7.x backport: crypto: support OPENSSL_CONF again (and its dependencies) #11344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added test cases for error. PR-URL: nodejs#10940 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Add RegExp to check assert throws the expected AssertionErrors. For the one with multiple flags is ok to hardcode the flags since the spec indicates the ordering will always be `gim`: Refs: http://www.ecma-international.org/ecma-262/6.0/#sec-get-regexp.prototype.flags PR-URL: nodejs#10916 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Add a RegExp to `throws` assertions. PR-URL: nodejs#10914 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Refs: https://github.com/nodejs/node/blob/09ebdf14005cc948529b3f193ad550d5dfded26a/lib/dgram.js#L234 PR-URL: nodejs#10901 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
The pointer to std::vector is unnecessary, so replace it with standard instance. Also, make the for() loop more readable by using actual type instead of inferred - there is no readability benefit here from obfuscating the type. PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
NodeJS can already use an external, shared OpenSSL library. This library knows where to look for OS managed certificates. Allow a compile-time option to use this CA store by default instead of using bundled certificates. In case when using bundled OpenSSL, the paths are also valid for majority of Linux systems without additional intervention. If this is not set, we can use SSL_CERT_DIR to point it to correct location. Fixes: nodejs#3159 PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
PR-URL: nodejs#10392 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
On Windows, creating a symlink requires admin privileges. There were two tests which created symlinks which were failing when run as non-admin. test-fs-symlink.js already had a check for privileges on Windows but it had a couple issues: 1. It assumed that whoami was the one that came with windows. However, whoami also ships with Win32 Unix utility ports like the distribution with git, which can cause this to get check tripped up. 2. On failure, the check would just return from the callback instead of exiting 3. whoami was executed asynchronously so the test would run regardless of privilege state. test-fs-options-immutable had no check. As part of this change, I refactored the privilege checking to a function in common, and changed both above tests to use the refactored function. Also documented this function in test\README.md PR-URL: nodejs#10477 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: João Reis <reis@janeasystems.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
PR-URL: nodejs#10543 Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
The original test lauches 10 child processes at once and bypass `test.py`'s process regulation. This PR reduces the unmanaged parallelism and is a temporary workaround for nodejs#9979 (not a real fix). PR-URL: nodejs#10329 Reviewed-By: Anna Henningsen <anna@addaleax.net>
* used let and const instead of var * used assert.strictEqual instead assert.equal PR-URL: nodejs#10357 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Julian Duque <julianduquej@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Document this with the YAML meta-data. PR-URL: nodejs#10983 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
The Hmac binding layer is not documented as part of the API, and is not intended to be used, but it should be robust to misuse, and contains defensive checks for misuse. This test checks that updates without init throw (as opposed to abort or misbehave in some other way). PR-URL: nodejs#10923 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Formatting changes for upcoming linter update. PR-URL: nodejs#10561 Reviewed-By: Teddy Katz <teddy.katz@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
We have been stalled on ESLint 3.8.0 for some time. Current ESLint is 3.13.0. We have been unable to upgrade because of more aggressive reporting on some rules, including indentation. ESLint configuration options and bugfixes are now such that we can reasonably upgrade. PR-URL: nodejs#10561 Reviewed-By: Teddy Katz <teddy.katz@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
As per ESLint documentation, http://eslint.org/docs/user-guide/configuring#configuration-file-formats the file format .eslintrc is deprecated. This patch just renames the files to .yaml and the structure is already in yaml format. PR-URL: nodejs#7699 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Prince John Wesley <princejohnwesley@gmail.com> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> Reviewed-By: Rich Trott <rtrott@gmail.com>
* use common.mustCall() as appropriate * eliminate exit handler * var -> const/let * provide duration for setInterval() PR-URL: nodejs#10588 Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Use common.mustCall() where appropriate, var to const/let, assert.equal() -> assert.strictEqual(), explicit time provided to setTimeout() PR-URL: nodejs#10551 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
* assert unused vars in test-cli-eval.js * assert in more idiomatic way test-cli-eval * rename status to err in test-cli-eval.js PR-URL: nodejs#10759 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This commit fixes a broken assertion in test-cli-eval.js. PR-URL: nodejs#10840 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
* validate errors in assert.throws * use arrow functions PR-URL: nodejs#10752 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
`options` in the `repl.start([options])` can be a string. Ref: nodejs#10160 PR-URL: nodejs#10221 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
PR-URL: nodejs#10550 Reviewed-By: Rich Trott <rtrott@gmail.com>
Refactor and simplify parallel/test-timer-close.js. Add comment to describe the test case. PR-URL: nodejs#10517 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
* use const and let instead of var * use assert.strictEqual instead of assert.equal * use arrow functions PR-URL: nodejs#10556 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Brian White <mscdex@mscdex.net>
Change var to const/let. Simplify test-timers-uncaught-exception. PR-URL: nodejs#10524 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
PR-URL: nodejs#10577 Reviewed-By: Italo A. Casas <me@italoacasas.com> Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
`process.title` would work properly only in FreeBSD, OSX, and Linux as per test/parallel/test-setproctitle.js. This patch makes sure that the test expects an empty string in other platforms. This patch helps fix the SmartOS failures in https://ci.nodejs.org/job/node-test-commit/6962/ for nodejs#10456 PR-URL: nodejs#10597 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com>
Combine and rename tests for the `beforeExit` event on `process`. The naming now more closely follows the de facto conventions of the project. The two tests were very similar and do not seem to benefit from being separate. PR-URL: nodejs#10581 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
* use const and let instead of var * use common.mustCall to control functions execution * use assert.ifError instead of assert.strictEqual for errors * use arrow functions PR-URL: nodejs#10542 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit adds code coverage for emitted and callback errors for dgram's Socket#send() method. PR-URL: nodejs#11248 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Rewrite the tests in test/gc so that they no longer call process.exit(). Instead they exit gracefully now. PR-URL: nodejs#11239 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Replace node-weak with a small hand-rolled add-on. We can now drop node-weak and nan, reducing the size of the source tree by about 750 kB and the size of the tarball by about 150-300 kB. PR-URL: nodejs#11239 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Since the previous commit obsoleted them, remove them. PR-URL: nodejs#11239 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reword the language around releases and signing keys to make it clear that new releases are all branded "Node.js." PR-URL: nodejs#11054 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
PR-URL: nodejs#11270 Fixes: nodejs#11250 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: nodejs#11267 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
In the implementation of the vm module, if a property is successfully deleted on the sandbox, we also need to delete it on the global_proxy object. Therefore, we must not call args.GetReturnValue().Set(). We only intercept, i.e., call args.GetReturnValue().Set(), in the DeleterCallback, if Delete() failed, e.g. because the property was read only. PR-URL: nodejs#11266 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Add two, admittedly contrived, examples that test edge cases of the vm module. They demonstrate that the if statements `if (maybe_rv.IsEmpty())` and `if (maybe_prop_attr.IsNothing())` in the GetterCallback and the QueryCallback are observable. Both GetterCallback and QueryCallback explicitly check the global_proxy() if a property is not found on the sandbox. In these tests, the explicit check inside the callback yields different results than deferring the check until after the callback. The check is deferred, if the callbacks do not intercept, i.e., if args.GetReturnValue().Set() is not called. PR-URL: nodejs#11265 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This test wasn't actually working, as sockets were being closed, allowing the test to exit before any assertions were actually run. This commit refactors the test to maintain the same intended semantics. PR-URL: nodejs#11252 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Add a test case for querystring.parse with multibyte characters under 0x800. PR-URL: nodejs#11251 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: nodejs#11202 Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
* wrap callbacks in mustCall() * Wrap the callbacks which make assertions in common.mustcall() to ensure they are called PR-URL: nodejs#11201 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Verify error message thrown from assert.ifError PR-URL: nodejs#11193 Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Updates the fs module APIs to allow 'file://' URL objects
to be passed as the path.
For example:
```js
const URL = require('url').URL;
const myURL = new URL('file:///C:/path/to/file');
fs.readFile(myURL, (err, data) => {});
```
On Windows, file: URLs with a hostname convert to UNC paths,
while file: URLs with drive letters convert to local absolute
paths:
```
file://hostname/a/b/c => \\hostname\a\b\c
file:///c:/a/b/c => c:\a\b\c
```
On all other platforms, file: URLs with a hostname are unsupported
and will result in a throw:
```
file://hostname/a/b/c => throw!
file:///a/b/c => /a/b/c
```
The documentation for the fs API is intentionally not updated in
this commit because the URL API is still considered experimental
and is not officially documented *at this time*
Note that file: URLs are *required* by spec to always be absolute
paths from the file system root.
This is a semver-major commit because it changes error handling
on the fs APIs.
PR-URL: nodejs#10739
Ref: nodejs#10703
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Squashed from: - deps: Add node-inspect 1.10.1 This adds a reimplementation of the old CLI debugger (`node debug`) against the new debugger protocol (`node --inspect`). This is necessary because the old protocol won't be supported in future versions of V8. - deps: Update node-inspect to 1.10.2 Starting with 1.10.2 the test suite should pass consistently on windows. - deps: Update to node-inspect 1.10.4 PR-URL: nodejs#10187 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com>
This just adds an additional make target (`make test-node-inspect`) but will not include the new debugger in releases. PR-URL: nodejs#10187 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com>
Include the relevant files from `deps/node-inspect` in the compiled `node` binary and make `node inspect` work like `node-inspect`. PR-URL: nodejs#10187 Reviewed-By: James M Snell <jasnell@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Move some code around so we can properly test whether the switch actually does anything. PR-URL: nodejs#11255 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commit a8734af ("src: make copies of startup environment variables") from two weeks ago introduced a regression in the capturing of the `--icu-data-dir=` switch: it captured the string up to the `=` instead of what comes after it. PR-URL: nodejs#11255 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Allow it to be used anywhere in src/ that env variables with security implications are accessed. PR-URL: nodejs#11006 Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
A side-effect of https://github.com/nodejs/node-private/pull/82 was to remove support for OPENSSL_CONF, as well as removing the default read of a configuration file on startup. Partly revert this, allowing OPENSSL_CONF to be used to specify a configuration file to read on startup, but do not read a file by default. If the --openssl-config command line option is provided, its value is used, not the OPENSSL_CONF environment variable. Fix: nodejs#10938 PR-URL: nodejs#11006 Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
nodejs-github-bot
added
build
|
Sorry, wrong target branch. |
|
Replaced by #11345 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)