From 7401789862424b6e61ab0f7b07db4149888fc824 Mon Sep 17 00:00:00 2001
From: Victor Vieux <vieux@docker.com>
Date: Tue, 10 Feb 2015 01:32:16 +0000
Subject: [PATCH] closeIdleConnections to prevent leaks with https

Signed-off-by: Victor Vieux <vieux@docker.com>
---
 api/api.go   |  5 +++++
 api/utils.go | 10 ++++++++++
 2 files changed, 15 insertions(+)

diff --git a/api/api.go b/api/api.go
index c329e06557..01dece36cf 100644
--- a/api/api.go
+++ b/api/api.go
@@ -180,6 +180,11 @@ func getContainerJSON(c *context, w http.ResponseWriter, r *http.Request) {
 		httpError(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+
+	// cleanup
+	defer resp.Body.Close()
+	defer closeIdleConnections(client)
+
 	data, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		httpError(w, err.Error(), http.StatusInternalServerError)
diff --git a/api/utils.go b/api/utils.go
index 546592619c..feb094a212 100644
--- a/api/utils.go
+++ b/api/utils.go
@@ -50,6 +50,13 @@ func copyHeader(dst, src http.Header) {
 	}
 }
 
+// prevents leak with https
+func closeIdleConnections(client *http.Client) {
+	if tr, ok := client.Transport.(*http.Transport); ok {
+		tr.CloseIdleConnections()
+	}
+}
+
 func proxyAsync(tlsConfig *tls.Config, addr string, w http.ResponseWriter, r *http.Request, callback func(*http.Response)) error {
 	// Use a new client for each request
 	client, scheme := newClientAndScheme(tlsConfig)
@@ -72,7 +79,10 @@ func proxyAsync(tlsConfig *tls.Config, addr string, w http.ResponseWriter, r *ht
 	copyHeader(w.Header(), resp.Header)
 	w.WriteHeader(resp.StatusCode)
 	io.Copy(NewWriteFlusher(w), resp.Body)
+
+	// cleanup
 	resp.Body.Close()
+	closeIdleConnections(client)
 
 	return nil
 }