From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Mon, 11 Jul 2016 11:56:41 +0000 (+0300)
Subject: auth: Fail request if last passdb is noauthenticate
X-Git-Tag: 2.3.0.rc1~3309
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e84ffebc21ecef6a3ba61a59fa86437b4ea71a46;p=thirdparty%2Fdovecot%2Fcore.git

auth: Fail request if last passdb is noauthenticate
---

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 7040fad7f6..15cffeb566 100644
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -746,6 +746,11 @@ auth_request_handle_passdb_callback(enum passdb_result *result,
 			request->passdbs_seen_internal_failure = TRUE;
 		}
 		return FALSE;
+	} else if (*result == PASSDB_RESULT_NEXT) {
+		/* admin forgot to put proper passdb last */
+		auth_request_log_error(request, AUTH_SUBSYS_DB,
+			"Last passdb had noauthenticate field, cannot authenticate user");
+		*result = PASSDB_RESULT_INTERNAL_FAILURE;
 	} else if (request->passdb_success) {
 		/* either this or a previous passdb lookup succeeded. */
 		*result = PASSDB_RESULT_OK;