From 6143dfcb18b7fba17c9935bd1f3d07cd3d12fd3f Mon Sep 17 00:00:00 2001
From: Vladimir Dubrovin <3proxy@3proxy.ru>
Date: Fri, 27 Mar 2026 12:00:57 +0300
Subject: [PATCH] Use quit shutdown for SSL to prevent races

---
 src/plugins/SSLPlugin/ssl_plugin.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/plugins/SSLPlugin/ssl_plugin.c b/src/plugins/SSLPlugin/ssl_plugin.c
index d390c3a..4b1614c 100644
--- a/src/plugins/SSLPlugin/ssl_plugin.c
+++ b/src/plugins/SSLPlugin/ssl_plugin.c
@@ -109,13 +109,15 @@ static void addSSL(
 
 void delSSL(void *state, SOCKET s){
     if(!state || s == INVALID_SOCKET) return;
-    if(STATE->cli.s == s) {
+    if(STATE->cli.s == s && STATE->cli.conn) {
+	SSL_set_quiet_shutdown(STATE->cli.conn, 1);
 	SSL_shutdown(STATE->cli.conn);
 	ssl_conn_free(STATE->cli.conn);
 	STATE->cli.conn = NULL;
 	STATE->cli.s = INVALID_SOCKET;
     }
-    else if(STATE->srv.s == s) {
+    else if(STATE->srv.s == s && STATE->srv.conn) {
+	SSL_set_quiet_shutdown(STATE->srv.conn, 1);
 	SSL_shutdown(STATE->srv.conn);
 	ssl_conn_free(STATE->srv.conn);
 	STATE->srv.conn = NULL;