On Wed, Oct 26, 2016 at 11:29:46AM -0700, Stefano Rivera wrote: > Hi Kurt (2016.10.26_10:50:40_-0700) > > severity 828517 serious > > FYI, I chatted about this with the upstream core developers, last month. > They're estimating that it's 3 months' work, and haven't started on it, > yet. (The OpenSSL binding needs to be entirely re-implemented to support > the now opaque data structures.) So I have a pretty low expectation of > this happening in time.
I'll be providing an openssl1.0.2-dev pacakge for those cases. Having really no idea what you're talking about, the cases that are problematic is that they created a function like "rsa_set_p" and we have a function RSA_set0_factors() that allows to set p but you need to pass q at the same time and it's not allowed to set it to NULL. About everything else is trivial to do and clearly doesn't take 3 months. Kurt
