Clean up error message reported after \password encryption failure.

Experimenting with FIPS mode enabled, I saw

regression=# \password joe
Enter new password for user "joe":
Enter it again:
could not encrypt password: disabled for FIPS
out of memory

because PQencryptPasswordConn was still of the opinion that "out of
memory" is always appropriate to print.

Minor oversight in b69aba745.  Like that one, back-patch to v14.

1 files changed, 7 insertions, 4 deletions

diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index 2e6b2e8f04e..82fc7cdb986 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -1290,6 +1290,10 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
 	if (strcmp(algorithm, "scram-sha-256") == 0)
 	{
 		crypt_pwd = pg_fe_scram_build_secret(passwd);
+		/* We assume the only possible failure is OOM */
+		if (!crypt_pwd)
+			appendPQExpBufferStr(&conn->errorMessage,
+								 libpq_gettext("out of memory\n"));
 	}
 	else if (strcmp(algorithm, "md5") == 0)
 	{
@@ -1307,6 +1311,9 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
 				crypt_pwd = NULL;
 			}
 		}
+		else
+			appendPQExpBufferStr(&conn->errorMessage,
+								 libpq_gettext("out of memory\n"));
 	}
 	else
 	{
@@ -1316,9 +1323,5 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
 		return NULL;
 	}
 
-	if (!crypt_pwd)
-		appendPQExpBufferStr(&conn->errorMessage,
-							 libpq_gettext("out of memory\n"));
-
 	return crypt_pwd;
 }