Re: Update script (fw_upgrade)
Posted by
user8446 on
Feb 25, 2016; 7:30pm
URL: https://itus.accessinnov.com/Update-script-fw-upgrade-tp43p174.html
Update 1.51 - 5
fw_upgrade.fw_upgradeChangelog:
Security & stability update
1. Added -1 option switch to cURL for IPS updates to force encrypted connections =/> TLS1.0 and not fallback to SSL 3.0 or lower. Mitigation against SSL downgrade attacks (SSL poodle attack) and help against DNS hijacking.
I tried to remove the -k option switch (which allows no cert verification) in the script but cURL can't verify the certificate so it exits.
2. Added -m option switch to all curl commands to exit in 40 seconds if connection drops or the host is down to keep script from hanging
Running the latest OpenWrt stable release