diff --git a/gennghttpxfun.py b/gennghttpxfun.py index 344b4308..692e675b 100755 --- a/gennghttpxfun.py +++ b/gennghttpxfun.py @@ -172,6 +172,8 @@ OPTIONS = [ "ignore-per-pattern-mruby-error", "tls-no-postpone-early-data", "tls-max-early-data", + "tls13-ciphers", + "tls13-client-ciphers", ] LOGVARS = [ diff --git a/src/shrpx.cc b/src/shrpx.cc index 56819af3..c9eb2eda 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -1459,8 +1459,12 @@ void fill_default_config(Config *config) { tlsconf.session_timeout = std::chrono::hours(12); tlsconf.ciphers = StringRef::from_lit(nghttp2::tls::DEFAULT_CIPHER_LIST); + tlsconf.tls13_ciphers = + StringRef::from_lit(nghttp2::tls::DEFAULT_TLS13_CIPHER_LIST); tlsconf.client.ciphers = StringRef::from_lit(nghttp2::tls::DEFAULT_CIPHER_LIST); + tlsconf.client.tls13_ciphers = + StringRef::from_lit(nghttp2::tls::DEFAULT_TLS13_CIPHER_LIST); tlsconf.min_proto_version = tls::proto_version_from_string(DEFAULT_TLS_MIN_PROTO_VERSION); tlsconf.max_proto_version = @@ -2081,13 +2085,31 @@ SSL/TLS: --ciphers= Set allowed cipher list for frontend connection. The format of the string is described in OpenSSL ciphers(1). + This option sets cipher suites for TLSv1.2 or earlier. + Use --tls13-ciphers for TLSv1.3. Default: )" << config->tls.ciphers << R"( + --tls13-ciphers= + Set allowed cipher list for frontend connection. The + format of the string is described in OpenSSL ciphers(1). + This option sets cipher suites for TLSv1.3. Use + --ciphers for TLSv1.2 or earlier. + Default: )" + << config->tls.tls13_ciphers << R"( --client-ciphers= Set allowed cipher list for backend connection. The format of the string is described in OpenSSL ciphers(1). + This option sets cipher suites for TLSv1.2 or earlier. + Use --tls13-client-ciphers for TLSv1.3. Default: )" << config->tls.client.ciphers << R"( + --tls13-client-ciphers= + Set allowed cipher list for backend connection. The + format of the string is described in OpenSSL ciphers(1). + This option sets cipher suites for TLSv1.3. Use + --tls13-client-ciphers for TLSv1.2 or earlier. + Default: )" + << config->tls.client.tls13_ciphers << R"( --ecdh-curves= Set supported curve list for frontend connections. is a colon separated list of curve NID or names @@ -3451,6 +3473,8 @@ int main(int argc, char **argv) { 161}, {SHRPX_OPT_TLS_NO_POSTPONE_EARLY_DATA.c_str(), no_argument, &flag, 162}, {SHRPX_OPT_TLS_MAX_EARLY_DATA.c_str(), required_argument, &flag, 163}, + {SHRPX_OPT_TLS13_CIPHERS.c_str(), required_argument, &flag, 164}, + {SHRPX_OPT_TLS13_CLIENT_CIPHERS.c_str(), required_argument, &flag, 165}, {nullptr, 0, nullptr, 0}}; int option_index = 0; @@ -4231,6 +4255,14 @@ int main(int argc, char **argv) { // --tls-max-early-data cmdcfgs.emplace_back(SHRPX_OPT_TLS_MAX_EARLY_DATA, StringRef{optarg}); break; + case 164: + // --tls13-ciphers + cmdcfgs.emplace_back(SHRPX_OPT_TLS13_CIPHERS, StringRef{optarg}); + break; + case 165: + // --tls13-client-ciphers + cmdcfgs.emplace_back(SHRPX_OPT_TLS13_CLIENT_CIPHERS, StringRef{optarg}); + break; default: break; } diff --git a/src/shrpx_config.cc b/src/shrpx_config.cc index 336df42f..74194ca9 100644 --- a/src/shrpx_config.cc +++ b/src/shrpx_config.cc @@ -1759,6 +1759,11 @@ int option_lookup_token(const char *name, size_t namelen) { return SHRPX_OPTID_FORWARDED_FOR; } break; + case 's': + if (util::strieq_l("tls13-cipher", name, 12)) { + return SHRPX_OPTID_TLS13_CIPHERS; + } + break; case 't': if (util::strieq_l("verify-clien", name, 12)) { return SHRPX_OPTID_VERIFY_CLIENT; @@ -1956,6 +1961,11 @@ int option_lookup_token(const char *name, size_t namelen) { return SHRPX_OPTID_OCSP_UPDATE_INTERVAL; } break; + case 's': + if (util::strieq_l("tls13-client-cipher", name, 19)) { + return SHRPX_OPTID_TLS13_CLIENT_CIPHERS; + } + break; case 't': if (util::strieq_l("backend-read-timeou", name, 19)) { return SHRPX_OPTID_BACKEND_READ_TIMEOUT; @@ -2832,6 +2842,10 @@ int parse_config(Config *config, int optid, const StringRef &opt, case SHRPX_OPTID_CIPHERS: config->tls.ciphers = make_string_ref(config->balloc, optarg); + return 0; + case SHRPX_OPTID_TLS13_CIPHERS: + config->tls.tls13_ciphers = make_string_ref(config->balloc, optarg); + return 0; case SHRPX_OPTID_CLIENT: LOG(ERROR) << opt @@ -3547,6 +3561,10 @@ int parse_config(Config *config, int optid, const StringRef &opt, case SHRPX_OPTID_CLIENT_CIPHERS: config->tls.client.ciphers = make_string_ref(config->balloc, optarg); + return 0; + case SHRPX_OPTID_TLS13_CLIENT_CIPHERS: + config->tls.client.tls13_ciphers = make_string_ref(config->balloc, optarg); + return 0; case SHRPX_OPTID_ACCESSLOG_WRITE_EARLY: config->logging.access.write_early = util::strieq_l("yes", optarg); diff --git a/src/shrpx_config.h b/src/shrpx_config.h index 2dd35b0b..e47fa991 100644 --- a/src/shrpx_config.h +++ b/src/shrpx_config.h @@ -351,6 +351,9 @@ constexpr auto SHRPX_OPT_TLS_NO_POSTPONE_EARLY_DATA = StringRef::from_lit("tls-no-postpone-early-data"); constexpr auto SHRPX_OPT_TLS_MAX_EARLY_DATA = StringRef::from_lit("tls-max-early-data"); +constexpr auto SHRPX_OPT_TLS13_CIPHERS = StringRef::from_lit("tls13-ciphers"); +constexpr auto SHRPX_OPT_TLS13_CLIENT_CIPHERS = + StringRef::from_lit("tls13-client-ciphers"); constexpr size_t SHRPX_OBFUSCATED_NODE_LENGTH = 8; @@ -626,6 +629,7 @@ struct TLSConfig { StringRef private_key_file; StringRef cert_file; StringRef ciphers; + StringRef tls13_ciphers; bool no_http2_cipher_black_list; } client; @@ -652,6 +656,7 @@ struct TLSConfig { StringRef cert_file; StringRef dh_param_file; StringRef ciphers; + StringRef tls13_ciphers; StringRef ecdh_curves; StringRef cacert; // The maximum amount of 0-RTT data that server accepts. @@ -1144,6 +1149,8 @@ enum { SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_MAX_RETRY, SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_PRIVATE_KEY_FILE, SHRPX_OPTID_TLS_TICKET_KEY_MEMCACHED_TLS, + SHRPX_OPTID_TLS13_CIPHERS, + SHRPX_OPTID_TLS13_CLIENT_CIPHERS, SHRPX_OPTID_USER, SHRPX_OPTID_VERIFY_CLIENT, SHRPX_OPTID_VERIFY_CLIENT_CACERT, diff --git a/src/shrpx_tls.cc b/src/shrpx_tls.cc index c9ea5fc5..0a834546 100644 --- a/src/shrpx_tls.cc +++ b/src/shrpx_tls.cc @@ -810,6 +810,14 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file, DIE(); } +#if OPENSSL_1_1_1_API + if (SSL_CTX_set_ciphersuites(ssl_ctx, tlsconf.tls13_ciphers.c_str()) == 0) { + LOG(FATAL) << "SSL_CTX_set_ciphersuites " << tlsconf.tls13_ciphers + << " failed: " << ERR_error_string(ERR_get_error(), nullptr); + DIE(); + } +#endif // OPENSSL_1_1_1_API + #ifndef OPENSSL_NO_EC # if !LIBRESSL_LEGACY_API && OPENSSL_VERSION_NUMBER >= 0x10002000L if (SSL_CTX_set1_curves_list(ssl_ctx, tlsconf.ecdh_curves.c_str()) != 1) { @@ -1091,6 +1099,15 @@ SSL_CTX *create_ssl_client_context( DIE(); } +#if OPENSSL_1_1_1_API + if (SSL_CTX_set_ciphersuites(ssl_ctx, tlsconf.client.tls13_ciphers.c_str()) == + 0) { + LOG(FATAL) << "SSL_CTX_set_ciphersuites " << tlsconf.client.tls13_ciphers + << " failed: " << ERR_error_string(ERR_get_error(), nullptr); + DIE(); + } +#endif // OPENSSL_1_1_1_API + SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS); if (SSL_CTX_set_default_verify_paths(ssl_ctx) != 1) { diff --git a/src/tls.h b/src/tls.h index 3d9aa225..d6c10db6 100644 --- a/src/tls.h +++ b/src/tls.h @@ -31,6 +31,8 @@ #include +#include "ssl_compat.h" + namespace nghttp2 { namespace tls { @@ -54,6 +56,14 @@ constexpr char DEFAULT_CIPHER_LIST[] = "SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-" "AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"; +constexpr char DEFAULT_TLS13_CIPHER_LIST[] = +#if OPENSSL_1_1_1_API + TLS_DEFAULT_CIPHERSUITES +#else // !OPENSSL_1_1_1_API + "" +#endif // !OPENSSL_1_1_1_API + ; + constexpr auto NGHTTP2_TLS_MIN_VERSION = TLS1_VERSION; #ifdef TLS1_3_VERSION constexpr auto NGHTTP2_TLS_MAX_VERSION = TLS1_3_VERSION;