Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v10.5.0 proposal #21400

Merged
merged 150 commits into from
Jun 20, 2018
Merged
Changes from 1 commit
Commits
Show all changes
150 commits
Select commit Hold shift + click to select a range
a0cfb0c
lib: add validateInteger() validator
cjihrig May 20, 2018
469baa0
fs: add length validation to fs.truncate()
cjihrig May 20, 2018
fc0b361
fs: don't limit ftruncate() length to 32 bits
cjihrig May 20, 2018
fc2956d
process: backport process/methods file
targos Jun 6, 2018
2fe88d2
lib: mask mode_t type of arguments with 0o777
joyeecheung May 9, 2018
a5c5714
doc: document file mode caveats on Windows
joyeecheung May 9, 2018
2ffb9d6
fs: drop duplicate API in promises mode
ChALkeR May 6, 2018
36e5100
lib: support ranges in validateInt32()
cjihrig May 20, 2018
db0bb52
fs: improve fchmod{Sync} validation
cjihrig May 20, 2018
bacb2cb
fs: refactor fs module
jasnell May 15, 2018
94dcdfb
test: increase coverage for fs.promises.truncate
May 9, 2018
ba17c9e
src: refactor bootstrap to use bootstrap object
jasnell May 23, 2018
9f9355d
doc: fix inconsistent documentation (host vs hostname)
davisokoth May 24, 2018
b4b7d36
lib: unmask mode_t values with 0o777
joyeecheung May 26, 2018
c09bfd8
fs: do not crash when using a closed fs event watcher
joyeecheung May 26, 2018
a6986fe
async_hooks: remove deprecated example
mafintosh May 28, 2018
9047c81
n-api: remove unused napi_env member
Jun 4, 2018
de7403f
src: cleanup per-isolate state on platform on isolate unregister
addaleax May 17, 2018
65924c7
src: remove unused fields isolate_
danbev May 23, 2018
e6f0680
src: simplify handle closing
addaleax Sep 10, 2017
9a73413
src: make handle onclose property a Symbol
addaleax Jun 2, 2018
337be58
worker: implement `MessagePort` and `MessageChannel`
addaleax Sep 5, 2017
f447acd
worker: support MessagePort passing in messages
addaleax Oct 7, 2017
d1f372f
worker: add `SharedArrayBuffer` sharing
addaleax May 13, 2018
5209ff9
src: remove unused fields msg_ and env_
danbev May 23, 2018
314b47d
src: add Env::profiler_idle_notifier_started()
TimothyGu Sep 25, 2017
109c92e
worker: initial implementation
addaleax Sep 1, 2017
93ce63c
test: add test against unsupported worker features
TimothyGu Sep 25, 2017
c97fb91
worker: restrict supported extensions
TimothyGu Sep 20, 2017
6b1a887
worker: enable stdio
addaleax May 13, 2018
ecba1c5
benchmark: port cluster/echo to worker
TimothyGu Sep 24, 2017
9ad42b7
worker: improve error (de)serialization
addaleax Sep 25, 2017
ed05d9a
test,tools: enable running tests under workers
addaleax May 17, 2018
6caa354
doc: explain Worker semantics in async_hooks.md
addaleax May 22, 2018
03fbc9e
worker: rename to worker_threads
addaleax Jun 1, 2018
e16036c
test: create new directory v8-updates
May 28, 2018
a4ad989
test: add test for Linux perf
May 16, 2018
c400448
test: improve debug output in trace-events test
Trott Jun 4, 2018
cbdc1fd
src, tools: add check for left leaning pointers
danbev May 16, 2018
185b9e4
test: apply promises API to third appendFile test
Trott Jun 4, 2018
aa9dbf6
test: apply promises API to fourth appendFile test
Trott Jun 4, 2018
14a017c
test: apply promises API to fourth appendFile test
Trott Jun 4, 2018
4b9817b
benchmark: disable only the ESLint rule needing it
Trott Jun 4, 2018
c9cee63
test,tools: refactor custom ESLint for readability
Trott Jun 4, 2018
73b8975
doc: simplify deprecation language
Trott Jun 4, 2018
06ac81e
doc: streamline errors.md introductory material
Trott Jun 4, 2018
72e7e1d
doc: alphabetize tls options
Trott Jun 4, 2018
2c4f80f
doc: remove spaces around slashes
Trott Jun 4, 2018
917960e
win, build: add documentation support to vcbuild
bzoz Mar 28, 2018
0b0370f
test: remove unref in http2 test
apapirovski Jun 4, 2018
ea4be72
child_process: swallow errors in internal communication
apapirovski Jun 3, 2018
04e8f07
fs: support BigInt in fs.*stat and fs.watchFile
joyeecheung Apr 7, 2018
fe5d351
doc: document BigInt support in fs.Stats
joyeecheung Apr 23, 2018
3d8ec8f
test: make url-parse-invalid-input engine agnostic
Trott Jun 4, 2018
14bb905
deps: V8: cherry-pick a440efb27f from upstream
hashseed May 30, 2018
39b3875
src: cleanup beforeExit for consistency
jasnell Jun 3, 2018
8e2e167
src: add node_encoding.cc
jasnell Jun 3, 2018
5fa5ab6
doc: naming function as suggested in addon docs
allevo May 31, 2018
79b3423
build: initial .travis.yml implementation
addaleax Aug 23, 2017
4757771
src: add consistency check to node_platform.cc
addaleax Jun 5, 2018
c688a00
build: fix 'gas_version' check on localized environments
oliveiraev Apr 29, 2018
9c3a7bf
test: make url-util-format engine agnostic
Trott Jun 4, 2018
1dc9330
n-api: improve runtime perf of n-api func call
kenny-y Jun 7, 2018
85dc9ac
doc: add Michaël Zasso to Release team
targos Jun 3, 2018
2ff4704
test: move test-readuint to test-buffer-readuint
targos Jun 6, 2018
17954c2
test: improve internal/buffer.js test coverage
May 29, 2018
a657984
lib,src: remove openssl feature conditionals
bnoordhuis Jun 2, 2018
ed2b57b
tools: remove unused global types from type-parser
Trott Jun 4, 2018
2655c7b
test: mark fs-readfile-tostring-fail flaky for all
Trott Jun 6, 2018
78c7d66
build: don't change locale on smartos
refack Jun 8, 2018
4e742e3
tools: update tooling to work with new macOS CLI …
Trott Jun 8, 2018
b044256
build: use LC_ALL of C for maximum compatibility
Trott Jun 8, 2018
65b9c42
dns: improve setServers() errors and performance
davisjam May 1, 2018
4d782c4
test: improve assert error messages
hristijankiko Jun 6, 2018
76927fc
build: stop distclean from deleting v8 files
ryzokuken Jun 6, 2018
5e46c16
doc: fix type in stream doc
KonanMentor Jun 7, 2018
685b9b2
src: do not persist timer handle in cares_wrap
apapirovski Jun 6, 2018
4f01168
src: do not persist fs_poll handle in stat_watcher
apapirovski Jun 6, 2018
bda34ea
test: check gc does not resurrect the loop
apapirovski Jun 6, 2018
7f70fe8
tools: add BigInt to globals
seishun Jun 9, 2018
187951c
test: move inspector-stress-http to sequential
Trott Jun 9, 2018
2270ab2
test: remove string literals from assert.strictEqual() calls
kylstraj Jun 8, 2018
6aade4a
http: remove a pair of outdated comments
qubyte Jun 8, 2018
688bdfe
test: add crypto check to test-http2-debug
danbev Jun 8, 2018
dee250f
http2: safer Http2Session destructor
apapirovski Jun 6, 2018
e92b89a
src: fix http2 typos
apapirovski Jun 6, 2018
a5c386d
tools: add option to use custom template with js2c.py
codebytere Jun 7, 2018
896017b
build: build addon tests in parallel
addaleax Jun 5, 2018
c3fbac4
build: install markdown linter for travis
richardlau Jun 8, 2018
e8d15cb
test: mark test-inspector-port-zero-cluster flaky
Trott Jun 11, 2018
792335f
test: add workerdata-sharedarraybuffer test
Fishrock123 Jun 6, 2018
dd2fc90
doc: fix reference to workerData in worker_threads
Fishrock123 Jun 6, 2018
6f7de0b
doc: trim deprecation level definition text
Trott Jun 10, 2018
5d3dfed
meta: remove CODEOWNERS
Trott Jun 6, 2018
aa468ab
src: unify native symbol inspection code
addaleax Jun 7, 2018
4a54ebc
worker,src: display remaining handles if `uv_loop_close` fails
addaleax Jun 7, 2018
4957562
crypto: DRY type checking
bnoordhuis May 18, 2018
c9b4592
crypto: add scrypt() and scryptSync() methods
bnoordhuis May 18, 2018
6262fa4
crypto: refactor pbkdf2() and pbkdf2Sync() methods
bnoordhuis May 18, 2018
2d9c3cc
crypto: refactor randomBytes()
bnoordhuis May 18, 2018
d0cb9cb
crypto: drop Math.pow(), use static exponentation
bnoordhuis May 18, 2018
02adb2d
build: expose openssl scrypt functions to addons
bnoordhuis May 18, 2018
f3570f2
lib: replace checkUint() with validateInt32()
bnoordhuis May 30, 2018
fb71337
lib: rename checkIsArrayBufferView()
bnoordhuis May 30, 2018
ffc29c1
deps: patch V8 to 6.7.288.46
MylesBorins Jun 11, 2018
a75e44d
esm: ensure require.main for CJS top-level loads
guybedford Jun 5, 2018
0da910f
doc: move Italo A. Casas to Release Emeritus
MylesBorins Jun 13, 2018
671346e
src: do proper error checking in `AsyncWrap::MakeCallback`
addaleax Jun 7, 2018
13fd09b
doc: add build wg info to releases.md
maclover7 Jun 12, 2018
d46446a
v8: replace Buffer with FastBuffer in deserialize
ryzokuken Jun 7, 2018
7fa1344
src: use `%zx` in printf for size_t
addaleax Jun 10, 2018
c1d53f8
doc: update NODE_OPTIONS section in cli.md
vsemozhetbyt Jun 9, 2018
169bff3
n-api: name CallbackBundle function fields
addaleax Jun 10, 2018
dea3ac7
test: improve statwatcher async_hooks test
addaleax Jun 10, 2018
740d9f1
lib,src: make `StatWatcher` a `HandleWrap`
addaleax Jun 10, 2018
0b00172
test: removing unnecessary parameter from assert call
djmgit Jun 13, 2018
c5a6559
doc: move 5 collaborators to emeritus status
Trott Jun 11, 2018
0b90b07
deps: Upgrade node-inspect to 1.11.5
May 31, 2018
d7ba75f
test: add test to check colorMode type of Console
Jun 10, 2018
521f8f1
tools: add BigInt64Array and BigUint64Array to globals
joyeecheung Jun 11, 2018
df0f7a3
doc: clarify async execute callback usage
mhdawson Jun 8, 2018
296fd57
inspector: stop dragging platform pointer
eugeneo Jun 8, 2018
e1b571d
doc: make Deprecation cycle explanation more brief
Trott Jun 13, 2018
e4a7e0d
deps: float ea7abee from openssl / CVE-2018-0732
rvagg Jun 12, 2018
9353093
test: fix deprecation warning due to util.print
tniessen Jun 11, 2018
9981220
crypto: fix behavior of createCipher in wrap mode
tniessen Jun 12, 2018
8fddf59
perf_hooks: set bootstrap complete in only one place
jasnell Jun 3, 2018
a3fd1cd
perf_hooks: remove less useful bootstrap marks
jasnell Jun 3, 2018
dfb5cf6
workers,trace_events: set thread name for workers
jasnell Jun 10, 2018
e00e5e6
doc: switch the order of Writable and Readable
Jun 14, 2018
529d24e
Revert "workers,trace_events: set thread name for workers"
jasnell Jun 15, 2018
9e994cb
doc: wrap releases.md at 80 chars
Trott Jun 15, 2018
3f78220
doc: correct styling of _GitHub_ in onboarding doc
Trott Jun 15, 2018
b8213f1
doc: remove linking of url text to url
Trott Jun 15, 2018
6c41f33
doc: wrap pull-requests.md at 80 characters
Trott Jun 15, 2018
4566eba
doc: wrap style guide at 80 characters
Trott Jun 15, 2018
98346de
tools: lint doc/*.md files
Trott Jun 15, 2018
4f17841
doc: use Class Method label consistently
Trott Jun 15, 2018
ef74368
doc: fix heading of optional console method args
targos Jun 13, 2018
17c21b6
doc: fix indentation in console.md
vsemozhetbyt Jun 16, 2018
bcaf59c
http2: fix memory leak for uncommon headers
addaleax Jun 15, 2018
78ad4e9
src: remove unused argc var in node_stat_watcher
danbev Jun 15, 2018
15023df
doc: add davisjam to collaborators
davisjam Jun 11, 2018
177a7c0
doc: remove obsolete wiki references from BUILDING
Trott Jun 16, 2018
318d683
doc: use imperative in COLLABORATOR_GUIDE
Trott Jun 15, 2018
6285fe9
tools: do not disable `quotes` rule in .eslintrc.js
Trott Jun 15, 2018
18c057a
net: emit 'close' when socket ends before connect
Jun 12, 2018
653b20b
loader: remove unused error code in module_job
devsnek Jun 15, 2018
bc20ec0
doc: eliminate _you_ from N-API doc
Trott Jun 18, 2018
e1c28f4
2018-16-20, Version 10.5.0 (Current)
targos Jun 19, 2018
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
doc: alphabetize tls options
Alphabetize the lists of options for tls.createServer() and
tls.createSecureContext().

PR-URL: #21139
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
  • Loading branch information
Trott authored and targos committed Jun 13, 2018
commit 72e7e1da2d2eceaebee8e7205c3bb53237ed7f5c
106 changes: 53 additions & 53 deletions doc/api/tls.md
Original file line number Diff line number Diff line change
Expand Up @@ -1024,34 +1024,6 @@ changes:
-->

* `options` {Object}
* `pfx` {string|string[]|Buffer|Buffer[]|Object[]} Optional PFX or PKCS12
encoded private key and certificate chain. `pfx` is an alternative to
providing `key` and `cert` individually. PFX is usually encrypted, if it is,
`passphrase` will be used to decrypt it. Multiple PFX can be provided either
as an array of unencrypted PFX buffers, or an array of objects in the form
`{buf: <string|buffer>[, passphrase: <string>]}`. The object form can only
occur in an array. `object.passphrase` is optional. Encrypted PFX will be
decrypted with `object.passphrase` if provided, or `options.passphrase` if
it is not.
* `key` {string|string[]|Buffer|Buffer[]|Object[]} Optional private keys in
PEM format. PEM allows the option of private keys being encrypted. Encrypted
keys will be decrypted with `options.passphrase`. Multiple keys using
different algorithms can be provided either as an array of unencrypted key
strings or buffers, or an array of objects in the form `{pem:
<string|buffer>[, passphrase: <string>]}`. The object form can only occur in
an array. `object.passphrase` is optional. Encrypted keys will be decrypted
with `object.passphrase` if provided, or `options.passphrase` if it is not.
* `passphrase` {string} Optional shared passphrase used for a single private
key and/or a PFX.
* `cert` {string|string[]|Buffer|Buffer[]} Optional cert chains in PEM format.
One cert chain should be provided per private key. Each cert chain should
consist of the PEM formatted certificate for a provided private `key`,
followed by the PEM formatted intermediate certificates (if any), in order,
and not including the root CA (the root CA must be pre-known to the peer,
see `ca`). When providing multiple cert chains, they do not have to be in
the same order as their private keys in `key`. If the intermediate
certificates are not provided, the peer will not be able to validate the
certificate, and the handshake will fail.
* `ca` {string|string[]|Buffer|Buffer[]} Optionally override the trusted CA
certificates. Default is to trust the well-known CAs curated by Mozilla.
Mozilla's CAs are completely replaced when CAs are explicitly specified
Expand All @@ -1067,19 +1039,17 @@ changes:
certificate can match or chain to.
For self-signed certificates, the certificate is its own CA, and must be
provided.
* `cert` {string|string[]|Buffer|Buffer[]} Optional cert chains in PEM format.
One cert chain should be provided per private key. Each cert chain should
consist of the PEM formatted certificate for a provided private `key`,
followed by the PEM formatted intermediate certificates (if any), in order,
and not including the root CA (the root CA must be pre-known to the peer,
see `ca`). When providing multiple cert chains, they do not have to be in
the same order as their private keys in `key`. If the intermediate
certificates are not provided, the peer will not be able to validate the
certificate, and the handshake will fail.
* `ciphers` {string} Optional cipher suite specification, replacing the
default. For more information, see [modifying the default cipher suite][].
* `honorCipherOrder` {boolean} Attempt to use the server's cipher suite
preferences instead of the client's. When `true`, causes
`SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see
[OpenSSL Options][] for more information.
* `ecdhCurve` {string} A string describing a named curve or a colon separated
list of curve NIDs or names, for example `P-521:P-384:P-256`, to use for
ECDH key agreement, or `false` to disable ECDH. Set to `auto` to select the
curve automatically. Use [`crypto.getCurves()`][] to obtain a list of
available curve names. On recent releases, `openssl ecparam -list_curves`
will also display the name and description of each available elliptic curve.
**Default:** [`tls.DEFAULT_ECDH_CURVE`].
* `clientCertEngine` {string} Optional name of an OpenSSL engine which can
provide the client certificate.
* `crl` {string|string[]|Buffer|Buffer[]} Optional PEM formatted
Expand All @@ -1090,6 +1060,36 @@ changes:
error will be thrown. It is strongly recommended to use 2048 bits or larger
for stronger security. If omitted or invalid, the parameters are silently
discarded and DHE ciphers will not be available.
* `ecdhCurve` {string} A string describing a named curve or a colon separated
list of curve NIDs or names, for example `P-521:P-384:P-256`, to use for
ECDH key agreement, or `false` to disable ECDH. Set to `auto` to select the
curve automatically. Use [`crypto.getCurves()`][] to obtain a list of
available curve names. On recent releases, `openssl ecparam -list_curves`
will also display the name and description of each available elliptic curve.
**Default:** [`tls.DEFAULT_ECDH_CURVE`].
* `honorCipherOrder` {boolean} Attempt to use the server's cipher suite
preferences instead of the client's. When `true`, causes
`SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see
[OpenSSL Options][] for more information.
* `key` {string|string[]|Buffer|Buffer[]|Object[]} Optional private keys in
PEM format. PEM allows the option of private keys being encrypted. Encrypted
keys will be decrypted with `options.passphrase`. Multiple keys using
different algorithms can be provided either as an array of unencrypted key
strings or buffers, or an array of objects in the form `{pem:
<string|buffer>[, passphrase: <string>]}`. The object form can only occur in
an array. `object.passphrase` is optional. Encrypted keys will be decrypted
with `object.passphrase` if provided, or `options.passphrase` if it is not.
* `passphrase` {string} Optional shared passphrase used for a single private
key and/or a PFX.
* `pfx` {string|string[]|Buffer|Buffer[]|Object[]} Optional PFX or PKCS12
encoded private key and certificate chain. `pfx` is an alternative to
providing `key` and `cert` individually. PFX is usually encrypted, if it is,
`passphrase` will be used to decrypt it. Multiple PFX can be provided either
as an array of unencrypted PFX buffers, or an array of objects in the form
`{buf: <string|buffer>[, passphrase: <string>]}`. The object form can only
occur in an array. `object.passphrase` is optional. Encrypted PFX will be
decrypted with `object.passphrase` if provided, or `options.passphrase` if
it is not.
* `secureOptions` {number} Optionally affect the OpenSSL protocol behavior,
which is not usually necessary. This should be used carefully if at all!
Value is a numeric bitmask of the `SSL_OP_*` options from
Expand Down Expand Up @@ -1133,38 +1133,38 @@ changes:
-->

* `options` {Object}
* `ALPNProtocols`: {string[]|Buffer[]|Uint8Array[]|Buffer|Uint8Array}
An array of strings, `Buffer`s or `Uint8Array`s, or a single `Buffer` or
`Uint8Array` containing the supported ALPN protocols. `Buffer`s should have
the format `[len][name][len][name]...` e.g. `0x05hello0x05world`, where the
first byte is the length of the next protocol name. Passing an array is
usually much simpler, e.g. `['hello', 'world']`.
(Protocols should be ordered by their priority.)
* `clientCertEngine` {string} Optional name of an OpenSSL engine which can
provide the client certificate.
* `handshakeTimeout` {number} Abort the connection if the SSL/TLS handshake
does not finish in the specified number of milliseconds.
A `'tlsClientError'` is emitted on the `tls.Server` object whenever
a handshake times out. **Default:** `120000` (120 seconds).
* `requestCert` {boolean} If `true` the server will request a certificate from
clients that connect and attempt to verify that certificate. **Default:**
`false`.
* `rejectUnauthorized` {boolean} If not `false` the server will reject any
connection which is not authorized with the list of supplied CAs. This
option only has an effect if `requestCert` is `true`. **Default:** `true`.
* `ALPNProtocols`: {string[]|Buffer[]|Uint8Array[]|Buffer|Uint8Array}
An array of strings, `Buffer`s or `Uint8Array`s, or a single `Buffer` or
`Uint8Array` containing the supported ALPN protocols. `Buffer`s should have
the format `[len][name][len][name]...` e.g. `0x05hello0x05world`, where the
first byte is the length of the next protocol name. Passing an array is
usually much simpler, e.g. `['hello', 'world']`.
(Protocols should be ordered by their priority.)
* `requestCert` {boolean} If `true` the server will request a certificate from
clients that connect and attempt to verify that certificate. **Default:**
`false`.
* `sessionTimeout` {number} An integer specifying the number of seconds after
which the TLS session identifiers and TLS session tickets created by the
server will time out. See [`SSL_CTX_set_timeout`] for more details.
* `SNICallback(servername, cb)` {Function} A function that will be called if
the client supports SNI TLS extension. Two arguments will be passed when
called: `servername` and `cb`. `SNICallback` should invoke `cb(null, ctx)`,
where `ctx` is a `SecureContext` instance. (`tls.createSecureContext(...)`
can be used to get a proper `SecureContext`.) If `SNICallback` wasn't
provided the default callback with high-level API will be used (see below).
* `sessionTimeout` {number} An integer specifying the number of seconds after
which the TLS session identifiers and TLS session tickets created by the
server will time out. See [`SSL_CTX_set_timeout`] for more details.
* `ticketKeys`: A 48-byte `Buffer` instance consisting of a 16-byte prefix,
a 16-byte HMAC key, and a 16-byte AES key. This can be used to accept TLS
session tickets on multiple instances of the TLS server.
* ...: Any [`tls.createSecureContext()`][] options can be provided. For
* ...: Any [`tls.createSecureContext()`][] option can be provided. For
servers, the identity options (`pfx` or `key`/`cert`) are usually required.
* `secureConnectionListener` {Function}

Expand Down