Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38194

Ampersand in Git password causes authentication failure

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Component/s: git-client-plugin
    • Labels:
      None
    • Environment:
      Windows server 2012 R2
      git-client-plugin 2.0.0
    • Similar Issues:

      Description

      Git client plugin 2.0.0 seems to have swapped from using .gitcredentials to GIT_ASKPASS and when I have an & character in my password the authentications fails. 1.21.0 was fine (and reverting to that version swaps back to using .gitcredentials)

      Escaping the & in the password stored in the credentials by using ^& works round the issue (but if the same credentials are used elsewhere then they will break)

        Attachments

          Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-40166 Passwords not quoted correctly in Windows

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-38138 Git plugin over HTTP with TFS 2015 causes authorization error

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-38179 Authentication Error with GIT Client version 2.0.0

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

            Activity

            Ascending order - Click to sort in descending order
            4 older comments
            Hide
            Permalink
            markewaite Mark Waite added a comment -

            I just created an account on visualstudio.com with a password which contains a "^" and an "&" character and was able to checkout on my Docker instance from a repository using that user name and password.

            Is your agent (slave) which is failing the checkout a Windows machine?

            Does the same failure happen with a Linux machine?

            Show
            markewaite Mark Waite added a comment - I just created an account on visualstudio.com with a password which contains a "^" and an "&" character and was able to checkout on my Docker instance from a repository using that user name and password. Is your agent (slave) which is failing the checkout a Windows machine? Does the same failure happen with a Linux machine?
            Hide
            Permalink
            karmseever Mark Reeves added a comment -

            slave is Windows server 2012 (as stated in 'environment' and as is JENKINS-38179). Not tried on Linux but the issue is clearly due to something not escaping windows environment variables so I can't see it affecting Linux slaves.

            Show
            karmseever Mark Reeves added a comment - slave is Windows server 2012 (as stated in 'environment' and as is JENKINS-38179 ). Not tried on Linux but the issue is clearly due to something not escaping windows environment variables so I can't see it affecting Linux slaves.
            Hide
            Permalink
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Mark Waite
            Path:
            src/main/java/org/jenkinsci/plugins/gitclient/CliGitAPIImpl.java
            src/test/java/org/jenkinsci/plugins/gitclient/CliGitAPIImplAuthTest.java
            http://jenkins-ci.org/commit/git-client-plugin/f7b7cb995f5aaf22dcc49ccc48b980e5d1ce7ecc
            Log:
            Test JENKINS-40116, JENKINS-38194, JENKINS-38179 & JENKINS-38138

            Confirm that characters which Windows requires be escaped in a batch
            file can be used as characters in a git password (as used through https
            with a username / password combination).

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Mark Waite Path: src/main/java/org/jenkinsci/plugins/gitclient/CliGitAPIImpl.java src/test/java/org/jenkinsci/plugins/gitclient/CliGitAPIImplAuthTest.java http://jenkins-ci.org/commit/git-client-plugin/f7b7cb995f5aaf22dcc49ccc48b980e5d1ce7ecc Log: Test JENKINS-40116 , JENKINS-38194 , JENKINS-38179 & JENKINS-38138 Confirm that characters which Windows requires be escaped in a batch file can be used as characters in a git password (as used through https with a username / password combination).
            Hide
            Permalink
            markewaite Mark Waite added a comment -

            If you'd like to test a prototype build, for a short time it will be available from the ci.jenkins.io server. Upload it manually, restart your Jenkins server, and see if it helps in your case.

            Show
            markewaite Mark Waite added a comment - If you'd like to test a prototype build, for a short time it will be available from the ci.jenkins.io server. Upload it manually, restart your Jenkins server, and see if it helps in your case.
            Hide
            Permalink
            markewaite Mark Waite added a comment -

            Fixed in git client plugin 2.2.1 16 Jan 2016

            Show
            markewaite Mark Waite added a comment - Fixed in git client plugin 2.2.1 16 Jan 2016

              People

              Assignee:
              markewaite Mark Waite
              Reporter:
              karmseever Mark Reeves
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: