From add488366b59184eaad9da4bce4eaa1fdfda21c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Wed, 22 May 2019 15:46:49 +0300
Subject: [PATCH] Log message on when a host is blocked

To make it easier to detect when a host was blocked due to too many
authentication failures, a log message is now logged.
---
 server/core/listener.cc | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/server/core/listener.cc b/server/core/listener.cc
index 184259449..345cd67db 100644
--- a/server/core/listener.cc
+++ b/server/core/listener.cc
@@ -56,11 +56,11 @@ namespace
 class RateLimit
 {
 public:
-    void auth_failed(const std::string& remote)
+    bool auth_failed(const std::string& remote)
     {
         auto& u = m_failures[remote];
         u.last_failure = Clock::now();
-        u.failures++;
+        return ++u.failures >= config_get_global_options()->max_auth_errors_until_block;
     }
 
     bool is_blocked(const std::string& remote)
@@ -1039,5 +1039,9 @@ void Listener::accept_connections()
 
 void Listener::mark_auth_as_failed(const std::string& remote)
 {
-    rate_limit.auth_failed(remote);
+    if (rate_limit.auth_failed(remote))
+    {
+        MXS_NOTICE("Host '%s' blocked for %d seconds due to too many authentication failures.",
+                   remote.c_str(), BLOCK_TIME);
+    }
 }