This allows an application to only update a password entry if it is
in the state it expects.  Additionally, if the old passwd struct
is specified the new one may have a different pw_name field since
matching is done on the original.  Adapted from FreeBSD.

rescinded 22 July 1999.  Proofed by myself and Theo.

some brave soul should look at it.

millert@ ok
deraadt@ ok to commit

clobbered by longjmp / vfork instead of the gcc "(void)&foo;" hack.

bit flags ORed together.  Currently the only flags defined are
_PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to
cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when
only the extra fields in master.passwd (or the encrypted password)
have changed.  There are other programs that could probably use
the _PASSWORD_OMITV7 flag; they will be converted at a future date.

flag and crank the library major due to the interface change.

pw_error() is prefectly legal but now we have to check for it explicity
(it was handled implicitly before since warn(name) would become warn(NULL)).

Crank the shlib major number due to the interface change.

constant).  These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).

lock.  This fixes a DOS bug where a user could run passwd(1) and
send it a SIGKILL, thus leaving /etc/ptmp in place.

password cipher type at the moment

by a nifty '0', so you cant check for a colon instead and dump some
I am sorry, Dave. I can't do that.

with our changes which permit "EDITOR=emacs -nw" to work.

opendev.h: ok, so I merged it with util.h
opendev.h: use util.h
everything else: use "util.h"