diff --git a/src/main/tls_listen.c b/src/main/tls_listen.c
index 32cf564..45e7641 100644
--- a/src/main/tls_listen.c
+++ b/src/main/tls_listen.c
@@ -189,6 +189,18 @@ static int tls_socket_recv(rad_listen_t *listener)
 
 	RDEBUG3("Reading from socket %d", request->packet->sockfd);
 	PTHREAD_MUTEX_LOCK(&sock->mutex);
+
+	/*
+	 *	If there is pending application data, as set up by
+	 *	SSL_peek(), read that before reading more data from
+	 *	the socket.
+	 */
+	if (SSL_pending(sock->ssn->ssl)) {
+		RDEBUG3("Reading pending buffered data");
+		sock->ssn->dirty_in.used = 0;
+		goto get_application_data;
+	}
+
 	rcode = read(request->packet->sockfd,
 		     sock->ssn->dirty_in.data,
 		     sizeof(sock->ssn->dirty_in.data));
@@ -250,6 +262,7 @@ static int tls_socket_recv(rad_listen_t *listener)
 	/*
 	 *	Try to get application data.
 	 */
+get_application_data:
 	status = tls_application_data(sock->ssn, request);
 	RDEBUG("Application data status %d", status);
 
@@ -333,9 +346,11 @@ int dual_tls_recv(rad_listen_t *listener)
 	RAD_REQUEST_FUNP fun = NULL;
 	listen_socket_t *sock = listener->data;
 	RADCLIENT	*client = sock->client;
+	BIO		*rbio;
 
 	if (listener->status != RAD_LISTEN_STATUS_KNOWN) return 0;
 
+redo:
 	if (!tls_socket_recv(listener)) {
 		return 0;
 	}
@@ -403,6 +418,26 @@ int dual_tls_recv(rad_listen_t *listener)
 		return 0;
 	}
 
+	/*
+	 *	Check for more application data.
+	 *
+	 *	If there is pending SSL data, "peek" at the
+	 *	application data.  If we get at least one byte of
+	 *	application data, go back to tls_socket_recv().
+	 *	SSL_peek() will set SSL_pending(), and
+	 *	tls_socket_recv() will read another packet.
+	 */
+	rbio = SSL_get_rbio(sock->ssn->ssl);
+	if (BIO_ctrl_pending(rbio)) {
+		char buf[1];
+		int peek = SSL_peek(sock->ssn->ssl, buf, 1);
+
+		if (peek > 0) {
+			DEBUG("more TLS records after dual_tls_recv");
+			goto redo;
+		}
+	}
+
 	return 1;
 }