Details
-
New Feature
-
Status: In Review (View Workflow)
-
Critical
-
Resolution: Unresolved
Description
As part of an internal security audit plugin, we are looking to have the TLS version of the connection as an available field.
This can bring some useful information to the audit plugin for security purpose.
Ongoing PR: https://github.com/MariaDB/server/pull/3175
Attachments
Issue Links
- relates to
-
MDEV-12182 RFE: audit plugin should log HOST:PORT of incoming connection (port is missing)
-
- Open
-
-
MDEV-17879 Add support for MariaDB audit plugin to produce JSON format
-
- Open
-
Here's another thought. We have MDEV-12182 — adding port number to the audit log — it doesn't require changing the log format at all, it can be added to the "hostname" field, as "hostname:port". Still, it needs adding the port number to audit API structures. And thus it is marked as blocked by MDEV-5313 — which should allow passing down more values to the audit plugin without constantly extending audit API structure.
This MDEV also extends the audit API structure, so by the same logic it's blocked by MDEV-5313.
Now the question is — MDEV-5313 has shown no progress in 11 years, perhaps we shall give up and just start extending the audit API structure as we see fit?
ralf.gebhardt, holyfoot, thoughts?