Hi, Oleksandr, Ok to push. But do you no longer delete server_audit.log after the test? On Dec 02, Oleksandr Byelkin wrote:
revision-id: 534dda1234b (mariadb-10.5.27-64-g534dda1234b) parent(s): fdb6db6b47f author: Oleksandr Byelkin committer: Oleksandr Byelkin timestamp: 2024-11-29 11:45:01 +0100 message:
MDEV-35522: MariaDB Audit does not detect all DCLs forms when masking password
1. skip OR REPLACE (to make it filter_query_type made recursive)
2. skip SET STATEMENT ... FOR before checking statements with passwords
diff --git a/mysql-test/suite/plugins/t/server_audit_pwd_mask.test b/mysql-test/suite/plugins/t/server_audit_pwd_mask.test --- a/mysql-test/suite/plugins/t/server_audit_pwd_mask.test +++ b/mysql-test/suite/plugins/t/server_audit_pwd_mask.test --echo # cleaunup +DROP SERVER s1; DROP USER u1; DROP USER u2; set global server_audit_logging=off; ---remove_file $SEARCH_FILE +##--remove_file $SEARCH_FILE
why?
--disable_warnings UNINSTALL PLUGIN ed25519; UNINSTALL PLUGIN server_audit; --enable_warnings
Regards, Sergei Chief Architect, MariaDB Server and security@mariadb.org