Only count actual failures as auth failures

If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
This commit is contained in:
Markus Mäkelä
2019-05-22 19:22:43 +03:00
parent add488366b
commit 397fc97d07

View File

@ -1012,7 +1012,13 @@ static int gw_read_do_authentication(DCB* dcb, GWBUF* read_buffer, int nbytes_re
protocol->protocol_auth_state = MXS_AUTH_STATE_FAILED;
mysql_client_auth_error_handling(dcb, auth_val, next_sequence);
mxb_assert(dcb->session->listener);
dcb->session->listener->mark_auth_as_failed(dcb->remote);
// MXS_AUTH_NO_SESSION is for failure to start session, not authentication failure
if (auth_val != MXS_AUTH_NO_SESSION)
{
dcb->session->listener->mark_auth_as_failed(dcb->remote);
}
/**
* Close DCB and which will release MYSQL_session
*/