From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Wed, 14 Dec 2022 08:11:27 +0000 (+0200)
Subject: auth: Allow noauthenticate in the last passdb
X-Git-Tag: 2.4.1~1020
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5c80e7cb9280cc0e763f366cbcbfd10488263543;p=thirdparty%2Fdovecot%2Fcore.git

auth: Allow noauthenticate in the last passdb

If the passdb lookup has already succeeded, ignore
PASSDB_RESULT_NEXT result.
---

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 41af0cbdad..8764727050 100644
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -1125,12 +1125,6 @@ auth_request_finish_passdb_lookup(enum passdb_result *result,
 		}
 		*next_passdb_r = next_passdb;
 		return 0;
-	} else if (*result == PASSDB_RESULT_NEXT) {
-		/* admin forgot to put proper passdb last */
-		e_error(authdb_event(request),
-			"Last passdb had noauthenticate field, "
-			"cannot authenticate user");
-		*result = PASSDB_RESULT_INTERNAL_FAILURE;
 	} else if (request->passdb_success) {
 		/* either this or a previous passdb lookup succeeded. */
 		*result = PASSDB_RESULT_OK;
@@ -1139,6 +1133,12 @@ auth_request_finish_passdb_lookup(enum passdb_result *result,
 		   had the correct password, so return internal failure
 		   instead of plain failure. */
 		*result = PASSDB_RESULT_INTERNAL_FAILURE;
+	} else if (*result == PASSDB_RESULT_NEXT) {
+		/* admin forgot to put proper passdb last */
+		e_error(authdb_event(request),
+			"Last passdb had noauthenticate field, "
+			"cannot authenticate user");
+		*result = PASSDB_RESULT_INTERNAL_FAILURE;
 	}
 
 	i_assert(request->to_penalty == NULL);