Support OpenSSL 1.1.0

Makefile

@@ -292,6 +292,22 @@ ifeq ($(runtime-bitcode),yes)
   endif
 endif
 
+# Set default openssl version
+ifdef default_openssl
+  ifeq ("openssl_0.9.0","$(default_openssl)")
+    default_openssl_valid:=ok
+  endif
+  ifeq ("openssl_1.1.0","$(default_openssl)")
+    default_openssl_valid:=ok
+  endif
+  ifeq (ok,$(default_openssl_valid))
+    $(warning default_openssl is $(default_openssl))
+  else
+    $(error default_openssl=$(default_openssl) is invalid, expecting one of openssl_0.9.0 or openssl_1.1.0)
+  endif
+  BUILD_FLAGS += -DPONY_DEFAULT_OPENSSL=\"$(default_openssl)\"
+endif
+
 makefile_abs_path := $(realpath $(lastword $(MAKEFILE_LIST)))
 packages_abs_src := $(shell dirname $(makefile_abs_path))/packages
 
@@ -491,11 +507,17 @@ ifeq ($(OSTYPE), linux)
   libponyrt-pic.buildoptions-ll += -relocation-model=pic
 endif
 
-# default enable PIC compiling if requested
+# Set default PIC for compiling if requested
 ifdef default_pic
-  libponyrt.buildoptions += -fpic
-  libponyrt.buildoptions-ll += -relocation-model=pic
-  BUILD_FLAGS += -DPONY_DEFAULT_PIC=true
+  ifeq (true,$(default_pic))
+    libponyrt.buildoptions += -fpic
+    libponyrt.buildoptions-ll += -relocation-model=pic
+    BUILD_FLAGS += -DPONY_DEFAULT_PIC=true
+  else
+    ifneq (false,$(default_pic))
+      $(error default_pic must be true or false)
+    endif
+  endif
 endif
 
 # target specific disabling of build options
@@ -995,6 +1017,13 @@ help:
 	@echo '  native (default)'
 	@echo '  [any compiler supported architecture]'
 	@echo
+	@echo 'Compile time default options:'
+	@echo '  default_pic=true     Make --pic the default'
+	@echo '  default_openssl=Name Make Name the default openssl version'
+	@echo '                       where Name is one of:'
+	@echo '                         openssl_0.9.0'
+	@echo '                         openssl_1.1.0'
+	@echo
 	@echo 'USE OPTIONS:'
 	@echo '   valgrind'
 	@echo '   pooltrack'

README.md

@@ -7,6 +7,7 @@ We have a couple resources designed to help you learn, we suggest starting with
 * [Tutorial](http://tutorial.ponylang.org).
 * [Pony Patterns](http://patterns.ponylang.org) cookbook is in progress
 * [Standard library docs](http://stdlib.ponylang.org/).
+* [Build Problems, see FAQ Compiling](https://www.ponylang.org/faq/#compiling).
 
 If you are looking for an answer "right now", we suggest you give our IRC channel a try. It's #ponylang on Freenode. If you ask a question, be sure to hang around until you get an answer. If you don't get one, or IRC isn't your thing, we have a friendly mailing list you can try. Whatever your question is, it isn't dumb, and we won't get annoyed.
 
@@ -40,6 +41,8 @@ If you want a quick way to test or run code, checkout the [Playground](https://p
 
 # Installation
 
+Pony supports LLVM 3.9 and on an experimental basis it supports LLVM 4.0 and 5.0. In addition, support for OpenSSL 1.1.0 was recently added for systems such as the Debian Stretch and Arch Linux, see [FAQ Compiling](https://www.ponylang.org/faq/#compiling) for additional information.
+
 ## Using Docker
 
 Want to use the latest revision of Pony source, but don't want to build from source yourself? You can run the `ponylang/ponyc` Docker container, which is created from an automated build at each commit to master.
@@ -177,38 +180,6 @@ sudo apt-get update
 sudo apt-get -V install ponyc
 ```
 
-## Arch Linux
-
-Currently the ponyc package in Arch does not work because
-Arch is using LLVM 5 and ponyc requires LLVM 3.9.
-
-There is experimental support for building from source with LLVM 5.0.0,
-but this may cause decreased performance or crashes in generated
-applications.
-
-Using [Docker](#using-docker) is one choice, another is to
-use [ponyc-rpm](https://aur.archlinux.org/packages/ponyc-rpm/)
-
-### ponyc-rpm
-#### Prerequisites: `git` and `rpmextract`
-```
-sudo pacman -Syu git rpmextract
-```
-#### Instructions:
-Clone the repo, change directory to the repo, run `makepkg -si`
-or use your favorite AUR package manager.
-```
-git clone https://aur.archlinux.org/ponyc-rpm.git
-cd ponyc-rpm
-makepkg -si
-```
-
-#### Ponyc Usage
-You must pass the `--pic` parameter to ponyc on Arch Linux
-```
-ponyc --pic
-```
-
 ## Gentoo Linux
 
 ```bash
@@ -293,30 +264,19 @@ git clone git://github.com/ponylang/ponyc
 
 ### Arch
 
-```
-pacman -S llvm make ncurses openssl pcre2 zlib
-```
-
-To build ponyc and compile helloworld:
+Install pony dependencies:
 
-```bash
-make
-./build/release/ponyc examples/helloworld
 ```
-
-If you get errors like
-
-```bash
-/usr/bin/ld.gold: error: ./fb.o: requires dynamic R_X86_64_32 reloc against
- 'Array_String_val_Trace' which may overflow at runtime; recompile with -fPIC
+pacman -S llvm make ncurses openssl pcre2 zlib
 ```
 
-You need to rebuild `ponyc` with `default_pic=true`
+To build ponyc and compile and helloworld:
 
 ```bash
-make clean
-make default_pic=true
+cd ~/ponyc/
+make default_pic=true default_openssl='openssl_1.1.0'
 ./build/release/ponyc examples/helloworld
+./helloworld
 ```
 
 ### Debian Jessie

packages/crypto/digest.pony

@@ -18,55 +18,83 @@ class Digest
     Use the MD5 algorithm to calculate the hash.
     """
     _digest_size = 16
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_md5[Pointer[_EVPMD]](), USize(0))
 
   new ripemd160() =>
     """
     Use the RIPEMD160 algorithm to calculate the hash.
     """
     _digest_size = 20
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_ripemd160[Pointer[_EVPMD]](), USize(0))
 
   new sha1() =>
     """
     Use the SHA1 algorithm to calculate the hash.
     """
     _digest_size = 20
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_sha1[Pointer[_EVPMD]](), USize(0))
 
   new sha224() =>
     """
     Use the SHA256 algorithm to calculate the hash.
     """
     _digest_size = 28
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_sha224[Pointer[_EVPMD]](), USize(0))
 
   new sha256() =>
     """
     Use the SHA256 algorithm to calculate the hash.
     """
     _digest_size = 32
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_sha256[Pointer[_EVPMD]](), USize(0))
 
   new sha384() =>
     """
     Use the SHA384 algorithm to calculate the hash.
     """
     _digest_size = 48
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_sha384[Pointer[_EVPMD]](), USize(0))
 
   new sha512() =>
     """
     Use the SHA512 algorithm to calculate the hash.
     """
     _digest_size = 64
-    _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    ifdef "openssl_1.1.0" then
+      _ctx = @EVP_MD_CTX_new[Pointer[_EVPCTX]]()
+    else
+      _ctx = @EVP_MD_CTX_create[Pointer[_EVPCTX]]()
+    end
     @EVP_DigestInit_ex[None](_ctx, @EVP_sha512[Pointer[_EVPMD]](), USize(0))
 
   fun ref append(input: ByteSeq) ? =>
@@ -90,7 +118,11 @@ class Digest
           @pony_alloc[Pointer[U8]](@pony_ctx[Pointer[None] iso](), size), size)
         end
       @EVP_DigestFinal_ex[None](_ctx, digest.cpointer(), Pointer[USize])
-      @EVP_MD_CTX_cleanup[None](_ctx)
+      ifdef "openssl_1.1.0" then
+        @EVP_MD_CTX_free[None](_ctx)
+      else
+        @EVP_MD_CTX_cleanup[None](_ctx)
+      end
       let h = (consume digest).array()
       _hash = h
       h

packages/net/ssl/_ssl_init.pony

@@ -2,12 +2,30 @@ use "path:/usr/local/opt/libressl/lib" if osx
 use "lib:ssl"
 use "lib:crypto"
 
+use @OPENSSL_init_ssl[I32](opts: U64, settings: Pointer[_OpenSslInitSettings])
+use @OPENSSL_INIT_new[Pointer[_OpenSslInitSettings]]()
+
+primitive _OpenSslInitSettings
+
+// From https://github.com/ponylang/ponyc/issues/330
+primitive _OpenSslInitNoLoadSslStrings    fun val apply(): U64 => 0x00100000
+primitive _OpenSslInitLoadSslStrings      fun val apply(): U64 => 0x00200000
+primitive _OpenSslInitNoLoadCryptoStrings fun val apply(): U64 => 0x00000001
+primitive _OpenSslInitLoadCryptoStrings   fun val apply(): U64 => 0x00000002
+
 primitive _SSLInit
   """
   This initialises SSL when the program begins.
   """
   fun _init() =>
-    @SSL_load_error_strings[None]()
-    @SSL_library_init[I32]()
-    let cb = @ponyint_ssl_multithreading[Pointer[U8]](@CRYPTO_num_locks[I32]())
-    @CRYPTO_set_locking_callback[None](cb)
+    ifdef "openssl_1.1.0" then
+      let settings = @OPENSSL_INIT_new()
+      @OPENSSL_init_ssl(_OpenSslInitLoadSslStrings.apply()
+          + _OpenSslInitLoadCryptoStrings.apply(), settings)
+    else
+      @SSL_load_error_strings[None]()
+      @SSL_library_init[I32]()
+      let cb =
+        @ponyint_ssl_multithreading[Pointer[U8]](@CRYPTO_num_locks[I32]())
+      @CRYPTO_set_locking_callback[None](cb)
+    end

packages/net/ssl/_ssl_versions.pony

@@ -0,0 +1,4 @@
+primitive _SslCtrlSetMinProtoVersion        fun val apply(): I32 => 123
+primitive _SslCtrlSetMaxProtoVersion        fun val apply(): I32 => 124
+primitive _SslCtrlGetMinProtoVersion        fun val apply(): I32 => 130
+primitive _SslCtrlGetMaxProtoVersion        fun val apply(): I32 => 131