote
I believe the file system in the rom is cramfs compressed. you're going to need to decompress this before you are going to see much of anything meaningful
d0ug
DD-WRT Guru


Joined: 31 Jul 2015
Posts: 757

PostPosted: Sat Aug 10, 2019 21:03    Post subject: Reply with quote
might be a useful start
http://blog.k3170makan.com/2018/06/reverse-engineering-primer-unpacking.html
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3764
Location: Netherlands

PostPosted: Sat Aug 10, 2019 21:05    Post subject: Reply with quote
I took a quick peek at the source code, so not really a thorough search but the last thing I saw was that on 13th June BS updated OpenSSL to 1.1.1.1.c from 28th may.

So just look in the source code.

OpenVPN is on 2.4.7

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Sam1789
DD-WRT User


Joined: 14 Oct 2016
Posts: 311

PostPosted: Sat Aug 10, 2019 23:27    Post subject: Reply with quote
Doug & egc,
Thank you both for your replies.

doug,
Thanks very much for that information on getting a better way to get into the builds DL files.
Will take a try at that tonite.

egc,
The source code check might be a decent approach.
However, the information people replied with after using "openvpn --version" showed much older openSSL versions.

build --- date ----- oSSL --- oVPN
r40527 2019-08-04; 1.1.1c -- 2.4.7
.=.=.=.=.=.=.............May 28
r40134 2019-06-27; 1.1.1b -- 2.4.7
.=.=.=.=.=.=.............May 06
r40009 2019-06-06; 1.1.1b -- 2.4.7
.=.=.=.=.=.=.............May 06

from open SSL web site
openSSL 2019-07-20 1.1.1d
.=.=.=... 2019-05-20 1.1.1c
.=.=.=... 2019-02-20 1.1.1b

Those are the builds people people in the forum were suggesting
for updating my wrt1200v2 and wrt3200's. (no WiFi; with Router based VPN;)

Sam

_________________
multi-tier router stack
wrt 3200's for speed & cpu power, NG R6300v2's for WiFi AP's,
wrt 1200v2 for one of my secure subnets.
wrt54GLs for ad'l 3rd tier machines.


Last edited by Sam1789 on Sun Aug 11, 2019 2:56; edited 1 time in total
Sam1789
DD-WRT User


Joined: 14 Oct 2016
Posts: 311

PostPosted: Sun Aug 11, 2019 2:31    Post subject: Reply with quote
d0ug,

d0ug wrote:
I believe the file system in the rom is cramfs compressed.
you're going to need to decompress this before you are going to see much of anything meaningful

That's a workout to deal with or so it seems at 1st & 2nd look.
Presumably there are Windows cramfs decompressors & cramfs editors?

Just starting to look.
Btw where can I find the dd-wrt soiurce code? And are the sources for all builds available?
Or just the latest build? And does the source contain the actual build number?

Sam

_________________
multi-tier router stack
wrt 3200's for speed & cpu power, NG R6300v2's for WiFi AP's,
wrt 1200v2 for one of my secure subnets.
wrt54GLs for ad'l 3rd tier machines.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3764
Location: Netherlands

PostPosted: Sun Aug 11, 2019 7:56    Post subject: Reply with quote
Start here: https://svn.dd-wrt.com//
You can doe two things just enter ssl in the search box right upper hand corner than you can see commit 40025, open that and look in the file src/router/openssl/README

But if BS does a commit and did not write openssl in the subject header you can miss it (he usually does and I see that regurlarly so openSSL is kept up to date more or less)

the more scientific approach is to click on "Browse source" go to src/router/openssl/README and open that file.

On the right click "revision log" and you can see when revisions (in what build) are made


Diff Rev Age Author Log Message
@40025 2 months brainslayer update openssl: add new files
@38999 5 months brainslayer update openssl: add new files
@37785 9 months brainslayer update openssl
@36885 11 months brainslayer new openssl version
@36646 12 months brainslayer update openssl
@35558 17 months brainslayer update openssl to 1.1.0h
@33711 21 months brainslayer openssl update
@33016 2 years brainslayer since alot of symbolic links are stored here, we can only update to …

You can do the same for OpenVPN , (the directory just below OpenSSL look in file version.m4 and see the revision log)

So BS looks to me up to date with openSSL and OpenVPN but I am no security expert Smile

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 1854
Location: Texas, USA

PostPosted: Sun Aug 11, 2019 10:38    Post subject: Reply with quote
I am trying to figure out the need for 1.1.x openssl (yet), but yes, sometimes packages do not get updated in a timely matter. I guess if other folks besides Kong (and the few others that may have access) had the magic voodoo and access to push commits to the svn source tree, then updates may happen quicker. Just my thoughts on the subject.
Sam1789
DD-WRT User


Joined: 14 Oct 2016
Posts: 311

PostPosted: Sun Aug 11, 2019 15:30    Post subject: Reply with quote
egc,

Thanks for that detailed reply. It was quite a "work out" to get to where you suggested,
though I did get there. Like a lot of things, it'll be easier next. Smile

But it shows that BS is not using the latest OpenSSL.
According to the OpenSSL site they are at 1.1.1d as of July 20-30th.
And 1.1.1c, 1.1.0k, 1.0.2s was released back in February.
It is a concern that BS seems to have released builds well after openSSL has been updated on the openSSL site

And that readme seems to be 2 months old?

I'd like to have a "one click" link to see things like this. And have one for each build.
Since I don't have a "spare router" to experiment with, and the released builds are always "betas",
it would be helpful to know more about what we're "playing with" for each build.

Wonder if BS could maybe include a text file on the download pages for each build.
That file could include information about changes and the third party builds included,etc.
Also I do understand that openSSL has three build lines for which they release changes
= 1.1.1; 1.1.0; 1.0.2. Where the letter at the end indicates what they consider a minor change.

Sam

_________________
multi-tier router stack
wrt 3200's for speed & cpu power, NG R6300v2's for WiFi AP's,
wrt 1200v2 for one of my secure subnets.
wrt54GLs for ad'l 3rd tier machines.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum