Suricata tls-log for analysis async-oneside

When I set stream.async-oneside=true in suricata.yaml ,it work for detecting one-direction traffic, alert log file will record the hit event, but can’t output the tls.log which can be set in suricata.yaml
tls-log config

Is it possible to change any source code make suricata can analysis unidirection flow and log output in tls.log file

env: ubuntu-20.04 suricata-5.0.3

When I set following config,it work but missing some value. ssl_version、subject_dn、issuer_dn、serialnumber are all missing only SNI is correct.

midstream = true
async-oneside = true

I have solved this question by modify following source code in suricata-5.0.4

  1. [app-layer.c] line 429~431 need to be remark、line 444~449 need to be remark
  2. [app-layer-ssl.c] line 1428 break need to be remark
  3. [output-json-tls.c] line 169~171 add tls_version function
  4. [log-tlslog.c] line 369 、line 439 add tls_version function

Can you share the changes you have made to address this issue? Ideally in a github pull request?

When I have time, I will do it.