From: Sergey Vojtovich Date: December 14 2010 2:35pm Subject: bzr push into mysql-5.5-bugteam branch (sergey.vojtovich:3189 to 3190) WL#5571 List-Archive: http://lists.mysql.com/commits/126776 Message-Id: <201012141428.oBEESAfp017930@rcsinet15.oracle.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1442003714557225479==" --===============1442003714557225479== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline 3190 Sergey Vojtovich 2010-12-14 WL#5571 - Audit interface: MYSQL_AUDIT_GENERAL_STATUS event @ include/mysql/plugin_audit.h Connection auditing class. @ include/mysql/plugin_audit.h.pp Connection auditing class. @ sql/mysqld.cc Notify disconnect to auditing. @ sql/sql_audit.cc Connection class event dispatcher. @ sql/sql_audit.h mysql_audit_notify() is not available in embedded. @ sql/sql_connect.cc Notify connect to auditing. @ sql/sql_parse.cc Notify user change to auditing. modified: include/mysql/plugin_audit.h include/mysql/plugin_audit.h.pp sql/mysqld.cc sql/sql_audit.cc sql/sql_audit.h sql/sql_connect.cc sql/sql_parse.cc 3189 Mattias Jonsson 2010-12-14 [merge] merge modified: mysql-test/collections/default.weekly mysql-test/suite/parts/inc/part_supported_sql_funcs_main.inc mysql-test/suite/parts/inc/partition_decimal.inc mysql-test/suite/parts/inc/partition_double.inc mysql-test/suite/parts/inc/partition_float.inc mysql-test/suite/parts/r/partition_decimal_innodb.result mysql-test/suite/parts/r/partition_decimal_myisam.result === modified file 'include/mysql/plugin_audit.h' --- a/include/mysql/plugin_audit.h 2010-04-15 09:05:17 +0000 +++ b/include/mysql/plugin_audit.h 2010-12-14 14:34:23 +0000 @@ -42,6 +42,8 @@ struct mysql_event LOG events occurs before emitting to the general query log. ERROR events occur before transmitting errors to the user. RESULT events occur after transmitting a resultset to the user. + STATUS events occur after transmitting a resultset or errors + to the user. */ #define MYSQL_AUDIT_GENERAL_CLASS 0 @@ -49,6 +51,7 @@ struct mysql_event #define MYSQL_AUDIT_GENERAL_LOG 0 #define MYSQL_AUDIT_GENERAL_ERROR 1 #define MYSQL_AUDIT_GENERAL_RESULT 2 +#define MYSQL_AUDIT_GENERAL_STATUS 3 struct mysql_event_general { @@ -68,6 +71,43 @@ struct mysql_event_general }; +/* + AUDIT CLASS : CONNECTION + + CONNECT occurs after authentication phase is completed. + DISCONNECT occurs after connection is terminated. + CHANGE_USER occurs after COM_CHANGE_USER RPC is completed. +*/ + +#define MYSQL_AUDIT_CONNECTION_CLASS 1 +#define MYSQL_AUDIT_CONNECTION_CLASSMASK (1 << MYSQL_AUDIT_CONNECTION_CLASS) +#define MYSQL_AUDIT_CONNECTION_CONNECT 0 +#define MYSQL_AUDIT_CONNECTION_DISCONNECT 1 +#define MYSQL_AUDIT_CONNECTION_CHANGE_USER 2 + +struct mysql_event_connection +{ + unsigned int event_class; + unsigned int event_subclass; + int status; + unsigned long thread_id; + const char *user; + unsigned int user_length; + const char *priv_user; + unsigned int priv_user_length; + const char *external_user; + unsigned int external_user_length; + const char *proxy_user; + unsigned int proxy_user_length; + const char *host; + unsigned int host_length; + const char *ip; + unsigned int ip_length; + const char *database; + unsigned int database_length; +}; + + /************************************************************************* Here we define the descriptor structure, that is referred from st_mysql_plugin. === modified file 'include/mysql/plugin_audit.h.pp' --- a/include/mysql/plugin_audit.h.pp 2010-08-30 14:07:40 +0000 +++ b/include/mysql/plugin_audit.h.pp 2010-12-14 14:34:23 +0000 @@ -208,6 +208,27 @@ struct mysql_event_general unsigned long long general_time; unsigned long long general_rows; }; +struct mysql_event_connection +{ + unsigned int event_class; + unsigned int event_subclass; + int status; + unsigned long thread_id; + const char *user; + unsigned int user_length; + const char *priv_user; + unsigned int priv_user_length; + const char *external_user; + unsigned int external_user_length; + const char *proxy_user; + unsigned int proxy_user_length; + const char *host; + unsigned int host_length; + const char *ip; + unsigned int ip_length; + const char *database; + unsigned int database_length; +}; struct st_mysql_audit { int interface_version; === modified file 'sql/mysqld.cc' --- a/sql/mysqld.cc 2010-12-07 17:08:54 +0000 +++ b/sql/mysqld.cc 2010-12-14 14:34:23 +0000 @@ -1992,6 +1992,7 @@ void close_connection(THD *thd, uint err { sleep(0); /* Workaround to avoid tailcall optimisation */ } + MYSQL_AUDIT_NOTIFY_CONNECTION_DISCONNECT(thd, errcode); DBUG_VOID_RETURN; } #endif /* EMBEDDED_LIBRARY */ === modified file 'sql/sql_audit.cc' --- a/sql/sql_audit.cc 2010-08-20 09:58:28 +0000 +++ b/sql/sql_audit.cc 2010-12-14 14:34:23 +0000 @@ -81,9 +81,34 @@ static void general_class_handler(THD *t } +static void connection_class_handler(THD *thd, uint event_subclass, va_list ap) +{ + mysql_event_connection event; + event.event_class= MYSQL_AUDIT_CONNECTION_CLASS; + event.event_subclass= event_subclass; + event.status= va_arg(ap, int); + event.thread_id= va_arg(ap, unsigned long); + event.user= va_arg(ap, const char *); + event.user_length= va_arg(ap, unsigned int); + event.priv_user= va_arg(ap, const char *); + event.priv_user_length= va_arg(ap, unsigned int); + event.external_user= va_arg(ap, const char *); + event.external_user_length= va_arg(ap, unsigned int); + event.proxy_user= va_arg(ap, const char *); + event.proxy_user_length= va_arg(ap, unsigned int); + event.host= va_arg(ap, const char *); + event.host_length= va_arg(ap, unsigned int); + event.ip= va_arg(ap, const char *); + event.ip_length= va_arg(ap, unsigned int); + event.database= va_arg(ap, const char *); + event.database_length= va_arg(ap, unsigned int); + event_class_dispatch(thd, (const mysql_event *) &event); +} + + static audit_handler_t audit_handlers[] = { - general_class_handler + general_class_handler, connection_class_handler }; static const uint audit_handlers_count= === modified file 'sql/sql_audit.h' --- a/sql/sql_audit.h 2010-11-18 14:08:32 +0000 +++ b/sql/sql_audit.h 2010-12-14 14:34:23 +0000 @@ -32,8 +32,12 @@ extern void mysql_audit_free_thd(THD *th extern void mysql_audit_acquire_plugins(THD *thd, uint event_class); +#ifndef EMBEDDED_LIBRARY extern void mysql_audit_notify(THD *thd, uint event_class, uint event_subtype, ...); +#else +#define mysql_audit_notify(...) +#endif extern void mysql_audit_release(THD *thd); #define MAX_USER_HOST_SIZE 512 @@ -84,6 +88,7 @@ void mysql_audit_general_log(THD *thd, t event_subtype should be set to one of: MYSQL_AUDIT_GENERAL_ERROR MYSQL_AUDIT_GENERAL_RESULT + MYSQL_AUDIT_GENERAL_STATUS @param[in] thd @param[in] event_subtype Type of general audit event. @@ -126,5 +131,41 @@ void mysql_audit_general(THD *thd, uint #endif } +#define MYSQL_AUDIT_NOTIFY_CONNECTION_CONNECT(thd) mysql_audit_notify(\ + (thd), MYSQL_AUDIT_CONNECTION_CLASS, MYSQL_AUDIT_CONNECTION_CONNECT,\ + (thd)->stmt_da->is_error() ? (thd)->stmt_da->sql_errno() : 0,\ + (thd)->thread_id, (thd)->security_ctx->user,\ + (thd)->security_ctx->user ? strlen((thd)->security_ctx->user) : 0,\ + (thd)->security_ctx->priv_user, strlen((thd)->security_ctx->priv_user),\ + (thd)->security_ctx->external_user,\ + (thd)->security_ctx->external_user ?\ + strlen((thd)->security_ctx->external_user) : 0,\ + (thd)->security_ctx->proxy_user, strlen((thd)->security_ctx->proxy_user),\ + (thd)->security_ctx->host,\ + (thd)->security_ctx->host ? strlen((thd)->security_ctx->host) : 0,\ + (thd)->security_ctx->ip,\ + (thd)->security_ctx->ip ? strlen((thd)->security_ctx->ip) : 0,\ + (thd)->db, (thd)->db ? strlen((thd)->db) : 0) + +#define MYSQL_AUDIT_NOTIFY_CONNECTION_DISCONNECT(thd, errcode)\ + mysql_audit_notify(\ + (thd), MYSQL_AUDIT_CONNECTION_CLASS, MYSQL_AUDIT_CONNECTION_DISCONNECT,\ + (errcode), (thd)->thread_id, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0) + +#define MYSQL_AUDIT_NOTIFY_CONNECTION_CHANGE_USER(thd) mysql_audit_notify(\ + (thd), MYSQL_AUDIT_CONNECTION_CLASS, MYSQL_AUDIT_CONNECTION_CHANGE_USER,\ + (thd)->stmt_da->is_error() ? (thd)->stmt_da->sql_errno() : 0,\ + (thd)->thread_id, (thd)->security_ctx->user,\ + (thd)->security_ctx->user ? strlen((thd)->security_ctx->user) : 0,\ + (thd)->security_ctx->priv_user, strlen((thd)->security_ctx->priv_user),\ + (thd)->security_ctx->external_user,\ + (thd)->security_ctx->external_user ?\ + strlen((thd)->security_ctx->external_user) : 0,\ + (thd)->security_ctx->proxy_user, strlen((thd)->security_ctx->proxy_user),\ + (thd)->security_ctx->host,\ + (thd)->security_ctx->host ? strlen((thd)->security_ctx->host) : 0,\ + (thd)->security_ctx->ip,\ + (thd)->security_ctx->ip ? strlen((thd)->security_ctx->ip) : 0,\ + (thd)->db, (thd)->db ? strlen((thd)->db) : 0) #endif /* SQL_AUDIT_INCLUDED */ === modified file 'sql/sql_connect.cc' --- a/sql/sql_connect.cc 2010-11-25 03:50:16 +0000 +++ b/sql/sql_connect.cc 2010-12-14 14:34:23 +0000 @@ -728,9 +728,12 @@ void do_handle_one_connection(THD *thd_a for (;;) { NET *net= &thd->net; + bool rc; lex_start(thd); - if (login_connection(thd)) + rc= login_connection(thd); + MYSQL_AUDIT_NOTIFY_CONNECTION_CONNECT(thd); + if (rc) goto end_thread; MYSQL_CONNECTION_START(thd->thread_id, thd->security_ctx->priv_user, === modified file 'sql/sql_parse.cc' --- a/sql/sql_parse.cc 2010-12-14 10:46:00 +0000 +++ b/sql/sql_parse.cc 2010-12-14 14:34:23 +0000 @@ -937,6 +937,7 @@ bool dispatch_command(enum enum_server_c #endif case COM_CHANGE_USER: { + bool rc; status_var_increment(thd->status_var.com_other); thd->change_user(); @@ -956,7 +957,9 @@ bool dispatch_command(enum enum_server_c CHARSET_INFO *save_character_set_results= thd->variables.character_set_results; - if (acl_authenticate(thd, 0, packet_length)) + rc= acl_authenticate(thd, 0, packet_length); + MYSQL_AUDIT_NOTIFY_CONNECTION_CHANGE_USER(thd); + if (rc) { my_free(thd->security_ctx->user); *thd->security_ctx= save_security_ctx; @@ -1395,6 +1398,10 @@ bool dispatch_command(enum enum_server_c if (!thd->is_error() && !thd->killed_errno()) mysql_audit_general(thd, MYSQL_AUDIT_GENERAL_RESULT, 0, 0); + mysql_audit_general(thd, MYSQL_AUDIT_GENERAL_STATUS, + thd->stmt_da->is_error() ? thd->stmt_da->sql_errno() : 0, + command_name[command].str); + log_slow_statement(thd); thd_proc_info(thd, "cleaning up"); --===============1442003714557225479== MIME-Version: 1.0 Content-Type: text/bzr-bundle; charset="us-ascii"; name="bzr/sergey.vojtovich@stripped" Content-Transfer-Encoding: 7bit Content-Disposition: inline # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: sergey.vojtovich@stripped\ # k85v1ckb0lqxjwa0 # target_branch: file:///home/svoj/mysql/server/mysql-5.5-bugteam-\ # push/ # testament_sha1: fde1e863a15207b290ece86cd2a72d52004b4341 # timestamp: 2010-12-14 17:35:39 +0300 # base_revision_id: mattias.jonsson@stripped\ # 4a3xxe3eabc1n8ij # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWQOqmVcACHB/gEAQEABZd/// /+//rr////pgD0X3no+77tfZ6Go0+gACvvq8fMd69tPcTrrpSgBI7Yo9mAhJJNATU9U/U1H6NGiT 1PKemp6TanqaHqep6mmyg9QPU0AeoJKNCNDQAjQieSQARo0GQG0Q0ZGBAaEyaTUnlNA0aNAAAAMj TIAAAAJNSQiYiZAyeUZNBo00aBoAGgNGg0AEUkaEaYhU/aqfqeFT9Tyo3qn6nqjyj1AMIGgA09TT RoIpCAmgGowQTyGpoyYo0mgNAaBkGmmiBDhjawOFf4tTOXK67sFV/mjtTGv23po4Y3B26nv4YQ+X DfSZIcep0wwxQbjIMCWS3gaOWRADmMsfH8PHDgCPDtcXt2d3xlGnnf0gnvf5bQj5xhW1qEEh8HPs oXaqXysnXbS2dsW1sWZi2dksmTaaHFRqhWFEaePXuxbJUsIQRO2JXJ05A8CYuxJ6+KTnyMVVFBSL FMe/EkSGtxww3KJmx5NGe2xnouz1lGD6ZlaadpXJkSlCrMooVDCuKyhjEDoSDwhFiGVzY6xOVhgl LnhM2lx2Poap+DYLkz+F51q13pdXO8FTxWKVwqjB0V/fti3Zl1do7stZYQtgXmK/LvsmQkxl7juM MWBAuvKcia4mnJ98mFxlvQCwgZYpafrxttqbKpkq2Oa3GjEnnuqXNSHed9IFB1GoIL6Cy6Ogrzxm wukIQsEa6qjUAU8efu58/Dvp8/ALtmXwzuZZzOMpgJp3WZaZLYlCwkt+hCrpErFfWcuqpoALQ29u oekQRBEERERBFC2dOjs5UM7oOf0a9/1eZnmdxrCY9hmhmEIpEs9pfjVVVXmVRf5OaBrsk1tXS1BO zdCUXWiVTBJ46LAzAe9rEiVFBxIgKBHdi3j2qvwezMzTntQ6GGH8CjAjvXkxD3ucfyEO5gCQASYM SEmOXvbH6X6XlsuOulghzdPLT8fC5Kx3GXXg76nmc77Oc6pHEx1TjUEmSxEsXYyVKB0QoWPQkk/C Gihz8OK2l2cgyWUWgUiGOsrzafjNXdBsgJkJKEpAPCli7ooC3WSmtXVcMrGEvZCcL5DeMINQEMAO WWFlG1hc06Zba68DhzhzUrclu0ihRJdV7dgVMQJgNpYBKkoteJcSKFxIJ1qnhrKsXUEH59v2Bruh Z4P0c1ubZQ7zC0s9o0Ih86N0xxxn6cDZK6n2xmbko0iuyurYXshIyQZCrCVhfKXaGsDpxdpii5aP p6aj7LbEFQkYrIQPmuumZGKCkqW4FGLeehM5Bj2pSU/atKKYrWW9bqP0S3DsINkolCJ0ggkuWn5/ +oiidRx7Vbczwzg4wqwysbGHXApthCN08Wif07rxCeSYsUCZmS2O791UHy45zgsJnkX6j6XVWOJd sE25kdnSaAiwwoPJHIxR0xwCs5Yj8L3pwgvmRqcFTQzgUg1ruUpGkpSKWaowAQE3pWcCoEwiwPWT tDCNkxxxeW3q0qPImxYdbUMULi+wqkYK0js4uR3W6HqS99SF8ZrpnhRmbTmPUYy0xHuEd04SK+sL BBqRVjhBBiY86KGJonD7IFUeI1SoTInV2ECuuy4lvcYcVY1P9EsgGOaqq9/g0O5wTJlPjRqvX2XR ZaLx0qg7a11ruJOhBb79WVTpE+mVg4qgg148yxOIRWSLx+Xf4lKP1W2GmGCtxZMk3mZZQLYXPnYc FUqzoeoeHYiev3FwtxBxBXFt8WHv1WLVHi0uhm7oQkDh2Q84yffWbXKw5DiwHcq0ERolDgnh4yvZ oG+SPHq3VHZnWt12MICZaQUW5VHlcP9aLEvI2LScAoOM7TQiXjblbkmPg8Mxw9Bbn07Fh8FupIlm ux7jlsnd1evdXvUC7XjRzM8hSMXRzgzmDfHmMRmdWmT1TXCCsuiWamymzMW7lwxgNVUq7zK83LC4 mPIUOhsuF1UIZXFeMyGGD4SUVETsVgZsgk0bCVpbI2LVYQHVkjxB5Quk4WY+s104bJK8wMi+UVht 6Pf5eGMy8vMyNDmYGhJZiW0q4gIhLEK62GWpkURIo1GyPJCYAMAIOIEAxE0VV7qmiBKFe03zePiI aRW/2fpHZDw1BYjz0/W8RoYGLYxmITpHCgIZDZc0gNDOzTSTTOUMqU8MRdYiiiWXbkZClU0cEm4T dZJA1ITNm2ui0qEg6DN5w4Cbt1ga0cn+SQ3dLwMyYTM0X3+3JiMSCkXapoY0yBcSTemnXDdez9AS 7NxCvdXX/YWjMJDcOUKB/EdGmBHIi2f7MCv1qnqCeFyP9QEREHrLhWkKhoFbBhQ1OXCBWFCsfBaq ZBNNtuqcRBEQFiSGijvVJAZWuMMC2ALE+3MMwS1KlSAHWlo3XZtyp+I7fuPuzMAPt5cFTZdAubEh CCCCJAhoSXhsE9QBuQ66DAQN8KKJUrhACibt0YhVTTnLkYmF0lSR7xvBQhYtRZLaSYXQxwx9q0gW DeMoiUFFFVSJRVVn3SC4oDYewcz5gDYUDEB1yLrXqHm0ciU+G05UBM+g+uZYVnsNhclt7Ccuhy6J IqFY7YvIh0AiEUk6cWAs++aAB9LdhYDrXiAIEIoq5UB0gEJmZ0jerlN41G6+S030yZOURuSIMxa/ LlaKev8RB4gVnQ4R9B4IFdQPIjDixheorHpio3oxhzDHJOVMUkhiMKtXtZQYApi3Vy7UBIwnOCq4 Me48FMbmbIeevU5mMTU9mfBUrTmSV4XnCYxNKH1gDzmPD+4TJjp9DUwrhIMxrvHV4J7hSdJ7RCRS uCHixATVLAyudF/9+O248cZAIiFTpxdBtQJgBpkAEO6NNCLKoUaGF0rSHRMTcVnG/jl3kBttCVxG 6PAhwMDCAuuQ3FUGa42uUQnuGNQ1P8m/YR6htLbyG+ZPtd4Y5fvE527Xh97wLPIDTjGAAbag5mz0 czTTP1erHNWhMCUquPPpa60hUkQuz35z+2gveR2jldWJPITTcis6pZqOciqGoMJAU4spC8apdSWB KIhrkMp4C5BLHaYPSO6/0cajxOpAuADRIFsbGJ+j3+Sx1Mxi2caqbut2Kz5EfIQSM1j2VdujvPhe 7P3+HAWXAkKXvCBGFgdxASQxacA2EQSkBEIVabp0gOgpaPwpRJI9l54xjh6evJDPk3aC67/sInnE 2AlBYJlV2j8iqojYiYZXcckMZcDq+BNdrxO401HyPJ8vG4vPeW3StPD5MfADKagOzknV9K93csLv XQJ4XBMusmVZwjYzA0NSawCA2NR44erjXkGIB5Zb0TeJh7PHOC3pVeKcE4VkYyGUJJd3k+M0SoEk AZ2Qpw6vbi1irstJFeDweg9CrWR8F2QeDrfCKUJfB7PJ6pvAxJOIJTf1bFthEiv3fUQB7TA4Avce L8vLv7EWw4HmpVxMx1CWCbp2jaHhCD6fC6ytDQhBHIeRyuIgN9Hp4CQYwAHi6ysAPf3khNdrlW7E 8/OXacna6nGgJo6xDxOvOIXTENaRfxErfB7XvcCkhCgaXWJrmPdlrAMLZIEAzraK0Ts31L4xUqQu iBdwugUrd5knHb3OOt7Q+D5iGOuvQGAmzS3guXe6X40qJvQ4ed7cBQDoJV2bu1Nvm4MJZcBMtTtH cU/J/ybpwB9fFpjeaYYhliLI2sT9mQlQkERmBvXLSrPIWDVfJv4VCeiBvBcLDW1JNhtsqFM80C9v vTo2pzZpeC22IOXMRCjCCRCRAkPB3tD7jp0Bpe1+c4J0ca8Q5OnO2uGL7IUKG9sEDWIcWHG1oh/V hPrYFJvcZdxGeHkqaBNLPvm+AO7V+1kk6AlYmks65EAEFbNr3YgHyyFg5jnCwhySsktgF1nklnTi RGbM0rOZzjGptCK40aQ8o+caV4PIHjeNd9ZOdalsT3uria1F0Jie6IdeCJCYw7aJSYQ4wLWQDSAa IBB00q+Z0H0Gh5Nrze4cECzJ7SA9bKgCBTu+jSAGsTQLudbZoSAdD6JXfbQIEqEsuciTnYdbJ6rQ 5m6K4k2tskuIIpKGGcASpwNldiQPIAMgqY+I5gQsvmi6cr4XUuILnEktaGamhyLki2UpSlK0o/Mv SApBAVVxKUoiUpjOjPK0ClGk0zK6QL3F1mExSQlN2478o5hJTOsgSo1pZ5tjg7nDNrc0JCwTlJWy ZLEoSwwEauYg0SpIhOtzlNskvQapLZNoTmLSlQ0pDR8kqifaG+WqsGBeNzkyLCJzEXr5Kzkb2Rv7 Uye3gywPFSBvKuhNq2Q29I0cgdzMTI/IElSBZwRh0SQsvYhvACQAfG90gR8W9NrlpgYB/TBVz4UE wz0Z78A66gWwnoBDU9JxK5EgYJSHcQ7YCZASj3Zz3PWnP5iG559mkTBAu3esPcoHaxfaCSEzPm3d JqUNr2CE297H1dGlqdJuADwS14vW1Nh6iFT2utRreDg8ekTI16jTAxIEifpvdIATE9eXYfBU2anQ U7OnUuhjVo7HVa5rMH5XsH/xdyRThQkAOqmVcA== --===============1442003714557225479==--