Merge branch 'v0.4'

Conflicts:
	src/node_version.h
	test/simple/test-buffer.js

4 files changed, 56 insertions, 39 deletions

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 46bd4b76c8..14b267fb2c 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -131,8 +131,7 @@ Handle<Value> SecureContext::Init(const Arguments& args) {
   SSL_CTX_set_session_cache_mode(sc->ctx_, SSL_SESS_CACHE_SERVER);
   // SSL_CTX_set_session_cache_mode(sc->ctx_,SSL_SESS_CACHE_OFF);
 
-  sc->ca_store_ = X509_STORE_new();
-  SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_);
+  sc->ca_store_ = NULL;
   return True();
 }
 
@@ -311,6 +310,7 @@ Handle<Value> SecureContext::SetCert(const Arguments& args) {
 
 
 Handle<Value> SecureContext::AddCACert(const Arguments& args) {
+  bool newCAStore = false;
   HandleScope scope;
 
   SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
@@ -319,6 +319,11 @@ Handle<Value> SecureContext::AddCACert(const Arguments& args) {
     return ThrowException(Exception::TypeError(String::New("Bad parameter")));
   }
 
+  if (!sc->ca_store_) {
+    sc->ca_store_ = X509_STORE_new();
+    newCAStore = true;
+  }
+
   X509* x509 = LoadX509(args[0]);
   if (!x509) return False();
 
@@ -327,6 +332,10 @@ Handle<Value> SecureContext::AddCACert(const Arguments& args) {
 
   X509_free(x509);
 
+  if (newCAStore) {
+    SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_);
+  }
+
   return True();
 }
 
@@ -362,33 +371,42 @@ Handle<Value> SecureContext::AddCRL(const Arguments& args) {
 }
 
 
+
 Handle<Value> SecureContext::AddRootCerts(const Arguments& args) {
   HandleScope scope;
 
   SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
 
-  for (int i = 0; root_certs[i]; i++) {
-    // TODO: reuse bp ?
-    BIO *bp = BIO_new(BIO_s_mem());
+  assert(sc->ca_store_ == NULL);
 
-    if (!BIO_write(bp, root_certs[i], strlen(root_certs[i]))) {
-      BIO_free(bp);
-      return False();
-    }
+  if (!root_cert_store) {
+    root_cert_store = X509_STORE_new();
 
-    X509 *x509 = PEM_read_bio_X509(bp, NULL, NULL, NULL);
+    for (int i = 0; root_certs[i]; i++) {
+      BIO *bp = BIO_new(BIO_s_mem());
 
-    if (x509 == NULL) {
-      BIO_free(bp);
-      return False();
-    }
+      if (!BIO_write(bp, root_certs[i], strlen(root_certs[i]))) {
+        BIO_free(bp);
+        return False();
+      }
 
-    X509_STORE_add_cert(sc->ca_store_, x509);
+      X509 *x509 = PEM_read_bio_X509(bp, NULL, NULL, NULL);
 
-    BIO_free(bp);
-    X509_free(x509);
+      if (x509 == NULL) {
+        BIO_free(bp);
+        return False();
+      }
+
+      X509_STORE_add_cert(root_cert_store, x509);
+
+      BIO_free(bp);
+      X509_free(x509);
+    }
   }
 
+  sc->ca_store_ = root_cert_store;
+  SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_);
+
   return True();
 }
 
@@ -411,19 +429,12 @@ Handle<Value> SecureContext::SetCiphers(const Arguments& args) {
 
 Handle<Value> SecureContext::Close(const Arguments& args) {
   HandleScope scope;
-
   SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
-
-  if (sc->ctx_ != NULL) {
-    SSL_CTX_free(sc->ctx_);
-    sc->ctx_ = NULL;
-    sc->ca_store_ = NULL;
-    return True();
-  }
-
+  sc->FreeCTXMem();
   return False();
 }
 
+
 #ifdef SSL_PRINT_DEBUG
 # define DEBUG_PRINT(...) fprintf (stderr, __VA_ARGS__)
 #else
diff --git a/src/node_crypto.h b/src/node_crypto.h
index 539353a1cf..9399bc0a7e 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -39,11 +39,14 @@
 namespace node {
 namespace crypto {
 
+static X509_STORE* root_cert_store;
+
 class SecureContext : ObjectWrap {
  public:
   static void Initialize(v8::Handle<v8::Object> target);
 
   SSL_CTX *ctx_;
+  // TODO: ca_store_ should probably be removed, it's not used anywhere.
   X509_STORE *ca_store_;
 
  protected:
@@ -62,8 +65,15 @@ class SecureContext : ObjectWrap {
     ca_store_ = NULL;
   }
 
-  ~SecureContext() {
+  void FreeCTXMem() {
     if (ctx_) {
+      if (ctx_->cert_store == root_cert_store) {
+        // SSL_CTX_free() will attempt to free the cert_store as well.
+        // Since we want our root_cert_store to stay around forever
+        // we just clear the field. Hopefully OpenSSL will not modify this
+        // struct in future versions.
+        ctx_->cert_store = NULL;
+      }
       SSL_CTX_free(ctx_);
       ctx_ = NULL;
       ca_store_ = NULL;
@@ -72,6 +82,10 @@ class SecureContext : ObjectWrap {
     }
   }
 
+  ~SecureContext() {
+    FreeCTXMem();
+  }
+
  private:
 };
 
diff --git a/src/node_file.cc b/src/node_file.cc
index 8b7f374195..ba24be1c4a 100644
--- a/src/node_file.cc
+++ b/src/node_file.cc
@@ -713,9 +713,6 @@ static Handle<Value> Write(const Arguments& args) {
   Local<Value> cb = args[5];
 
   if (cb->IsFunction()) {
-    // Grab a reference to buffer so it isn't GCed
-    Local<Object> cb_obj = cb->ToObject();
-    cb_obj->Set(buf_symbol, buffer_obj);
 
     ASYNC_CALL(write, cb, fd, buf, len, pos)
   } else {
@@ -781,10 +778,6 @@ static Handle<Value> Read(const Arguments& args) {
   cb = args[5];
 
   if (cb->IsFunction()) {
-    // Grab a reference to buffer so it isn't GCed
-    // TODO: need test coverage
-    Local<Object> cb_obj = cb->ToObject();
-    cb_obj->Set(buf_symbol, buffer_obj);
 
     ASYNC_CALL(read, cb, fd, buf, len, pos);
   } else {
diff --git a/src/node_stdio.cc b/src/node_stdio.cc
index 00bdd86506..f744e3f7cf 100644
--- a/src/node_stdio.cc
+++ b/src/node_stdio.cc
@@ -165,13 +165,12 @@ static Handle<Value> IsATTY (const Arguments& args) {
 
 
 /* STDERR IS ALWAY SYNC ALWAYS UTF8 */
-static Handle<Value>
-WriteError (const Arguments& args)
-{
+static Handle<Value> WriteError (const Arguments& args) {
   HandleScope scope;
 
-  if (args.Length() < 1)
+  if (args.Length() < 1) {
     return Undefined();
+  }
 
   String::Utf8Value msg(args[0]->ToString());
 
@@ -189,7 +188,7 @@ WriteError (const Arguments& args)
     written += (size_t)r;
   }
 
-  return Undefined();
+  return True();
 }