| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
ChangeLog
doc/api/assert.markdown
src/node_version.h
test/simple/test-crypto-stream.js
vcbuild.bat
|
| |
| |
| |
| |
| |
| |
| | |
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
|
| |
| |
| |
| |
| |
| | |
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
|
| |
| |
| |
| |
| |
| |
| | |
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
|
|/
|
|
|
|
|
|
| |
Original source:
http://openssl.6102.n7.nabble.com/PATCH-s-client-Fix-keypress-requirement-with-redirected-input-on-Windows-td46787.html
Reviewed-By: Fedor Indutny <fedor@indutny.com>
|
| |
|
|
|
|
|
|
| |
see #8062
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
|
|
|
|
| |
fix #8062
|
|
|
|
| |
This reverts commit 181b8a5d3af2e14c50dd32e1f16bf553fd3c7050.
|
| |
|
|
|
|
|
|
|
|
| |
Original source:
http://openssl.6102.n7.nabble.com/PATCH-s-client-Fix-keypress-requirement-with-redirected-input-on-Windows-td46787.html
Reviewed-By: Fedor Indutny <fedor@indutny.com>
|
| |
|
|
|
|
| |
fix #7963
|
|
|
|
|
|
|
|
|
|
| |
Original commit message:
bn_exp.c: fix x86_64-specific crash with one-word modulus.
PR: #3397
Signed-off-by: Fedor Indutny <fedor@indutny.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After much investigation it turns out that the affected servers are
buggy. user-service.condenastdigital.com:443 in particular seems to
reject large TLS handshake records. Cutting down the number of
advertised ciphers or disabling SNI fixes the issue.
Similarly, passing { secureOptions: constants.SSL_OP_NO_TLSv1_2 }
seems to fix most connection issues with IIS servers.
Having to work around buggy servers is annoying for our users but not
a reason to downgrade OpenSSL. Therefore, revert it.
This reverts commit 4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.
|
|
|
|
|
|
|
|
|
| |
Several people have reported issues with IIS and Resin servers (or maybe
SSL terminators sitting in front of those servers) that are fixed by
downgrading OpenSSL. The AESNI performance improvements were nice but
stability is more important. Downgrade OpenSSL from 1.0.1e to 1.0.0f.
Fixes #5360 (and others).
|
|
|
|
|
|
|
|
|
|
| |
Microsoft's IIS doesn't support it, and is not replying with ServerHello
after receiving ClientHello which contains it.
The good way might be allowing to opt-out this at runtime from
javascript-land, but unfortunately OpenSSL doesn't support it right now.
see #5119
|
|
|
|
|
|
|
|
|
| |
Commit 8632af3 ("tools: update gyp to r1601") broke the Windows build.
Older versions of GYP link to kernel32.lib, user32.lib, etc. but that
was changed in r1584. See https://codereview.chromium.org/12256017
Fix the build by explicitly linking to the required libraries.
|
|
|
|
|
|
| |
There are no unsafe structured exception handlers in object files
generated from hand-crafted assembly - because they contain no exception
handlers at all.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but forgot to
initialize the `length` field.
Fixes the following valgrind error:
$ valgrind -q --track-origins=yes --num-callers=19 \
out/Debug/node test/simple/test-tls-client-abort.js
==2690== Conditional jump or move depends on uninitialised value(s)
==2690== at 0x784B69: ASN1_STRING_set (asn1_lib.c:382)
==2690== by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204)
==2690== by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86)
==2690== by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570)
==2690== by 0x78F090: asn1_string_canon (x_name.c:409)
==2690== by 0x78EF17: x509_name_canon (x_name.c:354)
==2690== by 0x78EA7D: x509_name_ex_d2i (x_name.c:210)
==2690== by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x787C93: ASN1_item_d2i (tasn_dec.c:136)
==2690== by 0x78F5E4: d2i_X509 (x_x509.c:141)
==2690== by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81)
==2690== by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67)
==2690== by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497)
==2690== Uninitialised value was created by a stack allocation
==2690== at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
|
|
|
|
|
|
| |
When perlasm generates MASM code it sets the assembler target to 468.
In this mode MASM refuses to assemble a couple of instructions. Bumping
the target to 686 solves this problem.
|
|
|
|
|
| |
It used to be off before. It's extremely unlikely that such an attack
would be a viable attack against node. And it makes AES much slower.
|
| |
|
|
|
|
| |
Remove obsolete build configuration that escaped the purge in 7eaea7f.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
It used to be off before. It's extremely unlikely that such an attack
would be a viable attack against node. And it makes AES much slower.
|
| |
|
|
|
|
|
|
| |
When perlasm generates MASM code it sets the assembler target to 468.
In this mode MASM refuses to assemble a couple of instructions. Bumping
the target to 686 solves this problem.
|
|
|
|
|
|
|
|
| |
This patch brings the openssl library that is built with gyp closer
to what the standard build system produces.
All opensslconf.h versions are now merged into a single file, which
makes it easier for compiled addons to locate this file.
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
AUTHORS
ChangeLog
deps/uv/test/test-spawn.c
deps/uv/uv.gyp
src/cares_wrap.cc
src/node.cc
src/node_version.h
test/simple/test-buffer.js
tools/gyp/pylib/gyp/common.py
tools/install.py
|
| | |
|
| |
| |
| |
| |
| |
| | |
Fixes the build on FreeBSD <= 9 with the default compiler.
Fixes #4186.
|
|\ \
| |/
| |
| |
| | |
Conflicts:
deps/openssl/openssl.gyp
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 1c88c3b3b56c6047180e116c5614dad2b13995f9.
It breaks the "read a password from stdin" functionality that OpenSSL provides.
Fixes #4059, #4143.
Conflicts:
deps/openssl/openssl.gyp
|
|\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
AUTHORS
ChangeLog
deps/openssl/openssl.gyp
deps/uv/src/unix/linux/linux-core.c
deps/uv/src/unix/process.c
deps/uv/src/unix/stream.c
deps/v8/src/arm/builtins-arm.cc
deps/v8/src/arm/code-stubs-arm.cc
deps/v8/src/arm/full-codegen-arm.cc
lib/tls.js
src/node_version.h
test/simple/test-http-client-timeout-agent.js
|
| |
| |
| |
| |
| | |
the SunOS linker is more strict than usual, so we have to be more
correct.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
It used to be off before. It's extremely unlikely that such an attack
would be a viable attack against node. And it makes AES much slower.
|
| | |
|
| |
| |
| |
| |
| |
| | |
When perlasm generates MASM code it sets the assembler target to 468.
In this mode MASM refuses to assemble the CPUID instruction. Bumping
the target to 586 solves this problem.
|