`http.OutgoingMessage` tried to send the first chunk together
with the headers by concatenating them together as a string, but the
list of encodings for which that works was incorrect.
Change it from a blacklist to a whitelist.
Fixes: https://github.com/nodejs/node/issues/11788
PR-URL: https://github.com/nodejs/node/pull/12747
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Delete invalid parameter.
Fixes: https://github.com/nodejs/node/issues/8153
PR-URL: https://github.com/nodejs/node/pull/12767
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: David Cai <davidcai1993@yahoo.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
`node_trace.*.log` files are generated by `NodeTraceWriter`.
Refs: https://github.com/nodejs/node/pull/9304
PR-URL: https://github.com/nodejs/node/pull/12754
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Start the transition to Array.prototype.includes() and
String.prototype.includes(). This commit refactors most of the
comparisons of Array.prototype.indexOf() and String.prototype.indexOf()
return values with -1 to the former methods in tests.
PR-URL: https://github.com/nodejs/node/pull/12604
Refs: https://github.com/nodejs/node/issues/12586
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
* Improve UX in 2 code examples (add spaces between output and input
for better readability).
* Replace indexOf() by startsWith().
PR-URL: https://github.com/nodejs/node/pull/12634
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
This fixes a regression from 83887f35fa where ftruncate() fails on
a file symlinked to /dev/null.
PR-URL: https://github.com/nodejs/node/pull/12762
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
On Windows when REPL history file has the hidden attribute node will
fail when trying to open it in 'w' mode. This changes the mode to
'r+'. The file is guaranteed to exists because of earlier open call
with 'a+'.
Fixes: https://github.com/nodejs/node/issues/5261
PR-URL: https://github.com/nodejs/node/pull/12207
Reviewed-By: James M Snell <jasnell@gmail.com>
Remove common.PORT from test-cluster-worker-wait-server-close
possibility that a dynamic port used in another test will collide
with common.PORT.
PR-URL: https://github.com/nodejs/node/pull/12466
Ref: https://github.com/nodejs/node/issues/12376
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Explicitly initialize `platform_` to nullptr. Coverity cannot divine
it is set and cleared by the Setup() and TearDown() methods.
PR-URL: https://github.com/nodejs/node/pull/12387
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/12451
Ref: https://github.com/nodejs/node/issues/12376
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Replace [].join calls with the more modern .repeat
PR-URL: https://github.com/nodejs/node/pull/12305
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
The `cflags` for `--coverage` included `-O0` so far, but that was
overridden by a later `-O3`. Resolve that by adding
`'cflags!': [ '-O3' ]` and increase coverage accuracy.
Ref: https://coverage.nodejs.org/
PR-URL: https://github.com/nodejs/node/pull/12406
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Running the addon tests before the parallel, sequential, etc. tests
can be a problem if there is a bug in node that prevents the
addon tests from running properly. When the addon tests fail for any
reason, then none of the other tests (e.g. parallel, etc.)
are executed.
Running the addon tests last fixes this.
Refs: https://github.com/nodejs/node/issues/12031
PR-URL: https://github.com/nodejs/node/pull/12062
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Using `xargs -r` on some platforms and `xargs` on others doesn't work,
we can't guarantee whether xargs is GNU or not. Avoid the issue by only
running kill if there are processes to clean.
PR-URL: https://github.com/nodejs/node/pull/12158
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This test was disabled in 2013 because it spams random IPs with UDP
messages. We've been doing fine for four years without so let's delete
it.
PR-URL: https://github.com/nodejs/node/pull/12330
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Check that invoking a callback on a receiver from a different context
works.
It ran afoul of an `env->context() == isolate->GetCurrentContext()`
assertion so retrieve the environment from the callback context and
the context to enter from the environment's context() method.
We could also have retrieved the environment from the receiver's context
and that would have made little practical difference. It just seemed
more correct to get it from the callback context because that is the
actual execution context.
PR-URL: https://github.com/nodejs/node/pull/9221
Reviewed-By: Anna Henningsen <anna@addaleax.net>
It's only used once at startup in a single place so create the string
in place instead of caching it for the lifetime of the isolate.
PR-URL: https://github.com/nodejs/node/pull/9213
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Sometimes, after a cluster or debug test fails, a fixture hangs around
and holds onto a needed port, causing subsequent CI runs to fail. This
adds a command I've been running manually when this occurs. The command
will clear the stalled jobs before a CI run.
PR-URL: https://github.com/nodejs/node/pull/11246
Backport-PR-URL: https://github.com/nodejs/node/pull/13754
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Josh Gavant <josh.gavant@outlook.com>
Replace custom lint rule for `assert.fail()` function signature errors
with a restricted-syntax rule.
PR-URL: https://github.com/nodejs/node/pull/12287
Reviewed-By: Teddy Katz <teddy.katz@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Remove tls_server.js that has been disabled for about 6 years. It
appears to have worked in concert with some other file which has since
been removed. It seems to create a server and set up a bunch of
listeners, but it does not appear to have code that connects to the
server and triggers any of those listeners.
PR-URL: https://github.com/nodejs/node/pull/12275
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Use no-restricted-syntax to implement the requirement that `Error`
objects must be thrown with the `new` keyword.
PR-URL: https://github.com/nodejs/node/pull/12249
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Teddy Katz <teddy.katz@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
This commit adds C++ tests for `base64_encode()` and `base64_decode()`
functions defined in `base64.h`. The functionality is already being
tested indirectly in JavaScript tests for Buffer, but it won't hurt to
test the low-level functions too, especially given that they aren't only
used in the internal Buffer implementation, Chrome inspector protocol
support relies upon them too.
PR-URL: https://github.com/nodejs/node/pull/12238
Refs: https://github.com/nodejs/node/pull/12146#issuecomment-291559685
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
1. necessarily reliably => necessarily reliable
2. projects root directory => project's root directory
3. remove `console` highlighting, as `test` alone is highlighted
4. fix broken link for Android NDK
5. highlight the directory location `/usr/local/ssl/fips-2.0`
6. update expected output to an example for `process.versions.openssl` as the
version displayed is not mentioned in the document
PR-URL: https://github.com/nodejs/node/pull/11963
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/12102
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
They tend to hang if they happen to run in parallel with another test
that uses common.PORT.
PR-URL: https://github.com/nodejs/node/pull/13592
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
The test uses common.PORT, and has already been deleted on master.
PR-URL: https://github.com/nodejs/node/pull/13580
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This is a local patch because upstream fixed it differently by moving
large chunks of code out of objects.h. We cannot easily back-port
those changes due to their size and invasiveness.
Fixes: https://github.com/nodejs/node/issues/10388
PR-URL: https://github.com/nodejs/node/pull/12392
Backport-PR-URL: https://github.com/nodejs/node/pull/13574
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Functions that call `ECDH::BufferToPoint` were not clearing the
error stack on failure, so an invalid key could leave leftover
error state and cause subsequent (unrelated) signing operations
to fail.
PR-URL: https://github.com/nodejs/node/pull/13275
Backport-PR-URL: https://github.com/nodejs/node/pull/13397
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This is a partial backport of semver-patch bits of
9e4660b518.
This commit fixes the Node process crashing when constructors of classes
of the zlib module are given invalid options.
* Throw an Error when the zlib library rejects the value of windowBits,
instead of crashing with an assertion.
* Treat windowBits and memLevel options consistently with other ones and
don't crash when non-numeric values are given.
PR-URL: https://github.com/nodejs/node/pull/13098
Backport-PR-URL: https://github.com/nodejs/node/pull/13201
Fixes: https://github.com/nodejs/node/issues/13082
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Refactor test for situations where it was expected to fail.
Move from disabled directory to parallel.
PR-URL: https://github.com/nodejs/node/pull/12403
Backport-PR-URL: https://github.com/nodejs/node/pull/13060
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
- fix a number of uppercase types
- lowercase 'integer'
- consistent formatting in crypto
PR-URL: https://github.com/nodejs/node/pull/11697
Backport-PR-URL: https://github.com/nodejs/node/pull/13054
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
This commit attempts to fix an issue when building on windows using the
following command line options:
.\vcbuild.bat dll debug x64 vc2015
This will result in the following options passed to configure:
configure --debug --shared --dest-cpu=x64 --tag=
This commit excludes the dependency to openssl if node is configured
with --shared.
Also, FP_API to the categories to export in mkssldef when generating
the module definition (openssl.def) allowing the build to compile and
link successfully.
Fixes: https://github.com/nodejs/node/issues/12952
PR-URL: https://github.com/nodejs/node/pull/13078
Backport-PR-URL: https://github.com/nodejs/node/pull/12948
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Refael Ackermann <refack@gmail.com>
This commit tries to make it simpler to add unit tests (cctest) for
code that needs to test node core funtionality but that might not be
appropriate as an addon or a JavaScript test. An example of this could
be adding functionality targeted for situations when Node itself is
embedded.
Currently it was not as easy, or efficient, as one would have hoped to
add such tests. The object output directories vary for different
operating systems which we need to link to so that we don't have an
additional compilation step.
PR-URL: https://github.com/nodejs/node/pull/11956
Backport-PR-URL: https://github.com/nodejs/node/pull/12948
Ref: https://github.com/nodejs/node/pull/9163
Reviewed-By: James M Snell <jasnell@gmail.com>
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/
for details on patched vulnerabilities.
Notable Changes:
* build:
- Disable V8 snapshots - The hashseed embedded in the snapshot is
currently the same for all runs of the binary. This opens node
up to collision attacks which could result in a Denial of Service.
We have temporarily disabled snapshots until a more robust solution
is found (Ali Ijaz Sheikh)
* deps:
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(),
which is used for parsing NAPTR responses, could be triggered to
read memory outside of the given input buffer if the passed in DNS
response packet was crafted in a particular way. This patch checks
that there is enough data for the required elements of an NAPTR
record (2 int16, 3 bytes for string lengths) before processing a
record. (David Drysdale)
PR-URL: https://github.com/nodejs/node-private/pull/89
Original commit message:
ares_parse_naptr_reply: check sufficient data
Check that there is enough data for the required elements
of an NAPTR record (2 int16, 3 bytes for string lengths)
before processing a record.
This patch fixes CVE-2017-1000381
The c-ares function ares_parse_naptr_reply(), which is used for
parsing NAPTR responses, could be triggered to read memory outside
of the given input buffer if the passed in DNS response packet was
crafted in a particular way.
Refs: https://c-ares.haxx.se/adv_20170620.html
Refs: https://c-ares.haxx.se/CVE-2017-1000381.patch
PR-URL: https://github.com/nodejs/node-private/pull/88
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This tests that the hash seed used by V8 for hashing is random.
PR-URL: https://github.com/nodejs/node-private/pull/84
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Anna Henningsen
Tony Rice
Leo
Daijiro Wachi
gwer
Sebastian Plesciuc
Vse Mozhet Byt
Brian White
Bartosz Sosnowski
Ben Noordhuis
Tarun Batra
Jackson Tian
Refael Ackermann
Sebastian Van Sande
Gibson Fahnestock
Rich Trott
Alexey Orlenko
Sakthipriyan Vairamani (thefourtheye)
Amelia Clarke
DavidCai
Zuzana Svetlikova
Ryan Kelly
Roman Reiss
Daniel Bevenius
Myles Borins
David Drysdale
Ali Ijaz Sheikh