Updating with the latest offsets for

Percona64 	5.7.30-33, 5.7.29-32, 5.7.28-31, 5.7.27-30, 5.7.26-29

MySQL64 	8.0.22, 9.0.21, 8.0.20, 8.0.19, 8.0.18, 8.0.17, 8.0.16, 8.0.15, 8.0.14, 8.0.13, 8.0.12, 8.0.11,
		5.6.49, 5.7.31, 5.6.46, 5.6.47, 5.6.48, 5.7.30, 5.7.29, 5.7.28, 5.6.45, 5.7.27, 5.6.44, 5.7.26

MariaDB64	10.1.43, 10.2.27, 10.2.29, 5.5.66, 10.1.47, 10.2.34, 10.2.30, 10.2.33, 10.1.46, 10.2.31, 10.1.44,
		10.1.45, 10.2.32, 5.5.67, 5.5.68, 10.1.41, 10.2.26, 5.5.65, 10.2.25, 10.1.40, 10.1.39, 10.2.24,
		10.2.23, 5.5.64

MySQL32		5.6.49, 5.7.31, 5.6.46, 5.6.47, 5.6.48, 5.7.28, 5.7.29, 5.7.30, 5.6.45, 5.7.27, 5.6.44, 5.7.26

MariaDB32	10.1.43, 10.2.27, 10.2.29, 5.5.66, 10.1.47, 10.2.34, 10.2.30, 10.2.33, 10.1.46, 10.2.32, 10.1.44,
		10.1.45, 10.2.31, 5.5.67, 5.5.68, 10.1.41, 10.2.26, 5.5.65, 10.2.25, 10.1.40, 10.1.39, 10.2.24,
		10.2.23, 5.5.64

compiling.txt

@@ -81,3 +81,20 @@ Some documentation about configure command for mysql:
 
 http://dev.mysql.com/doc/refman/5.1/en/source-configuration-options.html
 
+
+==== MariaDB 10.2.10 ======
+1. Firstly checkout the source code:-
+	- svn co https://beasource3.corp.nai.org/svn/projects/DBSec-MySQL audit_plugin_mysql
+2. cd audit_plugin_mysql
+3. unzip zip-sources/mariadb-10.2.10.zip
+4. cd mariadb-10.2.10
+5. CC=gcc CXX=g++ cmake .    -DBUILD_CONFIG=mysql_release -DGNUTLS_INCLUDE_DIR=./zip-sources/mariadb-10.2.10/gnutls-3.3.24/64b/include -DGNUTLS_LIBRARY=./zip-sources/mariadb-10.2.10/gnutls-3.3.24/64b/lib
+6. cd mariadb-10.2.10/libservices
+7. make
+8. cd ../extra
+9. make
+10. cd ../..
+11. chmod +x bootstrap.sh
+12. ./bootstrap.sh
+13. CXX='gcc -static-libgcc' CC='gcc -static-libgcc' MYSQL_AUDIT_PLUGIN_VERSION=1.1.7 MYSQL_AUDIT_PLUGIN_REVISION=`svn info|grep ^Revision|awk -F ": " '{print $2}'` ./configure --enable-debug=no --with-mysql=mariadb-10.2.10 --with-mysql-libservices=mariadb-10.2.10/libservices/libmysqlservices.a
+14. gmake <======== This will create the plugin "libaudit_plugin.so"

config/ac_mysql.m4

@@ -33,7 +33,7 @@ dnl
 dnl table_id.h included from table.h included by mysql_inc.h is
 dnl in libbinlogevents/include.
     AC_DEFINE([MYSQL_SRC], [1], [Source directory for MySQL])
-    MYSQL_INC="-I$withval/sql -I$withval/libbinlogevents/export -I$withval/libbinlogevents/include -I$withval/include -I$withval/regex -I$withval"
+    MYSQL_INC="-I$withval/sql -I$withval/libbinlogevents/export -I$withval/libbinlogevents/include -I$withval/include -I$withval/regex -I$withval -I$withval/extra/rapidjson/include"
     AC_MSG_RESULT(["$withval"])
   ],
   [

configure.ac

@@ -96,8 +96,7 @@ AC_PATH_PROG(DIFF, diff, diff)
 #we can add the following flags for better error catching: -Werror -Wimplicit
 CPPFLAGS="$CPPFLAGS -Werror -Wall"
 CFLAGS="$CFLAGS -Wimplicit"
-# From MySQL: Disable exceptions as they seams to create problems with gcc and threads.
-CXXFLAGS="-fno-implicit-templates -fno-exceptions -fno-rtti -Wno-reorder -Wno-strict-aliasing"
+CXXFLAGS="-fno-implicit-templates -fno-strict-aliasing"
 
 #add pthread libs
 LIBS="$LIBS -lpthread"

include/audit_handler.h

@@ -104,6 +104,7 @@ typedef struct ThdOffsets {
 	OFFSET stmt_da;
 	OFFSET da_status;
 	OFFSET da_sql_errno;
+	OFFSET view_tables;
 } ThdOffsets;
 
 /*
@@ -224,7 +225,9 @@ class Audit_formatter {
 	virtual ssize_t stop_msg_format(IWriter *writer) { return 0; }
 
 	static const char *retrieve_object_type(TABLE_LIST *pObj);
+#if defined(MARIADB_BASE_VERSION) || MYSQL_VERSION_ID < 80000
 	static QueryTableInf *getQueryCacheTableList1(THD *thd);
+#endif
 
 	// utility functions for fetching thd stuff
 	static int thd_client_port(THD *thd);
@@ -579,7 +582,10 @@ static inline const CHARSET_INFO * pfs_connect_attrs_cs(void * pfs)
 
 	static inline bool table_is_view(TABLE_LIST *table)
 	{
-		return table->view_tables != 0;
+		if (!Audit_formatter::thd_offsets.view_tables)
+			return table->view_tables != 0;
+		List<TABLE_LIST> **view_tables = (List<TABLE_LIST> **)((char*)table + Audit_formatter::thd_offsets.view_tables);
+		return *view_tables;
 	}
 };
 
@@ -592,14 +598,14 @@ class Audit_json_formatter: public Audit_formatter {
 	static const char *DEF_MSG_DELIMITER;
 
 	Audit_json_formatter()
-		: m_msg_delimiter(NULL),
-		m_write_start_msg(true),
+		: m_write_start_msg(true),
 		m_write_sess_connect_attrs(true),
 		m_write_client_capabilities(false),
 		m_write_socket_creds(true),
-		m_password_mask_regex_preg(NULL),
+		m_perform_password_masking(NULL),
+		m_msg_delimiter(NULL),
 		m_password_mask_regex_compiled(false),
-		m_perform_password_masking(NULL)
+		m_password_mask_regex_preg(NULL)
 	{
 
 	}
@@ -706,8 +712,12 @@ class Audit_handler {
 	static void stop_all();
 
 	Audit_handler() :
-		m_initialized(false), m_enabled(false), m_print_offset_err(true),
-		m_formatter(NULL), m_failed(false), m_log_io_errors(true)
+		m_formatter()
+		,m_initialized()
+		,m_enabled()
+		,m_failed()
+		,m_log_io_errors(true)
+		,m_print_offset_err(true)
 	{
 	}
 
@@ -873,7 +883,10 @@ class Audit_file_handler: public Audit_io_handler {
 public:
 
 	Audit_file_handler() :
-		m_sync_period(0), m_log_file(NULL), m_sync_counter(0), m_bufsize(0)
+		m_sync_period(0)
+		, m_bufsize(0)
+		, m_log_file(NULL)
+		, m_sync_counter(0)
 	{
 		m_io_type = "file";
 	}
@@ -920,8 +933,10 @@ class Audit_socket_handler: public Audit_io_handler {
 public:
 
 	Audit_socket_handler() :
-		m_vio(NULL), m_connect_timeout(1), m_write_timeout(0),
-		m_log_with_error_severity(false)
+		m_connect_timeout(1)
+		, m_write_timeout()
+		, m_vio()
+		, m_log_with_error_severity()
 	{
 		m_io_type = "socket";
 	}

include/hot_patch.h

@@ -4,7 +4,6 @@
  *  Created on: Jan 10, 2011
  *      Author: Guyl
  */
-
 #ifndef HOT_PATCH_H_
 #define HOT_PATCH_H_
 
@@ -14,9 +13,14 @@
 
 #define GETPAGESIZE()         sysconf (_SC_PAGE_SIZE)
 
-int hot_patch_function(void* targetFunction, void* newFunction, void* trampolineFunction, unsigned int *trampolinesize, unsigned int *usedsize, bool log_info);
+struct SavedCode {
+    char code [1024];
+    size_t size;
+};
+
+int hot_patch_function(void* targetFunction, void* newFunction, void* trampolineFunction, unsigned int *trampolinesize, unsigned int *usedsize, bool log_info, SavedCode* saved_code);
 
-void remove_hot_patch_function(void* targetFunction, void* trampolineFunction, unsigned int trampolinesize, bool log_info);
+void remove_hot_patch_function(void* targetFunction, void* trampolineFunction, unsigned int trampolinesize, bool log_info, SavedCode* saved_code);
 
 //8KB NOP + 16
 //can be used to define a block of memory to use for trampolines

include/mysql_inc.h

@@ -33,7 +33,26 @@
 
 #include <sql_parse.h>
 #include <sql_class.h>
+#if !defined(MARIADB_BASE_VERSION) && MYSQL_VERSION_ID >= 80019
+#include <mysql/components/services/mysql_connection_attributes_iterator.h>
+#include <mysql/components/my_service.h>
+#include <mysql/service_plugin_registry.h>
+#endif
+#if !defined(MARIADB_BASE_VERSION) && MYSQL_VERSION_ID >= 80000
+using my_bool = bool;
+#if MYSQL_VERSION_ID < 80012
+#define PLUGIN_VAR_NOSYSVAR 0x0400
+#endif
+#include <sql/item.h>
+#include <sql/log.h>
+#include <sql/log_event.h>
+#include <sql/mysqld.h>
+#include <sql/protocol.h>
+#include <sql/sql_lex.h>
+#else
 #include <my_global.h>
+typedef struct st_mysql_sys_var SYS_VAR;
+#endif
 #include <sql_connect.h>
 #include <sql/sql_base.h>
 #include <sql/sql_table.h>
@@ -73,10 +92,7 @@
 # endif
 #endif
 
-// MariaDB doesn't have my_getsystime (returns 100 nano seconds) function. They replaced with my_hrtime_t my_hrtime() which returns microseconds
-#if  defined(MARIADB_BASE_VERSION)
-
-#define my_getsystime() ((my_hrtime()).val * 10)
+#if defined(MARIADB_BASE_VERSION)
 // MariaDB has a kill service that overrides thd_killed as a macro. It also has thd_killed function defined for backwards compatibility, so we redefine it.
 #undef thd_killed
 extern "C" int thd_killed(const MYSQL_THD thd);
@@ -85,12 +101,87 @@ extern "C" int thd_killed(const MYSQL_THD thd);
 #if MYSQL_VERSION_ID >= 100010
 extern "C"  char *thd_security_context(MYSQL_THD thd, char *buffer, unsigned int length, unsigned int max_query_len);
 #endif
-
 #endif
 
 //Define HAVE_SESS_CONNECT_ATTRS. We define it for mysql 5.6 and above
 #if (!defined(MARIADB_BASE_VERSION)) && MYSQL_VERSION_ID >= 50600
 #define HAVE_SESS_CONNECT_ATTRS 1
 #endif
 
+
+#if defined(MARIADB_BASE_VERSION) || MYSQL_VERSION_ID < 80000
+#include <dlfcn.h>
+#endif
+
+namespace compat {
+/*************************/
+/*     my_getsystime     */
+/*************************/
+#if  defined(MARIADB_BASE_VERSION)
+// MariaDB doesn't have my_getsystime (returns 100 nano seconds) function. They replaced with my_hrtime_t my_hrtime() which returns microseconds
+static inline unsigned long long int my_getsystime() { return (my_hrtime()).val * 10; }
+#elif MYSQL_VERSION_ID < 80000
+static inline unsigned long long int my_getsystime() { return ::my_getsystime(); }
+#else
+static inline unsigned long long int my_getsystime() {
+#ifdef HAVE_CLOCK_GETTIME
+  // Performance regression testing showed this to be preferable
+  struct timespec tp;
+  clock_gettime(CLOCK_REALTIME, &tp);
+  return (static_cast<unsigned long long int>(tp.tv_sec) * 10000000 +
+          static_cast<unsigned long long int>(tp.tv_nsec) / 100);
+#else
+  return std::chrono::duration_cast<
+             std::chrono::duration<std::int64_t, std::ratio<1, 10000000>>>(
+             UTC_clock::now().time_since_epoch())
+      .count();
+#endif /* HAVE_CLOCK_GETTIME */
+}
+#endif
+
+/*********************************************/
+/*   vio_socket_connect                      */
+/*********************************************/
+#if MYSQL_VERSION_ID >= 50600
+#ifndef MYSQL_VIO
+#define MYSQL_VIO Vio*
+#endif
+#if defined(MARIADB_BASE_VERSION) || MYSQL_VERSION_ID < 80000
+static inline bool vio_socket_connect(MYSQL_VIO vio, struct sockaddr *addr, socklen_t len, int timeout)
+{
+    return ::vio_socket_connect(vio, addr, len, timeout);
+}
+#else
+/*********************************************/
+/*                                           */
+/*  resolve the symbols manualy to permit    */
+/*  loading of the plugin in their absence   */
+/*                                           */
+/*********************************************/
+extern bool (*_vio_socket_connect)(MYSQL_VIO vio, struct sockaddr *addr, socklen_t len, int timeout);
+extern bool (*_vio_socket_connect_80016)(MYSQL_VIO vio, struct sockaddr *addr, socklen_t len, bool nonblocking, int timeout);
+extern bool (*_vio_socket_connect_80020)(MYSQL_VIO vio, struct sockaddr *addr, socklen_t len, bool nonblocking, int timeout, bool *connect_done);
+
+static inline bool vio_socket_connect(MYSQL_VIO vio, struct sockaddr *addr, socklen_t len, int timeout)
+{
+    if (_vio_socket_connect) return _vio_socket_connect(vio, addr, len, timeout);
+    if (_vio_socket_connect_80016) return _vio_socket_connect_80016(vio, addr, len, false, timeout);
+    if (_vio_socket_connect_80020) return _vio_socket_connect_80020(vio, addr, len, false, timeout, nullptr);
+    return true;
+}
+static inline bool init()
+{
+    void* handle = dlopen(NULL, RTLD_LAZY);
+    if (!handle)
+        return false;
+    _vio_socket_connect = (decltype(_vio_socket_connect))dlsym(handle, "_Z18vio_socket_connectP3VioP8sockaddrji");
+    _vio_socket_connect_80016 = (decltype(_vio_socket_connect_80016))dlsym(handle, "_Z18vio_socket_connectP3VioP8sockaddrjbi");
+    _vio_socket_connect_80020 = (decltype(_vio_socket_connect_80020))dlsym(handle, "_Z18vio_socket_connectP3VioP8sockaddrjbiPb");
+    dlclose(handle);
+    return _vio_socket_connect || _vio_socket_connect_80016 || _vio_socket_connect_80020;
+}
+#endif
+#endif
+}
+
 #endif // MYSQL_INCL_H

offset-extract/offset-extract.sh

@@ -32,15 +32,15 @@ DB=db
 CLIENT_CAPS="print_offset THD client_capabilities"
 
 # In 5.6 command member is named m_command
-if echo $MYVER | grep -P '^(5\.6|5\.7|10\.)' > /dev/null
+if echo $MYVER | grep -P '^(5\.6|5\.7|8\.|10\.)' > /dev/null
 then
 	COMMAND_MEMBER=m_command
 	HAS_CONNECT_ATTRS=yes
 fi
 
 CONNECT_ATTRS_CS=m_session_connect_attrs_cs
 # In 5.7 thread_id changed to m_thread_id. main_security_ctx changed to m_main_security_ctx
-if echo $MYVER | grep -P '^(5\.7)' > /dev/null
+if echo $MYVER | grep -P '^(5\.7|8\.)' > /dev/null
 then
 	THREAD_ID=m_thread_id
 	SEC_CONTEXT=m_main_security_ctx
@@ -59,7 +59,7 @@ fi
 
 # In 5.6.15 and up, 5.7 and mariabdb 10.0.11 and up, mariadb 10.1 
 # m_session_connect_attrs_cs changed to m_session_connect_attrs_cs_number
-if echo $MYVER | grep -P '^(5\.7|10\.[1-2]|5\.6\.(1[5-9]|[2-9][0-9])|10.0.(1[1-9]|[2-9][0-9]))' > /dev/null
+if echo $MYVER | grep -P '^(5\.7|8\.|10\.[1-2]|5\.6\.(1[5-9]|[2-9][0-9])|10.0.(1[1-9]|[2-9][0-9]))' > /dev/null
 then
 	CONNECT_ATTRS_CS=m_session_connect_attrs_cs_number
 fi
@@ -75,7 +75,7 @@ else
 	CONNECT_ATTRS='printf ", 0, 0, 0"'
 fi
 
-if echo $MYVER | grep -P '^5\.7' > /dev/null
+if echo $MYVER | grep -P '^(5\.7|8\.0)' > /dev/null
 then
 	if echo $MYVER | grep -P '^5\.7\.8' > /dev/null
 	then
@@ -115,7 +115,7 @@ DA_STATUS="print_offset Diagnostics_area m_status"		# 5.5, 5.6, 5.7, mariadb 10.
 DA_SQL_ERRNO="print_offset Diagnostics_area m_sql_errno"	# 5.5, 5.6, mariadb 10.0, 10.1, 10.2
 STMT_DA="print_offset THD m_stmt_da"				# 5.6, 5.7, mariadb 10.0, 10.1, 10.2
 
-if echo $MYVER | grep -P '^(5\.7)' > /dev/null
+if echo $MYVER | grep -P '^(5\.7|8\.0)' > /dev/null
 then
 	DA_SQL_ERRNO="print_offset Diagnostics_area m_mysql_errno"
 elif echo $MYVER | grep -P '^(5\.6|10\.)' > /dev/null
@@ -130,6 +130,17 @@ else
 	DA_SQL_ERRNO='printf ", 0"'
 fi
 
+LEX_COMMENT=""
+VIEW_TABLES=""
+if echo $MYVER | grep -P '^(8\.0)' > /dev/null
+then
+	LEX_COMMENT='printf ", 0"'
+	VIEW_TABLES="print_offset TABLE_LIST view_tables"
+else
+	LEX_COMMENT="print_offset LEX comment"
+	VIEW_TABLES='printf ", 0"'
+fi
+
 cat <<EOF > offsets.gdb
 set logging on
 set width 0
@@ -142,7 +153,7 @@ print_offset THD $THREAD_ID
 print_offset THD $SEC_CONTEXT
 print_offset THD $COMMAND_MEMBER
 print_offset THD lex
-print_offset LEX comment
+$LEX_COMMENT
 print_offset Security_context $USER
 print_offset Security_context $HOST
 print_offset Security_context $IP
@@ -159,6 +170,7 @@ $ROW_COUNT_FUNC
 $STMT_DA
 $DA_STATUS
 $DA_SQL_ERRNO
+$VIEW_TABLES
 printf "}"
 EOF