tls: add cipher flag

[ThatsMrTalbot]

WIP implementation of TLS Cyphers flags (#8320)

This adds a new flag to the client and server specifying what tls cypher suites to enable, if not set then the full set will be available

It currently only seems to work when the TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 cipher suite is provided. If it isn't in the list then I get an error in the etcd logs (see below) and openssl s_client -connect 127.0.0.1:2379 -tls1_2 refuses to connect

Error from etcd logs when TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 is not provided:

Failed to dial 0.0.0.0:2379: connection error: desc = "transport: authentication handshake failed: remote error: tls: handshake failure"; please retry.

Any insight would be appreciated

[gyuho]

@dvonthenen Could you help review this? Thanks!

[dvonthenen]

@gyuho sure thing!

[dvonthenen]

I think this should be something to the effect of insecureSkipVerify = strings.EqualFold(os.Getenv("ETCDCTL_INSECURE_SKIP_TLS_VERIFY"), "TRUE"). Anything that doesn't match "true" from the ENV VAR is considered implicitly false.

[dvonthenen]

@ThatsMrTalbot In reference to only working with TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, I guess that would depend on the version of OpenSSL you are using and the supported cipher suites that are mutually shared between the server and client.

I did test setting a single arbitrary shared cipher between etcd and etcdctl (in my test case TLS_RSA_WITH_AES_256_GCM_SHA384) and it seemed to work just fine.

Just a quick look at OpenSSL latest using the -tls1_2 option, the only mutual ones are (the one with the [ ] is the one you noted works) again this depends on the version you are using:

• TLS_RSA_WITH_AES_128_CBC_SHA256 AES128-SHA256
• TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
• TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE-RSA-AES128-SHA256
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256
• TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256
• [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384]

[liggitt]

suggest enumerating the values in AvailableCipherSuites() rather than referencing godoc

[liggitt]

does this mean AvailableCipherSuites() is the default value? I didn't think all available ciphers were included in the default set in go

[ThatsMrTalbot]

It is used to validate the provided list, but the default value is still a nil slice (which is what is currently used)

[xiang90]

why do we need this in this PR?

[liggitt]

agree, would like this removed

[xiang90]

do we need this in this PR? or it can be separated to another one?

[ThatsMrTalbot]

I added it to make local testing easier, can break it out if you want

[xiang90]

yea. please break it out.

[liggitt]

nit: join with ", " so text can wrap

[liggitt]

", "

[liggitt]

this is a confusing name, maybe ValidValues instead?

[liggitt]

suggest giving separate control over valid values and default value(s), instead of assuming []string{}

[liggitt]

suggest a test like https://github.com/kubernetes/kubernetes/pull/48859/files#diff-4deda4b18dd1fb07896598924e440970R77 to make sure this doesn't drift or lag golang supported ciphers

[gyuho]

Default should be empty, and let Go populate the list with prioritized ordering.
Closing in favor of #9801.