From cbe48258f66cefaba1f9f9100b0a5cf6f5c49d1f Mon Sep 17 00:00:00 2001
From: Justin Azoff <justin.azoff@gmail.com>
Date: Tue, 10 Dec 2013 11:27:19 -0500
Subject: [PATCH] fix the caching of recently validated certs

The recently_validated_certs table was being checked for entries, but
missing hashes were not being added to it after validation.
---
 scripts/policy/protocols/ssl/validate-certs.bro | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/policy/protocols/ssl/validate-certs.bro b/scripts/policy/protocols/ssl/validate-certs.bro
index b34ec5a09a..886c28b6ac 100644
--- a/scripts/policy/protocols/ssl/validate-certs.bro
+++ b/scripts/policy/protocols/ssl/validate-certs.bro
@@ -40,6 +40,7 @@ event ssl_established(c: connection) &priority=3
 		{
 		local result = x509_verify(c$ssl$cert, c$ssl$cert_chain, root_certs);
 		c$ssl$validation_status = x509_err2str(result);
+		recently_validated_certs[c$ssl$cert_hash] = c$ssl$validation_status;
 		}
 		
 	if ( c$ssl$validation_status != "ok" )