Permalink
Commits on May 21, 2014
  1. npm: upgrade to 1.4.10

    * Don't set referer if already set
    * fetch: Send referer and npm-session headers
    * run-script: Support --parseable and --json
    * list runnable scripts (Evan Lucas)
    * Use marked instead of ronn for html docs
    isaacs committed May 6, 2014
Commits on Jan 8, 2014
  1. tls: fix pool usage race

    When calling `encOut` in loop, `maybeInitFinished()` may invoke
    `clearOut`'s loop, leading to the writing of interleaved data
    (encrypted and cleartext) into the one shared pool.
    
    Move `maybeInitFinished()` out of the loop and add assertion for
    future.
    
    backport of 60f777d
    indutny committed Dec 27, 2013
Commits on Nov 7, 2013
  1. test: fix http backpressure test case

    - use socket timeout event,
    - pause socket from the client side.
    egirshov committed with indutny Nov 6, 2013
Commits on Oct 31, 2013
Commits on Oct 18, 2013
  1. Now working on 0.8.27

    tjfontaine committed Oct 18, 2013
  2. 2013.10.13, Version 0.8.26 (maintenance)

    * v8: Upgrade to 3.11.10.26
    
    * crypto: clear openssl error stack when handled (Ben Noordhuis)
    
    * crypto: clear errors from verify failure (Timothy J Fontaine)
    
    * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
    
    * http: provide backpressure for pipeline flood (isaacs)
    
    * http_parser: expose pause/resume method for parser (Timothy J Fontaine)
    
    * readline: pause stdin before turning off terminal raw mode (Daniel Chatfield)
    tjfontaine committed Oct 18, 2013
  3. crypto: clear openssl error stack when handled

    Clear OpenSSL's error stack on return from Connection::HandleSSLError().
    This stops stale errors from popping up later in the lifecycle of the
    SSL connection where they would cause spurious failures.
    
    This commit causes a 1-2% performance regression on `make bench-tls`.
    We'll address that in follow-up commits if possible but let's ensure
    correctness first.
    
    Backport of c6e2db2
    bnoordhuis committed with tjfontaine Oct 18, 2013
  4. crypto: clear errors from verify failure

    OpenSSL will push errors onto the stack when a verify fails, which can
    disrupt TLS and other routines if we don't clear the error stack
    
    Fixes #6304
    tjfontaine committed Oct 18, 2013
  5. http: provide backpressure for pipeline flood

    If a client sends a lot more pipelined requests than we can handle, then
    we need to provide backpressure so that the client knows to back off.
    Do this by pausing both the stream and the parser itself when the
    responses are not being read by the downstream client.
    
    Backport of 085dd30
    isaacs committed with tjfontaine Oct 17, 2013
Commits on Oct 16, 2013
Commits on Aug 17, 2013
  1. readline: pause stdin before turning off terminal raw mode

    On windows, libuv will immediately make a `ReadConsole` call (in the
    thread pool) when a 'flowing' `uv_tty_t` handle is switched to
    line-buffered mode. That causes an immediate issue for some users,
    since libuv can't cancel the `ReadConsole` operation on Windows 8 /
    Server 2012 and up if the program switches back to raw mode later.
    
    But even if this will be fixed in libuv at some point, it's better to
    avoid the overhead of starting work in the thread pool and immediately
    cancelling it afther that.
    
    See also f34f1e3, where the same change is made for the opposite
    flow, e.g. move `resume()` after `_setRawMode(true)`.
    
    Fixes #5927
    
    This is a backport of dfb0461 (see #5930) to the v0.8 branch.
    danielchatfield committed with piscisaureus Jul 30, 2013
Commits on Jul 29, 2013
  1. crypto: fix memory leak in LoadPKCS12

    X509_STORE_add_cert increment reference of passed `x509` cert,
    `X509_free` must be called to avoid memory leak.
    
    This is a back-port of commit c1db1ec from the master branch.
    indutny committed Jun 27, 2013
Commits on Jun 26, 2013
  1. v8: remove optimization switches

    Remove compiler switches from $(TOPLEVEL)/deps/v8/build/common.gypi, we set
    them globally in $(TOPLEVEL)/common.gypi.
    
    Commit 29d12c7 accidentally reintroduced the switches again. In particular,
    the 'cflags!': ['-O2','-Os'] section forced building V8 without any
    optimizations, resulting in a steep (~66%) performance drop on some benchmarks.
    
    Fixes #4191.
    bnoordhuis committed with isaacs Oct 24, 2012
  2. V8: Reapply patches

    isaacs committed Oct 23, 2012
  3. v8: Upgrade to 3.11.10.26

    isaacs committed Jun 26, 2013
Commits on Jun 13, 2013
  1. Now working on 0.8.26

    isaacs committed Jun 13, 2013
  2. 2013.06.13, Version 0.8.25 (maintenance)

    * npm: Upgrade to 1.2.30
    
    * child_process: fix handle delivery (Ben Noordhuis)
    isaacs committed Jun 13, 2013
Commits on Jun 12, 2013
  1. npm: Upgrade to 1.2.30

    isaacs committed Jun 12, 2013
Commits on Jun 6, 2013
  1. child_process: fix handle delivery

    node.js and libuv depend on the fact that none of the supported systems
    ever emit more than one SCM_RIGHTS message from a recvmsg() syscall.
    
    SCM_RIGHTS messages are never coalesced. SCM_RIGHTS and normal messages
    however _are_ coalesced. That is, recvmsg() might return this:
    
      recvmsg();  // { "message-with-fd", "message", "message" }
    
    The operating system implicitly breaks pending messages along
    SCM_RIGHTS boundaries. Most Unices break before such messages but Linux
    also breaks _after_ them.  When the sender looks like this:
    
      sendmsg("message");
      sendmsg("message-with-fd");
      sendmsg("message");
    
    Then on most Unices the receiver sees messages arriving like this:
    
      recvmsg();  // { "message" }
      recvmsg();  // { "message-with-fd", "message" }
    
    The bug fix in commit 9352c19 assumes this behavior. On Linux however,
    those messages can also come in like this:
    
      recvmsg();  // { "message", "message-with-fd" }
      recvmsg();  // { "message" }
    
    In other words, it's incorrect to assume that the file descriptor is
    always attached to the first message. This commit makes node wise up.
    
    This is a back-port of commit 21bd456 from the v0.10 branch. The test
    has been dropped as it's not compatible with the v0.8 process model.
    
    Fixes #5330.
    
    Conflicts:
    	lib/child_process.js
    bnoordhuis committed May 10, 2013
  2. npm: Upgrade to 1.2.27

    isaacs committed Jun 6, 2013
Commits on Jun 4, 2013
  1. Now working on v0.8.25

    isaacs committed Jun 4, 2013
Commits on Jun 3, 2013
  1. 2013.06.04, Version 0.8.24 (maintenance)

    * npm: Upgrade to v1.2.24
    
    * url: Properly parse certain oddly formed urls (isaacs)
    
    * http: Don't try to destroy nonexistent sockets (isaacs)
    
    * handle_wrap: fix NULL pointer dereference (Ben Noordhuis)
    isaacs committed Jun 3, 2013
  2. npm: Upgrade to 1.2.24

    isaacs committed Jun 3, 2013
  3. url: Properly parse certain oddly formed urls

    In cases where there are multiple @-chars in a url, Node currently
    parses the hostname and auth sections differently than web browsers.
    
    This part of the bug is serious, and should be landed in v0.10, and
    also ported to v0.8, and releases made as soon as possible.
    
    The less serious issue is that there are many other sorts of malformed
    urls which Node either accepts when it should reject, or interprets
    differently than web browsers.  For example, `http://a.com*foo` is
    interpreted by Node like `http://a.com/*foo` when web browsers treat
    this as `http://a.com%3Bfoo/`.
    
    In general, *only* the `hostEndingChars` should be the characters that
    delimit the host portion of the URL.  Most of the current `nonHostChars`
    that appear in the hostname should be escaped, but some of them (such as
    `;` and `%` when it does not introduce a hex pair) should raise an
    error.
    
    We need to have a broader discussion about whether it's best to throw in
    these cases, and potentially break extant programs, or return an object
    that has every field set to `null` so that any attempt to read the
    hostname/auth/etc. will appear to be empty.
    isaacs committed Jun 3, 2013
Commits on Apr 22, 2013
  1. http: Don't try to destroy nonexistent sockets

    Fixes #3740
    
    In the case of pipelined requests, you can have a situation where
    the socket gets destroyed via one req/res object, but then trying
    to destroy *another* req/res on the same socket will cause it to
    call undefined.destroy(), since it was already removed from that
    message.
    
    Add a guard to OutgoingMessage.destroy and IncomingMessage.destroy
    to prevent this error.
    isaacs committed Apr 22, 2013
Commits on Apr 17, 2013
  1. test: make stdout-close-unref work in test runner

    process.stdout isn't fully initialized yet by the time the test starts
    when invoked with `python tools/test.py`. Use process.stdin instead and
    force initialization with process.stdin.resume().
    
    This is a back-port of commit 2e70dda from the v0.10 branch.
    bnoordhuis committed Apr 17, 2013
Commits on Apr 16, 2013
  1. handle_wrap: fix NULL pointer dereference

    Fix a NULL pointer dereference in src/handle_wrap.cc which is really a
    use-after-close bug.
    
    The test checks that unref() after close() works on process.stdout but
    this bug affects everything that derives from HandleWrap. I discovered
    it because child processes would sometimes quit for no reason (that is,
    no reason until I turned on core dumps.)
    
    This is a back-port of commit ccd3722 from the v0.10 branch.
    bnoordhuis committed Apr 16, 2013
Commits on Apr 9, 2013
  1. Now working on 0.8.24

    isaacs committed Apr 9, 2013
Commits on Apr 8, 2013
  1. 2013.04.09, Version 0.8.23 (maintenance)

    * npm: Upgrade to v1.2.18
    
    * http: Avoid EE warning on ECONNREFUSED handling (isaacs)
    
    * tls: Re-enable check of CN-ID in cert verification (Tobias Müllerleile)
    
    * child_process: fix sending utf-8 to child process (Ben Noordhuis)
    
    * crypto: check key type in GetPeerCertificate() (Ben Noordhuis)
    
    * win/openssl: mark assembled object files as seh safe (Bert Belder)
    
    * windows/msi: fix msi build issue with WiX 3.7/3.8 (Raymond Feng)
    isaacs committed Apr 8, 2013
  2. npm: Upgrade to v1.2.18

    isaacs committed Apr 8, 2013