Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ikskuh/gurl

A curl-like cli application to interact with Gemini sites.
https://github.com/ikskuh/gurl

gemini zig ziglang

Last synced: about 1 month ago
JSON representation

A curl-like cli application to interact with Gemini sites.

Host: GitHub
URL: https://github.com/ikskuh/gurl
Owner: ikskuh
License: mit
Created: 2020-05-13T23:17:54.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-08-23T19:48:39.000Z (about 1 year ago)
Last Synced: 2024-05-17T11:43:03.556Z (6 months ago)
Topics: gemini, zig, ziglang
Language: Zig
Size: 94.7 KB
Stars: 15
Watchers: 3
Forks: 3
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # 👧 gurl

A [Gemini](https://gemini.circumlunar.space/) command line interface similar to [curl](https://curl.haxx.se/) written in [Zig](https://ziglang.org/).

## Project State

- [x] Successful TLS 1.2 handshake

- [x] Successful GET request header exchange

- [x] Successful body download

- [x] header parsing

- [x] URL parser

- [x] DNS resolving

- [ ] MIME parsing

- [ ] All of the correct heading handling

  - [x] Follow absolute redirects

  - [ ] Follow relative redirects

  - [ ] Pretty-printing and guidance messages for failed requests 

- [ ] TOFU (trust on first use) for SSL connections

  - [x] Implement primitive TOFU (store public key, not certificate)

  - [ ] Implement correct TOFU (trust on first use) for SSL connections

- [ ] Client certificates

  - [ ] temporary cert

  - [ ] permanent cert

- [x] Use [XDG directories](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html)

- [ ] Implement windows port

  - [x] Port `zig-network` to windows

  - [x] Implement correct config directory locating for windows

  - [ ] Trust Anchor support for windows

## Dependencies

- [Zig 0.6.0](https://ziglang.org/download/#release-0.6.0) or newer

- [BearSSL](https://bearssl.org/) (provided as submodule)

- [zig-network](https://github.com/MasterQ32/zig-network) (provided as submodule)

## Build Instructions

1. Refresh submodules (`git submodule init`, `git submodule update`)

2. Build gurl (`zig build`)

3. Run `./zig-cache/bin/gurl` 

## Design Considerations

Give the user control over their system and make configuration easy.

### Certificate Trust

- accept any certificate

- auto-accept the cert on first use (TOFU)

- use CAs or ask user on first sight (TOFU+CA)

- always ask on first sight (interactive TOFU)

- auto-accept when first seen in a session (TOFU, no disk usage)

- always ask when first seen in a session (interactive TOFU, no disk usage)

### Future Plans

Correctly adhere to XDG standards and use `xdg-open`

## TOFU Notes

Current implementation just stores the public key of the server and

not the certificate with fingerprint and everything

> That certificate's fingerprint and expiry date are saved in a

persistent database (like the .known_hosts file for SSH), associated

with the server's hostname.

## Client Certificate Process

- Wait for specification update

## Tools

Connect with OpenSSL:

```

openssl s_client --connect domain.name -quiet -verify_quiet

```

Dump DER certificate information:

```

openssl x509 -in trust-store/mozz.us/cert-1.der -inform der -text

``` 

Convert DER to PEM:

```

openssl x509 -inform der -in trust-store/gemini.conman.org/cert-0.der -out conman.pem

```