diff options
| author | Fedor Indutny <fedor@indutny.com> | 2015-04-26 14:19:38 +0200 |
|---|---|---|
| committer | Fedor Indutny <fedor@indutny.com> | 2015-04-30 11:02:26 +0200 |
| commit | 2684c902c4ff90711e57e787c5bfe0bac33bcd49 (patch) | |
| tree | 6a68650b9a5fd30ce3db86a36ee738c3617dbfd4 /lib | |
| parent | e6874dd0f9c62a515b64ed35a4806f667152b6ec (diff) | |
| download | android-node-v8-2684c902c4ff90711e57e787c5bfe0bac33bcd49.tar.gz android-node-v8-2684c902c4ff90711e57e787c5bfe0bac33bcd49.tar.bz2 android-node-v8-2684c902c4ff90711e57e787c5bfe0bac33bcd49.zip | |
tls: zero SSL_CTX freelist for a singleUse socket
When connecting to server with `keepAlive` turned off - make sure that
the read/write buffers won't be kept in a single use SSL_CTX instance
after the socket will be destroyed.
Fix: https://github.com/iojs/io.js/issues/1522
PR-URL: https://github.com/iojs/io.js/pull/1529
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/_tls_common.js | 4 | ||||
| -rw-r--r-- | lib/_tls_wrap.js | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/lib/_tls_common.js b/lib/_tls_common.js index 2c15d91df8..3040b3a5b4 100644 --- a/lib/_tls_common.js +++ b/lib/_tls_common.js @@ -133,6 +133,10 @@ exports.createSecureContext = function createSecureContext(options, context) { } } + // Do not keep read/write buffers in free list + if (options.singleUse) + c.context.setFreeListLength(0); + return c; }; diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index 84b02a731b..7f83e2f759 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -862,6 +862,8 @@ exports.connect = function(/* [port, host], options, cb */) { }; options = util._extend(defaults, options || {}); + if (!options.keepAlive) + options.singleUse = true; assert(typeof options.checkServerIdentity === 'function'); |