Bug 73916

Summary: HTTP POST: "The process for the ... protocol died unexpectedly."
Product: [Unmaintained] kio Reporter: Steffen Weber <steffen.weber>
Component: httpAssignee: Unassigned bugs mailing-list <unassigned-bugs>
Status: RESOLVED WORKSFORME    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Steffen Weber 2004-01-31 20:55:13 UTC 
Version:            (using KDE Devel)
Installed from:    Compiled sources
Compiler:          GCC 3.3.2 
OS:          Linux

I'm trying to send the login form in the upper right on https://www.google.com/adsense/
Unfortunately you seem to need a valid login for the error ("The process for the https://www.google.com protocol died unexpectedly."). Therefore I've captured the HTTP messages using the Live HTTP Headers Plugin for Mozilla Firebird as you can see below.

There does not seem to be a non-SSL version of this page, therefore I don't know whether the SSL implementation of the HTTP KIO might be the cause. I'm using "OpenSSL 0.9.7c 30 Sep 2003" on Gentoo Linux.

The HTTP messages (note that I replaced some sensitive data with [---]):
----
https://www.google.com/adsense/login.do

POST /adsense/login.do HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031018 Firebird/0.7
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://www.google.com/adsense/reports-aggregate
Cookie: [---]
Content-Type: application/x-www-form-urlencoded
Content-Length: 105
destination=%2Fadsense%2Freports-aggregate&username=[---]&password=[---]&null=Login

HTTP/1.x 302 Moved Temporarily
Set-Cookie: AdSenseLocale=en; Expires=Sun, 30-Jan-05 19:49:21 GMT; Path=/
Set-Cookie: AdSenseLocaleSession=en
Set-Cookie: AdSenseLocale=de; Expires=Sun, 30-Jan-05 19:49:21 GMT; Path=/
Set-Cookie: AdSenseLocaleSession=de
Set-Cookie: [---]
Location: /adsense/reports-aggregate
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Length: 0
Date: Sat, 31 Jan 2004 19:49:22 GMT
Server: GFE/1.3
----------------------------------------------------------
https://www.google.com/adsense/reports-aggregate

GET /adsense/reports-aggregate HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031018 Firebird/0.7
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://www.google.com/adsense/reports-aggregate
Cookie: [---]

HTTP/1.x 200 OK
Set-Cookie: AdSenseLocale=de; Expires=Sun, 30-Jan-05 19:49:22 GMT; Path=/
Set-Cookie: AdSenseLocaleSession=de
Set-Cookie: [---]
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Cache-Control: private
Transfer-Encoding: chunked
Date: Sat, 31 Jan 2004 19:49:22 GMT
Server: GFE/1.3
----------------------------------------------------------
Comment 1 Waldo Bastian 2004-01-31 22:13:52 UTC 
Thanks, I can reproduce without login.

Unfortunately the first indications are that it crashes somewhere deep inside SSL.
Comment 2 Waldo Bastian 2004-01-31 23:19:42 UTC 
Valgrind says:
==2760== Invalid read of size 4
==2760==    at 0x45A43D8B: get_server_hello (in /usr/lib/libssl.so.0.9.7)
==2760==    Address 0x8 is not stack'd, malloc'd or free'd
Comment 3 Waldo Bastian 2004-02-01 15:15:31 UTC 
Problem seems to be related to the reuse of the SSL session ID.

#0  0x41836ddb in get_server_hello (s=0x80928f8) at s2_clnt.c:542
#1  0x4183682a in ssl2_connect (s=0x80928f8) at s2_clnt.c:235
#2  0x41847d8a in SSL_connect (s=0x80928f8) at ssl_lib.c:820
#3  0x401845d7 in KOpenSSLProxy::SSL_connect(ssl_st*) (this=0x8077f50, ssl=0x80928f8)
    at kio/kssl/kopenssl.cc:604
#4  0x4016e6a7 in KSSL::connect(int) (this=0x8079718, sock=8) at kio/kssl/kssl.cc:399
#5  0x401e7ccc in KIO::TCPSlaveBase::doSSLHandShake(bool) (this=0xbfffd748, sendError=false)
    at kio/kio/tcpslavebase.cpp:1259
#6  0x401e0c91 in KIO::TCPSlaveBase::connectToHost(QString const&, unsigned, bool) (
    this=0xbfffd748, host=@0xbfffd7a0, _port=0, sendError=false)
    at kio/kio/tcpslavebase.cpp:355
#7  0x41703f90 in HTTPProtocol::httpOpenConnection() (this=0xbfffd720) at http.cc:1948

0x41836ddb in get_server_hello (s=0x80928f8) at s2_clnt.c:542
542             if (s->session->peer != s->session->sess_cert->peer_key->x509)
Current language:  auto; currently c
(gdb) print s
$1 = (SSL *) 0x80928f8
(gdb) print s->session
$2 = (SSL_SESSION *) 0x8092a40
(gdb) print s->session->peer
$3 = (X509 *) 0x808b048
(gdb) print s->session->sess_cert
$4 = (struct sess_cert_st *) 0x0

#1  0x4183682a in ssl2_connect (s=0x80928f8) at s2_clnt.c:235
233                     case SSL2_ST_GET_SERVER_HELLO_A:
234                     case SSL2_ST_GET_SERVER_HELLO_B:
235                             ret=get_server_hello(s);
236                             if (ret <= 0) goto end;
Comment 4 Steffen Weber 2004-02-02 17:20:29 UTC 
Seems to be fixed in recent CVS builds, thanks!