06:40:37  * piscisaureusquit (Ping timeout: 255 seconds)
06:43:20  * Ldxngxjoined
06:48:19  * quijotejoined
06:49:09  * kazuponquit (Remote host closed the connection)
06:50:02  * inolenjoined
06:53:07  * quijotequit (Ping timeout: 265 seconds)
06:54:05  * piscisaureusjoined
06:56:28  * kazuponjoined
07:04:15  * Rolinhquit (Quit: WeeChat 1.0.1)
07:28:23  * AlexisMochajoined
07:30:07  * stagasjoined
07:30:38  * avalanche123joined
07:33:44  * a_lejoined
07:39:11  * piscisaureusquit (Quit: ~ Trillian Astra - www.trillian.im ~)
07:42:26  * avalanche123quit (Remote host closed the connection)
07:42:52  * avalanche123joined
07:44:10  * jreyno40joined
07:46:17  * quijotequit
07:47:28  * avalanche123quit (Ping timeout: 250 seconds)
08:11:52  * a_lequit (Remote host closed the connection)
08:14:34  * jreyno40part
08:15:03  * rmgjoined
08:15:29  * inolenquit (Quit: Leaving.)
08:16:03  * inolenjoined
08:19:58  * rmgquit (Ping timeout: 250 seconds)
08:26:43  * a_lejoined
08:34:07  * dsantiagoquit (Quit: Leaving...)
08:40:56  * a_lequit (Remote host closed the connection)
08:43:50  * dsantiagojoined
08:47:59  * stagasquit (Ping timeout: 272 seconds)
08:50:27  * rendarjoined
08:57:53  * seishunjoined
09:09:22  * seishunquit (Read error: Connection reset by peer)
09:16:43  * seishunjoined
09:22:12  * stagasjoined
09:27:12  * dshaw_quit (Quit: Leaving.)
09:34:08  * seishunquit (Ping timeout: 265 seconds)
09:35:00  <txdv>trevnorris: nub, fuq, are these names satire?
09:41:26  * a_lejoined
09:46:12  * a_lequit (Ping timeout: 250 seconds)
09:46:33  * seishunjoined
09:49:08  * seishunquit (Client Quit)
09:50:10  * bajtosquit (Quit: bajtos)
09:53:21  * seishunjoined
10:03:07  * seishunquit (Ping timeout: 255 seconds)
10:13:48  * bajtosjoined
10:36:08  * Left_Turnjoined
10:37:42  * avalanche123joined
10:37:58  * c4milo_quit (Remote host closed the connection)
10:39:04  * inolenquit (Ping timeout: 250 seconds)
10:40:38  * inolenjoined
10:42:29  * avalanche123quit (Ping timeout: 256 seconds)
10:50:01  <txdv>saghul: do you want to assert fail in debug or release build?
10:50:26  <txdv>Because i'm confused, I thought we should assert fail in debug and return EINVAL in release buildls to libuv not crash the entire program
10:51:46  <saghul>txdv: assert in debug, return in release
10:59:50  <txdv>You wrote it the other way around in your comment
10:59:52  <txdv>so i was confused
11:04:20  * kazuponquit (Remote host closed the connection)
11:05:11  * kazuponjoined
11:09:57  * kazuponquit (Ping timeout: 246 seconds)
11:15:39  * Left_Turnquit (Ping timeout: 255 seconds)
11:40:10  * toothrotjoined
11:42:35  * iarnaquit (Remote host closed the connection)
11:42:50  * iarnajoined
11:43:20  * iarnaquit (Remote host closed the connection)
11:53:27  * rmgjoined
11:58:09  * rmgquit (Ping timeout: 244 seconds)
11:58:28  * Left_Turnjoined
12:06:25  * jas-joined
12:37:19  * importantshockjoined
12:44:04  * iarnajoined
12:44:17  * janjongboomquit (Quit: My MacBook has gone to sleep. ZZZzzz…)
12:48:21  * iarnaquit (Ping timeout: 255 seconds)
12:50:26  * cjihrigjoined
12:51:11  * toothrotquit (Ping timeout: 272 seconds)
12:59:06  * c4milojoined
13:00:39  * bajtosquit (Quit: bajtos)
13:03:33  * c4miloquit (Ping timeout: 244 seconds)
13:16:03  * Fishrock123joined
13:17:26  * cjihrigquit (Quit: Leaving.)
13:19:50  * c4milojoined
13:25:35  * c4miloquit (Read error: Connection reset by peer)
13:25:49  * c4milojoined
13:34:07  * c4milo_joined
13:36:57  * c4miloquit (Ping timeout: 245 seconds)
13:42:34  * importantshockquit (Remote host closed the connection)
13:46:01  * lance|afkchanged nick to lanceball
13:48:03  * cjihrigjoined
13:52:27  * thlorenzjoined
13:56:04  * seishunjoined
14:05:21  * seishunquit (Read error: Connection reset by peer)
14:08:00  * chris_99joined
14:15:42  * stagasquit (Ping timeout: 245 seconds)
14:21:11  * dshaw_joined
14:23:32  * importantshockjoined
14:35:34  * janjongboomjoined
14:36:29  * seishunjoined
14:38:36  * seishunquit (Read error: Connection reset by peer)
14:45:13  * seishunjoined
14:45:30  * janjongboomquit (Quit: My MacBook has gone to sleep. ZZZzzz…)
14:47:20  * a_lejoined
15:00:34  * seishunquit (Ping timeout: 258 seconds)
15:01:50  * bajtosjoined
15:03:25  * avalanche123joined
15:11:11  * c4milo_quit (Remote host closed the connection)
15:11:37  * c4milojoined
15:16:24  * c4miloquit (Ping timeout: 250 seconds)
15:19:25  * chris_99quit (Remote host closed the connection)
15:21:34  * seishunjoined
15:28:50  * AlexisMochaquit (Ping timeout: 265 seconds)
15:33:33  * iarnajoined
15:33:40  * avalanche123quit (Remote host closed the connection)
15:34:07  * avalanche123joined
15:37:42  * iarnaquit (Ping timeout: 246 seconds)
15:38:31  * avalanche123quit (Ping timeout: 258 seconds)
15:42:47  * seishunquit (Ping timeout: 245 seconds)
15:47:54  * FROGGS[mobile]joined
15:50:16  * stagasjoined
15:51:12  * lanceballchanged nick to lance|afk
15:51:41  * c4milojoined
15:52:34  * chris_99joined
16:01:26  * c4miloquit (Remote host closed the connection)
16:03:58  * AlexisMochajoined
16:06:20  * avalanche123joined
16:10:51  * rmgjoined
16:11:06  * avalanche123quit (Ping timeout: 258 seconds)
16:18:17  * octetcloudjoined
16:19:25  * bajtosquit (Quit: bajtos)
16:24:22  * stagasquit (Ping timeout: 240 seconds)
16:25:38  * seishunjoined
16:29:11  * avalanche123joined
16:31:52  * octetcloudquit (Quit: WeeChat 1.0.1)
16:32:30  * octetcloudjoined
16:32:32  * kenperkinsjoined
16:32:40  * octetcloudquit (Client Quit)
16:32:41  * dshaw_quit (Read error: Connection reset by peer)
16:32:58  * dshaw_joined
16:33:45  * octetcloudjoined
16:39:17  * jgijoined
16:41:08  <trevnorris>txdv: fuq.h was an honest accident that I just sort of ran with. "nub" was intentional.
16:42:04  <trevnorris>nub: "the crux or central point of a matter", it's meant to be a super minimal wrapper around system I/O.
16:44:22  * bajtosjoined
16:47:53  * seishunquit (Read error: Connection reset by peer)
16:48:20  * seishunjoined
16:50:25  * dshaw_quit (Quit: Leaving.)
16:52:02  * dshaw_joined
16:55:14  * davijoined
16:55:14  * daviquit (Changing host)
16:55:14  * davijoined
16:56:35  * stagasjoined
17:01:07  * lance|afkchanged nick to lanceball
17:05:44  * brsonjoined
17:18:39  <tjfontaine>ok to unblock the 0.10.33 release these are the 3 commits in question, that I plan on committing directly to the release branch and rebuilding -- https://github.com/misterdjules/node/compare/35443862a2319c31db50ea540d682f7614d9d959...76d4033326ddf72dae0a724199e4200254e52517 AlexisMocha, indutny, chrisdickinson, trevnorris, jgi
17:19:06  <indutny>tjfontaine: looking
17:19:19  <tjfontaine>I think the commit messages identify the error cases that were identified just before the release that we were working to mitigate, along with a very thorough test that tries to test as much as possible right now the matrix of options for TLS
17:19:26  <indutny>tjfontaine: gosh, test style is totally borked
17:19:35  <trevnorris>looking
17:20:08  <tjfontaine>jgi can talk about implementaiton of that test, and it can certainly be improved it was just a matter of getting a test together quickly that we could use to verify our assumptions
17:20:14  * stagasquit (Ping timeout: 245 seconds)
17:20:43  <trevnorris>is it possible to compile and run node w/o openssl (meaning no crypto)?
17:20:52  <tjfontaine>"yes"
17:21:00  <tjfontaine>in so far as requiring modules will throw if you do
17:21:12  <trevnorris>then the test in simple should have an early return checking that.
17:21:30  * stagasjoined
17:21:33  <trevnorris>(though honestly there are probably plenty of crypto tests that don't do this)
17:22:03  <tjfontaine>yes, lets focus on unblocking the v0.10.33 release, we can fix style and plenty of low hanging fruit to make that test run faster
17:22:24  <trevnorris>ok. well if tests pass then LGTM.
17:22:40  <indutny>tjfontaine: few comments
17:22:41  <indutny>otherwise LGTM
17:23:03  <tjfontaine>you commented inline?
17:23:24  <tjfontaine>ok see them
17:26:07  * seishunquit (Quit: Leaving)
17:38:27  <tjfontaine>So I'm going to ship it?
17:38:29  * seishunjoined
17:38:44  <trevnorris>yeah. ship it!
17:39:25  <trevnorris>i mean, honestly we're _technically_ releasing on a bug-fix release. we shouldn't feel bad about releasing a new one every week if needed. :P
17:39:57  <tjfontaine>yes we should, especially when it comes to the idea we may inadvertantly make people less secure
17:40:24  <tjfontaine>if we had released it as it was, anyone who used honorCipherOrder would have had a false sense of security
17:40:31  <tjfontaine>and we would have had a ton of egg on our face
17:41:15  <trevnorris>heh, well I never said we should ship broken patches. ;)
17:41:36  <tjfontaine>onward to glory then
17:42:10  <trevnorris>and w/ how quickly security issues have been revealed w/ openssl I don't think we could ever make sure we're completely secure.
17:42:22  <trevnorris>though, what's the reason we'd have egg on our face for honorCipherOrder?
17:42:52  <tjfontaine>if you set honorCipherOrder = true, we would not have been disabling SSLv2/3 by default
17:43:06  <tjfontaine>so people would still have been potentially negotiating down
17:43:27  <tjfontaine>if both client and server used newer openssl though it would be fine [but we can't know that]
17:43:35  <tjfontaine>(which is why we're disabling them by default)
17:45:51  * MI6joined
17:46:39  <trevnorris>ah, ok. so they're being built in but disabled by default. okie dokie
17:47:02  <tjfontaine>yup
17:47:15  * daviddiasjoined
17:47:49  * dshaw_quit (Quit: Leaving.)
17:50:12  * c4milojoined
17:52:55  * c4milo_joined
17:54:14  * c4miloquit (Read error: Connection reset by peer)
17:58:22  * piscisaureusjoined
17:59:09  * thlorenzquit (Remote host closed the connection)
18:04:35  * iarnajoined
18:04:54  <indutny>tjfontaine: ship
18:05:18  <tjfontaine>in process of building, mac osx changed something in the last system update for mavericks, so osx is rebuilding atm
18:05:28  <tjfontaine>I had to give codesign more privileges to sign the package
18:05:43  <indutny>I see
18:06:18  * cjihrigquit (Quit: Leaving.)
18:09:39  * wolfeidaujoined
18:11:20  * Ldxngx_joined
18:12:36  * cjihrigjoined
18:19:04  * janjongboomjoined
18:19:55  * daviquit (Ping timeout: 255 seconds)
18:20:46  * bajtosquit (Quit: bajtos)
18:27:04  * dap_joined
18:27:19  <creationix>indutny: if I were to add tls bindings to a new project, which crypto library should I use? (openssl, libresss, boringssl, nss, etc)
18:27:29  <creationix>I just need tls for https and rsa signing and verifying
18:28:04  <indutny>hm...
18:28:06  <creationix>I prefer C over C++ and BSD/MIT/ISC style licensing
18:28:07  <indutny>I'd suggest boringssl
18:28:13  <indutny>not sure about license, though
18:28:20  <indutny>guess it is quite free
18:29:11  <indutny>has same license as OpenSSL
18:29:17  <indutny>almost BSD
18:30:37  <creationix>that should be compat, my project is apache licensed
18:30:43  * rendarquit (Ping timeout: 255 seconds)
18:30:50  <creationix>I just wonder if Google expects outsiders to use it. There is no README
18:31:00  <creationix>and I heard they don’t care about breaking api compat
18:32:02  * brsonquit (Quit: leaving)
18:32:37  <creationix>it’s a shame yassl is gpl, it looks nice
18:33:43  <saghul>creationix: did you check gnuTLS?
18:33:50  <saghul>it's LGPL2, IIRC
18:34:44  <creationix>I guess lgpl is fine as long as I don’t patch it (which I have no intentions of doing)
18:36:38  * rendarjoined
18:37:23  <creationix>since I’m using tls mostly for https client, I need to keep ssl 3.0 enabled right?
18:37:39  <creationix>or do most servers have tls 1.0 at least?
18:37:56  <creationix>a lot of the servers I’ll be talking to are actually node 10.x
18:38:33  <indutny>gnutls, meh
18:38:46  <indutny>It is always broken and not many people do care about it
18:39:43  <creationix>and then there is openssl that everybody uses
18:39:45  <creationix>or maybe nss
18:41:00  * qard-appnetapart
18:41:53  * qard-appnetajoined
18:42:04  <saghul>indutny: don't hate, appreciate! :-)
18:42:42  * sblomjoined
18:42:45  <indutny>creationix: nss is better choice than wolfssl, imho :)
18:42:48  <indutny>and gnutls
18:42:55  <indutny>saghul: haha
18:43:08  <tjfontaine>every ssl library is pretty awful
18:43:16  <tjfontaine>I suspect fedor should write his own :)
18:53:47  * thlorenzjoined
18:59:34  * iarnaquit (Remote host closed the connection)
19:12:34  <MI6>joyent/node: tjfontaine created tag v0.10.33 - http://git.io/elK34Q
19:13:09  <MI6>joyent/node: Timothy J Fontaine v0.10 * ea69dd7 : Now working on 0.10.34 (+5 more commits) - http://git.io/a8W9VQ
19:13:57  * Ldxngxquit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
19:22:49  * avalanche123quit (Remote host closed the connection)
19:23:16  * avalanche123joined
19:28:09  * avalanche123quit (Ping timeout: 265 seconds)
19:29:46  * dshaw_joined
19:30:45  * ryancolejoined
19:33:30  <indutny>tjfontaine: I did one :)
19:33:31  <indutny>tls.js
19:33:32  <indutny>haha
19:35:26  <creationix>indutny: but you didn’t implement the rsa part right?
19:35:33  <indutny>I didn't
19:35:49  <indutny>and I don't really want to
19:35:54  <indutny>there so much stuff to keep in mind
19:35:56  * ryancolequit
19:36:01  <creationix>I tried, I found my limits
19:36:01  <indutny>constant-time `power` function
19:36:04  <indutny>rsa blinding
19:36:11  <creationix>yep, it’s pretty insane
19:36:14  <indutny>yeah
19:36:17  <indutny>doing it is easy
19:36:19  <indutny>doing it securely
19:36:24  <indutny>this is a real PITA
19:36:35  * avalanche123joined
19:36:59  <indutny>still I like extensibility of javascript
19:37:04  <indutny>you could change things in runtime
19:37:11  <indutny>and introduce extensions in 3rd party modules
19:37:16  <indutny>it is just insanely cool
19:37:27  <indutny>unfortunatelly the language doesn't provide any safety guarantees
19:37:38  <indutny>so code is not verified
19:37:45  <indutny>in any way
19:37:52  * AlexisMochaquit (Ping timeout: 240 seconds)
19:38:14  <creationix>and you have to trust the browser, all native addons, the http server and the internet transport that gave you the code
19:38:24  <indutny>well
19:38:37  <indutny>you have to trust many things in any case
19:38:39  <indutny>even with C
19:38:41  <indutny>:)
19:38:47  <creationix>gcc, heh
19:38:50  <indutny>yeah
19:38:51  <indutny>ptrace
19:38:54  <indutny>kernel
19:39:05  <indutny>SSD drive firmware
19:39:11  <indutny>:)
19:39:19  <creationix>usb firmware :P
19:39:23  <indutny>oh, hell yes
19:39:44  <indutny>though, it isn't much involved :)
19:39:49  <indutny>while other stuff is
19:41:04  <creationix>I just want a lighweight way to make https requests in my lua program and sign and verify some rsa signatures for upgrades
19:41:35  <creationix>I use nginx for tls termination on the server-side
19:45:45  * piscisaureusquit (Quit: ~ Trillian Astra - www.trillian.im ~)
19:45:46  <indutny>chrisdickinson
19:46:38  * janjongboomquit (Quit: My MacBook has gone to sleep. ZZZzzz…)
19:48:49  * Fishrock123quit (Remote host closed the connection)
19:49:41  * jas-quit (Remote host closed the connection)
19:54:35  * dap_quit (Quit: Leaving.)
19:56:52  * FROGGS[mobile]quit (Remote host closed the connection)
19:58:23  * dap_joined
20:02:21  * Fishrock123joined
20:07:36  * tumdedumquit (Ping timeout: 250 seconds)
20:08:04  * tumdedumjoined
20:11:36  * iarnajoined
20:14:34  * dap_quit (Quit: Leaving.)
20:15:14  * dap_joined
20:27:11  * Fishrock123quit (Remote host closed the connection)
20:29:32  * Fishrock123joined
20:38:53  * seishunquit (Remote host closed the connection)
20:39:14  * Ralithquit (Ping timeout: 250 seconds)
20:41:43  * Ralithjoined
20:41:59  * seishunjoined
20:42:19  * stagasquit (Ping timeout: 245 seconds)
20:48:48  * seishunquit (Read error: Connection reset by peer)
20:49:15  * EhevuTovjoined
20:49:44  * seishunjoined
20:53:14  * Fishrock123quit (Remote host closed the connection)
21:08:42  * Ralithquit (Ping timeout: 250 seconds)
21:20:25  * dshaw_quit (Quit: Leaving.)
21:20:35  * c4milo_quit (Remote host closed the connection)
21:21:42  * c4milojoined
21:25:45  * toothrotjoined
21:26:45  * c4miloquit (Ping timeout: 255 seconds)
21:26:51  * rmgquit (Remote host closed the connection)
21:28:54  * Fishrock123joined
21:29:48  * avalanch_joined
21:29:54  * avalanche123quit (Read error: No route to host)
21:32:01  * dap_1joined
21:33:17  * rendarquit
21:33:53  * dap_quit (Ping timeout: 240 seconds)
21:43:27  * seishunquit (Quit: ChatZilla 0.9.91 [Firefox 32.0.3/20140923175406])
21:43:58  * seishunjoined
21:47:09  * yunongquit (Ping timeout: 244 seconds)
21:47:22  * Ralithjoined
21:48:02  * seishunquit (Client Quit)
21:48:53  * Fishrock123quit (Ping timeout: 240 seconds)
21:50:58  * seishunjoined
21:58:18  * seishunquit (Remote host closed the connection)
21:59:52  * yunongjoined
22:03:28  * chris_99quit (Ping timeout: 244 seconds)
22:04:38  * dshaw_joined
22:05:29  * dshaw_quit (Client Quit)
22:05:38  * rmgjoined
22:05:39  * ijrothjoined
22:05:40  * piscisaureusjoined
22:12:55  * thlorenzquit (Remote host closed the connection)
22:15:49  * chris_99joined
22:16:06  * piscisaureusquit (Quit: ~ Trillian Astra - www.trillian.im ~)
22:21:35  * ijrothquit (Quit: Leaving.)
22:24:57  * dap_1quit (Quit: Leaving.)
22:26:22  * a_lequit (Remote host closed the connection)
22:27:09  * a_lejoined
22:36:02  * AlexisMochajoined
23:05:29  * saghulquit (Ping timeout: 258 seconds)
23:06:00  * cjihrigquit (Quit: Leaving.)
23:10:05  * toothrotquit (Ping timeout: 258 seconds)
23:10:40  <a_le>is there a thread local variable that tells me in which uv_loop i'm running in? (that would make it easier to have logging macros that work anywhere within a uv loop)
23:10:49  * thlorenzjoined
23:17:34  * piscisaureusjoined
23:21:08  * janjongboomjoined
23:22:28  <trevnorris>a_le: nope. you'll have to set that yourself. isn't difficult though.
23:25:23  <a_le>trevnorris: right :)
23:25:55  * importantshockquit (Remote host closed the connection)
23:26:29  * importantshockjoined
23:26:48  * M28joined
23:27:18  <M28>is it safe to write to a stream from a thread that's not the main one, if it's guaranteed that a loop isn't running and that no one else is trying to write to it?
23:27:24  <M28>or is libuv completely single threaded?
23:27:29  <M28>(the stream is a tcp one)
23:27:54  <trevnorris>M28: not safe, though I just finished the first release of libnub which allows you to do that.
23:28:54  <M28>what does it do exactly? queue the actions to be executed and then run then in the main thread?
23:29:22  <M28>them*
23:29:40  <trevnorris>M28: no, it uses an implementation detail to momentarily halt the event loop on the thread it's running on so you can run the operation from another thread.
23:30:30  <trevnorris>sort of like a mutex for the event loop.
23:30:36  <M28>uh
23:30:52  * importantshockquit (Ping timeout: 255 seconds)
23:31:06  <M28>but what if I can guarantee that an event loop isn't running (so there's nothing to halt), I still can't uv_write to a handle from another thread?
23:33:00  <trevnorris>basically, yes.
23:33:08  <M28>:(
23:33:21  <trevnorris>oops. I meant, yes you can write from another thread.
23:33:26  <M28>oh
23:33:38  <trevnorris>though it's definitely sensitive. hence why I wrote libnub.
23:34:19  <trevnorris>also note that any callback you pass will run from on the main thread.
23:34:22  <M28>is it guaranteed by libuv that I can do the uv_write if 1. An event loop is not running 2. I have a mutex protecting the stream handle from other writes?
23:34:24  <M28>right
23:35:20  <M28>thank you
23:35:31  <trevnorris>well, libuv doesn't _technically_ guarantee it but the implementation details allow it.
23:36:02  <M28>well, something more guaranteed would be better >_>
23:36:09  <M28>like a specification :p
23:36:49  <trevnorris>heh, nope. not there. :)
23:37:23  <M28>meh, I'll just create a queue and do all the uv_writes in the main thread, better safe than sorry
23:38:21  * Ldxngx_quit (Quit: leaving)
23:39:14  <hayes>trevnorris: looked into AL a bit more, and found a second easily reproducible bug. Is it worth opening an issue or a PR with test + fix against core?
23:39:32  * saghuljoined
23:39:47  <trevnorris>hayes: don't worry about core. AL is being removed.
23:40:17  <hayes>cool, I've got a patch for the shim, I'll just leave it all in there then
23:40:37  <hayes>here is the test if you are curious https://gist.github.com/hayes/e421f461011600173085
23:41:05  <M28>I had one check in "make check" fail when installing libuv on one of my servers... should I be worried?
23:41:29  <M28>if so, does it save that to any log file? where is it at?
23:44:12  * octetcloudquit (Ping timeout: 258 seconds)
23:44:54  <M28>it might have been because it was running the tests as root
23:45:14  <M28>`spawn_setuid_setgid` failed: exit code 6
23:45:14  <M28>Output from process `spawn_setuid_setgid`:
23:45:15  <M28>Assertion failed in test/test-spawn.c on line 1054: r == 0
23:45:26  <M28>that's probably it
23:56:29  * cjihrigjoined