[AppleTls]: Disallow calling SSLHandshake() again after the handshake has finished.

Bump Mono to pickup the BCL part of the fix commit 7ec55bdbe668b917dddab9996ddda372bcc9a561 Author: Martin Baulig <martin.baulig@xamarin.com> Date: Fri Sep 23 17:42:05 2016 +0200 [AppleTls]: Flush the write queue before finishing the handshake. It is possible for SSLHandshake() to return SslStatus.Success while we're still having a pending write (AsyncOperationStatus.WantWrite). This is because our managed write callback must never return 'WouldBlock', so SSLHandshake() things that all data have been sent while we still have them in our write queue. When this happens, we currently flush the write queue then call SSLHandshake() again via AsyncOperationStatus.WantWrite -> AsyncOperationStatus.Continue. This returns SslStatus.Protocol on iOS 10. (cherry picked from commit 2cc1b887c1c6e86b6844116c8010bac3305c84f9)
2016-09-26 16:34:10 -04:00 · 2016-09-26 16:34:10 -04:00 · 5f6ed20db0
--- a/external/mono
+++ b/external/mono
@ -1 +1 @@
-Subproject commit 8c9e34069f63e516038cd12a237d648079789622
+Subproject commit 1e1393ff1cf28c56603925d3e9bc2068f6bdb042
--- a/external/watch-mono
+++ b/external/watch-mono
@ -1 +1 @@
-Subproject commit 85e87700aa6fd516125b3d81db88e6aaccd45099
+Subproject commit 757e5c7705551ad46826bb2f907ee34b91297a94
--- a/src/Security/Tls/AppleTlsContext.cs
+++ b/src/Security/Tls/AppleTlsContext.cs
@ -51,6 +51,7 @@ namespace XamCore.Security.Tls
 		MonoTlsConnectionInfo connectionInfo;
 		bool havePeerTrust;
 		bool isAuthenticated;
+		bool handshakeFinished;
 		int handshakeStarted;

 		bool closed;
@ -197,11 +198,12 @@ namespace XamCore.Security.Tls

 		public override bool ProcessHandshake ()
 		{
-			SslStatus status;
+			if (handshakeFinished)
+				throw new NotSupportedException ("Handshake already finished.");

-			do {
+			while (true) {
 				lastException = null;
-				status = SSLHandshake (Handle);
+				var status = SSLHandshake (Handle);
 				Debug ("Handshake: {0} - {0:x}", status);

 				CheckStatusAndThrow (status, SslStatus.WouldBlock, SslStatus.PeerAuthCompleted, SslStatus.PeerClientCertRequested);
@ -221,10 +223,11 @@ namespace XamCore.Security.Tls
 					SetCertificate (clientIdentity, new SecCertificate [0]);
 				} else if (status == SslStatus.WouldBlock) {
 					return false;
+				} else if (status == SslStatus.Success) {
+					handshakeFinished = true;
+					return true;
 				}
-			} while (status != SslStatus.Success);
-
-			return true;
+			}
 		}

 		void RequirePeerTrust ()