mirror of
https://github.com/mjl-/mox.git
synced 2025-01-14 01:06:27 +03:00
c7315cb72d
for some errors during the scram authentication protocol, we would treat some errors that a client connection could induce as server errors, printing a stack trace and aborting the connection. this change recognizes those errors and sends regular "authentication failed" or "protocol error" error messages to the client. for issue #222 by wneessen, thanks for reporting
40 lines
1.3 KiB
Go
40 lines
1.3 KiB
Go
// Package metrics has (prometheus) metrics shared between components of mox, e.g. for authentication.
|
|
package metrics
|
|
|
|
import (
|
|
"github.com/prometheus/client_golang/prometheus"
|
|
"github.com/prometheus/client_golang/prometheus/promauto"
|
|
)
|
|
|
|
var (
|
|
metricAuth = promauto.NewCounterVec(
|
|
prometheus.CounterOpts{
|
|
Name: "mox_authentication_total",
|
|
Help: "Authentication attempts and results.",
|
|
},
|
|
[]string{
|
|
"kind", // submission, imap, webmail, webapi, webaccount, webadmin (formerly httpaccount, httpadmin)
|
|
"variant", // login, plain, scram-sha-256, scram-sha-1, cram-md5, weblogin, websessionuse, httpbasic.
|
|
// todo: we currently only use badcreds, but known baduser can be helpful
|
|
"result", // ok, baduser, badpassword, badcreds, badchanbind, error, aborted
|
|
},
|
|
)
|
|
|
|
metricAuthRatelimited = promauto.NewCounterVec(
|
|
prometheus.CounterOpts{
|
|
Name: "mox_authentication_ratelimited_total",
|
|
Help: "Authentication attempts that were refused due to rate limiting.",
|
|
},
|
|
[]string{
|
|
"kind", // submission, imap, httpaccount, httpadmin
|
|
},
|
|
)
|
|
)
|
|
|
|
func AuthenticationInc(kind, variant, result string) {
|
|
metricAuth.WithLabelValues(kind, variant, result).Inc()
|
|
}
|
|
|
|
func AuthenticationRatelimitedInc(kind string) {
|
|
metricAuthRatelimited.WithLabelValues(kind).Inc()
|
|
}
|