Problem with Insync servers?


#1

Hi

Since yesterday evening I have my Insync icon that is most of time greyed out and unable to do any synchro ! I have 3 Google Business accounts in synchro and none of them are working in Insync (two colleagues have same problem, one using some Google Business accounts and one Gmail account and that have exact same problem !)
I’m using latest Ubuntu release and they are using Mac version !
Is it a problem with Google ? Insync ? My drives are perfectly fine if I try to access them through Web !

Thanks

Vincèn


#2

There is no noted issue with Insync as of the moment, but we would like to investigate this. Please send in your logs along with the link to this post to support@insynchq.com
How to find the log files


#3

Logs sent :wink: I have noticed at the end of lot of these:

CRITICAL:root:SSL certificate validation failed! (host: doc-14-7k-docs.googleusercontent.com, error: SSLError(1, '_ssl.c:510: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'))
INFO:root:Net error: SSLError(1, '_ssl.c:510: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number') GET u'https://doc-14-7k-docs.googleusercontent.com/docs/securesc/j4j240p9g1uatrje4d1q5nj9ecu7a73j/ap8fhgdtu1ghc1te7n7ucmfnfjii1t2j/1480600800000/14528330514581946519/12065826475704336337/0BwyyI89Z0vUnY1BVTzhlelFmZzg?rid=0BwyyI89Z0vUnZnA0VUI2bTFZUjJBM29veVNlcXY0TU9pMWhFPQ&h=14006401228980817301&e=download&gd=true'
CRITICAL:root:SSL certificate validation failed! (host: doc-00-7k-docs.googleusercontent.com, error: SSLError(1, '_ssl.c:510: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'))
INFO:root:Net error: SSLError(1, '_ssl.c:510: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number') GET u'https://doc-00-7k-docs.googleusercontent.com/docs/securesc/j4j240p9g1uatrje4d1q5nj9ecu7a73j/rrbct4l64nem8oehcnpqhsqvkh922ltg/1480600800000/14528330514581946519/12065826475704336337/0BwyyI89Z0vUnTUZ3YVB6OGRORkU?rid=0BwyyI89Z0vUncHVneEphUjE0M3JmVHptY0NoblBtSU54di9RPQ&h=14006401228980817301&e=download&gd=true'

Google issues with some servers ?

Thanks

Vincèn


#4

Tagging our engineer @lpugoy and he will get back to you.


#5

Thanks, I have noticed that using my VPN to Netherlands the problem disappeared ! What port is used by Insync to do synchronisation ? Is it just regular SSL Web connection ? as I’m currently in Bahrain where Internet is a little filtered (but all Google services are fully avalaible !)


#6

Some news about it ? My colleague on Mac still has the problem with same Python error as me !!

Thanks


#7

@Vincen: Apologies for not replying sooner. The logs suggest that Insync is trying to connect using SSLv3. It is not supported by the server Insync is trying to connect to which causes the issue. Please try the following to debug.

Run openssl s_client -connect doc-00-7k-docs.googleusercontent.com:443 2>/dev/null | grep -C1 Protocol. The output may look like this:

$ openssl s_client -connect doc-00-7k-docs.googleusercontent.com:443 2>/dev/null | grep -C1 Protocol
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256

This is just to confirm the protocol used when connecting normally.

Run the command nmap --script ssl-enum-ciphers -p 443 doc-00-7k-docs.googleusercontent.com as well to confirm what protocols and ciphers are supported. In my test the output is:

$ nmap --script ssl-enum-ciphers -p 443 doc-00-7k-docs.googleusercontent.com

Starting Nmap 7.01 ( https://nmap.org ) at 2016-12-05 17:42 PHT
Nmap scan report for doc-00-7k-docs.googleusercontent.com (216.58.220.225)
Host is up (0.065s latency).
Other addresses for doc-00-7k-docs.googleusercontent.com (not scanned): 2404:6800:4004:81a::2001
rDNS record for 216.58.220.225: nrt13s37-in-f225.1e100.net
PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers: 
|   TLSv1.0: 
|     ciphers: 
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|   TLSv1.1: 
|     ciphers: 
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|_  least strength: C

Nmap done: 1 IP address (1 host up) scanned in 10.38 seconds

which confirms that the server only supports TLS.


#8

Hi

Here is result of each command:

vincen@portable-ubuntu:~/Bureau$ openssl s_client -connect doc-00-7k-docs.googleusercontent.com:443 2>/dev/null | grep -C1 Protocol

SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
vincen@portable-ubuntu:~/Bureau$

vincen@portable-ubuntu:~/Bureau$ nmap --script ssl-enum-ciphers -p 443 doc-00-7k-docs.googleusercontent.com

Starting Nmap 7.01 ( https://nmap.org ) at 2016-12-06 11:40 AST
Nmap scan report for doc-00-7k-docs.googleusercontent.com (172.217.18.33)
Host is up (0.15s latency).
Other addresses for doc-00-7k-docs.googleusercontent.com (not scanned): 2a00:1450:4005:808::2001
rDNS record for 172.217.18.33: ham02s12-in-f33.1e100.net
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| TLSv1.1:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| TLSv1.2:
| ciphers:
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
|_ least strength: C

Nmap done: 1 IP address (1 host up) scanned in 21.30 seconds
vincen@portable-ubuntu:~/Bureau$

Anything wrong there ?


#9

@Vincen: I see, thanks. Looks the same as my output though. Are you using a proxy with Insync? You can confirm by following the steps here: How to set network/proxy configuration.


#10

Nope no proxy but right now Insync is working fine so I guess I should do the test again when problem occurs again no ?


#11

@Vincen: I see. Do you mean that Insync is working for you and your colleague without using a VPN?


#12

@lpugoy @jaduenas I am facing the exact same issue. I am also now in Bahrain, and the problem only occurred when I arrived here. I never faced this issue when I were in UAE.

Here are my details and the issue as extracted from the log files:
OS: Mac OS Mojave version 10.14.3
Insync version: v1.5.6
Country: Bahrain
Errors:

{“message”: “SSL certificate validation failed! (host: %s, error: %r)”, “params”: [“doc-00-bc-docs.googleusercontent.com”, “SSLError(1, u’[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590)’)”]}

{“message”: “Net error: %r %s %r”, “params”: [“SSLError(1, u’[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590)’)”, “GET”, “https://doc-00-bc-docs.googleusercontent.com/docs/securesc/90nrbpb1dc5ge0k0riqu0h7spoie7oqk/e7416dhuqepnr9m7lq78hviuvr6mqqgq/1552125600000/09514303184898543603/12548507927374833646/19DsjHJjv9RtB8hpoCtSnwoxnLifrw9WM?rid=0B5k34xPvbAH7YlVGV3FnOHhBU2ZzbXFoR3k1ZlVhNjdEQXFFPQ&h=08252802834034310404&e=download&gd=true”]}

{“message”: “SSL certificate validation failed! (host: %s, error: %r)”, “params”: [“doc-0g-bc-docs.googleusercontent.com”, “SSLError(1, u’[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590)’)”]}

{“message”: “Net error: %r %s %r”, “params”: [“SSLError(1, u’[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:590)’)”, “GET”, “https://doc-0g-bc-docs.googleusercontent.com/docs/securesc/90nrbpb1dc5ge0k0riqu0h7spoie7oqk/pcder6qh7k5577f6hkkmib33e906l521/1552125600000/09514303184898543603/12548507927374833646/1eycM7SSSW9ENYLSutULrF5kmiyIE7UT2?rid=0B5k34xPvbAH7c2ZTZ2ltM2xMREM2aEJaSFpaZTZJRVZ3UTQ0PQ&h=08252802834034310404&e=download&gd=true”]}

And here is a screenshot of the issue:

Once I open a vpn and connect to any country, such as Netherlands, it would work straight away with no issues whatsoever.


#13

@vincen Have you managed to find any solution to this problem ?

Cause for me, sometimes, it would magically work (without a vpn), but then soon after, the issue would re-occur


#14

@heiba I never found any solution to the problem that is I guess linked to the crap internet connectivity that is filtered of bahrain and the very poor management by Batelco :frowning: The guys are definitively not knowing what they are doing (have seen crazy things done by these guys…
Hopefully I have left google drive since a long time and using my own system (Nextcloud) so I keep all my datas safe and have no problem of sync with it even in bahrain :smiley:

Good luck :wink: