diff -Nru curl-7.21.3/debian/changelog curl-7.21.3/debian/changelog
--- curl-7.21.3/debian/changelog	2011-06-21 09:37:00.000000000 -0700
+++ curl-7.21.3/debian/changelog	2011-06-24 11:37:36.000000000 -0700
@@ -1,3 +1,12 @@
+curl (7.21.3-1ubuntu1.3) natty-proposed; urgency=low
+
+  * debian/patches/timeout_bug_736216: cherry pick upstream
+    git revision d4e000906ac4ef243258a5c9a819a7cde247d16a to fix
+    handshake timeout bug (LP: #736216). Thanks to Sidnei da Silva
+    and Michael Vogt
+
+ -- Steve Beattie <sbeattie@ubuntu.com>  Fri, 24 Jun 2011 11:36:02 -0700
+
 curl (7.21.3-1ubuntu1.2) natty-security; urgency=low
 
   * SECURITY UPDATE: libcurl unconditional credential delegation during
diff -Nru curl-7.21.3/debian/patches/series curl-7.21.3/debian/patches/series
--- curl-7.21.3/debian/patches/series	2011-06-09 01:00:41.000000000 -0700
+++ curl-7.21.3/debian/patches/series	2011-06-24 11:35:23.000000000 -0700
@@ -4,6 +4,7 @@
 art_http_scripting
 versioned
 0001-Curl_input_negotiate-do-not-delegate-credentials.patch
+timeout_bug_736216
 
 curl_links_with_rt
 gnutls
diff -Nru curl-7.21.3/debian/patches/timeout_bug_736216 curl-7.21.3/debian/patches/timeout_bug_736216
--- curl-7.21.3/debian/patches/timeout_bug_736216	1969-12-31 16:00:00.000000000 -0800
+++ curl-7.21.3/debian/patches/timeout_bug_736216	2011-06-24 11:34:54.000000000 -0700
@@ -0,0 +1,21 @@
+Subject: GnuTLS handshake: fix timeout
+Origin: https://github.com/bagder/curl/commit/d4e000906ac4ef243258a5c9a819a7cde247d16a
+
+Commit cbf4961 garbled the timeout handling while doing SSL
+handshaking (in an attempt at fixing another bug). This puts sanity
+back.
+
+diff --git a/lib/gtls.c b/lib/gtls.c
+index 32d81d4..bb2ee10 100644
+--- a/lib/gtls.c
++++ b/lib/gtls.c
+@@ -255,7 +255,8 @@ static CURLcode handshake(struct connectdata *conn,
+         connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
+ 
+       what = Curl_socket_ready(readfd, writefd,
+-                               nonblocking?0:(int)timeout_ms?1000:timeout_ms);
++                               nonblocking?0:
++                               ((int)timeout_ms?timeout_ms:1000));
+       if(what < 0) {
+         /* fatal error */
+         failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);