git https transport and wrong password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have a problem with git (1.7.9 and 1.8.2.357.gcc3e4eb) and https transport
to gerrit server (2.5.1-3-g719dfc7). I'm producing the problem on Cygwin but my
colleagues have same issue on Linux as well.

Gerrit server is matching corporate policies with single sign on, so after
three failed login attempts the account gets locked until a password reset.

Git amplifies this problem by asking for users password only once, and if
user made a typo git is still re-using the wrong password enough times to
get an account immediately locked.

I have client side logs with GIT_CURL_VERBOSE=1 but from intranet so can't
publish them directly. Here's roughly what the log shows:

---------------------------------------------------------------

$ GIT_CURL_VERBOSE=1 git fetch
...
> GET /gerrit/.../info/refs?service=git-upload-pack HTTP/1.1
...
< HTTP/1.1 401 Authorization Required
...

---------- I guess git prompts for password here. --------------

* Issue another request to this URL: 'https://..info/refs?service=git-upload-pack'
...
* Re-using existing connection! ...
...
* Server auth using Basic with user '...'
> GET /gerrit/.../info/refs?service=git-upload-pack HTTP/1.1
Authorization: Basic ...
...
< HTTP/1.1 401 Authorization Required
< Date: ...
* Authentication problem. Ignoring this.
...
* The requested URL returned error: 401
* Closing connection 0
...
* About to connect() to ...
...
* Connected to ...
...
* STATE: PROTOCONNECT => DO handle...
* Server auth using Basic with user '...'
> GET /gerrit/.../info/refs?service=git-upload-pack HTTP/1.1
Authorization: Basic ...
...
* STATE: DO => DO_DONE handle...
* STATE: DO_DONE => WAITPERFORM handle...
* STATE: WAITPERFORM => PERFORM handle...
...
< HTTP/1.1 302 Found
...
< Location: ...funnylongurl
...
* Ignoring the response-body
* Connection #1 to host ... left intact
* Issue another request to this URL: '...funnylongurl'
...
* Server auth using Basic with user '...'
> GET ...funnylongurl
Authorization: Basic ...
...
* The requested URL returned error: 500 Internal Server Error
* Closing connection 1
...
* About to connect()...
...
* Server auth using Basic with user '...'
> GET /gerrit/.../info/refs HTTP/1.1
Authorization: Basic ...
...
< HTTP/1.1 302 Found
< Date...
< Set-Cookie...
< Cache-Control: no-store
< Location: ...funnylongurl
...
* Re-using existing connection! (#2)...
> GET ...funnylongurl
...
* The requested URL returned error: 500 Internal Server Error
* Closing connection 2
...
error: The requested URL returned error: 500 Internal Server Error while accessing ...
fatal: HTTP request failed

---------------------------------------------------------------

Any idea what could be wrong here? Is git client really retrying with the
bad password?

Regards,

-Mikko
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]