MINOR: ssl: Dump ciphers and sigalgs details in trace with 'advanced' verbosity

The contents of the extensions were only dumped with verbosity
'complete' which meant that the 'advanced' verbosity was pretty much
useless despite what its name implies (it was the same as the 'simple'
one).
The 'advanced' verbosity is now the "maximum" one, using 'complete'
would not add any extra information yet, but it leaves more room for
some actually large traces to be dumped later on (some complete
ClientHello dumps for instance).

diff --git a/src/ssl_clienthello.c b/src/ssl_clienthello.c
index 131c919c593b83379b2e0d8ab5ae681d57c3ce0a..2befabd73b5ce7e104dcbedf062ed1797a909cd8 100644 (file)
--- a/src/ssl_clienthello.c
+++ b/src/ssl_clienthello.c
@@ -346,7 +346,7 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
                has_rsa_sig = 1;
        }
 
-       if ((TRACE_SOURCE)->verbosity > SSL_VERB_ADVANCED) {
+       if ((TRACE_SOURCE)->verbosity >= SSL_VERB_ADVANCED) {
                if (TRACE_ENABLED(TRACE_LEVEL_DATA, SSL_EV_CONN_CIPHERS_EXT, conn, 0, 0, 0)) {
                        const uint8_t *cipher_suites;
                        size_t len;

diff --git a/src/ssl_trace.c b/src/ssl_trace.c
index 3967414a1b25912cf67dc88feeb6e7282ac725c0..ed67a5860508e371467c80d0f35463fb86415dc3 100644 (file)
--- a/src/ssl_trace.c
+++ b/src/ssl_trace.c
@@ -202,7 +202,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
                }
        }
 
-       if (mask & SSL_EV_CONN_CHOOSE_SNI_CTX && src->verbosity > SSL_VERB_ADVANCED) {
+       if (mask & SSL_EV_CONN_CHOOSE_SNI_CTX && src->verbosity >= SSL_VERB_ADVANCED) {
                if (a2) {
                        const char *servername = a2;
                        chunk_appendf(&trace_buf, " : servername=\"%s\"", servername);
@@ -215,7 +215,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
                }
        }
 
-       if (mask & SSL_EV_CONN_SIGALG_EXT && src->verbosity > SSL_VERB_ADVANCED) {
+       if (mask & SSL_EV_CONN_SIGALG_EXT && src->verbosity >= SSL_VERB_ADVANCED) {
                if (a2 && a3) {
                        const uint16_t *extension_data = a2;
                        size_t extension_len = *((size_t*)a3);
@@ -245,7 +245,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
                }
        }
 
-       if (mask & SSL_EV_CONN_CIPHERS_EXT && src->verbosity > SSL_VERB_ADVANCED) {
+       if (mask & SSL_EV_CONN_CIPHERS_EXT && src->verbosity >= SSL_VERB_ADVANCED) {
                if (a2 && a3 && a4) {
                        SSL *ssl = (SSL*)a2;
                        const uint16_t *extension_data = a3;
@@ -277,7 +277,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
                }
        }
 
-       if (mask & SSL_EV_CONN_CURVES_EXT && src->verbosity > SSL_VERB_ADVANCED) {
+       if (mask & SSL_EV_CONN_CURVES_EXT && src->verbosity >= SSL_VERB_ADVANCED) {
                if (a2 && a3) {
                        const uint16_t *extension_data = a2;
                        size_t extension_len = *((size_t*)a3);