3 files changed, 20 insertions, 5 deletions

diff --git a/libs/nixio/src/openssl-compat.c b/libs/nixio/src/openssl-compat.c
index ee7600c08..2c5b746c2 100644
--- a/libs/nixio/src/openssl-compat.c
+++ b/libs/nixio/src/openssl-compat.c
@@ -264,7 +264,7 @@ int SSL_CTX_set_cipher_list(SSL_CTX *s, const char *str)
 int SSL_get_error(const SSL *ssl, int ret)
 {
     ssl_display_error(ret);
-    return 0;   /* TODO: return proper return code */
+    return ret;   /* TODO: return proper return code */
 }
 
 void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
diff --git a/libs/nixio/src/tls-context.c b/libs/nixio/src/tls-context.c
index ff3feeb4d..c55517630 100644
--- a/libs/nixio/src/tls-context.c
+++ b/libs/nixio/src/tls-context.c
@@ -74,6 +74,7 @@ static int nixio_tls_ctx_create(lua_State *L) {
 	SSL_CTX *ctx = nixio__checktlsctx(L);
 	int fd = nixio__checkfd(L, 2);
 
+	lua_createtable(L, 0, 3);
 	nixio_tls_sock *sock = lua_newuserdata(L, sizeof(nixio_tls_sock));
 	if (!sock) {
 		return luaL_error(L, "out of memory");
@@ -82,7 +83,8 @@ static int nixio_tls_ctx_create(lua_State *L) {
 
 	/* create userdata */
 	luaL_getmetatable(L, NIXIO_TLS_SOCK_META);
-	lua_setmetatable(L, -2);
+	lua_pushvalue(L, -1);
+	lua_setmetatable(L, -3);
 
 	sock->socket = SSL_new(ctx);
 	if (!sock->socket) {
@@ -93,6 +95,16 @@ static int nixio_tls_ctx_create(lua_State *L) {
 		return nixio__tls_perror(L, 0);
 	}
 
+	/* save context and socket to prevent GC from collecting them */
+	lua_setmetatable(L, -3);
+	lua_setfield(L, -2, "connection");
+
+	lua_pushvalue(L, 1);
+	lua_setfield(L, -2, "context");
+
+	lua_pushvalue(L, 2);
+	lua_setfield(L, -2, "socket");
+
 	return 1;
 }
 
diff --git a/libs/nixio/src/tls-socket.c b/libs/nixio/src/tls-socket.c
index b26d140b4..b0cfb5c3f 100644
--- a/libs/nixio/src/tls-socket.c
+++ b/libs/nixio/src/tls-socket.c
@@ -22,9 +22,8 @@
 
 static int nixio__tls_sock_perror(lua_State *L, SSL *sock, int code) {
 	lua_pushnil(L);
-	lua_pushinteger(L, code);
 	lua_pushinteger(L, SSL_get_error(sock, code));
-	return 3;
+	return 2;
 }
 
 static int nixio__tls_sock_pstatus(lua_State *L, SSL *sock, int code) {
@@ -37,6 +36,10 @@ static int nixio__tls_sock_pstatus(lua_State *L, SSL *sock, int code) {
 }
 
 static SSL* nixio__checktlssock(lua_State *L) {
+	if (lua_istable(L, 1)) {
+		lua_getfield(L, 1, "connection");
+		lua_replace(L, 1);
+	}
 	nixio_tls_sock *sock = luaL_checkudata(L, 1, NIXIO_TLS_SOCK_META);
 	luaL_argcheck(L, sock->socket, 1, "invalid context");
 	return sock->socket;
@@ -186,7 +189,7 @@ static int nixio_tls_sock__gc(lua_State *L) {
 
 static int nixio_tls_sock__tostring(lua_State *L) {
 	SSL *sock = nixio__checktlssock(L);
-	lua_pushfstring(L, "nixio TLS socket: %p", sock);
+	lua_pushfstring(L, "nixio TLS connection: %p", sock);
 	return 1;
 }