go-gemini/examples/client/client.go

// +build example

package main

import (
	"bufio"
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"log"
	"os"

	"git.sr.ht/~adnano/go-gemini"
)

var (
	client *gemini.Client
	cert   tls.Certificate
)

func init() {
	client = &gemini.Client{}
	client.KnownHosts.Load()

	client.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
		err := knownHosts.Lookup(hostname, cert)
		if err != nil {
			switch err {
			case gemini.ErrCertificateNotTrusted:
				// Alert the user that the certificate is not trusted
				fmt.Printf("Warning: certificate for %s is not trusted!\n", hostname)
				fmt.Println("This could indicate a Man-in-the-Middle attack.")
			case gemini.ErrCertificateUnknown:
				// Prompt the user to trust the certificate
				if userTrustsCertificateTemporarily() {
					// Temporarily trust the certificate
					knownHosts.AddTemporary(hostname, cert)
					return nil
				} else if userTrustsCertificatePermanently() {
					// Add the certificate to the known hosts file
					knownHosts.Add(hostname, cert)
					return nil
				}
			}
		}
		return err
	}

	client.GetCertificate = func(req *gemini.Request, store *gemini.CertificateStore) *tls.Certificate {
		return &cert
	}

	// Configure a client side certificate.
	// To generate a TLS key pair, run:
	//
	//     go run -tags=example ../cert
	var err error
	cert, err = tls.LoadX509KeyPair("examples/client/localhost.crt", "examples/client/localhost.key")
	if err != nil {
		log.Fatal(err)
	}
}

func makeRequest(url string) {
	req, err := gemini.NewRequest(url)
	if err != nil {
		log.Fatal(err)
	}
	req.Certificate = &cert

	resp, err := client.Send(req)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println("Status code:", resp.Status)
	fmt.Println("Meta:", resp.Meta)

	switch resp.Status / 10 {
	case gemini.StatusClassInput:
		scanner := bufio.NewScanner(os.Stdin)
		fmt.Printf("%s: ", resp.Meta)
		scanner.Scan()
		query := scanner.Text()
		makeRequest(url + "?" + query)
		return
	case gemini.StatusClassSuccess:
		fmt.Print("Body:\n", string(resp.Body))
	case gemini.StatusClassRedirect:
		log.Print("Redirecting to ", resp.Meta)
		makeRequest(resp.Meta)
		return
	case gemini.StatusClassTemporaryFailure:
		log.Fatal("Temporary failure")
	case gemini.StatusClassPermanentFailure:
		log.Fatal("Permanent failure")
	case gemini.StatusClassClientCertificateRequired:
		log.Fatal("Client certificate required")
	default:
		log.Fatal("Protocol error")
	}
}

func userTrustsCertificateTemporarily() bool {
	fmt.Print("Do you want to trust the certificate temporarily? (y/n) ")
	scanner := bufio.NewScanner(os.Stdin)
	scanner.Scan()
	return scanner.Text() == "y"
}

func userTrustsCertificatePermanently() bool {
	fmt.Print("How about permanently? (y/n) ")
	scanner := bufio.NewScanner(os.Stdin)
	scanner.Scan()
	return scanner.Text() == "y"
}

func main() {
	if len(os.Args) < 2 {
		log.Fatalf("usage: %s gemini://...", os.Args[0])
	}
	makeRequest(os.Args[1])
}
Add examples 2020-09-21 21:23:51 +00:00			`// +build example`

			`package main`

			`import (`
			`"bufio"`
Add support for client-side certificates 2020-09-21 22:21:42 +00:00			`"crypto/tls"`
Implement file server 2020-09-26 20:38:26 +00:00			`"crypto/x509"`
Add examples 2020-09-21 21:23:51 +00:00			`"fmt"`
			`"log"`
			`"os"`
Add support for client-side certificates 2020-09-21 22:21:42 +00:00
			`"git.sr.ht/~adnano/go-gemini"`
Add examples 2020-09-21 21:23:51 +00:00			`)`

Implement configurable Client 2020-09-25 23:53:50 +00:00			`var (`
Fix client example 2020-09-26 18:01:06 +00:00			`client *gemini.Client`
			`cert tls.Certificate`
Implement configurable Client 2020-09-25 23:53:50 +00:00			`)`
Add examples 2020-09-21 21:23:51 +00:00
Add support for client-side certificates 2020-09-21 22:21:42 +00:00			`func init() {`
Add function to write known hosts to io.Writer 2020-09-27 18:18:30 +00:00			`client = &gemini.Client{}`
			`client.KnownHosts.Load()`
Fix client example 2020-09-26 18:01:06 +00:00
Make TrustCertificate accept hostname instead of request 2020-09-27 20:10:36 +00:00			`client.TrustCertificate = func(hostname string, cert x509.Certificate, knownHosts gemini.KnownHosts) error {`
			`err := knownHosts.Lookup(hostname, cert)`
Implement file server 2020-09-26 20:38:26 +00:00			`if err != nil {`
			`switch err {`
			`case gemini.ErrCertificateNotTrusted:`
			`// Alert the user that the certificate is not trusted`
Update documentation 2020-09-27 20:21:56 +00:00			`fmt.Printf("Warning: certificate for %s is not trusted!\n", hostname)`
Implement file server 2020-09-26 20:38:26 +00:00			`fmt.Println("This could indicate a Man-in-the-Middle attack.")`
			`case gemini.ErrCertificateUnknown:`
			`// Prompt the user to trust the certificate`
			`if userTrustsCertificateTemporarily() {`
			`// Temporarily trust the certificate`
Add function to add a host temporarily 2020-09-27 21:41:41 +00:00			`knownHosts.AddTemporary(hostname, cert)`
Implement file server 2020-09-26 20:38:26 +00:00			`return nil`
			`} else if userTrustsCertificatePermanently() {`
			`// Add the certificate to the known hosts file`
Make TrustCertificate accept hostname instead of request 2020-09-27 20:10:36 +00:00			`knownHosts.Add(hostname, cert)`
Implement file server 2020-09-26 20:38:26 +00:00			`return nil`
			`}`
			`}`
			`}`
			`return err`
			`}`

Update documentation 2020-09-27 20:21:56 +00:00			`client.GetCertificate = func(req gemini.Request, store gemini.CertificateStore) *tls.Certificate {`
			`return &cert`
			`}`

Add support for client-side certificates 2020-09-21 22:21:42 +00:00			`// Configure a client side certificate.`
Add function to write known hosts to io.Writer 2020-09-27 18:18:30 +00:00			`// To generate a TLS key pair, run:`
Add support for client-side certificates 2020-09-21 22:21:42 +00:00			`//`
Add function to write known hosts to io.Writer 2020-09-27 18:18:30 +00:00			`// go run -tags=example ../cert`
Fix client example 2020-09-27 18:23:25 +00:00			`var err error`
Implement certificate creation 2020-09-27 17:50:48 +00:00			`cert, err = tls.LoadX509KeyPair("examples/client/localhost.crt", "examples/client/localhost.key")`
Add support for client-side certificates 2020-09-21 22:21:42 +00:00			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`}`

Add examples 2020-09-21 21:23:51 +00:00			`func makeRequest(url string) {`
Provide Handler with client certificate information 2020-09-21 23:17:10 +00:00			`req, err := gemini.NewRequest(url)`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
Add client authorization example 2020-09-27 21:39:44 +00:00			`req.Certificate = &cert`
Implement configurable Client 2020-09-25 23:53:50 +00:00
Refactor TOFU 2020-09-26 03:06:54 +00:00			`resp, err := client.Send(req)`
Add examples 2020-09-21 21:23:51 +00:00			`if err != nil {`
			`log.Fatal(err)`
			`}`

			`fmt.Println("Status code:", resp.Status)`
			`fmt.Println("Meta:", resp.Meta)`

			`switch resp.Status / 10 {`
			`case gemini.StatusClassInput:`
			`scanner := bufio.NewScanner(os.Stdin)`
			`fmt.Printf("%s: ", resp.Meta)`
			`scanner.Scan()`
			`query := scanner.Text()`
			`makeRequest(url + "?" + query)`
			`return`
			`case gemini.StatusClassSuccess:`
			`fmt.Print("Body:\n", string(resp.Body))`
			`case gemini.StatusClassRedirect:`
			`log.Print("Redirecting to ", resp.Meta)`
			`makeRequest(resp.Meta)`
			`return`
			`case gemini.StatusClassTemporaryFailure:`
			`log.Fatal("Temporary failure")`
			`case gemini.StatusClassPermanentFailure:`
			`log.Fatal("Permanent failure")`
			`case gemini.StatusClassClientCertificateRequired:`
Remove TLSConfig fields 2020-09-25 22:53:20 +00:00			`log.Fatal("Client certificate required")`
Add examples 2020-09-21 21:23:51 +00:00			`default:`
Remove TLSConfig fields 2020-09-25 22:53:20 +00:00			`log.Fatal("Protocol error")`
Add examples 2020-09-21 21:23:51 +00:00			`}`
			`}`

Implement file server 2020-09-26 20:38:26 +00:00			`func userTrustsCertificateTemporarily() bool {`
Adjust user prompt in client example 2020-09-26 22:56:04 +00:00			`fmt.Print("Do you want to trust the certificate temporarily? (y/n) ")`
Implement file server 2020-09-26 20:38:26 +00:00			`scanner := bufio.NewScanner(os.Stdin)`
			`scanner.Scan()`
			`return scanner.Text() == "y"`
			`}`

			`func userTrustsCertificatePermanently() bool {`
Adjust user prompt in client example 2020-09-26 22:56:04 +00:00			`fmt.Print("How about permanently? (y/n) ")`
Implement file server 2020-09-26 20:38:26 +00:00			`scanner := bufio.NewScanner(os.Stdin)`
			`scanner.Scan()`
			`return scanner.Text() == "y"`
			`}`

Add examples 2020-09-21 21:23:51 +00:00			`func main() {`
			`if len(os.Args) < 2 {`
			`log.Fatalf("usage: %s gemini://...", os.Args[0])`
			`}`
			`makeRequest(os.Args[1])`
			`}`