当前位置: 首页 > 工具软件 > GnuTLS > 使用案例 >

Ubuntu下 Git 克隆gnutls_handshake() failed的问题

巢权
2023-12-01

在Ubuntu下git克隆的时候提示gnutls_handshake() failed,搜了一下解决方法有两种:

  1. 使用ssh证书克隆而不是通过https链接进行克隆,但是这样子模块在更新的时候还是会走https,所以有子模块的仓库不适用这个方法。(尝试修改.gitsubmodule文件的子模块链接为git@github.com:xxxxxx仍然访问不正常,如果有成功的欢迎在下方留言。)
git clone git@github.com:xxxx/xxxxx.git
  1. 问题出在 gnutls 模块,解决方案是从源码重新构建 git 安装包,将 gnutls 替换为 openssl 。github上有一个脚本(paul-nelson-baker/git-openssl-shellscript)可以完成这个操作。在gitee上也有同步脚本
#建议先卸载自带的git,否则每次apt upgrade就会把自带的git又装回来
sudo apt remove git

完整脚本:

#!/usr/bin/env bash
set -e

# Gather command line options
for i in "$@"; do 
  case $i in 
    -skiptests|--skip-tests) # Skip tests portion of the build
    SKIPTESTS=YES
    shift
    ;;
    -d=*|--build-dir=*) # Specify the directory to use for the build
    BUILDDIR="${i#*=}"
    shift
    ;;
    -skipinstall|--skip-install) # Skip dpkg install
    SKIPINSTALL=YES
    ;;
    *)
    #TODO Maybe define a help section?
    ;;
  esac
done

# Use the specified build directory, or create a unique temporary directory
BUILDDIR=${BUILDDIR:-$(mktemp -d)}
echo "BUILD DIRECTORY USED: ${BUILDDIR}" 
mkdir -p "${BUILDDIR}"
cd "${BUILDDIR}"

# Download the source tarball from GitHub
sudo apt update
sudo apt install curl -y
sudo apt-get install unzip
git_tarball_url="https://gitee.com$(curl -s -k https://gitee.com/mirrors/git/tags|grep -o 'href="/mirrors/git/repository/archive/.*"'|head -n1 |awk -F '"' '{print $2}' | tr -d '\n')"
echo "DOWNLOADING FROM: ${git_tarball_url}"
curl -s -k -L --retry 5 "${git_tarball_url}" --output "git-source.zip"
unzip -d "${BUILDDIR}" git-source.zip
cd "${BUILDDIR}/git"
# Source dependencies
# Don't use gnutls, this is the problem package.
sudo apt remove --purge libcurl4-gnutls-dev -y || true
# Using apt-get for these commands, they're not supported with the apt alias on 14.04 (but they may be on later systems)
sudo apt-get autoremove -y
sudo apt-get autoclean
# Meta-things for building on the end-user's machine
sudo apt install build-essential autoconf dh-autoreconf -y
# Things for the git itself
sudo apt install libcurl4-openssl-dev tcl-dev gettext asciidoc -y
sudo apt install libexpat1-dev libz-dev -y

# Build it!
make configure
# --prefix=/usr
#    Set the prefix based on this decision tree: https://i.stack.imgur.com/BlpRb.png
#    Not OS related, is software, not from package manager, has dependencies, and built from source => /usr
# --with-openssl
#    Running ripgrep on configure shows that --with-openssl is set by default. Since this could change in the
#    future we do it explicitly
./configure --prefix=/usr --with-openssl
make 
if [[ "${SKIPTESTS}" != "YES" ]]; then
  make test
fi

# Install
if [[ "${SKIPINSTALL}" != "YES" ]]; then
  # If you have an apt managed version of git, remove it
  if sudo apt remove --purge git -y; then
    sudo apt-get autoremove -y
    sudo apt-get autoclean
  fi
  # Install the version we just built
  sudo make install #install-doc install-html install-info
  echo "Make sure to refresh your shell!"
  bash -c 'echo "$(which git) ($(git --version))"'
fi
 类似资料: