When compiling openldap on a freshly installed system, building failes complaining about a missing gcrypt.h. When using the flag "gnutls", a patch "openldap-2.4.28-gnutls-gcrypt.patch" is applied with introduces a library dependency on libgcrypt. In order to make the building of the package succeed, a dependency on libgcrypt must me introduced when activating the use flags "ssl" and "gnutls". Reproducible: Always Steps to Reproduce: 1. remove libgcrypt from your system 2. compile openldap with flags: "ssl" and "gnutls"
As noted in bug 420887, this might not be as straightforward as you think. I'd say opening a bug upstream (at openldap) regarding more recent versions of gnutls (especially gnutls[nettle]) would be useful.
hmm, I do have libgcrypt installed on my system, but openldap (2.4.33-r1) compilation fails. the failure comes when I updated to the latest, unstable gnutls (3.1.5) : ./.libs/libldap.so: undefined reference to `gnutls_certificate_get_x509_cas' collect2: ld returned 1 exit status make[2]: *** [ftest] Error 1 make[2]: *** Waiting for unfinished jobs.... ./.libs/libldap.so: undefined reference to `gnutls_certificate_get_x509_cas' collect2: ld returned 1 exit status make[2]: *** [dntest] Error 1 ./.libs/libldap.so: undefined reference to `gnutls_certificate_get_x509_cas' collect2: ld returned 1 exit status make[2]: *** [ltest] Error 1 ./.libs/libldap.so: undefined reference to `gnutls_certificate_get_x509_cas' collect2: ld returned 1 exit status make[2]: *** [apitest] Error 1 make[2]: Leaving directory `/var/tmp/portage/net-nds/openldap-2.4.33-r1/work/openldap-2.4.33/libraries/libldap' make[1]: *** [all-common] Error 1 make[1]: Leaving directory `/var/tmp/portage/net-nds/openldap-2.4.33-r1/work/openldap-2.4.33/libraries' make: *** [all-common] Error 1 * ERROR: net-nds/openldap-2.4.33-r1 failed (compile phase): I'm not really sure it's a related bug, but can you please show your openldap and gnutls versions ? Cheers, C.
It's better to compile without gnutls support, as openldap really only supports older versions of gnutls. OpenSSL is used instead which is fine.
(In reply to comment #3) > It's better to compile without gnutls support, as openldap really only > supports older versions of gnutls. OpenSSL is used instead which is fine. good point - USE="-gnutls" emerge openldap works. don't even remember why it's installed in fact - probably some nice deps for some app I need…
This was fixed long since in OpenLDAP