diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index 228128b486..52e0ffe877 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -4483,13 +4483,13 @@ export { ## The data from the ERROR_MSG message. See :rfc:`4120`. type KRB::Error_Msg: record { ## Protocol version number (5 for KRB5) - pvno : count; + pvno : count &optional; ## The message type (30 for ERROR_MSG) - msg_type : count; + msg_type : count &optional; ## Current time on the client client_time : time &optional; ## Current time on the server - server_time : time; + server_time : time &optional; ## The specific error code error_code : count; ## Realm of the ticket @@ -4497,9 +4497,9 @@ export { ## Name on the ticket client_name : string &optional; ## Realm of the service - service_realm : string; + service_realm : string &optional; ## Name of the service - service_name : string; + service_name : string &optional; ## Additional text to explain the error error_text : string &optional; ## Optional pre-authentication data @@ -4533,25 +4533,25 @@ export { ## Optional pre-authentication data pa_data : vector of KRB::Type_Value &optional; ## Options specified in the request - kdc_options : KRB::KDC_Options; + kdc_options : KRB::KDC_Options &optional; ## Name on the ticket client_name : string &optional; ## Realm of the service - service_realm : string; + service_realm : string &optional; ## Name of the service service_name : string &optional; ## Time the ticket is good from from : time &optional; ## Time the ticket is good till - till : time; + till : time &optional; ## The requested renew-till time rtime : time &optional; ## A random nonce generated by the client - nonce : count; + nonce : count &optional; ## The desired encryption algorithms, in order of preference - encryption_types : vector of count; + encryption_types : vector of count &optional; ## Any additional addresses the ticket should be valid for host_addrs : vector of KRB::Host_Address &optional; ## Additional tickets may be included for certain transactions diff --git a/scripts/base/protocols/krb/main.zeek b/scripts/base/protocols/krb/main.zeek index 72103104d5..cdcdf48f58 100644 --- a/scripts/base/protocols/krb/main.zeek +++ b/scripts/base/protocols/krb/main.zeek @@ -118,7 +118,9 @@ event krb_error(c: connection, msg: Error_Msg) &priority=5 c$krb$client = fmt("%s%s", msg?$client_name ? msg$client_name + "/" : "", msg?$client_realm ? msg$client_realm : ""); - c$krb$service = msg$service_name; + if ( msg?$service_name ) + c$krb$service = msg$service_name; + c$krb$success = F; c$krb$error_code = msg$error_code; @@ -139,16 +141,23 @@ event krb_as_request(c: connection, msg: KDC_Request) &priority=5 return; c$krb$request_type = "AS"; - c$krb$client = fmt("%s/%s", msg?$client_name ? msg$client_name : "", msg$service_realm); + + c$krb$client = fmt("%s/%s", msg?$client_name ? msg$client_name : "", + msg?$service_realm ? msg$service_realm : ""); + if ( msg?$service_name ) c$krb$service = msg$service_name; if ( msg?$from ) c$krb$from = msg$from; - c$krb$till = msg$till; + if ( msg?$till ) + c$krb$till = msg$till; - c$krb$forwardable = msg$kdc_options$forwardable; - c$krb$renewable = msg$kdc_options$renewable; + if ( msg?$kdc_options ) + { + c$krb$forwardable = msg$kdc_options$forwardable; + c$krb$renewable = msg$kdc_options$renewable; + } } event krb_as_response(c: connection, msg: KDC_Response) &priority=5 @@ -188,10 +197,14 @@ event krb_tgs_request(c: connection, msg: KDC_Request) &priority=5 c$krb$service = msg$service_name; if ( msg?$from ) c$krb$from = msg$from; - c$krb$till = msg$till; + if ( msg?$till ) + c$krb$till = msg$till; - c$krb$forwardable = msg$kdc_options$forwardable; - c$krb$renewable = msg$kdc_options$renewable; + if ( msg?$kdc_options ) + { + c$krb$forwardable = msg$kdc_options$forwardable; + c$krb$renewable = msg$kdc_options$renewable; + } } event krb_tgs_response(c: connection, msg: KDC_Response) &priority=5