From 0264fe161feb1cd98bd31d64344cda2bc2a85872 Mon Sep 17 00:00:00 2001
From: Simon Arlott <sa.me.uk>
Date: Fri, 29 Apr 2016 07:35:43 +0100
Subject: [PATCH] sslproc: don't send updated config to dead/shutdown sslds

They might be running older versions of the SSL library that
doesn't support the key type or ciphers being configured.
---
 src/sslproc.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/sslproc.c b/src/sslproc.c
index f7af434d..845785e4 100644
--- a/src/sslproc.c
+++ b/src/sslproc.c
@@ -746,6 +746,10 @@ send_new_ssl_certs(const char *ssl_cert, const char *ssl_private_key, const char
 	RB_DLINK_FOREACH(ptr, ssl_daemons.head)
 	{
 		ssl_ctl_t *ctl = ptr->data;
+
+		if (ctl->dead || ctl->shutdown)
+			continue;
+
 		send_certfp_method(ctl, method);
 		send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key, ssl_dh_params, ssl_cipher_list);
 	}