Why does rbenv recommend using openssl@3 with ruby >= 3.1

[joshcooper]

I've tried building ruby 3.1.2 on macOS Catalina using openssl@1.1 from homebrew using:

RUBY_CONFIGURE_OPTS="--disable-install-doc --with-openssl-dir=$(brew --prefix openssl@1.1)" rbenv install 3.1.2

but it always installs openssl 3.0.5 as defined in:

ruby-build/share/ruby-build/3.1.2

Line 1 in 7399e92

install_package "openssl-3.0.5" "https://www.openssl.org/source/openssl-3.0.5.tar.gz#aa7d8d9bef71ad6525c55ba11e5f4397889ce49c2c9349dcea6d3e4f0b024a7a" openssl --if needs_openssl_102_300

It's been recommended to use openssl@3 instead of openssl@1.1, for example:

#1969 (reply in thread)
#2053 (comment)
#2061 (reply in thread)

However, my understanding is ruby >= 3.1 requires the openssl 3.0 gem, but the native extension is compatible with both openssl 1.1.1 and 3.0 libraries. For example, ruby itself builds macOS against openssl@1.1:
https://github.com/ruby/ruby/blob/994b505ffb0bf9eb795525199b47697412a98abb/.github/workflows/macos.yml#L56

So I'm wondering why rbenv doesn't support Ruby 3.1 and openssl@1.1?

[mislav]

Hi, when you pass --with-openssl-dir via RUBY_CONFIGURE_OPTS explicitly like you did, ruby-build should never download
and compile any openssl version for you.

ruby-build/bin/ruby-build

Line 1135 in 55575fd

[[ "$RUBY_CONFIGURE_OPTS" == *--with-openssl-dir=* ]] && return 1

Are you seeing that even though you pass that option, ruby-build downloads and compiles openssl 3.0.5 for you?

[joshcooper]

Thanks @mislav, it's probably user error on my part. I'll try to reproduce and post results or close this.

[joshcooper]

Not sure what the issue was, closing