From f7cf3211e58d6552c4743502c829cf65d5b5d757 Mon Sep 17 00:00:00 2001
From: Pavel Safronov <pv.safronov@gmail.com>
Date: Aug 21 2020 17:25:43 +0000
Subject: import socat-1.7.3.3-3.el8


---

diff --git a/SOURCES/socat-1.7.3.3-ssl-auto-retry.patch b/SOURCES/socat-1.7.3.3-ssl-auto-retry.patch
new file mode 100644
index 0000000..2b4dff3
--- /dev/null
+++ b/SOURCES/socat-1.7.3.3-ssl-auto-retry.patch
@@ -0,0 +1,35 @@
+diff -Naur socat-1.7.3.3-orig/CHANGES socat-1.7.3.3/CHANGES
+--- socat-1.7.3.3-orig/CHANGES	2019-04-05 13:10:24.000000000 -0700
++++ socat-1.7.3.3/CHANGES	2020-08-21 09:59:35.233714747 -0700
+@@ -79,9 +79,6 @@
+ 	RES_AAONLY, RES_PRIMARY are deprecated. You can still enable them with
+ 	configure option --enable-res-deprecated.
+ 
+-	New versions of OpenSSL preset SSL_MODE_AUTO_RETRY which may hang socat.
+-	Solution: clear SSL_MODE_AUTO_RETRY when it is set.
+-
+ 	Renamed configure.in to configure.ac and set an appropriate symlink for
+ 	older environments.
+ 	Related Gentoo bug 426262: Warning on configure.in
+diff -Naur socat-1.7.3.3-orig/xio-openssl.c socat-1.7.3.3/xio-openssl.c
+--- socat-1.7.3.3-orig/xio-openssl.c	2019-04-04 01:59:55.000000000 -0700
++++ socat-1.7.3.3/xio-openssl.c	2020-08-21 09:58:27.445138134 -0700
+@@ -1023,18 +1023,6 @@
+    }
+ #endif
+ 
+-   /* It seems that OpenSSL-1.1.1 presets the mode differently.
+-      Without correction socat might hang in SSL_read() */
+-   {
+-      long mode = 0;
+-      mode = SSL_CTX_get_mode(*ctx);
+-      if (mode & SSL_MODE_AUTO_RETRY) {
+-	 Info("SSL_CTX mode has SSL_MODE_AUTO_RETRY set. Correcting..");
+-	 Debug1("SSL_CTX_clean_mode(%p, SSL_MODE_AUTO_RETRY)", *ctx);
+-	 SSL_CTX_clear_mode(*ctx, SSL_MODE_AUTO_RETRY);
+-      }
+-   }
+-
+    if (opt_cafile != NULL || opt_capath != NULL) {
+       if (sycSSL_CTX_load_verify_locations(*ctx, opt_cafile, opt_capath) != 1) {
+ 	 int result;
diff --git a/SPECS/socat.spec b/SPECS/socat.spec
index fca7b01..93fed2e 100644
--- a/SPECS/socat.spec
+++ b/SPECS/socat.spec
@@ -3,13 +3,14 @@
 Summary: Bidirectional data relay between two data channels ('netcat++')
 Name: socat
 Version: 1.7.3.3
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 Url:  http://www.dest-unreach.org/socat/
 Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
 Group: Applications/Internet
 
 Patch1: socat-1.7.3.3-warn.patch
+Patch2: socat-1.7.3.3-ssl-auto-retry.patch
 
 BuildRequires: openssl-devel readline-devel ncurses-devel
 BuildRequires: autoconf kernel-headers > 2.6.18
@@ -68,6 +69,9 @@ export OD_C=/usr/bin/od
 %doc %{_mandir}/man1/*
 
 %changelog
+* Fri Aug 21 2020 Pavel Safronov <svp@fb.com> - 1.7.3.3-3
+- Resolves: rhbz#1870279 Transfer via socat fails with openssl enabled
+
 * Sun Dec 01 2019 Paul Wouters <pwouters@redhat.com> - 1.7.3.3-2
 - Resolves: rhbz#1682464 socat changes blocked until gating tests are added