fix erroneous return of partial username matches by getspnam[_r]

when using /etc/shadow (rather than tcb) as its backend, getspnam_r
matched any username starting with the caller-provided string rather
than requiring an exact match. in practice this seems to have affected
only systems where one valid username is a prefix for another valid
username, and where the longer username appears first in the shadow
file.

src/passwd/getspnam_r.c

@@ -98,7 +98,7 @@ int getspnam_r(const char *name, struct spwd *sp, char *buf, size_t size, struct
 
 	pthread_cleanup_push(cleanup, f);
 	while (fgets(buf, size, f) && (k=strlen(buf))>0) {
-		if (skip || strncmp(name, buf, l)) {
+		if (skip || strncmp(name, buf, l) || buf[l]!=':') {
 			skip = buf[k-1] != '\n';
 			continue;
 		}