From 38034762e435f2e77d6b204f6655ede673af8484 Mon Sep 17 00:00:00 2001
From: Abhijeeth Nuthan <abhijeeth.nuthan@couchbase.com>
Date: Mon, 6 Dec 2021 14:43:54 -0800
Subject: [PATCH] MB-49691: Add RSA-PSK-RC4-SHA to low_security_ciphers list.

Fixes the below,
$ testssl.sh --rc4 127.0.0.1:19000
...
RC4 (CVE-2013-2566, CVE-2015-2808)        VULNERABLE (NOT ok): RSA-PSK-RC4-SHA

After fix,
$ testssl.sh --rc4 127.0.0.1:19000
...
RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)

Change-Id: Iad160714dcc99ad2730f5600543c416640d7485e
Reviewed-on: https://review.couchbase.org/c/ns_server/+/167074
Well-Formed: Build Bot <build@couchbase.com>
Tested-by: Abhijeeth Nuthan <abhijeeth.nuthan@couchbase.com>
Reviewed-by: Timofey Barmin <timofey.barmin@couchbase.com>
---
 src/ns_ssl_services_setup.erl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ns_ssl_services_setup.erl b/src/ns_ssl_services_setup.erl
index 59651d96e1..2a9a414859 100644
--- a/src/ns_ssl_services_setup.erl
+++ b/src/ns_ssl_services_setup.erl
@@ -253,6 +253,7 @@ low_security_ciphers_openssl() ->
      "RC4-MD5",
      "RC4-MD5",
      "PSK-RC4-SHA",
+     "RSA-PSK-RC4-SHA",
      "EXP-ADH-RC4-MD5",
      "EXP-RC4-MD5",
      "EXP-RC4-MD5"].