From: Philippe Antoine <contact@catenacyber.fr>
Date: Tue, 12 Jul 2022 07:17:50 +0000 (+0200)
Subject: krb: bump up crate version
X-Git-Tag: suricata-7.0.0-beta1~314
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=675de334056cdd048d96bdb2dec2341dfd2d1647;p=thirdparty%2Fsuricata.git

krb: bump up crate version

kerberos parser crate is also used by other procotols : nfs and
smb. These protocols use an older der_parser crate version.
Upgrading der_parser will simplify the code further.
---

diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in
index 34dbf29593..4a4990a57d 100644
--- a/rust/Cargo.toml.in
+++ b/rust/Cargo.toml.in
@@ -42,7 +42,7 @@ aes-gcm = "~0.8.0"
 sawp-modbus = "~0.11.0"
 sawp = "~0.11.0"
 der-parser = "~4.0.2"
-kerberos-parser = "~0.5.0"
+kerberos-parser = "~0.7.1"
 ntp-parser = "~0.6.0"
 ipsec-parser = "~0.7.0"
 snmp-parser = "~0.6.0"
diff --git a/rust/src/kerberos.rs b/rust/src/kerberos.rs
index 69e04662c2..be910462b2 100644
--- a/rust/src/kerberos.rs
+++ b/rust/src/kerberos.rs
@@ -20,7 +20,7 @@ use kerberos_parser::krb5::{ApReq,Realm,PrincipalName};
 use nom;
 use nom::IResult;
 use nom::error::{ErrorKind, ParseError};
-use nom::number::streaming::le_u16;
+use nom::number::complete::le_u16;
 use der_parser;
 use der_parser::error::BerError;
 use der_parser::der::parse_der_oid;
@@ -29,6 +29,7 @@ use der_parser::der::parse_der_oid;
 pub enum SecBlobError {
     NotSpNego,
     KrbFmtError,
+    KrbReqError,
     Ber(BerError),
     NomError(ErrorKind),
 }
@@ -60,18 +61,17 @@ fn parse_kerberos5_request_do(blob: &[u8]) -> IResult<&[u8], ApReq, SecBlobError
     let blob = b.as_slice().or(
         Err(nom::Err::Error(SecBlobError::KrbFmtError))
     )?;
-    do_parse!(
-        blob,
-        _base_o: parse_der_oid >>
-        _tok_id: le_u16 >>
-        ap_req: parse_ap_req >>
-        ({
-            SCLogDebug!("parse_kerberos5_request: base_o {:?}", _base_o.as_oid());
-            SCLogDebug!("parse_kerberos5_request: tok_id {}", _tok_id);
-            ap_req
-        })
-    )
-    .map_err(nom::Err::convert)
+    let (blob, _) = parse_der_oid(blob).map_err(nom::Err::convert)?;
+    let (blob, _) = le_u16(blob)?;
+    // Should be parse_ap_req(blob).map_err(nom::Err::convert)
+    // But upgraded kerberos parser uses a newer der_parser crate
+    // Hence the enum `der_parser::error::BerError` are different
+    // and we cannot convert to SecBlobError with the From impl
+    // Next is to upgrade the der_parser crate (and nom to nom7 by the way)
+    match parse_ap_req(blob) {
+        Ok((blob, ap_req)) => Ok((blob, ap_req)),
+        _ => Err(nom::Err::Error(SecBlobError::KrbReqError)),
+    }
 }
 
 pub fn parse_kerberos5_request(blob: &[u8]) -> IResult<&[u8], Kerberos5Ticket, SecBlobError>