Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(Server): set tls.DEFAULT_ECDH_CURVE to 'auto' #1531

Merged
merged 2 commits into from
Oct 23, 2018
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion lib/Server.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ const fs = require('fs');
const path = require('path');

const ip = require('ip');
const tls = require('tls');
const url = require('url');
const http = require('http');
const https = require('https');
Expand Down Expand Up @@ -40,6 +41,16 @@ const createCertificate = require('./utils/createCertificate');
const validateOptions = require('schema-utils');
const schema = require('./options.json');

// Workaround for node ^8.6.0, ^9.0.0
// DEFAULT_ECDH_CURVE is default to prime256v1 in these version
// breaking connection when certificate is not signed with prime256v1
// change it to auto allows OpenSSL to select the curve automatically
// See https://github.com/nodejs/node/issues/16196 for more infomation
const version = parseFloat(process.version.slice(1));
if (version >= 8.6 && version < 10) {
tls.DEFAULT_ECDH_CURVE = 'auto';
}

const STATS = {
all: false,
hash: true,
Expand Down Expand Up @@ -581,7 +592,7 @@ function Server (compiler, options = {}, _log) {
// - https://github.com/nodejs/node/issues/21665
// - https://github.com/webpack/webpack-dev-server/issues/1449
// - https://github.com/expressjs/express/issues/3388
if (+process.version.match(/^v(\d+)/)[1] >= 10) {
if (version >= 10) {
this.listeningApp = https.createServer(options.https, app);
} else {
this.listeningApp = spdy.createServer(options.https, app);
Expand Down