rgw: don't overwrite auth result if ldap is not applicable

this was causing the following s3tests failure:

======================================================================
FAIL: s3tests.functional.test_s3.test_list_buckets_invalid_auth
----------------------------------------------------------------------
AssertionError: u'AccessDenied' != 'InvalidAccessKeyId'

Signed-off-by: Casey Bodley <cbodley@redhat.com>

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index c181b703930a800ca7445f98f6ed148d55efe526..eb20db812d7a649fa4916d48ca9df7f0e223a5e8 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3895,7 +3895,7 @@ int RGW_Auth_S3::authorize_v2(RGWRados *store, struct req_state *s)
   }
 
   /* try keystone auth first */
-  int external_auth_result = -ERR_INVALID_ACCESS_KEY;;
+  int external_auth_result = -ERR_INVALID_ACCESS_KEY;
   if (store->ctx()->_conf->rgw_s3_auth_use_keystone
       && !store->ctx()->_conf->rgw_keystone_url.empty()) {
     dout(20) << "s3 keystone: trying keystone auth" << dendl;
@@ -3952,9 +3952,7 @@ int RGW_Auth_S3::authorize_v2(RGWRados *store, struct req_state *s)
   RGWLDAPTokenExtractor token_extr(s);
   RGWLDAPAuthEngine ldap(s->cct, store, token_extr, &aplfact);
 
-  if (! ldap.is_applicable()) {
-    external_auth_result = -EACCES;
-  } else {
+  if (ldap.is_applicable()) {
     auto applier = ldap.authenticate();
     if (!applier) {
       external_auth_result = -EACCES;