* npm: Upgrade to v1.2.3
* V8: Upgrade to 3.15.11.10
* streams: Support objects other than Buffers (Jake Verbaten)
* buffer: remove float write range checks (Trevor Norris)
* http: close connection on 304/204 responses with chunked encoding (Ben Noordhuis)
* build: fix build with dtrace support on FreeBSD (Fedor Indutny)
* console: Support formatting options in trace() (isaacs)
* domain: empty stack on all exceptions (Dave Olszewski)
* unix, windows: make uv_*_bind() error codes consistent (Andrius Bentkus)
* linux: add futimes() fallback (Ben Noordhuis)
We detect for non-string and non-buffer values in onread and
turn the stream into an "objectMode" stream.
If we are in "objectMode" mode then howMuchToRead will
always return 1, state.length will always have 1 appended
to it when there is a new item and fromList always takes
the first value from the list.
This means that for object streams, the n in read(n) is
ignored and read() will always return a single value
Fixed a bug with unpipe where the pipe would break because
the flowing state was not reset to false.
Fixed a bug with sync cb(null, null) in _read which would
forget to end the readable stream
This is similar to commit 2cbf458 but this time for 204 No Content
instead of 304 Not Modified responses.
When the user sends a 204 response with a Transfer-Encoding: chunked
header, suppress sending the zero chunk and force the connection to
close.
Removed range checks when writing float values, and removed a few
includes and defines. Also updated api docs to reflect that invalid 32
bit float is an unspecified behavior.
Force the connection to close when the response is a 304 Not Modified
and the user has set a "Transfer-Encoding: chunked" header.
RFC 2616 mandates that 304 responses MUST NOT have a body but node.js
used to send out a zero chunk anyway to accommodate clients that don't
have special handling for 304 responses.
It was pointed out that this might confuse reverse proxies to the point
of creating security liabilities, so suppress the zero chunk and force
the connection to close.
Every constant is certainly 4 bytes now, but freebsd's objdump utility
prints out odd byte sequences (5-bytes, 6-bytes and even 9-bytes long)
for v8's data section. We can safely ignore all upper bytes, because all
constants that we're using are just `int`s. Since on all supported
platforms `int` is 32bit long (and anyway v8's constants are 32bit too),
we ignore all higher bits if they were read.
Fix an off-by-one error introduced in 9fe3734 that caused a regression
in the default endianness used for writes in DataView::setGeneric().
Fixes#4626.
Due to the nature of asyncronous programming, it's impossible to know
what will run on the next tick. Because of this, it's not correct to
maintain domain stack state between ticks
Since the _fatalException handler is only invoked after the stack is
unwound, once it exits the tick will end. The only reasonable thing to
do in that case is to exit *all* domains.
The first example in cluster.markdown requires NODE_DEBUG env to show
debug message.
And also fix the message because it was a little bit different with
the actual message.
* V8: Upgrade to 3.15.11.7
* npm: Upgrade to 1.2.2
* punycode: Upgrade to 1.2.0 (Mathias Bynens)
* repl: make built-in modules available by default (Felix Böhm)
* windows: add support for '_Total' perf counters (Scott Blomquist)
* cluster: make --prof work for workers (Ben Noordhuis)
* child_process: do not keep list of sent sockets (Fedor Indutny)
* tls: Follow RFC6125 more strictly (Fedor Indutny)
* buffer: floating point read/write improvements (Trevor Norris)
* TypedArrays: Improve dataview perf without endian param (Dean McNamee)
* module: assert require() called with a non-empty string (Felix Böhm, James Campos)
* stdio: Set readable/writable flags properly (isaacs)
* stream: Properly handle large reads from push-streams (isaacs)
Profiling in clustered environments doesn't work out of the box.
By default, V8 writes the profile data of all processes to a single
v8.log.
Running that log file through a tick processor produces bogus numbers
because many events won't match up with the recorded memory mappings
and you end up with graphs where 80+% of ticks is unaccounted for.
Fixing the tick processor to deal with multi-process output is not very
useful because the processes may be running wildly disparate workloads.
That's why we fix up the command line arguments to include
a "--logfile=v8-%p.log" argument (where %p is expanded to the PID)
unless it already contains a --logfile argument.
Fixes#4617.
Keeping list of all sockets that were sent to child process causes memory
leak and thus unacceptable (see #4587). However `server.close()` should
still work properly.
This commit introduces two options:
* child.send(socket, { track: true }) - will send socket and track its status.
You should use it when you want to receive `close` event on sent sockets.
* child.send(socket) - will send socket without tracking it status. This
performs much better, because of smaller number of RTT between master and
child.
With both of these options `server.close()` will wait for all sent
sockets to get closed.
Keeping list of all sockets that were sent to child process causes memory
leak and thus unacceptable (see #4587). However `server.close()` should
still work properly.
This commit introduces two options:
* child.send(socket, { track: true }) - will send socket and track its status.
You should use it when you want `server.connections` to be a reliable
number, and receive `close` event on sent sockets.
* child.send(socket) - will send socket without tracking it status. This
performs much better, because of smaller number of RTT between master and
child.
With both of these options `server.close()` will wait for all sent
sockets to get closed.
Unfortunately, it's just too slow to do this in events.js. Users will
just have to live with not having events named __proto__ or toString.
This reverts commit b48e303af0.
'Stability: 5' is described as 'Locked' not as 'API Locked'
in other documents.
For example:
- `/doc/api/assert.markdown`
- `/doc/api/util.markdown`
This word was injected in 192192a.
This test starts two clustered HTTP servers on the same port.
It expects the first cluster to succeed and the second cluster
to fail with EADDRINUSE.
Reapplies commit cacd3ae, accidentally reverted in a2851b6.
Reject negative offsets in SlowBuffer::MakeFastBuffer(), it allows
the creation of buffers that point to arbitrary addresses.
Reported by Trevor Norris.
V8 seems to be particularly slow converting an undefined value to false
in BooleanValue.
Revert this when we upgrade to V8 3.17, or whenever the fix discussed
in http://code.google.com/p/v8/issues/detail?id=2487 lands in V8.
Problem 1: If stream.push() triggers a 'readable' event, and the user
calls `read(n)` with some n > the highWaterMark, then the push() will
return false (indicating that they should not push any more), but no
future 'readable' event is coming (because we're above the
highWaterMark).
Solution: return true from push() when needReadable is set.
Problem 2: A read(n) for n != 0, after the stream had encountered an
EOF, would not trigger the 'end' event if the EOF was pushed in
synchronously by the _read() function.
Solution: Check for ended in stream.read() and schedule an end event if
the length now equals 0.
Fix#4585
Improved assert check order of execution and added additional checks on
parameters to ensure no bad values make it through (e.g. negative offset
values).
Improvements:
* floating point operations are approx 4x's faster
* Now write quiet NaN's
* all read/write on floating point now done in C, so no more need for
lib/buffer_ieee754.js
* float values have more accurate min/max value checks
* add additional benchmarks for buffers read/write
* created benchmark/_bench_timer.js which is a simple library that
can be included into any benchmark and provides an intelligent tracker
for sync and async tests
* add benchmarks for DataView set methods
* add checks and tests to make sure offset is greater than 0
Make tools/install.py work with python 2.5
2.5 is still fairly widespread and does not include a json lib as
standard. Most python folk will have simplejson if they are in that
boat.
In general it seems a bit tricky to solve this perfectly...
There was previously an assert() in there, but this part of the code is
so high-volume that the added cost made a measurable dent in http_simple.
Just checking inline is fine, though, and prevents a lot of potential
hazards.
Say that a stream's current read queue has 101 bytes in it, and the
underlying resource has ended (ie, reached EOF).
If you do something like this:
stream.read(100); // leave a byte behind
stream.read(0); // read(0) for some reason
then the read(0) will get 0 from the howMuchToRead function. Since the
stream was ended, this was incorrectly treating the 0 as a "there is no
more in the buffer", and emitting 'end' before that last byte was read.
Why have the read(0) in the first place? We do this in some cases to
trigger the last few bytes of a net socket (such as a child process's
stdio pipes). This was causing issues when piping a `git archive` job
to a file: the resulting tarball was incomplete, because it occasionally
was not getting the last chunk.
Fix the following exception:
http.js:974
this._httpMessage.emit('close');
^
TypeError: Cannot call method 'emit' of null
at Socket.onServerResponseClose (http.js:974:21)
at Socket.EventEmitter.emit (events.js:124:20)
at net.js:421:10
at process._tickCallback (node.js:386:13)
at process._makeCallback (node.js:304:15)
Fixes#4586.
Remove compiler switches from $(TOPLEVEL)/deps/v8/build/common.gypi,
we set them globally in $(TOPLEVEL)/common.gypi.
Commit 7b4d95a introduced the switches again, resulting in V8 getting
built without any optimizations.
This commit is essentially a rehash of commit 4b8629d.
The int8_t and uint8_t typedefs on sunos/smartos depend on a number of
compiler directives. Avoid ambiguity and specify signed and unsigned
char explicitly.
Fixes the following build error:
../src/stream_wrap.cc: In static member function 'static void*
node::WriteWrap::operator new(size_t)':
../src/stream_wrap.cc:70:49: warning: no return statement in function
returning non-void [-Wreturn-type]
In file included from ../src/v8_typed_array.cc:26:0:
../src/v8_typed_array_bswap.h: In function 'T
v8_typed_array::SwapBytes(T) [with T = signed char]':
../src/v8_typed_array_bswap.h:150:23: instantiated from 'T
v8_typed_array::LoadAndSwapBytes(void*) [with T = signed char]'
../src/v8_typed_array.cc:694:7: instantiated from 'static
v8::Handle<v8::Value> {anonymous}::DataView::getGeneric(const
v8::Arguments&) [with T = signed char]'
../src/v8_typed_array.cc:738:40: instantiated from here
../src/v8_typed_array_bswap.h:125:16: error: size of array is
negative
For example, to cross-compile from my OS X laptop for Raspberry Pi, you would
do something like:
$ make binary BINARYNAME=node-v`python tools/getnodeversion.py`-linux-arm-pi \
DESTCPU=arm CONFIG_FLAGS="--dest-os=linux"
This also slightly changes the semantics, in that a 'readable'
event may be triggered by the first write() call, even if a
user has not yet called read().
This happens because the Transform _write() handler is calling
read(0) to start the flow of data. Technically, the new behavior
is more 'correct', since it is more in line with the semantics
of the 'readable' event in other streams.
Implement load and store swizzling operations. This reduces an unneeded
back and forth between types and additionally keeps the value in the
swappable type until it is swapped. This is important for correctness
when dealing with floating point, to avoid the possibility of loading
the bits of a signaling NaN (because it isn't yet swapped) into the FPU.
This additionally produces better code (comments are mine):
gcc version 4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2336.11.00)
setValue<double>:
movd %xmm0, %rax ; fp reg -> gen reg
bswapq %rax ; 64-bit byte swap
movq %rax, (%r15,%r12) ; store
Implement swizzling with compiler intrinsics and be aware of the native
endianness to correctly swap on big endian machines.
This introduces a template function to swap the bytes of a value,
and macros for the low level swap (taking advantage of gcc and msvc
intrinsics). This produces code like the following (comments are mine):
gcc version 4.2.1 (Based on Apple Inc. build 5658) (LLVM build 2336.11.00)
setValue<double>:
movd %xmm0, %rax ; fp reg -> gen reg
bswapq %rax ; 64-bit byte swap
movd %rax, %xmm0 ; gen reg -> fp reg
movq %xmm0, (%r15,%r12) ; store
When switching into compatibility mode by setting `data` event listener,
`_read()` method will be called immediately. If method implementation
invokes callback in the same tick - all emitted `data` events will be
discarded, because `data` listener wasn't set yet.
Raise a TypeError when the argument to send() or sendto() is anything
but a Buffer.
Fixes the following assertion:
$ node -e 'require("dgram").createSocket("udp4").send("BAM")'
node: ../../src/udp_wrap.cc:220: static v8::Handle<v8::Value>
node::UDPWrap::DoSend(const v8::Arguments&, int): Assertion
`Buffer::HasInstance(args[0])' failed.
Aborted (core dumped)
Fixes#4496.
V8 3.15 has new API functions that let you specify the Isolate. V8 and
node.js generally spend 0.5-3.5% of the time in pthread_getspecific(),
looking up the current Isolate. Avoid that overhead by making "our"
isolate global so we can pass it around. The change to the new API is
introduced in follow-up commits.
The test was failing in debug mode because the timeouts were set too
low. Fix that by increasing the timeouts. Admittedly not a great fix.
If this test keeps playing up, it's probably best to remove it.
Fixes#4528.
Tests can leave the tty in non-blocking mode. If the test runner tries
to print to stdout/stderr after that and the tty buffer is full, it'll
die with a EAGAIN OSError. Ergo, put the tty back in blocking mode
before proceeding.
This test is timing sensitive and hence quite unreliable with debug
builds. What's worse is that it leaves a stray child process behind
that listens on the default test port and that makes all the tests
that come after it fail with EADDRINUSE errors.
Allows for arbitrary path to executable spawned using `fork`. This
fixes some issues around running multiple versions of node with workers
and allows arbitrary IPC with compatible executables.
Fixes#3248.
Use static_cast instead of reinterpret_cast when casting from void*
to another type.
This is mostly an aesthetic change but may help catch bugs when the
affected code is modified.
Remove compiler switches from $(TOPLEVEL)/deps/v8/build/common.gypi,
we set them globally in $(TOPLEVEL)/common.gypi.
Commit 7b4d95a introduced the switches again, resulting in V8 getting
built without any optimizations.
This commit is essentially a rehash of commit 4b8629d.
In JS, the expression ".1" is a floating point number. Issue 4268 concerns the
REPL interpreting floating point numbers that lead with a "." as keywords. The
original bugfix worked for this specific case but not for the general case:
var x = [
.1,
.2,
.3
];
The attached change and test (`.1+.1` should be `.2`) fix the bug.
Closes#4513.
Some performance counter related functions are not available on Windows
XP and Windows Server 2003, which caused node to call a NULL pointer.
Closes#4462Closes#4511
Don't give names of built-in libraries special treatment.
Changes the REPL's behavior from this:
> var path = 42
> path
A different "path" already exists globally
To this:
> var path = 42
> path
42
Fixes#4512.
Remove compiler switches from $(TOPLEVEL)/deps/v8/build/common.gypi,
we set them globally in $(TOPLEVEL)/common.gypi.
Commit 7b4d95a introduced the switches again, resulting in V8 getting
built without any optimizations.
This commit is essentially a rehash of commit 4b8629d.
Calling send() on an unbound socket forces an implicit bind to
a random port.
332fea5 made the 'listening' event asynchronous. Unfortunately,
it also introduced a bug where the implicit bind was tried more
than once if send() was called again before the first bind operation
completed.
Address that by keeping track of the bind status and making sure that
bind() is called only once.
Fixes#4499.
* assert: improve support for new execution contexts (lukebayes)
* domain: use camelCase instead of snake_case (isaacs)
* domain: Do not use uncaughtException handler (isaacs)
* fs: make 'end' work with ReadStream without 'start' (Ben Noordhuis)
* https: optimize createConnection() (Ryunosuke SATO)
* buffer: speed up base64 encoding by 20% (Ben Noordhuis)
* doc: Colorize API stabilitity index headers in docs (Luke Arduini)
* net: socket.readyState corrections (bentaber)
* http: Performance enhancements for http under streams2 (isaacs)
* stream: fix to emit end event on http.ClientResponse (Shigeki Ohtsu)
* stream: fix event handler leak in readstream pipe and unpipe (Andreas Madsen)
* build: Support ./configure --tag switch (Maciej Małecki)
* repl: don't touch `require.cache` (Nathan Rajlich)
* node: Emit 'exit' event when exiting for an uncaught exception (isaacs)
While it's true that error objects have a history of getting snake_case
properties attached by the host system, it's a point of confusion to
Node users that comes up a lot. It's still 'experimental', so best to
change this sooner rather than later.
This adds a process._fatalException method which is called into from
C++ in order to either emit the 'uncaughtException' method, or emit
'error' on the active domain.
The 'uncaughtException' event is an implementation detail that it would
be nice to deprecate one day, so exposing it as part of the domain
machinery is not ideal.
Fix#4375
Make `fs.createReadStream({ end: 42 })` work.
Before this commit, it worked only when used like this:
`fs.createReadStream({ start: 0, end: 42 })` - only when `start` was specified
by the caller.
Fixes#4423.
Remove a lot of branches from the inner loop. Speeds up buf.toString('base64')
by about 20%.
Before:
$ time out/Release/node benchmark/buffer-base64-encode.js
real 0m6.607s
user 0m5.508s
sys 0m1.088s
After:
$ time out/Release/node benchmark/buffer-base64-encode.js
real 0m5.520s
user 0m4.520s
sys 0m0.992s
Noted in @shtylman's #3898, API stability notes are easy to overlook
in the html documentation. This can be especially troublesome if the API
is deprecated. This commit gives visual feedback by adding in a class
to the html docs when they're generated. The API headers with
corresponding colors are also listed in the 'About this Documentation'
page for easy reference.
socket.readyState, .readable, and .writable behavior changed as
a result of the new streaming interfaces. Updated to be backwards
compatible with current API and adds regression test.
closes#4461
When building custom `node` versions (e.g., floating features/fixes from
different versions) it's often useful to specify a custom tag which
easily identifies build when invoking `node -v`.
Introduce a way to specify this tag in `node_version.h` file or by
running `./configure --tag="<tag>"`. Insert it right after the patch
version (and before `-pre`, if build is not a release).
Fix a bug where calling .end() on a socket without calling .connect() first
throws a TypeError:
TypeError: Cannot read property 'shutdown' of undefined
at Socket.onSocketFinish (net.js:194:20)
at Socket.EventEmitter.emit (events.js:91:17)
at Socket.Writable.end (_stream_writable.js:281:10)
at Socket.end (net.js:352:31)
Fixes#4463.
When building custom `node` versions (e.g., floating features/fixes from
different versions) it's often useful to specify a custom tag which
easily identifies build when invoking `node -v`.
Introduce a way to specify this tag in `node_version.h` file or by
running `./configure --tag="<tag>"`. Insert it right after the patch
version (and before `-pre`, if build is not a release).
Closes#4452.
Fixes#3226.
Consider a production server that uses a REPL to debug. Creating the instance
would wipe out the global cache of modules, and subsequent "require" calls in
the server would be reloaded from disk. The REPL should observe only, without
altering, its environment.
Starting a line with `**bold**` text makes it think that it's a link,
and get confused.
This should really be fixed properly in the doc generator, but for now,
it's not a major issue. It's probably just a matter of updating marked.
When perlasm generates MASM code it sets the assembler target to 468.
In this mode MASM refuses to assemble a couple of instructions. Bumping
the target to 686 solves this problem.
This patch brings the openssl library that is built with gyp closer
to what the standard build system produces.
All opensslconf.h versions are now merged into a single file, which
makes it easier for compiled addons to locate this file.
Apply the same optimization to res.end(buf) that is applied to res.end(str).
Speeds up `node benchmark/http_simple_auto -k -c 1 -n 25000 buffer/1`
(non-chunked response body) by about 750x. That's not a typo.
Chunked responses:
$ cat tmp/http-chunked-client.js
// Run `node benchmark/http_simple` in another terminal.
var http = require('http'), url = require('url');
var options = url.parse('http://127.0.0.1:8000/buffer/1/1');
options.agent = new http.Agent({ maxSockets: 1 });
for (var i = 0; i < 25000; ++i) http.get(options);
Before:
$ time out/Release/node tmp/http-chunked-client.js
real 16m40.411s
user 0m9.184s
sys 0m0.604s
After:
$ time out/Release/node tmp/http-chunked-client.js
real 0m5.386s
user 0m2.768s
sys 0m0.728s
That's still a 185x speed-up.
Fixes#4415.
This is very similar to http.sh, but generates a flamegraph
with dtrace, pruning off the single-hit stacks so that we can
more easily see the places where relevant amounts of time are
spent.
Remove the idle garbage collector. Its purpose was to run the garbage collector
when the application is idle but it never worked quite right. Many people have
complained over the years that with heaps > 128 MB, a node.js process never
sleeps anymore; instead, it spends nearly 100% of its CPU time trying to
collect garbage.
Back in the old days, idle GC probably was a good idea. But with V8's current
incremental collector, idle gc appears to offer no time or space benefits
whatsoever and indeed seems actively harmful. Remove it.
Fixes#3870.
Although it is not used externally by node, it is needed by upstream and Plask.
This effectively reverts:
commit 1444801374
Author: Aaron Jacobs <jacobsa@google.com>
Date: Thu Mar 15 13:26:35 2012 +1100
typed arrays: unexport SizeOfArrayElementForType()
It isn't used anywhere else, so made it an implementation detail in
v8_typed_array.cc.
Make parser errors bubble up to the ClientRequest instead of the underlying
net.Socket object.
This is a back-port of commit c78678b from the master branch.
Fixes#3776.
Work around an issue with the glibc malloc() implementation where memory blocks
are never returned to the operating system when they are allocated with brk()
and have overlapping lifecycles.
Fixes#4283.
Streams2 style streams might have already kicked off a read() or write()
before emitting 'data' events. Make the test less dependent on ordering
of when data events occur.
Because of some of the peculiarities of http, this has a bit of special
magic to handle cases where the IncomingMessage would wait forever in a
paused state.
In the server, if you do not begin consuming the request body by the
time the response emits 'finish', then it will be flushed out.
In the client, if you do not add a 'response' handler onto the request,
then the response stream will be flushed out.
This is a combination of 6 commits.
* XXX net fixup lcase stream
* net: Refactor to use streams2
Use 'socket.resume()' in many tests to trigger old-mode behavior.
* net: Call destroy() if shutdown() is not provided
This is important for TTY wrap streams
* net: Call .end() in socket.destroySoon if necessary
This makes the http 1.0 keepAlive test pass, also.
* net wtf-ish stuff kinda busted
* net fixup
Otherwise (especially with stdin) you sometimes end up in cases
where the high water mark is zero, and the current buffer is at 0,
and it doesn't need a readable event, so it never calls _read().
This fixes the CONNECT/Upgrade HTTP functionality, which was not getting
sliced properly, because readable wasn't emitted on this tick.
Conflicts:
test/simple/test-http-connect.js
Verifies that the callback gets invoked <n> times during the lifetime of the
test script.
This is a back-port of commit d0e6c3f from the master branch.
Don't allow connections to stall indefinitely if the SSL/TLS handshake does
not complete.
Adds a new tls.Server and https.Server configuration option, handshakeTimeout.
Fixes#4355.
The test assumes the parent and the child are scheduled fairly. Probably true
most of the time but not always, making it fail spuriously.
Bad test, remove it.
V8 debug agent needs some time to be ready and no longer sends the first event
break response to a debug client. We wait some time to connect the agent and
check its break status by obtaining breakpoint list and seeing if it exists on
line 0.
Enable long stacktraces if NODE_DEBUG=fs is set in the environment. Only
applies to the default rethrow callback; it's to help you find places where
you forgot to pass in a callback.
Use a default callback if the user omitted one. Avoids errors like the one
below:
fs.js:777
if (err) return callback(err);
^
TypeError: object is not a function
at fs.appendFile (fs.js:777:21)
at Object.oncomplete (fs.js:297:15)
This commit fixes the behavior of fs.lchmod(), fs.lchown() and fs.readFile()
when the callback is omitted. Before, they silently swallowed errors.
Fixes#4352.
Just sends a buffer to a server, which echoes it back, and then measures
the Gbits/second. Very similar to throughput.js, but using a single
process, so that it's possible to dtrace and get the jsstack frames for
profile comparison.
Fix#4331
Using double negate forces values into 32bit space. Because of this
Math.ceil needs to be used. Since NaN comparisons are always false, use
that to our advantage to return 0 if it is.
Also added two tests to verify the changes.
* Added isIP method to make use of inet_pton to cares_wrap.cc
* Modified net.isIP() to make use of new C++ isIP method.
* Added new tests to test-net-isip.js.
This is a back-port of commit fb6377e from the master branch.
Disabled the following unit tests:
* test-eio-race.js
* test-eio-race2.js
* test-eio-race4.js
These tests are known to fail on busy boxes due to being timing sensitive,
and are deemed not meaningful tests.
See https://github.com/joyent/node/issues/4272Fixes#4272.
* npm: Upgrade to 1.1.66 (isaacs)
* linux: use /proc/cpuinfo for CPU frequency (Ben Noordhuis)
* windows: map WSAESHUTDOWN to UV_EPIPE (Ben Noordhuis)
* windows: map ERROR_GEN_FAILURE to UV_EIO (Bert Belder)
* unix: do not set environ unless one is provided (Charlie McConnell)
* domains: don't crash if domain is set to null (Bert Belder)
* windows: fix the x64 debug build (Bert Belder)
* net, tls: fix connect() resource leak (Ben Noordhuis)
OR'ing together two large values, like `SSL_OP_ALL | SSL_OP_NO_TICKET`,
produces a negative number. To wit:
assert((0x80000000 | 0x4000) === -0x7fffc000); // true
assert((0x80000000 | 0x4000) === 0x80004000); // false!
It's easy to work around by doing a logical shift, like this:
assert((0x80000000 | 0x4000) >>> 0 === 0x80004000); // true
But that's not very intuitive. Let's be more lenient in what we accept.
* fix gyp build
* don't require libexecinfo, it's not there
* libpthread doesn't implement sem_timedwait(), fall back to sem_wait()
Upstreamed in https://codereview.chromium.org/11421013/
The purpose of this file was to remap the old libeio API to the new one.
We dropped libeio in ee77a6a and this file has been broken ever since.
Ergo, remove it.
While updating the readline test cases to test both "terimal: false" and
"terminal: true" mode, it turned out that the test case testing utf8 chars
being sent over multiple write() calls was failing. The solution is to use
a string_decoder instance when parsing the "keypress" events.
Before this commit, readline was inconsistent in whether or not it would emit
"line" events with or without the trailing "\n" included. When "terminal"
mode was true, then there would be no "\n", when it was false, then the "\n"
would be present. However, the trailing "\n" doesn't add much, and most of the
time people just end up stripping it manually.
Part of #4243.
* Added isIP method to make use of inet_pton to cares_wrap.cc
* Modified net.isIP() to make use of new C++ isIP method.
* Added new tests to test-net-isip.js.
DTrace on Linux should not be enabled by default because not all systems will
have the proper headers installed. Only enable when --with-dtrace is passed to
the configure script.
`url.format` should escape ? and # chars in pathname, and # chars in
search, because they change the semantics of the operation otherwise.
Don't escape % chars, or anything else. (see: #4082)
Inform V8 that the zlib context object is tied to a large off-heap buffer.
This makes the GC run more often (in theory) and improves the accuracy of
--trace_external_memory.
In zlibBuffer(), don't wait for the garbage collector to reclaim the zlib memory
but release it manually. Reduces memory consumption by a factor of 10 or more
with some workloads.
Test case:
function f() {
require('zlib').deflate('xxx', g);
}
function g() {
setTimeout(f, 5);
}
f();
Observe RSS memory usage with and without this commit. After 10,000 iterations,
RSS stabilizes at ~35 MB with this commit. Without, RSS is over 300 MB and keeps
growing.
Cause: whenever the JS object heap hits the high-water mark, the V8 GC sweeps
it clean, then tries to grow it in order to avoid more sweeps in the near
future. Rule of thumb: the bigger the JS heap, the lazier the GC can be.
A side effect of a bigger heap is that objects now live longer. This is harmless
in general but it affects zlib context objects because those are tied to large
buffers that live outside the JS heap, on the order of 16K per context object.
Ergo, don't wait for the GC to reclaim the memory - it may take a long time.
Fixes#4172.
The gyp target node_etw didn't list its output dependencies. This
was causing virgin builds to fail with a "failed to open file for
write" error.
With this corrected outputs list, gyp reliably pre-creates
required output directories.
* V8: Upgrade to 3.11.10.25
* npm: Upgrade to 1.1.65
* url: parse hostnames that start with - or _ (Ben Noordhuis)
* repl: Fix Windows 8 terminal issue (Bert Belder)
* typed arrays: use signed char for signed int8s (Aaron Jacobs)
* crypto: fix bugs in DiffieHellman (Ben Noordhuis)
* configure: turn on VFPv3 on ARMv7 (Ben Noordhuis)
* Re-enable OpenSSL UI for entering passphrases via tty (Ben Noordhuis)
* repl: ensure each REPL instance gets its own "context" (Nathan Rajlich)
Always add domain, _events, and _maxListeners properties, set to the
default values at first.
Leads to a very very slight perf improvement when using setMaxListeners,
or dealing with a lot of EE objects that don't have any listeners.
Remove compiler switches from $(TOPLEVEL)/deps/v8/build/common.gypi, we set
them globally in $(TOPLEVEL)/common.gypi.
Commit 29d12c73 accidentally reintroduced the switches again. In particular,
the 'cflags!': ['-O2','-Os'] section forced building V8 without any
optimizations, resulting in a steep (~66%) performance drop on some benchmarks.
Fixes#4191.
This is a flag to make it easier for users to upgrade through the
breaking crypto change, and easier for us to switch it back if it's a
problem.
Explicitly set default encoding to 'buffer' in other tests, in case it
ever changes back.
crypto: Hash and Hmac default to buffers
crypto: Move Cipher encoding logic to JS
crypto: Move Cipheriv encoding logic to JS
crypto: Move Decipher encoding logic to JS
crypto: Move Decipheriv into JS, default to buffers
crypto: Move Sign class to JS
crypto: Better encoding handling in Hash.update
crypto: Move Verify class to JS
crypto: Move DiffieHellman to JS, default to buffers
crypto: Move DiffieHellmanGroup to JS, default to buffers
Also, create a test for this feature
`timezone` variable contains the difference, in seconds, between UTC and
local standard time (see `man 3 localtime` on Solaris).
Call to `tzset` is required to apply contents of `TZ` variable to
`timezone` variable.
BUG=v8:2064
Review URL: https://chromiumcodereview.appspot.com/10967066
Patch from Maciej Małecki <me@mmalecki.com>.
This is a back-port of upstream commit r12802.
Fix a use-after-free bug and a memory leak in the error path of
DiffieHellman::ComputeSecret().
* the BIGNUM key was used after being freed with BN_free().
* the output buffer was not freed
Previously, the "global" mode of REPLs was broken when created after another
non-global REPL (they would end up sharing the same context). Now that "global"
mode is fixed for that case (b1e78cef09), this
test case gets its global scope modified with "module" and other REPL-specific
properties, so disable the global check.
This reverts commit 1c88c3b3b5.
It breaks the "read a password from stdin" functionality that OpenSSL provides.
Fixes#4059, #4143.
Conflicts:
deps/openssl/openssl.gyp
* The 'close' event doesn't emit an error object.
* It's possible for a 'close' event to come after an 'end' event, contrary to
what the documentation said.
Fixes#4116.
Before there was this weird module-scoped "context" variable which seemingly
shared the "context" of subsequent REPL instances, unless ".clear" was invoked
inside the REPL. To be proper, we need to ensure that each REPL gets its own
"context" object. I literally don't know why this "sharing" behavior was in place
before, but it was just plain wrong.
Make buffers report the proper retained size in heap snapshots.
Before this commit, Buffer objects would show up in the heap profiler as being
only a few hundred bytes large, even if the actual buffer was many megabytes.
Consolidates all the formatting options into an "options" object argument.
This is so that we don't have to be constantly remembering the order of
the arguments and so that we can add more formatting options easily.
Closes#4085.
Listen for the 'clientError' event that is emitted when a renegotation attack
is detected and close the connection.
Fixes test/pummel/test-https-ci-reneg-attack.js
Make the 'listening' event handler in the master process see the actual port
that the worker bound to when the worker specified port 0, i.e. a random port.
Encoding failures can be somewhat confusing, especially when they are due to
control flow frameworks auto-filling parameters from the previous step output
values to functions (such as toString and write) that developers don't expect
to take an encoding parameter. By outputting the value as part of the message,
should make it easier to track down these sort of bugs.
This reverts commit 790d651f0d.
This makes Duplex streams unworkable, and would only ever be a special
case for HTTP responses, which is not ideal.
Intead, we're going to just bless the 'finish' event for all Writable
streams in 0.10
Just as the 'WWW-Authenticate' HTTP header the 'Proxy-Authenticate' header might
be received several times as well. Currently only one value is preserved. This
change allows to receive multiple values concatenated by space and comma.
Just as the 'WWW-Authenticate' HTTP header the 'Proxy-Authenticate' header might
be received several times as well. Currently only one value is preserved. This
change allows to receive multiple values concatenated by space and comma.
When perlasm generates MASM code it sets the assembler target to 468.
In this mode MASM refuses to assemble the CPUID instruction. Bumping
the target to 586 solves this problem.
A child process created with .fork() needed to call `process.exit()` explicitly
because the communication channel with the parent kept the event loop alive.
Fix that by only ref'ing the channel when there are 'message' event listeners.
Fixes#3799.
This addresses #4034. There are two problems happening:
1. The domain is not exited automatically when calling dispose() on it.
Then, since the domain is disposed, attempting to exit it again will do
nothing.
2. The active domain is stored on process.domain. Since thrown errors
call `process.emit('uncaughtException', er)`, and the process is an
event emitter with a `.domain` member, it re-enters the domain a second
time before calling the error handler, pushing it onto the stack again.
Thus, if the handler calls `domain.dispose()`, then the domain is now on
the stack twice, and cannot be exited properly. Since the domain is
disposed, any subsequent IO will be no-op'ed, since we've declared that
this context is done and best forgotten.
The solution here is twofold:
1. In EventEmitter.emit, do not enter the domain if `this===process`.
2. Automatically exit the domain when calling `domain.dispose()`.
Make sure the deletion event gets reported in the following scenario:
1. Watch a file.
2. The initial stat() goes okay.
3. Something deletes the watched file.
4. The second stat() fails with ENOENT.
The second stat() translates into the first 'change' event but a logic error
stopped it from getting emitted.
Fixes#4027.
Update the tls and https tests to explicitly set rejectUnauthorized instead of
relying on the NODE_TLS_REJECT_UNAUTHORIZED environment variable getting set.
This commit changes the default value of the rejectUnauthorized option from
false to true.
What that means is that tls.connect(), https.get() and https.request() will
reject invalid server certificates from now on, including self-signed
certificates.
There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED
environment variable to the literal string "0", node.js reverts to its
old behavior.
Fixes#3949.
Fix the following error:
FSEventWrap: Aborting due to unwrap failure at ../../src/fs_event_wrap.cc:169
It's possible and legal for a handle to be closed twice. HandleWrap::Close()
deals with that by ignoring the second close. Now FSEventWrap::Close() does
too.
Fixes#3997.
Check that the calls to Integer::New() and Date::New() succeed and bail out if
they don't.
V8 returns an empty handle on stack overflow. Trying to set the empty handle as
a property on an object results in a NULL pointer dereference in release builds
and an assert in debug builds.
Fixes#4015.
These patches were provided by Android and Chromium. In this form they
are not useful. The ones that we need are landed as separate commits.
As of openssl 1.0.1c, three of them made it upstream:
* npn.patch (Next Protocol Negotiation support)
* tls_exporter.patch (RFC 5705 Keying Material Exporters for TLS)
* openssl_no_dtls1.patch (minor bugfix)
Use a empty implementation for function OPENSSL_cpuid_setup to resolve link
error. We should figure out how to geenrate platform specific implementation
of OPENSSL_cpuid_setup by leveraging crypto/*cpuid.pl.
This patch is taken from Chromium.
ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but
forgot to initialize the `length` field.
Fixes the following valgrind error:
$ valgrind -q --track-origins=yes --num-callers=19 \
out/Debug/node test/simple/test-tls-client-abort.js
==2690== Conditional jump or move depends on uninitialised value(s)
==2690== at 0x784B69: ASN1_STRING_set (asn1_lib.c:382)
==2690== by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204)
==2690== by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86)
==2690== by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570)
==2690== by 0x78F090: asn1_string_canon (x_name.c:409)
==2690== by 0x78EF17: x509_name_canon (x_name.c:354)
==2690== by 0x78EA7D: x509_name_ex_d2i (x_name.c:210)
==2690== by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x787C93: ASN1_item_d2i (tasn_dec.c:136)
==2690== by 0x78F5E4: d2i_X509 (x_x509.c:141)
==2690== by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81)
==2690== by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67)
==2690== by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497)
==2690== Uninitialised value was created by a stack allocation
==2690== at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
There are many symbolic links under /etc/ssl/certs created by using hash of
the pem certificates in order for OpenSSL to find those certificate.
Openssl has a tool to help you create hash symbolic links. (See tools/c_rehash)
However the new openssl changed the hash algorithm, Unless you compile/install
the latest openssl library and re-create all related symbolic links, the new
openssl can not find some certificates because the links of those certificates
were created by using old hash algorithm, which causes some tests failed.
This patch gives a way to find a certificate according to its hash by using both
new algorithm and old algorithm.
crbug.com/111045 is used to track this issue.
This patch is taken from the Chromium project.
Enables SSL3+ clients to send application data immediately following the
Finished message even when negotiating full-handshakes. With this patch,
clients can negotiate SSL connections in 1-RTT even when performing
full-handshakes.
This patch is taken from the Android Open Source Project.
SSL records may be as large as 16K, but are typically < 2K. In
addition, a historic bug in Windows allowed records to be as large
32K. OpenSSL statically allocates read and write buffers (34K and
18K respectively) used for processing records.
With this patch, OpenSSL statically allocates 4K + 4K buffers, with
the option of dynamically growing buffers to 34K + 4K, which is a
saving of 44K per connection for the typical case.
This patch is taken from the Android Open Source Project.
A HTTP/1.0 client does not support 'Transfer-Encoding: chunked' unless it
explicitly requests it by sending a 'TE: chunked' header.
Before this commit, node.js always disabled chunked encoding for HTTP/1.0
clients. Now it will scan for the TE header and turn on chunked encoding if
requested and applicable.
Fixes#940.
Don't execute the callback in the context of the global object.
MakeCallback() tries to apply the active domain to the callback. If the user
polluted the global object with a 'domain' property, as in the code example
below, MakeCallback() will try to apply that.
Example:
domain = {}; // missing var keyword is intentional
crypto.randomBytes(8, cb); // TypeError: undefined is not a function
Fixes#3956.
pthread_t is a pointer type on OS X but an unsigned long on most other
platforms. Use a C style cast because reinterpret_cast nor static_cast
work in all cases.
With this patch the IPC socket is no longer available in the
ChildProcess.stdio array. This shouldn't be very problematic, since
this socket was effectively non-functional; it would never emit any
events.
Throw an exception in the tls.Server constructor when the options object
doesn't contain either a PFX or a key/certificate combo.
Said change exposed a bug in simple/test-tls-junk-closes-server. Addressed.
Fixes#3941.
It takes an optional "expected exception" argument that is not used meaningfully
but is nevertheless documented. Undocument it, it confuses casual readers of the
documentation.
Fixes#3935.
@@ -24,7 +24,7 @@ sure to use <code>npm rebuild <pkg></code> if you make any changes.</p>
<p>The first element in the 'args' parameter must be a package name. After that is the optional command, which can be any number of strings. All of the strings will be combined into one, space-delimited command.</p>
<p>The 'packages' argument is an array of packages to update. The 'callback' parameter will be called when done or when an error occurs.</p>
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
