delta/node-new.git/src/node_constants.cc, branch sam-github-tsc github.com: nodejs/node.git tls: provide default cipher list from command line 2020-04-13T16:48:23+00:00 Anna Henningsen anna@addaleax.net 2020-04-10T11:04:10+00:00 1f9761f4cc027315376cd669ceed2eeaca865d76 Avoid storing data that depends on command line options on internal bindings. This is generally a cleaner way of accessing CLI options. PR-URL: https://github.com/nodejs/node/pull/32760 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com> 
Avoid storing data that depends on command line options on internal
bindings. This is generally a cleaner way of accessing CLI options.

PR-URL: https://github.com/nodejs/node/pull/32760
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
src,lib: expose memory file mapping flag 2019-09-11T22:38:21+00:00 João Reis reis@janeasystems.com 2019-08-21T23:40:47+00:00 902c9fac194d06aec5fd5307a6712c39a6da18a7 Support for UV_FS_O_FILEMAP was added in libuv in version 1.31.0. This exposes the flag in fs.constants. Refs: https://github.com/libuv/libuv/pull/2295 PR-URL: https://github.com/nodejs/node/pull/29260 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Ron Korving <ron@ronkorving.nl> Reviewed-By: James M Snell <jasnell@gmail.com> 
Support for UV_FS_O_FILEMAP was added in libuv in version 1.31.0.
This exposes the flag in fs.constants.

Refs: https://github.com/libuv/libuv/pull/2295
PR-URL: https://github.com/nodejs/node/pull/29260
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ron Korving <ron@ronkorving.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
src: remove env-inl.h from header files 2019-05-23T15:51:41+00:00 Sam Roberts vieuxtech@gmail.com 2019-05-17T20:36:05+00:00 60b315c0646aeb0bf4e40d5a7490e9548b714ce2 Inline headers should only be included into the .cc files that use them. PR-URL: https://github.com/nodejs/node/pull/27755 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> 
Inline headers should only be included into the .cc files that use them.

PR-URL: https://github.com/nodejs/node/pull/27755
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
src: remove util-inl.h from header files 2019-05-13T20:43:26+00:00 Sam Roberts vieuxtech@gmail.com 2019-05-09T19:52:38+00:00 b6bfc193788b1838bee73d584fe089e1104b9f88 Its intended that *-inl.h header files are only included into the src files that call the inline methods. Explicitly include it into the files that need it. PR-URL: https://github.com/nodejs/node/pull/27631 Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> 
Its intended that *-inl.h header files are only included into the src
files that call the inline methods. Explicitly include it into the files
that need it.

PR-URL: https://github.com/nodejs/node/pull/27631
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
src: replace FromJust() with Check() when possible 2019-04-12T19:33:37+00:00 Sam Roberts vieuxtech@gmail.com 2019-04-09T22:21:36+00:00 060d901f87b3d87314f8540eb02f315e2952f581 FromJust() is often used not for its return value, but for its side-effects. In these cases, Check() exists, and is more clear as to the intent. From its comment: To be used, where the actual value of the Maybe is not needed, like Object::Set. See: https://github.com/nodejs/node/pull/26929/files#r269256335 PR-URL: https://github.com/nodejs/node/pull/27162 Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> 
FromJust() is often used not for its return value, but for its
side-effects. In these cases, Check() exists, and is more clear as to
the intent. From its comment:

  To be used, where the actual value of the Maybe is not needed, like
  Object::Set.

See: https://github.com/nodejs/node/pull/26929/files#r269256335

PR-URL: https://github.com/nodejs/node/pull/27162
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
src: remove unused INT_MAX constant 2019-04-09T05:29:48+00:00 Sam Roberts vieuxtech@gmail.com 2019-04-03T21:30:47+00:00 bf766c1b44c68b47153339b84e12bef0f33e7ee7 Node doesn't use it, and its not documented. Remove it. PR-URL: https://github.com/nodejs/node/pull/27078 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
Node doesn't use it, and its not documented. Remove it.

PR-URL: https://github.com/nodejs/node/pull/27078
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
src: unify crypto constant setup 2019-04-08T16:46:55+00:00 Sam Roberts vieuxtech@gmail.com 2019-04-03T18:32:34+00:00 a3f30a48c2392f97e40bfc347bcd301935131267 DefineCryptoConstants() sets constants from OpenSSL into `crypto.constants`, for crypto and tls. DefineOpenSSLConstants() did exactly the same. Unify them. PR-URL: https://github.com/nodejs/node/pull/27077 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
DefineCryptoConstants() sets constants from OpenSSL into
`crypto.constants`, for crypto and tls.  DefineOpenSSLConstants() did
exactly the same.  Unify them.

PR-URL: https://github.com/nodejs/node/pull/27077
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
tls: support TLSv1.3 2019-03-20T14:48:25+00:00 Sam Roberts vieuxtech@gmail.com 2018-11-29T01:58:08+00:00 42dbaed4605f44c393a057aad75a31cac1d0e5f5 This introduces TLS1.3 support and makes it the default max protocol, but also supports CLI/NODE_OPTIONS switches to disable it if necessary. TLS1.3 is a major update to the TLS protocol, with many security enhancements. It should be preferred over TLS1.2 whenever possible. TLS1.3 is different enough that even though the OpenSSL APIs are technically API/ABI compatible, that when TLS1.3 is negotiated, the timing of protocol records and of callbacks broke assumptions hard-coded into the 'tls' module. This change introduces no API incompatibilities when TLS1.2 is negotiated. It is the intention that it be backported to current and LTS release lines with the default maximum TLS protocol reset to 'TLSv1.2'. This will allow users of those lines to explicitly enable TLS1.3 if they want. API incompatibilities between TLS1.2 and TLS1.3 are: - Renegotiation is not supported by TLS1.3 protocol, attempts to call `.renegotiate()` will always fail. - Compiling against a system OpenSSL lower than 1.1.1 is no longer supported (OpenSSL-1.1.0 used to be supported with configure flags). - Variations of `conn.write('data'); conn.destroy()` have undefined behaviour according to the streams API. They may or may not send the 'data', and may or may not cause a ERR_STREAM_DESTROYED error to be emitted. This has always been true, but conditions under which the write suceeds is slightly but observably different when TLS1.3 is negotiated vs when TLS1.2 or below is negotiated. - If TLS1.3 is negotiated, and a server calls `conn.end()` in its 'secureConnection' listener without any data being written, the client will not receive session tickets (no 'session' events will be emitted, and `conn.getSession()` will never return a resumable session). - The return value of `conn.getSession()` API may not return a resumable session if called right after the handshake. The effect will be that clients using the legacy `getSession()` API will resume sessions if TLS1.2 is negotiated, but will do full handshakes if TLS1.3 is negotiated. See https://github.com/nodejs/node/pull/25831 for more information. PR-URL: https://github.com/nodejs/node/pull/26209 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 
This introduces TLS1.3 support and makes it the default max protocol,
but also supports CLI/NODE_OPTIONS switches to disable it if necessary.

TLS1.3 is a major update to the TLS protocol, with many security
enhancements. It should be preferred over TLS1.2 whenever possible.

TLS1.3 is different enough that even though the OpenSSL APIs are
technically API/ABI compatible, that when TLS1.3 is negotiated, the
timing of protocol records and of callbacks broke assumptions hard-coded
into the 'tls' module.

This change introduces no API incompatibilities when TLS1.2 is
negotiated. It is the intention that it be backported to current and LTS
release lines with the default maximum TLS protocol reset to 'TLSv1.2'.
This will allow users of those lines to explicitly enable TLS1.3 if they
want.

API incompatibilities between TLS1.2 and TLS1.3 are:

- Renegotiation is not supported by TLS1.3 protocol, attempts to call
`.renegotiate()` will always fail.

- Compiling against a system OpenSSL lower than 1.1.1 is no longer
supported (OpenSSL-1.1.0 used to be supported with configure flags).

- Variations of `conn.write('data'); conn.destroy()` have undefined
behaviour according to the streams API. They may or may not send the
'data', and may or may not cause a ERR_STREAM_DESTROYED error to be
emitted. This has always been true, but conditions under which the write
suceeds is slightly but observably different when TLS1.3 is negotiated
vs when TLS1.2 or below is negotiated.

- If TLS1.3 is negotiated, and a server calls `conn.end()` in its
'secureConnection' listener without any data being written, the client
will not receive session tickets (no 'session' events will be emitted,
and `conn.getSession()` will never return a resumable session).

- The return value of `conn.getSession()` API may not return a resumable
session if called right after the handshake. The effect will be that
clients using the legacy `getSession()` API will resume sessions if
TLS1.2 is negotiated, but will do full handshakes if TLS1.3 is
negotiated.  See https://github.com/nodejs/node/pull/25831 for more
information.

PR-URL: https://github.com/nodejs/node/pull/26209
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
src: de-lint header usage 2019-03-12T13:57:19+00:00 Refael Ackermann refack@gmail.com 2019-02-25T22:27:19+00:00 f2064dfc1fee2daa0537bc27d79d5aa0f734faaf PR-URL: https://github.com/nodejs/node/pull/26306 Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> 
PR-URL: https://github.com/nodejs/node/pull/26306
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
src: apply clang-tidy rule modernize-deprecated-headers 2019-02-27T04:35:53+00:00 gengjiawen technicalcute@gmail.com 2019-02-17T02:53:47+00:00 8137668c531935c58347cd8e78147d3a9d3cc339 PR-URL: https://github.com/nodejs/node/pull/26159 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
PR-URL: https://github.com/nodejs/node/pull/26159
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>