Using SSL_CTX_set1_curves_list() (OpenSSL 1.0.2+), this allows to set
colon separated ECDH curve names in SecureContext's ecdhCurve option.
The option can also be set to "auto" to select the curve automatically
from list built in OpenSSL by enabling SSL_CTX_set_ecdh_auto()
(OpenSSL 1.0.2+).
PR-URL: https://github.com/nodejs/node/pull/15206
Ref: https://github.com/nodejs/node/issues/15054
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
When reaching the depth limit util.inspect always prints [Array]
or [Object] no matter if it is a subclass or not.
This fixes it by showing the actual constructor name instead.
PR-URL: https://github.com/nodejs/node/pull/14886
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
test-require-symlink modifies the fixture directory by adding a symlink.
Copy the fixture to the test tmpdir instead of modifying the fixture
directory.
This also uses a more empirical test for checking for the ability to
make symlinks on Windows.
PR-URL: https://github.com/nodejs/node/pull/15067
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
* Split single monolithic file into multiple
* Make Certificate methods static
* Allow randomFill(Sync) to use any ArrayBufferView
* Use internal/errors throughout
* Improve arg validation in Hash/Hmac
* Doc updates
PR-URL: https://github.com/nodejs/node/pull/15231
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Increase server timeout, reduce frequency of calls and
unbind timeout after runs are done in order to avoid
race conditions. Temporarily moved to sequential.
Fixes: https://github.com/nodejs/node/issues/15326
PR-URL: https://github.com/nodejs/node/pull/15338
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Calling Http2ServerResponse.end multiple times should never
cause the code to throw an error, subsequent calls should
instead return false. Fix behaviour to match http1.
Fixes: https://github.com/nodejs/node/issues/15385
PR-URL: https://github.com/nodejs/node/pull/15414
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
The test parallel/test-dgram-multicast-set-interface.js was
calling common.skip() on hosts that do not support IPv6. However,
by this point, there were several outstanding common.mustCall()
invocations. The process.exit() in common.skip() triggered
those common.mustCall()s as errors.
Fixes: https://github.com/nodejs/node/issues/15419
PR-URL: https://github.com/nodejs/node/pull/15421
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/15398
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Showing the stack trace in a error message obfuscates the actual
message and should not be visible therefore.
PR-URL: https://github.com/nodejs/node/pull/15025
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
The main optimizations are
- Removed visibleKeys
- Removed proxy cache
- Removed Object.assign
- No key concatenating anymore
- No key recalculating anymore
- Improved indentation logic
- Improved string escape logic
- Added many fast paths
- Optimized code branches a lot
- Optimized (boxed) primitive handling
- Inline code if possible
- Only check extra keys if necessary
- Guard against unnecessary more expensive calls
This also fixes a bug with special array number keys as e.g. "00".
Besides that there were lots of smaller optimizations, the
code got a bit cleaned up and a few more tests got in.
PR-URL: https://github.com/nodejs/node/pull/14881
Fixes: https://github.com/nodejs/node/issues/15288
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
`test-benchmark-buffer` has been observed to timeout on CI on SmartOS.
Move the test to `sequential` so it is not competing with other tests
for resources.
PR-URL: https://github.com/nodejs/node/pull/15373
Fixes: https://github.com/nodejs/node/issues/15372
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Add wrapper for uv's uv_udp_set_multicast_interface which provides the
sender side mechanism to explicitly select an interface. The
equivalent receiver side mechanism is the optional 2nd argument of
addMembership().
PR-URL: https://github.com/nodejs/node/pull/7855
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This commit verifies that the child_process fork() method does
not honor the shell option.
Refs: https://github.com/nodejs/node/pull/15299
PR-URL: https://github.com/nodejs/node/pull/15352
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
* Use cleaner `process.stdin.write('.exit')` to exit the process rather
than `proc.kill()`.
* Move test to sequential. It uses the default port 9229. It will fail
if another inspector test (or test using port 0) is already using that
port. So it needs to be run sequentially rather than in parallel with
other tests. (We haven't seen many failures with it yet because there
aren't a lot of other inspector tests in parallel at this time.)
PR-URL: https://github.com/nodejs/node/pull/15141
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
`tls.parseCertString()` exposed by accident. Now move this function to
`internal/tls` and mark the original one as deprecated.
PR-URL: https://github.com/nodejs/node/pull/14249
Refs: https://github.com/nodejs/node/issues/14193
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Add tests that cover errors for wrong arguments, as well as
tests for error codes from nghttp2. Fix pushStream to emit
NGHTTP2_ERR_STREAM_ID_NOT_AVAILABLE on session rather than
stream.
PR-URL: https://github.com/nodejs/node/pull/15281
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
* setRecvBufferSize(int) and setSendBufferSize(int)
* added docs for send/receive buffer sizes
* Added options support to set buffer sizes in
dgram.createSocket().
PR-URL: https://github.com/nodejs/node/pull/13623
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Unbox all primitives and compare them as well instead of
only comparing boxed strings.
PR-URL: https://github.com/nodejs/node/pull/15050
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
This commit adds special handling of Error instances when passed
as the message argument to assert functions. With this commit,
if an Error is passed as the message, then that Error is thrown
instead of an AssertionError.
PR-URL: https://github.com/nodejs/node/pull/15304
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Mostly shared/duplicated logic between all benchmark test files, so
creating a new common module to store it.
PR-URL: https://github.com/nodejs/node/pull/15004
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
PR #11705 switched Node away from using using OpenSSL's legacy EVP_Sign*
and EVP_Verify* APIs. Instead, it computes a hash normally via
EVP_Digest* and then uses EVP_PKEY_sign and EVP_PKEY_verify to verify
the hash directly. This change corrects two problems:
1. The documentation still recommends the signature algorithm EVP_MD
names of OpenSSL's legacy APIs. OpenSSL has since moved away from
thosee, which is why ECDSA was strangely inconsistent. (This is why
"ecdsa-with-SHA256" was missing.)
2. Node_SignFinal copied some code from EVP_SignFinal's internals. This
is problematic for OpenSSL 1.1.0 and is missing a critical check
that prevents pkey->pkey.ptr from being cast to the wrong type.
To resolve this, remove the non-EVP_PKEY_sign codepath. This codepath is
no longer necessary. PR #11705's verify half was already assuming all
EVP_PKEYs supported EVP_PKEY_sign and EVP_PKEY_verify. Also, in the
documentation, point users towards using hash function names which are
more consisent. This avoids an ECDSA special-case and some strangeness
around RSA-PSS ("RSA-SHA256" is the OpenSSL name of the
sha256WithRSAEncryption OID which is not used for RSA-PSS).
PR-URL: https://github.com/nodejs/node/pull/15024
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
test-tls-fast-writing can fail on a heavily-loaded system due to an
arbitrary 1-second timeout. Remove the arbitrary timeout.
PR-URL: https://github.com/nodejs/node/pull/15138
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
On a slow/busy machine, `test-http-agent-maxsockets` can fail if the
test takes longer than 5 seconds because that is the default value for
`server.keepAliveTimeout`. Disable `keepAliveTimeout` to make the test
robust.
PR-URL: https://github.com/nodejs/node/pull/15192
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reasons:
- `test-async-wrap-getasyncid` binds a handle, so move to
sequential because port cannot be already in use.
- `test-dgram-implicit-bind-failure` requires a hardcoded
port number to properly send socket packet.
- `test-http-agent-uninitialized-with-handle` requires a
hardcoded port number to properly send http request.
- `test-http-agent-uninitialized` requires a hardcoded port
number to properly send http request.
- `test-net-localport` requires a hardcoded port number
for assertions.
In addition this replaces two common.PORTs with a dynamic port.
PR-URL: https://github.com/nodejs/node/pull/15151
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Fix references within http2 core to HTTP_STATUS_CONTENT_RESET to point
to the correct HTTP_STATUS_RESET_CONTENT. Add tests for status 204,
205 & 304 in respond, respondWithFD & respondWithFile. Add general
error tests for respondWithFD & respondWithFile.
PR-URL: https://github.com/nodejs/node/pull/15153
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Claudio Rodriguez <cjrodr@yahoo.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
The only valid values for enablePush are 0 and 1. If validation
is requested, we should verify that it wasn't set to another
value rather than casting to Boolean regardless of value.
PR-URL: https://github.com/nodejs/node/pull/15167
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Store headersSent directly on response state after finish event
is triggered, so that users can always access it.
PR-URL: https://github.com/nodejs/node/pull/15232
Fixes: https://github.com/nodejs/node/issues/15226
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
* add constants for dlopen flags, which are needed
for dlopen's flag passing.
* introduce an optional parameter for process.dlopen(),
allowing to pass dlopen flags (using values from os.constants.dlopen).
If no flags are passed, the default behavior is to load the library
with RTLD_LAZY (perform lazy binding) and RTLD_LOCAL (symbols are
available only locally).
PR-URL: https://github.com/nodejs/node/pull/12794
Refs: https://github.com/nodejs/node/pull/4105
Refs: https://github.com/libuv/libuv/pull/1331
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.
PR-URL: https://github.com/nodejs/node/pull/14793
Fixes: https://github.com/nodejs/node/issues/14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Anatoli Papirovski
Roga Pria Sembada
Ruben Bridgewater
Rich Trott
James M Snell
cjihrig
Jon Moss
Will Young
Weijia Wang
XadillaX
Damien O'Reilly
Bartosz Sosnowski
geek
Rahul Mishra
David Benjamin
Refael Ackermann
Ben Noordhuis
Ezequiel Garcia
Timothy Gu
Yury Popov