-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MDEV-33834 Add TLS version to audit plugin available variables #3175
base: 11.5
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good idea. Can you create a MDEV with the use case?
Is it logical to log cipher at the same time?
cd78bd7
to
c13da4e
Compare
6081e75
to
833b83a
Compare
833b83a
to
453312b
Compare
Requested changes have been made. The MDEV is assigned to @holyfoot to review, so I have assigned here too. |
…iables Add tls_version and tls_version_length variables to the audit plugin so they can be logged. This is useful to help identify suspicious or malformed connections attempting to use unsupported TLS versions. A log with this information will allow to detect and block more malicious connection attempts. Users with 'server_audit_events' empty will have these two new variables automatically visible in their logs, but if users don't want them, they can always configure what fields to include by listing the fields in 'server_audit_events'. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.
453312b
to
cf3265c
Compare
@LinuxJedi not sure I understand the changes that you have made to the PR, maybe another commit or modifying current commit message could help ? |
Are you sure it's 10.6 and not 11.6 ? |
I did an automatic rebase onto the top of the branch. I have not altered the code. I also added the MDEV to the title of the PR, as this makes things much easier for us. And yes, @vuvova would have meant 11.6. |
Hello @LinuxJedi @vuvova, any update on the validation of this PR ? Do you need me to do some modifications ? |
To repeat, what I wrote above (with a
So, if nothing happens now — it's normal, the PR is not forgotten, please, wait until May-June |
MDEV: https://jira.mariadb.org/browse/MDEV-33834
Description
Add tls_version and tls_version_length variables to the audit plugin so they can be logged. This is useful to help identify suspicious or malformed connections attempting to use unsupported TLS versions. A log with this information will allow to detect and block more malicious connection attempts.
Users with 'server_audit_events' empty will have these two new variables automatically visible in their logs, but if users don't want them, they can always configure what fields to include by listing the fields in 'server_audit_events'.
Release Notes
None. This just adds more possibilities for users.
How can this PR be tested?
Modified the server audit plugin to include this new info, and updated the server audit plugin MTR tests.
Basing the PR against the correct MariaDB version
PR quality check
Copyright
All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.