Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

json doc generator now generates _index.json as it creates files. #3696

Closed
wants to merge 44 commits into from
@iapain

generate.js now accepts --output=<file> which tools/doc/json.js uses to write the output. If output file is missing then it executes callback. This was required to get the directory for new _index.json. Ideally, I left it for you to decide what to call this _index.json. There is already an index.json file which should not be generated at all. Additionally it sets title as first heading node text if applicable.

TODO

  • Add exclude files to avoid generation of index.json
  • Dependency map in Makefile (if subchapters like structure is required).
@iapain iapain Added output file option to gentest.
json doc generator now accepts output file as well.
json doc generator now generates index file automatically.
5152bf5
@iapain iapain closed this
@iapain iapain reopened this
@iapain

Damn I cannot attach it to the issue. It's for #3668

@mainerror

What's up with this pull request? Is it going to get merged?

@iapain

It still needs some API related decisions from @isaacs. He urged me to write this patch but probably too busy with other stuff.

@mainerror

I reckoned, just wanted to bump this a little.

@isaacs

The index should be written to index.json, not _index.json.

Also, it's a bit odd having url be a an object. Maybe it should be just html: 'foo.html', json: 'foo.json' or something?

@iapain

@isaacs The reason I kept _index.json was index.markdown translates into index.json but I guess it's no longer required. In last commit I have renamed it to index.json. Moreover url.html, url.json is now just html, json as you suggested.

@Nodejs-Jenkins
Collaborator

Can one of the admins verify this patch?

@mainerror

Indeed, it would be awesome to get this in, I don't quite understand what's taking eight months to review ...

@bnoordhuis

Yeah, because we're all just twiddling our thumbs while raking in the big paychecks...

Look at the number of open issues and pull requests, now realize that there are only two or three people working on node.js full time.

If you want to do something constructive, start triaging bug reports and reviewing PRs.

@mainerror

@bnoordhuis I didn't say that you guys weren't doing something but eight months for such a minor PR?

I'm not actively working on Node.js, I have other projects I'm actively contributing to.

@iapain

I must agree with @mainerror being a contributor it's very discouraging. I tried to bring it up few times on IRC to @isaacs in vain.

@bnoordhuis I totally respect what you guys are doing it's pretty cool and cutting edge but eventually it's core team who needs to organize and expand if it's required.

tools/doc/json.js
@@ -146,9 +159,62 @@ function doJSON(input, filename, cb) {
finishSection(current, stack[stack.length - 1]);
}
- return cb(null, root)
+ if (outfile) {
+ writeOututToFile(root, filename, outfile, indexfile, writeToIndexFile);
@isaacs
isaacs added a note

Typo? Should this be writeOutputToFile?

@iapain
iapain added a note

Sorry that's a typo. Will rectify in next commit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tools/doc/json.js
((4 lines not shown))
- return cb(null, root)
+ if (outfile) {
+ writeOututToFile(root, filename, outfile, indexfile, writeToIndexFile);
+ }
+ else {
+ return cb(null, root)
+ }
+}
+
+// write output object to outfile
+function writeOututToFile(obj, sourcefile, outfile, indexfile, cb) {
+ fs.writeFile(outfile, JSON.stringify(obj, null, 2), function(err) {
+ if(err) {
+ throw new Error('error saving file - '+ err);
+ }
+ cb(obj, sourcefile, path.join(path.dirname(outfile), indexfile));
@isaacs
isaacs added a note

API here is a bit weird. cb functions should pass err as their first argument. Better to just call fs.writeFile with the supplied cb, than to force a throw.

@iapain
iapain added a note

I tried to keep the way it worked with console.log version. I remember there it threw an error as well but I can see you're right and in this setup it doesn't make any sense to throw an error. I will clean up this in a moment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@isaacs

In general, it is better to light candles than to curse darkness. @mainerror, if you have comments on this patch, then share them. We welcome reviews from all parties. Though it does take some core team member to actually land it, you can help things along by providing feedback.

@iapain I'm a bit confused about what happens if just one of the files changes. Ie, if you've generated the index.json, and then we change doc/api/url.markdown, for instance. Will it generate a new index.json containing all of the previous files as well? How does it know to do index.json last?

@iapain

@isaacs I'm not tracking anything, it just regenerates index.json. Should it keep track for changes?

@iapain

@isaacs changes checked-in. I think now I got it what you were trying to say in previous comment. Actually writeToIndexFile checks if there is already an index.json file. It also check (in a way) that if it's proper index.json and then it update or create proper chapter entry into main json object which is written back to index.json

@Fishrock123
Collaborator

o_o

Awesome, thanks. :)

rofl. is 0.12 just being skipped? haha

@defunctzombie even numbers are reserved for stable releases (not sure if irony, but chose to reply for possible others)

What's the next stable release then?

@freeall The next stable is called 0.12. You can track its development here. I haven't seen any plans for a public release just yet, but assume it's coming.

Wow, awesome, :+1:

tjfontaine and others added some commits
@tjfontaine tjfontaine Merge remote-tracking branch 'upstream/v0.12' 912b5e0
@tjfontaine tjfontaine Merge remote-tracking branch 'upstream/v0.12' 7c04197
@cjihrig cjihrig net: remove use of arguments in Server constructor
The current implementation uses the arguments object in the Server()
constructor. Since both arguments to Server() are optional, there was a
high likelihood of accessing a non-existent element in arguments, which
carries a performance overhead. This commit replaces the arguments
object with named arguments.

Reviewed-by: Trevor Norris <trev.norris@gmail.com>
25702ab
@yorkie yorkie stream: remove duplicated expression
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
cfcb1de
tools/doc/json.js
@@ -146,9 +159,64 @@ function doJSON(input, filename, cb) {
finishSection(current, stack[stack.length - 1]);
}
- return cb(null, root)
+ if (outfile) {
+ writeOutputToFile(root, filename, outfile, indexfile, writeToIndexFile);
@chrisdickinson Owner

Okay, I see the source of my confusion. writeToIndexFile performs async actions, but never calls cb. This probably needs to be something like the following:

writeOutputToFile(root, filename, outfile, indexfile, function(err, root, sourcefile, outfile) {
  if (err) return cb(err);
  writeToIndexFile(root, sourcefile, outfile, cb);
})
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tools/doc/json.js
((11 lines not shown))
}
+// write output object to outfile
+function writeOutputToFile(obj, sourcefile, outfile, indexfile, cb) {
+ fs.writeFile(outfile, JSON.stringify(obj, null, 2), function(err) {
+ cb(err, obj, sourcefile, path.join(path.dirname(outfile), indexfile));
+ });
+}
+
+// make an entry into index file
+function writeToIndexFile(err, root, sourcefile, outfile) {
+ // check if there was an error writing file
+ if (err) {
+ throw new Error('error writing file - '+ e);
+ }
@chrisdickinson Owner

this error handling should happen in doJSON -- including the err argument that writeToIndexFile takes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tools/doc/json.js
((23 lines not shown))
+ if (err) {
+ throw new Error('error writing file - '+ e);
+ }
+
+ // default type of an index
+ var obj = {"type":"index"};
+ var entry = {"source":sourcefile};
+
+ // check if indexfile already exists
+ if (fs.existsSync(outfile)) {
+ var data = fs.readFileSync(outfile);
+ try {
+ obj = JSON.parse(data.toString());
+ }
+ catch(e) {
+ throw new Error('invalid json data - '+ e);
@chrisdickinson Owner

If there's invalid JSON data, we should ignore it, and go with our default object.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tools/doc/json.js
((29 lines not shown))
+ var entry = {"source":sourcefile};
+
+ // check if indexfile already exists
+ if (fs.existsSync(outfile)) {
+ var data = fs.readFileSync(outfile);
+ try {
+ obj = JSON.parse(data.toString());
+ }
+ catch(e) {
+ throw new Error('invalid json data - '+ e);
+ }
+ }
+ // check if index file is valid
+ if (obj.type !== "index") {
+ throw new Error('invalid index file - '+ outfile);
+ }
@chrisdickinson Owner

I think this check is maybe unnecessary. Ultimately I think our goal should be to merge the chapters property into whatever's already there, or if nothing's there, create it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
tools/doc/json.js
((44 lines not shown))
+ }
+ // construct an entry object
+ entry.title = root.title;
+ entry.html = path.basename(sourcefile).replace(/\.(markdown|md)/i, ".html");
+ entry.json = entry.html.replace(/\.html/i, ".json");
+
+ // append mode
+ if (obj.chapters && typeof obj.chapters === "object") {
+ obj.chapters.push(entry);
+ }
+ else {
+ obj.chapters = [entry];
+ }
+ fs.writeFile(outfile, JSON.stringify(obj, null, 2), function(err) {
+ if(err) {
+ throw new Error('error saving file - '+ err);
@chrisdickinson Owner

return cb(new Error('[...]')) vs. throwing here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@chrisdickinson

@iapain Thanks for your patience. I went through and reviewed the changes and had a few comments, and will merge once they're addressed -- or, if you'd prefer I can take over this PR. Sorry you had to wait so long!

@iapain

@chrisdickinson Please take over this PR. Excited to see that it's finally coming :)

tjfontaine and others added some commits
@tjfontaine tjfontaine Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
885f721
@frankcash frankcash README: fix link text
Extends a hyperlink to cover the whole line

PR-URL: #8972
Reviewed-by: Colin Ihrig <cjihrig@gmail.com>
31d4847
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
d8baf8a
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
3917596
@misterdjules misterdjules src: update AUTHORS after merge of v0.12 in master b3fcc24
@bjouhier bjouhier fs: properly handle fd passed to truncate()
Currently, fs.truncate() silently fails when a file descriptor
is passed as the first argument. This commit changes this
behavior to properly call fs.ftruncate(). This commit also
adds proper type checking to the callback provided to
makeCallback().

PR-URL: joyent#9161
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
4c31cda
@sam-github sam-github dgram: implicit binds should be exclusive
Server sockets should be shared by default, and client sockets should be
exclusive by default. For net/TCP, this is how it is, for dgram/UDP, its
a little less clear what a client socket is, but a socket that is
auto-bound during a dgram.send() is not usefully shared among cluster
workers, any more than an outgoing TCP connection would be usefully
shared.

Since implicit binds become exclusive, implicit/client dgram sockets can
now be used with cluster on Windows. Before, neither explicit nor
implicitly bound sockets could be used, causing dgram to be completely
unsupported with cluster on Windows. After this change, they become half
supported.

PR: joyent#8643
Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-by: Bert Belder <bertbelder@gmail.com>
Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
e42c4a3
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12' 4b69dcb
@misterdjules misterdjules src: enable strict mode in all builtin modules
This is a follow-up commit for b233131.

It enables strict mode in all built-in modules.

PR: #9302
PR-URL: joyent#9302
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
ef43443
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12' a995a6a
@fastest963 fastest963 net: use cached peername to resolve remote fields
Allows socket.remote* properties to still be accessed even after the
socket is closed.

Fixes: joyent#9287
PR-URL: joyent#9366
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
8c38b07
@stcruy stcruy doc: fix '\\' typos on Windows
This commit changes the Windows examples in path.markdown to
correctly display '\\'.

PR-URL: joyent#9412
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2b64132
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12' ae58fc4
@amir-s amir-s url: resolve urls with . and ..
'.' and '..' are directory specs and resolving urls with or without the
hostname with '.' and '..' should add a trailing slash to the end of the
url.

Fixes #8992.

Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: joyent#9427
9b534e2
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
9010dd2
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
94beb29
@jasnell jasnell tls: more secure defaults
Port of io.js commit: nodejs/io.js@77f3586

Original commit message:

This updates the default cipher suite to an more secure list, which
prefers strong ciphers with Forward Secrecy. Additionally, it enables
`honorCipherOrder` by default.

Noteable effect of this change is that the insecure RC4 ciphers are
disabled and that Chrome negotiates a more secure ECDHE cipher.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#14383
72357e5
@jasnell jasnell tls: command-line switch and envar cipher-list override
Add command line switches and environment variables to override
the default cipher suite in tls.js

`--cipher-list` and `NODE_CIPHER_LIST` can be used to completely
override the default cipher list with a given value.

`--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST` can
be used to reset the default cipher list back to a known legacy
value shipped in prior Node.js releases

A new `getLegacyCiphers` method on the tis module allows
programmatic access to the old cipher list defaults.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#14383
1bf1546
@jasnell jasnell tls: make --enable-legacy-cipher-list less verbose
Based on commit feedback, make the PrintHelp for
--enable-legacy-cipher-list less verbose.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#14383
3f58ce6
@jasnell jasnell tls: pass in isolate with define string constant + style nits
Per the commit feedback, fix up style nits and pass in the
isolate with the NODE_DEFINE_STRING_CONSTANT macro.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#14383
3705736
@jasnell jasnell test: fixing a few nits in the test
typo and unnecessary options init

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#14383
4d9c81b
@bltsandwich1

You've been pushing commits more often than I thought....

misterdjules and others added some commits
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	src/node_version.h
0df5e1c
@mrkmg mrkmg src: fix ifdef comment
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25274
d13d7f7
@jasnell
Owner

@iapain @chrisdickinson ... I know it's been a while, but is this still something you want to pursue? If yes, the PR would need to be updated significantly. If not, we should likely go ahead and close.

jasnell and others added some commits
@jasnell jasnell doc: improve http.request example
Fixes: joyent#5317

Improve the example in the documentation to show
that response content can be chunked across multiple
`data` events.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25352
6f9b178
@devonharvey devonharvey _http_server.js: fix typo in comment
Fix misspelling of 'response' on line 453

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25472
016ff77
@iapain

@jasnell I will implement @chrisdickinson suggestions in neat way. Hold on.

@jasnell
Owner
socketpair and others added some commits
@socketpair socketpair tls.createSecurePair(): fix documentation typo
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25341
4d3514f
@misterdjules misterdjules Merge remote-tracking branch 'upstream/v0.12'
Conflicts:
	doc/api/tls.markdown
	src/node_version.h
f9d783a
@hidekiy hidekiy Fix improper sample code in http.markdown
You must consume the data from the response object. #8443

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25471
6671efa
@duzun duzun fixed a typo: fs.ReadStream(filename) -> fs.createReadStream(filename)
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25453
8c262dd
@chrisneave chrisneave docs: Fix grammar in Transform API text
The third sentence of the fifth paragraph of the documentation for
transform._transform() has several words omitted and makes no
sense. This fix fills in the missing words to clarify the passage.

Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: joyent#25371
8140d10
@iapain iapain Added output file option to gentest.
json doc generator now accepts output file as well.
json doc generator now generates index file automatically.
63b3f9e
@iapain iapain Now json doc generator writes index.json file.\n Renamed url.html and…
… url.json to html and json
ab03aec
@iapain iapain Fixed some typos. `writeOutputToFile` does not raise and exception an…
…ymore.
428bea0
@iapain iapain Callback is properly propagated thanks to @chrisdickinson 02cfad5
@iapain iapain resolved conflicts 27b3909
@iapain

@jasnell Ready to review.

@iapain

@jasnell I've to close this PR and will send you another one shortly. Looks like git rebase messed up with previous commits.

@iapain iapain closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 12, 2012
  1. @iapain

    Added output file option to gentest.

    iapain authored
    json doc generator now accepts output file as well.
    json doc generator now generates index file automatically.
Commits on Oct 3, 2012
  1. @iapain

    Now json doc generator writes index.json file.\n Renamed url.html and…

    iapain authored
    … url.json to html and json
Commits on Mar 14, 2013
  1. @iapain
  2. @iapain
Commits on Aug 7, 2014
  1. @tjfontaine
  2. @tjfontaine
Commits on Sep 17, 2014
  1. @tjfontaine
Commits on Oct 1, 2014
  1. @cjihrig @trevnorris

    net: remove use of arguments in Server constructor

    cjihrig authored trevnorris committed
    The current implementation uses the arguments object in the Server()
    constructor. Since both arguments to Server() are optional, there was a
    high likelihood of accessing a non-existent element in arguments, which
    carries a performance overhead. This commit replaces the arguments
    object with named arguments.
    
    Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Commits on Oct 9, 2014
  1. @yorkie @chrisdickinson

    stream: remove duplicated expression

    yorkie authored chrisdickinson committed
    Reviewed-by: Trevor Norris <trev.norris@gmail.com>
    Reviewed-by: Chris Dickinson <christopher.s.dickinson@gmail.com>
Commits on Jan 16, 2015
  1. @tjfontaine

    Merge remote-tracking branch 'upstream/v0.12'

    tjfontaine authored
    Conflicts:
    	src/node_version.h
Commits on Jan 19, 2015
  1. @frankcash @geek

    README: fix link text

    frankcash authored geek committed
    Extends a hyperlink to cover the whole line
    
    PR-URL: #8972
    Reviewed-by: Colin Ihrig <cjihrig@gmail.com>
Commits on Jan 30, 2015
  1. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	src/node_version.h
Commits on Feb 17, 2015
  1. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	src/node_version.h
  2. @misterdjules
  3. @bjouhier @cjihrig

    fs: properly handle fd passed to truncate()

    bjouhier authored cjihrig committed
    Currently, fs.truncate() silently fails when a file descriptor
    is passed as the first argument. This commit changes this
    behavior to properly call fs.ftruncate(). This commit also
    adds proper type checking to the callback provided to
    makeCallback().
    
    PR-URL: joyent#9161
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Commits on Feb 18, 2015
  1. @sam-github @misterdjules

    dgram: implicit binds should be exclusive

    sam-github authored misterdjules committed
    Server sockets should be shared by default, and client sockets should be
    exclusive by default. For net/TCP, this is how it is, for dgram/UDP, its
    a little less clear what a client socket is, but a socket that is
    auto-bound during a dgram.send() is not usefully shared among cluster
    workers, any more than an outgoing TCP connection would be usefully
    shared.
    
    Since implicit binds become exclusive, implicit/client dgram sockets can
    now be used with cluster on Windows. Before, neither explicit nor
    implicitly bound sockets could be used, causing dgram to be completely
    unsupported with cluster on Windows. After this change, they become half
    supported.
    
    PR: joyent#8643
    Reviewed-by: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-by: Bert Belder <bertbelder@gmail.com>
    Reviewed-by: Julien Gilli <julien.gilli@joyent.com>
Commits on Feb 28, 2015
  1. @misterdjules
Commits on Mar 3, 2015
  1. @misterdjules

    src: enable strict mode in all builtin modules

    misterdjules authored
    This is a follow-up commit for b233131.
    
    It enables strict mode in all built-in modules.
    
    PR: #9302
    PR-URL: joyent#9302
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Commits on Mar 5, 2015
  1. @misterdjules
Commits on Mar 16, 2015
  1. @fastest963 @cjihrig

    net: use cached peername to resolve remote fields

    fastest963 authored cjihrig committed
    Allows socket.remote* properties to still be accessed even after the
    socket is closed.
    
    Fixes: joyent#9287
    PR-URL: joyent#9366
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
  2. @stcruy @cjihrig

    doc: fix '\\' typos on Windows

    stcruy authored cjihrig committed
    This commit changes the Windows examples in path.markdown to
    correctly display '\\'.
    
    PR-URL: joyent#9412
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
  3. @misterdjules
Commits on Mar 17, 2015
  1. @amir-s @misterdjules

    url: resolve urls with . and ..

    amir-s authored misterdjules committed
    '.' and '..' are directory specs and resolving urls with or without the
    hostname with '.' and '..' should add a trailing slash to the end of the
    url.
    
    Fixes #8992.
    
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    PR-URL: joyent#9427
Commits on Mar 24, 2015
  1. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	src/node_version.h
Commits on Apr 1, 2015
  1. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	src/node_version.h
Commits on Apr 8, 2015
  1. @jasnell

    tls: more secure defaults

    jasnell authored
    Port of io.js commit: nodejs/io.js@77f3586
    
    Original commit message:
    
    This updates the default cipher suite to an more secure list, which
    prefers strong ciphers with Forward Secrecy. Additionally, it enables
    `honorCipherOrder` by default.
    
    Noteable effect of this change is that the insecure RC4 ciphers are
    disabled and that Chrome negotiates a more secure ECDHE cipher.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#14383
  2. @jasnell

    tls: command-line switch and envar cipher-list override

    jasnell authored
    Add command line switches and environment variables to override
    the default cipher suite in tls.js
    
    `--cipher-list` and `NODE_CIPHER_LIST` can be used to completely
    override the default cipher list with a given value.
    
    `--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST` can
    be used to reset the default cipher list back to a known legacy
    value shipped in prior Node.js releases
    
    A new `getLegacyCiphers` method on the tis module allows
    programmatic access to the old cipher list defaults.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#14383
  3. @jasnell

    tls: make --enable-legacy-cipher-list less verbose

    jasnell authored
    Based on commit feedback, make the PrintHelp for
    --enable-legacy-cipher-list less verbose.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#14383
  4. @jasnell

    tls: pass in isolate with define string constant + style nits

    jasnell authored
    Per the commit feedback, fix up style nits and pass in the
    isolate with the NODE_DEFINE_STRING_CONSTANT macro.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#14383
  5. @jasnell

    test: fixing a few nits in the test

    jasnell authored
    typo and unnecessary options init
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#14383
Commits on May 14, 2015
  1. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	src/node_version.h
Commits on May 20, 2015
  1. @mrkmg @misterdjules

    src: fix ifdef comment

    mrkmg authored misterdjules committed
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25274
Commits on Jun 4, 2015
  1. @jasnell

    doc: improve http.request example

    jasnell authored
    Fixes: joyent#5317
    
    Improve the example in the documentation to show
    that response content can be chunked across multiple
    `data` events.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25352
  2. @devonharvey @jasnell

    _http_server.js: fix typo in comment

    devonharvey authored jasnell committed
    Fix misspelling of 'response' on line 453
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25472
  3. @socketpair @jasnell

    tls.createSecurePair(): fix documentation typo

    socketpair authored jasnell committed
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25341
  4. @misterdjules

    Merge remote-tracking branch 'upstream/v0.12'

    misterdjules authored
    Conflicts:
    	doc/api/tls.markdown
    	src/node_version.h
Commits on Jun 5, 2015
  1. @hidekiy @jasnell

    Fix improper sample code in http.markdown

    hidekiy authored jasnell committed
    You must consume the data from the response object. #8443
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25471
  2. @duzun @jasnell

    fixed a typo: fs.ReadStream(filename) -> fs.createReadStream(filename)

    duzun authored jasnell committed
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25453
  3. @chrisneave @jasnell

    docs: Fix grammar in Transform API text

    chrisneave authored jasnell committed
    The third sentence of the fifth paragraph of the documentation for
    transform._transform() has several words omitted and makes no
    sense. This fix fills in the missing words to clarify the passage.
    
    Reviewed-By: James M Snell <jasnell@gmail.com>
    PR-URL: joyent#25371
Commits on Jun 18, 2015
  1. @iapain

    Added output file option to gentest.

    iapain authored iapain committed
    json doc generator now accepts output file as well.
    json doc generator now generates index file automatically.
  2. @iapain

    Now json doc generator writes index.json file.\n Renamed url.html and…

    iapain authored
    … url.json to html and json
  3. @iapain
  4. @iapain
  5. @iapain

    resolved conflicts

    iapain authored
This page is out of date. Refresh to see the latest.
Showing with 653 additions and 77 deletions.
  1. +1 −0  AUTHORS
  2. +1 −1  Makefile
  3. +1 −1  README.md
  4. +2 −0  deps/debugger-agent/lib/_debugger_agent.js
  5. +1 −1  doc/api/crypto.markdown
  6. +14 −1 doc/api/http.markdown
  7. +3 −3 doc/api/path.markdown
  8. +3 −3 doc/api/stream.markdown
  9. +100 −27 doc/api/tls.markdown
  10. +2 −0  lib/_debugger.js
  11. +2 −0  lib/_http_agent.js
  12. +2 −0  lib/_http_client.js
  13. +2 −0  lib/_http_common.js
  14. +2 −0  lib/_http_incoming.js
  15. +2 −0  lib/_http_outgoing.js
  16. +3 −1 lib/_http_server.js
  17. +2 −0  lib/_linklist.js
  18. +2 −0  lib/_stream_duplex.js
  19. +2 −0  lib/_stream_passthrough.js
  20. +5 −3 lib/_stream_readable.js
  21. +2 −0  lib/_stream_transform.js
  22. +2 −0  lib/_stream_writable.js
  23. +2 −0  lib/_tls_common.js
  24. +2 −0  lib/_tls_legacy.js
  25. +5 −3 lib/_tls_wrap.js
  26. +2 −0  lib/assert.js
  27. +2 −0  lib/buffer.js
  28. +2 −0  lib/child_process.js
  29. +2 −0  lib/cluster.js
  30. +2 −0  lib/console.js
  31. +2 −0  lib/constants.js
  32. +2 −0  lib/crypto.js
  33. +3 −1 lib/dgram.js
  34. +2 −0  lib/dns.js
  35. +2 −0  lib/domain.js
  36. +2 −0  lib/events.js
  37. +2 −0  lib/freelist.js
  38. +7 −1 lib/fs.js
  39. +2 −0  lib/http.js
  40. +2 −0  lib/https.js
  41. +2 −0  lib/module.js
  42. +18 −15 lib/net.js
  43. +2 −0  lib/os.js
  44. +2 −0  lib/path.js
  45. +2 −0  lib/querystring.js
  46. +2 −0  lib/readline.js
  47. +2 −0  lib/repl.js
  48. +2 −0  lib/smalloc.js
  49. +2 −0  lib/stream.js
  50. +2 −0  lib/string_decoder.js
  51. +2 −0  lib/sys.js
  52. +2 −0  lib/timers.js
  53. +8 −6 lib/tls.js
  54. +2 −0  lib/tty.js
  55. +4 −2 lib/url.js
  56. +2 −0  lib/util.js
  57. +2 −0  lib/vm.js
  58. +2 −0  lib/zlib.js
  59. +41 −0 src/node.cc
  60. +11 −0 src/node.h
  61. +3 −0  src/node.js
  62. +24 −0 src/node_crypto.cc
  63. +42 −0 src/node_crypto.h
  64. +1 −1  src/node_os.cc
  65. +2 −2 src/node_version.h
  66. +5 −0 test/simple/test-cluster-dgram-2.js
  67. +100 −0 test/simple/test-dgram-exclusive-implicit-bind.js
  68. +12 −0 test/simple/test-net-remote-address-port.js
  69. +66 −0 test/simple/test-tls-cipher-list.js
  70. +1 −0  test/simple/test-tls-dhe.js
  71. +1 −1  test/simple/test-tls-getcipher.js
  72. +8 −0 test/simple/test-url.js
  73. +4 −1 tools/doc/generate.js
  74. +71 −3 tools/doc/json.js
View
1  AUTHORS
@@ -203,6 +203,7 @@ Feross Aboukhadijeh
Florin-Cristian Gavrila
Forrest L Norvell
Francois Marier
+Frank Cash
Fred K. Schott
Frederico Silva
Friedemann Altrock
View
2  Makefile
@@ -206,7 +206,7 @@ out/doc/%: doc/%
cp -r $< $@
out/doc/api/%.json: doc/api/%.markdown node
- NODE_DOC_VERSION=$(NODE_DOC_VERSION) out/Release/node tools/doc/generate.js --format=json $< > $@
+ NODE_DOC_VERSION=$(NODE_DOC_VERSION) out/Release/node tools/doc/generate.js --format=json $< --output=$@
out/doc/api/%.html: doc/api/%.markdown node
NODE_DOC_VERSION=$(NODE_DOC_VERSION) out/Release/node tools/doc/generate.js --format=html --template=doc/template.html $< > $@
View
2  README.md
@@ -194,7 +194,7 @@ Resources for Newcomers
- [searching the npm registry](http://npmjs.org/)
- [list of companies and projects using node](https://github.com/joyent/node/wiki/Projects,-Applications,-and-Companies-Using-Node)
- [node.js mailing list](http://groups.google.com/group/nodejs)
- - irc chatroom, [#node.js on freenode.net](http://webchat.freenode.net?channels=node.js&uio=d4)
+ - [irc chatroom, #node.js on freenode.net](http://webchat.freenode.net?channels=node.js&uio=d4)
- [community](https://github.com/joyent/node/wiki/Community)
- [contributing](https://github.com/joyent/node/wiki/Contributing)
- [big list of all the helpful wiki pages](https://github.com/joyent/node/wiki/_pages)
View
2  deps/debugger-agent/lib/_debugger_agent.js
@@ -1,3 +1,5 @@
+'use strict';
+
var assert = require('assert');
var net = require('net');
var util = require('util');
View
2  doc/api/crypto.markdown
@@ -101,7 +101,7 @@ Example: this program that takes the sha1 sum of a file
var shasum = crypto.createHash('sha1');
- var s = fs.ReadStream(filename);
+ var s = fs.createReadStream(filename);
s.on('data', function(d) {
shasum.update(d);
});
View
15 doc/api/http.markdown
@@ -511,8 +511,13 @@ Example:
console.log('STATUS: ' + res.statusCode);
console.log('HEADERS: ' + JSON.stringify(res.headers));
res.setEncoding('utf8');
+ var data = '';
res.on('data', function (chunk) {
- console.log('BODY: ' + chunk);
+ console.log('PARTIAL BODY: ' + chunk);
+ data += chunk;
+ });
+ res.on('end', function() {
+ console.log('COMPLETE BODY: ' + data);
});
});
@@ -524,6 +529,12 @@ Example:
req.write(postData);
req.end();
+The `res` object handed off to the callback function passed into to
+`http.request` is an instance of [http.IncomingMessage], which is an
+instance of a Readable Stream. The content of a successful response will be
+delivered using zero or more `data` events followed by a closing `end`
+event.
+
Note that in the example `req.end()` was called. With `http.request()` one
must always call `req.end()` to signify that you're done with the request -
even if there is no data being written to the request body.
@@ -557,6 +568,8 @@ Example:
http.get("http://www.google.com/index.html", function(res) {
console.log("Got response: " + res.statusCode);
+ // consume response body
+ res.resume();
}).on('error', function(e) {
console.log("Got error: " + e.message);
});
View
6 doc/api/path.markdown
@@ -200,7 +200,7 @@ An example on Windows:
process.env.PATH.split(path.delimiter)
// returns
- ['C:\Windows\system32', 'C:\Windows', 'C:\Program Files\nodejs\']
+ ['C:\\Windows\\system32', 'C:\\Windows', 'C:\\Program Files\\nodejs\\']
## path.parse(pathString)
@@ -223,8 +223,8 @@ An example on Windows:
path.parse('C:\\path\\dir\\index.html')
// returns
{
- root : "C:\",
- dir : "C:\path\dir",
+ root : "C:\\",
+ dir : "C:\\path\\dir",
base : "index.html",
ext : ".html",
name : "index"
View
6 doc/api/stream.markdown
@@ -1175,9 +1175,9 @@ as a result of this chunk.
Call the callback function only when the current chunk is completely
consumed. Note that there may or may not be output as a result of any
-particular input chunk. If you supply as the second argument to the
-it will be passed to push method, in other words the following are
-equivalent:
+particular input chunk. If you supply a data chunk as the second argument
+to the callback function it will be passed to push method, in other words
+the following are equivalent:
```javascript
transform.prototype._transform = function (data, encoding, callback) {
View
127 doc/api/tls.markdown
@@ -25,8 +25,10 @@ To create a self-signed certificate with the CSR, do this:
Alternatively you can send the CSR to a Certificate Authority for signing.
-(TODO: docs on creating a CA, for now interested users should just look at
-`test/fixtures/keys/Makefile` in the Node source code)
+For Perfect Forward Secrecy, it is required to generate Diffie-Hellman
+parameters:
+
+ openssl dhparam -outform PEM -out dhparam.pem 2048
To create .pfx or .p12, do this:
@@ -134,6 +136,81 @@ the character "E" appended to the traditional abbreviations):
Ephemeral methods may have some performance drawbacks, because key generation
is expensive.
+## Modifying the Default Cipher Suite
+
+Node.js is built with a default suite of enabled and disabled ciphers.
+Currently, the default cipher suite is:
+
+ ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:
+ DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:
+ HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA
+
+This default can be overridden entirely using the `--cipher-list` command line
+switch or `NODE_CIPHER_LIST` environment variable. For instance:
+
+ node --cipher-list=ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384
+
+Setting the environment variable would have the same effect:
+
+ NODE_CIPHER_LIST=ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384
+
+CAUTION: The default cipher suite has been carefully selected to reflect current
+security best practices and risk mitigation. Changing the default cipher suite
+can have a significant impact on the security of an application. The
+`--cipher-list` and `NODE_CIPHER_LIST` options should only be used if
+absolutely necessary.
+
+### Using Legacy Default Cipher Suite ###
+
+It is possible for the built-in default cipher suite to change from one release
+of Node.js to another. For instance, v0.10.38 uses a different default than
+v0.12.2. Such changes can cause issues with applications written to assume
+certain specific defaults. To help buffer applications against such changes,
+the `--enable-legacy-cipher-list` command line switch or `NODE_LEGACY_CIPHER_LIST`
+environment variable can be set to specify a specific preset default:
+
+ # Use the v0.10.38 defaults
+ node --enable-legacy-cipher-list=v0.10.38
+ // or
+ NODE_LEGACY_CIPHER_LIST=v0.10.38
+
+ # Use the v0.12.2 defaults
+ node --enable-legacy-cipher-list=v0.12.2
+ // or
+ NODE_LEGACY_CIPHER_LIST=v0.12.2
+
+Currently, the values supported for the `enable-legacy-cipher-list` switch and
+`NODE_LEGACY_CIPHER_LIST` environment variable include:
+
+ v0.10.38 - To enable the default cipher suite used in v0.10.38
+
+ ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
+
+ v0.10.39 - To enable the default cipher suite used in v0.10.39
+
+ ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH
+
+ v0.12.2 - To enable the default cipher suite used in v0.12.2
+
+ ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:
+ HIGH:!MD5:!aNULL
+
+ v.0.12.3 - To enable the default cipher suite used in v0.12.3
+
+ ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:
+ !RC4:!MD5:!aNULL
+
+These legacy cipher suites are also made available for use via the
+`getLegacyCiphers()` method:
+
+ var tls = require('tls');
+ console.log(tls.getLegacyCiphers('v0.10.38'));
+
+CAUTION: Changes to the default cipher suite are typically made in order to
+strengthen the default security for applications running within Node.js.
+Reverting back to the defaults used by older releases can weaken the security
+of your applications. The legacy cipher suites should only be used if absolutely
+necessary.
## tls.getCiphers()
@@ -144,6 +221,12 @@ Example:
var ciphers = tls.getCiphers();
console.log(ciphers); // ['AES128-SHA', 'AES256-SHA', ...]
+## tls.getLegacyCiphers(version)
+
+Returns the legacy default cipher suite for the specified Node.js release.
+
+Example:
+ var cipher_suite = tls.getLegacyCiphers('v0.10.38');
## tls.createServer(options[, secureConnectionListener])
@@ -170,31 +253,20 @@ automatically set as a listener for the [secureConnection][] event. The
- `crl` : Either a string or list of strings of PEM encoded CRLs (Certificate
Revocation List)
- - `ciphers`: A string describing the ciphers to use or exclude.
-
- To mitigate [BEAST attacks] it is recommended that you use this option in
- conjunction with the `honorCipherOrder` option described below to
- prioritize the non-CBC cipher.
-
- Defaults to
- `ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL`.
- Consult the [OpenSSL cipher list format documentation] for details
- on the format.
-
- `ECDHE-RSA-AES128-SHA256`, `DHE-RSA-AES128-SHA256` and
- `AES128-GCM-SHA256` are TLS v1.2 ciphers and used when Node.js is
- linked against OpenSSL 1.0.1 or newer, such as the bundled version
- of OpenSSL. Note that it is still possible for a TLS v1.2 client
- to negotiate a weaker cipher unless `honorCipherOrder` is enabled.
+ - `ciphers`: A string describing the ciphers to use or exclude, separated by
+ `:`. The default cipher suite is:
- `RC4` is used as a fallback for clients that speak on older version of
- the TLS protocol. `RC4` has in recent years come under suspicion and
- should be considered compromised for anything that is truly sensitive.
- It is speculated that state-level actors possess the ability to break it.
+ ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:
+ DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:
+ HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA
- **NOTE**: Previous revisions of this section suggested `AES256-SHA` as an
- acceptable cipher. Unfortunately, `AES256-SHA` is a CBC cipher and therefore
- susceptible to [BEAST attacks]. Do *not* use it.
+ The default cipher suite prefers ECDHE and DHE ciphers for Perfect Forward
+ secrecy, while offering *some* backward compatibility. Old clients which
+ rely on insecure and deprecated RC4 or DES-based ciphers (like Internet
+ Explorer 6) aren't able to complete the handshake with the default
+ configuration. If you absolutely must support these clients, the
+ [TLS recommendations] may offer a compatible cipher suite. For more details
+ on the format, see the [OpenSSL cipher list format documentation].
- `ecdhCurve`: A string describing a named curve to use for ECDH key agreement
or false to disable ECDH.
@@ -212,7 +284,7 @@ automatically set as a listener for the [secureConnection][] event. The
times out.
- `honorCipherOrder` : When choosing a cipher, use the server's preferences
- instead of the client preferences.
+ instead of the client preferences. Default: `true`.
Although, this option is disabled by default, it is *recommended* that you
use this option in conjunction with the `ciphers` option to mitigate
@@ -512,7 +584,7 @@ encrypted data, and one reads/writes cleartext data.
Generally the encrypted one is piped to/from an incoming encrypted data stream,
and the cleartext one is used as a replacement for the initial encrypted stream.
- - `credentials`: A secure context object from tls.createSecureContext( ... )
+ - `context`: A secure context object from tls.createSecureContext( ... )
- `isServer`: A boolean indicating whether this tls connection should be
opened as a server or a client.
@@ -868,5 +940,6 @@ The numeric representation of the local port.
[ECDHE]: https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
[asn1.js]: http://npmjs.org/package/asn1.js
[OCSP request]: http://en.wikipedia.org/wiki/OCSP_stapling
+[TLS recommendations]: https://wiki.mozilla.org/Security/Server_Side_TLS
[SSL_CTX_set_options]: https://www.openssl.org/docs/ssl/SSL_CTX_set_options.html
[CVE-2014-3566]: https://access.redhat.com/articles/1232123
View
2  lib/_debugger.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util'),
path = require('path'),
net = require('net'),
View
2  lib/_http_agent.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var net = require('net');
var util = require('util');
var EventEmitter = require('events').EventEmitter;
View
2  lib/_http_client.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var net = require('net');
var url = require('url');
View
2  lib/_http_common.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var FreeList = require('freelist').FreeList;
var HTTPParser = process.binding('http_parser').HTTPParser;
View
2  lib/_http_incoming.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var Stream = require('stream');
View
2  lib/_http_outgoing.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var assert = require('assert').ok;
var Stream = require('stream');
var timers = require('timers');
View
4 lib/_http_server.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var net = require('net');
var EventEmitter = require('events').EventEmitter;
@@ -448,7 +450,7 @@ function connectionListener(socket) {
}
// When we're finished writing the response, check if this is the last
- // respose, if so destroy the socket.
+ // response, if so destroy the socket.
res.on('prefinish', resOnFinish);
function resOnFinish() {
// Usually the first incoming element should be our request. it may
View
2  lib/_linklist.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
function init(list) {
list._idleNext = list;
list._idlePrev = list;
View
2  lib/_stream_duplex.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// a duplex stream is just a stream that is both readable and writable.
// Since JS doesn't have multiple prototypal inheritance, this class
// prototypally inherits from Readable, and then parasitically from
View
2  lib/_stream_passthrough.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// a passthrough stream.
// basically just the most minimal sort of Transform stream.
// Every written chunk gets output as-is.
View
8 lib/_stream_readable.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
module.exports = Readable;
Readable.ReadableState = ReadableState;
@@ -142,8 +144,7 @@ function readableAddChunk(stream, state, chunk, encoding, addToFront) {
stream.emit('error', er);
} else if (chunk === null) {
state.reading = false;
- if (!state.ended)
- onEofChunk(stream, state);
+ onEofChunk(stream, state);
} else if (state.objectMode || chunk && chunk.length > 0) {
if (state.ended && !addToFront) {
var e = new Error('stream.push() after EOF');
@@ -388,7 +389,8 @@ function chunkInvalid(state, chunk) {
function onEofChunk(stream, state) {
- if (state.decoder && !state.ended) {
+ if (state.ended) return;
+ if (state.decoder) {
var chunk = state.decoder.end();
if (chunk && chunk.length) {
state.buffer.push(chunk);
View
2  lib/_stream_transform.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// a transform stream is a readable/writable stream where you do
// something with the data. Sometimes it's called a "filter",
View
2  lib/_stream_writable.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// A bit simpler than readable streams.
// Implement an async ._write(chunk, cb), and it'll handle all
// the drain event emission and buffering.
View
2  lib/_tls_common.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var constants = require('constants');
var tls = require('tls');
View
2  lib/_tls_legacy.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var assert = require('assert');
var events = require('events');
var stream = require('stream');
View
8 lib/_tls_wrap.js
@@ -22,6 +22,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var assert = require('assert');
var crypto = require('crypto');
var net = require('net');
@@ -733,10 +735,10 @@ Server.prototype.setOptions = function(options) {
secureOptions |= constants.SSL_OP_CIPHER_SERVER_PREFERENCE;
}
- if (options.honorCipherOrder)
- this.honorCipherOrder = true;
+ if (options.honorCipherOrder !== undefined)
+ this.honorCipherOrder = !!options.honorCipherOrder;
else
- this.honorCipherOrder = false;
+ this.honorCipherOrder = true;
this.secureOptions = secureOptions;
View
2  lib/assert.js
@@ -22,6 +22,8 @@
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// UTILITY
var util = require('util');
var b = require('buffer');
View
2  lib/buffer.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var buffer = process.binding('buffer');
var smalloc = process.binding('smalloc');
var util = require('util');
View
2  lib/child_process.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var StringDecoder = require('string_decoder').StringDecoder;
var EventEmitter = require('events').EventEmitter;
var net = require('net');
View
2  lib/cluster.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var EventEmitter = require('events').EventEmitter;
var assert = require('assert');
var dgram = require('dgram');
View
2  lib/console.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
function Console(stdout, stderr) {
View
2  lib/constants.js
@@ -19,4 +19,6 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
module.exports = process.binding('constants');
View
2  lib/crypto.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// Note: In 0.8 and before, crypto functions all defaulted to using
// binary-encoded strings rather than buffers.
View
4 lib/dgram.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var assert = require('assert');
var util = require('util');
var events = require('events');
@@ -293,7 +295,7 @@ Socket.prototype.send = function(buffer,
self._healthCheck();
if (self._bindState == BIND_STATE_UNBOUND)
- self.bind(0, null);
+ self.bind({port: 0, exclusive: true}, null);
// If the socket hasn't been bound yet, push the outbound packet onto the
// send queue and send after binding is complete.
View
2  lib/dns.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var net = require('net');
var util = require('util');
View
2  lib/domain.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var EventEmitter = require('events');
var inherits = util.inherits;
View
2  lib/events.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var domain;
var util = require('util');
View
2  lib/freelist.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// This is a free list to avoid creating so many of the same object.
exports.FreeList = function(name, max, constructor) {
this.name = name;
View
8 lib/fs.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// Maintainers, keep in mind that octal literals are not allowed
// in strict mode. Use the decimal value and add a comment with
// the octal value. Example:
@@ -87,10 +89,14 @@ function maybeCallback(cb) {
// for callbacks that are passed to the binding layer, callbacks that are
// invoked from JS already run in the proper scope.
function makeCallback(cb) {
- if (!util.isFunction(cb)) {
+ if (util.isNullOrUndefined(cb)) {
return rethrow();
}
+ if (!util.isFunction(cb)) {
+ throw new TypeError('callback must be a function');
+ }
+
return function() {
return cb.apply(null, arguments);
};
View
2  lib/http.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var util = require('util');
var EventEmitter = require('events').EventEmitter;
View
2  lib/https.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var tls = require('tls');
var url = require('url');
var http = require('http');
View
2  lib/module.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var NativeModule = require('native_module');
var util = require('util');
var runInThisContext = require('vm').runInThisContext;
View
33 lib/net.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var events = require('events');
var stream = require('stream');
var timers = require('timers');
@@ -68,8 +70,8 @@ function isPipeName(s) {
}
-exports.createServer = function() {
- return new Server(arguments[0], arguments[1]);
+exports.createServer = function(options, connectionListener) {
+ return new Server(options, connectionListener);
};
@@ -577,10 +579,10 @@ function onread(nread, buffer) {
Socket.prototype._getpeername = function() {
- if (!this._handle || !this._handle.getpeername) {
- return {};
- }
if (!this._peername) {
+ if (!this._handle || !this._handle.getpeername) {
+ return {};
+ }
var out = {};
var err = this._handle.getpeername(out);
if (err) return {}; // FIXME(bnoordhuis) Throw?
@@ -866,6 +868,7 @@ Socket.prototype.connect = function(options, cb) {
this._writableState.errorEmitted = false;
this.destroyed = false;
this._handle = null;
+ this._peername = null;
}
var self = this;
@@ -1012,23 +1015,23 @@ function afterConnect(status, handle, req, readable, writable) {
}
-function Server(/* [ options, ] listener */) {
- if (!(this instanceof Server)) return new Server(arguments[0], arguments[1]);
+function Server(options, connectionListener) {
+ if (!(this instanceof Server))
+ return new Server(options, connectionListener);
+
events.EventEmitter.call(this);
var self = this;
- var options;
-
- if (util.isFunction(arguments[0])) {
+ if (util.isFunction(options)) {
+ connectionListener = options;
options = {};
- self.on('connection', arguments[0]);
+ self.on('connection', connectionListener);
} else {
- options = arguments[0] || {};
+ options = options || {};
- if (util.isFunction(arguments[1])) {
- self.on('connection', arguments[1]);
- }
+ if (util.isFunction(connectionListener))
+ self.on('connection', connectionListener);
}
this._connections = 0;
View
2  lib/os.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var binding = process.binding('os');
var util = require('util');
var isWindows = process.platform === 'win32';
View
2  lib/path.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var isWindows = process.platform === 'win32';
var util = require('util');
View
2  lib/querystring.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// Query String Utilities
var QueryString = exports;
View
2  lib/readline.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// Inspiration for this code comes from Salvatore Sanfilippo's linenoise.
// https://github.com/antirez/linenoise
// Reference:
View
2  lib/repl.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
/* A repl library that you can include in your own code to get a runtime
* interface to your program.
*
View
2  lib/smalloc.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var smalloc = process.binding('smalloc');
var kMaxLength = smalloc.kMaxLength;
var util = require('util');
View
2  lib/stream.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
module.exports = Stream;
var EE = require('events').EventEmitter;
View
2  lib/string_decoder.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
function assertEncoding(encoding) {
if (encoding && !Buffer.isEncoding(encoding)) {
throw new Error('Unknown encoding: ' + encoding);
View
2  lib/sys.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
// the sys module was renamed to 'util'.
// this shim remains to keep old programs working.
module.exports = require('util');
View
2  lib/timers.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var Timer = process.binding('timer_wrap').Timer;
var L = require('_linklist');
var assert = require('assert').ok;
View
14 lib/tls.js
@@ -19,6 +19,10 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
+var _crypto = process.binding('crypto');
+
var net = require('net');
var url = require('url');
var util = require('util');
@@ -33,16 +37,14 @@ exports.CLIENT_RENEG_WINDOW = 600;
exports.SLAB_BUFFER_SIZE = 10 * 1024 * 1024;
-exports.DEFAULT_CIPHERS =
- // TLS 1.2
- 'ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:' +
- // TLS 1.0
- 'RC4:HIGH:!MD5:!aNULL';
+exports.DEFAULT_CIPHERS = _crypto.DEFAULT_CIPHER_LIST;
exports.DEFAULT_ECDH_CURVE = 'prime256v1';
+exports.getLegacyCiphers = _crypto.getLegacyCiphers;
+
exports.getCiphers = function() {
- var names = process.binding('crypto').getSSLCiphers();
+ var names = _crypto.getSSLCiphers();
// Drop all-caps names in favor of their lowercase aliases,
var ctx = {};
names.forEach(function(name) {
View
2  lib/tty.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var inherits = require('util').inherits;
var net = require('net');
var TTY = process.binding('tty_wrap').TTY;
View
6 lib/url.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var punycode = require('punycode');
var util = require('util');
@@ -639,8 +641,8 @@ Url.prototype.resolveObject = function(relative) {
// then it must NOT get a trailing slash.
var last = srcPath.slice(-1)[0];
var hasTrailingSlash = (
- (result.host || relative.host) && (last === '.' || last === '..') ||
- last === '');
+ (result.host || relative.host || srcPath.length > 1) &&
+ (last === '.' || last === '..') || last === '');
// strip single dots, resolve double dots to parent dir
// if the path tries to go above the root, `up` ends up > 0
View
2  lib/util.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var formatRegExp = /%[sdj%]/g;
exports.format = function(f) {
if (!isString(f)) {
View
2  lib/vm.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var binding = process.binding('contextify');
var Script = binding.ContextifyScript;
var util = require('util');
View
2  lib/zlib.js
@@ -19,6 +19,8 @@
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
+'use strict';
+
var Transform = require('_stream_transform');
var binding = process.binding('zlib');
View
41 src/node.cc
@@ -2936,6 +2936,9 @@ static void PrintHelp() {
#endif
" --enable-ssl2 enable ssl2\n"
" --enable-ssl3 enable ssl3\n"
+ " --cipher-list=val specify the default TLS cipher list\n"
+ " --enable-legacy-cipher-list=val \n"
+ " val = v0.10.38, v0.10.39, v0.12.2 or v0.12.3\n"
"\n"
"Environment variables:\n"
#ifdef _WIN32
@@ -2953,6 +2956,9 @@ static void PrintHelp() {
" (will extend linked-in data)\n"
#endif
#endif
+ "NODE_CIPHER_LIST Override the default TLS cipher list\n"
+ "NODE_LEGACY_CIPHER_LIST=val\n"
+ " val = v0.10.38, v0.10.39, v0.12.2 or v0.12.3\n"
"\n"
"Documentation can be found at http://nodejs.org/\n");
}
@@ -2992,6 +2998,7 @@ static void ParseArgs(int* argc,
unsigned int new_argc = 1;
new_v8_argv[0] = argv[0];
new_argv[0] = argv[0];
+ bool using_legacy_cipher_list = false;
unsigned int index = 1;
while (index < nargs && argv[index][0] == '-') {
@@ -3047,6 +3054,20 @@ static void ParseArgs(int* argc,
} else if (strcmp(arg, "--v8-options") == 0) {
new_v8_argv[new_v8_argc] = "--help";
new_v8_argc += 1;
+ } else if (strncmp(arg, "--cipher-list=", 14) == 0) {
+ if (!using_legacy_cipher_list) {
+ DEFAULT_CIPHER_LIST = arg + 14;
+ }
+ } else if (strncmp(arg, "--enable-legacy-cipher-list=", 28) == 0) {
+ // use the original v0.10.x/v0.12.x cipher lists
+ const char * legacy_list = legacy_cipher_list(arg+28);
+ if (legacy_list != NULL) {
+ using_legacy_cipher_list = true;
+ DEFAULT_CIPHER_LIST = legacy_list;
+ } else {
+ fprintf(stderr, "Error: An unknown legacy cipher list was specified\n");
+ exit(9);
+ }
#if defined(NODE_HAVE_I18N_SUPPORT)
} else if (strncmp(arg, "--icu-data-dir=", 15) == 0) {
icu_data_dir = arg + 15;
@@ -3414,6 +3435,26 @@ void Init(int* argc,
}
}
+ const char * cipher_list = getenv("NODE_CIPHER_LIST");
+ if (cipher_list != NULL) {
+ DEFAULT_CIPHER_LIST = cipher_list;
+ }
+ // Allow the NODE_LEGACY_CIPHER_LIST envar to override the other
+ // cipher list options. NODE_LEGACY_CIPHER_LIST=v0.10.38 will use
+ // the cipher list from v0.10.38, NODE_LEGACY_CIPHER_LIST=v0.12.2 will
+ // use the cipher list from v0.12.2
+ const char * leg_cipher_id = getenv("NODE_LEGACY_CIPHER_LIST");
+ if (leg_cipher_id != NULL) {
+ const char * leg_cipher_list =
+ legacy_cipher_list(leg_cipher_id);
+ if (leg_cipher_list != NULL) {
+ DEFAULT_CIPHER_LIST = leg_cipher_list;
+ } else {
+ fprintf(stderr, "Error: An unknown legacy cipher list was specified\n");
+ exit(9);
+ }
+ }
+
#if defined(NODE_HAVE_I18N_SUPPORT)
if (icu_data_dir == NULL) {
// if the parameter isn't given, use the env variable.
View
11 src/node.h
@@ -223,6 +223,17 @@ NODE_EXTERN void RunAtExit(Environment* env);
} \
while (0)
+#define NODE_DEFINE_STRING_CONSTANT(isolate, target, constant) \
+ do { \
+ v8::Local<v8::String> constant_name = \
+ v8::String::NewFromUtf8(isolate, #constant); \
+ v8::Local<v8::String> constant_value = \
+ v8::String::NewFromUtf8(isolate, constant); \
+ v8::PropertyAttribute constant_attributes = \
+ static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete); \
+ (target)->ForceSet(constant_name, constant_value, constant_attributes); \
+ } while (0)
+
// Used to be a macro, hence the uppercase name.
template <typename TypeName>
inline void NODE_SET_METHOD(const TypeName& recv,
View
3  src/node.js
@@ -24,6 +24,9 @@
// This file is invoked by node::Load in src/node.cc, and responsible for
// bootstrapping the node.js core. Special caution is given to the performance
// of the startup process, so many dependencies are invoked lazily.
+
+'use strict';
+
(function(process) {
this.global = this;
View
24 src/node_crypto.cc
@@ -77,6 +77,7 @@ namespace node {
bool SSL2_ENABLE = false;
bool SSL3_ENABLE = false;
+const char * DEFAULT_CIPHER_LIST = DEFAULT_CIPHER_LIST_HEAD;
namespace crypto {
@@ -4851,6 +4852,26 @@ static void array_push_back(const TypeName* md,
ctx->arr->Set(ctx->arr->Length(), OneByteString(ctx->env()->isolate(), from));
}
+// borrowed from v8
+// (see http://v8.googlecode.com/svn/trunk/samples/shell.cc)
+const char* ToCString(const String::Utf8Value& value) {
+ return *value ? *value : "<string conversion failed>";
+}
+
+void DefaultCiphers(const v8::FunctionCallbackInfo<v8::Value>& args) {
+ Environment* env = Environment::GetCurrent(args.GetIsolate());
+ HandleScope scope(env->isolate());
+ v8::String::Utf8Value key(args[0]);
+ const char * list = legacy_cipher_list(ToCString(key));
+ if (list != NULL) {
+ args.GetReturnValue().Set(
+ v8::String::NewFromUtf8(args.GetIsolate(), list));
+ } else {
+ args.GetReturnValue().Set(
+ v8::String::NewFromUtf8(args.GetIsolate(),
+ DEFAULT_CIPHER_LIST_HEAD));
+ }
+}
void GetCiphers(const FunctionCallbackInfo<Value>& args) {
Environment* env = Environment::GetCurrent(args.GetIsolate());
@@ -5171,6 +5192,9 @@ void InitCrypto(Handle<Object> target,
NODE_DEFINE_CONSTANT(target, SSL3_ENABLE);
NODE_DEFINE_CONSTANT(target, SSL2_ENABLE);
+
+ NODE_DEFINE_STRING_CONSTANT(env->isolate(), target, DEFAULT_CIPHER_LIST);
+ NODE_SET_METHOD(target, "getLegacyCiphers", DefaultCiphers);
}
} // namespace crypto
View
42 src/node_crypto.h
@@ -38,6 +38,7 @@
#include "v8.h"
+#include <string.h>
#include <openssl/ssl.h>
#include <openssl/ec.h>
#include <openssl/ecdh.h>
@@ -59,10 +60,51 @@
# define NODE__HAVE_TLSEXT_STATUS_CB
#endif // !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_set_tlsext_status_cb)
+#define DEFAULT_CIPHER_LIST_V10_38 "ECDHE-RSA-AES128-SHA256:" \
+ "AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"
+
+#define DEFAULT_CIPHER_LIST_V10_39 "ECDHE-RSA-AES128-SHA256:" \
+ "AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH"
+
+#define DEFAULT_CIPHER_LIST_V12_2 "ECDHE-RSA-AES128-SHA256:" \
+ "DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:" \
+ "HIGH:!MD5:!aNULL"
+
+#define DEFAULT_CIPHER_LIST_V12_3 "ECDHE-RSA-AES128-SHA256:" \
+ "DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:"\
+ "!RC4:!MD5:!aNULL"
+
+#define DEFAULT_CIPHER_LIST_HEAD "ECDHE-RSA-AES256-SHA384:" \