From: Jason Ish <jason.ish@oisf.net>
Date: Fri, 27 Jan 2023 04:57:50 +0000 (-0600)
Subject: test: test logging TLS dates less than 1970
X-Git-Tag: suricata-6.0.10~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa865224c8ed9f7bde76c76ff46a62eb9cb38223;p=thirdparty%2Fsuricata-verify.git

test: test logging TLS dates less than 1970

Issue: 5817
---

diff --git a/tests/tls-pre-1970/README.md b/tests/tls-pre-1970/README.md
new file mode 100644
index 000000000..3587b7d46
--- /dev/null
+++ b/tests/tls-pre-1970/README.md
@@ -0,0 +1,7 @@
+## PCAP
+
+PCAP provided by Victor Julien.
+
+## Related Ticket
+
+https://redmine.openinfosecfoundation.org/issues/5817
diff --git a/tests/tls-pre-1970/input.pcap b/tests/tls-pre-1970/input.pcap
new file mode 100644
index 000000000..b95c8c68a
Binary files /dev/null and b/tests/tls-pre-1970/input.pcap differ
diff --git a/tests/tls-pre-1970/test.yaml b/tests/tls-pre-1970/test.yaml
new file mode 100644
index 000000000..b1efb7c43
--- /dev/null
+++ b/tests/tls-pre-1970/test.yaml
@@ -0,0 +1,27 @@
+requires:
+   min-version: 7
+
+args:
+- -k none
+
+checks:
+- filter:
+    count: 1
+    match:
+      dest_ip: 18.138.183.195
+      dest_port: 443
+      event_type: tls
+      pcap_cnt: 7
+      pkt_src: wire/pcap
+      proto: TCP
+      src_ip: 192.168.0.43
+      src_port: 46135
+      tls.fingerprint: 71:cd:fe:08:7f:3d:2a:18:32:69:38:fa:bd:64:7b:c6:cf:cc:44:8e
+      tls.issuerdn: C=KR, ST=Kyunggido, L=Suwon, O=Samsung Electronics, OU=SW2 SISC,
+        CN=ROOT CA SISC FKP2_PLUS
+      tls.notafter: '2038-12-31T00:10:03'
+      tls.notbefore: '1969-12-31T00:00:00'
+      tls.serial: '32'
+      tls.sni: fkp.samsungcloudsolution.com
+      tls.subject: OU=vd, CN=fkp.samsungcloudsolution.com
+      tls.version: TLSv1