From 62553e752108d33ed8f3ed097c4ee2f0793cf3f4 Mon Sep 17 00:00:00 2001
From: Tom Scogland <scogland1@llnl.gov>
Date: Fri, 22 Apr 2022 04:51:18 -0700
Subject: openssl: exclude more dangerous environment variables (#30208)

* pkg/openssl: blacklist more dangerous environment variables

* fix style
---
 var/spack/repos/builtin/packages/openssl/package.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'var')

diff --git a/var/spack/repos/builtin/packages/openssl/package.py b/var/spack/repos/builtin/packages/openssl/package.py
index 11bf8c6a07..8206d9a780 100644
--- a/var/spack/repos/builtin/packages/openssl/package.py
+++ b/var/spack/repos/builtin/packages/openssl/package.py
@@ -119,10 +119,11 @@ class Openssl(Package):   # Uses Fake Autotools, should subclass Package
                  "insecure. Consider updating to the latest OpenSSL version.")
 
     def install(self, spec, prefix):
-        # OpenSSL uses a variable APPS in its Makefile. If it happens to be set
-        # in the environment, then this will override what is set in the
-        # Makefile, leading to build errors.
-        env.pop('APPS', None)
+        # OpenSSL uses these variables in its Makefile or config scripts. If any of them
+        # happen to be set in the environment, then this will override what is set in
+        # the script or Makefile, leading to build errors.
+        for v in ('APPS', 'BUILD', 'RELEASE', 'MACHINE', 'SYSTEM'):
+            env.pop(v, None)
 
         if str(spec.target.family) in ('x86_64', 'ppc64'):
             # This needs to be done for all 64-bit architectures (except Linux,
-- 
cgit v1.2.3-60-g2f50