Log message:
net/samba4: update to 4.11.5

Update samba4 to 4.11.5.

                   ==============================
                   Release Notes for Samba 4.11.5
                          January 21, 2020
		   ==============================

This is a security release in order to address the following defects:

o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
		  Directory not automatic.
o CVE-2019-14907: Crash after failed character conversion at log level 3 or
		  above.
o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.

=======
Details
=======

o  CVE-2019-14902:
   The implementation of ACL inheritance in the Samba AD DC was not complete,
   and so absent a 'full-sync' replication, ACLs could get out of sync between
   domain controllers.

o  CVE-2019-14907:
   When processing untrusted string input Samba can read past the end of the
   allocated buffer when printing a "Conversion error" message to the logs.

o  CVE-2019-19344:
   During DNS zone scavenging (of expired dynamic entries) there is a read of
   memory after it has been freed.

Log message:
*: Recursive revision bump for openssl 1.1.1.

Log message:
samba4: Disable more fmemopen utilities on SunOS.

Log message:
samba4: updated to 4.11.4

Changes since 4.11.3:
* BUG 14161: s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode
  number.
* BUG 14174: s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum()
  on an SMB1 connection.
* BUG 14176: NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in
  SMBC_opendir_ctx.
* BUG 14189: s3: smbd: SMB2 - Ensure we use the correct session_id if
  encrypting an interim response.
* BUG 14205: Prevent smbd crash after invalid SMB1 negprot.
* BUG 13745: s3:printing: Fix %J substition.
* BUG 13925: s3: Remove now unneeded call to cmdline_messaging_context().
* BUG 14069: Incomplete conversion of former parametric options.
* BUG 14070: Fix sync dosmode fallback in async dosmode codepath.
* BUG 14171: vfs_fruit returns capped resource fork length.
* BUG 14116: libnet_join: Add SPNs for additional-dns-hostnames entries.
* BUG 14211: smbd: Increase a debug level.
* BUG 14153: Prevent azure ad connect from reporting discovery errors:
  reference-value-not-ldap-conformant.
* BUG 14179: krb5_plugin: Fix developer build with newer heimdal system
  library.
* BUG 14168: replace: Only link libnsl and libsocket if requrired.
* BUG 14175: ctdb: Incoming queue can be orphaned causing communication
  breakdown.
* BUG 13846: ldb: Release ldb 2.0.8. Cross-compile will not take
  cross-answers or cross-execute.
* BUG 13856: heimdal-build: Avoid hard-coded /usr/include/heimdal in
  asn1_compile-generated code.

Log message:
samba4: updated to 4.11.3

Samba 4.11.3
This is a security release in order to address the following defects:
o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
		  management server (dnsserver).
o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
		  on Samba AD DC.

Log message:
Recursive revbump based on devel/cmocka 1.1.3 -> 1.1.5

Log message:
samba4: add missing patch

Log message:
samba4: updated to 4.11.2

4.11.2:
This is a security release in order to address the following defects:
o CVE-2019-10218: Client code can return filenames containing path separators.
o CVE-2019-14833: Samba AD DC check password script does not receive the full
		  password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC \ 
LDAP server
		  via dirsync.

4.11.1:
This is the latest stable release of the Samba 4.11 release series.

Changes since 4.11.0:
* BUG 14141: getpwnam and getpwuid need to return data for ID_TYPE_BOTH
  group.
* BUG 14094: smbc_readdirplus() is incompatible with smbc_telldir() and
  smbc_lseekdir().
* BUG 14152: s3: smbclient: Stop an SMB2-connection from blundering into
  SMB1-specific calls.
* BUG 14137: Fix stale file handle error when using mkstemp on a share.
* BUG 14106: Fix spnego fallback from kerberos to ntlmssp in smbd server.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14130: s3-winbindd: Fix forest trusts with additional trust attributes.
* BUG 14134: auth/gensec: Fix non-AES schannel seal.
* BUG 14147: Deleted records can be resurrected during recovery.
* BUG 14136: Fix uncaught exception in classicupgrade.
* BUG 14139: fault.c: Improve fault_report message text pointing to our wiki.
* BUG 14128: s3:client: Use DEVICE_URI, instead of argv[0], for Device URI.
* BUG 14124: pam_winbind with krb5_auth or wbinfo -K doesn't work for users
  of trusted domains/forests.
* BUG 14131: Remove 'pod2man' as it is no longer needed.
* BUG 13884: Joining Active Directory should not use SAMR to set the
  password.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14155: 'kpasswd' fails when built with MIT Kerberos.
* BUG 14129: Exit code of ctdb nodestatus should not be influenced by deleted
  nodes.

4.11.0:
* BUG 14049: ldb: Don't try to save a value that isn't there.
* ldb_dn: Free dn components on explode failure.
* ldb: Do not allow adding a DN as a base to itself.
* ldb: Release ldb 2.0.7.
* BUG 13695: ldb: Correct Pigeonhole principle validation in
  ldb_filter_attrs().
* BUG 14049: Fix ldb dn crash.
* BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords \ 
= no".
* BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust
  mutexes.
* BUG 14121: smbd returns bad File-ID on filehandle used to create a file or
  directory.
* BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
* BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to
  load balancers or servers with "multi-tenancy" support.
* BUG 14113: Fix byte range locking bugs/regressions.
* ldb: Fix mem-leak if talloc_realloc fails.
* BUG 14007: Fix join with don't exists machine account.
* BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map.

CHANGES SINCE 4.11.0rc2
* BUG 13972: Different Device Id for GlusterFS FUSE mount is causing data
  loss in CTDB cluster.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14059: ldb: Release ldb 2.0.6 (log database repack so users know what
  is happening).
* BUG 14092: docs: Deprecate "rndc command" for Samba 4.11.
* BUG 14059: ldb: Free memory when repacking database.
* BUG 14089: vfs_default: Use correct flag in vfswrap_fs_file_id.
* BUG 14090: vfs_glusterfs: Initialize st_ex_file_id, st_ex_itime and
  st_ex_iflags.
* BUG 14093: vfs_glusterfs: Enable profiling for file system operations.
* BUG 14059: Backport sambadowngradedatabase for v4.11.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14032: vfs_gpfs: Implement special case for denying owner access to
  ACL.
* BUG 14084: Avoid marking a node as connected before it can receive packets.
* BUG 14086: Fix onnode test failure with ShellCheck >= 0.4.7.
* BUG 14087: ctdb-daemon: Stop "ctdb stop" from completing before freezing
  databases.

Log message:
net: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

Log message:
net/samba4: Makefile format correction

Revert remove of a blank line.  There should be blank line.
Thanks to wiz@ noted via private mail.