The GnuTLS documentation states: > Do not call this function from a library, or preferably from any application > unless really needed to. I disobeyed that guidance in commit 829027945, because I wasn't sure that GnuTLS's own threading support would cover all the platforms libldap does. This choice caused some bugs, e.g. <https://bugs.debian.org/803197> and <https://www.openldap.org/its/?findid=8797>;. I don't know how to find out for sure whether anyone builds libldap with GnuTLS on a system where it lacks native mutexes. I think at this point I would rather fix the known broken cases, over the risk of potentially breaking a theoretical setup I'm not sure actually exists. Therefore: I now propose applying this change for 2.5.