I'm not sure that's the correct project to put this issue, please redirect me if need be.

I'm trying to use TLS over Tor, which provides a buffered stream in order to reduce the number of message on the network. The issue is that when handshaking, no flush is called on the stream, but it is excepted to reply to the written TLS header. This isn't an issue when using socket direclty, as every write actually sends it, but it becomes one when wrapping the socket in a BufWriter (or when using a Tor stream).

I was able to trigger it in the tokio-rustls' tests by changing in do_handshake the good stream into a BufWriter::new(Good(server)).
tokio-native-tls is a bit harder to trick as it simply hangs the fetch_google when using .connect("google.com", BufWriter::new(socket)), but not the other tests, dunno why. FYI: I'm running Linux, so openssl is my backend library.

I didn't manage to put a PR together, but I'm happy to try a bit more if given some pointers on the best way to approach it.

Can you start with a PR to add a failing tokio-rustls test case? That would be a good start.

(I'm personally not as interested in the tokio-native-tls case, and it might make sense to have a different PR for that.)

Can you start with a PR to add a failing tokio-rustls test case?

See #97 for the rustls's PR

This is indeed a problem, we should try flush when the read from handshake returns pending.

#98 works for me, thanks for the fix :)

For the issue in nativetls, I was wrong: it's not failing with OpenSSL (I forgot a flush myself when trying to trigger it..) but does so on Apple devices. PR with the failing test at #99