Add client TCP port and TLS version to audit plugin connection events#665
Open
gengtianuiowa wants to merge 1 commit into
Open
Add client TCP port and TLS version to audit plugin connection events#665gengtianuiowa wants to merge 1 commit into
gengtianuiowa wants to merge 1 commit into
Conversation
Extend the audit plugin event structures to include: - Client TCP port number (peer_port) - TLS version used for encrypted connections The TLS version is obtained via SSL_get_version() and will be empty for non-TLS connections. These fields are added to: - mysql_event_connection (plugin API) - mysql_event_tracking_connection_data (component services) This change only adds new attributes to existing structs with no impact to existing functionality. The new fields will be available when using Server Audit Plugin in MySQL. Ported from MariaDB Server: MariaDB/server@1aba30b MariaDB/server@2b46477 This contribution is under the OCA signed by Amazon and covering submissions to the MySQL project.
|
Hi, thank you for submitting this pull request. In order to consider your code we need you to sign the Oracle Contribution Agreement (OCA). Please review the details and follow the instructions at https://oca.opensource.oracle.com/ |
Author
Amazon doesn't need to sign the OCA form |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
In MariaDB 12.3, new features were introduced in Server Audit Plugin. This change extends the audit plugin connection event structures to expose additional connection metadata: the client TCP port number and the TLS version used for encrypted connections.
Changes referred from similar changes in MariaDB:
The new fields will be available to audit plugins in MySQL.
Release Notes
N/A
How can this PR be tested?
This change has no impact to the server without Server Audit Plugin. All MTR tests should pass. Plugin related changes will be evaluated separately in MTR tests for the plugin.
Basing the PR against the correct MySQL version
Copyright
This contribution is under the OCA signed by Amazon and covering submissions to the MySQL project.