Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: add --tls-cipher-list command line switch #2412

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 39 additions & 1 deletion doc/api/tls.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,44 @@ handshake extensions allowing you:
* SNI - to use one TLS server for multiple hostnames with different SSL
certificates.

## Modifying the Default TLS Cipher suite

Node.js is built with a default suite of enabled and disabled TLS ciphers.
Currently, the default cipher suite is:

ECDHE-RSA-AES128-GCM-SHA256:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The : at the end should necessarily be there in the docs?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. That's was copied directly from another location in the same doc and the : is part of the syntax

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmmm I thought : is just a delimiter

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, yes, it's a delimiter that's part of the cipher list format supported by openssl. There may be a better way of representing that list, but I'd rather make that change independent of this one.

ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-AES256-GCM-SHA384:
DHE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES128-SHA256:
DHE-RSA-AES128-SHA256:
ECDHE-RSA-AES256-SHA384:
DHE-RSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA256:
DHE-RSA-AES256-SHA256:
HIGH:
!aNULL:
!eNULL:
!EXPORT:
!DES:
!RC4:
!MD5:
!PSK:
!SRP:
!CAMELLIA

This default can be overriden entirely using the `--tls-cipher-list` command
line switch. For instance, the following makes
`ECDHE-RSA-AES128-GCM-SHA256:!RC4` the default TLS cipher suite:

node --tls-cipher-list="ECDHE-RSA-AES128-GCM-SHA256:!RC4"

Note that the default cipher suite included within Node.js has been carefully
selected to reflect current security best practices and risk mitigation.
Changing the default cipher suite can have a significant impact on the security
of an application. The `--tls-cipher-list` switch should by used only if
absolutely necessary.

## Perfect Forward Secrecy

Expand Down Expand Up @@ -138,7 +176,7 @@ automatically set as a listener for the [secureConnection][] event. The
- `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate
Revocation List)

- `ciphers`: A string describing the ciphers to use or exclude, seperated by
- `ciphers`: A string describing the ciphers to use or exclude, separated by
`:`. The default cipher suite is:

ECDHE-RSA-AES128-GCM-SHA256:
Expand Down
3 changes: 3 additions & 0 deletions doc/iojs.1
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ and servers.

--v8-options print v8 command line options

--tls-cipher-list=list use an alternative default TLS cipher list
(available only when Node.js is built with
OpenSSL and crypto support enabled)

.SH ENVIRONMENT VARIABLES

Expand Down
25 changes: 2 additions & 23 deletions lib/tls.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ const url = require('url');
const util = require('util');
const binding = process.binding('crypto');
const Buffer = require('buffer').Buffer;
const constants = require('constants');

// Allow {CLIENT_RENEG_LIMIT} client-initiated session renegotiations
// every {CLIENT_RENEG_WINDOW} seconds. An error event is emitted if more
Expand All @@ -15,29 +16,7 @@ exports.CLIENT_RENEG_WINDOW = 600;

exports.SLAB_BUFFER_SIZE = 10 * 1024 * 1024;

exports.DEFAULT_CIPHERS = [
'ECDHE-RSA-AES128-GCM-SHA256',
'ECDHE-ECDSA-AES128-GCM-SHA256',
'ECDHE-RSA-AES256-GCM-SHA384',
'ECDHE-ECDSA-AES256-GCM-SHA384',
'DHE-RSA-AES128-GCM-SHA256',
'ECDHE-RSA-AES128-SHA256',
'DHE-RSA-AES128-SHA256',
'ECDHE-RSA-AES256-SHA384',
'DHE-RSA-AES256-SHA384',
'ECDHE-RSA-AES256-SHA256',
'DHE-RSA-AES256-SHA256',
'HIGH',
'!aNULL',
'!eNULL',
'!EXPORT',
'!DES',
'!RC4',
'!MD5',
'!PSK',
'!SRP',
'!CAMELLIA'
].join(':');
exports.DEFAULT_CIPHERS = constants.defaultCipherList;

exports.DEFAULT_ECDH_CURVE = 'prime256v1';

Expand Down
7 changes: 7 additions & 0 deletions src/node.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3111,6 +3111,9 @@ static void PrintHelp() {
" --track-heap-objects track heap object allocations for heap "
"snapshots\n"
" --v8-options print v8 command line options\n"
#if HAVE_OPENSSL
" --tls-cipher-list=val use an alternative default TLS cipher list\n"
#endif
#if defined(NODE_HAVE_I18N_SUPPORT)
" --icu-data-dir=dir set ICU data load path to dir\n"
" (overrides NODE_ICU_DATA)\n"
Expand Down Expand Up @@ -3242,6 +3245,10 @@ static void ParseArgs(int* argc,
} else if (strcmp(arg, "--v8-options") == 0) {
new_v8_argv[new_v8_argc] = "--help";
new_v8_argc += 1;
#if HAVE_OPENSSL
} else if (strncmp(arg, "--tls-cipher-list=", 18) == 0) {
default_cipher_list = arg + 18;
#endif
#if defined(NODE_HAVE_I18N_SUPPORT)
} else if (strncmp(arg, "--icu-data-dir=", 15) == 0) {
icu_data_dir = arg + 15;
Expand Down
16 changes: 16 additions & 0 deletions src/node_constants.cc
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ namespace node {
using v8::Handle;
using v8::Object;

#if HAVE_OPENSSL
const char* default_cipher_list = DEFAULT_CIPHER_LIST_CORE;
#endif

void DefineErrnoConstants(Handle<Object> target) {
#ifdef E2BIG
NODE_DEFINE_CONSTANT(target, E2BIG);
Expand Down Expand Up @@ -1108,13 +1112,25 @@ void DefineUVConstants(Handle<Object> target) {
NODE_DEFINE_CONSTANT(target, UV_UDP_REUSEADDR);
}

void DefineCryptoConstants(Handle<Object> target) {
#if HAVE_OPENSSL
NODE_DEFINE_STRING_CONSTANT(target,
"defaultCoreCipherList",
DEFAULT_CIPHER_LIST_CORE);
NODE_DEFINE_STRING_CONSTANT(target,
"defaultCipherList",
default_cipher_list);
#endif
}

void DefineConstants(Handle<Object> target) {
DefineErrnoConstants(target);
DefineWindowsErrorConstants(target);
DefineSignalConstants(target);
DefineOpenSSLConstants(target);
DefineSystemConstants(target);
DefineUVConstants(target);
DefineCryptoConstants(target);
}

} // namespace node
29 changes: 29 additions & 0 deletions src/node_constants.h
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,36 @@
#include "node.h"
#include "v8.h"

#if HAVE_OPENSSL
#define DEFAULT_CIPHER_LIST_CORE "ECDHE-RSA-AES128-GCM-SHA256:" \
"ECDHE-ECDSA-AES128-GCM-SHA256:" \
"ECDHE-RSA-AES256-GCM-SHA384:" \
"ECDHE-ECDSA-AES256-GCM-SHA384:" \
"DHE-RSA-AES128-GCM-SHA256:" \
"ECDHE-RSA-AES128-SHA256:" \
"DHE-RSA-AES128-SHA256:" \
"ECDHE-RSA-AES256-SHA384:" \
"DHE-RSA-AES256-SHA384:" \
"ECDHE-RSA-AES256-SHA256:" \
"DHE-RSA-AES256-SHA256:" \
"HIGH:" \
"!aNULL:" \
"!eNULL:" \
"!EXPORT:" \
"!DES:" \
"!RC4:" \
"!MD5:" \
"!PSK:" \
"!SRP:" \
"!CAMELLIA"
#endif

namespace node {

#if HAVE_OPENSSL
extern const char* default_cipher_list;
#endif

void DefineConstants(v8::Handle<v8::Object> target);
} // namespace node

Expand Down
16 changes: 16 additions & 0 deletions src/node_internals.h
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,22 @@

struct sockaddr;

// Variation on NODE_DEFINE_CONSTANT that sets a String value.
#define NODE_DEFINE_STRING_CONSTANT(target, name, constant) \
do { \
v8::Isolate* isolate = target->GetIsolate(); \
v8::Local<v8::String> constant_name = \
v8::String::NewFromUtf8(isolate, name); \
v8::Local<v8::String> constant_value = \
v8::String::NewFromUtf8(isolate, constant); \
v8::PropertyAttribute constant_attributes = \
static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete); \
target->ForceSet(isolate->GetCurrentContext(), \
constant_name, \
constant_value, \
constant_attributes); \
} while (0)

namespace node {

// Forward declaration
Expand Down
32 changes: 32 additions & 0 deletions test/parallel/test-tls-cipher-list.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
'use strict';
const common = require('../common');

if (!common.hasCrypto) {
console.log('1..0 # Skipped: missing crypto');
return;
}

const assert = require('assert');
const spawn = require('child_process').spawn;
const defaultCoreList = require('constants').defaultCoreCipherList;

function doCheck(arg, check) {
var out = '';
var arg = arg.concat([
'-pe',
'require("constants").defaultCipherList'
]);
spawn(process.execPath, arg, {}).
on('error', assert.fail).
stdout.on('data', function(chunk) {
out += chunk;
}).on('end', function() {
assert.equal(out.trim(), check);
}).on('error', assert.fail);
}

// test the default unmodified version
doCheck([], defaultCoreList);

// test the command line switch by itself
doCheck(['--tls-cipher-list=ABC'], 'ABC');