diff --git a/src/browser/HttpClient.zig b/src/browser/HttpClient.zig
index 529d4e5a..41b5ea39 100644
--- a/src/browser/HttpClient.zig
+++ b/src/browser/HttpClient.zig
@@ -648,12 +648,6 @@ fn requestFailed(transfer: *Transfer, err: anyerror, comptime execute_callback:
 // can be changed at any point in the easy's lifecycle.
 pub fn changeProxy(self: *Client, proxy: [:0]const u8) !void {
     try self.ensureNoActiveConnection();
-
-    var it = self.in_use.first;
-    while (it) |node| : (it = node.next) {
-        const conn: *Net.Connection = @fieldParentPtr("node", node);
-        try conn.setProxy(proxy);
-    }
     self.http_proxy = proxy;
     self.use_proxy = true;
 }
@@ -664,38 +658,20 @@ pub fn restoreOriginalProxy(self: *Client) !void {
     try self.ensureNoActiveConnection();
 
     self.http_proxy = self.network.config.httpProxy();
-    var it = self.in_use.first;
-    while (it) |node| : (it = node.next) {
-        const conn: *Net.Connection = @fieldParentPtr("node", node);
-        try conn.setProxy(self.http_proxy);
-    }
     self.use_proxy = self.http_proxy != null;
 }
 
 // Enable TLS verification on all connections.
-pub fn enableTlsVerify(self: *Client) !void {
+pub fn setTlsVerify(self: *Client, verify: bool) !void {
     // Remove inflight connections check on enable TLS b/c chromiumoxide calls
     // the command during navigate and Curl seems to accept it...
 
     var it = self.in_use.first;
     while (it) |node| : (it = node.next) {
         const conn: *Net.Connection = @fieldParentPtr("node", node);
-        try conn.setTlsVerify(true, self.use_proxy);
+        try conn.setTlsVerify(verify, self.use_proxy);
     }
-    self.tls_verify = true;
-}
-
-// Disable TLS verification on all connections.
-pub fn disableTlsVerify(self: *Client) !void {
-    // Remove inflight connections check on disable TLS b/c chromiumoxide calls
-    // the command during navigate and Curl seems to accept it...
-
-    var it = self.in_use.first;
-    while (it) |node| : (it = node.next) {
-        const conn: *Net.Connection = @fieldParentPtr("node", node);
-        try conn.setTlsVerify(false, self.use_proxy);
-    }
-    self.tls_verify = false;
+    self.tls_verify = verify;
 }
 
 fn makeRequest(self: *Client, conn: *Net.Connection, transfer: *Transfer) anyerror!void {
@@ -774,9 +750,12 @@ pub const PerformStatus = enum {
 };
 
 fn perform(self: *Client, timeout_ms: c_int) !PerformStatus {
-    self.performing = true;
-    const running = try self.handles.perform();
-    self.performing = false;
+    const running = blk: {
+        self.performing = true;
+        defer self.performing = false;
+
+        break :blk try self.handles.perform();
+    };
 
     // Process dirty connections — return them to Runtime pool.
     while (self.dirty.popFirst()) |node| {
@@ -922,7 +901,6 @@ fn removeConn(self: *Client, conn: *Net.Connection) void {
 }
 
 fn releaseConn(self: *Client, conn: *Net.Connection) void {
-    conn.reset() catch {};
     self.network.releaseConnection(conn);
 }
 
diff --git a/src/cdp/domains/security.zig b/src/cdp/domains/security.zig
index 830cd591..0ebfedae 100644
--- a/src/cdp/domains/security.zig
+++ b/src/cdp/domains/security.zig
@@ -35,12 +35,7 @@ fn setIgnoreCertificateErrors(cmd: anytype) !void {
         ignore: bool,
     })) orelse return error.InvalidParams;
 
-    if (params.ignore) {
-        try cmd.cdp.browser.http_client.disableTlsVerify();
-    } else {
-        try cmd.cdp.browser.http_client.enableTlsVerify();
-    }
-
+    try cmd.cdp.browser.http_client.setTlsVerify(!params.ignore);
     return cmd.sendResult(null, .{});
 }
 
diff --git a/src/network/Runtime.zig b/src/network/Runtime.zig
index 7c534ee2..a88f8e95 100644
--- a/src/network/Runtime.zig
+++ b/src/network/Runtime.zig
@@ -216,13 +216,19 @@ pub fn stop(self: *Runtime) void {
 pub fn getConnection(self: *Runtime) ?*net_http.Connection {
     self.conn_mutex.lock();
     defer self.conn_mutex.unlock();
+
     const node = self.available.popFirst() orelse return null;
     return @fieldParentPtr("node", node);
 }
 
 pub fn releaseConnection(self: *Runtime, conn: *net_http.Connection) void {
+    conn.reset() catch |err| {
+        lp.assert(false, "couldn't reset curl easy", .{ .err = err });
+    };
+
     self.conn_mutex.lock();
     defer self.conn_mutex.unlock();
+
     self.available.append(&conn.node);
 }
 
diff --git a/src/sys/libcurl.zig b/src/sys/libcurl.zig
index f9c9ac12..1a165111 100644
--- a/src/sys/libcurl.zig
+++ b/src/sys/libcurl.zig
@@ -706,15 +706,6 @@ pub fn curl_multi_poll(
     try errorMCheck(c.curl_multi_poll(multi, raw_fds, @intCast(extra_fds.len), timeout_ms, numfds));
 }
 
-pub fn curl_multi_waitfds(multi: *CurlM, ufds: []CurlWaitFd, fd_count: *c_uint) ErrorMulti!void {
-    const raw_fds: [*c]c.curl_waitfd = if (ufds.len == 0) null else @ptrCast(ufds.ptr);
-    try errorMCheck(c.curl_multi_waitfds(multi, raw_fds, @intCast(ufds.len), fd_count));
-}
-
-pub fn curl_multi_timeout(multi: *CurlM, timeout_ms: *c_long) ErrorMulti!void {
-    try errorMCheck(c.curl_multi_timeout(multi, timeout_ms));
-}
-
 pub fn curl_multi_info_read(multi: *CurlM, msgs_in_queue: *c_int) ?CurlMsg {
     const ptr = c.curl_multi_info_read(multi, msgs_in_queue);
     if (ptr == null) return null;