the "edk2" package had a copy of the un-"hobbled" openssl source code. We aren't allowed to distribute that for legal reasons. I've fixed it in an update, and what is done is done, but we should remove the unhobbled openssl-1.0.2g.tar.gz tarball from the lookaside cache.
Let us know if you need anything further on this.
to comment on this ticket.