1 files changed, 30 insertions, 17 deletions

diff --git a/var/spack/repos/builtin/packages/openssl/package.py b/var/spack/repos/builtin/packages/openssl/package.py
index 70afaf4038..d0c95731a2 100644
--- a/var/spack/repos/builtin/packages/openssl/package.py
+++ b/var/spack/repos/builtin/packages/openssl/package.py
@@ -3,6 +3,7 @@ import llnl.util.tty as tty
 
 from spack import *
 
+
 class Openssl(Package):
     """The OpenSSL Project is a collaborative effort to develop a
        robust, commercial-grade, full-featured, and Open Source
@@ -14,10 +15,12 @@ class Openssl(Package):
 
     version('1.0.1h', '8d6d684a9430d5cc98a62a5d8fbda8cf')
     version('1.0.1r', '1abd905e079542ccae948af37e393d28')
+    version('1.0.1t', '9837746fcf8a6727d46d22ca35953da1')
     version('1.0.2d', '38dd619b2e77cbac69b99f52a053d25a')
     version('1.0.2e', '5262bfa25b60ed9de9f28d5d52d77fc5')
     version('1.0.2f', 'b3bf73f507172be9292ea2a8c28b659d')
     version('1.0.2g', 'f3c710c045cdee5fd114feb69feba7aa')
+    version('1.0.2h', '9392e65072ce4b614c1392eefc1f23d0')
 
     depends_on("zlib")
     parallel = False
@@ -30,26 +33,14 @@ class Openssl(Package):
         # Same idea, but just to avoid issuing the same message multiple times
         warnings_given_to_user = getattr(Openssl, '_warnings_given', {})
         if openssl_url is None:
-            latest = 'http://www.openssl.org/source/openssl-{version}.tar.gz'
-            older = 'http://www.openssl.org/source/old/{version_number}/openssl-{version_full}.tar.gz'
-            # Try to use the url where the latest tarballs are stored. If the url does not exist (404), then
-            # return the url for older format
-            version_number = '.'.join([str(x) for x in version[:-1]])
-            older_url = older.format(version_number=version_number, version_full=version)
-            latest_url = latest.format(version=version)
-            response = urllib.urlopen(latest.format(version=version))
-            if response.getcode() == 404:
-                openssl_url = older_url
-                # Checks if we already warned the user for this particular version of OpenSSL.
-                # If not we display a warning message and mark this version
+            if self.spec.satisfies('@external'):
+                # The version @external is reserved to system openssl. In that case return a fake url and exit
+                openssl_url = '@external (reserved version for system openssl)'
                 if not warnings_given_to_user.get(version, False):
-                    tty.warn('This installation depends on an old version of OpenSSL, which may have known security issues. ')
-                    tty.warn('Consider updating to the latest version of this package.')
-                    tty.warn('More details at {homepage}'.format(homepage=Openssl.homepage))
+                    tty.msg('Using openssl@external : the version @external is reserved for system openssl')
                     warnings_given_to_user[version] = True
             else:
-                openssl_url = latest_url
-            # Store the computed URL
+                openssl_url = self.check_for_outdated_release(version, warnings_given_to_user)  # Store the computed URL
             openssl_urls[version] = openssl_url
             # Store the updated dictionary of URLS
             Openssl._openssl_url = openssl_urls
@@ -58,6 +49,28 @@ class Openssl(Package):
 
         return openssl_url
 
+    def check_for_outdated_release(self, version, warnings_given_to_user):
+        latest = 'ftp://ftp.openssl.org/source/openssl-{version}.tar.gz'
+        older = 'http://www.openssl.org/source/old/{version_number}/openssl-{version_full}.tar.gz'
+        # Try to use the url where the latest tarballs are stored. If the url does not exist (404), then
+        # return the url for older format
+        version_number = '.'.join([str(x) for x in version[:-1]])
+        try:
+            openssl_url = latest.format(version=version)
+            urllib.urlopen(openssl_url)
+        except IOError:
+            openssl_url = older.format(version_number=version_number, version_full=version)
+            # Checks if we already warned the user for this particular version of OpenSSL.
+            # If not we display a warning message and mark this version
+            if not warnings_given_to_user.get(version, False):
+                tty.warn(
+                    'This installation depends on an old version of OpenSSL, which may have known security issues. ')
+                tty.warn('Consider updating to the latest version of this package.')
+                tty.warn('More details at {homepage}'.format(homepage=Openssl.homepage))
+                warnings_given_to_user[version] = True
+
+        return openssl_url
+
     def install(self, spec, prefix):
         # OpenSSL uses a variable APPS in its Makefile. If it happens to be set
         # in the environment, then this will override what is set in the