nghttpd: Use cipher suites recommended by Mozilla

src/HttpServer.cc

@@ -58,6 +58,7 @@ extern "C" {
 #include "app_helper.h"
 #include "http2.h"
 #include "util.h"
+#include "ssl.h"
 
 #ifndef O_BINARY
 # define O_BINARY (0)
@@ -1664,7 +1665,7 @@ int HttpServer::run()
     SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
     SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
 
-    SSL_CTX_set_cipher_list(ssl_ctx, "HIGH:!aNULL:!MD5");
+    SSL_CTX_set_cipher_list(ssl_ctx, ssl::DEFAULT_CIPHER_LIST);
 
 
     const unsigned char sid_ctx[] = "nghttpd";

src/shrpx_ssl.cc

@@ -51,6 +51,7 @@
 #include "shrpx_accesslog.h"
 #include "shrpx_worker.h"
 #include "util.h"
+#include "ssl.h"
 
 using namespace nghttp2;
 
@@ -58,12 +59,6 @@ namespace shrpx {
 
 namespace ssl {
 
-// Recommended general purpose "Non-Backward Compatible" cipher by
-// mozilla.
-//
-// https://wiki.mozilla.org/Security/Server_Side_TLS
-#define DEFAULT_CIPHER_LIST "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK"
-
 namespace {
 int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len,
                   void *arg)
@@ -250,7 +245,7 @@ SSL_CTX* create_ssl_context(const char *private_key_file,
   if(get_config()->ciphers) {
     ciphers = get_config()->ciphers.get();
   } else {
-    ciphers = DEFAULT_CIPHER_LIST;
+    ciphers = nghttp2::ssl::DEFAULT_CIPHER_LIST;
   }
 
   SSL_CTX_set_options(ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);

src/ssl.cc

@@ -35,6 +35,12 @@ namespace nghttp2 {
 
 namespace ssl {
 
+// Recommended general purpose "Non-Backward Compatible" cipher by
+// mozilla.
+//
+// https://wiki.mozilla.org/Security/Server_Side_TLS
+const char* const DEFAULT_CIPHER_LIST = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK";
+
 namespace {
 std::vector<std::mutex> ssl_global_locks;
 } // namespace

src/ssl.h

@@ -38,6 +38,8 @@ public:
   LibsslGlobalLock& operator=(const LibsslGlobalLock&) = delete;
 };
 
+extern const char* const DEFAULT_CIPHER_LIST;
+
 } // namespace ssl
 
 } // namespace nghttp2