From bbccb09a903f66c5d4e5774b41a5974ba0deb41e Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Fri, 4 Dec 2015 22:53:04 -0600
Subject: [PATCH] newconf: TLS listener ports should always be defer_accept

TLS clients are required to send ClientHello upon connection, the server may not reply with ServerHello until this has happened
---
 src/newconf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/newconf.c b/src/newconf.c
index 62bd8d795..53c3067b5 100644
--- a/src/newconf.c
+++ b/src/newconf.c
@@ -865,9 +865,9 @@ conf_set_listen_port_both(void *data, int ssl)
 		}
                 if(listener_address == NULL)
                 {
-			add_listener(args->v.number, listener_address, AF_INET, ssl, yy_defer_accept);
+			add_listener(args->v.number, listener_address, AF_INET, ssl, ssl || yy_defer_accept);
 #ifdef RB_IPV6
-			add_listener(args->v.number, listener_address, AF_INET6, ssl, yy_defer_accept);
+			add_listener(args->v.number, listener_address, AF_INET6, ssl, ssl || yy_defer_accept);
 #endif
                 }
 		else
@@ -880,7 +880,7 @@ conf_set_listen_port_both(void *data, int ssl)
 #endif
 				family = AF_INET;
 
-			add_listener(args->v.number, listener_address, family, ssl, yy_defer_accept);
+			add_listener(args->v.number, listener_address, family, ssl, ssl || yy_defer_accept);
 
                 }