From 6872213f68485c5d5a59306543aa69d0a1f0ebfa Mon Sep 17 00:00:00 2001 From: Sunny Date: Wed, 17 Oct 2018 23:53:54 +0800 Subject: [PATCH] fix(Server): Set tls.DEFAULT_ECDH_CURVE to 'auto' The default value of tls.DEFAULT_ECDH_CURVE is 'prime256v1', it breaks the connection when certificate is not compatible with the default curve since node 8.6.0. To fix this issue, we need set it to 'auto', makes OpenSSL select the curve automatically. --- lib/Server.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/Server.js b/lib/Server.js index eecb6c71a7..065dc08bee 100644 --- a/lib/Server.js +++ b/lib/Server.js @@ -13,6 +13,7 @@ const fs = require('fs'); const path = require('path'); const ip = require('ip'); +const tls = require('tls'); const url = require('url'); const http = require('http'); const https = require('https'); @@ -40,6 +41,16 @@ const createCertificate = require('./utils/createCertificate'); const validateOptions = require('schema-utils'); const schema = require('./options.json'); +// Workaround for node ^8.6.0, ^9.0.0 +// DEFAULT_ECDH_CURVE is default to prime256v1 in these version +// breaking connection when certificate is not signed with prime256v1 +// change it to auto allows OpenSSL to select the curve automatically +// See https://github.com/nodejs/node/issues/16196 for more infomation +const version = parseFloat(process.version.slice(1)); +if (version >= 8.6 && version < 10) { + tls.DEFAULT_ECDH_CURVE = 'auto'; +} + const STATS = { all: false, hash: true, @@ -581,7 +592,7 @@ function Server (compiler, options = {}, _log) { // - https://github.com/nodejs/node/issues/21665 // - https://github.com/webpack/webpack-dev-server/issues/1449 // - https://github.com/expressjs/express/issues/3388 - if (+process.version.match(/^v(\d+)/)[1] >= 10) { + if (version >= 10) { this.listeningApp = https.createServer(options.https, app); } else { this.listeningApp = spdy.createServer(options.https, app);