On 30/04/2014 4:23 AM, Blibbet wrote: > The TianoCore.org project maintains a patch of OpenSSL (0.9x, not 1.x). > https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt > > > BTW, it's a shame that OpenSSL doesn't integrate that patch, and have > some UEFI-targetting compiler directive to integrate it.
https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch If you read through the patch you'll quickly see why in its present form it is unsuitable for integration. e.g. globally changing SMIME across from sha1 to sha256 isn't something a user would expect to see nor would a global disabling of all time based checking for certificate validity periods. I also haven't seen any RT issue matching this raised - perhaps it was somewhat indirect. But if anyone from the TianoCore project is interested in engaging on working through this issue then they should open an RT item so it can be tracked. Tim. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org