3

Closed

Push package fails and keeps retrying

description

Pushing a package to a (local) server that uses Windows Authentication fails (used to work in version 2.7)

Using Fiddler it gave me the impression that nuget keeps on retrying to upload where as nuget 2.7 uploads perfectly fine and receives a 302 (found) and a 201(created) response.

These are the requests message response headers for 2.7:

GET /nuget/Test HTTP/1.0

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Fri, 31 Jan 2014 13:40:40 GMT
Connection: close
Content-Length: 1293
Proxy-Support: Session-Based-Authentication

GET /nuget/Test HTTP/1.0

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 358
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=edge
Set-Cookie: inedopg_isadmin=file_not_found; path=/
Persistent-Auth: true
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oYG2...00=
Date: Fri, 31 Jan 2014 13:40:40 GMT
Connection: close


PUT /nuget/Test/ HTTP/1.0

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Fri, 31 Jan 2014 13:40:40 GMT
Connection: close
Content-Length: 1293
Proxy-Support: Session-Based-Authentication


PUT /nuget/Test/ HTTP/1.0

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 149
Content-Type: text/html; charset=utf-8
Location: /api/v2/package/Test
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=edge
Set-Cookie: inedopg_isadmin=file_not_found; path=/
Persistent-Auth: true
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oY...6k=
Date: Fri, 31 Jan 2014 13:40:41 GMT
Connection: close


PUT /api/v2/package/Test HTTP/1.0

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Fri, 31 Jan 2014 13:40:41 GMT
Connection: close
Content-Length: 1293
Proxy-Support: Session-Based-Authentication


PUT /api/v2/package/Test HTTP/1.0

HTTP/1.1 201 Created
Cache-Control: private
Content-Length: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=edge
Persistent-Auth: true
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oY...MU=
Date: Fri, 31 Jan 2014 13:40:41 GMT
Connection: close

For nuget 2.8:

GET /nuget/Test HTTP/1.0

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Fri, 31 Jan 2014 13:53:18 GMT
Connection: close
Content-Length: 1293
Proxy-Support: Session-Based-Authentication


GET /nuget/Test HTTP/1.0

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 358
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=edge
Set-Cookie: inedopg_isadmin=file_not_found; path=/
Persistent-Auth: true
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oYG...p8=
Date: Fri, 31 Jan 2014 13:53:18 GMT
Connection: close

And then repeats these two requests over and over again.
Closed Feb 14, 2014 at 8:14 PM by danliu
verified using latest nuget.exe

comments

danliu wrote Jan 31, 2014 at 9:29 PM

Thanks for reporting this issue to us. We are aware of it and will fix it soon.

danliu wrote Feb 25, 2014 at 4:39 PM

@Erno_de_Weerd, NuGet.exe 2.8.1 beta has been published, which contains fix to this issue. Would you please give it a try at https://nuget.codeplex.com/releases/view/118318 and let us know if your issue is resolved. Thanks.

Erno_de_Weerd wrote Feb 27, 2014 at 8:10 AM

I have tested NuGet version 2.8.50224.430 and it does not work.

Nuget still responds with:

Pushing Library_Test 3.2.8.123123-alpha1 to 'http://progetsvr/nuget/TestFeed'...
Failed to process request. 'Found'.
This request requires buffering data to succeed..

Erno_de_Weerd wrote Feb 27, 2014 at 8:12 AM

Additional note: both symbol and non-symbol packages fail.

Erno_de_Weerd wrote Feb 27, 2014 at 8:19 AM

Also:

When using Fiddler suddenly nuget starts prompting for credentials, although I expected my active directory account to be implicitly used. So I cannot really check whether or not things at network level have changed.

Erno_de_Weerd wrote Feb 27, 2014 at 8:20 AM

Using Fiddler I do see the package being uploaded but failing authorization.

danliu wrote Feb 27, 2014 at 4:42 PM

@Erno_de_Weerd, would it be ok for you to describe the IIS configuration, such as authentication, authorization rules of your local NuGet Server. Also the ACL settings of the Packages folder?

or please email me this info if you prefer. Thanks.

Erno_de_Weerd wrote Feb 28, 2014 at 4:30 PM

I am using ProGet on a Windows Server 2012 r2
ProGet uses Integrated Security and the packages folder is configured with full access for the account/identity ProGet's application pool is using.

Proget is not on the default port 80 but on port 81 instead.

There is a special inbound rule in the firewall to allow Http over port 81

Extra: nuget 2.7 is working fine with this server.

I'll check IIS authorization next Monday. Let me know if you need more details and I'll see if I can give them to you.

Erno_de_Weerd wrote Mar 4, 2014 at 1:55 PM

IIS
Authentication: Windows Authentication Enabled (Http 401 Challenge), others: off.
Authorization: Allow All Users

Folder
The ApplicationPool's Identity has read and write access.

danliu wrote Mar 4, 2014 at 4:55 PM

looks like this issue is the same as https://nuget.codeplex.com/workitem/4050.

timvw wrote Mar 29, 2014 at 9:13 PM

Still broken. or broken again on 2.8.5

danliu wrote Mar 30, 2014 at 3:57 AM

timvw, which specific version of nuget.exe are you using? can you provide the full version number and let us know where you download it?

feiling wrote Apr 14, 2014 at 10:58 PM

Hi timvw, please run nuget.exe with -Verbosity detailed and paste the output here. Also, please tell us the version number of the nuget.exe you're using.

thirteen13 wrote Apr 24, 2014 at 2:11 PM

Hi,
We have the same issue here with nuget.exe 2.8.50320.36 and NuGet.Server v2.8.50320.36.
NuGet.Server is running in IIS 7.5 on Windows Server 2008 R2 and requires authentication with standard Windows account credentials.

My NuGet.config file contains among other stuff (anonymized):
  <apikeys>
    <add key="https://xx.xxx.xx/nuget" value="XYZ" />
  </apikeys>
  <config>
    <add key="DefaultPushSource" value="https://xx.xxx.xx/nuget" />
  </config>
  <packageSources>
    <add key="XXX" value="https://xx.xxx.xx/nuget/nuget" />
    <add key="nuget.org" value="https://www.nuget.org/api/v2/" />
  </packageSources>
  <packageSourceCredentials>
    <XXX>
      <add key="Username" value="abc" />
      <add key="Password" value="uvw" />
    </XXX>
  </packageSourceCredentials>
When I try to push a package, I get the following output (anonymized):
C:\DEFGH>nuget push mypackage.nupkg -Verbosity detailed
Pushing mypackage 1.2.3 to 'https://xx.xxx.xx/nuget'...
Please provide credentials for: https://xx.xxx.xx/nuget
UserName: abc
Password: ***
PUT https://xx.xxx.xx/nuget/
Please provide credentials for: https://xx.xxx.xx/nuget/
UserName: abc
Password: ***
PUT https://xx.xxx.xx/nuget/
Please provide credentials for: https://xx.xxx.xx/nuget/
UserName: abc
Password: ***
PUT https://xx.xxx.xx/nuget/
...
Nuget is repeatedly asking for credentials and the package never arrives on the server.

Looking at the network traffic with Fiddler:
  • GET /nuget (no authentication header) -> 401 Unauthorized
  • GET /nuget (with authentication header) -> 301 Moved Permanently (to /nuget/)
  • GET /nuget/ (no authentication header) -> 401 Unauthorized
  • GET /nuget/ (with authentication header) -> 200 OK
  • PUT /nuget/ (no authentication header) -> 401 Unauthorized
  • PUT /nuget/ (no authentication header) -> 401 Unauthorized
  • PUT /nuget/ (no authentication header) -> 401 Unauthorized
  • ...
It seems that nuget.exe is never sending the authentication header with the PUT requests.

feiling wrote Apr 29, 2014 at 9:25 PM

We think we fixed this problem: we reverted the change that caused all those auth problems. The original change was to fix out-of-memory problem by disable buffering when sending PUT requests.

This change is reverted, and we added a new option -DisableBuffering instead for people with out-of-memory problems. You can try the new build at http://build.nuget.org/nuget.exe

One thing to note though: if you are running nuget.exe on a machine without .net 4.5, and Integrated Windows Authentication is used, then authentication will always fail, and nuget will keep on asking for credentials. This is not a new bug, nuget 2.7.2 behaves the same way. The workaround is to run nuget.exe on a machine with .net 4.5.

thirteen13 wrote May 27, 2014 at 8:26 AM

Yes, I can confirm that with nuget.exe 2.8.50506.491 pushing works. (We have .NET 4.5 installed.)
But now restore doesn't work anymore, see issue 4172.