Use SHA1 for KRB ticket hashing

scripts/policy/protocols/krb/ticket-logging.zeek

@@ -17,17 +17,17 @@ event krb_ap_request(c: connection, ticket: KRB::Ticket, opts: KRB::AP_Options)
 	c$krb$request_type = "AP";
 
 	if ( ticket?$ciphertext )
-		c$krb$auth_ticket = md5_hash(ticket$ciphertext);
+		c$krb$auth_ticket = sha1_hash(ticket$ciphertext);
 	}
 
 event krb_as_response(c: connection, msg: KDC_Response)
 	{
 	if ( msg$ticket?$ciphertext )
-		c$krb$new_ticket = md5_hash(msg$ticket$ciphertext);
+		c$krb$new_ticket = sha1_hash(msg$ticket$ciphertext);
 	}
 
 event krb_tgs_response(c: connection, msg: KDC_Response)
 	{
 	if ( msg$ticket?$ciphertext )
-		c$krb$new_ticket = md5_hash(msg$ticket$ciphertext);
+		c$krb$new_ticket = sha1_hash(msg$ticket$ciphertext);
 	}

testing/btest/Baseline/scripts.policy.protocols.krb.ticket-logging/kerberos.log

@@ -7,5 +7,5 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	request_type	client	service	success	error_msg	from	till	cipher	forwardable	renewable	client_cert_subject	client_cert_fuid	server_cert_subject	server_cert_fuid	auth_ticket	new_ticket
 #types	time	string	addr	port	addr	port	string	string	string	bool	string	time	time	string	bool	bool	string	string	string	string	string	string
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.31	64889	192.168.1.32	88	TGS	vladg/VLADG.NET	krbtgt/VLADG.NET	T	-	-	0.000000	aes256-cts-hmac-sha1-96	T	F	-	-	-	-	a09fbd89918320cc12a26d4f0c4e6aa2	396a9d9e8975cc5024a83c6e86101f06
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.31	64889	192.168.1.32	88	TGS	vladg/VLADG.NET	krbtgt/VLADG.NET	T	-	-	0.000000	aes256-cts-hmac-sha1-96	T	F	-	-	-	-	a10ca75fba603b27b771c6e8c6b18b8e0c194819	54019758533d3b8421cd3ca39153a8653be33617
 #close XXXX-XX-XX-XX-XX-XX