setuid(0) before calling krb_kuserok()

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4171 ec53bebd-3082-4978-b11e-865c3cabbd6b

lib/auth/sia/sia.c

@@ -221,8 +221,7 @@ common_auth(sia_collect_func_t *collect,
 #else
 	    ouid = getuid();
 #endif
-	    if(getpwuid_r(ouid, &fpw, 
+	    if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0)
-			  fpwbuf, sizeof(fpwbuf), &fpwd) != 0)
 		return SIADFAIL;
 	    snprintf(s->ticket, sizeof(s->ticket), TKT_ROOT "_%s_to_%s_%d", 
 		     fpwd->pw_name, pwd->pw_name, getpid());
@@ -234,6 +233,7 @@ common_auth(sia_collect_func_t *collect,
     
 	krb_set_tkt_string(s->ticket);
 	
+	setuid(0); /* XXX fix for fix in tf_util.c */
 	if(krb_kuserok(toname, toinst, realm, entity->name))
 	    return SIADFAIL;
 	ret = krb_verify_user(toname, toinst, realm,