buf in do_recv() in core.c is too small in case of TLS. TLS record size can be up to 16kB but buf is only 8kB. This leads to data not to be delivered at the end of a reply. At least not in a timely fashion, as it is eventually deliver when the connection is closed many seconds later. buf needs to be at least 16kB.