MbedTLS: Provide default list of configured ciphersuites

This commit is contained in:
Aaron Jones 2016-09-01 20:47:34 +00:00
parent 6df12e8169
commit df51e80717
2 changed files with 109 additions and 15 deletions

View file

@ -442,19 +442,18 @@ rb_setup_ssl_server(const char *const certfile, const char *keyfile,
return 0; return 0;
} }
const int *rb_ciphersuites = newcfg->suites;
size_t suites_count = 0;
if(cipherlist != NULL) if(cipherlist != NULL)
{ {
// The cipherlist is (const char *) -- we should not modify it // The cipherlist is (const char *) -- we should not modify it
char *const cipherlist_dup = strdup(cipherlist); char *const cipherlist_dup = strdup(cipherlist);
if(cipherlist_dup == NULL) if(cipherlist_dup != NULL)
{ {
rb_lib_log("rb_setup_ssl_server: strdup: %s", strerror(errno));
rb_lib_log("rb_setup_ssl_server: will not configure ciphersuites!");
}
else
{
size_t suites_count = 0;
char *cipher_str = cipherlist_dup; char *cipher_str = cipherlist_dup;
char *cipher_idx; char *cipher_idx;
@ -489,18 +488,34 @@ rb_setup_ssl_server(const char *const certfile, const char *keyfile,
} while(cipher_idx && suites_count < RB_MAX_CIPHERSUITES); } while(cipher_idx && suites_count < RB_MAX_CIPHERSUITES);
if(suites_count > 0) if(suites_count == 0)
{ rb_lib_log("rb_setup_ssl_server: Ciphersuites provided, but could not parse any");
mbedtls_ssl_conf_ciphersuites(&newcfg->server_cfg, newcfg->suites);
mbedtls_ssl_conf_ciphersuites(&newcfg->client_cfg, newcfg->suites);
rb_lib_log("rb_setup_ssl_server: Configured %zu ciphersuites", suites_count);
}
else
rb_lib_log("rb_setup_ssl_server: Passed a list of ciphersuites, but could not configure any");
free(cipherlist_dup); free(cipherlist_dup);
} }
else
{
rb_lib_log("rb_setup_ssl_server: strdup: %s", strerror(errno));
} }
}
else
{
rb_lib_log("rb_setup_ssl_server: No ciphersuite list provided");
}
if(suites_count == 0)
{
rb_lib_log("rb_setup_ssl_server: Using default ciphersuites");
rb_ciphersuites = rb_mbedtls_ciphersuites;
suites_count = sizeof(rb_mbedtls_ciphersuites) / sizeof(rb_mbedtls_ciphersuites[0]);
}
mbedtls_ssl_conf_ciphersuites(&newcfg->server_cfg, rb_ciphersuites);
mbedtls_ssl_conf_ciphersuites(&newcfg->client_cfg, rb_ciphersuites);
rb_lib_log("rb_setup_ssl_server: Configured %zu ciphersuites", suites_count);
rb_mbedtls_cfg_decref(rb_mbedtls_cfg); rb_mbedtls_cfg_decref(rb_mbedtls_cfg);
rb_mbedtls_cfg = newcfg; rb_mbedtls_cfg = newcfg;

View file

@ -25,11 +25,90 @@
#ifndef RB_MBEDTLS_EMBEDDED_DATA_H #ifndef RB_MBEDTLS_EMBEDDED_DATA_H
#define RB_MBEDTLS_EMBEDDED_DATA_H #define RB_MBEDTLS_EMBEDDED_DATA_H
#include "mbedtls/ssl_ciphersuites.h"
/* /*
* Personalization string for CTR-DRBG initialization * Personalization string for CTR-DRBG initialization
*/ */
static const char rb_mbedtls_personal_str[] = "charybdis/librb personalization string"; static const char rb_mbedtls_personal_str[] = "charybdis/librb personalization string";
/*
* Default list of supported ciphersuites
* User can override with ssl_cipher_list option in ircd.conf
*
* Charybdis cannot have more than one certificate configured, which means that with
* the MbedTLS backend, it will ALWAYS be serving EITHER an RSA OR ECDSA certificate.
*
* This means we can order ciphersuites to place all ECDSA ones ahead of RSA ones,
* without weird interactions of cipher order, such as inadvertantly preferring an
* ECDSA ciphersuite with AES128-CBC-SHA over an RSA ciphersuite with
* AES256-GCM-SHA384.
*
* We also prefer all AEAD ciphersuites first, even if it results in using a 128-bit
* AEAD ciphersuite instead of a 256-bit CBC ciphersuite. This is due to the fact that
* ONLY the AEAD ciphersuites in TLS are cryptographically secure in practice; the ETM
* extension for CBC ciphersuites has not seen wide adoption. This choice can be
* revisited in future; please consult me first. -- amdj
*/
static const int rb_mbedtls_ciphersuites[] = {
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
0 // End of list
};
/* /*
* YES, this is a hardcoded CA certificate. * YES, this is a hardcoded CA certificate.
* *