millert@ ok
deraadt@ ok to commit

will be overwritten by subsequent calls; suggested by pjanzen, ok millert

millert@ ok

clobbered by longjmp / vfork instead of the gcc "(void)&foo;" hack.

is called.

jakob@ ok

bit flags ORed together.  Currently the only flags defined are
_PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to
cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when
only the extra fields in master.passwd (or the encrypted password)
have changed.  There are other programs that could probably use
the _PASSWORD_OMITV7 flag; they will be converted at a future date.

flag and crank the library major due to the interface change.

o) .Sh AUTHOR -> .Sh AUTHORS;
o) We don't like .Pp before/after .Sh;
o) We don't like .Pp before/after .Rs/.Re;
o) NetBSD -> .Nx;
o) OpenBSD -> .Ox;
millert@ ok

o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

logdaemon, so this applies:
ftp://ftp.porcupine.org/pub/security/logdaemon_license

pw_error() is prefectly legal but now we have to check for it explicity
(it was handled implicitly before since warn(name) would become warn(NULL)).

This lives in libutil because it uses pw_lock(3) and friends.  Needs
a man page (soon!).

Crank the shlib major number due to the interface change.

argument to .Dt, and move the BUGS section to the end like most man pages.
This is my 1000th commit since joining the OpenBSD dev team.

constant).  These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).