---
 libextra/gnutls_openssl.c          |   58 +++++++++++++++++++++++++++++++++++++
 libextra/includes/gnutls/openssl.h |    5 +++
 2 files changed, 63 insertions(+)

--- gnutls-2.8.5.orig/libextra/gnutls_openssl.c
+++ gnutls-2.8.5/libextra/gnutls_openssl.c
@@ -256,16 +256,21 @@ SSL_new (SSL_CTX * ctx)
   ssl->options = ctx->options;
 
   ssl->rfd = (gnutls_transport_ptr_t) - 1;
   ssl->wfd = (gnutls_transport_ptr_t) - 1;
 
+  ssl->ssl_peek_buffer = NULL;
+  ssl->ssl_peek_buffer_size = ssl->ssl_peek_avail = 0;
+
   return ssl;
 }
 
 void
 SSL_free (SSL * ssl)
 {
+  if (ssl->ssl_peek_buffer)
+    free(ssl->ssl_peek_buffer);
   gnutls_certificate_free_credentials (ssl->gnutls_cred);
   gnutls_deinit (ssl->gnutls_state);
   free (ssl);
 }
 
@@ -285,10 +290,11 @@ SSL_get_error (SSL * ssl, int ret)
 
 int
 SSL_set_fd (SSL * ssl, int fd)
 {
   gnutls_transport_set_ptr (ssl->gnutls_state, GNUTLS_INT_TO_POINTER (fd));
+  ssl->rfd = ssl->wfd = fd;
   return 1;
 }
 
 int
 SSL_set_rfd (SSL * ssl, int fd)
@@ -310,10 +316,21 @@ SSL_set_wfd (SSL * ssl, int fd)
     gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd);
 
   return 1;
 }
 
+int SSL_get_rfd(SSL *ssl)
+{
+  return ssl->rfd;
+}
+
+int SSL_get_wfd(SSL *ssl)
+{
+  return ssl->wfd;
+}
+
+
 void
 SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio)
 {
   gnutls_transport_set_ptr2 (ssl->gnutls_state, rbio->fd, wbio->fd);
   /*    free(BIO); ? */
@@ -325,10 +342,12 @@ SSL_set_connect_state (SSL * ssl)
 }
 
 int
 SSL_pending (SSL * ssl)
 {
+  if (ssl->ssl_peek_avail)
+    return ssl->ssl_peek_avail;
   return gnutls_record_check_pending (ssl->gnutls_state);
 }
 
 void
 SSL_set_verify (SSL * ssl, int verify_mode,
@@ -480,15 +499,54 @@ SSL_shutdown (SSL * ssl)
 
   /* FIXME */
   return 1;
 }
 
+int SSL_peek(SSL *ssl, void *buf, int len)
+{
+  if (len > ssl->ssl_peek_buffer_size) {
+    ssl->ssl_peek_buffer = realloc (ssl->ssl_peek_buffer, len);
+    ssl->ssl_peek_buffer_size = len;
+  }
+
+  if (ssl->ssl_peek_avail == 0) {
+
+    int ret;
+
+    ret = gnutls_record_recv(ssl->gnutls_state, ssl->ssl_peek_buffer, len);
+    ssl->last_error = ret;
+
+    if (ret > 0)
+      ssl->ssl_peek_avail += ret;
+  }
+
+  if (len > ssl->ssl_peek_avail)
+    len = ssl->ssl_peek_avail;
+
+  memcpy (buf, ssl->ssl_peek_buffer, len);
+
+  return len;
+}
+
 int
 SSL_read (SSL * ssl, void *buf, int len)
 {
   int ret;
 
+  if (ssl->ssl_peek_avail) {
+    int n = (ssl->ssl_peek_avail > len) ? len : ssl->ssl_peek_avail;
+
+    memcpy (buf, ssl->ssl_peek_buffer, n);
+
+    if (ssl->ssl_peek_avail > n)
+      memmove (ssl->ssl_peek_buffer, ssl->ssl_peek_buffer + n, ssl->ssl_peek_avail - n);
+
+    ssl->ssl_peek_avail -= n;
+
+    return n;
+  }
+
   ret = gnutls_record_recv (ssl->gnutls_state, buf, len);
   ssl->last_error = ret;
 
   if (ret < 0)
     {
--- gnutls-2.8.5.orig/libextra/includes/gnutls/openssl.h
+++ gnutls-2.8.5/libextra/includes/gnutls/openssl.h
@@ -162,10 +162,15 @@ extern "C"
     int (*verify_callback) (int, X509_STORE_CTX *);
     int verify_mode;
 
     gnutls_transport_ptr_t rfd;
     gnutls_transport_ptr_t wfd;
+
+    char *ssl_peek_buffer;
+    size_t ssl_peek_buffer_size;
+    size_t ssl_peek_avail;
+
   };
 
 #define rbio gnutls_state
 
   typedef struct {