crypto: deprecate {ecdhCurve: false}

This doesn't work in OpenSSL 1.1.0.  Per discussion on the PR, it is
preferable to just deprecate this setting. Deprecate it and skip the
test in OpenSSL 1.1.0.

PR-URL: #16130
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Rod Vagg <[email protected]>

Author: davidben

doc/api/deprecations.md

@@ -737,6 +737,16 @@ Type: Runtime
 internal mechanics of the `REPLServer` itself, and is therefore not
 necessary in user space.
 
+<a id="DEP0083"></a>
+### DEP0083: Disabling ECDH by setting ecdhCurve to false
+
+Type: Runtime
+
+The `ecdhCurve` option to `tls.createSecureContext()` and `tls.TLSSocket` could
+be set to `false` to disable ECDH entirely on the server only. This mode is
+deprecated in preparation for migrating to OpenSSL 1.1.0 and consistency with
+the client. Use the `ciphers` parameter instead.
+
 
 [`Buffer.allocUnsafeSlow(size)`]: buffer.html#buffer_class_method_buffer_allocunsafeslow_size
 [`Buffer.from(array)`]: buffer.html#buffer_class_method_buffer_from_array

lib/_tls_common.js

@@ -65,6 +65,16 @@ function validateKeyCert(value, type) {
 exports.SecureContext = SecureContext;
 
 
+function ecdhCurveWarning() {
+  if (ecdhCurveWarning.emitted) return;
+  process.emitWarning('{ ecdhCurve: false } is deprecated.',
+                      'DeprecationWarning',
+                      'DEP0083');
+  ecdhCurveWarning.emitted = true;
+}
+ecdhCurveWarning.emitted = false;
+
+
 exports.createSecureContext = function createSecureContext(options, context) {
   if (!options) options = {};
 
@@ -140,6 +150,8 @@ exports.createSecureContext = function createSecureContext(options, context) {
     c.context.setECDHCurve(tls.DEFAULT_ECDH_CURVE);
   else if (options.ecdhCurve)
     c.context.setECDHCurve(options.ecdhCurve);
+  else
+    ecdhCurveWarning();
 
   if (options.dhparam) {
     const warning = c.context.setDHParam(options.dhparam);

test/parallel/test-tls-ecdh-disable.js

@@ -31,6 +31,11 @@ if (!common.hasCrypto)
 if (!common.opensslCli)
   common.skip('missing openssl-cli');
 
+const OPENSSL_VERSION_NUMBER =
+  require('crypto').constants.OPENSSL_VERSION_NUMBER;
+if (OPENSSL_VERSION_NUMBER >= 0x10100000)
+  common.skip('false ecdhCurve not supported in OpenSSL 1.1.0');
+
 const assert = require('assert');
 const tls = require('tls');
 const exec = require('child_process').exec;
@@ -42,6 +47,9 @@ const options = {
   ecdhCurve: false
 };
 
+common.expectWarning('DeprecationWarning',
+                     '{ ecdhCurve: false } is deprecated.');
+
 const server = tls.createServer(options, common.mustNotCall());
 
 server.listen(0, '127.0.0.1', common.mustCall(function() {