auth: auth-request - Snapshot the userdb fields upon authentication success.

Otherwise, fields added by mechanisms that don't use a passdb lookup (such as
DOVECOT-TOKEN) can be lost upon the subsequent userdb lookup.

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 6d732656cbbe99211904919b37dbdc5d210358e6..c57d133f193aea9f0580e7eefe4f37b26f105ca2 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -180,6 +180,10 @@ void auth_request_success(struct auth_request *request,
 {
        i_assert(request->state == AUTH_REQUEST_STATE_MECH_CONTINUE);
 
+       /* preserve userdb fields set by mechanisms that don't use a passdb */
+       if (request->fields.userdb_reply != NULL)
+               auth_fields_snapshot(request->fields.userdb_reply);
+
        if (!request->set->policy_check_after_auth) {
                struct auth_policy_check_ctx *ctx =
                        p_new(request->pool, struct auth_policy_check_ctx, 1);