go-gemini/examples/client/client.go

128 lines
2.9 KiB
Go
Raw Normal View History

2020-09-21 15:23:51 -06:00
// +build example
package main
import (
"bufio"
"crypto/tls"
2020-09-26 14:38:26 -06:00
"crypto/x509"
2020-09-21 15:23:51 -06:00
"fmt"
"log"
"os"
"git.sr.ht/~adnano/go-gemini"
2020-09-21 15:23:51 -06:00
)
2020-09-25 17:53:50 -06:00
var (
2020-09-26 12:01:06 -06:00
client *gemini.Client
cert tls.Certificate
2020-09-25 17:53:50 -06:00
)
2020-09-21 15:23:51 -06:00
func init() {
2020-09-26 12:01:06 -06:00
// Load the list of known hosts
knownHosts, err := gemini.LoadKnownHosts()
if err != nil {
log.Fatal(err)
}
client = &gemini.Client{
KnownHosts: knownHosts,
}
2020-09-26 14:38:26 -06:00
client.TrustCertificate = func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
err := knownHosts.Lookup(cert)
if err != nil {
switch err {
case gemini.ErrCertificateNotTrusted:
// Alert the user that the certificate is not trusted
fmt.Println("error: certificate is not trusted!")
fmt.Println("This could indicate a Man-in-the-Middle attack.")
case gemini.ErrCertificateUnknown:
// Prompt the user to trust the certificate
if userTrustsCertificateTemporarily() {
// Temporarily trust the certificate
return nil
} else if userTrustsCertificatePermanently() {
// Add the certificate to the known hosts file
knownHosts.Add(cert)
return nil
}
}
}
return err
}
// Configure a client side certificate.
// To generate a certificate, run:
//
// openssl genrsa -out client.key 2048
// openssl ecparam -genkey -name secp384r1 -out client.key
2020-09-25 19:43:13 -06:00
// openssl req -new -x509 -sha512 -key client.key -out client.crt -days 365
//
2020-09-27 11:50:48 -06:00
cert, err = tls.LoadX509KeyPair("examples/client/localhost.crt", "examples/client/localhost.key")
if err != nil {
log.Fatal(err)
}
}
2020-09-21 15:23:51 -06:00
func makeRequest(url string) {
req, err := gemini.NewRequest(url)
if err != nil {
log.Fatal(err)
}
2020-09-25 16:53:20 -06:00
req.Certificate = cert
2020-09-25 17:53:50 -06:00
2020-09-25 21:06:54 -06:00
resp, err := client.Send(req)
2020-09-21 15:23:51 -06:00
if err != nil {
log.Fatal(err)
}
fmt.Println("Status code:", resp.Status)
fmt.Println("Meta:", resp.Meta)
switch resp.Status / 10 {
case gemini.StatusClassInput:
scanner := bufio.NewScanner(os.Stdin)
fmt.Printf("%s: ", resp.Meta)
scanner.Scan()
query := scanner.Text()
makeRequest(url + "?" + query)
return
case gemini.StatusClassSuccess:
fmt.Print("Body:\n", string(resp.Body))
case gemini.StatusClassRedirect:
log.Print("Redirecting to ", resp.Meta)
makeRequest(resp.Meta)
return
case gemini.StatusClassTemporaryFailure:
log.Fatal("Temporary failure")
case gemini.StatusClassPermanentFailure:
log.Fatal("Permanent failure")
case gemini.StatusClassClientCertificateRequired:
2020-09-25 16:53:20 -06:00
log.Fatal("Client certificate required")
2020-09-21 15:23:51 -06:00
default:
2020-09-25 16:53:20 -06:00
log.Fatal("Protocol error")
2020-09-21 15:23:51 -06:00
}
}
2020-09-26 14:38:26 -06:00
func userTrustsCertificateTemporarily() bool {
2020-09-26 16:56:04 -06:00
fmt.Print("Do you want to trust the certificate temporarily? (y/n) ")
2020-09-26 14:38:26 -06:00
scanner := bufio.NewScanner(os.Stdin)
scanner.Scan()
return scanner.Text() == "y"
}
func userTrustsCertificatePermanently() bool {
2020-09-26 16:56:04 -06:00
fmt.Print("How about permanently? (y/n) ")
2020-09-26 14:38:26 -06:00
scanner := bufio.NewScanner(os.Stdin)
scanner.Scan()
return scanner.Text() == "y"
}
2020-09-21 15:23:51 -06:00
func main() {
if len(os.Args) < 2 {
log.Fatalf("usage: %s gemini://...", os.Args[0])
}
makeRequest(os.Args[1])
}