Only log one host blocking message

The message would be logged multiple times if multiple authentication attemps failed at the same time. Also renamed the RateLimit class method to the same as the Listener one.
2019-05-23 17:56:33 +03:00
parent c2975d33f8
commit e5f0d3eb37
1 changed files with 10 additions and 3 deletions
--- a/server/core/listener.cc
+++ b/server/core/listener.cc
@ -56,11 +56,18 @@ namespace
 class RateLimit
 {
 public:
-    bool auth_failed(const std::string& remote)
+    /**
+     * Mark authentication from a host as failed
+     *
+     * @param remote The host from which the connection originated
+     *
+     * @return True if this was the failure that caused the host to be blocked
+     */
+    bool mark_auth_as_failed(const std::string& remote)
    {
        auto& u = m_failures[remote];
        u.last_failure = Clock::now();
-        return ++u.failures >= config_get_global_options()->max_auth_errors_until_block;
+        return ++u.failures == config_get_global_options()->max_auth_errors_until_block;
    }

    bool is_blocked(const std::string& remote)
@ -1030,7 +1037,7 @@ void Listener::accept_connections()

 void Listener::mark_auth_as_failed(const std::string& remote)
 {
-    if (rate_limit.auth_failed(remote))
+    if (rate_limit.mark_auth_as_failed(remote))
    {
        MXS_NOTICE("Host '%s' blocked for %d seconds due to too many authentication failures.",
                   remote.c_str(), BLOCK_TIME);