GnuTLS: fix to ignore timeout on unrelated callout connection. Bug 2174

2 files changed, 8 insertions, 3 deletions

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 7d577dbcb..bac937e62 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -71,6 +71,12 @@ JH/13 Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
       routers.  Previously, a multi-recipient message would fail to match the
       onward-connection opened for the first recipient, and cause its closure.
 
+JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
+      a timeout on read on a GnuTLS initiating connection, resulting in the
+      initiating connection being dropped.  This mattered most when the callout
+      was marked defer_ok.  Fix to keep the two timeout-detection methods
+      separate.
+
 
 Exim version 4.90
 -----------------
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 5c9fd3965..3a45999aa 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2364,10 +2364,8 @@ DEBUG(D_tls) debug_printf("about to gnutls_handshake\n");
 sigalrm_seen = FALSE;
 alarm(ob->command_timeout);
 do
-  {
   rc = gnutls_handshake(state->session);
-  } while ((rc == GNUTLS_E_AGAIN) ||
-      (rc == GNUTLS_E_INTERRUPTED && !sigalrm_seen));
+while (rc == GNUTLS_E_AGAIN || rc == GNUTLS_E_INTERRUPTED && !sigalrm_seen);
 alarm(0);
 
 if (rc != GNUTLS_E_SUCCESS)
@@ -2483,6 +2481,7 @@ ssize_t inbytes;
 DEBUG(D_tls) debug_printf("Calling gnutls_record_recv(%p, %p, %u)\n",
   state->session, state->xfer_buffer, ssl_xfer_buffer_size);
 
+sigalrm_seen = FALSE;
 if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
 inbytes = gnutls_record_recv(state->session, state->xfer_buffer,
   MIN(ssl_xfer_buffer_size, lim));