From: Francis Dupont <fdupont@isc.org>
Date: Mon, 19 Feb 2018 17:03:03 +0000 (+0100)
Subject: [master] Finishing merge of (forensic/legal logging to database)
X-Git-Tag: trac5502_base~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e17e79bc6e4e58263941203b5e4a1decc676cf5d;p=thirdparty%2Fkea.git

[master] Finishing merge of (forensic/legal logging to database)
---

e17e79bc6e4e58263941203b5e4a1decc676cf5d
diff --cc .gitmodules
index 0000000000,e4730c1e82..e69de29bb2
mode 000000,100644..100644
--- a/.gitmodules
+++ b/.gitmodules
diff --cc ChangeLog
index 20a56252e3,08d36b4849..4fd88cfb02
--- a/ChangeLog
+++ b/ChangeLog
@@@ -1,91 -1,3 +1,95 @@@
++1359.	[func]		fdupont
++	Extended forensic (aka legal) logging with database capability.
++	(Trac #5420, git xxx)
++
 +1358.	[build,bug]	fdupont
 +	Cassandra build fixes for macOS.
- 	(Trac #5494, git xxx)
++	(Trac #5494, git 51fd66d364fab2da37fc12557b78bf9863df78d3)
 +
 +1357.	[bug]		rcgoodfellow
 +	Fixed bug in kea-admon causing error on lease-dump.
- 	(github #61, git xxx)
++	(github #61, git 2c9454ec56edc8f3cff8a23329f53ced0d172280)
 +
 +1356.	[func]		andreipavelQ,tomek
 +	The logging configuration is now applied early, which helps
 +	seeing errors in case the new configuration is faulty.
 +	(github #41, git d77fbec5a003a69cab207aa741133015f2657878)
 +
 +1355.	[build]		andreipavelQ
 +	--with-dhcp-mysql renamed to --with-mysql and
 +	--with-dhcp-pgsql renamed to --with-pgsql. These names were
 +	leftovers from old BIND10 times when Kea was part of bigger
 +	solution that also provided DNS services. Kea is now a stand-alone
 +	software, thus the -dhcp- doesn't make sense in those options any
 +	more.
 +	(github #40, git 318c9e3d3db9bb938ced27932d8401172529a2ff)
 +
 +1354.	[doc]		andreipavelQ
 +	Documentation has been upgraded to DocBook 5.0.
 +	(github #39, git 9b6705bd6c534128ec18820ff0cbdd72b7fce9e9)
 +
 +1353.	[func]		tomek
 +	Lightweight 4over6 options reinstantiated. Definitions for DHCPv6
 +	options 89 through 96 were added back. DHCPv4 v4 Parameters Option
 +        159 has its definition tweaked slightly.
 +	(Trac #5514, git 6a4aac2b3bfffe41460db6d1cd3c55b1430aa50c)
 +
 +1352.	[build]		andrei
 +	Support for coverage tests has been improved.
 +	(Github #43, git 1949bb3abf71fb3997044d239eb683095166c39f)
 +
 +1351.	[build,bug]	andrei, razvan
 +	Various small changes and bugfixes. Thank you to Andrei Pavel
 +	and Razvan Becheriu for submitting their patch.
 +	(Github #54, git 2efa7494228a1797dff8d9d74107a452c61e2386)
 +
 +1350.	[func]		fdupont
 +	It is now possible to specify client classification restrictions
 +	on per pool basis. This capability will be useful for grouping
 +	certain types of devices into specific address and/or prefix
 +	pools.
 +	(Trac #5425, git 5f3a89d6e32e90cd9cbb2347c7b2208c3e1561e0)
 +
 +1349.	[build]		andreipavelQ
 +	Compilation parameters unified (every file now includes config.h,
 +	several makefile tweaks).
 +	(Github #38, git 7206aa79c57be7466c4ab3dd558663c6c4f858b7)
 +
 +1348.	[func]		fdupont
 +	Several hook points now support next step status DROP. This allows
 +	more flexibility with dropping packets from within hooks.
 +	(Trac #5443, git ff22a906915a34df327174f550f69a396a05bb2c)
 +
 +1347.	[func]		marcin
 +	Implemented HTTP client classes in libkea-http.
 +	(Trac #5451, git 94267e252b372650e4235389251b49d6f5501322)
 +
 +1346.	[build]		fdupont
 +	Modified configure.ac to include premium module m4 macros, if the
 +	module is present. Prior to this it relied on premium having it's
 +	own configure.ac script.
 +	(Trac #5400, git 38c4f2fb8fc8c8874a0e4671cc295a049acf675f)
 +
 +1345.	[build]		fdupont
 +	Added support of boost 1.66.0 ASIO.
 +	(Github #60/Trac #5496, git bc2947de4296bd99b74e50e65f272c7ad5312429)
 +
 +1344.	[func]		marcin
 +	Implemented lease4-get-all command in lease_cmds hooks library.
 +	(Trac #5468, git a378ec28489e98df64830d1f26c3bebd20e256b2)
 +
 +1343.	[func]		marcin
 +	Implemented "force-create" parameter for lease4-update and
 +	lease6-update commands.
 +	(Trac #5472, git 369245e4c5308a701fd483123f2cb2fd7d3d0966)
 +
 +1342.	[func]		andrei, razvan
 +	Support for host reservations stored in Cassandra added. The core
 +	functionality was added. There are some limitations (delete,
 +	client classes, fixed DHCPv4 fields, statistics recount, etc.)
 +	These will be addressed in upcoming tickets.
 +	(github #37, git e37606fd2d0c02234a55f7445c52a12b2e7a82ec)
 +
  1343.	[func]		fdupont
  	User-context and comments are now supported in many new scopes:
  	global, shared-network, subnet, pool, host reservation, option,
diff --cc doc/guide/hooks.xml
index 50115e3106,0dbe0707ce..bc3c2da837
--- a/doc/guide/hooks.xml
+++ b/doc/guide/hooks.xml
@@@ -1,14 -1,12 +1,15 @@@
 -<?xml version="1.0" encoding="UTF-8"?>
 -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 -"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
 -<!ENTITY mdash  "&#x2018;" >
 -]>
 +<!--
 + - Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC")
 + -
 + - This Source Code Form is subject to the terms of the Mozilla Public
 + - License, v. 2.0. If a copy of the MPL was not distributed with this
 + - file, You can obtain one at http://mozilla.org/MPL/2.0/.
 +-->
 +<!-- Converted by db4-upgrade version 1.1 -->
 +<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="hooks-libraries">
+ 
 -  <chapter id="hooks-libraries">
      <title>Hooks Libraries</title>
 -    <section id="hooks-libraries-introduction">
 +    <section xml:id="hooks-libraries-introduction">
        <title>Introduction</title>
        <para>
        Although Kea offers a lot of flexibility, there may be cases where
@@@ -759,9 -763,63 +763,63 @@@ Examples
              to learn more about user contexts in Kea configuration.
            </para>
          </section>
+ 
+         <section id="forensic-log-database">
+         <title>Database backend</title>
+           <para>
+           Log entries can be inserted into a database when Kea is configured
+           with database backend support: a table named 'logs' is used with a
+           timestamp (timeuuid for Cassandra CQL) generated by the database
+           software and a text log with the same format than for files
+           without the timestamp.
+           </para>
+           <para>
+           Please refer to <xref linkend="mysql-database"/> for MySQL,
+           to <xref linkend="pgsql-database"/> for PostgreSQL or
+           to <xref linkend="cql-database"/> for Cassandra CQL.
+           Scripts are in
+           <filename><replaceable>path-to-kea</replaceable>/share/kea/legal_log/scripts</filename> directory, for instance the PostgreSQL create schema
+           command is:
+ <screen>
+ $ <userinput>psql -d <replaceable>database-name</replaceable> -U <replaceable>user-name</replaceable> -f <replaceable>path-to-kea</replaceable>/share/kea/legal_log/scripts/pgsql/legldb_create.pgsql</userinput>
+ Password for user <replaceable>user-name</replaceable>:
+ START TRANSACTION
+ CREATE TABLE
+ CREATE INDEX
+ CREATE TABLE
+ INSERT 0 1
+ COMMIT
+ $
+ </screen>
+           </para>
+           <para>
+           Configuration parameters are extended by standard lease database
+           parameters as defined in <xref linkend="database-configuration4"/>.
+           The "type" parameter should be "mysql", "postgresql",  "cql" or
+           be "logfile". When it is absent or set to "logfile" files are
+           used.
+           </para>
+           <para>
+           This database feature is experimental and will be likely
+           improved, for instance to add an address / prefix index (currently
+           the only index is the timestamp). No specific tools is provided
+           to operate the database but standard tools are applicable,
+           for instance to dump the logs table from a CQL database:
+ <screen>
+ $ <userinput>echo 'SELECT dateOf(timeuuid), log FROM logs;' | cqlsh -k <replaceable>database-name</replaceable></userinput>
+ 
+  system.dateof(timeuuid)         | log
+ ---------------------------------+---------------------------------------
+  2018-01-06 01:02:03.227000+0000 | Address: 192.2.1.100 has been renewed ...
+  ...
+ (12 rows)
+ $
+ </screen>
+           </para>
+         </section>
        </section>
  
 -      <section id="flex-id">
 +      <section xml:id="flex-id">
          <title>flex_id: Flexible Identifiers for Host Reservations</title>
          <para>
            This section describes a hook application dedicated to generate
diff --cc src/lib/dhcpsrv/cql_connection.cc
index 0e88de7824,ac470d9e9e..3b18f02a5b
--- a/src/lib/dhcpsrv/cql_connection.cc
+++ b/src/lib/dhcpsrv/cql_connection.cc
@@@ -20,10 -20,8 +20,10 @@@
  #include <dhcpsrv/cql_connection.h>
  #include <dhcpsrv/cql_exchange.h>
  #include <dhcpsrv/db_exceptions.h>
- #include <dhcpsrv/dhcpsrv_log.h>
+ #include <dhcpsrv/db_log.h>
  
 +#include <string>
 +
  namespace isc {
  namespace dhcp {
  
diff --cc src/lib/dhcpsrv/database_connection.cc
index bd48009ebd,701c695711..3475c3f3d4
--- a/src/lib/dhcpsrv/database_connection.cc
+++ b/src/lib/dhcpsrv/database_connection.cc
@@@ -4,11 -4,9 +4,11 @@@
  // License, v. 2.0. If a copy of the MPL was not distributed with this
  // file, You can obtain one at http://mozilla.org/MPL/2.0/.
  
 +#include <config.h>
 +
  #include <dhcpsrv/database_connection.h>
  #include <dhcpsrv/db_exceptions.h>
- #include <dhcpsrv/dhcpsrv_log.h>
+ #include <dhcpsrv/db_log.h>
  #include <exceptions/exceptions.h>
  
  #include <boost/algorithm/string.hpp>
diff --cc src/lib/dhcpsrv/mysql_connection.cc
index fdb6859359,8ec91b0db9..a4de082a5f
--- a/src/lib/dhcpsrv/mysql_connection.cc
+++ b/src/lib/dhcpsrv/mysql_connection.cc
@@@ -5,9 -5,7 +5,9 @@@
  // file, You can obtain one at http://mozilla.org/MPL/2.0/.
  
  
 +#include <config.h>
 +
- #include <dhcpsrv/dhcpsrv_log.h>
+ #include <dhcpsrv/db_log.h>
  #include <dhcpsrv/mysql_connection.h>
  #include <exceptions/exceptions.h>