[SERVER-54964] Require valid clients for all audit events Created: 04/Mar/21  Updated: 29/Oct/23  Resolved: 18/Mar/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 4.9.0

Type: Task Priority: Major - P3
Reporter: Benjamin Caimano (Inactive) Assignee: Benjamin Caimano (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-24912 Include Client Metadata in audit logs Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2021-03-22
Participants:

 Description   

We take a client pointer to our audit hooks but allow for it to be nullptr. Audit events are related to changes in storage, networking, or other stateful systems, thus we should always have at least a client if not an opCtx. We should invariant that the client exists and fix places where it does not. (Notably, logLogout fails to acquire the current client during client decoration destruction.)



 Comments   
Comment by Githook User [ 18/Mar/21 ]

Author:

{'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}

Message: SERVER-54964 Require valid client for all audit events
Branch: master
https://github.com/mongodb/mongo/commit/68012be8b6831dee11f3e43f573e6c58caf8b464

Comment by Githook User [ 18/Mar/21 ]

Author:

{'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}

Message: SERVER-54964 Require valid client for all audit events
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/aeade7d1bee65496978f08b113df1367f1afa489

Generated at Thu Feb 08 05:35:03 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.