Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v9.2.0 proposal #16992

Merged
merged 135 commits into from
Nov 14, 2017
Merged
Changes from 1 commit
Commits
Show all changes
135 commits
Select commit Hold shift + click to select a range
adcaddf
test: improve assert messages in test-global
markmcnelis Nov 6, 2017
be266bd
test: move test-http-keepalive-maxsockets to sequential
Trott Nov 5, 2017
21e9888
test: check session timeout in http2
apapirovski Nov 4, 2017
8245e5a
http2: simplify subsequent rstStream calls
apapirovski Nov 4, 2017
8ad4f76
test: remove message argument in cluster setup test
mbornath Nov 6, 2017
bce5db2
src: CHECK() for argument overflow in Spawn()
cjihrig Nov 4, 2017
a184dbc
doc: update subprocess.killed
cjihrig Nov 4, 2017
928647c
doc: fix typo in assert.md
mjomble Nov 7, 2017
4d55a1d
test: improve assert messages in napi exception test
PaulBlanche Nov 6, 2017
4c11801
build: add missing options to help message
danbev Nov 2, 2017
bc19a93
test: use tmpDir in test-fs-utimes
Trott Nov 5, 2017
625999b
tools: don't lint files that have not changed
joyeecheung Oct 29, 2017
15dcb96
doc: fix a typo in n-api documentation
vipinmenon Nov 8, 2017
a465f2b
test: introduce test/common/internet.addresses
joyeecheung Oct 22, 2017
c662cc0
test: use internet.addresses in internet tests
joyeecheung Oct 22, 2017
bed0560
console: avoid adding infinite error listeners
mcollina Nov 5, 2017
c1cdc65
test: replace common.fixtiresDir with fixtures.readKey()
wsierakowski Nov 6, 2017
f71f41d
test: add values to error message
intercity-technology Nov 6, 2017
5d3a4ad
test: improve error emssage reporting in testNapiRun.js
Nov 6, 2017
25dd8f6
tools: add direct anchors for error codes
joyeecheung Nov 5, 2017
271c89e
test: improve assertion in test-require-dot
awegrzyn Nov 6, 2017
172652b
test: improve assert messages in stream test
katie-roberts Nov 8, 2017
81f14bf
deps: cherry-pick b8331cc030 from upstream V8
danbev Oct 30, 2017
2266caf
Revert "deps: cherry-pick b8331cc030 from upstream V8"
danbev Nov 9, 2017
8611e3b
fs: expose realpath(3) bindings
bnoordhuis Oct 5, 2017
28b7bf0
deps: cherry-pick b8331cc030 from upstream V8
danbev Oct 30, 2017
43c5726
src: fix UB in InternalModuleReadFile()
bnoordhuis Nov 7, 2017
1dc4fc1
build: include src\tracing when linting on win
danbev Nov 3, 2017
6e9973e
doc: improve documentation for the vm module
fhinkel Nov 7, 2017
1ee6df9
test: pass process.env to child processes
rvagg Oct 23, 2017
75405a1
deps: ICU 60 bump
srl295 Sep 21, 2017
0b93bbb
src: add openssl-system-ca-path configure option
danbev Nov 6, 2017
e60eff6
doc: fix a typo in the documentation
mamatha-jv Nov 10, 2017
38ac50a
deps: cherry-pick cc55747 from V8 upstream
fhinkel Nov 8, 2017
8311561
test: improve assertion messages
Nov 8, 2017
7f7dec8
test: cover vm.runInNewContext()
cjihrig Nov 9, 2017
f82d3e4
deps: upgrade libuv to 1.16.1
cjihrig Nov 10, 2017
41937be
src: add process.ppid
cjihrig Oct 30, 2017
a4557f2
build: remove cctest extension
yhwang Nov 2, 2017
942a9ed
tools,build: allow build without `remark-cli`
refack Nov 8, 2017
5df3dc1
src: make StreamBase prototype accessors robust
joyeecheung Nov 7, 2017
3ba52c1
doc: correct the spelling of omitting in dgram.md
vidyasubramanyam Nov 10, 2017
b46714c
doc: fix typos in N-API
SwathiKalahastri Nov 10, 2017
fbc7451
test: replace string concatenation with template
tanvikini Nov 10, 2017
b42013c
test: replace string concatenation with template
Nov 10, 2017
8da4983
crypto: use X509_STORE_CTX_new
davidben Sep 16, 2017
efd9bc3
crypto: make node_crypto_bio compat w/ OpenSSL 1.1
davidben Sep 14, 2017
201393f
crypto: estimate kExternalSize
davidben Sep 16, 2017
cc744b9
crypto: remove unnecessary SSLerr calls
davidben Sep 16, 2017
6a9c528
crypto: account for new 1.1.0 SSL APIs
davidben Sep 17, 2017
568d9d0
crypto: test DH keys work without a public half
davidben Sep 17, 2017
81760ff
crypto: use RSA and DH accessors
davidben Sep 17, 2017
6c3ae36
crypto: remove locking callbacks for OpenSSL 1.1.0
davidben Sep 18, 2017
59acd27
crypto: make CipherBase 1.1.0-compatible
davidben Sep 20, 2017
abe3dc4
crypto: make Hash 1.1.0-compatible
davidben Sep 22, 2017
fa1fc16
crypto: make SignBase compatible with OpenSSL 1.1.0
davidben Sep 22, 2017
5c24fc3
crypto: Make Hmac 1.1.0-compatible
davidben Sep 22, 2017
c42935b
crypto: add compat logic for "DSS1" and "dss1"
davidben Sep 23, 2017
8a8ac8c
crypto: hard-code tlsSocket.getCipher().version
davidben Sep 23, 2017
bec0421
test: update test expectations for OpenSSL 1.1.0
davidben Sep 17, 2017
85ffc2f
test: remove sha from test expectations
davidben Sep 23, 2017
627a15f
crypto: emulate OpenSSL 1.0 ticket scheme in 1.1
davidben Sep 23, 2017
d95b608
test: test with a larger RSA key
davidben Sep 23, 2017
08ac214
test: revise test-tls-econnreset for OpenSSL 1.1.0
davidben Sep 23, 2017
07102ac
crypto: remove deprecated ECDH calls w/ OpenSSL 1.1
davidben Sep 23, 2017
3d438f8
test: configure certs in tests
davidben Sep 23, 2017
8c29420
test: fix test-https-agent-session-eviction for 1.1
davidben Sep 23, 2017
a5e7255
crypto: make ALPN the same for OpenSSL 1.0.2 & 1.1.0
davidben Sep 23, 2017
f952caa
crypto: clear some SSL_METHOD deprecation warnings
davidben Sep 18, 2017
26e4c58
test: fix flaky test-http2-create-client-connect
davidben Sep 23, 2017
31dadd2
crypto: deprecate {ecdhCurve: false}
davidben Oct 21, 2017
407eb6f
test: enable mustCall() during child exit
vipinmenon Nov 10, 2017
fbec5ec
test: replace string concatenation with template
imkabir Nov 10, 2017
16c6222
lib: replace string concatenation with template
subbachari Nov 10, 2017
61fbd85
test: use template string for concatenation
vipinmenon Nov 10, 2017
385f658
test: change string concatenation to template
narkedi Nov 10, 2017
a935806
lib: replace string concatenation with template
chandrams Nov 10, 2017
df18174
lib: replace string concatenation with template
Nov 10, 2017
1fcd95e
doc: remove duplicate 'the' from http2 API doc
vipinmenon Nov 10, 2017
678e738
lib: change concatenated string to template
Nayanadask Nov 10, 2017
1ea546c
test: change concatenated string to template
Anaweshak Nov 10, 2017
1510fda
doc: outline commit message for breaking changes
MatonAnthony Nov 6, 2017
8eb32e1
lib: replace String concatenation with template
saiHemak Nov 10, 2017
651fee4
test: change concatenated string to template
deesebas Nov 10, 2017
44c3cc2
lib: change concatenated string to template
pajangid Nov 10, 2017
74f3372
doc: clarify the prerequisites for building with VS2017
seishun Nov 9, 2017
a79d86d
src: use unrefed async for GC tracking
addaleax Nov 4, 2017
6ea8768
test: unmark flaky test
addaleax Nov 4, 2017
7a53783
test: improve template value for test message
d1b1 Nov 6, 2017
2e2e802
test: make test-buffer-slow engine agnostic
Trott Oct 17, 2017
c74467f
test: make test-cli-syntax engine agnostic
Trott Oct 17, 2017
025eadf
test: make test-console-count engine agnostic
Trott Oct 17, 2017
4604294
test: make test-console engine agnostic
Trott Oct 17, 2017
bd7822b
test: make test-error-reporting engine agnostic
Trott Oct 17, 2017
b5b23bd
test: make test-http-outgoing-proto agnostic
Trott Oct 17, 2017
79e1831
test: make error stack test engine agnostic
Trott Oct 17, 2017
9bf8874
test: make test-os-eol engine agnostic
Trott Oct 17, 2017
e2f5648
test: make test-process-env-symbols agnostic
Trott Oct 17, 2017
591a692
test: make test-querystring-escape engine agnostic
Trott Oct 17, 2017
c81b086
test: make test-repl-harmony engine agnostic
Trott Oct 17, 2017
f8337ce
test: make test-repl-syntax-error-stack agnostic
Trott Oct 17, 2017
835ca63
test: make test-repl engine agnostic
Trott Oct 17, 2017
0be7f8c
test: make test-require-json engine agnostic
Trott Oct 17, 2017
3136578
test: make test-tls-external-accessor agnostic
Trott Oct 17, 2017
7c364a2
test: use common/fixtures module in hash-seed test
Nov 6, 2017
c4e2343
doc: drop support for VS2015
seishun Nov 7, 2017
83f9604
test: use ES6 classes instead of util.inherits
tniessen Nov 10, 2017
64a0c80
loader: test search module
clakech Nov 6, 2017
c179254
lib: improve the usage of TypeError[INVALID_ARG_TYPE]
starkwang Oct 28, 2017
7964849
src: explain implementation of vm module
fhinkel Nov 9, 2017
8dfd5a5
http2: multiple smaller code cleanups
jasnell Nov 4, 2017
54768f5
doc: reorganize COLLABORATOR_GUIDE.md
Trott Oct 1, 2017
35fc317
test: add a test description
grantgasp Nov 6, 2017
809dc09
test: refactor fs.write() test
Nov 6, 2017
7ba3599
tools: fix inspector-check reporting
danbev Oct 23, 2017
6c0fd55
lib: guard inspector console using process var
danbev Sep 25, 2017
02ea0ee
build: fix cctest compilation
danbev Nov 8, 2017
afbdd01
lib: replace string concatenation with template
narkedi Nov 10, 2017
ad02676
test: used fixturesDir from fixtures modules
Nov 6, 2017
6ddba2e
deps: patch V8 to 6.2.414.44
MylesBorins Nov 13, 2017
62a6bc0
doc: fix typo in http2 doc
devsnek Nov 13, 2017
75c1788
doc: recommend node-core-utils for metadata
Trott Nov 13, 2017
1418d9b
meta: 32 bit linux is experimental
refack Nov 3, 2017
881fe80
tools: remove unused trailing function arguments
Trott Nov 9, 2017
7f9d3f3
tools: enforce no unused trailing arguments tools directory
Trott Nov 9, 2017
614eac3
test: refactor addons-napi/test_promise/test.js
ka3e Nov 6, 2017
8658f26
test: refactor comments in test-child-process-spawnsync-maxbuf
chrbergert Nov 6, 2017
71181b9
src: turn inspector raw pointer into unique_ptr
fhinkel Nov 12, 2017
bdec4d9
src: fix compiler warning in process.ppid
cjihrig Nov 12, 2017
4e9bfdf
deps: cherry-pick 3c8195d from V8 upstream
fhinkel Nov 9, 2017
ad55db2
test: use fixtures module for path resolve
sercanyersen Nov 6, 2017
859abdb
test: reuse existing PassThrough implementation
tniessen Nov 10, 2017
71e592c
events: remove emit micro-optimizations
apapirovski Nov 7, 2017
50ec9bf
2017-11-14, Version 9.2.0 (Current)
evanlucas Nov 13, 2017
930f7a6
Working on v9.2.1
evanlucas Nov 14, 2017
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
test: revise test-tls-econnreset for OpenSSL 1.1.0
This test is testing what happens to the server if the client shuts off
the connection (so the server sees ECONNRESET), but the way it does it
is convoluted. It uses a static RSA key exchange with a tiny (384-bit)
RSA key. The server doesn't notice (since it is static RSA, the client
acts on the key first), so the client tries to encrypt a premaster and
fails:

  rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size
  SSL routines:ssl3_send_client_key_exchange:bad rsa encrypt

OpenSSL happens not to send an alert in this case, so we get ECONNRESET
with no alert. This is quite fragile and, notably, breaks in OpenSSL
1.1.0 now that small RSA keys are rejected by libssl. Instead, test by
just connecting a TCP socket and immediately closing it.

PR-URL: #16130
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Rod Vagg <[email protected]>
  • Loading branch information
davidben authored and evanlucas committed Nov 13, 2017
commit 08ac21423e2c1e8fe19add722ed22177a92a23dc
64 changes: 10 additions & 54 deletions test/parallel/test-tls-econnreset.js
Original file line number Diff line number Diff line change
Expand Up @@ -25,72 +25,28 @@ if (!common.hasCrypto)
common.skip('missing crypto');

const assert = require('assert');
const fixtures = require('../common/fixtures');
const net = require('net');
const tls = require('tls');

const cacert =
`-----BEGIN CERTIFICATE-----
MIIBxTCCAX8CAnXnMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQU3Ryb25n
TG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRowGAYDVQQDExFjYS5zdHJv
bmdsb29wLmNvbTAeFw0xNDAxMTcyMjE1MDdaFw00MTA2MDMyMjE1MDdaMH0xCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZ
MBcGA1UEChMQU3Ryb25nTG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRow
GAYDVQQDExFjYS5zdHJvbmdsb29wLmNvbTBMMA0GCSqGSIb3DQEBAQUAAzsAMDgC
MQDKbQ6rIR5t1q1v4Ha36jrq0IkyUohy9EYNvLnXUly1PGqxby0ILlAVJ8JawpY9
AVkCAwEAATANBgkqhkiG9w0BAQUFAAMxALA1uS4CqQXRSAyYTfio5oyLGz71a+NM
+0AFLBwh5AQjhGd0FcenU4OfHxyDEOJT/Q==
-----END CERTIFICATE-----`;

const cert =
`-----BEGIN CERTIFICATE-----
MIIBfDCCATYCAgQaMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQU3Ryb25n
TG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRowGAYDVQQDExFjYS5zdHJv
bmdsb29wLmNvbTAeFw0xNDAxMTcyMjE1MDdaFw00MTA2MDMyMjE1MDdaMBkxFzAV
BgNVBAMTDnN0cm9uZ2xvb3AuY29tMEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMfk
I0LWU15pPUwIQNMnRVhhOibi0TQmAau8FBtgwEfGK01WpfGUaJr1a41K8Uq7xwID
AQABoxkwFzAVBgNVHREEDjAMhwQAAAAAhwR/AAABMA0GCSqGSIb3DQEBBQUAAzEA
cGpYrhkrb7mIh9DNhV0qp7pGjqBzlHqB7KQXw2luLDp//6dyHBMexDCQznkhZKRU
-----END CERTIFICATE-----`;

const key =
`-----BEGIN RSA PRIVATE KEY-----
MIH0AgEAAjEAx+QjQtZTXmk9TAhA0ydFWGE6JuLRNCYBq7wUG2DAR8YrTVal8ZRo
mvVrjUrxSrvHAgMBAAECMBCGccvSwC2r8Z9Zh1JtirQVxaL1WWpAQfmVwLe0bAgg
/JWMU/6hS36TsYyZMxwswQIZAPTAfht/zDLb7Hwgu2twsS1Ra9w/yyvtlwIZANET
26votwJAHK1yUrZGA5nnp5qcmQ/JUQIZAII5YV/UUZvF9D/fUplJ7puENPWNY9bN
pQIZAMMwxuS3XiO7two2sQF6W+JTYyX1DPCwAQIZAOYg1TvEGT38k8e8jygv8E8w
YqrWTeQFNQ==
-----END RSA PRIVATE KEY-----`;

const ca = [ cert, cacert ];

let clientError = null;
let connectError = null;

const server = tls.createServer({ ca: ca, cert: cert, key: key }, () => {
assert.fail('should be unreachable');
}).on('tlsClientError', function(err, conn) {
const server = tls.createServer({
cert: fixtures.readKey('agent1-cert.pem'),
key: fixtures.readKey('agent1-key.pem'),
}, common.mustNotCall()).on('tlsClientError', function(err, conn) {
assert(!clientError && conn);
clientError = err;
server.close();
}).listen(0, function() {
const options = {
ciphers: 'AES128-GCM-SHA256',
port: this.address().port,
ca: ca
};
tls.connect(options).on('error', function(err) {
assert(!connectError);

connectError = err;
net.connect(this.address().port, function() {
// Destroy the socket once it is connected, so the server sees ECONNRESET.
this.destroy();
server.close();
}).write('123');
}).on('error', common.mustNotCall());
});

process.on('exit', function() {
assert(clientError);
assert(connectError);
assert(/socket hang up/.test(clientError.message));
assert(/ECONNRESET/.test(clientError.code));
});