2 files changed, 9 insertions, 5 deletions

diff --git a/Cryptlib/OpenSSL/crypto/x509/by_dir.c b/Cryptlib/OpenSSL/crypto/x509/by_dir.c
index b3acd80f..dc2e7df8 100755
--- a/Cryptlib/OpenSSL/crypto/x509/by_dir.c
+++ b/Cryptlib/OpenSSL/crypto/x509/by_dir.c
@@ -92,8 +92,10 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
 static int new_dir(X509_LOOKUP *lu);
 static void free_dir(X509_LOOKUP *lu);
 static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
+#ifndef OPENSSL_NO_STDIO
 static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
 	X509_OBJECT *ret);
+#endif
 X509_LOOKUP_METHOD x509_dir_lookup=
 	{
 	"Load certs from files in a directory",
@@ -102,7 +104,11 @@ X509_LOOKUP_METHOD x509_dir_lookup=
 	NULL, 			/* init */
 	NULL,			/* shutdown */
 	dir_ctrl,		/* ctrl */
+#ifdef OPENSSL_NO_STDIO
+	NULL,			/* get_by_subject */
+#else
 	get_cert_by_subject,	/* get_by_subject */
+#endif
 	NULL,			/* get_by_issuer_serial */
 	NULL,			/* get_by_fingerprint */
 	NULL,			/* get_by_alias */
@@ -242,6 +248,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
 	return(1);
 	}
 
+#ifndef OPENSSL_NO_STDIO
 static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 	     X509_OBJECT *ret)
 	{
@@ -383,3 +390,4 @@ finish:
 	if (b != NULL) BUF_MEM_free(b);
 	return(ok);
 	}
+#endif
diff --git a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c
index af12520f..b87617ac 100755
--- a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c
+++ b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c
@@ -386,11 +386,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
 
 static int check_chain_extensions(X509_STORE_CTX *ctx)
 {
-#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)
-  /* 
-    NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting
-          in Authenticode Signing Certificates. 
-  */
+#ifdef OPENSSL_NO_CHAIN_VERIFY
 	return 1;
 #else
 	int i, ok=0, must_be_ca, plen = 0;