Login  Register

Re: Update script (fw_upgrade)

Posted by user8446 on Feb 25, 2016; 7:30pm
URL: https://itus.accessinnov.com/Update-script-fw-upgrade-tp43p174.html

Update 1.51 - 5

fw_upgrade.fw_upgrade

Changelog:
Security & stability update

1. Added -1 option switch to cURL for IPS updates to force encrypted connections =/> TLS1.0 and not fallback to SSL 3.0 or lower. Mitigation against SSL downgrade attacks (SSL poodle attack) and help against DNS hijacking.
I tried to remove the -k option switch (which allows no cert verification) in the script but cURL can't verify the certificate so it exits.

2. Added -m option switch to all curl commands to exit in 40 seconds if connection drops or the host is down to keep script from hanging
Running the latest OpenWrt stable release