TLS: allow to configure cipher suites

Fixes #316

config/config.go

@@ -51,12 +51,14 @@ var (
 		TLSMode:          0,
 		ForcePassiveIP:   "",
 		ClientAuthType:   0,
+		TLSCipherSuites:  nil,
 	}
 	defaultWebDAVDBinding = webdavd.Binding{
 		Address:         "",
 		Port:            0,
 		EnableHTTPS:     false,
 		ClientAuthType:  0,
+		TLSCipherSuites: nil,
 	}
 	defaultHTTPDBinding = httpd.Binding{
 		Address:         "127.0.0.1",
@@ -64,6 +66,7 @@ var (
 		EnableWebAdmin:  true,
 		EnableHTTPS:     false,
 		ClientAuthType:  0,
+		TLSCipherSuites: nil,
 	}
 )
 
@@ -238,6 +241,7 @@ func Init() {
 			AuthUserFile:       "",
 			CertificateFile:    "",
 			CertificateKeyFile: "",
+			TLSCipherSuites:    nil,
 		},
 	}
 
@@ -661,6 +665,12 @@ func getFTPDBindingFromEnv(idx int) {
 		isSet = true
 	}
 
+	tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_FTPD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
+	if ok {
+		binding.TLSCipherSuites = tlsCiphers
+		isSet = true
+	}
+
 	if isSet {
 		if len(globalConf.FTPD.Bindings) > idx {
 			globalConf.FTPD.Bindings[idx] = binding
@@ -702,6 +712,12 @@ func getWebDAVDBindingFromEnv(idx int) {
 		isSet = true
 	}
 
+	tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_WEBDAVD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
+	if ok {
+		binding.TLSCipherSuites = tlsCiphers
+		isSet = true
+	}
+
 	if isSet {
 		if len(globalConf.WebDAVD.Bindings) > idx {
 			globalConf.WebDAVD.Bindings[idx] = binding
@@ -749,6 +765,12 @@ func getHTTPDBindingFromEnv(idx int) {
 		isSet = true
 	}
 
+	tlsCiphers, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_HTTPD__BINDINGS__%v__TLS_CIPHER_SUITES", idx))
+	if ok {
+		binding.TLSCipherSuites = tlsCiphers
+		isSet = true
+	}
+
 	if isSet {
 		if len(globalConf.HTTPDConfig.Bindings) > idx {
 			globalConf.HTTPDConfig.Bindings[idx] = binding
@@ -888,6 +910,7 @@ func setViperDefaults() {
 	viper.SetDefault("telemetry.auth_user_file", globalConf.TelemetryConfig.AuthUserFile)
 	viper.SetDefault("telemetry.certificate_file", globalConf.TelemetryConfig.CertificateFile)
 	viper.SetDefault("telemetry.certificate_key_file", globalConf.TelemetryConfig.CertificateKeyFile)
+	viper.SetDefault("telemetry.tls_cipher_suites", globalConf.TelemetryConfig.TLSCipherSuites)
 }
 
 func lookupBoolFromEnv(envName string) (bool, bool) {
@@ -913,3 +936,15 @@ func lookupIntFromEnv(envName string) (int, bool) {
 
 	return 0, false
 }
+
+func lookupStringListFromEnv(envName string) ([]string, bool) {
+	value, ok := os.LookupEnv(envName)
+	if ok {
+		var result []string
+		for _, v := range strings.Split(value, ",") {
+			result = append(result, strings.TrimSpace(v))
+		}
+		return result, true
+	}
+	return nil, false
+}

config/config_test.go

@@ -538,6 +538,7 @@ func TestFTPDBindingsFromEnv(t *testing.T) {
 	os.Setenv("SFTPGO_FTPD__BINDINGS__0__APPLY_PROXY_CONFIG", "f")
 	os.Setenv("SFTPGO_FTPD__BINDINGS__0__TLS_MODE", "2")
 	os.Setenv("SFTPGO_FTPD__BINDINGS__0__FORCE_PASSIVE_IP", "127.0.1.2")
+	os.Setenv("SFTPGO_FTPD__BINDINGS__0__TLS_CIPHER_SUITES", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
 	os.Setenv("SFTPGO_FTPD__BINDINGS__9__ADDRESS", "127.0.1.1")
 	os.Setenv("SFTPGO_FTPD__BINDINGS__9__PORT", "2203")
 	os.Setenv("SFTPGO_FTPD__BINDINGS__9__APPLY_PROXY_CONFIG", "t")
@@ -551,6 +552,7 @@ func TestFTPDBindingsFromEnv(t *testing.T) {
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__APPLY_PROXY_CONFIG")
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__TLS_MODE")
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__FORCE_PASSIVE_IP")
+		os.Unsetenv("SFTPGO_FTPD__BINDINGS__0__TLS_CIPHER_SUITES")
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__ADDRESS")
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__PORT")
 		os.Unsetenv("SFTPGO_FTPD__BINDINGS__9__APPLY_PROXY_CONFIG")
@@ -570,12 +572,16 @@ func TestFTPDBindingsFromEnv(t *testing.T) {
 	require.Equal(t, 2, bindings[0].TLSMode)
 	require.Equal(t, "127.0.1.2", bindings[0].ForcePassiveIP)
 	require.Equal(t, 0, bindings[0].ClientAuthType)
+	require.Len(t, bindings[0].TLSCipherSuites, 2)
+	require.Equal(t, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", bindings[0].TLSCipherSuites[0])
+	require.Equal(t, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", bindings[0].TLSCipherSuites[1])
 	require.Equal(t, 2203, bindings[1].Port)
 	require.Equal(t, "127.0.1.1", bindings[1].Address)
 	require.True(t, bindings[1].ApplyProxyConfig)
 	require.Equal(t, 1, bindings[1].TLSMode)
 	require.Equal(t, "127.0.1.1", bindings[1].ForcePassiveIP)
 	require.Equal(t, 1, bindings[1].ClientAuthType)
+	require.Nil(t, bindings[1].TLSCipherSuites)
 }
 
 func TestWebDAVBindingsFromEnv(t *testing.T) {
@@ -584,6 +590,7 @@ func TestWebDAVBindingsFromEnv(t *testing.T) {
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__ADDRESS", "127.0.0.1")
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__PORT", "8000")
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__ENABLE_HTTPS", "0")
+	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__1__TLS_CIPHER_SUITES", "TLS_RSA_WITH_AES_128_CBC_SHA ")
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__ADDRESS", "127.0.1.1")
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__PORT", "9000")
 	os.Setenv("SFTPGO_WEBDAVD__BINDINGS__2__ENABLE_HTTPS", "1")
@@ -592,6 +599,7 @@ func TestWebDAVBindingsFromEnv(t *testing.T) {
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__ADDRESS")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__PORT")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__ENABLE_HTTPS")
+		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__1__TLS_CIPHER_SUITES")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__ADDRESS")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__PORT")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__2__ENABLE_HTTPS")
@@ -606,14 +614,18 @@ func TestWebDAVBindingsFromEnv(t *testing.T) {
 	require.Equal(t, 0, bindings[0].Port)
 	require.Empty(t, bindings[0].Address)
 	require.False(t, bindings[0].EnableHTTPS)
+	require.Len(t, bindings[0].TLSCipherSuites, 0)
 	require.Equal(t, 8000, bindings[1].Port)
 	require.Equal(t, "127.0.0.1", bindings[1].Address)
 	require.False(t, bindings[1].EnableHTTPS)
 	require.Equal(t, 0, bindings[1].ClientAuthType)
+	require.Len(t, bindings[1].TLSCipherSuites, 1)
+	require.Equal(t, "TLS_RSA_WITH_AES_128_CBC_SHA", bindings[1].TLSCipherSuites[0])
 	require.Equal(t, 9000, bindings[2].Port)
 	require.Equal(t, "127.0.1.1", bindings[2].Address)
 	require.True(t, bindings[2].EnableHTTPS)
 	require.Equal(t, 1, bindings[2].ClientAuthType)
+	require.Nil(t, bindings[2].TLSCipherSuites)
 }
 
 func TestHTTPDBindingsFromEnv(t *testing.T) {
@@ -623,6 +635,7 @@ func TestHTTPDBindingsFromEnv(t *testing.T) {
 
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__0__ADDRESS", sockPath)
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__0__PORT", "0")
+	os.Setenv("SFTPGO_HTTPD__BINDINGS__0__TLS_CIPHER_SUITES", " TLS_AES_128_GCM_SHA256")
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__1__ADDRESS", "127.0.0.1")
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__1__PORT", "8000")
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__1__ENABLE_HTTPS", "0")
@@ -632,9 +645,11 @@ func TestHTTPDBindingsFromEnv(t *testing.T) {
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_ADMIN", "0")
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_HTTPS", "1")
 	os.Setenv("SFTPGO_HTTPD__BINDINGS__2__CLIENT_AUTH_TYPE", "1")
+	os.Setenv("SFTPGO_HTTPD__BINDINGS__2__TLS_CIPHER_SUITES", " TLS_AES_256_GCM_SHA384 , TLS_CHACHA20_POLY1305_SHA256")
 	t.Cleanup(func() {
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__ADDRESS")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__PORT")
+		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__0__TLS_CIPHER_SUITES")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__ADDRESS")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__PORT")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__1__ENABLE_HTTPS")
@@ -644,6 +659,7 @@ func TestHTTPDBindingsFromEnv(t *testing.T) {
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_HTTPS")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__ENABLE_WEB_ADMIN")
 		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__CLIENT_AUTH_TYPE")
+		os.Unsetenv("SFTPGO_HTTPD__BINDINGS__2__TLS_CIPHER_SUITES")
 	})
 
 	configDir := ".."
@@ -655,16 +671,22 @@ func TestHTTPDBindingsFromEnv(t *testing.T) {
 	require.Equal(t, sockPath, bindings[0].Address)
 	require.False(t, bindings[0].EnableHTTPS)
 	require.True(t, bindings[0].EnableWebAdmin)
+	require.Len(t, bindings[0].TLSCipherSuites, 1)
+	require.Equal(t, "TLS_AES_128_GCM_SHA256", bindings[0].TLSCipherSuites[0])
 	require.Equal(t, 8000, bindings[1].Port)
 	require.Equal(t, "127.0.0.1", bindings[1].Address)
 	require.False(t, bindings[1].EnableHTTPS)
 	require.True(t, bindings[1].EnableWebAdmin)
+	require.Nil(t, bindings[1].TLSCipherSuites)
 
 	require.Equal(t, 9000, bindings[2].Port)
 	require.Equal(t, "127.0.1.1", bindings[2].Address)
 	require.True(t, bindings[2].EnableHTTPS)
 	require.False(t, bindings[2].EnableWebAdmin)
 	require.Equal(t, 1, bindings[2].ClientAuthType)
+	require.Len(t, bindings[2].TLSCipherSuites, 2)
+	require.Equal(t, "TLS_AES_256_GCM_SHA384", bindings[2].TLSCipherSuites[0])
+	require.Equal(t, "TLS_CHACHA20_POLY1305_SHA256", bindings[2].TLSCipherSuites[1])
 }
 
 func TestHTTPClientCertificatesFromEnv(t *testing.T) {
@@ -738,6 +760,7 @@ func TestConfigFromEnv(t *testing.T) {
 	os.Setenv("SFTPGO_DATA_PROVIDER__ACTIONS__EXECUTE_ON", "add")
 	os.Setenv("SFTPGO_KMS__SECRETS__URL", "local")
 	os.Setenv("SFTPGO_KMS__SECRETS__MASTER_KEY_PATH", "path")
+	os.Setenv("SFTPGO_TELEMETRY__TLS_CIPHER_SUITES", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA")
 	t.Cleanup(func() {
 		os.Unsetenv("SFTPGO_SFTPD__BINDINGS__0__ADDRESS")
 		os.Unsetenv("SFTPGO_WEBDAVD__BINDINGS__0__PORT")
@@ -746,6 +769,7 @@ func TestConfigFromEnv(t *testing.T) {
 		os.Unsetenv("SFTPGO_DATA_PROVIDER__ACTIONS__EXECUTE_ON")
 		os.Unsetenv("SFTPGO_KMS__SECRETS__URL")
 		os.Unsetenv("SFTPGO_KMS__SECRETS__MASTER_KEY_PATH")
+		os.Unsetenv("SFTPGO_TELEMETRY__TLS_CIPHER_SUITES")
 	})
 	err := config.LoadConfig(".", "invalid config")
 	assert.NoError(t, err)
@@ -760,4 +784,8 @@ func TestConfigFromEnv(t *testing.T) {
 	kmsConfig := config.GetKMSConfig()
 	assert.Equal(t, "local", kmsConfig.Secrets.URL)
 	assert.Equal(t, "path", kmsConfig.Secrets.MasterKeyPath)
+	telemetryConfig := config.GetTelemetryConfig()
+	assert.Len(t, telemetryConfig.TLSCipherSuites, 2)
+	assert.Equal(t, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", telemetryConfig.TLSCipherSuites[0])
+	assert.Equal(t, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", telemetryConfig.TLSCipherSuites[1])
 }

docs/full-configuration.md

@@ -110,6 +110,7 @@ The configuration file contains the following sections:
     - `tls_mode`, integer. 0 means accept both cleartext and encrypted sessions. 1 means TLS is required for both control and data connection. 2 means implicit TLS. Do not enable this blindly, please check that a proper TLS config is in place if you set `tls_mode` is different from 0.
     - `force_passive_ip`, ip address. External IP address to expose for passive connections. Leavy empty to autodetect. Defaut: "".
     - `client_auth_type`, integer. Set to `1` to require client certificate authentication in addition to FTP authentication. You need to define at least a certificate authority for this to work. Default: 0.
+    - `tls_cipher_suites`, list of strings. List of supported cipher suites for TLS version 1.2. If empty, a default list of secure cipher suites is used, with a preference order based on hardware performance. Note that TLS 1.3 ciphersuites are not configurable. The supported ciphersuites names are defined [here](https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52). Any invalid name will be silently ignored. The order matters, the ciphers listed first will be the preferred ones. Default: empty.
   - `bind_port`, integer. Deprecated, please use `bindings`
   - `bind_address`, string. Deprecated, please use `bindings`
   - `banner`, string. Greeting banner displayed when a connection first comes in. Leave empty to use the default banner. Default `SFTPGo <version> ready`, for example `SFTPGo 1.0.0-dev ready`.
@@ -132,6 +133,7 @@ The configuration file contains the following sections:
     - `address`, string. Leave blank to listen on all available network interfaces. Default: "".
     - `enable_https`, boolean. Set to `true` and provide both a certificate and a key file to enable HTTPS connection for this binding. Default `false`.
     - `client_auth_type`, integer. Set to `1` to require client certificate authentication in addition to basic authentication. You need to define at least a certificate authority for this to work. Default: 0.
+    - `tls_cipher_suites`, list of strings. List of supported cipher suites for TLS version 1.2. If empty, a default list of secure cipher suites is used, with a preference order based on hardware performance. Note that TLS 1.3 ciphersuites are not configurable. The supported ciphersuites names are defined [here](https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52). Any invalid name will be silently ignored. The order matters, the ciphers listed first will be the preferred ones. Default: empty.
   - `bind_port`, integer. Deprecated, please use `bindings`.
   - `bind_address`, string. Deprecated, please use `bindings`.
   - `certificate_file`, string. Certificate for WebDAV over HTTPS. This can be an absolute path or a path relative to the config dir.
@@ -193,6 +195,7 @@ The configuration file contains the following sections:
     - `enable_web_admin`, boolean. Set to `false` to disable the built-in web admin for this binding. You also need to define `templates_path` and `static_files_path` to enable the built-in web admin interface. Default `true`.
     - `enable_https`, boolean. Set to `true` and provide both a certificate and a key file to enable HTTPS connection for this binding. Default `false`.
     - `client_auth_type`, integer. Set to `1` to require client certificate authentication in addition to JWT/Web authentication. You need to define at least a certificate authority for this to work. Default: 0.
+    - `tls_cipher_suites`, list of strings. List of supported cipher suites for TLS version 1.2. If empty, a default list of secure cipher suites is used, with a preference order based on hardware performance. Note that TLS 1.3 ciphersuites are not configurable. The supported ciphersuites names are defined [here](https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52). Any invalid name will be silently ignored. The order matters, the ciphers listed first will be the preferred ones. Default: empty.
   - `bind_port`, integer. Deprecated, please use `bindings`.
   - `bind_address`, string. Deprecated, please use `bindings`. Leave blank to listen on all available network interfaces. On \*NIX you can specify an absolute path to listen on a Unix-domain socket. Default: "127.0.0.1"
   - `templates_path`, string. Path to the HTML web templates. This can be an absolute path or a path relative to the config dir
@@ -209,6 +212,7 @@ The configuration file contains the following sections:
   - `auth_user_file`, string. Path to a file used to store usernames and passwords for basic authentication. This can be an absolute path or a path relative to the config dir. We support HTTP basic authentication, and the file format must conform to the one generated using the Apache `htpasswd` tool. The supported password formats are bcrypt (`$2y$` prefix) and md5 crypt (`$apr1$` prefix). If empty, HTTP authentication is disabled. Authentication will be always disabled for the `/healthz` endpoint.
   - `certificate_file`, string. Certificate for HTTPS. This can be an absolute path or a path relative to the config dir.
   - `certificate_key_file`, string. Private key matching the above certificate. This can be an absolute path or a path relative to the config dir. If both the certificate and the private key are provided, the server will expect HTTPS connections. Certificate and key files can be reloaded on demand sending a `SIGHUP` signal on Unix based systems and a `paramchange` request to the running service on Windows.
+  - `tls_cipher_suites`, list of strings. List of supported cipher suites for TLS version 1.2. If empty, a default list of secure cipher suites is used, with a preference order based on hardware performance. Note that TLS 1.3 ciphersuites are not configurable. The supported ciphersuites names are defined [here](https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52). Any invalid name will be silently ignored. The order matters, the ciphers listed first will be the preferred ones. Default: empty.
 - **"http"**, the configuration for HTTP clients. HTTP clients are used for executing hooks. Some hooks use a retryable HTTP client, for these hooks you can configure the time between retries and the number of retries. Please check the hook specific documentation to understand which hooks use a retryable HTTP client.
   - `timeout`, integer. Timeout specifies a time limit, in seconds, for requests. For requests with retries this is the timeout for a single request
   - `retry_wait_min`, integer. Defines the minimum waiting time between attempts in seconds.

ftpd/ftpd.go

@@ -37,6 +37,17 @@ type Binding struct {
 	// set to 1 to require client certificate authentication in addition to FTP auth.
 	// You need to define at least a certificate authority for this to work
 	ClientAuthType int `json:"client_auth_type" mapstructure:"client_auth_type"`
+	// TLSCipherSuites is a list of supported cipher suites for TLS version 1.2.
+	// If CipherSuites is nil/empty, a default list of secure cipher suites
+	// is used, with a preference order based on hardware performance.
+	// Note that TLS 1.3 ciphersuites are not configurable.
+	// The supported ciphersuites names are defined here:
+	//
+	// https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52
+	//
+	// any invalid name will be silently ignored.
+	// The order matters, the ciphers listed first will be the preferred ones.
+	TLSCipherSuites []string `json:"tls_cipher_suites" mapstructure:"tls_cipher_suites"`
 }
 
 // GetAddress returns the binding address

ftpd/server.go

@@ -162,6 +162,7 @@ func (s *Server) GetTLSConfig() (*tls.Config, error) {
 		tlsConfig := &tls.Config{
 			GetCertificate: certMgr.GetCertificateFunc(),
 			MinVersion:     tls.VersionTLS12,
+			CipherSuites:   utils.GetTLSCiphersFromNames(s.binding.TLSCipherSuites),
 		}
 		if s.binding.ClientAuthType == 1 {
 			tlsConfig.ClientCAs = certMgr.GetRootCAs()

httpd/httpd.go

@@ -96,6 +96,17 @@ type Binding struct {
 	// set to 1 to require client certificate authentication in addition to basic auth.
 	// You need to define at least a certificate authority for this to work
 	ClientAuthType int `json:"client_auth_type" mapstructure:"client_auth_type"`
+	// TLSCipherSuites is a list of supported cipher suites for TLS version 1.2.
+	// If CipherSuites is nil/empty, a default list of secure cipher suites
+	// is used, with a preference order based on hardware performance.
+	// Note that TLS 1.3 ciphersuites are not configurable.
+	// The supported ciphersuites names are defined here:
+	//
+	// https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52
+	//
+	// any invalid name will be silently ignored.
+	// The order matters, the ciphers listed first will be the preferred ones.
+	TLSCipherSuites []string `json:"tls_cipher_suites" mapstructure:"tls_cipher_suites"`
 }
 
 // GetAddress returns the binding address

httpd/server.go

@@ -53,7 +53,11 @@ func (s *httpdServer) listenAndServe() error {
 		config := &tls.Config{
 			GetCertificate:           certMgr.GetCertificateFunc(),
 			MinVersion:               tls.VersionTLS12,
+			CipherSuites:             utils.GetTLSCiphersFromNames(s.binding.TLSCipherSuites),
+			PreferServerCipherSuites: true,
 		}
+		logger.Debug(logSender, "", "configured TLS cipher suites for binding %#v: %v", s.binding.GetAddress(),
+			config.CipherSuites)
 		httpServer.TLSConfig = config
 		if s.binding.ClientAuthType == 1 {
 			httpServer.TLSConfig.ClientCAs = certMgr.GetRootCAs()

sftpgo.json

@@ -59,7 +59,8 @@
         "apply_proxy_config": true,
         "tls_mode": 0,
         "force_passive_ip": "",
-        "client_auth_type": 0
+        "client_auth_type": 0,
+        "tls_cipher_suites": []
       }
     ],
     "banner": "",
@@ -84,7 +85,8 @@
         "port": 0,
         "address": "",
         "enable_https": false,
-        "client_auth_type": 0
+        "client_auth_type": 0,
+        "tls_cipher_suites": []
       }
     ],
     "certificate_file": "",
@@ -153,7 +155,8 @@
         "address": "127.0.0.1",
         "enable_web_admin": true,
         "enable_https": false,
-        "client_auth_type": 0
+        "client_auth_type": 0,
+        "tls_cipher_suites": []
       }
     ],
     "templates_path": "templates",
@@ -170,7 +173,8 @@
     "enable_profiler": false,
     "auth_user_file": "",
     "certificate_file": "",
-    "certificate_key_file": ""
+    "certificate_key_file": "",
+    "tls_cipher_suites": []
   },
   "http": {
     "timeout": 20,

telemetry/telemetry.go

@@ -52,6 +52,17 @@ type Conf struct {
 	// "paramchange" request to the running service on Windows.
 	CertificateFile    string `json:"certificate_file" mapstructure:"certificate_file"`
 	CertificateKeyFile string `json:"certificate_key_file" mapstructure:"certificate_key_file"`
+	// TLSCipherSuites is a list of supported cipher suites for TLS version 1.2.
+	// If CipherSuites is nil/empty, a default list of secure cipher suites
+	// is used, with a preference order based on hardware performance.
+	// Note that TLS 1.3 ciphersuites are not configurable.
+	// The supported ciphersuites names are defined here:
+	//
+	// https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52
+	//
+	// any invalid name will be silently ignored.
+	// The order matters, the ciphers listed first will be the preferred ones.
+	TLSCipherSuites []string `json:"tls_cipher_suites" mapstructure:"tls_cipher_suites"`
 }
 
 // ShouldBind returns true if there service must be started
@@ -93,7 +104,10 @@ func (c Conf) Initialize(configDir string) error {
 		config := &tls.Config{
 			GetCertificate:           certMgr.GetCertificateFunc(),
 			MinVersion:               tls.VersionTLS12,
+			CipherSuites:             utils.GetTLSCiphersFromNames(c.TLSCipherSuites),
+			PreferServerCipherSuites: true,
 		}
+		logger.Debug(logSender, "", "configured TLS cipher suites: %v", config.CipherSuites)
 		httpServer.TLSConfig = config
 		return utils.HTTPListenAndServe(httpServer, c.BindAddress, c.BindPort, true, logSender)
 	}

utils/utils.go

@@ -9,6 +9,7 @@ import (
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
+	"crypto/tls"
 	"crypto/x509"
 	"encoding/hex"
 	"encoding/pem"
@@ -436,3 +437,18 @@ func HTTPListenAndServe(srv *http.Server, address string, port int, isTLS bool,
 	}
 	return srv.Serve(listener)
 }
+
+// GetTLSCiphersFromNames returns the TLS ciphers from the specified names
+func GetTLSCiphersFromNames(cipherNames []string) []uint16 {
+	var ciphers []uint16
+
+	for _, name := range RemoveDuplicates(cipherNames) {
+		for _, c := range tls.CipherSuites() {
+			if c.Name == strings.TrimSpace(name) {
+				ciphers = append(ciphers, c.ID)
+			}
+		}
+	}
+
+	return ciphers
+}

webdavd/server.go

@@ -64,7 +64,11 @@ func (s *webDavServer) listenAndServe(compressor *middleware.Compressor) error {
 		httpServer.TLSConfig = &tls.Config{
 			GetCertificate:           certMgr.GetCertificateFunc(),
 			MinVersion:               tls.VersionTLS12,
+			CipherSuites:             utils.GetTLSCiphersFromNames(s.binding.TLSCipherSuites),
+			PreferServerCipherSuites: true,
 		}
+		logger.Debug(logSender, "", "configured TLS cipher suites for binding %#v: %v", s.binding.GetAddress(),
+			httpServer.TLSConfig.CipherSuites)
 		if s.binding.ClientAuthType == 1 {
 			httpServer.TLSConfig.ClientCAs = certMgr.GetRootCAs()
 			httpServer.TLSConfig.ClientAuth = tls.RequireAndVerifyClientCert

webdavd/webdavd.go

@@ -75,6 +75,17 @@ type Binding struct {
 	// set to 1 to require client certificate authentication in addition to basic auth.
 	// You need to define at least a certificate authority for this to work
 	ClientAuthType int `json:"client_auth_type" mapstructure:"client_auth_type"`
+	// TLSCipherSuites is a list of supported cipher suites for TLS version 1.2.
+	// If CipherSuites is nil/empty, a default list of secure cipher suites
+	// is used, with a preference order based on hardware performance.
+	// Note that TLS 1.3 ciphersuites are not configurable.
+	// The supported ciphersuites names are defined here:
+	//
+	// https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L52
+	//
+	// any invalid name will be silently ignored.
+	// The order matters, the ciphers listed first will be the preferred ones.
+	TLSCipherSuites []string `json:"tls_cipher_suites" mapstructure:"tls_cipher_suites"`
 }
 
 // GetAddress returns the binding address