Fix bogus order of error checks in new channel_binding code.

Coverity pointed out that it's pretty silly to check for a null pointer
after we've already dereferenced the pointer.  To fix, just swap the
order of the two error checks.  Oversight in commit d6e612f83.

1 files changed, 5 insertions, 5 deletions

diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index cd29e8bd126..04118d54e2b 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -502,18 +502,18 @@ pg_SASL_init(PGconn *conn, int payloadlen)
 			selected_mechanism = SCRAM_SHA_256_NAME;
 	}
 
-	if (conn->channel_binding[0] == 'r' &&	/* require */
-		strcmp(selected_mechanism, SCRAM_SHA_256_PLUS_NAME) != 0)
+	if (!selected_mechanism)
 	{
 		printfPQExpBuffer(&conn->errorMessage,
-						  libpq_gettext("channel binding is required, but server did not offer an authentication method that supports channel binding\n"));
+						  libpq_gettext("none of the server's SASL authentication mechanisms are supported\n"));
 		goto error;
 	}
 
-	if (!selected_mechanism)
+	if (conn->channel_binding[0] == 'r' &&	/* require */
+		strcmp(selected_mechanism, SCRAM_SHA_256_PLUS_NAME) != 0)
 	{
 		printfPQExpBuffer(&conn->errorMessage,
-						  libpq_gettext("none of the server's SASL authentication mechanisms are supported\n"));
+						  libpq_gettext("channel binding is required, but server did not offer an authentication method that supports channel binding\n"));
 		goto error;
 	}