Hardened tls cipher suits and added option for tls min version #315
Conversation
rest-server/main.go: Added parameter handling for TLS min version rest-server/main.go: Added crypto.tls, implemented and configured tlsConfig object
|
I actually have no idea how the tests work. From what I can guess out of main_test.go I assume it tests the program response to certain conditions to ensure it will throw errors when parameters are missing or misleading. If that's the case I think it is not necessary to add tests for what I did, because if |
There was a problem hiding this comment.
#322 will bump Go to 1.22 which disables TLS before 1.2 by default. TLS 1.2 is older than Go 1.0. So I don't think anyone will ever need an older TLS version (if they do then they should fix their setup instead).
That would sort of make the --tls-min-version somewhat obsolete. WDYT?
Removing the 3DES ciphers is fine. The cipher suite subset is already added by https://datatracker.ietf.org/doc/html/rfc5289 which is from 2008. That also implicitly means that clients that only support TLS < 1.2 won't be able to use any of those ciphers, which is one reason more to not even consider offering TLS 1.0 and 1.1.
Technically yes but it could still be used to enforce a TLS 1.3 only-setup which could be preferable to calm down a few paranoid CISOs out there. Should we remove it entirely or keep and document it? |
main.go: Added error for unknown TLS min versions main.go: Changed CurvePreferences in TLS config to Go default main.go: Removed handling for TLS min versions 1.0 and 1.1 Signed-off-by: darkspir <[email protected]>
We can keep the flag. But we should document the allowed TLS versions. |
| @@ -61,6 +63,7 @@ func newRestServerApp() *restServerApp { | |||
| flags.BoolVar(&rv.Server.TLS, "tls", rv.Server.TLS, "turn on TLS support") | |||
| flags.StringVar(&rv.Server.TLSCert, "tls-cert", rv.Server.TLSCert, "TLS certificate path") | |||
| flags.StringVar(&rv.Server.TLSKey, "tls-key", rv.Server.TLSKey, "TLS key path") | |||
| flags.StringVar(&rv.Server.TLSMinVer, "tls-min-ver", rv.Server.TLSMinVer, "TLS min version (default: 1.2)") | |||
There was a problem hiding this comment.
This still results in (default: 1.2) (default: 1.2) in the help text as cobra automatically appends the default value. Ideally this should also include the allowed values: one of (1.2|1.3)
| @@ -68,7 +69,7 @@ If you want to disable authentication, you must add the `--no-auth` flag. If thi | |||
|
|
|||
| NOTE: In older versions of rest-server (up to 0.9.7), this flag does not exist and the server disables authentication if `.htpasswd` is missing or cannot be opened. | |||
|
|
|||
| By default the server uses HTTP protocol. This is not very secure since with Basic Authentication, user name and passwords will be sent in clear text in every request. In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key`. | |||
| By default the server uses HTTP protocol. This is not very secure since with Basic Authentication, user name and passwords will be sent in clear text in every request. In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key` and set the minimum TLS version by `--tls-min-ver`. | |||
There was a problem hiding this comment.
Please document the supported values.
| case "1.3": | ||
| tlscfg.MinVersion = tls.VersionTLS13 | ||
| default: | ||
| return fmt.Errorf("Unsupported TLS min version: %s", app.Server.TLSMinVer) |
There was a problem hiding this comment.
The error should report the allowed version numbers.
What is the purpose of this change? What does it change?
With tls activated, the rest-server will provide insecure tls versions and insecure or broken tls cipher suits. This change configures the default settings in tls mode, sets a secure set of cipher suits (according to CIS NGINX Benchmark v2.1.0) and sets up TLSv1.2 as min version. It also adds a command line parameter to select a different version as min version.
The current version of the crypto.tls library also sets a small, secure set of cipher suits as default and limits the available TLS versions to 1.2 and 1.3. Earlier versions are also available but have to be explicitly enabled during compilation.
Was the change discussed in an issue or in the forum before?
Closes #251
Checklist
changelog/unreleased/that describes the changes for our users (template here)gofmton the code in all commits