4.2.0 compile error on our centos-6 and centos-7 systems (gnutls related)
Thomas Schulz
schulz at adi.com
Wed Mar 11 08:46:43 MDT 2015
> On Tue, 2015-03-10 at 19:35 +0100, Andreas Schneider wrote:
> > On Wednesday 11 March 2015 07:20:13 Andrew Bartlett wrote:
> > > On Mon, 2015-03-09 at 21:21 +0100, Andreas Schneider wrote:
> > > > >From 3fa45a6301607cda2a632c0102768576db3c65a6 Mon Sep 17 00:00:00 2001
> > > >
> > > > From: Andreas Schneider <asn at samba.org>
> > > >
> > > > Date: Mon, 9 Mar 2015 21:14:19 +0100
> > > >
> > > > Subject: [PATCH 3/3] s4-tls: Remove obsolete gcrypt support.
> > > >
> > > > BUG: https://bugzilla.samba.org/show_bug.cgi?id=11135
> > > >
> > > > Since GnuTLS 3.0 nettle is used instead of gcrypt.
> > >
> > > Shouldn't this be conditional on the version of GnuTLS?
> >
> > We only call one function of grcypt which we do not really have to call.
> > GnuTLS should correclty initialize gcrypt if it uses it. But since quite some
> > time (2010/2011) GnuTLS dropped support for gcrypt. I don't see a reason why
> > we should still link against it.
>
> Because if we don't set that flag, we had testsuites bog down as it
> foolishly demanded keys from /dev/random, as I recall it. See
> b1ff79dbb246e717fc4a62c7a615ca7ce9ccc302
>
> That is, to remove that linkage, please also bump the minimum version to
> 3.0.
>
> Thanks!
>
> Andrew Bartlett
You probably should make things conditional on the version of GnuTLS.
Consider the case where the latest version of GnuTLS is obtained and
installed because the original version is way too old. This can leave a
very old version of libgcrypt installed. This can cause the build to fail.
I received the following error:
../source4/lib/tls/tlscert.c", line 74: undefined symbol:
GCRYCTL_ENABLE_QUICK_RANDOM
Tom Schulz
Applied Dynamics Intl.
schulz at adi.com
More information about the samba-technical
mailing list