Use a modern cipher list for tsl

The default cipher list in node 0.12.7 includes obsolete and insecure cipher suites. Recent versions of node include more secure defaults, so we hardcode those defaults instead. We also enforce the cipher order as we list it on the server rather than rely on the preferences of the client so we can help avoid BEAST attacks. Fixes elastic#5542
spalger · Dec 3, 2015 · 9797b36 · 9797b36
1 parent 38d5fc5
commit 9797b36
Showing 1 changed file with 30 additions and 1 deletion.
diff --git a/src/server/http/index.js b/src/server/http/index.js
@@ -26,7 +26,36 @@ module.exports = function (kbnServer, server, config) {
   if (config.get('server.ssl.key') && config.get('server.ssl.cert')) {
     connectionOptions.tls = {
       key: fs.readFileSync(config.get('server.ssl.key')),
-      cert: fs.readFileSync(config.get('server.ssl.cert'))
+      cert: fs.readFileSync(config.get('server.ssl.cert')),
+      // The default ciphers in node 0.12.x include insecure ciphers, so until
+      // we enforce a more recent version of node, we craft our own list
+      // @see https://github.com/nodejs/node/blob/master/src/node_constants.h#L8-L28
+      ciphers: [
+        'ECDHE-RSA-AES128-GCM-SHA256',
+        'ECDHE-ECDSA-AES128-GCM-SHA256',
+        'ECDHE-RSA-AES256-GCM-SHA384',
+        'ECDHE-ECDSA-AES256-GCM-SHA384',
+        'DHE-RSA-AES128-GCM-SHA256',
+        'ECDHE-RSA-AES128-SHA256',
+        'DHE-RSA-AES128-SHA256',
+        'ECDHE-RSA-AES256-SHA384',
+        'DHE-RSA-AES256-SHA384',
+        'ECDHE-RSA-AES256-SHA256',
+        'DHE-RSA-AES256-SHA256',
+        'HIGH',
+        '!aNULL',
+        '!eNULL',
+        '!EXPORT',
+        '!DES',
+        '!RC4',
+        '!MD5',
+        '!PSK',
+        '!SRP',
+        '!CAMELLIA'
+      ].join(':'),
+      // We use the server's cipher order rather than the client's to prevent
+      // the BEAST attack
+      honorCipherOrder: true
     };
   }