* V8: upgrade to 220.127.116.11 * npm: upgrade to 1.1.59 * windows: fix uninitialized memory access in uv_update_time() (Bert Belder) * unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis) * unix: fix integer overflow in uv_hrtime (Tim Holy) * sunos: fix uv_cpu_info() on x86_64 (Ben Noordhuis) * tls: update default cipher list (Ben Noordhuis) * unix: Fix llvm and older gcc duplicate symbol warnings (Bert Belder) * fs: fix use after free in stat watcher (Ben Noordhuis) * build: Fix using manually compiled gcc on OS X (Nathan Rajlich) * windows: make junctions work again (Bert Belder)
Update the default cipher list from RC4-SHA:AES128-SHA:AES256-SHA to ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH in order to mitigate BEAST attacks. The documentation suggested AES256-SHA but unfortunately that's a CBC cipher and therefore susceptible to attacks. Fixes #3900.
These explicit instantiations were added to make MSVC happy. It turns out that some older versions of gcc and llvm now complain about duplicate symbols, so we instantiate these templates only when MSVC is used.
This is the only thing preventing a manually compiled version of GCC (rather than Apple's provided llvm-gcc or heavily modified gcc 4.2) from working properly, so we might as well enable support for that. With this patch I was able to compile node using a manually compiled gcc 4.7.1. Closes #3887.
* npm: Upgrade to 1.1.49 * website: download page (Golo Roden) * crypto: fix uninitialized memory access in openssl (Ben Noordhuis) * buffer, crypto: fix buffer decoding (Ben Noordhuis) * build: compile with -fno-tree-vrp when gcc >= 4.0 (Ben Noordhuis) * tls: handle multiple CN fields when verifying cert (Ben Noordhuis) * doc: remove unused util from child_process (Kyle Robinson Young) * build: rework -fvisibility=hidden detection (Ben Noordhuis) * windows: don't duplicate invalid stdio handles (Bert Belder) * windows: fix typos in process-stdio.c (Bert Belder)
ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but forgot to initialize the `length` field. Fixes the following valgrind error: $ valgrind -q --track-origins=yes --num-callers=19 \ out/Debug/node test/simple/test-tls-client-abort.js ==2690== Conditional jump or move depends on uninitialised value(s) ==2690== at 0x784B69: ASN1_STRING_set (asn1_lib.c:382) ==2690== by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204) ==2690== by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86) ==2690== by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570) ==2690== by 0x78F090: asn1_string_canon (x_name.c:409) ==2690== by 0x78EF17: x509_name_canon (x_name.c:354) ==2690== by 0x78EA7D: x509_name_ex_d2i (x_name.c:210) ==2690== by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239) ==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746) ==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607) ==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448) ==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746) ==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607) ==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448) ==2690== by 0x787C93: ASN1_item_d2i (tasn_dec.c:136) ==2690== by 0x78F5E4: d2i_X509 (x_x509.c:141) ==2690== by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81) ==2690== by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67) ==2690== by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497) ==2690== Uninitialised value was created by a stack allocation ==2690== at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
pummel/test-net-throttle assumes that a couple of big write requests result in some of them getting queued because the kernel's send buffer fills up. Said assumption breaks on systems with large send buffers. Raise the size of the write request to ameliorate the issue. This is a back-port of commit 6770555 from the master branch.