From b46e687d350724df12a330975d161a5bf055f193 Mon Sep 17 00:00:00 2001
From: James Stanley <james@incoherency.co.uk>
Date: Thu, 24 Apr 2025 12:06:09 +0100
Subject: [PATCH] Stop leaving sockets in CLOSE_WAIT on failed TLS connections

---
 modules/proto_tls/proto_tls.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/proto_tls/proto_tls.c b/modules/proto_tls/proto_tls.c
index 51787029fd9..98496d2305f 100644
--- a/modules/proto_tls/proto_tls.c
+++ b/modules/proto_tls/proto_tls.c
@@ -622,6 +622,9 @@ static int proto_tls_send(const struct socket_info* send_sock,
 	return rlen;
 con_release:
 	sh_log(c->hist, TCP_SEND2MAIN, "send 1, (%d)", c->refcnt);
+	/* close the fd if this process is not meant to own it */
+	if (c->proc_id != process_no)
+		close(fd);
 	tcp_conn_release(c, (rlen < 0)?0:1);
 	return rlen;
 }