Skip to content

Commit 7a39832

Browse files
committed
Need feedback on origin
1 parent b5640f6 commit 7a39832

File tree

1 file changed

+17
-2
lines changed

1 file changed

+17
-2
lines changed

sql/mysql_db/mysql_db.go

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -533,8 +533,14 @@ func (db *MySQLDb) ValidateHash(salt []byte, user string, authResponse []byte, a
533533
}
534534

535535
userEntry := db.GetUser(user, host, false, false)
536-
if userEntry == nil || userEntry.Locked {
537-
return nil, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError, "Access denied for user '%v'", user)
536+
if userEntry == nil {
537+
// Just return a simple error with the IP address
538+
return nil, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError,
539+
"Login not allowed. Connected from '%v'", host)
540+
}
541+
542+
if userEntry.Locked {
543+
return nil, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError, "Access denied for user '%v': Account is locked", user)
538544
}
539545
if len(userEntry.Password) > 0 {
540546
if !validateMysqlNativePassword(authResponse, salt, userEntry.Password) {
@@ -567,6 +573,15 @@ func (db *MySQLDb) Negotiate(c *mysql.Conn, user string, addr net.Addr) (mysql.G
567573
return connUser, nil
568574
}
569575
userEntry := db.GetUser(user, host, false, false)
576+
if userEntry == nil {
577+
// Just return a simple error with the IP address
578+
return nil, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError,
579+
"Login not allowed. Connected from '%v'", host)
580+
}
581+
582+
if userEntry.Locked {
583+
return nil, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError, "Access denied for user '%v': Account is locked", user)
584+
}
570585

571586
if userEntry.Plugin != "" {
572587
authplugin, ok := db.plugins[userEntry.Plugin]

0 commit comments

Comments
 (0)