Document all TLSSocket options:
- All the secure context options are valid options
to a secureContext
- isServer modifies the default value of requestCert
Describe all tls.connect() variants:
- tls.connect(path) was undocumented
- tls.connect(port) was underdocumented, and its relationship to
tls.connect(options) was obscure
Socket passed to tls.connect is user managed:
- Replace https://github.com/nodejs/node/pull/8996
Add documentation to:
- describe and add tests for the pfx and key variants, and describe how
and when passphrase is used.
- describe tls cert and ca options
- describe buffer forms of tls crl option
- describe tls cipher option and defaults
- fix link to Crypto Constants
- describe that honorCipherOrder sets SSL_OP_CIPHER_SERVER_PREFERENCE.
- describe tls ecdhCurve/dhparam options
- describe tls secureProtocol option
- describe tls secureOptions
- describe tls sessionIdContext
De-deduplicate secure context docs:
The secure context options were documented 4 times, making it difficult
to understand where the options come from, where they are supported,
and under what conditions they are used.
The multiple copies were inconsistent and contradictory in their
descriptions of the options, and also inconsistent in whether the
options would be documented at all.
Cut through this gordian knot by linking all APIs that use the
secureContext options to the single source of truth about the options.
PR-URL: https://github.com/nodejs/node/pull/9800
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Its confusing to have multiple names for the same thing, use
secureOptions consistently.
PR-URL: https://github.com/nodejs/node/pull/9800
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Either the options or the listener argument to tls.createServer() was
optional, but not both. This makes no sense, so align the argument
checking and documentation with net.createServer(), which accepts the
same option sequence, and which tls.createServer() is modelled on.
PR-URL: https://github.com/nodejs/node/pull/9800
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
* use common.mustCall() to confirm number of uncaught exceptions
* var -> const
* specify duration of 1ms for setTimeout() and setInterval()
PR-URL: https://github.com/nodejs/node/pull/10188
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
- use const and let for variables
- replace assert.equal with assert.strictEqual
PR-URL: https://github.com/nodejs/node/pull/10167
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
1. equal => strictEqual.
2. let => const for the variable that is not reassigned.
3. fix spaces.
4. stringify erroneous raw buffer outputs.
5. fix a typo.
PR-URL: https://github.com/nodejs/node/pull/10102
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/10136
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
- using strictEqual instead equal
- cast `response` to Number()
PR-URL: https://github.com/nodejs/node/pull/10002
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
We have a tacit rule that for multiline statements, the operator should
be placed before the linebreak. This commit commit fixes the few
violations of this rule in the code base.
This allows us to enable the corresponding ESLint rule.
PR-URL: https://github.com/nodejs/node/pull/10178
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Teddy Katz <teddy.katz@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Standardizes docs to use -j4 instead of -j8 as it appears to be the
most inclusive recommendation based on discussion in
https://github.com/nodejs/node/pull/9961.
PR-URL: https://github.com/nodejs/node/pull/9961
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Adds a note to the BUILDING doc to encourage parallelizing make. When I
first built node I didn't know this trick and thought that the build was
just stuck in an infinite loop after waiting for 10 minutes.
Refs: https://github.com/nodejs/node/issues/8286
Refs: https://github.com/nodejs/node/pull/9881
PR-URL: https://github.com/nodejs/node/pull/9961
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Currently, there are a number of popups that get displayed when running
the tests asking to accept incoming network connections. Rules can be
added manually to the socket firewall on Mac OS X but getting this right
might not be obvious and quite a lot of time can be wasted trying to get
the rules right. This script hopes to simplify things a little so that
it can be re-run when needed.
The script should be runnable from both the projects root directory and
from the tools directory, for example:
$ sudo ./tools/macosx-firewall.sh
Fixes: https://github.com/nodejs/node/issues/8911
PR-URL: https://github.com/nodejs/node/pull/10114
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Asserts that an error should be thrown when
an invalid signal is passed to process.kill().
PR-URL: https://github.com/nodejs/node/pull/10026
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Use `common.mustCall()` and `common.fail()` where appropriate.
Change `assert.equal` to `assert.strictEqual` to ensure specificity.
Change var declarations to const to take advantage of ES6 immutable
bindings.
PR-URL: https://github.com/nodejs/node/pull/10072
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Add tests for edges cases of BufferList:
- test operations when the length is 0
- test operations when the list only has one element
PR-URL: https://github.com/nodejs/node/pull/10171
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
In order to prevent a memory leak when using keep alive, ensure that the
timeout listener for the request is removed when the response has ended.
PR-URL: https://github.com/nodejs/node/pull/9440
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
The setTimeout() call is unneeded. If the socket never times out, then
the test will never finish. Because timers can be unreliable on machines
under load, using setTimeout() here effectively creates a race
condition.
PR-URL: https://github.com/nodejs/node/pull/10172
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Partially taken from https://linux.die.net/man/3/cfmakeraw
A very simple test script:
```
if (process.argv[2] === 'raw')
process.stdin.setRawMode(true)
process.stdin.on('data', (chunk) => {
console.log(chunk)
console.log(chunk.toString())
})
```
Refs: https://github.com/nodejs/node/pull/10037
PR-URL: https://github.com/nodejs/node/pull/10147
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
- Replace require() vars with const.
- Replace assert.equal() with assert.strictEqual().
- Add common.mustCall() to the setTimeout() callback.
PR-URL: https://github.com/nodejs/node/pull/9995
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
* removed pseudo-code
* added info on which properties have priority
* modified examples to show ignored properties
PR-URL: https://github.com/nodejs/node/pull/10046
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Fixed a small error that manifests when --debug is specified. This
seems to have been introduced during the backport #9422.
Ref: https://github.com/nodejs/node/pull/9422
PR-URL: https://github.com/nodejs/node/pull/10525
Reviewed-By: ofrobots - Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: mhdawson - Michael Dawson <michael_dawson@ca.ibm.com>
This is a security release of the 'Boron' release line to upgrade
OpenSSL to version 1.0.2k
Although the OpenSSL team have determined a maximum severity rating
of "moderate", the Node.js crypto team (Ben Noordhuis, Shigeki Ohtsu
and Fedor Indutny) have determined the impact to Node users is "low".
Details on this determination can be found on the Nodejs.org website
https://nodejs.org/en/blog/vulnerability/openssl-january-2017/
Notable Changes:
* deps:
- upgrade openssl sources to 1.0.2k (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/11021
PR-URL: https://github.com/nodejs/node/pull/11081
Regenerate asm files with Makefile and CC=gcc and ASM=gcc where
gcc-5.4.0. Also asm files in asm_obsolete dir to support old compiler
and assembler are regenerated without CC and ASM envs
PR-URL: https://github.com/nodejs/node/pull/11021
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
Fixes: https://github.com/nodejs/io.js/issues/1461
PR-URL: https://github.com/nodejs/io.js/pull/1836
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
All symlink files in `deps/openssl/openssl/include/openssl/`
are removed and replaced with real header files to avoid
issues on Windows. Two files of opensslconf.h in crypto and
include dir are replaced to refer config/opensslconf.h.
PR-URL: https://github.com/nodejs/node/pull/11021
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This replaces all sources of openssl-1.0.2k.tar.gz into
deps/openssl/openssl
PR-URL: https://github.com/nodejs/node/pull/11021
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This is a special release that contains 0 commits. While promoting
additional platforms for v6.9.3 after the release, the tarballs on the
release server were overwritten and now have different shasums. In
order to remove any ambiguity around the release we have opted to do a
semver patch release with no changes.
It was added by mistake in
d283704cd6
PR-URL: https://github.com/nodejs/node/pull/10463
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Requiring a file from a directory that contains an invalid package.json
file should throw an error.
PR-URL: https://github.com/nodejs/node/pull/10044
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Currently, two of the guides in the `/doc/guides` directory are actually
guides for working on the Nodei.js project. Of those, one is linked from
this page. This change adds a note to point people to the other.
PR-URL: https://github.com/nodejs/node/pull/10070
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Use assert.strictEqual() instead of assert.equal().
PR-URL: https://github.com/nodejs/node/pull/10269
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Use assert.strictEqual instead of assert.equal and assert.ok
PR-URL: https://github.com/nodejs/node/pull/10420
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Myles Borins
Sam Roberts
Rich Trott
Adrian Estrada
Vse Mozhet Byt
pallxk
James Tenenbaum
Italo A. Casas
Michaël Zasso
Jonathan Darling
Daniel Bevenius
Matt Phillips
davidmarkclements
joyeecheung
Karl Böhlmark
Jeremiah Senkpiel
Kyle Corsi
anoff
Fedor Indutny
Matthew Avery
Myles Borins
Shigeki Ohtsu
Shigeki Ohtsu
Fedor Indutny
Sam Shull
sarahmeyer
Adao Junior
Segu Riluvan