Wrong check for username/password at line 408 of user.c

[lilyfang]

User.c has the logic to check the username/password. The check for the return value is wrong, thus it causes accidentally returning the last username/password when the username/password does not exist in the system.

[palladia]

I tried to repro this several ways:

1. Running gdb on omiserver, I set up breakpoint in LookupUser() in user.c, and invoked omicli using basic auth. If user name is not valid, this function never gets invoked, and omicli properly states that it's INVALID_ACCESS. If user name is correct, the function gets called, but getpwnam_r() seems to be invoked correctly.

So it looks like with new authentication code, bad user gets detected before LookupUser() is invoked, so this may not be an issue any more.

I verified this on Ubuntu 14.04 and CentOS 7.

2. Just to make sure that getpwnam_r() is working properly, I wrote a small program to test just getpwnam_r(). On both Ubuntu 14.04 and CentOS 7, the getpwnam_r() returns correctly.

There are no details in descriptions what platform this problem was observed.

[yakman2020]

fix