From 5cd42a0316b528fca61482ef41b6d75431e8f399 Mon Sep 17 00:00:00 2001
From: Ivan Grokhotkov <igrokhotkov@gmail.com>
Date: Wed, 9 Dec 2015 09:23:47 +0300
Subject: [PATCH] WiFiClientSecure: don't trash certificate and private key on
 stop()

---
 libraries/ESP8266WiFi/src/WiFiClientSecure.cpp | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
index 247701acd..997fe5ccb 100644
--- a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
+++ b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
@@ -53,7 +53,7 @@ extern "C"
 uint8_t* default_private_key = 0;
 uint32_t default_private_key_len = 0;
 static bool default_private_key_dynamic = false;
-//
+static int s_pk_refcnt = 0;
 uint8_t* default_certificate = 0;
 uint32_t default_certificate_len = 0;
 static bool default_certificate_dynamic = false;
@@ -81,9 +81,6 @@ public:
         if (_ssl_ctx_refcnt == 0) {
             ssl_ctx_free(_ssl_ctx);
         }
-
-        clear_private_key();
-        clear_certificate();
     }
 
     void ref() {
@@ -186,12 +183,17 @@ int SSLContext::_ssl_ctx_refcnt = 0;
 
 
 WiFiClientSecure::WiFiClientSecure() {
+    ++s_pk_refcnt;
 }
 
 WiFiClientSecure::~WiFiClientSecure() {
     if (_ssl) {
         _ssl->unref();
     }
+    if (--s_pk_refcnt == 0) {
+        clear_private_key();
+        clear_certificate();
+    }
 }
 
 WiFiClientSecure::WiFiClientSecure(const WiFiClientSecure& other)