meta: merge node/master into node-chakracore/master

Merge 3f2382b as of 2018-01-04
This commit was automatically generated. For any problems, please contact jackhorton

Reviewed-By: Taylor Woll <[email protected]>

CONTRIBUTING.md

@@ -199,9 +199,8 @@ functional guidelines of the Node.js project.
 
 ## Pull Requests
 
-Pull Requests are the way in which concrete changes are made to the code,
-documentation, dependencies, and tools contained with the `nodejs/node`
-repository.
+Pull Requests are the way concrete changes are made to the code, documentation,
+dependencies, and tools contained in the `nodejs/node` repository.
 
 There are two fundamental components of the Pull Request process: one concrete
 and technical, and one more process oriented. The concrete and technical
@@ -603,12 +602,11 @@ your name on it. Congratulations and thanks for your contribution!
 All Node.js contributors who choose to review and provide feedback on Pull
 Requests have a responsibility to both the project and the individual making the
 contribution. Reviews and feedback must be helpful, insightful, and geared
-towards improving the contribution as opposed to simply blocking it or
-stopping it. If there are reasons why you feel the PR should not land, explain
-what those are. Do not expect to be able to block a Pull Request from advancing
-simply because you say "No" without giving an explanation. It is also important
-to be open to having your mind changed, and to being open to working with the
-contributor to make the Pull Request better.
+towards improving the contribution as opposed to simply blocking it. If there
+are reasons why you feel the PR should not land, explain what those are. Do not
+expect to be able to block a Pull Request from advancing simply because you say
+"No" without giving an explanation. Be open to having your mind changed. Be open
+to working with the contributor to make the Pull Request better.
 
 Reviews that are dismissive or disrespectful of the contributor or any other
 reviewers are strictly counter to the [Code of Conduct][].

doc/api/async_hooks.md

@@ -484,9 +484,8 @@ fs.open(path, 'r', (err, fd) => {
 });
 ```
 
-It is important to note that the ID returned fom `executionAsyncId()` is related
-to execution timing, not causality (which is covered by `triggerAsyncId()`). For
-example:
+The ID returned fom `executionAsyncId()` is related to execution timing, not
+causality (which is covered by `triggerAsyncId()`). For example:
 
 ```js
 const server = net.createServer(function onConnection(conn) {
@@ -538,9 +537,9 @@ own resources.
 
 The `init` hook will trigger when an `AsyncResource` is instantiated.
 
-*Note*: It is important that `before`/`after` calls are unwound
-in the same order they are called. Otherwise an unrecoverable exception
-will occur and the process will abort.
+*Note*: `before` and `after` calls must be unwound in the same order that they
+are called. Otherwise, an unrecoverable exception will occur and the process
+will abort.
 
 The following is an overview of the `AsyncResource` API.
 

doc/api/errors.md

@@ -312,11 +312,10 @@ location information will be displayed for that frame. Otherwise, the
 determined function name will be displayed with location information appended
 in parentheses.
 
-It is important to note that frames are **only** generated for JavaScript
-functions. If, for example, execution synchronously passes through a C++ addon
-function called `cheetahify`, which itself calls a JavaScript function, the
-frame representing the `cheetahify` call will **not** be present in the stack
-traces:
+Frames are only generated for JavaScript functions. If, for example, execution
+synchronously passes through a C++ addon function called `cheetahify` which
+itself calls a JavaScript function, the frame representing the `cheetahify` call
+will not be present in the stack traces:
 
 ```js
 const cheetahify = require('./native-binding.node');

doc/api/http2.md

@@ -283,6 +283,18 @@ session.setTimeout(2000);
 session.on('timeout', () => { /** .. **/ });
 ```
 
+#### http2session.alpnProtocol
+<!-- YAML
+added: REPLACEME
+-->
+
+* Value: {string|undefined}
+
+Value will be `undefined` if the `Http2Session` is not yet connected to a
+socket, `h2c` if the `Http2Session` is not connected to a `TLSSocket`, or
+will return the value of the connected `TLSSocket`'s own `alpnProtocol`
+property.
+
 #### http2session.close([callback])
 <!-- YAML
 added: REPLACEME
@@ -340,6 +352,18 @@ added: v8.4.0
 Will be `true` if this `Http2Session` instance has been destroyed and must no
 longer be used, otherwise `false`.
 
+#### http2session.encrypted
+<!-- YAML
+added: REPLACEME
+-->
+
+* Value: {boolean|undefined}
+
+Value is `undefined` if the `Http2Session` session socket has not yet been
+connected, `true` if the `Http2Session` is connected with a `TLSSocket`,
+and `false` if the `Http2Session` is connected to any other kind of socket
+or stream.
+
 #### http2session.goaway([code, [lastStreamID, [opaqueData]]])
 <!-- YAML
 added: REPLACEME
@@ -363,6 +387,17 @@ added: v8.4.0
 A prototype-less object describing the current local settings of this
 `Http2Session`. The local settings are local to *this* `Http2Session` instance.
 
+#### http2session.originSet
+<!-- YAML
+added: REPLACEME
+-->
+
+* Value: {string[]|undefined}
+
+If the `Http2Session` is connected to a `TLSSocket`, the `originSet` property
+will return an Array of origins for which the `Http2Session` may be
+considered authoritative.
+
 #### http2session.pendingSettingsAck
 <!-- YAML
 added: v8.4.0
@@ -1617,6 +1652,13 @@ changes:
      * `http2.constants.PADDING_STRATEGY_CALLBACK` - Specifies that the user
        provided `options.selectPadding` callback is to be used to determine the
        amount of padding.
+     * `http2.constants.PADDING_STRATEGY_ALIGNED` - Will *attempt* to apply
+       enough padding to ensure that the total frame length, including the
+       9-byte header, is a multiple of 8. For each frame, however, there is a
+       maxmimum allowed number of padding bytes that is determined by current
+       flow control state and settings. If this maximum is less than the
+       calculated amount needed to ensure alignment, the maximum will be used
+       and the total frame length will *not* necessarily be aligned at 8 bytes.
   * `peerMaxConcurrentStreams` {number} Sets the maximum number of concurrent
     streams for the remote peer as if a SETTINGS frame had been received. Will
     be overridden if the remote peer sets its own value for.
@@ -1688,6 +1730,13 @@ changes:
      * `http2.constants.PADDING_STRATEGY_CALLBACK` - Specifies that the user
        provided `options.selectPadding` callback is to be used to determine the
        amount of padding.
+     * `http2.constants.PADDING_STRATEGY_ALIGNED` - Will *attempt* to apply
+       enough padding to ensure that the total frame length, including the
+       9-byte header, is a multiple of 8. For each frame, however, there is a
+       maxmimum allowed number of padding bytes that is determined by current
+       flow control state and settings. If this maximum is less than the
+       calculated amount needed to ensure alignment, the maximum will be used
+       and the total frame length will *not* necessarily be aligned at 8 bytes.
   * `peerMaxConcurrentStreams` {number} Sets the maximum number of concurrent
     streams for the remote peer as if a SETTINGS frame had been received. Will
     be overridden if the remote peer sets its own value for
@@ -1768,6 +1817,13 @@ changes:
      * `http2.constants.PADDING_STRATEGY_CALLBACK` - Specifies that the user
        provided `options.selectPadding` callback is to be used to determine the
        amount of padding.
+     * `http2.constants.PADDING_STRATEGY_ALIGNED` - Will *attempt* to apply
+       enough padding to ensure that the total frame length, including the
+       9-byte header, is a multiple of 8. For each frame, however, there is a
+       maxmimum allowed number of padding bytes that is determined by current
+       flow control state and settings. If this maximum is less than the
+       calculated amount needed to ensure alignment, the maximum will be used
+       and the total frame length will *not* necessarily be aligned at 8 bytes.
   * `peerMaxConcurrentStreams` {number} Sets the maximum number of concurrent
     streams for the remote peer as if a SETTINGS frame had been received. Will
     be overridden if the remote peer sets its own value for

doc/api/os.md

@@ -31,11 +31,10 @@ added: v0.5.0
 * Returns: {string}
 
 The `os.arch()` method returns a string identifying the operating system CPU
-architecture *for which the Node.js binary was compiled*.
+architecture for which the Node.js binary was compiled.
 
 The current possible values are: `'arm'`, `'arm64'`, `'ia32'`, `'mips'`,
-`'mipsel'`, `'ppc'`, `'ppc64'`, `'s390'`, `'s390x'`, `'x32'`, `'x64'`,  and
-`'x86'`.
+`'mipsel'`, `'ppc'`, `'ppc64'`, `'s390'`, `'s390x'`, `'x32'`, and `'x64'`.
 
 Equivalent to [`process.arch`][].
 

doc/api/process.md

@@ -374,16 +374,11 @@ process.on('SIGINT', handle);
 process.on('SIGTERM', handle);
 ```
 
-*Note*: An easy way to send the `SIGINT` signal is with `<Ctrl>-C` in most
-terminal programs.
-
-It is important to take note of the following:
-
 * `SIGUSR1` is reserved by Node.js to start the [debugger][]. It's possible to
   install a listener but doing so will _not_ stop the debugger from starting.
 * `SIGTERM` and `SIGINT` have default handlers on non-Windows platforms that
-  resets the terminal mode before exiting with code `128 + signal number`. If
-  one of these signals has a listener installed, its default behavior will be
+  reset the terminal mode before exiting with code `128 + signal number`. If one
+  of these signals has a listener installed, its default behavior will be
   removed (Node.js will no longer exit).
 * `SIGPIPE` is ignored by default. It can have a listener installed.
 * `SIGHUP` is generated on Windows when the console window is closed, and on
@@ -394,7 +389,7 @@ It is important to take note of the following:
   installed its default behavior will be removed.
 * `SIGTERM` is not supported on Windows, it can be listened on.
 * `SIGINT` from the terminal is supported on all platforms, and can usually be
-  generated with `CTRL+C` (though this may be configurable). It is not generated
+  generated with `<Ctrl>+C` (though this may be configurable). It is not generated
   when terminal raw mode is enabled.
 * `SIGBREAK` is delivered on Windows when `<Ctrl>+<Break>` is pressed, on
   non-Windows platforms it can be listened on, but there is no way to send or
@@ -432,9 +427,11 @@ added: v0.5.0
 
 * {string}
 
-The `process.arch` property returns a String identifying the processor
-architecture that the Node.js process is currently running on. For instance
-`'arm'`, `'ia32'`, or `'x64'`.
+The `process.arch` property returns a string identifying the operating system CPU
+architecture for which the Node.js binary was compiled.
+
+The current possible values are: `'arm'`, `'arm64'`, `'ia32'`, `'mips'`,
+`'mipsel'`, `'ppc'`, `'ppc64'`, `'s390'`, `'s390x'`, `'x32'`, and `'x64'`.
 
 ```js
 console.log(`This processor architecture is ${process.arch}`);
@@ -987,10 +984,10 @@ process.exit(1);
 
 The shell that executed Node.js should see the exit code as `1`.
 
-It is important to note that calling `process.exit()` will force the process to
-exit as quickly as possible *even if there are still asynchronous operations
-pending* that have not yet completed fully, *including* I/O operations to
-`process.stdout` and `process.stderr`.
+Calling `process.exit()` will force the process to exit as quickly as possible
+even if there are still asynchronous operations pending that have not yet
+completed fully, including I/O operations to `process.stdout` and
+`process.stderr`.
 
 In most situations, it is not actually necessary to call `process.exit()`
 explicitly. The Node.js process will exit on its own *if there is no additional

doc/api/repl.md

@@ -114,9 +114,8 @@ $ node repl_test.js
 'message'
 ```
 
-It is important to note that context properties are *not* read-only by default.
-To specify read-only globals, context properties must be defined using
-`Object.defineProperty()`:
+Context properties are not read-only by default. To specify read-only globals,
+context properties must be defined using `Object.defineProperty()`:
 
 ```js
 const repl = require('repl');

doc/api/stream.md

@@ -1426,12 +1426,11 @@ successfully or failed with an error. The first argument passed to the
 `callback` must be the `Error` object if the call failed or `null` if the
 write succeeded.
 
-It is important to note that all calls to `writable.write()` that occur between
-the time `writable._write()` is called and the `callback` is called will cause
-the written data to be buffered. Once the `callback` is invoked, the stream will
-emit a [`'drain'`][] event. If a stream implementation is capable of processing
-multiple chunks of data at once, the `writable._writev()` method should be
-implemented.
+All calls to `writable.write()` that occur between the time `writable._write()`
+is called and the `callback` is called will cause the written data to be
+buffered. Once the `callback` is invoked, the stream will emit a [`'drain'`][]
+event. If a stream implementation is capable of processing multiple chunks of
+data at once, the `writable._writev()` method should be implemented.
 
 If the `decodeStrings` property is set in the constructor options, then
 `chunk` may be a string rather than a Buffer, and `encoding` will

doc/api/vm.md

@@ -87,9 +87,8 @@ changes:
     depending on whether code cache data is produced successfully.
 
 Creating a new `vm.Script` object compiles `code` but does not run it. The
-compiled `vm.Script` can be run later multiple times. It is important to note
-that the `code` is not bound to any global object; rather, it is bound before
-each run, just for that run.
+compiled `vm.Script` can be run later multiple times. The `code` is not bound to
+any global object; rather, it is bound before each run, just for that run.
 
 ### script.runInContext(contextifiedSandbox[, options])
 <!-- YAML

lib/_tls_wrap.js

@@ -621,7 +621,7 @@ TLSSocket.prototype._finishInit = function() {
     this.alpnProtocol = this._handle.getALPNNegotiatedProtocol();
   }
 
-  if (process.features.tls_sni && this._tlsOptions.isServer) {
+  if (process.features.tls_sni) {
     this.servername = this._handle.getServername();
   }
 

lib/internal/http2/core.js

@@ -70,7 +70,9 @@ const TLSServer = tls.Server;
 
 const kInspect = require('internal/util').customInspectSymbol;
 
+const kAlpnProtocol = Symbol('alpnProtocol');
 const kAuthority = Symbol('authority');
+const kEncrypted = Symbol('encrypted');
 const kHandle = Symbol('handle');
 const kID = Symbol('id');
 const kInit = Symbol('init');
@@ -731,6 +733,17 @@ function setupHandle(socket, type, options) {
 
   this[kHandle] = handle;
 
+  if (socket.encrypted) {
+    this[kAlpnProtocol] = socket.alpnProtocol;
+    this[kEncrypted] = true;
+  } else {
+    // 'h2c' is the protocol identifier for HTTP/2 over plain-text. We use
+    // it here to identify any session that is not explicitly using an
+    // encrypted socket.
+    this[kAlpnProtocol] = 'h2c';
+    this[kEncrypted] = false;
+  }
+
   const settings = typeof options.settings === 'object' ?
     options.settings : {};
 
@@ -805,9 +818,12 @@ class Http2Session extends EventEmitter {
       streams: new Map(),
       pendingStreams: new Set(),
       pendingAck: 0,
-      writeQueueSize: 0
+      writeQueueSize: 0,
+      originSet: undefined
     };
 
+    this[kEncrypted] = undefined;
+    this[kAlpnProtocol] = undefined;
     this[kType] = type;
     this[kProxySocket] = null;
     this[kSocket] = socket;
@@ -833,6 +849,46 @@ class Http2Session extends EventEmitter {
     debug(`Http2Session ${sessionName(type)}: created`);
   }
 
+  // Returns undefined if the socket is not yet connected, true if the
+  // socket is a TLSSocket, and false if it is not.
+  get encrypted() {
+    return this[kEncrypted];
+  }
+
+  // Returns undefined if the socket is not yet connected, `h2` if the
+  // socket is a TLSSocket and the alpnProtocol is `h2`, or `h2c` if the
+  // socket is not a TLSSocket.
+  get alpnProtocol() {
+    return this[kAlpnProtocol];
+  }
+
+  // TODO(jasnell): originSet is being added in preparation for ORIGIN frame
+  // support. At the current time, the ORIGIN frame specification is awaiting
+  // publication as an RFC and is awaiting implementation in nghttp2. Once
+  // added, an ORIGIN frame will add to the origins included in the origin
+  // set. 421 responses will remove origins from the set.
+  get originSet() {
+    if (!this.encrypted || this.destroyed)
+      return undefined;
+
+    let originSet = this[kState].originSet;
+    if (originSet === undefined) {
+      const socket = this[kSocket];
+      this[kState].originSet = originSet = new Set();
+      if (socket.servername != null) {
+        let originString = `https://${socket.servername}`;
+        if (socket.remotePort != null)
+          originString += `:${socket.remotePort}`;
+        // We have to ensure that it is a properly serialized
+        // ASCII origin string. The socket.servername might not
+        // be properly ASCII encoded.
+        originSet.add((new URL(originString)).origin);
+      }
+    }
+
+    return Array.from(originSet);
+  }
+
   // True if the Http2Session is still waiting for the socket to connect
   get connecting() {
     return (this[kState].flags & SESSION_FLAGS_READY) === 0;