Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

error: gnutls_handshake() failed GIT repository

Tags:

The following error appears when I try to clone git repository. I have the rsa public keys configured properly as well.

$ git clone https://github.com/blah/blah.git
Initialized empty Git repository in /home/arun/.git/
error: gnutls_handshake() failed: A TLS packet with unexpected length was
       received. while accessing https://github.com/blah/blah.git/info/refs

fatal: HTTP request failed
like image 600
Arun Jayapal Avatar asked Nov 23 '12 06:11

Arun Jayapal

2 Answers

It could be used to a GnuTLs or pycurl bug

The following is the new method for pycurl_7.19.0-4ubuntu3:

sudo apt-get install build-essential fakeroot dpkg-dev
mkdir ~/python-pycurl-openssl
cd ~/python-pycurl-openssl
sudo apt-get source python-pycurl
sudo apt-get build-dep python-pycurl
sudo apt-get install libcurl4-openssl-dev
sudo dpkg-source -x pycurl_7.19.0-4ubuntu3.dsc
cd pycurl-7.19.0
# remove the HAVE_CURL_GNUTLS=1 in the following file
sudo vim debian/patches/10_setup.py.dpatch
# remove the HAVE_CURL_GNUTLS=1 in the following file
sudo vim setup.py
# replace all gnutls into openssl in the following file
sudo vim debian/control
sudo dpkg-buildpackage -rfakeroot -b
sudo dpkg -i ../python-pycurl_7.19.0-4ubuntu3_amd64.deb
like image 176
VonC Avatar answered Sep 17 '22 17:09

VonC

I had this problem, and it took me a while to find the solution. I kept thinking that I was missing a package somewhere. I didn't want to recompile Git, since I was already using the latest version, and I was pretty sure that the problem wasn't Git itself.

My problem was my .gitconfig file. The problem only occurred on an old Linux server that had been upgraded many times over the years. At some point, for some reason I don't recall, I had explicitly specified sslVersion = sslv3 in my .gitconfig file.

When I saw that, the lightbulb went on, since I know that SSL V3 has been deprecated due to security concerns, and that most people should be using TLS instead. For instance, see RFC 7568, https://www.rfc-editor.org/rfc/rfc7568

So my fix involved either deleting the offending sslVersion = sslv3 line from my ~/.gitconfig file, or changing this:

[httpd] 
    sslVersion = sslv3

to this:

[httpd]
    sslVersion = tlsv1.2

Removing the line and letting Git/libcurl negotiate the encryption seemed like the best choice, since TLS v1.3 is in the works, and I don't want to encounter this problem again in the future!

like image 38
m0j0 Avatar answered Sep 20 '22 17:09

m0j0
Sign in to Comment

Related questions

Is there a difference between MIME and content type?
How can shared_ptr offer noexcept assignment?
Android Media Player: Download to File and Stream From File
Is there a standard for embedding JSON in HTML?
32bit or 64bit Android SDK on Windows 64bit OS? [closed]
Where are all the javax jars?
Double ToString - No Scientific Notation [duplicate]
How can I set the default Scope in IntelliJ 12 for Find Usages?
How to achieve `git --no-ff --ff-only` which is not allowed
How to upload multiple files using one file input element
Expand select dropdown
Workaround for blocking async?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!