The latest OpenSSL updates cause me a new problem:
Connecting to fritz.koos.koffie.dot (fritz.koos.koffie.dot)|192.168.178.1|:49443... connected.
OpenSSL: error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small
Unable to establish SSL connection.
Which means the
script to fetch the dsl status from the fritzbox can't connect
until I find out how to convince wget how to negotiate a non-standard cipher
set. Or switch to curl.
Getting the right answers with
curl isn't working out either. I
can get the SSL working and do a POST to the right URL but the 'best' thing
I get back is:
<errorCode>502</errorCode>
<errorDescription>XML error</errorDescription>
Update:
The solution was to keep using
wget but disable(!) SSL, using the
non-SSL port for upnp.
The command now is:
wget --user=$FRITZUSER --password=$FRITZPASS --post-file=linkstatusrequest.xml \
--header="Content-Type: text/xml" \
--header="SOAPAction: \"urn:dslforum-org:service:WANCommonInterfaceConfig:1#GetCommonLinkProperties\"" \
http://192.168.178.1:49000/upnp/control/wancommonifconfig1 -O linkstatusanswer.xml
And now the data is available again and the graph is updated.
So the recent upgrade in OpenSSL which disabled less secure Diffie-Hellman
key negotiation results in having to disable all encryption on the connection
with the fritzbox. A security update on the fritzbox may solve this.
And now the data is available again and the graph is updated.
So the recent upgrade in OpenSSL which disabled less secure Diffie-Hellman
key negotiation results in having to disable all encryption on the connection
with the fritzbox. A security update on the fritzbox may solve this.