Created attachment 10983 [details]
Patch to not initialize gcrypt
This showed up on Solaris 10, but I don't think that it is operating system specific.
This happens on older systems where old versions of gnutls and gcrypt are supplied. If gnutls updated to a version greater than 3.0.0 (I installed 3.3.13) but gcrypt is not updated, the code in source4/lib/tls/tlscert.c that attempts to enable quick mode in gcrypt will fail to compile. The error is:
'GCRYCTL_ENABLE_QUICK_RANDOM' undeclared (first use in this function)
The attached patch is an edited version of the patch from Bug 11135 that detects when the installed gnutls is later than version 3.0.0 and disables the gcrypt initialization.
Note that this problem is already fixed in Samba 4.2.1 by the patch in Bug 11135. But this part of the fix needs to be put into 4.1.*.
Sadly at this point Samba 4.1 is out of support, so we need to mark this wontfix for 4.1 as you indicate it is fixed in Samba 4.2.1 by bug 11135.