diff --git a/changes/bug17237_027 b/changes/bug17237_027
new file mode 100644
index 0000000000..8448bb052f
--- /dev/null
+++ b/changes/bug17237_027
@@ -0,0 +1,4 @@
+  o Minor features (compilation):
+    - Repair compilation with the most recent (unreleased, alpha)
+      vesions of OpenSSL 1.1. Fixes the 0.2.7-related part of
+      ticket 17237.
diff --git a/changes/bug17251 b/changes/bug17251
new file mode 100644
index 0000000000..edd7739d2f
--- /dev/null
+++ b/changes/bug17251
@@ -0,0 +1,3 @@
+  o Minor bugfixes (compilation):
+    - Fix an integer overflow warning in test_crypto_slow.c.
+      Fixes bug 17251; bugfix on 0.2.7.2-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 59c8f31b77..156750853e 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -78,6 +78,11 @@
 #include "container.h"
 #include <string.h>
 
+#define X509_get_notBefore_const(cert) \
+  ((const ASN1_TIME*) X509_get_notBefore((X509 *)cert))
+#define X509_get_notAfter_const(cert) \
+  ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert))
+
 /* Enable the "v2" TLS handshake.
  */
 #define V2_HANDSHAKE_SERVER
@@ -2136,7 +2141,7 @@ log_cert_lifetime(int severity, const X509 *cert, const char *problem)
   if (!(bio = BIO_new(BIO_s_mem()))) {
     log_warn(LD_GENERAL, "Couldn't allocate BIO!"); goto end;
   }
-  if (!(ASN1_TIME_print(bio, X509_get_notBefore(cert)))) {
+  if (!(ASN1_TIME_print(bio, X509_get_notBefore_const(cert)))) {
     tls_log_errors(NULL, LOG_WARN, LD_NET, "printing certificate lifetime");
     goto end;
   }
@@ -2144,7 +2149,7 @@ log_cert_lifetime(int severity, const X509 *cert, const char *problem)
   s1 = tor_strndup(buf->data, buf->length);
 
   (void)BIO_reset(bio);
-  if (!(ASN1_TIME_print(bio, X509_get_notAfter(cert)))) {
+  if (!(ASN1_TIME_print(bio, X509_get_notAfter_const(cert)))) {
     tls_log_errors(NULL, LOG_WARN, LD_NET, "printing certificate lifetime");
     goto end;
   }
@@ -2306,12 +2311,12 @@ check_cert_lifetime_internal(int severity, const X509 *cert,
   now = time(NULL);
 
   t = now + future_tolerance;
-  if (X509_cmp_time(X509_get_notBefore(cert), &t) > 0) {
+  if (X509_cmp_time(X509_get_notBefore_const(cert), &t) > 0) {
     log_cert_lifetime(severity, cert, "not yet valid");
     return -1;
   }
   t = now - past_tolerance;
-  if (X509_cmp_time(X509_get_notAfter(cert), &t) < 0) {
+  if (X509_cmp_time(X509_get_notAfter_const(cert), &t) < 0) {
     log_cert_lifetime(severity, cert, "already expired");
     return -1;
   }
diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c
index d0f50f83b9..853a08d886 100644
--- a/src/test/test_crypto_slow.c
+++ b/src/test/test_crypto_slow.c
@@ -217,7 +217,7 @@ test_libscrypt_eq_openssl(void *arg)
   memset(buf2,0,64);
 
   N = 1048576;
-  maxmem = 2 * 1024 * 1024 * 1024; // 2 GB
+  maxmem = 2 * 1024 * 1024 * (uint64_t)1024; // 2 GB
 
   libscrypt_retval =
   libscrypt_scrypt((const uint8_t *)"pleaseletmein",