Experience with SSPI & TLS 1.3
I made some experiences with TLS 1.3 via SSPI, which is still not enabled at default. It seems to be functional, tested on Win 10, but there are some pitfalls: - max. supported message size ought be the number reported by QueryContextAttributes(context, SECPKG_ATTR_STREAM_SIZES, pPkgSizes) in pPkgSizes->cbMaximumMessage, but in fact it is (pPkgSizes->cbMaximumMessage - 1). - When calling DecryptMessage(), don't rely on a valid Pointer in a returned SecBuffer struct, marked as SECBUFFER_EXTRA (eg. SecBuffer::BufferType == SECBUFFER_EXTRA), related SecBuffer::pvBuffer is sometimes NULL. Tests performed with latest updates.