From 6bf887340626e35e0497deaf246a9f034d8fe8ee Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 23 May 2016 17:21:11 -0400
Subject: [PATCH] Add back export and low-security ciphers

These are disabled in OpenSSL 1.02g but are still enabled in
the version in RHEL 7.
---
 test/test_cipher.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/test/test_cipher.py b/test/test_cipher.py
index 1cce9e4..8b12f26 100644
--- a/test/test_cipher.py
+++ b/test/test_cipher.py
@@ -40,7 +40,7 @@ if ENABLE_SERVER_DHE == 0:
     OPENSSL_CIPHERS_IGNORE += ':-DH'
 
 def assert_equal_openssl(ciphers):
-    nss_ciphers = ciphers + ":-EXP:-LOW"
+    nss_ciphers = ciphers
     ossl_ciphers = ciphers + OPENSSL_CIPHERS_IGNORE
     (nss, err, rc) = run([exe, "--o", nss_ciphers])
     assert rc == 0
@@ -270,8 +270,7 @@ class test_ciphers(object):
         assert_no_NULL("DEFAULT:aRSA")
 
     def test_SYSTEM_DEFAULT(self):
-         # I've added in !DHE here which differs from F-23 default
-         assert_equal_openssl("!SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES:!DHE")
+         assert_equal_openssl("!SSLv2:kEECDH:kRSA:kEDH:kPSK:DH:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES")
 
     def test_cipher_reorder(self):
         # re-ordering now allowed but shouldn't blow up either
-- 
2.5.5