Almost everyone using this API actually wanted String instead of a
ByteBuffer anyway, and there were a bunch of slightly different ways
clients would convert to String.
Let's just cut out all the confusion and make it return String. :^)
Now we (almost) verify all the sites we browse.
Certificate verification failures should not be unexpected, as the
existing CA certificates are likely not complete.
This function did a const_cast internally which made the call side look
"safe". This method is removed completely and call sites are replaced
with ByteBuffer::wrap(const_cast<void*>(data), size) which makes the
behaviour obvious.
Contrary to popular belief, not every implementation of TLS follows the
specs.
Some of them just drop the connection without sending a proper
close_notify, and we should handle that gracefully.
Apparently servers will feel free to pad their response if they send one
that contains a content-length field.
We should not assume that the entirety of the response is valid data.
