Fixed regression: SSL_CTX_clear_mode() not available in older OpenSSL versions

CHANGES

@@ -15,6 +15,10 @@ Corrections:
 	configure.
 	Thanks to Jason White for sending a patch.
 
+	Due to use of SSL_CTX_clear_mode() Socat failed to compile on old
+	systems with, e.g., OpenSSL-0.9.8. Thanks to Simon Matter and Moritz B.
+	for reporting this problem and sending initial patches.
+
 ####################### V 1.7.3.3:
 
 Corrections:

VERSION

@@ -1 +1 @@
-"1.7.3.3"
+"1.7.3.3+"

config.h.in

@@ -476,6 +476,9 @@
 /* Define if you have the OpenSSL ASN1_STRING_get0_data function */
 #undef HAVE_ASN1_STRING_get0_data
 
+/* Define if you have the OpenSSL SSL_CTX_clear_mode macro or function */
+#undef HAVE_SSL_CTX_clear_mode
+
 /* Define if you have the flock function */
 #undef HAVE_FLOCK
 

configure.ac

@@ -1463,6 +1463,7 @@ AC_CHECK_FUNC(RAND_egd, AC_DEFINE(HAVE_RAND_egd), AC_CHECK_LIB(crypt, RAND_egd,
 AC_CHECK_FUNC(DH_set0_pqg, AC_DEFINE(HAVE_DH_set0_pqg), AC_CHECK_LIB(crypt, DH_set0_pqg, [LIBS=-lcrypt $LIBS]))
 AC_CHECK_FUNC(ASN1_STRING_get0_data, AC_DEFINE(HAVE_ASN1_STRING_get0_data), AC_CHECK_LIB(crypt, ASN1_STRING_get0_data, [LIBS=-lcrypt $LIBS]))
 AC_CHECK_FUNC(RAND_status, AC_DEFINE(HAVE_RAND_status))
+AC_CHECK_FUNC(SSL_CTX_clear_mode, AC_DEFINE(HAVE_SSL_CTX_clear_mode))
 
 AC_MSG_CHECKING(for type EC_KEY)
 AC_CACHE_VAL(sc_cv_type_EC_TYPE,

xio-openssl.c

@@ -1023,6 +1023,7 @@ cont_out:
    }
 #endif
 
+#if defined(HAVE_SSL_CTX_clear_mode) || defined(SSL_CTX_clear_mode)
    /* It seems that OpenSSL-1.1.1 presets the mode differently.
       Without correction socat might hang in SSL_read() */
    {
@@ -1034,6 +1035,7 @@ cont_out:
 	 SSL_CTX_clear_mode(*ctx, SSL_MODE_AUTO_RETRY);
       }
    }
+#endif /* defined(HAVE_SSL_CTX_clear_mode) || defined(SSL_CTX_clear_mode) */
 
    if (opt_cafile != NULL || opt_capath != NULL) {
       if (sycSSL_CTX_load_verify_locations(*ctx, opt_cafile, opt_capath) != 1) {