From 0140e1b5e39342f87133f7f42e9b49a702f69b39 Mon Sep 17 00:00:00 2001 From: Shigeki Ohtsu Date: Fri, 22 May 2015 18:23:57 +0900 Subject: [PATCH] tls: output warning of setDHParam to console.trace To make it easy to figure out where the warning comes from. Also fix style and variable name that was made in #1739. PR-URL: https://github.com/nodejs/node/pull/1831 Reviewed-By: indutny - Fedor Indutny Reviewed-By: bnoordhuis - Ben Noordhuis --- lib/_tls_common.js | 6 +++++- src/node_crypto.cc | 10 +++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/_tls_common.js b/lib/_tls_common.js index d857717dab..120dce5784 100644 --- a/lib/_tls_common.js +++ b/lib/_tls_common.js @@ -99,7 +99,11 @@ exports.createSecureContext = function createSecureContext(options, context) { else if (options.ecdhCurve) c.context.setECDHCurve(options.ecdhCurve); - if (options.dhparam) c.context.setDHParam(options.dhparam); + if (options.dhparam) { + var warning = c.context.setDHParam(options.dhparam); + if (warning) + console.trace(warning); + } if (options.crl) { if (Array.isArray(options.crl)) { diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 6e4bf9e69f..0185970c1c 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -797,12 +797,12 @@ void SecureContext::SetDHParam(const FunctionCallbackInfo& args) { if (dh == nullptr) return; - const int keylen = BN_num_bits(dh->p); - if (keylen < 1024) { - DH_free(dh); + const int size = BN_num_bits(dh->p); + if (size < 1024) { return env->ThrowError("DH parameter is less than 1024 bits"); - } else if (keylen < 2048) { - fprintf(stderr, "WARNING: DH parameter is less than 2048 bits\n"); + } else if (size < 2048) { + args.GetReturnValue().Set(FIXED_ONE_BYTE_STRING( + env->isolate(), "WARNING: DH parameter is less than 2048 bits")); } SSL_CTX_set_options(sc->ctx_, SSL_OP_SINGLE_DH_USE);