--- inn-2.4.4.org/nnrpd/line.c	2008-05-05 12:18:36.000000000 +0200
+++ inn-2.4.4/nnrpd/line.c	2008-05-18 14:33:18.000000000 +0200
@@ -18,6 +18,8 @@
 # include <sys/select.h>
 #endif
 
+#include <signal.h>
+
 #include "inn/messages.h"
 #include "nnrpd.h"
 
@@ -40,6 +42,18 @@ line_free(struct line *line)
     }
 }
 
+#ifdef HAVE_SSL
+/*
+**  alarm signal handler for clienttimeout
+*/
+static void alarmHandler (int s)
+{
+    SSL_shutdown(tls_conn);
+    tls_conn = NULL;
+    errno = ECONNRESET;
+}
+#endif
+  
 /*
 **  initialise a new line structure
 */
@@ -53,15 +67,21 @@ line_init(struct line *line)
 }
 
 static ssize_t
-line_doread(void *p, size_t len)
+line_doread(void *p, size_t len, int timeout)
 {
     ssize_t n;
 
 #ifdef HAVE_SSL
     if (tls_conn) {
 	int err;
+	xsignal (SIGALRM, alarmHandler);
 	do {
+	    alarm (timeout);
 	    n = SSL_read(tls_conn, p, len);
+	    alarm (0);
+	    if (tls_conn == NULL) {
+	        break;
+	    }
 	    err = SSL_get_error(tls_conn, n);
 	    switch (err) {
 	    case SSL_ERROR_SYSCALL:
@@ -74,6 +94,7 @@ line_doread(void *p, size_t len)
 		break;
 	    }
 	} while (err == SSL_ERROR_WANT_READ);
+	xsignal (SIGALRM, SIG_DFL);
     } else {
 #endif
 	do {
@@ -186,7 +207,8 @@ line_read(struct line *line, int timeout
             }
 #endif
 	    count = line_doread(where,
-				line->allocated - (where - line->start));
+				line->allocated - (where - line->start), 
+				timeout);
 
 	    /* give timeout for read errors */
 	    if (count < 0) {