A Gemini command line interface similar to curl written in Zig.
- Successful TLS 1.2 handshake
- Successful GET request header exchange
- Successful body download
- header parsing
- URL parser
- DNS resolving
- MIME parsing
- All of the correct heading handling
- Follow absolute redirects
- Follow relative redirects
- Pretty-printing and guidance messages for failed requests
- TOFU (trust on first use) for SSL connections
- Implement primitive TOFU (store public key, not certificate)
- Implement correct TOFU (trust on first use) for SSL connections
- Client certificates
- temporary cert
- permanent cert
- Use XDG directories
- Implement windows port
- Port
zig-networkto windows - Implement correct config directory locating for windows
- Trust Anchor support for windows
- Port
- Zig 0.6.0 or newer
- BearSSL (provided as submodule)
- zig-network (provided as submodule)
- Refresh submodules (
git submodule init,git submodule update) - Build gurl (
zig build) - Run
./zig-cache/bin/gurl
Give the user control over their system and make configuration easy.
- accept any certificate
- auto-accept the cert on first use (TOFU)
- use CAs or ask user on first sight (TOFU+CA)
- always ask on first sight (interactive TOFU)
- auto-accept when first seen in a session (TOFU, no disk usage)
- always ask when first seen in a session (interactive TOFU, no disk usage)
Correctly adhere to XDG standards and use xdg-open
Current implementation just stores the public key of the server and not the certificate with fingerprint and everything
That certificate's fingerprint and expiry date are saved in a persistent database (like the .known_hosts file for SSH), associated with the server's hostname.
- Wait for specification update
Connect with OpenSSL:
openssl s_client --connect domain.name -quiet -verify_quiet
Dump DER certificate information:
openssl x509 -in trust-store/mozz.us/cert-1.der -inform der -text
Convert DER to PEM:
openssl x509 -inform der -in trust-store/gemini.conman.org/cert-0.der -out conman.pem