1 files changed, 13 insertions, 2 deletions

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index 10221b99c3..41421e1988 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -7,6 +7,8 @@ const tls = require('tls');
 const util = require('util');
 const listenerCount = require('events').listenerCount;
 const common = require('_tls_common');
+const StreamWrap = require('_stream_wrap').StreamWrap;
+const Duplex = require('stream').Duplex;
 const debug = util.debuglog('tls');
 const Timer = process.binding('timer_wrap').Timer;
 const tls_wrap = process.binding('tls_wrap');
@@ -224,6 +226,10 @@ function TLSSocket(socket, options) {
   this.authorized = false;
   this.authorizationError = null;
 
+  // Wrap plain JS Stream into StreamWrap
+  if (!(socket instanceof net.Socket) && socket instanceof Duplex)
+    socket = new StreamWrap(socket);
+
   // Just a documented property to make secure sockets
   // distinguishable from regular ones.
   this.encrypted = true;
@@ -280,7 +286,8 @@ TLSSocket.prototype._wrapHandle = function(handle) {
   // Proxy HandleWrap, PipeWrap and TCPWrap methods
   proxiedMethods.forEach(function(name) {
     res[name] = function methodProxy() {
-      return handle[name].apply(handle, arguments);
+      if (handle[name])
+        return handle[name].apply(handle, arguments);
     };
   });
 
@@ -373,7 +380,7 @@ TLSSocket.prototype._init = function(socket) {
     this.setTimeout(options.handshakeTimeout, this._handleTimeout);
 
   // Socket already has some buffered data - emulate receiving it
-  if (socket && socket._readableState.length) {
+  if (socket && socket._readableState && socket._readableState.length) {
     var buf;
     while ((buf = socket.read()) !== null)
       ssl.receive(buf);
@@ -388,6 +395,10 @@ TLSSocket.prototype._init = function(socket) {
       self._connecting = false;
       self.emit('connect');
     });
+
+    socket.on('error', function(err) {
+      self._tlsError(err);
+    });
   }
 
   // Assume `tls.connect()`