[AppleTls]: Disallow calling SSLHandshake() again after the handshake has finished.

Bump Mono to pickup the BCL part of the fix. commit 2a3e4002ead94aae6796c7eb7af9a850398beb51 Author: Martin Baulig <martin.baulig@xamarin.com> Date: Fri Sep 23 17:42:05 2016 +0200 [AppleTls]: Flush the write queue before finishing the handshake. It is possible for SSLHandshake() to return SslStatus.Success while we're still having a pending write (AsyncOperationStatus.WantWrite). This is because our managed write callback must never return 'WouldBlock', so SSLHandshake() things that all data have been sent while we still have them in our write queue. When this happens, we currently flush the write queue then call SSLHandshake() again via AsyncOperationStatus.WantWrite -> AsyncOperationStatus.Continue. This returns SslStatus.Protocol on iOS 10. (cherry picked from commit 2cc1b887c1c6e86b6844116c8010bac3305c84f9)
2016-09-23 18:03:02 +02:00 · 2016-09-23 18:03:02 +02:00 · 6ed46cc6a1
--- a/external/mono
+++ b/external/mono
@ -1 +1 @@
-Subproject commit 377041fd6ec7a75d55e451d4752be1048b836c13
+Subproject commit 2a3e4002ead94aae6796c7eb7af9a850398beb51
--- a/external/watch-mono
+++ b/external/watch-mono
@ -1 +1 @@
-Subproject commit 377041fd6ec7a75d55e451d4752be1048b836c13
+Subproject commit 2a3e4002ead94aae6796c7eb7af9a850398beb51
--- a/src/Security/Tls/AppleTlsContext.cs
+++ b/src/Security/Tls/AppleTlsContext.cs
@ -51,6 +51,7 @@ namespace XamCore.Security.Tls
 		MonoTlsConnectionInfo connectionInfo;
 		bool havePeerTrust;
 		bool isAuthenticated;
+		bool handshakeFinished;
 		int handshakeStarted;

 		bool closed;
@ -197,11 +198,12 @@ namespace XamCore.Security.Tls

 		public override bool ProcessHandshake ()
 		{
-			SslStatus status;
+			if (handshakeFinished)
+				throw new NotSupportedException ("Handshake already finished.");

-			do {
+			while (true) {
 				lastException = null;
-				status = SSLHandshake (Handle);
+				var status = SSLHandshake (Handle);
 				Debug ("Handshake: {0} - {0:x}", status);

 				CheckStatusAndThrow (status, SslStatus.WouldBlock, SslStatus.PeerAuthCompleted, SslStatus.PeerClientCertRequested);
@ -221,10 +223,11 @@ namespace XamCore.Security.Tls
 					SetCertificate (clientIdentity, new SecCertificate [0]);
 				} else if (status == SslStatus.WouldBlock) {
 					return false;
+				} else if (status == SslStatus.Success) {
+					handshakeFinished = true;
+					return true;
 				}
-			} while (status != SslStatus.Success);
-
-			return true;
+			}
 		}

 		void RequirePeerTrust ()