Merge commit '9a33f43f739d7246e8d2efa087defa8306c9d1e8' into v4.4.3-p…

…roposal-port
ibmruntimes · Apr 12, 2016 · 689bd1a · 689bd1a
2 parents b40fcd1 + 9a33f43
commit 689bd1a
Show file tree

Hide file tree

Showing 47 changed files with 442 additions and 203 deletions.
diff --git a/BUILDING.md b/BUILDING.md
@@ -87,7 +87,14 @@ To test if Node.js was built correctly:
 $ node -e "console.log('Hello from Node.js ' + process.version)"
 ```
 
-### Android / Android based devices, aka. Firefox OS
+### Android / Android-based devices (e.g., Firefox OS)
+
+Although these instructions for building on Android are provided, please note
+that Android is not an officially supported platform at this time. Patches to
+improve the Android build are accepted. However, there is no testing on Android
+in the current continuous integration environment. The participation of people
+dedicated and determined to improve Android building, testing, and support is
+encouraged.
 
 Be sure you have downloaded and extracted [Android NDK]
 (https://developer.android.com/tools/sdk/ndk/index.html)

diff --git a/GOVERNANCE.md b/GOVERNANCE.md
@@ -63,10 +63,9 @@ A guide for Collaborators is maintained in
 
 ## CTC Membership
 
-CTC seats are not time-limited.  There is no fixed size of the CTC.
-However, the expected target is between 6 and 12, to ensure adequate
-coverage of important areas of expertise, balanced with the ability to
-make decisions efficiently.
+CTC seats are not time-limited. There is no fixed size of the CTC. The CTC
+should be of such a size as to ensure adequate coverage of important areas of
+expertise balanced with the ability to make decisions efficiently.
 
 There is no specific set of requirements or qualifications for CTC
 membership beyond these rules.

diff --git a/LICENSE b/LICENSE
@@ -506,7 +506,7 @@ The externally maintained libraries used by Node.js are:
 
 - OpenSSL, located at deps/openssl, is licensed as follows:
   """
-    Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
+    Copyright (c) 1998-2016 The OpenSSL Project.  All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
     modification, are permitted provided that the following conditions

diff --git a/Makefile b/Makefile
@@ -516,6 +516,8 @@ bench-all: bench bench-misc bench-array bench-buffer bench-url bench-events
 
 bench: bench-net bench-http bench-fs bench-tls
 
+bench-ci: bench
+
 bench-http-simple:
 	benchmark/http_simple_bench.sh
 
@@ -555,9 +557,11 @@ cpplint:
 
 lint: jslint cpplint
 
+lint-ci: lint
+
 .PHONY: lint cpplint jslint bench clean docopen docclean doc dist distclean \
 	check uninstall install install-includes install-bin all staticlib \
 	dynamiclib test test-all test-addons build-addons website-upload pkg \
 	blog blogclean tar binary release-only bench-http-simple bench-idle \
 	bench-all bench bench-misc bench-array bench-buffer bench-net \
-	bench-http bench-fs bench-tls cctest run-ci
+	bench-http bench-fs bench-tls cctest run-ci lint-ci bench-ci
diff --git a/README.md b/README.md
@@ -70,7 +70,15 @@ documentation of the latest stable version.
 
 Stable, LTS and Nightly download directories all contain a *SHASUM256.txt*
 file that lists the SHA checksums for each file available for
-download. To check that a downloaded file matches the checksum, run
+download.
+
+The *SHASUM256.txt* can be downloaded using curl.
+
+```
+$ curl -O https://nodejs.org/dist/vx.y.z/SHASUMS256.txt
+```
+
+To check that a downloaded file matches the checksum, run
 it through `sha256sum` with a command such as:
 
 ```
@@ -114,8 +122,8 @@ Node.js from source.
 * [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md)
 * [CONTRIBUTING.md](./CONTRIBUTING.md)
 * [GOVERNANCE.md](./GOVERNANCE.md)
-* IRC (general questions): [#node.js on Freenode.net](http://webchat.freenode.net?channels=node.js&uio=d4)
-* IRC (node core development): [#node-dev on Freenode.net](http://webchat.freenode.net?channels=node-dev&uio=d4)
+* IRC (general questions): [#node.js on Freenode.net](https://webchat.freenode.net?channels=node.js&uio=d4)
+* IRC (node core development): [#node-dev on Freenode.net](https://webchat.freenode.net?channels=node-dev&uio=d4)
 * [nodejs/node on Gitter](https://gitter.im/nodejs/node)
 
 ## Security

diff --git a/common.gypi b/common.gypi
@@ -14,6 +14,8 @@
     'node_tag%': '',
     'uv_library%': 'static_library',
 
+    'openssl_fips%': '',
+
     # Default to -O0 for debug builds.
     'v8_optimized_debug%': 0,
 

diff --git a/doc/api/all.markdown b/doc/api/all.markdown
@@ -5,6 +5,7 @@
 @include buffer
 @include child_process
 @include cluster
+@include cli
 @include console
 @include crypto
 @include debugger

diff --git a/doc/api/assert.markdown b/doc/api/assert.markdown
@@ -361,8 +361,13 @@ If the values are not strictly equal, an `AssertionError` is thrown with a
 
 ## assert.throws(block[, error][, message])
 
-Expects the function `block` to throw an error. If specified, `error` can be a
-constructor, [`RegExp`][], or validation function.
+Expects the function `block` to throw an error.
+
+If specified, `error` can be a constructor, [`RegExp`][], or validation
+function.
+
+If specified, `message` will be the message provided by the `AssertionError` if
+the block fails to throw.
 
 Validate instanceof using constructor:
 
@@ -402,6 +407,18 @@ assert.throws(
 );
 ```
 
+Note that `error` can not be a string. If a string is provided as the second
+argument, then `error` is assumed to be omitted and the string will be used for
+`message` instead. This can lead to easy-to-miss mistakes:
+
+```js
+// THIS IS A MISTAKE! DO NOT DO THIS!
+assert.throws(myFunction, 'missing foo', 'did not throw with expected message');
+
+// Do this instead.
+assert.throws(myFunction, /missing foo/, 'did not throw with expected message');
+```
+
 [Locked]: documentation.html#documentation_stability_index
 [`assert.deepEqual()`]: #assert_assert_deepequal_actual_expected_message
 [`assert.deepStrictEqual()`]: #assert_assert_deepstrictequal_actual_expected_message

diff --git a/doc/api/buffer.markdown b/doc/api/buffer.markdown
@@ -739,8 +739,10 @@ const buf = new Buffer([1,-2,3,4]);
 
 buf.readInt32BE();
   // returns 33424132
-buf.readInt32LE(1);
+buf.readInt32LE();
   // returns 67370497
+buf.readInt32LE(1);
+  // throws RangeError: Index out of range
 ```
 
 ### buf.readIntBE(offset, byteLength[, noAssert])
@@ -1031,7 +1033,8 @@ console.log(`${len} bytes: ${buf.toString('utf8', 0, len)}`);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeDoubleBE()` writes big endian, `writeDoubleLE()` writes little
-endian). The `value` argument must be a valid 64-bit double.
+endian). The `value` argument *should* be a valid 64-bit double. Behavior is
+not defined when `value` is anything other than a 64-bit double.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1063,7 +1066,7 @@ console.log(buf);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeFloatBE()` writes big endian, `writeFloatLE()` writes little
-endian). Behavior is unspecified if `value` is anything other than a 32-bit
+endian). Behavior is not defined when `value` is anything other than a 32-bit
 float.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
@@ -1093,8 +1096,9 @@ console.log(buf);
 * `noAssert` {Boolean} Default: false
 * Return: {Number} The offset plus the number of written bytes
 
-Writes `value` to the Buffer at the specified `offset`. The `value` must be a
-valid signed 8-bit integer.
+Writes `value` to the Buffer at the specified `offset`. The `value` should be a
+valid signed 8-bit integer.  Behavior is not defined when `value` is anything
+other than a signed 8-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1121,7 +1125,8 @@ console.log(buf);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeInt16BE()` writes big endian, `writeInt16LE()` writes little
-endian). The `value` must be a valid signed 16-bit integer.
+endian). The `value` should be a valid signed 16-bit integer. Behavior is
+not defined when `value` is anything other than a signed 16-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1148,7 +1153,8 @@ console.log(buf);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeInt32BE()` writes big endian, `writeInt32LE()` writes little
-endian). The `value` must be a valid signed 32-bit integer.
+endian). The `value` should be a valid signed 32-bit integer. Behavior is
+not defined when `value` is anything other than a signed 32-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1194,15 +1200,18 @@ that `value` may be too large for the specific function and `offset` may be
 beyond the end of the Buffer leading to the values being silently dropped. This
 should not be used unless you are certain of correctness.
 
+Behavior is not defined when `value` is anything other than an integer.
+
 ### buf.writeUInt8(value, offset[, noAssert])
 
 * `value` {Number} Bytes to be written to Buffer
 * `offset` {Number} `0 <= offset <= buf.length - 1`
 * `noAssert` {Boolean} Default: false
 * Return: {Number} The offset plus the number of written bytes
 
-Writes `value` to the Buffer at the specified `offset`. The `value` must be a
-valid unsigned 8-bit integer.
+Writes `value` to the Buffer at the specified `offset`. The `value` should be a
+valid unsigned 8-bit integer.  Behavior is not defined when `value` is anything
+other than an unsigned 8-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1232,7 +1241,8 @@ console.log(buf);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeUInt16BE()` writes big endian, `writeUInt16LE()` writes little
-endian). The `value` must be a valid unsigned 16-bit integer.
+endian). The `value` should be a valid unsigned 16-bit integer. Behavior is
+not defined when `value` is anything other than an unsigned 16-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1266,7 +1276,8 @@ console.log(buf);
 
 Writes `value` to the Buffer at the specified `offset` with specified endian
 format (`writeUInt32BE()` writes big endian, `writeUInt32LE()` writes little
-endian). The `value` must be a valid unsigned 32-bit integer.
+endian). The `value` should be a valid unsigned 32-bit integer. Behavior is
+not defined when `value` is anything other than an unsigned 32-bit integer.
 
 Set `noAssert` to true to skip validation of `value` and `offset`. This means
 that `value` may be too large for the specific function and `offset` may be
@@ -1312,6 +1323,8 @@ that `value` may be too large for the specific function and `offset` may be
 beyond the end of the Buffer leading to the values being silently dropped. This
 should not be used unless you are certain of correctness.
 
+Behavior is not defined when `value` is anything other than an unsigned integer.
+
 ## buffer.INSPECT_MAX_BYTES
 
 * {Number} Default: 50

diff --git a/doc/api/child_process.markdown b/doc/api/child_process.markdown
@@ -130,8 +130,8 @@ exec('my.bat', (err, stdout, stderr) => {
   * `gid` {Number} Sets the group identity of the process. (See setgid(2).)
 * `callback` {Function} called with the output when process terminates
   * `error` {Error}
-  * `stdout` {Buffer}
-  * `stderr` {Buffer}
+  * `stdout` {String|Buffer}
+  * `stderr` {String|Buffer}
 * Return: {ChildProcess}
 
 Spawns a shell then executes the `command` within that shell, buffering any
@@ -156,6 +156,13 @@ the exit code of the child process while `error.signal` will be set to the
 signal that terminated the process. Any exit code other than `0` is considered
 to be an error.
 
+The `stdout` and `stderr` arguments passed to the callback will contain the
+stdout and stderr output of the child process. By default, Node.js will decode
+the output as UTF-8 and pass strings to the callback. The `encoding` option
+can be used to specify the character encoding used to decode the stdout and
+stderr output. If `encoding` is `'buffer'`, `Buffer` objects will be passed to
+the callback instead.
+
 The `options` argument may be passed as the second argument to customize how
 the process is spawned. The default options are:
 
@@ -197,8 +204,8 @@ replace the existing process and uses a shell to execute the command.*
   * `gid` {Number} Sets the group identity of the process. (See setgid(2).)
 * `callback` {Function} called with the output when process terminates
   * `error` {Error}
-  * `stdout` {Buffer}
-  * `stderr` {Buffer}
+  * `stdout` {String|Buffer}
+  * `stderr` {String|Buffer}
 * Return: {ChildProcess}
 
 The `child_process.execFile()` function is similar to [`child_process.exec()`][]
@@ -219,6 +226,13 @@ const child = execFile('node', ['--version'], (error, stdout, stderr) => {
 });
 ```
 
+The `stdout` and `stderr` arguments passed to the callback will contain the
+stdout and stderr output of the child process. By default, Node.js will decode
+the output as UTF-8 and pass strings to the callback. The `encoding` option
+can be used to specify the character encoding used to decode the stdout and
+stderr output. If `encoding` is `'buffer'`, `Buffer` objects will be passed to
+the callback instead.
+
 ### child_process.fork(modulePath[, args][, options])
 
 * `modulePath` {String} The module to run in the child

diff --git a/doc/api/crypto.markdown b/doc/api/crypto.markdown
@@ -286,7 +286,7 @@ cipher text should be discarded due to failed authentication.
 ### decipher.setAutoPadding(auto_padding=true)
 
 When data has been encrypted without standard block padding, calling
-`decipher.setAuthPadding(false)` will disable automatic padding to prevent
+`decipher.setAutoPadding(false)` will disable automatic padding to prevent
 [`decipher.final()`][] from checking for and removing padding.
 
 Turning auto padding off will only work if the input data's length is a
@@ -719,6 +719,28 @@ console.log(sign.sign(private_key, 'hex'));
   // Prints the calculated signature
 ```
 
+A [`sign`][] instance can also be created by just passing in the digest
+algorithm name, in which case OpenSSL will infer the full signature algorithm
+from the type of the PEM-formatted private key, including algorithms that
+do not have directly exposed name constants, e.g. 'ecdsa-with-SHA256'.
+
+Example: signing using ECDSA with SHA256
+
+```js
+const crypto = require('crypto');
+const sign = crypto.createSign('sha256');
+
+sign.update('some data to sign');
+
+const private_key = '-----BEGIN EC PRIVATE KEY-----\n' +
+        'MHcCAQEEIF+jnWY1D5kbVYDNvxxo/Y+ku2uJPDwS0r/VuPZQrjjVoAoGCCqGSM49\n' +
+        'AwEHoUQDQgAEurOxfSxmqIRYzJVagdZfMMSjRNNhB8i3mXyIMq704m2m52FdfKZ2\n' +
+        'pQhByd5eyj3lgZ7m7jbchtdgyOF8Io/1ng==\n' +
+        '-----END EC PRIVATE KEY-----\n';
+
+console.log(sign.sign(private_key).toString('hex'));
+```
+
 ### sign.sign(private_key[, output_format])
 
 Calculates the signature on all the data passed through using either