With this workaround, we obviously had to take in mind the RAM and flash footprint of the existing code and think of the best ways to make space for our updates.
One such space-saving technique is to ensure all binaries are stripped and use of -ffunction-sections, -fdata-sections and -gc-sections to prevent the inclusion of unused functions and variables in the executable.
Another hurdle with this workaround was ensuring the performance of the device was not affected, especially if there is no hardware accelerated cryptography support.
In this case we know the choice of cipher suite can make a large difference. For example, using ECDSA instead of RSA reduced total time of the TLS handshake from ~1 second to ~200 millisecond on this particular MCU.
Thinking of doing this? Make sure to benchmark where space is used before beginning your project, and focus efforts on the largest space contributors.