The jsonwalker.py test was failing due to the audit plugin only
logging the IP for IPv4. The audit plugin should log the IP address
for both IPv4 and IPv6. Rename the JSON "ipv4" field in the
"fromaddr" JSON object to "ip" and set the field if either an IPv4 or
an IPv6 address is present. Any parsers of the audit log can tell
which address is stored in the "ip" field by checking the "type" field
in "fromaddr". Also update the jsonwalker.py reference JSON file,
au_dict.json, to handle this new field name.
old audit:
{"fromaddr":{"type":<int>,"length":<int>,"ipv4":[<4 int>]}
where "ipv4" only occurs when type is ADDRTYPE_INET
new audit:
{"fromaddr":{"type":<int>,"length":<int>,"ip":[<<length> int>]}
where "ip" only occurs when type is ADDRTYPE_INET or ADDRTYPE_INET6
[tlyu@mit.edu: minor commit message edits]
ticket: 8298
#define AU_FROMPORT "fromport"
#define AU_FROMADDR "fromaddr"
#define AU_TYPE "type" /* used by fromaddr */
-#define AU_IPV4 "ipv4" /* used by fromaddr */
+#define AU_IP "ip" /* used by fromaddr */
#define AU_SESS_ETYPE "sess_etype"
#define AU_SRV_ETYPE "srv_etype"
#define AU_REP_ETYPE "rep_etype"
if (ret)
goto error;
- if (a->addrtype == ADDRTYPE_INET) {
+ if (a->addrtype == ADDRTYPE_INET || a->addrtype == ADDRTYPE_INET6) {
ret = k5_json_array_create(&arr);
if (ret)
goto error;
if (ret)
goto error;
}
- ret = k5_json_object_set(obj, AU_IPV4, arr);
+ ret = k5_json_object_set(obj, AU_IP, arr);
if (ret)
goto error;
}
"fromaddr":{
"type":0,
"length":0,
- "ipv4":[]},
+ "ip":[]},
"kdc_status":"",
"rep_etype":0,
"rep.ticket":{
projects / thirdparty / krb5.git / commitdiff
