Git|Ubuntu下 Git 克隆gnutls_handshake() failed的问题 Ubuntu|git|gnutls|Ubuntu

【Git|Ubuntu下 Git 克隆gnutls_handshake() failed的问题】在Ubuntu下git克隆的时候提示gnutls_handshake() failed，搜了一下解决方法有两种：

使用ssh证书克隆而不是通过https链接进行克隆，但是这样子模块在更新的时候还是会走https，所以有子模块的仓库不适用这个方法。（尝试修改.gitsubmodule文件的子模块链接为git@github.com:xxxxxx仍然访问不正常，如果有成功的欢迎在下方留言。）

git clone git@github.com:xxxx/xxxxx.git

问题出在 gnutls 模块，解决方案是从源码重新构建 git 安装包，将 gnutls 替换为 openssl 。github上有一个脚本（paul-nelson-baker/git-openssl-shellscript）可以完成这个操作。在gitee上也有同步脚本。

#建议先卸载自带的git，否则每次apt upgrade就会把自带的git又装回来 sudo apt remove git

完整脚本:

#!/usr/bin/env bash set -e# Gather command line options for i in "$@"; do case $i in -skiptests|--skip-tests) # Skip tests portion of the build SKIPTESTS=YES shift ; ; -d=*|--build-dir=*) # Specify the directory to use for the build BUILDDIR="${i#*=}" shift ; ; -skipinstall|--skip-install) # Skip dpkg install SKIPINSTALL=YES ; ; *) #TODO Maybe define a help section? ; ; esac done# Use the specified build directory, or create a unique temporary directory BUILDDIR=${BUILDDIR:-$(mktemp -d)} echo "BUILD DIRECTORY USED: ${BUILDDIR}" mkdir -p "${BUILDDIR}" cd "${BUILDDIR}"# Download the source tarball from GitHub sudo apt update sudo apt install curl -y sudo apt-get install unzip git_tarball_url="https://gitee.com$(curl -s -k https://gitee.com/mirrors/git/tags|grep -o 'href="https://www.it610.com/mirrors/git/repository/archive/.*"'|head -n1 |awk -F '"' '{print $2}' | tr -d '\n')" echo "DOWNLOADING FROM: ${git_tarball_url}" curl -s -k -L --retry 5 "${git_tarball_url}" --output "git-source.zip" unzip -d "${BUILDDIR}" git-source.zip cd "${BUILDDIR}/git" # Source dependencies # Don't use gnutls, this is the problem package. sudo apt remove --purge libcurl4-gnutls-dev -y || true # Using apt-get for these commands, they're not supported with the apt alias on 14.04 (but they may be on later systems) sudo apt-get autoremove -y sudo apt-get autoclean # Meta-things for building on the end-user's machine sudo apt install build-essential autoconf dh-autoreconf -y # Things for the git itself sudo apt install libcurl4-openssl-dev tcl-dev gettext asciidoc -y sudo apt install libexpat1-dev libz-dev -y# Build it! make configure # --prefix=/usr #Set the prefix based on this decision tree: https://i.stack.imgur.com/BlpRb.png #Not OS related, is software, not from package manager, has dependencies, and built from source => /usr # --with-openssl #Running ripgrep on configure shows that --with-openssl is set by default. Since this could change in the #future we do it explicitly ./configure --prefix=/usr --with-openssl make if [[ "${SKIPTESTS}" != "YES" ]]; then make test fi# Install if [[ "${SKIPINSTALL}" != "YES" ]]; then # If you have an apt managed version of git, remove it if sudo apt remove --purge git -y; then sudo apt-get autoremove -y sudo apt-get autoclean fi # Install the version we just built sudo make install #install-doc install-html install-info echo "Make sure to refresh your shell!" bash -c 'echo "$(which git) ($(git --version))"' fi