As discussed on Linear here, the changes in D11140 are not working as desired. The issue is that SET_NEW_SESSION is actually setting the currentUserInfo during keyserver auth, prior to KEYSERVER_AUTH_SUCCESS.
I figure that perhaps the simplest solution here is to remove the code for reducing KEYSERVER_AUTH_SUCCESS from reduceCurrentUserInfo, and to move the error checking to SET_NEW_SESSION.