Update README to reflect move to nodejs/node

Ref: https://github.com/joyent/node/issues/25876

PR-URL: https://github.com/nodejs/node-v0.x-archive/pull/25897
Reviewed-By: jasnell - James M Snell <jasnell@gmail.com>
Reviewed-By: bnoordhuis - Ben Noordhuis  <info@bnoordhuis.nl>

AUTHORS

@@ -205,6 +205,7 @@ Feross Aboukhadijeh
 Florin-Cristian Gavrila
 Forrest L Norvell
 Francois Marier
+Frank Cash
 Fred K. Schott
 Frederico Silva
 Friedemann Altrock

ChangeLog

@@ -2802,7 +2802,7 @@
   - Support for parallel use of the cache folder
   - Retry on registry timeouts or network failures (Trent Mick)
   - Reduce 'engines' failures to a warning
-  - Use new zsh completion if aviailable (Jeremy Cantrell)
+  - Use new zsh completion if available (Jeremy Cantrell)
 
 * Fix #3577 Un-break require('sys')
 

Makefile

@@ -6,6 +6,7 @@ NINJA ?= ninja
 DESTDIR ?=
 SIGN ?=
 PREFIX ?= /usr/local
+FLAKY_TESTS ?= run
 
 NODE ?= ./node
 
@@ -127,6 +128,9 @@ test-all-http1: test-build
 test-all-valgrind: test-build
 	$(PYTHON) tools/test.py --mode=debug,release --valgrind
 
+test-ci:
+	$(PYTHON) tools/test.py -p tap --logfile test.tap --mode=release --arch=$(DESTCPU) --flaky-tests=$(FLAKY_TESTS) simple message internet
+
 test-release: test-build
 	$(PYTHON) tools/test.py --mode=release
 
@@ -240,6 +244,11 @@ docopen: out/doc/api/all.html
 docclean:
 	-rm -rf out/doc
 
+run-ci:
+	$(PYTHON) ./configure --without-snapshot $(CONFIG_FLAGS)
+	$(MAKE)
+	$(MAKE) test-ci
+
 RAWVER=$(shell $(PYTHON) tools/getnodeversion.py)
 VERSION=v$(RAWVER)
 NODE_DOC_VERSION=$(VERSION)
@@ -439,4 +448,9 @@ cpplint:
 
 lint: jslint cpplint
 
-.PHONY: lint cpplint jslint bench clean docopen docclean doc dist distclean check uninstall install install-includes install-bin all staticlib dynamiclib test test-all test-addons build-addons website-upload pkg blog blogclean tar binary release-only bench-http-simple bench-idle bench-all bench bench-misc bench-array bench-buffer bench-net bench-http bench-fs bench-tls
+.PHONY: lint cpplint jslint bench clean docopen docclean doc dist distclean \
+	check uninstall install install-includes install-bin all staticlib \
+	dynamiclib test test-all test-addons build-addons website-upload pkg \
+	blog blogclean tar binary release-only bench-http-simple bench-idle \
+	bench-all bench bench-misc bench-array bench-buffer bench-net \
+	bench-http bench-fs bench-tls run-ci

README-pre-convergence.md

@@ -0,0 +1,200 @@
+Evented I/O for V8 javascript.
+===
+
+### To build:
+
+Prerequisites (Unix only):
+
+    * GCC 4.2 or newer
+    * G++ 4.2 or newer
+    * Python 2.6 or 2.7
+    * GNU Make 3.81 or newer
+    * libexecinfo (FreeBSD and OpenBSD only)
+
+Unix/Macintosh:
+
+```sh
+./configure
+make
+make install
+```
+
+If your python binary is in a non-standard location or has a
+non-standard name, run the following instead:
+
+```sh
+export PYTHON=/path/to/python
+$PYTHON ./configure
+make
+make install
+```
+
+Prerequisites (Windows only):
+
+    * Python 2.6 or 2.7
+    * Visual Studio 2010 or 2012
+
+Windows:
+
+```sh
+vcbuild nosign
+```
+
+You can download pre-built binaries for various operating systems from
+[http://nodejs.org/download/](http://nodejs.org/download/).  The Windows
+and OS X installers will prompt you for the location in which to install.
+The tarballs are self-contained; you can extract them to a local directory
+with:
+
+```sh
+tar xzf /path/to/node-<version>-<platform>-<arch>.tar.gz
+```
+
+Or system-wide with:
+
+```sh
+cd /usr/local && tar --strip-components 1 -xzf \
+                    /path/to/node-<version>-<platform>-<arch>.tar.gz
+```
+
+### To run the tests:
+
+Unix/Macintosh:
+
+```sh
+make test
+```
+
+Windows:
+
+```sh
+vcbuild test
+```
+
+### To build the documentation:
+
+```sh
+make doc
+```
+
+### To read the documentation:
+
+```sh
+man doc/node.1
+```
+
+### `Intl` (ECMA-402) support:
+
+[Intl](https://github.com/joyent/node/wiki/Intl) support is not
+enabled by default.
+
+#### "small" (English only) support
+
+This option will build with "small" (English only) support, but
+the full `Intl` (ECMA-402) APIs.  With `--download=all` it will
+download the ICU library as needed.
+
+Unix/Macintosh:
+
+```sh
+./configure --with-intl=small-icu --download=all
+```
+
+Windows:
+
+```sh
+vcbuild small-icu download-all
+```
+
+The `small-icu` mode builds
+with English-only data. You can add full data at runtime.
+
+*Note:* more docs are on
+[the wiki](https://github.com/joyent/node/wiki/Intl).
+
+#### Build with full ICU support (all locales supported by ICU):
+
+With the `--download=all`, this may download ICU if you don't
+have an ICU in `deps/icu`.
+
+Unix/Macintosh:
+
+```sh
+./configure --with-intl=full-icu --download=all
+```
+
+Windows:
+
+```sh
+vcbuild full-icu download-all
+```
+
+#### Build with no Intl support `:-(`
+
+The `Intl` object will not be available.
+This is the default at present, so this option is not normally needed.
+
+Unix/Macintosh:
+
+```sh
+./configure --with-intl=none
+```
+
+Windows:
+
+```sh
+vcbuild intl-none
+```
+
+#### Use existing installed ICU (Unix/Macintosh only):
+
+```sh
+pkg-config --modversion icu-i18n && ./configure --with-intl=system-icu
+```
+
+#### Build with a specific ICU:
+
+You can find other ICU releases at
+[the ICU homepage](http://icu-project.org/download).
+Download the file named something like `icu4c-**##.#**-src.tgz` (or
+`.zip`).
+
+Unix/Macintosh: from an already-unpacked ICU
+
+```sh
+./configure --with-intl=[small-icu,full-icu] --with-icu-source=/path/to/icu
+```
+
+Unix/Macintosh: from a local ICU tarball
+
+```sh
+./configure --with-intl=[small-icu,full-icu] --with-icu-source=/path/to/icu.tgz
+```
+
+Unix/Macintosh: from a tarball URL
+
+```sh
+./configure --with-intl=full-icu --with-icu-source=http://url/to/icu.tgz
+```
+
+Windows: first unpack latest ICU to `deps/icu`
+  [icu4c-**##.#**-src.tgz](http://icu-project.org/download) (or `.zip`)
+  as `deps/icu` (You'll have: `deps/icu/source/...`)
+
+```sh
+vcbuild full-icu
+```
+
+Resources for Newcomers
+---
+  - [The Wiki](https://github.com/joyent/node/wiki)
+  - [nodejs.org](http://nodejs.org/)
+  - [how to install node.js and npm (node package manager)](http://www.joyent.com/blog/installing-node-and-npm/)
+  - [list of modules](https://github.com/joyent/node/wiki/modules)
+  - [searching the npm registry](http://npmjs.org/)
+  - [list of companies and projects using node](https://github.com/joyent/node/wiki/Projects,-Applications,-and-Companies-Using-Node)
+  - [node.js mailing list](http://groups.google.com/group/nodejs)
+  - [irc chatroom, #node.js on freenode.net](http://webchat.freenode.net?channels=node.js&uio=d4)
+  - [community](https://github.com/joyent/node/wiki/Community)
+  - [contributing](https://github.com/joyent/node/wiki/Contributing)
+  - [big list of all the helpful wiki pages](https://github.com/joyent/node/wiki/_pages)

README.md

@@ -1,200 +1,8 @@
-Evented I/O for V8 javascript.
-===
 
-### To build:
+This repository is an archive of Node.js before the move to [nodejs/node](https://github.com/nodejs/node).
 
-Prerequisites (Unix only):
+It still contains issues and pull requests that are relevant to Node versions v0.10 and v0.12, and that were opened before the move to [nodejs/node](https://github.com/nodejs/node).
+New issues and pull requests, for all branches, should be opened at [nodejs/node](https://github.com/nodejs/node). 
+New issues and pull requests opened here will automatically be rejected.
 
-    * GCC 4.2 or newer
-    * G++ 4.2 or newer
-    * Python 2.6 or 2.7
-    * GNU Make 3.81 or newer
-    * libexecinfo (FreeBSD and OpenBSD only)
-
-Unix/Macintosh:
-
-```sh
-./configure
-make
-make install
-```
-
-If your python binary is in a non-standard location or has a
-non-standard name, run the following instead:
-
-```sh
-export PYTHON=/path/to/python
-$PYTHON ./configure
-make
-make install
-```
-
-Prerequisites (Windows only):
-
-    * Python 2.6 or 2.7
-    * Visual Studio 2010 or 2012
-
-Windows:
-
-```sh
-vcbuild nosign
-```
-
-You can download pre-built binaries for various operating systems from
-[http://nodejs.org/download/](http://nodejs.org/download/).  The Windows
-and OS X installers will prompt you for the location in which to install.
-The tarballs are self-contained; you can extract them to a local directory
-with:
-
-```sh
-tar xzf /path/to/node-<version>-<platform>-<arch>.tar.gz
-```
-
-Or system-wide with:
-
-```sh
-cd /usr/local && tar --strip-components 1 -xzf \
-                    /path/to/node-<version>-<platform>-<arch>.tar.gz
-```
-
-### To run the tests:
-
-Unix/Macintosh:
-
-```sh
-make test
-```
-
-Windows:
-
-```sh
-vcbuild test
-```
-
-### To build the documentation:
-
-```sh
-make doc
-```
-
-### To read the documentation:
-
-```sh
-man doc/node.1
-```
-
-### `Intl` (ECMA-402) support:
-
-[Intl](https://github.com/joyent/node/wiki/Intl) support is not
-enabled by default.
-
-#### "small" (English only) support
-
-This option will build with "small" (English only) support, but
-the full `Intl` (ECMA-402) APIs.  With `--download=all` it will
-download the ICU library as needed.
-
-Unix/Macintosh:
-
-```sh
-./configure --with-intl=small-icu --download=all
-```
-
-Windows:
-
-```sh
-vcbuild small-icu download-all
-```
-
-The `small-icu` mode builds
-with English-only data. You can add full data at runtime.
-
-*Note:* more docs are on
-[the wiki](https://github.com/joyent/node/wiki/Intl).
-
-#### Build with full ICU support (all locales supported by ICU):
-
-With the `--download=all`, this may download ICU if you don't
-have an ICU in `deps/icu`.
-
-Unix/Macintosh:
-
-```sh
-./configure --with-intl=full-icu --download=all
-```
-
-Windows:
-
-```sh
-vcbuild full-icu download-all
-```
-
-#### Build with no Intl support `:-(`
-
-The `Intl` object will not be available.
-This is the default at present, so this option is not normally needed.
-
-Unix/Macintosh:
-
-```sh
-./configure --with-intl=none
-```
-
-Windows:
-
-```sh
-vcbuild intl-none
-```
-
-#### Use existing installed ICU (Unix/Macintosh only):
-
-```sh
-pkg-config --modversion icu-i18n && ./configure --with-intl=system-icu
-```
-
-#### Build with a specific ICU:
-
-You can find other ICU releases at
-[the ICU homepage](http://icu-project.org/download).
-Download the file named something like `icu4c-**##.#**-src.tgz` (or
-`.zip`).
-
-Unix/Macintosh: from an already-unpacked ICU
-
-```sh
-./configure --with-intl=[small-icu,full-icu] --with-icu-source=/path/to/icu
-```
-
-Unix/Macintosh: from a local ICU tarball
-
-```sh
-./configure --with-intl=[small-icu,full-icu] --with-icu-source=/path/to/icu.tgz
-```
-
-Unix/Macintosh: from a tarball URL
-
-```sh
-./configure --with-intl=full-icu --with-icu-source=http://url/to/icu.tgz
-```
-
-Windows: first unpack latest ICU to `deps/icu`
-  [icu4c-**##.#**-src.tgz](http://icu-project.org/download) (or `.zip`)
-  as `deps/icu` (You'll have: `deps/icu/source/...`)
-
-```sh
-vcbuild full-icu
-```
-
-Resources for Newcomers
----
-  - [The Wiki](https://github.com/joyent/node/wiki)
-  - [nodejs.org](http://nodejs.org/)
-  - [how to install node.js and npm (node package manager)](http://www.joyent.com/blog/installing-node-and-npm/)
-  - [list of modules](https://github.com/joyent/node/wiki/modules)
-  - [searching the npm registry](http://npmjs.org/)
-  - [list of companies and projects using node](https://github.com/joyent/node/wiki/Projects,-Applications,-and-Companies-Using-Node)
-  - [node.js mailing list](http://groups.google.com/group/nodejs)
-  - irc chatroom, [#node.js on freenode.net](http://webchat.freenode.net?channels=node.js&uio=d4)
-  - [community](https://github.com/joyent/node/wiki/Community)
-  - [contributing](https://github.com/joyent/node/wiki/Contributing)
-  - [big list of all the helpful wiki pages](https://github.com/joyent/node/wiki/_pages)
+The pre-convergence version of the README is available [here](https://github.com/nodejs/node-v0.x-archive/blob/master/README-pre-convergence.md). 

configure

@@ -282,6 +282,11 @@ parser.add_option('--without-etw',
     dest='without_etw',
     help='build without ETW')
 
+parser.add_option('--without-mdb',
+    action='store_true',
+    dest='without_mdb',
+    help='build without mdb')
+
 parser.add_option('--without-npm',
     action='store_true',
     dest='without_npm',
@@ -554,7 +559,7 @@ def configure_node(o):
   # if we're on illumos based systems wrap the helper library into the
   # executable
   if flavor == 'solaris':
-    o['variables']['node_use_mdb'] = 'true'
+    o['variables']['node_use_mdb'] = b(not options.without_mdb)
   else:
     o['variables']['node_use_mdb'] = 'false'
 

deps/debugger-agent/lib/_debugger_agent.js

@@ -1,3 +1,5 @@
+'use strict';
+
 var assert = require('assert');
 var net = require('net');
 var util = require('util');

doc/api/addons.markdown

@@ -8,7 +8,7 @@ knowledge of several libraries:
    creating objects, calling functions, etc.  Documented mostly in the
    `v8.h` header file (`deps/v8/include/v8.h` in the Node source
    tree), which is also available
-   [online](http://izs.me/v8-docs/main.html).
+   [online](http://v8dox.com/).
 
  - [libuv](https://github.com/joyent/libuv), C event loop library.
    Anytime one needs to wait for a file descriptor to become readable,

doc/api/assert.markdown

@@ -2,7 +2,7 @@
 
     Stability: 5 - Locked
 
-This module is used for writing unit tests for your applications, you can
+This module is used for testing actual values against expected values, you can
 access it with `require('assert')`.
 
 ## assert.fail(actual, expected, message, operator)

doc/api/buffer.markdown

@@ -43,7 +43,7 @@ Creating a typed array from a `Buffer` works with the following caveats:
 
 2. The buffer's memory is interpreted as an array, not a byte array.  That is,
    `new Uint32Array(new Buffer([1,2,3,4]))` creates a 4-element `Uint32Array`
-   with elements `[1,2,3,4]`, not an `Uint32Array` with a single element
+   with elements `[1,2,3,4]`, not a `Uint32Array` with a single element
    `[0x1020304]` or `[0x4030201]`.
 
 NOTE: Node.js v0.8 simply retained a reference to the buffer in `array.buffer`
@@ -64,7 +64,9 @@ It can be constructed in a variety of ways.
 
 Allocates a new buffer of `size` octets. Note, `size` must be no more than
 [kMaxLength](smalloc.html#smalloc_smalloc_kmaxlength). Otherwise, a `RangeError`
-will be thrown here.
+will be thrown here. Unlike `ArrayBuffers`, the underlying memory for buffers
+is not initialized. So the contents of a newly created `Buffer` is unknown.
+Use `buf.fill(0)`to initialize a buffer to zeroes.
 
 ### new Buffer(array)
 
@@ -248,7 +250,7 @@ may be beyond the end of the buffer. Defaults to `false`.
 
 Decodes and returns a string from buffer data encoded using the specified
 character set encoding. If `encoding` is `undefined` or `null`, then `encoding`
-defaults to `'utf8'. The `start` and `end` parameters default to `0` and
+defaults to `'utf8'`. The `start` and `end` parameters default to `0` and
 `buffer.length` when `undefined`.
 
     buf = new Buffer(26);

doc/api/child_process.markdown

@@ -274,7 +274,7 @@ Here is an example of sending a server:
       child.send('server', server);
     });
 
-And the child would the receive the server object as:
+And the child would then receive the server object as:
 
     process.on('message', function(m, server) {
       if (m === 'server') {

doc/api/cluster.markdown

@@ -599,7 +599,7 @@ It is not emitted in the worker.
 
 ### Event: 'disconnect'
 
-Similar to the `cluster.on('disconnect')` event, but specfic to this worker.
+Similar to the `cluster.on('disconnect')` event, but specific to this worker.
 
     cluster.fork().on('disconnect', function() {
       // Worker has disconnected

doc/api/crypto.markdown

@@ -101,7 +101,7 @@ Example: this program that takes the sha1 sum of a file
 
     var shasum = crypto.createHash('sha1');
 
-    var s = fs.ReadStream(filename);
+    var s = fs.createReadStream(filename);
     s.on('data', function(d) {
       shasum.update(d);
     });
@@ -529,7 +529,7 @@ Example (obtaining a shared secret):
 
 ## crypto.createECDH(curve_name)
 
-Creates a Elliptic Curve (EC) Diffie-Hellman key exchange object using a
+Creates an Elliptic Curve (EC) Diffie-Hellman key exchange object using a
 predefined curve specified by `curve_name` string.
 
 ## Class: ECDH

doc/api/dns.markdown

@@ -81,7 +81,7 @@ See [supported `getaddrinfo` flags](#dns_supported_getaddrinfo_flags) below for
 more information on supported flags.
 
 The callback has arguments `(err, address, family)`.  The `address` argument
-is a string representation of a IP v4 or v6 address. The `family` argument
+is a string representation of an IP v4 or v6 address. The `family` argument
 is either the integer 4 or 6 and denotes the family of `address` (not
 necessarily the value initially passed to `lookup`).
 
@@ -155,7 +155,7 @@ attribute (e.g. `[{'priority': 10, 'exchange': 'mx.example.com'},...]`).
 ## dns.resolveTxt(hostname, callback)
 
 The same as `dns.resolve()`, but only for text queries (`TXT` records).
-`addresses` is an 2-d array of the text records available for `hostname` (e.g.,
+`addresses` is a 2-d array of the text records available for `hostname` (e.g.,
 `[ ['v=spf1 ip4:0.0.0.0 ', '~all' ] ]`). Each sub-array contains TXT chunks of
 one record. Depending on the use case, the could be either joined together or
 treated separately.

doc/api/events.markdown

@@ -104,7 +104,7 @@ Note that `emitter.setMaxListeners(n)` still has precedence over
 
 ### emitter.listeners(event)
 
-Returns an array of listeners for the specified event.
+Returns a copy of the array of listeners for the specified event.
 
     server.on('connection', function (stream) {
       console.log('someone connected!');

doc/api/fs.markdown

@@ -775,6 +775,10 @@ on Unix systems, it never was.
 
 Returns a new ReadStream object (See `Readable Stream`).
 
+Be aware that, unlike the default value set for `highWaterMark` on a
+readable stream (16kB), the stream returned by this method has a
+default value of 64kB for the same parameter.
+
 `options` is an object with the following defaults:
 
     { flags: 'r',
@@ -797,6 +801,9 @@ there's no file descriptor leak.  If `autoClose` is set to true (default
 behavior), on `error` or `end` the file descriptor will be closed
 automatically.
 
+`mode` sets the file mode (permission and sticky bits), but only if the
+file was created.
+
 An example to read the last 10 bytes of a file which is 100 bytes long:
 
     fs.createReadStream('sample.txt', {start: 90, end: 99});
@@ -820,7 +827,7 @@ Returns a new WriteStream object (See `Writable Stream`).
 `options` is an object with the following defaults:
 
     { flags: 'w',
-      encoding: null,
+      defaultEncoding: 'utf8',
       fd: null,
       mode: 0666 }
 

doc/api/http.markdown

@@ -457,6 +457,7 @@ automatically parsed with [url.parse()][].
 
 Options:
 
+- `protocol`: Protocol to use. Defaults to `'http:'`.
 - `host`: A domain name or IP address of the server to issue the request to.
   Defaults to `'localhost'`.
 - `hostname`: To support `url.parse()` `hostname` is preferred over `host`
@@ -511,8 +512,13 @@ Example:
       console.log('STATUS: ' + res.statusCode);
       console.log('HEADERS: ' + JSON.stringify(res.headers));
       res.setEncoding('utf8');
+      var data = '';
       res.on('data', function (chunk) {
-        console.log('BODY: ' + chunk);
+        console.log('PARTIAL BODY: ' + chunk);
+        data += chunk;
+      });
+      res.on('end', function() {
+        console.log('COMPLETE BODY: ' + data);  
       });
     });
 
@@ -524,6 +530,12 @@ Example:
     req.write(postData);
     req.end();
 
+The `res` object handed off to the callback function passed into to
+`http.request` is an instance of [http.IncomingMessage], which is an
+instance of a Readable Stream. The content of a successful response will be
+delivered using zero or more `data` events followed by a closing `end`
+event.
+
 Note that in the example `req.end()` was called. With `http.request()` one
 must always call `req.end()` to signify that you're done with the request -
 even if there is no data being written to the request body.
@@ -557,6 +569,8 @@ Example:
 
     http.get("http://www.google.com/index.html", function(res) {
       console.log("Got response: " + res.statusCode);
+      // consume response body
+      res.resume();
     }).on('error', function(e) {
       console.log("Got error: " + e.message);
     });
@@ -897,7 +911,8 @@ is finished.
 
 ### request.abort()
 
-Aborts a request.  (New since v0.3.8.)
+Marks the request as aborting. Calling this will cause remaining data
+in the response to be dropped and the socket to be destroyed.
 
 ### request.setTimeout(timeout[, callback])
 

doc/api/net.markdown

@@ -90,7 +90,7 @@ Common options are:
     a FIN packet when the other end of the socket sends a FIN packet.
     Defaults to `false`.  See ['end'][] event for more information.
 
-The `connectListener` parameter will be added as an listener for the
+The `connectListener` parameter will be added as a listener for the
 ['connect'][] event.
 
 Here is an example of a client of echo server as described previously:
@@ -119,7 +119,7 @@ changed to
 
 Creates a TCP connection to `port` on `host`. If `host` is omitted,
 `'localhost'` will be assumed.
-The `connectListener` parameter will be added as an listener for the
+The `connectListener` parameter will be added as a listener for the
 ['connect'][] event.
 
 Is a factory method which returns a new ['net.Socket'](#net_class_net_socket).
@@ -128,7 +128,7 @@ Is a factory method which returns a new ['net.Socket'](#net_class_net_socket).
 ## net.createConnection(path[, connectListener])
 
 Creates unix socket connection to `path`.
-The `connectListener` parameter will be added as an listener for the
+The `connectListener` parameter will be added as a listener for the
 ['connect'][] event.
 
 A factory method which returns a new ['net.Socket'](#net_class_net_socket).
@@ -150,7 +150,7 @@ parameter is 511 (not 512).
 
 This function is asynchronous.  When the server has been bound,
 ['listening'][] event will be emitted.  The last parameter `callback`
-will be added as an listener for the ['listening'][] event.
+will be added as a listener for the ['listening'][] event.
 
 One issue some users run into is getting `EADDRINUSE` errors. This means that
 another server is already running on the requested port. One way of handling this
@@ -178,7 +178,7 @@ Start a local socket server listening for connections on the given `path`.
 
 This function is asynchronous.  When the server has been bound,
 ['listening'][] event will be emitted.  The last parameter `callback`
-will be added as an listener for the ['listening'][] event.
+will be added as a listener for the ['listening'][] event.
 
 On UNIX, the local domain is usually known as the UNIX domain. The path is a
 filesystem path name. It is subject to the same naming conventions and
@@ -212,7 +212,7 @@ Listening on a file descriptor is not supported on Windows.
 
 This function is asynchronous.  When the server has been bound,
 ['listening'][] event will be emitted.
-the last parameter `callback` will be added as an listener for the
+the last parameter `callback` will be added as a listener for the
 ['listening'][] event.
 
 ### server.listen(options[, callback])
@@ -374,7 +374,7 @@ This function is asynchronous. When the ['connect'][] event is emitted the
 socket is established. If there is a problem connecting, the `'connect'` event
 will not be emitted, the `'error'` event will be emitted with the exception.
 
-The `connectListener` parameter will be added as an listener for the
+The `connectListener` parameter will be added as a listener for the
 ['connect'][] event.
 
 

doc/api/path.markdown

@@ -200,7 +200,7 @@ An example on Windows:
 
     process.env.PATH.split(path.delimiter)
     // returns
-    ['C:\Windows\system32', 'C:\Windows', 'C:\Program Files\nodejs\']
+    ['C:\\Windows\\system32', 'C:\\Windows', 'C:\\Program Files\\nodejs\\']
 
 ## path.parse(pathString)
 
@@ -223,8 +223,8 @@ An example on Windows:
     path.parse('C:\\path\\dir\\index.html')
     // returns
     {
-        root : "C:\",
-        dir : "C:\path\dir",
+        root : "C:\\",
+        dir : "C:\\path\\dir",
         base : "index.html",
         ext : ".html",
         name : "index"

doc/api/stream.markdown

@@ -164,6 +164,34 @@ readable.on('readable', function() {
 Once the internal buffer is drained, a `readable` event will fire
 again when more data is available.
 
+The `readable` event is not emitted in the "flowing" mode with the
+sole exception of the last one, on end-of-stream.
+
+The 'readable' event indicates that the stream has new information:
+either new data is available or the end of the stream has been reached.
+In the former case, `.read()` will return that data. In the latter case,
+`.read()` will return null. For instance, in the following example, `foo.txt`
+is an empty file:
+
+```javascript
+var fs = require('fs');
+var rr = fs.createReadStream('foo.txt');
+rr.on('readable', function() {
+  console.log('readable:', rr.read());
+});
+rr.on('end', function() {
+  console.log('end');
+});
+```
+
+The output of running this script is:
+
+```
+bash-3.2$ node test.js
+readable: null
+end
+```
+
 #### Event: 'data'
 
 * `chunk` {Buffer | String} The chunk of data.
@@ -181,6 +209,9 @@ readable.on('data', function(chunk) {
   console.log('got %d bytes of data', chunk.length);
 });
 ```
+Note that the `readable` event should not be used together with `data`
+because the assigning the latter switches the stream into "flowing" mode,
+so the `readable` event will not be emitted.
 
 #### Event: 'end'
 
@@ -221,7 +252,9 @@ returns it.  If there is no data available, then it will return
 `null`.
 
 If you pass in a `size` argument, then it will return that many
-bytes.  If `size` bytes are not available, then it will return `null`.
+bytes.  If `size` bytes are not available, then it will return `null`,
+unless we've ended, in which case it will return the data remaining
+in the buffer.
 
 If you do not specify a `size` argument, then it will return all the
 data in the internal buffer.
@@ -243,6 +276,9 @@ readable.on('readable', function() {
 If this method returns a data chunk, then it will also trigger the
 emission of a [`'data'` event][].
 
+Note that calling `readable.read([size])` after the `end` event has been
+triggered will return `null`. No runtime error will be raised.
+
 #### readable.setEncoding(encoding)
 
 * `encoding` {String} The encoding to use.
@@ -414,6 +450,9 @@ parser, which needs to "un-consume" some data that it has
 optimistically pulled out of the source, so that the stream can be
 passed on to some other party.
 
+Note that `stream.unshift(chunk)` cannot be called after the `end` event
+has been triggered; a runtime error will be raised.
+
 If you find that you must often call `stream.unshift(chunk)` in your
 programs, consider implementing a [Transform][] stream instead.  (See API
 for Stream Implementors, below.)
@@ -452,6 +491,13 @@ function parseHeader(stream, callback) {
   }
 }
 ```
+Note that, unlike `stream.push(chunk)`, `stream.unshift(chunk)` will not
+end the reading process by resetting the internal reading state of the
+stream. This can cause unexpected results if `unshift` is called during a
+read (i.e. from within a `_read` implementation on a custom stream). Following
+the call to `unshift` with an immediate `stream.push('')` will reset the
+reading state appropriately, however it is best to simply avoid calling
+`unshift` while in the process of performing a read.
 
 #### readable.wrap(stream)
 
@@ -891,6 +937,10 @@ SimpleProtocol.prototype._read = function(n) {
       // back into the read queue so that our consumer will see it.
       var b = chunk.slice(split);
       this.unshift(b);
+      // calling unshift by itself does not reset the reading state
+      // of the stream; since we're inside _read, doing an additional
+      // push('') will reset the state appropriately.
+      this.push('');
 
       // and let them know that we are done parsing the header.
       this.emit('header', this.header);
@@ -930,24 +980,22 @@ initialized.
 
 * `size` {Number} Number of bytes to read asynchronously
 
-Note: **Implement this function, but do NOT call it directly.**
+Note: **Implement this method, but do NOT call it directly.**
 
-This function should NOT be called directly.  It should be implemented
-by child classes, and only called by the internal Readable class
-methods.
+This method is prefixed with an underscore because it is internal to the
+class that defines it and should only be called by the internal Readable
+class methods. All Readable stream implementations must provide a _read
+method to fetch data from the underlying resource.
 
-All Readable stream implementations must provide a `_read` method to
-fetch data from the underlying resource.
+When _read is called, if data is available from the resource, `_read` should
+start pushing that data into the read queue by calling `this.push(dataChunk)`.
+`_read` should continue reading from the resource and pushing data until push
+returns false, at which point it should stop reading from the resource. Only
+when _read is called again after it has stopped should it start reading
+more data from the resource and pushing that data onto the queue.
 
-This method is prefixed with an underscore because it is internal to
-the class that defines it, and should not be called directly by user
-programs.  However, you **are** expected to override this method in
-your own extension classes.
-
-When data is available, put it into the read queue by calling
-`readable.push(chunk)`.  If `push` returns false, then you should stop
-reading.  When `_read` is called again, you should start pushing more
-data.
+Note: once the `_read()` method is called, it will not be called again until
+the `push` method is called.
 
 The `size` argument is advisory.  Implementations where a "read" is a
 single call that returns data can use this to know how much data to
@@ -963,19 +1011,16 @@ becomes available.  There is no need, for example to "wait" until
   Buffer encoding, such as `'utf8'` or `'ascii'`
 * return {Boolean} Whether or not more pushes should be performed
 
-Note: **This function should be called by Readable implementors, NOT
+Note: **This method should be called by Readable implementors, NOT
 by consumers of Readable streams.**
 
-The `_read()` function will not be called again until at least one
-`push(chunk)` call is made.
+If a value other than null is passed, The `push()` method adds a chunk of data
+into the queue for subsequent stream processors to consume. If `null` is
+passed, it signals the end of the stream (EOF), after which no more data
+can be written.
 
-The `Readable` class works by putting data into a read queue to be
-pulled out later by calling the `read()` method when the `'readable'`
-event fires.
-
-The `push()` method will explicitly insert some data into the read
-queue.  If it is called with `null` then it will signal the end of the
-data (EOF).
+The data added with `push` can be pulled out by calling the `read()` method
+when the `'readable'`event fires.
 
 This API is designed to be as flexible as possible.  For example,
 you may be wrapping a lower-level source which has some sort of
@@ -1181,9 +1226,9 @@ as a result of this chunk.
 
 Call the callback function only when the current chunk is completely
 consumed.  Note that there may or may not be output as a result of any
-particular input chunk. If you supply as the second argument to the
-it will be passed to push method, in other words the following are
-equivalent:
+particular input chunk. If you supply a data chunk as the second argument
+to the callback function it will be passed to push method, in other words
+the following are equivalent:
 
 ```javascript
 transform.prototype._transform = function (data, encoding, callback) {

doc/api/tls.markdown

@@ -25,8 +25,10 @@ To create a self-signed certificate with the CSR, do this:
 
 Alternatively you can send the CSR to a Certificate Authority for signing.
 
-(TODO: docs on creating a CA, for now interested users should just look at
-`test/fixtures/keys/Makefile` in the Node source code)
+For Perfect Forward Secrecy, it is required to generate Diffie-Hellman
+parameters:
+
+    openssl dhparam -outform PEM -out dhparam.pem 2048
 
 To create .pfx or .p12, do this:
 
@@ -134,6 +136,81 @@ the character "E" appended to the traditional abbreviations):
 Ephemeral methods may have some performance drawbacks, because key generation
 is expensive.
 
+## Modifying the Default Cipher Suite
+
+Node.js is built with a default suite of enabled and disabled ciphers.
+Currently, the default cipher suite is:
+
+    ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:
+    DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:
+    HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA
+
+This default can be overridden entirely using the `--cipher-list` command line
+switch or `NODE_CIPHER_LIST` environment variable. For instance:
+
+    node --cipher-list=ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384
+
+Setting the environment variable would have the same effect:
+
+    NODE_CIPHER_LIST=ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384
+
+CAUTION: The default cipher suite has been carefully selected to reflect current
+security best practices and risk mitigation. Changing the default cipher suite
+can have a significant impact on the security of an application. The
+`--cipher-list` and `NODE_CIPHER_LIST` options should only be used if
+absolutely necessary.
+
+### Using Legacy Default Cipher Suite ###
+
+It is possible for the built-in default cipher suite to change from one release
+of Node.js to another. For instance, v0.10.38 uses a different default than
+v0.12.2. Such changes can cause issues with applications written to assume
+certain specific defaults. To help buffer applications against such changes,
+the `--enable-legacy-cipher-list` command line switch or `NODE_LEGACY_CIPHER_LIST`
+environment variable can be set to specify a specific preset default:
+
+    # Use the v0.10.38 defaults
+    node --enable-legacy-cipher-list=v0.10.38
+    // or
+    NODE_LEGACY_CIPHER_LIST=v0.10.38
+
+    # Use the v0.12.2 defaults
+    node --enable-legacy-cipher-list=v0.12.2
+    // or
+    NODE_LEGACY_CIPHER_LIST=v0.12.2
+
+Currently, the values supported for the `enable-legacy-cipher-list` switch and
+`NODE_LEGACY_CIPHER_LIST` environment variable include:
+
+    v0.10.38 - To enable the default cipher suite used in v0.10.38
+
+      ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
+
+    v0.10.39 - To enable the default cipher suite used in v0.10.39
+
+      ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH
+
+    v0.12.2 - To enable the default cipher suite used in v0.12.2
+
+      ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:
+      HIGH:!MD5:!aNULL
+
+    v.0.12.3 - To enable the default cipher suite used in v0.12.3
+
+      ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:
+      !RC4:!MD5:!aNULL
+
+These legacy cipher suites are also made available for use via the
+`getLegacyCiphers()` method:
+
+    var tls = require('tls');
+    console.log(tls.getLegacyCiphers('v0.10.38'));
+
+CAUTION: Changes to the default cipher suite are typically made in order to
+strengthen the default security for applications running within Node.js.
+Reverting back to the defaults used by older releases can weaken the security
+of your applications. The legacy cipher suites should only be used if absolutely
+necessary.
 
 ## tls.getCiphers()
 
@@ -144,6 +221,12 @@ Example:
     var ciphers = tls.getCiphers();
     console.log(ciphers); // ['AES128-SHA', 'AES256-SHA', ...]
 
+## tls.getLegacyCiphers(version)
+
+Returns the legacy default cipher suite for the specified Node.js release.
+
+Example:
+    var cipher_suite = tls.getLegacyCiphers('v0.10.38');
 
 ## tls.createServer(options[, secureConnectionListener])
 
@@ -170,31 +253,20 @@ automatically set as a listener for the [secureConnection][] event.  The
   - `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate
     Revocation List)
 
-  - `ciphers`: A string describing the ciphers to use or exclude.
+  - `ciphers`: A string describing the ciphers to use or exclude, separated by
+    `:`. The default cipher suite is:
 
-    To mitigate [BEAST attacks] it is recommended that you use this option in
-    conjunction with the `honorCipherOrder` option described below to
-    prioritize the non-CBC cipher.
+        ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:
+        DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:
+        HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA
 
-    Defaults to
-    `ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL`.
-    Consult the [OpenSSL cipher list format documentation] for details
-    on the format.
-
-    `ECDHE-RSA-AES128-SHA256`, `DHE-RSA-AES128-SHA256` and
-    `AES128-GCM-SHA256` are TLS v1.2 ciphers and used when Node.js is
-    linked against OpenSSL 1.0.1 or newer, such as the bundled version
-    of OpenSSL.  Note that it is still possible for a TLS v1.2 client
-    to negotiate a weaker cipher unless `honorCipherOrder` is enabled.
-
-    `RC4` is used as a fallback for clients that speak on older version of
-    the TLS protocol.  `RC4` has in recent years come under suspicion and
-    should be considered compromised for anything that is truly sensitive.
-    It is speculated that state-level actors possess the ability to break it.
-
-    **NOTE**: Previous revisions of this section suggested `AES256-SHA` as an
-    acceptable cipher. Unfortunately, `AES256-SHA` is a CBC cipher and therefore
-    susceptible to [BEAST attacks]. Do *not* use it.
+    The default cipher suite prefers ECDHE and DHE ciphers for Perfect Forward
+    secrecy, while offering *some* backward compatibility. Old clients which
+    rely on insecure and deprecated RC4 or DES-based ciphers (like Internet
+    Explorer 6) aren't able to complete the handshake with the default
+    configuration. If you absolutely must support these clients, the
+    [TLS recommendations] may offer a compatible cipher suite. For more details
+    on the format, see the [OpenSSL cipher list format documentation].
 
   - `ecdhCurve`: A string describing a named curve to use for ECDH key agreement
     or false to disable ECDH.
@@ -212,7 +284,7 @@ automatically set as a listener for the [secureConnection][] event.  The
     times out.
 
   - `honorCipherOrder` : When choosing a cipher, use the server's preferences
-    instead of the client preferences.
+    instead of the client preferences. Default: `true`.
 
     Although, this option is disabled by default, it is *recommended* that you
     use this option in conjunction with the `ciphers` option to mitigate
@@ -512,7 +584,7 @@ encrypted data, and one reads/writes cleartext data.
 Generally the encrypted one is piped to/from an incoming encrypted data stream,
 and the cleartext one is used as a replacement for the initial encrypted stream.
 
- - `credentials`: A secure context object from tls.createSecureContext( ... )
+ - `context`: A secure context object from tls.createSecureContext( ... )
 
  - `isServer`: A boolean indicating whether this tls connection should be
    opened as a server or a client.
@@ -694,6 +766,11 @@ This is an encrypted stream.
 A proxy to the underlying socket's bytesWritten accessor, this will return
 the total bytes written to the socket, *including the TLS overhead*.
 
+## Class: CleartextStream
+
+The CleartextStream class in Node.js version v0.10.39 and prior has been
+deprecated and removed.
+
 ## Class: tls.TLSSocket
 
 This is a wrapped version of [net.Socket][] that does transparent encryption
@@ -868,5 +945,6 @@ The numeric representation of the local port.
 [ECDHE]: https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
 [asn1.js]: http://npmjs.org/package/asn1.js
 [OCSP request]: http://en.wikipedia.org/wiki/OCSP_stapling
+[TLS recommendations]: https://wiki.mozilla.org/Security/Server_Side_TLS
 [SSL_CTX_set_options]: https://www.openssl.org/docs/ssl/SSL_CTX_set_options.html
 [CVE-2014-3566]: https://access.redhat.com/articles/1232123

doc/api/util.markdown

@@ -261,7 +261,7 @@ through the `constructor.super_` property.
 
 Marks that a method should not be used any more.
 
-    exports.puts = exports.deprecate(function() {
+    exports.puts = util.deprecate(function() {
       for (var i = 0, len = arguments.length; i < len; ++i) {
         process.stdout.write(arguments[i] + '\n');
       }

doc/api/vm.markdown

@@ -117,7 +117,7 @@ Example: compile and execute code that increments a global variable and sets a
 new one. These globals are contained in the sandbox.
 
     var util = require('util');
-    var vm = require('vm'),
+    var vm = require('vm');
 
     var sandbox = {
       animal: 'cat',

lib/_debugger.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util'),
     path = require('path'),
     net = require('net'),

lib/_http_agent.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var net = require('net');
 var util = require('util');
 var EventEmitter = require('events').EventEmitter;

lib/_http_client.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var net = require('net');
 var url = require('url');
@@ -371,7 +373,7 @@ function parserOnIncomingClient(res, shouldKeepAlive) {
   var req = socket._httpMessage;
 
 
-  // propogate "domain" setting...
+  // propagate "domain" setting...
   if (req.domain && !res.domain) {
     debug('setting "res.domain"');
     res.domain = req.domain;
@@ -474,7 +476,7 @@ function tickOnSocket(req, socket) {
   socket.parser = parser;
   socket._httpMessage = req;
 
-  // Setup "drain" propogation.
+  // Setup "drain" propagation.
   httpSocketSetup(socket);
 
   // Propagate headers limit from request object to parser

lib/_http_common.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var FreeList = require('freelist').FreeList;
 var HTTPParser = process.binding('http_parser').HTTPParser;
 

lib/_http_incoming.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var Stream = require('stream');
 

lib/_http_outgoing.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var assert = require('assert').ok;
 var Stream = require('stream');
 var timers = require('timers');

lib/_http_server.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var net = require('net');
 var EventEmitter = require('events').EventEmitter;
@@ -448,7 +450,7 @@ function connectionListener(socket) {
     }
 
     // When we're finished writing the response, check if this is the last
-    // respose, if so destroy the socket.
+    // response, if so destroy the socket.
     res.on('prefinish', resOnFinish);
     function resOnFinish() {
       // Usually the first incoming element should be our request.  it may

lib/_linklist.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 function init(list) {
   list._idleNext = list;
   list._idlePrev = list;

lib/_stream_duplex.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // a duplex stream is just a stream that is both readable and writable.
 // Since JS doesn't have multiple prototypal inheritance, this class
 // prototypally inherits from Readable, and then parasitically from

lib/_stream_passthrough.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // a passthrough stream.
 // basically just the most minimal sort of Transform stream.
 // Every written chunk gets output as-is.

lib/_stream_readable.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 module.exports = Readable;
 Readable.ReadableState = ReadableState;
 
@@ -142,8 +144,7 @@ function readableAddChunk(stream, state, chunk, encoding, addToFront) {
     stream.emit('error', er);
   } else if (chunk === null) {
     state.reading = false;
-    if (!state.ended)
-      onEofChunk(stream, state);
+    onEofChunk(stream, state);
   } else if (state.objectMode || chunk && chunk.length > 0) {
     if (state.ended && !addToFront) {
       var e = new Error('stream.push() after EOF');
@@ -388,7 +389,8 @@ function chunkInvalid(state, chunk) {
 
 
 function onEofChunk(stream, state) {
-  if (state.decoder && !state.ended) {
+  if (state.ended) return;
+  if (state.decoder) {
     var chunk = state.decoder.end();
     if (chunk && chunk.length) {
       state.buffer.push(chunk);

lib/_stream_transform.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 
 // a transform stream is a readable/writable stream where you do
 // something with the data.  Sometimes it's called a "filter",

lib/_stream_writable.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // A bit simpler than readable streams.
 // Implement an async ._write(chunk, cb), and it'll handle all
 // the drain event emission and buffering.

lib/_tls_common.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var constants = require('constants');
 var tls = require('tls');

lib/_tls_legacy.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var assert = require('assert');
 var events = require('events');
 var stream = require('stream');
@@ -662,14 +664,17 @@ function onnewsession(key, session) {
   var self = this;
   var once = false;
 
-  self.server.emit('newSession', key, session, function() {
+  if (!self.server.emit('newSession', key, session, done))
+    done();
+
+  function done() {
     if (once)
       return;
     once = true;
 
     if (self.ssl)
       self.ssl.newSessionDone();
-  });
+  };
 }
 
 

lib/_tls_wrap.js

@@ -22,6 +22,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var assert = require('assert');
 var crypto = require('crypto');
 var net = require('net');
@@ -201,7 +203,10 @@ function onnewsession(key, session) {
   var once = false;
 
   this._newSessionPending = true;
-  this.server.emit('newSession', key, session, function() {
+  if (!this.server.emit('newSession', key, session, done))
+    done();
+
+  function done() {
     if (once)
       return;
     once = true;
@@ -212,7 +217,7 @@ function onnewsession(key, session) {
     if (self._securePending)
       self._finishInit();
     self._securePending = false;
-  });
+  }
 }
 
 
@@ -733,10 +738,10 @@ Server.prototype.setOptions = function(options) {
     secureOptions |= constants.SSL_OP_CIPHER_SERVER_PREFERENCE;
   }
 
-  if (options.honorCipherOrder)
-    this.honorCipherOrder = true;
+  if (options.honorCipherOrder !== undefined)
+    this.honorCipherOrder = !!options.honorCipherOrder;
   else
-    this.honorCipherOrder = false;
+    this.honorCipherOrder = true;
 
   this.secureOptions = secureOptions;
 

lib/assert.js

@@ -22,6 +22,8 @@
 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // UTILITY
 var util = require('util');
 var b = require('buffer');

lib/buffer.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var buffer = process.binding('buffer');
 var smalloc = process.binding('smalloc');
 var util = require('util');

lib/child_process.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var StringDecoder = require('string_decoder').StringDecoder;
 var EventEmitter = require('events').EventEmitter;
 var net = require('net');

lib/cluster.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var EventEmitter = require('events').EventEmitter;
 var assert = require('assert');
 var dgram = require('dgram');

lib/console.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 
 function Console(stdout, stderr) {

lib/constants.js

@@ -19,4 +19,6 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 module.exports = process.binding('constants');

lib/crypto.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // Note: In 0.8 and before, crypto functions all defaulted to using
 // binary-encoded strings rather than buffers.
 

lib/dgram.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var assert = require('assert');
 var util = require('util');
 var events = require('events');
@@ -293,7 +295,7 @@ Socket.prototype.send = function(buffer,
   self._healthCheck();
 
   if (self._bindState == BIND_STATE_UNBOUND)
-    self.bind(0, null);
+    self.bind({port: 0, exclusive: true}, null);
 
   // If the socket hasn't been bound yet, push the outbound packet onto the
   // send queue and send after binding is complete.

lib/dns.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var net = require('net');
 var util = require('util');
 

lib/domain.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var EventEmitter = require('events');
 var inherits = util.inherits;

lib/events.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var domain;
 var util = require('util');
 

lib/freelist.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // This is a free list to avoid creating so many of the same object.
 exports.FreeList = function(name, max, constructor) {
   this.name = name;

lib/fs.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // Maintainers, keep in mind that octal literals are not allowed
 // in strict mode. Use the decimal value and add a comment with
 // the octal value. Example:
@@ -87,10 +89,14 @@ function maybeCallback(cb) {
 // for callbacks that are passed to the binding layer, callbacks that are
 // invoked from JS already run in the proper scope.
 function makeCallback(cb) {
-  if (!util.isFunction(cb)) {
+  if (util.isNullOrUndefined(cb)) {
     return rethrow();
   }
 
+  if (!util.isFunction(cb)) {
+    throw new TypeError('callback must be a function');
+  }
+
   return function() {
     return cb.apply(null, arguments);
   };

lib/http.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var util = require('util');
 var EventEmitter = require('events').EventEmitter;
 

lib/https.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var tls = require('tls');
 var url = require('url');
 var http = require('http');

lib/module.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var NativeModule = require('native_module');
 var util = require('util');
 var runInThisContext = require('vm').runInThisContext;

lib/net.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var events = require('events');
 var stream = require('stream');
 var timers = require('timers');
@@ -68,8 +70,8 @@ function isPipeName(s) {
 }
 
 
-exports.createServer = function() {
-  return new Server(arguments[0], arguments[1]);
+exports.createServer = function(options, connectionListener) {
+  return new Server(options, connectionListener);
 };
 
 
@@ -577,10 +579,10 @@ function onread(nread, buffer) {
 
 
 Socket.prototype._getpeername = function() {
-  if (!this._handle || !this._handle.getpeername) {
-    return {};
-  }
   if (!this._peername) {
+    if (!this._handle || !this._handle.getpeername) {
+      return {};
+    }
     var out = {};
     var err = this._handle.getpeername(out);
     if (err) return {};  // FIXME(bnoordhuis) Throw?
@@ -866,6 +868,7 @@ Socket.prototype.connect = function(options, cb) {
     this._writableState.errorEmitted = false;
     this.destroyed = false;
     this._handle = null;
+    this._peername = null;
   }
 
   var self = this;
@@ -1012,23 +1015,23 @@ function afterConnect(status, handle, req, readable, writable) {
 }
 
 
-function Server(/* [ options, ] listener */) {
-  if (!(this instanceof Server)) return new Server(arguments[0], arguments[1]);
+function Server(options, connectionListener) {
+  if (!(this instanceof Server))
+    return new Server(options, connectionListener);
+
   events.EventEmitter.call(this);
 
   var self = this;
 
-  var options;
-
-  if (util.isFunction(arguments[0])) {
+  if (util.isFunction(options)) {
+    connectionListener = options;
     options = {};
-    self.on('connection', arguments[0]);
+    self.on('connection', connectionListener);
   } else {
-    options = arguments[0] || {};
+    options = options || {};
 
-    if (util.isFunction(arguments[1])) {
-      self.on('connection', arguments[1]);
-    }
+    if (util.isFunction(connectionListener))
+      self.on('connection', connectionListener);
   }
 
   this._connections = 0;

lib/os.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var binding = process.binding('os');
 var util = require('util');
 var isWindows = process.platform === 'win32';

lib/path.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 
 var isWindows = process.platform === 'win32';
 var util = require('util');

lib/querystring.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // Query String Utilities
 
 var QueryString = exports;

lib/readline.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // Inspiration for this code comes from Salvatore Sanfilippo's linenoise.
 // https://github.com/antirez/linenoise
 // Reference:

lib/repl.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 /* A repl library that you can include in your own code to get a runtime
  * interface to your program.
  *

lib/smalloc.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var smalloc = process.binding('smalloc');
 var kMaxLength = smalloc.kMaxLength;
 var util = require('util');

lib/stream.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 module.exports = Stream;
 
 var EE = require('events').EventEmitter;

lib/string_decoder.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 function assertEncoding(encoding) {
   if (encoding && !Buffer.isEncoding(encoding)) {
     throw new Error('Unknown encoding: ' + encoding);

lib/sys.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 // the sys module was renamed to 'util'.
 // this shim remains to keep old programs working.
 module.exports = require('util');

lib/timers.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var Timer = process.binding('timer_wrap').Timer;
 var L = require('_linklist');
 var assert = require('assert').ok;

lib/tls.js

@@ -19,6 +19,10 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
+var _crypto = process.binding('crypto');
+
 var net = require('net');
 var url = require('url');
 var util = require('util');
@@ -33,16 +37,14 @@ exports.CLIENT_RENEG_WINDOW = 600;
 
 exports.SLAB_BUFFER_SIZE = 10 * 1024 * 1024;
 
-exports.DEFAULT_CIPHERS =
-    // TLS 1.2
-    'ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:' +
-    // TLS 1.0
-    'RC4:HIGH:!MD5:!aNULL';
+exports.DEFAULT_CIPHERS = _crypto.DEFAULT_CIPHER_LIST;
 
 exports.DEFAULT_ECDH_CURVE = 'prime256v1';
 
+exports.getLegacyCiphers = _crypto.getLegacyCiphers;
+
 exports.getCiphers = function() {
-  var names = process.binding('crypto').getSSLCiphers();
+  var names = _crypto.getSSLCiphers();
   // Drop all-caps names in favor of their lowercase aliases,
   var ctx = {};
   names.forEach(function(name) {

lib/tty.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var inherits = require('util').inherits;
 var net = require('net');
 var TTY = process.binding('tty_wrap').TTY;

lib/url.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var punycode = require('punycode');
 var util = require('util');
 
@@ -600,7 +602,7 @@ Url.prototype.resolveObject = function(relative) {
     if (psychotic) {
       result.hostname = result.host = srcPath.shift();
       //occationaly the auth can get stuck only in host
-      //this especialy happens in cases like
+      //this especially happens in cases like
       //url.resolveObject('mailto:local1@domain1', 'local2@domain2')
       var authInHost = result.host && result.host.indexOf('@') > 0 ?
                        result.host.split('@') : false;
@@ -639,8 +641,8 @@ Url.prototype.resolveObject = function(relative) {
   // then it must NOT get a trailing slash.
   var last = srcPath.slice(-1)[0];
   var hasTrailingSlash = (
-      (result.host || relative.host) && (last === '.' || last === '..') ||
-      last === '');
+      (result.host || relative.host || srcPath.length > 1) &&
+      (last === '.' || last === '..') || last === '');
 
   // strip single dots, resolve double dots to parent dir
   // if the path tries to go above the root, `up` ends up > 0
@@ -682,7 +684,7 @@ Url.prototype.resolveObject = function(relative) {
     result.hostname = result.host = isAbsolute ? '' :
                                     srcPath.length ? srcPath.shift() : '';
     //occationaly the auth can get stuck only in host
-    //this especialy happens in cases like
+    //this especially happens in cases like
     //url.resolveObject('mailto:local1@domain1', 'local2@domain2')
     var authInHost = result.host && result.host.indexOf('@') > 0 ?
                      result.host.split('@') : false;

lib/util.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var formatRegExp = /%[sdj%]/g;
 exports.format = function(f) {
   if (!isString(f)) {

lib/vm.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var binding = process.binding('contextify');
 var Script = binding.ContextifyScript;
 var util = require('util');

lib/zlib.js

@@ -19,6 +19,8 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+'use strict';
+
 var Transform = require('_stream_transform');
 
 var binding = process.binding('zlib');

src/node.cc

@@ -2070,7 +2070,7 @@ static void OnFatalError(const char* location, const char* message) {
 
 NO_RETURN void FatalError(const char* location, const char* message) {
   OnFatalError(location, message);
-  // to supress compiler warning
+  // to suppress compiler warning
   abort();
 }
 
@@ -2936,6 +2936,9 @@ static void PrintHelp() {
 #endif
          "  --enable-ssl2        enable ssl2\n"
          "  --enable-ssl3        enable ssl3\n"
+         "  --cipher-list=val    specify the default TLS cipher list\n"
+         "  --enable-legacy-cipher-list=val \n"
+         "                       val = v0.10.38, v0.10.39, v0.12.2 or v0.12.3\n"
          "\n"
          "Environment variables:\n"
 #ifdef _WIN32
@@ -2953,6 +2956,9 @@ static void PrintHelp() {
          "                       (will extend linked-in data)\n"
 #endif
 #endif
+         "NODE_CIPHER_LIST       Override the default TLS cipher list\n"
+         "NODE_LEGACY_CIPHER_LIST=val\n"
+         "                       val = v0.10.38, v0.10.39, v0.12.2 or v0.12.3\n"
          "\n"
          "Documentation can be found at http://nodejs.org/\n");
 }
@@ -2992,6 +2998,7 @@ static void ParseArgs(int* argc,
   unsigned int new_argc = 1;
   new_v8_argv[0] = argv[0];
   new_argv[0] = argv[0];
+  bool using_legacy_cipher_list = false;
 
   unsigned int index = 1;
   while (index < nargs && argv[index][0] == '-') {
@@ -3047,6 +3054,20 @@ static void ParseArgs(int* argc,
     } else if (strcmp(arg, "--v8-options") == 0) {
       new_v8_argv[new_v8_argc] = "--help";
       new_v8_argc += 1;
+    } else if (strncmp(arg, "--cipher-list=", 14) == 0) {
+      if (!using_legacy_cipher_list) {
+        DEFAULT_CIPHER_LIST = arg + 14;
+      }
+    } else if (strncmp(arg, "--enable-legacy-cipher-list=", 28) == 0) {
+      // use the original v0.10.x/v0.12.x cipher lists
+      const char * legacy_list = legacy_cipher_list(arg+28);
+      if (legacy_list != NULL) {
+        using_legacy_cipher_list = true;
+        DEFAULT_CIPHER_LIST = legacy_list;
+      } else {
+        fprintf(stderr, "Error: An unknown legacy cipher list was specified\n");
+        exit(9);
+      }
 #if defined(NODE_HAVE_I18N_SUPPORT)
     } else if (strncmp(arg, "--icu-data-dir=", 15) == 0) {
       icu_data_dir = arg + 15;
@@ -3414,6 +3435,26 @@ void Init(int* argc,
     }
   }
 
+  const char * cipher_list = getenv("NODE_CIPHER_LIST");
+  if (cipher_list != NULL) {
+    DEFAULT_CIPHER_LIST = cipher_list;
+  }
+  // Allow the NODE_LEGACY_CIPHER_LIST envar to override the other
+  // cipher list options. NODE_LEGACY_CIPHER_LIST=v0.10.38 will use
+  // the cipher list from v0.10.38, NODE_LEGACY_CIPHER_LIST=v0.12.2 will
+  // use the cipher list from v0.12.2
+  const char * leg_cipher_id = getenv("NODE_LEGACY_CIPHER_LIST");
+  if (leg_cipher_id != NULL) {
+    const char * leg_cipher_list =
+      legacy_cipher_list(leg_cipher_id);
+    if (leg_cipher_list != NULL) {
+      DEFAULT_CIPHER_LIST = leg_cipher_list;
+    } else {
+      fprintf(stderr, "Error: An unknown legacy cipher list was specified\n");
+      exit(9);
+    }
+  }
+
 #if defined(NODE_HAVE_I18N_SUPPORT)
   if (icu_data_dir == NULL) {
     // if the parameter isn't given, use the env variable.

src/node.h

@@ -223,6 +223,17 @@ NODE_EXTERN void RunAtExit(Environment* env);
   }                                                                           \
   while (0)
 
+#define NODE_DEFINE_STRING_CONSTANT(isolate, target, constant)                \
+  do {                                                                        \
+    v8::Local<v8::String> constant_name =                                     \
+        v8::String::NewFromUtf8(isolate, #constant);                          \
+    v8::Local<v8::String> constant_value =                                    \
+        v8::String::NewFromUtf8(isolate, constant);                           \
+    v8::PropertyAttribute constant_attributes =                               \
+        static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete);    \
+    (target)->ForceSet(constant_name, constant_value, constant_attributes);   \
+  } while (0)
+
 // Used to be a macro, hence the uppercase name.
 template <typename TypeName>
 inline void NODE_SET_METHOD(const TypeName& recv,

src/node.js

@@ -24,6 +24,9 @@
 // This file is invoked by node::Load in src/node.cc, and responsible for
 // bootstrapping the node.js core. Special caution is given to the performance
 // of the startup process, so many dependencies are invoked lazily.
+
+'use strict';
+
 (function(process) {
   this.global = this;
 

src/node_crypto.cc

@@ -77,6 +77,7 @@ namespace node {
 
 bool SSL2_ENABLE = false;
 bool SSL3_ENABLE = false;
+const char * DEFAULT_CIPHER_LIST = DEFAULT_CIPHER_LIST_HEAD;
 
 namespace crypto {
 
@@ -4851,6 +4852,26 @@ static void array_push_back(const TypeName* md,
   ctx->arr->Set(ctx->arr->Length(), OneByteString(ctx->env()->isolate(), from));
 }
 
+// borrowed from v8
+// (see http://v8.googlecode.com/svn/trunk/samples/shell.cc)
+const char* ToCString(const String::Utf8Value& value) {
+  return *value ? *value : "<string conversion failed>";
+}
+
+void DefaultCiphers(const v8::FunctionCallbackInfo<v8::Value>& args) {
+  Environment* env = Environment::GetCurrent(args.GetIsolate());
+  HandleScope scope(env->isolate());
+  v8::String::Utf8Value key(args[0]);
+  const char * list = legacy_cipher_list(ToCString(key));
+  if (list != NULL) {
+    args.GetReturnValue().Set(
+      v8::String::NewFromUtf8(args.GetIsolate(), list));
+  } else {
+    args.GetReturnValue().Set(
+      v8::String::NewFromUtf8(args.GetIsolate(),
+                             DEFAULT_CIPHER_LIST_HEAD));
+  }
+}
 
 void GetCiphers(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args.GetIsolate());
@@ -5171,6 +5192,9 @@ void InitCrypto(Handle<Object> target,
 
   NODE_DEFINE_CONSTANT(target, SSL3_ENABLE);
   NODE_DEFINE_CONSTANT(target, SSL2_ENABLE);
+
+  NODE_DEFINE_STRING_CONSTANT(env->isolate(), target, DEFAULT_CIPHER_LIST);
+  NODE_SET_METHOD(target, "getLegacyCiphers", DefaultCiphers);
 }
 
 }  // namespace crypto

src/node_crypto.h

@@ -38,6 +38,7 @@
 
 #include "v8.h"
 
+#include <string.h>
 #include <openssl/ssl.h>
 #include <openssl/ec.h>
 #include <openssl/ecdh.h>
@@ -59,10 +60,51 @@
 # define NODE__HAVE_TLSEXT_STATUS_CB
 #endif  // !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_set_tlsext_status_cb)
 
+#define DEFAULT_CIPHER_LIST_V10_38 "ECDHE-RSA-AES128-SHA256:"                  \
+                                "AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"
+
+#define DEFAULT_CIPHER_LIST_V10_39 "ECDHE-RSA-AES128-SHA256:"                  \
+                                "AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH"
+
+#define DEFAULT_CIPHER_LIST_V12_2 "ECDHE-RSA-AES128-SHA256:"                   \
+                                "DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:" \
+                                "HIGH:!MD5:!aNULL"
+
+#define DEFAULT_CIPHER_LIST_V12_3  "ECDHE-RSA-AES128-SHA256:"                  \
+                                "DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:"\
+                                "!RC4:!MD5:!aNULL"
+
+#define DEFAULT_CIPHER_LIST_HEAD "ECDHE-RSA-AES256-SHA384:"                    \
+                                 "DHE-RSA-AES256-SHA384:"                      \
+                                 "ECDHE-RSA-AES256-SHA256:"                    \
+                                 "DHE-RSA-AES256-SHA256:"                      \
+                                 "ECDHE-RSA-AES128-SHA256:"                    \
+                                 "DHE-RSA-AES128-SHA256:"                      \
+                                 "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:"  \
+                                 "!PSK:!SRP:!CAMELLIA"
+
+static inline const char * legacy_cipher_list(const char * ver) {
+  if (ver == NULL) {
+    return NULL;
+  }
+  if (strncmp(ver, "v0.10.38", 8) == 0) {
+    return DEFAULT_CIPHER_LIST_V10_38;
+  } else if (strncmp(ver, "v0.10.39", 8) == 0) {
+    return DEFAULT_CIPHER_LIST_V10_39;
+  } else if (strncmp(ver, "v0.12.2", 7) == 0) {
+    return DEFAULT_CIPHER_LIST_V12_2;
+  } else if (strncmp(ver, "v0.12.3", 7) == 0) {
+    return DEFAULT_CIPHER_LIST_V12_3;
+  } else {
+    return NULL;
+  }
+}
+
 namespace node {
 
 extern bool SSL2_ENABLE;
 extern bool SSL3_ENABLE;
+extern const char * DEFAULT_CIPHER_LIST;
 
 namespace crypto {
 

src/node_object_wrap.h

@@ -101,7 +101,7 @@ class ObjectWrap {
    * attached to detached state it will be freed. Be careful not to access
    * the object after making this call as it might be gone!
    * (A "weak reference" means an object that only has a
-   * persistant handle.)
+   * persistent handle.)
    *
    * DO NOT CALL THIS FROM DESTRUCTOR
    */

src/node_os.cc

@@ -37,7 +37,7 @@
 # include <unistd.h>        // gethostname, sysconf
 # include <sys/param.h>     // MAXHOSTNAMELEN on Linux and the BSDs.
 # include <sys/utsname.h>
-#endif  // __MINGW32__
+#endif  // __POSIX__
 
 // Add Windows fallback.
 #ifndef MAXHOSTNAMELEN

src/node_version.h

@@ -23,10 +23,10 @@
 #define SRC_NODE_VERSION_H_
 
 #define NODE_MAJOR_VERSION 0
-#define NODE_MINOR_VERSION 12
-#define NODE_PATCH_VERSION 7
+#define NODE_MINOR_VERSION 13
+#define NODE_PATCH_VERSION 0
 
-#define NODE_VERSION_IS_RELEASE 1
+#define NODE_VERSION_IS_RELEASE 0
 
 #ifndef NODE_TAG
 # define NODE_TAG ""

src/udp_wrap.cc

@@ -445,7 +445,17 @@ void UDPWrap::OnRecv(uv_udp_t* handle,
     return;
   }
 
-  char* base = static_cast<char*>(realloc(buf->base, nread));
+  char* base = NULL;
+  if (nread != 0) {
+     base = static_cast<char*>(realloc(buf->base, nread));
+    // If realloc fails, fallback to old pointer
+    // safe since we are always shrinking the buffer
+    if (base == NULL)
+        base = buf->base;
+  } else {
+    free(buf->base);
+  }
+
   argv[2] = Buffer::Use(env, base, nread);
   argv[3] = AddressToJS(env, addr);
   wrap->MakeCallback(env->onmessage_string(), ARRAY_SIZE(argv), argv);

test/internet/internet.status

@@ -3,4 +3,3 @@ prefix internet
 test-dns                          : PASS,FLAKY
 
 [$system==solaris]
-test-http-dns-fail                : PASS,FLAKY

test/simple/simple.status

@@ -1,6 +1,5 @@
 prefix simple
 
-test-crypto-domains               : PASS,FLAKY
 test-debug-signal-cluster         : PASS,FLAKY
 test-cluster-basic                : PASS,FLAKY
 test-microtask-queue-run          : PASS,FLAKY
@@ -8,12 +7,10 @@ test-microtask-queue-run-domain   : PASS,FLAKY
 
 [$system==win32]
 test-timers-first-fire            : PASS,FLAKY
+test-http-pipeline-flood          : PASS,FLAKY
 
 [$system==linux]
-test-fs-readfile-error            : PASS,FLAKY
-test-net-GH-5504                  : PASS,FLAKY
-test-stdin-script-child           : PASS,FLAKY
-test-util-debug                   : PASS,FLAKY
+test-signal-unregister            : PASS,FLAKY
 
 [$system==macos]
 test-fs-watch                     : PASS,FLAKY

test/simple/test-cluster-dgram-2.js

@@ -74,6 +74,11 @@ function worker() {
   var socket = dgram.createSocket('udp4');
   var buf = new Buffer('hello world');
 
+  // This test is intended to exercise the cluster binding of udp sockets, but
+  // since sockets aren't clustered when implicitly bound by at first call of
+  // send(), explicitly bind them to an ephemeral port.
+  socket.bind(0);
+
   for (var i = 0; i < PACKETS_PER_WORKER; i++)
     socket.send(buf, 0, buf.length, common.PORT, '127.0.0.1');
 

test/simple/test-debug-port-from-cmdline.js

@@ -24,11 +24,11 @@ var assert = require('assert');
 var spawn = require('child_process').spawn;
 
 var debugPort = common.PORT;
-var args = ['--debug-port=' + debugPort];
+var args = ['--interactive', '--debug-port=' + debugPort];
 var childOptions = { stdio: ['pipe', 'pipe', 'pipe', 'ipc'] };
 var child = spawn(process.execPath, args, childOptions);
 
-child.stdin.end("process.send({ msg: 'childready' });");
+child.stdin.write("process.send({ msg: 'childready' });\n");
 
 child.stderr.on('data', function(data) {
   var lines = data.toString().replace(/\r/g, '').trim().split('\n');
@@ -43,6 +43,7 @@ child.on('message', function onChildMsg(message) {
 
 process.on('exit', function() {
   child.kill();
+  assertOutputLines();
 });
 
 var outputLines = [];
@@ -51,7 +52,6 @@ function processStderrLine(line) {
   outputLines.push(line);
 
   if (/Debugger listening/.test(line)) {
-    assertOutputLines();
     process.exit();
   }
 }

test/simple/test-dgram-exclusive-implicit-bind.js

@@ -0,0 +1,100 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+var common = require('../common');
+var assert = require('assert');
+var cluster = require('cluster');
+var dgram = require('dgram');
+
+// Without an explicit bind, send() causes an implicit bind, which always
+// generate a unique per-socket ephemeral port. An explicit bind to a port
+// number causes all sockets bound to that number to share a port.
+//
+// The 2 workers that call bind() will share a port, the two workers that do
+// not will not share a port, so master will see 3 unique source ports.
+
+// Note that on Windows, clustered dgram is not supported. Since explicit
+// binding causes the dgram to be clustered, don't fork the workers that bind.
+// This is a useful test, still, because it demonstrates that by avoiding
+// clustering, client (ephemeral, implicitly bound) dgram sockets become
+// supported while using cluster, though servers still cause the master to error
+// with ENOTSUP.
+
+var windows = process.platform === 'win32';
+
+if (cluster.isMaster) {
+  var pass;
+  var messages = 0;
+  var ports = {};
+
+  process.on('exit', function() {
+    assert.equal(pass, true);
+  });
+
+  var target = dgram.createSocket('udp4');
+
+  target.on('message', function(buf, rinfo) {
+    messages++;
+    ports[rinfo.port] = true;
+
+    if (windows && messages === 2) {
+      assert.equal(Object.keys(ports).length, 2);
+      done();
+    }
+
+    if (!windows && messages === 4) {
+      assert.equal(Object.keys(ports).length, 3);
+      done();
+    }
+
+    function done() {
+      pass = true;
+      cluster.disconnect();
+      target.close();
+    }
+  });
+
+  target.on('listening', function() {
+    cluster.fork();
+    cluster.fork();
+    if (!windows) {
+      cluster.fork({BOUND: 'y'});
+      cluster.fork({BOUND: 'y'});
+    }
+  });
+
+  target.bind({port: common.PORT, exclusive: true});
+
+  return;
+}
+
+var source = dgram.createSocket('udp4');
+
+if (process.env.BOUND === 'y') {
+  source.bind(0);
+} else {
+  // cluster doesn't know about exclusive sockets, so it won't close them. This
+  // is expected, its the same situation for timers, outgoing tcp connections,
+  // etc, which also keep workers alive after disconnect was requested.
+  source.unref();
+}
+
+source.send(Buffer('abc'), 0, 3, common.PORT, '127.0.0.1');

test/simple/test-net-remote-address-port.js

@@ -41,6 +41,10 @@ var server = net.createServer(function(socket) {
   socket.on('end', function() {
     if (++conns_closed == 2) server.close();
   });
+  socket.on('close', function() {
+    assert.notEqual(-1, remoteAddrCandidates.indexOf(socket.remoteAddress));
+    assert.notEqual(-1, remoteFamilyCandidates.indexOf(socket.remoteFamily));
+  });
   socket.resume();
 });
 
@@ -53,12 +57,20 @@ server.listen(common.PORT, 'localhost', function() {
     assert.equal(common.PORT, client.remotePort);
     client.end();
   });
+  client.on('close', function() {
+    assert.notEqual(-1, remoteAddrCandidates.indexOf(client.remoteAddress));
+    assert.notEqual(-1, remoteFamilyCandidates.indexOf(client.remoteFamily));
+  });
   client2.on('connect', function() {
     assert.notEqual(-1, remoteAddrCandidates.indexOf(client2.remoteAddress));
     assert.notEqual(-1, remoteFamilyCandidates.indexOf(client2.remoteFamily));
     assert.equal(common.PORT, client2.remotePort);
     client2.end();
   });
+  client2.on('close', function() {
+    assert.notEqual(-1, remoteAddrCandidates.indexOf(client2.remoteAddress));
+    assert.notEqual(-1, remoteFamilyCandidates.indexOf(client2.remoteFamily));
+  });
 });
 
 process.on('exit', function() {

test/simple/test-spawn-cmd-named-pipe.js

@@ -0,0 +1,91 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+// This test is intended for Windows only
+if (process.platform != 'win32') {
+  console.log('Skipping Windows-only test');
+  return;
+}
+
+var common = require('../common');
+var assert = require('assert');
+
+function parent() {
+  var net = require('net');
+  var spawn = require('child_process').spawn;
+
+  var stdinPipeName = '\\\\.\\pipe\\test.' + process.pid + '.stdin';
+  var stdoutPipeName = '\\\\.\\pipe\\test.' + process.pid + '.stdout';
+
+  var stdinPipeServer = net.createServer(function(c) {
+    console.log('stdinPipeServer connected');
+    c.on('end', function() {
+      console.log('stdinPipeServer disconnected');
+    });
+    c.end('hello');
+  });
+  stdinPipeServer.listen(stdinPipeName);
+
+  var output = [];
+  var gotResponse = false;
+  
+  var stdoutPipeServer = net.createServer(function(c) {
+    console.log('stdoutPipeServer connected');
+    c.on('data', function(x) {
+      console.log('got data:', x.toString());
+      output.push(x);
+    });
+    c.on('end', function() {
+      console.log('stdoutPipeServer disconnected');
+      gotResponse = (output.join('') == 'hello');
+    });
+  });
+  stdoutPipeServer.listen(stdoutPipeName);
+
+  var comspec = process.env['comspec'];
+  if (!comspec || comspec.length == 0) {
+    console.log('Failed to get COMSPEC');
+    process.exit(1);
+  }
+
+  var args = ['/c', process.execPath, __filename, 'child',
+              '<', stdinPipeName, '>', stdoutPipeName];
+
+  var child = spawn(comspec, args);
+
+  child.on('exit', function(exitCode) {
+    stdinPipeServer.close();
+    stdoutPipeServer.close();
+    assert(exitCode == 0);
+    assert(gotResponse);
+    console.log('ok');
+  });
+}
+
+function child() {
+  process.stdin.pipe(process.stdout);
+}
+
+if (!process.argv[2]) {
+  parent();
+} else {
+  child();
+}

test/simple/test-tls-cipher-list.js

@@ -0,0 +1,66 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+var spawn = require('child_process').spawn;
+var assert = require('assert');
+var tls = require('tls');
+
+function doTest(checklist, env, useswitch) {
+  var options;
+  var args = ['-e', 'console.log(require(\'tls\').DEFAULT_CIPHERS)'];
+
+  switch(useswitch) {
+    case 1:
+      // Test --cipher-list
+      args.unshift('--cipher-list=' + env);
+      break;
+    case 2:
+      // Test --enable-legacy-cipher-list
+      args.unshift('--enable-legacy-cipher-list=' + env);
+      break;
+    case 3:
+      // Test NODE_LEGACY_CIPHER_LIST
+      if (env) options = {env:{"NODE_LEGACY_CIPHER_LIST": env}};
+      break;
+    default:
+      // Test NODE_CIPHER_LIST
+      if (env) options = {env:env};
+  }
+
+  var out = '';
+  spawn(process.execPath, args, options).
+    stdout.
+      on('data', function(data) {
+        out += data;
+      }).
+      on('end', function() {
+        assert.equal(out.trim(), checklist);
+      });
+}
+
+doTest(tls.DEFAULT_CIPHERS); // test the default
+doTest('ABC', {'NODE_CIPHER_LIST':'ABC'}); // test the envar
+doTest('ABC', 'ABC', 1); // test the --cipher-list switch
+
+['v0.10.38', 'v0.10.39', 'v0.12.2', 'v0.12.3'].forEach(function(ver) {
+  doTest(tls.getLegacyCiphers(ver), ver, 2);
+  doTest(tls.getLegacyCiphers(ver), ver, 3);
+});

test/simple/test-tls-dhe.js

@@ -47,6 +47,7 @@ function test(keylen, expectedCipher, cb) {
   var options = {
     key: key,
     cert: cert,
+    ciphers: ciphers,
     dhparam: loadDHParam(keylen)
   };
 

test/simple/test-tls-getcipher.js

@@ -49,7 +49,7 @@ server.listen(common.PORT, '127.0.0.1', function() {
     rejectUnauthorized: false
   }, function() {
     var cipher = client.getCipher();
-    assert.equal(cipher.name, cipher_list[0]);
+    assert.equal(cipher.name, cipher_list[1]);
     assert(cipher_version_pattern.test(cipher.version));
     client.end();
     server.close();

test/simple/test-tls-new-session-hang.js

@@ -0,0 +1,42 @@
+var common = require('../common');
+
+if (!process.features.tls_ocsp) {
+  console.error('Skipping because node compiled without OpenSSL or ' +
+                'with old OpenSSL version.');
+  process.exit(0);
+}
+
+var assert = require('assert');
+var tls = require('tls');
+var constants = require('constants');
+var fs = require('fs');
+var join = require('path').join;
+
+var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
+var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
+var caFile = join(common.fixturesDir, 'keys', 'ca1-cert.pem');
+var key = fs.readFileSync(keyFile);
+var cert = fs.readFileSync(certFile);
+
+var server = tls.createServer({
+  cert: cert,
+  key: key
+}, function (socket) {
+  socket.destroySoon();
+});
+
+server.on('resumeSession', common.mustCall(function() {
+  // Should not be actually called
+}, 0));
+
+server.listen(common.PORT, function() {
+  var client = tls.connect({
+    rejectUnauthorized: false,
+    port: common.PORT,
+
+    // Just to make sure that `newSession` is going to be called
+    secureOptions: constants.SSL_OP_NO_TICKET
+  }, function() {
+    server.close();
+  });
+});

test/simple/test-tls-ocsp-callback.js

@@ -31,16 +31,19 @@ if (!common.opensslCli) {
   process.exit(0);
 }
 
+var assert = require('assert');
+var tls = require('tls');
+var constants = require('constants');
+var fs = require('fs');
+var join = require('path').join;
+
 test({ response: false }, function() {
-  test({ response: 'hello world' });
+  test({ response: 'hello world' }, function() {
+    test({ ocsp: false });
+  });
 });
 
 function test(testOptions, cb) {
-  var assert = require('assert');
-  var tls = require('tls');
-  var fs = require('fs');
-  var join = require('path').join;
-  var spawn = require('child_process').spawn;
 
   var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
   var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
@@ -54,6 +57,7 @@ function test(testOptions, cb) {
     ca: [ca]
   };
   var requestCount = 0;
+  var clientSecure = 0;
   var ocspCount = 0;
   var ocspResponse;
   var session;
@@ -83,9 +87,12 @@ function test(testOptions, cb) {
   server.listen(common.PORT, function() {
     var client = tls.connect({
       port: common.PORT,
-      requestOCSP: true,
+      requestOCSP: testOptions.ocsp !== false,
+      secureOptions: testOptions.ocsp === false ?
+          constants.SSL_OP_NO_TICKET : 0,
       rejectUnauthorized: false
     }, function() {
+      clientSecure++;
     });
     client.on('OCSPResponse', function(resp) {
       ocspResponse = resp;
@@ -98,12 +105,19 @@ function test(testOptions, cb) {
   });
 
   process.on('exit', function() {
+    if (testOptions.ocsp === false) {
+      assert.equal(requestCount, clientSecure);
+      assert.equal(requestCount, 1);
+      return;
+    }
+
     if (testOptions.response) {
       assert.equal(ocspResponse.toString(), testOptions.response);
     } else {
       assert.ok(ocspResponse === null);
     }
     assert.equal(requestCount, testOptions.response ? 0 : 1);
+    assert.equal(clientSecure, requestCount);
     assert.equal(ocspCount, 1);
   });
 }

test/simple/test-url.js

@@ -1178,6 +1178,14 @@ var relativeTests = [
   ['/foo/bar/baz/', 'quux/baz', '/foo/bar/baz/quux/baz'],
   ['/foo/bar/baz', '../../../../../../../../quux/baz', '/quux/baz'],
   ['/foo/bar/baz', '../../../../../../../quux/baz', '/quux/baz'],
+  ['/foo', '.', '/'],
+  ['/foo', '..', '/'],
+  ['/foo/', '.', '/foo/'],
+  ['/foo/', '..', '/'],
+  ['/foo/bar', '.', '/foo/'],
+  ['/foo/bar', '..', '/'],
+  ['/foo/bar/', '.', '/foo/bar/'],
+  ['/foo/bar/', '..', '/foo/'],
   ['foo/bar', '../../../baz', '../../baz'],
   ['foo/bar/', '../../../baz', '../baz'],
   ['http://example.com/b//c//d;p?q#blarg', 'https:#hash2', 'https:///#hash2'],

tools/msvs/msi/custom_actions.c

@@ -1,10 +1,60 @@
-
 #define WIN32_LEAN_AND_MEAN
 
 #include <windows.h>
 #include <msiquery.h>
 #include <wcautil.h>
 
+#define GUID_BUFFER_SIZE 39 // {8-4-4-4-12}\0
+
+
+UINT WINAPI SetInstallScope(MSIHANDLE hInstall) {
+  HRESULT hr = S_OK;
+  UINT er = ERROR_SUCCESS;
+  TCHAR upgrade_code[GUID_BUFFER_SIZE];
+  DWORD upgrade_code_len = GUID_BUFFER_SIZE;
+  DWORD iProductIndex;
+  TCHAR product_code[GUID_BUFFER_SIZE];
+  TCHAR assignment_type[2];
+  DWORD assignment_type_len = 2;
+
+  hr = WcaInitialize(hInstall, "SetInstallScope");
+  ExitOnFailure(hr, "Failed to initialize");
+
+  er = MsiGetProperty(hInstall, TEXT("UpgradeCode"), upgrade_code,
+                      &upgrade_code_len);
+  ExitOnWin32Error(er, hr, "Failed to get UpgradeCode property");
+
+  for (iProductIndex = 0;; iProductIndex++) {
+    er = MsiEnumRelatedProducts(upgrade_code, 0, iProductIndex, product_code);
+    if (er == ERROR_NO_MORE_ITEMS) break;
+    ExitOnWin32Error(er, hr, "Failed to get related product code");
+
+    er = MsiGetProductInfo(product_code, INSTALLPROPERTY_ASSIGNMENTTYPE,
+                           assignment_type, &assignment_type_len);
+    ExitOnWin32Error(er, hr, "Failed to get the assignment type property "
+                     "from related product");
+
+    // '0' = per-user; '1' = per-machine
+    if (assignment_type[0] == '0') {
+      /* When old versions which were installed as per-user are detected, the
+       * installation scope has to be set to per-user to be able to do an
+       * upgrade. If not, two versions will be installed side-by-side: one as
+       * per-user and the other as per-machine.
+       *
+       * If we wanted to disable backward compatibility, the installer should
+       * abort here, and request the previous version to be manually
+       * uninstalled before installing this one.
+       */
+      er = MsiSetProperty(hInstall, TEXT("ALLUSERS"), TEXT(""));
+      ExitOnWin32Error(er, hr, "Failed to set the install scope to per-user");
+      break;
+    }
+  }
+
+LExit:
+  return WcaFinalize(ERROR_SUCCESS);
+}
+
 
 UINT WINAPI BroadcastEnvironmentUpdate(MSIHANDLE hInstall) {
   HRESULT hr = S_OK;

tools/msvs/msi/custom_actions.def

@@ -1,4 +1,5 @@
 LIBRARY "custom_actions"
 
 EXPORTS
-BroadcastEnvironmentUpdate
+SetInstallScope
+BroadcastEnvironmentUpdate

tools/msvs/msi/product.wxs

@@ -18,7 +18,7 @@
            Manufacturer="$(var.ProductAuthor)"
            UpgradeCode="1d60944c-b9ce-4a71-a7c0-0384eb884baa">
 
-    <Package InstallerVersion="200" Compressed="yes"/>
+    <Package InstallerVersion="200" Compressed="yes" InstallScope="perMachine"/>
 
     <Media Id="1" Cabinet="media1.cab" EmbedCab="yes"/>
 
@@ -32,6 +32,14 @@
 
     <Property Id="INSTALLDIR">
       <RegistrySearch Id="InstallPathRegistry"
+                      Type="raw"
+                      Root="HKLM"
+                      Key="$(var.RegistryKeyPath)"
+                      Name="InstallPath"/>
+      <!-- Also need to search under HKCU to support upgrading from old
+           versions. If we wanted to disable backward compatibility, this
+           second search could be deleted. -->
+      <RegistrySearch Id="InstallPathRegistryCU"
                       Type="raw"
                       Root="HKCU"
                       Key="$(var.RegistryKeyPath)"
@@ -44,8 +52,9 @@
              Description="Install the core Node.js runtime (node.exe)."
              Absent="disallow">
       <ComponentRef Id="NodeExecutable"/>
+      <ComponentRef Id="NodeRegistryEntries"/>
       <ComponentRef Id="NodeVarsScript"/>
-      <ComponentRef Id="NodeStartMenuAndRegistryEntries"/>
+      <ComponentRef Id="NodeStartMenu"/>
       <ComponentRef Id="AppData" />
       <ComponentGroupRef Id="Product.Generated"/>
 
@@ -117,6 +126,20 @@
         <File Id="node.exe" KeyPath="yes" Source="$(var.SourceDir)\node.exe"/>
       </Component>
 
+      <Component Id="NodeRegistryEntries">
+        <RegistryValue Root="HKLM"
+                       Key="$(var.RegistryKeyPath)"
+                       Name="InstallPath"
+                       Type="string"
+                       Value="[INSTALLDIR]"
+                       KeyPath="yes"/>
+        <RegistryValue Root="HKLM"
+                       Key="$(var.RegistryKeyPath)"
+                       Name="Version"
+                       Type="string"
+                       Value="$(var.ProductVersion)"/>
+      </Component>
+
       <Component Id="NodeVarsScript">
         <File Id="nodevars.bat" KeyPath="yes" Source="$(var.RepoDir)\tools\msvs\nodevars.bat"/>
       </Component>
@@ -139,18 +162,15 @@
     </DirectoryRef>
 
     <DirectoryRef Id="ApplicationProgramsFolder">
-      <Component Id="NodeStartMenuAndRegistryEntries">
+      <Component Id="NodeStartMenu">
+        <!-- RegistryValue needed because every Component must have a KeyPath.
+             Because of ICE43, the Root must be HKCU. -->
         <RegistryValue Root="HKCU"
-                       Key="$(var.RegistryKeyPath)"
-                       Name="InstallPath"
-                       Type="string"
-                       Value="[INSTALLDIR]"
+                       Key="$(var.RegistryKeyPath)\Components"
+                       Name="NodeStartMenuShortcuts"
+                       Type="integer"
+                       Value="1"
                        KeyPath="yes"/>
-        <RegistryValue Root="HKCU"
-                       Key="$(var.RegistryKeyPath)"
-                       Name="Version"
-                       Type="string"
-                       Value="$(var.ProductVersion)"/>
         <Shortcut Id="NodeVarsScriptShortcut"
                   Name="Node.js command prompt"
                   Target="[%ComSpec]"
@@ -249,16 +269,27 @@
       </Component>
     </DirectoryRef>
 
-    <Binary Id='BroadcastEnvironmentUpdate'
+    <Binary Id='CustomActionsDLL'
             SourceFile='$(var.custom_actions.TargetDir)$(var.custom_actions.TargetName).dll' />
 
+    <CustomAction Id="SetInstallScope"
+                  BinaryKey="CustomActionsDLL"
+                  DllEntry="SetInstallScope"
+                  Execute="immediate"
+                  Return="check" />
+
     <CustomAction Id="BroadcastEnvironmentUpdate"
-                  BinaryKey="BroadcastEnvironmentUpdate"
+                  BinaryKey="CustomActionsDLL"
                   DllEntry="BroadcastEnvironmentUpdate"
                   Execute="immediate"
                   Return="check" />
 
+    <InstallUISequence>
+      <Custom Action='SetInstallScope' Before='FindRelatedProducts'/>
+    </InstallUISequence>
+
     <InstallExecuteSequence>
+      <Custom Action='SetInstallScope' Before='FindRelatedProducts'/>
       <Custom Action='BroadcastEnvironmentUpdate' After='InstallFinalize'/>
     </InstallExecuteSequence>
 

tools/test.py

@@ -29,6 +29,7 @@
 
 
 import imp
+import logging
 import optparse
 import os
 import platform
@@ -45,6 +46,8 @@ from os.path import join, dirname, abspath, basename, isdir, exists
 from datetime import datetime
 from Queue import Queue, Empty
 
+logger = logging.getLogger('testrunner')
+
 VERBOSE = False
 
 
@@ -65,7 +68,9 @@ class ProgressIndicator(object):
     self.remaining = len(cases)
     self.total = len(cases)
     self.failed = [ ]
+    self.flaky_failed = [ ]
     self.crashed = 0
+    self.flaky_crashed = 0
     self.terminate = False
     self.lock = threading.Lock()
 
@@ -126,9 +131,14 @@ class ProgressIndicator(object):
         return
       self.lock.acquire()
       if output.UnexpectedOutput():
-        self.failed.append(output)
-        if output.HasCrashed():
-          self.crashed += 1
+        if FLAKY in output.test.outcomes and self.flaky_tests_mode == "dontcare":
+          self.flaky_failed.append(output)
+          if output.HasCrashed():
+            self.flaky_crashed += 1
+        else:
+          self.failed.append(output)
+          if output.HasCrashed():
+            self.crashed += 1
       else:
         self.succeeded += 1
       self.remaining -= 1
@@ -225,7 +235,7 @@ class DotsProgressIndicator(SimpleProgressIndicator):
 class TapProgressIndicator(SimpleProgressIndicator):
 
   def Starting(self):
-    print '1..%i' % len(self.cases)
+    logger.info('1..%i' % len(self.cases))
     self._done = 0
 
   def AboutToRun(self, case):
@@ -238,16 +248,16 @@ class TapProgressIndicator(SimpleProgressIndicator):
       status_line = 'not ok %i - %s' % (self._done, command)
       if FLAKY in output.test.outcomes and self.flaky_tests_mode == "dontcare":
         status_line = status_line + " # TODO : Fix flaky test"
-      print status_line
+      logger.info(status_line)
       for l in output.output.stderr.splitlines():
-        print '#' + l
+        logger.info('#' + l)
       for l in output.output.stdout.splitlines():
-        print '#' + l
+        logger.info('#' + l)
     else:
       status_line = 'ok %i - %s' % (self._done, command)
       if FLAKY in output.test.outcomes:
         status_line = status_line + " # TODO : Fix flaky test"
-      print status_line
+      logger.info(status_line)
 
     duration = output.test.duration
 
@@ -255,9 +265,9 @@ class TapProgressIndicator(SimpleProgressIndicator):
     total_seconds = (duration.microseconds +
       (duration.seconds + duration.days * 24 * 3600) * 10**6) / 10**6
 
-    print '  ---'
-    print '  duration_ms: %d.%d' % (total_seconds, duration.microseconds / 1000)
-    print '  ...'
+    logger.info('  ---')
+    logger.info('  duration_ms: %d.%d' % (total_seconds, duration.microseconds / 1000))
+    logger.info('  ...')
 
   def Done(self):
     pass
@@ -1192,6 +1202,8 @@ def BuildOptions():
       default='release')
   result.add_option("-v", "--verbose", help="Verbose output",
       default=False, action="store_true")
+  result.add_option('--logfile', dest='logfile',
+      help='write test output to file. NOTE: this only applies the tap progress indicator')
   result.add_option("-S", dest="scons_flags", help="Flag to pass through to scons",
       default=[], action="append")
   result.add_option("-p", "--progress",
@@ -1368,6 +1380,13 @@ def Main():
     parser.print_help()
     return 1
 
+  ch = logging.StreamHandler(sys.stdout)
+  logger.addHandler(ch)
+  logger.setLevel(logging.INFO)
+  if options.logfile:
+    fh = logging.FileHandler(options.logfile)
+    logger.addHandler(fh)
+
   workspace = abspath(join(dirname(sys.argv[0]), '..'))
   suites = GetSuites(join(workspace, 'test'))
   repositories = [TestRepository(join(workspace, 'test', name)) for name in suites]

vcbuild.bat

@@ -38,6 +38,7 @@ set noperfctr_msi_arg=
 set i18n_arg=
 set download_arg=
 set build_release=
+set flaky_tests_arg=
 
 :next-arg
 if "%1"=="" goto args-done
@@ -61,7 +62,8 @@ if /i "%1"=="test-simple"   set test=test-simple&goto arg-ok
 if /i "%1"=="test-message"  set test=test-message&goto arg-ok
 if /i "%1"=="test-gc"       set test=test-gc&set buildnodeweak=1&goto arg-ok
 if /i "%1"=="test-all"      set test=test-all&set buildnodeweak=1&goto arg-ok
-if /i "%1"=="test"          set test=test&goto arg-ok
+if /i "%1"=="test-ci"       set test=test-ci&set nosnapshot=1&goto arg-ok
+if /i "%1"=="test"          set test=test&set jslint=1&goto arg-ok
 @rem Include small-icu support with MSI installer
 if /i "%1"=="msi"           set msi=1&set licensertf=1&set download_arg="--download=all"&set i18n_arg=small-icu&goto arg-ok
 if /i "%1"=="upload"        set upload=1&goto arg-ok
@@ -71,6 +73,7 @@ if /i "%1"=="full-icu"      set i18n_arg=%1&goto arg-ok
 if /i "%1"=="intl-none"     set i18n_arg=%1&goto arg-ok
 if /i "%1"=="download-all"  set download_arg="--download=all"&goto arg-ok
 if /i "%1"=="build-release" set build_release=1&goto arg-ok
+if /i "%1"=="ignore-flaky"  set flaky_tests_arg=--flaky-tests=dontcare&goto arg-ok
 
 echo Warning: ignoring invalid command line option `%1`.
 
@@ -81,7 +84,6 @@ goto next-arg
 
 :args-done
 if defined upload goto upload
-if defined jslint goto jslint
 
 if defined build_release (
   set nosnapshot=1
@@ -197,12 +199,15 @@ if errorlevel 1 echo Failed to sign msi&goto exit
 
 :run
 @rem Run tests if requested.
-if "%test%"=="" goto exit
+if "%test%"=="" goto jslint
 
 if "%config%"=="Debug" set test_args=--mode=debug
 if "%config%"=="Release" set test_args=--mode=release
 
+set test_args=%test_args% --arch=%target_arch% 
+
 if "%test%"=="test" set test_args=%test_args% simple message
+if "%test%"=="test-ci" set test_args=%test_args% -p tap --logfile test.tap %flaky_tests_arg% simple message internet 
 if "%test%"=="test-internet" set test_args=%test_args% internet
 if "%test%"=="test-pummel" set test_args=%test_args% pummel
 if "%test%"=="test-simple" set test_args=%test_args% simple
@@ -224,8 +229,7 @@ goto exit
 :run-tests
 echo running 'python tools/test.py %test_args%'
 python tools/test.py %test_args%
-if "%test%"=="test" goto jslint
-goto exit
+goto jslint
 
 :create-msvs-files-failed
 echo Failed to create vc project files. 
@@ -243,6 +247,7 @@ scp Release\node.pdb node@nodejs.org:~/web/nodejs.org/dist/v%NODE_VERSION%/node.
 goto exit
 
 :jslint
+if not defined jslint goto exit
 echo running jslint
 set PYTHONPATH=tools/closure_linter/
 python tools/closure_linter/closure_linter/gjslint.py --unix_mode --strict --nojsdoc -r lib/ -r src/ --exclude_files lib/punycode.js