diff --git a/src/ssl_clienthello.c b/src/ssl_clienthello.c index 131c919c5..2befabd73 100644 --- a/src/ssl_clienthello.c +++ b/src/ssl_clienthello.c @@ -346,7 +346,7 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg) has_rsa_sig = 1; } - if ((TRACE_SOURCE)->verbosity > SSL_VERB_ADVANCED) { + if ((TRACE_SOURCE)->verbosity >= SSL_VERB_ADVANCED) { if (TRACE_ENABLED(TRACE_LEVEL_DATA, SSL_EV_CONN_CIPHERS_EXT, conn, 0, 0, 0)) { const uint8_t *cipher_suites; size_t len; diff --git a/src/ssl_trace.c b/src/ssl_trace.c index 3967414a1..ed67a5860 100644 --- a/src/ssl_trace.c +++ b/src/ssl_trace.c @@ -202,7 +202,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_ } } - if (mask & SSL_EV_CONN_CHOOSE_SNI_CTX && src->verbosity > SSL_VERB_ADVANCED) { + if (mask & SSL_EV_CONN_CHOOSE_SNI_CTX && src->verbosity >= SSL_VERB_ADVANCED) { if (a2) { const char *servername = a2; chunk_appendf(&trace_buf, " : servername=\"%s\"", servername); @@ -215,7 +215,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_ } } - if (mask & SSL_EV_CONN_SIGALG_EXT && src->verbosity > SSL_VERB_ADVANCED) { + if (mask & SSL_EV_CONN_SIGALG_EXT && src->verbosity >= SSL_VERB_ADVANCED) { if (a2 && a3) { const uint16_t *extension_data = a2; size_t extension_len = *((size_t*)a3); @@ -245,7 +245,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_ } } - if (mask & SSL_EV_CONN_CIPHERS_EXT && src->verbosity > SSL_VERB_ADVANCED) { + if (mask & SSL_EV_CONN_CIPHERS_EXT && src->verbosity >= SSL_VERB_ADVANCED) { if (a2 && a3 && a4) { SSL *ssl = (SSL*)a2; const uint16_t *extension_data = a3; @@ -277,7 +277,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_ } } - if (mask & SSL_EV_CONN_CURVES_EXT && src->verbosity > SSL_VERB_ADVANCED) { + if (mask & SSL_EV_CONN_CURVES_EXT && src->verbosity >= SSL_VERB_ADVANCED) { if (a2 && a3) { const uint16_t *extension_data = a2; size_t extension_len = *((size_t*)a3);