stream-ssl: Use DEFAULT:@SECLEVEL=2 cipher list by default.

'DEFAULT' enables default cipher list that was compiled in the OpenSSL
library.  That allows distributions to provide their defaults for the
running OVS process.  It also normally doesn't include any ciphers
that provide no encryption (eNULL) or no authentication (aNULL).
Using this option also makes it harder to mess up the configuration.

Turning on the SECLEVEL to 2 enables requirement for at least 112 bits
of security strength.  Doing that we ensure compatibility with keys
previously generated by older versions of ovs-pki.  It also takes care
of disabling MD5 and RC4.

This should provide better security by default and allow distributions
to turn off ciphers system-wide easier by re-configuring OpenSSL.

These cipher list macros were introduced in OpenSSL 1.1.0.

If necessary, users can override this configuration with --ssl-ciphers
or via corresponding database column.

Acked-by: Eelco Chaudron <echaudro@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>

lib/stream-ssl.c

@@ -165,7 +165,7 @@ static struct ssl_config_file private_key;
 static struct ssl_config_file certificate;
 static struct ssl_config_file ca_cert;
 static char *ssl_protocols = "TLSv1.2+";
-static char *ssl_ciphers = "HIGH:!aNULL:!MD5";
+static char *ssl_ciphers = "DEFAULT:@SECLEVEL=2";
 
 /* Ordinarily, the SSL client and server verify each other's certificates using
  * a CA certificate.  Setting this to false disables this behavior.  (This is a
@@ -1070,7 +1070,7 @@ do_ssl_init(void)
     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
                        NULL);
     SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
-    SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5");
+    SSL_CTX_set_cipher_list(ctx, "DEFAULT:@SECLEVEL=2");
 
     return 0;
 }