From 2684c902c4ff90711e57e787c5bfe0bac33bcd49 Mon Sep 17 00:00:00 2001
From: Fedor Indutny <fedor@indutny.com>
Date: Sun, 26 Apr 2015 14:19:38 +0200
Subject: tls: zero SSL_CTX freelist for a singleUse socket

When connecting to server with `keepAlive` turned off - make sure that
the read/write buffers won't be kept in a single use SSL_CTX instance
after the socket will be destroyed.

Fix: https://github.com/iojs/io.js/issues/1522
PR-URL: https://github.com/iojs/io.js/pull/1529
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
---
 lib/_tls_common.js | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib/_tls_common.js')

diff --git a/lib/_tls_common.js b/lib/_tls_common.js
index 2c15d91df8..3040b3a5b4 100644
--- a/lib/_tls_common.js
+++ b/lib/_tls_common.js
@@ -133,6 +133,10 @@ exports.createSecureContext = function createSecureContext(options, context) {
     }
   }
 
+  // Do not keep read/write buffers in free list
+  if (options.singleUse)
+    c.context.setFreeListLength(0);
+
   return c;
 };
 
-- 
cgit v1.2.3