From 4630ef1bdcf5bc378707ae1d643cacc527701863 Mon Sep 17 00:00:00 2001
From: Nicolas Williams <nico@cryptonector.com>
Date: Wed, 14 Dec 2011 18:01:35 -0600
Subject: [PATCH] Fix kuserok.c:check_owner_file(), make tests/kdc/check-authz
 run

---
 lib/krb5/kuserok.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/krb5/kuserok.c b/lib/krb5/kuserok.c
index 302f6ac88..469e3c786 100644
--- a/lib/krb5/kuserok.c
+++ b/lib/krb5/kuserok.c
@@ -216,7 +216,8 @@ check_owner_file(krb5_context context,
     char pwbuf[2048];
     struct stat st;
 
-    heim_assert(owner != NULL, "no file owner ?");
+    if (owner == NULL)
+	return 0;
 
     if (rk_getpwnam_r(owner, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) {
 	krb5_set_error_message(context, errno,
@@ -244,7 +245,7 @@ check_owner_file(krb5_context context,
 			       "permissions", filename);
 	return EACCES;
     }
-    if (pwd->pw_uid != st.st_uid || st.st_uid != 0) {
+    if (pwd->pw_uid != st.st_uid && st.st_uid != 0) {
 	krb5_set_error_message(context, EACCES,
 			       "k5login %s not owned by the user or root",
 			       filename);