Use correct deallocator for returned buffera.
Don't free internal structure via ASN1_STRING_data.
Deallocate NETSCAPE_SPKI.
PR-URL: https://github.com/nodejs/node/pull/2359
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Errors might be injected into OpenSSL's error stack
without the return value of `PEM_read_bio_PrivateKey` being set to
`nullptr`. See the test of `test_bad_rsa_privkey.pem` for an
example.
PR-URL: https://github.com/nodejs/node/pull/2342
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Rename the three argument overload of Buffer::New() to Buffer::Copy()
and update the code base accordingly. The reason for renaming is to
make it impossible to miss a call site.
This coincidentally plugs a small memory leak in crypto.getAuthTag().
Fixes: https://github.com/nodejs/node/issues/2308
PR-URL: https://github.com/nodejs/node/pull/2352
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
In a few places dynamic memory was passed to the Buffer::New() overload
that makes a copy of the input, not the one that takes ownership.
This commit is a band-aid to fix the memory leaks. Longer term, we
should look into using C++11 move semantics more effectively.
Fixes: https://github.com/nodejs/node/issues/2308
PR-URL: https://github.com/nodejs/node/pull/2352
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The exponent value was already in hex, but missing the 0x prefix which
could be confusing.
PR-URL: https://github.com/nodejs/io.js/pull/2320
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
`enableTicketKeyCallback` and `onticketkeycallback` could be potentially
used to renew the TLS Session Tickets before they expire. However this
commit will introduce it only for private use yet, because we are not
sure about the API, and already need this feature for testing.
See: https://github.com/nodejs/io.js/issues/2304
PR-URL: https://github.com/nodejs/io.js/pull/2312
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Upgrade the bundled V8 and update code in src/ and lib/ to the new API.
Notable backwards incompatible changes are the removal of the smalloc
module and dropped support for CESU-8 decoding. CESU-8 support can be
brought back if necessary by doing UTF-8 decoding ourselves.
This commit includes https://codereview.chromium.org/1192973004 to fix
a build error on python 2.6 systems. The original commit log follows:
Use optparse in js2c.py for python compatibility
Without this change, V8 won't build on RHEL/CentOS 6 because the
distro python is too old to know about the argparse module.
PR-URL: https://github.com/nodejs/io.js/pull/2022
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
New Buffer implementation allows greater than kMaxLength to be created.
So instead check if the passed value is a valid Smi.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Address comments and deprecations left in source files. These changes
include:
* Remove the deprecated API.
* Change Buffer::New() that did a copy of the data to Buffer::Copy()
* Change Buffer::Use() to Buffer::New()
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Instead of aborting in case of internal failure, return an empty
Local<Object>. Using the MaybeLocal<T> API, users must check their
return values.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
3beb880716 has a bug in VerifyCallback
when preverify is 1 and the cert chain has an verify error. If the
error is UNABLE_TO_GET_ISSUER_CERT_LOCALLY, it leads an assertion
error in finding rootCA.
The whitelist check should be made only when the cert chain has no
verify error with X509_V_OK.
Fixes: https://github.com/nodejs/io.js/issues/2061
PR-URL: https://github.com/nodejs/io.js/pull/2064
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Re-add the wrapper class id to AsyncWrap instances so they can be
tracked directly in a heapdump.
Previously the class id was given without setting the heap dump wrapper
class info provider. Causing a segfault when a heapdump was taken. This
has been added, and the label_ set to the given provider name so each
instance can be identified.
The id will not be set of the passed object has no internal field count.
As the class pointer cannot be retrieved from the object.
In order to properly report the allocated size of each class, the new
pure virtual method self_size() has been introduces.
PR-URL: https://github.com/nodejs/io.js/pull/1896
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Support building and running with FIPS-compliant OpenSSL. The process is
following:
1. Download and verify `openssl-fips-x.x.x.tar.gz` from
https://www.openssl.org/source/
2. Extract source to `openssl-fips` folder
3. ``cd openssl-fips && ./config fipscanisterbuild --prefix=`pwd`/out``
(NOTE: On OS X, you may want to run
``./Configure darwin64-x86_64-cc --prefix=`pwd`/out`` if you are going to
build x64-mode io.js)
4. `make -j && make install`
5. Get into io.js checkout folder
6. `./configure --openssl-fips=/path/to/openssl-fips/out`
7. Build io.js with `make -j`
8. Verify with `node -p "process.versions.openssl"` (`1.0.2a-fips`)
Fix: https://github.com/joyent/node/issues/25463
PR-URL: https://github.com/nodejs/io.js/pull/1890
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
DHE key lengths less than 1024bits is already weaken as pointed out in
https://weakdh.org/ . 1024bits will not be safe in near future. We
will extend this up to 2048bits somedays later.
PR-URL: https://github.com/nodejs/io.js/pull/1739
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Use the --trace-sync-io flag to print a stack trace whenever a sync
method is used after the first tick, excluding during the process exit
event. (e.g. fs.readFileSync()) It does not track if the warning has
occurred at a specific location in the past and so will print the
warning every time.
Reason for not printing during the first tick of the appication is so
all necessary resources can be required. Also by excluding synchronous
calls during exit is necessary in case any data needs to be logged out
by the application before it shuts down.
Fixes: https://github.com/nodejs/io.js/issues/1674
PR-URL: https://github.com/nodejs/io.js/pull/1707
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Petka Antonov <petka_antonov@hotmail.com>
Do not enable ClientHello parser for async SNI/OCSP. Use new
OpenSSL-1.0.2's API `SSL_set_cert_cb` to pause the handshake process and
load the cert/OCSP response asynchronously. Hopefuly this will make
whole async SNI/OCSP process much faster and will eventually let us
remove the ClientHello parser itself (which is currently used only for
async session, see #1462 for the discussion of removing it).
NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use
`SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this
feature.
Fix: https://github.com/iojs/io.js/issues/1423
PR-URL: https://github.com/iojs/io.js/pull/1464
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
The previous commit enables deprecation warnings, this commit fixes
the handful of offending sites where the isolate was not explicitly
being passed around.
PR-URL: https://github.com/iojs/io.js/pull/1565
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
It's possible for an accessor or named interceptor to get called with
a different execution context than the one it lives in, see the test
case for an example using the debug API.
This commit fortifies against that by passing the environment as a
data property instead of looking it up through the current context.
Fixes: https://github.com/iojs/io.js/issues/1190 (again)
PR-URL: https://github.com/iojs/io.js/pull/1238
Reviewed-By: Fedor Indutny <fedor@indutny.com>
StreamBase is an improved way to write C++ streams. The class itself is
for separting `StreamWrap` (with the methods like `.writeAsciiString`,
`.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making
possible to write abstract C++ streams that are not bound to any uv
socket.
The following methods are important part of the abstraction (which
mimics libuv's stream API):
* Events:
* `OnAlloc(size_t size, uv_buf_t*)`
* `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)`
* `OnAfterWrite(WriteWrap*)`
* Wrappers:
* `DoShutdown(ShutdownWrap*)`
* `DoTryWrite(uv_buf_t** bufs, size_t* count)`
* `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)`
* `Error()`
* `ClearError()`
The implementation should provide all of these methods, thus providing
the access to the underlying resource (be it uv handle, TLS socket, or
anything else).
A C++ stream may consume the input of another stream by replacing the
event callbacks and proxying the writes. This kind of API is actually
used now for the TLSWrap implementation, making it possible to wrap TLS
stream into another TLS stream. Thus legacy API calls are no longer
required in `_tls_wrap.js`.
PR-URL: https://github.com/iojs/io.js/pull/840
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
In the case of using openssl with shared library,
reinterpret_cast<X509V3_EXT_I2V>(i2v_GENERAL_NAMES)) refers plt
pointer so that SafeX509ExtPrint returns false.
Fix it to check it with method of NID_subject_alt_name
This patch originally was created by Fedor Indutny
and Ben Noordhuis
Fixes: https://github.com/iojs/io.js/issues/617
PR-URL: https://github.com/iojs/io.js/pull/800
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Boosts speed up to 10% on primitive `createHash().update().digest()`
benchmark.
PR-URL: https://github.com/iojs/io.js/pull/664
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Previously pseudoRandomBytes worked similarly to randomBytes but in the
event of insufficient entropy would silently return non-secure values.
As of f68a116, the entropy pool blocks if there is insufficient entropy
instead of giving an error so there is now no longer a case where
pseudoRandomBytes would act differently than randomBytes.
Docs are updated to remove pseudoRandomBytes and to clarify that
randomBytes now does block instead of erring when entropy is low.
PR-URL: https://github.com/iojs/io.js/pull/557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Rename the misnomers ASSERT_IS_STRING_OR_BUFFER and ASSERT_IS_BUFFER.
Said macros don't assert, they throw a TypeError and return.
PR-URL: https://github.com/iojs/io.js/pull/529
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The copyright and license notice is already in the LICENSE file. There
is no justifiable reason to also require that it be included in every
file, since the individual files are not individually distributed except
as part of the entire package.
SSLv2 has been deprecated and known broken for nearly twenty years now.
I made SSLv2 support opt-in well over a year ago in commit 39aa894 and
now this commit removes it entirely.
PR-URL: https://github.com/iojs/io.js/pull/290
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Initial attempt to remove all uses of Isolate::GetCurrent(). Still
exists a few locations, but this works out a heavy usage.
PR-URL: https://github.com/iojs/io.js/pull/244
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
Due to a recent V8 upgrade, more methods require Isolate as an argument.
PR-URL: https://github.com/iojs/io.js/pull/244
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
Introduce two-byte overloads of node::Encode() and StringBytes::Encode()
that ensure that the input is suitably aligned.
Revisits commit 535fec8 from yesterday.
In newly introduced `SafeX509ExtPrint` I forgot to insert separators
between extensions, which lead to the "DNS:...DNS:..." thing for npm.
Fix: iojs/io.js#105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/113.patch
Some distributions disable SSLv3 due to POODLE. In such a case, disable
the specific SSLv3 methods and throw an exception, much like the code
already does for SSLv2. The SSLv23* code is retained because this is
OpenSSL's terminology for "no version in particular".
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/iojs/io.js/pull/101
uv_thread_t is a HANDLE (void pointer) on Windows, which means that
on 64-bit windows it cannot be stored with CRYPTO_THREADID_set_numeric
without potential data loss.
PR-URL: https://github.com/iojs/io.js/pull/124
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
In 59658a8de7
the return of uv_thread_self() was changed from unsigned long to
uv_thread_t.
uv_thread_t is a HANDLE (pointer-sized) on Windows, which means that
on Win64 it cannot be stored with CRYPTO_THREADID_set_numeric without
data loss.
Furthermore, without this change there will be a build break on Windows
when the libuv change is integrated into Node, because of the
conversion from HANDLE to unsigned long.
Other related commits:
5845a6bcd5919d8ec63a