Philip Linde linde.philip at gmail.com
Sat Jun 27 13:49:06 BST 2020
- - - - - - - - - - - - - - - - - - -
Hi Philip,
Nice work. I like the certificate pinning feature.
Thanks, Charles. I think your plugin better embodies the "100-lineclient" idea in at least having significantly less than a thousand linesof code, and there is high value in that. I will link back to it aswell.
The other plugin (dillo-gemini) works with the current protocol, except
for client certificates or any server certificate management. Maybe you
were missing a dependency. I added a link to yours in its readme.
I investigated a bit further and found that my client doesn'tunderstand the -verify_quiet flag:
$ openssl s_client -verify_quiet -quiet "example.horse:1965" unknown option -verify_quiet # ... $ openssl version LibreSSL 3.0.2
So my openssl is actually from the LibreSSL fork. OpenBSD does this,and (apparently) my desktop OS of choice, Void Linux. There seem to befurther differences preventing a simple fix.
I have systems running Debian with genuine OpenSSL so if I can work outthe differences and improve compatibility with LibreSSL in a clean way,I'll send you a patch.
Have a great weekend,Philip-------------- next part --------------A non-text attachment was scrubbed...Name: not availableType: application/pgp-signatureSize: 488 bytesDesc: not availableURL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20200627/63e5906e/attachment.sig>