output/krb5: have krb5 properties in alerts

Ticket: OISF#5977

rust/src/krb/log.rs

@@ -18,7 +18,7 @@
 // written by Pierre Chifflier  <chifflier@wzdftpd.net>
 
 use crate::jsonbuilder::{JsonBuilder, JsonError};
-use crate::krb::krb5::{KRB5State,KRB5Transaction,test_weak_encryption};
+use crate::krb::krb5::{KRB5Transaction,test_weak_encryption};
 
 fn krb5_log_response(jsb: &mut JsonBuilder, tx: &mut KRB5Transaction) -> Result<(), JsonError>
 {
@@ -68,7 +68,7 @@ fn krb5_log_response(jsb: &mut JsonBuilder, tx: &mut KRB5Transaction) -> Result<
 }
 
 #[no_mangle]
-pub extern "C" fn rs_krb5_log_json_response(jsb: &mut JsonBuilder, _state: &mut KRB5State, tx: &mut KRB5Transaction) -> bool
+pub extern "C" fn rs_krb5_log_json_response(tx: &mut KRB5Transaction, jsb: &mut JsonBuilder) -> bool
 {
     krb5_log_response(jsb, tx).is_ok()
 }

src/output-json-krb5.c

@@ -60,7 +60,7 @@ static int JsonKRB5Logger(ThreadVars *tv, void *thread_data,
     }
 
     jb_open_object(jb, "krb5");
-    if (!rs_krb5_log_json_response(jb, state, krb5tx)) {
+    if (!rs_krb5_log_json_response(krb5tx, jb)) {
         goto error;
     }
     jb_close(jb);

src/output.c

@@ -1147,8 +1147,8 @@ static AppLayerLogger alert_applayer_loggers[ALPROTO_MAX] = {
     { ALPROTO_NTP, NULL, NULL },     // no logging
     { ALPROTO_FTPDATA, NULL, NULL }, // TODO state
     { ALPROTO_TFTP, "tftp", (bool (*)(void *tx, struct JsonBuilder *jb))rs_tftp_log_json_request },
-    { ALPROTO_IKE, NULL, NULL },  // TODO state + option
-    { ALPROTO_KRB5, NULL, NULL }, // TODO state
+    { ALPROTO_IKE, NULL, NULL }, // TODO state + option
+    { ALPROTO_KRB5, "krb5", (bool (*)(void *tx, struct JsonBuilder *jb))rs_krb5_log_json_response },
     { ALPROTO_QUIC, "quic", rs_quic_to_json },
     { ALPROTO_DHCP, NULL, NULL }, // TODO logger with option
     { ALPROTO_SNMP, "snmp", (bool (*)(void *tx, struct JsonBuilder *jb))rs_snmp_log_json_response },