* pam_krb5afs.c(pam_sm_setcred): rename to setcred_int() so that we can do
proper debug logging and control whether or not we change the ownership
of newly-created files. Remove existing v5 or v4 files which were
already created by the module before creating new ones.
* pam_krb5afs.c(pam_sm_authenticate): use setcred_int() to avoid tripping over
permissions problems.
* pam_krb5afs.c(pam_prompt_for): rework to provide varargs functionality for
the prompt text.
* pam_krb5afs.c(pam_sm_authenticate,pam_prompter): use it.
* pam_krb5afs.c(pam_sm_chauthtok): heed use_first_pass when reading the current
password, use_authtok when reading the new password. Don't leak the
unparsed name. Notify the user of why a change was rejected if that's
what happened.
* pam_krb5afs.c(parse_user_name): add, to override the local realm name with
the configured realm before passing the user name to krb5_parse_name().
Replaces krb5_parse_name() wherever user names are passed in.