Fix for PAM error message display:

> and that the right fix is to make each of the subsequent calls be in
> this same pattern, not to try to emulate their nonsensical style.

Dominic J. Eidson

src/backend/libpq/auth.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.74 2002/02/23 04:17:46 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.75 2002/02/25 20:07:02 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -766,9 +766,9 @@ CheckPAMAuth(Port *port, char *user, char *password)
 		return STATUS_ERROR;
 	}
 
-	if (retval == PAM_SUCCESS)
+	retval = pam_set_item(pamh, PAM_USER, user);
-		retval = pam_set_item(pamh, PAM_USER, user);
+
-	else
+	if (retval != PAM_SUCCESS)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 				 "CheckPAMAuth: pam_set_item(PAM_USER) failed: '%s'\n",
@@ -778,9 +778,10 @@ CheckPAMAuth(Port *port, char *user, char *password)
 		pam_passwd = NULL;		/* Unset pam_passwd */
 		return STATUS_ERROR;
 	}
-	if (retval == PAM_SUCCESS)
+
-		retval = pam_set_item(pamh, PAM_CONV, &pam_passw_conv);
+	retval = pam_set_item(pamh, PAM_CONV, &pam_passw_conv);
-	else
+
+	if (retval != PAM_SUCCESS)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 				 "CheckPAMAuth: pam_set_item(PAM_CONV) failed: '%s'\n",
@@ -790,9 +791,10 @@ CheckPAMAuth(Port *port, char *user, char *password)
 		pam_passwd = NULL;		/* Unset pam_passwd */
 		return STATUS_ERROR;
 	}
-	if (retval == PAM_SUCCESS)
+
-		retval = pam_authenticate(pamh, 0);
+	retval = pam_authenticate(pamh, 0);
-	else
+
+	if (retval != PAM_SUCCESS)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 				 "CheckPAMAuth: pam_authenticate failed: '%s'\n",
@@ -802,9 +804,10 @@ CheckPAMAuth(Port *port, char *user, char *password)
 		pam_passwd = NULL;		/* Unset pam_passwd */
 		return STATUS_ERROR;
 	}
-	if (retval == PAM_SUCCESS)
+
-		retval = pam_acct_mgmt(pamh, 0);
+	retval = pam_acct_mgmt(pamh, 0);
-	else
+
+	if (retval != PAM_SUCCESS)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
 				 "CheckPAMAuth: pam_acct_mgmt failed: '%s'\n",
@@ -814,24 +817,21 @@ CheckPAMAuth(Port *port, char *user, char *password)
 		pam_passwd = NULL;		/* Unset pam_passwd */
 		return STATUS_ERROR;
 	}
-	if (retval == PAM_SUCCESS)
+
+	retval = pam_end(pamh, retval);
+
+	if (retval != PAM_SUCCESS)
 	{
-		retval = pam_end(pamh, retval);
+		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
-		if (retval != PAM_SUCCESS)
+		 "CheckPAMAuth: Failed to release PAM authenticator: '%s'\n",
-		{
+				 pam_strerror(pamh, retval));
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		fputs(PQerrormsg, stderr);
-			 "CheckPAMAuth: Failed to release PAM authenticator: '%s'\n",
+		pqdebug("%s", PQerrormsg);
-					 pam_strerror(pamh, retval));
-			fputs(PQerrormsg, stderr);
-			pqdebug("%s", PQerrormsg);
-		}
-
-		pam_passwd = NULL;		/* Unset pam_passwd */
-
-		return (retval == PAM_SUCCESS ? STATUS_OK : STATUS_ERROR);
 	}
-	else
+
-		return STATUS_ERROR;
+	pam_passwd = NULL;		/* Unset pam_passwd */
+
+	return (retval == PAM_SUCCESS ? STATUS_OK : STATUS_ERROR);
 }
 #endif   /* USE_PAM */