daemon/tls: respect crypto policy overrides in OS

diff --git a/NEWS b/NEWS
index b70d259d037828873f1d37494879ff811d43641f..e56187f1780519688610c5faaa27d895974c8e3e 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,11 @@
+Knot Resolver 6.0.8 (2024-0m-dd)
+================================
+
+Improvements
+------------
+- TLS (DoT, DoH): respect crypto policy overrides in OS (!1526)
+
+
 Knot Resolver 6.0.7 (2024-03-27)
 ================================
 

diff --git a/daemon/tls.c b/daemon/tls.c
index 1512f04516cf8a9156fb75edf4a052452c043868..e8dff76c5ac98bf205a2a7e008f62c84d7f14353 100644 (file)
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -71,22 +71,24 @@ static int client_verify_certificate(gnutls_session_t tls_session);
 static struct tls_credentials *tls_credentials_reserve(struct tls_credentials *tls_credentials);
 
 /**
- * Set mandatory security settings from
- * https://tools.ietf.org/html/draft-ietf-dprive-dtls-and-tls-profiles-11#section-9
+ * Set restrictions on TLS features, in particular ciphers.
+ *
+ * We explicitly disable features according to:
+ * https://datatracker.ietf.org/doc/html/rfc8310#section-9
+ * in case the gnutls+OS defaults allow them.
  * Performance optimizations are not implemented at the moment.
+ *
+ * OS defaults are taken into account, e.g. on Red Hat family there's
+ * /etc/crypto-policies/back-ends/gnutls.config and update-crypto-policies tool.
  */
 static int kres_gnutls_set_priority(gnutls_session_t session) {
-       static const char * const priorities =
-               "NORMAL:" /* GnuTLS defaults */
-               "-VERS-TLS1.0:-VERS-TLS1.1:" /* TLS 1.2 and higher */
-                /* Some distros by default allow features that are considered
-                 * too insecure nowadays, so let's disable them explicitly. */
-               "-VERS-SSL3.0:-ARCFOUR-128:-COMP-ALL:+COMP-NULL";
+       static const char * const extra_prio =
+               "-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0:-ARCFOUR-128:-COMP-ALL:+COMP-NULL";
        const char *errpos = NULL;
-       int err = gnutls_priority_set_direct(session, priorities, &errpos);
+       int err = gnutls_set_default_priority_append(session, extra_prio, &errpos, 0);
        if (err != GNUTLS_E_SUCCESS) {
                kr_log_error(TLS, "setting priority '%s' failed at character %zd (...'%s') with %s (%d)\n",
-                            priorities, errpos - priorities, errpos, gnutls_strerror_name(err), err);
+                            extra_prio, errpos - extra_prio, errpos, gnutls_strerror_name(err), err);
        }
        return err;
 }

diff --git a/doc/user/config-network-server-tls.rst b/doc/user/config-network-server-tls.rst
index b74617540ef8bdf443e5e4dde015bbdc0120471d..420de59ca6705f045250450a209231ca4d293a39 100644 (file)
--- a/doc/user/config-network-server-tls.rst
+++ b/doc/user/config-network-server-tls.rst
@@ -105,6 +105,16 @@ Configuration options for DoT and DoH
 A self-signed certificate is generated by default.
 For serious deployments it is strongly recommended to configure your own TLS certificates signed by a trusted CA.
 
+Knot Resolver respects system-wide cryptographic policies. If you are using a
+distro that ships such a package, you may use `crypto-policies
+<https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening>`_
+to additionally harden DoT/DoH encryption by disabling certain cipher suites,
+outdated TLS protocols etc.
+
+Please note that Knot Resolver already disallows the usage of TLS 1.1 and lower
+as per section 9 of :rfc:`8310`. This **cannot** be overridden by system-wide
+policies.
+
 .. option:: network/tls:
 
    .. option:: cert-file: <path>