Remove "experimental" in code and comments, too.

Thanks to Viktor for additional review. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-10 11:10:39 -05:00 · 2016-02-10 11:10:39 -05:00 · e4ef2e25f1
parent 4418e0302f
commit e4ef2e25f1
8 changed files with 41 additions and 102 deletions
--- a/Configurations/90-team.conf
+++ b/Configurations/90-team.conf
@ -65,7 +65,7 @@
    },
    "debug-linux-ia32-aes" => {
        cc               => "gcc",
-        cflags           => "-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall",
+        cflags           => "-DL_ENDIAN -O3 -fomit-frame-pointer -Wall",
        thread_cflag     => "-D_REENTRANT",
        ex_libs          => "-ldl",
        bn_ops           => "BN_LLONG",
--- a/104
+++ b/104
@ -15,7 +15,7 @@ use File::Path qw/mkpath/;
 # see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
 # Options:
 #
@ -327,7 +327,7 @@ foreach my $proto ((@tls, @dtls))
 # All of the following is disabled by default (RC5 was enabled before 0.9.8):
-my %disabled = ( # "what"         => "comment" [or special keyword "experimental"]
+my %disabled = ( # "what"         => "comment"
 		 "ec_nistp_64_gcc_128" => "default",
 		 "egd"            => "default",
 		 "md2"            => "default",
@ -340,7 +340,6 @@ my %disabled = ( # "what"         => "comment" [or special keyword "experimental
 		 "crypto-mdebug"  => "default",
 		 "heartbeats"     => "default",
 	       );
 my @experimental = ();
 # Note: => pair form used for aesthetics, not to truly make a hash table
 my @disable_cascades = (
@ -410,13 +409,9 @@ my @default_depdefines =
    sort keys %disabled;
 # Explicit "no-..." options will be collected in %disabled along with the defaults.
-# To remove something from %disabled, use "enable-foo" (unless it's experimental).
+# To remove something from %disabled, use "enable-foo".
 # For symmetry, "disable-foo" is a synonym for "no-foo".
 # For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
 # We will collect such requests in @experimental.
 # To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
 my @generated_headers = (
    "include/openssl/opensslconf.h",
    "crypto/include/internal/bn_conf.h"
@ -435,7 +430,6 @@ my $user_cflags="";
 my @user_defines=();
 my $unified = 0;
 $config{depdefines}=[];
 $config{openssl_experimental_defines}=[];
 $config{openssl_api_defines}=[];
 $config{openssl_algorithm_defines}=[];
 $config{openssl_thread_defines}=[];
@ -518,7 +512,7 @@ foreach (@argvcopy)
 	s /^zlib$/enable-zlib/;
 	s /^zlib-dynamic$/enable-zlib-dynamic/;
-        if (/^(no|disable|enable|experimental)-(.+)$/)
+        if (/^(no|disable|enable)-(.+)$/)
 		{
 		my $word = $2;
 		if (!grep { $word =~ /^${_}$/ } @disablables)
@ -529,52 +523,43 @@ foreach (@argvcopy)
 		}
 	if (/^no-(.+)$/ || /^disable-(.+)$/)
 		{
-		if (!($disabled{$1} eq "experimental"))
+                foreach my $proto ((@tls, @dtls))
-			{
+                        {
-			foreach my $proto ((@tls, @dtls))
+                        if ($1 eq "$proto-method")
-				{
+                                {
-				if ($1 eq "$proto-method")
+                                $disabled{"$proto"} = "option($proto-method)";
-					{
+                                last;
-					$disabled{"$proto"} = "option($proto-method)";
+                                }
-					last;
+                        }
-					}
+                if ($1 eq "dtls")
-				}
+                        {
-			if ($1 eq "dtls")
+                        foreach my $proto (@dtls)
-				{
+                                {
-                                foreach my $proto (@dtls)
+                                $disabled{$proto} = "option(dtls)";
-					{
+                                }
-					$disabled{$proto} = "option(dtls)";
+                        }
-					}
+                elsif ($1 eq "ssl")
-				}
+                        {
-			elsif ($1 eq "ssl")
+                        # Last one of its kind
-				{
+                        $disabled{"ssl3"} = "option(ssl)";
-				# Last one of its kind
+                        }
-				$disabled{"ssl3"} = "option(ssl)";
+                elsif ($1 eq "tls")
-				}
+                        {
-			elsif ($1 eq "tls")
+                        # XXX: Tests will fail if all SSL/TLS
-				{
+                        # protocols are disabled.
-                                # XXX: Tests will fail if all SSL/TLS
+                        foreach my $proto (@tls)
-                                # protocols are disabled.
+                                {
-                                foreach my $proto (@tls)
+                                $disabled{$proto} = "option(tls)";
-					{
+                                }
-					$disabled{$proto} = "option(tls)";
+                        }
-					}
+                else
-				}
+                        {
-			else
+                        $disabled{$1} = "option";
-				{
+                        }
 				$disabled{$1} = "option";
 				}
 			}
 		}
-	elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
+	elsif (/^enable-(.+)$/)
 		{
 		my $algo = $1;
 		if ($disabled{$algo} eq "experimental")
 			{
 			die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
 				unless (/^experimental-/);
 			push @experimental, $algo;
 			}
 		delete $disabled{$algo};
 		$threads = 1 if ($algo eq "threads");
@ -815,15 +800,6 @@ foreach (sort (keys %disabled))
 	print "\n";
 	}
 foreach (sort @experimental)
 	{
 	my $ALGO;
 	($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
 	# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
 	push @{$config{openssl_experimental_defines}}, "OPENSSL_NO_$ALGO";
 	}
 print "Configuring for $target\n";
 # Support for legacy targets having a name starting with 'debug-'
@ -896,10 +872,6 @@ if ($target{build_file} eq "Makefile"
 my ($builder, $builder_platform, @builder_opts) =
    @{$target{build_scheme}};
 push @{$config{defines}},
    map { (my $x = $_) =~ s/^OPENSSL_NO_/OPENSSL_EXPERIMENTAL_/; $x }
        @{$config{openssl_experimental_defines}};
 if ($target =~ /^mingw/ && `$target{cc} --target-help 2>&1` =~ m/-mno-cygwin/m)
 	{
 	$config{cflags} .= " -mno-cygwin";
--- a/crypto/des/str2key.c
+++ b/crypto/des/str2key.c
@ -84,13 +84,7 @@ void DES_string_to_key(const char *str, DES_cblock *key)
    }
 #endif
    DES_set_odd_parity(key);
 #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
    if (DES_is_weak_key(key))
        (*key)[7] ^= 0xF0;
    DES_set_key(key, &ks);
 #else
    DES_set_key_unchecked(key, &ks);
 #endif
    DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
    OPENSSL_cleanse(&ks, sizeof(ks));
    DES_set_odd_parity(key);
@ -141,21 +135,9 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
 #endif
    DES_set_odd_parity(key1);
    DES_set_odd_parity(key2);
 #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
    if (DES_is_weak_key(key1))
        (*key1)[7] ^= 0xF0;
    DES_set_key(key1, &ks);
 #else
    DES_set_key_unchecked(key1, &ks);
 #endif
    DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
 #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
    if (DES_is_weak_key(key2))
        (*key2)[7] ^= 0xF0;
    DES_set_key(key2, &ks);
 #else
    DES_set_key_unchecked(key2, &ks);
 #endif
    DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
    OPENSSL_cleanse(&ks, sizeof(ks));
    DES_set_odd_parity(key1);
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@ -512,7 +512,7 @@ The B<-resign> option uses an existing message digest when adding a new
 signer. This means that attributes must be present in at least one existing
 signer using the same message digest or this operation will fail.
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+The B<-stream> and B<-indef> options enable streaming I/O support.
 As a result the encoding is BER using indefinite length constructed encoding
 and no longer DER. Streaming is supported for the B<-encrypt> operation and the
 B<-sign> operation if the content is not detached.
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@ -344,7 +344,7 @@ The B<-resign> option uses an existing message digest when adding a new
 signer. This means that attributes must be present in at least one existing
 signer using the same message digest or this operation will fail.
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+The B<-stream> and B<-indef> options enable streaming I/O support.
 As a result the encoding is BER using indefinite length constructed encoding
 and no longer DER. Streaming is supported for the B<-encrypt> operation and the
 B<-sign> operation if the content is not detached.
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@ -243,8 +243,6 @@ this outputs the certificate in the form of a C source file.
 =head2 TRUST SETTINGS
 Please note these options are currently experimental and may well change.
 A B<trusted certificate> is an ordinary certificate which has several
 additional pieces of information attached to it such as the permitted
 and prohibited uses of the certificate and an "alias".
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@ -863,7 +863,6 @@ struct ssl_ctx_st {
 #  ifndef OPENSSL_NO_NEXTPROTONEG
    /* Next protocol negotiation information */
    /* (for experimental NPN extension). */
    /*
     * For a server, this contains a callback function by which the set of
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@ -1480,18 +1480,6 @@ sub read_options
 		if (exists $valid_options{$t})
 			{return 1;}
 		return 0;
 		}
 	# experimental-xxx is mostly like enable-xxx, but opensslconf.v
 	# will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
 	# (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
 	elsif (/^experimental-/)
 		{
 		my $algo, $ALGO;
 		($algo = $_) =~ s/^experimental-//;
 		($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
 		$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
 		}
 	elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
 	elsif (/^-[lL].*$/)	{ $l_flags.="$_ "; }