From 5f5e3886c57c37d3eb8fb7ae05675e1063ef51cb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 27 Aug 2023 21:32:36 +0200
Subject: [PATCH] Minor robustness improvement

Let openssl use any experimental or obsolete cipher that's not in ALL.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/compat.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index 2e03e44f3..dbe1cacc1 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -592,7 +592,7 @@ setup_arguments()
     fi
 
     M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE"
-    O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$O_MODE"
+    O_SERVER_ARGS="-accept $PORT -cipher ALL,COMPLEMENTOFALL -$O_MODE"
     G_SERVER_ARGS="-p $PORT --http $G_MODE"
     G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"