Azure DevOps Git Repo错误- RPC失败;curl 56失败
Azure DevOps Git Repo错误- RPC失败;curl 56失败
提问于 2022-05-08 18:40:59
我有一个Azure DevOps项目和几个Git。当我从命令提示符对“坏”回购执行git clone时,会收到以下错误消息:
Cloning into 'myBadRepo'...
remote: Azure Repos
remote: Found 176 objects to send. (0 ms)
error: RPC failed; curl 56 Failure when receiving data from the peer
Receiving objects: 100% (176/176), 10.22 MiB | 25.46 MiB/s, done.
Resolving deltas: 100% (48/48), done.在谷歌搜索curl 56 Failure时,大多数人都说这是防火墙或代理的问题。我是在一个公司的网络,使用思科AnyConnect作为一个虚拟专用网,但关闭它没有什么区别。我的机器也在使用zScaler进行“互联网安全”,我知道这会破坏证书,但我不能禁用它。但我怀疑防火墙、代理或证书是否是主要问题,因为我可以成功地从相同的Azure DevOps组织和项目中克隆不同的Git:
Cloning into 'myWorkingRepo'...
remote: Azure Repos
remote: Found 107 objects to send. (3 ms)
Receiving objects: 100% (107/107), 859.57 KiB | 29.64 MiB/s, done.
Resolving deltas: 100% (35/35), done.我试过像https://stackoverflow.com/a/66207817/11057678建议的那样做一个“浅层克隆”,并按照https://stackoverflow.com/a/68097529/11057678的建议增加http.postBuffer,但两者都没有区别。
我打开了详细的模式和跟踪,就像在https://confluence.atlassian.com/stashkb/git-clone-fails-error-rpc-failed-result-56-http-code-200-693897332.html中建议的那样
set GIT_TRACE_PACKET=1
set GIT_TRACE=1
set GIT_CURL_VERBOSE=1我可以看到,这两个日志都重复了有关Info: schannel: failed to decrypt data, need more data的警告,但“工作”回购成功地进行了克隆,而“坏”回购有更多这样的警告,在最后一组647 (!) failed to decrypt消息之后,它显示了一个关闭的连接,然后curl 56失败:
Info: schannel: server closed abruptly (missing close_notify)
Info: Closing connection 0
channel: shutting down SSL/TLS connection with dev.azure.com port 443
error: RPC failed; curl 56 Failure when receiving data from the peer下面是“坏”日志的摘录(完整的日志太长,无法发布)。两个日志都包含相同的与授权相关的警告和错误,但是这些并不会阻止“好”回购的克隆。一个特别的错误是URL编码。
The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource这个用户是从哪里来的?我怀疑,如果我能够配置Git和/或Azure DevOps回购,以消除这些与授权相关的警告和错误,我的“坏”回购的问题将得到解决。希望有人能看看他们,给我一些建议或指导,谢谢!
“坏”回购日志摘录:
git clone https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.157466 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
05:13:49.158466 git.c:459 trace: built-in: git clone https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
Cloning into 'myBadRepo'...
05:13:49.180609 run-command.c:654 trace: run_command: git remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.194684 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.195683 git.c:748 trace: exec: git-remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.196685 run-command.c:654 trace: run_command: git-remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.212111 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.220376 http.c:689 == Info: Couldn't find host dev.azure.com in the (nil) file; using defaults
05:13:49.225816 http.c:689 == Info: Trying 13.107.42.20:443...
05:13:49.244824 http.c:689 == Info: Connected to dev.azure.com (13.107.42.20) port 443 (#0)
05:13:49.245003 http.c:689 == Info: schannel: disabled automatic use of client certificate
05:13:49.313976 http.c:636 => Send header, 0000000240 bytes (0x000000f0)
05:13:49.313976 http.c:648 => Send header: GET /myOrganization/myDevOpsProject/_git/myBadRepo/info/refs?service=git-upload-pack HTTP/1.1
05:13:49.313976 http.c:648 => Send header: Host: dev.azure.com
05:13:49.313976 http.c:648 => Send header: User-Agent: git/2.36.0.windows.1
05:13:49.313976 http.c:648 => Send header: Accept: */*
05:13:49.313976 http.c:648 => Send header: Accept-Encoding: deflate, gzip, br, zstd
05:13:49.313976 http.c:648 => Send header: Pragma: no-cache
05:13:49.313976 http.c:648 => Send header: Git-Protocol: version=2
05:13:49.313976 http.c:648 => Send header:
05:13:49.571301 http.c:689 == Info: schannel: failed to decrypt data, need more data
... 8 lines removed ...
05:13:49.672466 http.c:689 == Info: schannel: failed to decrypt data, need more data
05:13:49.672466 http.c:689 == Info: Mark bundle as not supporting multiuse
05:13:49.672466 http.c:636 <= Recv header, 0000000027 bytes (0x0000001b)
05:13:49.672466 http.c:648 <= Recv header: HTTP/1.1 401 Unauthorized
[....]
05:13:49.672466 http.c:648 <= Recv header: WWW-Authenticate: Bearer authorization_uri=https://login.microsoftonline.com/cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636 <= Recv header, 0000000071 bytes (0x00000047)
05:13:49.672466 http.c:648 <= Recv header: WWW-Authenticate: Basic realm="https://tfsprodcus6.visualstudio.com/"
05:13:49.672466 http.c:636 <= Recv header, 0000000033 bytes (0x00000021)
[...]
05:13:49.672466 http.c:648 <= Recv header: X-FRAME-OPTIONS: SAMEORIGIN
05:13:49.672466 http.c:636 <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-FedAuthRealm: https://tfsprodcus6.visualstudio.com/
05:13:49.672466 http.c:636 <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-FedAuthIssuer: https://dev.azure.com/myOrganization/
05:13:49.672466 http.c:636 <= Recv header, 0000000073 bytes (0x00000049)
05:13:49.672466 http.c:648 <= Recv header: X-VSS-AuthorizationEndpoint: https://vssps.dev.azure.com/myOrganization/
05:13:49.672466 http.c:636 <= Recv header, 0000000060 bytes (0x0000003c)
05:13:49.672466 http.c:648 <= Recv header: X-VSS-ResourceTenant: cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636 <= Recv header, 0000000710 bytes (0x000002c6)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-SoapException: %3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22utf-8%22%3F%3E%3Csoap%3AEnvelope%20xmlns%3Asoap%3D%22http%3A%2F%2Fwww.w3.org%2F2003%2F05%2Fsoap-envelope%22%3E%3Csoap%3ABody%3E%3Csoap%3AFault%3E%3Csoap%3ACode%3E%3Csoap%3AValue%3Esoap%3AReceiver%3C%2Fsoap%3AValue%3E%3Csoap%3ASubcode%3E%3Csoap%3AValue%3EUnauthorizedRequestException%3C%2Fsoap%3AValue%3E%3C%2Fsoap%3ASubcode%3E%3C%2Fsoap%3ACode%3E%3Csoap%3AReason%3E%3Csoap%3AText%20xml%3Alang%3D%22en%22%3ETF400813%3A%20The%20user%20%27aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa%27%20is%20not%20authorized%20to%20access%20this%20resource.%3C%2Fsoap%3AText%3E%3C%2Fsoap%3AReason%3E%3C%2Fsoap%3AFault%3E%3C%2Fsoap%3ABody%3E%3C%2Fsoap%3AEnvelope%3E
05:13:49.673499 http.c:636 <= Recv header, 0000000148 bytes (0x00000094)
05:13:49.673499 http.c:648 <= Recv header: X-TFS-ServiceError: TF400813%3A%20The%20user%20%27aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa%27%20is%20not%20authorized%20to%20access%20this%20resource.
05:13:49.673499 http.c:636 <= Recv header, 0000000079 bytes (0x0000004f)
05:13:49.673499 http.c:648 <= Recv header: X-VSS-S2STargetService: 00000002-0000-8888-8000-000000000000/visualstudio.com
05:13:49.673499 http.c:636 <= Recv header, 0000000540 bytes (0x0000021c)
05:13:49.673499 http.c:648 <= Recv header: X-TFS-FedAuthRedirect: https://spsprodcus4.vssps.visualstudio.com/_signin?realm=dev.azure.com&reply_to=https%3A%2F%2Fdev.azure.com%2FmyOrganization%2FmyDevOpsProject%2F_git%2FmyBadRepo%2Finfo%2Frefs%3Fservice%3Dgit-upload-pack&redirect=1&hid=73b36635-d080-433b-9d64-87b14cd2b062&context=eyJodCI6MiwiaGlkIjoiOWE0OWZlYjMtY2FkYS00YWRmLWFkMjItZWZiZWViYWY0NDdhIiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90#ctx=eyJTaWduSW5Db29raWVEb21haW5zIjpbImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSIsImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSJdfQ2回答 3
Stack Overflow用户
发布于 2022-05-08 19:36:47
这绝对是兹斯卡勒的问题。我有同样的问题(回购越大,发生卷曲错误的概率越高),并在这个回答中找到了解释。
唯一的解决方案是使用Zscaler证书。
Stack Overflow用户
发布于 2022-05-09 21:39:50
按照@Philippe的建议和链接,将zScaler证书添加到Git配置中解决了我的问题。在阅读了这些帖子之后,我所采取的具体步骤如下:
- 在Windows菜单中,运行“管理计算机证书”控件面板应用程序
- 转到受信任的根证书颁发机构( -> -> Zscaler ->根CA ),右键单击证书以打开证书。
- 在“详细信息”选项卡上,单击“复制到文件”
- 证书导出向导将打开,单击“下一步”
- 选择“Bas-64编码X.509 (.cer)”,然后单击Next
- 将文件保存为“C:\Users\AppData\Roaming\ZscalerRootCA.cer”,单击Finish,退出控制面板应用程序
- 通过运行以下命令,打开命令提示符并配置Git以使用证书:
- git config --global http.sslbackend openssl
- git config --global http.sslcainfo C:\Users\<username>\AppData\Roaming\ZscalerRootCA.cer谢谢!
Stack Overflow用户
发布于 2022-05-08 19:29:29
这个用户
aaaaaaa来自哪里?
它是(如Azure/azure-devops-cli-extension中所示) _ANONYMOUS_USER_ID。
错误消息只意味着匿名用户无法访问这个存储库(这是预期的)。
由于即使是浅层克隆也不起作用,因此,为了进行测试,我会:
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72164095
复制相关文章
相似问题
腾讯云开发者
