mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
Kerberos: A couple small tweaks.
This commit is contained in:
Vlad Grigorescu
parent
dfc42ffe8a
commit
9f19c74a10
3 changed files with 37 additions and 14 deletions
|
|
@ -14,16 +14,29 @@ export {
|
|||
uid: string &log;
|
||||
## The connection's 4-tuple of endpoint addresses/ports.
|
||||
id: conn_id &log;
|
||||
|
||||
## Request type - Authentication Service ("AS") or
|
||||
## Ticket Granting Service ("TGS")
|
||||
request_type: string &log &optional;
|
||||
## Client
|
||||
client: string &log &optional;
|
||||
## Service
|
||||
service: string &log;
|
||||
|
||||
## Request result
|
||||
success: bool &log &optional;
|
||||
## Error code
|
||||
error_code: count &optional;
|
||||
## Error message
|
||||
error_msg: string &log &optional;
|
||||
|
||||
## Ticket valid from
|
||||
from: time &log &optional;
|
||||
## Ticket valid till
|
||||
till: time &log &optional;
|
||||
## Ticket encryption type
|
||||
cipher: string &log &optional;
|
||||
|
||||
## Forwardable ticket requested
|
||||
forwardable: bool &log &optional;
|
||||
## Proxiable ticket requested
|
||||
|
|
@ -32,6 +45,7 @@ export {
|
|||
postdated: bool &log &optional;
|
||||
## Renewable ticket requested
|
||||
renewable: bool &log &optional;
|
||||
|
||||
## The request is for a renewal
|
||||
renew_request: bool &log &optional;
|
||||
# The request is to validate a postdated ticket
|
||||
|
|
@ -41,12 +55,6 @@ export {
|
|||
# NetBIOS addresses supplied by the client
|
||||
netbios_addrs: vector of string &log &optional;
|
||||
|
||||
## Request result
|
||||
success: bool &log &optional;
|
||||
## Error code
|
||||
error_code: count &log &optional;
|
||||
## Error message
|
||||
error_msg: string &log &optional;
|
||||
## We've already logged this
|
||||
logged: bool &default=F;
|
||||
};
|
||||
|
|
@ -141,6 +149,7 @@ event krb_as_request(c: connection, msg: KDC_Request) &priority=5
|
|||
else
|
||||
info = c$krb;
|
||||
|
||||
info$request_type = "AS";
|
||||
info$client = fmt("%s/%s", msg$client_name, msg$service_realm);
|
||||
info$service = msg$service_name;
|
||||
|
||||
|
|
@ -166,11 +175,15 @@ event krb_as_request(c: connection, msg: KDC_Request) &priority=5
|
|||
}
|
||||
|
||||
info$till = msg$till;
|
||||
|
||||
info$forwardable = msg$kdc_options$forwardable;
|
||||
info$proxiable = msg$kdc_options$proxiable;
|
||||
info$postdated = msg$kdc_options$postdated;
|
||||
info$renewable = msg$kdc_options$renewable;
|
||||
|
||||
info$renew_request = msg$kdc_options$renew;
|
||||
info$validate_request = msg$kdc_options$validate;
|
||||
|
||||
c$krb = info;
|
||||
}
|
||||
|
||||
|
|
@ -183,10 +196,19 @@ event krb_tgs_request(c: connection, msg: KDC_Request) &priority=5
|
|||
info$ts = network_time();
|
||||
info$uid = c$uid;
|
||||
info$id = c$id;
|
||||
info$request_type = "TGS";
|
||||
info$service = msg$service_name;
|
||||
if ( msg?$from ) info$from = msg$from;
|
||||
info$till = msg$till;
|
||||
|
||||
info$forwardable = msg$kdc_options$forwardable;
|
||||
info$proxiable = msg$kdc_options$proxiable;
|
||||
info$postdated = msg$kdc_options$postdated;
|
||||
info$renewable = msg$kdc_options$renewable;
|
||||
|
||||
info$renew_request = msg$kdc_options$renew;
|
||||
info$validate_request = msg$kdc_options$validate;
|
||||
|
||||
c$krb = info;
|
||||
}
|
||||
|
||||
|
|
@ -211,6 +233,7 @@ event krb_as_response(c: connection, msg: KDC_Response) &priority=5
|
|||
info$client = fmt("%s/%s", msg$client_name, msg$client_realm);
|
||||
|
||||
info$service = msg$ticket$service_name;
|
||||
info$cipher = cipher_name[msg$ticket$cipher];
|
||||
info$success = T;
|
||||
|
||||
c$krb = info;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
## krb_ap_response krb_priv krb_safe krb_cred krb_error
|
||||
event krb_as_request%(c: connection, msg: KRB::KDC_Request%);
|
||||
|
||||
## A Kerberos 5 ``Authentication Server (AS) Reply`` as defined
|
||||
## A Kerberos 5 ``Authentication Server (AS) Response`` as defined
|
||||
## in :rfc:`4120`. Following the AS request for a user, an AS reply
|
||||
## contains an encrypted Ticket Granting Ticket (TGT) for that user.
|
||||
## The TGT can then be used to request further tickets for other services.
|
||||
|
|
@ -48,7 +48,7 @@ event krb_as_response%(c: connection, msg: KRB::KDC_Response%);
|
|||
## krb_ap_response krb_priv krb_safe krb_cred krb_error
|
||||
event krb_tgs_request%(c: connection, msg: KRB::KDC_Request%);
|
||||
|
||||
## A Kerberos 5 ``Ticket Granting Service (TGS) Reply`` as defined
|
||||
## A Kerberos 5 ``Ticket Granting Service (TGS) Response`` as defined
|
||||
## in :rfc:`4120`. This message returns a Service Ticket to the client,
|
||||
## which is encrypted with the service's long-term key, and which the
|
||||
## client can use to authenticate to that service.
|
||||
|
|
@ -82,7 +82,7 @@ event krb_tgs_response%(c: connection, msg: KRB::KDC_Response%);
|
|||
## krb_ap_response krb_priv krb_safe krb_cred krb_error
|
||||
event krb_ap_request%(c: connection, ticket: KRB::Ticket, opts: KRB::AP_Options%);
|
||||
|
||||
## A Kerberos 5 ``Authentication Header (AP) Reply`` as defined
|
||||
## A Kerberos 5 ``Authentication Header (AP) Response`` as defined
|
||||
## in :rfc:`4120`. This is used if mutual authentication is desired.
|
||||
## All of the interesting information in here is encrypted, so the event
|
||||
## doesn't have much useful data, but it's provided in case it's important
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ Val* GetTimeFromAsn1(StringVal* atime, int64 usecs)
|
|||
if ( !lResult )
|
||||
lResult = 0;
|
||||
|
||||
return new Val(double(lResult + (usecs/100000)), TYPE_TIME);
|
||||
return new Val(double(lResult + double(usecs/100000.0)), TYPE_TIME);
|
||||
}
|
||||
|
||||
Val* asn1_integer_to_val(const ASN1Integer* i, TypeTag t)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue