HTTPS: restrict ciphersuites

content/fetchers/curl.c

@@ -67,6 +67,21 @@
 /** maximum number of X509 certificates in chain for TLS connection */
 #define MAX_CERTS 10
 
+/* the ciphersuites we are willing to use */
+#define CIPHER_LIST						\
+	/* disable everything */				\
+	"-ALL:"							\
+	/* enable TLSv1.2 PFS suites */				\
+	"EECDH+AES+TLSv1.2:EDH+AES+TLSv1.2:"			\
+	/* enable PFS AES GCM suites */				\
+	"EECDH+AESGCM:EDH+AESGCM:"				\
+	/* Enable PFS AES CBC suites */				\
+	"EECDH+AES:EDH+AES:"					\
+	/* Enable non-PFS fallback suite */			\
+	"AES128-SHA:"						\
+	/* Remove any PFS suites using weak DSA key exchange */	\
+	"-DSS"
+
 /** SSL certificate info */
 struct cert_info {
 	X509 *cert;		/**< Pointer to certificate */
@@ -555,6 +570,8 @@ fetch_curl_sslctxfun(CURL *curl_handle, void *_sslctx, void *parm)
 		/* Ensure server rejects the connection if downgraded too far */
 		SSL_CTX_set_mode(sslctx, SSL_MODE_SEND_FALLBACK_SCSV);
 #endif
+		/* Disable TLS1.2 ciphersuites */
+		SSL_CTX_set_cipher_list(sslctx, CIPHER_LIST ":-TLSv1.2");
 	}
 
 	SSL_CTX_set_options(sslctx, options);
@@ -1512,6 +1529,7 @@ nserror fetch_curl_register(void)
 	SETOPT(CURLOPT_LOW_SPEED_TIME, 180L);
 	SETOPT(CURLOPT_NOSIGNAL, 1L);
 	SETOPT(CURLOPT_CONNECTTIMEOUT, nsoption_uint(curl_fetch_timeout));
+	SETOPT(CURLOPT_SSL_CIPHER_LIST, CIPHER_LIST);
 
 	if (nsoption_charp(ca_bundle) &&
 	    strcmp(nsoption_charp(ca_bundle), "")) {