Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: v0.10.2-release
Commits on Mar 28, 2013
  1. @isaacs

    2013.03.28, Version 0.10.2 (Stable)

    isaacs authored
    * npm: Upgrade to 1.2.15
    
    * uv: Upgrade to 0.10.3
    
    * tls: handle SSL_ERROR_ZERO_RETURN (Fedor Indutny)
    
    * tls: handle errors before calling C++ methods (Fedor Indutny)
    
    * tls: remove harmful unnecessary bounds checking (Marcel Laverdet)
    
    * crypto: make getCiphers() return non-SSL ciphers (Ben Noordhuis)
    
    * crypto: check randomBytes() size argument (Ben Noordhuis)
    
    * timers: do not calculate Timeout._when property (Alexey Kupershtokh)
    
    * timers: fix off-by-one ms error (Alexey Kupershtokh)
    
    * timers: handle signed int32 overflow in enroll() (Fedor Indutny)
    
    * stream: Fix stall in Transform under very specific conditions (Gil Pedersen)
    
    * stream: Handle late 'readable' event listeners (isaacs)
    
    * stream: Fix early end in Writables on zero-length writes (isaacs)
    
    * domain: fix domain callback from MakeCallback (Trevor Norris)
    
    * child_process: don't emit same handle twice (Ben Noordhuis)
    
    * child_process: fix sending utf-8 to child process (Ben Noordhuis)
  2. @piscisaureus
  3. @isaacs

    npm: Upgrade to v1.2.15

    isaacs authored
  4. @indutny
  5. @isaacs

    setTimeout: do not calculate Timeout._when property

    wicked authored isaacs committed
    Dramatically improves Timer performance.
  6. @isaacs

    stream: Emit readable on ended streams via read(0)

    isaacs authored
    cc: @mjijackson
  7. @isaacs

    stream: Handle late 'readable' event listeners

    isaacs authored
    In cases where a stream may have data added to the read queue before the
    user adds a 'readable' event, there is never any indication that it's
    time to start reading.
    
    True, there's already data there, which the user would get if they
    checked However, as we use 'readable' event listening as the signal to
    start the flow of data with a read(0) call internally, we ought to
    trigger the same effect (ie, emitting a 'readable' event) even if the
    'readable' listener is added after the first emission.
    
    To avoid confusing weirdness, only the *first* 'readable' event listener
    is granted this privileged status.  After we've started the flow (or,
    alerted the consumer that the flow has started) we don't need to start
    it again.  At that point, it's the consumer's responsibility to consume
    the stream.
    
    Closes #5141
  8. @isaacs

    doc: Add 'don't ignore errors' section to domain

    isaacs authored
    Also, an example program of using cluster and domain to handle errors
    safely, with zero downtime, using process isolation.
  9. @bruston @bnoordhuis

    doc: debugger, dns, http: fix grammar

    bruston authored bnoordhuis committed
Commits on Mar 27, 2013
  1. @bnoordhuis
  2. @isaacs

    test: Accept either kind of NaN

    isaacs authored
    A llvm/clang bug on Darwin ia32 makes these tests fail 100% of
    the time.  Since no one really seems to mind overly much, and we
    can't reasonably fix this in node anyway, just accept both types
    of NaN for now.
  3. @indutny

    tls: handle errors before calling C++ methods

    indutny authored
    Calling `this.pair.encrypted._internallyPendingBytes()` before
    handling/resetting error will result in assertion failure:
    
    ../src/node_crypto.cc:962: void node::crypto::Connection::ClearError():
    Assertion `handle_->Get(String::New("error"))->BooleanValue() == false'
    failed.
    
    see #5058
  4. @bruston @bnoordhuis

    doc: addon: fix grammar

    bruston authored bnoordhuis committed
  5. @indutny

    openssl: disable HEARTBEAT TLS extension

    indutny authored
    Microsoft's IIS doesn't support it, and is not replying with ServerHello
    after receiving ClientHello which contains it.
    
    The good way might be allowing to opt-out this at runtime from
    javascript-land, but unfortunately OpenSSL doesn't support it right now.
    
    see #5119
  6. @trevnorris @isaacs

    domain: fix domain callback from MakeCallback

    trevnorris authored isaacs committed
    Since _tickCallback and _tickDomainCallback were both called from
    MakeCallback, it was possible for a callback to be called that required
    a domain directly to _tickCallback.
    
    The fix was to implement process.usingDomains(). This will set all
    applicable functions to their domain counterparts, and set a flag in cc
    to let MakeCallback know domain callbacks always need to be checked.
    
    Added test in own file. It's important that the test remains isolated.
Commits on Mar 26, 2013
  1. @bnoordhuis
  2. @bnoordhuis
Commits on Mar 25, 2013
  1. @tjfontaine @bnoordhuis

    test: test name is the last elem, not second

    tjfontaine authored bnoordhuis committed
    When a test requires node to have parameters passed (--expose-gc) the
    test name will be the last element in the command array, not the second.
  2. @bnoordhuis

    child_process: don't emit same handle twice

    bnoordhuis authored
    It's possible to read multiple messages off the parent/child channel.
    When that happens, make sure that recvHandle is cleared after emitting
    the first message so it doesn't get emitted twice.
  3. @bnoordhuis

    crypto: make getCiphers() return non-SSL ciphers

    bnoordhuis authored
    Commit f53441a added crypto.getCiphers() as a function that returns the
    names of SSL ciphers.
    
    Commit 14a6c4e then added crypto.getHashes(), which returns the names of
    digest algorithms, but that creates a subtle inconsistency: the return
    values of crypto.getHashes() are valid arguments to crypto.createHash()
    but that is not true for crypto.getCiphers() - the returned values are
    only valid for SSL/TLS functions.
    
    Rectify that by adding tls.getCiphers() and making crypto.getCiphers()
    return proper cipher names.
  4. @mathiasbynens @bnoordhuis

    doc: mention `process.*.isTTY` under `process`

    mathiasbynens authored bnoordhuis committed
  5. @bnoordhuis

    child_process: fix sending utf-8 to child process

    bnoordhuis authored
    In process#send() and child_process.ChildProcess#send(), use 'utf8' as
    the encoding instead of 'ascii' because 'ascii' mutilates non-ASCII
    input. Correctly handle partial character sequences by introducing
    a StringDecoder.
    
    Sending over UTF-8 no longer works in v0.10 because the high bit of
    each byte is now cleared when converting a Buffer to ASCII. See
    commit 96a314b for details.
    
    Fixes #4999 and #5011.
  6. @bnoordhuis
Commits on Mar 24, 2013
  1. @bnoordhuis

    deps: fix openssl build on windows

    bnoordhuis authored
    Commit 8632af3 ("tools: update gyp to r1601") broke the Windows build.
    
    Older versions of GYP link to kernel32.lib, user32.lib, etc. but that
    was changed in r1584. See https://codereview.chromium.org/12256017
    
    Fix the build by explicitly linking to the required libraries.
  2. @isaacs

    stream: Fix early end in Writables on zero-length writes

    isaacs authored
    Doing this causes problems:
    
        z.write(Buffer(0));
        z.end();
    
    Fix by not ending Writable streams while they're still in the process of
    writing something.
  3. @bnoordhuis

    tools: update gyp to r1601

    bnoordhuis authored
    Among other things, this should make it easier for people to build
    node.js on openbsd.
  4. @bnoordhuis

    doc: update CONTRIBUTING.md

    bnoordhuis authored
    * Latest stable is v0.10 now.
    * Add example of what the first line of the commit log should look like.
  5. @AlexeyKupershtokh @isaacs

    timer: fix off-by-one ms error

    AlexeyKupershtokh authored isaacs committed
    Fix #5103
Commits on Mar 23, 2013
  1. @laverdet @indutny

    tls: remove harmful unnecessary bounds checking

    laverdet authored indutny committed
    The EncIn, EncOut, ClearIn & ClearOut functions are victims of some code
    copy + pasting. A common line copied to all of them is:
    
    `if (off >= buffer_length) { ...`
    
    448e0f4 corrected ClearIn's check from `>=` to `>`, but left the others
    unchanged (with an incorrect bounds check). However, if you look down at
    the next very next bounds check you'll see:
    
    `if (off + len > buffer_length) { ...`
    
    So the check is actually obviated by the next line, and should be
    removed.
    
    This fixes an issue where writing a zero-length buffer to an encrypted
    pair's *encrypted* stream you would get a crash.
  2. @verwaest @bnoordhuis

    v8: Unify kMaxArguments with number of bits used to encode it.

    verwaest authored bnoordhuis committed
    Increase the number of bits by 1 by making Flags unsigned.
    
    BUG=chromium:211741
    
    Review URL: https://chromiumcodereview.appspot.com/12886008
    
    This is a back-port of commits 13964 and 13988 addressing CVE-2013-2632.
  3. @bnoordhuis

    crypto: check randomBytes() size argument

    bnoordhuis authored
    Throw a TypeError if size > 0x3fffffff. Avoids the following V8 fatal
    error:
    
      FATAL ERROR: v8::Object::SetIndexedPropertiesToExternalArrayData()
      length exceeds max acceptable value
    
    Fixes #5126.
  4. @bnoordhuis
Commits on Mar 22, 2013
  1. @kanongil @isaacs

    stream: Fix stall in Transform under very specific conditions

    kanongil authored isaacs committed
    The stall is exposed in the test, though the test itself asserts before
    it stalls.
    
    The test is constructed to replicate the stalling state of a complex
    Passthrough usecase since I was not able to reliable trigger the stall.
    
    Some of the preconditions for triggering the stall are:
      * rs.length >= rs.highWaterMark
      * !rs.needReadable
      * _transform() handler that can return empty transforms
      * multiple sync write() calls
    
    Combined this can trigger a case where rs.reading is not cleared when
    further progress requires this. The fix is to always clear rs.reading.
Commits on Mar 21, 2013
  1. @indutny

    timers: handle signed int32 overflow in enroll()

    indutny authored
    Before this patch calling `socket.setTimeout(0xffffffff)` will result in
    signed int32 overflow in C++ which resulted in assertion error:
    
        Assertion failed: (timeout >= -1), function uv__io_poll, file
        ../deps/uv/src/unix/kqueue.c, line 121.
    
    see #5101
  2. @isaacs

    blog: Post for v0.10.1

    isaacs authored
Something went wrong with that request. Please try again.