From ee2494906528e29ebbc4afc9fd4f23b155c92ba4 Mon Sep 17 00:00:00 2001
From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Tue, 20 Oct 2015 15:08:31 +0200
Subject: [PATCH] log-tls: add notBefore and notAfter fields to extended output

Add notBefore and NotAfter fields from TLS certificate to extended tls
log output.
---
 src/log-tlslog.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/log-tlslog.c b/src/log-tlslog.c
index ff7935ae5d..113a2ccd3b 100644
--- a/src/log-tlslog.c
+++ b/src/log-tlslog.c
@@ -110,6 +110,22 @@ static void LogTlsLogExtended(LogTlsLogThread *aft, SSLState * state)
                                  state->server_connp.version);
             break;
     }
+    if (state->server_connp.cert0_not_before != 0) {
+        char timebuf[64];
+        struct timeval tv;
+        tv.tv_sec = state->server_connp.cert0_not_before;
+        tv.tv_usec = 0;
+        CreateUtcIsoTimeString(&tv, timebuf, sizeof(timebuf));
+        MemBufferWriteString(aft->buffer, " NOTBEFORE='%s'", timebuf);
+    }
+    if (state->server_connp.cert0_not_after != 0) {
+        char timebuf[64];
+        struct timeval tv;
+        tv.tv_sec = state->server_connp.cert0_not_after;
+        tv.tv_usec = 0;
+        CreateUtcIsoTimeString(&tv, timebuf, sizeof(timebuf));
+        MemBufferWriteString(aft->buffer, " NOTAFTER='%s'", timebuf);
+    }
     MemBufferWriteString(aft->buffer, "\n");
 }
 
-- 
2.47.2