MB-49691: Add RSA-PSK-RC4-SHA to low_security_ciphers list.

Fixes the below, $ testssl.sh --rc4 127.0.0.1:19000 ... RC4 (CVE-2013-2566, CVE-2015-2808) VULNERABLE (NOT ok): RSA-PSK-RC4-SHA After fix, $ testssl.sh --rc4 127.0.0.1:19000 ... RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) Change-Id: Iad160714dcc99ad2730f5600543c416640d7485e Reviewed-on: https://review.couchbase.org/c/ns_server/+/167074 Well-Formed: Build Bot <build@couchbase.com> Tested-by: Abhijeeth Nuthan <abhijeeth.nuthan@couchbase.com> Reviewed-by: Timofey Barmin <timofey.barmin@couchbase.com>
couchbase · Dec 7, 2021 · 3803476 · 3803476
1 parent 4d4aac8
commit 3803476
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/src/ns_ssl_services_setup.erl b/src/ns_ssl_services_setup.erl
@@ -253,6 +253,7 @@ low_security_ciphers_openssl() ->
      "RC4-MD5",
      "RC4-MD5",
      "PSK-RC4-SHA",
+     "RSA-PSK-RC4-SHA",
      "EXP-ADH-RC4-MD5",
      "EXP-RC4-MD5",
      "EXP-RC4-MD5"].