These tests seem to trigger failures in the entire CI job (not just the
test) on AIX. Skip them to see if that helps alleviate spurious failures
in node-test-commit-aix (and the upstream PR and commit test jobs).

See:
- nodejs/build#1820 (comment)
- nodejs/build#1847 (comment)

PR-URL: #28469
Backport-PR-URL: #29599
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

Add SKIP status for more tests in stringbytes-external-exceed-max that
are failing on AIX.

PR-URL: #28516
Backport-PR-URL: #29599
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

Some pty tests persistently hung on the AIX CI buildbots. Fix that by
adding a helper script that properly sets up the pty before spawning
the script under test.

On investigation I discovered that the test runner hung when it tried
to close the slave pty's file descriptor, probably due to a bug in
AIX's pty implementation. I could reproduce it with a short C program.
The test runner also leaked file descriptors to the child process.

I couldn't convince python's `subprocess.Popen()` to do what I wanted
it to do so I opted to move the logic to a helper script that can do
fork/setsid/etc. without having to worry about stomping on state in
tools/test.py.

In the process I also uncovered some bugs in the pty module of the
python distro that ships with macOS 10.14, leading me to reimplement
a sizable chunk of the functionality of that module.

And last but not least, of course there are differences between ptys
on different platforms and the helper script has to paper over that.
Of course.

Really, this commit took me longer to put together than I care to admit.

Caveat emptor: this commit takes the hacky ^D feeding to the slave out
of tools/test.py and puts it in the *.in input files. You can also feed
other control characters to tests, like ^C or ^Z, simply by inserting
them into the corresponding input file. I think that's nice.

Fixes: nodejs/build#1820
Fixes: #28489

PR-URL: #28600
Backport-PR-URL: #29599
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>

Assumption that if memory can be malloc()ed it can be used is not true
on AIX. Later access of the allocated pages can trigger SIGKILL if there
are insufficient VM pages.

Use psdanger() to better estimate available memory.

Fixes: nodejs/build#1849

More info:
- https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/generalprogramming/sys_mem_alloc.html
- https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/p_bostechref/psdanger.html

Related to:
- nodejs/build#1820 (comment)
- #28469
- #28516

PR-URL: #28857
Backport-PR-URL: #29599
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

One skipped test remains, it creates very large Buffer objects,
triggering the AIX OOM to kill node and its parent processes.

See: nodejs/build#1849 (comment)

PR-URL: #29054
Backport-PR-URL: #29599
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>

Original commit message:

    [turbofan] Fix NumberFloor typing.

    Bug: chromium:841117
    Change-Id: I1e83dfc82f87d0b49d3cca96290ae1d738e37d20
    Reviewed-on: https://chromium-review.googlesource.com/1051228
    Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
    Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#53083}

Refs: v8/v8@d520ebb
Fixes: #22810

PR-URL: #27358
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann (רפאל פלחי) <refack@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>

This is the certdata.txt[0] from NSS 3.41, released on 2018-12-03.

This is the version of NSS that will ship in Firefox 65 on 2018-12-11.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_41_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #25113
Backport-PR-URL: #29137
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

This is the certdata.txt[0] from NSS 3.43, released on 2019-03-15.

This is the version of NSS that will ship in Firefox 67 on
2019-03-19.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_43_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #27374
Backport-PR-URL: #29137
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

This is the certdata.txt[0] from NSS 3.45, released on 2019-07-05.

This is the version of NSS that will ship in Firefox 69 on
2019-09-03.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_45_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #28808
Backport-PR-URL: #29137
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- GlobalSign Root CA - R6
- OISTE WISeKey Global Root GC CA
- GTS Root R1
- GTS Root R2
- GTS Root R3
- GTS Root R4
- UCA Global G2 Root
- UCA Extended Validation Root
- Certigna Root CA

Certificates removed:
- Visa eCommerce Root
- TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
- Certplus Root CA G1
- Certplus Root CA G2
- OpenTrust Root CA G1
- OpenTrust Root CA G2
- OpenTrust Root CA G3

PR-URL: #25113
Backport-PR-URL: #29137
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- emSign Root CA - G1
- emSign ECC Root CA - G3
- emSign Root CA - C1
- emSign ECC Root CA - C3
- Hongkong Post Root CA 3

PR-URL: #27374
Backport-PR-URL: #29137
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

This is a partial backport of commit f1a3968 ("tls: expose built-in
root certificates") from the master branch. The original commit adds a
new API, this commit just backports the non-visible changes to ease
backporting follow-up commits.

PR-URL: #26415
Backport-PR-URL: #29137
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ron Korving <ron@ronkorving.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>

Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added: (none)

Certificates removed:
- Certinomis - Root CA

PR-URL: #28808
Backport-PR-URL: #29137
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Prevent the `'error'` event from being emitted multiple times if
`writable.destroy()` is called with an error before the `_destroy()`
callback is called.

Emit the first error, discard all others.

PR-URL: #26057
Backport-PR-URL: #28000
Fixes: #26015
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>

PR-URL: #28230
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>

PR-URL: #28230
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>

`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and
perhaps others) are requiring .686 .

Fixes: #589
Backport-PR-URL: #28230
PR-URL: #1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

See
https://mta.openssl.org/pipermail/openssl-dev/2015-February/000651.html

iojs needs to stop using masm and move to nasm or yasm on Win32.

Fixes: #589
Backport-PR-URL: #28230
PR-URL: #1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

Reapply b910613 .

Fixes: #589
Backport-PR-URL: #28230
PR-URL: #1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.

Fixes: #1461
Backport-PR-URL: #28230
PR-URL: #1836
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

socket.parser can be undefined under unknown circumstances.
This is a fix for a bug I cannot reproduce but it is affecting
people.

Fixes: #26366

PR-URL: #26402
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

When CMD is used to launch a process and CMD is killed too quickly,
the process can stay behind running in suspended state, never
completing. This only happens in Windows Server 2008R2.

Refs: nodejs/build#1829

PR-URL: #28723
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Do not crash when the session is no longer available.

Fixes: #29457

PR-URL: #29459
Backport-PR-URL: #29618
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Don’t start reading more input data if we’re still busy writing output.
This was overlooked in 8a4a193.

Fixes: #29353
Fixes: #29393

PR-URL: #29399
Backport-PR-URL: #29618
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Node.js 8 is due to go End-of-Life on 31st December 2019.

Notable changes:

- **deps**: upgrade openssl sources to 1.0.2s (Sam Roberts)
  [#28230](#28230)

PR-URL: #29617