login-common: Handle different dsasl_client_results failures better

diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c
index 87cecdceea0030b58eb5cf13eba30d372a04c3c8..5d655ff1d17e3019471db70df9dba307de0f29d1 100644 (file)
--- a/src/login-common/login-proxy.c
+++ b/src/login-common/login-proxy.c
@@ -880,7 +880,16 @@ int login_proxy_sasl_step(struct client *client, string_t *str)
                sasl_res = dsasl_client_output(client->proxy_sasl_client,
                                               &data, &data_len, &error);
        }
-       if (sasl_res != DSASL_CLIENT_RESULT_OK) {
+       switch (sasl_res) {
+       case DSASL_CLIENT_RESULT_OK:
+               break;
+       case DSASL_CLIENT_RESULT_AUTH_FAILED:
+               login_proxy_failed(client->login_proxy,
+                                  login_proxy_get_event(client->login_proxy),
+                                  LOGIN_PROXY_FAILURE_TYPE_AUTH_NOT_REPLIED,
+                                  error);
+               return -1;
+       case DSASL_CLIENT_RESULT_ERR_PROTOCOL: {
                const char *reason = t_strdup_printf(
                        "Invalid authentication data: %s", error);
                login_proxy_failed(client->login_proxy,
@@ -888,6 +897,12 @@ int login_proxy_sasl_step(struct client *client, string_t *str)
                                   LOGIN_PROXY_FAILURE_TYPE_PROTOCOL, reason);
                return -1;
        }
+       case DSASL_CLIENT_RESULT_ERR_INTERNAL:
+               login_proxy_failed(client->login_proxy,
+                                  login_proxy_get_event(client->login_proxy),
+                                  LOGIN_PROXY_FAILURE_TYPE_INTERNAL, error);
+               return -1;
+       }
        str_truncate(str, 0);
        base64_encode(data, data_len, str);
        return 0;