src: use global SealHandleScope #3945
Closed
Commits on Nov 15, 2015
-
build: fix --without-ssl compile time error
Fix the following build error by putting #if guards around the variables: ../src/node.cc: In function 'void node::ParseArgs(int*, const char**, int*, const char***, int*, const char***)': ../src/node.cc:3037:7: error: 'SSL2_ENABLE' was not declared in this scope SSL2_ENABLE = true; ^ ../src/node.cc:3039:7: error: 'SSL3_ENABLE' was not declared in this scope SSL3_ENABLE = true; Fixes: nodejs/node-v0.x-archive#8645 PR-URL: nodejs#3825 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Johan Bergström <[email protected]> Reviewed-By: James M Snell <[email protected]> -
This is a roll-up release that includes all changes to npm since 2.13.4. PR-URL: nodejs#3684 Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: James M Snell <[email protected]>
Commits on Nov 23, 2015
-
tls: prevent server from using dhe keys < 768
As part of the fix for logjam, node was upgraded to a level of openssl which rejects connections to servers that are using keys smaller than 768 bits. It is still possible, however, to create a server that uses a smaller key size and and older client may be able to connect to it. This PR moves us to a secure by default stance on the server side as well, preventing the creation of a server using a dhe key size less than 768. This can be overridden with the command line option which is also added. It is derived from nodejs@9b35be5 which was landed in later io.js/node versions but makes the limit 1024. This PR uses the smaller limit in order to meet the recomendations for logjam while matching was was done on the client side in openssl to minimize the potential impacton users. The command line option will only be documented in the release notes and will not be added to the tls documentation. The goal is that people who are upgrading are aware and can use the option if they run into issues, but otherwise the option is not visible/used. PR-URL: nodejs#3890 Fixes: nodejs/Release#49 Reviewed-By: Myles Borins <[email protected]> Reviewed-By: James Snell <[email protected]> Reviewed-By: Rod Vagg <[email protected]> Reviewed-By: Shigeki Ohtsu <[email protected]>
Commits on Nov 24, 2015
-
deps: backport 1f8555 from v8's upstream
Original commit message: api: introduce SealHandleScope When debugging Handle leaks in io.js we found it very convenient to be able to Seal some specific (root in our case) scope to prevent Handle allocations in it, and easily find leakage. R=yangguo BUG= Review URL: https://codereview.chromium.org/1079713002 Cr-Commit-Position: refs/heads/master@{nodejs#27766} Should help us identify and fix Handle leaks in core and user-space code. NOTE: Works only in Debug build now, but is still better than nothing. -
src: use global SealHandleScope
Helps to find Handle leaks in Debug mode. Ref: a5244d3 "deps: backport 1f8555 from v8's upstream"
-
node: fix leaking Context handle
The call to node::Environment::GetCurrent(Isolate*) makes the call to v8::Isolate::GetCurrentContext(). Doing so creates a new handle that was bubbled to the SealHandleScope.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.