Backporting WL#3953 from 6.0. Original revision:

------------------------------------------------------------ revno: 2476.714.9 committer: markleith@medusa.mysql.com timestamp: Mon 2007-09-03 23:18:50 +0100 message: Bug#25822 / WL#3953 - Log Access Denied errors for bad passwords in the error log Added logging of Access Denied messages on failed new connections to the error log when log-warnings = 2. This allows a user to log these messages without having to incur the overhead of using the general query log on production systems. ------------------------------------------------------------
2025-01-16 12:02:42 +01:00 · 2009-10-21 18:00:58 +04:00 · 2009-10-21 18:00:58 +04:00 · 6756b0fc5f
commit 6756b0fc5f
parent ad68fa6506
1 changed files with 12 additions and 0 deletions
--- a/sql/sql_connect.cc
+++ b/sql/sql_connect.cc
@ -486,6 +486,18 @@ check_user(THD *thd, enum enum_server_command command,
                    thd->main_security_ctx.user,
                    thd->main_security_ctx.host_or_ip,
                    passwd_len ? ER(ER_YES) : ER(ER_NO));
+  /*
+    log access denied messages to the error log when log-warnings = 2
+    so that the overhead of the general query log is not required to track
+    failed connections
+  */
+  if (global_system_variables.log_warnings > 1)
+  {
+    sql_print_warning(ER(ER_ACCESS_DENIED_ERROR),
+                      thd->main_security_ctx.user,
+                      thd->main_security_ctx.host_or_ip,
+                      passwd_len ? ER(ER_YES) : ER(ER_NO));
+  }
  DBUG_RETURN(1);
 #endif /* NO_EMBEDDED_ACCESS_CHECKS */
 }