This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
Merge 0.10 into 0.12 #9018
Merged
Merge 0.10 into 0.12 #9018
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Currently, a TypeError is incorrectly thrown if the second argument is an object. This commit allows the args argument to be properly omitted. Fixes: nodejs#6068 Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Expands the paragraph in the transform stream implementation docs about the callback that is passed to the _transform method to include details about how two arguments may be passed, error and data. A code example is also included. Reviewed-By: Fedor Indutny <fedor@indutny.com>
Otherwise the warning could be printed on some systems. fix nodejs#8419
PR-URL: nodejs#8553 Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: nodejs#8551 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: nodejs#8551 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Because of constant-timeness change made in openssl-1.0.1j the error is no longer returned from EVP_DecryptFinal_ex. Now it just return 0, and thus the error message does not contain proper error code. Adapt to this change, there is not much that we could do about it.
This change disables SSLv2/SSLv3 use by default, and introduces a command line flag to opt into using SSLv2/SSLv3. SSLv2 and SSLv3 are considered unsafe, and should only be used in situations where compatibility with other components is required and they cannot be upgrade to support newer forms of TLS.
The order of the callbacks is non-deterministic, so don't expect the error messages to come back in the same order every time, instead just verify they are expected messages.
In the case of a pipe'd input, i.e. from the CI the fd will be a PIPE and when listen() is called it will return ENOTSOCK instead of EINVAL. Backport: cd2d3ae
Always set ssl2/ssl3 disabled based on whether they are enabled in Node. In some corner-case scenario, node with OPENSSL_NO_SSL3 defined could be linked to openssl that has SSL3 enabled.
adds a note to the crypto docs passing along the advice that openssl gives about what key derivation function they recommend. PR-URL: nodejs#8580 Reviewed-By: Fedor Indutny <fedor@indutny.com>
Force-enable SSLv2/v3 when `secureProtocol` is explicitly set to `SSLv2_method` or `SSLv3_method`. see discussion at nodejs#8551
* openssl: Update to 1.0.1j (Addressing multiple CVEs) * uv: Update to v0.10.29 * child_process: properly support optional args (cjihrig) * crypto: Disable autonegotiation for SSLv2/3 by default (Fedor Indutny, Timothy J Fontaine, Alexis Campailla) This is a behavior change, by default we will not allow the negotiation to SSLv2 or SSLv3. If you want this behavior, run Node.js with either `--enable-ssl2` or `--enable-ssl3` respectively. This does not change the behavior for users specifically requesting `SSLv2_method` or `SSLv3_method`. While this behavior is not advised, it is assumed you know what you're doing since you're specifically asking to use these methods.
Specifying honorCipherOrder should not change the SSLv2/SSLv3 defaults for a TLS server. Use secureOptions logic in both lib/tls.js and lib/crypto.js
Reuse the secureProtocol and secureOptions of the server when creating the secure context for incoming clients.
Add a test that goes through the whole matrix of: - command line options (--enable-ssl*) - secureOptions - secureProtocols and makes sure that compatible test setups actually work as expected. The test works by spawning two processes for each test case: one client and one server. The test passes if a SSL/TLS connection from the client to the server is successful and the test case was supposed to pass, or if the connection couldn't be established and the test case was supposed to fail. The test is currently located in the directory 'test/external' because it has external dependencies.
Fixes usage of global object 'Buffer' in lib/* files by ensuring that
each file does an explicit require('buffer').Buffer. Previously, when
running a repl, due to usage of global 'Buffer', any redefinition of
Buffer would cause a crash eg var Buffer = {}.
Fixes: nodejs#8588
PR-URL: nodejs#8603
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
This change fixes a regression introduced by commit 0d05123, which contained a typo that would cause every unrefd interval to fire only once. Fixes nodejs#8900. Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-by: Trevor Norris <trev.norris@gmail.com>
this fixes a problem where connecting to AWS services would report an untrusted cert error. Fixes: nodejs#8894 PR-URL: nodejs#8904 Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com> Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
Commit 934bfe2 had introduced a regression where node would crash trying to access a null unref timer if a given unref timer's callback would remove other unref timers set to fire in the future. More generally, it makes the unrefTimeout function more solid by not mutating the unrefList while traversing it. Fixes nodejs#8897. Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Clarify that adding or removing a listener is not idempotent. RE: nodejs#8853 PR: nodejs#8911 PR-URL: nodejs#8911 Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
Better wording for start and end parameters, also document .length should be considered readonly. RE: nodejs#8857, nodejs#8859, nodejs#8913 PR: nodejs#8910 PR-URL: nodejs#8910 Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
* tls: re-add 1024-bit SSL certs removed by f9456a2 (Chris Dickinson) * timers: don't close interval timers when unrefd (Julien Gilli) * timers: don't mutate unref list while iterating it (Julien Gilli)
Conflicts: AUTHORS ChangeLog configure deps/uv/AUTHORS deps/uv/ChangeLog deps/uv/README.md deps/uv/config-unix.mk deps/uv/include/uv-private/uv-win.h deps/uv/include/uv.h deps/uv/src/unix/internal.h deps/uv/src/unix/kqueue.c deps/uv/src/unix/stream.c deps/uv/src/uv-common.c deps/uv/src/uv-common.h deps/uv/src/version.c deps/uv/src/win/poll.c deps/uv/test/test-osx-select.c deps/v8/src/debug-debugger.js deps/v8/src/isolate.cc deps/v8/src/isolate.h deps/v8/src/mirror-debugger.js doc/api/buffer.markdown doc/api/child_process.markdown doc/api/dns.markdown doc/api/tls.markdown doc/api/url.markdown lib/_stream_writable.js lib/assert.js lib/child_process.js lib/crypto.js lib/dgram.js lib/http.js lib/net.js lib/timers.js lib/tls.js src/node.cc src/node.h src/node.js src/node_crypto.cc src/node_version.h test/common.js test/simple/test-child-process-spawn-typeerror.js tools/certdata.txt
The latest merge resulted in uv__loop_configure being defined twice on Windows. This changes removes one of these duplicates to fix the build on this platform.
Fix indentation issue in code added during the latest merge. This change makes jslint pass for _tls_wrap.js.
Some tests that rely on some environment variables being passed to child processes would fail because they reset the child processes' environement instead of appending to it. This would break on test environments where some custom environment variables are needed to make node work properly. Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Currently, the test-child-process-spawn-typeerror.js is calling execFile() on a JavaScript source file, which is causing failures on Windows. This commit switches to calling spawn() on an actual executable. Reviewed-by: Sam Roberts <sam@strongloop.com> Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Original source: http://openssl.6102.n7.nabble.com/PATCH-s-client-Fix-keypress-requirement-with-redirected-input-on-Windows-td46787.html Reviewed-By: Fedor Indutny <fedor@indutny.com>
child_process.spawn's argument parsing is stricter in v0.12 than in v0.10. Changes in tests merged from v0.10 that relied on the less-strict argument parsing would fail. This change updates the test so that it makes sure that the stricter argument parsing fails as expected. This change also fixes a small typo introduced during the conflicts resolution of said merge.
Closed
|
This merge in its current state only introduces two regressions:
You can check out the test results for Windows and UNICes. @tjfontaine @trevnorris Please let me know what you think. |
|
I would rather continue to debug the regressions post the merge, so please go ahead with this, LGTM thanks for all your hard work on it |
|
Landed in 0c7f6ca, 893fe4c, 7325fe7, e64ee2b, 1070377, 7f4b45d and 21c2636. It's a bit messy, as I created a Next time, I'll make sure to have a cleaner process. |
This was referenced Jan 13, 2015
|
Well, hopefully next time we merge more frequently so it won't be such a mess. :) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.