From 81ec101a42bdb2e2fc8c3a67ea18e38b40dc4fce Mon Sep 17 00:00:00 2001 From: Sunny Date: Wed, 17 Oct 2018 23:53:54 +0800 Subject: [PATCH] fix(Server): Set tls.DEFAULT_ECDH_CURVE to 'auto' The default value of tls.DEFAULT_ECDH_CURVE is 'prime256v1', it breaks the connection when certificate is not compatible with the default curve since node 8.6.0. To fix this issue, we need set it to 'auto', makes OpenSSL select the curve automatically. --- lib/Server.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/Server.js b/lib/Server.js index eecb6c71a7..2738d6f681 100644 --- a/lib/Server.js +++ b/lib/Server.js @@ -13,6 +13,7 @@ const fs = require('fs'); const path = require('path'); const ip = require('ip'); +const tls = require('tls'); const url = require('url'); const http = require('http'); const https = require('https'); @@ -40,6 +41,16 @@ const createCertificate = require('./utils/createCertificate'); const validateOptions = require('schema-utils'); const schema = require('./options.json'); +// Workaround for node ^8.6.0, ^9.0.0 +// DEFAULT_ECDH_CURVE is default to prime256v1 in these version +// breaking connection when certificate is not signed with prime256v1 +// change it to auto allows OpenSSL to select the curve automatically +// See https://github.com/nodejs/node/issues/16196 for more infomation +const version = parseFloat(process.version.slice(1)); +if (8.6 <= version && version < 10) { + tls.DEFAULT_ECDH_CURVE = 'auto'; +} + const STATS = { all: false, hash: true, @@ -581,7 +592,7 @@ function Server (compiler, options = {}, _log) { // - https://github.com/nodejs/node/issues/21665 // - https://github.com/webpack/webpack-dev-server/issues/1449 // - https://github.com/expressjs/express/issues/3388 - if (+process.version.match(/^v(\d+)/)[1] >= 10) { + if (version >= 10) { this.listeningApp = https.createServer(options.https, app); } else { this.listeningApp = spdy.createServer(options.https, app);