Adding a compatibility section to node.exe embedded manifest so that
Node is declared explicitly compatible with Windows 8.1. Required so
that os.release() can return the correct version on Windows 8.1.
See http://msdn.microsoft.com/en-us/library/windows/desktop/ms724451(v=vs.85).aspx
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Compiles and executes source code in V8's debugger context. Provides
a programmatic way to get access to the debug object by executing:
var Debug = vm.runInDebugContext('Debug');
Fixes#7886.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Strings are treated as UTF8 instead of one-byte strings when
names are processed and when OpenSSL's ..._print functions are used.
This commit fixes simple/test-tls-peer-certificate-encoding test.
fix#8366
There is only one call site that uses it and that can do the checks
itself. Removes ~15 lines of code.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
It's safe to call BaseObject::object() from your destructor _unless_
the handle is weak; then it's the weak callback that is calling your
destructor and the object will have been released by the time the
destructor runs.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Weak handles put strain on the garbage collector and the parser handle
doesn't need to be weak in the first place. This change should improve
GC times on busy servers a little.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Counterpart to Wrap(), clears the previously assigned internal field.
Will be used in an upcoming commit.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Fix a resource leak where an intermediate Local<Context> handle in
Environment::GetCurrent() got leaked into whatever HandleScope was
further up the stack.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
node::StringBytes::Write() has appropriate support to write strings with
'binary' encoding. So expose that API through StreamWrap and allow
inheriting classes to use it.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
The REPL global object lazy loads modules by placing getters for each.
This causes MakeDomainCallback() to be run if a native module is loaded
from the REPL, but if the domain module hasn't been loaded then there
are no enter/exit callbacks to be called. Causing an assert() to fail.
Fix the issue by conditionally running the callback instead of asserting
it is available. Also add "addon" test to verify the fix.
Fixes: #8231
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Currently, cluster workers can be removed from the workers list in three
different places:
- In the exit event handler for the worker process.
- In the disconnect event handler of the worker process.
- In the disconnect event handler of the cluster master.
However, handles for a given worker are cleaned up only in one of these
places: in the cluster master's disconnect event handler.
Because these events happen asynchronously, it is possible that the
workers list is empty before we even clean up one handle. This makes
the assert that makes sure that no handle is left when the workers
list is empty fail.
This commit removes the worker from the cluster.workers list only when
the worker is dead _and_ disconnected, at which point we're sure that
its associated handles are cleaned up.
Fixes#8191 and #8192.
Reviewed-By: Fedor Indutny <fedor@indutny.com>
In case of an invalid DH parameter file, it is sliently discarded. To
use auto DH parameter in a server and DHE key length check in a
client, we need to wait for the next release of OpenSSL-1.0.2.
Reviewed-By: Fedor Indutny <fedor@indutny.com>
The slot 0 and 1 had already been taken by "gin" and "blink" in Chrome,
and the size of isolate's slots is 4 by default, so using 3 should hopefully
make node work independently when embedded into other application.
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Fix issue where output of a native prototype method would simply print
[Function]. It will now print [Function: name].
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
The method GetAddrInfo() is used by more than just dns.lookup(), and in
those cases a third argument isn't passed. This caused the following
check to abort:
assert(args[3]->IsInt32());
Fixes: 4306786 "net: don't prefer IPv4 addresses during resolution"
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Currently the address resolution family defaults to IPv4. Instead remove
the preference and instead resolve to a family suitable for the host.
Expose the getaddrinfo flags and allow them to be passed.
Add documentation about new flags.
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Currently, invalid usage such as:
process.kill('SIGTERM')
process.kill(null)
process.kill(undefined);
all coerce the pid to 0, and signal the current process.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
When TLS Alert is occured in handshake, ClearOut only write it into
wbio and does not flush to socket. TLS Alert should be written to
socket with EncOut before socket is destroyed within its error
callback.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
This allows embedders enough control to initialize node, run the
event loop, and cleanly exit (including calling handlers).
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Pass in the v8::Context, instead of creating it
within CreateEnvironment. This allows callers
to use a pre-existing context.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
The spawnSync() cwd option was being copied to the incorrect
location. This commit copies to the correct location.
Closes#7824
Signed-off-by: Fedor Indutny <fedor@indutny.com>
A udp packet can have 0 content. In that case nread will be equal to 0,
but addr != NULL.
Add test case for empty data gram packets and fixed test that checked
for OOB when length == 0.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
WriteItem callback may add new item to the `pending_write_items`. Ensure
that this item won't be called in the same `InvokeQueued` call, as it
may result in way-to-early `finish` event on js-side.
fix#7733
Signed-off-by: Fedor Indutny <fedor@indutny.com>
* openssl: to 1.0.1h (CVE-2014-0224)
* npm: upgrade to 1.4.10
* utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendörfer)
- *NOTE* this introduces a breaking change, previously you could construct
invalid UTF-8 and invoke an error in a client that was expecting valid
UTF-8, now unmatched surrogate pairs are replaced with the unknown UTF-8
character. To restore the old functionality simply have NODE_INVALID_UTF8
environment variable set.
* child_process: do not set args before throwing (Greg Sabia Tucker)
* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)
* constants: export O_NONBLOCK (Fedor Indutny)
* crypto: improve memory usage (Alexis Campailla)
* fs: close file if fstat() fails in readFile() (cjihrig)
* lib: name EventEmitter prototype methods (Ben Noordhuis)
* tls: fix performance issue (Alexis Campailla)
Previously v8's WriteUtf8 function would produce invalid utf-8 output
when encountering unmatched surrogate code units [1]. The new
REPLACE_INVALID_UTF8 option fixes that by replacing invalid code points
with the unicode replacement character.
[1]: JS Strings are defined as arrays of 16 bit unsigned integers. There
is no unicode enforcement, so one can easily end up with invalid unicode
code unit sequences inside a string.
Replace the CONTAINER_OF macro with a template function that is as
type-safe as a reinterpret_cast<> of an arbitrary pointer can be made.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Rework the fix from commit 6810132 in a way that removes ~60 lines of
code.
The bug was introduced in commit e87ceb2 (mea culpa) and is at its core
a pointer aliasing bug where sometimes two independent pointers existed
that pointed to the same chunk of heap memory.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Otherwise it's not possible to check from inside a destructor if V8 is
still alive with v8::V8::IsDead(). In V8 3.25, that function returns
true until the last isolate is destroyed.
This used to work in v0.10 and is a standard trick to dispose persistent
handles conditionally.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
dispose() free's the memory when executed and sets the external array
data to NULL and length to zero.
To prevent the same memory from being free'd twice when the object is
garbage collected we first check if the object's external array data
length == 0. Since alloc() passes NULL to
SetIndexedPropertiesToExternalArrayData() if length == 0 there's no
opportunity for memory leak.
Do not ever call `Delete()` on `proxy_global_`, it will invoke
`GlobalPropertyDeleteCallback` and cause crash because of the infinite
recursion.
fix#7529
64bit constants are keyed for x64 platforms only, add PowerPC based
platform constants.
Node's "ucs2" encoding wants LE character data stored in the Buffer, so
we need to reorder on BE platforms. See
http://nodejs.org/api/buffer.html regarding Node's "ucs2" encoding
specification
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
Storing it in SSL_CTX is incorrect as it may go away and get destructed
earlier, also it'll yield invalid results in SelectSNIContextCallback.
Use `SSL_get_app_data()` instead.
fix#7484
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
ClientHelloParser used to contain an 18k buffer that was kept around
for the life of the connection, even though it was not needed in many
situations. I changed it to be deallocated when it's determined to
be no longer needed.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Fix the following compiler warning on systems where _XOPEN_SOURCE is
defined by default:
../src/node_constants.cc:35:0: warning: "_XOPEN_SOURCE" redefined
#define _XOPEN_SOURCE 500
Move the (re)definition of _XOPEN_SOURCE to the top of the file while
we're here. Commit 00890e4 adds a `#define _XOPEN_SOURCE 500` in order
to make <fcntl.h> expose O_NONBLOCK but it does so after other system
headers have been included. If those headers include <fcntl.h>, then
the #include in node_constants.cc will be a no-op and O_NONBLOCK won't
be visible.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
A recent change to v8's API now makes it impossible to memcpy to a
v8::ArrayBuffer without causing it to be externalized. This means that
the garbage collector will not automatically free the memory when the
object is collected.
When/If the necessary API is included to allow the above
Buffer#toArrayBuffer() will be reintroduced.
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
When process._setupNextTick() was introduced as the means to properly
initialize the mechanism behind process.nextTick() a chunk of code was
left behind that assigned memory to process._tickInfo. This code is no
longer needed.
Because of differences in memcmp() implementation, normalize output to
return -1, 0 or 1 only.
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
When ExitCallback was not called with an error such as ENOENT in
uv_spawn, the process handle still remains refed and needs to be closed.
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
1) ThrowCryptoTypeErrors was not actually used for
type-related errors. Removed it.
2) For AEAD modes, OpenSSL does not set any internal
error information if Final does not complete suc-
cessfully. Therefore, "TypeError:error:00000000:l
ib(0):func(0):reason(0)" would be the error mess-
age. Use a default message for these cases.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
compare() works like String.localeCompare such that:
Buffer.compare(a, b) === a.compare(b);
equals() does a native check to see if two buffers are equal.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
OpenSSL behaves oddly: on client `cert_chain` contains
the `peer_certificate`, but on server it doesn't.
Signed-off-by: Fedor Indutny <fedor@indutny.com>
Oversight to not pass blksize to fs.Stats on initialization.
Also added a test to make sure the object property has been set. Since
now on Windows both blksize and blocks will simply be set to undefined.
When our estimates for a storage size are higher than the actual length
of decoded data, the destination buffer should be truncated. Otherwise
`Buffer::Length` will give misleading information to C++ layer.
fix#7365
Signed-off-by: Fedor Indutny <fedor@indutny.com>
`process.uptime()` interface will return the amount of time the
current process has been running. To achieve this it was caching the
`uv_uptime` value at program start, and then on the call to
`process.uptime()` returning the delta between the two values.
`uv_uptime` is defined as the number of seconds the operating system
has been up since last boot. On sunos this interface uses `kstat`s
which can be a significantly expensive operation as it requires
exclusive access, but because of the design of `process.uptime()` node
*had* to always call this on start. As a result if you had many node
processes all starting at the same time you would suffer lock
contention as they all tried to read kstats.
Instead of using `uv_uptime` to achieve this, the libuv loop already
has a concept of current loop time in the form of `uv_now()` which is
in fact monotonically increasing, and already stored directly on the
loop. By using this value at start every platform performs at least
one fewer syscall during initialization.
Since the interface to `uv_uptime` is defined as seconds, in the call
to `process.uptime()` we now `uv_update_time` get our delta, divide by
1000 to get seconds, and then convert to an `Integer`. In 0.12 we can
move back to `Number::New` instead and not lose precision.
Caveat: For some platforms `uv_uptime` reports time monotonically
increasing regardless of system hibernation, `uv_now` interface is
also monotonically increasing but may not reflect time spent in
hibernation.
Introduce new signature for both `dgram.createSocket` method and
`dgram.Socket` constructor:
dgram.createSocket(options, [listener])
Options should contain `type` property and may contain `reuseAddr`
property. When `reuseAddr` is `true` - SO_REUSEADDR will be issued on
socket on bind.
fix#7415
Signed-off-by: Fedor Indutny <fedor@indutny.com>
This prevents segfaults when a native method is reassigned to a
different object (which corrupts args.This()). When unwrapping,
clients should use args.Holder() instead of args.This().
Closes#6690.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
The two biggest changes are that v8::Script::New() has been removed and
that a v8::Script object now has to be explicitly bound to a context if
you want to run it from another context.
We can accommodate both changes without breaking the vm module's public
API or even the internal JS API.
Improve on commit b55c9d6 by not requiring that switches are comma
separated. This commit makes `./configure --v8-options="--foo --bar"`
work and takes special care to properly escape quotes in the options
string.
By building the fs.Stats object in JS, which is returned by all fs stat
functions, calls to v8::Object::Set() are removed. This also includes
creating all associated Date objects in JS, rather than using
v8::Date::New(). Both these changes have significant performance gains.
Note that the returned value from fs.stat changes slightly for non-POSIX
systems. Whereas before the stats object would be missing blocks and
blksize keys, it now has these keys with undefined as the value.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Move `createCredentials` to `tls` module and rename it to
`createSecureContext`. Make it use default values from `tls` module:
`DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`.
fix#7249
Ensure that OpenSSL has enough entropy (at least 256 bits) for its PRNG.
The entropy pool starts out empty and needs to fill up before the PRNG
can be used securely.
OpenSSL normally fills the pool automatically but not when someone
starts generating random numbers before the pool is full: in that case
OpenSSL keeps lowering the entropy estimate to thwart attackers trying
to guess the initial state of the PRNG.
When that happens, we wait until enough entropy is available, something
that normally should never take longer than a few milliseconds.
Fixes#7338.
The default entropy source is /dev/urandom on UNIX platforms, which is
okay but we can do better by seeding it from OpenSSL's entropy pool.
On Windows we can certainly do better; on that platform, V8 seeds the
random number generator using only the current system time.
Fixes#6250.
NB: This is a back-port of commit 7ac2391 from the master branch that
for some reason never got back-ported to the v0.10 branch.
The default on UNIX platforms in v0.10 is different and arguably worse
than it is with master: if no entropy source is provided, V8 3.14 calls
srandom() with a xor of the PID and the current time in microseconds.
That means that on systems with a coarse system clock, the initial
state of the PRNG may be easily guessable.
The situation on Windows is even more dire because there the PRNG is
seeded with only the current time... in milliseconds.
`env.h` is an internal header file and should not be copied or exposed
to the users.
Additionally, export convenience `Throw*` methods with `v8::Isolate*` as
a first argument.
Fix up the dtrace/etw/systemtap infrastructure after the V8 upgrade in
commit 1c7bf24. The win32 changes are untested but can hardly make
things worse because node doesn't build on windows right now.
Fixes#7313 with some luck.
Don't call DecodeWrite() with a Buffer as its argument because it in
turn calls StringBytes::Write() and that method expects a Local<String>.
"Why then does that function take a Local<Value>?" I hear you ask.
Good question but I don't have the answer. I added a CHECK for good
measure and what do you know, all of a sudden a large number of crypto
tests started failing.
Calling DecodeWrite(BINARY) on a buffer is nonsensical anyway: if you
want the contents of the buffer, just copy out the data, there is no
need to decode it - and that's exactly what this commit does.
Fixes a great many instances of the following run-time error in debug
builds:
FATAL ERROR: v8::String::Cast() Could not convert to string
Fix a regression that was introduced in commit ce04c726 after the
upgrade to V8 3.24.
The new weak persistent handle API no longer gives you the original
persistent but still requires that you clear it inside your weak
callback.
Rearrange the code in src/smalloc.cc to keep track of the persistent
handle with the least amount of pain and try hard to share as much
code as possible between the 'just free it' and 'invoke my callback'
versions of the smalloc API.
Fixes#7309.
Conform to the Google styleguide more and make cpplint happy, add more
CHECK macros.
Preemptively addresses cpplint's readability/check warnings ("Consider
using CHECK_GT instead of CHECK(a > b)".)
Make calls to v8::Isolate::AdjustAmountOfExternalAllocatedMemory() take
special care when negating 32 bits unsigned types like size_t.
Before this commit, values were negated before they got promoted to
64 bits, meaning that on 32 bits architectures, a value like 42 got
cast to 4294967254 instead of -42.
That in turn made the garbage collector start scavenging like crazy
because it thought the system was out of memory.
That's bad enough but calls to AdjustAmountOfExternalAllocatedMemory()
were made from weak callbacks, i.e. at a time when the garbage collector
was already busy. It triggered asserts in debug builds and caused
random crashes and memory corruption in release builds.
The behavior in release builds is arguably a V8 bug and should perhaps
be reported upstream.
Partially fixes#7309 but requires further bug fixes to src/smalloc.cc
that I'll address in a follow-up commit.
The variable isn't actually used uninitialized but g++ 4.8 doesn't know
that. Set it to NULL to silence the following compiler warning:
../src/string_bytes.cc:247:29: warning: 'data' may be used
uninitialized in this function [-Wmaybe-uninitialized]
unsigned a = hex2bin(src[i * 2 + 0]);
^
../src/string_bytes.cc:299:15: note: 'data' was declared here
const char* data;
^
V8 was upgraded from 3.22 to 3.24 in commit 1c7bf24. Upgrade source
files in test/addons/ and automatically generated tests from
doc/api/addons.markdown to the new V8 API.
This coincidentally fixes a bug in src/node_object_wrap.h where it was
still using the old V8 weak persistent handle interface, which is gone
in 3.24.
Previously if you wanted to be notified of pending handles for pipes
you needed to use uv_read2_start, however in v0.11.22 you can query for
pending handles independently.
It's currently not really possible to compile native add-ons with
-fvisibility=hidden because that also hides the struct containing
the module definition.
The NODE_MODULE() and NODE_MODULE_DECL() macros are structured in
a way that makes it impossible to add a visibility attribute manually
so there is no escape hatch there.
That's why this commit adds an explicit visibility attribute to
the module definition. It doesn't help with node.js releases that
are already out there but at least it improves the situation going
forward.
Previously if you cached process.nextTick and then require('domain')
subsequent nextTick() calls would not be caught because enqueued
functions were taking the wrong path. This keeps nextTick to a single
function reference and changes the implementation details after domain
has been required.
When `setImmediate(cb)` is called in `beforeExit` event handler the
consequent `uv_run(..., UV_RUN_NOWAIT)` may return `0`, even if there
was some active handles at start.
Fixes simple/test-beforeexit-event.js.
Unlike the 'exit' event, this event allows the user to schedule more
work and thereby postpone the exit. That also means that the
'beforeExit' event may be emitted many times, see the attached test
case for an example.
Refs #6305.
libuv gyp builds now require you to define the library disposition
(static or shared).
Also, libuv now supports vectored IO for file system reads and writes,
update to those function signatures
Expose `setBlocking` on Pipe's and if a pipe is being created for stdio
on windows then make the pipes blocking.
This fixes test-stream2-stderr-sync.js on Windows.
Fixes#3584
NodeBIO::Gets was reading off the end of a buffer if it
didn't find a "\n" before the EOF. This behavior
was causing X509 certificates passed to `https.Agent`
via the "ca" option to be silently discarded. It also
was causing improper parsing of certs and keys
passed to https.Agent, but those problems were worked
around in cdde9a3.
Backed out workaround in `lib/crypto.js` from ccde9a3,
which now isn't needed. But keep the test introduced
in that commit, which tests properly for this
bug.
This bug was first introduced in a58f93f
Gist containing test code, bisection log, and notes:
https://gist.github.com/maxtaco/9211605
The linker was optimizing the static variables that were supposed
to trigger module initialization.
I am making them non-static, and dllexport so that they don't get
optimized away.
Fixes#7116
