New feature: password masking. New configuration variables added: aud…

…it_password_masking_cmds and audit_password_masking_regex.
trellix-enterprise · Jul 6, 2014 · 5e9f373 · 5e9f373
1 parent d3eddd6
commit 5e9f373
Show file tree

Hide file tree

Showing 263 changed files with 242,459 additions and 40 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -1,5 +1,8 @@
 ## top-level Makefile.am
 
+clean-local:
+	cd pcre && $(MAKE) $(AM_MAKEFLAGS) clean
+
 #Build in these directories:
 SUBDIRS = yajl udis86 src 
 

diff --git a/configure.ac b/configure.ac
@@ -50,6 +50,12 @@ AC_SUBST(YAJL_INC)
 UDIS_INC=-I`cd udis86 && pwd`
 AC_SUBST(UDIS_INC)
 
+#pcre
+(cd pcre && CFLAGS=-fPIC ./configure --enable-utf --disable-cpp --disable-shared --enable-static )
+if test $? -ne 0 ; then 
+	AC_MSG_ERROR([Failed pcre configure])
+fi
+
 
 dnl AC_PROG_CC set CFLAGS=-g if CFLAGS was empty before. Reset to empty value
 dnl when not building a debug version.

diff --git a/include/audit_handler.h b/include/audit_handler.h
@@ -10,6 +10,8 @@
 
 #include "mysql_inc.h"
 #include <yajl/yajl_gen.h>
+#define PCRE_STATIC
+#include <pcre.h>
 
 #define AUDIT_LOG_PREFIX "Audit Plugin:"
 #define AUDIT_PROTOCOL_VERSION "1.0"
@@ -268,20 +270,48 @@ class Audit_json_formatter: public Audit_formatter
 
     static const char * DEF_MSG_DELIMITER;
 
-    Audit_json_formatter(): m_msg_delimiter(NULL), m_write_start_msg(true)
+    Audit_json_formatter(): m_msg_delimiter(NULL), m_write_start_msg(true), m_password_mask_regex_preg(NULL),
+		m_password_mask_regex_compiled(false), m_perform_password_masking(NULL)
     {
         config.beautify = 0;
         config.indentString = NULL;
     }
-    virtual ~Audit_json_formatter() {}
+    virtual ~Audit_json_formatter() 
+	{
+		if(m_password_mask_regex_preg)
+		{
+			m_password_mask_regex_compiled = false;
+			pcre_free(m_password_mask_regex_preg);
+			m_password_mask_regex_preg = NULL;			
+		}
+	}
+
     virtual ssize_t event_format(ThdSesData *pThdData, IWriter * writer);
-	virtual ssize_t start_msg_format(IWriter * writer);
+	virtual ssize_t start_msg_format(IWriter * writer);		
+
+	/**
+	 * Utility method used to compile a regex program. Will compile and log errors if necessary.
+	 * Return null if fails
+	 */
+	static pcre * regex_compile(const char * str);
+
+	/**
+	 * Compile password masking regex
+	 * Return 0 on success
+	 */
+	int compile_password_masking_regex(const char * str);
 
 	/**
 	 * Boolean indicating if to log start msg.
 	 * Public so sysvar can update.
 	 */
-	my_bool m_write_start_msg;
+	my_bool m_write_start_msg;		
+
+
+	/**
+	 * Callback function to determine if password masking should be performed
+	 */
+	my_bool (* m_perform_password_masking)(const char *cmd);
 
     /**
      * Message delimiter. Should point to a valid json string (supporting the json escapping format).
@@ -300,7 +330,17 @@ class Audit_json_formatter: public Audit_formatter
 
 	Audit_json_formatter& operator =(const Audit_json_formatter& b);
 	Audit_json_formatter(const Audit_json_formatter& );
-
+
+	/**
+	 * Boolean indicating if password masking regex is compiled
+	 */
+	my_bool m_password_mask_regex_compiled;
+
+	/**
+	 * Regex used for password masking
+	 */
+	pcre * m_password_mask_regex_preg;
+
 };
 
 /**

diff --git a/include/mysql_inc.h b/include/mysql_inc.h
@@ -51,6 +51,7 @@
 #include <my_md5.h>
 #include <my_dir.h>
 #include <my_sys.h>
+#include <my_regex.h>
 
 //5.5 use my_free with a single param. 5.1 use with 2 params
 //based on: http://bazaar.launchpad.net/~mysql/myodbc/5.1/view/head:/util/stringutil.h