This reverts commit 67d9a56251.
This commit actually reverts both
67d9a56251 and
02a549ed2b (both related to ciphers list
changes). It does it in one commit because reverting
02a549ed2b results in an empty commit.
These changes are not yet ready to be released, and before they are we
want to be able to publish new releases. We're reverting them so that we
can submit a new PR that will contain all these changes plus what's
necessary to be able to land them properly.
Conflicts:
src/node.cc
PR: #25511
PR-URL: https://github.com/joyent/node/pull/25511
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
When a timer is added in another timer's callback, its underlying timer
handle will be started with a timeout that is actually incorrect.
The reason is that the value that represents the current time is not
updated between the time the original callback is called and the time
the added timer is processed by timers.listOnTimeout. That leads the
logic in timers.listOnTimeout to do an incorrect computation that makes
the added timer fire with a timeout of scheduledTimeout +
timeSpentInCallback.
This change fixes that and make timers scheduled within other timers'
callbacks fire as expected.
Fixes#9333 and #15447.
PR: #17203
PR-URL: https://github.com/joyent/node/pull/17203
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Revert "disable RC4, add --cipher-list command line switch" and
"tls: make --enable-legacy-cipher-list=val less verbose"
This reverts commit f9291a9449 and
b5737bb977.
There is still some work to be done to guarantee secure defaults and a
smooth upgrade path for v0.12.x users. Before this work is finished, we
want to be able to release new versions of v0.12.x. So instead of
waiting for these changes to be ready to ship, revert them and integrate
them when they're ready to be shipped.
Conflicts:
src/node.cc
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/25296
Fix the regexp used to detect 'Unexpected token' errors so that they can
be considered as recoverable. This fixes the following use case:
> var foo = 'bar \
... baz';
undefined
> foo
'bar baz'
>
Fixes#8874
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/joyent/node/pull/8875
When debug in remote mode with host:port or pid, the interface
spawn child process also. If the debugger agent is running, will
get following output:
```
< Error: listen EADDRINUSE :::5858
< at Object.exports._errnoException (util.js:734:11)
< at exports._exceptionWithHostPort (util.js:757:20)
< at Agent.Server._listen2 (net.js:1155:14)
< at listen (net.js:1181:10)
< at Agent.Server.listen (net.js:1268:5)
< at Object.start (_debug_agent.js:21:9)
< at startup (node.js:68:9)
< at node.js:799:3
```
This fix won't spawn child process and no more error message was
shown.
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
PR-URL: https://github.com/joyent/node/pull/14172
Add command line switches and environment variables to override
the default cipher suite in tls.js
`--cipher-list` and `NODE_CIPHER_LIST` can be used to completely
override the default cipher list with a given value.
`--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST` can
be used to reset the default cipher list back to a known legacy
value shipped in prior Node.js releases
A new `getLegacyCiphers` method on the tis module allows
programmatic access to the old cipher list defaults.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/14383
Disable RC4 in the default cipher list
Add the `--cipher-list` command line switch and `NODE_CIPHER_LIST`
environment variable to completely override the default cipher list.
Add the `--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST`
environment variable to selectively enable the default cipher list from
previous node.js releases.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/14414
Disable RC4 in the default cipher list
Add the `--cipher-list` command line switch and `NODE_CIPHER_LIST`
environment variable to completely override the default cipher list.
Add the `--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST`
environment variable to selectively enable the default cipher list from
previous node.js releases.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/14413
This change is a backport of 1a3ca8223e08d82051655d7d7e2ea31b439f1bf1
from io.js.
Original commit message:
Read all pending data out of the socket on `error` event and ensure that
no `data`/`end` handlers will be invoked on `socket.destroy()`.
Otherwise following assertion happens:
AssertionError: null == true
at TLSSocket.socketOnData (_http_client.js:308:3)
at TLSSocket.emit (events.js:107:17)
at TLSSocket.Readable.read (_stream_readable.js:373:10)
at TLSSocket.socketCloseListener (_http_client.js:229:10)
at TLSSocket.emit (events.js:129:20)
at TCP.close (net.js:476:12)
Fix: https://github.com/joyent/node/issues/9348
PR-URL: https://github.com/iojs/io.js/pull/1103
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Nicu Micleușanu <micnic90@gmail.com>
Fixes#9348.
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
PR-URL: https://github.com/joyent/node/pull/14087
Improve performance by:
+ Not leaking the `arguments` object!
+ Getting the last character of a string by index, instead of
with `.substr()` or `.slice()`
Improve code consistency by:
+ Using `[]` instead of `.charAt()` where possible
+ Using a function declaration instead of a var declaration
+ Using `.slice()` with clearer arguments
+ Checking if `dir` is truthy in `win32.format`
(added tests for this)
Improve both by:
+ Making the reusable `trimArray()` function
+ Standardizing getting certain path statistics with
the new `win32StatPath()` function
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
PR-URL: https://github.com/joyent/node/pull/9289
process.send() should be synchronous, it should block until the message
has been sent in full, but it wasn't after the second-to-last libuv
upgrade because of commit libuv/libuv@393c1c5 ("unix: set non-block
mode in uv_{pipe,tcp,udp}_open"), which made its way into io.js in
commit 07bd05b ("deps: update libuv to 1.2.1").
Commit libuv/libuv@b36d4ff ("unix: implement uv_stream_set_blocking()")
as landed in io.js in commit 9681fca ("deps: update libuv to 1.4.0")
makes it possible to restore the synchronous behavior again and that's
precisely what this commit does.
The same line of reasoning applies to `net.Socket({ fd: 1 })`: creating
a socket object from a stdio file descriptor, like the `process.stdout`
getter does, should put the file descriptor in blocking mode for
compatibility reasons.
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
PR-URL: https://github.com/joyent/node/pull/9179
'.' and '..' are directory specs and resolving urls with or without the
hostname with '.' and '..' should add a trailing slash to the end of the
url.
Fixes#8992.
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/joyent/node/pull/9427
When slicing global pool - ensure that the underlying buffer's data ptr
is 8-byte alignment to do not ruin expectations of 3rd party C++ addons.
NOTE: 0.10 node.js always returned aligned pointers and v0.12 should do
this too for compatibility.
PR-URL: https://github.com/joyent/node/pull/9375
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
This reverts commit ad0684807c.
Initially, this bug fix targeted master, and I pushed to have it
included in v0.10. In retrospect, I'm not sure it should have made into
v0.10 as it seems it could break a lot of existing working code.
In my opinion, this change is still a bug fix, and it is not backward
incompatible per se. However, I'm not sure that taking the risk to break
a lot of users with a new 0.10.x release that would include this fix is
reasonable, especially now that 0.10.x releases are entering
maintenance mode.
PR-URL: https://github.com/joyent/node/pull/9257
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
A significant performance regressions has been introduced in 1fddc1f for
GET requests which send data through response.end(). The number of
requests per second dropped to somewhere around 6% of their previous
level.
The fix consists of removing a part of the lines added by 1fddc1f,
lines which were supposed to affect only HEAD requests, but interfered
with GET requests instead.
The lines removed would not have affected the behaviour in the case of
a HEAD request as this._hasBody would always be false. Therefore, they
were not required to fix the issue reported in #8361.
Fixes#8940.
PR: #9026
PR-URL: https://github.com/joyent/node/pull/9026
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
Currently, lib/_tls_legacy.js and lib/crypto.js cannot be loaded when
--use-strict is passed to node. In addition to that, console.trace
throws because it uses arguments.callee.
This change fixes these issues and adds a test that makes sure
every external built-in module can be loaded with require when
--use-strict is enabled.
Please note that this change does not fix all issues with built-in
modules' code running with --use-strict. It is very likely that some
code in the built-in modules still fails when passing this flag.
However, fixing all code would require us to enable strict mode by
default in all builtins modules, which would certainly break existing
applications.
Fixes#9187.
PR: #9237
PR-URL: https://github.com/joyent/node/pull/9237
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
`TLSSocket` wraps the original `net.Socket`, but writes/reads to/from
`TLSSocket` do not touch the timers of original `net.Socket`.
Introduce `socket._parent` property, and iterate through all parents
to unref timers and prevent timeout event on original `net.Socket`.
Fix: https://github.com/joyent/node/issues/9242
PR-URL: https://github.com/iojs/io.js/pull/891
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This is a backport of 6c3647c38d from
v0.12 to v0.10.
Console.prototype.timeEnd() returns NaN if the timer label
corresponds to a property on Object.prototype. In v0.12, this was fixed
by using Object.create(null) to construct the _times object
However, the version of V8 in the v0.10 branch makes this fix not work
as expected. In v0.10, this commit changes the _times object into a
array of objects of the form:
{ label: someLabel, time: staringWallClockTime }
someLabel can thus be any string, including any string that represents
any Object.prototype field.
Fixes#9116.
PR: #9215
PR-URL: https://github.com/joyent/node/pull/9215
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Server sockets should be shared by default, and client sockets should be
exclusive by default. For net/TCP, this is how it is, for dgram/UDP, its
a little less clear what a client socket is, but a socket that is
auto-bound during a dgram.send() is not usefully shared among cluster
workers, any more than an outgoing TCP connection would be usefully
shared.
Since implicit binds become exclusive, implicit/client dgram sockets can
now be used with cluster on Windows. Before, neither explicit nor
implicitly bound sockets could be used, causing dgram to be completely
unsupported with cluster on Windows. After this change, they become half
supported.
PR: https://github.com/joyent/node/pull/8643
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-by: Bert Belder <bertbelder@gmail.com>
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Currently, fs.truncate() silently fails when a file descriptor
is passed as the first argument. This commit changes this
behavior to properly call fs.ftruncate().
PR-URL: https://github.com/joyent/node/pull/9161
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Currently, fs.truncate() silently fails when a file descriptor
is passed as the first argument. This commit changes this
behavior to properly call fs.ftruncate(). This commit also
adds proper type checking to the callback provided to
makeCallback().
PR-URL: https://github.com/joyent/node/pull/9161
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
If the Buffer allocation isn't a slice then there's no need to adjust
the pool offset after realloc'ing the space available.
Fixes: 6462519 "buffer, doc: misc. fix and cleanup"
The NativeModule system passes NativeModule.require transparently and so
is unnecessary to call explicitly.
The only one which should have the prefix is the in line 295, where
actually implements a big fs-based module system and actually requires a
native module. That is left unchanged.
PR-URL: https://github.com/joyent/node/pull/9201
Ref: https://github.com/joyent/node/issues/2009
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
A number -> uint32 type coercion bug made buffer sizes
larger than kMaxLength (0x3fffffff) wrap around.
Instead of rejecting the requested size with an exception,
the constructor created a buffer with the wrong size.
PR-URL: https://github.com/iojs/io.js/pull/657
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
