constants.ENGINE_METHOD_RSA was documented, but not implemented.
PR-URL: https://github.com/nodejs/node/pull/5463
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Default to FIPS off even in FIPS builds.
Add JS API to check and control FIPS mode.
Add command line arguments to force FIPS on/off.
Respect OPENSSL_CONF variable and read the config.
Add testing for new features.
Fixes: https://github.com/nodejs/node/issues/3819
PR-URL: https://github.com/nodejs/node/pull/5181
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Michael Dawson <michael_dawson@ca.ibm.com>
Fix segmentation faults when compiling the same code with
`produceCachedData` option. V8 ignores the option when the code is in
its compilation cache and does not return cached data. Added
`cachedDataProduced` property to `v8.Script` to denote whether the
cached data is produced successfully.
PR-URL: https://github.com/nodejs/node/pull/5343
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Method `LinkedBinding` must return the same "exports" property
of the module as cached, because property can be overridden
by an initialization function.
PR-URL: https://github.com/nodejs/node/pull/5337
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
When the parent uid is required it is not necessary to store the uid in
the parent handle object.
PR-URL: https://github.com/nodejs/node/pull/4600
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
All other hooks have uid as the first argument, this makes it consistent
for all hooks.
PR-URL: https://github.com/nodejs/node/pull/4600
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
By doing this users can use a Map object for storing information instead
of modifying the handle object.
PR-URL: https://github.com/nodejs/node/pull/4600
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
ESLint 2.1.0 is coming. Some lint rules have been tightened.
PR-URL: https://github.com/nodejs/node/pull/5214
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: jbergstroem - Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
The value's type is unsigned so it will always be >= 0.
PR-URL: https://github.com/nodejs/node/pull/5233
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
process is an EventEmitter. There are operations that increment and
decrement the _eventsCount property of an EventEmitter.
process._eventsCount would previously get set to NaN. This change makes
process._eventsCount be calculated as expected.
PR-URL: https://github.com/nodejs/node/pull/5208
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
After attempting to use ReThrow() and Reset() there were cases where
firing the domain's error handlers was not happening. Or in some cases
reentering MakeCallback would still cause the domain enter callback to
abort (because the error had not been Reset yet).
In order for the script to properly stop execution when a subsequent
call to MakeCallback throws it must not be located within a TryCatch.
PR-URL: https://github.com/nodejs/node/pull/4507
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Environment::TickInfo::last_threw() is no longer in use.
Also pass Isolate to few methods and fix whitespace alignment.
PR-URL: https://github.com/nodejs/node/pull/4507
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Add a scope that will allow MakeCallback to know whether or not it's
currently running. This will prevent nextTickQueue and the
MicrotaskQueue from being processed recursively. It is also required to
wrap the bootloading stage since it doesn't run within a MakeCallback.
Ref: https://github.com/nodejs/node-v0.x-archive/issues/9245
PR-URL: https://github.com/nodejs/node/pull/4507
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Implementations of error handling between node::MakeCallback() and
AsyncWrap::MakeCallback() do not return at the same point. Make both
executions work the same by moving the early return if there's a caught
exception just after the AsyncWrap post callback. Since the domain's
call stack is cleared on a caught exception there is no reason to call
its exit() callback.
Remove the SetVerbose() statement in the AsyncWrap pre/post callback
calls since it does not affect the callback call.
PR-URL: https://github.com/nodejs/node/pull/4507
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Prior to this change, the NodeBIO objects used to wrap fixed data had
`num` equal to -1. This caused them to return -1 and set the retry flags
when they ran out of data. Since the data is fixed, that's incorrect.
Instead they should return zero to signal EOF.
This change adds a new, static function, NodeBIO::NewFixed to create a
BIO that wraps fixed data and which returns zero when exhausted.
The practical impact of this is limited since most (all?) the parsing
functions that these BIOs get passed to consider any return value less
than one to be EOF and ignore the retry flags anyway.
PR-URL: https://github.com/nodejs/node/pull/5105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Can now call fill() using following parameters if value is a String:
fill(string[, start[, end]][, encoding])
And with the following if value is a Buffer:
fill(buffer[, start[, end]])
The encoding is ignored if value is not a String. All other non-Buffer
values are coerced to a uint32.
A multibyte strings will simply be copied into the Buffer until the
number of bytes run out. Meaning partial strings can be left behind:
Buffer(3).fill('\u0222');
// returns: <Buffer c8 a2 c8>
In some encoding cases, such as 'hex', fill() will throw if the input
string is not valid.
PR-URL: https://github.com/nodejs/node/pull/4935
Reviewed-By: James M Snell <jasnell@gmail.com>
The `root` and `GLOBAL` were never documented.
PR-URL: https://github.com/nodejs/node/pull/1838
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
The `--security-revert={cvenum}` command line flag is a special purpose
flag to be used only in stable or LTS branches when a breaking change
is required to address a security vulnerability. Whenever a vulnerability
requires a breaking change, and a CVE has been assigned, the flag can
be used to force Node to revert to the insecure behavior that was
implemented before the fix was applied.
Note that this flag is intended to be used only as a last resort in the
case a security update breaks existing code. When used, a security
warning will be printed to stderr when Node launches.
The `--security-revert={cvenum}` flag takes a single CVE number as an
argument. Multiple instances of the `--security-revert={cvenum}` flag
can be used on the command line to revert multiple changes.
Whenever a new `--security-revert={cvenum}` is enabled, it should be
documented in the release notes and in the API docs.
Master and the first release of a new major (e.g. v6.0) should not have
any reverts available.
Every time a new `--security-revert={cvenum}` is added, there should be
a semver-minor bump in the stable and LTS branch.
PR-URL: https://github.com/nodejs/node-private/pull/26
Reviewed-By: Rod Vagg <r@va.gg>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Prevent deoptimization of process.nextTick by removing the try finally
block. This is not necessary as the next tick queue will be reset
anyway, no matter if the callback throws or not.
Use a predefined array size prevents resizing the array and is therefor
faster.
PR-URL: https://github.com/nodejs/node/pull/5092
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
`sk_X509_pop_free` should be used instead of `sk_X509_free` to free all
items in queue too, not just the queue itself.
PR-URL: https://github.com/nodejs/node/pull/5109
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
According to documentation all certificates specified in `pfx` option
should be treated as a CA certificates too. While it doesn't seem to be
logically correct to me, we can't afford to break API stability at this
point.
Fix: #5100
PR-URL: https://github.com/nodejs/node/pull/5109
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Resolving plain PTR records is used beyond reverse DNS, most
prominently with DNS-SD (RFC6763). This adds dns.resolvePtr(),
and uses it (instead of dns.reverse()) in dns.resolve().
PR-URL: https://github.com/nodejs/node/pull/4921
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Brian White <mscdex@mscdex.net>
Prefer using Object.setPrototypeOf() instead.
PR-URL: https://github.com/nodejs/node/pull/5069
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The comment stating it was deprecated was added in 2011 via
4ef8f06fe6. It is time to
actually deprecate it.
PR-URL: https://github.com/nodejs/node/pull/5049
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
This commit adds a new method for TLS sockets that returns the
negotiated protocol version.
PR-URL: https://github.com/nodejs/node/pull/4995
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Stop using the deprecated `GetHiddenValue()` and `SetHiddenValue()`
methods, start using `GetPrivate()` and `SetPrivate()` instead.
This commit turns some of the entries in the per-isolate string table
into private symbols.
PR-URL: https://github.com/nodejs/node/pull/5045
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
The SSL_CTX_clear_extra_chain_certs function clears the extra
certificates associated with an SSL_CTX without reaching into the
SSL_CTX structure itself (which will become impossible in OpenSSL
1.1.0). The underlying implementation in OpenSSL[1] is the same what the
code was doing and OpenSSL has provided this function since 0.9.8 so
this change should be fully compatible.
[1] https://github.com/nodejs/node/blob/master/deps/openssl/openssl/ssl/s3_lib.c#L3899
PR-URL: https://github.com/nodejs/node/pull/4919
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Do not blindly take data from underlying `ArrayBuffer`, use
`ByteOffset`/`ByteLength` of `Uint8Array` itself.
Additionally, fix tests that weren't actually properly running because
of V8's internal code cache. The code should be different, otherwise the
cached data won't be used at all.
Fix: #4939
PR-URL: https://github.com/nodejs/node/pull/4947
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Added ability to dgram.send to send multiple buffers, _writev style.
The offset and length parameters in dgram.send are now optional.
Refactored the dgram benchmarks, and seperated them from net.
Added docs for the new signature.
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
Fixes: https://github.com/nodejs/node/issues/4302
PR-URL: https://github.com/nodejs/node/pull/4374
node_crypto.cc attempts to handle the case where OCSP stapling APIs
aren't provided by using NODE__HAVE_TLSEXT_STATUS_CB. But the build
would actually fail in this case because of a couple of places that were
missing #ifdefs.
With this change the build works although, as expected,
test-tls-ocsp-callback.js will fail.
PR-URL: https://github.com/nodejs/node/pull/4914
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
SSL_CIPHER objects are conceptually const in any case and this allows
STACK_OF(SSL_CIPHER) to return a const pointer, as is done in BoringSSL
and, perhaps, OpenSSL in the future.
PR-URL: https://github.com/nodejs/node/pull/4913
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Do not swallow error details when reporting UV_EPROTO asynchronously,
and when creating artificial errors.
Fix: #3692
PR-URL: https://github.com/nodejs/node/pull/4885
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The vm module's displayErrors option attaches error arrow
messages as a hidden property. Later, core JavaScript code
can optionally decorate the error stack with the arrow message.
However, when user code catches an error, it has no way to
access the arrow message. This commit changes the behavior of
displayErrors to mean "decorate the error stack if an error
occurs."
Fixes: https://github.com/nodejs/node/issues/4835
PR-URL: https://github.com/nodejs/node/pull/4874
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Introduce `cachedData`/`produceCachedData` options for `v8.Script`.
Could be used to consume/produce V8's code cache for speeding up
compilation of known code.
PR-URL: https://github.com/nodejs/node/pull/4777
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
If the needle contains an extended latin-1 character then using
String::Utf8Length() will be too large and the search will return early.
Instead use String::Length() when encoding is BINARY.
PR-URL: https://github.com/nodejs/node/pull/4803
Reviewed-By: James M Snell <jasnell@gmail.com>
Event emitters support symbols as event names. The process object
assumes that the event name is a string, and examines the first
three characters to check for signals. This causes an exception
if the event name is a symbol. This commit ensures that the
event name is a string before trying to slice() it.
PR-URL: https://github.com/nodejs/node/pull/4798
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: Wyatt Preul <wpreul@gmail.com>
Fix a regression introduced in commit 89f056b ("node: improve
performance of hrtime()") where the nanosecond field sometimes
had a negative value when calculating the difference between two
timestamps.
Fixes: https://github.com/nodejs/node/issues/4751
PR-URL: https://github.com/nodejs/node/pull/4757
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Provide means to inspect information about the separate heap spaces
via a callable API. This is helpful to analyze memory issues.
Fixes: https://github.com/nodejs/node/issues/2079
PR-URL: https://github.com/nodejs/node/pull/4463
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
AfterGetAddrInfo() can potentially return an empty array of
results without setting an error value. The JavaScript layer
expects the array to have at least one value if an error is
not returned. This commit sets a UV_EAI_NODATA error when an
empty result array is detected.
Fixes: https://github.com/nodejs/node/issues/4545
PR-URL: https://github.com/nodejs/node/pull/4715
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
It's possible there is already an existing error on OpenSSL's error
stack that is unrelated to the EVP_DigestInit_ex() operation we just
executed.
Fixes: https://github.com/nodejs/node/issues/4221
PR-URL: https://github.com/nodejs/node/pull/4731
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Sam Roberts
Stefan Budeanu
Ben Noordhuis
Jiho Choi
Phillip Kovalev
Andreas Madsen
Rich Trott
Brian White
Evan Lucas
Trevor Norris
Adam Langley
Jackson Tian
James M Snell
Ruben Bridgewater
Fedor Indutny
Daniel Turing
Jackson Tian
Myles Borins
Chris911
Matteo Collina
cjihrig
Ben Ripkens