From cc4a9f5f8052e466a1b7358d25337675c70f5c71 Mon Sep 17 00:00:00 2001
From: Johan Danielsson <joda@pdc.kth.se>
Date: Mon, 8 Dec 1997 23:34:23 +0000
Subject: [PATCH] setuid(0) before calling krb_kuserok()

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4171 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/auth/sia/sia.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/lib/auth/sia/sia.c b/lib/auth/sia/sia.c
index 00f773302..d8da60240 100644
--- a/lib/auth/sia/sia.c
+++ b/lib/auth/sia/sia.c
@@ -202,13 +202,13 @@ common_auth(sia_collect_func_t *collect,
     {
 	char realm[REALM_SZ];
 	int ret;
-	struct passwd pw, *pwd,  fpw, *fpwd;
-	char pwbuf[1024],  fpwbuf[1024];
+	struct passwd pw, *pwd, fpw, *fpwd;
+	char pwbuf[1024], fpwbuf[1024];
 	struct state *s = (struct state*)entity->mech[pkgind];
-
+	
 	if(getpwnam_r(entity->name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0)
 	    return SIADFAIL;
-
+	
 	snprintf(s->ticket, sizeof(s->ticket),
 		 TKT_ROOT "%u_%u", (unsigned)pwd->pw_uid, (unsigned)getpid());
 	krb_get_lrealm(realm, 1);
@@ -221,8 +221,7 @@ common_auth(sia_collect_func_t *collect,
 #else
 	    ouid = getuid();
 #endif
-	    if(getpwuid_r(ouid, &fpw, 
-			  fpwbuf, sizeof(fpwbuf), &fpwd) != 0)
+	    if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0)
 		return SIADFAIL;
 	    snprintf(s->ticket, sizeof(s->ticket), TKT_ROOT "_%s_to_%s_%d", 
 		     fpwd->pw_name, pwd->pw_name, getpid());
@@ -231,9 +230,10 @@ common_auth(sia_collect_func_t *collect,
 		toinst = pwd->pw_name;
 	    }
 	}
-
+    
 	krb_set_tkt_string(s->ticket);
 	
+	setuid(0); /* XXX fix for fix in tf_util.c */
 	if(krb_kuserok(toname, toinst, realm, entity->name))
 	    return SIADFAIL;
 	ret = krb_verify_user(toname, toinst, realm,