FS#42554 - [openvas-libraries] Failed to shake hands with peer (depending on gnutls < 3?)
Attached to Project:
Community Packages
Opened by henning mueller (phects) - Saturday, 25 October 2014, 16:13 GMT
Last edited by Daniel Micay (thestinger) - Tuesday, 02 December 2014, 22:42 GMT
Opened by henning mueller (phects) - Saturday, 25 October 2014, 16:13 GMT
Last edited by Daniel Micay (thestinger) - Tuesday, 02 December 2014, 22:42 GMT
|
Details
Description:
I installed openvas-scanner, openvas-libraries and openvas-manager, created certificates with openvas-mkcert and openvas-mkcert-client, started openvas-scanner and tried to connect to it with `openvasmd --rebuild`. The latter returns 1 and in /var/log/openvas/openvasmd.log, the following lines are found: lib serv:WARNING:2014-10-25 16h05.54 utc:32223: Failed to shake hands with peer: The TLS connection was non-properly terminated. md main:CRITICAL:2014-10-25 16h05.54 utc:32223: update_or_rebuild_nvt_cache: failed to connect to scanner lib serv:WARNING:2014-10-25 16h05.54 utc:32223: Failed to gnutls_bye: GnuTLS internal error. Searching for the first line, I found this thread on openvas-discuss@openvas.org: http://comments.gmane.org/gmane.comp.security.openvas.users/6208 The last mail states: "OpenVAS doesn't like gnuTLS versions greater that 2.x" Additional info: * openvas-scanner-4.0.3-1 * openvas-libraries-7.0.4-2 * openvas-manager-5.0.4-1 * gnutls-3.3.9-1 Steps to reproduce: (As root) * pacman -S openvas-scanner openvas-manager * openvas-mkcert * openvas-mkcert-client * systemctl start openvas-scanner * openvasmd --rebuild |
This task depends upon
Comment by
Daniel Micay (thestinger) - Tuesday,
02 December 2014, 22:41 GMT
This worked fine for me when I moved it into the repositories and
works fine for me now with gnutls 3.3.10-1 / gnupg-2.1.0-6 /
gpgme-1.5.2-1. It may have been broken at some point, but whatever
was wrong is either fixed now or not possible to replicate.