Update sudo package to 1.6.5 for recent security problem.

Added --disable-root-mailer to CONFIGURE_ARGS better security.

Changes from 1.6.3p7 to 1.6.5 is attached bellow.

417) Visudo now checks for the existence of an editor and gives a sensible
     error if it does not exist.

418) The path to the editor for visudo is now a colon-separated list of
     allowable editors.  If the user has $EDITOR set and it matches
     one of the allowed editors that editor will be used.  If not,
     the first editor that actually exists is used.

419) Visudo now does its own fork/exec instead of calling system(3).

420) Allow special characters (including '#') to be embedded in pathnames
     if quoted by a '\\'.  The quoted chars will be dealt with by fnmatch().
     Unfortunately, 'sudo -l' still prints the '\\'.

421) Added the always_set_home option.

422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
     reading of protected files by a less privileged user.

423) Added support for BSD authentication and associated -a flag.

424) Added check for _innetgr(3) since NCR systems have this instead
     of innetgr(3).

425) Added stay_setuid option for systems that have libraries that perform
     extra paranoia checks in system libraries for setuid programs.

426) Environment munging is now done by hand.  The environment is zeroed
     upon sudo startup and a new environment is built before the command
     is executed.  This means we don't rely on getenv(3), putenv(3),
     or setenv(3).

427) Added a class of environment variables that are only cleared if they
     contain '/' or '%' characters.

428) Use stashed user_gid when checking against exempt gid since sudo
     sets its gid to SUDOERS_GID, making getgid() return that, not the
     real gid.  Fixes problem with setting exempt group == SUDOERS_GID.
     Fix from Paul Kranenburg.

429) Fixed file locking in visudo on NeXT which has a broken lockf().
     Patch from twetzel@gwdg.de.

430) Regenerated configure script with autoconf-2.52 (required some
     tweaking of configure.in and friends).

431) Added mail_badpass option to send mail when the user does not
     authenticate successfully.

432) Added env_reset Defaults option to reset the environment to
     a clean slate.  Also implemented env_keep Defaults option
     to specify variables to be preserved when resetting the
     environment.

433) Added env_check and env_delete Defaults options to allow the admin
     to modify the builtin list of environment variables to remove.

434) If timestamp_timeout < 0 then the timestamp never expires.  This
     allows users to manage their own timestamps and create or delete
     them via 'sudo -v' and 'sudo -k' respectively.

435) Authentication routines that use sudo's tgetpass() now accept
     ^C or ^Z at the password prompt and sudo will act appropriately.

436) Added a check-only mode to visudo to check an existing sudoers
     file for sanity.

437) Visudo can now edit an alternate sudoers file.

438) If sudo is configured with S/Key support and the system has
     skeyaccess(3) use that to determine whether or not to allow
     a normal Unix password or just S/Key.

439) Fixed CIDR handling in sudoers.

440) Fixed a segv if the local hostname is not resolvable and
     the 'fqdn' option is set.

441) "listpw=never" was not having an effect for users who did not
     appear in sudoers--now it does.

442) The --without-sendmail option now works on systems with
     a /usr/include/paths.h file that defines _PATH_SENDMAIL.

443) Removed the "secure_path" Defaults option as it does not work and
     cannot work until the parser is overhauled.

444) Added new -P flag and "preserve_groups" sudoers option to cause
     sudo to preserve the group vector instead of setting it to that
     of the target user.  Previously, if the target user was root
     the group vector was not changed.  Now it is always changed unless
     the -P flag or "preserve_groups" option was given.

445) If find_path() fails as root, try again as the invoking user (useful
     for NFS).  Idea from Chip Capelik.

446) Use setpwent()/endpwent() and its shadow equivalents to be sure
     the passwd/shadow file gets closed.

447) Use getifaddrs(3) to get the list of network interfaces if it is
     available.

448) Dump list of local IP addresses and environment variables to clear
     when 'sudo -V' is run as root.

449) Reorganized the lexer a bit and added more states.  Sudo now does a
     better job of parsing command arguments in the sudoers file.

450) Wrap each call to syslog() with openlog()/closelog() since some
     things (such as PAM) may call closelog(3) behind sudo's back.

451) The LOGNAME and USER environment variables are now set if the user
     specified a target uid and that uid exists in the password database.

452) configure will no longer add the -g flag to CFLAGS by default.

453) Now call pam_setcreds() to setup creds for the target user when
     PAM is in use.  On Linux this often sets resource limits.

454) If "make install" is run by non-root and the destination dir
     is writable, install things normally but don't set owner and mode.

455) The Makefile now supports installing in a shadow hierarchy
     specified via the DESTDIR variable.

456) config.h.in is now generated by autoheader.

Sudo 1.6.4 released.

457) Move the call to rebuild_env() until after MODE_RESET_HOME is set.
     Otherwise, the set_home option has no effect.

458) Fix use of freed memory when the "fqdn" flag is set.  This was
     introduced by the fix for the "segv when gethostbynam() fails" bug.

459) Add 'continue' statements to optimize the switch statement.
     From Solar Designer.

Sudo 1.6.4p1 released.

460) Some special characters were not being escaped properly (e..g '\,')
     in command line arguments and would cause a syntax error instead.

461) "sudo -l" would not work if the always_set_home option was set.

462) Added a configure option to disable use of POSIX saved IDs for
     operating systems where these are broken.

463) The SHELL environment variable was preserved from the user's environment
     instead of being reset based on the passwd database even when the
     "env_reset" option was set.

Sudo 1.6.4p2 released.

464) Added a configure option to cause mail sent by sudo to be run as
     the invoking user instead of root.  Some people consider this to
     be safer.

465) If the mailer is being run as root, use a hard-coded environment
     that is not influenced in any way by the invoking user's environment.

466) Fixed the call to skeyaccess().  Patch from Phillip E. Lobbes.

Sudo 1.6.5 released.

4 files changed, 46 insertions, 58 deletions

diff --git a/security/sudo/Makefile b/security/sudo/Makefile
index caadc09efe8..1145a0403d7 100644
--- a/security/sudo/Makefile
+++ b/security/sudo/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2001/12/02 06:56:44 jlam Exp $
+# $NetBSD: Makefile,v 1.42 2002/01/17 16:32:04 taca Exp $
 #
 
-DISTNAME=		sudo-1.6.3p7
+DISTNAME=		sudo-1.6.5
 CATEGORIES=		security
 MASTER_SITES=		http://www.courtesan.com/sudo/dist/ \
 			ftp://ftp.courtesan.com/pub/sudo/ \
@@ -18,6 +18,7 @@ GNU_CONFIGURE=		# defined
 
 .include "../../mk/bsd.prefs.mk"
 
+CONFIGURE_ARGS+=	--disable-root-mailer
 CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
 
 .if ${OPSYS} == "NetBSD"
diff --git a/security/sudo/distinfo b/security/sudo/distinfo
index db8f93703d7..becd5ec72c0 100644
--- a/security/sudo/distinfo
+++ b/security/sudo/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.4 2001/11/19 17:27:23 jlam Exp $
+$NetBSD: distinfo,v 1.5 2002/01/17 16:32:04 taca Exp $
 
-SHA1 (sudo-1.6.3p7.tar.gz) = 270b139cf1e5df6c29c21914d96700031e5fb41c
-Size (sudo-1.6.3p7.tar.gz) = 285417 bytes
+SHA1 (sudo-1.6.5.tar.gz) = 129d08fd3b915d1152cc824afd46142c335eaa90
+Size (sudo-1.6.5.tar.gz) = 331319 bytes
 SHA1 (patch-aa) = 3298ebd31c6348848c02b98e493a6772369ca840
 SHA1 (patch-ab) = 9ee5fd292495a97ba8acfdddfd60c54955070eac
-SHA1 (patch-af) = 2bddc487a703c326664792506935cbcfad8440a0
-SHA1 (patch-ag) = 3dd193c969d57368a3511dffa6b4d48675ff7889
+SHA1 (patch-af) = 7aaf790e8512e4371d87d367dd2d6e6b020d0ab2
+SHA1 (patch-ag) = f05e3731b23407faa5f64b0f374419ae7a4327a9
diff --git a/security/sudo/patches/patch-af b/security/sudo/patches/patch-af
index e0ebaf15925..9e4dadd0a85 100644
--- a/security/sudo/patches/patch-af
+++ b/security/sudo/patches/patch-af
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.9 2001/11/19 17:27:24 jlam Exp $
+$NetBSD: patch-af,v 1.10 2002/01/17 16:32:05 taca Exp $
 
---- configure.in.orig	Fri Mar 24 15:14:04 2000
+--- configure.in.orig	Thu Jan 17 08:37:34 2002
 +++ configure.in
-@@ -59,7 +59,6 @@
+@@ -111,7 +111,6 @@
  test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
  test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
  test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
@@ -10,7 +10,7 @@ $NetBSD: patch-af,v 1.9 2001/11/19 17:27:24 jlam Exp $
  
  dnl
  dnl Deprecated --with options (these all warn or generate an error)
-@@ -167,6 +166,19 @@
+@@ -231,6 +230,19 @@
  		;;
  esac])
  
@@ -30,18 +30,18 @@ $NetBSD: patch-af,v 1.9 2001/11/19 17:27:24 jlam Exp $
  AC_ARG_WITH(passwd, [  --without-passwd        don't use passwd/shadow file for authentication],
  [case $with_passwd in
      yes)	;;
-@@ -1466,7 +1478,9 @@
+@@ -1621,7 +1633,9 @@
  dnl
  if test "$with_kerb5" = "yes"; then
-     AC_DEFINE(HAVE_KERB5)
+     AC_DEFINE(HAVE_KERB5, 1, [Define if you use Kerberos V.])
 -    if test -f "/usr/local/include/krb5.h"; then
-+    if test -f "/usr/include/krb5/krb5.h"; then
-+	CPPFLAGS="$CPPFLAGS -I/usr/include/krb5";
-+    elif test -f "/usr/local/include/krb5.h"; then
++     if test -f "/usr/include/krb5/krb5.h"; then
++ 	CPPFLAGS="$CPPFLAGS -I/usr/include/krb5";
++     elif test -f "/usr/local/include/krb5.h"; then
  	CPPFLAGS="$CPPFLAGS -I/usr/local/include"
      elif test -f "/usr/local/kerberos/include/krb5.h"; then
  	CPPFLAGS="$CPPFLAGS -I/usr/local/kerberos/include"
-@@ -1476,7 +1490,9 @@
+@@ -1633,7 +1647,9 @@
  	echo 'Unable to locate kerberos 5 include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS'
      fi
  
@@ -52,7 +52,7 @@ $NetBSD: patch-af,v 1.9 2001/11/19 17:27:24 jlam Exp $
  	SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
      elif test -f "/usr/local/kerberos/lib/libkrb5.a"; then
  	SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/kerberos/lib"
-@@ -1486,7 +1502,7 @@
+@@ -1645,7 +1661,7 @@
  	echo 'Unable to locate kerberos 5 libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS'
      fi
  
diff --git a/security/sudo/patches/patch-ag b/security/sudo/patches/patch-ag
index db65fb85e4e..9e73803d0f0 100644
--- a/security/sudo/patches/patch-ag
+++ b/security/sudo/patches/patch-ag
@@ -1,36 +1,35 @@
-$NetBSD: patch-ag,v 1.2 2001/11/19 17:27:24 jlam Exp $
+$NetBSD: patch-ag,v 1.3 2002/01/17 16:32:05 taca Exp $
 
---- configure.orig	Fri Mar 24 15:14:00 2000
+--- configure.orig	Thu Jan 17 08:37:39 2002
 +++ configure
-@@ -28,6 +28,8 @@
- ac_help="$ac_help
-   --with-csops            add CSOps standard options"
- ac_help="$ac_help
-+  --with-nbsdops          add NetBSD standard options"
-+ac_help="$ac_help
-   --without-passwd        don't use passwd/shadow file for authentication"
- ac_help="$ac_help
-   --with-skey             enable S/Key support "
-@@ -292,7 +294,7 @@
-   --libexecdir=DIR        program executables in DIR [EPREFIX/libexec]
-   --datadir=DIR           read-only architecture-independent data in DIR
-                           [PREFIX/share]
--  --sysconfdir=DIR        read-only single-machine data in DIR [/etc]
-+  --sysconfdir=DIR        read-only single-machine data in DIR [PREFIX/etc]
-   --sharedstatedir=DIR    modifiable architecture-independent data in DIR
-                           [PREFIX/com]
-   --localstatedir=DIR     modifiable single-machine data in DIR [PREFIX/var]
-@@ -679,7 +681,6 @@
+@@ -641,7 +641,7 @@
+   --sbindir=DIR          system admin executables [EPREFIX/sbin]
+   --libexecdir=DIR       program executables [EPREFIX/libexec]
+   --datadir=DIR          read-only architecture-independent data [PREFIX/share]
+-  --sysconfdir=DIR       read-only single-machine data [/etc]
++  --sysconfdir=DIR       read-only single-machine data [PREFIX/etc]
+   --sharedstatedir=DIR   modifiable architecture-independent data [PREFIX/com]
+   --localstatedir=DIR    modifiable single-machine data [PREFIX/var]
+   --libdir=DIR           object code libraries [EPREFIX/lib]
+@@ -693,6 +693,7 @@
+   --with-devel            add developement options
+   --with-efence           link with -lefence for malloc() debugging
+   --with-csops            add CSOps standard options
++  --with-nbsdops          add NetBSD standard options
+   --without-passwd        don't use passwd/shadow file for authentication
+   --with-skey             enable S/Key support
+   --with-opie             enable OPIE support
+@@ -1086,7 +1087,6 @@
  test "$mandir" = '${prefix}/man' && mandir='$(prefix)/man'
  test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
  test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
 -test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc'
  
- 
  # Check whether --with-otp-only or --without-otp-only was given.
-@@ -819,6 +820,23 @@
- fi
- 
+ if test "${with_otp_only+set}" = set; then
+@@ -1247,6 +1247,22 @@
+ esac
+ fi;
  
 +# Check whether --with-nbsdops or --without-nbsdops was given.
 +if test "${with_nbsdops+set}" = set; then
@@ -46,24 +45,12 @@ $NetBSD: patch-ag,v 1.2 2001/11/19 17:27:24 jlam Exp $
 +    *)		echo "Ignoring unknown argument to --with-nbsdops: $with_nbsdops"
 +		;;
 +esac
-+fi
-+
++fi;
 +
  # Check whether --with-passwd or --without-passwd was given.
  if test "${with_passwd+set}" = set; then
    withval="$with_passwd"
-@@ -7712,7 +7730,9 @@
- #define HAVE_KERB5 1
- EOF
- 
--    if test -f "/usr/local/include/krb5.h"; then
-+    if test -f "/usr/include/krb5/krb5.h"; then
-+	CPPFLAGS="$CPPFLAGS -I/usr/include/krb5";
-+    elif test -f "/usr/local/include/krb5.h"; then
- 	CPPFLAGS="$CPPFLAGS -I/usr/local/include"
-     elif test -f "/usr/local/kerberos/include/krb5.h"; then
- 	CPPFLAGS="$CPPFLAGS -I/usr/local/kerberos/include"
-@@ -7722,7 +7742,9 @@
+@@ -10273,7 +10289,9 @@
  	echo 'Unable to locate kerberos 5 include files, you will have to edit the Makefile and add -I/path/to/krb/includes to CPPFLAGS'
      fi
  
@@ -74,7 +61,7 @@ $NetBSD: patch-ag,v 1.2 2001/11/19 17:27:24 jlam Exp $
  	SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/lib"
      elif test -f "/usr/local/kerberos/lib/libkrb5.a"; then
  	SUDO_LDFLAGS="${SUDO_LDFLAGS} -L/usr/local/kerberos/lib"
-@@ -7732,7 +7754,7 @@
+@@ -10285,7 +10303,7 @@
  	echo 'Unable to locate kerberos 5 libraries, you will have to edit the Makefile and add -L/path/to/krb/libs to SUDO_LDFLAGS'
      fi