* V8: upgrade to 3.11.10.19
* npm: upgrade to 1.1.59
* windows: fix uninitialized memory access in uv_update_time() (Bert Belder)
* unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
* unix: fix integer overflow in uv_hrtime (Tim Holy)
* sunos: fix uv_cpu_info() on x86_64 (Ben Noordhuis)
* tls: update default cipher list (Ben Noordhuis)
* unix: Fix llvm and older gcc duplicate symbol warnings (Bert Belder)
* fs: fix use after free in stat watcher (Ben Noordhuis)
* build: Fix using manually compiled gcc on OS X (Nathan Rajlich)
* windows: make junctions work again (Bert Belder)
Update the default cipher list from RC4-SHA:AES128-SHA:AES256-SHA
to ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
in order to mitigate BEAST attacks.
The documentation suggested AES256-SHA but unfortunately that's a CBC cipher
and therefore susceptible to attacks.
Fixes #3900.
These explicit instantiations were added to make MSVC happy. It turns
out that some older versions of gcc and llvm now complain about duplicate
symbols, so we instantiate these templates only when MSVC is used.
This is the only thing preventing a manually compiled version of GCC
(rather than Apple's provided llvm-gcc or heavily modified gcc 4.2)
from working properly, so we might as well enable support for that.
With this patch I was able to compile node using a manually compiled
gcc 4.7.1.
Closes #3887.
Just install whatever's best for the OS.
Detect host os and architecture from the navigator properties. If we
can't make a good guess, then they get the tarball, and of course
everything we have is on the full download page.
- Improved styling of download links.
- index.html#download now redirects to /download/
- Added missing hyphens, and added the missing "and 64-bit" for the Mac
Installer.
ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but forgot to
initialize the `length` field.
Fixes the following valgrind error:
$ valgrind -q --track-origins=yes --num-callers=19 \
out/Debug/node test/simple/test-tls-client-abort.js
==2690== Conditional jump or move depends on uninitialised value(s)
==2690== at 0x784B69: ASN1_STRING_set (asn1_lib.c:382)
==2690== by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204)
==2690== by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86)
==2690== by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570)
==2690== by 0x78F090: asn1_string_canon (x_name.c:409)
==2690== by 0x78EF17: x509_name_canon (x_name.c:354)
==2690== by 0x78EA7D: x509_name_ex_d2i (x_name.c:210)
==2690== by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x787C93: ASN1_item_d2i (tasn_dec.c:136)
==2690== by 0x78F5E4: d2i_X509 (x_x509.c:141)
==2690== by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81)
==2690== by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67)
==2690== by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497)
==2690== Uninitialised value was created by a stack allocation
==2690== at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
pummel/test-net-throttle assumes that a couple of big write requests result in
some of them getting queued because the kernel's send buffer fills up.
Said assumption breaks on systems with large send buffers. Raise the size of
the write request to ameliorate the issue.
This is a back-port of commit 6770555 from the master branch.
Before this commit, DecodeWrite() mistakenly tried to convert buffers to
UTF-8 strings which:
a) produced invalid character sequences when the buffer contained
octets > 127, and
b) lead to spurious test failures because DecodeWrite() wrote less bytes
than DecodeBytes() said it would, with the remainder either containing
zeros or garbage
Fix that by simply copying the buffer's data to the target buffer when the
encoding is BINARY or by converting the buffer to a binary string when it's
UTF8 or ASCII.
Fixes #3651, #3866.
