From 09c2d8d8277db1e68554b735350903ef927ed246 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Sat, 29 Jul 2017 21:02:39 +0100
Subject: [PATCH] config.m4: Fix the `acceptable' ciphers list.

Replace `+NORMAL' with the explicit algorithm class wildcards (except
for compression, which I leave turned off).  This completely broke TLS
negotiation for outside senders. :-(
---
 config.m4 | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/config.m4 b/config.m4
index 1731d59..5cabfeb 100644
--- a/config.m4
+++ b/config.m4
@@ -97,12 +97,19 @@ DEFCONF(good_ciphers, NONE<::>m4_dnl
 :+COMP-NULL<::>m4_dnl
 )
 DEFCONF(acceptable_ciphers, NONE<::>m4_dnl
+:+VERS-TLS-ALL<::>m4_dnl
 :+ECDHE-RSA:+ECDHE-ECDSA<::>m4_dnl
+:+KX-ALL<::>m4_dnl
+:+SIGN-ALL<::>m4_dnl
+:+CTYPE-ALL<::>m4_dnl
 :+CHACHA20-POLY1305<::>m4_dnl
 :+AES-256-GCM:+AES-128-GCM<::>m4_dnl
+:+CIPHER-ALL<::>m4_dnl
 :+CURVE-X25519<::>m4_dnl
+:+CURVE-ALL<::>m4_dnl
 :+AEAD<::>m4_dnl
-:+NORMAL<::>m4_dnl
+:+MAC-ALL<::>m4_dnl
+:+COMP-NULL<::>m4_dnl
 :-MD5<::>m4_dnl
 )
 
-- 
2.11.0