-- Leo's gemini proxy
-- Connecting to rawtext.club:1965...
-- Sending request
-- Meta line: 20 text/gemini
Philip Linde linde.philip at gmail.com
Fri Jun 26 22:32:08 BST 2020
- - - - - - - - - - - - - - - - - - -
I tried the existing Dillo plugin but couldn't get it to work.Perhaps it got the job done at some iteration of the protocol.I've written my own according to the current spec for anyoneinterested:
I've decided that in my client you explicitly have to pin invalidcertificates and certificates with unknown authorities. On the firstrequest to a site with a self-signed or invalid certificate, an errordescription will be displayed and you'll be given the option to pin itand continue anyway. After the certificate is pinned, you won't get awarning again until it changes.
The certificate pins are stored in $HOME/.dillo/gemini/pinned asbase64 encoded sha1 sums of the entire certificate chain used.
For now it doesn't undersand client certificate status codes and willshow them as it does errors (simply outputting the header in plaintext). It will display an error on any encoding except utf-8 andus-ascii.
Input works fine!
The project has also yielded two interesting libraries:
https://github.com/boomlinde/gemini is a protocol implementation, fornow only a client, in Go. The client library makes it easy to set up apin database and verifies connections by default.
https://github.com/boomlinde/dpi implements a Dillo plugin server, inGo. It can be used to build both filter and server plugins.
Neither of these libraries are really versioned yet. I want to dog-foodthe plugin for a while to weed any issues out before I will say thatthe APIs are stable.
I hope someone else finds some use for this!
--Philip-------------- next part --------------A non-text attachment was scrubbed...Name: not availableType: application/pgp-signatureSize: 488 bytesDesc: not availableURL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20200626/a3d89eff/attachment.sig>
-- Response ended
-- Page fetched on Mon Sep 20 03:09:48 2021