--- cvs-1.11.1p1/src/server.c	Tue Jul 17 19:52:17 2001
+++ cvs-1.11.1p1-flux/src/server.c	Tue Jul 17 19:52:27 2001
@@ -5374,9 +5377,10 @@
 
 
 /* 
- * 0 means no entry found for this user.
+ * 0 means no entry found for this user - check with system
  * 1 means entry found and password matches (or found password is empty)
  * 2 means entry found, but password does not match.
+ * 3 means entry found, but password tagged specially - check with system!
  *
  * If 1, host_user_ptr will be set to point at the system
  * username (i.e., the "real" identity, which may or may not be the
@@ -5498,19 +5502,28 @@
         if (host_user_tmp == NULL)
             host_user_tmp = username;
 
-        /* Verify blank passwords directly, otherwise use crypt(). */
-        if ((found_password == NULL)
-            || ((strcmp (found_password, crypt (password, found_password))
-                 == 0)))
-        {
+        /* If a specially tagged password, use system authentication */
+        if (found_password && strcmp(found_password, "*SYS*") == 0) {
             /* Give host_user_ptr permanent storage. */
             *host_user_ptr = xstrdup (host_user_tmp);
-            retval = 1;
-        }
-        else
-        {
-            *host_user_ptr = NULL;
-            retval         = 2;
+
+            retval = 3;
+        } 
+        else 
+          {
+            /* Verify blank passwords directly, otherwise use crypt(). */
+            if (found_password == NULL ||
+                strcmp (found_password, crypt (password, found_password)) == 0)
+            {
+                /* Give host_user_ptr permanent storage. */
+                *host_user_ptr = xstrdup (host_user_tmp);
+                retval = 1;
+            }
+            else
+            {
+                *host_user_ptr = NULL;
+                retval         = 2;
+            }
         }
     }
     else     /* Didn't find this user, so deny access. */
@@ -5552,7 +5565,7 @@
         /* host_user already set by reference, so just return. */
         goto handle_return;
     }
-    else if (rc == 0 && system_auth)
+    else if ((rc == 0 && system_auth) || rc == 3)
     {
         /* No cvs password found, so try /etc/passwd. */
 
@@ -5593,10 +5606,24 @@
         
         if (*found_passwd)
         {
-            /* user exists and has a password */
-            host_user = ((! strcmp (found_passwd,
-                                    crypt (password, found_passwd)))
-                         ? xstrdup (username) : NULL);
+            /* if user has a valid password */
+            if (strcmp(found_passwd, crypt(password, found_passwd)) == 0) {
+                if (rc == 0) 
+                {
+                    /* if not found in cvs passwd-file, return users name */
+                    host_user = xstrdup(username);
+                } 
+                else
+                {
+                    /* if cvs passwd-file might've contained the name,
+                       return it instead */
+                    host_user = host_user ? host_user : xstrdup(username);
+                }
+            }
+            else
+            {
+                host_user = NULL;
+            }
             goto handle_return;
         }
         else if (password && *password)