Fix a use-after-free bug and a memory leak in the error path of
DiffieHellman::ComputeSecret().
* the BIGNUM key was used after being freed with BN_free().
* the output buffer was not freed
Previously, the "global" mode of REPLs was broken when created after another
non-global REPL (they would end up sharing the same context). Now that "global"
mode is fixed for that case (b1e78cef09), this
test case gets its global scope modified with "module" and other REPL-specific
properties, so disable the global check.
This reverts commit 1c88c3b3b5.
It breaks the "read a password from stdin" functionality that OpenSSL provides.
Fixes#4059, #4143.
Conflicts:
deps/openssl/openssl.gyp
* The 'close' event doesn't emit an error object.
* It's possible for a 'close' event to come after an 'end' event, contrary to
what the documentation said.
Fixes#4116.
Before there was this weird module-scoped "context" variable which seemingly
shared the "context" of subsequent REPL instances, unless ".clear" was invoked
inside the REPL. To be proper, we need to ensure that each REPL gets its own
"context" object. I literally don't know why this "sharing" behavior was in place
before, but it was just plain wrong.
Make buffers report the proper retained size in heap snapshots.
Before this commit, Buffer objects would show up in the heap profiler as being
only a few hundred bytes large, even if the actual buffer was many megabytes.
Consolidates all the formatting options into an "options" object argument.
This is so that we don't have to be constantly remembering the order of
the arguments and so that we can add more formatting options easily.
Closes#4085.
Listen for the 'clientError' event that is emitted when a renegotation attack
is detected and close the connection.
Fixes test/pummel/test-https-ci-reneg-attack.js
Make the 'listening' event handler in the master process see the actual port
that the worker bound to when the worker specified port 0, i.e. a random port.
Encoding failures can be somewhat confusing, especially when they are due to
control flow frameworks auto-filling parameters from the previous step output
values to functions (such as toString and write) that developers don't expect
to take an encoding parameter. By outputting the value as part of the message,
should make it easier to track down these sort of bugs.