--- /dev/null
+diff -ruN cvs-1.11.2.org/src/login.c cvs-1.11.2/src/login.c
+--- cvs-1.11.2.org/src/login.c Sat Jun 1 23:47:43 2002
++++ cvs-1.11.2/src/login.c Sat Jun 1 23:49:12 2002
+@@ -30,7 +30,7 @@
+ #endif
+
+ #ifndef CVS_PASSWORD_FILE
+-#define CVS_PASSWORD_FILE ".cvspass"
++#define CVS_PASSWORD_FILE "cvspass"
+ #endif
+
+ /* If non-NULL, get_cvs_password() will just return this. */
+@@ -65,8 +65,13 @@
+ return (char *) NULL;
+ }
+
++ if (getenv("CONFIG_DIR")) {
++ passfile = (char *) xmalloc (strlen (homedir) + strlen (getenv("CONFIG_DIR")) + strlen (CVS_PASSWORD_FILE) + 4);
++ sprintf (passfile, "%s/%s/%s", homedir, getenv("CONFIG_DIR"), CVS_PASSWORD_FILE);
++ }
++ else {
+ passfile =
+- (char *) xmalloc (strlen (homedir) + strlen (CVS_PASSWORD_FILE) + 3);
++ (char *) xmalloc (strlen (homedir) + strlen (CVS_PASSWORD_FILE) + 4);
+ strcpy (passfile, homedir);
+ #ifndef NO_SLASH_AFTER_HOME
+ /* NO_SLASH_AFTER_HOME is defined for VMS, where foo:[bar]/.cvspass is not
+@@ -75,7 +80,9 @@
+ kind of thing.... */
+ strcat (passfile, "/");
+ #endif
++ strcat (passfile, ".");
+ strcat (passfile, CVS_PASSWORD_FILE);
++ }
+
+ /* Safety first and last, Scouts. */
+ if (isfile (passfile))