diff --git a/curl-7.19.7-ssl-timeout.patch b/curl-7.19.7-ssl-timeout.patch
new file mode 100644
index 0000000..fb22c1c
--- /dev/null
+++ b/curl-7.19.7-ssl-timeout.patch
@@ -0,0 +1,26 @@
+diff --git a/lib/nss.c b/lib/nss.c
+index 51e62ee..c7c7e5f 100644
+--- a/lib/nss.c
++++ b/lib/nss.c
+@@ -1353,8 +1353,8 @@ int Curl_nss_send(struct connectdata *conn,  /* connection data */
+     err = PR_GetError();
+ 
+     if(err == PR_IO_TIMEOUT_ERROR) {
+-      failf(data, "SSL connection timeout");
+-      return CURLE_OPERATION_TIMEDOUT;
++      failf(data, "SSL connection send timeout");
++      return -1;
+     }
+ 
+     failf(conn->data, "SSL write: error %d", err);
+@@ -1394,8 +1394,8 @@ ssize_t Curl_nss_recv(struct connectdata * conn, /* connection data */
+       return -1; /* basically EWOULDBLOCK */
+     }
+     if(err == PR_IO_TIMEOUT_ERROR) {
+-      failf(data, "SSL connection timeout");
+-      return CURLE_OPERATION_TIMEDOUT;
++      failf(data, "SSL connection receive timeout");
++      return -1;
+     }
+     failf(conn->data, "SSL read: errno %d", err);
+     return -1;
diff --git a/curl.spec b/curl.spec
index e16f124..33c61cc 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,12 +1,13 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.19.7
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.bz2
 Patch1: curl-7.19.7-modelfree.patch
 Patch2: curl-7.19.7-ssl-retry.patch
+Patch3: curl-7.19.7-ssl-timeout.patch
 Patch101: curl-7.15.3-multilib.patch
 Patch102: curl-7.16.0-privlibs.patch
 Patch103: curl-7.19.4-debug.patch
@@ -54,6 +55,9 @@ use cURL's capabilities internally.
 %patch1 -p1
 %patch2 -p1
 
+# other patches
+%patch3 -p1
+
 # Fedora patches
 %patch101 -p1
 %patch102 -p1
@@ -150,6 +154,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Wed Dec 30 2009 Kamil Dudka <kdudka@redhat.com> 7.19.7-4
+- fix incorrect SSL recv/send timeout handling, patch contributed
+  by Kevin Baughman
+- http://permalink.gmane.org/gmane.comp.web.curl.library/26302
+
 * Thu Nov 26 2009 Kamil Dudka <kdudka@redhat.com> 7.19.7-3
 - workaround for broken TLS servers (#525496, #527771)