(*** This bug was imported into bugs.kde.org ***) Package: kdelibs Version: CVS 20000912 (about) System: Solaris 2.7 / Sparc (gcc 2.95/Solaris ld) When I try to access an https page e.g.=20 https://secure.dabs.com/shopping/orderstatus.asp I get an error pop-up saying: "Could not connect to host=20 secure.dabs.com" I have OpenSSL 0.9.5a installed and the kdelibs & kdebase configures=20 find it OK. In kcontrol personalisation->crypto shows a full list of=20 protocols. The page given above opens successfully with konqueror on Linux and=20 with Netscape on Solaris. I've posted this under kdelibs as I'm not sure if its kio or kssl that=20 has a problem (I can't see any way to put something under 2 packages). James --=20 +------------------------+-------------------------------+---------+ | James Tappin | School of Physics & Astronomy | O__ | | sjt@star.sr.bham.ac.uk | University of Birmingham | -- \/` | | Ph: 0121-414-6462. Fax: 0121-414-3722 | | +--------------------------------------------------------+---------+
On Thu 14 Sep 2000 James Tappin wrote: > Package: kdelibs > Version: CVS 20000912 (about) > > System: Solaris 2.7 / Sparc (gcc 2.95/Solaris ld) > > When I try to access an https page e.g. > https://secure.dabs.com/shopping/orderstatus.asp > I get an error pop-up saying: > "Could not connect to host > secure.dabs.com" > > I have OpenSSL 0.9.5a installed and the kdelibs & kdebase configures > find it OK. In kcontrol personalisation->crypto shows a full list of > protocols. > > The page given above opens successfully with konqueror on Linux and > with Netscape on Solaris. > > I've posted this under kdelibs as I'm not sure if its kio or kssl that > has a problem (I can't see any way to put something under 2 packages). Try changing the ciphers to see if it'is a cipher related problem. For instance try forcing only SSLv2 or only SSLv3. Also maybe try selecting only certain ciphers such as RC4-MD5 based 128 bit algorithms. It could be an OpenSSL problem. My Solaris box is too slow/small to run KDE to test however I have found sites with Linux that give this result and it ended up being cipher/ssl version related. -- George Staikos
David F says he's fixed it. --=20 +------------------------+-------------------------------+---------+ | James Tappin | School of Physics & Astronomy | O__ | | sjt@star.sr.bham.ac.uk | University of Birmingham | -- \/` | | Ph: 0121-414-6462. Fax: 0121-414-3722 | | +--------------------------------------------------------+---------+
On Thu 14 Sep 2000 George Staikos wrote: > > Try changing the ciphers to see if it'is a cipher related problem. > For instance try forcing only SSLv2 or only SSLv3. Also maybe try > selecting only certain ciphers such as RC4-MD5 based 128 bit > algorithms. It could be an OpenSSL problem. My Solaris box is too > slow/small to run KDE to test however I have found sites with Linux > that give this result and it ended up being cipher/ssl version > related. Finally managed to do some more checks but still no joy. 1) I've now upgraded to OpenSSL 0.9.6 2) It seems that the following SSLv3 ciphers cause the cannot connect=20 messages: EXP0124-RC4-SHA ESP1024-DES-CBC-SHA EXP1024-RC2-CBC-MD5 FZA-RC4-SHA FZA-FZA-CBC-SHA FZA-NULL-SHA DH-RSA-DES-CBC3-SHA DH-RSA-DES-CBC-SHA EXP-DH-RSA-DES-CBC-SHA DH-DSS-DES-CBC3-SHA DH-DSS-DES-CBC-SHA EXP-DH-DSS-DES-CBC-SHA DES-CBC-SHA EXP-RCS-CBC-MD5 EXP-RC4-MD5 NULL-SHA NULL_MD5 And I think at least one other since disabling this list still gives=20 the error. 3) For all SSLv2 ciphers and for other SSLv3 ciphers I get an error=20 that "The process for the https://secure.dabs.com protocol died=20 unexpectedly". The following is the apparently relevant messages from=20 startkde.elog khtml: Ah https://secure.dabs.com/shopping/orderstatus.asp has been=20 visited some time ago khtml:=20 m_strSelectedURL=3D'https://secure.dabs.com/shopping/orderstatus.asp'=20 target=3D khtml: complete URL:https://secure.dabs.com/shopping/orderstatus.asp=20 target =3D konqueror: KonqMainWindow::openURL : url =3D=20 'https://secure.dabs.com/shopping/orderstatus.asp' serviceType=3D''=20 view=3D11c1f8 konqueror: KonqView::stop() khtml (part): saveState! khtml (part): KHTMLPart::saveState saving URL=20 http://www.dabs.com/home.asp konqueror: KonqMainWindow::stopAnimation konqueror: setLocationBarURL : url =3D=20 https://secure.dabs.com/shopping/orderstatus.asp konqueror: KonqMainWindow::setLocationBarURL : url =3D=20 https://secure.dabs.com/shopping/orderstatus.asp konqueror: trying openView for=20 https://secure.dabs.com/shopping/orderstatus.asp (servicetype ) konqueror: Creating new konqrun for=20 https://secure.dabs.com/shopping/orderstatus.asp req.typedURL=3D konqueror: KonqMainWindow::startAnimation kio (Slave): createSlave for=20 https://secure.dabs.com/shopping/orderstatus.asp kio (KLauncher): requestSlave https secure.dabs.com KInit: Got EXEC 'kio_https' from klauncher kio (KLauncher): kio_https (pid 5594) up and running. KLauncher doing clientStarted(`kio_https') kio (KLauncher): Slave launched pid =3D 5594 kio (KLauncher): requestSlave got pid 5594 kio (Slave): PID of slave =3D 5594 kio (KIOJob): TransferJob::start : Sending metadata : kio (KIOJob): window-id=3D125829126 kio (Scheduler): PROTOCOL =3D https idle =3D 0 DCOP: register 'anonymous-5594' kio (KLauncher): KLauncher: Got=20 start_service_by_desktop_name('kcookiejar' ...) DCOP: unregister 'anonymous-5594' kio_http: KSSL constructor enter kio (Slave): slave has connected to application kio_http: KSSL initialize kio_http: KSSL constructor exit DCOP: register 'anonymous-5594' kio_http: reparseConfiguration! kio_http: KLocale::initLanguage setEncodingLang C kio_http: Languages list set to en_GB en_GB en C kio (Slave): got answer 26 kio_http: KSSL initialize kio_http: SSL was initialised. kio_http: SSL about to connect. kio_http: KSSL connect kio_http: KSSL verification logic kioslave : ###############SEG FAULT############# DCOP: unregister 'anonymous-5594' kdeinit: PID 5594 terminated. kio (Slave): slave died (1) pid =3D 5594 kio (KIOJob): TransferJob::slotFinished(4292a0=20 https://secure.dabs.com/shopping/orderstatus.asp) kio (KRun): ERROR: ERROR 43 https://secure.dabs.com kio (kioslave): slavewrapper: Communication with app lost. Returning to=20 slave pool.=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 =20=20=20=20=20=20=20=20=20=20=20=20=20=20 James --=20 +------------------------+-------------------------------+---------+ | James Tappin | School of Physics & Astronomy | O__ | | sjt@star.sr.bham.ac.uk | University of Birmingham | -- \/` | | Ph: 0121-414-6462. Fax: 0121-414-3722 | | +--------------------------------------------------------+---------+
On Fri 29 Sep 2000 James Tappin wrote: Turn on TLSv1 and this site will work. They must have disabled SSLv2/v3 on their server. We still do need to put in more tests for NULL or errors though - to avoid crashes. -- George Staikos
*** Bug 105703 has been marked as a duplicate of this bug. ***