From dbc66d0405a83bdef9a12ca00399ede7cb947946 Mon Sep 17 00:00:00 2001
From: Kasei <cnsdwpc@gmail.com>
Date: Wed, 6 Nov 2019 15:09:29 +0800
Subject: [PATCH] tls: update default CurvePreferences and CipherSuites (#5850)

* Enable X25519 curve and reorder curve list to improve key exchange performance
* Enable ECDSA ciphers for EC certs
* Enable CHACHA20_POLY1305 ciphers
* Disable RSA key exchange algorithm which don't provide PFS
* Disable non-AEAD ciphers

Signed-off-by: Kasei Wang <kasei@kasei.im>
---
 internal/cmd/web.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/internal/cmd/web.go b/internal/cmd/web.go
index f08854a4d..306070d89 100644
--- a/internal/cmd/web.go
+++ b/internal/cmd/web.go
@@ -719,13 +719,15 @@ func runWeb(c *cli.Context) error {
 		}
 		server := &http.Server{Addr: listenAddr, TLSConfig: &tls.Config{
 			MinVersion:               tlsMinVersion,
-			CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+			CurvePreferences:         []tls.CurveID{tls.X25519, tls.CurveP256, tls.CurveP384, tls.CurveP521},
 			PreferServerCipherSuites: true,
 			CipherSuites: []uint16{
+				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, // Required for HTTP/2 support.
-				tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-				tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+				tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
 			},
 		}, Handler: m}
 		err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)