plugout.net

[matt_max]

Hello,
update-smart-drivedb script cannot retrieve drivedb.h file due to:
/usr/sbin/update-smart-drivedb: download from trunk failed (HTTP error)
Maybe all smartctl package should be updated?

[Jocko]

Hi

Thank you for your feedback and it is a significant issue (not only from smartctl tool)

Several events occurred so that since last September 30th the firmware fails to download the latest hard drives database for smartctl :whistle

- First now this base is only available from an URL using https and the download site does a redirection if you try to use an http URL
- the download server uses let's encrypt CA chain to encrypt its responses on client requests
- but since September 30th, a cross-signed CA certificate (DST Root CA X3) is no longer valid
- and download server uses now the new root CA (ISRG Root X1) of let's encrypt CA chain

With the firmware all should have worked fine after updating the CA-bundle file (main setup menu => tab "other settings"), but not :whistle

why, there is an additional issue with ISRG certificate and openssl

If you provide an API or have to support IoT devices, you’ll need to make sure of two things:
(1) all clients of your API must trust ISRG Root X1 (not just DST Root CA X3),
and (2) if clients of your API are using OpenSSL, they must use version 1.1.0 or later.
In OpenSSL 1.0.x, a quirk in certificate verification means that even clients that trust ISRG Root X1 will fail when presented with the Android-compatible certificate chain we are recommending by default.

:sob badly it is our case :hairpull
currently the firmware uses as openssl version 1.0.1m
So even if you have an updated CA-bundle, you can never valid the server certificate.

The big issue is many servers use let's encrypt CA chain and now we have to upgrade openssl. In the firmware there are many dependencies related to openssl (as soon as a lib, a binary and also add-on require a crypto support). So a huge works with many compilations.

More information : https://letsencrypt.org/fr/docs/dst-root-ca-x3-expiration-september-2021/

Currently, the only way to get the hard drives database is to disable the check certificate feature with curl/wget binaries. So attached a patched version of update-smart-drivedb script

How to install the patched version:
- open a shell window
- run the command

Code: Select all

plugout download 6851
tar -xf '/tmp/fvdw-sl-xx-x_no-ca-check-smartctl_22oct2021.tgz' -C /

then try again to update the hard drive database

[matt_max]

Oh I see now. thank you for the clarification. I tried to download drivedb.h with wget but it seems that new file has slightly different structure.
smartctl --drivedb=/usr/share/smartmontools/drivedb_new.h
gives me error like this:

Code: Select all

/usr/share/smartmontools/drivedb_new.h(79): Syntax error in preset option string

I cannot download your file:

Code: Select all

plugout download-fw 6851
login successful
Fail to download!
logout successful


After manual download and untar your file from website:

Code: Select all

/usr/sbin/update-smart-drivedb
/usr/share/smartmontools/drivedb.h updated from branches/RELEASE_6_3_DRIVEDB


...so it is working!

[Jocko]

Oh I see now. thank you for the clarification. I tried to download drivedb.h with wget but it seems that new file has slightly different structure.
smartctl --drivedb=/usr/share/smartmontools/drivedb_new.h
gives me error like this:

Code: Select all

/usr/share/smartmontools/drivedb_new.h(79): Syntax error in preset option string

I assume you got that because you have downloaded the database from a wrong branch

I cannot download your file:

Code: Select all

plugout download-fw 6851
login successful
Fail to download!
logout successful

Just because you did not notice I edited a commandline in my previous post (plugout download 6851 instead of plugout download-fw 6851)
if you repeat you will get

Code: Select all

root@Acrab:/ # /usr/sbin/update-smart-drivedb -v
Download from branches/RELEASE_6_3_DRIVEDB
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  226k    0  226k    0     0   106k      0 --:--:--  0:00:02 --:--:--  116k
/usr/share/smartmontools/drivedb.h updated from branches/RELEASE_6_3_DRIVEDB
root@Acrab:/ # smartctl -B /usr/share/smartmontools/drivedb.h -P  showall
MODEL REGEXP:       -
FIRMWARE REGEXP:    -
MODEL FAMILY:       VERSION: 6.1/5236 2021-09-14 13:17:47 $Id$
ATTRIBUTE OPTIONS:  None preset; no -v options are required.
WARNINGS:           Version information

MODEL REGEXP:       SFCF(2048|4096|8192|16GB|32GB|64GB)H[0-9]BU[24]TO-(C|I)-(MS|QT|NU)-5[0-9]7-STD
FIRMWARE REGEXP:    .*
MODEL FAMILY:       Swissbit C440 Industrial CompactFlash Card
ATTRIBUTE OPTIONS:  196 Spare_Blocks
                    203 Total_ECC_Errors
                    213 Spare_Blocks_Worst_Chip
                    214 Reserved_Attribute
                    215 Current_TRIM_Percent
                    229 Erase_Count
                    232 Total_Number_of_Reads

MODEL REGEXP:       SFSA(008|016|032|064|128)GU[0-9]AA[124]TO-(C|I)-(DB|QC|NC)-2[0-9]6-STD
FIRMWARE REGEXP:    .*
MODEL FAMILY:       Swissbit X-600m Series Industrial mSATA SSD
....