Merge remote-tracking branch 'origin/topic/jsiwek/krb-optional-fields'

* origin/topic/jsiwek/krb-optional-fields:
  Add missing &optional attr to KRB record fields
This commit is contained in:
Johanna Amann 2019-05-20 09:07:58 -07:00
commit 0080c5ea09
5 changed files with 38 additions and 20 deletions

View file

@ -1,4 +1,9 @@
2.6-311 | 2019-05-20 09:07:58 -0700
* Add missing &optional attr to KRB record fields; also add existence
checks to scripts (Jon Siwek, Corelight).
2.6-308 | 2019-05-17 14:13:46 -0700 2.6-308 | 2019-05-17 14:13:46 -0700
* Always emit scripting errors to stderr during zeek_init (Jon Siwek, Corelight) * Always emit scripting errors to stderr during zeek_init (Jon Siwek, Corelight)

View file

@ -1 +1 @@
2.6-308 2.6-311

2
doc

@ -1 +1 @@
Subproject commit 1bcdfdc408810bdb6e980925bb9baf9083ae4cd9 Subproject commit b5720567293c652233287a17cf781f6195073159

View file

@ -4483,13 +4483,13 @@ export {
## The data from the ERROR_MSG message. See :rfc:`4120`. ## The data from the ERROR_MSG message. See :rfc:`4120`.
type KRB::Error_Msg: record { type KRB::Error_Msg: record {
## Protocol version number (5 for KRB5) ## Protocol version number (5 for KRB5)
pvno : count; pvno : count &optional;
## The message type (30 for ERROR_MSG) ## The message type (30 for ERROR_MSG)
msg_type : count; msg_type : count &optional;
## Current time on the client ## Current time on the client
client_time : time &optional; client_time : time &optional;
## Current time on the server ## Current time on the server
server_time : time; server_time : time &optional;
## The specific error code ## The specific error code
error_code : count; error_code : count;
## Realm of the ticket ## Realm of the ticket
@ -4497,9 +4497,9 @@ export {
## Name on the ticket ## Name on the ticket
client_name : string &optional; client_name : string &optional;
## Realm of the service ## Realm of the service
service_realm : string; service_realm : string &optional;
## Name of the service ## Name of the service
service_name : string; service_name : string &optional;
## Additional text to explain the error ## Additional text to explain the error
error_text : string &optional; error_text : string &optional;
## Optional pre-authentication data ## Optional pre-authentication data
@ -4533,25 +4533,25 @@ export {
## Optional pre-authentication data ## Optional pre-authentication data
pa_data : vector of KRB::Type_Value &optional; pa_data : vector of KRB::Type_Value &optional;
## Options specified in the request ## Options specified in the request
kdc_options : KRB::KDC_Options; kdc_options : KRB::KDC_Options &optional;
## Name on the ticket ## Name on the ticket
client_name : string &optional; client_name : string &optional;
## Realm of the service ## Realm of the service
service_realm : string; service_realm : string &optional;
## Name of the service ## Name of the service
service_name : string &optional; service_name : string &optional;
## Time the ticket is good from ## Time the ticket is good from
from : time &optional; from : time &optional;
## Time the ticket is good till ## Time the ticket is good till
till : time; till : time &optional;
## The requested renew-till time ## The requested renew-till time
rtime : time &optional; rtime : time &optional;
## A random nonce generated by the client ## A random nonce generated by the client
nonce : count; nonce : count &optional;
## The desired encryption algorithms, in order of preference ## The desired encryption algorithms, in order of preference
encryption_types : vector of count; encryption_types : vector of count &optional;
## Any additional addresses the ticket should be valid for ## Any additional addresses the ticket should be valid for
host_addrs : vector of KRB::Host_Address &optional; host_addrs : vector of KRB::Host_Address &optional;
## Additional tickets may be included for certain transactions ## Additional tickets may be included for certain transactions

View file

@ -118,7 +118,9 @@ event krb_error(c: connection, msg: Error_Msg) &priority=5
c$krb$client = fmt("%s%s", msg?$client_name ? msg$client_name + "/" : "", c$krb$client = fmt("%s%s", msg?$client_name ? msg$client_name + "/" : "",
msg?$client_realm ? msg$client_realm : ""); msg?$client_realm ? msg$client_realm : "");
c$krb$service = msg$service_name; if ( msg?$service_name )
c$krb$service = msg$service_name;
c$krb$success = F; c$krb$success = F;
c$krb$error_code = msg$error_code; c$krb$error_code = msg$error_code;
@ -139,16 +141,23 @@ event krb_as_request(c: connection, msg: KDC_Request) &priority=5
return; return;
c$krb$request_type = "AS"; c$krb$request_type = "AS";
c$krb$client = fmt("%s/%s", msg?$client_name ? msg$client_name : "", msg$service_realm);
c$krb$client = fmt("%s/%s", msg?$client_name ? msg$client_name : "",
msg?$service_realm ? msg$service_realm : "");
if ( msg?$service_name ) if ( msg?$service_name )
c$krb$service = msg$service_name; c$krb$service = msg$service_name;
if ( msg?$from ) if ( msg?$from )
c$krb$from = msg$from; c$krb$from = msg$from;
c$krb$till = msg$till; if ( msg?$till )
c$krb$till = msg$till;
c$krb$forwardable = msg$kdc_options$forwardable; if ( msg?$kdc_options )
c$krb$renewable = msg$kdc_options$renewable; {
c$krb$forwardable = msg$kdc_options$forwardable;
c$krb$renewable = msg$kdc_options$renewable;
}
} }
event krb_as_response(c: connection, msg: KDC_Response) &priority=5 event krb_as_response(c: connection, msg: KDC_Response) &priority=5
@ -188,10 +197,14 @@ event krb_tgs_request(c: connection, msg: KDC_Request) &priority=5
c$krb$service = msg$service_name; c$krb$service = msg$service_name;
if ( msg?$from ) if ( msg?$from )
c$krb$from = msg$from; c$krb$from = msg$from;
c$krb$till = msg$till; if ( msg?$till )
c$krb$till = msg$till;
c$krb$forwardable = msg$kdc_options$forwardable; if ( msg?$kdc_options )
c$krb$renewable = msg$kdc_options$renewable; {
c$krb$forwardable = msg$kdc_options$forwardable;
c$krb$renewable = msg$kdc_options$renewable;
}
} }
event krb_tgs_response(c: connection, msg: KDC_Response) &priority=5 event krb_tgs_response(c: connection, msg: KDC_Response) &priority=5