Throw, don't abort. `new Buffer(0x3fffffff + 1)` used to bring down the process
with the following error message:
FATAL ERROR: v8::Object::SetIndexedPropertiesToExternalArrayData() length
exceeds max acceptable value
Fixes#2280.
fixes#2888
Previously a pair of end events would be emitted if a response was
paused/resumed, and the underlying socket was closed while the
response was paused
- fix crash calling ClientRequest::setKeepAlive if the underlying request is
HTTPS.
- fix discarding of callback parameter when calling ClientRequest::setTimeout on
HTTPS requests.
- fix discarding of noDelay parameter when calling ClientRequest::setNoDelay on
HTTPS requests.
joyent/node@b0c1541227 introduced a
regression causing `process.argv[0]` to be invalid in node processes
spawned from `PATH` (without explicit path to executable file - for
example when using global node installation).
Instead of finding a correct path to the executable, `process.cwd()`
would be prepended to `process.argv[0]`.
The only test using this is test/simple/test-fs-chmod.js, and it was
treating a.js and a1.js as two separate files, resulting in a race
condition. (Interestingly enough, it was *not* using the symlink file to
test lchmod, which uses a different temp file.)
simple/test-debugger-repl-utf8 has a tendency to fail and leave behind a stray
process that listens on common.PORT, making later tests fail with EADDRINUSE.
Repl is doing double evaluation of code: wrapped in parens and without
them. That's needed to allow users typing multiline chunks of code by
handling syntax errors on repl side. However if function declaration is
wrapped in parens (`(function a() {})`) calling it will be impossible,
so we're evaluating functions twice. That works fine for declaration,
but if entered code chunk returns function - it should not be called
twice.
fix#2773
This commit fixes a bug where the cluster module failed to propagate EADDRINUSE
errors.
When a worker starts a (net, http) server, it requests the listen socket from
its master who then creates and binds the socket.
Now, OS X and Windows don't always signal EADDRINUSE from bind() but instead
defer the error until a later syscall. libuv mimics this behaviour to provide
consistent behaviour across platforms but that means the worker could end up
with a socket that is not actually bound to the requested addresss.
That's why the worker now checks if the socket is bound, raising EADDRINUSE if
that's not the case.
Fixes#2721.
The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.
To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.
Łukasz Walukiewicz
isaacs
ssuda
Ben Noordhuis
Igor Zinkovsky
Nathan Rajlich
Dmitry Nizovtsev
Shigeki Ohtsu
Jimb Esser
Vincent Ollivier
koichik
AJ ONeal
Roly Fentanes
Maciej Małecki
Tomasz Buchert
Brandon Benvie
Mikeal Rogers
Fedor Indutny
einaros
Mark Nottingham