AzureDevOpsGitRepo錯誤-RPC失敗；curl56失敗

我有一個帶有幾個 Git 存盤庫的 Azure DevOps 專案。當我git clone從“壞”存盤庫上的命令提示符執行操作時，我收到以下錯誤訊息：

Cloning into 'myBadRepo'...
remote: Azure Repos
remote: Found 176 objects to send. (0 ms)
error: RPC failed; curl 56 Failure when receiving data from the peer
Receiving objects: 100% (176/176), 10.22 MiB | 25.46 MiB/s, done.
Resolving deltas: 100% (48/48), done.

搜索谷歌curl 56 Failure大多說這是防火墻或代理的問題。我在公司網路上，使用 Cisco AnyConnect 作為 VPN，但關閉它沒有任何區別。我的機器也在使用 zScaler 進行“Internet Security”，我知道這會弄亂證書??，但我無法禁用它。但我懷疑防火墻、代理或證書是主要問題，因為我可以從同一個 Azure DevOps 組織和專案成功克隆不同的 Git 存盤庫：

Cloning into 'myWorkingRepo'...
remote: Azure Repos
remote: Found 107 objects to send. (3 ms)
Receiving objects: 100% (107/107), 859.57 KiB | 29.64 MiB/s, done.
Resolving deltas: 100% (35/35), done.

我嘗試按照 https://stackoverflow.com/a/66207817/11057678 的建議進行“淺克隆”，并按照 https://stackoverflow.com/a/68097529/11057678 的建議增加http.postBuffer但兩者都沒有有什么不同。

按照https://confluence.atlassian.com/stashkb/git-clone-fails-error-rpc-failed-result-56-http-code-200-693897332.html的建議，我打開了詳細模式和跟蹤

set GIT_TRACE_PACKET=1
set GIT_TRACE=1
set GIT_CURL_VERBOSE=1

我可以看到兩個日志都有重復的警告Info: schannel: failed to decrypt data, need more data，但“作業”回購成功克隆，而“壞”回購有更多這些警告，并且在最后一組 647（！）failed to decrypt訊息之后顯示一個關閉的連接，然后 curl 56 失敗：

Info: schannel: server closed abruptly (missing close_notify)
Info: Closing connection 0
channel: shutting down SSL/TLS connection with dev.azure.com port 443
error: RPC failed; curl 56 Failure when receiving data from the peer

下面是“壞”日志的摘錄（完整的日志太長，無法發布）。兩個日志都包含相同的與授權相關的警告和錯誤，但這并不能阻止克隆“好”存盤庫。特別是一個錯誤是 URL 編碼的

The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource

這個用戶 aaaaaaa 來自哪里？我懷疑如果我可以配置 Git 和/或 Azure DevOps 存盤庫以消除這些與授權相關的警告和錯誤，我的“壞”存盤庫問題將得到解決。希望有人可以看看他們并給我一些建議或指導，謝謝！

“壞”回購日志摘錄：

git clone https://[email protected]/myOrganization/myDevOpsProject/_git/myBadRepo

05:13:49.157466 exec-cmd.c:237          trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
05:13:49.158466 git.c:459               trace: built-in: git clone https://[email protected]/myOrganization/myDevOpsProject/_git/myBadRepo
Cloning into 'myBadRepo'...
05:13:49.180609 run-command.c:654       trace: run_command: git remote-https origin https://[email protected]/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.194684 exec-cmd.c:237          trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.195683 git.c:748               trace: exec: git-remote-https origin https://[email protected]/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.196685 run-command.c:654       trace: run_command: git-remote-https origin https://[email protected]/myOrganization/myDevOpsProject/_git/myBadRepo
05:13:49.212111 exec-cmd.c:237          trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
05:13:49.220376 http.c:689              == Info: Couldn't find host dev.azure.com in the (nil) file; using defaults
05:13:49.225816 http.c:689              == Info:   Trying 13.107.42.20:443...
05:13:49.244824 http.c:689              == Info: Connected to dev.azure.com (13.107.42.20) port 443 (#0)
05:13:49.245003 http.c:689              == Info: schannel: disabled automatic use of client certificate
05:13:49.313976 http.c:636              => Send header, 0000000240 bytes (0x000000f0)
05:13:49.313976 http.c:648              => Send header: GET /myOrganization/myDevOpsProject/_git/myBadRepo/info/refs?service=git-upload-pack HTTP/1.1
05:13:49.313976 http.c:648              => Send header: Host: dev.azure.com
05:13:49.313976 http.c:648              => Send header: User-Agent: git/2.36.0.windows.1
05:13:49.313976 http.c:648              => Send header: Accept: */*
05:13:49.313976 http.c:648              => Send header: Accept-Encoding: deflate, gzip, br, zstd
05:13:49.313976 http.c:648              => Send header: Pragma: no-cache
05:13:49.313976 http.c:648              => Send header: Git-Protocol: version=2
05:13:49.313976 http.c:648              => Send header:
05:13:49.571301 http.c:689              == Info: schannel: failed to decrypt data, need more data
... 8 lines removed ...
05:13:49.672466 http.c:689              == Info: schannel: failed to decrypt data, need more data
05:13:49.672466 http.c:689              == Info: Mark bundle as not supporting multiuse
05:13:49.672466 http.c:636              <= Recv header, 0000000027 bytes (0x0000001b)
05:13:49.672466 http.c:648              <= Recv header: HTTP/1.1 401 Unauthorized
[....]
05:13:49.672466 http.c:648              <= Recv header: WWW-Authenticate: Bearer authorization_uri=https://login.microsoftonline.com/cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636              <= Recv header, 0000000071 bytes (0x00000047)
05:13:49.672466 http.c:648              <= Recv header: WWW-Authenticate: Basic realm="https://tfsprodcus6.visualstudio.com/"
05:13:49.672466 http.c:636              <= Recv header, 0000000033 bytes (0x00000021)
[...]
05:13:49.672466 http.c:648              <= Recv header: X-FRAME-OPTIONS: SAMEORIGIN
05:13:49.672466 http.c:636              <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648              <= Recv header: X-TFS-FedAuthRealm: https://tfsprodcus6.visualstudio.com/
05:13:49.672466 http.c:636              <= Recv header, 0000000059 bytes (0x0000003b)
05:13:49.672466 http.c:648              <= Recv header: X-TFS-FedAuthIssuer: https://dev.azure.com/myOrganization/
05:13:49.672466 http.c:636              <= Recv header, 0000000073 bytes (0x00000049)
05:13:49.672466 http.c:648              <= Recv header: X-VSS-AuthorizationEndpoint: https://vssps.dev.azure.com/myOrganization/
05:13:49.672466 http.c:636              <= Recv header, 0000000060 bytes (0x0000003c)
05:13:49.672466 http.c:648              <= Recv header: X-VSS-ResourceTenant: cc808ba9-3e5f-4f13-a70b-5b65bf454995
05:13:49.672466 http.c:636              <= Recv header, 0000000710 bytes (0x000002c6)
05:13:49.672466 http.c:648              <= Recv header: X-TFS-SoapException: <?xml version="1.0" encoding="utf-8"?>soap:ReceiverUnauthorizedRequestExceptionTF400813: The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource.
05:13:49.673499 http.c:636              <= Recv header, 0000000148 bytes (0x00000094)
05:13:49.673499 http.c:648              <= Recv header: X-TFS-ServiceError: TF400813: The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource.
05:13:49.673499 http.c:636              <= Recv header, 0000000079 bytes (0x0000004f)
05:13:49.673499 http.c:648              <= Recv header: X-VSS-S2STargetService: 00000002-0000-8888-8000-000000000000/visualstudio.com
05:13:49.673499 http.c:636              <= Recv header, 0000000540 bytes (0x0000021c)
05:13:49.673499 http.c:648              <= Recv header: X-TFS-FedAuthRedirect: https://spsprodcus4.vssps.visualstudio.com/_signin?realm=dev.azure.com&reply_to=https://dev.azure.com/myOrganization/myDevOpsProject/_git/myBadRepo/info/refs?service=git-upload-pack&redirect=1&hid=73b36635-d080-433b-9d64-87b14cd2b062&context=eyJodCI6MiwiaGlkIjoiOWE0OWZlYjMtY2FkYS00YWRmLWFkMjItZWZiZWViYWY0NDdhIiwicXMiOnt9LCJyciI6IiIsInZoIjoiIiwiY3YiOiIiLCJjcyI6IiJ90#ctx=eyJTaWduSW5Db29raWVEb21haW5zIjpbImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSIsImh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbSJdfQ2

uj5u.com熱心網友回復：

這絕對是 Zscaler 的問題。我遇到了完全相同的問題（回購越大，出現卷曲錯誤的可能性就越高，但并非總是如此）并在這個答案中找到了解釋

唯一的解決方案是使用 Zscaler 證書。

uj5u.com熱心網友回復：

這個用戶aaaaaaa來自哪里？

它是（如圖所示Azure/azure-devops-cli-extension）_ANONYMOUS_USER_ID。

該錯誤訊息僅意味著匿名用戶無法訪問此存盤庫（這是預期的）。

由于即使是淺克隆也不起作用，我會進行測驗：

• 執行Azure 管道以查看同步源（即克隆/拉取）步驟是否在那里作業
• 或者在類似的管道中，獲取一個git archive（HEAD 提交內容作為 zip），以便創建一個新的 Azure Devops 存盤庫并嘗試將該內容推送到它：這將驗證該內容中的某些內容是否有問題。以此為例。

uj5u.com熱心網友回復：

根據@Phillipe 的建議和鏈接，將 zScaler 證書添加到我的 Git 配置中解決了我的問題。通讀帖子后，我采取的確切步驟是：

• 從 Windows 狀態選單，運行“管理計算機證書”控制面板應用程式
• 轉到受信任的根證書頒發機構 -> 證書 -> Zscaler 根 CA，右鍵單擊證書以打開它
• 在詳細資訊選項卡上，單擊“復制到檔案”
• 證書匯出向導將打開，單擊下一步
• 選擇“Base-64 編碼的 X.509 (.cer)”并單擊下一步
• 將檔案另存為“C:\Users<username>\AppData\Roaming\ZscalerRootCA.cer”，點擊完成，退出控制面板應用
• 通過運行以下命令，打開命令提示符并配置 Git 以使用證書：

- git config --global http.sslbackend openssl
- git config --global http.sslcainfo C:\Users\<username>\AppData\Roaming\ZscalerRootCA.cer

謝謝！

標籤：混帐 卷曲 天蓝色的devops

上一篇：使用Python或Curl下載json檔案不起作用

下一篇：如何使用CMD在檔案夾中創建子檔案夾并移動其中創建的每10個檔案？