With the latest dev-libs/openssl-1.0.2 the new ssl2 USE flag is disabled by default and cmake complains: libcurl.so: undefined reference to `SSLv2_client_method' Rebuilding openssl with ssl2 support fixes the problem. The dependency needs to be specified in the cmake ebuild. (or maybe there is a flag in cmake to disable ssl2 support?) Reproducible: Always
That's a curl problem, not a cmake problem.
*** Bug 537450 has been marked as a duplicate of this bug. ***
+*openssl-1.0.2-r1 (23 Jan 2015) + + 23 Jan 2015; Lars Wendler <polynomial-c@gentoo.org> -openssl-1.0.2.ebuild, + +openssl-1.0.2-r1.ebuild, metadata.xml: + Removed "ssl2" USE flag again. Broke ABI and caused some packages to fail + like curl (bug #537452) and mozilla packages. + Should be fixed by removing the ssl2 USE flag from openssl package. Please re-sync and upgrade openssl to 1.0.2-r1.
*** Bug 537458 has been marked as a duplicate of this bug. ***
*** Bug 537460 has been marked as a duplicate of this bug. ***
The good news is that rebuilding curl fixes most of the issues. Not sure about other revdeps. However, of course this isn't the correct way of doing this. Definitely not USE flag, rather a SONAME bump and subslot. Which means EAPI 5 first. Which should have happened long time ago.
(In reply to Michał Górny from comment #6) > The good news is that rebuilding curl fixes most of the issues. Not sure > about other revdeps. > > However, of course this isn't the correct way of doing this. Definitely not > USE flag, rather a SONAME bump and subslot. Which means EAPI 5 first. Which > should have happened long time ago. is openssl changing its SONAME to reflect the break from the older api, or do we have to push a bug upstream?
*** Bug 537482 has been marked as a duplicate of this bug. ***
be aware openssl will remove SSL2 code for 1.1.0 see: https://github.com/openssl/openssl/blob/master/CHANGES and: https://github.com/openssl/openssl/commit/45f55f6a5bdcec411ef08a6f8aae41d5d3d234ad OpenSSL CHANGES _______________ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] *) SSLv2 support has been removed. It still supports receiving a SSLv2 compatible client hello. [Kurt Roeckx] btw. you may consider also this: *) config has been changed so that by default OPENSSL_NO_DEPRECATED is used. Access to deprecated functions can be re-enabled by running config with "enable-deprecated". In addition applications wishing to use deprecated functions must define OPENSSL_USE_DEPRECATED. Note that this new behaviour will, by default, disable some transitive includes that previously existed in the header files (e.g. ec.h will no longer, by default, include bn.h) [Matt Caswell]
see also curl upstream has been adapting its code to compile w/o ssl2: https://github.com/bagder/curl/commit/577286e0e246c93239726a278cc1cb582b4d19ae