Revert "disable RC4, add --cipher-list command line switch" and
"tls: make --enable-legacy-cipher-list=val less verbose"
This reverts commit f9291a9449 and
b5737bb977.
There is still some work to be done to guarantee secure defaults and a
smooth upgrade path for v0.12.x users. Before this work is finished, we
want to be able to release new versions of v0.12.x. So instead of
waiting for these changes to be ready to ship, revert them and integrate
them when they're ready to be shipped.
Conflicts:
src/node.cc
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/25296
V4MAPPED is not supported on recent FreeBSD versions, at least on 10.1.
Thus, do not set this flag in net.connect on FreeBSD.
Fixes#8540 and #9204.
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/joyent/node/pull/18204
Disable RC4 in the default cipher list
Add the `--cipher-list` command line switch and `NODE_CIPHER_LIST`
environment variable to completely override the default cipher list.
Add the `--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST`
environment variable to selectively enable the default cipher list from
previous node.js releases.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/14414
Clarify that synchronous functions in fs with no return value return
undefined.
Specify that fs.openSync() returns an integer and fs.existsSync()
returns true or false.
Fixes#9313
PR: #9359
PR-URL: https://github.com/joyent/node/pull/9359
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
In the documentation for querystring.parse, the documentation mentions
that the default value for options.decodeURIComponent is the
decodeURIComponent function, but it's actually the querystring.unescape
function.
PR-URL: https://github.com/joyent/node/pull/9259
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Currently, fs.truncate() silently fails when a file descriptor
is passed as the first argument. This commit changes this
behavior to properly call fs.ftruncate().
PR-URL: https://github.com/joyent/node/pull/9161
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
This reverts commit d312b6d15c.
d312b6d15c introduced some confusion in
the existing API of url.format and url.parse.
The way the 'path' property overrides other properties in url.format's
input is too confusing for existing users compared to the issues it
fixes.
Fixes such as https://github.com/joyent/node/pull/9081 have been
proposed, but they do not make the API less confusing.
Instead, this change just reverts the original breaking change so that
it gives us more time after v0.12.0 is released to come up with a better
API for url.format, url.parse and other related APIs in the v0.13
development branch.
Fixes#9070.
Conflicts:
doc/api/url.markdown
PR: #9109
PR-URL: https://github.com/joyent/node/pull/9109
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
The message argument is optional for both assert() and
assert.ok(). This commit makes message optional for assert().
PR-URL: https://github.com/joyent/node/pull/9003
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The message argument is optional for both assert() and
assert.ok(). This commit makes message optional for assert().
PR-URL: https://github.com/joyent/node/pull/9003
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
In order to preserve the potential for a flush method being added to the
streams API, rename flush to flushHeaders which is much more clear about
the behavior of this method.
PR: #9048
PR-URL: https://github.com/joyent/node/pull/9048
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
fs.exists() and fs.existsSync() do not follow the typical error first
callback convention. access() and accessSync() are added as alternatives
in this commit.
PR-URL: https://github.com/joyent/node/pull/8714
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Add documentation for the callback parameter of http.ClientRequest's and
http.ServerResponse's end methods.
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
The original documentation was slightly confusing. It seemed that the
list of items described the properties of the urlObj object, while it
was actually describing the formatting process. This change makes this
clearer.
Fixes#8796.
Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
Documentation mentioned 'securityOptions', where it should have read
'secureOptions'.
Fixes#8608.
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
Code examples in documentation for net.createServer and
net.createConnection contained confusing log messages. This change makes
them clearer.
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
Currently there's an example using http.ServerResponse stream, which
has a known bug and will not throw an error while writing after end().
Changed to a writable stream from fs which behaves as expected.
fix#8814
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
In `tls.markdown`, there was a misuse of 'a' which has been replaced
with 'an'.
In `timers.markdown`...
line 31: misuse of 'a', replaced with 'an'
line 59: unclear wording, haywire 'a', added new comma
Async Listener was the name of the user-facing JS API, and is being
completely removed. Instead low level hooks directly into the mechanism
that AL used will be introduced in a future commit.
PR-URL: https://github.com/joyent/node/pull/8110
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Alexis Campailla <alexis@janeasystems.com>
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
0644 seems to be the desired mode for new files (as it is a very weird
umask), and to achieve that the correct umask would be 0022.
PR-URL: https://github.com/joyent/node/pull/8039
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
The parse() function splits a path and returns an object
with the different elements. The format() function is the
reverse of this and adds an objects corresponding path
elements to make up a string. Fixes#6976.
Fixes: https://github.com/joyent/node/issues/6976
PR-URL: https://github.com/joyent/node/pull/8750
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Add path.posix and path.win32 which have the specific methods like
resolve and normalize so you can specifically normalize or resolve
based on the target platform.
PR-URL: https://github.com/joyent/node/pull/5661
Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
- Add hyperlinks from spawn options to subsections detailing what
those options do.
- Clarify some verbiage around ChildProcess.prototype.std{in,out,err}.
- Remove second-person pronoun.
PR-URL: https://github.com/joyent/node/pull/8639
Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
Clarify and emphasize the differences between dns.lookup and the rest of
the functions in the dns module.
PR-URL: https://github.com/joyent/node/pull/8726
Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
This updates key size to 2048 and default hash function to sha256.
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8690
Adding note to api/modules.markdown about ability to
load arbitrary path from modules from node_module path
by adding reference to path after module name in call
to require()
PR-URL: https://github.com/joyent/node/pull/7794
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Timothy J Fontaine <tjfontaine@gmail.com>
pending tls.TLSSocket growing the ability to work
with streams, createSecurePair will remain.
PR-URL: https://github.com/joyent/node/pull/8695
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Currently when a server receives a new connection the underlying socket
handle begins reading data immediately. This causes problems when
sockets are passed between processes, as data can be read by the first
process and thus never read by the second process.
This commit allows sockets that are constructed with a handle to be
paused initially.
PR-URL: https://github.com/joyent/node/pull/8576
Fixes: https://github.com/joyent/node/issues/7905
Fixes: https://github.com/joyent/node/issues/7784
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Also couple of additions about dispose and limitations of smalloc'ed
objects.
Fixes: https://github.com/joyent/node/pull/8625
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
adds a note to the crypto docs passing along
the advice that openssl gives about what
key derivation function they recommend.
PR-URL: https://github.com/joyent/node/pull/8580
Reviewed-By: Fedor Indutny <fedor@indutny.com>
This change disables SSLv2/SSLv3 use by default, and introduces a
command line flag to opt into using SSLv2/SSLv3.
SSLv2 and SSLv3 are considered unsafe, and should only be used in
situations where compatibility with other components is required and
they cannot be upgrade to support newer forms of TLS.
Julien Gilli
James M Snell
Tyler Anton
Robert Kowalski
h7lin
Bruno Jouhier
Dan Dascalescu
Debjeet Biswas
Andrei Sedoi
Timothy J Fontaine
Colin Ihrig
Jackson Tian
Ben Burns
silverwind
pkcs
Alejandro Oviedo
Brendan Ashworth
Trevor Norris
Carlos Campderrós
Yazhong Liu
Rory Bradford
Steve Sharp
MK Safi
Sam Roberts
Artur Cistov
Eric Mill
sudodoki
Chris Dickinson
Vladimir Kurchatkin
Fedor Indutny
Calvin Metcalf
Swaagie
Wang Xinyong