TLS/SSL Negotiation

If the next packet from the TDS 4.2 client is not a TLS/SSL negotiation packet or if the packet is not structurally correct, the TDS 4.2 server MUST close the underlying transport connection, indicate an error to the upper layer, and then enter the final state. A TLS/SSL negotiation packet is a PRELOGIN (0x12) packet header encapsulated with TLS/SSL payload. The TDS 4.2 server MUST exchange a TLS/SSL negotiation packet with the client and reenter this state until the TLS/SSL negotiation is successfully completed. Upon successful negotiation, the TDS 4.2 server enters the Login Ready state.