Commit 69ed429a authored by Alexey Botchkov's avatar Alexey Botchkov

MDEV-7500 thread_handling option in my.cnf is not passing "connect events" to audit plugin.

  The MYSQL_AUDIT_NOTIFY_CONNECTION_CONNECT() call moved to the login_connection()
  function. So that it'll be invoked in any thread handling mode.
parent 1ae05db4
This diff is collapsed.
--source include/not_embedded.inc
--source include/have_pool_of_threads.inc
if (!$SERVER_AUDIT_SO) {
skip No SERVER_AUDIT plugin;
}
install plugin server_audit soname 'server_audit';
show variables like 'server_audit%';
set global server_audit_file_path=null;
set global server_audit_incl_users=null;
set global server_audit_file_path='server_audit.log';
set global server_audit_output_type=file;
set global server_audit_logging=on;
connect (con1,localhost,root,,mysql);
connection default;
disconnect con1;
--sleep 2
--sleep 2
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
connect (con1,localhost,no_such_user,,mysql);
connection default;
--sleep 2
set global server_audit_incl_users='odin, dva, tri';
create table t1 (id int);
set global server_audit_incl_users='odin, root, dva, tri';
create table t2 (id int);
set global server_audit_excl_users='odin, dva, tri';
insert into t1 values (1), (2);
select * from t1;
set global server_audit_incl_users='odin, root, dva, tri';
insert into t2 values (1), (2);
select * from t2;
alter table t1 rename renamed_t1;
set global server_audit_events='connect,query';
select 1,
2,
3;
insert into t2 values (1), (2);
select * from t2;
--error ER_NO_SUCH_TABLE
select * from t_doesnt_exist;
--error 1064
syntax_error_query;
drop table renamed_t1, t2;
show variables like 'server_audit%';
set global server_audit_mode=1;
set global server_audit_events='';
create database sa_db;
connect (con1,localhost,root,,test);
connection con1;
--sleep 2
--sleep 2
create table t1 (id2 int);
insert into t1 values (1), (2);
select * from t1;
drop table t1;
use sa_db;
create table sa_t1(id int);
insert into sa_t1 values (1), (2);
drop table sa_t1;
drop database sa_db;
connection default;
disconnect con1;
--sleep 2
--sleep 2
create database sa_db;
use sa_db;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098');
CREATE USER u3 IDENTIFIED BY '';
drop user u1, u2, u3;
set global server_audit_events='query_ddl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_ddl,query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
drop table t1;
set global server_audit_events='query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_dcl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098');
--error 1064
SET PASSWORD FOR u1=<secret>;
CREATE USER u3 IDENTIFIED BY '';
drop user u1, u2, u3;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='';
set global server_audit_query_log_limit= 15;
select (1), (2), (3), (4);
select 'A', 'B', 'C', 'D';
set global server_audit_query_log_limit= 1024;
drop database sa_db;
set global server_audit_file_path='.';
--replace_regex /\.[\\\/]/HOME_DIR\//
show status like 'server_audit_current_log';
set global server_audit_file_path='';
show status like 'server_audit_current_log';
set global server_audit_file_path=' ';
show status like 'server_audit_current_log';
set global server_audit_file_path='nonexisting_dir/';
show status like 'server_audit_current_log';
show variables like 'server_audit%';
uninstall plugin server_audit;
let $MYSQLD_DATADIR= `SELECT @@datadir`;
# replace the timestamp and the hostname with constant values
--replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/
cat_file $MYSQLD_DATADIR/server_audit.log;
remove_file $MYSQLD_DATADIR/server_audit.log;
...@@ -1017,7 +1017,7 @@ bool setup_connection_thread_globals(THD *thd) ...@@ -1017,7 +1017,7 @@ bool setup_connection_thread_globals(THD *thd)
bool login_connection(THD *thd) bool login_connection(THD *thd)
{ {
NET *net= &thd->net; NET *net= &thd->net;
int error; int error= 0;
DBUG_ENTER("login_connection"); DBUG_ENTER("login_connection");
DBUG_PRINT("info", ("login_connection called by thread %lu", DBUG_PRINT("info", ("login_connection called by thread %lu",
thd->thread_id)); thd->thread_id));
...@@ -1036,7 +1036,8 @@ bool login_connection(THD *thd) ...@@ -1036,7 +1036,8 @@ bool login_connection(THD *thd)
my_sleep(1000); /* must wait after eof() */ my_sleep(1000); /* must wait after eof() */
#endif #endif
statistic_increment(aborted_connects,&LOCK_status); statistic_increment(aborted_connects,&LOCK_status);
DBUG_RETURN(1); error=1;
goto exit;
} }
/* Connect completed, set read/write timeouts back to default */ /* Connect completed, set read/write timeouts back to default */
my_net_set_read_timeout(net, thd->variables.net_read_timeout); my_net_set_read_timeout(net, thd->variables.net_read_timeout);
...@@ -1046,10 +1047,13 @@ bool login_connection(THD *thd) ...@@ -1046,10 +1047,13 @@ bool login_connection(THD *thd)
if (increment_connection_count(thd, TRUE)) if (increment_connection_count(thd, TRUE))
{ {
my_error(ER_OUTOFMEMORY, MYF(0), 2*sizeof(USER_STATS)); my_error(ER_OUTOFMEMORY, MYF(0), 2*sizeof(USER_STATS));
DBUG_RETURN(1); error= 1;
goto exit;
} }
DBUG_RETURN(0); exit:
MYSQL_AUDIT_NOTIFY_CONNECTION_CONNECT(thd);
DBUG_RETURN(error);
} }
...@@ -1187,7 +1191,6 @@ bool thd_prepare_connection(THD *thd) ...@@ -1187,7 +1191,6 @@ bool thd_prepare_connection(THD *thd)
bool rc; bool rc;
lex_start(thd); lex_start(thd);
rc= login_connection(thd); rc= login_connection(thd);
MYSQL_AUDIT_NOTIFY_CONNECTION_CONNECT(thd);
if (rc) if (rc)
return rc; return rc;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment