Modifications to pull request #103 . Changed the name of the record_logins var to: force_record_logins and default value is disabled for backwards compatibility. Also changed the implementation a bit regarding flow and filtering on the empty user. issue #101
Guy Lichtman
parent
1ac2324ab9
commit
b47ec14636
|
|
@ -44,7 +44,7 @@ static Audit_json_formatter json_formatter;
|
|||
|
||||
//flags to hold if audit handlers are enabled
|
||||
static my_bool json_file_handler_enable = FALSE;
|
||||
static my_bool record_logins_enable = FALSE;
|
||||
static my_bool force_record_logins_enable = FALSE;
|
||||
static my_bool json_file_handler_flush = FALSE;
|
||||
static my_bool json_socket_handler_enable = FALSE;
|
||||
static my_bool uninstall_plugin_enable = FALSE;
|
||||
|
|
@ -221,24 +221,6 @@ static void audit(ThdSesData *pThdData)
|
|||
return;
|
||||
}
|
||||
}
|
||||
if (record_logins_enable) {
|
||||
const char * cmd = pThdData->getCmdName();
|
||||
const char * user = pThdData->getUserName();
|
||||
if (!strcasecmp(cmd, "Connect") || !strcasecmp(cmd, "Quit") || !strcasecmp(cmd, "Failed Login")) {
|
||||
if(user && strlen( user))
|
||||
Audit_handler::log_audit_all(pThdData);
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (num_record_cmds > 0) {
|
||||
const char * cmd = pThdData->getCmdName();
|
||||
const char *cmds[2];
|
||||
cmds[0] = cmd;
|
||||
cmds[1] = NULL;
|
||||
if (!check_array(cmds, (char *) record_cmds_array, MAX_COMMAND_CHAR_NUMBERS)) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (num_whitelist_users > 0) {
|
||||
const char * user = pThdData->getUserName(); //If name is present, then no need to log the query
|
||||
const char *users[2];
|
||||
|
|
@ -252,7 +234,23 @@ static void audit(ThdSesData *pThdData)
|
|||
return;
|
||||
}
|
||||
}
|
||||
if (num_record_objs > 0) {
|
||||
bool do_objs_cmds_check = true;
|
||||
if (force_record_logins_enable) {
|
||||
const char * cmd = pThdData->getCmdName();
|
||||
if (!strcasecmp(cmd, "Connect") || !strcasecmp(cmd, "Quit") || !strcasecmp(cmd, "Failed Login")) {
|
||||
do_objs_cmds_check = false;
|
||||
}
|
||||
}
|
||||
if (num_record_cmds > 0 && do_objs_cmds_check) {
|
||||
const char * cmd = pThdData->getCmdName();
|
||||
const char *cmds[2];
|
||||
cmds[0] = cmd;
|
||||
cmds[1] = NULL;
|
||||
if (!check_array(cmds, (char *) record_cmds_array, MAX_COMMAND_CHAR_NUMBERS)) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (num_record_objs > 0 && do_objs_cmds_check) {
|
||||
bool matched = false;
|
||||
if(pThdData->startGetObjects())
|
||||
{
|
||||
|
|
@ -1585,9 +1583,9 @@ static MYSQL_SYSVAR_BOOL(header_msg, json_formatter.m_write_start_msg,
|
|||
PLUGIN_VAR_RQCMDARG,
|
||||
"AUDIT write header message at start of logging or file flush Enable|Disable. Default enabled.", NULL, NULL, 1);
|
||||
|
||||
static MYSQL_SYSVAR_BOOL(record_logins, record_logins_enable,
|
||||
static MYSQL_SYSVAR_BOOL(force_record_logins, force_record_logins_enable,
|
||||
PLUGIN_VAR_RQCMDARG,
|
||||
"AUDIT record Connect and Quit commands Enable|Disable. Default enabled.", NULL, NULL, 1);
|
||||
"AUDIT force record Connect, Quit and Failed Login commands, regardless of the settings in audit_record_cmds and audit_record_objs Enable|Disable. Default disabled.", NULL, NULL, 0);
|
||||
|
||||
static MYSQL_SYSVAR_STR(json_log_file, json_file_handler.m_io_dest,
|
||||
PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_MEMALLOC,
|
||||
|
|
@ -1713,7 +1711,7 @@ static MYSQL_SYSVAR_STR(record_objs, record_objs_string,
|
|||
static struct st_mysql_sys_var* audit_system_variables[] =
|
||||
{
|
||||
MYSQL_SYSVAR(header_msg),
|
||||
MYSQL_SYSVAR(record_logins),
|
||||
MYSQL_SYSVAR(force_record_logins),
|
||||
MYSQL_SYSVAR(json_log_file),
|
||||
MYSQL_SYSVAR(json_file_sync),
|
||||
MYSQL_SYSVAR(json_file_retry),
|
||||
|
|
|
|||
Loading…
Reference in New Issue