From 0d046a4d7248543fcdfd1d5883a2ff6258786db7 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Wed, 26 May 2010 20:47:13 +0000
Subject: [PATCH] Fix bogus error message for SSL-cert authentication, due to
 lack of a uaCert entry in auth_failed().  Put the switch entries into a sane
 order, namely the one the enum is declared in.

---
 src/backend/libpq/auth.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index c4e234186e..2c89b8628c 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.200 2010/04/21 03:32:53 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.201 2010/05/26 20:47:13 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -257,30 +257,33 @@ auth_failed(Port *port, int status)
 		case uaKrb5:
 			errstr = gettext_noop("Kerberos 5 authentication failed for user \"%s\"");
 			break;
-		case uaGSS:
-			errstr = gettext_noop("GSSAPI authentication failed for user \"%s\"");
-			break;
-		case uaSSPI:
-			errstr = gettext_noop("SSPI authentication failed for user \"%s\"");
-			break;
 		case uaTrust:
 			errstr = gettext_noop("\"trust\" authentication failed for user \"%s\"");
 			break;
 		case uaIdent:
 			errstr = gettext_noop("Ident authentication failed for user \"%s\"");
 			break;
-		case uaMD5:
 		case uaPassword:
+		case uaMD5:
 			errstr = gettext_noop("password authentication failed for user \"%s\"");
 			/* We use it to indicate if a .pgpass password failed. */
 			errcode_return = ERRCODE_INVALID_PASSWORD;
 			break;
+		case uaGSS:
+			errstr = gettext_noop("GSSAPI authentication failed for user \"%s\"");
+			break;
+		case uaSSPI:
+			errstr = gettext_noop("SSPI authentication failed for user \"%s\"");
+			break;
 		case uaPAM:
 			errstr = gettext_noop("PAM authentication failed for user \"%s\"");
 			break;
 		case uaLDAP:
 			errstr = gettext_noop("LDAP authentication failed for user \"%s\"");
 			break;
+		case uaCert:
+			errstr = gettext_noop("certificate authentication failed for user \"%s\"");
+			break;
 		case uaRADIUS:
 			errstr = gettext_noop("RADIUS authentication failed for user \"%s\"");
 			break;
@@ -2503,7 +2506,7 @@ CheckCertAuth(Port *port)
 		strlen(port->peer_cn) <= 0)
 	{
 		ereport(LOG,
-				(errmsg("Certificate login failed for user \"%s\": client certificate contains no username",
+				(errmsg("certificate authentication failed for user \"%s\": client certificate contains no username",
 						port->user_name)));
 		return STATUS_ERROR;
 	}
-- 
2.40.0