From d81562ffc0425fdf8dc5864cdad2a136b477b363 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Mon, 23 Mar 2015 14:49:10 +0100
Subject: [PATCH] Remove RC4 ciphersuites by default

---
 ChangeLog                | 3 ++-
 include/mbedtls/config.h | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 8fbdabf4e..b0900d2a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,7 +26,8 @@ Changes
    * Remove test program o_p_test, the script compat.sh does more.
    * Remove test program ssl_test, superseded by ssl-opt.sh.
    * Remove helper script active-config.pl
-   * RC4 is now disabled by default in the SSL/TLS layer.
+   * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the
+     default ciphersuite list returned by ssl_list_ciphersuites()
 
 = mbed TLS 1.3 branch
 
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 8b2a858e4..32a9ffff7 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -365,7 +365,7 @@
  *
  * Uncomment this macro to remove RC4 ciphersuites by default.
  */
-//#define POLARSSL_REMOVE_ARC4_CIPHERSUITES
+#define POLARSSL_REMOVE_ARC4_CIPHERSUITES
 
 /**
  * \def POLARSSL_ECP_XXXX_ENABLED