From 9926a44723704d70b45547914e72249894ce0dc3 Mon Sep 17 00:00:00 2001 From: Sunny Date: Wed, 17 Oct 2018 23:53:54 +0800 Subject: [PATCH] fix(Server): Set tls.DEFAULT_ECDH_CURVE to 'auto' The default value of tls.DEFAULT_ECDH_CURVE is 'prime256v1', it breaks the connection when certificate is not compatible with the default curve since node 8.6.0. To fix this issue, we need set it to 'auto', makes OpenSSL select the curve automatically. --- lib/Server.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/Server.js b/lib/Server.js index eecb6c71a7..452e17edb7 100644 --- a/lib/Server.js +++ b/lib/Server.js @@ -13,6 +13,7 @@ const fs = require('fs'); const path = require('path'); const ip = require('ip'); +const tls = require('tls'); const url = require('url'); const http = require('http'); const https = require('https'); @@ -40,6 +41,16 @@ const createCertificate = require('./utils/createCertificate'); const validateOptions = require('schema-utils'); const schema = require('./options.json'); +// Workaround for node ^8.6.0, ^9.0.0 +// DEFAULT_ECDH_CURVE is default to prime256v1 in these version +// breaking connection when certificate is not signed with prime256v1 +// change it to auto allows OpenSSL to select the curve automatically +// See https://github.com/nodejs/node/issues/16196 for more infomation +const version = parseFloat(process.version.slice(1)) +if (8.6 <= version && version < 10) { + tls.DEFAULT_ECDH_CURVE = 'auto'; +} + const STATS = { all: false, hash: true, @@ -581,7 +592,7 @@ function Server (compiler, options = {}, _log) { // - https://github.com/nodejs/node/issues/21665 // - https://github.com/webpack/webpack-dev-server/issues/1449 // - https://github.com/expressjs/express/issues/3388 - if (+process.version.match(/^v(\d+)/)[1] >= 10) { + if (version >= 10) { this.listeningApp = https.createServer(options.https, app); } else { this.listeningApp = spdy.createServer(options.https, app);