diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
index ec739deff194535fb81c1daeb35e35ab77535d56..b70002a64768ba726ca0d17f4b829712f0e86a9f 100644
--- a/ssl/s23_lib.c
+++ b/ssl/s23_lib.c
@@ -63,6 +63,7 @@
 static int ssl23_num_ciphers(void );
 static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
 static int ssl23_read(SSL *s, void *buf, int len);
+static int ssl23_peek(SSL *s, void *buf, int len);
 static int ssl23_write(SSL *s, const void *buf, int len);
 static long ssl23_default_timeout(void );
 static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
@@ -77,7 +78,7 @@ static SSL_METHOD SSLv23_data= {
 	ssl_undefined_function,
 	ssl_undefined_function,
 	ssl23_read,
-	(int (*)(struct ssl_st *, char *, int))ssl_undefined_function,
+	ssl23_peek,
 	ssl23_write,
 	ssl_undefined_function,
 	ssl_undefined_function,
@@ -169,13 +170,6 @@ static int ssl23_read(SSL *s, void *buf, int len)
 	{
 	int n;
 
-#if 0
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
-		{
-		s->rwstate=SSL_NOTHING;
-		return(0);
-		}
-#endif
 	clear_sys_error();
 	if (SSL_in_init(s) && (!s->in_handshake))
 		{
@@ -195,17 +189,33 @@ static int ssl23_read(SSL *s, void *buf, int len)
 		}
 	}
 
-static int ssl23_write(SSL *s, const void *buf, int len)
+static int ssl23_peek(SSL *s, void *buf, int len)
 	{
 	int n;
 
-#if 0
-	if (s->shutdown & SSL_SENT_SHUTDOWN)
+	clear_sys_error();
+	if (SSL_in_init(s) && (!s->in_handshake))
+		{
+		n=s->handshake_func(s);
+		if (n < 0) return(n);
+		if (n == 0)
+			{
+			SSLerr(SSL_F_SSL23_PEEK,SSL_R_SSL_HANDSHAKE_FAILURE);
+			return(-1);
+			}
+		return(SSL_peek(s,buf,len));
+		}
+	else
 		{
-		s->rwstate=SSL_NOTHING;
-		return(0);
+		ssl_undefined_function(s);
+		return(-1);
 		}
-#endif
+	}
+
+static int ssl23_write(SSL *s, const void *buf, int len)
+	{
+	int n;
+
 	clear_sys_error();
 	if (SSL_in_init(s) && (!s->in_handshake))
 		{
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 0483b635be2d3358fd21cbd55a7f7596f2fb17f5..fa0e658bb8e998825daa1eb0cec6d67d03725f6c 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1250,6 +1250,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_SSL_strings(void);
 
 /* Error codes for the SSL functions. */
 
@@ -1274,6 +1275,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_F_SSL23_CONNECT				 117
 #define SSL_F_SSL23_GET_CLIENT_HELLO			 118
 #define SSL_F_SSL23_GET_SERVER_HELLO			 119
+#define SSL_F_SSL23_PEEK				 237
 #define SSL_F_SSL23_READ				 120
 #define SSL_F_SSL23_WRITE				 121
 #define SSL_F_SSL2_ACCEPT				 122
@@ -1612,4 +1614,3 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 }
 #endif
 #endif
-
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 30420330c0f838883c55e9c5aeb8bddc5bfa36d5..183b21e0baa726fdb00670d449421d8a907c4f99 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -86,6 +86,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL23_CONNECT,0),	"SSL23_CONNECT"},
 {ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0),	"SSL23_GET_CLIENT_HELLO"},
 {ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0),	"SSL23_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_PEEK,0),	"SSL23_PEEK"},
 {ERR_PACK(0,SSL_F_SSL23_READ,0),	"SSL23_READ"},
 {ERR_PACK(0,SSL_F_SSL23_WRITE,0),	"SSL23_WRITE"},
 {ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),	"SSL2_ACCEPT"},
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1edb279dc8605e4eedf533a3c22ab14bc26ef858..9a593ed2a5fe1a755ea2fbca45598fd4b749cbc3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -784,6 +784,12 @@ int SSL_read(SSL *s,char *buf,int num)
 
 int SSL_peek(SSL *s,char *buf,int num)
 	{
+	if (s->handshake_func == 0)
+		{
+		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+		return -1;
+		}
+
 	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
 		{
 		return(0);