Skip to content

Commit c1f2b5a

Browse files
vuvovavuvova
committed
MDEV-33834 post-merge
* move TLS version into the "object" column * show that TLS version follows db name * correctly check for have_ssl
1 parent 2b46477 commit c1f2b5a

File tree

4 files changed

+33
-27
lines changed

4 files changed

+33
-27
lines changed

include/mysql/plugin_audit.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,7 @@ struct mysql_event_connection
102102
const char *ip;
103103
unsigned int ip_length;
104104
MYSQL_CONST_LEX_STRING database;
105+
/* Added in version 0x303 */
105106
const char *tls_version;
106107
unsigned int tls_version_length;
107108
};

mysql-test/suite/plugins/r/server_audit.result

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -257,10 +257,11 @@ disconnect plug_con;
257257
DROP USER plug;
258258
DROP USER plug_dest;
259259
CREATE USER ssl_user1@localhost require SSL;
260-
connect conssl1,localhost,ssl_user1,,,,,SSL;
261-
SHOW STATUS LIKE 'Ssl_cipher';
262-
Variable_name Value
263-
Ssl_cipher CIPHER_NAME
260+
GRANT ALL ON sa_db TO ssl_user1@localhost;
261+
connect conssl1,localhost,ssl_user1,,sa_db,,,SSL;
262+
select variable_value > '' as 'have_ssl' from information_schema.session_status where variable_name='ssl_cipher';
263+
have_ssl
264+
1
264265
disconnect conssl1;
265266
connection default;
266267
DROP USER ssl_user1@localhost;
@@ -326,10 +327,10 @@ TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_incl_user
326327
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'show variables like \'server_audit_incl_users\'',0
327328
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_excl_users= repeat("\'root\',", 10000)',ID
328329
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'show variables like \'server_audit_excl_users\'',0
329-
TIME,HOSTNAME,root,localhost,ID,0,CONNECT,mysql,,0,
330-
TIME,HOSTNAME,root,localhost,ID,0,DISCONNECT,mysql,,0,
331-
TIME,HOSTNAME,no_such_user,localhost,ID,0,FAILED_CONNECT,,,ID,
332-
TIME,HOSTNAME,no_such_user,localhost,ID,0,DISCONNECT,,,0,
330+
TIME,HOSTNAME,root,localhost,ID,0,CONNECT,mysql,,0
331+
TIME,HOSTNAME,root,localhost,ID,0,DISCONNECT,mysql,,0
332+
TIME,HOSTNAME,no_such_user,localhost,ID,0,FAILED_CONNECT,,,ID
333+
TIME,HOSTNAME,no_such_user,localhost,ID,0,DISCONNECT,,,0
333334
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_incl_users=\'odin, dva, tri\'',0
334335
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_incl_users=\'odin, root, dva, tri\'',0
335336
TIME,HOSTNAME,root,localhost,ID,ID,CREATE,test,t2,
@@ -368,7 +369,7 @@ TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'show variables like \'server_audi
368369
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_mode=1',0
369370
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'set global server_audit_events=\'\'',0
370371
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'create database sa_db',0
371-
TIME,HOSTNAME,root,localhost,ID,0,CONNECT,test,,0,
372+
TIME,HOSTNAME,root,localhost,ID,0,CONNECT,test,,0
372373
TIME,HOSTNAME,root,localhost,ID,ID,CREATE,test,t1,
373374
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'create table t1 (id2 int)',0
374375
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,test,t1,
@@ -400,7 +401,7 @@ TIME,HOSTNAME,root,localhost,ID,ID,READ,mysql,proc,
400401
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proc,
401402
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,event,
402403
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop database sa_db',0
403-
TIME,HOSTNAME,root,localhost,ID,0,DISCONNECT,,,0,
404+
TIME,HOSTNAME,root,localhost,ID,0,DISCONNECT,,,0
404405
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,test,'create database sa_db',0
405406
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'use sa_db',0
406407
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db,
@@ -486,15 +487,15 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv,
486487
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping,
487488
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,global_priv,
488489
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER plug_dest IDENTIFIED BY *****',0
489-
TIME,HOSTNAME,plug,localhost,ID,0,FAILED_CONNECT,,,ID,
490-
TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,,,0,
490+
TIME,HOSTNAME,plug,localhost,ID,0,FAILED_CONNECT,,,ID
491+
TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,,,0
491492
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv,
492493
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,global_priv,
493494
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'GRANT PROXY ON plug_dest TO plug',0
494-
TIME,HOSTNAME,plug,localhost,ID,0,CONNECT,,,0,
495-
TIME,HOSTNAME,plug,localhost,ID,0,PROXY_CONNECT,,`plug_dest`@`%`,0,
495+
TIME,HOSTNAME,plug,localhost,ID,0,CONNECT,,,0
496+
TIME,HOSTNAME,plug,localhost,ID,0,PROXY_CONNECT,,`plug_dest`@`%`,0
496497
TIME,HOSTNAME,plug,localhost,ID,ID,QUERY,,'select USER(),CURRENT_USER()',0
497-
TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,,,0,
498+
TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,,,0
498499
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db,
499500
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv,
500501
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv,
@@ -519,10 +520,13 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,proxies_priv,
519520
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,roles_mapping,
520521
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,global_priv,
521522
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER ssl_user1@localhost require SSL',0
522-
TIME,HOSTNAME,ssl_user1,localhost,ID,0,CONNECT,,,0,TLS_VERSION
523-
TIME,HOSTNAME,ssl_user1,localhost,ID,ID,QUERY,Access denied for user 'ssl_user1'@'localhost' to database 'test','SHOW STATUS LIKE \'Ssl_version\'',0
524-
TIME,HOSTNAME,ssl_user1,localhost,ID,ID,QUERY,Access denied for user 'ssl_user1'@'localhost' to database 'test','SHOW STATUS LIKE \'Ssl_cipher\'',0
525-
TIME,HOSTNAME,ssl_user1,localhost,ID,0,DISCONNECT,,,0,TLS_VERSION
523+
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv,
524+
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,global_priv,
525+
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'GRANT ALL ON sa_db TO ssl_user1@localhost',0
526+
TIME,HOSTNAME,ssl_user1,localhost,ID,0,CONNECT,sa_db,TLS_VERSION,0
527+
TIME,HOSTNAME,ssl_user1,localhost,ID,ID,QUERY,sa_db,'SHOW STATUS LIKE \'Ssl_version\'',0
528+
TIME,HOSTNAME,ssl_user1,localhost,ID,ID,QUERY,sa_db,'select variable_value > \'\' as \'have_ssl\' from information_schema.session_status where variable_name=\'ssl_cipher\'',0
529+
TIME,HOSTNAME,ssl_user1,localhost,ID,0,DISCONNECT,sa_db,TLS_VERSION,0
526530
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db,
527531
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv,
528532
TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv,

mysql-test/suite/plugins/t/server_audit.test

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -214,10 +214,10 @@ DROP USER plug;
214214
DROP USER plug_dest;
215215

216216
CREATE USER ssl_user1@localhost require SSL;
217-
connect (conssl1,localhost,ssl_user1,,,,,SSL);
217+
GRANT ALL ON sa_db TO ssl_user1@localhost;
218+
connect (conssl1,localhost,ssl_user1,,sa_db,,,SSL);
218219
--let $ssl_version = query_get_value(SHOW STATUS LIKE 'Ssl_version', Value, 1)
219-
--replace_column 2 CIPHER_NAME
220-
SHOW STATUS LIKE 'Ssl_cipher';
220+
select variable_value > '' as 'have_ssl' from information_schema.session_status where variable_name='ssl_cipher';
221221
disconnect conssl1;
222222
connection default;
223223
--sleep 2

plugin/server_audit/server_audit.c

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1513,10 +1513,10 @@ static int log_proxy(const struct connection_info *cn,
15131513
cn->ip, cn->ip_length,
15141514
event->thread_id, 0, "PROXY_CONNECT");
15151515
csize+= my_snprintf(message+csize, sizeof(message) - 1 - csize,
1516-
",%.*s,`%.*s`@`%.*s`,%d,%.*s", cn->db_length, cn->db,
1516+
",%.*s,`%.*s`@`%.*s`,%d", cn->db_length, cn->db,
15171517
cn->proxy_length, cn->proxy,
15181518
cn->proxy_host_length, cn->proxy_host,
1519-
event->status, cn->tls_version_length, cn->tls_version);
1519+
event->status);
15201520
message[csize]= '\n';
15211521
return write_log(message, csize + 1, 1);
15221522
}
@@ -1542,7 +1542,8 @@ static int log_connection(const struct connection_info *cn,
15421542

15431543
obj_len= create_tls_obj(event, tls_obj, sizeof(tls_obj));
15441544
csize+= my_snprintf(message+csize, sizeof(message) - 1 - csize,
1545-
",%.*s,,%d,%.*s", cn->db_length, cn->db, event->status, (int) obj_len, tls_obj);
1545+
",%.*s,%.*s,%d", cn->db_length, cn->db, (int) obj_len, tls_obj,
1546+
event->status);
15461547
message[csize]= '\n';
15471548
return write_log(message, csize + 1, 1);
15481549
}
@@ -1566,8 +1567,8 @@ static int log_connection_event(const struct mysql_event_connection *event,
15661567
event->thread_id, 0, type);
15671568
obj_len= create_tls_obj(event, tls_obj, sizeof(tls_obj));
15681569
csize+= my_snprintf(message+csize, sizeof(message) - 1 - csize,
1569-
",%.*s,,%d,%.*s", (int) event->database.length,event->database.str,
1570-
event->status, (int) obj_len, tls_obj);
1570+
",%.*s,%.*s,%d", (int) event->database.length,event->database.str,
1571+
(int) obj_len, tls_obj, event->status);
15711572
message[csize]= '\n';
15721573
return write_log(message, csize + 1, 1);
15731574
}

0 commit comments

Comments
 (0)