Clean up error message reported after \password encryption failure.

Experimenting with FIPS mode enabled, I saw

regression=# \password joe
Enter new password for user "joe":
Enter it again:
could not encrypt password: disabled for FIPS
out of memory

because PQencryptPasswordConn was still of the opinion that "out of
memory" is always appropriate to print.

Minor oversight in b69aba745.  Like that one, back-patch to v14.

diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index 24927fd040f38bd644def5ff6572dd35ed666a57..5d0aaa8536bf6fe36a821f0f1cd419ef95b0290a 100644 (file)
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -1265,6 +1265,10 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
        if (strcmp(algorithm, "scram-sha-256") == 0)
        {
                crypt_pwd = pg_fe_scram_build_secret(passwd);
+               /* We assume the only possible failure is OOM */
+               if (!crypt_pwd)
+                       appendPQExpBufferStr(&conn->errorMessage,
+                                                                libpq_gettext("out of memory\n"));
        }
        else if (strcmp(algorithm, "md5") == 0)
        {
@@ -1282,6 +1286,9 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
                                crypt_pwd = NULL;
                        }
                }
+               else
+                       appendPQExpBufferStr(&conn->errorMessage,
+                                                                libpq_gettext("out of memory\n"));
        }
        else
        {
@@ -1291,9 +1298,5 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
                return NULL;
        }
 
-       if (!crypt_pwd)
-               appendPQExpBufferStr(&conn->errorMessage,
-                                                        libpq_gettext("out of memory\n"));
-
        return crypt_pwd;
 }