IMHO before adding the TLS only port A LOT of stuff must be done first:
login command should be changed and bcrypt password used in the backend
cleanup / removal of unused commands / more generic replacements
...
i don't see come this pull request beeing accepted soon as its a big change to cleanup the protocol.
listen on a seccond port for ssl
includes a sample client