From 836d71463848995ad0d64194c26b866e952ef262 Mon Sep 17 00:00:00 2001 From: Harry Anderson <14777088+harry-anderson@users.noreply.github.com> Date: Tue, 4 Jun 2024 11:37:49 +1000 Subject: [PATCH 1/4] Add serial member to CertificateIssued log struct --- rustica/src/logging/mod.rs | 2 ++ rustica/src/server.rs | 1 + 2 files changed, 3 insertions(+) diff --git a/rustica/src/logging/mod.rs b/rustica/src/logging/mod.rs index 7bd05b3e..91c9c43c 100644 --- a/rustica/src/logging/mod.rs +++ b/rustica/src/logging/mod.rs @@ -41,6 +41,8 @@ pub struct CertificateIssued { pub fingerprint: String, /// The fingerprint of the signing certificate pub signed_by: String, + /// The serial number of the signing certificate + pub serial: u64, /// The configured authority name for the signer pub authority: String, /// Certificate type, either User or Host diff --git a/rustica/src/server.rs b/rustica/src/server.rs index 84677ab1..c323843b 100644 --- a/rustica/src/server.rs +++ b/rustica/src/server.rs @@ -571,6 +571,7 @@ impl Rustica for RusticaServer { fingerprint, signed_by: ca_cert.fingerprint().hash, authority: authority.to_string(), + serial: authorization.serial, certificate_type: req_cert_type.to_string(), mtls_identities, principals: authorization.principals, From b14bb9a8f90171c120ec90aef33c7c92322dae9f Mon Sep 17 00:00:00 2001 From: Harry Anderson <14777088+harry-anderson@users.noreply.github.com> Date: Thu, 6 Jun 2024 14:55:36 +1000 Subject: [PATCH 2/4] Add cert serial number to cert issued log line --- rustica/src/logging/stdout.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/rustica/src/logging/stdout.rs b/rustica/src/logging/stdout.rs index 4ba81ac7..7e545543 100644 --- a/rustica/src/logging/stdout.rs +++ b/rustica/src/logging/stdout.rs @@ -18,7 +18,7 @@ impl RusticaLogger for StdoutLogger { match &log.log { Log::CertificateIssued(ci) => { info!( - "[{}] Certificate issued for: [{}] Authority: [{}] Identified by: [{}] Principals granted: [{}] Extensions: [{:?}] CriticalOptions: [{:?}] Valid After: [{}] Valid Before: [{}]", + "[{}] Certificate issued for: [{}] Authority: [{}] Identified by: [{}] Principals granted: [{}] Extensions: [{:?}] CriticalOptions: [{:?}] Valid After: [{}] Valid Before: [{}] Serial Number: [{}]", ci.certificate_type, ci.fingerprint, ci.authority, @@ -28,6 +28,7 @@ impl RusticaLogger for StdoutLogger { ci.critical_options, ci.valid_after, ci.valid_before, + ci.serial, ) } Log::KeyRegistered(kr) => info!("Key registered: [{}] Identified by: [{}]", kr.fingerprint, kr.mtls_identities.join(", ")), From 0c31c6d0afdb31bb671106ab4b17c0afc583a8cc Mon Sep 17 00:00:00 2001 From: Harry Anderson <14777088+harry-anderson@users.noreply.github.com> Date: Thu, 6 Jun 2024 15:19:34 +1000 Subject: [PATCH 3/4] Update struct member description --- rustica/src/logging/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rustica/src/logging/mod.rs b/rustica/src/logging/mod.rs index 91c9c43c..c59eb6bd 100644 --- a/rustica/src/logging/mod.rs +++ b/rustica/src/logging/mod.rs @@ -41,7 +41,7 @@ pub struct CertificateIssued { pub fingerprint: String, /// The fingerprint of the signing certificate pub signed_by: String, - /// The serial number of the signing certificate + /// The serial number of the signed certificate pub serial: u64, /// The configured authority name for the signer pub authority: String, From d83aae5b3746de52792f68146de3cff4bc3ab0fb Mon Sep 17 00:00:00 2001 From: Harry Anderson <14777088+harry-anderson@users.noreply.github.com> Date: Thu, 6 Jun 2024 15:30:26 +1000 Subject: [PATCH 4/4] Add Serial tag to influx logger --- rustica/src/logging/influx.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/rustica/src/logging/influx.rs b/rustica/src/logging/influx.rs index c4649e75..3997b5dd 100644 --- a/rustica/src/logging/influx.rs +++ b/rustica/src/logging/influx.rs @@ -54,6 +54,7 @@ impl RusticaLogger for InfluxLogger { .into_query(&self.dataset) .add_tag("fingerprint", ci.fingerprint.clone()) .add_tag("mtls_identities", ci.mtls_identities.join(",")) + .add_tag("serial", ci.serial) .add_field("principals", ci.principals.join(",")); let client = self.client.clone();