• Developer Zone
• Lists Home
• FAQ

Below is the list of changes that have just been committed into a local
5.2 repository of markleith. When markleith does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-09-03 23:18:50+01:00, markleith@stripped +1 -0
  Bug#25822 / WL#3953 - Log Access Denied errors for bad passwords in the error log
  
  Added logging of Access Denied messages on failed new connections to the 
  error log when log-warnings = 2.
  
  This allows a user to log these messages without having to incur the overhead
  of using the general query log on production systems.

  sql/sql_connect.cc@stripped, 2007-09-03 23:18:44+01:00, markleith@stripped +12 -0
    Added logging of Access Denied messages to error log when log-warnings=2

diff -Nrup a/sql/sql_connect.cc b/sql/sql_connect.cc
--- a/sql/sql_connect.cc	2007-07-30 09:33:44 +01:00
+++ b/sql/sql_connect.cc	2007-09-03 23:18:44 +01:00
@@ -502,6 +502,18 @@ int check_user(THD *thd, enum enum_serve
                     thd->main_security_ctx.user,
                     thd->main_security_ctx.host_or_ip,
                     passwd_len ? ER(ER_YES) : ER(ER_NO));
+  /* 
+    log access denied messages to the error log when log-warnings = 2
+    so that the overhead of the general query log is not required to track 
+    failed connections 
+  */
+  if (global_system_variables.log_warnings > 1)
+  {
+    sql_print_warning(ER(ER_ACCESS_DENIED_ERROR),
+                      thd->main_security_ctx.user,
+                      thd->main_security_ctx.host_or_ip,
+                      passwd_len ? ER(ER_YES) : ER(ER_NO));      
+  }
   DBUG_RETURN(-1);
 #endif /* NO_EMBEDDED_ACCESS_CHECKS */
 }