tls: keep track of stream that is closed

TLSWrap object keeps a pointer reference to the underlying TCPWrap object. This TCPWrap object could be closed and deleted by the event-loop which leaves us with a dangling pointer. So the TLSWrap object needs to track the "close" event on the TCPWrap object. PR-URL: #11776 Reviewed-By: Fedor Indutny <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Brian White <[email protected]>

Author: jBarz

lib/_tls_wrap.js

@@ -391,6 +391,12 @@ TLSSocket.prototype._wrapHandle = function(wrap){
 res=null;
 });
 
+if(wrap){
+wrap.on('close',function(){
+res.onStreamClose();
+});
+}
+
 returnres;
 };
 

src/tls_wrap.cc

@@ -523,7 +523,7 @@ int TLSWrap::GetFD(){
 
 
 boolTLSWrap::IsAlive(){
-return ssl_ != nullptr && stream_->IsAlive();
+return ssl_ != nullptr && stream_ != nullptr && stream_->IsAlive();
 }
 
 
@@ -783,6 +783,14 @@ void TLSWrap::EnableSessionCallbacks(
 }
 
 
+voidTLSWrap::OnStreamClose(const FunctionCallbackInfo<Value>& args){
+ TLSWrap* wrap;
+ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+
+ wrap->stream_ = nullptr;
+}
+
+
 voidTLSWrap::DestroySSL(const FunctionCallbackInfo<Value>& args){
  TLSWrap* wrap;
 ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
@@ -913,6 +921,7 @@ void TLSWrap::Initialize(Local<Object> target,
  env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
  env->SetProtoMethod(t, "destroySSL", DestroySSL);
  env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
+ env->SetProtoMethod(t, "onStreamClose", OnStreamClose);
 
  StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
  SSLWrap<TLSWrap>::AddMethods(env, t);

src/tls_wrap.h

@@ -135,6 +135,7 @@ class TLSWrap : public AsyncWrap,
 staticvoidEnableCertCb(
 const v8::FunctionCallbackInfo<v8::Value>& args);
 staticvoidDestroySSL(const v8::FunctionCallbackInfo<v8::Value>& args);
+staticvoidOnStreamClose(const v8::FunctionCallbackInfo<v8::Value>& args);
 
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
 staticvoidGetServername(const v8::FunctionCallbackInfo<v8::Value>& args);

test/parallel/test-tls-socket-close.js

@@ -0,0 +1,43 @@
+'use strict';
+constcommon=require('../common');
+constassert=require('assert');
+
+consttls=require('tls');
+constfs=require('fs');
+constnet=require('net');
+
+constkey=fs.readFileSync(common.fixturesDir+'/keys/agent2-key.pem');
+constcert=fs.readFileSync(common.fixturesDir+'/keys/agent2-cert.pem');
+
+constT=100;
+
+// tls server
+consttlsServer=tls.createServer({ cert, key },(socket)=>{
+setTimeout(()=>{
+socket.on('error',(error)=>{
+assert.strictEqual(error.code,'EINVAL');
+tlsServer.close();
+netServer.close();
+});
+socket.write('bar');
+},T*2);
+});
+
+// plain tcp server
+constnetServer=net.createServer((socket)=>{
+// if client wants to use tls
+tlsServer.emit('connection',socket);
+
+socket.setTimeout(T,()=>{
+// this breaks if TLSSocket is already managing the socket:
+socket.destroy();
+});
+}).listen(0,common.mustCall(function(){
+
+// connect client
+tls.connect({
+host: 'localhost',
+port: this.address().port,
+rejectUnauthorized: false
+}).write('foo');
+}));