tls: make slab buffer's size configurable

see #4636

Author: indutny

doc/api/tls.markdown

@@ -214,6 +214,15 @@ You can test this server by connecting to it with `openssl s_client`:
     openssl s_client -connect 127.0.0.1:8000
 
 
+## tls.SLAB_BUFFER_SIZE
+
+Size of slab buffer used by all tls servers and clients.
+Default: `10 * 1024 * 1024`.
+
+
+Don't change the defaults unless you know what you are doing.
+
+
 ## tls.connect(options, [callback])
 ## tls.connect(port, [host], [options], [callback])
 

lib/tls.js

@@ -39,6 +39,8 @@ var DEFAULT_CIPHERS = 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:' + // TLS 1.2
 exports.CLIENT_RENEG_LIMIT = 3;
 exports.CLIENT_RENEG_WINDOW = 600;
 
+exports.SLAB_BUFFER_SIZE = 10 * 1024 * 1024;
+
 
 var debug;
 if (process.env.NODE_DEBUG && /tls/.test(process.env.NODE_DEBUG)) {
@@ -201,7 +203,7 @@ function SlabBuffer() {
 
 SlabBuffer.prototype.create = function create() {
   this.isFull = false;
-  this.pool = new Buffer(10 * 1024 * 1024);
+  this.pool = new Buffer(exports.SLAB_BUFFER_SIZE);
   this.offset = 0;
   this.remaining = this.pool.length;
 };
@@ -226,7 +228,7 @@ SlabBuffer.prototype.use = function use(context, fn) {
 };
 
 
-var slabBuffer = new SlabBuffer();
+var slabBuffer = null;
 
 
 // Base class of both CleartextStream and EncryptedStream
@@ -242,6 +244,7 @@ function CryptoStream(pair) {
   this._pending = [];
   this._pendingCallbacks = [];
   this._pendingBytes = 0;
+  if (slabBuffer === null) slabBuffer = new SlabBuffer();
   this._buffer = slabBuffer;
 }
 util.inherits(CryptoStream, Stream);

test/simple/test-tls-server-slab.js

@@ -0,0 +1,66 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+var common = require('../common');
+var assert = require('assert');
+var tls = require('tls');
+var fs = require('fs');
+
+var clientConnected = 0;
+var serverConnected = 0;
+
+var options = {
+  key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'),
+  cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem')
+};
+
+tls.SLAB_BUFFER_SIZE = 100 * 1024;
+
+var server = tls.Server(options, function(socket) {
+  assert(socket._buffer.pool.length == tls.SLAB_BUFFER_SIZE);
+  if (++serverConnected === 2) {
+    server.close();
+  }
+});
+
+server.listen(common.PORT, function() {
+  var client1 = tls.connect({
+    port: common.PORT,
+    rejectUnauthorized: false
+  }, function() {
+    ++clientConnected;
+    client1.end();
+  });
+
+  var client2 = tls.connect({
+    port: common.PORT,
+    rejectUnauthorized: false
+  });
+  client2.on('secureConnect', function() {
+    ++clientConnected;
+    client2.end();
+  });
+});
+
+process.on('exit', function() {
+  assert.equal(clientConnected, 2);
+  assert.equal(serverConnected, 2);
+});