nodejs
diff --git a/Collapse file
‎lib/_tls_wrap.js‎
Copy file name to clipboardExpand all lines: lib/_tls_wrap.js
+6Lines changed: 6 additions & 0 deletions b/Collapse file
‎lib/_tls_wrap.js‎
Copy file name to clipboardExpand all lines: lib/_tls_wrap.js
+6Lines changed: 6 additions & 0 deletions
diff --git a/Collapse file
‎src/tls_wrap.cc‎
Copy file name to clipboardExpand all lines: src/tls_wrap.cc
+10-1Lines changed: 10 additions & 1 deletion b/Collapse file
‎src/tls_wrap.cc‎
Copy file name to clipboardExpand all lines: src/tls_wrap.cc
+10-1Lines changed: 10 additions & 1 deletion
diff --git a/Collapse file
‎src/tls_wrap.h‎
Copy file name to clipboardExpand all lines: src/tls_wrap.h
+1Lines changed: 1 addition & 0 deletions b/Collapse file
‎src/tls_wrap.h‎
Copy file name to clipboardExpand all lines: src/tls_wrap.h
+1Lines changed: 1 addition & 0 deletions
diff --git a/Collapse file
‎test/parallel/test-tls-socket-close.js‎
Copy file name to clipboard
+43Lines changed: 43 additions & 0 deletions b/Collapse file
‎test/parallel/test-tls-socket-close.js‎
Copy file name to clipboard
+43Lines changed: 43 additions & 0 deletions
@@ -391,6 +391,12 @@ TLSSocket.prototype._wrapHandle = function(wrap) {
     res = null;
   });
 
+  if (wrap) {
+    wrap.on('close', function() {
+      res.onStreamClose();
+    });
+  }
+
   return res;
 };
 
 
@@ -523,7 +523,7 @@ int TLSWrap::GetFD() {
 
 
 bool TLSWrap::IsAlive() {
-  return ssl_ != nullptr && stream_->IsAlive();
+  return ssl_ != nullptr && stream_ != nullptr && stream_->IsAlive();
 }
 
 
@@ -783,6 +783,14 @@ void TLSWrap::EnableSessionCallbacks(
 }
 
 
+void TLSWrap::OnStreamClose(const FunctionCallbackInfo<Value>& args) {
+  TLSWrap* wrap;
+  ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
+
+  wrap->stream_ = nullptr;
+}
+
+
 void TLSWrap::DestroySSL(const FunctionCallbackInfo<Value>& args) {
   TLSWrap* wrap;
   ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
@@ -913,6 +921,7 @@ void TLSWrap::Initialize(Local<Object> target,
   env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
   env->SetProtoMethod(t, "destroySSL", DestroySSL);
   env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
+  env->SetProtoMethod(t, "onStreamClose", OnStreamClose);
 
   StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
   SSLWrap<TLSWrap>::AddMethods(env, t);
 
@@ -135,6 +135,7 @@ class TLSWrap : public AsyncWrap,
   static void EnableCertCb(
       const v8::FunctionCallbackInfo<v8::Value>& args);
   static void DestroySSL(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void OnStreamClose(const v8::FunctionCallbackInfo<v8::Value>& args);
 
 #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
   static void GetServername(const v8::FunctionCallbackInfo<v8::Value>& args);
 
@@ -0,0 +1,43 @@
+'use strict';
+const common = require('../common');
+const assert = require('assert');
+
+const tls = require('tls');
+const fs = require('fs');
+const net = require('net');
+
+const key = fs.readFileSync(common.fixturesDir + '/keys/agent2-key.pem');
+const cert = fs.readFileSync(common.fixturesDir + '/keys/agent2-cert.pem');
+
+const T = 100;
+
+// tls server
+const tlsServer = tls.createServer({ cert, key }, (socket) => {
+  setTimeout(() => {
+    socket.on('error', (error) => {
+      assert.strictEqual(error.code, 'EINVAL');
+      tlsServer.close();
+      netServer.close();
+    });
+    socket.write('bar');
+  }, T * 2);
+});
+
+// plain tcp server
+const netServer = net.createServer((socket) => {
+    // if client wants to use tls
+  tlsServer.emit('connection', socket);
+
+  socket.setTimeout(T, () => {
+    // this breaks if TLSSocket is already managing the socket:
+    socket.destroy();
+  });
+}).listen(0, common.mustCall(function() {
+
+  // connect client
+  tls.connect({
+    host: 'localhost',
+    port: this.address().port,
+    rejectUnauthorized: false
+  }).write('foo');
+}));