Update courier-authlib to 0.62.2.

Include security fix for CVE-2008-2380 and requested by PR#41023
(approved by wiz@).

0.62.2

This release corrects a makefile compatibility problem with bash 4.

0.62.1

This release correct a couple of minor compiler warnings and errors.

  * cryptpassword.c: Fix compiler warnings

  * checkpasswordsha1.c: Fix compiler warnings.

  * authldaplib.c (auth_ldap_enumerate): Fix typo.

0.62.0

This release adds support for additional hash functions, and an
update to the Postgres driver that removes potentional SQL injection
vulnerabilities in some circumstances.

  * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
    apostrophes from query parameters. This fixes a potential SQL injection
    vulnerability if the Postgres database uses a non-Latin locale.

  * Added support for {SSHA}-encrypted passwords. Based on a patch
    by Zou bin <zb@bisp.com>.

  * Added support for {SHA512} hash function

5 files changed, 19 insertions, 18 deletions

diff --git a/security/courier-authlib/Makefile b/security/courier-authlib/Makefile
index 4f42628ec2b..e72ffac5bb0 100644
--- a/security/courier-authlib/Makefile
+++ b/security/courier-authlib/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.32 2009/06/27 04:16:57 obache Exp $
+# $NetBSD: Makefile,v 1.33 2009/07/02 12:23:44 obache Exp $
 
 .include "Makefile.common"
 
-DISTNAME=	courier-authlib-0.61.0
+DISTNAME=	courier-authlib-0.62.2
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=courier/}
 EXTRACT_SUFX=	.tar.bz2
diff --git a/security/courier-authlib/PLIST b/security/courier-authlib/PLIST
index e557885f707..c431f8eee8f 100644
--- a/security/courier-authlib/PLIST
+++ b/security/courier-authlib/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2008/10/01 11:43:41 obache Exp $
+@comment $NetBSD: PLIST,v 1.9 2009/07/02 12:23:44 obache Exp $
 bin/courierauthconfig
 include/courier_auth_config.h
 include/courierauth.h
@@ -21,6 +21,7 @@ man/man3/auth_getuserinfo.3
 man/man3/auth_login.3
 man/man3/auth_passwd.3
 man/man3/auth_sasl.3
+man/man3/auth_sasl_ex.3
 man/man3/authlib.3
 man/man8/makeuserdb.8
 man/man8/userdb.8
diff --git a/security/courier-authlib/distinfo b/security/courier-authlib/distinfo
index 90a938d92db..5d842e2d181 100644
--- a/security/courier-authlib/distinfo
+++ b/security/courier-authlib/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.12 2008/09/28 22:15:30 tonnerre Exp $
+$NetBSD: distinfo,v 1.13 2009/07/02 12:23:44 obache Exp $
 
-SHA1 (courier-authlib-0.61.0.tar.bz2) = 0caf0f435411124b02fe2594b39feceff5b23159
-RMD160 (courier-authlib-0.61.0.tar.bz2) = 91fb8ac8960659b7cc4ea9574e1af11fa8f7dc86
-Size (courier-authlib-0.61.0.tar.bz2) = 2174172 bytes
-SHA1 (patch-aa) = ef77c9c240659f2a553735dcc8ec27bfb144f973
-SHA1 (patch-ab) = 7d9ffb781102b998a9bd5c9c7ec3d04aa44770d3
+SHA1 (courier-authlib-0.62.2.tar.bz2) = dc495ad6c54c271483d4862e09788621d86629a9
+RMD160 (courier-authlib-0.62.2.tar.bz2) = c0f4f32994056f8034f30055cfe55238d137a2ca
+Size (courier-authlib-0.62.2.tar.bz2) = 2233216 bytes
+SHA1 (patch-aa) = 6984af03cce59cee3987526d5c87bb71c8eac635
+SHA1 (patch-ab) = 0f3d86e9bd296c9abc044917656495fd8584bc08
diff --git a/security/courier-authlib/patches/patch-aa b/security/courier-authlib/patches/patch-aa
index fb2085d730f..e6300a69b2a 100644
--- a/security/courier-authlib/patches/patch-aa
+++ b/security/courier-authlib/patches/patch-aa
@@ -1,6 +1,6 @@
-$NetBSD: patch-aa,v 1.6 2008/09/28 22:15:30 tonnerre Exp $
+$NetBSD: patch-aa,v 1.7 2009/07/02 12:23:44 obache Exp $
 
---- Makefile.in.orig	2008-07-12 21:41:08.000000000 +0200
+--- Makefile.in.orig	2009-02-03 23:39:56.000000000 +0000
 +++ Makefile.in
 @@ -453,7 +453,7 @@ CLEANFILES = authldaprc.h authmysqlrc.h 
  
@@ -212,11 +212,11 @@ $NetBSD: patch-aa,v 1.6 2008/09/28 22:15:30 tonnerre Exp $
  				$(DESTDIR)$(sbindir)/userdbpw ; \
  		$(INSTALL_SCRIPT) userdb-test-cram-md5.pl \
  				$(DESTDIR)$(sbindir)/userdb-test-cram-md5
--	for f in $(pkglib_LTLIBRARIES); do . $$f; rm -f $(DESTDIR)$(pkglibdir)/$$dlname.0 $(DESTDIR)$(pkglibdir)/$$dlname.0.0; ln -s $$dlname $(DESTDIR)$(pkglibdir)/$$dlname.0; done
+-	for f in $(pkglib_LTLIBRARIES); do . ./$$f; rm -f $(DESTDIR)$(pkglibdir)/$$dlname.0 $(DESTDIR)$(pkglibdir)/$$dlname.0.0; ln -s $$dlname $(DESTDIR)$(pkglibdir)/$$dlname.0; done
  
  uninstall-hook: uninstall-authldaprc uninstall-authdaemonrc uninstall-authmysqlrc uninstall-authpgsqlrc
  	rm -f $(DESTDIR)$(pkglibexecdir)/authdaemond
-@@ -1747,13 +1746,13 @@ README_authlib.html: README_authlib.html
+@@ -1751,13 +1750,13 @@ README_authlib.html: README_authlib.html
  authdaemond.o: authdaemonrc.h authdaemond.c
  
  install-migrate: authmigrate
diff --git a/security/courier-authlib/patches/patch-ab b/security/courier-authlib/patches/patch-ab
index b6374edf532..d7f393ef8f5 100644
--- a/security/courier-authlib/patches/patch-ab
+++ b/security/courier-authlib/patches/patch-ab
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.5 2007/10/15 15:37:01 jlam Exp $
+$NetBSD: patch-ab,v 1.6 2009/07/02 12:23:44 obache Exp $
 
---- configure.orig	Sat Sep 29 14:43:43 2007
+--- configure.orig	2009-02-03 23:39:55.000000000 +0000
 +++ configure
-@@ -23855,7 +23855,7 @@ done
+@@ -23578,7 +23578,7 @@ done
  test -n "$PG_CONFIG" || PG_CONFIG="pg_config"
  
  
@@ -11,7 +11,7 @@ $NetBSD: patch-ab,v 1.5 2007/10/15 15:37:01 jlam Exp $
  
  # Check whether --with-pgsql-libs was given.
  if test "${with_pgsql_libs+set}" = set; then
-@@ -25649,7 +25649,7 @@ rm -f authdaemonrc.h authldaprc.h authmy
+@@ -25365,7 +25365,7 @@ rm -f authdaemonrc.h authldaprc.h authmy
  
  result=""
  
@@ -20,7 +20,7 @@ $NetBSD: patch-ab,v 1.5 2007/10/15 15:37:01 jlam Exp $
  then
  	$COURIERCONFIG >conftest.out || exit 1
  	sed -n '/^mail/p' <conftest.out >conftest2.out || exit 1
-@@ -25661,7 +25661,7 @@ then
+@@ -25377,7 +25377,7 @@ then
  	result=" (from courier-config)"
  fi