From b23deee09af8f3724e0b9792f63c09eb2cc73708 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Tue, 6 Jan 1998 22:38:00 +0000
Subject: 	* in_tkt.c: Conditionalize use of macro do_seteuid, rather
 than 	redefining setreuid.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10349 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb4/ChangeLog |  5 +++++
 src/lib/krb4/in_tkt.c  | 25 ++++++++++++++++---------
 2 files changed, 21 insertions(+), 9 deletions(-)

(limited to 'src')

diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index 4e27704681..04a3133600 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,8 @@
+Tue Jan  6 17:11:28 1998  Tom Yu  <tlyu@mit.edu>
+
+	* in_tkt.c: Conditionalize use of macro do_seteuid, rather than
+	redefining setreuid. [krb5-libs/521]
+
 Sat Dec  6 22:17:28 1997  Ezra Peisach  <epeisach@mit.edu>
 
 	* dest_tkt.c: Add <string.h> for memset prototype.
diff --git a/src/lib/krb4/in_tkt.c b/src/lib/krb4/in_tkt.c
index bc5c2b31c7..ea17be8201 100644
--- a/src/lib/krb4/in_tkt.c
+++ b/src/lib/krb4/in_tkt.c
@@ -17,6 +17,9 @@
 #ifdef TKT_SHMEM
 #include <sys/param.h>
 #endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
 
 extern int krb_debug;
 
@@ -27,13 +30,17 @@ extern int krb_debug;
  * success, or KFAILURE if something goes wrong.
  */
 
-#ifndef HAVE_SETREUID
+#ifdef HAVE_SETEUID
+#define do_seteuid(e) seteuid((e))
+#else
 #ifdef HAVE_SETRESUID
-/* for hpux */
-#define setreuid(r,e) setresuid(r,e,-1)
+#define do_seteuid(e) setresuid(getuid(), (e), geteuid())
 #else
-/* for svr4 */
-#define setreuid(r,e) setuid(r)
+#ifdef HAVE_SETREUID
+#define do_seteuid(e) setreuid(geteuid(), (e))
+#else
+#define do_seteuid(e) (errno = EPERM, -1)
+#endif
 #endif
 #endif
 
@@ -98,10 +105,10 @@ in_tkt(pname,pinst)
        This isn't a security problem, since the ticket file, if it already
        exists, has the right uid (== ruid) and mode. */
     if (me != metoo) {
-	if (setreuid(metoo, me) < 0) {
+	if (do_seteuid(me) < 0) {
 	    /* can't switch??? barf! */
 	    if (krb_debug)
-		perror("in_tkt: setreuid");
+		perror("in_tkt: seteuid");
 	    return(KFAILURE);
 	} else
 	    if (krb_debug)
@@ -118,10 +125,10 @@ in_tkt(pname,pinst)
     }
     umask(mask);
     if (me != metoo) {
-	if (setreuid(me, metoo) < 0) {
+	if (do_seteuid(metoo) < 0) {
 	    /* can't switch??? barf! */
 	    if (krb_debug)
-		perror("in_tkt: setreuid2");
+		perror("in_tkt: seteuid2");
 	    return(KFAILURE);
 	} else
 	    if (krb_debug)
-- 
cgit