From fbd2e41e9de46da43ed4f9f8b1d9f8aa7d498212 Mon Sep 17 00:00:00 2001
From: Marko Kreen <markokr@gmail.com>
Date: Wed, 8 Apr 2015 13:48:25 +0300
Subject: [PATCH] Slightly better auth_user fix.

---
 src/client.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/client.c b/src/client.c
index 49b2624..ca5b7a8 100644
--- a/src/client.c
+++ b/src/client.c
@@ -39,12 +39,6 @@ static bool check_client_passwd(PgSocket *client, const char *passwd)
 	const char *correct;
 	PgUser *user = client->auth_user;
 
-	/* auth_user may be missing */
-	if (!user) {
-		slog_error(client, "Password packet before auth packet?");
-		return false;
-	}
-
 	/* disallow empty passwords */
 	if (!*passwd || !*user->passwd)
 		return false;
@@ -465,6 +459,12 @@ static bool handle_client_startup(PgSocket *client, PktHdr *pkt)
 
 		break;
 	case 'p':		/* PasswordMessage */
+		/* too early */
+		if (!client->auth_user) {
+			disconnect_client(client, true, "client password pkt before startup packet");
+			return false;
+		}
+
 		/* haven't requested it */
 		if (cf_auth_type <= AUTH_TRUST) {
 			disconnect_client(client, true, "unrequested passwd pkt");
-- 
2.40.0