Use roken_get_*() instead of getpwuuid()

Using non-reentrant getpwuid() (or getpwnam(), or getspnam())  can be
dangerous.  We had a report of a login application / PAM that calls
those, and Heimdal, by calling them too, clobbered the cached struct
passwd used by the login app / PAM.

appl/afsutil/pagsh.c

@@ -99,6 +99,7 @@ main(int argc, char **argv)
 {
     int f;
     char tf[1024];
+    char shellbuf[MAX_PATH];
     char *p;
 
     char *path;
@@ -166,13 +167,10 @@ main(int argc, char **argv)
 	      (unsigned long)((argc + 10)*sizeof(char *)));
 
     if(*argv == NULL) {
-	path = getenv("SHELL");
-	if(path == NULL){
-	    struct passwd *pw = k_getpwuid(geteuid());
-	    if (pw == NULL)
-		errx(1, "no such user: %d", (int)geteuid());
-	    path = strdup(pw->pw_shell);
-	}
+        if (roken_get_shell(shellbuf, sizeof(shellbuf)) != NULL)
+            path = strdup(shellbuf);
+        else
+            path = strdup("/bin/sh");
     } else {
 	path = strdup(*argv++);
     }

appl/otp/otp.c

@@ -292,6 +292,7 @@ main (int argc, char **argv)
     int uid = getuid();
     OtpAlgorithm *alg = otp_find_alg (OTP_ALG_DEFAULT);
     int optidx = 0;
+    char userbuf[128];
 
     setprogname (argv[0]);
     if(getarg(args, num_args, argc, argv, &optidx))
@@ -332,12 +333,9 @@ main (int argc, char **argv)
 	return list_otps (argc, argv, user);
 
     if (user == NULL) {
-	struct passwd *pwd;
-
-	pwd = k_getpwuid(uid);
-	if (pwd == NULL)
+        user = roken_get_username(userbuf, sizeof(userbuf));
+        if (user == NULL)
 	    err (1, "You don't exist");
-	user = pwd->pw_name;
     }
 
     /*