Project

General

Profile

Actions

Bug #710

closed

tls - certs directory

Added by Peter Manev almost 12 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

If tls is enabled in yaml and if "certs" dir does not exist (is not created by user) -

  - tls-log:
      enabled: yes  # Log TLS connections.
      filename: tls.log # File to store TLS logs.
      extended: yes # Log extended information like fingerprint
      certs-log-dir: certs # directory to store the certificates files
      append: yes

and if tls.store rules are used - in order to store the ssl certs to disk, we have some err messages:

[2338] 12/1/2013 -- 16:48:58 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002127.666785-100.pem
[2338] 12/1/2013 -- 16:49:10 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002139.588952-101.pem

in suricata.log - that periodically get written to the suricata.log that eventually grow to a bug number.
however there is no ERR at start up time -
it will be beneficial if when

  - tls-log:
      enabled: yes

that directory to be checked if existing and be created otherwise (or an ERR logged at startup).

If the directory is manually created before starting suricata - there is no problem of course.

Actions #1

Updated by Victor Julien almost 12 years ago

  • Assignee set to OISF Dev
  • Target version set to 1.4.1
Actions #2

Updated by Victor Julien over 11 years ago

  • Target version changed from 1.4.1 to 2.0beta1
Actions #3

Updated by Victor Julien over 11 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
Actions #4

Updated by Victor Julien over 11 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

Fix pushed to master.

Actions

Also available in: Atom PDF