mpurzynski/add_hash_to_ssl_log.bro

## add_hash_to_ssl_log.bro
@load base/protocols/ssl
module SSL;

redef record Info += {
    server_cert_md5:    string &log &optional;
    client_cert_md5:    string &log &optional;
    server_cert_sha1:    string &log &optional;
    client_cert_sha1:    string &log &optional;
};

event ssl_established(c: connection) &priority=50
{
    if (c$ssl$cert_chain[0]?$md5)
        c$ssl$server_cert_md5 = c$ssl$cert_chain[0]$md5;
    if (c$ssl$client_cert_chain[0]?$md5)
        c$ssl$client_cert_md5 = c$ssl$client_cert_chain[0]$md5;
    if (c$ssl$cert_chain[0]?$sha1)
        c$ssl$server_cert_sha1 = c$ssl$cert_chain[0]$sha1;
    if (c$ssl$client_cert_chain[0]?$sha1)
        c$ssl$client_cert_sha1 = c$ssl$client_cert_chain[0]$sha1;
}
	@load base/protocols/ssl
	module SSL;

	redef record Info += {
	server_cert_md5: string &log &optional;
	client_cert_md5: string &log &optional;
	server_cert_sha1: string &log &optional;
	client_cert_sha1: string &log &optional;
	};

	event ssl_established(c: connection) &priority=50
	{
	if (c$ssl$cert_chain[0]?$md5)
	c$ssl$server_cert_md5 = c$ssl$cert_chain[0]$md5;
	if (c$ssl$client_cert_chain[0]?$md5)
	c$ssl$client_cert_md5 = c$ssl$client_cert_chain[0]$md5;
	if (c$ssl$cert_chain[0]?$sha1)
	c$ssl$server_cert_sha1 = c$ssl$cert_chain[0]$sha1;
	if (c$ssl$client_cert_chain[0]?$sha1)
	c$ssl$client_cert_sha1 = c$ssl$client_cert_chain[0]$sha1;
	}