From 5c2e47de8805a1a489db8215a62859fd6b7e7d55 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Fri, 22 Jan 2021 13:01:35 +0100
Subject: [PATCH] listen_loop(): Delay the call to ssl_release()

... and only release the TLS backend resources if there
are no active connections left.

Prevents crashes when exiting "gracefully" at the wrong time.
---
 jcc.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/jcc.c b/jcc.c
index ab4956f0..310fb1ee 100644
--- a/jcc.c
+++ b/jcc.c
@@ -6183,11 +6183,6 @@ static void listen_loop(void)
 
    /* NOTREACHED unless FEATURE_GRACEFUL_TERMINATION is defined */
 
-#ifdef FEATURE_HTTPS_INSPECTION
-   /* Clean up.  Aim: free all memory (no leaks) */
-   ssl_release();
-#endif
-
 #ifdef FEATURE_GRACEFUL_TERMINATION
 
    log_error(LOG_LEVEL_INFO, "Graceful termination requested.");
@@ -6220,6 +6215,17 @@ static void listen_loop(void)
    freez(basedir);
 #endif
 
+#ifdef FEATURE_HTTPS_INSPECTION
+   /*
+    * Only release TLS backed resources if there
+    * are no active connections left.
+    */
+   if (clients->next == NULL)
+   {
+      ssl_release();
+   }
+#endif
+
    log_error(LOG_LEVEL_INFO, "Exiting gracefully.");
 
 #if defined(_WIN32) && !defined(_WIN_CONSOLE)
-- 
2.39.2