hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Log unknown users and wrong passwords separately

Browse Source 
If authentication fails due to a wrong password, a different error message
is logged. This should help resolve problems with user management.
This commit is contained in:
Markus Mäkelä
2018-07-03 16:35:17 +03:00
parent be7d31c6ff
commit 3f9a204116
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/maxscale/authenticator.h
View File

@ -131,6 +131,7 @@ typedef struct mxs_authenticator
#define MXS_AUTH_SSL_COMPLETE 6 /**< SSL connection complete or not required */ #define MXS_AUTH_SSL_COMPLETE 6 /**< SSL connection complete or not required */
#define MXS_AUTH_NO_SESSION 7 #define MXS_AUTH_NO_SESSION 7
#define MXS_AUTH_BAD_HANDSHAKE 8 /**< Malformed client packet */ #define MXS_AUTH_BAD_HANDSHAKE 8 /**< Malformed client packet */
#define MXS_AUTH_FAILED_WRONG_PASSWORD 9 /**< Client provided wrong password */
/** Return values for the loadusers entry point */ /** Return values for the loadusers entry point */
#define MXS_AUTH_LOADUSERS_OK 0 /**< Users loaded successfully */ #define MXS_AUTH_LOADUSERS_OK 0 /**< Users loaded successfully */

8
server/modules/authenticator/MySQLAuth/mysql_auth.c
View File

@ -304,13 +304,17 @@ mysql_auth_authenticate(DCB *dcb)
} }
else if (dcb->service->log_auth_warnings) else if (dcb->service->log_auth_warnings)
{ {
// Enough to hold the error message and the database name // The default failure is a `User not found` one
char extra[256] = {}; char extra[256] = "User not found.";
if (auth_ret == MXS_AUTH_FAILED_DB) if (auth_ret == MXS_AUTH_FAILED_DB)
{ {
snprintf(extra, sizeof(extra), "Unknown database: %s", client_data->db); snprintf(extra, sizeof(extra), "Unknown database: %s", client_data->db);
} }
else if (auth_ret == MXS_AUTH_FAILED_WRONG_PASSWORD)
{
strcpy(extra, "Wrong password.");
}
if (dcb->path) if (dcb->path)
{ {