ok deraadt@

now build libraries with propolice enabled.  Without this, existing
binaries (such as ports/packages) that link with any system library
other than libc will fail with an undefined symbol of "___guard"
(__guard on ELF).
Pointed out by markus@ and discussed with deraadt@

that the first char in the line is not NUL after killing comments.

field separators as empty field.  This is not what we want for
whitespace-delimited fields.

o make first arg const since we don't modify it
o use strsep() instead of strtok() as strtok() changes internal state
o add some bounds checking and use strlcat() instead of pointer arithmetic
o ANSI function headers
Originally based on a patch from Lars J. Buitinck but much modified.

some brave soul should look at it.

XXX libraries should not use atexit(3) from within, as program can terminate
with _exit.

o) always close .Bl tags;
o) fix usage of .Xr;
millert@ ok

o) remove extra space in the end of line;
o) remove extra blank lines in the end of file;
o) remove .Pp before .Ss;
o) CAVEAT -> CAVEATS;
o) fix usage of .Fa;
o) <blank-line> -> .Pp;
o) wrap long lines;
millert@ ok

millert@ ok
deraadt@ ok to commit

will be overwritten by subsequent calls; suggested by pjanzen, ok millert

millert@ ok

clobbered by longjmp / vfork instead of the gcc "(void)&foo;" hack.

is called.

jakob@ ok

bit flags ORed together.  Currently the only flags defined are
_PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to
cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when
only the extra fields in master.passwd (or the encrypted password)
have changed.  There are other programs that could probably use
the _PASSWORD_OMITV7 flag; they will be converted at a future date.

flag and crank the library major due to the interface change.

o) .Sh AUTHOR -> .Sh AUTHORS;
o) We don't like .Pp before/after .Sh;
o) We don't like .Pp before/after .Rs/.Re;
o) NetBSD -> .Nx;
o) OpenBSD -> .Ox;
millert@ ok