tls, crypto: add DHE support

In case of an invalid DH parameter file, it is sliently discarded. To use auto DH parameter in a server and DHE key length check in a client, we need to wait for the next release of OpenSSL-1.0.2. Reviewed-By: Fedor Indutny <fedor@indutny.com>
author: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2014-08-27 18:00:13 +0900
committer: Fedor Indutny <fedor@indutny.com> 2014-08-29 00:36:48 +0400
commit: 0dfedb7127ac388f66f5ea5d38330c86af6539b5 (patch)
tree: 0945fdc64f2bd89c3cf60bf1ec65c59d3c37a3b6 /doc/api/tls.markdown
parent: 6e453fad87c51dc15327628aa75886d3fbb3fa1c (diff)
download: node-0dfedb7127ac388f66f5ea5d38330c86af6539b5.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown
index a8539d2f9..e79ebadd0 100644
--- a/doc/api/tls.markdown
+++ b/doc/api/tls.markdown
@@ -165,6 +165,10 @@ automatically set as a listener for the [secureConnection][] event.  The
 
     Defaults to `prime256v1`. Consult [RFC 4492] for more details.
 
+  - `dhparam`: DH parameter file to use for DHE key agreement. Use
+    `openssl dhparam` command to create it. If the file is invalid to
+    load, it is silently discarded.
+
   - `handshakeTimeout`: Abort the connection if the SSL/TLS handshake does not
     finish in this many milliseconds. The default is 120 seconds.
author	Shigeki Ohtsu <ohtsu@iij.ad.jp>	2014-08-27 18:00:13 +0900
committer	Fedor Indutny <fedor@indutny.com>	2014-08-29 00:36:48 +0400
commit	0dfedb7127ac388f66f5ea5d38330c86af6539b5 (patch)
tree	0945fdc64f2bd89c3cf60bf1ec65c59d3c37a3b6 /doc/api/tls.markdown
parent	6e453fad87c51dc15327628aa75886d3fbb3fa1c (diff)
download	node-0dfedb7127ac388f66f5ea5d38330c86af6539b5.tar.gz