Added a note that that clarifies the fact that setServers() does not
check subsequent servers when the first one produces a NOTFOUND error.
PR-URL: https://github.com/nodejs/node/pull/21469
Refs: https://github.com/nodejs/node/issues/21391
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Add more details regarding processing and data type of incoming
headers in Http2.
PR-URL: https://github.com/nodejs/node/pull/21296
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Pending OpenSSL 1.1.0i release.
Refs: https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
PR-URL: https://github.com/nodejs/node/pull/21345
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
Upstream: https://github.com/openssl/openssl/commit/0c27d793
Original commit message:
Add blinding to an ECDSA signature
Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
ECDSA signature operation. During signing the signer calculates:
s:= k^-1 * (m + r * priv_key) mod order
The addition operation above provides a sufficient signal for a
flush+reload attack to derive the private key given sufficient signature
operations.
As a mitigation (based on a suggestion from Keegan) we add blinding to
the operation so that:
s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
Since this attack is a localhost side channel only no CVE is assigned.
Reviewed-by: Rich Salz <rsalz@openssl.org>
PR-URL: https://github.com/nodejs/node/pull/21468
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Using util.inspect should still return values in case the maximum
call stack size is reached. This is important to inspect linked
lists and similar.
PR-URL: https://github.com/nodejs/node/pull/20725
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Now that we have better native debugging utilities in core,
let’s use them :)
PR-URL: https://github.com/nodejs/node/pull/21423
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Matheus Marchini <matheus@sthima.com>
Provide a custom memory allocator for nghttp2, and track
memory allocated by the library with it.
This makes the used-memory-per-session estimate more
accurate, and allows us to track memory leaks either
in nghttp2 itself or, more likely, through faulty
usage on our end.
It also allows us to make the per-session memory limit
more accurate in the future; currently, we are not
handling this in an ideal way, and instead let nghttp2
allocate what it wants, even if that goes over our limit.
PR-URL: https://github.com/nodejs/node/pull/21374
Refs: https://github.com/nodejs/node/pull/21373
Refs: https://github.com/nodejs/node/pull/21336
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
This is no longer necessary in the only place it was used (timers).
PR-URL: https://github.com/nodejs/node/pull/20894
Fixes: https://github.com/nodejs/node/issues/10154
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Refactor Timers to behave more similarly to Immediates by having
a single uv_timer_t handle which is stored on the Environment.
No longer expose timers in a public binding and instead make
it part of the internalBinding.
PR-URL: https://github.com/nodejs/node/pull/20894
Fixes: https://github.com/nodejs/node/issues/10154
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
The timers directory test, utilizing FakeTime, has not worked in
quite a while and is not truly testing Node.js behaviour. If a
similar test is necessary it would be better suited to libuv
on which Node.js relies for timers functionality.
PR-URL: https://github.com/nodejs/node/pull/20894
Fixes: https://github.com/nodejs/node/issues/10154
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Running `license-builder.sh` seems to indicate that there have been some
license changes that have not been propagated to our LICENSE file yet.
Here they are.
PR-URL: https://github.com/nodejs/node/pull/21472
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
There is already a check in place to prevent stdin and the IPC
channel from sharing a file descriptor. This commit adds a
similar check to stdout and stderr.
Refs: https://github.com/libuv/libuv/pull/1851
Refs: https://github.com/libuv/libuv/issues/1897
PR-URL: https://github.com/nodejs/node/pull/21466
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
`dns.resolveAny()`, `dnsPromises.resolveAny()`,
`dns.setServers()`, `dnsPromises.setServers()`
were out of ABC order in some places.
PR-URL: https://github.com/nodejs/node/pull/21505
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
The test is timing out on FreeBSD 10 in CI. It takes less than half as
long to run when it is in sequential on that platform instead of
parallel.
Refs: https://github.com/nodejs/node/pull/21322#issuecomment-399311718
PR-URL: https://github.com/nodejs/node/pull/21457
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
When the deep(Strict)Equal comparison functions were moved to an
internal module, a variable named `current` was replaced with `val1`.
That accidentally also replaced a few "currently"s in comments.
Refs: https://github.com/nodejs/node/pull/16084
PR-URL: https://github.com/nodejs/node/pull/21436
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Weijia Wang <starkwang@126.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Removes the string error from the assertion call to improve the error
message shown on screen when the test fails.
PR-URL: https://github.com/nodejs/node/pull/21292
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
ERR_HTTP2_ERROR and ERR_UNKNOWN_BUILTIN_MODULE error codes documentation
seem to have been accidentally removed in commit
1cdb41f287 (pull request #15160).
This reverts that removal, restoring the documentation for those two
error codes.
Those error codes are used from lib/ folder.
This is a part of the fixes hinted by #21470, which includes some tests
for error codes usage and documentation and enforces a stricter format.
PR-URL: https://github.com/nodejs/node/pull/21484
Refs: https://github.com/nodejs/node/pull/21470
Refs: https://github.com/nodejs/node/issues/21440
Refs: https://github.com/nodejs/node/pull/15160
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
A single exception is that ERR_HTTP2_* comes after ERR_HTTP_*.
Actual content not changed, just some blocks are moved around.
This is a part of the fixes hinted by #21470, which includes some tests
for error codes usage and documentation and enforces a stricter format.
PR-URL: https://github.com/nodejs/node/pull/21485
Refs: https://github.com/nodejs/node/pull/21470
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Only one error code was missing an appropriate anchor, and it was
ERR_SCRIPT_EXECUTION_TIMEOUT. This commit adds that missing anchor.
This is a part of the fixes hinted by #21470, which includes some tests
for error codes usage and documentation and enforces a stricter format.
PR-URL: https://github.com/nodejs/node/pull/21483
Refs: https://github.com/nodejs/node/pull/21470
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Currently, if configured --without-ssl the following error will be
repored by remark-cli:
Running Markdown linter on misc docs...
internal/util.js:100
throw new ERR_NO_CRYPTO();
^
Error [ERR_NO_CRYPTO]: Node.js is not compiled with OpenSSL crypto support
at assertCrypto (internal/util.js💯11)
at crypto.js:31:1
at NativeModule.compile (internal/bootstrap/loaders.js:235:7)
at Function.NativeModule.require
(internal/bootstrap/loaders.js:155:18)
at Function.Module._load (internal/modules/cjs/loader.js:530:25)
at Module.require (internal/modules/cjs/loader.js:650:17)
at require (internal/modules/cjs/helpers.js:20:18)
at Object.<anonymous>
(/node/tools/remark-cli/node_modules/math-random/node.js:1:76)
at Module._compile (internal/modules/cjs/loader.js:702:30)
at Object.Module._extensions..js
(internal/modules/cjs/loader.js:713:10)
make[1]: *** [tools/.miscmdlintstamp] Error 1
make: *** [lint] Error 2
This commit adds a check for crypto to avoid this error when node has
been configured without crypto support. The alternative was to try to
fix this in randomatic but that lead to another dependency failing
(uuid) and felt like this might be simpler.
PR-URL: https://github.com/nodejs/node/pull/21326
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Added tests to check the stream will automatically end the writable side
when readable side ends when allowHalfOpen option is false.
PR-URL: https://github.com/nodejs/node/pull/21325
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Original commit message:
[log] fix ExistingCodeLogger behavior on edge case
ExistingCodeLogger was behaving incorrectly when the
CodeEventHandler API was used in combination with
--interpreted-frames-native-stack. Instead of collecting copied
trampolines as InterpretedFunction:functionName, they were being
collected as Builtin:IntepreterEntryTrampolines. This patch adds
special handling for copied trampolines when using
ExistingCodeLogger.
R=yangguo@google.com
Change-Id: I3ee4be03800122d28d53b51b20c60dcf6263e4c1
Reviewed-on: https://chromium-review.googlesource.com/1087813
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53624}
Refs: https://github.com/v8/v8/commit/b20faffb07bc97b869a00b935c639bd1c
PR-URL: https://github.com/nodejs/node/pull/21126
Refs: https://github.com/v8/v8/commit/aa6ce3e
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Original commit message:
[log][api] introduce public CodeEventListener API
Introduce a new public API called CodeEventListener to allow
embedders to better support external profilers and other diagnostic
tools without relying on unsupported methods like --perf-basic-prof.
Bug: v8:7694
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I063cc965394d59401358757634c9ea84c11517e9
Co-authored-by: Daniel Beckert <daniel@sthima.com.br>
Reviewed-on: https://chromium-review.googlesource.com/1028770
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53382}
Refs: https://github.com/v8/v8/commit/aa6ce3ee617b2f324bea3a5d8e3263aee
PR-URL: https://github.com/nodejs/node/pull/21126
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
On AIX the underlying fsync system call returns EBADF on a file
descriptor for an open directory. So avoid running fsync on it.
PR-URL: https://github.com/nodejs/node/pull/21298
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
uv_tcp_open() can fail. Prior to this commit, any error was
being silently ignored. This commit raises the errors.
PR-URL: https://github.com/nodejs/node/pull/21428
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit validates the file descriptor passed to the TTY
wrap's guessHandleType() function. Prior to this commit, a bad
file descriptor would trigger an abort in the binding layer.
PR-URL: https://github.com/nodejs/node/pull/21429
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Optimize three functions that pass on (part of) their JS arguments to
the JS function they call by stack-allocating the storage in the common
case.
PR-URL: https://github.com/nodejs/node/pull/21409
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@google.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
calling writeHead() into a Response object that has no headers already
set causes getHeader() to return undefined, even if the header was set
in the writeHead() function call. Explain this behavior as an
optimiation as opposed to a bug.
Fixes: https://github.com/nodejs/node/issues/10354
PR-URL: https://github.com/nodejs/node/pull/21289
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
This commit is a suggestion to add a new option to the node executable
to allow for breaking in node's javascript bootstrapper code.
Previously I've been able to set breakpoints in node bootstrapper code
and then restart the debugging session and those breakpoints would be
hit, but I don't seem to be able to do so anymore. Having this option
would allow me to use this option and then step through or add more
break points as needed.
PR-URL: https://github.com/nodejs/node/pull/20819
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Refs: https://github.com/nodejs/node/pull/18566
PR-URL: https://github.com/nodejs/node/pull/21449
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
If an application has a large RSS (GB), jorangreef
observed that child_process.spawn will block the
event loop for ms-s.
This is surprising behavior and merits documentation.
Refs: https://github.com/nodejs/node/issues/14917
PR-URL: https://github.com/nodejs/node/pull/21234
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/21286
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Added tests to validate process.setgroups() arguments
PR-URL: https://github.com/nodejs/node/pull/21286
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit adds examples of specifying filters when running cctest.
This can be useful when debugging and limiting the test cases run to
the test cases of interest and I think worth documenting.
PR-URL: https://github.com/nodejs/node/pull/21401
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
