Update to 1.7.2p1.

Changes in 1.7.2p1 since 1.7.2:
===============================

* Fixed the expansion of the %h escape in #include file names introduced in
  sudo 1.7.1.

Changes in 1.7.2 since 1.7.1:
=============================

* A new #includedir directive is available in sudoers. This can be used to
  implement an /etc/sudo.d directory. Files in an includedir are not edited
  by visudo unless they contain a syntax error.
* The -g option did not work properly when only setting the group (and not
  the user). Also, in -l mode the wrong user was displayed for sudoers
  entries where only the group was allowed to be set.
* Fixed a problem with the alias checking in visudo which could prevent
  visudo from exiting.
* Sudo will now correctly parse the shell-style /etc/environment file format
  used by pam_env on Linux.
* When doing password and group database lookups, sudo will only cache an
  entry by name or by id, depending on how the entry was looked up.
  Previously, sudo would cache by both name and id from a single lookup, but
  this breaks sites that have multiple password or group database names that
  map to the same uid or gid.
* User and group names in sudoers may now be enclosed in double quotes to
  avoid having to escape special characters.
* BSM audit fixes when changing to a non-root uid.
* Experimental non-Unix group support. Currently only works with Quest
  Authorization Services and allows Active Directory groups fixes for
  Minix-3.
* For Netscape/Mozilla-derived LDAP SDKs the certificate and key paths may
  be specified as a directory or a file. However, version 5.0 of the SDK
  only appears to support using a directory (despite documentation to the
  contrary). If SSL client initialization fails and the certificate or key
  paths look like they could be default file name, strip off the last path
  element and try again.
* A setenv() compatibility fix for Linux systems, where a NULL value is
  treated the same as an empty string and the variable name is checked
  against the NULL pointer.

security/sudo/Makefile

@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.115 2009/05/21 03:42:49 taca Exp $
+# $NetBSD: Makefile,v 1.116 2009/08/02 07:39:27 hasso Exp $
 #
 
-DISTNAME=		sudo-1.7.1
+DISTNAME=		sudo-1.7.2p1
 CATEGORIES=		security
 MASTER_SITES=		http://www.courtesan.com/sudo/dist/ \
 			ftp://ftp.courtesan.com/pub/sudo/ \

security/sudo/distinfo

@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.58 2009/05/21 03:42:49 taca Exp $
+$NetBSD: distinfo,v 1.59 2009/08/02 07:39:27 hasso Exp $
 
-SHA1 (sudo-1.7.1-200805130/sudo-1.7.1.tar.gz) = f76ad5ff5dac253c14dfedfdbddd99b4cf7f54a2
-RMD160 (sudo-1.7.1-200805130/sudo-1.7.1.tar.gz) = e9c2e165ead15e5cab6a8d32facc0d38135d0ff9
-Size (sudo-1.7.1-200805130/sudo-1.7.1.tar.gz) = 755823 bytes
+SHA1 (sudo-1.7.2p1-200805130/sudo-1.7.2p1.tar.gz) = 2ef461d840110d2c9160db142336591775ede67a
+RMD160 (sudo-1.7.2p1-200805130/sudo-1.7.2p1.tar.gz) = 5f345d6062f178700fd78c93c04ee47c03bbcc50
+Size (sudo-1.7.2p1-200805130/sudo-1.7.2p1.tar.gz) = 771059 bytes
 SHA1 (patch-aa) = 80e25b6ddf5e071ba05c035d0c333c867814a436
-SHA1 (patch-af) = 41b41124744b36feb7f65d5b706874c06e096744
+SHA1 (patch-af) = 0e1ffaa452f847405949875b47326bce6ff998d2
 SHA1 (patch-ag) = 0ae45801e8146bab8bb998fdc48b1fd05b56f96b

security/sudo/patches/patch-af

@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $
+$NetBSD: patch-af,v 1.22 2009/08/02 07:39:27 hasso Exp $
 
---- configure.in.orig	2008-12-10 06:13:01.000000000 +0900
-+++ configure.in
-@@ -153,7 +153,6 @@ else
+--- configure.in.orig	2009-07-20 16:34:37 +0300
++++ configure.in	2009-08-01 22:19:54 +0300
+@@ -156,7 +156,6 @@ else
  fi
  test "$bindir" = '${exec_prefix}/bin' && bindir='$(exec_prefix)/bin'
  test "$sbindir" = '${exec_prefix}/sbin' && sbindir='$(exec_prefix)/sbin'
@@ -10,11 +10,11 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $
  
  dnl
  dnl Deprecated --with options (these all warn or generate an error)
-@@ -277,6 +276,19 @@ AC_ARG_WITH(csops, [  --with-csops      
+@@ -294,6 +293,19 @@ AC_ARG_WITH(csops, [AS_HELP_STRING([--wi
  		;;
  esac])
  
-+AC_ARG_WITH(nbsdops, [  --with-nbsdops          add NetBSD standard options],
++AC_ARG_WITH(nbsdops, [AS_HELP_STRING([--with-nbsdops], [add NetBSD standard options])],
 +[case $with_nbsdops in
 +    yes)	echo 'Adding NetBSD standard options'
 +		CHECKSIA=false
@@ -27,10 +27,10 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $
 +		;;
 +esac])
 +
- AC_ARG_WITH(passwd, [  --without-passwd        don't use passwd/shadow file for authentication],
+ AC_ARG_WITH(passwd, [AS_HELP_STRING([--without-passwd], [don't use passwd/shadow file for authentication])],
  [case $with_passwd in
      yes|no)	AC_MSG_CHECKING(whether to use shadow/passwd file authentication)
-@@ -1716,7 +1728,7 @@ fi
+@@ -1790,7 +1802,7 @@ fi
  if test ${with_logincap-'no'} != "no"; then
      AC_CHECK_HEADERS(login_cap.h, [LOGINCAP_USAGE='[[-c class|-]] '; LCMAN=""
  	case "$OS" in
@@ -39,7 +39,7 @@ $NetBSD: patch-af,v 1.21 2009/02/05 13:48:12 taca Exp $
  	    ;;
  	esac
      ])
-@@ -2148,6 +2160,8 @@ if test ${with_kerb5-'no'} != "no" -a -z
+@@ -2237,6 +2249,8 @@ if test ${with_kerb5-'no'} != "no" -a -z
  	    AC_CHECK_LIB(krb5support, main, [SUDO_LIBS="${SUDO_LIBS} -lkrb5support,"])
      ])
      AUTH_OBJS="$AUTH_OBJS kerb5.o"