From 2e1ae3ead1a3bb7edb8bdb0e717135207d3bfd12 Mon Sep 17 00:00:00 2001
From: Alexander Penev <alexander.penev@sap.com>
Date: Mon, 14 Mar 2016 17:56:02 +0200
Subject: [PATCH] https: fix ssl socket leak when keepalive is used
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

SSL sockets leak whenever keep alive is enabled, ca option is set in
the global agent, and requests are sent without the ca property.
In the following case at Agent.prototype.createSocket a socket will
be created with a hashtag name that includes data from the global
agents’ ca property.

On subsequent requests at Agent.prototype.addRequest we do not find
the free socket, because the hashtag name generated there does not
take into account the global agents’ ca property, thus creating a new
socket and leaving the first socket to timeout. closes: #5699

PR-URL: https://github.com/nodejs/node/pull/5713
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 lib/_http_agent.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/_http_agent.js b/lib/_http_agent.js
index 58289277862..fd74daafec6 100644
--- a/lib/_http_agent.js
+++ b/lib/_http_agent.js
@@ -115,6 +115,9 @@ Agent.prototype.addRequest = function(req, options) {
     };
   }
 
+  options = util._extend({}, options);
+  options = util._extend(options, this.options);
+
   var name = this.getName(options);
   if (!this.sockets[name]) {
     this.sockets[name] = [];