hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only count actual failures as auth failures

Browse Source 
If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
This commit is contained in:
Markus Mäkelä
2019-05-22 19:22:43 +03:00
parent add488366b
commit 397fc97d07
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/modules/protocol/MySQL/mariadbclient/mysql_client.cc
View File

@ -1012,7 +1012,13 @@ static int gw_read_do_authentication(DCB* dcb, GWBUF* read_buffer, int nbytes_re
protocol->protocol_auth_state = MXS_AUTH_STATE_FAILED; protocol->protocol_auth_state = MXS_AUTH_STATE_FAILED;
mysql_client_auth_error_handling(dcb, auth_val, next_sequence); mysql_client_auth_error_handling(dcb, auth_val, next_sequence);
mxb_assert(dcb->session->listener); mxb_assert(dcb->session->listener);
dcb->session->listener->mark_auth_as_failed(dcb->remote);
// MXS_AUTH_NO_SESSION is for failure to start session, not authentication failure
if (auth_val != MXS_AUTH_NO_SESSION)
{
dcb->session->listener->mark_auth_as_failed(dcb->remote);
}
/** /**
* Close DCB and which will release MYSQL_session * Close DCB and which will release MYSQL_session
*/ */