On Wed, Dec 28, 2005 at 10:57:42AM +0100, Javier Fernández-Sanguino Peña wrote: > After debugging this issue in a system that Marc Haber set up for testing > I've found two different issues, one is a misconfiguration, the other is a > problem with the nessus package (the client)
> - (fixing the above) the nessus client was not able to connect to the server > error . Error message: > [ client ] > [8305] SSL_connect: error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert > bad record mac > nessus : SSL error > [ none at server ] > I downgraded the nessus client version to 2.2.5-2 (which is *not* compiled > against both 0.9.7 and 0.9.8 SSL libraries) and it worked fine. > The issue should be fixed by recompiling the client against a set of the > libraries, and should affect only the 2.2.5-3 version under i386. Notice, > also that the package has an undeclared dependency on libssl0.9.7 (the binary > is linked against that one). Why do you say that? $ dpkg -x n/nessus-core/nessus_2.2.5-3_i386.deb /tmp/nessus $ ldd /tmp/nessus/usr/bin/nessus |grep ssl libssl.so.0.9.8 => not found $ I don't see any reason to think that 2.2.5-3 is linked against 0.9.7. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature