From b72e4bc596282a13a53e50d5ce48df007164a97d Mon Sep 17 00:00:00 2001
From: Fedor Indutny <fedor@indutny.com>
Date: Mon, 27 Apr 2015 09:39:48 +0200
Subject: [PATCH] tls: destroy singleUse context immediately

Destroy singleUse context right after it is going out of use.

Fix: https://github.com/iojs/io.js/issues/1522
PR-URL: https://github.com/iojs/io.js/pull/1529
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
---
 lib/_tls_common.js | 4 +++-
 lib/_tls_wrap.js   | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/_tls_common.js b/lib/_tls_common.js
index 3040b3a5b40c9f..d857717dabae15 100644
--- a/lib/_tls_common.js
+++ b/lib/_tls_common.js
@@ -134,8 +134,10 @@ exports.createSecureContext = function createSecureContext(options, context) {
   }
 
   // Do not keep read/write buffers in free list
-  if (options.singleUse)
+  if (options.singleUse) {
+    c.singleUse = true;
     c.context.setFreeListLength(0);
+  }
 
   return c;
 };
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index d4774312dcad6a..deb9b5ae6bfa8e 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -301,7 +301,9 @@ TLSSocket.prototype._wrapHandle = function(handle) {
 };
 
 TLSSocket.prototype._destroySSL = function _destroySSL() {
-  return this.ssl.destroySSL();
+  this.ssl.destroySSL();
+  if (this.ssl._secureContext.singleUse)
+    this.ssl._secureContext.context.close();
 };
 
 TLSSocket.prototype._init = function(socket, wrap) {