For TLS connections we now do the TLS handshake immediately before
the ServerHello message. This lets the client recieve an alert
from the server is there is a handshake error after the TLS connect
has succeeded. It also means that the contents of the ServerHello
are protected from a man-in-the-middle attack.
1659d96c55