我有一个Azure DevOps项目,其中包含几个Git存储库。当我在命令提示符下对“bad”存储库执行git clone时,我收到以下错误消息:
Cloning into 'myBadRepo'...
remote: Azure Repos
remote: Found 176 objects to send. (0 ms)
error: RPC failed; curl 56 Failure when receiving data from the peer
Receiving objects: 100% (176/176), 10.22 MiB | 25.46 MiB/s, done.
Resolving deltas: 100% (48/48), done.在谷歌上搜索curl 56 Failure,大多数人说这是防火墙或代理的问题。我在一个公司网络上,使用Cisco AnyConnect作为VPN,但关闭它没有什么区别。我的机器也使用zScaler作为“互联网安全”,我知道这会干扰证书,但我不能禁用它。但我怀疑防火墙、代理或证书是主要问题。因为我可以从同一个Azure DevOps组织和项目中成功克隆不同的Git存储库:
Cloning into 'myWorkingRepo'...
remote: Azure Repos
remote: Found 107 objects to send. (3 ms)
Receiving objects: 100% (107/107), 859.57 KiB | 29.64 MiB/s, done.
Resolving deltas: 100% (35/35), done.我已经尝试过按照https://stackoverflow.com/a/66207817/11057678的建议做一个“浅层克隆”,并按照https://stackoverflow.com/a/68097529/11057678的建议增加http.postBuffer,但两者都没有任何区别。
我按照https://confluence.atlassian.com/stashkb/git-clone-fails-error-rpc-failed-result-56-http-code-200-693897332.html中的建议打开了详细模式和跟踪
set GIT_TRACE_PACKET=1
set GIT_TRACE=1
set GIT_CURL_VERBOSE=1我可以看到,两个日志都有重复的Info: schannel: failed to decrypt data, need more data警告,这是令人担忧的,但“工作”的存储库克隆成功,而“坏”的存储库有更多这样的警告,在最后一组647(!)failed to decrypt消息之后,它显示一个关闭的连接,然后显示curl 56 Failure:
Info: schannel: server closed abruptly (missing close_notify)
Info: Closing connection 0
channel: shutting down SSL/TLS connection with dev.azure.com port 443
error: RPC failed; curl 56 Failure when receiving data from the peer下面是“坏”日志的摘录(完整日志太长,无法发布)。两个日志都包含相同的授权相关警告和错误,但不会阻止“好”存储库的克隆。一个特别的错误是URL编码的
The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource此用户aaaaaaa来自哪里?我怀疑如果我可以通过某种方式配置Git和/或Azure DevOps存储库以消除这些与授权相关的警告和错误,我的“坏”存储库问题将得到解决。希望有人可以查看它们,并给予我一些建议或指导,谢谢!
“不良”回购日志摘录:
git clone https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.157466 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
05:13:49.158466 git.c:459 trace: built-in: git clone https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
Cloning into 'myBadRepo'...
05:13:49.180609 run-command.c:654 trace: run_command: git remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.194684 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.195683 git.c:748 trace: exec: git-remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.196685 run-command.c:654 trace: run_command: git-remote-https origin https://myOrganization@dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.212111 exec-cmd.c:237 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.220376 http.c:689 == Info: Couldn't find host dev.azure.com in the (nil) file; using defaults
05:13:49.225816 http.c:689 == Info: Trying 13.107.42.20:443...
05:13:49.244824 http.c:689 == Info: Connected to dev.azure.com (13.107.42.20) port 443 (#0)
05:13:49.245003 http.c:689 == Info: schannel: disabled automatic use of client certificate
05:13:49.313976 http.c:636 => Send header, 0000000240 bytes (0x000000f0)
05:13:49.313976 http.c:648 => Send header: GET /myOrganization/myDevOpsProject/_git/myBadRepo/info/refs?service=git-upload-pack HTTP/1.1
05:13:49.313976 http.c:648 => Send header: Host: dev.azure.com
05:13:49.313976 http.c:648 => Send header: User-Agent: git/2.36.0.windows.1
05:13:49.313976 http.c:648 => Send header: Accept: */*
05:13:49.313976 http.c:648 => Send header: Accept-Encoding: deflate, gzip, br, zstd
05:13:49.313976 http.c:648 => Send header: Pragma: no-cache
05:13:49.313976 http.c:648 => Send header: Git-Protocol: version=2
05:13:49.313976 http.c:648 => Send header:
05:13:49.571301 http.c:689 == Info: schannel: failed to decrypt data, need more data
... 8 lines removed ...
05:13:49.672466 http.c:689 == Info: schannel: failed to decrypt data, need more data
05:13:49.672466 http.c:689 == Info: Mark bundle as not supporting multiuse
05:13:49.672466 http.c:636 <= Recv header, 0000000027 bytes (0x0000001b)
05:13:49.672466 http.c:648 <= Recv header: HTTP/1.1 401 Unauthorized
[....]
05:13:49.672466 http.c:648 <= Recv header: WWW-Authenticate: Bearer authorization_uri=https://login.microsoftonline.com/cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636 <= Recv header, 0000000071 bytes (0x00000047)
05:13:49.672466 http.c:648 <= Recv header: WWW-Authenticate: Basic realm="https://tfsprodcus6.visualstudio.com/"
05:13:49.672466 http.c:636 <= Recv header, 0000000033 bytes (0x00000021)
[...]
05:13:49.672466 http.c:648 <= Recv header: X-FRAME-OPTIONS: SAMEORIGIN
05:13:49.672466 http.c:636 <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-FedAuthRealm: https://tfsprodcus6.visualstudio.com/
05:13:49.672466 http.c:636 <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-FedAuthIssuer: https://dev.azure.com/myOrganization/
05:13:49.672466 http.c:636 <= Recv header, 0000000073 bytes (0x00000049)
05:13:49.672466 http.c:648 <= Recv header: X-VSS-AuthorizationEndpoint: https://vssps.dev.azure.com/myOrganization/
05:13:49.672466 http.c:636 <= Recv header, 0000000060 bytes (0x0000003c)
05:13:49.672466 http.c:648 <= Recv header: X-VSS-ResourceTenant: cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636 <= Recv header, 0000000710 bytes (0x000002c6)
05:13:49.672466 http.c:648 <= Recv header: X-TFS-SoapException: %3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22utf-8%22%3F%3E%3Csoap%3AEnvelope%20xmlns%3Asoap%3D%22http%3A%2F%2Fwww.w3.org%2F2003%2F05%2Fsoap-envelope%22%3E%3Csoap%3ABody%3E%3Csoap%3AFault%3E%3Csoap%3ACode%3E%3Csoap%3AValue%3Esoap%3AReceiver%3C%2Fsoap%3AValue%3E%3Csoap%3ASubcode%3E%3Csoap%3AValue%3EUnauthorizedRequestException%3C%2Fsoap%3AValue%3E%3C%2Fsoap%3ASubcode%3E%3C%2Fsoap%3ACode%3E%3Csoap%3AReason%3E%3Csoap%3AText%20xml%3Alang%3D%22en%22%3ETF400813%3A%20The%20user%20%27aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa%27%20is%20not%20authorized%20to%20access%20this%20resource.%3C%2Fsoap%3AText%3E%3C%2Fsoap%3AReason%3E%3C%2Fsoap%3AFault%3E%3C%2Fsoap%3ABody%3E%3C%2Fsoap%3AEnvelope%3E
05:13:49.673499 http.c:636 <= Recv header, 0000000148 bytes (0x00000094)
05:13:49.673499 http.c:648 <= Recv header: X-TFS-ServiceError: TF400813%3A%20The%20user%20%27aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa%27%20is%20not%20authorized%20to%20access%20this%20resource.
05:13:49.673499 http.c:636 <= Recv header, 0000000079 bytes (0x0000004f)
05:13:49.673499 http.c:648 <= Recv header: X-VSS-S2STargetService: 00000002-0000-8888-8000-000000000000/visualstudio.com
05:13:49.673499 http.c:636 <= Recv header, 0000000540 bytes (0x0000021c)
05:13:49.673499 http.c:648 <= Recv header: X-TFS-FedAuthRedirect: https://spsprodcus4.vssps.visualstudio.com/_signin?realm=dev.azure.com&reply_to=https%3A%2F%2Fdev.azure.com%2FmyOrganization%2FmyDevOpsProject%2F_git%2FmyBadRepo%2Finfo%2Frefs%3Fservice%3Dgit-upload-pack&redirect=1&hid=73b36635-d080-433b-9d64-87b14cd2b062&context=eyJodCI6MiwiaGlkIjoiOWE0OWZlYjMtY2FkYS00YWRmLWFkMjItZWZiZWViYWY0NDdhIiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90#ctx=eyJTaWduSW5Db29raWVEb21haW5zIjpbImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSIsImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSJdfQ2
3条答案
按热度按时间rekjcdws1#
这肯定是Zscaler的问题。我遇到了完全相同的问题(回购协议越大,出现curl错误的概率就越高,但并不总是如此),并在answer中找到了解释
唯一的解决方案是使用Zscaler证书。
6tr1vspr2#
根据@Philippe的建议和链接,在我的Git配置中添加zScaler证书解决了我的问题。在阅读了帖子之后,我采取的具体步骤是:
谢谢你!
vawmfj5a3#
此用户
aaaaaaa来自哪里?它是(如
Azure/azure-devops-cli-extension中所示)_ANONYMOUS_USER_ID。该错误消息只是表示匿名用户无法访问此存储库(这是预期的)。
由于即使是浅层克隆也不起作用,因此,为了进行测试,我将:
git archive(HEAD将内容提交为zip),以便创建一个新的Azure Devops存储库,并尝试将该内容推送到其中:这将验证内容中是否存在问题。请参阅this as an example。