package/libkrb5: bump to version 1.22.1

This version builds fine with GCC 15.x, without passing -std=gnu99.

Changes are described at
https://web.mit.edu/Kerberos/www/krb5-1.22/. Most relevant details:

User experience

        The libdefaults configuration variable "request_timeout" can
	be set to limit the total timeout for KDC requests. When
	making a KDC request, the client will now wait
	indefinitely (or until the request timeout has elapsed) on a
	KDC which accepts a TCP connection, without contacting any
	additional KDCs. Clients will make fewer DNS queries in some
	configurations.

        The realm configuration variable "sitename" can be set to
	cause the client to query site-specific DNS records when
	making KDC requests.

Administrator experience

        Principal aliases are supported in the DB2 and LMDB KDB
	modules and in the kadmin protocol. (The LDAP KDB module has
	supported aliases since release 1.7.)

        UNIX domain sockets are supported for the Kerberos and kpasswd
	protocols.

        systemd socket activation is supported for krb5kdc and kadmind.

Developer experience

        KDB modules can be be implemented in terms of other modules
	using the new krb5_db_load_module() function.

        The profile library supports the modification of empty
	profiles and the copying of modified profiles, making it
	possible to construct an in-memory profile and pass it to
	krb5_init_context_profile().

        GSS-API applications can pass the GSS_C_CHANNEL_BOUND flag to
	gss_init_sec_context() to request strict enforcement of
	channel bindings by the acceptor.

Protocol evolution

        The PKINIT preauth module supports elliptic curve client
	certificates, ECDH key exchange, and the Microsoft paChecksum2
	field.

        The IAKERB implementation has been changed to comply with the
	most recent draft standard and to support realm discovery.

        Message-Authenticator is supported in the RADIUS
	implementation used by the OTP kdcpreauth module.

Code quality

        Removed old-style function declarations, to accomodate
	compilers which have removed support for them.

        Added OSS-Fuzz to the project's continuous integration
	infrastructure.

        Rewrote the GSS per-message token parsing code for improved
	safety.

This commit also updates the NOTICE license file hash after year update
and few other minor reformatting.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Julien: update NOTICE license file hash]
Signed-off-by: Julien Olivain <ju.o@free.fr>

package/libkrb5/libkrb5.hash

@@ -1,7 +1,7 @@
 # Locally calculated after checking pgp signature
-# from https://web.mit.edu/kerberos/dist/krb5/1.21/krb5-1.21.3.tar.gz.asc
+# from https://web.mit.edu/kerberos/dist/krb5/1.22/krb5-1.22.1.tar.gz.asc
 # with key C4493CB739F4A89F9852CBC20CBA08575F8372DF
-sha256  b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35  krb5-1.21.3.tar.gz
+sha256  1a8832b8cad923ebbf1394f67e2efcf41e3a49f460285a66e35adec8fa0053af  krb5-1.22.1.tar.gz
 
 # Hash for license file:
-sha256  7601361a275aadbe35c90185519323c28730d60c553683e56fd06cf9c5f749a6  NOTICE
+sha256  83914195f655de4f4970014a26f38b16bf4c5ff357ea51645ca2aea3a92764eb  NOTICE

package/libkrb5/libkrb5.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBKRB5_VERSION_MAJOR = 1.21
-LIBKRB5_VERSION = $(LIBKRB5_VERSION_MAJOR).3
+LIBKRB5_VERSION_MAJOR = 1.22
+LIBKRB5_VERSION = $(LIBKRB5_VERSION_MAJOR).1
 LIBKRB5_SITE = https://web.mit.edu/kerberos/dist/krb5/$(LIBKRB5_VERSION_MAJOR)
 LIBKRB5_SOURCE = krb5-$(LIBKRB5_VERSION).tar.gz
 LIBKRB5_SUBDIR = src
@@ -16,7 +16,7 @@ LIBKRB5_CPE_ID_PRODUCT = kerberos_5
 LIBKRB5_DEPENDENCIES = host-bison $(TARGET_NLS_DEPENDENCIES)
 LIBKRB5_INSTALL_STAGING = YES
 
-LIBKRB5_CFLAGS = $(TARGET_CFLAGS) -std=gnu99
+LIBKRB5_CFLAGS = $(TARGET_CFLAGS)
 
 # The configure script uses AC_TRY_RUN tests to check for those values,
 # which doesn't work in a cross-compilation scenario. Therefore,