Description
This happened when we disabled SSLv3_client_method and switched over to SSLv23_client_method. It turns out the latter is just a stub for a collection of other methods (where openssl will basically try to "Guess" what kind of SSL method it should use; with optionally eliminating some explicitly (e.g. SSLv3)).
In this case, it turns out the library was calling SSL_pending too early (though this isn't documented anywhere).