Hi Michael, Thank you for the quick reply. I have built a working OpenVAS VM around Ubuntu 11.10, so using older libraries. I have what I need for now, but I will eagerly test the next release when it comes out.
While I was troubleshooting, I tried three different versions of libmicrohttpd, 0.4.6, 0.9.15 (a tip from another thread on this list) and 0.9.21. All three produced the same hang, supporting the thesis the problem is with another library. Even though I was running GSA in http-only mode, I do understand the manager talks to the scanner using SSL. Alan On 7/30/12, Michael Wiegand <[email protected]> wrote: > Hello Alan, > > this is most likely related to an issue with OpenVAS and libgnutls >= > 2.12. This issue is already solved in the OpenVAS SVN trunk and will be > included in the next releases. > > If you want to apply the patch yourself, see SVN revision 13769. > > Regards, > > > Michael > > * Alan Tu [28. Jul 2012]: >> Hello, I'm attempting to install OpenVAS and Greenbone Security >> Assistant on Ubuntu 12.04 VM. I got everything to compile, install, >> and start, the openvas-check-setup says everything is ok (except the >> parts like pdfdeflate that are optional), and I can visit the GSA log >> in page. However when I hit log in, the server never responds with >> anything, yet keeps the TCP connection open. The rest of this e-mail >> outlines how I compiled and installed and start things, and has some >> logs. I'd appreciate any advice on the next steps to troubleshoot. >> Thanks. >> >> Alan >> >> 1. Installation >> Update apt packages list (apt-get update) >> install dependencies (excluding documentation and some extras): >> apt-get -y install cmake make pkg-config libglib2.0-dev libgnutls-dev >> libssh-dev libpcap0.8-dev libgpgme11-dev libldap2-dev uuid-dev bison >> sqlite3 libsqlite3-dev xsltproc libxslt1-dev >> download tarballs for libraries, scanner, manager, administrator, gsa >> download source tarball for libmicrohttpd, as the one available in my >> repository is 0.4.6 from 2010, and some people have said certain >> versions is buggy >> untar everything >> >> libmicrohttpd-0.9.21: >> ./configure; make; make install >> >> openvas-libraries-5.0.1: >> I had to modify nasl/CMakeLists.txt to link against libssh. >> cmake CMakeLists.txt; make; make install >> >> openvas-scanner-3.3.1: >> I had to modify src/CMakeLists.txt to link against libssh. >> cmake CMakeLists.txt; make; make install >> >> openvas-manager-3.0.1 >> I had to modify CMakeLists.txt to remove the -Werror compiler flag so >> that sourcecode warnings wouldn't be fatal. >> cmake CMakeLists.txt; make; make install >> >> openvas-administrator-1.2.0: >> I had to modify CMakeLists.txt to remove the -Werror compiler flag so >> that sourcecode warnings wouldn't be fatal. >> cmake CMakeLists.txt; make; make install >> >> greenbone-security-assistant-3.0.1: >> cmake CMakeLists.txt; make; make install >> >> 2. Post-install >> openvas-mkcert # make the cert for the scanner, server-side >> openvas-mkcert-client -n om -i # make the cert for the manager, >> client-side >> openvasad -c "add_user" -n name -r Admin # add an admin user >> openvas-nvt-sync # download the free NVT feed >> >> 2a. Get ready to debug >> Under /usr/local/etc/openvas/, in gsa_log.conf, openvasad_log.conf, >> and openvasmd_log.conf, change all the level= statements to 255. >> >> 3. Start-up >> openvassd # start the scanner and load all the plug-ins >> openvasmd --rebuild # rebuild the manager database >> openvasmd # start the manager >> openvasad # start the administrator >> gsad --http-only --mlisten=127.0.0.1 -m 9390 --alisten=127.0.0.1 -a >> 9393 -v # start in HTTP mode (port 80, for testing), specify all the >> ports explicitly >> >> I can visit the login page on port 80, however when I press log in, >> the server gives no response while holding the connection open. >> >> Here is the gsad.log when I log in: >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> name token value (null) >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> failed to match, value NULL >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> name cmd value login >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching >> <^(create_agent)|(create_config)|(create_escalator)|(create_lsc_credential)|(create_note)|(create_override)|(create_port_list)|(create_port_range)|(create_report)|(create_schedule)|(create_slave)|(create_target)|(create_task)|(create_user)|(delete_agent)|(delete_config)|(delete_escalator)|(delete_lsc_credential)|(delete_note)|(delete_override)|(delete_port_list)|(delete_port_range)|(delete_report)|(delete_report_format)|(delete_schedule)|(delete_slave)|(delete_target)|(delete_task)|(delete_trash_agent)|(delete_trash_config)|(delete_trash_escalator)|(delete_trash_lsc_credential)|(delete_trash_port_list)|(delete_trash_report_format)|(delete_trash_schedule)|(delete_trash_slave)|(delete_trash_target)|(delete_trash_task)|(delete_user)|(edit_config)|(edit_config_family)|(edit_config_nvt)|(edit_lsc_credential)|(edit_my_settings)|(edit_note)|(edit_override)|(edit_report_format)|(edit_settings)|(edit_task)|(edit_user)|(empty_trashcan)|(escalate_report)|(export_config)|(export_lsc_credential)| >> >> (export_note)|(export_override)|(export_port_list)|(export_preference_file)|(export_report_format)|(get_agent)|(get_agents)|(get_config)|(get_config_family)|(get_config_nvt)|(get_configs)|(get_feed)|(get_escalator)|(get_escalators)|(get_info)|(get_lsc_credential)|(get_lsc_credentials)|(get_my_settings)|(get_note)|(get_notes)|(get_nvts)|(get_override)|(get_overrides)|(get_port_list)|(get_port_lists)|(get_report)|(get_report_format)|(get_report_formats)|(get_result)|(get_settings)|(get_schedule)|(get_schedules)|(get_slave)|(get_slaves)|(get_system_reports)|(get_target)|(get_targets)|(get_tasks)|(get_trash)|(get_user)|(get_users)|(import_config)|(import_port_list)|(import_report_format)|(login)|(modify_auth)|(new_note)|(new_override)|(new_task)|(pause_task)|(restore)|(resume_paused_task)|(resume_stopped_task)|(test_escalator)|(save_config)|(save_config_family)|(save_config_nvt)|(save_container_task)|(save_lsc_credential)|(save_my_settings)|(save_note)|(save_override)|(save_report_forma >> >> t)|(save_settings)|(save_task)|(save_user)|(start_task)|(stop_task)|(sync_feed)|(verify_agent)|(verify_report_format)$> >> against <login>: >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> matched >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> name text value /omp?cmd=get_tasks&overrides=1 >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching <^.{0,1000}> >> against </omp?cmd=get_tasks&overrides=1>: >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> matched >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> name password value password >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching <^.{0,40}$> >> against <password>: >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> matched >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> name login value username >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching >> <^[[:alnum:]-_@.]+$> against <username>: >> gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: >> matched >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: Connected to server. >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: Shook hands with >> server. >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: send 114 from >> <authenticate><credentials><us[...] >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: => >> <authenticate><credentials><username>username</username><password>password</password></credentials></authenticate> >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: => done >> lib xml:MESSAGE:2012-07-28 20h03.39 utc:23525: asking for 1048576 >> >> And this is what happened 15 minutes later when I closed the browser. >> >> lib xml:MESSAGE:2012-07-28 20h18.39 utc:23525: Error: Error on >> line 1 char 1: Document was empty or contained only whitespace >> >> lib xml:MESSAGE:2012-07-28 20h18.39 utc:23525: End error: Error >> on line 1 char 1: Document was empty or contained only whitespace >> >> gsad base: DEBUG:2012-07-28 20h18.39 utc:23525: text to transform: >> [<login_page><message>Login failed.</message><token></token><time>Sat >> Jul 28 20:18:39 2012 utc</time></login_page>] >> >> gsad base: DEBUG:2012-07-28 20h18.39 utc:23525: xsl_transform: >> Spawning in parent dir: xsltproc gsad.xsl >> /tmp/gsa_xsl_transform_VGvT8t >> >> And here is the openvasmd.log: >> [before the connection, at start-up] >> lib auth:WARNING:2012-07-28 19h57.49 utc:23716: Authentication >> configuration could not be loaded. >> >> [during the connection attempt] >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23862: Shook hands with >> peer. >> lib serv: DEBUG:2012-07-28 20h03.39 utc:23862: Connected to >> server on socket 6. >> >> And finally, openvasad.log: >> >> lib auth:WARNING:2012-07-28 19h53.47 UTC:23520: Authentication >> configuration could not be loaded. >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > -- > Michael Wiegand | Greenbone Networks GmbH | http://www.greenbone.net/ > Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 > Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner > > _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
