-- Leo's gemini proxy
-- Connecting to rwv.io:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; lang=en
It's been awhile but I bring good news for people using dʒɛmɪni to host their capsule: a weird SSL bug in dʒɛmɪni has finally been fixed. I big "thank you" to mbays (for finding the issue), gluon (for hosting it and using dʒɛmɪni) and fgaz (for fixing it in his server)!
So what was wrong? I am not really sure but the problem occurred when using a client which supports TLS 1.3 "session reuse" aka resumption, causing the second hit on a dʒɛmɪni hosted capsule to fail at the handshake. Apparently I forgot to do a move in the OpenSSL ceremonial dance, namely set the session ID.
Fortunately racket does it for you when calling ssl-set-verify! but I didn't bother with it because I don't want verification because of TOFU. I was wrong and, have to admit, did not RTFM.
This also seems to fix a similar issue I was having when running dʒɛmɪni on OpenBSD and using the Ariane client for Android, second hit going bad at handshake. Weird thing was: it did not occur on capsules hosted on a GNU/Linux distribution.
Hurrah! Some order is restored in my world. Thank you to the people involved!
Cheers,
R.
--
📅 2021-03-22
🏷 dezhemini
📧 hello@rwv.io
CC BY-NC-SA 4.0
-- Response ended
-- Page fetched on Wed Apr 24 09:51:26 2024