git.samba.org / metze / heimdal / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 259c3c8)
sort
authorLove Hörnquist Åstrand <lha@kth.se>
Wed, 1 Oct 2003 16:16:58 +0000 (16:16 +0000)
committerLove Hörnquist Åstrand <lha@kth.se>
Wed, 1 Oct 2003 16:16:58 +0000 (16:16 +0000)
count principal using des

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12939 ec53bebd-3082-4978-b11e-865c3cabbd6b

tools/kdc-log-analyze.pl patch | blob | history

diff --git a/tools/kdc-log-analyze.pl b/tools/kdc-log-analyze.pl
index f8787e29ad802c7e691616bf9bfc49fc4f791f0d..e5ed41fe02c8451b12a473d35ff5c012407cc5cc 100755 (executable)
--- a/tools/kdc-log-analyze.pl
+++ b/tools/kdc-log-analyze.pl
@@ -56,6 +56,7 @@ my %as_req_addr;
 my %as_req_addr_nonlocal;
 my %as_req_client;
 my %as_req_server;
+my %client_uses_des;
 my $five24_req = 0;
 my %five24_req_addr;
 my %five24_req_addr_nonlocal;
@@ -286,6 +287,10 @@ topten(\%enctype_session);
 print "\tTop ten ticket enctypes:\n";
 topten(\%enctype_ticket);
 
+print "\tDistinct clients still uses DES: ", int(keys %client_uses_des), "\n";
+print "\tTop ten clients using DES:\n";
+topten(\%client_uses_des);
+
 print "\n";
 
 
@@ -340,12 +345,11 @@ sub process_line {
                }
        } elsif (/524-REQ (.*) from IPv[46]:([0-9\.:a-fA-F]+) for (.*)$/) {
                $five24_req++;
+               $five24_req_client{$1}++;
+               $five24_req_server{$3}++;
                $five24_req_addr{$2}++;
                $five24_req_addr_nonlocal{$2}++ if (!islocaladdr($2));
                $last_addr = $2;
-
-               $five24_req_client{$1}++;
-               $five24_req_server{$3}++;
        } elsif (/TCP data of strange type from IPv[46]:([0-9\.:a-fA-F]+)/) {
                $strange_tcp_data{$1}++;
        } elsif (/Lookup (.*) failed: No such entry in the database/) {
@@ -374,7 +378,19 @@ sub process_line {
        } elsif (/524 cross-realm (.*) -> (.*) disabled/) {
                $v4_cross++;
                $v4_cross_realm{$1."->".$2}++;
-       } elsif (/Server not found in database \(krb4\)/) {
+       } elsif (/sending ([0-9]+) bytes to IPv[46]:([0-9\.:a-fA-F]+)/) {
+               $bw_addr{$2} += $1;
+       } elsif (/Using ([-a-z0-9]+)\/([-a-z0-9]+)/) {
+               $enctype_ticket{$1}++;
+               $enctype_session{$2}++;
+
+               my $ticket = $1;
+               my $session = $2;
+
+               if ($ticket =~ /des-cbc-(crc|md4|md5)/) {
+                       $client_uses_des{$last_addr}++;
+               }
+
        } elsif (/krb_rd_req: Incorrect network address/) {
        } elsif (/krb_rd_req: Ticket expired \(krb_rd_req\)/) {
        } elsif (/krb_rd_req: Can't decode authenticator \(krb_rd_req\)/) {
@@ -395,17 +411,13 @@ sub process_line {
                # XXX
        } elsif (/Failed to verify AP-REQ: Ticket expired/) {
                # XXX 
-       } elsif (/newsyslog.*logfile turned over/) {
-               # Nothing
-       } elsif (/Using ([-a-z0-9]+)\/([-a-z0-9]+)/) {
-               $enctype_ticket{$1}++;
-               $enctype_session{$2}++;
        } elsif (/Client not found in database:/) {
-               # Nothing
+               # XXX
+       } elsif (/Server not found in database \(krb4\)/) {
        } elsif (/Server not found in database:/) {
+               # XXX
+       } elsif (/newsyslog.*logfile turned over/) {
                # Nothing
-       } elsif (/sending ([0-9]+) bytes to IPv[46]:([0-9\.:a-fA-F]+)/) {
-               $bw_addr{$2} += $1;
        } elsif (/Requested flags:/) {
                # Nothing
        } elsif (/shutting down/) {
Unnamed repository; edit this file to name it for gitweb.