Script not working anymore after upgrade to 24198

[Gravityz]

I decided to upgrade to 24198
i know usb script execute functionality was removed from this build but i figured i will start the script manually

suddenly i get an error which looks really basic(and easy to fix) but i can not find the problem.
this script was 100% running on 22125 firmware and looks like a valid script.
Did the remove/change scripting functionality?

this is the error i get(probably from this command device_present=Off)
the script somehow thinks i am testing something but al it does is specify some variables

[: Off: unknown operand

this is the script (used to detect if devices are present)

#!/bin/sh


SamsungTV=Away
RonaldiPhone=Away
LindaiPhone=Away
LindaiPad=Away
RyaniPhone=Away
#Repeater=Away


idx=257
device_present=Off
domoticz_status=`curl -s "http://192.168.1.50:8084/json.htm?type=command&param=getdevices&rid=257" | grep Status | awk '{print $3}' | sed 's/[",]//g'`


macadreswifi="`wl -i eth6 assoclist`;`wl -i eth7 assoclist`"
macadreswired="`ping -w 1 -q 192.168.1.10`"


case "$macadreswired" in
*1\ packets\ received*)
SamsungTV=Home
;;
esac


case "$macadreswifi" in

SamsungTV=Home
;;
esac


case "$macadreswifi" in

RonaldiPhone=Home
;;
esac


case "$macadreswifi" in

LindaiPhone=Home
;;
esac


case "$macadreswifi" in

LindaiPad=Home
;;
esac


case "$macadreswifi" in

RyaniPhone=Home
;;
esac


#case "$macadreswifi" in

#Repeater=Home
#;;
#esac


if [ "$SamsungTV" = Home -o "$RonaldiPhone" = Home -o "$LindaiPhone" = Home -o "$LindaiPad" = Home -o "$RyaniPhone" = Home -o "$Repeater" = Home ]; then
device_present=On
fi
if [ $domoticz_status != $device_present ]; then
 if [ $device_present = "On" ]; then
        curl -s "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=$idx&switchcmd=On" > /dev/null
 else
        curl -s "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=$idx&switchcmd=Off" > /dev/null
 fi
fi

 

[ColinTaylor]

This line has failed to return a string which leads to the later syntax error.

domoticz_status=`curl -s "http://192.168.1.50:8084/json.htm?type=command&param=getdevices&rid=257" | grep Status | awk '{print $3}' | sed 's/[",]//g'`

You should also remove this part of the test later on as it is undefined:

-o "$Repeater" = Home

 

[Gravityz]

ok, i get the second part since i commented it out, i removed it.
the first part is puzzeling me because this worked perfectly

i tried to flip a switch from the commandline by using this command
curl -s "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=257&switchcmd=On"

command is executed without any erros but the switch is not turned on
if i try the same code(without the curl -s) from chrome it works

i am starting to think that in this new firmware 24198 they crippled the curl command, probably for security.

 

[Gravityz]

found this in release before this one
Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319

 

[ColinTaylor]

i tried to flip a switch from the commandline by using this command
curl -s "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=257&switchcmd=On"

Try it again without the -s so that you can see the error message.

Regardless of whether it has an effect the script relies on it returning something, even in an error state. At the moment it's returning nothing, i.e. a null string, which the script doesn't cater for.

 

[ColinTaylor]

You could probably solve these problems if you quote your string variables in the script. i.e.

if [ "$domoticz_status" != "$device_present" ]; then

 

[Gravityz]

that indeed solves the syntax error problem
however it still does not executes the curl command.

even without option it shows you nothing, just like it is executed the right way.

i can not believe i am the first person to discover that the crippled the curl command (made it so secure you can not execute anything anymore
i even tried the username password option to see if this would work but also a no go

 

[ColinTaylor]

Do you get anything using the verbose option?

curl -v "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=257&switchcmd=On"

 

[Gravityz]

Do you get anything using the verbose option?

curl -v "http://192.168.1.50:8084/json.htm?type=command&param=switchlight&idx=257&switchcmd=On"

nope

it is dead in the water, it now acts like a fake command and shows you nothing
even when i use the -u option but do not fill in the usernameassword it shows no error

 

[Gravityz]

to be absolutely sure i logged into my synology, used the exact command(paste) and voila that is working with nice verbose options.

Asus really screwed things up(on purpose or not)
we can not complain ofcourse because we are not supposed to do this on a root level

 

[ColinTaylor]

It's possible that they block http requests for security reasons. Can you try https or does your device not support that?

How about a sanity check using an internet site.

curl "http://www.google.com"

curl "https://www.google.com"

 

[Gravityz]

that gives a really big and long reponse
what does this mean. that the problem is with my domoticz container?

 

[ColinTaylor]

that gives a really big and long reponse
what does this mean. that the problem is with my domoticz container?

If you mean that both commands dump a load of text then that indicates that curl does work with http. So yes, I'd be trying to diagnose the problem from the domoticz side.

 

[Gravityz]

hm. do not know if i can figur this one out. synology is probably a more secure platform and from synology everything works. also everything which communicates with domoticz(MQTT, Homebridge) does not have any problems with the domoticz container.

i found something interesting
curl "http://www.google.com" gives a response
curl "http://142.251.36.46" which is the google ip address does not

 

[Gravityz]

i found the solution

edit the /etc/hosts
put entry in
192.168.1.50 domoticzinternal.com


working

 

[ColinTaylor]

i found something interesting
curl "http://www.google.com" gives a response
curl "http://142.251.36.46" which is the google ip address does not

Interesting.

# curl "http://142.251.36.46"
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

Maybe it doesn't like IP addresses? Does 192.168.1.50 have a hostname registered in the router's DNS. Try using that.

EDIT: Beat me to it.

 

[RMerlin]

Asus has various checks implemented in both wget and curl to prevent their use by malicious scripts. It's probable these checks are what is preventing you from using it yourself.

The result is logged in /jffs/curllst .

 

[Gravityz]

ok clear. Thanks Colin for your help.
onto the next problem.

the script runs when manually started(and works)
however when run from cru it seems it does not run every minute anymore or not at all
it seems Asus did some things here as well

cru a checkifhome "*/1 * * * * /jffs/scripts/checkifhome"

so the script checkifhome runs with ./checkifhome
it does not run from cru

cru l clearly shows the job is running

 

[ColinTaylor]

Do a sanity check on cron:

# cru a test "* * * * * logger -t test hello"
# tail -f /tmp/syslog.log
:
Jan 29 15:38:00 test: hello
Jan 29 15:39:00 test: hello

 

[Gravityz]

cron seems to work

Jan 29 16:41:00 test: hello
Jan 29 16:42:00 test: hello
Jan 29 16:43:00 test: hello

could it be that they disabled this as well
single cronjob:no problem
cronjob which executes script:no go

well this again will take up a lot of time to figur out what they actually did
do the block scrips
do the block scrips from /jffs

lots of possibillities
running from tmp:does not work
rename to checkifhome.sh:does not work