diff --git a/CHANGELOG.md b/CHANGELOG.md index 50c922f82927..e8d3a7a54887 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ ## 1.3 (Unreleased) +CHANGES: + * Cluster cipher suites: On its cluster port, Vault will no longer advertise + the full TLS 1.2 cipher suite list by default. Although this port is only + used for Vault-to-Vault communication and would always pick a strong cipher, + it could cause false flags on port scanners and other security utilities + that assumed insecure ciphers were being used. The previous behavior can be + achieved by setting the value of the (undocumented) `cluster_cipher_suites` + config flag to `tls12`. + FEATURES: * **Vault Debug**: A new top-level subcommand, `debug`, is added that allows diff --git a/scripts/testciphers.sh b/scripts/testciphers.sh new file mode 100755 index 000000000000..324d6bce7e02 --- /dev/null +++ b/scripts/testciphers.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +# Adapted from https://superuser.com/a/224263 + +# OpenSSL requires the port number. +SERVER=$1 +ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g') + +echo Obtaining cipher list from $(openssl version). + +for cipher in ${ciphers[@]} +do +echo -n Testing $cipher... +result=$(echo -n | openssl s_client -cipher "$cipher" -alpn req_fw_sb-act_v1 -connect $SERVER 2>&1) +if [[ "$result" =~ ":error:" ]] ; then + error=$(echo -n $result | cut -d':' -f6) + echo NO \($error\) +else + if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher :" ]] ; then + echo YES + else + echo UNKNOWN RESPONSE + echo $result + fi +fi +done diff --git a/vault/core.go b/vault/core.go index bdce09f62f95..cb792084f36c 100644 --- a/vault/core.go +++ b/vault/core.go @@ -5,6 +5,7 @@ import ( "crypto/ecdsa" "crypto/rand" "crypto/subtle" + "crypto/tls" "crypto/x509" "errors" "fmt" @@ -709,7 +710,24 @@ func NewCore(conf *CoreConfig) (*Core, error) { c.clusterAddr.Store(conf.ClusterAddr) c.activeContextCancelFunc.Store((context.CancelFunc)(nil)) - if conf.ClusterCipherSuites != "" { + switch conf.ClusterCipherSuites { + case "tls12": + // Do nothing, let Go use the default + + case "": + // Add in forward compatible TLS 1.3 suites, followed by handpicked 1.2 suites + c.clusterCipherSuites = []uint16{ + // 1.3 + tls.TLS_AES_128_GCM_SHA256, + tls.TLS_AES_256_GCM_SHA384, + tls.TLS_CHACHA20_POLY1305_SHA256, + // 1.2 + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, + } + + default: suites, err := tlsutil.ParseCiphers(conf.ClusterCipherSuites) if err != nil { return nil, errwrap.Wrapf("error parsing cluster cipher suites: {{err}}", err)