microsoft / Git-Credential-Manager-for-Windows

Secure Git credential storage for Windows with support for Visual Studio Team Services, GitHub, and Bitbucket multi-factor authentication.
Other
2.87k stars 590 forks source link

[GeneratePersonalAccessToken] ! an error occurred: A task was canceled. #637

Closed NinoCapo closed 6 years ago

NinoCapo commented 6 years ago

I recently noticed that I cannot create a new connection to VSTS from my git command line. I get the generic "Logon failed, use ctrl+c..." message. I'm not positive but I believe my recent update to Visual Studio 15.7.1 may have started the problem. I also tried cloning the repo from my Visual Studio Team Explorer and I again receive the generic "Error encountered while cloning the remote repository: Git failed with a fatal error."

I was able to use the "Connect to a project" functionality in Visual Studio without a problem.

I was also installed Git for Windows on a PC in our lab and was able to successfully clone an existing repo in VSTS with my same credentials.

I followed the recommendation in another issue and turned on both GIT_TRACE and GCM_TRACE logging. I tried cloning an existing repo in VSTS and this is content of the git.log file.

14:49:53.551200 git.c:344 trace: built-in: git clone 'https://shared-cat-com.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts' 14:49:53.764200 run-command.c:640 trace: run_command: git remote-https origin 'https://shared-cat-com.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts' 14:49:53.875200 git.c:576 trace: exec: git-remote-https origin 'https://shared-cat-com.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts' 14:49:53.885200 run-command.c:640 trace: run_command: git-remote-https origin 'https://shared-cat-com.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts' 14:49:54.410200 run-command.c:640 trace: run_command: 'git credential-manager get' 14:49:54.893200 git.c:576 trace: exec: git-credential-manager get 14:49:54.903200 run-command.c:640 trace: run_command: git-credential-manager get 14:49:55.095200 ...\Common.cs:636 trace: [Main] git-credential-manager (v1.15.2) 'get' 14:49:55.156200 ...\Where.cs:236 trace: [FindGitInstallations] found 1 Git installation(s). 14:49:55.246200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries. 14:49:55.246200 ...\Where.cs:236 trace: [FindGitInstallations] found 1 Git installation(s). 14:49:55.256200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries. 14:49:55.278200 ...\Common.cs:80 trace: [CreateAuthentication] detecting authority type for 'https://shared-cat-com.visualstudio.com/'. 14:49:55.288200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://shared-cat-com.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA. 14:49:55.298200 ...uthentication.cs:283 trace: [GetAuthentication] AAD authority for tenant 'ceb177bf-013b-49ab-8a9c-4abce32afc1e' detected. 14:49:55.419200 ...\Common.cs:124 trace: [CreateAuthentication] authority for 'https://shared-cat-com.visualstudio.com/' is Azure Directory. 14:49:55.419200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://shared-cat-com.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA. 14:49:56.405200 ...zureAuthority.cs:156 trace: [NoninteractiveAcquireToken] token acquisition for authority host URL = 'https://login.microsoftonline.com/ceb177bf-013b-49ab-8a9c-4abce32afc1e' succeeded. 14:49:56.405200 ...uthentication.cs:164 trace: [NoninteractiveLogon] token acquisition for 'https://shared-cat-com.visualstudio.com/' succeeded 14:49:56.415200 ...zureAuthority.cs:332 trace: [GetConnectionDataRequest] validating ADAL access token for 'https://shared-cat-com.visualstudio.com/'. 14:49:56.415200 ...zureAuthority.cs:124 trace: [PopulateTokenTargetId] access token end-point is 'GET' 'https://shared-cat-com.visualstudio.com/_apis/connectiondata'. 14:49:56.660200 ...zureAuthority.cs:148 trace: [PopulateTokenTargetId] target identity is 6f90d379-4629-4a11-8861-ac664951cded. 14:50:11.685200 ...zureAuthority.cs:103 trace: [GeneratePersonalAccessToken] ! an error occurred: A task was canceled. 14:50:11.685200 ...zureAuthority.cs:106 trace: [GeneratePersonalAccessToken] personal access token acquisition for 'https://shared-cat-com.visualstudio.com/' failed. 14:50:44.320200 ...zureAuthority.cs:110 trace: [InteractiveAcquireToken] authority host URL = 'https://login.microsoftonline.com/ceb177bf-013b-49ab-8a9c-4abce32afc1e', token acquisition succeeded. 14:50:44.320200 ...Authentication.cs:95 trace: [InteractiveLogon] token acquisition for 'https://shared-cat-com.visualstudio.com/' succeeded. 14:50:44.320200 ...zureAuthority.cs:332 trace: [GetConnectionDataRequest] validating ADAL access token for 'https://shared-cat-com.visualstudio.com/'. 14:50:44.320200 ...zureAuthority.cs:124 trace: [PopulateTokenTargetId] access token end-point is 'GET' 'https://shared-cat-com.visualstudio.com/_apis/connectiondata'. 14:50:44.400200 ...zureAuthority.cs:148 trace: [PopulateTokenTargetId] target identity is 6f90d379-4629-4a11-8861-ac664951cded. 14:50:59.402200 ...zureAuthority.cs:103 trace: [GeneratePersonalAccessToken] ! an error occurred: A task was canceled. 14:50:59.402200 ...zureAuthority.cs:106 trace: [GeneratePersonalAccessToken] personal access token acquisition for 'https://shared-cat-com.visualstudio.com/' failed. 14:50:59.402200 ...\Common.cs:718 trace: [QueryCredentials] credentials for 'https://shared-cat-com.visualstudio.com/' not found. 14:50:59.402200 ...\Common.cs:601 trace: [LogEvent] Failed to retrieve Azure Directory credentials for 'https://shared-cat-com.visualstudio.com/'. 14:50:59.402200 ...\Program.cs:330 trace: [Get] Logon failed, use ctrl+c to cancel basic credential prompt. 14:50:59.492200 run-command.c:640 trace: run_command: bash -c 'test "a$SHELL" '!'= "a${SHELL%.exe}" || exit 127; cat >/dev/tty && read -r line </dev/tty && echo "$line"' 14:51:02.642200 run-command.c:640 trace: run_command: bash -c 'test "a$SHELL" '!'= "a${SHELL%.exe}" || exit 127; cat >/dev/tty && read -r -s line </dev/tty && echo "$line" && echo >/dev/tty' 14:51:03.692200 run-command.c:640 trace: run_command: 'git credential-manager erase' 14:51:04.202200 git.c:576 trace: exec: git-credential-manager erase 14:51:04.212200 run-command.c:640 trace: run_command: git-credential-manager erase 14:51:04.404200 ...\Common.cs:636 trace: [Main] git-credential-manager (v1.15.2) 'erase' 14:51:04.465200 ...\Where.cs:236 trace: [FindGitInstallations] found 1 Git installation(s). 14:51:04.546200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries. 14:51:04.546200 ...\Where.cs:236 trace: [FindGitInstallations] found 1 Git installation(s). 14:51:04.566200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries. 14:51:04.596200 ...\Common.cs:80 trace: [CreateAuthentication] detecting authority type for 'https://shared-cat-com.visualstudio.com/'. 14:51:04.616200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://shared-cat-com.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA. 14:51:04.616200 ...uthentication.cs:283 trace: [GetAuthentication] AAD authority for tenant 'ceb177bf-013b-49ab-8a9c-4abce32afc1e' detected. 14:51:04.737200 ...\Common.cs:124 trace: [CreateAuthentication] authority for 'https://shared-cat-com.visualstudio.com/' is Azure Directory. 14:51:04.737200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://shared-cat-com.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA. 14:51:04.737200 ...\Common.cs:207 trace: [DeleteCredentials] deleting VSTS credentials for 'https://shared-cat-com.visualstudio.com/'. 14:51:04.768200 ...\Program.cs:492 trace: [Run] System.ArgumentNullException: Value cannot be null. Parameter name: credentials at Microsoft.Alm.Authentication.BaseSecureStore.ValidateCredential(Credential credentials) at Microsoft.Alm.Authentication.VstsAzureAuthority.d3.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Alm.Authentication.BaseVstsAuthentication.d35.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Alm.Authentication.BaseVstsAuthentication.<>cDisplayClass31_0.<b0>d.MoveNext() 14:51:04.768200 ...\Common.cs:601 trace: [LogEvent] System.ArgumentNullException: Value cannot be null. Parameter name: credentials at Microsoft.Alm.Authentication.BaseSecureStore.ValidateCredential(Credential credentials) at Microsoft.Alm.Authentication.VstsAzureAuthority.d3.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Alm.Authentication.BaseVstsAuthentication.d35.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Alm.Authentication.BaseVstsAuthentication.<>cDisplayClass31_0.<b0>d.MoveNext() 14:51:04.768200 ...\Program.cs:492 trace: [Run] fatal: ArgumentNullException encountered. Value cannot be null. Parameter name: credentials

My PC is currently on a 64bit version of Windows 7 and I'm using Git for Windows version 2.17.0.windows.1.

Here are my current git config settings:

core.symlinks=false core.autocrlf=false core.fscache=true color.diff=auto color.status=auto color.branch=auto color.interactive=true help.format=html http.sslcainfo=C:/Program Files (x86)/Git/mingw32/ssl/certs/ca-bundle.crt sendemail.smtpserver=/bin/msmtp.exe diff.astextplain.textconv=astextplain rebase.autosquash=true http.sslbackend=schannel diff.astextplain.textconv=astextplain credential.helper=manager http.https://*.visualstudio.com.proxy=http://proxy.mycompany.com:80 https.https://*.visualstudio.com.proxy=http://proxy.mycompany.com:80

I have no idea what to try next.

whoisj commented 6 years ago

@NinoCapo thanks for the report. I'll try and parse these logs. Next time, I recommend using a tool like Notepad++ to open files which use \n instead of \r\n as line-endings.

I'll update this thread once I've managed to actually read the logs 😏

NinoCapo commented 6 years ago

My apologies... I was trying to add it as a code snippet and it was changing the line endings. I edited my original post.

whoisj commented 6 years ago

No problem, I've also gone ahead and formatted the log file:

 14.49.53.761200 git.c:344               trace: built-in: git clone 'https://myaccount.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts'
 14:49:53.764200 run-command.c:640       trace: run_command: git remote-https origin 'https://myaccount.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts'
 14:49:53.875200 git.c:576               trace: exec: git-remote-https origin 'https://myaccount.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts'
 14:49:53.885200 run-command.c:640       trace: run_command: git-remote-https origin 'https://myaccount.visualstudio.com/COE%20Shared/_git/Tool%20Automation%20Scripts'
 14:49:54.410200 run-command.c:640       trace: run_command: 'git credential-manager get'
 14:49:54.893200 git.c:576               trace: exec: git-credential-manager get
 14:49:54.903200 run-command.c:640       trace: run_command: git-credential-manager get
 14:49:55.095200 ...\Common.cs:636       trace: [Main] git-credential-manager (v1.15.2) 'get'
 14:49:55.156200 ...\Where.cs:236        trace: [FindGitInstallations] found 1 Git installation(s).
 14:49:55.246200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries.
 14:49:55.246200 ...\Where.cs:236        trace: [FindGitInstallations] found 1 Git installation(s).
 14:49:55.256200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries.
 14:49:55.278200 ...\Common.cs:80        trace: [CreateAuthentication] detecting authority type for 'https://myaccount.visualstudio.com/'.
 14:49:55.288200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://myaccount.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA.
 14:49:55.298200 ...uthentication.cs:283 trace: [GetAuthentication] AAD authority for tenant 'ceb177bf-013b-49ab-8a9c-4abce32afc1e' detected.
 14:49:55.419200 ...\Common.cs:124       trace: [CreateAuthentication] authority for 'https://myaccount.visualstudio.com/' is Azure Directory.
 14:49:55.419200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://myaccount.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA.
 14:49:56.405200 ...zureAuthority.cs:156 trace: [NoninteractiveAcquireToken] token acquisition for authority host URL = 'https://login.microsoftonline.com/ceb177bf-013b-49ab-8a9c-4abce32afc1e' succeeded.
 14:49:56.405200 ...uthentication.cs:164 trace: [NoninteractiveLogon] token acquisition for 'https://myaccount.visualstudio.com/' succeeded
 14:49:56.415200 ...zureAuthority.cs:332 trace: [GetConnectionDataRequest] validating ADAL access token for 'https://myaccount.visualstudio.com/'.
 14:49:56.415200 ...zureAuthority.cs:124 trace: [PopulateTokenTargetId] access token end-point is 'GET' 'https://myaccount.visualstudio.com/_apis/connectiondata'.
 14:49:56.660200 ...zureAuthority.cs:148 trace: [PopulateTokenTargetId] target identity is 6f90d379-4629-4a11-8861-ac664951cded.
 14:50:11.685200 ...zureAuthority.cs:103 trace: [GeneratePersonalAccessToken] ! an error occurred: A task was canceled.
 14:50:11.685200 ...zureAuthority.cs:106 trace: [GeneratePersonalAccessToken] personal access token acquisition for 'https://myaccount.visualstudio.com/' failed.
 14:50:44.320200 ...zureAuthority.cs:110 trace: [InteractiveAcquireToken] authority host URL = 'https://login.microsoftonline.com/ceb177bf-013b-49ab-8a9c-4abce32afc1e', token acquisition succeeded.
 14:50:44.320200 ...Authentication.cs:95 trace: [InteractiveLogon] token acquisition for 'https://myaccount.visualstudio.com/' succeeded.
 14:50:44.320200 ...zureAuthority.cs:332 trace: [GetConnectionDataRequest] validating ADAL access token for 'https://myaccount.visualstudio.com/'.
 14:50:44.320200 ...zureAuthority.cs:124 trace: [PopulateTokenTargetId] access token end-point is 'GET' 'https://myaccount.visualstudio.com/_apis/connectiondata'.
 14:50:44.400200 ...zureAuthority.cs:148 trace: [PopulateTokenTargetId] target identity is 6f90d379-4629-4a11-8861-ac664951cded.
 14:50:59.402200 ...zureAuthority.cs:103 trace: [GeneratePersonalAccessToken] ! an error occurred: A task was canceled.
 14:50:59.402200 ...zureAuthority.cs:106 trace: [GeneratePersonalAccessToken] personal access token acquisition for 'https://myaccount.visualstudio.com/' failed.
 14:50:59.402200 ...\Common.cs:718       trace: [QueryCredentials] credentials for 'https://myaccount.visualstudio.com/' not found.
 14:50:59.402200 ...\Common.cs:601       trace: [LogEvent] Failed to retrieve Azure Directory credentials for 'https://myaccount.visualstudio.com/'.
 14:50:59.402200 ...\Program.cs:330      trace: [Get] Logon failed, use ctrl+c to cancel basic credential prompt.
 14:50:59.492200 run-command.c:640       trace: run_command: bash -c 'test "a$SHELL" '\!'= "a${SHELL%.exe}" || exit 127; cat >/dev/tty && read -r line </dev/tty && echo "$line"'
 14:51:02.642200 run-command.c:640       trace: run_command: bash -c 'test "a$SHELL" '\!'= "a${SHELL%.exe}" || exit 127; cat >/dev/tty && read -r -s line </dev/tty && echo "$line" && echo >/dev/tty'
 14:51:03.692200 run-command.c:640       trace: run_command: 'git credential-manager erase'
 14:51:04.202200 git.c:576               trace: exec: git-credential-manager erase
 14:51:04.212200 run-command.c:640       trace: run_command: git-credential-manager erase
 14:51:04.404200 ...\Common.cs:636       trace: [Main] git-credential-manager (v1.15.2) 'erase'
 14:51:04.465200 ...\Where.cs:236        trace: [FindGitInstallations] found 1 Git installation(s).
 14:51:04.546200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries.
 14:51:04.546200 ...\Where.cs:236        trace: [FindGitInstallations] found 1 Git installation(s).
 14:51:04.566200 ...Configuration.cs:218 trace: [LoadGitConfiguration] git All config read, 17 entries.
 14:51:04.596200 ...\Common.cs:80        trace: [CreateAuthentication] detecting authority type for 'https://myaccount.visualstudio.com/'.
 14:51:04.616200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://myaccount.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA.
 14:51:04.616200 ...uthentication.cs:283 trace: [GetAuthentication] AAD authority for tenant 'ceb177bf-013b-49ab-8a9c-4abce32afc1e' detected.
 14:51:04.737200 ...\Common.cs:124       trace: [CreateAuthentication] authority for 'https://myaccount.visualstudio.com/' is Azure Directory.
 14:51:04.737200 ...uthentication.cs:163 trace: [DetectAuthority] 'https://myaccount.visualstudio.com/' is subdomain of 'visualstudio.com', checking AAD vs MSA.
 14:51:04.737200 ...\Common.cs:207       trace: [DeleteCredentials] deleting VSTS credentials for 'https://myaccount.visualstudio.com/'.
 14:51:04.768200 ...\Program.cs:492      trace: [Run] System.ArgumentNullException: Value cannot be null. Parameter name: credentials
                                                at Microsoft.Alm.Authentication.BaseSecureStore.ValidateCredential(Credential credentials)
                                                at Microsoft.Alm.Authentication.VstsAzureAuthority.<ValidateCredentials>d__3.MoveNext()
                                                --- End of stack trace from previous location where exception was thrown ---
                                                at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
                                                at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
                                                at Microsoft.Alm.Authentication.BaseVstsAuthentication.<ValidateCredentials>d__35.MoveNext()
                                                --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
                                                at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
                                                at Microsoft.Alm.Authentication.BaseVstsAuthentication.<>c__DisplayClass31_0.<<DeleteCredentials>b__0>d.MoveNext()
 14:51:04.768200 ...\Common.cs:601       trace: [LogEvent] System.ArgumentNullException: Value cannot be null. Parameter name: credentials
                                                at Microsoft.Alm.Authentication.BaseSecureStore.ValidateCredential(Credential credentials)
                                                at Microsoft.Alm.Authentication.VstsAzureAuthority.<ValidateCredentials>d__3.MoveNext()
                                                --- End of stack trace from previous location where exception was thrown ---
                                                at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
                                                at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
                                                at Microsoft.Alm.Authentication.BaseVstsAuthentication.<ValidateCredentials>d__35.MoveNext()
                                                --- End of stack trace from previous location where exception was thrown ---
                                                at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
                                                at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
                                                at Microsoft.Alm.Authentication.BaseVstsAuthentication.<>c__DisplayClass31_0.<<DeleteCredentials>b__0>d.MoveNext()
 14:51:04.768200 ...\Program.cs:492 trace: [Run] fatal: ArgumentNullException encountered. Value cannot be null. Parameter name: credentials

Looks like the initial issue is this line:

14:50:59.402200 ...zureAuthority.cs:103 trace: [GeneratePersonalAccessToken] ! an error occurred: A task was canceled.

Any chance you're manually closing the logon window? That would cause something like this to happen.

whoisj commented 6 years ago

Actually, given the proxy issues in previous releases: @NinoCapo can you download, install, and try v1.16.0 Preview 3. Let's see if the restructured networking code doesn't handle things a little better for you.

NinoCapo commented 6 years ago

The logon seems pretty normal... The GCM window pops up with the Microsoft login. I use my work email address and it redirects to our company login portal and then just closes as usual.

I did see something like this once before, but that was because I forgot to include "http://" in my proxy value. I'll give v1.16.0 a try.

whoisj commented 6 years ago

Oh and @NinoCapo are you using Git for Windows new-ish Secure Channel option? If not, I highly recommend it - especially since you're using a HTTP proxy in your setup.

NinoCapo commented 6 years ago

Looks the v1.16.0 Preview 3 fixed my issue. We've been encouraging our devs to switch to SChannel for a while now. Think the experience has been much better since you added it. Thanks again for the quick support.

NinoCapo commented 6 years ago

@whoisj I tried installing Git for Windows 2.17.1 today, having forgotten that I'm using GCM v1.16.0 Preview 3. I'm getting what I consider a strange error "schannel: failed to open CA file 'C:/Program Files (x86)/Git/mingw32/ssl/certs/ca-bundle.crt': No such process" The most puzzling piece is that I installed the 64bit version in "C:/Program Files/Git" but it keeps looking for the files in the X86 folder.

The git logs looks like they're looking in the right place, but doesn't seem to include the error at all.

13:29:18.165595 exec_cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin 13:29:18.170595 git.c:344 trace: built-in: git version 13:29:21.473227 exec_cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin 13:29:21.478228 git.c:344 trace: built-in: git help -a 13:30:30.784009 exec_cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin 13:30:30.784009 git.c:344 trace: built-in: git clone https://mysite.visualstudio.com/NinoTest/_git/NinoTest 13:30:31.066521 run-command.c:640 trace: run_command: git remote-https origin https://mysite.visualstudio.com/NinoTest/_git/NinoTest 13:30:31.146524 exec_cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core 13:30:31.156524 git.c:576 trace: exec: git-remote-https origin https://mysite.visualstudio.com/NinoTest/_git/NinoTest 13:30:31.156524 run-command.c:640 trace: run_command: git-remote-https origin https://mysite.visualstudio.com/NinoTest/_git/NinoTest 13:30:31.226527 exec_cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core

whoisj commented 6 years ago

@NinoCapo starting with Git for Windows v2.17.x the libcurl SChannel support will consume any registered ca-bundle.crt files. Unfortunately, it is unable to handle CLRF line-endings. Additionally, it's especially sensitive to expired or invalid certificates.

Do you have a ca-bundle.crt file specified in your Git config? (you can check my running git config --list --show-origin from your console.)

If you do, then decide if you need it or not:

NinoCapo commented 6 years ago

@whoisj Think I may have found my root cause but I don't know how to fix it.

If I run "git config --system --list" my output is: C:\temp> git config --system --list http.sslbackend=schannel diff.astextplain.textconv=astextplain filter.lfs.clean=git-lfs clean -- %f filter.lfs.smudge=git-lfs smudge -- %f filter.lfs.process=git-lfs filter-process filter.lfs.required=true credential.helper=manager

If I run "git config --global --list" my output is: C:\temp> git config --global --list merge.tool=kdiff3 mergetool.kdiff3.path=C:/Program Files/KDiff3/kdiff3.exe diff.guitool=kdiff3 difftool.kdiff3.path=C:/Program Files/KDiff3/kdiff3.exe core.autocrlf=False user.name=xxx user.email=xxx push.default=simple http.https://*.visualstudio.com.proxy=http://proxy.com:80 https.https://*.visualstudio.com.proxy=http://proxy.com:80

BUT, If if run "git config --list" I get: C:\temp> git config --list core.symlinks=false core.autocrlf=false core.fscache=true color.diff=auto color.status=auto color.branch=auto color.interactive=true help.format=html ### http.sslcainfo=C:/Program Files (x86)/Git/mingw32/ssl/certs/ca-bundle.crt sendemail.smtpserver=/bin/msmtp.exe diff.astextplain.textconv=astextplain rebase.autosquash=true http.sslbackend=schannel diff.astextplain.textconv=astextplain filter.lfs.clean=git-lfs clean -- %f filter.lfs.smudge=git-lfs smudge -- %f filter.lfs.process=git-lfs filter-process filter.lfs.required=true credential.helper=manager merge.tool=kdiff3 mergetool.kdiff3.path=C:/Program Files/KDiff3/kdiff3.exe diff.guitool=kdiff3 difftool.kdiff3.path=C:/Program Files/KDiff3/kdiff3.exe core.autocrlf=False user.name=xxx user.email=xxx push.default=simple http.https://*.visualstudio.com.proxy=http://proxy.com:80 https.https://*.visualstudio.com.proxy=http://proxy.com:80

I have no freaking idea what is setting http.sslcainfo! I tried unsetting it with --system and --global with no luck and if I try without either I just get an error telling my that I'm not in a repo which is accurate. Any idea where else this could be set?

NinoCapo commented 6 years ago

@whoisj I figured it out.... I completely forgot about the config file in C:/ProgramData/Git. I guess I just don't understand why 2.17.0 ignored the setting. Anyway, I'm sorry for wasting your time.

whoisj commented 6 years ago

@NinoCapo well, things were improved in v2.17.1 - and there's a chance that the work @dscho did to minimize the impact of CRLF line-endings after the libcurl update got lost in the patch-juggling-song-and-dance being the maintainer of Git for Windows can be. :neckbeard:

Anyways, glad to hear you got yourself unblocked. Btw, in the future you can use git config --list --show-origin to see all of your configuration key/value pairs with file info, so you can avoid the --local, --system, annoyance. 😁

whoisj commented 6 years ago

@NinoCapo this http.https://.visualstudio.com.proxy=http://proxy.com:80 concerns me. Does Git need this to work when you're using http.sslbackend=schannel? In theory it should not. Can you check for me? As I'm trying to understand the full effect of the libcurl Schannel implementation

Thanks!

NinoCapo commented 6 years ago

@whoisj Before late Feb, early March, this wasn't needed. Since then, we get this error from within our company network. fatal: unable to access 'https://mysite.visualstudio.com/NinoTest/_git/NinoTest/': Failed to connect to jtestdev1-cat-com.visualstudio.com port 443: Timed out

Since then, we've had to set the proxy anytime we try to reach VSTS from within the company network. This also impacted our private VSTS agents as well. When we install new private agents we have to pass the proxy settings into the config.cmd command. Our network/firewall team insisted that they didn't make any change that would have impacted this.

quick note... I guess github removes asterisks. We set the proxy for https://&ast;.visualstudio.com

whoisj commented 6 years ago

Interesting, when did you group adopt use of http.sslBackend=schannel ? Did it coincide?

Is the proxy configured in Windows, such that SChannel would pickup the proxy without needing a special Git configuration?

NinoCapo commented 6 years ago

We are a very large organization, and I can safely say that it doesn't or didn't matter whether you were using schannel or openssl.
My LAN settings are set to "Automatically detect settings" and no proxy is defined, but it's hard know for sure what corporate policies they push down to us.