Build Ruby 2.3 fails due to an openssl error

[Ana06]

I get an openssl error when trying to install Ruby 2.3.X. I have successfully installed 2.4.1, 2.5.5 and 2.6.2. It seems openssl 1.1 doesn't support Ruby < 2.3 but openssl 1.1 is required by ruby-build.

operative system: openSUSE Leap 15.1
openssl version: OpenSSL 1.1.0i-fips 14 Aug 2018
ruby-build version: 20190401
rbenv version: 1.1.1

It may be related to #850

Log rbenv install 2.3.3

compiling ossl_ssl.c
In file included from ossl.h:57:0,
                 from ossl_engine.c:10:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
compiling ossl_pkey_rsa.c
In file included from ossl.h:57:0,
                 from ossl_x509.c:10:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:57:0,
                 from ossl_cipher.c:10:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
linking shared-object gdbm.so
In file included from ossl.h:57:0,
                 from ossl_pkcs12.c:5:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:57:0,
                 from ossl_pkcs5.c:4:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:57:0,
                 from ossl_x509attr.c:10:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:222:0,
                 from ossl_engine.c:10:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_engine.c:10:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
make[2]: *** [Makefile:301: ossl_engine.o] Error 1
make[2]: *** Waiting for unfinished jobs....
In file included from ossl.h:57:0,
                 from ossl_pkey_rsa.c:12:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:57:0,
                 from ossl_ssl.c:12:
/usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software."
 #error "This file is obsolete; please update your software."
  ^~~~~
In file included from ossl.h:222:0,
                 from ossl_x509.c:10:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_x509.c:10:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
make[2]: *** [Makefile:301: ossl_x509.o] Error 1
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/gdbm'
In file included from ossl.h:222:0,
                 from ossl_cipher.c:10:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_cipher.c:10:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
In file included from ../.././include/ruby.h:33:0,
                 from ossl.h:30,
                 from ossl_cipher.c:10:
ossl_cipher.c: In function ‘ossl_cipher_new’:
ossl_cipher.c:17:37: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX {aka struct evp_cipher_ctx_st}’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                                     ^
../.././include/ruby/ruby.h:1603:61: note: in definition of macro ‘RB_ZALLOC_N’
 #define RB_ZALLOC_N(type,n) ((type*)ruby_xcalloc((n),sizeof(type)))
                                                             ^~~~
../.././include/ruby/ruby.h:1610:22: note: in expansion of macro ‘RB_ZALLOC’
 #define ZALLOC(type) RB_ZALLOC(type)
                      ^~~~~~~~~
ossl_cipher.c:17:30: note: in expansion of macro ‘ZALLOC’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                              ^~~~~~
ossl_cipher.c:69:5: note: in expansion of macro ‘AllocCipher’
     AllocCipher(ret, ctx);
     ^~~~~~~~~~~
ossl_cipher.c: In function ‘ossl_cipher_memsize’:
ossl_cipher.c:94:19: error: dereferencing pointer to incomplete type ‘EVP_CIPHER_CTX {aka const struct evp_cipher_ctx_st}’
     return sizeof(*ctx);
                   ^~~~
In file included from ../.././include/ruby.h:33:0,
                 from ossl.h:30,
                 from ossl_cipher.c:10:
ossl_cipher.c: In function ‘ossl_cipher_initialize’:
ossl_cipher.c:17:37: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX {aka struct evp_cipher_ctx_st}’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                                     ^
../.././include/ruby/ruby.h:1603:61: note: in definition of macro ‘RB_ZALLOC_N’
 #define RB_ZALLOC_N(type,n) ((type*)ruby_xcalloc((n),sizeof(type)))
                                                             ^~~~
../.././include/ruby/ruby.h:1610:22: note: in expansion of macro ‘RB_ZALLOC’
 #define ZALLOC(type) RB_ZALLOC(type)
                      ^~~~~~~~~
ossl_cipher.c:17:30: note: in expansion of macro ‘ZALLOC’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                              ^~~~~~
ossl_cipher.c:124:5: note: in expansion of macro ‘AllocCipher’
     AllocCipher(self, ctx);
     ^~~~~~~~~~~
ossl_cipher.c: In function ‘ossl_cipher_copy’:
ossl_cipher.c:17:37: error: invalid application of ‘sizeof’ to incomplete type ‘EVP_CIPHER_CTX {aka struct evp_cipher_ctx_st}’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                                     ^
../.././include/ruby/ruby.h:1603:61: note: in definition of macro ‘RB_ZALLOC_N’
 #define RB_ZALLOC_N(type,n) ((type*)ruby_xcalloc((n),sizeof(type)))
                                                             ^~~~
../.././include/ruby/ruby.h:1610:22: note: in expansion of macro ‘RB_ZALLOC’
 #define ZALLOC(type) RB_ZALLOC(type)
                      ^~~~~~~~~
ossl_cipher.c:17:30: note: in expansion of macro ‘ZALLOC’
     (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
                              ^~~~~~
ossl_cipher.c:152:2: note: in expansion of macro ‘AllocCipher’
  AllocCipher(self, ctx1);
  ^~~~~~~~~~~
make[2]: Entering directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3'
make[2]: warning: -jN forced in submake: disabling jobserver mode.
In file included from nkf.c:62:0:
nkf-utf8/nkf.c: In function ‘module_connection’:
nkf-utf8/nkf.c:5710:5: warning: this ‘if’ clause does not guard... [-Wmisleading-indentation]
     if (nkf_enc_unicode_p(output_encoding))
     ^~
nkf-utf8/nkf.c:5713:2: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the ‘if’
  if (x0201_f == NKF_UNSPECIFIED) {
  ^~
In file included from ossl.h:222:0,
                 from ossl_pkcs12.c:5:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_pkcs12.c:5:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
ossl_cipher.c: In function ‘ossl_cipher_memsize’:
ossl_cipher.c:95:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
make[2]: *** [Makefile:301: ossl_pkcs12.o] Error 1
compiling pathname.c
make[2]: *** [Makefile:301: ossl_cipher.o] Error 1
installing default pathname libraries
In file included from ossl.h:222:0,
                 from ossl_pkcs5.c:4:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_pkcs5.c:4:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
make[2]: *** [Makefile:301: ossl_pkcs5.o] Error 1
nkf-utf8/nkf.c: In function ‘options’:
nkf-utf8/nkf.c:6807:22: warning: this statement may fall through [-Wimplicit-fallthrough=]
      fold_preserve_f = TRUE;
nkf-utf8/nkf.c:6808:2: note: here
  case 'f':   /* folding -f60 or -f */
  ^~~~
In file included from ossl.h:222:0,
                 from ossl_x509attr.c:10:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_x509attr.c:10:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
ossl_x509attr.c: In function ‘ossl_x509attr_set_value’:
ossl_x509attr.c:206:12: error: dereferencing pointer to incomplete type ‘X509_ATTRIBUTE {aka struct x509_attributes_st}’
     if(attr->value.set){
            ^~
In file included from ossl.h:222:0,
                 from ossl_pkey_rsa.c:12:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_pkey_rsa.c:12:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
ossl_pkey_rsa.c: In function ‘ossl_rsa_new’:
ossl_pkey_rsa.c:65:24: error: dereferencing pointer to incomplete type ‘EVP_PKEY {aka struct evp_pkey_st}’
  if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) {
                        ^~
ossl_pkey_rsa.c: In function ‘rsa_generate’:
ossl_pkey_rsa.c:103:14: error: storage size of ‘cb’ isn’t known
     BN_GENCB cb;
              ^~
ossl_pkey_rsa.c:103:14: warning: unused variable ‘cb’ [-Wunused-variable]
ossl_pkey_rsa.c: In function ‘ossl_rsa_is_private’:
ossl_pkey_rsa.c:291:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
make[2]: *** [Makefile:301: ossl_pkey_rsa.o] Error 1
In file included from ossl.h:222:0,
                 from ossl_ssl.c:12:
openssl_missing.h:78:35: error: macro "EVP_MD_CTX_create" passed 1 arguments, but takes just 0
 EVP_MD_CTX *EVP_MD_CTX_create(void);
                                   ^
In file included from /usr/include/openssl/x509.h:23:0,
                 from /usr/include/openssl/x509v3.h:14,
                 from ossl.h:58,
                 from ossl_ssl.c:12:
openssl_missing.h:82:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
      ^
openssl_missing.h:90:6: error: expected declaration specifiers or ‘...’ before ‘(’ token
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
      ^
ossl_ssl.c:90:5: warning: ‘TLSv1_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1632:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_method(void)) /* TLSv1.0 */
 ^
ossl_ssl.c:91:5: warning: ‘TLSv1_server_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_server),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1633:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_server_method(void)) /* TLSv1.0 */
 ^
ossl_ssl.c:92:5: warning: ‘TLSv1_client_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_client),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1634:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_client_method(void)) /* TLSv1.0 */
 ^
ossl_ssl.c:95:5: warning: ‘TLSv1_2_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_2),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1644:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_method(void)) /* TLSv1.2 */
 ^
ossl_ssl.c:96:5: warning: ‘TLSv1_2_server_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_2_server),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1645:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_server_method(void)) /* TLSv1.2 */
 ^
ossl_ssl.c:97:5: warning: ‘TLSv1_2_client_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_2_client),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1646:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_client_method(void)) /* TLSv1.2 */
 ^
ossl_ssl.c:101:5: warning: ‘TLSv1_1_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_1),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1638:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_method(void)) /* TLSv1.1 */
 ^
ossl_ssl.c:102:5: warning: ‘TLSv1_1_server_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_1_server),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1639:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_server_method(void)) /* TLSv1.1 */
 ^
ossl_ssl.c:103:5: warning: ‘TLSv1_1_client_method’ is deprecated [-Wdeprecated-declarations]
     OSSL_SSL_METHOD_ENTRY(TLSv1_1_client),
     ^~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/e_os2.h:13:0,
                 from /usr/include/openssl/err.h:13,
                 from ossl.h:56,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:1640:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_client_method(void)) /* TLSv1.1 */
 ^
ossl_ssl.c: In function ‘ossl_sslctx_free’:
ossl_ssl.c:132:5: error: dereferencing pointer to incomplete type ‘SSL_CTX {aka struct ssl_ctx_st}’
  ctx->cert_store = NULL;
     ^~
In file included from nkf.c:62:0:
nkf-utf8/nkf.c: In function ‘set_input_encoding’:
nkf-utf8/nkf.c:1238:5: warning: this statement may fall through [-Wimplicit-fallthrough=]
  if (x0201_f == NKF_UNSPECIFIED) x0201_f = FALSE; /* -x specified implicitly */
     ^
nkf-utf8/nkf.c:1239:5: note: here
     case CP50220:
     ^~~~
ossl_x509attr.c: In function ‘ossl_x509attr_get_value’:
ossl_x509attr.c:238:11: warning: implicit declaration of function ‘i2d_ASN1_SET_OF_ASN1_TYPE’; did you mean ‘i2d_ASN1_SET_ANY’? [-Wimplicit-function-declaration]
  length = i2d_ASN1_SET_OF_ASN1_TYPE(attr->value.set,
           ^~~~~~~~~~~~~~~~~~~~~~~~~
           i2d_ASN1_SET_ANY
ossl_ssl.c: In function ‘ossl_call_tmp_dh_callback’:
ossl_ssl.c:246:27: error: dereferencing pointer to incomplete type ‘EVP_PKEY {aka struct evp_pkey_st}’
     if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DH) return Qfalse;
                           ^~
ossl_ssl.c: In function ‘ossl_sslctx_session_new_cb’:
ossl_ssl.c:387:5: warning: implicit declaration of function ‘CRYPTO_add’; did you mean ‘CRYPTO_free’? [-Wimplicit-function-declaration]
     CRYPTO_add(&sess->references, 1, CRYPTO_LOCK_SSL_SESSION);
     ^~~~~~~~~~
     CRYPTO_free
ossl_ssl.c:387:21: error: dereferencing pointer to incomplete type ‘SSL_SESSION {aka struct ssl_session_st}’
     CRYPTO_add(&sess->references, 1, CRYPTO_LOCK_SSL_SESSION);
                     ^~
make[2]: *** [Makefile:301: ossl_x509attr.o] Error 1
ossl_ssl.c:387:38: error: ‘CRYPTO_LOCK_SSL_SESSION’ undeclared (first use in this function); did you mean ‘CRYPTO_EX_INDEX_SSL_SESSION’?
     CRYPTO_add(&sess->references, 1, CRYPTO_LOCK_SSL_SESSION);
                                      ^~~~~~~~~~~~~~~~~~~~~~~
                                      CRYPTO_EX_INDEX_SSL_SESSION
ossl_ssl.c:387:38: note: each undeclared identifier is reported only once for each function it appears in
ossl_ssl.c: In function ‘ossl_sslctx_session_remove_cb’:
ossl_ssl.c:436:38: error: ‘CRYPTO_LOCK_SSL_SESSION’ undeclared (first use in this function); did you mean ‘CRYPTO_EX_INDEX_SSL_SESSION’?
     CRYPTO_add(&sess->references, 1, CRYPTO_LOCK_SSL_SESSION);
                                      ^~~~~~~~~~~~~~~~~~~~~~~
                                      CRYPTO_EX_INDEX_SSL_SESSION
ossl_ssl.c: In function ‘ssl_info_cb’:
ossl_ssl.c:644:17: warning: implicit declaration of function ‘SSL_state’; did you mean ‘SSL_write’? [-Wimplicit-function-declaration]
     int state = SSL_state(ssl);
                 ^~~~~~~~~
                 SSL_write
ossl_ssl.c: In function ‘ossl_sslctx_setup’:
ossl_ssl.c:715:2: warning: implicit declaration of function ‘SSL_CTX_set_tmp_ecdh_callback’; did you mean ‘SSL_CTX_set_tmp_dh_callback’? [-Wimplicit-function-declaration]
  SSL_CTX_set_tmp_ecdh_callback(ctx, ossl_tmp_ecdh_callback);
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  SSL_CTX_set_tmp_dh_callback
ossl_ssl.c:835:31: warning: passing argument 2 of ‘SSL_CTX_sess_set_get_cb’ from incompatible pointer type [-Wincompatible-pointer-types]
  SSL_CTX_sess_set_get_cb(ctx, ossl_sslctx_session_get_cb);
                               ^~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ossl.h:59:0,
                 from ossl_ssl.c:12:
/usr/include/openssl/ssl.h:647:6: note: expected ‘SSL_SESSION * (*)(struct ssl_st *, const unsigned char *, int,  int *) {aka struct ssl_session_st * (*)(struct ssl_st *, const unsigned char *, int,  int *)}’ but argument is of type ‘SSL_SESSION * (*)(SSL *, unsigned char *, int,  int *) {aka struct ssl_session_st * (*)(struct ssl_st *, unsigned char *, int,  int *)}’
 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
      ^~~~~~~~~~~~~~~~~~~~~~~
ossl_ssl.c: In function ‘ossl_sslctx_get_ciphers’:
ossl_ssl.c:902:16: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
         cipher = sk_SSL_CIPHER_value(ciphers, i);
                ^
ossl_ssl.c: In function ‘ossl_ssl_write_internal’:
ossl_ssl.c:1557:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
   if (errno) rb_sys_fail(0);
      ^
ossl_ssl.c:1558:6: note: here
      default:
      ^~~~~~~
ossl_ssl.c: In function ‘ossl_tmp_ecdh_callback’:
ossl_ssl.c:299:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
ossl_ssl.c: In function ‘ossl_tmp_dh_callback’:
ossl_ssl.c:265:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
make[2]: *** [Makefile:301: ossl_ssl.o] Error 1
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/openssl'
make[1]: *** [exts.mk:209: ext/openssl/all] Error 2
make[1]: *** Waiting for unfinished jobs....
linking shared-object json/ext/parser.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/json/parser'
linking shared-object objspace.so
linking shared-object json/ext/generator.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/objspace'
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/json/generator'
linking shared-object pathname.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/pathname'
linking shared-object bigdecimal.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/bigdecimal'
linking shared-object date_core.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/date'
linking shared-object nkf.so
make[2]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3/ext/nkf'
make[1]: Leaving directory '/tmp/ruby-build.20190721184856.920/ruby-2.3.3'
make: *** [uncommon.mk:203: build-ext] Error 2

[hsbt]

Ruby 2.3 didn't support OpenSSL 1.1.x. and it's already EOL status.

openssl 1.1 is required by ruby-build.

I'm not sure what means this. The definition of ruby-build for Ruby 2.3 uses openssl-1.0.x: https://github.com/rbenv/ruby-build/blob/master/share/ruby-build/2.3.8#L1

[Ana06]

The ruby-build openSUSE package requires libopenssl-devel 1.1 (which requires libopenssl 1.0) , which I assume makes that ruby-build fails to install openssl 1.0 and consequently the installation of Ruby 2.3 fails.

I have removed this requirement in the openSUSE ruby-build package and installed libopenssl-devel 1.0 (which requires libopenssl 1.0) and this new version of ruby-build. In this way I can install Ruby 2.3 and previous Ruby versions.

I am not sure if there is a nice way to fix this problem apart of what I did (which is not really nice and uses a modified package). I know Ruby 2.3 is already in EOL status, but it is still used in many places, such as programming challenges like Google Code Jam and Hacker Earth (for those kind of things I find ruby-build + rbenv really useful).

[deathwish]

I'm not sure what means this. The definition of ruby-build for Ruby 2.3 uses openssl-1.0.x:

Presently, it only uses local openssl-1.0 on OS X, because the check --if has_broken_mac_openssl predictably only applies on OS X. Commenting out the check and replacing the OS X specific commands to copy system certs in build_package_mac_openssl with cert.pem that I managed to scrounge up appears to work..

[mislav]

I'm sorry you had trouble. Building older versions of Ruby is often hard.

We do not publish linux packages for ruby-build, so we can't control what people list as dependencies in those packags. If a package declares openssl as a dependency, it's quite likely that the wrong openssl version will be used when installing Ruby 2.3 or older.

To ensure that the proper openssl version gets used when building any version of Ruby on linux:

1. Make sure the appropriate version of openssl is installed on the system (1.1 for Ruby >= 2.4, 1.0 for older rubies);
2. Point to the location of that version by using RUBY_CONFIGURE_OPTS=--with-openssl-dir=/path/to/openssl.

Unfortunately, we are choosing to not automatically handle any of this in ruby-build because building openssl on linux is complex and best left to the user.

[deathwish]

Thanks for following up. Unlike the original bug, I am not using a packaged version of ruby-build, and am on Debian rather than Suse. This issue shows up on Google, so I felt some commentary would be useful to anyone else finding it as I did.

It is not possible for a package to pull in both OpenSSL 1.1 and 1.0 headers as, unlike the library files, these share a path. As numerous libraries now depend on 1.1, swapping which header package is installed (as I have done in the past) is rather unpleasant, and (ab)using the existing installation script as described is relatively simpler than figuring out my own steps for building a copy of 1.0 someplace and linking it.

I figured I'd document this possibility for myself/anyone else who comes across this issue.

[mt-ftooth]

1. Make sure the appropriate version of openssl is installed on the system (1.1 for Ruby >= 2.4, 1.0 for older rubies);

2. Point to the location of that version by using `RUBY_CONFIGURE_OPTS=--with-openssl-dir=/path/to/openssl`.

I've been trying this method and can't get it to work, I've got my 1.0.2u version in /usr/local/ssl and my environment variable RUBY_CONFIGURE_OPTS as --with-openssl-dir=/usr/local/ssl. This is defined in /etc/environment as RUBY_CONFIGURE_OPTS=--with-openssl-dir=/usr/local/ssl and checked using echo $RUBY_CONFIGURE_OPTS

But the build process seems to insist on using the version in /usr/include according to the log file:

compiling ossl_engine.c In file included from ossl.h:57:0, from ossl_pkey_rsa.c:12: /usr/include/openssl/asn1_mac.h:10:2: error: #error "This file is obsolete; please update your software." #error "This file is obsolete; please update your software."

Any help or pointers would be appreciated :)

[mt-ftooth]

Resolved, simplest method was to install RVM (https://rvm.io/) and run rvm install 2.3.3 in the repo.
It will resolve the openssl conflicts on your behalf and then you can procceed to run rbenv install 2.3.3 without issue.

[mislav]

This is defined in /etc/environment as RUBY_CONFIGURE_OPTS=--with-openssl-dir=/usr/local/ssl and checked using echo $RUBY_CONFIGURE_OPTS

@mt-ftooth Unless you had export RUBY_CONFIGURE_OPTS=... in your /etc/environment, the RUBY_CONFIGURE_OPTS was not made available to ruby-build process. Unless you are specifying RUBY_CONFIGURE_OPTS on the same line as invoking ruby-build, make sure you export the variable so it can be available to sub-processes of your shell.

But I'm glad you found a workaround! 🙌

[tpo]

This solved it for me on Ubuntu 20.04

[ghost]

RUBY_CONFIGURE_OPTS

seems very strange.
Why are you not simply allowing this to be used in the normal way eg.
configure --with-openssl-dir=/usr/local/ssl