💾 Archived View for rawtext.club › ~sloum › geminilist › 000297.gmi captured on 2020-09-24 at 02:40:10. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Sean Conner sean at conman.org
Thu Jan 9 07:11:32 GMT 2020
- - - - - - - - - - - - - - - - - - - ``` It was thus said that the Great Michael Lazar once stated: > Hi all, Hello. > I have been working on a python script that can be pointed to a gemini server, > and will automatically send various types of requests to surface errors and > other strange server behavior. This was suggested in the mailing list a while > ago by solderpunk(?). I thought it was a neat idea so I took my own stab at it. Thanks for doing this. I find the results interesting, and yes, you didfind three bugs in GLV-1.12556. > For example: > > - Does your server support IPv6? Mine (GLV-1.12556) does, but my hosting provider doesn't have IPv6 yet (ormaybe they do---it's been awhile since I last checked). > - What version of TLS do you negotiate? 1.2---it's a limitation of the library I'm using. > - Is your certificate's CA trusted? No. I'm the one using a custom CA. > - How do you respond to a http:// URL? I reject them. > - How do you respond to a URL with an invalid UTF-8 byte sequence? Here's one of the bugs, and I have no idea how I'll fix this as it's across-library concern. Sigh. > - How do you respond to a request with a newline but no carriage return? I respond. I made CRs optional everywhere internally---it makes it easierfor me to test. Now, you did make one test labeled "RequestMissingCR" whereyou did send a LF. Per the spec, I would expect this to return a 59 BadRequest, but since I treat CRs as optional, that's why I passed that one. > Some of the results: > > - All servers use "\n" line endings on their home page instead of "\r\n" > - No server will accept a URL without a scheme specified (per the spec, this > should be implied as gemini://) This was another bug. I've already fixed this, and the one other bug (Iallow URLs longer than 1024 characters, which has been fixed for now). Again, thanks for this. -spc