¿Cómo configurar cygwin git para trabajar detrás del proxy?

Estoy usando Windows 7 x64.

He instalado Git para Windows y cygwin's git.

Estas son las versiones instaladas de Git para Windows:

user@machine MINGW64 ~ $ uname -a MINGW64_NT-6.1 machine 2.4.0(0.292/5/3) 2016-01-05 14:13 x86_64 Msys user@machine MINGW64 ~ $ git --version git version 2.7.0.windows.1 user@machine MINGW64 ~ $ curl --version curl 7.46.0 (x86_64-w64-mingw32) libcurl/7.46.0 OpenSSL/1.0.2e lib/1.2.8 libidn/1.32 libssh2/1.6.0 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp Features: IDN IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz TLS-SRP 

Estas son las versiones instaladas para cygwin:

 user > ~ > uname -a CYGWIN_NT-6.1 machine 2.4.0(0.293/5/3) 2016-01-15 16:16 x86_64 Cygwin user > ~ > git --version git version 2.7.0 user > ~ > curl --version curl 7.45.0 (x86_64-unknown-cygwin) libcurl/7.45.0 OpenSSL/1.0.2e zlib/1.2.8 libidn/1.29 libssh2/1.5.0 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: Debug IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets Metalink 

Este es mi file .gitconfig con respecto a http.proxy en ambas instalaciones:

 [http] proxy = https://:@evilcorp.proxy.com:8080 

Puedo clonar con Git para Windows:

 user@machine MINGW64 ~ $ git config --get http.proxy https://:@evilcorp.proxy.com:8080 user@machine MINGW64 ~ $ git clone https://github.com/vim/vim Cloning into 'vim'... remote: Counting objects: 53744, done. remote: Total 53744 (delta 0), reused 0 (delta 0), pack-reused 53744 Receiving objects: 100% (53744/53744), 41.26 MiB | 453.00 KiB/s, done. Resolving deltas: 100% (45107/45107), done. Checking connectivity... done. Checking out files: 100% (2661/2661), done. 

Pero obtengo un error de authentication 407 con cygwin's git:

 user > ~ > git config --get http.proxy https://:@evilcorp.proxy.com:8080 user > ~ > git clone https://github.com/vim/vim Cloning into 'vim'... fatal: unable to access 'https://github.com/vim/vim/': Received HTTP code 407 from proxy after CONNECT 

Establecer el nombre de usuario y la contraseña en la cadena de proxy no cambia el resultado.

He encontrado esto en la list de correo cywin que se ve relacionado con ese problema

http://thread.gmane.org/gmane.os.cygwin/155039 .

¿Cómo puedo arreglar eso?

Aquí hay un logging adicional. También muestra que Curl funciona con --proxy-ntlm

MINGW64:

 username@machine MINGW64 / $ curl -U :--proxy-ntlm --proxy rwestproxy-neurathdc.rwe.com:8080 http://www.google.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 258 100 258 0 0 2744 0 --:--:-- --:--:-- --:--:-- 3307<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="http://www.google.de/?gfe_rd=cr&amp;ei=uQugVqvzI_Dt8wfUpKC4Bw">here</A>. </BODY></HTML> username@machine MINGW64 / $ curl http://www.google.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- 0:00:30 --:--:-- 0 username@machine MINGW64 ~ $ export GIT_CURL_VERBOSE=1 username@machine MINGW64 ~ $ export GIT_TRACE=1 username@machine MINGW64 ~ $ git config --get http.proxy 23:40:02.125128 git.c:348 trace: built-in: git 'config' '--get' 'http.proxy' https://:@evilcorp.proxy.com:8080 username@machine MINGW64 ~ $ git clone https://github.com/Shougo/vimproc.vim 23:41:30.617391 git.c:348 trace: built-in: git 'clone' 'https://github.com/Shougo/vimproc.vim' Cloning into 'vimproc.vim'... 23:41:40.522502 run-command.c:343 trace: run_command: 'git-remote-https' 'origin' 'https://github.com/Shougo/vimproc.vim' * Couldn't find host github.com in the _netrc file; using defaults * timeout on name lookup is not supported * Trying 10.88.253.20... * Connected to evilcorp.proxy.com (10.88.253.20) port 8080 (#0) * Establish HTTP proxy tunnel to github.com:443 > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 User-Agent: git/2.7.0.windows.1 Proxy-Connection: Keep-Alive < HTTP/1.1 407 authenticationrequinetworking < Date: Wed, 20 Jan 2016 22:41:42 GMT < Content-Type: text/html < Cache-Control: no-cache < Content-Length: 18471 < Proxy-Connection: Keep-Alive < Proxy-Authenticate: Negotiate < Proxy-Authenticate: Basic realm="Web Gateway" < * Ignore 18471 bytes of response-body * TUNNEL_STATE switched to: 0 * Establish HTTP proxy tunnel to github.com:443 > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 User-Agent: git/2.7.0.windows.1 Proxy-Connection: Keep-Alive < HTTP/1.1 407 authenticationrequinetworking < Date: Wed, 20 Jan 2016 22:41:42 GMT < Content-Type: text/html < Cache-Control: no-cache < Content-Length: 18471 < Proxy-Connection: Keep-Alive < Proxy-Authenticate: Negotiate < Proxy-Authenticate: Basic realm="Web Gateway" < * Ignore 18471 bytes of response-body * TUNNEL_STATE switched to: 0 * Establish HTTP proxy tunnel to github.com:443 * Proxy auth using Negotiate with user '' > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 Proxy-Authorization: Negotiate YIImIwYGKwYBBQUCoIImFzCCJhOgMDAuBgkqhkiC9xIBAgIGCSqGSIb3nFeMQ+30vz6ZGa78Uk= User-Agent: git/2.7.0.windows.1 Proxy-Connection: Keep-Alive < HTTP/1.0 200 Connection established < * Proxy replied OK to CONNECT request * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=5157550; street=548 4th Street; postalCode=94107; C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com * start date: Apr 8 00:00:00 2014 GMT * expire date: Apr 12 12:00:00 2016 GMT * subjectAltName: github.com matched * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA * SSL certificate verify ok. > GET /Shougo/vimproc.vim/info/refs?service=git-upload-pack HTTP/1.1 Host: github.com User-Agent: git/2.7.0.windows.1 Accept: */* Accept-Encoding: gzip Accept-Language: en-US, *;q=0.9 Pragma: no-cache < HTTP/1.1 200 OK < Server: GitHub Babel 2.0 < Content-Type: application/x-git-upload-pack-advertisement < Transfer-Encoding: chunked < Expires: Fri, 01 Jan 1980 00:00:00 GMT < Pragma: no-cache < Cache-Control: no-cache, max-age=0, must-revalidate < Vary: Accept-Encoding < X-GitHub-Request-Id: C19BC295:3ACA:C1B117:56A00D26 < X-Frame-Options: DENY < * Closing connection 0 23:41:45.326871 run-command.c:343 trace: run_command: 'fetch-pack' '--stateless-rpc' '--stdin' '--lock-pack' '--thin' '--check-self-contained-and-connected' '--cloning' 'https://github.com/Shougo/vimproc.vim/' 23:41:46.839935 git.c:348 trace: built-in: git 'fetch-pack' '--stateless-rpc' '--stdin' '--lock-pack' '--thin' '--check-self-contained-and-connected' '--cloning' 'https://github.com/Shougo/vimproc.vim/' * Couldn't find host github.com in the _netrc file; using defaults * timeout on name lookup is not supported * Hostname evilcorp.proxy.com was found in DNS cache * Trying 10.88.253.20... * Connected to evilcorp.proxy.com (10.88.253.20) port 8080 (#1) * Establish HTTP proxy tunnel to github.com:443 > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 User-Agent: git/2.7.0.windows.1 Proxy-Connection: Keep-Alive < HTTP/1.1 407 authenticationrequinetworking < Date: Wed, 20 Jan 2016 22:42:12 GMT < Content-Type: text/html < Cache-Control: no-cache < Content-Length: 18471 < Proxy-Connection: Keep-Alive < Proxy-Authenticate: Negotiate < Proxy-Authenticate: Basic realm="Web Gateway" < * Ignore 18471 bytes of response-body * TUNNEL_STATE switched to: 0 * Establish HTTP proxy tunnel to github.com:443 * Proxy auth using Negotiate with user '' > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 Proxy-Authorization: Negotiate YIImIwYGKwYBBQUCoIImFzCCJhOgMDAuBgkqhkiC9xIBAgIGCSqGSIb3nFeMQ+30vz6ZGa78Uk= User-Agent: git/2.7.0.windows.1 Proxy-Connection: Keep-Alive < HTTP/1.0 200 Connection established < * Proxy replied OK to CONNECT request * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none * SSL re-using session ID * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * old SSL session ID is stale, removing * Server certificate: * subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=5157550; street=548 4th Street; postalCode=94107; C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com * start date: Apr 8 00:00:00 2014 GMT * expire date: Apr 12 12:00:00 2016 GMT * subjectAltName: github.com matched * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA * SSL certificate verify ok. > POST /Shougo/vimproc.vim/git-upload-pack HTTP/1.1 Host: github.com User-Agent: git/2.7.0.windows.1 Accept-Encoding: gzip Content-Type: application/x-git-upload-pack-request Accept: application/x-git-upload-pack-result Content-Encoding: gzip Content-Length: 641 * upload completely sent off: 641 out of 641 bytes < HTTP/1.1 200 OK < Server: GitHub Babel 2.0 < Content-Type: application/x-git-upload-pack-result < Transfer-Encoding: chunked < Expires: Fri, 01 Jan 1980 00:00:00 GMT < Pragma: no-cache < Cache-Control: no-cache, max-age=0, must-revalidate < Vary: Accept-Encoding < X-GitHub-Request-Id: C19BC295:3ACD:F59317:56A00D44 < X-Frame-Options: DENY < remote: Counting objects: 5309, done. 23:42:12.951991 run-command.c:343 trace: run_command: 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 2380 on machine' '--check-self-contained-and-connected' '--pack_header=2,5309' 23:42:14.527450 git.c:348 trace: built-in: git 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 2380 on machine' '--check-self-contained-and-connected' '--pack_header=2,5309' * Closing connection 1% (5257/5309), 1.46 MiB | 31.00 KiB/s remote: Total 5309 (delta 0), reused 0 (delta 0), pack-reused 5309 Receiving objects: 100% (5309/5309), 1.48 MiB | 34.00 KiB/s, done. Resolving deltas: 100% (2966/2966), done. Checking connectivity... 23:44:26.896821 run-command.c:343 trace: run_command: 'rev-list' '--objects' '--stdin' '--not' '--all' 23:44:28.472249 git.c:348 trace: built-in: git 'rev-list' '--objects' '--stdin' '--not' '--all' done. Checking out files: 100% (42/42), done. 

Cygwin:

 username > ~ > curl -U :--proxy-ntlm --proxy rwestproxy-neurathdc.rwe.com:8080 http://www.google.com <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>302 Moved</TITLE></HEAD><BODY> <H1>302 Moved</H1> The document has moved <A HREF="http://www.google.de/?gfe_rd=cr&amp;ei=ChSgVuS5OeqG8QflgJzwAQ">here</A>. </BODY></HTML> username > ~ > curl http://www.google.com username > ~ > 130 > username > ~ > export GIT_TRACE=1 username > ~ > git config --get http.proxy 23:43:52.408979 git.c:348 trace: built-in: git 'config' '--get' 'http.proxy' https://:@evilcorp.proxy.com:8080 username > ~ > git clone https://github.com/Shougo/viproc.vim 23:44:57.672267 git.c:348 trace: built-in: git 'clone' 'https://github.com/Shougo/viproc.vim' Cloning into 'viproc.vim'... 23:44:57.719062 run-command.c:343 trace: run_command: 'git-remote-https' 'origin' 'https://github.com/Shougo/viproc.vim' * STATE: INIT => CONNECT handle 0x60009b480; line 1090 (connection #-5000) * Couldn't find host github.com in the .netrc file; using defaults * Added connection 0. The cache now contains 1 members * Trying 10.88.253.20... * STATE: CONNECT => WAITCONNECT handle 0x60009b480; line 1143 (connection #0) * Connected to evilcorp.proxy.com (10.88.253.20) port 8080 (#0) * STATE: WAITCONNECT => WAITPROXYCONNECT handle 0x60009b480; line 1240 (connection #0) * Establish HTTP proxy tunnel to github.com:443 > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 User-Agent: git/2.7.0 Proxy-Connection: Keep-Alive * Read response immediately from proxy CONNECT < HTTP/1.1 407 authenticationrequinetworking < Date: Wed, 20 Jan 2016 22:44:57 GMT < Content-Type: text/html < Cache-Control: no-cache < Content-Length: 18471 < Proxy-Connection: Keep-Alive < Proxy-Authenticate: Negotiate < Proxy-Authenticate: Basic realm="Web Gateway" < * Ignore 18471 bytes of response-body * TUNNEL_STATE switched to: 0 * Establish HTTP proxy tunnel to github.com:443 > CONNECT github.com:443 HTTP/1.1 Host: github.com:443 User-Agent: git/2.7.0 Proxy-Connection: Keep-Alive * Read response immediately from proxy CONNECT < HTTP/1.1 407 authenticationrequinetworking < Date: Wed, 20 Jan 2016 22:44:57 GMT < Content-Type: text/html < Cache-Control: no-cache < Content-Length: 18471 < Proxy-Connection: Keep-Alive < Proxy-Authenticate: Negotiate * gss_init_sec_context() failed: : SPNEGO cannot find mechanisms to negotiate < Proxy-Authenticate: Basic realm="Web Gateway" < * Received HTTP code 407 from proxy after CONNECT * Expire cleanetworking * Curl_done * Closing connection 0 * The cache now contains 0 members fatal: unable to access 'https://github.com/Shougo/viproc.vim/': Received HTTP code 407 from proxy after CONNECT 

Cuando tengo que pasar por nuestro proxy de la compañía y una herramienta tiene problemas con la authentication, inicio mi proxy Cntlm local.
El proxy Cntlm puede autenticarse con sus cnetworkingenciales contra su proxy corporativo.

Luego solo usa la instancia Cntlm ejecutándose en localhost:5865 como proxy.