On Aug 26, 2017, at 18:52, Bob Beck wrote:
With the new define (SMALL_TIME_T) enabled, a 32-bit time_t build
using "openssl s_client -connect" can successfully connect to a
server
and verify its certificate chain when one or more notAfter dates
after
2038 are present.
However, using "nc -c" fails to connect to the same server.
The reason being that libtls also needs to clamp the notAfter date.
I've just committed a change that enables libtls to use it. so
nc and libtls should work on broken computers now.
Thank you. I tried it out by applying it to the LibreSSL portable
tarball (together with the previous change) and it works great.
-Kyle
