From 0cada9cffa314e4ce595d801ba0e191d40d70abd Mon Sep 17 00:00:00 2001
From: Davide Cavalca <dcavalca@centosproject.org>
Date: Jul 15 2021 15:14:43 +0000
Subject: Add a fix for peername presence check


---

diff --git a/SOURCES/socat-1.7.4.1-ipv6-ssl-peername-check-fix.patch b/SOURCES/socat-1.7.4.1-ipv6-ssl-peername-check-fix.patch
new file mode 100644
index 0000000..e6408f2
--- /dev/null
+++ b/SOURCES/socat-1.7.4.1-ipv6-ssl-peername-check-fix.patch
@@ -0,0 +1,29 @@
+--- socat-orig/socat-1.7.4.1/xio-openssl.c	2021-01-10 04:57:35.000000000 -0800
++++ socat-1.7.4.1/xio-openssl.c	2021-07-12 03:17:23.772269622 -0700
+@@ -1777,15 +1777,17 @@
+ #if WITH_IP6
+ 			case 16: /* IPv6 */
+ 			   inet_ntop(AF_INET6, data, aBuffer, sizeof(aBuffer));
+-			   xioip6_pton(peername, &ip6bin);
+-			   if (memcmp(data, &ip6bin, sizeof(ip6bin)) == 0) {
+-			      Debug2("subjectAltName \"%s\" matches peername \"%s\"",
+-				    aBuffer, peername);
+-			      ok = 1;
+-			   } else {
+-			      Info2("subjectAltName \"%s\" does not match peername \"%s\"",
+-				    aBuffer, peername);
+-			   }			      
++               if (peername != NULL) {
++			      xioip6_pton(peername, &ip6bin);
++			      if (memcmp(data, &ip6bin, sizeof(ip6bin)) == 0) {
++			         Debug2("subjectAltName \"%s\" matches peername \"%s\"",
++				       aBuffer, peername);
++			         ok = 1;
++			      } else {
++			         Info2("subjectAltName \"%s\" does not match peername \"%s\"",
++				      aBuffer, peername);
++                  }
++               }
+ 			   break;
+ #endif
+ 			}
diff --git a/SPECS/socat.spec b/SPECS/socat.spec
index 41440b0..8a7553f 100644
--- a/SPECS/socat.spec
+++ b/SPECS/socat.spec
@@ -3,10 +3,12 @@
 Summary: Bidirectional data relay between two data channels ('netcat++')
 Name: socat
 Version: 1.7.4.1
-Release: 1%{?dist}
+Release: 1.1%{?dist}
 License: GPLv2
 Url:  http://www.dest-unreach.org/socat/
 Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
+# Fix peername presence check for rhbz#1981308
+Patch0: socat-1.7.4.1-ipv6-ssl-peername-check-fix.patch
 Group: Applications/Internet
 
 BuildRequires: openssl-devel readline-devel ncurses-devel
@@ -23,7 +25,7 @@ line editor (readline), a program, or a combination of two of these.
 
 
 %prep
-%setup -q
+%autosetup -p1
 iconv -f iso8859-1 -t utf-8 CHANGES > CHANGES.utf8
 mv CHANGES.utf8 CHANGES
 
@@ -65,6 +67,10 @@ export OD_C=/usr/bin/od
 %doc %{_mandir}/man1/*
 
 %changelog
+* Thu Jul 15 2021 Davide Cavalca <dcavalca@centosproject.org> - 1.7.4.1.1-1
+- Add a fix for peername presence check
+- Resolves: rhbz#1981308
+
 * Tue Mar 30 2021 Paul Wouters <pwouters@redhat.com> - 1.7.4.1-1
 - Resolves: rhbz#1805132 socat does not recognize IP addresses of the SAN extensions in ssl mode
 - Resolves: rhbz#1870279 Transfer via socat fails with openssl enabled