- Issue created by @sascha_meissner
- 🇺🇸United States drumm NY, US
I’m unable to reproduce this issue. Without an original error message, I can not attempt to correlate this with any logs.
Does your workplace have any proxies or firewalls that might be affecting the HTTP Auth headers? Can you try from another network?
If the issue persists on other networks, please paste the full git command you are using, and full output? And prefix the git command like
GIT_CURL_VERBOSE=1 git push …. Be sure to redact any credentials, but do leave the exact remote URI. More information is at https://docs.gitlab.com/topics/git/troubleshooting_git/ - 🇩🇪Germany sascha_meissner Planet earth
Thx @drumm for your quick reply, i tried also on another network, with and without tunnels etc. still having the same issue.
This is my example issue fork:
$ git remote show pathalias_extend-3543394 * remote pathalias_extend-3543394 Fetch URL: https://git.drupalcode.org/issue/pathalias_extend-3543394.git Push URL: https://git.drupalcode.org/issue/pathalias_extend-3543394.githere is a full output of the git push command:
$ GIT_CURL_VERBOSE=1 git push 17:22:33.910613 http.c:703 == Info: Couldn't find host git.drupalcode.org in the (nil) file; using defaults 17:22:33.983998 http.c:703 == Info: Trying 151.101.2.217:443... 17:22:34.014391 http.c:703 == Info: Connected to git.drupalcode.org (151.101.2.217) port 443 (#0) 17:22:34.014391 http.c:703 == Info: schannel: disabled automatic use of client certificate 17:22:34.084369 http.c:650 => Send header, 0000000220 bytes (0x000000dc) 17:22:34.084369 http.c:662 => Send header: GET /issue/pathalias_extend-3543394.git/info/refs?service=git-receive-pack HTTP/1.1 17:22:34.084369 http.c:662 => Send header: Host: git.drupalcode.org 17:22:34.084369 http.c:662 => Send header: User-Agent: git/2.37.2.windows.2 17:22:34.084369 http.c:662 => Send header: Accept: */* 17:22:34.084369 http.c:662 => Send header: Accept-Encoding: deflate, gzip, br, zstd 17:22:34.084369 http.c:662 => Send header: Pragma: no-cache 17:22:34.084369 http.c:662 => Send header: 17:22:34.284357 http.c:703 == Info: Mark bundle as not supporting multiuse 17:22:34.284357 http.c:650 <= Recv header, 0000000027 bytes (0x0000001b) 17:22:34.284357 http.c:662 <= Recv header: HTTP/1.1 401 Unauthorized 17:22:34.284357 http.c:650 <= Recv header, 0000000024 bytes (0x00000018) 17:22:34.284357 http.c:662 <= Recv header: Connection: keep-alive 17:22:34.284357 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:34.284357 http.c:662 <= Recv header: Content-Length: 356 17:22:34.284357 http.c:650 <= Recv header, 0000000015 bytes (0x0000000f) 17:22:34.284357 http.c:662 <= Recv header: Server: nginx 17:22:34.284357 http.c:650 <= Recv header, 0000000041 bytes (0x00000029) 17:22:34.284357 http.c:662 <= Recv header: Content-Type: text/plain; charset=utf-8 17:22:34.284357 http.c:650 <= Recv header, 0000000025 bytes (0x00000019) 17:22:34.284357 http.c:662 <= Recv header: Cache-Control: no-cache 17:22:34.284357 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:34.284357 http.c:662 <= Recv header: Nel: {"max_age": 0} 17:22:34.284357 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:34.284357 http.c:662 <= Recv header: WWW-Authenticate: Basic realm="GitLab" 17:22:34.284357 http.c:650 <= Recv header, 0000000033 bytes (0x00000021) 17:22:34.284357 http.c:662 <= Recv header: X-Content-Type-Options: nosniff 17:22:34.284357 http.c:650 <= Recv header, 0000000028 bytes (0x0000001c) 17:22:34.284357 http.c:662 <= Recv header: X-Download-Options: noopen 17:22:34.284357 http.c:650 <= Recv header, 0000000029 bytes (0x0000001d) 17:22:34.284357 http.c:662 <= Recv header: X-Frame-Options: SAMEORIGIN 17:22:34.284357 http.c:650 <= Recv header, 0000000078 bytes (0x0000004e) 17:22:34.284357 http.c:662 <= Recv header: X-Gitlab-Meta: {"correlation_id":"01K3V6RR3JEWNVZMHA8N7N5QVY","version":"1"} 17:22:34.284357 http.c:650 <= Recv header, 0000000041 bytes (0x00000029) 17:22:34.284357 http.c:662 <= Recv header: X-Permitted-Cross-Domain-Policies: none 17:22:34.284357 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:34.284357 http.c:662 <= Recv header: X-Runtime: 0.018589 17:22:34.284357 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:34.284357 http.c:662 <= Recv header: X-Xss-Protection: 0 17:22:34.284357 http.c:650 <= Recv header, 0000000022 bytes (0x00000016) 17:22:34.284357 http.c:662 <= Recv header: Accept-Ranges: bytes 17:22:34.284357 http.c:650 <= Recv header, 0000000031 bytes (0x0000001f) 17:22:34.284357 http.c:662 <= Recv header: Via: 1.1 varnish, 1.1 varnish 17:22:34.284357 http.c:650 <= Recv header, 0000000037 bytes (0x00000025) 17:22:34.284357 http.c:662 <= Recv header: Date: Fri, 29 Aug 2025 15:22:34 GMT 17:22:34.284357 http.c:650 <= Recv header, 0000000067 bytes (0x00000043) 17:22:34.284357 http.c:662 <= Recv header: X-Served-By: cache-bfi-kbfi7400084-BFI, cache-fra-etou8220143-FRA 17:22:34.284357 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:34.284357 http.c:662 <= Recv header: X-Cache: MISS, MISS 17:22:34.284357 http.c:650 <= Recv header, 0000000020 bytes (0x00000014) 17:22:34.284357 http.c:662 <= Recv header: X-Cache-Hits: 0, 0 17:22:34.284357 http.c:650 <= Recv header, 0000000039 bytes (0x00000027) 17:22:34.284357 http.c:662 <= Recv header: X-Timer: S1756480954.407929,VS0,VE175 17:22:34.284357 http.c:650 <= Recv header, 0000000014 bytes (0x0000000e) 17:22:34.284357 http.c:662 <= Recv header: Vary: Accept 17:22:34.284357 http.c:650 <= Recv header, 0000000026 bytes (0x0000001a) 17:22:34.284357 http.c:662 <= Recv header: x-request-id: 2821066023 17:22:34.284357 http.c:650 <= Recv header, 0000000023 bytes (0x00000017) 17:22:34.284357 http.c:662 <= Recv header: x-time-elapsed: 0.175 17:22:34.284357 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:34.284357 http.c:662 <= Recv header: Permissions-Policy: interest-cohort=() 17:22:34.284357 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:34.284357 http.c:662 <= Recv header: Strict-Transport-Security: max-age=900 17:22:34.284357 http.c:650 <= Recv header, 0000000002 bytes (0x00000002) 17:22:34.284357 http.c:662 <= Recv header: 17:22:34.284357 http.c:703 == Info: Connection #0 to host git.drupalcode.org left intact Username for 'https://git.drupalcode.org': sascha Password for 'https://sascha@git.drupalcode.org': 17:22:42.627948 http.c:703 == Info: Found bundle for host: 0x28a99aac580 [serially] 17:22:42.627948 http.c:703 == Info: Can not multiplex, even if we wanted to 17:22:42.627948 http.c:703 == Info: Re-using existing connection #0 with host git.drupalcode.org 17:22:42.627948 http.c:703 == Info: Connected to git.drupalcode.org (151.101.2.217) port 443 (#0) 17:22:42.627948 http.c:703 == Info: Server auth using Basic with user 'sascha' 17:22:42.627948 http.c:650 => Send header, 0000000279 bytes (0x00000117) 17:22:42.627948 http.c:662 => Send header: GET /issue/pathalias_extend-3543394.git/info/refs?service=git-receive-pack HTTP/1.1 17:22:42.627948 http.c:662 => Send header: Host: git.drupalcode.org 17:22:42.627948 http.c:662 => Send header: Authorization: Basic <redacted> 17:22:42.627948 http.c:662 => Send header: User-Agent: git/2.37.2.windows.2 17:22:42.627948 http.c:662 => Send header: Accept: */* 17:22:42.627948 http.c:662 => Send header: Accept-Encoding: deflate, gzip, br, zstd 17:22:42.627948 http.c:662 => Send header: Pragma: no-cache 17:22:42.627948 http.c:662 => Send header: 17:22:43.565250 http.c:703 == Info: Mark bundle as not supporting multiuse 17:22:43.565250 http.c:650 <= Recv header, 0000000036 bytes (0x00000024) 17:22:43.565250 http.c:662 <= Recv header: HTTP/1.1 500 Internal Server Error 17:22:43.565250 http.c:650 <= Recv header, 0000000024 bytes (0x00000018) 17:22:43.565250 http.c:662 <= Recv header: Connection: keep-alive 17:22:43.565250 http.c:650 <= Recv header, 0000000022 bytes (0x00000016) 17:22:43.565250 http.c:662 <= Recv header: Content-Length: 1624 17:22:43.565250 http.c:650 <= Recv header, 0000000015 bytes (0x0000000f) 17:22:43.565250 http.c:662 <= Recv header: Server: nginx 17:22:43.565250 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:43.565250 http.c:662 <= Recv header: Content-Type: text/html; charset=utf-8 17:22:43.565250 http.c:650 <= Recv header, 0000000026 bytes (0x0000001a) 17:22:43.565250 http.c:662 <= Recv header: X-Gitlab-Custom-Error: 1 17:22:43.565250 http.c:650 <= Recv header, 0000000078 bytes (0x0000004e) 17:22:43.565250 http.c:662 <= Recv header: X-Gitlab-Meta: {"correlation_id":"01K3V6S15E9B305CFY6QCCRABF","version":"1"} 17:22:43.565250 http.c:650 <= Recv header, 0000000021 bytes (0x00000015) 17:22:43.565250 http.c:662 <= Recv header: X-Runtime: 0.019927 17:22:43.565250 http.c:650 <= Recv header, 0000000020 bytes (0x00000014) 17:22:43.565250 http.c:662 <= Recv header: Fastly-Restarts: 1 17:22:43.565250 http.c:650 <= Recv header, 0000000022 bytes (0x00000016) 17:22:43.565250 http.c:662 <= Recv header: Accept-Ranges: bytes 17:22:43.565250 http.c:650 <= Recv header, 0000000037 bytes (0x00000025) 17:22:43.565250 http.c:662 <= Recv header: Date: Fri, 29 Aug 2025 15:22:43 GMT 17:22:43.565250 http.c:650 <= Recv header, 0000000018 bytes (0x00000012) 17:22:43.565250 http.c:662 <= Recv header: Via: 1.1 varnish 17:22:43.565250 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:43.565250 http.c:662 <= Recv header: X-Served-By: cache-fra-etou8220143-FRA 17:22:43.565250 http.c:650 <= Recv header, 0000000015 bytes (0x0000000f) 17:22:43.565250 http.c:662 <= Recv header: X-Cache: MISS 17:22:43.565250 http.c:650 <= Recv header, 0000000017 bytes (0x00000011) 17:22:43.565250 http.c:662 <= Recv header: X-Cache-Hits: 0 17:22:43.565250 http.c:650 <= Recv header, 0000000039 bytes (0x00000027) 17:22:43.565250 http.c:662 <= Recv header: X-Timer: S1756480963.947717,VS0,VE907 17:22:43.565250 http.c:650 <= Recv header, 0000000026 bytes (0x0000001a) 17:22:43.565250 http.c:662 <= Recv header: x-request-id: 2821210415 17:22:43.565250 http.c:650 <= Recv header, 0000000023 bytes (0x00000017) 17:22:43.565250 http.c:662 <= Recv header: x-time-elapsed: 0.906 17:22:43.565250 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:43.565250 http.c:662 <= Recv header: Permissions-Policy: interest-cohort=() 17:22:43.565250 http.c:650 <= Recv header, 0000000040 bytes (0x00000028) 17:22:43.565250 http.c:662 <= Recv header: Strict-Transport-Security: max-age=900 17:22:43.565250 http.c:650 <= Recv header, 0000000002 bytes (0x00000002) 17:22:43.565250 http.c:662 <= Recv header: 17:22:43.565250 http.c:703 == Info: Connection #0 to host git.drupalcode.org left intact fatal: unable to access 'https://git.drupalcode.org/issue/pathalias_extend-3543394.git/': The requested URL returned error: 500 - 🇺🇸United States drumm NY, US
That does lead to a good backtrace in GitLab
"exception.class" : "NoMethodError", "exception.message" : "undefined method `include?' for nil:NilClass",in
"lib/gitlab/auth/ip_rate_limiter.rb:37:in `block in trusted_ip?'", "lib/gitlab/auth/ip_rate_limiter.rb:37:in `any?'", "lib/gitlab/auth/ip_rate_limiter.rb:37:in `trusted_ip?'", "lib/gitlab/auth/ip_rate_limiter.rb:43:in `skip_rate_limit?'", "lib/gitlab/auth/ip_rate_limiter.rb:31:in `banned?'", "lib/gitlab/auth.rb:122:in `find_for_git_client'",So it seems there’s some edge case with involving GitLab’s rate limiting implementation
- 🇺🇸United States drumm NY, US
I couldn’t find a relevant existing issue, so I filed a new one. Since this is an exception internal to GitLab, we’ll want to wait for their fix or workaround.
- 🇺🇸United States drumm NY, US
- 🇩🇪Germany sascha_meissner Planet earth
Thank you very much @drumm !
FYI just tried again after a full weekend and the problem still the same for me. - 🇪🇸Spain fjgarlin
I was helping somebody in slack and I ran into this. This happens when using the "https" URL for the repo.
So, for example, in this issue https://www.drupal.org/project/acquia_purge/issues/3523565 ✨ Create new purger service to support multiple CDN providers Active , it happens when you use:
git remote add acquia_purge-3523565 git@git.drupal.org:issue/acquia_purge-3523565.gitBut not when you use:
(first time)
git remote add acquia_purge-3523565 https://git.drupalcode.org/issue/acquia_purge-3523565.git(if the fork was already cloned)
git remote set-url acquia_purge-3523565 git@git.drupal.org:issue/acquia_purge-3523565.gitSo the workaround is to use the "git@..." repo URL.
- 🇺🇸United States drumm NY, US
We’ve had some other reports that have potential to be the same issue. We need the line with the
correlation_idfromGIT_CURL_VERBOSE=1 git pushto confirm it is the same issue, or track down something else. For example:17:22:43.565250 http.c:662 <= Recv header: X-Gitlab-Meta: {"correlation_id":"01K3V6S15E9B305CFY6QCCRABF","version":"1"} - 🇩🇪Germany sascha_meissner Planet earth
@drumm
Here you have a "fresh" one from just now:
X-Gitlab-Meta: {"correlation_id":"01K44HCPR8KGR6AZDXZHPK97YM","version":"1"} - 🇺🇸United States drumm NY, US
https://gitlab.com/gitlab-org/gitlab/-/issues/566636 did get at least one bugfix backport moving in GitLab. They did spot a typo in our configuration which was very likely to be the cause. I’ve corrected the typo and reconfigured, so I expect this to be resolved. Please reopen with details if this does happen again.
- 🇩🇪Germany sascha_meissner Planet earth
That´s a great finding! Works again, big THX