MFH: r555585 r557829

security/sssd: update to 1.16.5

This fixes several security vulnerabilities and unexpires
the port because it moves to Python 3.

PR:		241347
Submitted by:	lukas.slebodnik@intrak.sk (initial patch)
Security:	CVE-2018-16838
Security:	CVE-2019-3811

security/sssd: fix SMB option

- use Samba 4.12 instead of the removed Samba 4.10
- use ldb 2.1 instead of ldb 2.0

While here, recognize Kerberos 1.18

PR:		250864
Submitted by:	joerg (patch by Richard Frewin)
Approved by:	maintainer timeout (14 days)

1 files changed, 23 insertions, 0 deletions

diff --git a/security/sssd/files/patch-src__external__pac_responder.m4 b/security/sssd/files/patch-src__external__pac_responder.m4
new file mode 100644
index 000000000000..a870a179c34c
--- /dev/null
+++ b/security/sssd/files/patch-src__external__pac_responder.m4
@@ -0,0 +1,23 @@
+diff --git src/external/pac_responder.m4 src/external/pac_responder.m4
+index dc986a1b8..09efdb139 100644
+--- src/external/pac_responder.m4
++++ src/external/pac_responder.m4
+@@ -7,7 +7,7 @@ AC_ARG_ENABLE([pac-responder],
+ krb5_version_ok=no
+ if test x$build_pac_responder = xyes
+ then
+-    AC_PATH_PROG(KRB5_CONFIG, krb5-config)
++    AC_PATH_TOOL(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH])
+     AC_MSG_CHECKING(for supported MIT krb5 version)
+     KRB5_VERSION="`$KRB5_CONFIG --version`"
+     case $KRB5_VERSION in
+@@ -19,7 +19,8 @@
+         Kerberos\ 5\ release\ 1.14* | \
+         Kerberos\ 5\ release\ 1.15* | \
+         Kerberos\ 5\ release\ 1.16* | \
+-        Kerberos\ 5\ release\ 1.17*)
++        Kerberos\ 5\ release\ 1.17* | \
++        Kerberos\ 5\ release\ 1.18*)
+             krb5_version_ok=yes
+             AC_MSG_RESULT([yes])
+             ;;