gnutls_record_recv timeout with blocking sockets

[Giuseppe Scrivano]

Hello,

In wget we are using something like the following pseudo-code to
check if a call to `gnutls_record_recv' will be blocking:

  gnutls_record_check_pending (session) || select_fd (fd, timeout);

I have noticed that even if the previous code returns a non-zero value,  
`gnutls_record_recv' can still block.

To trigger it, I have used iptables as:

  iptables -A INPUT -i lo -p tcp --destination-port 443 -j DROP

while I was downloading a file from an HTTPS server on the local
machine.  From a first look, it seems `read' is called multiple times
from `gnutls_record_recv' so probably all data is consumed by the first
calls.

I have used gnutls from Debian testing, I haven't tried with the
development version.

Is it possible to know in advance if `gnutls_record_recv' will block or
not?  Any suggestion how I could handle properly the --read-timeout in
wget when TLS is used?  Am I missing something?

Thanks,
Giuseppe