2.2.28 doesn't honor --disable-ldap?

Phil Pennock gnupg-devel at spodhuis.org
Thu Jun 10 23:20:28 CEST 2021

On 2021-06-10 at 20:15 +0200, Werner Koch via Gnupg-devel wrote:
> We are pleased to announce the availability of a new GnuPG LTS release:
> version 2.2.28.
>   * gpg: Lookup a missing public key of the current card via LDAP.
>     [b59af0e2a05a]

My package builds pass `--disable-ldap` to the configure line for GnuPG;
this does not appear to be honored any more?

Resuming a failed build docker container and trying again, it's failing

make[1]: Entering directory '/root/src/gnupg-2.2.28/dirmngr'
gcc -std=gnu99 -I/opt/gnupg/include -I/opt/gnupg/include -I/opt/gnupg/include -I/opt/gnupg/include -I/opt/gnupg/include  -I/opt/gnupg/include -Wall -Wno-format-zero-length -Wno-pointer-sign -Wpointer-arith -g -O2  -L/opt/gnupg/lib -Wl,-R/opt/gnupg/lib -o dirmngr dirmngr.o server.o crlcache.o crlfetch.o certcache.o domaininfo.o workqueue.o loadswdb.o cdblib.o misc.o ocsp.o validate.o dns-stuff.o http.o http-common.o http-ntbtls.o ks-action.o ks-engine-hkp.o ks-engine-http.o ks-engine-finger.o ks-engine-kdns.o dns.o  ../common/libcommonpth.a -lresolv  -lassuan -L/opt/gnupg/lib -lgpg-error -L/opt/gnupg/lib -lgcrypt -lgpg-error -L/opt/gnupg/lib -lksba -lgpg-error -L/opt/gnupg/lib -lnpth -lpthread  -L/opt/gnupg/lib -lgnutls
dirmngr.o: In function `parse_rereadable_options':
/root/src/gnupg-2.2.28/dirmngr/dirmngr.c:747: undefined reference to `ldapserver_parse_one'
/root/src/gnupg-2.2.28/dirmngr/dirmngr.c:753: undefined reference to `ldapserver_list_free'
collect2: error: ld returned 1 exit status

The config.log confirms:

  $ ./configure --prefix=/opt/gnupg --disable-nls --disable-ldap --enable-noexecstack --enable-key-cache=32768 --enable-wks-tools --with-pinentry-pgm=/opt/gnupg/bin/pinentry-curses --with-libgpg-error-prefix=/opt/gnupg --with-libassuan-prefix=/opt/gnupg --with-libgcrypt-prefix=/opt/gnupg --with-ksba-prefix=/opt/gnupg --with-npth-prefix=/opt/gnupg

I can't spend time writing a patch on this right now, so I'm posting in
the hope that the maintainers might fix this for me, so I can add an
upstream patch to my build.  :)


More information about the Gnupg-devel mailing list