Fixes usage of global object 'Buffer' in lib/* files by ensuring that
each file does an explicit require('buffer').Buffer. Previously, when
running a repl, due to usage of global 'Buffer', any redefinition of
Buffer would cause a crash eg var Buffer = {}.
Fixes: https://github.com/joyent/node/issues/8588
PR-URL: https://github.com/joyent/node/pull/8603
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Add a test that goes through the whole matrix of:
- command line options (--enable-ssl*)
- secureOptions
- secureProtocols
and makes sure that compatible test setups actually work as expected.
The test works by spawning two processes for each test case: one client
and one server. The test passes if a SSL/TLS connection from the client
to the server is successful and the test case was supposed to pass, or
if the connection couldn't be established and the test case was supposed
to fail.
The test is currently located in the directory 'test/external' because
it has external dependencies.
* openssl: Update to 1.0.1j (Addressing multiple CVEs)
* uv: Update to v0.10.29
* child_process: properly support optional args (cjihrig)
* crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny,
Timothy J Fontaine, Alexis Campailla)
This is a behavior change, by default we will not allow the negotiation to
SSLv2 or SSLv3. If you want this behavior, run Node.js with either
`--enable-ssl2` or `--enable-ssl3` respectively.
This does not change the behavior for users specifically requesting
`SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is
assumed you know what you're doing since you're specifically asking to use
these methods.
adds a note to the crypto docs passing along
the advice that openssl gives about what
key derivation function they recommend.
PR-URL: https://github.com/joyent/node/pull/8580
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Always set ssl2/ssl3 disabled based on whether they are enabled in Node.
In some corner-case scenario, node with OPENSSL_NO_SSL3 defined could
be linked to openssl that has SSL3 enabled.
In the case of a pipe'd input, i.e. from the CI the fd will be a PIPE
and when listen() is called it will return ENOTSOCK instead of EINVAL.
Backport: cd2d3aedaa
The order of the callbacks is non-deterministic, so don't expect the
error messages to come back in the same order every time, instead just
verify they are expected messages.
This change disables SSLv2/SSLv3 use by default, and introduces a
command line flag to opt into using SSLv2/SSLv3.
SSLv2 and SSLv3 are considered unsafe, and should only be used in
situations where compatibility with other components is required and
they cannot be upgrade to support newer forms of TLS.
Because of constant-timeness change made in openssl-1.0.1j the error is
no longer returned from EVP_DecryptFinal_ex. Now it just return 0, and
thus the error message does not contain proper error code. Adapt to this
change, there is not much that we could do about it.
vcbuild.bat is calling vcvars.bat, which doesn't detect if the environment
has already been set. This causes repeated entries to be added to the PATH,
which after a few invocations will lead to an error:
The input line is too long.
You cannot spawn 'dir' on Windows because it's not an executable. Also,
some people might have 'ls' on their path on Windows, so I changed
invalidCmd to something that's highly unlikely to exist.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Previously crypto.createDiffieHellman() would fail silently when a bad
argument was passed for prime/prime_length. Now throws TypeError.
Fixes: https://github.com/joyent/node/issues/8480
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
The cluster children are hitting breakpoint at `cluster.onread` and
hanging on a Semaphore wait now. This prevents them from disconnecting
gracefully. Considering that the test is checking different thing, the
cluster children needs to be force killed from the grand parent process.
Reviewed-By: Trevor Norris <trevnorris@gmail.com>
PR-URL: https://github.com/joyent/node/pull/8476
Because of behavior change of some V8 APIs (they mostly became more
strict), following modules needed to be fixed:
* crypto: duplicate prototype methods are not allowed anymore
* contextify: some TryCatch trickery, the binding was using it
incorrectly
* util: maximum call stack error is now crashing in a different place
Reviewed-By: Trevor Norris <trevnorris@gmail.com>
PR-URL: https://github.com/joyent/node/pull/8476
Do not send signal to children if they are already in debug mode.
Node.js on Windows does not register signal handler, and thus calling
`process._debugProcess()` will throw an error.
Reviewed-By: Trevor Norris <trevnorris@gmail.com>
PR-URL: https://github.com/joyent/node/pull/8476
Do not call SSL_read() and ignore ZERO_RETURN if the connection was
shutdown and there could not be any reads.
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/joyent/node/pull/8519
* Add official documentation that a Buffer instance is a viable
argument when instantiating a new Buffer.
* Properly set the poolOffset when a buffer needs to be truncated.
* Add comments clarifying specific peculiar coding choices.
* Remove a level of unnecessary indentation.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Windows doesn't resolve ".." the way we expect it for symlinks and
junctions.
PR-URL: https://github.com/joyent/node/pull/8489
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>
The constants in enum v8::ExternalArrayType have been changed. The old
values are there for legacy reasons, but it's best to update anyway.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Trevor Norris
Emmanuel Odeke
Timothy J Fontaine
Julien Gilli
Fedor Indutny
dead-horse
Calvin Metcalf
Alexis Campailla
Swaagie
Matthew Fitzsimmons
Brian White
Wang Xinyong
Stiliyan Lazarov
Refael Ackermann
Steve Mao
Johnny Ray
Steven R. Loomis