Hi all, I tried the existing Dillo plugin but couldn't get it to work. Perhaps it got the job done at some iteration of the protocol. I've written my own according to the current spec for anyone interested: https://github.com/boomlinde/gemini.filter.dpi I've decided that in my client you explicitly have to pin invalid certificates and certificates with unknown authorities. On the first request to a site with a self-signed or invalid certificate, an error description will be displayed and you'll be given the option to pin it and continue anyway. After the certificate is pinned, you won't get a warning again until it changes. The certificate pins are stored in $HOME/.dillo/gemini/pinned as base64 encoded sha1 sums of the entire certificate chain used. For now it doesn't undersand client certificate status codes and will show them as it does errors (simply outputting the header in plain text). It will display an error on any encoding except utf-8 and us-ascii. Input works fine! The project has also yielded two interesting libraries: https://github.com/boomlinde/gemini is a protocol implementation, for now only a client, in Go. The client library makes it easy to set up a pin database and verifies connections by default. https://github.com/boomlinde/dpi implements a Dillo plugin server, in Go. It can be used to build both filter and server plugins. Neither of these libraries are really versioned yet. I want to dog-food the plugin for a while to weed any issues out before I will say that the APIs are stable. I hope someone else finds some use for this! -- Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20200626/a3d8 9eff/attachment.sig>
---
Next in thread (2 of 3): 🗣️ Charles E. Lehner (cel (a) celehner.com)