Tip of the day: Almost every channel mode can be disabled. Don't like halfops? Use blacklist-module chanmodes/halfop;
|
TLS Ciphers and protocols
You can configure the permitted SSL/TLS protocols and ciphers using set::tls::protocols, set::tls::ciphers and set::tls::options::ciphersuites. Or, if you want to override these global options, then you can use listen::tls-options or link::tls-options for listen- and link-specific configuration.
Default configuration[edit]
The default configuration in UnrealIRCd 6.0.5 looks like this:
set {
protocols "TLSv1.2,TLSv1.3";
ciphers "EECDH+CHACHA20 EECDH+AESGCM EECDH+AES+SHA384 EECDH+AES+SHA256";
ciphersuites "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256";
ecdh-curves "secp521r1,secp384r1,prime256v1";
};
NOTE: There is no need to copy-paste this to your config file as this is already the default!
Result[edit]
With OpenSSL 3.0.7 this results in (output from cipherscan):
prio ciphersuite protocols pfs curves 1 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1 2 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1 3 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1 4 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
NOTE 1: This seems to omit the ECDHE-ECDSA-CHACHA20-POLY1305 ciphers that are also supported.
NOTE 2: TLS 1.3 is also supported in UnrealIRCd. It is not listed in the above result simply because the cipherscan tool does not test for it at the moment[1].
Rationale[edit]
By default we:
- Require protocol TLSv1.2 or higher
- Only allows ciphers with Forward Secrecy
- Use secure and randomly chosen ECDH curves
These minimum requirements can be met by these TLS client libraries:
- OpenSSL 1.0.1 (released in 2012): for example first used in Fedora 18 (2013), Debian 7 (2013), Ubuntu 14.04 (2014)
- GnuTLS 3.2.6 (2013): for example used in Ubuntu 16.0.4 (2016)
- Android 4.4.2 (2013)
Previous less secure setting[edit]
The default settings as of UnrealIRCd 6.0.5+ work with these minimum versions of popular TLS client libraries: OpenSSL 1.0.1 (released in 2012), GnuTLS 3.2.6 (2013), Android 4.4.2 (2013).
If you need to permit clients that use an TLS library that is more than 10+ years old, then you have to downgrade the security a bit and revert to these old settings:
set {
tls {
protocols "All"; /* TLSv1.0 or later */
ciphers "EECDH+CHACHA20 EECDH+AESGCM EECDH+AES AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256 AES256-SHA AES128-SHA";
};
};
History[edit]
See also: Moving users to TLS
- Prior to UnrealIRCd 4.0.7 if you did not have a cipher setting it was left up to your OS/Distro (and ultimately OpenSSL/LibreSSL build parameters) as to which algorithms were enabled. In practice this often meant ciphers such as RC4 and 3DES were enabled which is discouraged today.
- In UnrealIRCd 4.0.14 the cipher list was updated to include TLSv1.3 ciphers. This means as soon as you upgrade your OpenSSL to a version which supports TLSv1.3, UnrealIRCd will be able to use it.
- In UnrealIRCd 4.0.18 support was added of setting the ECDH(E) curves via the ecdh-curves option and a default was set. Previously this was left over to the SSL library with a fallback to P-256.
- In UnrealIRCd 4.0.19 support for cipher setting for TLSv1.3 was changed to match OpenSSL specifics.
- In UnrealIRCd 4.2.2 we reordered AES-128 and AES-256. In practice, most clients (by far) already negotiated either CHACHA20 or AES-256, but now in the remaining case (non-PFS) we prefer AES-256 as well.
- In UnrealIRCd 5.0.0 there were no changes but we did change the default generated certificate from RSA-4096 to secp384r1
- In UnrealIRCd 6.0.5 the requirements changed to TLSv1.2 or later and a cipher with Forward Secrecy (ECDHE). This was previously in a section called A more secure setting but is now the default. The old default is now documented under Previous less secure setting.