]> git.kaiwu.me - haproxy.git/commitdiff
MEDIUM: ssl: set FIPS-approved cipher defaults for AWS-LC FIPS builds
authorWilliam Lallemand <wlallemand@haproxy.com>
Tue, 30 Jun 2026 12:44:45 +0000 (12:44 +0000)
committerWilliam Lallemand <wlallemand@haproxy.com>
Tue, 30 Jun 2026 13:55:58 +0000 (13:55 +0000)
When AWS-LC is built in FIPS mode, unconditionally override the
compile-time cipher defaults with FIPS-approved sets before config
parsing. Explicit ssl-default-{bind,server}-ciphers{suites} keywords
in the global section still take precedence over these defaults.

The approved sets are defined as macros in include/haproxy/defaults.h
alongside the existing CONNECT/LISTEN_DEFAULT_CIPHERS family:
  CONNECT/LISTEN_DEFAULT_FIPS_CIPHERS     - AES-128-GCM-SHA256 and
                                            AES-256-GCM-SHA384 (TLS 1.2)
  CONNECT/LISTEN_DEFAULT_FIPS_CIPHERSUITES - TLS_AES_128_GCM_SHA256 and
                                             TLS_AES_256_GCM_SHA384 (TLS 1.3)

This ensures internal servers (httpclient, Lua SSL sockets) that
inherit global defaults also operate with FIPS-compliant cipher lists
without requiring explicit configuration.

include/haproxy/defaults.h
src/ssl_sock.c

index eaa2f03bbfcfb0a33c452178960635e704ab3d01..87ebe88f0be016dc7d68cde0f9622ec97a157534 100644 (file)
 #define LISTEN_DEFAULT_CIPHERSUITES NULL
 #endif
 
+/* FIPS-approved TLS 1.2 ciphers for AWS-LC FIPS builds (AES-GCM only) */
+#ifndef CONNECT_DEFAULT_FIPS_CIPHERS
+#define CONNECT_DEFAULT_FIPS_CIPHERS \
+       "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:" \
+       "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384"
+#endif
+
+#ifndef LISTEN_DEFAULT_FIPS_CIPHERS
+#define LISTEN_DEFAULT_FIPS_CIPHERS \
+       "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:" \
+       "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384"
+#endif
+
+/* FIPS-approved TLS 1.3 cipher suites for AWS-LC FIPS builds */
+#ifndef CONNECT_DEFAULT_FIPS_CIPHERSUITES
+#define CONNECT_DEFAULT_FIPS_CIPHERSUITES "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"
+#endif
+
+#ifndef LISTEN_DEFAULT_FIPS_CIPHERSUITES
+#define LISTEN_DEFAULT_FIPS_CIPHERSUITES "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"
+#endif
+
 /* named curve used as defaults for ECDHE ciphers */
 #ifndef ECDHE_DEFAULT_CURVE
 #define ECDHE_DEFAULT_CURVE "prime256v1"
index 77f88e2d033c4880f30a6f4cc93d7d9ac4b43793..b3907cc6f155716b53d665637a9c8339915d1b0b 100644 (file)
@@ -8512,6 +8512,23 @@ static void __ssl_sock_init(void)
                global_ssl.connect_default_ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
 #endif
 
+#if defined(OPENSSL_IS_AWSLC)
+       /* When AWS-LC is built in FIPS mode, override any compile-time cipher
+        * defaults with the FIPS-approved sets. This runs before the config
+        * parser so that explicit ssl-default-{bind,server}-ciphers{suites}
+        * keywords in the global section still take precedence. */
+       if (FIPS_mode()) {
+               free(global_ssl.listen_default_ciphers);
+               global_ssl.listen_default_ciphers = strdup(LISTEN_DEFAULT_FIPS_CIPHERS);
+               free(global_ssl.connect_default_ciphers);
+               global_ssl.connect_default_ciphers = strdup(CONNECT_DEFAULT_FIPS_CIPHERS);
+               free(global_ssl.listen_default_ciphersuites);
+               global_ssl.listen_default_ciphersuites = strdup(LISTEN_DEFAULT_FIPS_CIPHERSUITES);
+               free(global_ssl.connect_default_ciphersuites);
+               global_ssl.connect_default_ciphersuites = strdup(CONNECT_DEFAULT_FIPS_CIPHERSUITES);
+       }
+#endif /* OPENSSL_IS_AWSLC */
+
        xprt_register(XPRT_SSL, &ssl_sock);
 #if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
        SSL_library_init();