Auditlog are not signature the field resolver


#1

Hello,
why are the version v2.22dev5 (file lib/auditmodules/sqlaudit.py) ignore the field “resolver” in the signature?

Regards.


#2

It is because the resolver is not added in the string, that is signed. This was probably simply forgotton. Or maybe done for a good reason a few years ago - which however I doubt.

The serialization function log_to_string? does not contain the resolver:

I think I open an issue for that - althoug I am currently not sure, how I would resolve this.


#3

Maybye a new db field with a version what fields are included.
Newer auditlog includes the resolver and the version:

create list with old style
if (version == 1 ) { append resolver and version to the list }
signature(list)

Or the signature get a “salt” that includes the fieldnames or the version