Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl and update src/node_crypto.cc to make use of
the new format.
Fixes#6013.
CONTAINER_OF was introduced a while ago but was not used consistently
everywhere yet. This commit fixes that.
Why CONTAINER_OF instead of container_of? The former makes it crystal
clear that it's a macro, not a function.
Unbreak the build when linking against a shared version of OpenSSL that
doesn't support NPN (Next Protocol Negotiation.)
Fixes the following build error:
../src/node_crypto.cc:140: error: no member function
'AdvertiseNextProtoCallback' declared in
'node::crypto::SSLWrap<node::TLSCallbacks>'
../src/node_crypto.cc:147: error: no member function
'SelectNextProtoCallback' declared in
'node::crypto::SSLWrap<node::TLSCallbacks>'
The domain module has been switched over to use the domain module API as
much as currently possible. There are still some hooks in the
EventEmitter, but hopefully we can remove those in the future.
pbkdf2_req has been renamed to PBKDF2Request and converted to a class.
It now uses AsyncWrap::MakeCallback.
Also includes, using env()->ondone_string() instead of "ondone" and
using malloc instead of new char[].
Since RandomBytesRequest makes a call to MakeCallback, needed it to be
a class so AsyncWrap could handle any async listeners.
Also added a simple test for an issue had during implementation where
the memory was being released and returned.
Previous behaviour was to drop to an openssl prompt
("Enter PEM pass phrase:") when supplying a private key with a
passphrase. This change adds a fourth, optional, paramter that
will be used as the passphrase.
To include this parameter in a backwards compatible way it was
necessary to expose the previously undocumented (and unexposed)
feature of being able to explitly setting the output encoding.
Drop the ObjectWrap dependency in favor of an internal WeakObject class.
Let's us stop worrying about API and ABI compatibility when making
changes to the way node.js deals with weakly persistent handles
internally.
The default entropy source is /dev/urandom on UNIX platforms, which is
okay but we can do better by seeding it from OpenSSL's entropy pool.
On Windows we can certainly do better; on that platform, V8 seeds the
random number generator using only the current system time.
Fixes#6250.
Fix pointer unwrapping when T is a class with more than one base class.
Before this commit, the wrapped void* pointer was cast directly to T*
without going through ObjectWrap* first, possibly leading to a class
instance pointer that points to the wrong vtable.
This change required some cleanup in various files; some classes
used private rather than public inheritance, others didn't derive
from ObjectWrap at all...
Fixes#6188.
This commit makes it possible to use multiple V8 execution contexts
within a single event loop. Put another way, handle and request wrap
objects now "remember" the context they belong to and switch back to
that context when the time comes to call into JS land.
This could have been done in a quick and hacky way by calling
v8::Object::GetCreationContext() on the wrap object right before
making a callback but that leaves a fairly wide margin for bugs.
Instead, we make the context explicit through a new Environment class
that encapsulates everything (or almost everything) that belongs to
the context. Variables that used to be a static or a global are now
members of the aforementioned class. An additional benefit is that
this approach should make it relatively straightforward to add full
isolate support in due course.
There is no JavaScript API yet but that will be added in the near
future.
This work was graciously sponsored by GitHub, Inc.
Remove NodeBIO::GetMethod() and replace calls to BIO_new() with calls
to the new NodeBIO::New() function.
This commit basically reshuffles some code in order to make it explicit
that the NodeBIO BIO_METHOD is const.
Before this commit it was declared static (in a header file!), meaning
it got duplicated in every file that includes it.
A few duplicated pointers is not the end of the world but it introduces
a lot of potential for confusion because root_cert_store in file A is
not the root_cert_store in file B.
Moral of the story: don't declare static variables in header files.
Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but
said files copied on the order of 1 kLoC from src/node_crypto.cc
and src/node_crypto.h. This commit undoes some of the duplication.
Fixes#6024.
RandomBytes() allocated memory with new[] which was then handed off to
Buffer::Use() which eventually releases it again with free().
Mixing the two is technically a violation of the spec and besides, it's
generally frowned upon.
Code cleanup: don't call a Connection object `p` in some places, `c` in
other places and `ss` in yet other places. Let's just call it `conn`.
This also fixes about a million style errors in one fell swoop.
Don't create an Integer when setting a numeric index on an object or an
array, use the version of v8::Object::Set() that takes an uint32_t.
Change the types of the variables from int to uint32_t and clean up
some code consistency issues while we're here.
* Change calls to String::New() and String::NewSymbol() to their
respective one-byte, two-byte and UTF-8 counterparts.
* Add a FIXED_ONE_BYTE_STRING macro that takes a string literal and
turns it into a v8::Local<v8::String>.
* Add helper functions that make v8::String::NewFromOneByte() easier to
work with. Said function expects a `const uint8_t*` but almost every
call site deals with `const char*` or `const unsigned char*`. Helps
us avoid doing reinterpret_casts all over the place.
* Code that handles file system paths keeps using UTF-8 for backwards
compatibility reasons. At least now the use of UTF-8 is explicit.
* Remove v8::String::NewSymbol() entirely. Almost all call sites were
effectively minor de-optimizations. If you create a string only once,
there is no point in making it a symbol. If you are create the same
string repeatedly, it should probably be cached in a persistent
handle.
Update a few more `Local<T>::New(isolate, persistent)` call sites to
`PersistentToLocal(isolate, persistent)` - the latter has a fast path
for non-weak persistent references.
Use the StringBytes::IsValidString() function introduced in commit
dce26cc to ensure that the input string meets the expectations of the
other StringBytes functions before processing it further.
Fixes the following assertion:
Assertion failed: (str->Length() % 2 == 0 && "invalid hex string
length"), function StorageSize, file ../../src/string_bytes.cc,
line 301.
Fixes#5725.
* Use ARRAY_SIZE() rather than scanning until we hit a NULL entry.
* Fix `-fsigned-char -Wnarrowing` compiler warnings. Harmless but
numerous and annoying.
* Static-ify the modp_group and mod_groups arrays.
* Const-ify the modp_groups array.
It imports the definition into every source file that includes
string_bytes.h, as evidenced by the build suddenly breaking left
and right because of missing Handle/Local/String/Value imports.