@@ -831,6 +831,10 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn)
831831
832832#if defined(ENABLE_GSS )|| defined(ENABLE_SSPI )
833833case AUTH_REQ_GSS :
834+ #if !defined(ENABLE_SSPI )
835+ /* no native SSPI, so use GSSAPI library for it */
836+ case AUTH_REQ_SSPI :
837+ #endif
834838{
835839int r ;
836840
@@ -888,13 +892,14 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn)
888892pgunlock_thread ();
889893}
890894break ;
891- #else
895+ #else /* defined(ENABLE_GSS) || defined(ENABLE_SSPI) */
896+ /* No GSSAPI *or* SSPI support */
892897case AUTH_REQ_GSS :
893898case AUTH_REQ_GSS_CONT :
894899printfPQExpBuffer (& conn -> errorMessage ,
895900libpq_gettext ("GSSAPI authentication not supported\n" ));
896901return STATUS_ERROR ;
897- #endif
902+ #endif /* defined(ENABLE_GSS) || defined(ENABLE_SSPI) */
898903
899904#ifdef ENABLE_SSPI
900905case AUTH_REQ_SSPI :
@@ -914,11 +919,19 @@ pg_fe_sendauth(AuthRequest areq, PGconn *conn)
914919pgunlock_thread ();
915920break ;
916921#else
922+ /*
923+ * No SSPI support. However, if we have GSSAPI but not SSPI
924+ * support, AUTH_REQ_SSPI will have been handled in the codepath
925+ * for AUTH_REQ_GSSAPI above, so don't duplicate the case label
926+ * in that case.
927+ */
928+ #if !defined(ENABLE_GSS )
917929case AUTH_REQ_SSPI :
918930printfPQExpBuffer (& conn -> errorMessage ,
919931libpq_gettext ("SSPI authentication not supported\n" ));
920932return STATUS_ERROR ;
921- #endif
933+ #endif /* !define(ENABLE_GSSAPI) */
934+ #endif /* ENABLE_SSPI */
922935
923936
924937case AUTH_REQ_CRYPT :