commit 73964625c8910400d965b29575616837b6ac07a5
from: Martijn van Duren <martijn@openbsd.org>
date: Sun Sep 24 22:45:56 2017 UTC

Change ruid back to original value before calling authuser.
TIOCCHKVERAUTH comares the ruids, which made doas and vias logout one
another.

commit - a689c18241892589578de19a0e0ba9626e96ebb3
commit + 73964625c8910400d965b29575616837b6ac07a5
blob - 95972527928d90c3dfd17b89fd9a72f17110147f
blob + 173564451ae91a2d47e86ee89e3d05a7d4b05c66
--- vias.c
+++ vias.c
@@ -369,8 +369,6 @@ main(int argc, char **argv)
 	closefrom(STDERR_FILENO + 1);
 
 	uid = getuid();
-	if (setuid(0) == -1)
-		err(1, "setuid");
 
 	while ((ch = getopt(argc, argv, "a:C:")) != -1) {
 		switch (ch) {
@@ -408,12 +406,17 @@ main(int argc, char **argv)
 
 	parseconfig("/etc/vias.conf", 1);
 
+	if (setuid(0) == -1)
+		err(1, "setuid");
 	if ((ofd = permit(uid, groups, ngroups, &rule, file)) == -1) {
 		syslog(LOG_AUTHPRIV | LOG_NOTICE,
 		    "failed edit for %s: %s", myname, file);
 		err(1, "%s", file);
 	}
 
+	if (setreuid(uid, 0) == -1)
+		err(1, "setreuid failed");
+	
 	if (!(rule->options & NOPASS))
 		authuser(myname, login_style, rule->options & PERSIST);