[SATLUG] The difference between Linux and OpenSSL

James McGuire blue6249 at gmail.com
Sun Apr 20 03:21:45 CDT 2014


> Looking at the openssl tarball, there are 349,834 lines of .c code and 97,247 lines of headers in 1191 files.  Subtract about 50 lines from each file for the copyright header and you get about 370K SLOC.

A really nifty tool for determining SLOC is cloc. I ran it at the root
of openssl and got these results:

    2354 text files.
    2135 unique files.
     762 files ignored.

http://cloc.sourceforge.net v 1.60  T=8.10 s (183.0 files/s, 65198.2 lines/s)
-------------------------------------------------------------------------------
Language                     files          blank        comment           code
-------------------------------------------------------------------------------
C                              915          32949          68512         234936
Perl                           169           8713           7982          69248
C/C++ Header                   187           6542          14756          39729
make                            76           1709            427          13610
Assembly                        13           1307           1405          10898
C++                             26           1860            760           4041
Bourne Shell                    61            787            693           3403
m4                               1            514              0           1585
DOS Batch                       33            417            133           1254
Lisp                             1              2             19             24
HTML                             1              2              2              3
-------------------------------------------------------------------------------
SUM:                          1483          54802          94689         378731
-------------------------------------------------------------------------------


--
Thanks,
    James McGuire
    479-633-7565


On Sat, Apr 19, 2014 at 11:45 AM, Bruce Dubbs <bruce.dubbs at gmail.com> wrote:
> Borries Demeler wrote:
>>
>> Lack of funding is the problem of many open source projects, despite
>> their incredible importance. This is made pretty clear in this article:
>>
>>
>> http://bits.blogs.nytimes.com/2014/04/18/openssl-and-linux-a-tale-of-two-open-source-projects
>
>
> I can't read it because they want me to register and I don't want to do
> that.
>
> But let me make some comments.  Red Hat, SuSE, and Ubuntu have the funds to
> do QA for critical programs.  They either chose not to do that or missed the
> problem too.  How many full time equivalent (FTE) personnel are needed for
> good software QA for the critical components such as openssl, openssh, gpg,
> stunnel, etc.
>
> ALL software is subject to bugs.  The issue is how far after injection do
> the bugs get before they are removed.
>
> No matter how much the software is examined, the potential for some bug
> getting through is still there.  It doesn't matter how much money is
> invested.  The really impressive feat in the relatively recent past was the
> Mars lander.  That it was successful at all was a tremendous feat of quality
> control.  However, if you dig down, I bet they have made changes at
> different times to the code due to unforeseen issues.   Remember the crash
> because they didn't convert between english and metric units?
>
> If it were proprietary code, how long would it have taken to discover the
> problem?
>
> What is the bug density of open source vs proprietary?
>
> http://www.coverity.com/press-releases/annual-coverity-scan-report-finds-open-source-and-proprietary-software-quality-better-than-industry-average-for-second-consecutive-year/
>
> Looking at the openssl tarball, there are 349,834 lines of .c code and
> 97,247 lines of headers in 1191 files.  Subtract about 50 lines from each
> file for the copyright header and you get about 370K SLOC.
>
>   -- Bruce
>
>
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> Powered by Rackspace (www.rackspace.com)


More information about the SATLUG mailing list