much of this is taken from cinap. 1. remove sendbuf, which prevents use of tls code in threaded programs. 2. replace sprint with snprint. 3. add HCertificateVerify code. 4. tlsHand closes fd iff data is successfully returned.