--- pam-pgsql-0.6.3.orig/debian/compat
+++ pam-pgsql-0.6.3/debian/compat
@@ -0,0 +1 @@
+5
--- pam-pgsql-0.6.3.orig/debian/copyright
+++ pam-pgsql-0.6.3/debian/copyright
@@ -0,0 +1,10 @@
+Upstream Author: David D.W. Downey ("pgpkeys") <david-downey@codecastle.com>
+Upstream Source: http://libpam-pgsql.codecastle.com
+
+Copyright (c) 2000. Leon J Breedt <ljb@debian.org>, Copyright (c) 2002. David D.W. Downey ("pgpkeys") <david-downey@codecastle.com>
+
+You are free to distribute this software under the terms of
+the GNU General Public License v2.0 or later.
+On Debian systems, the complete text of the GNU General Public
+License can be found in /usr/share/common-licenses/GPL file.
+                     
--- pam-pgsql-0.6.3.orig/debian/watch
+++ pam-pgsql-0.6.3/debian/watch
@@ -0,0 +1,3 @@
+version=3
+
+http://sf.net/pam-pgsql/libpam-pgsql-([\d.]+)\.tar\.bz2
--- pam-pgsql-0.6.3.orig/debian/rules
+++ pam-pgsql-0.6.3/debian/rules
@@ -0,0 +1,63 @@
+#!/usr/bin/make -f
+# -- Rules to build libpam-pgsql package
+
+## load quilt
+include /usr/share/quilt/quilt.make
+
+## globals
+PACKAGE=    libpam-pgsql
+DESTDIR=    $(CURDIR)/debian/${PACKAGE}
+INSTALL=    /usr/bin/install
+SHELL=      /bin/sh
+
+build: build-stamp
+build-stamp: $(QUILT_STAMPFN)
+	dh_testdir
+	cp /usr/share/misc/config.sub .
+	cp /usr/share/misc/config.guess .
+	# Build the module
+	./configure
+	${MAKE}
+	touch build-stamp
+
+install: install-stamp
+install-stamp:
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	dh_installdirs
+
+	# Install it
+	${MAKE} ROOTDIR=${DESTDIR} install
+
+	touch install-stamp
+
+clean: unpatch
+	dh_testdir
+	dh_testroot
+
+	# Clean up
+	[ ! -f Makefile ] || ${MAKE} distclean
+	rm -f build-all install-stamp
+	rm -f config.sub config.guess
+	dh_clean
+
+binary-indep:
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+
+	# Prepare & build binary package
+	dh_installdocs README CREDITS
+	dh_installchangelogs
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
--- pam-pgsql-0.6.3.orig/debian/control
+++ pam-pgsql-0.6.3/debian/control
@@ -0,0 +1,15 @@
+Source: pam-pgsql
+Section: admin
+Priority: extra
+Maintainer: Debian QA Group <packages@qa.debian.org>
+Standards-Version: 3.7.3
+Build-Depends: debhelper (>= 5.0), autotools-dev, quilt (>= 0.40), libpam0g-dev, libpq-dev, libmhash-dev
+Homepage: http://sourceforge.net/projects/pam-pgsql/
+
+Package: libpam-pgsql
+Architecture: any
+Depends: ${shlibs:Depends}
+Description: PAM module to authenticate using a PostgreSQL database
+ This module lets you authenticate users against a table in a PostgreSQL
+ database. It also supports checking account information and updating 
+ authentication tokens (ie. passwords).
--- pam-pgsql-0.6.3.orig/debian/changelog
+++ pam-pgsql-0.6.3/debian/changelog
@@ -0,0 +1,223 @@
+pam-pgsql (0.6.3-2~bpo40+1) etch-backports; urgency=low
+
+  * Rebuild for etch-backports.
+
+ -- Philipp Kern <pkern@debian.org>  Mon, 16 Jun 2008 10:41:14 +0200
+
+pam-pgsql (0.6.3-2) unstable; urgency=high
+
+  * High-urgency QA upload to get security fix into testing.
+  * Fix upstream security issue that granted root access when pressing Ctrl-C
+    in sudo’s authentication conversation, closes: #481970.  The problem was
+    caused by a mistake in operator precedence leading to a pam_get_pass call
+    always being considered successful; it is fixed by adding a level of
+    parentheses.
+
+ -- Michael Schutte <m.schutte.jr@gmail.com>  Sat, 24 May 2008 22:30:02 +0200
+
+pam-pgsql (0.6.3-1) unstable; urgency=low
+
+  * QA upload.
+    + Set maintainer to Debian QA Group <packages@qa.debian.org>.
+  * Acknowledge NMUs. (Closes: #441679, #355180, #423928, #429978).
+  * New upstream release. (Closes: #466873).
+    + Revert old unneeded patches.
+  * Add watch file.
+  * Add Homepage entry in source header.
+  * Use latest version of the config.{sub,guess} files.
+  * Bump debhelper build-dep and compat to 5.
+  * Bump Standards Version to 3.7.3.
+
+ -- Barry deFreese <bddebian@comcast.net>  Fri, 11 Apr 2008 21:34:22 -0400
+
+pam-pgsql (0.5.2-9.3) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix FTBFS `error: NULL undeclared', thanks to Cyril Brulebois.
+    (Closes: #441679)
+
+ -- Philipp Kern <pkern@debian.org>  Sun, 16 Sep 2007 11:48:46 +0200
+
+pam-pgsql (0.5.2-9.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Added quilt to the build system.
+  * Made `binary-indep' an empty target and introduced `build-stamp'.
+  * Fixed a memory leak. (Closes: #355180)
+  * Applied a patch to remove unnecessary escaping of the SQL queries.
+    (Closes: #423928)
+  * Do not install `test.c' as an example.
+
+ -- Philipp Kern <pkern@debian.org>  Sun, 26 Aug 2007 22:14:25 +0200
+
+pam-pgsql (0.5.2-9.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build-Depend on libpq-dev instead of postgresql-dev. Closes: #429978
+
+ -- Andreas Barth <aba@not.so.argh.org>  Fri, 20 Jul 2007 21:14:09 +0000
+
+pam-pgsql (0.5.2-9) unstable; urgency=low
+
+  * Reapplied security patches (Closes: #230875,#307784)
+  * Boolean values works with boolean type as well (Closes: #130496)
+  * Documentation typo (Closes: #218291)
+  * Reapplied other NMU patches (Closes: #307366)
+  * Allow port specification (Closes: #247536)
+  * Reapplied "Stack-Friendly patch" (Closes: #139473)
+  * Deleted wrong README.Debian (Closes: #204181)
+  * Documented host and port options (Closes: #204439)
+  * Reapplied patch to allow different config files (Closes: #236484)
+  * Reapplied patch to support another MD5 type passwords (Closes: #142889)
+  * Change "must change password" field (if any) to false after changing password
+  * Deleted build-all from root (Closes: #240823)
+  * Fixed few memory leaks (Closes: #280774)
+  * Added timeout option for database connects (Closes: #281703)
+  * Use debian/compat instead of DH_COMPAT
+  * drop DH_COMPAT and DH_VERBOSE exports from debian/rules
+  * don't ask root for password whan changing password
+  * New Maintainer (Closes: #303198)
+  * Fixed PAM stack to behave exactly as expected with use_authtok
+  * Fixed a lot of memory leaks introduced by security patches
+  * Fixed a lot of memory leaks arround returning error early
+
+ -- Primoz Bratanic <primoz@slo-tech.com>  Sun, 8 May 2005 23:10:16 +0200
+
+pam-pgsql (0.5.2-8) unstable; urgency=low
+
+  * Orphan. Set maintainer to QA.
+
+ -- Debian QA Group <packages@qa.debian.org>  Mon, 18 Apr 2005 09:22:16 +0200
+
+pam-pgsql (0.5.2-7) unstable; urgency=high
+
+  * Fix possible format string vulnerability in logging of username.
+    Thanks to Florian Zumbiehl for pointing this out. (closes: Bug#204438)
+  * urgency=high for this reason
+
+ -- Joerg Wendland <joergland@debian.org>  Thu,  7 Aug 2003 12:47:24 +0200
+
+pam-pgsql (0.5.2-6) unstable; urgency=low
+
+  * New Maintainer. (closes: Bug#188658)
+  * Standards-Version 3.5.9.
+  * Rebuild against libpq3. (closes: Bug#179766)
+  * DH_COMPAT=4
+  * Move to main.
+  * More to come soon...
+
+ -- Joerg Wendland <joergland@debian.org>  Tue, 13 May 2003 23:38:23 +0200
+
+pam-pgsql (0.5.2-5) unstable; urgency=critical
+
+  * Reupload with urgency=critical since we really want this in woody.
+
+ -- Tollef Fog Heen <tfheen@debian.org>  Sun, 28 Apr 2002 22:26:49 +0200
+
+pam-pgsql (0.5.2-4) unstable; urgency=low
+
+  * Marking the removal of the ("pgpkeys") from my Comment field in the gpg
+    key. Since the original secret key was lost in a crash I changed the key
+    and the Commet field.
+
+  * Added a sub-dir called public_key/ which contains both the OLD public key
+    and the NEW public key. The OLD key was signed with the NEW key in order
+    to establish within the package that a key changeover had taken place.
+    Since there was no way to revoke the key publicly, all documentation
+    regarding the lost key discussion can be found in the
+    debian-devel@lists.debian.org mail list archives. NOTE: This is _not_
+    meant to _supplant_ the established Debian rules regarding keys, but
+    merely to _augment_ that policy.
+
+  * Also imported entire structure from pristine source through current
+    version into CVS. I felt it was time to start using cvs-buildpackage to
+    handle package maintenence. HEAVY thanks go out to michaelw@debian.org for
+    helping me with getting the cvs up and running and teaching me the basics
+    correctly of cvs-buildpackage. (gotta love cvs-inject *.dsc)
+
+  * Fixed typo in README for pwtype. Thanks Tobias Olsson <tobias@toface.linux-site.net>
+    and Robert Pintarelli <robert.pintarelli@wh-hms.uni-ulm.de>. Closes: #138602, #142849
+
+  * Bad code for the queries was causing the system to lock out _every_ user
+    on the box if any single account was expired. Not Good(Tm). The fix for
+    this was submitted by Robert Pintarelli <robert.pintarelli@wh-hms.uni-ulm.de>
+    Closes: #143745
+
+ -- David D.W. Downey <david-downey@codecastle.com>  Fri, 26 Apr 2002 16:54:52 -0700
+
+pam-pgsql (0.5.2-3) unstable; urgency=low
+
+  * Just a rebuild against the current libpgsql. Hopefully this fixes any
+    problems with libpgsql2 version differences.
+
+ -- David D.W. Downey ("pgpkeys") <ddowney@codecastle.com>  Fri,  8 Mar 2002 18:13:57 -0800
+
+pam-pgsql (0.5.2-2) unstable; urgency=low
+
+  * Added escaped special char check and rewrite to handle bug #130114
+    Patch submitted by Joerg Wendland <joergland@debian.org>
+    Closes: #130114
+  * Added additional `\0` sanity check in while loop. Submitted by a friend
+    who wishes to remain anonymous due to legal contraints from his employer.
+
+ -- David D.W. Downey ("pgpkeys") <david-downey@codecastle.com>  Mon, 21 Jan 2002 01:41:36 -0800
+
+pam-pgsql (0.5.2-1) unstable; urgency=low
+
+  * New maintainer: David D.W. Downey ("pgpkeys") <david-downey@codecastle.com> Closes: #128400
+  * New upstream version (new upstream maintainer - me as well =)
+  * Not a debian native package any more
+  * New upstream source location is http://libpam-pgsql.codecastle.com
+
+ -- David D.W. Downey ("pgpkeys") <david-downey@codecastle.com>  Mon, 14 Jan 2002 09:37:28 -0800
+
+pam-pgsql (0.5.1) unstable; urgency=low
+
+  * Add libmhash-dev to Build-Depends. Closes: #94520
+
+ -- Leon Breedt <ljb@debian.org>  Thu, 19 Apr 2001 19:09:50 +0200
+
+pam-pgsql (0.5) unstable; urgency=low
+
+  * Always log error conditions to syslog.
+  * Fix typo in README, update CREDITS, and also taking this opportunity
+    to close wishlist bug fixed in 0.4 already. Closes: #76644
+
+ -- Leon Breedt <ljb@debian.org>  Wed, 18 Apr 2001 22:39:58 +0200
+
+pam-pgsql (0.4) unstable; urgency=low
+
+  * added MD5 and crypt() password support (introduces dependency on mhash)
+  * slightly more informative logging when 'debug' option is enabled
+
+ -- Leon Breedt <ljb@debian.org>  Tue, 17 Apr 2001 23:08:46 +0200
+
+pam-pgsql (0.3.1) unstable; urgency=low
+
+  * Non-maintainer upload, suggested by the maintainer, to recompile with
+    libpgsql2.1, because libpgsql2 was removed. As exception from the rule
+    the concerning bug is herewith closed because I am also its submitter;
+    closes: #86528 
+
+ -- Dr. Guenter Bechly <gbechly@debian.org>  Tue, 20 Feb 2001 22:03:20 +0100
+
+pam-pgsql (0.3) unstable; urgency=low
+
+  * Add Build-Depends for m68k build daemon
+
+ -- Leon Breedt <ljb@debian.org>  Wed,  2 Aug 2000 13:05:23 +0200
+
+pam-pgsql (0.2) unstable; urgency=low
+
+  * Initial autoconf support
+  * Include test.c in the examples
+  * Support for the FreeBSD platform
+
+ -- Leon Breedt <ljb@debian.org>  Tue, 04 Jul 2000 17:17:07 +0200
+
+pam-pgsql (0.1) unstable; urgency=low
+
+  * Initial release.
+
+ -- Leon Breedt <ljb@debian.org>  Sat, 24 Jun 2000 21:20:40 +0200
+
--- pam-pgsql-0.6.3.orig/debian/patches/series
+++ pam-pgsql-0.6.3/debian/patches/series
@@ -0,0 +1,2 @@
+ftbfs_441679.patch
+security_481970.patch
--- pam-pgsql-0.6.3.orig/debian/patches/ftbfs_441679.patch
+++ pam-pgsql-0.6.3/debian/patches/ftbfs_441679.patch
@@ -0,0 +1,10 @@
+--- pam-pgsql-0.5.2/pam_get_service.c~	2007-09-13 09:27:02.000000000 +0200
++++ pam-pgsql-0.5.2/pam_get_service.c	2007-09-13 09:27:12.000000000 +0200
+@@ -3,6 +3,7 @@
+  */
+ 
+ /* $Id: pam_get_service.c,v 1.2 2000/06/25 10:01:41 ljb Exp $ */
++#include <security/pam_client.h>
+ #include <security/pam_modules.h>
+ 
+ const char *pam_get_service(pam_handle_t *pamh)
--- pam-pgsql-0.6.3.orig/debian/patches/security_481970.patch
+++ pam-pgsql-0.6.3/debian/patches/security_481970.patch
@@ -0,0 +1,13 @@
+Index: pam-pgsql-0.6.3/pam_pgsql.c
+===================================================================
+--- pam-pgsql-0.6.3.orig/pam_pgsql.c	2008-05-24 19:37:21.000000000 +0200
++++ pam-pgsql-0.6.3/pam_pgsql.c	2008-05-24 19:43:17.000000000 +0200
+@@ -583,7 +583,7 @@
+ 		if ((rc = pam_get_user(pamh, &user, NULL)) == PAM_SUCCESS) {
+ 			if ((rc = get_module_options(argc, argv, &options)) == PAM_SUCCESS) {
+ 				DBGLOG("attempting to authenticate: %s", user);
+-				if ((rc = pam_get_pass(pamh, PAM_AUTHTOK, &password, PASSWORD_PROMPT, options->std_flags) == PAM_SUCCESS)) {
++				if ((rc = pam_get_pass(pamh, PAM_AUTHTOK, &password, PASSWORD_PROMPT, options->std_flags)) == PAM_SUCCESS) {
+ 					if ((rc = auth_verify_password(pam_get_service(pamh), user, password, rhost, options)) == PAM_SUCCESS) {
+ 						if ((password == 0 || *password == 0) && (flags & PAM_DISALLOW_NULL_AUTHTOK)) {
+ 							rc = PAM_AUTH_ERR;