From 3d2ec29d04a86c0f41c06e39de3286646345798f Mon Sep 17 00:00:00 2001
From: Justin Oursler <justin.oursler@gmail.com>
Date: Wed, 11 Oct 2017 14:18:58 -0400
Subject: [PATCH] removed check on kerberos request or response type.  allow
 the kerberos analyzer to handle what it can, gssapi shouldn't check this

---
 src/analyzer/protocol/gssapi/gssapi-analyzer.pac | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
index e30756197d..28516bd9a3 100644
--- a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
+++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac
@@ -74,10 +74,8 @@ refine connection GSSAPI_Conn += {
                     if ( ! krb5 )
                         krb5 = analyzer_mgr->InstantiateAnalyzer("KRB", bro_analyzer()->Conn());
 
-                    if ( krb5 && (
-                         memcmp("\x01\x00", p, 2) == 0 ||  // KRB5 AP REQ
-                         memcmp("\x02\x00", p, 2) == 0 )   // KRB5 AP REP
-                          )
+                    if ( krb5 ) // accepting all KRB types (REQ, REP, etc)
+                          
                         {
                         krb5->DeliverPacket(len_to_send-2,
                                             p+2,