From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Tue, 20 Oct 2015 13:08:31 +0000 (+0200)
Subject: log-tls: add notBefore and notAfter fields to extended output
X-Git-Tag: suricata-3.2beta1~285
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ee2494906528e29ebbc4afc9fd4f23b155c92ba4;p=thirdparty%2Fsuricata.git

log-tls: add notBefore and notAfter fields to extended output

Add notBefore and NotAfter fields from TLS certificate to extended tls
log output.
---

diff --git a/src/log-tlslog.c b/src/log-tlslog.c
index ff7935ae5d..113a2ccd3b 100644
--- a/src/log-tlslog.c
+++ b/src/log-tlslog.c
@@ -110,6 +110,22 @@ static void LogTlsLogExtended(LogTlsLogThread *aft, SSLState * state)
                                  state->server_connp.version);
             break;
     }
+    if (state->server_connp.cert0_not_before != 0) {
+        char timebuf[64];
+        struct timeval tv;
+        tv.tv_sec = state->server_connp.cert0_not_before;
+        tv.tv_usec = 0;
+        CreateUtcIsoTimeString(&tv, timebuf, sizeof(timebuf));
+        MemBufferWriteString(aft->buffer, " NOTBEFORE='%s'", timebuf);
+    }
+    if (state->server_connp.cert0_not_after != 0) {
+        char timebuf[64];
+        struct timeval tv;
+        tv.tv_sec = state->server_connp.cert0_not_after;
+        tv.tv_usec = 0;
+        CreateUtcIsoTimeString(&tv, timebuf, sizeof(timebuf));
+        MemBufferWriteString(aft->buffer, " NOTAFTER='%s'", timebuf);
+    }
     MemBufferWriteString(aft->buffer, "\n");
 }