When LibreSSL supports TLSv1.3 (https://github.com/libressl-portable/portable/issues/228 we'll need to fix TLS reads for LibreSSL the same way we did for OpenSSL 1.1.1 (CDRIVER-2846). I think we have to add a should_retry boolean field to mongoc_stream_tls_libressl_t. The field is set to false before a handshake, read, or write. The field is set to true after an operation that returns TLS_WANT_POLLIN or TLS_WANT_POLLOUT. _mongoc_stream_tls_libressl_should_retry returns true if the field is set or if mongoc_stream_should_retry (tls->base_stream).