| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* v8: Upgrade to 3.11.10.26
* crypto: clear openssl error stack when handled (Ben Noordhuis)
* crypto: clear errors from verify failure (Timothy J Fontaine)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
* http: provide backpressure for pipeline flood (isaacs)
* http_parser: expose pause/resume method for parser (Timothy J Fontaine)
* readline: pause stdin before turning off terminal raw mode (Daniel Chatfield)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Clear OpenSSL's error stack on return from Connection::HandleSSLError().
This stops stale errors from popping up later in the lifecycle of the
SSL connection where they would cause spurious failures.
This commit causes a 1-2% performance regression on `make bench-tls`.
We'll address that in follow-up commits if possible but let's ensure
correctness first.
Backport of c6e2db2
|
| |
|
|
|
|
|
| |
OpenSSL will push errors onto the stack when a verify fails, which can
disrupt TLS and other routines if we don't clear the error stack
Fixes #6304
|
| | |
|
| |
|
|
|
|
|
| |
X509_STORE_add_cert increment reference of passed `x509` cert,
`X509_free` must be called to avoid memory leak.
This is a back-port of commit c1db1ec from the master branch.
|
| | |
|
| |
|
|
|
|
| |
* npm: Upgrade to 1.2.30
* child_process: fix handle delivery (Ben Noordhuis)
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.24
* url: Properly parse certain oddly formed urls (isaacs)
* http: Don't try to destroy nonexistent sockets (isaacs)
* handle_wrap: fix NULL pointer dereference (Ben Noordhuis)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix a NULL pointer dereference in src/handle_wrap.cc which is really a
use-after-close bug.
The test checks that unref() after close() works on process.stdout but
this bug affects everything that derives from HandleWrap. I discovered
it because child processes would sometimes quit for no reason (that is,
no reason until I turned on core dumps.)
This is a back-port of commit ccd3722 from the v0.10 branch.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.18
* http: Avoid EE warning on ECONNREFUSED handling (isaacs)
* tls: Re-enable check of CN-ID in cert verification (Tobias Müllerleile)
* child_process: fix sending utf-8 to child process (Ben Noordhuis)
* crypto: check key type in GetPeerCertificate() (Ben Noordhuis)
* win/openssl: mark assembled object files as seh safe (Bert Belder)
* windows/msi: fix msi build issue with WiX 3.7/3.8 (Raymond Feng)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Works around the following exception:
Error: 140463203215168:error:0607907F:digital envelope
routines:EVP_PKEY_get1_RSA:expecting an rsa key:
../deps/openssl/openssl/crypto/evp/p_lib.c:288:
at CleartextStream._pusher (tls.js:656:24)
at SlabBuffer.use (tls.js:199:18)
at CleartextStream.CryptoStream._push (tls.js:483:33)
at SecurePair.cycle (tls.js:880:20)
<snip>
The issue has been solved properly in v0.10 and the master branch as of
commit c6e2db2 ("crypto: clear error stack"). This is the "back-port"
to v0.8.
For some (rather unquantifiable) reason the original fix only works for
the tls module in v0.8 but not the https module unless OpenSSL is
downgraded to 0.9.8. Upgrading OpenSSL does *not* fix it, however.
The https module doesn't appear to be at fault; upgrading it to v0.10
doesn't fix the issue. That leaves either the tls or the http module
(that https derives from) but the changes to those modules are too
massive to back-port as-is.
`git bisect` over the v0.8 -> v0.10 commits didn't show up anything
useful, it pinpoints c6e2db2 as the commit that fixes things.
I've spent several hours on this now and seeing that v0.8 is in
maintenance mode, this cheap hack will have to do.
Fixes #4771.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* npm: Update to 1.2.14
* cluster: propagate bind errors (Ben Noordhuis)
* crypto: don't assert when calling Cipher#final() twice (Ben Noordhuis)
* build, windows: disable SEH (Ben Noordhuis)
|
| |
|
|
|
| |
This properly sets the `_maxListeners` property, which
fixes the max listener warning. Closes #4924.
|
| |
|
|
|
|
|
| |
Remove the assert() that triggered when Cipher#final() or
Decipher#final() was called twice.
Fixes #4886.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* http: Do not free the wrong parser on socket close (isaacs)
* http: Handle hangup writes more gently (isaacs)
* zlib: fix assert on bad input (Ben Noordhuis)
* test: add TAP output to the test runner (Timothy J Fontaine)
* unix: Handle EINPROGRESS from domain sockets (Ben Noordhuis)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following test case occasionally triggered an assert because
write_in_progress_ didn't get cleared on error:
$ cat test.js
require('zlib').gunzip('BAM', console.log);
setTimeout(gc, 10);
$ while true; do node --expose-gc test.js || break; done
{ [Error: incorrect header check] errno: -3, code: 'Z_DATA_ERROR' }
Assertion failed: (!write_in_progress_ && "write in progress"),
function Clear, file ../src/node_zlib.cc, line 71.
Abort trap: 6
Steps to avoid that:
* Initialize all primitive member fields in the constructor.
* Clear the write_in_progress_ member field in ZCtx::Error().
* Ref the ZCtx object as soon as write_in_progress_ is set to true.
Before this commit, it could get GC'ed in the time between setting
the field and the call to ctx->Ref().
Fixes #4783.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.11
* http: Do not let Agent hand out destroyed sockets (isaacs)
* http: Raise hangup error on destroyed socket write (isaacs)
* http: protect against response splitting attacks (Bert Belder)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.10
* zlib: pass object size hint to V8 (Ben Noordhuis)
* zlib: reduce memory consumption, release early (Ben Noordhuis)
* buffer: slow buffer copy compatibility fix (Trevor Norris)
* zlib: don't assert on malformed dictionary (Ben Noordhuis)
* zlib: don't assert on missing dictionary (Ben Noordhuis)
* windows: better ipv6 support (Bert Belder)
* windows: add error mappings related to unsupported protocols (Bert Belder)
* windows: map ERROR_DIRECTORY to UV_ENOENT (Bert Belder)
|
| |
|
|
|
|
|
| |
Inform V8 that the zlib context object is tied to a large off-heap buffer.
This makes the GC run more often (in theory) and improves the accuracy of
--trace_external_memory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In zlibBuffer(), don't wait for the garbage collector to reclaim the zlib memory
but release it manually. Reduces memory consumption by a factor of 10 or more
with some workloads.
Test case:
function f() {
require('zlib').deflate('xxx', g);
}
function g() {
setTimeout(f, 5);
}
f();
Observe RSS memory usage with and without this commit. After 10,000 iterations,
RSS stabilizes at ~35 MB with this commit. Without, RSS is over 300 MB and keeps
growing.
Cause: whenever the JS object heap hits the high-water mark, the V8 GC sweeps
it clean, then tries to grow it in order to avoid more sweeps in the near
future. Rule of thumb: the bigger the JS heap, the lazier the GC can be.
A side effect of a bigger heap is that objects now live longer. This is harmless
in general but it affects zlib context objects because those are tied to large
buffers that live outside the JS heap, on the order of 16K per context object.
Ergo, don't wait for the GC to reclaim the memory - it may take a long time.
Fixes #4172.
|
| |
|
|
|
|
|
|
|
|
| |
Fix issue where SlowBuffers couldn't be passed as target to Buffer
copy().
Also included checks to see if Argument parameters are defined before
assigning their values. This offered ~3x's performance gain.
Backport of 16bbecc from master branch. Closes #4633.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Handle Z_DATA_ERROR errors from inflateSetDictionary() gracefully.
Fixes the following assertion:
node: ../src/node_zlib.cc:167: static void node::ZCtx::Process
(uv_work_t*): Assertion `ctx->err_ == 0 && "Failed to set
dictionary"' failed.
Aborted (core dumped)
Fixes #4632.
|
| |
|
|
|
|
|
|
|
|
|
| |
Handle Z_NEED_DICT errors graciously. Fixes the following assertion:
node: ../src/node_zlib.cc:161: static void node::ZCtx::Process
(uv_work_t*): Assertion`ctx->dictionary_ != __null && "Stream
has no dictionary"' failed.
Aborted (core dumped)
Fixes #4632.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.2
* dns: make error message match errno (Dan Milon)
* tls: follow RFC6125 more stricly (Fedor Indutny)
* buffer: reject negative SlowBuffer offsets (Ben Noordhuis)
* install: add simplejson fallback (Chris Dent)
* http: fix "Cannot call method 'emit' of null" (Ben Noordhuis)
|
| |
|
|
|
|
|
| |
Reject negative offsets in SlowBuffer::MakeFastBuffer(), it allows
the creation of buffers that point to arbitrary addresses.
Reported by Trevor Norris.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to v1.2.0
- peerDependencies (Domenic Denicola)
- node-gyp v0.8.2 (Nathan Rajlich)
- Faster installs from github user/project shorthands (Nathan Zadoks)
* typed arrays: fix 32 bit size/index overflow (Ben Noordhuis)
* http: Improve performance of single-packet responses (Ben Noordhuis)
* install: fix openbsd man page location (Ben Noordhuis)
* http: bubble up parser errors to ClientRequest (Brian White)
|
| |
|
|
|
| |
Fix an out-of-bound read/write bug due to integer wrapping. Reported by
Dean McNamee.
|
| |
|
|
|
|
| |
by Sven Panne's suggestion, see [0] for details.
[0]: https://code.google.com/p/v8/issues/detail?id=2468
|
| |
|
|
|
| |
CPU time values must be Numbers, not Integers, as they can be too large
for Integers on 32 bit platforms.
|
| |
|
|
|
|
|
|
|
|
| |
When building custom `node` versions (e.g., floating features/fixes from
different versions) it's often useful to specify a custom tag which
easily identifies build when invoking `node -v`.
Introduce a way to specify this tag in `node_version.h` file or by
running `./configure --tag="<tag>"`. Insert it right after the patch
version (and before `-pre`, if build is not a release).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to 1.1.69
* fs: fix WriteStream/ReadStream fd leaks (Ben Noordhuis)
* crypto: fix leak in GetPeerCertificate (Fedor Indutny)
* buffer: Don't double-negate numeric buffer arg (Trevor Norris)
* net: More accurate IP address validation and IPv6 dotted notation. (Joshua Erickson)
|
| | |
|
| |
|
|
|
|
|
|
| |
* Added isIP method to make use of inet_pton to cares_wrap.cc
* Modified net.isIP() to make use of new C++ isIP method.
* Added new tests to test-net-isip.js.
This is a back-port of commit fb6377e from the master branch.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* npm: Upgrade to 1.1.66 (isaacs)
* linux: use /proc/cpuinfo for CPU frequency (Ben Noordhuis)
* windows: map WSAESHUTDOWN to UV_EPIPE (Ben Noordhuis)
* windows: map ERROR_GEN_FAILURE to UV_EIO (Bert Belder)
* unix: do not set environ unless one is provided (Charlie McConnell)
* domains: don't crash if domain is set to null (Bert Belder)
* windows: fix the x64 debug build (Bert Belder)
* net, tls: fix connect() resource leak (Ben Noordhuis)
|
| |
|
|
| |
Closes #4256
|
| | |
|
| |
|
|
| |
* events: Don't clobber pre-existing _events obj in EE ctor (isaacs)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* V8: Upgrade to 3.11.10.25
* npm: Upgrade to 1.1.65
* url: parse hostnames that start with - or _ (Ben Noordhuis)
* repl: Fix Windows 8 terminal issue (Bert Belder)
* typed arrays: use signed char for signed int8s (Aaron Jacobs)
* crypto: fix bugs in DiffieHellman (Ben Noordhuis)
* configure: turn on VFPv3 on ARMv7 (Ben Noordhuis)
* Re-enable OpenSSL UI for entering passphrases via tty (Ben Noordhuis)
* repl: ensure each REPL instance gets its own "context" (Nathan Rajlich)
|
