Reading pending TLS bytes can take us over at_most

In connection_read_to_buf(), after we fetch pending TLS bytes, we re-set 'result' to be the total number of bytes actually read. But later we do:

  if (more_to_read && result == at_most) {
    slack_in_buf = buf_slack(conn->inbuf);
    at_most = more_to_read;
    goto again;
  }

That's not good; 'result' can also be >= at_most, which might also mean that we should try reading more, maybe.

Reported pseudonymously; the reporter attached this patch. Possibly backportable to 0.2.3.