From 837eff1704d26fb654a964ecea91e268d728fff6 Mon Sep 17 00:00:00 2001 From: Massimiliano Culpo Date: Thu, 31 Mar 2016 18:07:44 +0200 Subject: [PATCH] openssl : special treatment for @external (fixes #647) --- .../repos/builtin/packages/openssl/package.py | 45 ++++++++++++------- 1 file changed, 28 insertions(+), 17 deletions(-) diff --git a/var/spack/repos/builtin/packages/openssl/package.py b/var/spack/repos/builtin/packages/openssl/package.py index 70afaf4038..db66d1f56e 100644 --- a/var/spack/repos/builtin/packages/openssl/package.py +++ b/var/spack/repos/builtin/packages/openssl/package.py @@ -30,26 +30,14 @@ def url_for_version(self, version): # Same idea, but just to avoid issuing the same message multiple times warnings_given_to_user = getattr(Openssl, '_warnings_given', {}) if openssl_url is None: - latest = 'http://www.openssl.org/source/openssl-{version}.tar.gz' - older = 'http://www.openssl.org/source/old/{version_number}/openssl-{version_full}.tar.gz' - # Try to use the url where the latest tarballs are stored. If the url does not exist (404), then - # return the url for older format - version_number = '.'.join([str(x) for x in version[:-1]]) - older_url = older.format(version_number=version_number, version_full=version) - latest_url = latest.format(version=version) - response = urllib.urlopen(latest.format(version=version)) - if response.getcode() == 404: - openssl_url = older_url - # Checks if we already warned the user for this particular version of OpenSSL. - # If not we display a warning message and mark this version + if self.spec.satisfies('@external'): + # The version @external is reserved to system openssl. In that case return a fake url and exit + openssl_url = '@external (reserved version for system openssl)' if not warnings_given_to_user.get(version, False): - tty.warn('This installation depends on an old version of OpenSSL, which may have known security issues. ') - tty.warn('Consider updating to the latest version of this package.') - tty.warn('More details at {homepage}'.format(homepage=Openssl.homepage)) + tty.msg('Using openssl@external : the version @external is reserved for system openssl') warnings_given_to_user[version] = True else: - openssl_url = latest_url - # Store the computed URL + openssl_url = self.check_for_outdated_release(version, warnings_given_to_user) # Store the computed URL openssl_urls[version] = openssl_url # Store the updated dictionary of URLS Openssl._openssl_url = openssl_urls @@ -58,6 +46,29 @@ def url_for_version(self, version): return openssl_url + def check_for_outdated_release(self, version, warnings_given_to_user): + latest = 'http://www.openssl.org/source/openssl-{version}.tar.gz' + older = 'http://www.openssl.org/source/old/{version_number}/openssl-{version_full}.tar.gz' + # Try to use the url where the latest tarballs are stored. If the url does not exist (404), then + # return the url for older format + version_number = '.'.join([str(x) for x in version[:-1]]) + older_url = older.format(version_number=version_number, version_full=version) + latest_url = latest.format(version=version) + response = urllib.urlopen(latest.format(version=version)) + if response.getcode() == 404: + openssl_url = older_url + # Checks if we already warned the user for this particular version of OpenSSL. + # If not we display a warning message and mark this version + if not warnings_given_to_user.get(version, False): + tty.warn( + 'This installation depends on an old version of OpenSSL, which may have known security issues. ') + tty.warn('Consider updating to the latest version of this package.') + tty.warn('More details at {homepage}'.format(homepage=Openssl.homepage)) + warnings_given_to_user[version] = True + else: + openssl_url = latest_url + return openssl_url + def install(self, spec, prefix): # OpenSSL uses a variable APPS in its Makefile. If it happens to be set # in the environment, then this will override what is set in the