Commit 318097bb authored by Alexey Botchkov's avatar Alexey Botchkov

MDEV-15480 Audit plugin does not respect QUERY_DML for audit plugin.

QUERY_DML_NO_SELECT flag added.
parent 1d58d184
...@@ -182,6 +182,17 @@ select 2; ...@@ -182,6 +182,17 @@ select 2;
2 2
2 2
drop table t1; drop table t1;
set global server_audit_events='query_dml_no_select';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
id
1
2
select 2;
2
2
drop table t1;
set global server_audit_events=''; set global server_audit_events='';
set global server_audit_query_log_limit= 15; set global server_audit_query_log_limit= 15;
select (1), (2), (3), (4); select (1), (2), (3), (4);
...@@ -332,6 +343,7 @@ TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD \n# comment\nFOR u1 ...@@ -332,6 +343,7 @@ TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD \n# comment\nFOR u1
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD FOR u1=<secret>',ID TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'SET PASSWORD FOR u1=<secret>',ID
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'CREATE USER u3 IDENTIFIED BY *****',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'drop user u1, u2, u3',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'insert into t1 values (1), (2)',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global server_audit_events=\'\'',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global server_audit_events=\'\'',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global serv',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'set global serv',0
TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select (1), (2)',0 TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'select (1), (2)',0
......
...@@ -121,6 +121,13 @@ select 2; ...@@ -121,6 +121,13 @@ select 2;
/*! select 2*/; /*! select 2*/;
/*comment*/ select 2; /*comment*/ select 2;
drop table t1; drop table t1;
set global server_audit_events='query_dml_no_select';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
drop table t1;
set global server_audit_events=''; set global server_audit_events='';
set global server_audit_query_log_limit= 15; set global server_audit_query_log_limit= 15;
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
#define PLUGIN_VERSION 0x104 #define PLUGIN_VERSION 0x104
#define PLUGIN_STR_VERSION "1.4.3" #define PLUGIN_STR_VERSION "1.4.4"
#define _my_thread_var loc_thread_var #define _my_thread_var loc_thread_var
...@@ -366,16 +366,17 @@ static MYSQL_SYSVAR_STR(excl_users, excl_users, PLUGIN_VAR_RQCMDARG, ...@@ -366,16 +366,17 @@ static MYSQL_SYSVAR_STR(excl_users, excl_users, PLUGIN_VAR_RQCMDARG,
/* bits in the event filter. */ /* bits in the event filter. */
#define EVENT_CONNECT 1 #define EVENT_CONNECT 1
#define EVENT_QUERY_ALL 2 #define EVENT_QUERY_ALL 2
#define EVENT_QUERY 58 #define EVENT_QUERY 122
#define EVENT_TABLE 4 #define EVENT_TABLE 4
#define EVENT_QUERY_DDL 8 #define EVENT_QUERY_DDL 8
#define EVENT_QUERY_DML 16 #define EVENT_QUERY_DML 16
#define EVENT_QUERY_DCL 32 #define EVENT_QUERY_DCL 32
#define EVENT_QUERY_DML_NO_SELECT 64
static const char *event_names[]= static const char *event_names[]=
{ {
"CONNECT", "QUERY", "TABLE", "QUERY_DDL", "QUERY_DML", "QUERY_DCL", "CONNECT", "QUERY", "TABLE", "QUERY_DDL", "QUERY_DML", "QUERY_DCL",
NULL "QUERY_DML_NO_SELECT", NULL
}; };
static TYPELIB events_typelib= static TYPELIB events_typelib=
{ {
...@@ -383,7 +384,7 @@ static TYPELIB events_typelib= ...@@ -383,7 +384,7 @@ static TYPELIB events_typelib=
}; };
static MYSQL_SYSVAR_SET(events, events, PLUGIN_VAR_RQCMDARG, static MYSQL_SYSVAR_SET(events, events, PLUGIN_VAR_RQCMDARG,
"Specifies the set of events to monitor. Can be CONNECT, QUERY, TABLE," "Specifies the set of events to monitor. Can be CONNECT, QUERY, TABLE,"
" QUERY_DDL, QUERY_DML, QUERY_DCL.", " QUERY_DDL, QUERY_DML, QUERY_DML_NO_SELECT, QUERY_DCL.",
NULL, NULL, 0, &events_typelib); NULL, NULL, 0, &events_typelib);
#define OUTPUT_SYSLOG 0 #define OUTPUT_SYSLOG 0
#define OUTPUT_FILE 1 #define OUTPUT_FILE 1
...@@ -857,6 +858,21 @@ struct sa_keyword dml_keywords[]= ...@@ -857,6 +858,21 @@ struct sa_keyword dml_keywords[]=
}; };
struct sa_keyword dml_no_select_keywords[]=
{
{2, "DO", 0, SQLCOM_DML},
{4, "CALL", 0, SQLCOM_DML},
{4, "LOAD", &data_word, SQLCOM_DML},
{4, "LOAD", &xml_word, SQLCOM_DML},
{6, "DELETE", 0, SQLCOM_DML},
{6, "INSERT", 0, SQLCOM_DML},
{6, "UPDATE", 0, SQLCOM_DML},
{7, "HANDLER", 0, SQLCOM_DML},
{7, "REPLACE", 0, SQLCOM_DML},
{0, NULL, 0, SQLCOM_DML}
};
struct sa_keyword dcl_keywords[]= struct sa_keyword dcl_keywords[]=
{ {
{6, "CREATE", &user_word, SQLCOM_DCL}, {6, "CREATE", &user_word, SQLCOM_DCL},
...@@ -1637,6 +1653,11 @@ static int log_statement_ex(const struct connection_info *cn, ...@@ -1637,6 +1653,11 @@ static int log_statement_ex(const struct connection_info *cn,
if (filter_query_type(query, dml_keywords)) if (filter_query_type(query, dml_keywords))
goto do_log_query; goto do_log_query;
} }
if (events & EVENT_QUERY_DML_NO_SELECT)
{
if (filter_query_type(query, dml_no_select_keywords))
goto do_log_query;
}
if (events & EVENT_QUERY_DCL) if (events & EVENT_QUERY_DCL)
{ {
if (filter_query_type(query, dcl_keywords)) if (filter_query_type(query, dcl_keywords))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment