In closed environments, self-signed or privately signed certificates are
commonly used, and rejected by Node.js since their root CAs are not
well-known. Allow extending the set of well-known compiled-in CAs via
environment, so they can be set as a matter of policy.
PR-URL: https://github.com/nodejs/node/pull/9139
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/10245
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Current comment described what to do with it when the ABI changes, but
implied that Node.js would load modules with newer ABI numbers, which it
will not.
PR-URL: https://github.com/nodejs/node/pull/10414
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Adds flags that marks WinCtrlCHandlerRoutine as disabled instead of
removing it. Trying to remove the controller from the controller
handle itself leads to deadlock.
PR-URL: https://github.com/nodejs/node/pull/10248
Reviewed-By: Anna Henningsen <anna@addaleax.net>
warning: format ‘%lx’ expects argument of type ‘long
unsigned int’, but argument 3 has type ‘unsigned int’ [-Wformat=]
BIO_printf(bio, "0x%lx", exponent_word);
PR-URL: https://github.com/nodejs/node/pull/10082
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
There was a byte-order mismatch for `buffer#fill` on big-endian
platforms. Weirdly, the tests seemed to expect that wrong behaviour.
PR-URL: https://github.com/nodejs/node/pull/9837
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
After processing all the callbacks in the destroy_ids vector make sure
to clear() it otherwise the DestroyIdsCb() won't run again.
PR-URL: https://github.com/nodejs/node/pull/10400
Fixes: b49b496 "async_wrap: call destroy() callback in uv_idle_t"
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Fix leaking the BIO in the error path. Introduced in commit 34febfbf4
("crypto: fix handling of root_cert_store").
PR-URL: https://github.com/nodejs/node/pull/9604
Refs: https://github.com/nodejs/node/pull/9409
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
SecureContext::AddRootCerts only parses the root certificates once and
keeps the result in root_cert_store, a global X509_STORE. This change
addresses the following issues:
1. SecureContext::AddCACert would add certificates to whatever
X509_STORE was being used, even if that happened to be root_cert_store.
Thus adding a CA certificate to a SecureContext would also cause it to
be included in unrelated SecureContexts.
2. AddCRL would crash if neither AddRootCerts nor AddCACert had been
called first.
3. Calling AddCACert without calling AddRootCerts first, and with an
input that didn't contain any certificates, would leak an X509_STORE.
4. AddCRL would add the CRL to whatever X509_STORE was being used. Thus,
like AddCACert, unrelated SecureContext objects could be affected.
The following, non-obvious behaviour remains: calling AddRootCerts
doesn't /add/ them, rather it sets the CA certs to be the root set and
overrides any previous CA certificates.
Points 1–3 are probably unimportant because the SecureContext is
typically configured by `createSecureContext` in `lib/_tls_common.js`.
This function either calls AddCACert or AddRootCerts and only calls
AddCRL after setting up CA certificates. Point four could still apply in
the unlikely case that someone configures a CRL without explicitly
configuring the CAs.
PR-URL: https://github.com/nodejs/node/pull/9409
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Setting reference count at the time of setting cert_store instead of
trying to manage it by modifying internal states in destructor.
PR-URL: https://github.com/nodejs/node/pull/9409
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Use zero-copy external string resources for storing the built-in JS
source code. Saves a few hundred kilobyte of memory and consistently
speeds up `benchmark/misc/startup.js` by 2.5%.
Everything old is new again! Commit 74954ce ("Add string class that
uses ExternalAsciiStringResource.") from 2011 did the same thing but
I removed that in 2013 in commit 34b0a36 ("src: don't use NewExternal()
with unaligned strings") because of a limitation in the V8 API.
V8 no longer requires that strings are aligned if they are one-byte
strings so it should be safe to re-enable external strings again.
PR-URL: https://github.com/nodejs/node/pull/5458
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Robert Jefe Lindstaedt <robert.lindstaedt@gmail.com>
Always use `req_wrap_obj` to allow calling `req->Done()` in stream
implementations.
PR-URL: https://github.com/nodejs/node/pull/10184
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This is a security release of the 'Boron' release line to upgrade
OpenSSL to version 1.0.2k
Although the OpenSSL team have determined a maximum severity rating
of "moderate", the Node.js crypto team (Ben Noordhuis, Shigeki Ohtsu
and Fedor Indutny) have determined the impact to Node users is "low".
Details on this determination can be found on the Nodejs.org website
https://nodejs.org/en/blog/vulnerability/openssl-january-2017/
Notable Changes:
* deps:
- upgrade openssl sources to 1.0.2k (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/11021
PR-URL: https://github.com/nodejs/node/pull/11081
This is a special release that contains 0 commits. While promoting
additional platforms for v6.9.3 after the release, the tarballs on the
release server were overwritten and now have different shasums. In
order to remove any ambiguity around the release we have opted to do a
semver patch release with no changes.
(Patch by David Benjamin.)
Rather than reach into the SSL_SESSION, use the intended API,
SSL_get_servername. This will also help the transition to OpenSSL 1.1.0.
Also don't fill in the tlsTicket field here. This is never read by
oncertcb and was always false anyway; that field is maintained by
clients and tracks whether the server issued a ticket or a session ID.
(Note this is distinct from the copy passed to onclienthello which is
used and is not a no-op.)
PR-URL: https://github.com/nodejs/node/pull/9347
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Using the black magic of Symbol.toPrimitive the numeric value of
start/end can be changed when Uint32Value() is called once
Buffer::Fill() is entered. Allowing the CHECK() to be bypassed.
The bug report was only for "start", but the same can be done with
"end". Perform checks for both in node::Buffer::Fill() to make sure the
issue can't be triggered, even if process.binding is used directly.
Include tests for each case. Along with a check to make sure the last
time the value is accessed returns -1. This should be enough to make
sure Buffer::Fill() is receiving the correct value. Along with two tests
against process.binding directly.
Fixes: https://github.com/nodejs/node/issues/9149
PR-URL: https://github.com/nodejs/node/pull/9174
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Franziska Hinkelmann <ranziska.hinkelmann@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Make /json/version return an object instead of an object wrapped in an
array.
Fixes: https://github.com/nodejs/node/issues/9760
PR-URL: https://github.com/nodejs/node/pull/9762
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@google.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Calling JS during GC is a no-no. So intead create a queue of all ids
that need to have their destroy() callback called and call them later.
Removed checking destroy() in test-async-wrap-uid because destroy() can
be called after the 'exit' callback.
Missing a reliable test to reproduce the issue that caused the
FATAL_ERROR.
PR-URL: https://github.com/nodejs/node/pull/10096
Fixes: https://github.com/nodejs/node/issues/8216
Fixes: https://github.com/nodejs/node/issues/9465
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This is how it's done everywhere else in core. Make it follow suit.
PR-URL: https://github.com/nodejs/node/pull/10096
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The constructor and destructor shouldn't have been placed in the -inl.h
file from the beginning.
PR-URL: https://github.com/nodejs/node/pull/10096
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The changes introdcued here replace the deprecated
v8 method SetNamedPropertyHandler() to SetHandler()
in node.cc.
Prior to refactoring, the method defined callbacks
when accessing object properties defined by Strings
and not Symbols.
test/parallel/test-v8-interceptStrings-not-Symbols.js
demonstrates that this behaviour remained unchanged
after refactoring.
PR-URL: https://github.com/nodejs/node/pull/9062
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
There are multiple reports of Windows7 not being able to resolve
localhost on some setups (web search also confirms that). This change
will advertise "127.0.0.1" as inspector host name.
Fixes: https://github.com/nodejs/node/issues/9382
Fixes: https://github.com/nodejs/node/issues/9188
PR-URL: https://github.com/nodejs/node/pull/9451
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/9243
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Fix a nullptr dereference when an invalid path is requested.
Regression introduced in commit 69fc85d ("inspector: generate UUID for
debug targets"), caught by Coverity.
PR-URL: https://github.com/nodejs/node/pull/9184
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@google.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
By convention, inspector protocol targets do not advertise connection
URLs when the frontend is already connected as multiple inspector
protocol connections are not supported.
PR-URL: https://github.com/nodejs/node/pull/8919
Reviewed-By: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Fix a regression introduced in commit 2996b5c ("crypto: Allow GCM
ciphers to have a longer IV length") from April 2016 where a misplaced
parenthesis in a 'is ECB cipher?' check made it possible to use empty
IVs with non-ECB ciphers.
Also fix some exit bugs in test/parallel/test-crypto-authenticated.js
that were introduced in commit 4a40832 ("test: cleanup IIFE tests")
where removing the IFFEs made the test exit prematurely instead of just
skipping subtests.
PR-URL: https://github.com/nodejs/node/pull/9032
Refs: https://github.com/nodejs/node/pull/6376
Refs: https://github.com/nodejs/node/issues/9024
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.
SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.
PR-URL: https://github.com/nodejs/node/pull/8995
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
rval never existed, it was added as that in 077f9d7293
Fixes: https://github.com/nodejs/node/issues/9001
PR-URL: https://github.com/nodejs/node/pull/9023
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Notable changes:
* streams: Fix a regression introduced in v6.8.0 in readable stream
that caused unpipe to remove the wrong stream (Anna Henningsen)
PR-URL: https://github.com/nodejs/node/pull/9186
This release marks the transition of Node.js v6 into Long Term Support
(LTS) with the codename 'Boron'. The v6 release line now moves in to
"Active LTS" and will remain so until April 2018. After that time it
will move in to "Maintenance" until end of life in April 2019.
This is also a security release. All Node.js users should consult the
security release summary at
https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/
for details on patched vulnerabilities.
Notable changes:
* crypto: Don't automatically attempt to load an OpenSSL configuration
file, from the `OPENSSL_CONF` environment variable or from the
default location for the current platform. Always triggering a
configuration file load attempt may allow an attacker to load
compromised OpenSSL configuration into a Node.js process if they are
able to place a file in a default location. (Fedor Indutny, Rod Vagg)
* node: Introduce the `process.release.lts` property, set to `"Boron"`.
This value is `"Argon"` for v4 LTS releases and `undefined` for all
other releases. (Rod Vagg)
* V8: Backport fix for CVE-2016-5172, an arbitrary memory read.
The parser in V8 mishandled scopes, potentially allowing an attacker
to obtain sensitive information from arbitrary memory locations via
crafted JavaScript code. This vulnerability would require an
attacker to be able to execute arbitrary JavaScript code in a
Node.js process. (Rod Vagg)
* **v8_inspector**: Generate a UUID for each execution of the
inspector. This provides additional security to prevent unauthorized
clients from connecting to the Node.js process via the v8_inspector
port when running with `--inspect`. Since the debugging protocol
allows extensive access to the internals of a running process, and
the execution of arbitrary code, it is important to limit
connections to authorized tools only. Vulnerability originally
reported by Jann Horn. (Eugene Ostroukhov)
PR-URL: https://github.com/nodejs/node-private/pull/81
* Add documentation for `--openssl-conf=file`.
* Fix openssl.cnf loading and OpenSSL init ordering
* Fix FIPS tests so `OPENSSL_CONF` is not longer usable but
`--openssl-conf` is
PR-URL: https://github.com/nodejs/node-private/pull/82
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Do not load `openssl.cnf` file automatically, load the one provided by
`--openssl-config` at node startup.
PR-URL: https://github.com/nodejs/node-private/pull/78
Reviewed-By: Rod Vagg <rod@vagg.org>
This define is not available in zlib prior to version 1.2.5.2. See
https://github.com/nodejs/node/issues/9110 for details. Workaround the
build breakage reported by casting away const in src/inspector_agent.cc
instead.
PR-URL: https://github.com/nodejs/node/pull/9122
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Myles Borins
Sam Roberts
jBarz
Bartosz Sosnowski
Alex Newman
Anna Henningsen
Eugene Ostroukhov
Trevor Norris
Ben Noordhuis
Adam Langley
Adam Majer
Fedor Indutny
Myles Borins
Josh Gavant
Myles Borins
AnnaMag
Brian White
Miguel Angel Asencio Hurtado
Rod Vagg
Bradley T. Hughes
Evan Lucas