1. 47
  1. 5

    Why does nobody complain about how OpenSSL doesn’t follow the UNIX philosophy of “Do one thing well”?

    1. 34

      Probably because there’s already so many other things to complain about with openssl that it doesn’t make the top 5 cut.

      1. 18

        Because the “Unix philosophy” is incredibly vague and ex-post-facto rationalization. That, and I suspect cryptography operations would be hard to do properly like that.

        1. 4

          Does UNIX follow the UNIX philosophy?

          I mean, ls has has 11 options and 4 of them deal with sorting. According to the UNIX philosophy sort should’ve been used for sorting. So “Do one thing well” doesn’t hold here. Likewise, other tenets are not followed too closely. For example, most of these sorting options were added later (“build afresh rather than complicate old programs” much?).

          The first UNIX, actually, didn’t have sort so it can be understood why an option might’ve been added (only t at the time) and why it might’ve stayed (backwards compatibility). Addition of sort kinda follows the UNIX philosophy but addition of more sorting options to ls after sort was added goes completely contrary to it.

          1. 3

            Theoretically, yes: it seems that Bell Labs’ UNIX followed the UNIX philosophy, but BSD broke it.

            Reference: http://harmful.cat-v.org/cat-v/

          2. 4

            Everyone’s still wondering if the right way to phrase it is that “it does too many things” or “it doesn’t do any of them well” ¯\_(ツ)_/¯

            1. 2

              Maybe because it’s not really a tool you’re expected to use beyond a crypto swiss army knife. I mean, it became a defacto certificate request generator, because people have it installed by default, but there are better tools for that. As a debug tool it is a “one thing well” tool. The one thing is “poke around encryption content / functions”.

              Otherwise, what would be the point of extracting things like ans1parse, pkey, or others if they would be backed by the same library anymore. Would it change anything if you called openssl-asn1parse as a separate tool instead of openssl asn1parse?

              1. 1

                For the same reason no one complains about curl either?

                1. 1

                  related, here’s a wget gui that looks similarly complex https://www.jensroesner.com/wgetgui/#screen

              2. 4

                try ffmpeg

                1. 1

                  That’s beautiful. I miss Platinum.

                  1. 1

                    Wondering the tool making the gui, or it’s pure image editing?

                    1. 7

                      It’s probably just an image. Looks like macOS 9 (maybe 8). Seems like too much effort to atually fire that up to mock a GUI.