7.x backport: crypto: support OPENSSL_CONF again (and its dependencies) #11344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added test cases for error. PR-URL: nodejs#10940 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Add RegExp to check assert throws the expected AssertionErrors. For the one with multiple flags is ok to hardcode the flags since the spec indicates the ordering will always be `gim`: Refs: http://www.ecma-international.org/ecma-262/6.0/#sec-get-regexp.prototype.flags PR-URL: nodejs#10916 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
Add a RegExp to `throws` assertions. PR-URL: nodejs#10914 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]>
Refs: https://github.com/nodejs/node/blob/09ebdf14005cc948529b3f193ad550d5dfded26a/lib/dgram.js#L234 PR-URL: nodejs#10901 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]>
The pointer to std::vector is unnecessary, so replace it with standard instance. Also, make the for() loop more readable by using actual type instead of inferred - there is no readability benefit here from obfuscating the type. PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Fedor Indutny <[email protected]>
NodeJS can already use an external, shared OpenSSL library. This library knows where to look for OS managed certificates. Allow a compile-time option to use this CA store by default instead of using bundled certificates. In case when using bundled OpenSSL, the paths are also valid for majority of Linux systems without additional intervention. If this is not set, we can use SSL_CERT_DIR to point it to correct location. Fixes: nodejs#3159 PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Fedor Indutny <[email protected]>
PR-URL: nodejs#10392 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
On Windows, creating a symlink requires admin privileges. There were two tests which created symlinks which were failing when run as non-admin. test-fs-symlink.js already had a check for privileges on Windows but it had a couple issues: 1. It assumed that whoami was the one that came with windows. However, whoami also ships with Win32 Unix utility ports like the distribution with git, which can cause this to get check tripped up. 2. On failure, the check would just return from the callback instead of exiting 3. whoami was executed asynchronously so the test would run regardless of privilege state. test-fs-options-immutable had no check. As part of this change, I refactored the privilege checking to a function in common, and changed both above tests to use the refactored function. Also documented this function in test\README.md PR-URL: nodejs#10477 Reviewed-By: James M Snell <[email protected]> Reviewed-By: João Reis <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]>
PR-URL: nodejs#10543 Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
The original test lauches 10 child processes at once and bypass `test.py`'s process regulation. This PR reduces the unmanaged parallelism and is a temporary workaround for nodejs#9979 (not a real fix). PR-URL: nodejs#10329 Reviewed-By: Anna Henningsen <[email protected]>
* used let and const instead of var * used assert.strictEqual instead assert.equal PR-URL: nodejs#10357 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Julian Duque <[email protected]> Reviewed-By: James M Snell <[email protected]>
Document this with the YAML meta-data. PR-URL: nodejs#10983 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
The Hmac binding layer is not documented as part of the API, and is not intended to be used, but it should be robust to misuse, and contains defensive checks for misuse. This test checks that updates without init throw (as opposed to abort or misbehave in some other way). PR-URL: nodejs#10923 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
Formatting changes for upcoming linter update. PR-URL: nodejs#10561 Reviewed-By: Teddy Katz <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
We have been stalled on ESLint 3.8.0 for some time. Current ESLint is 3.13.0. We have been unable to upgrade because of more aggressive reporting on some rules, including indentation. ESLint configuration options and bugfixes are now such that we can reasonably upgrade. PR-URL: nodejs#10561 Reviewed-By: Teddy Katz <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
As per ESLint documentation, http://eslint.org/docs/user-guide/configuring#configuration-file-formats the file format .eslintrc is deprecated. This patch just renames the files to .yaml and the structure is already in yaml format. PR-URL: nodejs#7699 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Prince John Wesley <[email protected]> Reviewed-By: Johan Bergström <[email protected]> Reviewed-By: Rich Trott <[email protected]>
* use common.mustCall() as appropriate * eliminate exit handler * var -> const/let * provide duration for setInterval() PR-URL: nodejs#10588 Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>
Use common.mustCall() where appropriate, var to const/let, assert.equal() -> assert.strictEqual(), explicit time provided to setTimeout() PR-URL: nodejs#10551 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]>
* assert unused vars in test-cli-eval.js * assert in more idiomatic way test-cli-eval * rename status to err in test-cli-eval.js PR-URL: nodejs#10759 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
This commit fixes a broken assertion in test-cli-eval.js. PR-URL: nodejs#10840 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
* validate errors in assert.throws * use arrow functions PR-URL: nodejs#10752 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
`options` in the `repl.start([options])` can be a string. Ref: nodejs#10160 PR-URL: nodejs#10221 Reviewed-By: Benjamin Gruenbaum <[email protected]>
PR-URL: nodejs#10550 Reviewed-By: Rich Trott <[email protected]>
Refactor and simplify parallel/test-timer-close.js. Add comment to describe the test case. PR-URL: nodejs#10517 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]>
* use const and let instead of var * use assert.strictEqual instead of assert.equal * use arrow functions PR-URL: nodejs#10556 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Evan Lucas <[email protected]> Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Brian White <[email protected]>
Change var to const/let. Simplify test-timers-uncaught-exception. PR-URL: nodejs#10524 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]>
PR-URL: nodejs#10577 Reviewed-By: Italo A. Casas <[email protected]> Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]> Reviewed-By: James M Snell <[email protected]>
`process.title` would work properly only in FreeBSD, OSX, and Linux as per test/parallel/test-setproctitle.js. This patch makes sure that the test expects an empty string in other platforms. This patch helps fix the SmartOS failures in https://ci.nodejs.org/job/node-test-commit/6962/ for nodejs#10456 PR-URL: nodejs#10597 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Evan Lucas <[email protected]>
Combine and rename tests for the `beforeExit` event on `process`. The naming now more closely follows the de facto conventions of the project. The two tests were very similar and do not seem to benefit from being separate. PR-URL: nodejs#10581 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>
* use const and let instead of var * use common.mustCall to control functions execution * use assert.ifError instead of assert.strictEqual for errors * use arrow functions PR-URL: nodejs#10542 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
This commit adds code coverage for emitted and callback errors for dgram's Socket#send() method. PR-URL: nodejs#11248 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Rewrite the tests in test/gc so that they no longer call process.exit(). Instead they exit gracefully now. PR-URL: nodejs#11239 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Replace node-weak with a small hand-rolled add-on. We can now drop node-weak and nan, reducing the size of the source tree by about 750 kB and the size of the tarball by about 150-300 kB. PR-URL: nodejs#11239 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Since the previous commit obsoleted them, remove them. PR-URL: nodejs#11239 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Reword the language around releases and signing keys to make it clear that new releases are all branded "Node.js." PR-URL: nodejs#11054 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Daniel Bevenius <[email protected]> Reviewed-By: Evan Lucas <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
PR-URL: nodejs#11270 Fixes: nodejs#11250 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs#11267 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Evan Lucas <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Myles Borins <[email protected]>
In the implementation of the vm module, if a property is successfully deleted on the sandbox, we also need to delete it on the global_proxy object. Therefore, we must not call args.GetReturnValue().Set(). We only intercept, i.e., call args.GetReturnValue().Set(), in the DeleterCallback, if Delete() failed, e.g. because the property was read only. PR-URL: nodejs#11266 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
Add two, admittedly contrived, examples that test edge cases of the vm module. They demonstrate that the if statements `if (maybe_rv.IsEmpty())` and `if (maybe_prop_attr.IsNothing())` in the GetterCallback and the QueryCallback are observable. Both GetterCallback and QueryCallback explicitly check the global_proxy() if a property is not found on the sandbox. In these tests, the explicit check inside the callback yields different results than deferring the check until after the callback. The check is deferred, if the callbacks do not intercept, i.e., if args.GetReturnValue().Set() is not called. PR-URL: nodejs#11265 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
This test wasn't actually working, as sockets were being closed, allowing the test to exit before any assertions were actually run. This commit refactors the test to maintain the same intended semantics. PR-URL: nodejs#11252 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: James M Snell <[email protected]>
Add a test case for querystring.parse with multibyte characters under 0x800. PR-URL: nodejs#11251 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs#11202 Reviewed-By: Evan Lucas <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Myles Borins <[email protected]>
* wrap callbacks in mustCall() * Wrap the callbacks which make assertions in common.mustcall() to ensure they are called PR-URL: nodejs#11201 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]>
Verify error message thrown from assert.ifError PR-URL: nodejs#11193 Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Yuta Hiroto <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>
Updates the fs module APIs to allow 'file://' URL objects
to be passed as the path.
For example:
```js
const URL = require('url').URL;
const myURL = new URL('file:///C:/path/to/file');
fs.readFile(myURL, (err, data) => {});
```
On Windows, file: URLs with a hostname convert to UNC paths,
while file: URLs with drive letters convert to local absolute
paths:
```
file://hostname/a/b/c => \\hostname\a\b\c
file:///c:/a/b/c => c:\a\b\c
```
On all other platforms, file: URLs with a hostname are unsupported
and will result in a throw:
```
file://hostname/a/b/c => throw!
file:///a/b/c => /a/b/c
```
The documentation for the fs API is intentionally not updated in
this commit because the URL API is still considered experimental
and is not officially documented *at this time*
Note that file: URLs are *required* by spec to always be absolute
paths from the file system root.
This is a semver-major commit because it changes error handling
on the fs APIs.
PR-URL: nodejs#10739
Ref: nodejs#10703
Reviewed-By: Joyee Cheung <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Squashed from: - deps: Add node-inspect 1.10.1 This adds a reimplementation of the old CLI debugger (`node debug`) against the new debugger protocol (`node --inspect`). This is necessary because the old protocol won't be supported in future versions of V8. - deps: Update node-inspect to 1.10.2 Starting with 1.10.2 the test suite should pass consistently on windows. - deps: Update to node-inspect 1.10.4 PR-URL: nodejs#10187 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]>
This just adds an additional make target (`make test-node-inspect`) but will not include the new debugger in releases. PR-URL: nodejs#10187 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]>
Include the relevant files from `deps/node-inspect` in the compiled `node` binary and make `node inspect` work like `node-inspect`. PR-URL: nodejs#10187 Reviewed-By: James M Snell <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Move some code around so we can properly test whether the switch actually does anything. PR-URL: nodejs#11255 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Commit a8734af ("src: make copies of startup environment variables") from two weeks ago introduced a regression in the capturing of the `--icu-data-dir=` switch: it captured the string up to the `=` instead of what comes after it. PR-URL: nodejs#11255 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Allow it to be used anywhere in src/ that env variables with security implications are accessed. PR-URL: nodejs#11006 Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
A side-effect of https://github.com/nodejs/node-private/pull/82 was to remove support for OPENSSL_CONF, as well as removing the default read of a configuration file on startup. Partly revert this, allowing OPENSSL_CONF to be used to specify a configuration file to read on startup, but do not read a file by default. If the --openssl-config command line option is provided, its value is used, not the OPENSSL_CONF environment variable. Fix: nodejs#10938 PR-URL: nodejs#11006 Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
nodejs-github-bot
added
build
|
Sorry, wrong target branch. |
|
Replaced by #11345 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)