Skip to content

Commit

Permalink
tls: output warning of setDHParam to console.trace
Browse files Browse the repository at this point in the history
To make it easy to figure out where the warning comes from.
Also fix style and variable name that was made in nodejs#1739.

PR-URL: nodejs#1831
Reviewed-By: indutny - Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
Shigeki Ohtsu committed Oct 16, 2015
1 parent f72e178 commit 0140e1b
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 6 deletions.
6 changes: 5 additions & 1 deletion lib/_tls_common.js
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,11 @@ exports.createSecureContext = function createSecureContext(options, context) {
else if (options.ecdhCurve)
c.context.setECDHCurve(options.ecdhCurve);

if (options.dhparam) c.context.setDHParam(options.dhparam);
if (options.dhparam) {
var warning = c.context.setDHParam(options.dhparam);
if (warning)
console.trace(warning);
}

if (options.crl) {
if (Array.isArray(options.crl)) {
Expand Down
10 changes: 5 additions & 5 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -797,12 +797,12 @@ void SecureContext::SetDHParam(const FunctionCallbackInfo<Value>& args) {
if (dh == nullptr)
return;

const int keylen = BN_num_bits(dh->p);
if (keylen < 1024) {
DH_free(dh);
const int size = BN_num_bits(dh->p);
if (size < 1024) {
return env->ThrowError("DH parameter is less than 1024 bits");
} else if (keylen < 2048) {
fprintf(stderr, "WARNING: DH parameter is less than 2048 bits\n");
} else if (size < 2048) {
args.GetReturnValue().Set(FIXED_ONE_BYTE_STRING(
env->isolate(), "WARNING: DH parameter is less than 2048 bits"));
}

SSL_CTX_set_options(sc->ctx_, SSL_OP_SINGLE_DH_USE);
Expand Down

0 comments on commit 0140e1b

Please sign in to comment.