crypto: deprecate {ecdhCurve: false}

This doesn't work in OpenSSL 1.1.0.  Per discussion on the PR, it is
preferable to just deprecate this setting. Deprecate it and skip the
test in OpenSSL 1.1.0.

PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>

1 files changed, 12 insertions, 0 deletions

diff --git a/lib/_tls_common.js b/lib/_tls_common.js
index 4196cc084c..75eb6a2ec5 100644
--- a/lib/_tls_common.js
+++ b/lib/_tls_common.js
@@ -65,6 +65,16 @@ function validateKeyCert(value, type) {
 exports.SecureContext = SecureContext;
 
 
+function ecdhCurveWarning() {
+  if (ecdhCurveWarning.emitted) return;
+  process.emitWarning('{ ecdhCurve: false } is deprecated.',
+                      'DeprecationWarning',
+                      'DEP0083');
+  ecdhCurveWarning.emitted = true;
+}
+ecdhCurveWarning.emitted = false;
+
+
 exports.createSecureContext = function createSecureContext(options, context) {
   if (!options) options = {};
 
@@ -140,6 +150,8 @@ exports.createSecureContext = function createSecureContext(options, context) {
     c.context.setECDHCurve(tls.DEFAULT_ECDH_CURVE);
   else if (options.ecdhCurve)
     c.context.setECDHCurve(options.ecdhCurve);
+  else
+    ecdhCurveWarning();
 
   if (options.dhparam) {
     const warning = c.context.setDHParam(options.dhparam);