Upgrade to address CVE-2013-1775

What's new in Sudo 1.7.10p7? * A time stamp file with the date set to the epoch by "sudo -k" is now completely ignored regardless of what the local clock is set to. Previously, if the local clock was set to a value between the epoch and the time stamp timeout value, a time stamp reset by "sudo -k" would be considered current. What's new in Sudo 1.7.10p6? * The tty-specific time stamp file now includes the session ID of the sudo process that created it. If a process with the same tty but a different session ID runs sudo, the user will now be prompted for a password (assuming authentication is required for the command). What's new in Sudo 1.7.10p5? * On systems where the controlling tty can be determined via /proc or sysctl(), sudo will no longer fall back to using ttyname() if the process has no controlling tty. This prevents sudo from using a non-controlling tty for logging and time stamp purposes. What's new in Sudo 1.7.10? * If the user is a member of the "exempt" group in sudoers, they will no longer be prompted for a password even if the -k flag is specified with the command. This makes "sudo -k command" consistent with the behavior one would get if the user ran "sudo -k" immediately before running the command. * The sudoers file may now be a symbolic link. Previously, sudo would refuse to read sudoers unless it was a regular file. * The user/group/mode checks on sudoers files have been relaxed. As long as the file is owned by the sudoers uid, not world-writable and not writable by a group other than the sudoers gid, the file is considered OK. Note that visudo will still set the mode to the value specified at configure time. * /etc/environment is no longer read directly on Linux systems when PAM is used. Sudo now merges the PAM environment into the user's environment which is typically set by the pam_env module. * The initial evironment created when env_reset is in effect now includes the contents of /etc/environment on AIX systems and the "setenv" and "path" entries from /etc/login.conf on BSD systems. * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo file is now uses to determine the controlling terminal, if possible. This allows tty-based tickets to work properly even when, e.g. standard input, output and error are redirected to /dev/null. * The sudoreplay command can now properly replay sessions where no tty was present. * Fixed a race condition that could cause sudo to receive SIGTTOU (and stop) when resuming a shell that was run via sudo when I/O logging (and use_pty) is not enabled.
author: kim <kim> 2013-03-01 14:24:57 +0000
committer: kim <kim> 2013-03-01 14:24:57 +0000
commit: 60e0ddc4ade62448ba80e97ca93b22f0bd130d96 (patch)
tree: d797e44359a2f08649236ec67dcb4d37301c0aa3 /security
parent: 5dec28b98daaca4ddfc5328a47ffc77db5adb007 (diff)
download: pkgsrc-60e0ddc4ade62448ba80e97ca93b22f0bd130d96.tar.gz
6 files changed, 63 insertions, 133 deletions
diff --git a/security/sudo/Makefile b/security/sudo/Makefile
index 8f921676498..4654bcb2d24 100644
--- a/security/sudo/Makefile
+++ b/security/sudo/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.139 2013/02/06 23:23:46 jperkin Exp $
+# $NetBSD: Makefile,v 1.140 2013/03/01 14:24:57 kim Exp $
 #
 
-DISTNAME=		sudo-1.7.9p1
-PKGREVISION=		2
+DISTNAME=		sudo-1.7.10p7
 CATEGORIES=		security
 MASTER_SITES=		http://www.sudo.ws/dist/ \
 			ftp://ftp.sudo.ws/pub/sudo/ \
diff --git a/security/sudo/distinfo b/security/sudo/distinfo
index b1c61b54933..247c61f5f37 100644
--- a/security/sudo/distinfo
+++ b/security/sudo/distinfo
@@ -1,10 +1,9 @@
-$NetBSD: distinfo,v 1.78 2012/05/16 14:49:55 taca Exp $
+$NetBSD: distinfo,v 1.79 2013/03/01 14:24:57 kim Exp $
 
-SHA1 (sudo-1.7.9p1.tar.gz) = cbca68bae8b85e8518690d78685ca67d0696ce15
-RMD160 (sudo-1.7.9p1.tar.gz) = 1ec37d34bad3ab3a27ec123da81d33e2ac3deb72
-Size (sudo-1.7.9p1.tar.gz) = 1173934 bytes
-SHA1 (patch-aa) = 014a8a634abb3c61f63e3e127a4ebf20f5a0e4bf
-SHA1 (patch-af) = 0dce4ebbc82ab644565f71e8f472c407ddbaabf5
-SHA1 (patch-ag) = fe8409164b61bdb229ca81d391de96898436ea0b
+SHA1 (sudo-1.7.10p7.tar.gz) = b5beb1a470d1f03b3940aff612f5089244dd773a
+RMD160 (sudo-1.7.10p7.tar.gz) = 171e54506c30a85fa642070332db012aba4a6203
+Size (sudo-1.7.10p7.tar.gz) = 1217508 bytes
+SHA1 (patch-aa) = 0c9c173a26ea72dd06a7d3947a0b3ba6dc00cf40
+SHA1 (patch-af) = 045e6daceea982a161272af822e3554138ac7dbf
+SHA1 (patch-ag) = abd8b76259e0eae75fe4ef8c2fb63f090fe14999
 SHA1 (patch-logging.c) = 26608d7423b77f71f17b37cc87f4b2e75978d7cb
-SHA1 (patch-pwutil.c) = 9f157c50ea44d5b421001ae8dad985e9c01a8211
diff --git a/security/sudo/patches/patch-aa b/security/sudo/patches/patch-aa
index 0463ef15861..d8ba6c8809e 100644
--- a/security/sudo/patches/patch-aa
+++ b/security/sudo/patches/patch-aa
@@ -1,22 +1,22 @@
-$NetBSD: patch-aa,v 1.29 2012/05/16 14:49:56 taca Exp $
+$NetBSD: patch-aa,v 1.30 2013/03/01 14:24:58 kim Exp $
 
 * Fix libtools's link option.
 * Prevent to install sudoers files and directory.
 * Use standard instal(8) option instead of shell wrapper.
 * Don't setuid here.
 
---- Makefile.in.orig	2012-02-10 17:52:13.000000000 +0000
-+++ Makefile.in
-@@ -222,7 +222,7 @@ sudo_noexec.lo: $(srcdir)/sudo_noexec.c
+--- Makefile.in.orig	2013-01-15 19:59:25.000000000 +0000
++++ Makefile.in	2013-03-01 13:46:11.000000000 +0000
+@@ -250,7 +250,7 @@
  	$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(srcdir)/sudo_noexec.c
  
  libsudo_noexec.la: sudo_noexec.lo
 -	$(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir)
 +	$(LIBTOOL) --mode=link $(CC) -module $(LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir)
  
- # Uncomment the following if you want "make distclean" to clean the parser
- @DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate
-@@ -545,44 +545,44 @@ pre-install:
+ GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate.c
+ 
+@@ -686,43 +686,43 @@
  	    ./visudo -c -f $(DESTDIR)$(sudoersdir)/sudoers; \
  	fi
  
@@ -34,20 +34,21 @@ $NetBSD: patch-aa,v 1.29 2012/05/16 14:49:56 taca Exp $
 +	$(INSTALL) -d -m 0700 $(DESTDIR)$(timedir)
  
  install-binaries: install-dirs $(PROGS)
--	$(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 04111 sudo $(DESTDIR)$(sudodir)/sudo
+ 	if [ X"$$SUDO_PREINSTALL_CMD" != X"" ]; then exec $$SUDO_PREINSTALL_CMD sudo; fi
+-	$(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 04755 sudo $(DESTDIR)$(sudodir)/sudo
 +	$(INSTALL) sudo $(DESTDIR)$(sudodir)/sudo
  	rm -f $(DESTDIR)$(sudodir)/sudoedit
- 	ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit
--	if [ -f sudoreplay ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 sudoreplay $(DESTDIR)$(sudodir)/sudoreplay; fi
--	$(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 visudo $(DESTDIR)$(visudodir)/visudo
--	if [ -f sesh ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 0111 sesh $(DESTDIR)$(libexecdir)/sesh; fi
+ 	ln -s sudo $(DESTDIR)$(sudodir)/sudoedit
+-	if [ -f sudoreplay ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m 0755 sudoreplay $(DESTDIR)$(sudodir)/sudoreplay; fi
+-	$(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m 0755 visudo $(DESTDIR)$(visudodir)/visudo
+-	if [ -f sesh ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m 0755 sesh $(DESTDIR)$(libexecdir)/sesh; fi
 +	if [ -f sudoreplay ]; then $(INSTALL) sudoreplay $(DESTDIR)$(sudodir)/sudoreplay; fi
 +	$(INSTALL) visudo $(DESTDIR)$(visudodir)/visudo
 +	if [ -f sesh ]; then $(INSTALL) sesh $(DESTDIR)$(libexecdir)/sesh; fi
  
  install-noexec: install-dirs libsudo_noexec.la
--	if [ -f .libs/lib$(noexecfile) ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m 0755 .libs/lib$(noexecfile) $(DESTDIR)$(noexecdir)/$(noexecfile); fi
-+	if [ -f .libs/lib$(noexecfile) ]; then $(INSTALL) -m 0755 .libs/lib$(noexecfile) $(DESTDIR)$(noexecdir)/$(noexecfile); fi
+-	if [ -f .libs/lib$(noexecfile) ]; then $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m $(shlib_mode) .libs/lib$(noexecfile) $(DESTDIR)$(noexecdir)/$(noexecfile); fi
++	if [ -f .libs/lib$(noexecfile) ]; then $(INSTALL) -m $(shlib_mode) .libs/lib$(noexecfile) $(DESTDIR)$(noexecdir)/$(noexecfile); fi
  
  install-sudoers: install-dirs
 -	$(INSTALL) -d -O $(sudoers_uid) -G $(sudoers_gid) -m 0750 \
@@ -59,22 +60,20 @@ $NetBSD: patch-aa,v 1.29 2012/05/16 14:49:56 taca Exp $
  		sudoers $(DESTDIR)$(sudoersdir)/sudoers
  
  install-doc: install-dirs ChangeLog
--	(cd $(srcdir) && for f in ChangeLog HISTORY LICENSE NEWS README TROUBLESHOOTING UPGRADE sample.*; do $(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 $$f $(DESTDIR)$(docdir); done)
--	@LDAP@(cd $(srcdir) && for f in README.LDAP schema.* sudoers2ldif; do $(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 $$f $(DESTDIR)$(docdir); done)
--	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu)
-+	(cd $(srcdir) && for f in ChangeLog HISTORY LICENSE NEWS README TROUBLESHOOTING UPGRADE sample.*; do $(INSTALL) -m 0444 $$f $(DESTDIR)$(docdir); done)
-+	@LDAP@(cd $(srcdir) && for f in README.LDAP schema.* sudoers2ldif; do $(INSTALL) -m 0444 $$f $(DESTDIR)$(docdir); done)
-+	$(INSTALL) -m 0444 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu)
- 	@rm -f $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu)
- 	ln $(DESTDIR)$(mandirsu)/sudo.$(mansectsu) $(DESTDIR)$(mandirsu)/sudoedit.$(mansectsu)
--	@REPLAY@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 @mansrcdir@/sudoreplay.$(mantype) $(DESTDIR)$(mandirsu)/sudoreplay.$(mansectsu)
--	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
--	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
--	@LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0444 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
-+	@REPLAY@$(INSTALL) -m 0444 @mansrcdir@/sudoreplay.$(mantype) $(DESTDIR)$(mandirsu)/sudoreplay.$(mansectsu)
-+	$(INSTALL) -m 0444 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
-+	$(INSTALL) -m 0444 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
-+	@LDAP@$(INSTALL) -m 0444 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
- @MAN_POSTINSTALL@
- 
- check:
+-	(cd $(srcdir) && for f in ChangeLog HISTORY LICENSE NEWS README TROUBLESHOOTING UPGRADE sample.*; do $(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 $$f $(DESTDIR)$(docdir); done)
+-	@LDAP@(cd $(srcdir) && for f in README.LDAP schema.* sudoers2ldif; do $(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 $$f $(DESTDIR)$(docdir); done)
+-	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu)
+-	@REPLAY@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 @mansrcdir@/sudoreplay.$(mantype) $(DESTDIR)$(mandirsu)/sudoreplay.$(mansectsu)
+-	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
+-	$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
+-	@LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0644 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
++	(cd $(srcdir) && for f in ChangeLog HISTORY LICENSE NEWS README TROUBLESHOOTING UPGRADE sample.*; do $(INSTALL) -m 0644 $$f $(DESTDIR)$(docdir); done)
++	@LDAP@(cd $(srcdir) && for f in README.LDAP schema.* sudoers2ldif; do $(INSTALL) -m 0644 $$f $(DESTDIR)$(docdir); done)
++	$(INSTALL) -m 0644 @mansrcdir@/sudo.$(mantype) $(DESTDIR)$(mandirsu)/sudo.$(mansectsu)
++	@REPLAY@$(INSTALL) -m 0644 @mansrcdir@/sudoreplay.$(mantype) $(DESTDIR)$(mandirsu)/sudoreplay.$(mansectsu)
++	$(INSTALL) -m 0644 @mansrcdir@/visudo.$(mantype) $(DESTDIR)$(mandirsu)/visudo.$(mansectsu)
++	$(INSTALL) -m 0644 @mansrcdir@/sudoers.$(mantype) $(DESTDIR)$(mandirform)/sudoers.$(mansectform)
++	@LDAP@$(INSTALL) -m 0644 @mansrcdir@/sudoers.ldap.$(mantype) $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform)
+ 	@if test -n "$(MANCOMPRESS)"; then \
+ 	    for f in $(mandirsu)/sudo.$(mansectsu) $(mandirsu)/sudoreplay.$(mansectsu) $(mandirsu)/visudo.$(mansectsu) $(mandirform)/sudoers.$(mansectform) $(mandirform)/sudoers.ldap.$(mansectform); do \
+ 		if test -f $(DESTDIR)$$f; then \
diff --git a/security/sudo/patches/patch-af b/security/sudo/patches/patch-af
index a4089b4c9a3..523df237d57 100644
--- a/security/sudo/patches/patch-af
+++ b/security/sudo/patches/patch-af
@@ -1,4 +1,4 @@
-$NetBSD: patch-af,v 1.28 2011/09/18 14:18:25 ryoon Exp $
+$NetBSD: patch-af,v 1.29 2013/03/01 14:24:58 kim Exp $
 
 * Add "--with-nbsdops" option, NetBSD standard options.
 * Link with util(3) in the case of DragonFly, too.
@@ -7,9 +7,9 @@ $NetBSD: patch-af,v 1.28 2011/09/18 14:18:25 ryoon Exp $
   functions (HAVE_KRB5_*).
 * Remove setting sysconfdir to "/etc".
 
---- configure.in.orig	2011-08-17 13:51:59 +0000
-+++ configure.in
-@@ -326,6 +326,18 @@ AC_ARG_WITH(csops, [AS_HELP_STRING([--wi
+--- configure.in.orig	2013-02-21 15:43:17.000000000 +0000
++++ configure.in	2013-03-01 13:56:47.000000000 +0000
+@@ -330,6 +330,18 @@
  		;;
  esac])
  
@@ -28,7 +28,7 @@ $NetBSD: patch-af,v 1.28 2011/09/18 14:18:25 ryoon Exp $
  AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
  [case $with_passwd in
      yes|no)	AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
-@@ -1968,7 +1980,7 @@ SUDO_MAILDIR
+@@ -2015,7 +2027,7 @@
  if test ${with_logincap-'no'} != "no"; then
      AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=1
  	case "$OS" in
@@ -37,7 +37,7 @@ $NetBSD: patch-af,v 1.28 2011/09/18 14:18:25 ryoon Exp $
  	    ;;
  	esac
      ])
-@@ -2476,6 +2488,8 @@ if test ${with_kerb5-'no'} != "no"; then
+@@ -2634,6 +2646,8 @@
  	])
  	AUTH_OBJS="$AUTH_OBJS kerb5.o"
      fi
@@ -46,11 +46,11 @@ $NetBSD: patch-af,v 1.28 2011/09/18 14:18:25 ryoon Exp $
      _LIBS="$LIBS"
      LIBS="${LIBS} ${SUDO_LIBS}"
      AC_CHECK_FUNCS(krb5_verify_user krb5_init_secure_context)
-@@ -2932,7 +2946,6 @@ test "$libexecdir" = '${exec_prefix}/lib
- test "$includedir" = '${prefix}/include' && includedir='$(prefix)/include'
- test "$datarootdir" = '${prefix}/share' && datarootdir='$(prefix)/share'
+@@ -3167,7 +3181,6 @@
  test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)'
+ test "$localedir" = '${datarootdir}/locale' && localedir='$(datarootdir)/locale'
+ test "$localstatedir" = '${prefix}/var' && localstatedir='$(prefix)/var'
 -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
  
  dnl
- dnl Substitute into the Makefile and man pages
+ dnl Substitute into the Makefile, sudo_usage.h and example sudoers
diff --git a/security/sudo/patches/patch-ag b/security/sudo/patches/patch-ag
index 97816abdde5..0b5d4a5d51d 100644
--- a/security/sudo/patches/patch-ag
+++ b/security/sudo/patches/patch-ag
@@ -1,4 +1,4 @@
-$NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
+$NetBSD: patch-ag,v 1.20 2013/03/01 14:24:58 kim Exp $
 
 * Add "--with-nbsdops" option, NetBSD standard options.
 * Link with util(3) in the case of DragonFly, too.
@@ -7,9 +7,9 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
   functions (HAVE_KRB5_*).
 * Remove setting sysconfdir to "/etc".
 
---- configure.orig	2011-08-17 13:51:59 +0000
-+++ configure
-@@ -1470,7 +1470,7 @@ Fine tuning of the installation director
+--- configure.orig	2013-02-21 15:43:29.000000000 +0000
++++ configure	2013-03-01 13:58:36.000000000 +0000
+@@ -1484,7 +1484,7 @@
    --bindir=DIR            user executables [EPREFIX/bin]
    --sbindir=DIR           system admin executables [EPREFIX/sbin]
    --libexecdir=DIR        program executables [EPREFIX/libexec]
@@ -18,7 +18,7 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
    --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
    --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
    --libdir=DIR            object code libraries [EPREFIX/lib]
-@@ -1550,6 +1550,7 @@ Optional Packages:
+@@ -1569,6 +1569,7 @@
    --with-libraries        additional libraries to link with
    --with-efence           link with -lefence for malloc() debugging
    --with-csops            add CSOps standard options
@@ -26,7 +26,7 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
    --without-passwd        don't use passwd/shadow file for authentication
    --with-skey=DIR         enable S/Key support
    --with-opie=DIR         enable OPIE support
-@@ -3934,6 +3935,22 @@ $as_echo "$as_me: WARNING: Ignoring unkn
+@@ -3959,6 +3960,22 @@
  esac
  fi
  
@@ -49,7 +49,7 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
  
  
  # Check whether --with-passwd was given.
-@@ -15374,7 +15391,7 @@ if test "x$ac_cv_header_login_cap_h" = x
+@@ -15632,7 +15649,7 @@
  _ACEOF
   LOGINCAP_USAGE='[-c class|-] '; LCMAN=1
  	case "$OS" in
@@ -58,7 +58,7 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
  	    ;;
  	esac
  
-@@ -18438,6 +18455,8 @@ fi
+@@ -18569,6 +18586,8 @@
  rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
  	AUTH_OBJS="$AUTH_OBJS kerb5.o"
      fi
@@ -67,11 +67,11 @@ $NetBSD: patch-ag,v 1.19 2011/09/18 14:18:25 ryoon Exp $
      _LIBS="$LIBS"
      LIBS="${LIBS} ${SUDO_LIBS}"
      for ac_func in krb5_verify_user krb5_init_secure_context
-@@ -19859,7 +19878,6 @@ test "$libexecdir" = '${exec_prefix}/lib
- test "$includedir" = '${prefix}/include' && includedir='$(prefix)/include'
- test "$datarootdir" = '${prefix}/share' && datarootdir='$(prefix)/share'
+@@ -20313,7 +20332,6 @@
  test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)'
+ test "$localedir" = '${datarootdir}/locale' && localedir='$(datarootdir)/locale'
+ test "$localstatedir" = '${prefix}/var' && localstatedir='$(prefix)/var'
 -test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
  
- ac_config_files="$ac_config_files Makefile sudo.man visudo.man sudoers.man sudoers.ldap.man sudoreplay.man sudo_usage.h sudoers"
+ ac_config_files="$ac_config_files Makefile sudo_usage.h sudoers"
  
diff --git a/security/sudo/patches/patch-pwutil.c b/security/sudo/patches/patch-pwutil.c
deleted file mode 100644
index 5628882a3b4..00000000000
--- a/security/sudo/patches/patch-pwutil.c
+++ /dev/null
@@ -1,67 +0,0 @@
-$NetBSD: patch-pwutil.c,v 1.2 2012/05/10 09:44:58 martin Exp $
-
-# Tracked upstream at;
-#   http://www.gratisoft.us/bugzilla/show_bug.cgi?id=555
-
-# NetBSD uses 64bit time_t, even on 32bit architectures.
-# This makes struct passwd require 8 byte-alginement on, for example,
-# 32bit sparc. Curiously it all worked out naturally for sparc64 ;-)
-# To not add to the magic, let the compiler design proper alignement
-# by declaring a helper struct which holds the cache entry header as
-# well as struct passwd.
-
---- pwutil.c.orig	2011-10-21 15:18:38.000000000 +0200
-+++ pwutil.c	2012-05-03 10:05:28.000000000 +0200
-@@ -84,6 +84,16 @@
- };
- 
- /*
-+ * To give the compiler a chance to properly align things, we declare this
-+ * dummy structure to ease our size/offset calculations.
-+ */
-+struct cache_and_passwd {
-+	struct cache_item cache;
-+	struct passwd pw;
-+};
-+
-+
-+/*
-  * Compare by uid.
-  */
- static int
-@@ -144,6 +154,7 @@
-     size_t nsize, psize, csize, gsize, dsize, ssize, total;
-     struct cache_item *item;
-     struct passwd *newpw;
-+    struct cache_and_passwd *cnp;
- 
-     /* If shell field is empty, expand to _PATH_BSHELL. */
-     pw_shell = (pw->pw_shell == NULL || pw->pw_shell[0] == '\0')
-@@ -151,7 +162,7 @@
- 
-     /* Allocate in one big chunk for easy freeing. */
-     nsize = psize = csize = gsize = dsize = ssize = 0;
--    total = sizeof(struct cache_item) + sizeof(struct passwd);
-+    total = sizeof(struct cache_and_passwd);
-     FIELD_SIZE(pw, pw_name, nsize);
-     FIELD_SIZE(pw, pw_passwd, psize);
- #ifdef HAVE_LOGIN_CAP_H
-@@ -168,15 +179,15 @@
-     /* Allocate space for struct item, struct passwd and the strings. */
-     if ((item = malloc(total)) == NULL)
- 	    return NULL;
--    cp = (char *) item + sizeof(struct cache_item);
-+    cnp = (struct cache_and_passwd*)item;
- 
-     /*
-      * Copy in passwd contents and make strings relative to space
-      * at the end of the buffer.
-      */
--    newpw = (struct passwd *) cp;
-+    newpw = &cnp->pw;
-     memcpy(newpw, pw, sizeof(struct passwd));
--    cp += sizeof(struct passwd);
-+    cp = (char*)&cnp[1];
-     FIELD_COPY(pw, newpw, pw_name, nsize);
-     FIELD_COPY(pw, newpw, pw_passwd, psize);
- #ifdef HAVE_LOGIN_CAP_H
author	kim <kim>	2013-03-01 14:24:57 +0000
committer	kim <kim>	2013-03-01 14:24:57 +0000
commit	60e0ddc4ade62448ba80e97ca93b22f0bd130d96 (patch)
tree	d797e44359a2f08649236ec67dcb4d37301c0aa3 /security
parent	5dec28b98daaca4ddfc5328a47ffc77db5adb007 (diff)
download	pkgsrc-60e0ddc4ade62448ba80e97ca93b22f0bd130d96.tar.gz