head	1.3;
access;
symbols
	pkgsrc-2013Q2:1.3.0.14
	pkgsrc-2013Q2-base:1.3
	pkgsrc-2012Q4:1.3.0.12
	pkgsrc-2012Q4-base:1.3
	pkgsrc-2011Q4:1.3.0.10
	pkgsrc-2011Q4-base:1.3
	pkgsrc-2011Q2:1.3.0.8
	pkgsrc-2011Q2-base:1.3
	pkgsrc-2009Q4:1.3.0.6
	pkgsrc-2009Q4-base:1.3
	pkgsrc-2008Q4:1.3.0.4
	pkgsrc-2008Q4-base:1.3
	pkgsrc-2008Q3:1.3.0.2
	pkgsrc-2008Q3-base:1.3
	cube-native-xorg:1.2.0.10
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.8
	pkgsrc-2008Q2-base:1.2
	cwrapper:1.2.0.6
	pkgsrc-2008Q1:1.2.0.4
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.2
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.1.0.2
	pkgsrc-2007Q3-base:1.1;
locks; strict;
comment	@# @;


1.3
date	2008.09.28.22.15.30;	author tonnerre;	state dead;
branches;
next	1.2;

1.2
date	2007.10.15.15.37.01;	author jlam;	state Exp;
branches;
next	1.1;

1.1
date	2007.09.05.17.06.55;	author jlam;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Upgrade courier-authlib to version 0.61.0 in order to fix CVE-2008-2667,
finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid
abuse of libtool.

Changes since 0.60.2:
 * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade
   with older packages that require <libname>.so.0.
 * Makefile.am: Switch to versionless shared libraries.
   Install all shared libraries just as <libname>.so. make install manually
   removes *.so.0.0 files that were left over from previous versions,
   and installs a temporary *.so.0 symlink to *.so, for temporary
   binary ABI compatibility with 0.60. The symlinks will be removed in
   0.62.
 * Cleanup: always compile md5, sha* and hmac stuff, and remove all
   conditionally-compiled cruft. Move SASL list to an internal header.
   Add client-side support for AUTH EXTERNAL.
 * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(),
   invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL
   by going through the motions, then setting up a dummy authentication
   request.
 * authdaemon.c (auth_generic): Check for the dummy EXTERNAL
   authentication request, and handle it by invoking auth_getuserinfo(),
   rather than sending it down the pipe. This avoid having to implement
   a stub in every authentication module.
 * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES
 * authmysqllib.c: Fix domain-less queries.
 * Makefile: Drop the unmaintained authvchkpw module.
 * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of
   crude filtering.
 * Makefile.am: Use _LIBADD properly.
 * configure.in: More portability fixes.
@
text
@$NetBSD: patch-ad,v 1.2 2007/10/15 15:37:01 jlam Exp $

--- authldaplib.c.orig	Sat Jan 20 17:03:22 2007
+++ authldaplib.c
@@@@ -126,7 +126,7 @@@@ authldap_free_config removed - no longer
 static char **l_get_values(LDAP *ld, LDAPMessage *entry, const char *attribut)
 {
 	struct berval **p=ldap_get_values_len(ld, entry, attribut);
-	int n;
+	int i, n;
 	char **a;
 
 	if (!p)
@@@@ -143,8 +143,6 @@@@ static char **l_get_values(LDAP *ld, LDA
 		ldap_value_free_len(p);
 		return NULL;
 	}
-
-	int i;
 
 	for (i=0; i<n; i++)
 	{
@


1.2
log
@Update security/courier-authlib to 0.60.1.  Changes from version 0.59.3
include:

* MYSQL_CHARACTER_SET option.

* Allow underscores, colons and plusses, in account names.

* Add {MD5RAW} hash method.

* Fix runtime problems with hardcoded file descriptors in the daemon
  code by using OPEN_MAX instead.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1
log
@Move variable declarations to start of block to appease older C compilers.
@
text
@d3 1
a3 1
--- authldaplib.c.orig	2007-01-20 12:03:22.000000000 -0500
d14 2
a15 1
@@@@ -144,8 +144,6 @@@@ static char **l_get_values(LDAP *ld, LDA
d18 2
a20 2
-	int i;
-
a22 1
 		if ((a[i]=malloc(p[i]->bv_len+1)) == NULL)
@