Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: expose Finished messages in TLSSocket #19102

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
8 participants
@codedot
Copy link
Contributor

codedot commented Mar 3, 2018

Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished() and tlsSocket.getPeerFinished(), respectively.

Fixes: #19055
Refs: ripple/rippled#2413

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

tls, crypto, doc, test

@addaleax
Copy link
Member

addaleax left a comment

The implementation seems fine to me, thanks!

/cc @nodejs/crypto

char* buf = Malloc(EVP_MAX_MD_SIZE * 2);
size_t len = SSL_get_finished(w->ssl_, buf, EVP_MAX_MD_SIZE * 2);
if (!len)
return;

This comment has been minimized.

@addaleax

addaleax Mar 3, 2018

Member

This leaks memory, buf is not free’d here (the same applies below)

This comment has been minimized.

@codedot

codedot Mar 3, 2018

Author Contributor

Amended commit, now free()ing the buffers in both functions. Thanks.

const bob = tls.connect({
port: server.address().port,
rejectUnauthorized: false
}, () => {

This comment has been minimized.

@addaleax

addaleax Mar 3, 2018

Member

Can you wrap the functions that should be called exactly once in common.mustCall()?

This comment has been minimized.

@codedot

codedot Mar 3, 2018

Author Contributor

I wrapped all callbacks in common.mustCall(), except for the exit event.

};
});

process.on('exit', () => {

This comment has been minimized.

@addaleax

addaleax Mar 3, 2018

Member

Is there maybe a more suitable event to listen for, like the finished event of bob or similar?

This comment has been minimized.

@codedot

codedot Mar 3, 2018

Author Contributor

I considered other ways to catch the moment when both alice and bob had saved their versions of Finished messages, however the code gets messy compared to just listening to the exit event.

* Returns: {undefined|Buffer} The latest `Finished` message that was sent
to the socket, or `undefined` if no `Finished` message has been sent yet.

Corresponds to the `SSL_get_finished` routine in OpenSSL.

This comment has been minimized.

@addaleax

addaleax Mar 3, 2018

Member

What are the actual about the contents of these buffers? How does the peer generate them? Should Node provide support for that too?

This comment has been minimized.

@codedot

codedot Mar 3, 2018

Author Contributor

I added "as part of a SSL/TLS handshake" phrase to the documentation in order to emphasize that the Finished messages are internal to OpenSSL implementation and are not provided by application.

This comment has been minimized.

@addaleax

addaleax Mar 3, 2018

Member

@codedot If these are internal to OpenSSL, how is the returned buffer meaningful to the caller?

This comment has been minimized.

@codedot

codedot Mar 3, 2018

Author Contributor

@addaleax An article called Why is it unlikely to have a complete and alternative implementation of Ripple? describes in detail how the Finished messages are used to generate Session-Signature in rippled using the fact that both Finished messages are available on both sides of an SSL/TLS socket. Also, see ripple/rippled#2413 and the comment by @JoelKatz.

However, I would not suggest including this motivation into Node.js documentation because I do not think it would be wise to endorse such a questionable method.

This comment has been minimized.

@addaleax

addaleax Mar 4, 2018

Member

@codedot All of these only resources only describe that these functions are necessary to implement that protocol, but make no statements about what guarantees can be made about the returned contents of these buffers.

I realize that the OpenSSL documentation and source code don’t provide much more information either, but since apparently people found a use case for these functions, there must be sensible statements that we could make here in the documentation.

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@addaleax Well, I think Node.js should not provide more documentation for these routines than OpenSSL itself does. The modern versions do not include any man(1) pages for them like they used to. However, even the old documentation was not descriptive.

This comment has been minimized.

@addaleax

addaleax Mar 4, 2018

Member

Well, I think Node.js should not provide more documentation than OpenSSL itself does.

I’d agree, but the place to start fixing this would be the OpenSSL documentation then ;)

I’m just really not a fan of having documentation that doesn’t really describe what something does…

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

I’d agree, but the place to start fixing this would be the OpenSSL documentation then ;)

I'm afraid that's the best I can do :(

This comment has been minimized.

@addaleax

addaleax Mar 4, 2018

Member

@codedot I guess there’s no harm in opening an issue: openssl/openssl#5509

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@addaleax Thank you very much for asking OpenSSL team for help. Documentation updated, please review.

@indutny

indutny approved these changes Mar 4, 2018

Copy link
Member

indutny left a comment

LGTM with a nit.


char* buf = Malloc(EVP_MAX_MD_SIZE * 2);
size_t len = SSL_get_finished(w->ssl_, buf, EVP_MAX_MD_SIZE * 2);
if (!len) {

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

I think it might be worth verifying that len is less than EVP_MAX_MD_SIZE * 2.

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@indutny This test is done in the routines themselves.

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

Yes, it is done there. However, what I'm asking to check is that the data is complete and not partial.

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@indutny Oh, I see now what you mean. In order to ensure that the message is not being cut off, I provide the buffer of the same size that the corresponding arrays have in <openssl/ssl3.h>. Also, the comment there suggests that EVP_MAX_MD_SIZE * 2 may possibly be an overstatement:

        /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
        unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
        int finish_md_len;
        unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
        int peer_finish_md_len;

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

assert then?

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

I suggest to add an assert here anyway. We've little control over OpenSSL codebase, and it'd be great to have a check for partial data even if such can't be returned right now.

@indutny I am sorry, but I still cannot understand what assertion exactly do you mean?

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@indutny Nevermind, I amended the commit to call SSL_get_finished and SSL_get_peer_finished twice: first just to get the actual length, then to copy the message to the buffer.

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

Unfortunately, this is undefined behavior:

If an argument to a function has an invalid value (such as a value outside the domain of the
function, or a pointer outside the address space of the program, or a null pointer, or a pointer
to non-modifiable storage when the corresponding parameter is not const-qualified) or a
type (after promotion) not expected by a function with variable number of arguments, the
behavior is undefined.

See: https://www.imperialviolet.org/2016/06/26/nonnull.html

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

I'm fine with what it looked like before. Could you please revert it to that form and add:

CHECK_LT(len, EVP_MAX_MD_SIZE * 2);

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@indutny Oops, I did not know about section 7.1.4, my bad. Still, I would prefer avoiding the EVP_MAX_MD_SIZE * 2 constant because it is unclear how exactly the latter is related to the Finished messages. So, I further amended the commit to use a dummy array instead of nullptr not to cause undefined behavior in memcpy().

@indutny

indutny approved these changes Mar 4, 2018

Copy link
Member

indutny left a comment

LGTM

Base* w;
ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder());

char dummy[1];

This comment has been minimized.

@indutny

indutny Mar 4, 2018

Member

This probably needs a comment, explaining that nullptr can't be passed to SSL_get_finished.

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@indutny Indeed, using a dummy byte without a comment is not readily understandable. Comments added, please review.

@bnoordhuis
Copy link
Member

bnoordhuis left a comment

I read the linked issue but I couldn't quite figure out from the discussion what function this has in ripple. MitM or replay protection?

edit: didn't feel like a particularly good solution and I guess my spidey sense wasn't completely off: openssl/openssl#5509

be used for external authentication procedures when the authentication
provided by SSL/TLS is not desired or is not enough.

Corresponds to the `SSL_get_peer_finished` routine in OpenSSL.

This comment has been minimized.

@bnoordhuis

bnoordhuis Mar 4, 2018

Member

I think the docs could be more explicit that it's for implementing tls-unique channel binding from RFC 5929.

(That is the intended use case, right?)

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@bnoordhuis While RFC 5929 might be a use case for the introduced tlsSocket.getFinished() and tlsSocket.getPeerFinished() methods, that is not exactly what rippled does. Should I still reference RFC 5929 in documentation?

This comment has been minimized.

@bnoordhuis

bnoordhuis Mar 4, 2018

Member

I would lean towards 'yes'. Outside of rippled that seems like the primary (and possibly only) use case.

This comment has been minimized.

@jasnell

jasnell Mar 5, 2018

Member

Definitely agree that the docs could include more context. Code impl looks fine tho.

This comment has been minimized.

@codedot

codedot Mar 6, 2018

Author Contributor

It looks like the pull request is stalling. The link to RFC 5929 has been added two days ago.

This comment has been minimized.

@jasnell

jasnell Mar 6, 2018

Member

Not stalling at all :-) ... just busy people working on lots of different things :-) I've started the CI on this, things are looking good so far.

// Thus, we use a dummy byte.
char dummy[1];
size_t len = SSL_get_finished(w->ssl_, dummy, sizeof dummy);
if (!len)

This comment has been minimized.

@bnoordhuis

bnoordhuis Mar 4, 2018

Member

Style: tiniest of nits but can you use explicit size checks, i.e., if (len == 0)? Likewise on line 2139.

Substance: couldn't you pass in a buffer of size EVP_MAX_MD_SIZE? The result value is (essentially) the HMAC of the message. You can then drop the Malloc() call and switch to Buffer::Copy().

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

Style: tiniest of nits but can you use explicit size checks, i.e., if (len == 0)? Likewise on line 2139.

Will do.

Substance: couldn't you pass in a buffer of size EVP_MAX_MD_SIZE? The result value is (essentially) the HMAC of the message. You can then drop the Malloc() call and switch to Buffer::Copy().

I would prefer avoiding referencing the EVP_MAX_MD_SIZE constant if I may.

This comment has been minimized.

@bnoordhuis

bnoordhuis Mar 4, 2018

Member

That's fine. Didn't see until afterwards that you discussed the same thing with @indutny.

return;

char* buf = Malloc(len);
SSL_get_finished(w->ssl_, buf, len);

This comment has been minimized.

@bnoordhuis

bnoordhuis Mar 4, 2018

Member

Can you CHECK_EQ(size, SSL_get_finished(...)) here and on line 2143?

This comment has been minimized.

@codedot

codedot Mar 4, 2018

Author Contributor

@bnoordhuis Done in the amended commit.

@jasnell

jasnell approved these changes Mar 5, 2018

@jasnell

This comment has been minimized.

@@ -583,6 +583,20 @@ if called on a server socket. The supported types are `'DH'` and `'ECDH'`. The

For Example: `{ type: 'ECDH', name: 'prime256v1', size: 256 }`

### tlsSocket.getFinished()

This comment has been minimized.

@BridgeAR

BridgeAR Mar 6, 2018

Member

Please add:

 <!-- YAML
 added: REPLACEME
 -->

The same for the other function.

This comment has been minimized.

@codedot

codedot Mar 6, 2018

Author Contributor

@BridgeAR Done in the amended commit.

### tlsSocket.getFinished()

* Returns: {Buffer|undefined} The latest `Finished` message that has been
sent to the socket as part of a SSL/TLS handshake, or `undefined` if

This comment has been minimized.

@BridgeAR

BridgeAR Mar 6, 2018

Member

The current implementation actually returns null in case there is no handle. Should this also be reflected here? And it would be good to add a test for that as well.

This comment has been minimized.

@codedot

codedot Mar 6, 2018

Author Contributor

@BridgeAR Actually, it might be more consistent to return undefined in case there is no handle. What do you think?

This comment has been minimized.

@BridgeAR

BridgeAR Mar 6, 2018

Member

I agree.

This comment has been minimized.

@codedot

codedot Mar 6, 2018

Author Contributor

@BridgeAR Done in the amended commit.

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

Fixes: #19055
Refs: ripple/rippled#2413
@BridgeAR

This comment has been minimized.

@codedot

This comment has been minimized.

Copy link
Contributor Author

codedot commented Mar 9, 2018

So, what is the next step?

@addaleax

This comment has been minimized.

Copy link
Member

addaleax commented Mar 11, 2018

Landed in 98a14e0 🎉

@codedot Thanks for the contribution!

@addaleax addaleax closed this Mar 11, 2018

addaleax added a commit that referenced this pull request Mar 11, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

targos added a commit that referenced this pull request Mar 17, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@targos targos referenced this pull request Mar 18, 2018

Merged

v9.9.0 proposal #19428

MylesBorins added a commit that referenced this pull request Mar 20, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Mar 21, 2018

2018-03-21, Version 9.9.0 (Current)
Notable changes:

* assert:
  - From now on all error messages produced by `assert` in strict mode
    will produce a error diff. (Ruben Bridgewater)
    #17615
  - From now on it is possible to use a validation object in throws
    instead of the other possibilities. (Ruben Bridgewater)
    #17584
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* fs:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* tty:
  - Add getColorDepth function to determine if terminal supports colors
    (Ruben Bridgewater) #17615
* util:
  - add util.inspect compact option (Ruben Bridgewater)
    #17576
* **Added new collaborators**
  - [watson](https://github.com/watson) Thomas Watson

PR-URL: #19428

MylesBorins added a commit that referenced this pull request Mar 21, 2018

2018-03-21, Version 9.9.0 (Current)
Notable changes:

* assert:
  - From now on all error messages produced by `assert` in strict mode
    will produce a error diff. (Ruben Bridgewater)
    #17615
  - From now on it is possible to use a validation object in throws
    instead of the other possibilities. (Ruben Bridgewater)
    #17584
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* fs:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* tty:
  - Add getColorDepth function to determine if terminal supports colors
    (Ruben Bridgewater) #17615
* util:
  - add util.inspect compact option (Ruben Bridgewater)
    #17576
* **Added new collaborators**
  - [watson](https://github.com/watson) Thomas Watson

PR-URL: #19428

FallenRiteMonk added a commit to FallenRiteMonk/node that referenced this pull request Mar 23, 2018

2018-03-21, Version 9.9.0 (Current)
Notable changes:

* assert:
  - From now on all error messages produced by `assert` in strict mode
    will produce a error diff. (Ruben Bridgewater)
    nodejs#17615
  - From now on it is possible to use a validation object in throws
    instead of the other possibilities. (Ruben Bridgewater)
    nodejs#17584
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    nodejs#18644
* fs:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    nodejs#18801
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    nodejs#19102
* tty:
  - Add getColorDepth function to determine if terminal supports colors
    (Ruben Bridgewater) nodejs#17615
* util:
  - add util.inspect compact option (Ruben Bridgewater)
    nodejs#17576
* **Added new collaborators**
  - [watson](https://github.com/watson) Thomas Watson

PR-URL: nodejs#19428

MayaLekova added a commit to MayaLekova/node that referenced this pull request May 8, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: nodejs#19102
Fixes: nodejs#19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 7, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 7, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 7, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 9, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

rvagg added a commit that referenced this pull request Aug 16, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@MylesBorins MylesBorins referenced this pull request Aug 16, 2018

Merged

v8.12.0 proposal #21593

MylesBorins added a commit that referenced this pull request Aug 16, 2018

tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: #19102
Fixes: #19055
Refs: ripple/rippled#2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 17, 2018

2018-09-04, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Aug 17, 2018

2018-09-04, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

BethGriggs added a commit to BethGriggs/node that referenced this pull request Aug 29, 2018

2018-09-04, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    nodejs#18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    nodejs#19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    nodejs#18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    nodejs#18399
  - support windowsHide option for workers (Todd Wong)
    nodejs#17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    nodejs#18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    nodejs#21592
  - upgrade libuv to 1.19.2 (cjihrig)
    nodejs#18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    nodejs#21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    nodejs#18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    nodejs#19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    nodejs#15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    nodejs#16644
  - add http fallback options to .createServer (Peter Marton)
    nodejs#15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    nodejs#19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    nodejs#18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    nodejs#16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    nodejs#17600
  - node internals' postmortem metadata (Matheus Marchini)
    nodejs#14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    nodejs#19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    nodejs#18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    nodejs#18186

PR-URL: nodejs#21593

MylesBorins added a commit that referenced this pull request Sep 3, 2018

2018-09-04, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.4.1 (Kat Marchán)
    #22591
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Sep 6, 2018

2018-09-11, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Sep 6, 2018

2018-09-11, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Sep 10, 2018

2018-09-11, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Sep 11, 2018

2018-09-11, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593

MylesBorins added a commit that referenced this pull request Sep 11, 2018

2018-09-11, Version 8.12.0 'Carbon' (LTS)
Notable Changes:

* async_hooks:
  - rename PromiseWrap.parentId (Ali Ijaz Sheikh)
    #18633
  - remove runtime deprecation (Ali Ijaz Sheikh)
    #19517
  - deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
    #18513
* cluster:
  - add cwd to cluster.settings (cjihrig)
    #18399
  - support windowsHide option for workers (Todd Wong)
    #17412
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    #18644
* deps:
  - upgrade npm to 6.2.0 (Kat Marchán)
    #21592
  - upgrade libuv to 1.19.2 (cjihrig)
    #18918
  - Upgrade node-inspect to 1.11.5 (Jan Krems)
    #21055
* fs,net:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    #18801
  - emit 'ready' for fs streams and sockets (Sameer Srivastava)
    #19408
* http, http2:
  - add options to http.createServer() (Peter Marton)
    #15752
  - add 103 Early Hints status code (Yosuke Furukawa)
    #16644
  - add http fallback options to .createServer (Peter Marton)
    #15752
* n-api:
  - take n-api out of experimental (Michael Dawson)
    #19262
* perf_hooks:
  - add warning when too many entries in the timeline (James M Snell)
    #18087
* src:
  - add public API for managing NodePlatform (Cheng Zhao)
    #16981
  - allow --perf-(basic-)?prof in NODE\_OPTIONS (Leko)
    #17600
  - node internals' postmortem metadata (Matheus Marchini)
    #14901
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    #19102
* **trace_events**:
  - add file pattern cli option (Andreas Madsen)
    #18480
* util:
  - implement util.getSystemErrorName() (Joyee Cheung)
    #18186

PR-URL: #21593
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.