"Too many redirects or authentication replays" when pushing changes

[366Cobra]

Hi,

have been search for this for a day and some people mentioned it is a bug. I can clone, stage and commit, but the push always fails. Command line push works fine

ClonedRepoPath = @"c:\temp\test" _params.ClonedRepoPath = "http://172.16.40.129/test/Interfaces.git"

clone: ` if (!Directory.Exists(_params.ClonedRepoPath)) { Directory.CreateDirectory(_params.ClonedRepoPath); }

        var result = Repository.Clone(_params.ServerPath, _params.ClonedRepoPath);

`

stage, commit and push ` using (var repo = new Repository(_params.ClonedRepoPath)) { if (repo.Network.Remotes.All(r => r.Name != name)) { repo.Network.Remotes.Add(name, _params.ServerPath); }

           Commands.Stage(repo, "*");

           if (repo.RetrieveStatus().IsDirty)
           {
              Commit commit = repo.Commit("CodeGen commit", new Signature(_params.UserName, _params.EmailAddress, System.DateTimeOffset.Now)
                                                          , new Signature(_params.UserName, _params.EmailAddress, System.DateTimeOffset.Now));

              var options = new PushOptions{
                                              CredentialsProvider = (_url, _user, _cred) => new DefaultCredentials()
                                           };

              repo.Network.Push(repo.Network.Remotes["origin"], @"refs/heads/master", options);
           }
        }

`

[jaccarmac]

What's the current status of the fix for this bug @ethomson? I'm attempting to do remote operations on an on-premise TFS install using LibGit2Sharp 0.24.1. Based on #1168 the version of libgit2 in that release (the 205 native binaries NuGet package) should contain the merged fix from 1/1.

[ethomson]

@jaccarmac Does it work with the latest 0.25 prerelease? If not, what does fiddler or wireshark show?

[jaccarmac]

Latest preview fails with "No error message has been provided". I'll get back to you on the Fiddler trace in a quick minute.

[ethomson]

OK. What kind of credentials are you trying to provide? What does your network infrastructure look like? Does your TFS server do kerberos or only NTLM?

[jaccarmac]

Hmm, I'm not totally sure, where in TFS do I check? I know there's no username-pw auth, it's all done through AD. And interestingly pull fails with a 401, so maybe I'm messing you an auth step.

[jaccarmac]

Currently just using DefaultCredentials

[ethomson]

There's a lot of ways that you could configure it, fundamentally it's in the IIS portal, but there's an easy setup option in the TFS admin itself.

One last question: your client is also Windows, yes? Not some Unix of some sort?

[jaccarmac]

I'm connecting to TFS itself using the official C# API and the 0-argument VssCredential constructor so I assumed Git auth would be somewhat symmetrical. Can I extract something from my VSS connection to use as a Git auth token? It looks like LibGit2Sharp has its own cred type so there's no obvious way I can see to do so.

[jaccarmac]

To be explicit yes I'm on Windows, and TFS will accept my AD identity when I use the VSTS API.

[jaccarmac]

Just discovered a bug in my code as well that was causing the 401. Pull also generates a null error that LG2S can't make sense of.

[jaccarmac]

The request over HTTPS is a 401 according to Fiddler however. Apparently I am trying to anonymously access...

[jaccarmac]

However that same 401 occurs when I try to authenticate against TFS without Git so I may be misidentifying it. Now it looks like LibGit2Sharp isn't even establishing a connection with the server before failing.

[ethomson]

The NTLM or Kerberos handshake has several steps. There's back and forth and the server will provide more information (like a challenge) at each step, but with a 401 code. That you're seeing 401s is not indicative of a problem.

Fiddler is a proxy (not a straight up packet filter like wireshark), so it's possible that it's changing the behavior by analyzing it. For example, Kerberos and NTLM must have a stateful connection in order to do this exchange.

These problems are incredibly hard to diagnose. What's in the server logs? Anything?

[jaccarmac]

Don't have access to them at the moment unfortunately :/. I can Wireshark the connection if that would help, but I don't think Fiddler's interfering as the TFS API can query for work items through it.

[ethomson]

What's the exception that you're getting? You said it didn't have a message, but you didn't say what type of exception it was...

[jaccarmac]

LibGit2SharpException, thrown by HandleError in Core/Ensure.cs. Stack trace does not tell me what the parameter to that method was, but based on the code it looks like NativeMethods.giterr_last() is null at exception time.

[mrdow]

I believe I'm seeing the same issue when using DefaultCredentials. UsernamePasswordCredentials work. I was hoping to see a resolution from https://github.com/libgit2/libgit2/pull/4453 but no luck.

Here's the stack trace:

LibGit2Sharp.LibGit2SharpException: No error message has been provided by the native library at LibGit2Sharp.Core.Ensure.HandleError(Int32 result) at LibGit2Sharp.Core.Proxy.git_remote_fetch(RemoteHandle remote, IEnumerable1 refSpecs, GitFetchOptions fetchOptions, String logMessage) at LibGit2Sharp.Commands.Fetch(Repository repository, String remote, IEnumerable1 refspecs, FetchOptions options, String logMessage) at LibGit2Sharp.Commands.Pull(Repository repository, Signature merger, PullOptions options) at GitIntegrationTest.Program.TestNative(String repoPath) in C:\Users\dowal\Documents\Visual Studio 2017\Projects\GitIntegrationTest\GitIntegrationTest\Program.cs:line 41 at GitIntegrationTest.Program.Main(String[] args) in C:\Users\dowal\Documents\Visual Studio 2017\Projects\GitIntegrationTest\GitIntegrationTest\Program.cs:line 15

I also got a packet capture in Wireshark but not sure how to post it on here.

[rohitisinhk]

Is there any update on this ticket? I can reproduce the issue as @mrdow pointed

[PatrickGrub]

@rohitisinhk how did you solve it?

[SeppPenner]

This issue still occurs when using personal access tokens on Github...