Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'krb5-ticket-tracking' of https://github.com/jrolli/bro into jrolli-krb5-ticket-tracking

Browse source
This commit is contained in:
Seth Hall 2017-02-18 11:09:51 -05:00
commit c40a89e5db
4 changed files with 56 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/base/init-bare.bro
View file

@ -3955,6 +3955,8 @@ export {
service_name : string;
## Cipher the ticket was encrypted with
cipher : count;
## Cipher text of the ticket
ciphertext : string &optional;
};
type KRB::Ticket_Vector: vector of KRB::Ticket;

13
scripts/base/protocols/krb/main.bro
View file

@ -164,9 +164,16 @@ event krb_tgs_request(c: connection, msg: KDC_Request) &priority=5
return;
local info: Info;
info$ts = network_time();
info$uid = c$uid;
info$id = c$id;
if ( !c?$krb )
{
info$ts = network_time();
info$uid = c$uid;
info$id = c$id;
}
else
info = c$krb;
info$request_type = "TGS";
info$service = msg$service_name;
if ( msg?$from ) info$from = msg$from;