When our estimates for a storage size are higher than the actual length
of decoded data, the destination buffer should be truncated. Otherwise
`Buffer::Length` will give misleading information to C++ layer.
fix#7365
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Introduce new signature for both `dgram.createSocket` method and
`dgram.Socket` constructor:
dgram.createSocket(options, [listener])
Options should contain `type` property and may contain `reuseAddr`
property. When `reuseAddr` is `true` - SO_REUSEADDR will be issued on
socket on bind.
fix#7415
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Socket may become not `readable`, but http should not rely on this
property and should not think that it means that no data will ever
arrive from it. In fact, it may arrive in a next tick and, since
`this.push(null)` was already called, it will result in a error like
this:
Error: stream.push() after EOF
at readableAddChunk (_stream_readable.js:143:15)
at IncomingMessage.Readable.push (_stream_readable.js:123:10)
at HTTPParser.parserOnBody (_http_common.js:132:22)
at Socket.socketOnData (_http_client.js:277:20)
at Socket.EventEmitter.emit (events.js:101:17)
at Socket.Readable.read (_stream_readable.js:367:10)
at Socket.socketCloseListener (_http_client.js:196:10)
at Socket.EventEmitter.emit (events.js:123:20)
at TCP.close (net.js:479:12)
fix#6784
This prevents segfaults when a native method is reassigned to a
different object (which corrupts args.This()). When unwrapping,
clients should use args.Holder() instead of args.This().
Closes#6690.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Increase the performance and simplify the logic of Buffer#write{U}Int*
and Buffer#read{U}Int* methods by placing the byte manipulation code
directly inline.
Also improve the speed of buffer-write benchmarks by creating a new
call directly to each method by using Function() instead of calling by
buff[fn].
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
The two biggest changes are that v8::Script::New() has been removed and
that a v8::Script object now has to be explicitly bound to a context if
you want to run it from another context.
We can accommodate both changes without breaking the vm module's public
API or even the internal JS API.
The test/simple/test-smalloc.js has an implicit assumption
of the byte order of the data stored for Double and Uint32
values. On a big endian platform this test fails without
these patches.
Use os.endianness() to detect the endian of the platform
and use it to gate the static value used for comparison.
Improve on commit b55c9d6 by not requiring that switches are comma
separated. This commit makes `./configure --v8-options="--foo --bar"`
work and takes special care to properly escape quotes in the options
string.
By building the fs.Stats object in JS, which is returned by all fs stat
functions, calls to v8::Object::Set() are removed. This also includes
creating all associated Date objects in JS, rather than using
v8::Date::New(). Both these changes have significant performance gains.
Note that the returned value from fs.stat changes slightly for non-POSIX
systems. Whereas before the stats object would be missing blocks and
blksize keys, it now has these keys with undefined as the value.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Move `createCredentials` to `tls` module and rename it to
`createSecureContext`. Make it use default values from `tls` module:
`DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`.
fix#7249
Include the "expected protocol" in the Error message
string, which evaluates to "http:" for the `http`
core module, and "https:" for the `https` module.
Closes#7355.
These are an old and deprecated properties that was used by previous
stream implementation, and are still in use in some user-land modules.
Prior to this commit, they were read from the underlying socket, which
may be non-readable/non-writable while connecting or while staying
uninitialized.
Force set them to `true`, just to make sure that there will be no
inconsistency.
fix#7152
Previously the build artifacts did not include a signed timestamp, so
when the certificate expired the validation of the artifact would fail.
Now we sign against a timestamp server such that the artifact will
always be valid regardless of the disposition of the certificate.
Closes#7360 and #7059.
Ensure that OpenSSL has enough entropy (at least 256 bits) for its PRNG.
The entropy pool starts out empty and needs to fill up before the PRNG
can be used securely.
OpenSSL normally fills the pool automatically but not when someone
starts generating random numbers before the pool is full: in that case
OpenSSL keeps lowering the entropy estimate to thwart attackers trying
to guess the initial state of the PRNG.
When that happens, we wait until enough entropy is available, something
that normally should never take longer than a few milliseconds.
Fixes#7338.
The default entropy source is /dev/urandom on UNIX platforms, which is
okay but we can do better by seeding it from OpenSSL's entropy pool.
On Windows we can certainly do better; on that platform, V8 seeds the
random number generator using only the current system time.
Fixes#6250.
NB: This is a back-port of commit 7ac2391 from the master branch that
for some reason never got back-ported to the v0.10 branch.
The default on UNIX platforms in v0.10 is different and arguably worse
than it is with master: if no entropy source is provided, V8 3.14 calls
srandom() with a xor of the PID and the current time in microseconds.
That means that on systems with a coarse system clock, the initial
state of the PRNG may be easily guessable.
The situation on Windows is even more dire because there the PRNG is
seeded with only the current time... in milliseconds.
* Documentation upgrades
* Fix glob bug which prevents proper README publishing
* node-gyp upgrade to 0.13
* Documentation updates
* Add --save-exact to save an exact dep (instead of a range)
* alias 't' to 'test'
The `Agent#request()` function was removed in
f3189ace6b, so don't
use it in the documentation example. The function
wasn't documented in the first place.
Default to the `defaultAgent.protocol` when comparing the
user-specified `options.protocol` string. This is so that
`http.Agent` instances do not need to specify their own
`protocol` field, since we have the relevant information
already from the `defaultAgent`.
Note that the test case could be separately cherry-picked
to the `v0.10` branch, since it already passes correctly.
Fixes#7349.
Fixes the regression described in: http://git.io/2ds-WQ
Turn off -Werror when building V8, it hits -Werror=unused-local-typedefs
with g++ 4.8. The warning itself is harmless so don't abort the build.
This was originally implemented in commit d2ab314e back in 2011 but the
build process has gone through a few iterations since then, that change
no longer works.
`env.h` is an internal header file and should not be copied or exposed
to the users.
Additionally, export convenience `Throw*` methods with `v8::Isolate*` as
a first argument.
Fix up the dtrace/etw/systemtap infrastructure after the V8 upgrade in
commit 1c7bf24. The win32 changes are untested but can hardly make
things worse because node doesn't build on windows right now.
Fixes#7313 with some luck.
Don't call DecodeWrite() with a Buffer as its argument because it in
turn calls StringBytes::Write() and that method expects a Local<String>.
"Why then does that function take a Local<Value>?" I hear you ask.
Good question but I don't have the answer. I added a CHECK for good
measure and what do you know, all of a sudden a large number of crypto
tests started failing.
Calling DecodeWrite(BINARY) on a buffer is nonsensical anyway: if you
want the contents of the buffer, just copy out the data, there is no
need to decode it - and that's exactly what this commit does.
Fixes a great many instances of the following run-time error in debug
builds:
FATAL ERROR: v8::String::Cast() Could not convert to string
Fix a regression that was introduced in commit ce04c726 after the
upgrade to V8 3.24.
The new weak persistent handle API no longer gives you the original
persistent but still requires that you clear it inside your weak
callback.
Rearrange the code in src/smalloc.cc to keep track of the persistent
handle with the least amount of pain and try hard to share as much
code as possible between the 'just free it' and 'invoke my callback'
versions of the smalloc API.
Fixes#7309.