This updates the default cipher suite to an more secure list, which
prefers strong ciphers with Forward Secrecy. Additionally, it enables
`honorCipherOrder` by default.
Noteable effect of this change is that the insecure RC4 ciphers are
disabled and that Chrome negotiates a more secure ECDHE cipher.
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/iojs/io.js/pull/826
'.' and '..' are directory specs and resolving urls with or
without the hostname with '.' and '..' should add a trailing
slash to the end of the url.
Fixes: https://github.com/joyent/node/issues/8992
PR-URL: https://github.com/iojs/io.js/pull/278
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
The current implementation uses the arguments object in the Server()
constructor. Since both arguments to Server() are optional, there was a
high likelihood of accessing a non-existent element in arguments, which
carries a performance overhead. This commit replaces the arguments
object with named arguments.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Conflicts:
lib/net.js
The NativeModule system passes NativeModule.require transparently and so
is unnecessary to call explicitly.
The only one which should have the prefix is the in line 295, where
actually implements a big fs-based module system and actually requires a
native module. That is left unchanged.
PR-URL: https://github.com/joyent/node/pull/9201
Ref: https://github.com/joyent/node/issues/2009
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Conflicts:
lib/module.js
This commit restricts socket timeouts non-negative, finite
numbers. Any other value throws a TypeError or RangeError.
This prevents subtle bugs that can happen due to type
coercion.
Fixes: https://github.com/joyent/node/issues/8618
PR-URL: https://github.com/joyent/node/pull/8884
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Conflicts:
lib/timers.js
test/simple/test-net-settimeout.js
test/simple/test-net-socket-timeout.js
These optimizations result in >2x speedup in the ee-add-remove
benchmark:
* Don't mutate array.length when removing the last listener for
an event
* Don't bother checking max listeners if listeners isn't an array
* Don't call delete when removing the last event in _events, just
re-assign a new object instead
PR-URL: https://github.com/iojs/io.js/pull/785
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Evan Lucas <evanlucas@me.com>
This keeps in line with how things are done for the fast path
and *might* even provide a *slight* performance increase.
PR-URL: https://github.com/iojs/io.js/pull/785
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Remove internal object and expose functions directly on binding. This
makes possible to simply use internal functions in other builtin
modules.
PR-URL: https://github.com/iojs/io.js/pull/770
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
This commit improves `readFile` performance by
reducing number of closure allocations and using
`FSReqWrap` directly.
PR-URL: https://github.com/iojs/io.js/pull/718
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
This commit adds the ability to enable userspace tracing with lttng
in io.js. It adds tracepoints for all the equivalent dtrace and ETW
tracepoints. To use these tracepoints enable --with-lttng on linux.
PR-URL: https://github.com/iojs/io.js/pull/702
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ryan Graham <ryan@strongloop.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Cache events and listeners objects where possible and loop over
Object.keys() instead of using for..in. These changes alone give
~60-65% improvement in the ee-add-remove benchmark.
The changes to EventEmitter.listenerCount() gives ~14%
improvement and changes to emitter.listeners() gives
significant improvements for <50 listeners
(~195% improvement for 10 listeners).
The changes to emitter.emit() gives 3x speedup for the fast
cases with multiple handlers and a minor speedup for the slow
case with multiple handlers.
The swapping out of the util.is* type checking functions with inline
checks gives another ~5-10% improvement.
PR-URL: https://github.com/iojs/io.js/pull/601
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Everything that is not an object should be a primitive.
PR-URL: https://github.com/iojs/io.js/pull/739
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
All own enumerable properties are compared already. Comparing
`prototype` property specifically can cause weird behaviour.
PR-URL: https://github.com/iojs/io.js/pull/636
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/634
Reviewed-BY: Nicu Micleușanu <micnic90@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Private keys may be used along with publicEncrypt since the private key
includes the public one. This adds the ability to use encrypted private
keys which previously threw an error. This commit also makes sure the
user exposed functions have names.
PR-URL: https://github.com/iojs/io.js/pull/626
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Many of the util.is*() methods used to check data types
simply compare against a single value or the result of
typeof. This commit replaces calls to these methods with
equivalent checks. This commit does not touch calls to the
more complex methods (isRegExp(), isDate(), etc.).
Fixes: https://github.com/iojs/io.js/issues/607
PR-URL: https://github.com/iojs/io.js/pull/647
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Currently, JSON.stringify() is used to create error messages
on failed assertions. This causes an error when stringifying
objects with circular references. This commit switches out
JSON.stringify() for util.inspect(), which can handle
circular references.
PR-URL: https://github.com/iojs/io.js/pull/668
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
Reviewed-By: Bert Belder <bertbelder@gmail.com>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
A number -> uint32 type coercion bug made buffer sizes
larger than kMaxLength (0x3fffffff) wrap around.
Instead of rejecting the requested size with an exception,
the constructor created a buffer with the wrong size.
PR-URL: https://github.com/iojs/io.js/pull/657
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Server sockets should be shared by default, and client sockets should be
exclusive by default. For net/TCP, this is how it is, for dgram/UDP, its
a little less clear what a client socket is, but a socket that is
auto-bound during a dgram.send() is not usefully shared among cluster
workers, any more than an outgoing TCP connection would be usefully
shared.
Since implicit binds become exclusive, implicit/client dgram sockets can
now be used with cluster on Windows. Before, neither explicit nor
implicitly bound sockets could be used, causing dgram to be completely
unsupported with cluster on Windows. After this change, they become half
supported.
PR: https://github.com/iojs/io.js/pull/325
PR: https://github.com/joyent/node/pull/8643
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-by: Bert Belder <bertbelder@gmail.com>
Per #445 this removes a reference to this._readableState in hash._flush. It was
used to get the encoding on the readable side to pass to the writable side but
omitting it just causes the stream to handle the encoding issues.
PR-URL: https://github.com/iojs/io.js/pull/610
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
This makes possible to use `for..of` loop with
buffers. Also related `keys`, `values` and `entries`
methods are added for feature parity with `Uint8Array`.
PR-URL: https://github.com/iojs/io.js/pull/525
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Console.prototype.timeEnd() returns NaN if the timer label
corresponds to a property on Object.prototype. This commit
uses a Map to construct the _times object.
Fixes: https://github.com/joyent/node/issues/9069
PR-URL: https://github.com/iojs/io.js/pull/563
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
There is no need to check `flowing` since `resume` does
nothing when `flowing` is already true.
PR-URL: https://github.com/iojs/io.js/pull/511
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
When address is not provided to `server.listen()`, `_connectionKey` and
error messages should include actual address and correct family.
PR-URL: https://github.com/iojs/io.js/pull/539
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Overriding module argument with const causes a SyntaxError. This
commit changes the variable name to remove the error.
PR-URL: https://github.com/iojs/io.js/pull/572
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This commit introduces a nop function that is used as the
Writable.prototype.write() callback when one is not provided.
This saves on function object creation.
PR-URL: https://github.com/iojs/io.js/pull/564
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Previously pseudoRandomBytes worked similarly to randomBytes but in the
event of insufficient entropy would silently return non-secure values.
As of f68a116, the entropy pool blocks if there is insufficient entropy
instead of giving an error so there is now no longer a case where
pseudoRandomBytes would act differently than randomBytes.
Docs are updated to remove pseudoRandomBytes and to clarify that
randomBytes now does block instead of erring when entropy is low.
PR-URL: https://github.com/iojs/io.js/pull/557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
These flags were defined as constants, but could be
overwritten when exported from fs. This commit exports
the flags as read only properties of fs.
PR-URL: https://github.com/iojs/io.js/pull/507
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This commit replaces a number of var statements throughout
the lib code with const statements.
PR-URL: https://github.com/iojs/io.js/pull/541
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Since setting object properties in C++ can be slow, pass
data to JS using preallocated smalloc buffer and create
object in JS instead.
PR-URL: https://github.com/iojs/io.js/pull/469
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Commit 2931348 added EventEmitter#getMaxListeners() but introduced a
regression when people abuse EventEmitter.prototype.on.call() to call
EventEmitter#on() on a non-EE object. Add a workaround for that.
Fixes: https://github.com/iojs/io.js/issues/523
PR-URL: https://github.com/iojs/io.js/pull/527
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Define fs constants using const, as the newer version of
v8 supports it, and appears to be capable of optimizing.
PR-URL: https://github.com/iojs/io.js/pull/522
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Previously if a worker's state machine had already transitioned into the
'listening' state when it received the message enabling the debugger,
the worker would never enable its debugger.
Change the logic to allow the 'listening' as a valid state for enabling
the debugger.
Fixes: https://github.com/joyent/node/issues/6440
Original-PR-URL: https://github.com/joyent/node/pull/9037
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
Fixes: https://github.com/iojs/io.js/issues/340
PR-URL: https://github.com/iojs/io.js/pull/501
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Bert Belder <bertbelder@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Roman Reiss
Amir Saboury
cjihrig
Herbert Vojčík
Brian White
Vladimir Kurchatkin
Glen Keane
Michaël Zasso
Ben Noordhuis
Zach Bruggeman
Sam Newman
Jonathan Ong
Calvin Metcalf
Yosuke Furukawa
Sam Roberts
Qasim Zaidi
Fedor Indutny
Alex Kocharin
Aleksey Smolenchuk
Jonathan Ong
Jackson Tian
Timothy J Fontaine