Rename the three argument overload of Buffer::New() to Buffer::Copy()
and update the code base accordingly. The reason for renaming is to
make it impossible to miss a call site.
This coincidentally plugs a small memory leak in crypto.getAuthTag().
Fixes: https://github.com/nodejs/node/issues/2308
PR-URL: https://github.com/nodejs/node/pull/2352
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Address comments and deprecations left in source files. These changes
include:
* Remove the deprecated API.
* Change Buffer::New() that did a copy of the data to Buffer::Copy()
* Change Buffer::Use() to Buffer::New()
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Instead of aborting in case of internal failure, return an empty
Local<Object>. Using the MaybeLocal<T> API, users must check their
return values.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Queued write requests should be invoked on handle close, otherwise the
"consumer" might be already destroyed when the write callbacks of the
"consumed" handle will be invoked. Same applies to the shutdown
requests.
Make sure to "move" away socket from server to not break the
`connections` counter in `net.js`. Otherwise it might not call `close`
callback, or call it too early.
Fix: https://github.com/iojs/io.js/issues/1696
PR-URL: https://github.com/nodejs/io.js/pull/1910
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
SSL_read() returns 0 when fatal TLS Alert is received.
Fix to invoke ssl error callback in this case.
PR-URL: https://github.com/nodejs/io.js/pull/1661
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Do not enable ClientHello parser for async SNI/OCSP. Use new
OpenSSL-1.0.2's API `SSL_set_cert_cb` to pause the handshake process and
load the cert/OCSP response asynchronously. Hopefuly this will make
whole async SNI/OCSP process much faster and will eventually let us
remove the ClientHello parser itself (which is currently used only for
async session, see #1462 for the discussion of removing it).
NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use
`SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this
feature.
Fix: https://github.com/iojs/io.js/issues/1423
PR-URL: https://github.com/iojs/io.js/pull/1464
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Dispatch requests in the implementation of the stream, not in the code
creating these requests. The requests might be piled up and invoked
internally in the implementation, so it should know better when it is
the time to dispatch them.
In fact, TLS was doing exactly this thing which led us to...
Fix: https://github.com/iojs/io.js/issues/1512
PR-URL: https://github.com/iojs/io.js/pull/1563
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Fix the `parallel/test-tls-over-http-tunnel.js` on Windows by
re-enabling the accidentally disabled `.writev()` method on TLSWrap.
It appears that there is some subtle issue with shutdown timing and it
manifests itself when the chunks are written in separate packets. This
leads to concurrent `shutdown`/`destroy`, which breaks the test.
PR-URL: https://github.com/iojs/io.js/pull/1155
Reviewed-By: Bert Belder <bertbelder@gmail.com>
It is very unlikely to happen, but still the write request should be
disposed in case of immediate failure.
PR-URL: https://github.com/iojs/io.js/pull/1154
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Set proxied methods wrappers in `TLSWrap` prototype instead of doing it
on every socket allocation. Should speed up things a bit and will
certainly make heapsnapshot less verbose.
PR-URL: https://github.com/iojs/io.js/pull/1108
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Adjust V8's external memory size when allocating buffers for TLS data to
ensure that V8 has enough information to trigger the GC at right time.
PR-URL: https://github.com/iojs/io.js/pull/1085
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Encapsulate allocation/disposal of `WriteWrap` instances into the
`WriteWrap` class itself.
PR-URL: https://github.com/iojs/io.js/pull/1090
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Hold non-persistent reference in JS, rather than in C++ to avoid cycles.
PR-URL: https://github.com/iojs/io.js/pull/1078
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Move JS methods to the stream_base-inl.h and thus define them on each
use of `StreamBase::AddMethods`. Inline `AddMethods` itself, so that
there won't be any need in a static declaration in stream_base.cc.
NOTE: This basically allows using this API in user-land, though, some
polishing is required before releasing it.
PR-URL: https://github.com/iojs/io.js/pull/957
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Introduce a way to wrap plain-js `stream.Duplex` streams into C++
StreamBase's child class. With such method at hand it is now possible to
pass `stream.Duplex` instance as a `socket` parameter to
`tls.connect()`.
PR-URL: https://github.com/iojs/io.js/pull/926
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
StreamBase is an improved way to write C++ streams. The class itself is
for separting `StreamWrap` (with the methods like `.writeAsciiString`,
`.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making
possible to write abstract C++ streams that are not bound to any uv
socket.
The following methods are important part of the abstraction (which
mimics libuv's stream API):
* Events:
* `OnAlloc(size_t size, uv_buf_t*)`
* `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)`
* `OnAfterWrite(WriteWrap*)`
* Wrappers:
* `DoShutdown(ShutdownWrap*)`
* `DoTryWrite(uv_buf_t** bufs, size_t* count)`
* `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)`
* `Error()`
* `ClearError()`
The implementation should provide all of these methods, thus providing
the access to the underlying resource (be it uv handle, TLS socket, or
anything else).
A C++ stream may consume the input of another stream by replacing the
event callbacks and proxying the writes. This kind of API is actually
used now for the TLSWrap implementation, making it possible to wrap TLS
stream into another TLS stream. Thus legacy API calls are no longer
required in `_tls_wrap.js`.
PR-URL: https://github.com/iojs/io.js/pull/840
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h
to work around a circular dependency issue in env.h.
PR-URL: https://github.com/iojs/io.js/pull/667
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The copyright and license notice is already in the LICENSE file. There
is no justifiable reason to also require that it be included in every
file, since the individual files are not individually distributed except
as part of the entire package.
Initial attempt to remove all uses of Isolate::GetCurrent(). Still
exists a few locations, but this works out a heavy usage.
PR-URL: https://github.com/iojs/io.js/pull/244
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
The template class information is received via the type of the first
argument. So there is no need to use Wrap<T>(handle).
PR-URL: https://github.com/joyent/node/pull/8110
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Alexis Campailla <alexis@janeasystems.com>
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
The template class information is received via the type of the first
argument. So there is no need to use Wrap<T>(handle).
PR-URL: https://github.com/joyent/node/pull/8110
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Alexis Campailla <alexis@janeasystems.com>
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Now that we are building with C++11 features enabled, replace use
of NULL with nullptr.
The benefit of using nullptr is that it can never be confused for
an integral type because it does not support implicit conversions
to integral types except boolean - unlike NULL, which is defined
as a literal `0`.
Attach the per-context execution environment directly to API functions.
Rationale:
* Gets node one step closer to multi-isolate readiness.
* Avoids multi-context confusion, e.g. when the caller and callee live
in different contexts.
* Avoids expensive calls to pthread_getspecific() on platforms where
V8 does not know how to use the thread-local storage directly.
(Linux, the BSDs.)
PR-URL: https://github.com/node-forward/node/pull/18
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Mechanically replace assert() statements with UNREACHABLE(), CHECK(),
or CHECK_{EQ,NE,LT,GT,LE,GE}() statements.
The exceptions are src/node.h and src/node_object_wrap.h because they
are public headers.
PR-URL: https://github.com/node-forward/node/pull/16
Reviewed-By: Fedor Indutny <fedor@indutny.com>
API callback functions don't need to create a v8::HandleScope instance
because V8 already creates one in the JS->C++ adapter frame.
PR-URL: https://github.com/node-forward/node/pull/16
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Do not call SSL_read() and ignore ZERO_RETURN if the connection was
shutdown and there could not be any reads.
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/joyent/node/pull/8519
Do not call SSL_read() and ignore ZERO_RETURN if the connection was
shutdown and there could not be any reads.
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/joyent/node/pull/8519
Don't allocate any BIO buffers initially, do this on a first read from
the TCP connection. Allocate different amount of data for initial read
and for consequent reads: small buffer for hello+certificate, big buffer
for better throughput.
see #8416
When TLS Alert is occured in handshake, ClearOut only write it into
wbio and does not flush to socket. TLS Alert should be written to
socket with EncOut before socket is destroyed within its error
callback.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
WriteItem callback may add new item to the `pending_write_items`. Ensure
that this item won't be called in the same `InvokeQueued` call, as it
may result in way-to-early `finish` event on js-side.
fix#7733
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Replace the CONTAINER_OF macro with a template function that is as
type-safe as a reinterpret_cast<> of an arbitrary pointer can be made.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Storing it in SSL_CTX is incorrect as it may go away and get destructed
earlier, also it'll yield invalid results in SelectSNIContextCallback.
Use `SSL_get_app_data()` instead.
fix#7484
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
This prevents segfaults when a native method is reassigned to a
different object (which corrupts args.This()). When unwrapping,
clients should use args.Holder() instead of args.This().
Closes#6690.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>