Original commit message:
win: don't fetch function pointers to SRWLock APIs
They're no longer needed, since the Windows-native SRWLock functions are
no longer used.
PR-URL: https://github.com/libuv/libuv/pull/525
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
PR-URL: https://github.com/nodejs/node-private/pull/54
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
Original commit message:
win: redo/fix the uv_rwlock APIs
Previously, on Windows Vista and later, we'd use the Windows native
SRWLock APIs. However they turned out to be semantically incompatible
with pthread read-write locks and/or plain buggy. This patch makes sure
that the custom implementation that was previously only used on old
Windows versions is now used everywhere.
This patch fixes a number of issues with the old fallback
implementation. Specifically:
* The reader count would not be incremented when a thread successfully
acquired a read lock while another thread *also* held a read lock.
* `uv_rwlock_tryrdlock()` and `uv_rwlock_trywrlock()` now
consistently return UV_EBUSY when a lock couldn't be acquired.
* Any unexpected errors now cause libuv to abort, with the exception of
`uv_rwlock_init()`.
See also https://github.com/libuv/libuv/issues/515.
PR-URL: https://github.com/libuv/libuv/pull/525
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
PR-URL: https://github.com/nodejs/node-private/pull/54
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
Original commit message:
win: fix unsavory rwlock fallback implementation
Before this patch an uv_mutex_t (backed by a critical section) could be
released by a tread different from the thread that acquired it, which is
not allowed. This is fixed by using a semaphore instead.
Note that the affected code paths were used on Windows XP and Windows
Server 2003 only.
Fixes: https://github.com/libuv/libuv/issues/515
PR-URL: https://github.com/libuv/libuv/pull/516
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
PR-URL: https://github.com/nodejs/node-private/pull/54
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
Original commit message:
Fix overflow issue in Zone::New
When requesting a large allocation near the end of the address space,
the computation could overflow and erroneously *not* grow the Zone
as required.
BUG=chromium:606115
LOG=y
Review-Url: https://codereview.chromium.org/1930873002
Cr-Commit-Position: refs/heads/master@{#35903}
PR-URL: https://github.com/nodejs/node-private/pull/44
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
Back-port commit 76f40f7 ("test: stronger crypto in test fixtures") from
the master branch.
Pushes back the expiration date of test/fixtures/keys/ca2-crl.pem to
2018, fixing a CRL_HAS_EXPIRED error in simple/test-tls-server-verify.
Fixes: https://github.com/nodejs/node/issues/7194
PR-URL: https://github.com/nodejs/node/pull/7195
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
(cherry picked from commit 9f0f7c38e6df975dd39735d0e9ef968076369c74)
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/25368
Notable changes:
* npm: Upgrade to v2.15.1. Fixes a security flaw in the use of
authentication tokens in HTTP requests that would allow an attacker
to set up a server that could collect tokens from users of the
command-line interface. Authentication tokens have previously been
sent with every request made by the CLI for logged-in users,
regardless of the destination of the request. This update fixes this
by only including those tokens for requests made against the
registry or registries used for the current install.
(Forrest L Norvell) https://github.com/nodejs/node/pull/5967
* openssl: OpenSSL v1.0.1s disables the EXPORT and LOW ciphers as they
are obsolete and not considered safe. This release of Node.js turns
on `OPENSSL_NO_WEAK_SSL_CIPHERS` to fully disable the 27 ciphers
included in these lists which can be used in SSLv3 and higher. Full
details can be found in our LTS discussion on the matter
(https://github.com/nodejs/LTS/issues/85).
(Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
PR-URL: https://github.com/nodejs/node/pull/5967
DES-CBC-SHA is LOW cipher and disabled by default and it is used in
tests of hornorcipherorder. They are changed as to
- use RC4-SHA instead of DES-CBC-SHA.
- add ECDHE-RSA-AES256-SHA to entries to keep the number of ciphers.
- remove tests for non-default cipher because only SEED and IDEA are
available in !RC4:!HIGH:ALL.
Fixes: https://github.com/nodejs/LTS/issues/85
PR-URL: https://github.com/nodejs/node/pull/5712
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
backport fix for test-http-get-pipeline-problem.js from master
to 0.12.X. We've been seeing an intermittent failure
in runs for zLinux with SLES 12. We confirmed that this fix
resolves the issue so would like it in 0.12.X
The original commit does not apply cleanly as the paths were
changed, but the actual change is identical. The original commit was:
3ba4f71fc4
PR-URL: https://github.com/nodejs/node/pull/3013
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
Invoke MSBuild specifying the target platform as generated by Gyp.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/5627
Notable changes:
* openssl: Fully remove SSLv2 support, the `--enable-ssl2` command
line argument will now produce an error. The DROWN Attack
(https://drownattack.com/) creates a vulnerability where SSLv2 is
enabled by a server, even if a client connection is not using SSLv2.
The SSLv2 protocol is widely considered unacceptably broken and
should not be supported. More information is available at
https://www.openssl.org/news/vulnerabilities.html#2016-0800
Note that the upgrade to OpenSSL 1.0.1s in Node.js v0.12.11 removed
internal SSLv2 support. The change in this release was originally
intended for v0.12.11. The `--enable-ssl2` command line argument now
produces an error rather than being a no-op.
Remove support for SSLv2 because of DROWN (CVE-2016-0800).
Use of the `--enable-ssl2` flag is now an error; node will print an
error message and exit.
PR-URL: https://github.com/nodejs/node/pull/5536
Reviewed-By: Rod Vagg <rod@vagg.org>
Notable changes:
* http_parser: Update to http-parser 2.3.2 to fix an unintentionally
strict limitation of allowable header characters.
(James M Snell) https://github.com/nodejs/node/pull/5241
* domains:
- Prevent an exit due to an exception being thrown rather than
emitting an 'uncaughtException' event on the `process` object when
no error handler is set on the domain within which an error is
thrown and an 'uncaughtException' event listener is set on
`process`. (Julien Gilli) https://github.com/nodejs/node/pull/3885
- Fix an issue where the process would not abort in the proper
function call if an error is thrown within a domain with no error
handler and `--abort-on-uncaught-exception` is used.
(Julien Gilli) https://github.com/nodejs/node/pull/3885
* openssl: Upgrade from 1.0.2f to 1.0.2g
(Ben Noordhuis) https://github.com/nodejs/node/pull/5509
- Fix a double-free defect in parsing malformed DSA keys that may
potentially be used for DoS or memory corruption attacks. It is
likely to be very difficult to use this defect for a practical
attack and is therefore considered low severity for Node.js users.
More info is available at
https://www.openssl.org/news/vulnerabilities.html#2016-0705
- Fix a defect that can cause memory corruption in certain very rare
cases relating to the internal `BN_hex2bn()` and `BN_dec2bn()`
functions. It is believed that Node.js is not invoking the code
paths that use these functions so practical attacks via Node.js
using this defect are _unlikely_ to be possible. More info is
available at
https://www.openssl.org/news/vulnerabilities.html#2016-0797
- Fix a defect that makes the CacheBleed Attack
(https://ssrg.nicta.com.au/projects/TS/cachebleed/) possible. This
defect enables attackers to execute side-channel attacks leading
to the potential recovery of entire RSA private keys. It only
affects the Intel Sandy Bridge (and possibly older)
microarchitecture when using hyper-threading. Newer
microarchitectures, including Haswell, are unaffected. More info
is available at
https://www.openssl.org/news/vulnerabilities.html#2016-0702
Fixes http-parser regression with IS_HEADER_CHAR check
Add test case for obstext characters (> 0x80) in header
PR-URL: https://github.com/nodejs/node/pull/5241
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
It is possible that the internal handleMessage() might try to send to
a channel that has been closed. The result can be an AssertionError.
Guard against this.
Fixes: https://github.com/nodejs/node/issues/4205
PR-URL: https://github.com/nodejs/node/pull/5153
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This commit prevents child process stdio streams from being
automatically flushed on child process exit/close if a 'readable'
event handler has been attached at the time of exit.
Without this, child process stdio data can be lost if the process
exits quickly and a `read()` (e.g. from a 'readable' handler)
hasn't had the chance to get called yet.
Fixes: https://github.com/nodejs/node/issues/5034
PR-URL: https://github.com/nodejs/node/pull/5037
Reviewed-By: James M Snell <jasnell@gmail.com>
Fix node exiting due to an exception being thrown rather than emitting
an 'uncaughtException' event on the process object when:
1. no error handler is set on the domain within which an error is thrown
2. an 'uncaughtException' event listener is set on the process
Also fix an issue where the process would not abort in the proper
function call if an error is thrown within a domain with no error
handler and --abort-on-uncaught-exception is used.
Fixes#3607 and #3653.
PR: #3885
PR-URL: https://github.com/nodejs/node/pull/3885
Reviewed-By: James M Snell <jasnell@gmail.com>
d1ba82af1c2528c71e1b6b6a57844a7519b66ccb "fixed"
test-domain-exit-dispose-again by changing its logic to test that
process.domain was cleared properly in case an error was thrown from
a timer's callback.
However, it became clear when reviewing a recent change that refactors
lib/timers.js that it was not quite the intention of the original test.
Thus, this change adds the original implementation of
test-domain-exit-dispose-again back, with comments that make its
implementation easier to understand.
It also preserves the changes made by
d1ba82af1c2528c71e1b6b6a57844a7519b66ccb, but it moves them to a new
test file named test-timers-reset-process-domain-on-throw.js.
PR: #4278
PR-URL: https://github.com/nodejs/node/pull/4278
Reviewed-By: James M Snell <jasnell@gmail.com>
PR #3890 [1] introduced the variable ALLOW_INSECURE_SERVER_DHPARAM defined
in src/node_crypto.cc. However, if nodejs is built without OpenSSL support,
the build fails:
error: ‘ALLOW_INSECURE_SERVER_DHPARAM’ was not declared in this scope
ALLOW_INSECURE_SERVER_DHPARAM = true;
Fix this by using the preprocessor macro HAVE_OPENSSL to opt-out the use of
ALLOW_INSECURE_SERVER_DHPARAM in non-OpenSSL builds.
[1] https://github.com/nodejs/node/pull/3890
PR-URL: https://github.com/nodejs/node/pull/4201
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
test-domain-exit-dispose-again had been written for node v0.10.x, and
was using the fact that callbacks scheduled with `process.nextTick`
wouldn't run if the domain attached to it was disposed.
This is not longer the case, and as a result the test would not catch
any regression: it would always pass.
This change rewrites that test to check that the current domain is
cleared properly when processing the rest of the timers list if a
timer's callback throws an error. This makes the test fail without the
original fix, and pass with the original fix, as expected.
PR: #3991
PR-URL: https://github.com/nodejs/node/pull/3991
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The call to node::Environment::GetCurrent(Isolate*) makes the call to
v8::Isolate::GetCurrentContext(). Doing so creates a new handle that
bubbled to the v8::SealHandleScope().
PR-URL: https://github.com/nodejs/node/pull/3945
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: James Snell <jasnell@gmail.com>
Original commit message:
api: introduce SealHandleScope
When debugging Handle leaks in io.js we found it very convenient to be
able to Seal some specific (root in our case) scope to prevent Handle
allocations in it, and easily find leakage.
R=yangguo
BUG=
Review URL: https://codereview.chromium.org/1079713002
Cr-Commit-Position: refs/heads/master@{#27766}
Should help us identify and fix Handle leaks in core and user-space code.
PR-URL: https://github.com/nodejs/node/pull/3945
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: James Snell <jasnell@gmail.com>
This is an important security release. All Node.js users should
consult the security release summary at nodejs.org for details on
patched vulnerabilities.
Notable changes:
* http: fix defects in HTTP header parsing for requests and responses
that can allow request smuggling (CVE-2016-2086) or response
splitting (CVE-2016-2216). HTTP header parsing now aligns more
closely with the HTTP spec including restricting the acceptable
characters.
* http-parser: upgrade from 2.3.0 to 2.3.1
* openssl: upgrade from 1.0.1q to 1.0.1r. To mitigate against the
Logjam attack, TLS clients now reject Diffie-Hellman handshakes with
parameters shorter than 1024-bits, up from the previous limit of
768-bits.
* src:
- introduce new `--security-revert={cvenum}` command line flag for
selective reversion of specific CVE fixes
- allow the fix for CVE-2016-2216 to be selectively reverted using
`--security-revert=CVE-2016-2216`
* build:
- xz compressed tar files will be made available from nodejs.org for
v0.12 builds from v0.12.10 onward
- A headers.tar.gz file will be made available from nodejs.org for
v0.12 builds from v0.12.10 onward, a future change to node-gyp
will be required to make use of these
PR-URL: https://github.com/nodejs/node-private/pull/24
PR-URL: https://github.com/nodejs/node/pull/4894
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
* Include reference to CVE-2015-8027
* Fix "socket may no longer have a socket" reference
* Expand on non-existent parser causing the error
* Clarify that CVE-2015-3194 affects TLS servers using _client
certificate authentication_
PR-URL: https://github.com/nodejs/node/pull/4154
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Backport the tools/install.py changes from 628a3ab that were missed
when 6fb0b92 backported the corresponding changes to the Makefile to
build the headers only archive.
PR-URL: https://github.com/nodejs/node/pull/4149
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: Rod Vagg <rod@vagg.org>
Rod Vagg
Ben Noordhuis
Kat Marchán
Forrest L Norvell
Shigeki Ohtsu
Fedor Indutny
Gibson Fahnestock
Michael Dawson
João Reis
James M Snell
Rich Trott
Brian White
Julien Gilli
Jörg Krause
Trevor Norris
Richard Lau