Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VAULT-23121: Audit - Empty fields are HMAC and appear in audit logs #24901

Closed
wants to merge 11 commits into from
Closed

VAULT-23121: Audit - Empty fields are HMAC and appear in audit logs #24901

wants to merge 11 commits into from

Conversation

peteski22
Copy link
Contributor

@peteski22 peteski22 commented Jan 17, 2024
edited
Loading

We've had reports where customers see a different output structure in their audit logs depending on whether they are using log_raw option or not.

When raw output is enabled, empty fields which have been marked to be omitted from JSON output are honored, however when HMAC is applied, the empty fields first have HMAC applied and then are JSON encoded meaning they're never empty and always appear.

This PR updates GetIdentifiedHMAC to ignore default string value ("") which causes some fields to appear in the audit logs with a HMAC'd value for "".

@peteski22 peteski22 added core Issues and Pull-Requests specific to Vault Core core/audit hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed labels Jan 17, 2024
@peteski22 peteski22 added this to the 1.16.0-rc1 milestone Jan 17, 2024
@peteski22 peteski22 requested review from ncabatoff and a team January 17, 2024 12:01
@peteski22 peteski22 changed the title Audit: empty fields are HMAC and appear in audit logs VAULT-23121: Audit - Empty fields are HMAC and appear in audit logs Jan 17, 2024
@peteski22 peteski22 marked this pull request as ready for review January 17, 2024 12:29
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 17, 2024
edited
Loading

CI Results: failed ❌
Failures:

Test Type Package Test Logs

@github-actions GitHub Actions
Copy link

Build Results:
All builds succeeded! ✅

@anwittin anwittin modified the milestones: 1.16.0-rc1, 1.16.0 Feb 22, 2024
@digivava
Copy link
Collaborator

This one has a do-not-merge label and still has not been reviewed so I will move this to the 1.16.1 milestone since today is code freeze.

@digivava digivava modified the milestones: 1.16.0, 1.16.1 Mar 22, 2024
@peteski22 peteski22 removed this from the 1.16.1 milestone Mar 22, 2024
@peteski22 peteski22 marked this pull request as draft March 22, 2024 19:15
@peteski22 peteski22 closed this Jul 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncabatoff ncabatoff Awaiting requested review from ncabatoff

Assignees
No one assigned
Labels
core/audit core Issues and Pull-Requests specific to Vault Core do-not-merge hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@peteski22 @digivava @anwittin