mirrors/Nim
1
0
Fork 0
mirror of https://github.com/nim-lang/Nim.git synced 2026-02-16 16:14:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,318 Commits 80 Branches 69 Tags
c52612e1629fd613888cdc91db8449f27a5310af
Commit Graph

17318 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Leorize
c52612e162 wrappers/openssl: getOpenSSLVersion is gcsafe 
Yet another weird {.gcsafe.} triggering when it shouldn't.
 2020-06-04 00:12:26 -05:00
Leorize
27fa31b3da net: enable automatic EC curve selection for OpenSSL 1.0.2 
This setting is required for servers running OpenSSL < 1.1.0 to support
EC-based secure ciphers that is now part of the default cipher list.
 2020-06-04 00:01:13 -05:00
Leorize
794042080b wrappers/openssl: fix SSL_CTX_ctrl signature 2020-06-03 23:53:00 -05:00
Leorize
3f9134ee53 asyncnet: clear SSL error queue before performing I/O 
Follow up of 476be6cc27
 2020-06-03 23:48:24 -05:00
Leorize
f98074d1db changelog.md: clarify that only the default has changed [ci-skip] 2020-06-03 17:52:06 -05:00
Leorize
8235e3f1d5 ssl_config_parser: refactor for sanity reasons 2020-06-03 17:46:45 -05:00
Leorize
d6a7e41b78 untestable/thttpclient_ssl: some tests are no longer broken 
With the changes to the default cipher suites, certain tests are no
longer broken and are acting as they should.
 2020-06-03 17:39:17 -05:00
Leorize
21baa8ec15 untestable/thttpclient_ssl: move incomplete-chain to dubious_broken 
It's unsure why this test fail for macOS, but it doesn't hurt if it's
not passing.
 2020-06-03 17:25:10 -05:00
Leorize
5e17255f45 net: use a secure cipher list by default 
Previously, the `net` module use the blanket "ALL" as the default cipher
list. This list may contain security ciphers that are weak and/or outdated
according to the current standard.

This commit introduces a new module `ssl_config` that contains the
latest OpenSSL configurations as recommended by Mozilla OpSec, and
make the `net` module use the cipher list targeting `intermediate`
compatibility level as the default.
 2020-06-03 17:08:26 -05:00
Leorize
476be6cc27 asyncnet, net: clear openssl error queue before performing I/O 
Per SSL_get_error(3):

  The current thread's error queue must be empty before the TLS/SSL I/O
  operation is attempted, or SSL_get_error() will not work reliably.

There has been records of not clearing the error queue causing weird SSL
errors when there shouldn't be any, see:

https://github.com/openssl/openssl/issues/11889
 2020-06-03 15:14:45 -05:00
Leorize
b823b7c78f openssl: fix erroneous function signatures 
Now matches the declaration in openssl/err.h
 2020-06-03 14:53:02 -05:00
Leorize
232a04269a net: don't clear error queue unless shutdown() will be performed 2020-06-03 13:43:17 -05:00
Leorize
385636aa63 Revert "net: don't clear all errors on close" 
You're supposed to clear the error queue before any I/O operations. Per
SSL_get_error(3) man page.

This reverts commit ee3ed37300.
 2020-06-03 13:42:12 -05:00
Leorize
579a1327c1 thttpclient_ssl: be less specific 
The error we're looking for is "certificate verify failed". The routine
that reports this will be different between openssl versions, so it
makes no sense to track the routine name as well.
 2020-06-01 21:20:14 -05:00
Leorize
ee3ed37300 net: don't clear all errors on close 
Closing a socket clears the error queue of the entire thread, which
seems to be a bit too invasive.

Also I don't find any reason in the PR that added this.
 2020-06-01 20:32:42 -05:00
Leorize
d1d780dc9f untestable/thttpclient_ssl: fix macos 2020-06-01 18:15:11 -05:00
Leorize
845a9b28ca untestable/thttpclient_ssl: fix 10000-sans test 2020-06-01 17:58:55 -05:00
Leorize
4e307c1874 untestable/thttpclient_ssl: catch errors caused by the bad catergory 
Previously the errors caused by `SSL_shutdown()` masked these, so now we
catch them.
 2020-06-01 17:48:12 -05:00
Leorize
893b6176a5 asyncnet, net: call SSL_shutdown only when connection established 
This commit prevents "SSL_shutdown while in init" errors from happening.

See https://github.com/openssl/openssl/issues/710#issuecomment-253897666
 2020-06-01 17:27:04 -05:00
cooldome
e5b64af831 Implement rendering of []=, {}, {}= braces (#14539) 
* render curly braces
* fix typo
* fix test

Co-authored-by: cooldome <ariabushenko@bk.ru>
 2020-06-01 19:56:17 +02:00
Timothee Cour
3cf88c2b49 walkDirRecFilter, update doc CI filter, compiler/index.nim for docs + various other fixes (#14501) 
* update doc CI filter to include the files mostly likely to require doc rebuild
* remove code duplication in ./config/nimdoc.cfg; show link to compiler docs, various fixes
* walkDirRecFilter, factor nativeToUnixPath workaround
* glob for getRst2html
* docslocal: 40s to build all docs
* revert code dedup in github actions which did not work alas...
* fixups
 2020-06-01 19:21:41 +02:00
Andreas Rumpf
75e579ff8e parser.nim: minor refactorings (#14540) 2020-06-01 19:04:28 +02:00
Danil Yarantsev
3698f197f1 Change severity of template instantiation message [backport] (#14526) 
* Change severity of template instatiation msg

* Add a test

* Trailing newline argh
 2020-06-01 17:07:01 +02:00
Frank Paulo Filho
4bb301dbe2 Make build_all.sh file executable (#14518) 2020-06-01 15:57:16 +02:00
Timothee Cour
0a27cca4b5 runnableExamples: correctly handle multiline string litterals (#14492) 
* runnableExamples: correctly handle multiline string litterals

* address comments: improve doc comments + variable namings
 2020-06-01 15:56:29 +02:00
Andreas Rumpf
0db148163b fixes --warningAsError implementation (#14538) 2020-06-01 15:41:14 +02:00
Danil Yarantsev
00ec43305e Fix compiles for nimsuggest [backport] (#14527) 
* Handle nimsuggest in tryExpr
* Added test
 2020-06-01 15:06:45 +02:00
Khronos
5900d8442c Fix a problem with extra build commands. (#14528) 
When --compileOnly is on, extraCmds are not added to JsonBuildInstructions.

```
$ echo 'echo 123'>test.nim
$ nim c --debuginfo --nimcache:cache test
$ ls
cache test test.dSYM test.nim
$ tail -n3 cache/test.json
"extraCmds": ["dsymutil /Users/khronos31/src/tmp/test"],
"stdinInput": false
}
```

```
$ echo 'echo 123'>test.nim
$ nim c --debuginfo --nimcache:cache --compileOnly test
$ nim jsonscript --nimcache:cache test
$ ls
cache test test.nim
$ tail -n3 cache/test.json
"extraCmds": [],
"stdinInput": false
}
```
 2020-06-01 14:06:25 +02:00
Ico Doornekamp
0489e76da7 manual: removed subjective phrase from 'macros' section (#14536) 
Removed phrase "However, this is no real restriction because
Nim's syntax is flexible enough anyway." from the manual - I find it
very subjective, and I sometimes *do* find myself restricted by Nim's
syntax when writing DSLs
 2020-06-01 14:02:17 +02:00
Andreas Rumpf
8710395a0f fixes #14514 [backport:1.2] (#14533) 2020-06-01 12:33:13 +02:00
Danil Yarantsev
5d0cf883c1 Disable unused warnings for error await template too (#14531) 2020-06-01 11:56:07 +02:00
Timothee Cour
004b0759c5 fix CI doc windows: style error in lib/std/time_t.nim (#14523) 2020-05-31 14:57:16 -07:00
Danil Yarantsev
5150186c68 Disable unused warnings for await in async macro (#14517) 
* Disable unused warnings for await in async macro

* Remove used for the error template
 2020-05-31 12:43:27 +02:00
Araq
177c7f96e9 spec: be explicit that NRVO will evolve further 2020-05-30 19:55:01 +02:00
Araq
984af3d64e document NVRO and exception handling 2020-05-30 19:50:11 +02:00
Andreas Rumpf
52c3633223 warn about observerable stores but don't prevent them for 1.2.2 [backport:1.2]; refs https://github.com/nim-lang/RFCs/issues/230 (#14510) 2020-05-30 19:38:51 +02:00
Andreas Rumpf
7ccc7d7e93 fixes #14498 [backport:1.2] (#14503) 2020-05-30 15:32:31 +02:00
Andreas Rumpf
3105909f88 fixes #14495 [backport:1.2] (#14496) 2020-05-29 23:35:57 +02:00
Timothee Cour
cb6eb5268f enable compiler docs with their own index+search (#14493) 
* enable compiler docs (with its own index)
 2020-05-29 22:11:41 +02:00
Timothee Cour
63d1a0289e fix #14421 items uses lent T (#14447) 
* fix #14421 items uses lent T for seq + openArray
* add -d:nimWorkaround14447
* fix test
 2020-05-29 17:10:59 +02:00
Timothee Cour
e646c16e06 hotfix doc comments for procs without body (#14494) 2020-05-29 05:30:36 -07:00
Andreas Rumpf
e31ac81899 more checking for --gc:arc, no need for valgrind (#14467) 
* sigmatch: removed dead code
 2020-05-29 12:08:17 +02:00
Neelesh Chandola
4c08e64e98 disallow typedesc in arrays & move existing checks to types.typeAllowedAux (#13261) 
* disallow typedesc in arrays and move previous checks to types.typeAllowedAux
 2020-05-29 11:48:15 +02:00
Timothee Cour
579456d520 fix #14485 (#14487) 2020-05-28 19:00:36 -07:00
Timothee Cour
e013ebc91a fix #8871 runnableExamples now preserves source code comments, litterals, and all formatting; other bug fix (#14439) 
* fix #8871 runnableExamples now preserves source code comments, litterals, and all formatting
* remove orig deadcode from getAllRunnableExamplesImpl
* fix expected examples
* add test to close https://github.com/nim-lang/Nim/issues/14473
* correctly handle regular comments before 1st token inside runnableExamples
* add test to answer https://github.com/nim-lang/Nim/pull/14439#discussion_r431829199
* update tests
 2020-05-28 20:46:06 +02:00
Timothee Cour
17d08ff71c close #14284 document semantics for start for re,nre; improve examples (#14483) 2020-05-28 20:43:36 +02:00
Timothee Cour
fe7a2d60f9 make it easier to figure out how to debug issues (#14477) 2020-05-28 01:19:12 -07:00
Kaushal Modi
e62ccaa4dc Propagate the outDir to rstgen to fix hrefs for modules in subdirs (#14479) 2020-05-28 00:13:24 -07:00
Andreas Rumpf
1fc40db984 drnim improvements (#14471) 2020-05-27 18:14:24 +02:00
Huy Doan
00fa7a5747 Add thiscall calling convention, mostly for hooking purpose (#14466) 
* Add thiscall calling convention, mostly for hooking purpose
* add changelog and documentation
 2020-05-27 16:24:47 +02:00