auth: Allow noauthenticate in the last passdb

If the passdb lookup has already succeeded, ignore
PASSDB_RESULT_NEXT result.

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 41af0cbdad91780ec82210cffa72289690d58891..8764727050b3c071517c2b5eda9b6c9dc06f0993 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -1125,12 +1125,6 @@ auth_request_finish_passdb_lookup(enum passdb_result *result,
                }
                *next_passdb_r = next_passdb;
                return 0;
-       } else if (*result == PASSDB_RESULT_NEXT) {
-               /* admin forgot to put proper passdb last */
-               e_error(authdb_event(request),
-                       "Last passdb had noauthenticate field, "
-                       "cannot authenticate user");
-               *result = PASSDB_RESULT_INTERNAL_FAILURE;
        } else if (request->passdb_success) {
                /* either this or a previous passdb lookup succeeded. */
                *result = PASSDB_RESULT_OK;
@@ -1139,6 +1133,12 @@ auth_request_finish_passdb_lookup(enum passdb_result *result,
                   had the correct password, so return internal failure
                   instead of plain failure. */
                *result = PASSDB_RESULT_INTERNAL_FAILURE;
+       } else if (*result == PASSDB_RESULT_NEXT) {
+               /* admin forgot to put proper passdb last */
+               e_error(authdb_event(request),
+                       "Last passdb had noauthenticate field, "
+                       "cannot authenticate user");
+               *result = PASSDB_RESULT_INTERNAL_FAILURE;
        }
 
        i_assert(request->to_penalty == NULL);