crypto: track external memory for SSL structures

Ensure that GC kicks in at the right times and the RSS does not blow up.

Fix: #1522
PR-URL: #1529
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

src/node_crypto.cc

@@ -1878,6 +1878,7 @@ void SSLWrap<Base>::DestroySSL() {
     return;
 
   SSL_free(ssl_);
+  env_->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
   ssl_ = nullptr;
 }
 

src/node_crypto.h

@@ -64,6 +64,7 @@ class SecureContext : public BaseObject {
   static const int kMaxSessionSize = 10 * 1024;
 
  protected:
+  static const int64_t kExternalSize = sizeof(SSL_CTX);
 
   static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
@@ -97,10 +98,12 @@ class SecureContext : public BaseObject {
         cert_(nullptr),
         issuer_(nullptr) {
     MakeWeak<SecureContext>(this);
+    env->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
   }
 
   void FreeCTXMem() {
     if (ctx_) {
+      env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
       if (ctx_->cert_store == root_cert_store) {
         // SSL_CTX_free() will attempt to free the cert_store as well.
         // Since we want our root_cert_store to stay around forever
@@ -140,6 +143,7 @@ class SSLWrap {
         session_callbacks_(false),
         new_session_wait_(false) {
     ssl_ = SSL_new(sc->ctx_);
+    env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
     CHECK_NE(ssl_, nullptr);
   }
 
@@ -166,6 +170,12 @@ class SSLWrap {
   inline bool is_waiting_new_session() const { return new_session_wait_; }
 
  protected:
+  // Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
+  // some for buffers.
+  // NOTE: Actually it is much more than this
+  static const int64_t kExternalSize =
+      sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
+
   static void InitNPN(SecureContext* sc);
   static void AddMethods(Environment* env, v8::Handle<v8::FunctionTemplate> t);