Google Drive SSL protocol error, moodle 2.6

Re: Google Drive SSL protocol error, moodle 2.6

by Matteo Scaramuccia -
Number of replies: 0
Picture of Core developers Picture of Peer reviewers Picture of Plugin developers

Hi Phani,
I'll carefully look at the logs in the next days: unfortunately nothing seems to be wrong at first glance except that your error is still there.
In the mean time, could you make the last effort on your side to exclude any (HTTPS) issue between your server, curl and your proxy?

$ curl -v https://accounts.google.com -x <proxyusername>:<proxypassword>@10.129.168.48:800

The output from one of my Linux servers (curl -v https://accounts.google.com -x matteo:password@127.0.0.1:3128) looks like:

* About to connect() to proxy 127.0.0.1 port 3128
*   Trying 127.0.0.1... connected
* Connected to 127.0.0.1 (127.0.0.1) port 3128
* Establish HTTP proxy tunnel to accounts.google.com:443
* Proxy auth using Basic with user '<username>' <-- Remember to blank what comes after "user " to avoid disclosing your username!
> CONNECT accounts.google.com:443 HTTP/1.0
> Host: accounts.google.com:443
> Proxy-Authorization: Basic <blank> <-- Remember to blank what comes after "Basic " to avoid disclosing your credentials!
> User-Agent: curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 Connection established
<
* Proxy replied OK to CONNECT request
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSLv2, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Server finished (14):
SSLv3, TLS handshake, Client key exchange (16):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSL connection using RC4-SHA
* Server certificate:
*        subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=accounts.google.com
*        start date: 2013-12-11 12:57:33 GMT
*        expire date: 2014-04-10 00:00:00 GMT
*        subjectAltName: accounts.google.com matched
*        issuer: /C=US/O=Google Inc/CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Host: accounts.google.com
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Content-Type: text/html; charset=UTF-8
< Strict-Transport-Security: max-age=2592000; includeSubDomains
< X-Frame-Options: DENY
< Location: https://accounts.google.com/ManageAccount
< Content-Length: 223
< Date: Tue, 31 Dec 2013 13:03:51 GMT
< Expires: Tue, 31 Dec 2013 13:03:51 GMT
< Cache-Control: private, max-age=0
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Alternate-Protocol: 443:quic
<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://accounts.google.com/ManageAccount">here</A>.
</BODY>
</HTML>
* Connection #0 to host 127.0.0.1 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

and from CygWin console (borrowed from the git Windows console) to the same proxy server:

$ curl -v https://accounts.google.com -x matteo:password@192.168.0.50:3128
* About to connect() to proxy 192.168.0.50 port 3128 (#0)
*   Trying 192.168.0.50...
* Adding handle: conn: 0x1665938
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1665938) send_pipe: 1, recv_pipe: 0
* Connected to 192.168.0.50 (192.168.0.50) port 3128 (#0)
* Establish HTTP proxy tunnel to accounts.google.com:443
* Proxy auth using Basic with user '<username>' <-- Remember to blank what comes after "user " to avoid disclosing your username!
> CONNECT accounts.google.com:443 HTTP/1.1
> Host: accounts.google.com:443
> Proxy-Authorization: Basic <blank> <-- Remember to blank what comes after "Basic " to avoid disclosing your credentials!
> User-Agent: curl/7.30.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 Connection established
<
* Proxy replied OK to CONNECT request
* successfully set certificate verify locations:
*   CAfile: C:\Program Files\Git\bin\curl-ca-bundle.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*        subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=accounts.go
*        start date: 2013-12-11 12:57:33 GMT
*        expire date: 2014-04-10 00:00:00 GMT
*        subjectAltName: accounts.google.com matched
*        issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
*        SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: accounts.google.com
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Content-Type: text/html; charset=UTF-8
< Strict-Transport-Security: max-age=2592000; includeSubDomains
< X-Frame-Options: DENY
< Location: https://accounts.google.com/ManageAccount
< Content-Length: 223
< Date: Tue, 31 Dec 2013 13:14:54 GMT
< Expires: Tue, 31 Dec 2013 13:14:54 GMT
< Cache-Control: private, max-age=0
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
* Server GSE is not blacklisted
< Server: GSE
< Alternate-Protocol: 443:quic
<
<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://accounts.google.com/ManageAccount">here</A>.
</BODY>
</HTML>
* Connection #0 to host 192.168.0.50 left intact

HTH,
Matteo

Average of ratings: -