Add link to ogirinal in readme

Export TLS & remove conn in request struct
This makes it possible to fully create another request outside of this module (which Hnakra will need) and has better parity with net/http.
2023-05-26 00:45:08 -04:00 · 2023-05-26 00:38:12 -04:00 · 2023-05-26 00:37:56 -04:00 · 2023-05-25 18:45:53 -04:00 · 2023-05-25 18:27:52 -04:00 · 2022-05-07 13:54:56 -04:00
36 changed files with 3494 additions and 1953 deletions
--- a/.build.yml
+++ b/.build.yml
@ -0,0 +1,9 @@
+image: alpine/edge
+packages:
+- go
+sources:
+- https://git.sr.ht/~adnano/go-gemini
+tasks:
+- test: |
+    cd go-gemini
+    go test ./...
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +0,0 @@
-*.crt
-*.key
--- a/64
+++ b/64
@ -1,51 +1,19 @@
-go-gemini is available under the terms of the MIT license:
+Copyright (c) 2020 Adnan Maolood

-	Copyright (c) 2020 Adnan Maolood
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:

-	Permission is hereby granted, free of charge, to any person obtaining a copy
-	of this software and associated documentation files (the "Software"), to deal
-	in the Software without restriction, including without limitation the rights
-	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-	copies of the Software, and to permit persons to whom the Software is
-	furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.

-	The above copyright notice and this permission notice shall be included in all
-	copies or substantial portions of the Software.
-
-	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-	AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-	LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-	OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-	SOFTWARE.
-
-Portions of this program were taken from Go:
-
-	Copyright (c) 2009 The Go Authors. All rights reserved.
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are
-	met:
-
-	   * Redistributions of source code must retain the above copyright
-	notice, this list of conditions and the following disclaimer.
-	   * Redistributions in binary form must reproduce the above
-	copyright notice, this list of conditions and the following disclaimer
-	in the documentation and/or other materials provided with the
-	distribution.
-	   * Neither the name of Google Inc. nor the names of its
-	contributors may be used to endorse or promote products derived from
-	this software without specific prior written permission.
-
-	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-	"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-	LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-	A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-	OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-	SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-	LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-	THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-	(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-	OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/27
+++ b/27
@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/README.md
+++ b/README.md
@ -1,14 +1,31 @@
 # go-gemini

-[![GoDoc](https://godoc.org/git.sr.ht/~adnano/go-gemini?status.svg)](https://godoc.org/git.sr.ht/~adnano/go-gemini)
+This repository is a fork of [go-gemini](https://godocs.io/git.sr.ht/~adnano/go-gemini)
+implementing better parity with net/http and some tweaks required for use in
+[Hnakra](https://git.tebibyte.media/sashakoshka/hnakra).

-Package gemini implements the [Gemini protocol](https://gemini.circumlunar.space) in Go.
+Package gemini implements the [Gemini protocol](https://gemini.circumlunar.space)
+in Go. It provides an API similar to that of net/http to facilitate the
+development of Gemini clients and servers.

-It aims to provide an API similar to that of net/http to make it easy to develop Gemini clients and servers.
+Compatible with version v0.16.0 of the Gemini specification.
+
+## Usage
+
+	import "git.tebibyte.media/sashakoshka/go-gemini"
+
+Note that some filesystem-related functionality is only available on Go 1.16
+or later as it relies on the io/fs package.

 ## Examples

-There are a few examples provided in the `examples` directory.
-To run the examples:
+There are a few examples provided in the examples directory.
+To run an example:

 	go run examples/server.go
+
+## License
+
+go-gemini is licensed under the terms of the MIT license (see LICENSE).
+Portions of this library were adapted from Go and are governed by a BSD-style
+license (see LICENSE-GO). Those files are marked accordingly.
--- a/cert.go
+++ b/cert.go
@ -1,135 +0,0 @@
-package gemini
-
-import (
-	"crypto"
-	"crypto/ed25519"
-	"crypto/rand"
-	"crypto/tls"
-	"crypto/x509"
-	"math/big"
-	"net"
-	"path/filepath"
-	"strings"
-	"time"
-)
-
-// CertificateStore maps hostnames to certificates.
-// The zero value of CertificateStore is an empty store ready to use.
-type CertificateStore struct {
-	store map[string]tls.Certificate
-}
-
-// Add adds a certificate for the given hostname to the store.
-// It tries to parse the certificate if it is not already parsed.
-func (c *CertificateStore) Add(hostname string, cert tls.Certificate) {
-	if c.store == nil {
-		c.store = map[string]tls.Certificate{}
-	}
-	// Parse certificate if not already parsed
-	if cert.Leaf == nil {
-		parsed, err := x509.ParseCertificate(cert.Certificate[0])
-		if err == nil {
-			cert.Leaf = parsed
-		}
-	}
-	c.store[hostname] = cert
-}
-
-// Lookup returns the certificate for the given hostname.
-func (c *CertificateStore) Lookup(hostname string) (*tls.Certificate, error) {
-	cert, ok := c.store[hostname]
-	if !ok {
-		return nil, ErrCertificateUnknown
-	}
-	// Ensure that the certificate is not expired
-	if cert.Leaf != nil && cert.Leaf.NotAfter.Before(time.Now()) {
-		return &cert, ErrCertificateExpired
-	}
-	return &cert, nil
-}
-
-// Load loads certificates from the given path.
-// The path should lead to a directory containing certificates and private keys
-// in the form hostname.crt and hostname.key.
-// For example, the hostname "localhost" would have the corresponding files
-// localhost.crt (certificate) and localhost.key (private key).
-func (c *CertificateStore) Load(path string) error {
-	matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
-	if err != nil {
-		return err
-	}
-	for _, crtPath := range matches {
-		keyPath := strings.TrimSuffix(crtPath, ".crt") + ".key"
-		cert, err := tls.LoadX509KeyPair(crtPath, keyPath)
-		if err != nil {
-			continue
-		}
-		hostname := strings.TrimSuffix(filepath.Base(crtPath), ".crt")
-		c.Add(hostname, cert)
-	}
-	return nil
-}
-
-// NewCertificate creates and returns a new parsed certificate.
-func NewCertificate(host string, duration time.Duration) (tls.Certificate, error) {
-	crt, priv, err := newX509KeyPair(host, duration)
-	if err != nil {
-		return tls.Certificate{}, err
-	}
-	var cert tls.Certificate
-	cert.Leaf = crt
-	cert.Certificate = append(cert.Certificate, crt.Raw)
-	cert.PrivateKey = priv
-	return cert, nil
-}
-
-// newX509KeyPair creates and returns a new certificate and private key.
-func newX509KeyPair(host string, duration time.Duration) (*x509.Certificate, crypto.PrivateKey, error) {
-	// Generate an ED25519 private key
-	_, priv, err := ed25519.GenerateKey(rand.Reader)
-	if err != nil {
-		return nil, nil, err
-	}
-	public := priv.Public()
-
-	// ED25519 keys should have the DigitalSignature KeyUsage bits set
-	// in the x509.Certificate template
-	keyUsage := x509.KeyUsageDigitalSignature
-
-	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
-	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	notBefore := time.Now()
-	notAfter := notBefore.Add(duration)
-
-	template := x509.Certificate{
-		SerialNumber:          serialNumber,
-		NotBefore:             notBefore,
-		NotAfter:              notAfter,
-		KeyUsage:              keyUsage,
-		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
-		BasicConstraintsValid: true,
-	}
-
-	hosts := strings.Split(host, ",")
-	for _, h := range hosts {
-		if ip := net.ParseIP(h); ip != nil {
-			template.IPAddresses = append(template.IPAddresses, ip)
-		} else {
-			template.DNSNames = append(template.DNSNames, h)
-		}
-	}
-
-	crt, err := x509.CreateCertificate(rand.Reader, &template, &template, public, priv)
-	if err != nil {
-		return nil, nil, err
-	}
-	cert, err := x509.ParseCertificate(crt)
-	if err != nil {
-		return nil, nil, err
-	}
-	return cert, priv, nil
-}
--- a/certificate/create.go
+++ b/certificate/create.go
@ -0,0 +1,142 @@
+// Package certificate provides functions for creating and storing TLS certificates.
+package certificate
+
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"math/big"
+	"net"
+	"os"
+	"time"
+)
+
+// CreateOptions configures the creation of a TLS certificate.
+type CreateOptions struct {
+	// Subject Alternate Name values.
+	// Should contain the DNS names that this certificate is valid for.
+	// E.g. example.com, *.example.com
+	DNSNames []string
+
+	// Subject Alternate Name values.
+	// Should contain the IP addresses that the certificate is valid for.
+	IPAddresses []net.IP
+
+	// Subject specifies the certificate Subject.
+	//
+	// Subject.CommonName can contain the DNS name that this certificate
+	// is valid for. Server certificates should specify both a Subject
+	// and a Subject Alternate Name.
+	Subject pkix.Name
+
+	// Duration specifies the amount of time that the certificate is valid for.
+	Duration time.Duration
+
+	// Ed25519 specifies whether to generate an Ed25519 key pair.
+	// If false, an ECDSA key will be generated instead.
+	// Ed25519 is not as widely supported as ECDSA.
+	Ed25519 bool
+}
+
+// Create creates a new TLS certificate.
+func Create(options CreateOptions) (tls.Certificate, error) {
+	crt, priv, err := newX509KeyPair(options)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	var cert tls.Certificate
+	cert.Leaf = crt
+	cert.Certificate = append(cert.Certificate, crt.Raw)
+	cert.PrivateKey = priv
+	return cert, nil
+}
+
+// newX509KeyPair creates and returns a new certificate and private key.
+func newX509KeyPair(options CreateOptions) (*x509.Certificate, crypto.PrivateKey, error) {
+	var pub crypto.PublicKey
+	var priv crypto.PrivateKey
+	if options.Ed25519 {
+		// Generate an Ed25519 private key
+		var err error
+		pub, priv, err = ed25519.GenerateKey(rand.Reader)
+		if err != nil {
+			return nil, nil, err
+		}
+	} else {
+		// Generate an ECDSA private key
+		private, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+		if err != nil {
+			return nil, nil, err
+		}
+		priv = private
+		pub = &private.PublicKey
+	}
+
+	// ECDSA and Ed25519 keys should have the DigitalSignature KeyUsage bits
+	// set in the x509.Certificate template
+	keyUsage := x509.KeyUsageDigitalSignature
+
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	notBefore := time.Now()
+	notAfter := notBefore.Add(options.Duration)
+
+	template := x509.Certificate{
+		SerialNumber:          serialNumber,
+		NotBefore:             notBefore,
+		NotAfter:              notAfter,
+		KeyUsage:              keyUsage,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+		BasicConstraintsValid: true,
+		IPAddresses:           options.IPAddresses,
+		DNSNames:              options.DNSNames,
+		Subject:               options.Subject,
+	}
+
+	crt, err := x509.CreateCertificate(rand.Reader, &template, &template, pub, priv)
+	if err != nil {
+		return nil, nil, err
+	}
+	cert, err := x509.ParseCertificate(crt)
+	if err != nil {
+		return nil, nil, err
+	}
+	return cert, priv, nil
+}
+
+// Write writes the provided certificate and its private key
+// to certPath and keyPath respectively.
+func Write(cert tls.Certificate, certPath, keyPath string) error {
+	certOut, err := os.OpenFile(certPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+	defer certOut.Close()
+	if err := pem.Encode(certOut, &pem.Block{
+		Type:  "CERTIFICATE",
+		Bytes: cert.Leaf.Raw,
+	}); err != nil {
+		return err
+	}
+
+	keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	if err != nil {
+		return err
+	}
+	defer keyOut.Close()
+	privBytes, err := x509.MarshalPKCS8PrivateKey(cert.PrivateKey)
+	if err != nil {
+		return err
+	}
+	return pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})
+}
--- a/certificate/store.go
+++ b/certificate/store.go
@ -0,0 +1,207 @@
+package certificate
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"sync"
+	"time"
+)
+
+// A Store represents a TLS certificate store.
+// The zero value for Store is an empty store ready to use.
+//
+// Store can be used to store server certificates.
+// Servers should provide a hostname or wildcard pattern as a certificate scope.
+// Servers will most likely use the methods Register, Load and Get.
+//
+// Store can also be used to store client certificates.
+// Clients should provide a hostname as a certificate scope.
+// Clients will most likely use the methods Add, Load, and Lookup.
+//
+// Store is safe for concurrent use by multiple goroutines.
+type Store struct {
+	// CreateCertificate, if not nil, is called by Get to create a new
+	// certificate to replace a missing or expired certificate.
+	// The provided scope is suitable for use in a certificate's DNSNames.
+	CreateCertificate func(scope string) (tls.Certificate, error)
+
+	scopes map[string]struct{}
+	certs  map[string]tls.Certificate
+	path   string
+	mu     sync.RWMutex
+}
+
+// Register registers the provided scope with the certificate store.
+// The scope can either be a hostname or a wildcard pattern (e.g. "*.example.com").
+// To accept all hostnames, use the special pattern "*".
+//
+// Calls to Get will only succeed for registered scopes.
+// Other methods are not affected.
+func (s *Store) Register(scope string) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.scopes == nil {
+		s.scopes = make(map[string]struct{})
+	}
+	s.scopes[scope] = struct{}{}
+}
+
+// Add registers the certificate for the given scope.
+// If a certificate already exists for scope, Add will overwrite it.
+func (s *Store) Add(scope string, cert tls.Certificate) error {
+	// Parse certificate if not already parsed
+	if cert.Leaf == nil {
+		parsed, err := x509.ParseCertificate(cert.Certificate[0])
+		if err != nil {
+			return err
+		}
+		cert.Leaf = parsed
+	}
+
+	if err := s.write(scope, cert); err != nil {
+		return err
+	}
+
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.certs == nil {
+		s.certs = make(map[string]tls.Certificate)
+	}
+	s.certs[scope] = cert
+	return nil
+}
+
+func (s *Store) write(scope string, cert tls.Certificate) error {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	if s.path != "" {
+		certPath := filepath.Join(s.path, scope+".crt")
+		keyPath := filepath.Join(s.path, scope+".key")
+		if err := Write(cert, certPath, keyPath); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// Get retrieves a certificate for the given hostname.
+// If no matching scope has been registered, Get returns an error.
+// Get generates new certificates as needed and rotates expired certificates.
+// It calls CreateCertificate to create a new certificate if it is not nil,
+// otherwise it creates certificates with a duration of 100 years.
+//
+// Get is suitable for use in a gemini.Server's GetCertificate field.
+func (s *Store) Get(hostname string) (*tls.Certificate, error) {
+	s.mu.RLock()
+	_, ok := s.scopes[hostname]
+	if !ok {
+		// Try wildcard
+		wildcard := strings.SplitN(hostname, ".", 2)
+		if len(wildcard) == 2 {
+			hostname = "*." + wildcard[1]
+			_, ok = s.scopes[hostname]
+		}
+	}
+	if !ok {
+		// Try "*"
+		_, ok = s.scopes["*"]
+	}
+	if !ok {
+		s.mu.RUnlock()
+		return nil, errors.New("unrecognized scope")
+	}
+	cert := s.certs[hostname]
+	s.mu.RUnlock()
+
+	// If the certificate is empty or expired, generate a new one.
+	if cert.Leaf == nil || cert.Leaf.NotAfter.Before(time.Now()) {
+		var err error
+		cert, err = s.createCertificate(hostname)
+		if err != nil {
+			return nil, err
+		}
+		if err := s.Add(hostname, cert); err != nil {
+			return nil, fmt.Errorf("failed to add certificate for %s: %w", hostname, err)
+		}
+	}
+
+	return &cert, nil
+}
+
+// Lookup returns the certificate for the provided scope.
+func (s *Store) Lookup(scope string) (tls.Certificate, bool) {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	cert, ok := s.certs[scope]
+	return cert, ok
+}
+
+func (s *Store) createCertificate(scope string) (tls.Certificate, error) {
+	if s.CreateCertificate != nil {
+		return s.CreateCertificate(scope)
+	}
+	return Create(CreateOptions{
+		DNSNames: []string{scope},
+		Subject: pkix.Name{
+			CommonName: scope,
+		},
+		Duration: 100 * 365 * 24 * time.Hour,
+	})
+}
+
+// Load loads certificates from the provided path.
+// New certificates will be written to this path.
+// The path should lead to a directory containing certificates
+// and private keys named "scope.crt" and "scope.key" respectively,
+// where "scope" is the scope of the certificate.
+func (s *Store) Load(path string) error {
+	if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil {
+		return err
+	}
+
+	path = filepath.Clean(path)
+	matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
+	if err != nil {
+		return err
+	}
+	for _, crtPath := range matches {
+		keyPath := strings.TrimSuffix(crtPath, ".crt") + ".key"
+		cert, err := tls.LoadX509KeyPair(crtPath, keyPath)
+		if err != nil {
+			continue
+		}
+
+		scope := strings.TrimPrefix(crtPath, path)
+		scope = strings.TrimPrefix(scope, "/")
+		scope = strings.TrimSuffix(scope, ".crt")
+		s.Add(scope, cert)
+	}
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	s.path = path
+	return nil
+}
+
+// Entries returns a map of scopes to certificates.
+func (s *Store) Entries() map[string]tls.Certificate {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	certs := make(map[string]tls.Certificate)
+	for key := range s.certs {
+		certs[key] = s.certs[key]
+	}
+	return certs
+}
+
+// SetPath sets the path that new certificates will be written to.
+func (s *Store) SetPath(path string) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	s.path = filepath.Clean(path)
+}
--- a/client.go
+++ b/client.go
@ -1,102 +1,217 @@
 package gemini

 import (
-	"bufio"
+	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"net"
+	"net/url"
+	"unicode/utf8"
+
+	"golang.org/x/net/idna"
 )

-// Client represents a Gemini client.
+// A Client is a Gemini client. Its zero value is a usable client.
 type Client struct {
-	// KnownHosts is a list of known hosts that the client trusts.
-	KnownHosts KnownHosts
+	// TrustCertificate is called to determine whether the client should
+	// trust the certificate provided by the server.
+	// If TrustCertificate is nil or returns nil, the client will accept
+	// any certificate. Otherwise, the certificate will not be trusted
+	// and the request will be aborted.
+	//
+	// See the tofu submodule for an implementation of trust on first use.
+	TrustCertificate func(hostname string, cert *x509.Certificate) error

-	// CertificateStore maps hostnames to certificates.
-	// It is used to determine which certificate to use when the server requests
-	// a certificate.
-	CertificateStore CertificateStore
-
-	// GetCertificate, if not nil, will be called when a server requests a certificate.
-	// The returned certificate will be used when sending the request again.
-	// If the certificate is nil, the request will not be sent again and
-	// the response will be returned.
-	GetCertificate func(hostname string, store *CertificateStore) *tls.Certificate
-
-	// TrustCertificate, if not nil, will be called to determine whether the
-	// client should trust the given certificate.
-	// If error is not nil, the connection will be aborted.
-	TrustCertificate func(hostname string, cert *x509.Certificate, knownHosts *KnownHosts) error
+	// DialContext specifies the dial function for creating TCP connections.
+	// If DialContext is nil, the client dials using package net.
+	DialContext func(ctx context.Context, network, addr string) (net.Conn, error)
 }

-// Send sends a Gemini request and returns a Gemini response.
-func (c *Client) Send(req *Request) (*Response, error) {
+// Get sends a Gemini request for the given URL.
+// The context controls the entire lifetime of a request and its response:
+// obtaining a connection, sending the request, and reading the response
+// header and body.
+//
+// An error is returned if there was a Gemini protocol error.
+// A non-2x status code doesn't cause an error.
+//
+// If the returned error is nil, the user is expected to close the Response.
+//
+// For more control over requests, use NewRequest and Client.Do.
+func (c *Client) Get(ctx context.Context, url string) (*Response, error) {
+	req, err := NewRequest(url)
+	if err != nil {
+		return nil, err
+	}
+	return c.Do(ctx, req)
+}
+
+// Do sends a Gemini request and returns a Gemini response.
+// The context controls the entire lifetime of a request and its response:
+// obtaining a connection, sending the request, and reading the response
+// header and body.
+//
+// An error is returned if there was a Gemini protocol error.
+// A non-2x status code doesn't cause an error.
+//
+// If the returned error is nil, the user is expected to close the Response.
+func (c *Client) Do(ctx context.Context, req *Request) (*Response, error) {
+	if ctx == nil {
+		panic("nil context")
+	}
+
+	// Punycode request URL host
+	host, port := splitHostPort(req.URL.Host)
+	punycode, err := punycodeHostname(host)
+	if err != nil {
+		return nil, err
+	}
+	if host != punycode {
+		host = punycode
+
+		// Copy the URL and update the host
+		u := new(url.URL)
+		*u = *req.URL
+		u.Host = net.JoinHostPort(host, port)
+
+		// Use the new URL in the request so that the server gets
+		// the punycoded hostname
+		r := new(Request)
+		*r = *req
+		r.URL = u
+		req = r
+	}
+
+	// Use request host if provided
+	if req.Host != "" {
+		host, port = splitHostPort(req.Host)
+		host, err = punycodeHostname(host)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	addr := net.JoinHostPort(host, port)
+
 	// Connect to the host
-	config := &tls.Config{
+	conn, err := c.dialContext(ctx, "tcp", addr)
+	if err != nil {
+		return nil, err
+	}
+
+	// Setup TLS
+	conn = tls.Client(conn, &tls.Config{
 		InsecureSkipVerify: true,
 		MinVersion:         tls.VersionTLS12,
-		GetClientCertificate: func(info *tls.CertificateRequestInfo) (*tls.Certificate, error) {
-			// Request certificates take precedence over client certificates
+		GetClientCertificate: func(_ *tls.CertificateRequestInfo) (*tls.Certificate, error) {
 			if req.Certificate != nil {
 				return req.Certificate, nil
 			}
-			// If we have already stored the certificate, return it
-			if cert, err := c.CertificateStore.Lookup(hostname(req.Host)); err == nil {
-				return cert, nil
-			}
 			return &tls.Certificate{}, nil
 		},
 		VerifyConnection: func(cs tls.ConnectionState) error {
-			cert := cs.PeerCertificates[0]
-			// Verify the hostname
-			if err := verifyHostname(cert, hostname(req.Host)); err != nil {
-				return err
-			}
-			// Check that the client trusts the certificate
-			if c.TrustCertificate == nil {
-				if err := c.KnownHosts.Lookup(hostname(req.Host), cert); err != nil {
-					return err
-				}
-			} else if err := c.TrustCertificate(hostname(req.Host), cert, &c.KnownHosts); err != nil {
-				return err
-			}
-			return nil
+			return c.verifyConnection(cs, host)
 		},
+		ServerName: host,
+	})
+
+	type result struct {
+		resp *Response
+		err  error
 	}
-	conn, err := tls.Dial("tcp", req.Host, config)
-	if err != nil {
-		return nil, err
+
+	res := make(chan result, 1)
+	go func() {
+		resp, err := c.do(ctx, conn, req)
+		res <- result{resp, err}
+	}()
+
+	select {
+	case <-ctx.Done():
+		conn.Close()
+		return nil, ctx.Err()
+	case r := <-res:
+		if r.err != nil {
+			conn.Close()
+		}
+		return r.resp, r.err
+	}
+}
+
+func (c *Client) do(ctx context.Context, conn net.Conn, req *Request) (*Response, error) {
+	ctx, cancel := context.WithCancel(ctx)
+	done := ctx.Done()
+	w := &contextWriter{
+		ctx:    ctx,
+		done:   done,
+		cancel: cancel,
+		wc:     conn,
+	}
+	rc := &contextReader{
+		ctx:    ctx,
+		done:   done,
+		cancel: cancel,
+		rc:     conn,
 	}
-	defer conn.Close()

 	// Write the request
-	w := bufio.NewWriter(conn)
-	req.write(w)
-	if err := w.Flush(); err != nil {
+	if _, err := req.WriteTo(w); err != nil {
 		return nil, err
 	}

 	// Read the response
-	resp := &Response{}
-	r := bufio.NewReader(conn)
-	if err := resp.read(r); err != nil {
+	resp, err := ReadResponse(rc)
+	if err != nil {
 		return nil, err
 	}
-	// Store connection information
-	resp.TLS = conn.ConnectionState()
+	resp.conn = conn

-	// Resend the request with a certificate if the server responded
-	// with CertificateRequired
-	if resp.Status == StatusCertificateRequired {
-		// Check to see if a certificate was already provided to prevent an infinite loop
-		if req.Certificate != nil {
-			return resp, nil
-		}
-		if c.GetCertificate != nil {
-			if cert := c.GetCertificate(hostname(req.Host), &c.CertificateStore); cert != nil {
-				req.Certificate = cert
-				return c.Send(req)
-			}
-		}
-	}
 	return resp, nil
 }
+
+func (c *Client) dialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+	if c.DialContext != nil {
+		return c.DialContext(ctx, network, addr)
+	}
+	return (&net.Dialer{}).DialContext(ctx, network, addr)
+}
+
+func (c *Client) verifyConnection(cs tls.ConnectionState, hostname string) error {
+	// See if the client trusts the certificate
+	if c.TrustCertificate != nil {
+		cert := cs.PeerCertificates[0]
+		return c.TrustCertificate(hostname, cert)
+	}
+	return nil
+}
+
+func splitHostPort(hostport string) (host, port string) {
+	var err error
+	host, port, err = net.SplitHostPort(hostport)
+	if err != nil {
+		// Likely no port
+		host = hostport
+		port = "1965"
+	}
+	return
+}
+
+func isASCII(s string) bool {
+	for i := 0; i < len(s); i++ {
+		if s[i] >= utf8.RuneSelf {
+			return false
+		}
+	}
+	return true
+}
+
+// punycodeHostname returns the punycoded version of hostname.
+func punycodeHostname(hostname string) (string, error) {
+	if net.ParseIP(hostname) != nil {
+		return hostname, nil
+	}
+	if isASCII(hostname) {
+		return hostname, nil
+	}
+	return idna.Lookup.ToASCII(hostname)
+}
--- a/doc.go
+++ b/doc.go
@ -1,82 +1,53 @@
 /*
-Package gemini implements the Gemini protocol.
+Package gemini provides Gemini client and server implementations.

-Send makes a Gemini request with the default client:
+Client is a Gemini client.

-	req := gemini.NewRequest("gemini://example.com")
-	resp, err := gemini.Send(req)
+	client := &gemini.Client{}
+	ctx := context.Background()
+	resp, err := client.Get(ctx, "gemini://example.com")
 	if err != nil {
 		// handle error
 	}
+	defer resp.Body.Close()
 	// ...

-For control over client behavior, create a custom Client:
-
-	var client gemini.Client
-	resp, err := client.Send(req)
-	if err != nil {
-		// handle error
-	}
-	// ...
-
-The default client loads known hosts from "$XDG_DATA_HOME/gemini/known_hosts".
-Custom clients can load their own list of known hosts:
-
-	err := client.KnownHosts.Load("path/to/my/known_hosts")
-	if err != nil {
-		// handle error
-	}
-
-Clients can control when to trust certificates with TrustCertificate:
-
-	client.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
-		return knownHosts.Lookup(hostname, cert)
-	}
-
-If a server responds with StatusCertificateRequired, the default client will generate a certificate and resend the request with it. Custom clients can do so in GetCertificate:
-
-	client.GetCertificate = func(hostname string, store *gemini.CertificateStore) *tls.Certificate {
-		// If the certificate is in the store, return it
-		if cert, err := store.Lookup(hostname); err == nil {
-			return &cert
-		}
-		// Otherwise, generate a certificate
-		duration := time.Hour
-		cert, err := gemini.NewCertificate(hostname, duration)
-		if err != nil {
-			return nil
-		}
-		// Store and return the certificate
-		store.Add(hostname, cert)
-		return &cert
-	}
-
 Server is a Gemini server.

-	var server gemini.Server
+	server := &gemini.Server{
+		ReadTimeout:  10 * time.Second,
+		WriteTimeout: 10 * time.Second,
+	}

-Servers must be configured with certificates:
+Servers should be configured with certificates:

-	err := server.CertificateStore.Load("/var/lib/gemini/certs")
+	certificates := &certificate.Store{}
+	certificates.Register("localhost")
+	err := certificates.Load("/var/lib/gemini/certs")
 	if err != nil {
 		// handle error
 	}
+	server.GetCertificate = certificates.Get

-Servers can accept requests for multiple hosts and schemes:
+Mux is a Gemini request multiplexer.
+Mux can handle requests for multiple hosts and paths.

-	server.RegisterFunc("example.com", func(w *gemini.ResponseWriter, r *gemini.Request) {
+	mux := &gemini.Mux{}
+	mux.HandleFunc("example.com", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
 		fmt.Fprint(w, "Welcome to example.com")
 	})
-	server.RegisterFunc("example.org", func(w *gemini.ResponseWriter, r *gemini.Request) {
-		fmt.Fprint(w, "Welcome to example.org")
+	mux.HandleFunc("example.org/about.gmi", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
+		fmt.Fprint(w, "About example.org")
 	})
-	server.RegisterFunc("http://example.net", func(w *gemini.ResponseWriter, r *gemini.Request) {
-		fmt.Fprint(w, "Proxied content from http://example.net")
+	mux.HandleFunc("/images/", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
+		w.WriteHeader(gemini.StatusGone, "Gone forever")
 	})
+	server.Handler = mux

 To start the server, call ListenAndServe:

-	err := server.ListenAndServe()
+	ctx := context.Background()
+	err := server.ListenAndServe(ctx)
 	if err != nil {
 		// handle error
 	}
--- a/examples/auth.go
+++ b/examples/auth.go
@ -3,146 +3,88 @@
 package main

 import (
+	"context"
+	"crypto/sha512"
 	"crypto/x509"
 	"fmt"
 	"log"
+	"time"

-	gmi "git.sr.ht/~adnano/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini/certificate"
 )

-type user struct {
-	password string // TODO: use hashes
-	admin    bool
-}
-
-type session struct {
-	username   string
-	authorized bool // whether or not the password was supplied
+type User struct {
+	Name string
 }

 var (
-	// Map of usernames to user data
-	logins = map[string]user{
-		"admin": {"p@ssw0rd", true}, // NOTE: These are bad passwords!
-		"user1": {"password1", false},
-		"user2": {"password2", false},
-	}
-
-	// Map of certificate fingerprints to sessions
-	sessions = map[string]*session{}
+	// Map of certificate hashes to users
+	users = map[string]*User{}
 )

 func main() {
-	var mux gmi.ServeMux
-	mux.HandleFunc("/", welcome)
-	mux.HandleFunc("/login", login)
-	mux.HandleFunc("/login/password", loginPassword)
-	mux.HandleFunc("/profile", profile)
-	mux.HandleFunc("/admin", admin)
-	mux.HandleFunc("/logout", logout)
-
-	var server gmi.Server
-	if err := server.CertificateStore.Load("/var/lib/gemini/certs"); err != nil {
+	certificates := &certificate.Store{}
+	certificates.Register("localhost")
+	if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
 		log.Fatal(err)
 	}
-	server.Register("localhost", &mux)

-	if err := server.ListenAndServe(); err != nil {
+	mux := &gemini.Mux{}
+	mux.HandleFunc("/", profile)
+	mux.HandleFunc("/username", changeUsername)
+
+	server := &gemini.Server{
+		Handler:        mux,
+		ReadTimeout:    30 * time.Second,
+		WriteTimeout:   1 * time.Minute,
+		GetCertificate: certificates.Get,
+	}
+
+	if err := server.ListenAndServe(context.Background()); err != nil {
 		log.Fatal(err)
 	}
 }

-func getSession(crt *x509.Certificate) (*session, bool) {
-	fingerprint := gmi.Fingerprint(crt)
-	session, ok := sessions[fingerprint]
-	return session, ok
+func fingerprint(cert *x509.Certificate) string {
+	b := sha512.Sum512(cert.Raw)
+	return string(b[:])
 }

-func welcome(w *gmi.ResponseWriter, r *gmi.Request) {
-	fmt.Fprintln(w, "Welcome to this example.")
-	fmt.Fprintln(w, "=> /login Login")
+func profile(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
+	tls := r.TLS
+	if len(tls.PeerCertificates) == 0 {
+		w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
+		return
+	}
+	fingerprint := fingerprint(tls.PeerCertificates[0])
+	user, ok := users[fingerprint]
+	if !ok {
+		user = &User{}
+		users[fingerprint] = user
+	}
+	fmt.Fprintln(w, "Username:", user.Name)
+	fmt.Fprintln(w, "=> /username Change username")
 }

-func login(w *gmi.ResponseWriter, r *gmi.Request) {
-	cert, ok := gmi.Certificate(w, r)
-	if !ok {
-		return
-	}
-	username, ok := gmi.Input(w, r, "Username")
-	if !ok {
-		return
-	}
-	fingerprint := gmi.Fingerprint(cert)
-	sessions[fingerprint] = &session{
-		username: username,
-	}
-	gmi.Redirect(w, r, "/login/password")
-}
-
-func loginPassword(w *gmi.ResponseWriter, r *gmi.Request) {
-	cert, ok := gmi.Certificate(w, r)
-	if !ok {
-		return
-	}
-	session, ok := getSession(cert)
-	if !ok {
-		gmi.CertificateNotAuthorized(w, r)
+func changeUsername(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
+	tls := r.TLS
+	if len(tls.PeerCertificates) == 0 {
+		w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
 		return
 	}

-	password, ok := gmi.SensitiveInput(w, r, "Password")
-	if !ok {
+	username, err := gemini.QueryUnescape(r.URL.RawQuery)
+	if err != nil || username == "" {
+		w.WriteHeader(gemini.StatusInput, "Username")
 		return
 	}
-	expected := logins[session.username].password
-	if password == expected {
-		session.authorized = true
-		gmi.Redirect(w, r, "/profile")
-	} else {
-		gmi.SensitiveInput(w, r, "Wrong password. Try again")
+	fingerprint := fingerprint(tls.PeerCertificates[0])
+	user, ok := users[fingerprint]
+	if !ok {
+		user = &User{}
+		users[fingerprint] = user
 	}
-}
-
-func logout(w *gmi.ResponseWriter, r *gmi.Request) {
-	cert, ok := gmi.Certificate(w, r)
-	if !ok {
-		return
-	}
-	fingerprint := gmi.Fingerprint(cert)
-	delete(sessions, fingerprint)
-	fmt.Fprintln(w, "Successfully logged out.")
-}
-
-func profile(w *gmi.ResponseWriter, r *gmi.Request) {
-	cert, ok := gmi.Certificate(w, r)
-	if !ok {
-		return
-	}
-	session, ok := getSession(cert)
-	if !ok {
-		gmi.CertificateNotAuthorized(w, r)
-		return
-	}
-	user := logins[session.username]
-	fmt.Fprintln(w, "Username:", session.username)
-	fmt.Fprintln(w, "Admin:", user.admin)
-	fmt.Fprintln(w, "=> /logout Logout")
-}
-
-func admin(w *gmi.ResponseWriter, r *gmi.Request) {
-	cert, ok := gmi.Certificate(w, r)
-	if !ok {
-		return
-	}
-	session, ok := getSession(cert)
-	if !ok {
-		gmi.CertificateNotAuthorized(w, r)
-		return
-	}
-	user := logins[session.username]
-	if !user.admin {
-		gmi.CertificateNotAuthorized(w, r)
-		return
-	}
-	fmt.Fprintln(w, "Welcome to the admin portal.")
+	user.Name = username
+	w.WriteHeader(gemini.StatusRedirect, "/")
 }
--- a/examples/cert.go
+++ b/examples/cert.go
@ -1,83 +1,43 @@
 // +build ignore

+// This example illustrates a certificate generation tool.
+
 package main

 import (
-	"bytes"
-	"crypto/tls"
-	"crypto/x509"
-	"encoding/pem"
+	"crypto/x509/pkix"
+	"fmt"
 	"log"
 	"os"
 	"time"

-	gmi "git.sr.ht/~adnano/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini/certificate"
 )

 func main() {
-	host := "localhost"
-	duration := 365 * 24 * time.Hour
-	cert, err := gmi.NewCertificate(host, duration)
+	if len(os.Args) < 3 {
+		fmt.Printf("usage: %s [hostname] [duration]\n", os.Args[0])
+		os.Exit(1)
+	}
+	host := os.Args[1]
+	duration, err := time.ParseDuration(os.Args[2])
 	if err != nil {
 		log.Fatal(err)
 	}
-	if err := writeCertificate(host, cert); err != nil {
+	options := certificate.CreateOptions{
+		Subject: pkix.Name{
+			CommonName: host,
+		},
+		DNSNames: []string{host},
+		Duration: duration,
+	}
+	cert, err := certificate.Create(options)
+	if err != nil {
+		log.Fatal(err)
+	}
+	certPath := host + ".crt"
+	keyPath := host + ".key"
+	if err := certificate.Write(cert, certPath, keyPath); err != nil {
 		log.Fatal(err)
 	}
 }
-
-// writeCertificate writes the provided certificate and private key
-// to path.crt and path.key respectively.
-func writeCertificate(path string, cert tls.Certificate) error {
-	crt, err := marshalX509Certificate(cert.Leaf.Raw)
-	if err != nil {
-		return err
-	}
-	key, err := marshalPrivateKey(cert.PrivateKey)
-	if err != nil {
-		return err
-	}
-
-	// Write the certificate
-	crtPath := path + ".crt"
-	crtOut, err := os.OpenFile(crtPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		return err
-	}
-	if _, err := crtOut.Write(crt); err != nil {
-		return err
-	}
-
-	// Write the private key
-	keyPath := path + ".key"
-	keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		return err
-	}
-	if _, err := keyOut.Write(key); err != nil {
-		return err
-	}
-	return nil
-}
-
-// marshalX509Certificate returns a PEM-encoded version of the given raw certificate.
-func marshalX509Certificate(cert []byte) ([]byte, error) {
-	var b bytes.Buffer
-	if err := pem.Encode(&b, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
-
-// marshalPrivateKey returns PEM encoded versions of the given certificate and private key.
-func marshalPrivateKey(priv interface{}) ([]byte, error) {
-	var b bytes.Buffer
-	privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
-	if err != nil {
-		return nil, err
-	}
-	if err := pem.Encode(&b, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
--- a/examples/client.go
+++ b/examples/client.go
@ -1,118 +1,55 @@
 // +build ignore

+// This example illustrates a Gemini client.
+
 package main

 import (
 	"bufio"
-	"crypto/tls"
+	"context"
 	"crypto/x509"
+	"errors"
 	"fmt"
+	"io"
+	"log"
+	"net/url"
 	"os"
-	"time"
+	"path/filepath"

-	gmi "git.sr.ht/~adnano/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini/tofu"
 )

 var (
-	scanner = bufio.NewScanner(os.Stdin)
-	client  = &gmi.Client{}
+	hosts     tofu.KnownHosts
+	hostsfile *tofu.HostWriter
+	scanner   *bufio.Scanner
 )

+func xdgDataHome() string {
+	if s, ok := os.LookupEnv("XDG_DATA_HOME"); ok {
+		return s
+	}
+	return filepath.Join(os.Getenv("HOME"), ".local", "share")
+}
+
 func init() {
-	// Initialize the client
-	client.KnownHosts.LoadDefault() // Load known hosts
-	client.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *gmi.KnownHosts) error {
-		err := knownHosts.Lookup(hostname, cert)
-		if err != nil {
-			switch err {
-			case gmi.ErrCertificateNotTrusted:
-				// Alert the user that the certificate is not trusted
-				fmt.Printf("Warning: Certificate for %s is not trusted!\n", hostname)
-				fmt.Println("This could indicate a Man-in-the-Middle attack.")
-			case gmi.ErrCertificateUnknown:
-				// Prompt the user to trust the certificate
-				trust := trustCertificate(cert)
-				switch trust {
-				case trustOnce:
-					// Temporarily trust the certificate
-					knownHosts.AddTemporary(hostname, cert)
-					return nil
-				case trustAlways:
-					// Add the certificate to the known hosts file
-					knownHosts.Add(hostname, cert)
-					return nil
-				}
-			}
-		}
-		return err
-	}
-	client.GetCertificate = func(hostname string, store *gmi.CertificateStore) *tls.Certificate {
-		// If the certificate is in the store, return it
-		if cert, err := store.Lookup(hostname); err == nil {
-			return cert
-		}
-		// Otherwise, generate a certificate
-		fmt.Println("Generating client certificate for", hostname)
-		duration := time.Hour
-		cert, err := gmi.NewCertificate(hostname, duration)
-		if err != nil {
-			return nil
-		}
-		// Store and return the certificate
-		store.Add(hostname, cert)
-		return &cert
-	}
-}
-
-// sendRequest sends a request to the given URL.
-func sendRequest(req *gmi.Request) error {
-	resp, err := client.Send(req)
+	// Load known hosts file
+	path := filepath.Join(xdgDataHome(), "gemini", "known_hosts")
+	err := hosts.Load(path)
 	if err != nil {
-		return err
+		log.Fatal(err)
 	}

-	// TODO: More fine-grained analysis of the status code.
-	switch resp.Status / 10 {
-	case gmi.StatusClassInput:
-		fmt.Printf("%s: ", resp.Meta)
-		scanner.Scan()
-		req.URL.RawQuery = scanner.Text()
-		return sendRequest(req)
-	case gmi.StatusClassSuccess:
-		fmt.Print(string(resp.Body))
-		return nil
-	case gmi.StatusClassRedirect:
-		fmt.Println("Redirecting to", resp.Meta)
-		// Make the request to the same host
-		red, err := gmi.NewRequestTo(resp.Meta, req.Host)
-		if err != nil {
-			return err
-		}
-		// Handle relative redirects
-		red.URL = req.URL.ResolveReference(red.URL)
-		return sendRequest(red)
-	case gmi.StatusClassTemporaryFailure:
-		return fmt.Errorf("Temporary failure: %s", resp.Meta)
-	case gmi.StatusClassPermanentFailure:
-		return fmt.Errorf("Permanent failure: %s", resp.Meta)
-	case gmi.StatusClassCertificateRequired:
-		// Note that this should not happen unless the server responds with
-		// CertificateRequired even after we send a certificate.
-		// CertificateNotAuthorized and CertificateNotValid are handled here.
-		return fmt.Errorf("Certificate required: %s", resp.Meta)
+	hostsfile, err = tofu.OpenHostsFile(path)
+	if err != nil {
+		log.Fatal(err)
 	}
-	panic("unreachable")
+
+	scanner = bufio.NewScanner(os.Stdin)
 }

-type trust int
-
-const (
-	trustAbort trust = iota
-	trustOnce
-	trustAlways
-)
-
-const trustPrompt = `The certificate offered by this server is of unknown trust. Its fingerprint is:
+const trustPrompt = `The certificate offered by %s is of unknown trust. Its fingerprint is:
 %s

 If you knew the fingerprint to expect in advance, verify that this matches.
@ -121,45 +58,108 @@ Otherwise, this should be safe to trust.
 [t]rust always; trust [o]nce; [a]bort
 => `

-func trustCertificate(cert *x509.Certificate) trust {
-	fmt.Printf(trustPrompt, gmi.Fingerprint(cert))
+func trustCertificate(hostname string, cert *x509.Certificate) error {
+	host := tofu.NewHost(hostname, cert.Raw)
+	knownHost, ok := hosts.Lookup(hostname)
+	if ok {
+		// Check fingerprint
+		if knownHost.Fingerprint != host.Fingerprint {
+			return errors.New("error: fingerprint does not match!")
+		}
+		return nil
+	}
+
+	fmt.Printf(trustPrompt, hostname, host.Fingerprint)
 	scanner.Scan()
 	switch scanner.Text() {
 	case "t":
-		return trustAlways
+		hosts.Add(host)
+		hostsfile.WriteHost(host)
+		return nil
 	case "o":
-		return trustOnce
+		hosts.Add(host)
+		return nil
 	default:
-		return trustAbort
+		return errors.New("certificate not trusted")
 	}
 }

+func getInput(prompt string) (input string, ok bool) {
+	fmt.Printf("%s ", prompt)
+	scanner.Scan()
+	return scanner.Text(), true
+}
+
+func do(req *gemini.Request, via []*gemini.Request) (*gemini.Response, error) {
+	client := gemini.Client{
+		TrustCertificate: trustCertificate,
+	}
+	ctx := context.Background()
+	resp, err := client.Do(ctx, req)
+	if err != nil {
+		return resp, err
+	}
+
+	switch resp.Status.Class() {
+	case gemini.StatusInput:
+		input, ok := getInput(resp.Meta)
+		if !ok {
+			break
+		}
+		req.URL.ForceQuery = true
+		req.URL.RawQuery = gemini.QueryEscape(input)
+		return do(req, via)
+
+	case gemini.StatusRedirect:
+		via = append(via, req)
+		if len(via) > 5 {
+			return resp, errors.New("too many redirects")
+		}
+
+		target, err := url.Parse(resp.Meta)
+		if err != nil {
+			return resp, err
+		}
+		target = req.URL.ResolveReference(target)
+		redirect := *req
+		redirect.URL = target
+		return do(&redirect, via)
+	}
+
+	return resp, err
+}
+
 func main() {
 	if len(os.Args) < 2 {
-		fmt.Printf("usage: %s gemini://...", os.Args[0])
+		fmt.Printf("usage: %s <url> [host]\n", os.Args[0])
 		os.Exit(1)
 	}

-	var host string
-	if len(os.Args) >= 3 {
-		host = os.Args[2]
-	}
-
+	// Do the request
 	url := os.Args[1]
-	var req *gmi.Request
-	var err error
-	if host != "" {
-		req, err = gmi.NewRequestTo(url, host)
-	} else {
-		req, err = gmi.NewRequest(url)
-	}
+	req, err := gemini.NewRequest(url)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
-
-	if err := sendRequest(req); err != nil {
+	if len(os.Args) == 3 {
+		req.Host = os.Args[2]
+	}
+	resp, err := do(req, nil)
+	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
+	defer resp.Body.Close()
+
+	// Handle response
+	if resp.Status.Class() == gemini.StatusSuccess {
+		_, err := io.Copy(os.Stdout, resp.Body)
+		if err != nil {
+			log.Fatal(err)
+		}
+	} else {
+		fmt.Printf("%d %s\n", resp.Status, resp.Meta)
+		os.Exit(1)
+	}
 }
--- a/examples/html.go
+++ b/examples/html.go
@ -0,0 +1,83 @@
+// +build ignore
+
+// This example illustrates a gemtext to HTML converter.
+
+package main
+
+import (
+	"fmt"
+	"html"
+	"io"
+	"os"
+
+	"git.tebibyte.media/sashakoshka/go-gemini"
+)
+
+func main() {
+	hw := HTMLWriter{
+		out: os.Stdout,
+	}
+	gemini.ParseLines(os.Stdin, hw.Handle)
+	hw.Finish()
+}
+
+type HTMLWriter struct {
+	out  io.Writer
+	pre  bool
+	list bool
+}
+
+func (h *HTMLWriter) Handle(line gemini.Line) {
+	if _, ok := line.(gemini.LineListItem); ok {
+		if !h.list {
+			h.list = true
+			fmt.Fprint(h.out, "<ul>\n")
+		}
+	} else if h.list {
+		h.list = false
+		fmt.Fprint(h.out, "</ul>\n")
+	}
+	switch line := line.(type) {
+	case gemini.LineLink:
+		url := html.EscapeString(line.URL)
+		name := html.EscapeString(line.Name)
+		if name == "" {
+			name = url
+		}
+		fmt.Fprintf(h.out, "<p><a href='%s'>%s</a></p>\n", url, name)
+	case gemini.LinePreformattingToggle:
+		h.pre = !h.pre
+		if h.pre {
+			fmt.Fprint(h.out, "<pre>\n")
+		} else {
+			fmt.Fprint(h.out, "</pre>\n")
+		}
+	case gemini.LinePreformattedText:
+		fmt.Fprintf(h.out, "%s\n", html.EscapeString(string(line)))
+	case gemini.LineHeading1:
+		fmt.Fprintf(h.out, "<h1>%s</h1>\n", html.EscapeString(string(line)))
+	case gemini.LineHeading2:
+		fmt.Fprintf(h.out, "<h2>%s</h2>\n", html.EscapeString(string(line)))
+	case gemini.LineHeading3:
+		fmt.Fprintf(h.out, "<h3>%s</h3>\n", html.EscapeString(string(line)))
+	case gemini.LineListItem:
+		fmt.Fprintf(h.out, "<li>%s</li>\n", html.EscapeString(string(line)))
+	case gemini.LineQuote:
+		fmt.Fprintf(h.out, "<blockquote>%s</blockquote>\n", html.EscapeString(string(line)))
+	case gemini.LineText:
+		if line == "" {
+			fmt.Fprint(h.out, "<br>\n")
+		} else {
+			fmt.Fprintf(h.out, "<p>%s</p>\n", html.EscapeString(string(line)))
+		}
+	}
+}
+
+func (h *HTMLWriter) Finish() {
+	if h.pre {
+		fmt.Fprint(h.out, "</pre>\n")
+	}
+	if h.list {
+		fmt.Fprint(h.out, "</ul>\n")
+	}
+}
--- a/examples/server.go
+++ b/examples/server.go
@ -1,112 +1,58 @@
 // +build ignore

+// This example illustrates a Gemini server.
+
 package main

 import (
-	"bytes"
-	"crypto/tls"
-	"crypto/x509"
-	"encoding/pem"
+	"context"
 	"log"
 	"os"
+	"os/signal"
 	"time"

-	gmi "git.sr.ht/~adnano/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini/certificate"
 )

 func main() {
-	var server gmi.Server
-	if err := server.CertificateStore.Load("/var/lib/gemini/certs"); err != nil {
+	certificates := &certificate.Store{}
+	certificates.Register("localhost")
+	if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
 		log.Fatal(err)
 	}
-	server.GetCertificate = func(hostname string, store *gmi.CertificateStore) *tls.Certificate {
-		cert, err := store.Lookup(hostname)
+
+	mux := &gemini.Mux{}
+	mux.Handle("/", gemini.FileServer(os.DirFS("/var/www")))
+
+	server := &gemini.Server{
+		Handler:        gemini.LoggingMiddleware(mux),
+		ReadTimeout:    30 * time.Second,
+		WriteTimeout:   1 * time.Minute,
+		GetCertificate: certificates.Get,
+	}
+
+	// Listen for interrupt signal
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, os.Interrupt)
+
+	errch := make(chan error)
+	go func() {
+		ctx := context.Background()
+		errch <- server.ListenAndServe(ctx)
+	}()
+
+	select {
+	case err := <-errch:
+		log.Fatal(err)
+	case <-c:
+		// Shutdown the server
+		log.Println("Shutting down...")
+		ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+		defer cancel()
+		err := server.Shutdown(ctx)
 		if err != nil {
-			switch err {
-			case gmi.ErrCertificateExpired:
-				// Generate a new certificate if the current one is expired.
-				log.Print("Old certificate expired, creating new one")
-				fallthrough
-			case gmi.ErrCertificateUnknown:
-				// Generate a certificate if one does not exist.
-				cert, err := gmi.NewCertificate(hostname, time.Minute)
-				if err != nil {
-					// Failed to generate new certificate, abort
-					return nil
-				}
-				// Store and return the new certificate
-				err = writeCertificate("/var/lib/gemini/certs/"+hostname, cert)
-				if err != nil {
-					return nil
-				}
-				store.Add(hostname, cert)
-				return &cert
-			}
+			log.Fatal(err)
 		}
-		return cert
-	}
-
-	var mux gmi.ServeMux
-	mux.Handle("/", gmi.FileServer(gmi.Dir("/var/www")))
-
-	server.Register("localhost", &mux)
-	if err := server.ListenAndServe(); err != nil {
-		log.Fatal(err)
 	}
 }
-
-// writeCertificate writes the provided certificate and private key
-// to path.crt and path.key respectively.
-func writeCertificate(path string, cert tls.Certificate) error {
-	crt, err := marshalX509Certificate(cert.Leaf.Raw)
-	if err != nil {
-		return err
-	}
-	key, err := marshalPrivateKey(cert.PrivateKey)
-	if err != nil {
-		return err
-	}
-
-	// Write the certificate
-	crtPath := path + ".crt"
-	crtOut, err := os.OpenFile(crtPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		return err
-	}
-	if _, err := crtOut.Write(crt); err != nil {
-		return err
-	}
-
-	// Write the private key
-	keyPath := path + ".key"
-	keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
-	if err != nil {
-		return err
-	}
-	if _, err := keyOut.Write(key); err != nil {
-		return err
-	}
-	return nil
-}
-
-// marshalX509Certificate returns a PEM-encoded version of the given raw certificate.
-func marshalX509Certificate(cert []byte) ([]byte, error) {
-	var b bytes.Buffer
-	if err := pem.Encode(&b, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
-
-// marshalPrivateKey returns PEM encoded versions of the given certificate and private key.
-func marshalPrivateKey(priv interface{}) ([]byte, error) {
-	var b bytes.Buffer
-	privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
-	if err != nil {
-		return nil, err
-	}
-	if err := pem.Encode(&b, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
--- a/examples/stream.go
+++ b/examples/stream.go
@ -0,0 +1,54 @@
+// +build ignore
+
+// This example illustrates a streaming Gemini server.
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"time"
+
+	"git.tebibyte.media/sashakoshka/go-gemini"
+	"git.tebibyte.media/sashakoshka/go-gemini/certificate"
+)
+
+func main() {
+	certificates := &certificate.Store{}
+	certificates.Register("localhost")
+	if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
+		log.Fatal(err)
+	}
+
+	mux := &gemini.Mux{}
+	mux.HandleFunc("/", stream)
+
+	server := &gemini.Server{
+		Handler:        mux,
+		ReadTimeout:    30 * time.Second,
+		WriteTimeout:   1 * time.Minute,
+		GetCertificate: certificates.Get,
+	}
+
+	ctx := context.Background()
+	if err := server.ListenAndServe(ctx); err != nil {
+		log.Fatal(err)
+	}
+}
+
+// stream writes an infinite stream to w.
+func stream(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		default:
+		}
+		fmt.Fprintln(w, time.Now().UTC())
+		if err := w.Flush(); err != nil {
+			return
+		}
+		time.Sleep(time.Second)
+	}
+}
--- a/fs.go
+++ b/fs.go
@ -1,85 +1,186 @@
+// +build go1.16
+
 package gemini

 import (
+	"context"
+	"errors"
+	"fmt"
 	"io"
+	"io/fs"
 	"mime"
-	"os"
+	"net/url"
 	"path"
-	"path/filepath"
+	"sort"
+	"strings"
 )

-func init() {
-	// Add Gemini mime types
-	mime.AddExtensionType(".gmi", "text/gemini")
-	mime.AddExtensionType(".gemini", "text/gemini")
+// FileServer returns a handler that serves Gemini requests with the contents
+// of the provided file system.
+//
+// To use the operating system's file system implementation, use os.DirFS:
+//
+//     gemini.FileServer(os.DirFS("/tmp"))
+func FileServer(fsys fs.FS) Handler {
+	return fileServer{fsys}
 }

-// FileServer takes a filesystem and returns a Responder which uses that filesystem.
-// The returned Responder sanitizes paths before handling them.
-func FileServer(fsys FS) Responder {
-	return fsHandler{fsys}
+type fileServer struct {
+	fs.FS
 }

-type fsHandler struct {
-	FS
-}
+func (fsys fileServer) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
+	const indexPage = "/index.gmi"

-func (fsh fsHandler) Respond(w *ResponseWriter, r *Request) {
-	path := path.Clean(r.URL.Path)
-	f, err := fsh.Open(path)
-	if err != nil {
-		NotFound(w, r)
+	url := path.Clean(r.URL.Path)
+
+	// Redirect .../index.gmi to .../
+	if strings.HasSuffix(url, indexPage) {
+		w.WriteHeader(StatusPermanentRedirect, strings.TrimSuffix(url, "index.gmi"))
 		return
 	}
-	// Detect mimetype
-	ext := filepath.Ext(path)
+
+	name := url
+	if name == "/" {
+		name = "."
+	} else {
+		name = strings.TrimPrefix(name, "/")
+	}
+
+	f, err := fsys.Open(name)
+	if err != nil {
+		w.WriteHeader(toGeminiError(err))
+		return
+	}
+	defer f.Close()
+
+	stat, err := f.Stat()
+	if err != nil {
+		w.WriteHeader(toGeminiError(err))
+		return
+	}
+
+	// Redirect to canonical path
+	if len(r.URL.Path) != 0 {
+		if stat.IsDir() {
+			target := url
+			if target != "/" {
+				target += "/"
+			}
+			if len(r.URL.Path) != len(target) || r.URL.Path != target {
+				w.WriteHeader(StatusPermanentRedirect, target)
+				return
+			}
+		} else if r.URL.Path[len(r.URL.Path)-1] == '/' {
+			// Remove trailing slash
+			w.WriteHeader(StatusPermanentRedirect, url)
+			return
+		}
+	}
+
+	if stat.IsDir() {
+		// Use contents of index.gmi if present
+		name = path.Join(name, indexPage)
+		index, err := fsys.Open(name)
+		if err == nil {
+			defer index.Close()
+			f = index
+		} else {
+			// Failed to find index file
+			dirList(w, f)
+			return
+		}
+	}
+
+	// Detect mimetype from file extension
+	ext := path.Ext(name)
 	mimetype := mime.TypeByExtension(ext)
-	w.SetMimetype(mimetype)
-	// Copy file to response writer
+	w.SetMediaType(mimetype)
 	io.Copy(w, f)
 }

-// TODO: replace with io/fs.FS when available
-type FS interface {
-	Open(name string) (File, error)
-}
+// ServeFile responds to the request with the contents of the named file
+// or directory. If the provided name is constructed from user input, it
+// should be sanitized before calling ServeFile.
+func ServeFile(w ResponseWriter, fsys fs.FS, name string) {
+	const indexPage = "/index.gmi"

-// TODO: replace with io/fs.File when available
-type File interface {
-	Stat() (os.FileInfo, error)
-	Read([]byte) (int, error)
-	Close() error
-}
-
-// Dir implements FS using the native filesystem restricted to a specific directory.
-type Dir string
-
-// Open tries to open the file with the given name.
-// If the file is a directory, it tries to open the index file in that directory.
-func (d Dir) Open(name string) (File, error) {
-	p := path.Join(string(d), name)
-	f, err := os.OpenFile(p, os.O_RDONLY, 0644)
-	if err != nil {
-		return nil, err
+	// Ensure name is relative
+	if name == "/" {
+		name = "."
+	} else {
+		name = strings.TrimLeft(name, "/")
 	}

-	if stat, err := f.Stat(); err == nil {
-		if stat.IsDir() {
-			f, err := os.Open(path.Join(p, "index.gmi"))
-			if err != nil {
-				return nil, err
-			}
-			stat, err := f.Stat()
-			if err != nil {
-				return nil, err
-			}
-			if stat.Mode().IsRegular() {
-				return f, nil
-			}
-			return nil, ErrNotAFile
-		} else if !stat.Mode().IsRegular() {
-			return nil, ErrNotAFile
+	f, err := fsys.Open(name)
+	if err != nil {
+		w.WriteHeader(toGeminiError(err))
+		return
+	}
+	defer f.Close()
+
+	stat, err := f.Stat()
+	if err != nil {
+		w.WriteHeader(toGeminiError(err))
+		return
+	}
+
+	if stat.IsDir() {
+		// Use contents of index file if present
+		name = path.Join(name, indexPage)
+		index, err := fsys.Open(name)
+		if err == nil {
+			defer index.Close()
+			f = index
+		} else {
+			// Failed to find index file
+			dirList(w, f)
+			return
 		}
 	}
-	return f, nil
+
+	// Detect mimetype from file extension
+	ext := path.Ext(name)
+	mimetype := mime.TypeByExtension(ext)
+	w.SetMediaType(mimetype)
+	io.Copy(w, f)
+}
+
+func dirList(w ResponseWriter, f fs.File) {
+	var entries []fs.DirEntry
+	var err error
+	d, ok := f.(fs.ReadDirFile)
+	if ok {
+		entries, err = d.ReadDir(-1)
+	}
+	if !ok || err != nil {
+		w.WriteHeader(StatusTemporaryFailure, "Error reading directory")
+		return
+	}
+
+	sort.Slice(entries, func(i, j int) bool {
+		return entries[i].Name() < entries[j].Name()
+	})
+
+	for _, entry := range entries {
+		name := entry.Name()
+		if entry.IsDir() {
+			name += "/"
+		}
+		link := LineLink{
+			Name: name,
+			URL:  "./" + url.PathEscape(name),
+		}
+		fmt.Fprintln(w, link.String())
+	}
+}
+
+func toGeminiError(err error) (status Status, meta string) {
+	if errors.Is(err, fs.ErrNotExist) {
+		return StatusNotFound, "Not found"
+	}
+	if errors.Is(err, fs.ErrPermission) {
+		return StatusNotFound, "Forbidden"
+	}
+	return StatusTemporaryFailure, "Internal server error"
 }
--- a/gemini.go
+++ b/gemini.go
@ -1,98 +1,34 @@
 package gemini

 import (
-	"crypto/tls"
-	"crypto/x509"
 	"errors"
-	"sync"
-	"time"
-)
-
-// Status codes.
-const (
-	StatusInput                    = 10
-	StatusSensitiveInput           = 11
-	StatusSuccess                  = 20
-	StatusRedirect                 = 30
-	StatusRedirectPermanent        = 31
-	StatusTemporaryFailure         = 40
-	StatusServerUnavailable        = 41
-	StatusCGIError                 = 42
-	StatusProxyError               = 43
-	StatusSlowDown                 = 44
-	StatusPermanentFailure         = 50
-	StatusNotFound                 = 51
-	StatusGone                     = 52
-	StatusProxyRequestRefused      = 53
-	StatusBadRequest               = 59
-	StatusCertificateRequired      = 60
-	StatusCertificateNotAuthorized = 61
-	StatusCertificateNotValid      = 62
-)
-
-// Status code categories.
-const (
-	StatusClassInput               = 1
-	StatusClassSuccess             = 2
-	StatusClassRedirect            = 3
-	StatusClassTemporaryFailure    = 4
-	StatusClassPermanentFailure    = 5
-	StatusClassCertificateRequired = 6
-)
-
-// Errors.
-var (
-	ErrInvalidURL            = errors.New("gemini: invalid URL")
-	ErrInvalidResponse       = errors.New("gemini: invalid response")
-	ErrCertificateUnknown    = errors.New("gemini: unknown certificate")
-	ErrCertificateExpired    = errors.New("gemini: certificate expired")
-	ErrCertificateNotTrusted = errors.New("gemini: certificate is not trusted")
-	ErrNotAFile              = errors.New("gemini: not a file")
-	ErrBodyNotAllowed        = errors.New("gemini: response status code does not allow for body")
-)
-
-// DefaultClient is the default client. It is used by Send.
-//
-// On the first request, DefaultClient will load the default list of known hosts.
-var DefaultClient Client
-
-var (
-	crlf = []byte("\r\n")
+	"mime"
 )

 func init() {
-	DefaultClient.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *KnownHosts) error {
-		// Load the hosts only once. This is so that the hosts don't have to be loaded
-		// for those using their own clients.
-		setupDefaultClientOnce.Do(setupDefaultClient)
-		return knownHosts.Lookup(hostname, cert)
-	}
-	DefaultClient.GetCertificate = func(hostname string, store *CertificateStore) *tls.Certificate {
-		// If the certificate is in the store, return it
-		if cert, err := store.Lookup(hostname); err == nil {
-			return cert
-		}
-		// Otherwise, generate a certificate
-		duration := time.Hour
-		cert, err := NewCertificate(hostname, duration)
-		if err != nil {
-			return nil
-		}
-		// Store and return the certificate
-		store.Add(hostname, cert)
-		return &cert
+	// Add Gemini mime types
+	mime.AddExtensionType(".gmi", "text/gemini")
+	mime.AddExtensionType(".gemini", "text/gemini")
+}
+
+// Errors.
+var (
+	ErrInvalidRequest  = errors.New("gemini: invalid request")
+	ErrInvalidResponse = errors.New("gemini: invalid response")
+
+	// ErrBodyNotAllowed is returned by ResponseWriter.Write calls
+	// when the response status code does not permit a body.
+	ErrBodyNotAllowed = errors.New("gemini: response status code does not allow body")
+)
+
+var crlf = []byte("\r\n")
+
+func trimCRLF(b []byte) ([]byte, bool) {
+	// Check for CR
+	if len(b) < 2 || b[len(b)-2] != '\r' {
+		return nil, false
 	}
-}
-
-var setupDefaultClientOnce sync.Once
-
-func setupDefaultClient() {
-	DefaultClient.KnownHosts.LoadDefault()
-}
-
-// Send sends a Gemini request and returns a Gemini response.
-//
-// Send is a wrapper around DefaultClient.Send.
-func Send(req *Request) (*Response, error) {
-	return DefaultClient.Send(req)
+	// Trim CRLF
+	b = b[:len(b)-2]
+	return b, true
 }
--- a/go.mod
+++ b/go.mod
@ -1,3 +1,5 @@
-module git.sr.ht/~adnano/go-gemini
+module git.tebibyte.media/sashakoshka/go-gemini

 go 1.15
+
+require golang.org/x/net v0.0.0-20210119194325-5f4716e94777
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,7 @@
+golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
+golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
--- a/handler.go
+++ b/handler.go
@ -0,0 +1,158 @@
+package gemini
+
+import (
+	"bytes"
+	"context"
+	"io"
+	"net/url"
+	"strings"
+	"time"
+)
+
+// A Handler responds to a Gemini request.
+//
+// ServeGemini should write the response header and data to the ResponseWriter
+// and then return. Returning signals that the request is finished; it is not
+// valid to use the ResponseWriter after or concurrently with the completion
+// of the ServeGemini call.
+//
+// The provided context is canceled when the client's connection is closed
+// or the ServeGemini method returns.
+//
+// Handlers should not modify the provided Request.
+type Handler interface {
+	ServeGemini(context.Context, ResponseWriter, *Request)
+}
+
+// The HandlerFunc type is an adapter to allow the use of ordinary functions
+// as Gemini handlers. If f is a function with the appropriate signature,
+// HandlerFunc(f) is a Handler that calls f.
+type HandlerFunc func(context.Context, ResponseWriter, *Request)
+
+// ServeGemini calls f(ctx, w, r).
+func (f HandlerFunc) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
+	f(ctx, w, r)
+}
+
+// StatusHandler returns a request handler that responds to each request
+// with the provided status code and meta.
+func StatusHandler(status Status, meta string) Handler {
+	return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
+		w.WriteHeader(status, meta)
+	})
+}
+
+// NotFoundHandler returns a simple request handler that replies to each
+// request with a “51 Not found” reply.
+func NotFoundHandler() Handler {
+	return StatusHandler(StatusNotFound, "Not found")
+}
+
+// StripPrefix returns a handler that serves Gemini requests by removing the
+// given prefix from the request URL's Path (and RawPath if set) and invoking
+// the handler h. StripPrefix handles a request for a path that doesn't begin
+// with prefix by replying with a Gemini 51 not found error. The prefix must
+// match exactly: if the prefix in the request contains escaped characters the
+// reply is also a Gemini 51 not found error.
+func StripPrefix(prefix string, h Handler) Handler {
+	if prefix == "" {
+		return h
+	}
+	return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
+		p := strings.TrimPrefix(r.URL.Path, prefix)
+		rp := strings.TrimPrefix(r.URL.RawPath, prefix)
+		if len(p) < len(r.URL.Path) && (r.URL.RawPath == "" || len(rp) < len(r.URL.RawPath)) {
+			r2 := new(Request)
+			*r2 = *r
+			r2.URL = new(url.URL)
+			*r2.URL = *r.URL
+			r2.URL.Path = p
+			r2.URL.RawPath = rp
+			h.ServeGemini(ctx, w, r2)
+		} else {
+			w.WriteHeader(StatusNotFound, "Not found")
+		}
+	})
+}
+
+// TimeoutHandler returns a Handler that runs h with the given time limit.
+//
+// The new Handler calls h.ServeGemini to handle each request, but
+// if a call runs for longer than its time limit, the handler responds with a
+// 40 Temporary Failure status code and the given message in its response meta.
+// After such a timeout, writes by h to its ResponseWriter will return
+// context.DeadlineExceeded.
+func TimeoutHandler(h Handler, dt time.Duration, message string) Handler {
+	return &timeoutHandler{
+		h:   h,
+		dt:  dt,
+		msg: message,
+	}
+}
+
+type timeoutHandler struct {
+	h   Handler
+	dt  time.Duration
+	msg string
+}
+
+func (t *timeoutHandler) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
+	ctx, cancel := context.WithTimeout(ctx, t.dt)
+	defer cancel()
+
+	buf := &bytes.Buffer{}
+	tw := &timeoutWriter{
+		wr: &contextWriter{
+			ctx:    ctx,
+			cancel: cancel,
+			done:   ctx.Done(),
+			wc:     nopCloser{buf},
+		},
+	}
+
+	done := make(chan struct{})
+	go func() {
+		t.h.ServeGemini(ctx, tw, r)
+		close(done)
+	}()
+
+	select {
+	case <-done:
+		w.WriteHeader(tw.status, tw.meta)
+		w.Write(buf.Bytes())
+	case <-ctx.Done():
+		w.WriteHeader(StatusTemporaryFailure, t.msg)
+	}
+}
+
+type timeoutWriter struct {
+	wr          io.Writer
+	status      Status
+	meta        string
+	mediatype   string
+	wroteHeader bool
+}
+
+func (w *timeoutWriter) SetMediaType(mediatype string) {
+	w.mediatype = mediatype
+}
+
+func (w *timeoutWriter) Write(b []byte) (int, error) {
+	if !w.wroteHeader {
+		w.WriteHeader(StatusSuccess, w.mediatype)
+	}
+	return w.wr.Write(b)
+}
+
+func (w *timeoutWriter) WriteHeader(status Status, meta string) {
+	if w.wroteHeader {
+		return
+	}
+	w.status = status
+	w.meta = meta
+	w.wroteHeader = true
+}
+
+func (w *timeoutWriter) Flush() error {
+	return nil
+}
--- a/io.go
+++ b/io.go
@ -0,0 +1,76 @@
+package gemini
+
+import (
+	"context"
+	"io"
+)
+
+type contextReader struct {
+	ctx    context.Context
+	done   <-chan struct{}
+	cancel func()
+	rc     io.ReadCloser
+}
+
+func (r *contextReader) Read(p []byte) (int, error) {
+	select {
+	case <-r.done:
+		r.rc.Close()
+		return 0, r.ctx.Err()
+	default:
+	}
+	n, err := r.rc.Read(p)
+	if err != nil {
+		r.cancel()
+	}
+	return n, err
+}
+
+func (r *contextReader) Close() error {
+	r.cancel()
+	return r.rc.Close()
+}
+
+type contextWriter struct {
+	ctx    context.Context
+	done   <-chan struct{}
+	cancel func()
+	wc     io.WriteCloser
+}
+
+func (w *contextWriter) Write(b []byte) (int, error) {
+	select {
+	case <-w.done:
+		w.wc.Close()
+		return 0, w.ctx.Err()
+	default:
+	}
+	n, err := w.wc.Write(b)
+	if err != nil {
+		w.cancel()
+	}
+	return n, err
+}
+
+func (w *contextWriter) Close() error {
+	w.cancel()
+	return w.wc.Close()
+}
+
+type nopCloser struct {
+	io.Writer
+}
+
+func (nopCloser) Close() error {
+	return nil
+}
+
+type nopReadCloser struct{}
+
+func (nopReadCloser) Read(p []byte) (int, error) {
+	return 0, io.EOF
+}
+
+func (nopReadCloser) Close() error {
+	return nil
+}
--- a/middleware.go
+++ b/middleware.go
@ -0,0 +1,58 @@
+package gemini
+
+import (
+	"context"
+	"log"
+)
+
+// LoggingMiddleware returns a handler that wraps h and logs Gemini requests
+// and their responses to the log package's standard logger.
+// Requests are logged with the format "gemini: {host} {URL} {status code} {bytes written}".
+func LoggingMiddleware(h Handler) Handler {
+	return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
+		lw := &logResponseWriter{rw: w}
+		h.ServeGemini(ctx, lw, r)
+		host := r.ServerName()
+		log.Printf("gemini: %s %q %d %d", host, r.URL, lw.Status, lw.Wrote)
+	})
+}
+
+type logResponseWriter struct {
+	Status      Status
+	Wrote       int
+	rw          ResponseWriter
+	mediatype   string
+	wroteHeader bool
+}
+
+func (w *logResponseWriter) SetMediaType(mediatype string) {
+	w.mediatype = mediatype
+}
+
+func (w *logResponseWriter) Write(b []byte) (int, error) {
+	if !w.wroteHeader {
+		meta := w.mediatype
+		if meta == "" {
+			// Use default media type
+			meta = defaultMediaType
+		}
+		w.WriteHeader(StatusSuccess, meta)
+	}
+	n, err := w.rw.Write(b)
+	w.Wrote += n
+	return n, err
+}
+
+func (w *logResponseWriter) WriteHeader(status Status, meta string) {
+	if w.wroteHeader {
+		return
+	}
+	w.wroteHeader = true
+	w.Status = status
+	w.Wrote += len(meta) + 5
+	w.rw.WriteHeader(status, meta)
+}
+
+func (w *logResponseWriter) Flush() error {
+	return nil
+}
--- a/mux.go
+++ b/mux.go
@ -0,0 +1,281 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE-GO file.
+
+package gemini
+
+import (
+	"context"
+	"net"
+	"net/url"
+	"path"
+	"sort"
+	"strings"
+	"sync"
+)
+
+// Mux is a Gemini request multiplexer.
+// It matches the URL of each incoming request against a list of registered
+// patterns and calls the handler for the pattern that
+// most closely matches the URL.
+//
+// Patterns name fixed, rooted paths, like "/favicon.ico",
+// or rooted subtrees, like "/images/" (note the trailing slash).
+// Longer patterns take precedence over shorter ones, so that
+// if there are handlers registered for both "/images/"
+// and "/images/thumbnails/", the latter handler will be
+// called for paths beginning "/images/thumbnails/" and the
+// former will receive requests for any other paths in the
+// "/images/" subtree.
+//
+// Note that since a pattern ending in a slash names a rooted subtree,
+// the pattern "/" matches all paths not matched by other registered
+// patterns, not just the URL with Path == "/".
+//
+// Patterns may optionally begin with a host name, restricting matches to
+// URLs on that host only. Host-specific patterns take precedence over
+// general patterns, so that a handler might register for the two patterns
+// "/search" and "search.example.com/" without also taking over requests
+// for "gemini://example.com/".
+//
+// Wildcard patterns can be used to match multiple hostnames. For example,
+// the pattern "*.example.com" will match requests for "blog.example.com"
+// and "gemini.example.com", but not "example.org".
+//
+// If a subtree has been registered and a request is received naming the
+// subtree root without its trailing slash, Mux redirects that
+// request to the subtree root (adding the trailing slash). This behavior can
+// be overridden with a separate registration for the path without
+// the trailing slash. For example, registering "/images/" causes Mux
+// to redirect a request for "/images" to "/images/", unless "/images" has
+// been registered separately.
+//
+// Mux also takes care of sanitizing the URL request path and
+// redirecting any request containing . or .. elements or repeated slashes
+// to an equivalent, cleaner URL.
+type Mux struct {
+	mu sync.RWMutex
+	m  map[hostpath]Handler
+	es []muxEntry // slice of entries sorted from longest to shortest
+}
+
+type hostpath struct {
+	host string
+	path string
+}
+
+type muxEntry struct {
+	handler Handler
+	host    string
+	path    string
+}
+
+// cleanPath returns the canonical path for p, eliminating . and .. elements.
+func cleanPath(p string) string {
+	if p == "" {
+		return "/"
+	}
+	if p[0] != '/' {
+		p = "/" + p
+	}
+	np := path.Clean(p)
+	// path.Clean removes trailing slash except for root;
+	// put the trailing slash back if necessary.
+	if p[len(p)-1] == '/' && np != "/" {
+		// Fast path for common case of p being the string we want:
+		if len(p) == len(np)+1 && strings.HasPrefix(p, np) {
+			np = p
+		} else {
+			np += "/"
+		}
+	}
+	return np
+}
+
+// Find a handler on a handler map given a path string.
+// Most-specific (longest) pattern wins.
+func (mux *Mux) match(host, path string) Handler {
+	// Check for exact match first.
+	if h, ok := mux.m[hostpath{host, path}]; ok {
+		return h
+	}
+
+	// Check for longest valid match.  mux.es contains all patterns
+	// that end in / sorted from longest to shortest.
+	for _, e := range mux.es {
+		if len(e.host) == len(host) && e.host == host &&
+			strings.HasPrefix(path, e.path) {
+			return e.handler
+		}
+	}
+	return nil
+}
+
+// redirectToPathSlash determines if the given path needs appending "/" to it.
+// This occurs when a handler for path + "/" was already registered, but
+// not for path itself. If the path needs appending to, it creates a new
+// URL, setting the path to u.Path + "/" and returning true to indicate so.
+func (mux *Mux) redirectToPathSlash(host, path string, u *url.URL) (*url.URL, bool) {
+	mux.mu.RLock()
+	shouldRedirect := mux.shouldRedirectRLocked(host, path)
+	mux.mu.RUnlock()
+	if !shouldRedirect {
+		return u, false
+	}
+	return u.ResolveReference(&url.URL{Path: path + "/"}), true
+}
+
+// shouldRedirectRLocked reports whether the given path and host should be redirected to
+// path+"/". This should happen if a handler is registered for path+"/" but
+// not path -- see comments at Mux.
+func (mux *Mux) shouldRedirectRLocked(host, path string) bool {
+	if _, exist := mux.m[hostpath{host, path}]; exist {
+		return false
+	}
+
+	n := len(path)
+	if n == 0 {
+		return false
+	}
+	if _, exist := mux.m[hostpath{host, path + "/"}]; exist {
+		return path[n-1] != '/'
+	}
+
+	return false
+}
+
+func getWildcard(hostname string) (string, bool) {
+	if net.ParseIP(hostname) == nil {
+		split := strings.SplitN(hostname, ".", 2)
+		if len(split) == 2 {
+			return "*." + split[1], true
+		}
+	}
+	return "", false
+}
+
+// Handler returns the handler to use for the given request, consulting
+// r.URL.Scheme, r.URL.Host, and r.URL.Path. It always returns a non-nil handler. If
+// the path is not in its canonical form, the handler will be an
+// internally-generated handler that redirects to the canonical path. If the
+// host contains a port, it is ignored when matching handlers.
+func (mux *Mux) Handler(r *Request) Handler {
+	// Disallow non-Gemini schemes
+	if r.URL.Scheme != "gemini" {
+		return NotFoundHandler()
+	}
+
+	host := r.URL.Hostname()
+	path := cleanPath(r.URL.Path)
+
+	// If the given path is /tree and its handler is not registered,
+	// redirect for /tree/.
+	if u, ok := mux.redirectToPathSlash(host, path, r.URL); ok {
+		return StatusHandler(StatusPermanentRedirect, u.String())
+	}
+
+	if path != r.URL.Path {
+		u := *r.URL
+		u.Path = path
+		return StatusHandler(StatusPermanentRedirect, u.String())
+	}
+
+	mux.mu.RLock()
+	defer mux.mu.RUnlock()
+
+	h := mux.match(host, path)
+
+	if h == nil {
+		// Try wildcard
+		if wildcard, ok := getWildcard(host); ok {
+			if u, ok := mux.redirectToPathSlash(wildcard, path, r.URL); ok {
+				return StatusHandler(StatusPermanentRedirect, u.String())
+			}
+			h = mux.match(wildcard, path)
+		}
+	}
+
+	if h == nil {
+		// Try empty host
+		if u, ok := mux.redirectToPathSlash("", path, r.URL); ok {
+			return StatusHandler(StatusPermanentRedirect, u.String())
+		}
+		h = mux.match("", path)
+	}
+
+	if h == nil {
+		h = NotFoundHandler()
+	}
+
+	return h
+}
+
+// ServeGemini dispatches the request to the handler whose
+// pattern most closely matches the request URL.
+func (mux *Mux) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
+	h := mux.Handler(r)
+	h.ServeGemini(ctx, w, r)
+}
+
+// Handle registers the handler for the given pattern.
+// If a handler already exists for pattern, Handle panics.
+func (mux *Mux) Handle(pattern string, handler Handler) {
+	if pattern == "" {
+		panic("gemini: invalid pattern")
+	}
+	if handler == nil {
+		panic("gemini: nil handler")
+	}
+
+	mux.mu.Lock()
+	defer mux.mu.Unlock()
+
+	var host, path string
+	// extract hostname and path
+	cut := strings.Index(pattern, "/")
+	if cut == -1 {
+		host = pattern
+		path = "/"
+	} else {
+		host = pattern[:cut]
+		path = pattern[cut:]
+	}
+
+	// strip port from hostname
+	if hostname, _, err := net.SplitHostPort(host); err == nil {
+		host = hostname
+	}
+
+	if _, exist := mux.m[hostpath{host, path}]; exist {
+		panic("gemini: multiple registrations for " + pattern)
+	}
+
+	if mux.m == nil {
+		mux.m = make(map[hostpath]Handler)
+	}
+	mux.m[hostpath{host, path}] = handler
+	e := muxEntry{handler, host, path}
+	if path[len(path)-1] == '/' {
+		mux.es = appendSorted(mux.es, e)
+	}
+}
+
+func appendSorted(es []muxEntry, e muxEntry) []muxEntry {
+	n := len(es)
+	i := sort.Search(n, func(i int) bool {
+		return len(es[i].path) < len(e.path)
+	})
+	if i == n {
+		return append(es, e)
+	}
+	// we now know that i points at where we want to insert
+	es = append(es, muxEntry{}) // try to grow the slice in place, any entry works.
+	copy(es[i+1:], es[i:])      // move shorter entries down
+	es[i] = e
+	return es
+}
+
+// HandleFunc registers the handler function for the given pattern.
+func (mux *Mux) HandleFunc(pattern string, handler HandlerFunc) {
+	mux.Handle(pattern, handler)
+}
--- a/mux_test.go
+++ b/mux_test.go
@ -0,0 +1,356 @@
+package gemini
+
+import (
+	"context"
+	"io"
+	"net/url"
+	"testing"
+)
+
+type nopHandler struct{}
+
+func (*nopHandler) ServeGemini(context.Context, ResponseWriter, *Request) {}
+
+type nopResponseWriter struct {
+	Status Status
+	Meta   string
+}
+
+func (w *nopResponseWriter) WriteHeader(status Status, meta string) {
+	w.Status = status
+	w.Meta = meta
+}
+
+func (nopResponseWriter) SetMediaType(mediatype string) {}
+func (nopResponseWriter) Write(b []byte) (int, error)   { return 0, io.EOF }
+func (nopResponseWriter) Flush() error                  { return nil }
+
+func TestMux(t *testing.T) {
+	type Test struct {
+		URL      string
+		Pattern  string
+		Redirect string
+		NotFound bool
+	}
+
+	tests := []struct {
+		Patterns []string
+		Tests    []Test
+	}{
+		{
+			Patterns: []string{"/a", "/b/", "/b/c/d", "/b/c/d/"},
+			Tests: []Test{
+				{
+					URL:      "gemini://example.com",
+					Redirect: "gemini://example.com/",
+				},
+				{
+					URL:      "gemini://example.com/",
+					NotFound: true,
+				},
+				{
+					URL:      "gemini://example.com/c",
+					NotFound: true,
+				},
+				{
+					URL:     "gemini://example.com/a",
+					Pattern: "/a",
+				},
+				{
+					URL:      "gemini://example.com/a/",
+					NotFound: true,
+				},
+				{
+					URL:      "gemini://example.com/b",
+					Redirect: "gemini://example.com/b/",
+				},
+				{
+					URL:     "gemini://example.com/b/",
+					Pattern: "/b/",
+				},
+				{
+					URL:     "gemini://example.com/b/c",
+					Pattern: "/b/",
+				},
+				{
+					URL:     "gemini://example.com/b/c/d",
+					Pattern: "/b/c/d",
+				},
+				{
+					URL:     "gemini://example.com/b/c/d/e/",
+					Pattern: "/b/c/d/",
+				},
+			},
+		},
+		{
+			Patterns: []string{
+				"/", "/a", "/b/",
+				"example.com", "example.com/a", "example.com/b/",
+				"*.example.com", "*.example.com/a", "*.example.com/b/",
+			},
+			Tests: []Test{
+				{
+					URL:     "gemini://example.net/",
+					Pattern: "/",
+				},
+				{
+					URL:     "gemini://example.net/a",
+					Pattern: "/a",
+				},
+				{
+					URL:      "gemini://example.net/b",
+					Redirect: "gemini://example.net/b/",
+				},
+				{
+					URL:     "gemini://example.net/b/",
+					Pattern: "/b/",
+				},
+				{
+					URL:     "gemini://example.com/",
+					Pattern: "example.com",
+				},
+				{
+					URL:      "gemini://example.com/b",
+					Redirect: "gemini://example.com/b/",
+				},
+				{
+					URL:     "gemini://example.com/b/",
+					Pattern: "example.com/b/",
+				},
+				{
+					URL:     "gemini://a.example.com/",
+					Pattern: "*.example.com",
+				},
+				{
+					URL:     "gemini://b.example.com/a",
+					Pattern: "*.example.com/a",
+				},
+				{
+					URL:      "gemini://c.example.com/b",
+					Redirect: "gemini://c.example.com/b/",
+				},
+				{
+					URL:     "gemini://d.example.com/b/",
+					Pattern: "*.example.com/b/",
+				},
+			},
+		},
+		{
+			Patterns: []string{"example.net", "*.example.org"},
+			Tests: []Test{
+				{
+					// The following redirect occurs as a result of cleaning
+					// the path provided to the Mux. This happens even if there
+					// are no matching handlers.
+					URL:      "gemini://example.com",
+					Redirect: "gemini://example.com/",
+				},
+				{
+					URL:      "gemini://example.com/",
+					NotFound: true,
+				},
+				{
+					URL:      "gemini://example.net",
+					Redirect: "gemini://example.net/",
+				},
+				{
+					URL:      "gemini://example.org/",
+					NotFound: true,
+				},
+				{
+					URL:      "gemini://gemini.example.org",
+					Redirect: "gemini://gemini.example.org/",
+				},
+			},
+		},
+	}
+
+	for _, test := range tests {
+		type handler struct {
+			nopHandler
+			Pattern string
+		}
+
+		mux := &Mux{}
+		for _, pattern := range test.Patterns {
+			mux.Handle(pattern, &handler{
+				Pattern: pattern,
+			})
+		}
+
+		for _, test := range test.Tests {
+			u, err := url.Parse(test.URL)
+			if err != nil {
+				panic(err)
+			}
+
+			req := &Request{URL: u}
+
+			h := mux.Handler(req)
+
+			if h, ok := h.(*handler); ok {
+				if h.Pattern != test.Pattern {
+					t.Errorf("wrong pattern for %q: expected %q, got %q", test.URL, test.Pattern, h.Pattern)
+				}
+				continue
+			}
+
+			// Check redirects and NotFounds
+			w := &nopResponseWriter{}
+			h.ServeGemini(context.Background(), w, req)
+
+			switch w.Status {
+			case StatusNotFound:
+				if !test.NotFound {
+					t.Errorf("expected pattern for %q, got NotFound", test.URL)
+				}
+
+			case StatusPermanentRedirect:
+				if test.Redirect == "" {
+					t.Errorf("expected pattern for %q, got redirect to %q", test.URL, w.Meta)
+					break
+				}
+
+				res, err := url.Parse(test.Redirect)
+				if err != nil {
+					panic(err)
+				}
+				if w.Meta != res.String() {
+					t.Errorf("bad redirect for %q: expected %q, got %q", test.URL, res.String(), w.Meta)
+				}
+
+			default:
+				t.Errorf("unexpected response for %q: %d %s", test.URL, w.Status, w.Meta)
+			}
+		}
+	}
+}
+
+func TestMuxMatch(t *testing.T) {
+	type Match struct {
+		URL string
+		Ok  bool
+	}
+
+	tests := []struct {
+		Pattern string
+		Matches []Match
+	}{
+		{
+			// hostname: *, path: /*
+			Pattern: "/",
+			Matches: []Match{
+				{"gemini://example.com/path", true},
+				{"gemini://example.com/", true},
+				{"gemini://example.com/path.gmi", true},
+				{"gemini://example.com/path/", true},
+				{"gemini://example.org/path", true},
+				{"http://example.com/path", false},
+				{"http://example.org/path", false},
+			},
+		},
+		{
+			// hostname: *, path: /path
+			Pattern: "/path",
+			Matches: []Match{
+				{"gemini://example.com/path", true},
+				{"gemini://example.com/", false},
+				{"gemini://example.com/path.gmi", false},
+				{"gemini://example.com/path/", false},
+				{"gemini://example.org/path", true},
+				{"http://example.com/path", false},
+				{"http://example.org/path", false},
+			},
+		},
+		{
+			// hostname: *, path: /subtree/*
+			Pattern: "/subtree/",
+			Matches: []Match{
+				{"gemini://example.com/subtree/", true},
+				{"gemini://example.com/subtree/nested/", true},
+				{"gemini://example.com/subtree/nested/file", true},
+				{"gemini://example.org/subtree/", true},
+				{"gemini://example.org/subtree/nested/", true},
+				{"gemini://example.org/subtree/nested/file", true},
+				{"gemini://example.com/subtree", false},
+				{"gemini://www.example.com/subtree/", true},
+				{"http://example.com/subtree/", false},
+			},
+		},
+		{
+			// hostname: example.com, path: /*
+			Pattern: "example.com",
+			Matches: []Match{
+				{"gemini://example.com/path", true},
+				{"gemini://example.com/", true},
+				{"gemini://example.com/path.gmi", true},
+				{"gemini://example.com/path/", true},
+				{"gemini://example.org/path", false},
+				{"http://example.com/path", false},
+				{"http://example.org/path", false},
+			},
+		},
+		{
+			// hostname: example.com, path: /path
+			Pattern: "example.com/path",
+			Matches: []Match{
+				{"gemini://example.com/path", true},
+				{"gemini://example.com/", false},
+				{"gemini://example.com/path.gmi", false},
+				{"gemini://example.com/path/", false},
+				{"gemini://example.org/path", false},
+				{"http://example.com/path", false},
+				{"http://example.org/path", false},
+			},
+		},
+		{
+			// hostname: example.com, path: /subtree/*
+			Pattern: "example.com/subtree/",
+			Matches: []Match{
+				{"gemini://example.com/subtree/", true},
+				{"gemini://example.com/subtree/nested/", true},
+				{"gemini://example.com/subtree/nested/file", true},
+				{"gemini://example.org/subtree/", false},
+				{"gemini://example.org/subtree/nested/", false},
+				{"gemini://example.org/subtree/nested/file", false},
+				{"gemini://example.com/subtree", false},
+				{"gemini://www.example.com/subtree/", false},
+				{"http://example.com/subtree/", false},
+			},
+		},
+		{
+			// scheme: gemini, hostname: *.example.com, path: /*
+			Pattern: "*.example.com",
+			Matches: []Match{
+				{"gemini://mail.example.com/", true},
+				{"gemini://www.example.com/index.gmi", true},
+				{"gemini://example.com/", false},
+				{"gemini://a.b.example.com/", false},
+				{"http://www.example.com/", false},
+			},
+		},
+	}
+
+	for _, test := range tests {
+		h := &nopHandler{}
+		var mux Mux
+		mux.Handle(test.Pattern, h)
+
+		for _, match := range test.Matches {
+			u, err := url.Parse(match.URL)
+			if err != nil {
+				panic(err)
+			}
+			got := mux.Handler(&Request{URL: u})
+			if match.Ok {
+				if h != got {
+					t.Errorf("expected %s to match %s", test.Pattern, match.URL)
+				}
+			} else {
+				if h == got {
+					t.Errorf("expected %s not to match %s", test.Pattern, match.URL)
+				}
+			}
+		}
+	}
+}
--- a/query.go
+++ b/query.go
@ -0,0 +1,19 @@
+package gemini
+
+import (
+	"net/url"
+	"strings"
+)
+
+// QueryEscape escapes a string for use in a Gemini URL query.
+// It is like url.PathEscape except that it also replaces plus signs
+// with their percent-encoded counterpart.
+func QueryEscape(query string) string {
+	return strings.ReplaceAll(url.PathEscape(query), "+", "%2B")
+}
+
+// QueryUnescape unescapes a Gemini URL query.
+// It is identical to url.PathUnescape.
+func QueryUnescape(query string) (string, error) {
+	return url.PathUnescape(query)
+}
--- a/request.go
+++ b/request.go
@ -3,90 +3,105 @@ package gemini
 import (
 	"bufio"
 	"crypto/tls"
-	"net"
+	"io"
 	"net/url"
 )

-// Request represents a Gemini request.
+// A Request represents a Gemini request received by a server or to be sent
+// by a client.
 type Request struct {
 	// URL specifies the URL being requested.
 	URL *url.URL

-	// For client requests, Host specifies the host on which the URL is sought.
-	// Host must contain a port.
-	// This field is ignored by the server.
+	// For client requests, Host optionally specifies the server to
+	// connect to. It may be of the form "host" or "host:port".
+	// If empty, the value of URL.Host is used.
+	// For international domain names, Host may be in Punycode or
+	// Unicode form. Use golang.org/x/net/idna to convert it to
+	// either format if needed.
+	// This field is ignored by the Gemini server.
 	Host string

-	// Certificate specifies the TLS certificate to use for the request.
-	// Request certificates take precedence over client certificates.
-	// This field is ignored by the server.
+	// For client requests, Certificate optionally specifies the
+	// TLS certificate to present to the other side of the connection.
+	// This field is ignored by the Gemini server.
 	Certificate *tls.Certificate

-	// RemoteAddr allows servers and other software to record the network
-	// address that sent the request.
-	// This field is ignored by the client.
-	RemoteAddr net.Addr
-
-	// TLS allows servers and other software to record information about the TLS
-	// connection on which the request was received.
-	// This field is ignored by the client.
-	TLS tls.ConnectionState
+	TLS *tls.ConnectionState
 }

-// hostname returns the host without the port.
-func hostname(host string) string {
-	hostname, _, err := net.SplitHostPort(host)
-	if err != nil {
-		return host
-	}
-	return hostname
-}
-
-// NewRequest returns a new request. The host is inferred from the provided URL.
+// NewRequest returns a new request.
+// The returned Request is suitable for use with Client.Do.
+//
+// Callers should be careful that the URL query is properly escaped.
+// See the documentation for QueryEscape for more information.
 func NewRequest(rawurl string) (*Request, error) {
 	u, err := url.Parse(rawurl)
 	if err != nil {
 		return nil, err
 	}
-
-	// If there is no port, use the default port of 1965
-	host := u.Host
-	if u.Port() == "" {
-		host += ":1965"
-	}
-
-	return &Request{
-		Host: host,
-		URL:  u,
-	}, nil
+	return &Request{URL: u}, nil
 }

-// NewRequestTo returns a new request for the provided URL to the provided host.
-// The host must contain a port.
-func NewRequestTo(rawurl, host string) (*Request, error) {
-	u, err := url.Parse(rawurl)
+// ReadRequest reads and parses an incoming request from r.
+//
+// ReadRequest is a low-level function and should only be used
+// for specialized applications; most code should use the Server
+// to read requests and handle them via the Handler interface.
+func ReadRequest(r io.Reader) (*Request, error) {
+	// Limit request size
+	r = io.LimitReader(r, 1026)
+	br := bufio.NewReaderSize(r, 1026)
+	b, err := br.ReadBytes('\n')
+	if err != nil {
+		if err == io.EOF {
+			return nil, ErrInvalidRequest
+		}
+		return nil, err
+	}
+	// Read URL
+	rawurl, ok := trimCRLF(b)
+	if !ok {
+		return nil, ErrInvalidRequest
+	}
+	if len(rawurl) == 0 {
+		return nil, ErrInvalidRequest
+	}
+	u, err := url.Parse(string(rawurl))
 	if err != nil {
 		return nil, err
 	}
-
-	return &Request{
-		Host: host,
-		URL:  u,
-	}, nil
+	return &Request{URL: u}, nil
 }

-// write writes the Gemini request to the provided buffered writer.
-func (r *Request) write(w *bufio.Writer) error {
+// WriteTo writes r to w in the Gemini request format.
+// This method consults the request URL only.
+func (r *Request) WriteTo(w io.Writer) (int64, error) {
+	bw := bufio.NewWriterSize(w, 1026)
 	url := r.URL.String()
-	// User is invalid
-	if r.URL.User != nil || len(url) > 1024 {
-		return ErrInvalidURL
+	if len(url) > 1024 {
+		return 0, ErrInvalidRequest
 	}
-	if _, err := w.WriteString(url); err != nil {
-		return err
+	var wrote int64
+	n, err := bw.WriteString(url)
+	wrote += int64(n)
+	if err != nil {
+		return wrote, err
 	}
-	if _, err := w.Write(crlf); err != nil {
-		return err
+	n, err = bw.Write(crlf)
+	wrote += int64(n)
+	if err != nil {
+		return wrote, err
 	}
-	return nil
+	return wrote, bw.Flush()
+}
+
+// ServerName returns the value of the TLS Server Name Indication extension
+// sent by the client.
+// ServerName returns an empty string for client requests.
+func (r *Request) ServerName() string {
+	if tls := r.TLS; tls != nil {
+		return tls.ServerName
+	}
+	return ""
 }
--- a/request_test.go
+++ b/request_test.go
@ -0,0 +1,131 @@
+package gemini
+
+import (
+	"bufio"
+	"net/url"
+	"strings"
+	"testing"
+)
+
+// 1024 bytes
+const maxURL = "gemini://example.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+
+func TestReadRequest(t *testing.T) {
+	tests := []struct {
+		Raw string
+		URL *url.URL
+		Err error
+	}{
+		{
+			Raw: "gemini://example.com\r\n",
+			URL: &url.URL{
+				Scheme: "gemini",
+				Host:   "example.com",
+			},
+		},
+		{
+			Raw: "http://example.org/path/?query#fragment\r\n",
+			URL: &url.URL{
+				Scheme:   "http",
+				Host:     "example.org",
+				Path:     "/path/",
+				RawQuery: "query",
+				Fragment: "fragment",
+			},
+		},
+		{
+			Raw: "\r\n",
+			Err: ErrInvalidRequest,
+		},
+		{
+			Raw: "gemini://example.com\n",
+			Err: ErrInvalidRequest,
+		},
+		{
+			Raw: "gemini://example.com",
+			Err: ErrInvalidRequest,
+		},
+		{
+			// 1030 bytes
+			Raw: maxURL + "xxxxxx",
+			Err: ErrInvalidRequest,
+		},
+		{
+			// 1027 bytes
+			Raw: maxURL + "x" + "\r\n",
+			Err: ErrInvalidRequest,
+		},
+		{
+			// 1024 bytes
+			Raw: maxURL[:len(maxURL)-2] + "\r\n",
+			URL: &url.URL{
+				Scheme: "gemini",
+				Host:   "example.net",
+				Path:   maxURL[len("gemini://example.net") : len(maxURL)-2],
+			},
+		},
+	}
+
+	for _, test := range tests {
+		t.Logf("%#v", test.Raw)
+		req, err := ReadRequest(strings.NewReader(test.Raw))
+		if err != test.Err {
+			t.Errorf("expected err = %v, got %v", test.Err, err)
+		}
+		if req == nil && test.URL != nil {
+			t.Errorf("expected url = %s, got nil", test.URL)
+		} else if req != nil && test.URL == nil {
+			t.Errorf("expected req = nil, got %v", req)
+		} else if req != nil && *req.URL != *test.URL {
+			t.Errorf("expected url = %v, got %v", *test.URL, *req.URL)
+		}
+	}
+}
+
+func newRequest(rawurl string) *Request {
+	req, err := NewRequest(rawurl)
+	if err != nil {
+		panic(err)
+	}
+	return req
+}
+
+func TestWriteRequest(t *testing.T) {
+	tests := []struct {
+		Req *Request
+		Raw string
+		Err error
+	}{
+		{
+			Req: newRequest("gemini://example.com"),
+			Raw: "gemini://example.com\r\n",
+		},
+		{
+			Req: newRequest("gemini://example.com/path/?query#fragment"),
+			Raw: "gemini://example.com/path/?query#fragment\r\n",
+		},
+		{
+			Req: newRequest(maxURL),
+			Raw: maxURL + "\r\n",
+		},
+		{
+			Req: newRequest(maxURL + "x"),
+			Err: ErrInvalidRequest,
+		},
+	}
+
+	for _, test := range tests {
+		t.Logf("%s", test.Req.URL)
+		var b strings.Builder
+		bw := bufio.NewWriter(&b)
+		_, err := test.Req.WriteTo(bw)
+		if err != test.Err {
+			t.Errorf("expected err = %v, got %v", test.Err, err)
+		}
+		bw.Flush()
+		got := b.String()
+		if got != test.Raw {
+			t.Errorf("expected %#v, got %#v", test.Raw, got)
+		}
+	}
+}
--- a/response.go
+++ b/response.go
@ -3,83 +3,232 @@ package gemini
 import (
 	"bufio"
 	"crypto/tls"
-	"io/ioutil"
+	"fmt"
+	"io"
+	"net"
 	"strconv"
 )

-// Response is a Gemini response.
-type Response struct {
-	// Status represents the response status.
-	Status int
+// The default media type for responses.
+const defaultMediaType = "text/gemini"

-	// Meta contains more information related to the response status.
-	// For successful responses, Meta should contain the mimetype of the response.
-	// For failure responses, Meta should contain a short description of the failure.
-	// Meta should not be longer than 1024 bytes.
+// Response represents the response from a Gemini request.
+//
+// The Client returns Responses from servers once the response
+// header has been received. The response body is streamed on demand
+// as the Body field is read.
+type Response struct {
+	// Status is the response status code.
+	Status Status
+
+	// Meta returns the response meta.
+	// For successful responses, the meta should contain the media type of the response.
+	// For failure responses, the meta should contain a short description of the failure.
 	Meta string

-	// Body contains the response body.
-	Body []byte
+	// Body represents the response body.
+	//
+	// The response body is streamed on demand as the Body field
+	// is read. If the network connection fails or the server
+	// terminates the response, Body.Read calls return an error.
+	//
+	// The Gemini client guarantees that Body is always
+	// non-nil, even on responses without a body or responses with
+	// a zero-length body. It is the caller's responsibility to
+	// close Body.
+	Body io.ReadCloser

-	// TLS contains information about the TLS connection on which the response
-	// was received.
-	TLS tls.ConnectionState
+	conn net.Conn
 }

-// read reads a Gemini response from the provided buffered reader.
-func (resp *Response) read(r *bufio.Reader) error {
-	// Read the status
-	statusB := make([]byte, 2)
-	if _, err := r.Read(statusB); err != nil {
-		return err
-	}
-	status, err := strconv.Atoi(string(statusB))
-	if err != nil {
-		return err
-	}
-	resp.Status = status
+// ReadResponse reads a Gemini response from the provided io.ReadCloser.
+func ReadResponse(r io.ReadCloser) (*Response, error) {
+	resp := &Response{}

-	// Disregard invalid status codes
-	const minStatus, maxStatus = 1, 6
-	statusClass := status / 10
-	if statusClass < minStatus || statusClass > maxStatus {
-		return ErrInvalidResponse
+	// Limit response header size
+	lr := io.LimitReader(r, 1029)
+	// Wrap the reader to remove the limit later on
+	wr := &struct{ io.Reader }{lr}
+	br := bufio.NewReader(wr)
+
+	// Read response header
+	b, err := br.ReadBytes('\n')
+	if err != nil {
+		if err == io.EOF {
+			return nil, ErrInvalidResponse
+		}
+		return nil, err
 	}
+	if len(b) < 3 {
+		return nil, ErrInvalidResponse
+	}
+
+	// Read the status
+	status, err := strconv.Atoi(string(b[:2]))
+	if err != nil {
+		return nil, ErrInvalidResponse
+	}
+	resp.Status = Status(status)

 	// Read one space
-	if b, err := r.ReadByte(); err != nil {
-		return err
-	} else if b != ' ' {
-		return ErrInvalidResponse
+	if b[2] != ' ' {
+		return nil, ErrInvalidResponse
 	}

 	// Read the meta
-	meta, err := r.ReadString('\r')
-	if err != nil {
-		return err
+	meta, ok := trimCRLF(b[3:])
+	if !ok {
+		return nil, ErrInvalidResponse
 	}
-	// Trim carriage return
-	meta = meta[:len(meta)-1]
-	// Ensure meta is less than or equal to 1024 bytes
-	if len(meta) > 1024 {
-		return ErrInvalidResponse
+	if len(meta) == 0 {
+		return nil, ErrInvalidResponse
 	}
-	resp.Meta = meta
+	resp.Meta = string(meta)

-	// Read terminating newline
-	if b, err := r.ReadByte(); err != nil {
-		return err
-	} else if b != '\n' {
-		return ErrInvalidResponse
-	}
+	if resp.Status.Class() == StatusSuccess {
+		// Use unlimited reader
+		wr.Reader = r

-	// Read response body
-	if status/10 == StatusClassSuccess {
-		var err error
-		resp.Body, err = ioutil.ReadAll(r)
-		if err != nil {
-			return err
+		type readCloser struct {
+			io.Reader
+			io.Closer
 		}
+		resp.Body = readCloser{br, r}
+	} else {
+		resp.Body = nopReadCloser{}
+		r.Close()
+	}
+	return resp, nil
+}
+
+// Conn returns the network connection on which the response was received.
+func (r *Response) Conn() net.Conn {
+	return r.conn
+}
+
+// TLS returns information about the TLS connection on which the
+// response was received.
+func (r *Response) TLS() *tls.ConnectionState {
+	if tlsConn, ok := r.conn.(*tls.Conn); ok {
+		state := tlsConn.ConnectionState()
+		return &state
 	}
 	return nil
 }
+
+// WriteTo writes r to w in the Gemini response format, including the
+// header and body.
+//
+// This method consults the Status, Meta, and Body fields of the response.
+// The Response Body is closed after it is sent.
+func (r *Response) WriteTo(w io.Writer) (int64, error) {
+	var wrote int64
+	n, err := fmt.Fprintf(w, "%02d %s\r\n", r.Status, r.Meta)
+	wrote += int64(n)
+	if err != nil {
+		return wrote, err
+	}
+	if r.Body != nil {
+		defer r.Body.Close()
+		n, err := io.Copy(w, r.Body)
+		wrote += n
+		if err != nil {
+			return wrote, err
+		}
+	}
+	return wrote, nil
+}
+
+// A ResponseWriter interface is used by a Gemini handler to construct
+// a Gemini response.
+//
+// A ResponseWriter may not be used after the Handler.ServeGemini method
+// has returned.
+type ResponseWriter interface {
+	// SetMediaType sets the media type that will be sent by Write for a
+	// successful response. If no media type is set, a default media type of
+	// "text/gemini" will be used.
+	//
+	// Setting the media type after a call to Write or WriteHeader has
+	// no effect.
+	SetMediaType(mediatype string)
+
+	// Write writes the data to the connection as part of a Gemini response.
+	//
+	// If WriteHeader has not yet been called, Write calls WriteHeader with
+	// StatusSuccess and the media type set in SetMediaType before writing the data.
+	// If no media type was set, Write uses a default media type of
+	// "text/gemini".
+	Write([]byte) (int, error)
+
+	// WriteHeader sends a Gemini response header with the provided
+	// status code and meta.
+	//
+	// If WriteHeader is not called explicitly, the first call to Write
+	// will trigger an implicit call to WriteHeader with a successful
+	// status code and the media type set in SetMediaType.
+	//
+	// The provided code must be a valid Gemini status code.
+	// The provided meta must not be longer than 1024 bytes.
+	// Only one header may be written.
+	WriteHeader(status Status, meta string)
+
+	// Flush sends any buffered data to the client.
+	Flush() error
+}
+
+type responseWriter struct {
+	bw          *bufio.Writer
+	mediatype   string
+	wroteHeader bool
+	bodyAllowed bool
+}
+
+func newResponseWriter(w io.Writer) *responseWriter {
+	return &responseWriter{
+		bw: bufio.NewWriter(w),
+	}
+}
+
+func (w *responseWriter) SetMediaType(mediatype string) {
+	w.mediatype = mediatype
+}
+
+func (w *responseWriter) Write(b []byte) (int, error) {
+	if !w.wroteHeader {
+		meta := w.mediatype
+		if meta == "" {
+			// Use default media type
+			meta = defaultMediaType
+		}
+		w.WriteHeader(StatusSuccess, meta)
+	}
+	if !w.bodyAllowed {
+		return 0, ErrBodyNotAllowed
+	}
+	return w.bw.Write(b)
+}
+
+func (w *responseWriter) WriteHeader(status Status, meta string) {
+	if w.wroteHeader {
+		return
+	}
+
+	if status.Class() == StatusSuccess {
+		w.bodyAllowed = true
+	}
+
+	w.bw.WriteString(strconv.Itoa(int(status)))
+	w.bw.WriteByte(' ')
+	w.bw.WriteString(meta)
+	w.bw.Write(crlf)
+	w.wroteHeader = true
+}
+
+func (w *responseWriter) Flush() error {
+	if !w.wroteHeader {
+		w.WriteHeader(StatusTemporaryFailure, "Temporary failure")
+	}
+	// Write errors from WriteHeader will be returned here.
+	return w.bw.Flush()
+}
--- a/response_test.go
+++ b/response_test.go
@ -0,0 +1,135 @@
+package gemini
+
+import (
+	"io"
+	"io/ioutil"
+	"strings"
+	"testing"
+)
+
+func TestReadWriteResponse(t *testing.T) {
+	tests := []struct {
+		Raw       string
+		Status    Status
+		Meta      string
+		Body      string
+		Err       error
+		SkipWrite bool
+	}{
+		{
+			Raw:    "20 text/gemini\r\nHello, world!\nWelcome to my capsule.",
+			Status: 20,
+			Meta:   "text/gemini",
+			Body:   "Hello, world!\nWelcome to my capsule.",
+		},
+		{
+			Raw:    "10 Search query\r\n",
+			Status: 10,
+			Meta:   "Search query",
+		},
+		{
+			Raw:    "30 /redirect\r\n",
+			Status: 30,
+			Meta:   "/redirect",
+		},
+		{
+			Raw:       "31 /redirect\r\nThis body is ignored.",
+			Status:    31,
+			Meta:      "/redirect",
+			SkipWrite: true, // skip write test since result won't match Raw
+		},
+		{
+			Raw:    "32 " + maxURL + "\r\n",
+			Status: 32,
+			Meta:   maxURL,
+		},
+		{
+			Raw: "33 " + maxURL + "xxxx" + "\r\n",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw:    "99 Unknown status code\r\n",
+			Status: 99,
+			Meta:   "Unknown status code",
+		},
+		{
+			Raw: "\r\n",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "\n",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "1 Bad response\r\n",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "10 Search query",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "20 text/gemini\nHello, world!",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "20 text/gemini\rHello, world!",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "20 text/gemini\r",
+			Err: ErrInvalidResponse,
+		},
+		{
+			Raw: "abcdefghijklmnopqrstuvwxyz",
+			Err: ErrInvalidResponse,
+		},
+	}
+
+	for _, test := range tests {
+		t.Logf("%#v", test.Raw)
+		resp, err := ReadResponse(ioutil.NopCloser(strings.NewReader(test.Raw)))
+		if err != test.Err {
+			t.Errorf("expected err = %v, got %v", test.Err, err)
+		}
+		if err != nil {
+			// No response
+			continue
+		}
+		if resp.Status != test.Status {
+			t.Errorf("expected status = %d, got %d", test.Status, resp.Status)
+		}
+		if resp.Meta != test.Meta {
+			t.Errorf("expected meta = %s, got %s", test.Meta, resp.Meta)
+		}
+		b, _ := ioutil.ReadAll(resp.Body)
+		body := string(b)
+		if body != test.Body {
+			t.Errorf("expected body = %#v, got %#v", test.Body, body)
+		}
+	}
+
+	for _, test := range tests {
+		if test.Err != nil || test.SkipWrite {
+			continue
+		}
+
+		var b strings.Builder
+		w := newResponseWriter(nopCloser{&b})
+		w.WriteHeader(test.Status, test.Meta)
+		io.Copy(w, strings.NewReader(test.Body))
+		if err := w.Flush(); err != nil {
+			t.Error(err)
+			continue
+		}
+
+		got := b.String()
+		if got != test.Raw {
+			t.Errorf("expected %#v, got %#v", test.Raw, got)
+		}
+	}
+}
--- a/server.go
+++ b/server.go
@ -1,113 +1,267 @@
 package gemini

 import (
-	"bufio"
+	"context"
 	"crypto/tls"
-	"crypto/x509"
+	"errors"
 	"log"
 	"net"
-	"net/url"
-	"path"
-	"sort"
-	"strconv"
-	"strings"
 	"sync"
 	"time"
 )

-// Server is a Gemini server.
+// A Server defines parameters for running a Gemini server. The zero value for
+// Server is a valid configuration.
 type Server struct {
-	// Addr specifies the address that the server should listen on.
-	// If Addr is empty, the server will listen on the address ":1965".
+	// Addr optionally specifies the TCP address for the server to listen on,
+	// in the form "host:port". If empty, ":1965" (port 1965) is used.
+	// See net.Dial for details of the address format.
 	Addr string

-	// CertificateStore contains the certificates used by the server.
-	CertificateStore CertificateStore
+	// The Handler to invoke.
+	Handler Handler

-	// GetCertificate, if not nil, will be called to retrieve the certificate
-	// to use for a given hostname.
-	// If the certificate is nil, the connection will be aborted.
-	GetCertificate func(hostname string, store *CertificateStore) *tls.Certificate
+	// ReadTimeout is the maximum duration for reading the entire
+	// request.
+	//
+	// A ReadTimeout of zero means no timeout.
+	ReadTimeout time.Duration

-	// registered responders
-	responders map[responderKey]Responder
+	// WriteTimeout is the maximum duration before timing out
+	// writes of the response.
+	//
+	// A WriteTimeout of zero means no timeout.
+	WriteTimeout time.Duration
+
+	// GetCertificate returns a TLS certificate based on the given
+	// hostname.
+	//
+	// If GetCertificate is nil or returns nil, then no certificate
+	// will be used and the connection will be aborted.
+	//
+	// See the certificate submodule for a certificate store that creates
+	// and rotates certificates as needed.
+	GetCertificate func(hostname string) (*tls.Certificate, error)
+
+	// ErrorLog specifies an optional logger for errors accepting connections,
+	// unexpected behavior from handlers, and underlying file system errors.
+	// If nil, logging is done via the log package's standard logger.
+	ErrorLog interface {
+		Printf(format string, v ...interface{})
+	}
+
+	listeners map[*net.Listener]context.CancelFunc
+	conns     map[*net.Conn]context.CancelFunc
+	closed    bool // true if Close or Shutdown called
+	shutdown  bool // true if Shutdown called
+	doneChan  chan struct{}
+	mu        sync.Mutex
 }

-type responderKey struct {
-	scheme   string
-	hostname string
-	wildcard bool
+func (srv *Server) isClosed() bool {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	return srv.closed
 }

-// Register registers a responder for the given pattern.
-// Patterns must be in the form of scheme://hostname (e.g. gemini://example.com).
-// If no scheme is specified, a default scheme of gemini:// is assumed.
-// Wildcard patterns are supported (e.g. *.example.com).
-func (s *Server) Register(pattern string, responder Responder) {
-	if pattern == "" {
-		panic("gemini: invalid pattern")
-	}
-	if responder == nil {
-		panic("gemini: nil responder")
-	}
-	if s.responders == nil {
-		s.responders = map[responderKey]Responder{}
-	}
-
-	split := strings.SplitN(pattern, "://", 2)
-	var key responderKey
-	if len(split) == 2 {
-		key.scheme = split[0]
-		key.hostname = split[1]
-	} else {
-		key.scheme = "gemini"
-		key.hostname = split[0]
-	}
-	split = strings.SplitN(key.hostname, ".", 2)
-	if len(split) == 2 && split[0] == "*" {
-		key.hostname = split[1]
-		key.wildcard = true
-	}
-
-	s.responders[key] = responder
+// done returns a channel that's closed when the server is closed and
+// all listeners and connections are closed.
+func (srv *Server) done() chan struct{} {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	return srv.doneLocked()
 }

-// RegisterFunc registers a responder function for the given pattern.
-func (s *Server) RegisterFunc(pattern string, responder func(*ResponseWriter, *Request)) {
-	s.Register(pattern, ResponderFunc(responder))
+func (srv *Server) doneLocked() chan struct{} {
+	if srv.doneChan == nil {
+		srv.doneChan = make(chan struct{})
+	}
+	return srv.doneChan
+}
+
+// tryCloseDone closes srv.done() if the server is closed and
+// there are no active listeners or connections.
+func (srv *Server) tryCloseDone() {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	srv.tryCloseDoneLocked()
+}
+
+func (srv *Server) tryCloseDoneLocked() {
+	if !srv.closed {
+		return
+	}
+	if len(srv.listeners) == 0 && len(srv.conns) == 0 {
+		ch := srv.doneLocked()
+		select {
+		case <-ch:
+		default:
+			close(ch)
+		}
+	}
+}
+
+// Close immediately closes all active net.Listeners and connections.
+// For a graceful shutdown, use Shutdown.
+func (srv *Server) Close() error {
+	srv.mu.Lock()
+	{
+		if srv.closed {
+			srv.mu.Unlock()
+			return nil
+		}
+		srv.closed = true
+
+		srv.tryCloseDoneLocked()
+
+		// Close all active connections and listeners.
+		for _, cancel := range srv.listeners {
+			cancel()
+		}
+		for _, cancel := range srv.conns {
+			cancel()
+		}
+	}
+	srv.mu.Unlock()
+
+	select {
+	case <-srv.done():
+		return nil
+	}
+}
+
+// Shutdown gracefully shuts down the server without interrupting any
+// active connections. Shutdown works by first closing all open listeners
+// and then waiting indefinitely for connections to close.
+// If the provided context expires before the shutdown is complete,
+// Shutdown returns the context's error.
+//
+// When Shutdown is called, Serve and ListenAndServe immediately
+// return an error. Make sure the program doesn't exit and waits instead for
+// Shutdown to return.
+//
+// Once Shutdown has been called on a server, it may not be reused;
+// future calls to methods such as Serve will return an error.
+func (srv *Server) Shutdown(ctx context.Context) error {
+	srv.mu.Lock()
+	{
+		if srv.closed {
+			srv.mu.Unlock()
+			return nil
+		}
+		srv.closed = true
+		srv.shutdown = true
+
+		srv.tryCloseDoneLocked()
+
+		// Close all active listeners.
+		for _, cancel := range srv.listeners {
+			cancel()
+		}
+	}
+	srv.mu.Unlock()
+
+	// Wait for active connections to finish.
+	select {
+	case <-ctx.Done():
+		return ctx.Err()
+	case <-srv.done():
+		return nil
+	}
 }

 // ListenAndServe listens for requests at the server's configured address.
-func (s *Server) ListenAndServe() error {
-	addr := s.Addr
+// ListenAndServe listens on the TCP network address srv.Addr and then calls
+// Serve to handle requests on incoming connections. If the provided
+// context expires, ListenAndServe closes l and returns the context's error.
+//
+// If srv.Addr is blank, ":1965" is used.
+//
+// ListenAndServe always returns a non-nil error.
+// After Shutdown or Closed, the returned error is context.Canceled.
+func (srv *Server) ListenAndServe(ctx context.Context) error {
+	if srv.isClosed() {
+		return context.Canceled
+	}
+
+	addr := srv.Addr
 	if addr == "" {
 		addr = ":1965"
 	}

-	ln, err := net.Listen("tcp", addr)
+	l, err := net.Listen("tcp", addr)
 	if err != nil {
 		return err
 	}
-	defer ln.Close()

-	config := &tls.Config{
-		ClientAuth: tls.RequestClientCert,
-		MinVersion: tls.VersionTLS12,
-		GetCertificate: func(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
-			if s.GetCertificate != nil {
-				return s.GetCertificate(h.ServerName, &s.CertificateStore), nil
-			}
-			return s.CertificateStore.Lookup(h.ServerName)
-		},
-	}
-	tlsListener := tls.NewListener(ln, config)
-	return s.Serve(tlsListener)
+	l = tls.NewListener(l, &tls.Config{
+		ClientAuth:     tls.RequestClientCert,
+		MinVersion:     tls.VersionTLS12,
+		GetCertificate: srv.getCertificate,
+	})
+	return srv.Serve(ctx, l)
 }

-// Serve listens for requests on the provided listener.
-func (s *Server) Serve(l net.Listener) error {
-	var tempDelay time.Duration // how long to sleep on accept failure
+func (srv *Server) getCertificate(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
+	if srv.GetCertificate == nil {
+		return nil, errors.New("gemini: GetCertificate is nil")
+	}
+	return srv.GetCertificate(h.ServerName)
+}

+func (srv *Server) trackListener(l *net.Listener, cancel context.CancelFunc) bool {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	if srv.closed {
+		return false
+	}
+	if srv.listeners == nil {
+		srv.listeners = make(map[*net.Listener]context.CancelFunc)
+	}
+	srv.listeners[l] = cancel
+	return true
+}
+
+func (srv *Server) deleteListener(l *net.Listener) {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	delete(srv.listeners, l)
+}
+
+// Serve accepts incoming connections on the Listener l, creating a new
+// service goroutine for each. The service goroutines read the requests and
+// then call the appropriate Handler to reply to them. If the provided
+// context expires, Serve closes l and returns the context's error.
+//
+// Serve always closes l and returns a non-nil error.
+// After Shutdown or Close, the returned error is context.Canceled.
+func (srv *Server) Serve(ctx context.Context, l net.Listener) error {
+	defer l.Close()
+
+	lnctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	if !srv.trackListener(&l, cancel) {
+		return context.Canceled
+	}
+	defer srv.tryCloseDone()
+	defer srv.deleteListener(&l)
+
+	errch := make(chan error, 1)
+	go func() {
+		errch <- srv.serve(ctx, l)
+	}()
+
+	select {
+	case <-lnctx.Done():
+		return lnctx.Err()
+	case err := <-errch:
+		return err
+	}
+}
+
+func (srv *Server) serve(ctx context.Context, l net.Listener) error {
+	var tempDelay time.Duration // how long to sleep on accept failure
 	for {
 		rw, err := l.Accept()
 		if err != nil {
@ -121,410 +275,121 @@ func (s *Server) Serve(l net.Listener) error {
 				if max := 1 * time.Second; tempDelay > max {
 					tempDelay = max
 				}
-				log.Printf("gemini: Accept error: %v; retrying in %v", err, tempDelay)
+				srv.logf("gemini: Accept error: %v; retrying in %v", err, tempDelay)
 				time.Sleep(tempDelay)
 				continue
 			}
-
-			// Otherwise, return the error
 			return err
 		}
-
 		tempDelay = 0
-		go s.respond(rw)
+		go srv.serveConn(ctx, rw, false)
 	}
 }

-// respond responds to a connection.
-func (s *Server) respond(conn net.Conn) {
-	r := bufio.NewReader(conn)
-	w := newResponseWriter(conn)
-	// Read requested URL
-	rawurl, err := r.ReadString('\r')
+func (srv *Server) trackConn(conn *net.Conn, cancel context.CancelFunc, external bool) bool {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	// Reject the connection under the following conditions:
+	// - Shutdown or Close has been called and conn is external (from ServeConn)
+	// - Close (not Shutdown) has been called and conn is internal (from Serve)
+	if srv.closed && (external || !srv.shutdown) {
+		return false
+	}
+	if srv.conns == nil {
+		srv.conns = make(map[*net.Conn]context.CancelFunc)
+	}
+	srv.conns[conn] = cancel
+	return true
+}
+
+func (srv *Server) deleteConn(conn *net.Conn) {
+	srv.mu.Lock()
+	defer srv.mu.Unlock()
+	delete(srv.conns, conn)
+}
+
+// ServeConn serves a Gemini response over the provided connection.
+// It closes the connection when the response has been completed.
+// If the provided context expires before the response has completed,
+// ServeConn closes the connection and returns the context's error.
+func (srv *Server) ServeConn(ctx context.Context, conn net.Conn) error {
+	return srv.serveConn(ctx, conn, true)
+}
+
+func (srv *Server) serveConn(ctx context.Context, conn net.Conn, external bool) error {
+	defer conn.Close()
+
+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	if !srv.trackConn(&conn, cancel, external) {
+		return context.Canceled
+	}
+	defer srv.tryCloseDone()
+	defer srv.deleteConn(&conn)
+
+	if d := srv.ReadTimeout; d != 0 {
+		conn.SetReadDeadline(time.Now().Add(d))
+	}
+	if d := srv.WriteTimeout; d != 0 {
+		conn.SetWriteDeadline(time.Now().Add(d))
+	}
+
+	errch := make(chan error, 1)
+	go func() {
+		errch <- srv.goServeConn(ctx, conn)
+	}()
+
+	select {
+	case <-ctx.Done():
+		return ctx.Err()
+	case err := <-errch:
+		return err
+	}
+}
+
+func (srv *Server) goServeConn(ctx context.Context, conn net.Conn) error {
+	ctx, cancel := context.WithCancel(ctx)
+	done := ctx.Done()
+	cw := &contextWriter{
+		ctx:    ctx,
+		done:   done,
+		cancel: cancel,
+		wc:     conn,
+	}
+	r := &contextReader{
+		ctx:    ctx,
+		done:   done,
+		cancel: cancel,
+		rc:     conn,
+	}
+
+	w := newResponseWriter(cw)
+
+	req, err := ReadRequest(r)
 	if err != nil {
-		return
+		w.WriteHeader(StatusBadRequest, "Bad request")
+		return w.Flush()
 	}
-	// Read terminating line feed
-	if b, err := r.ReadByte(); err != nil {
-		return
-	} else if b != '\n' {
-		w.WriteHeader(StatusBadRequest, "Bad request")
+	if tlsConn, ok := conn.(*tls.Conn); ok {
+		state := tlsConn.ConnectionState()
+		req.TLS = &state
 	}
-	// Trim carriage return
-	rawurl = rawurl[:len(rawurl)-1]
-	// Ensure URL is valid
-	if len(rawurl) > 1024 {
-		w.WriteHeader(StatusBadRequest, "Bad request")
-	} else if url, err := url.Parse(rawurl); err != nil || url.User != nil {
-		// Note that we return an error status if User is specified in the URL
-		w.WriteHeader(StatusBadRequest, "Bad request")
+
+	h := srv.Handler
+	if h == nil {
+		w.WriteHeader(StatusNotFound, "Not found")
+		return w.Flush()
+	}
+
+	h.ServeGemini(ctx, w, req)
+	return w.Flush()
+}
+
+func (srv *Server) logf(format string, args ...interface{}) {
+	if srv.ErrorLog != nil {
+		srv.ErrorLog.Printf(format, args...)
 	} else {
-		// If no scheme is specified, assume a default scheme of gemini://
-		if url.Scheme == "" {
-			url.Scheme = "gemini"
-		}
-		req := &Request{
-			URL:        url,
-			RemoteAddr: conn.RemoteAddr(),
-			TLS:        conn.(*tls.Conn).ConnectionState(),
-		}
-		s.responder(req).Respond(w, req)
-	}
-	w.b.Flush()
-	conn.Close()
-}
-
-func (s *Server) responder(r *Request) Responder {
-	if h, ok := s.responders[responderKey{r.URL.Scheme, r.URL.Hostname(), false}]; ok {
-		return h
-	}
-	wildcard := strings.SplitN(r.URL.Hostname(), ".", 2)
-	if len(wildcard) == 2 {
-		if h, ok := s.responders[responderKey{r.URL.Scheme, wildcard[1], true}]; ok {
-			return h
-		}
-	}
-	return ResponderFunc(NotFound)
-}
-
-// ResponseWriter is used by a Gemini handler to construct a Gemini response.
-type ResponseWriter struct {
-	b           *bufio.Writer
-	bodyAllowed bool
-	wroteHeader bool
-	mimetype    string
-}
-
-func newResponseWriter(conn net.Conn) *ResponseWriter {
-	return &ResponseWriter{
-		b: bufio.NewWriter(conn),
+		log.Printf(format, args...)
 	}
 }
-
-// WriteHeader writes the response header.
-// If the header has already been written, WriteHeader does nothing.
-//
-// Meta contains more information related to the response status.
-// For successful responses, Meta should contain the mimetype of the response.
-// For failure responses, Meta should contain a short description of the failure.
-// Meta should not be longer than 1024 bytes.
-func (w *ResponseWriter) WriteHeader(status int, meta string) {
-	if w.wroteHeader {
-		return
-	}
-	w.b.WriteString(strconv.Itoa(status))
-	w.b.WriteByte(' ')
-	w.b.WriteString(meta)
-	w.b.Write(crlf)
-
-	// Only allow body to be written on successful status codes.
-	if status/10 == StatusClassSuccess {
-		w.bodyAllowed = true
-	}
-	w.wroteHeader = true
-}
-
-// SetMimetype sets the mimetype that will be written for a successful response.
-// The provided mimetype will only be used if Write is called without calling
-// WriteHeader.
-// If the mimetype is not set, it will default to "text/gemini".
-func (w *ResponseWriter) SetMimetype(mimetype string) {
-	w.mimetype = mimetype
-}
-
-// Write writes the response body.
-// If the response status does not allow for a response body, Write returns
-// ErrBodyNotAllowed.
-//
-// If WriteHeader has not yet been called, Write calls
-// WriteHeader(StatusSuccess, mimetype) where mimetype is the mimetype set in
-// SetMimetype. If no mimetype is set, a default of "text/gemini" will be used.
-func (w *ResponseWriter) Write(b []byte) (int, error) {
-	if !w.wroteHeader {
-		mimetype := w.mimetype
-		if mimetype == "" {
-			mimetype = "text/gemini"
-		}
-		w.WriteHeader(StatusSuccess, mimetype)
-	}
-	if !w.bodyAllowed {
-		return 0, ErrBodyNotAllowed
-	}
-	return w.b.Write(b)
-}
-
-// A Responder responds to a Gemini request.
-type Responder interface {
-	// Respond accepts a Request and constructs a Response.
-	Respond(*ResponseWriter, *Request)
-}
-
-// Input returns the request query.
-// If no input is provided, it responds with StatusInput.
-func Input(w *ResponseWriter, r *Request, prompt string) (string, bool) {
-	if r.URL.ForceQuery || r.URL.RawQuery != "" {
-		return r.URL.RawQuery, true
-	}
-	w.WriteHeader(StatusInput, prompt)
-	return "", false
-}
-
-// SensitiveInput returns the request query.
-// If no input is provided, it responds with StatusSensitiveInput.
-func SensitiveInput(w *ResponseWriter, r *Request, prompt string) (string, bool) {
-	if r.URL.ForceQuery || r.URL.RawQuery != "" {
-		return r.URL.RawQuery, true
-	}
-	w.WriteHeader(StatusSensitiveInput, prompt)
-	return "", false
-}
-
-// Redirect replies to the request with a redirect to the given URL.
-func Redirect(w *ResponseWriter, r *Request, url string) {
-	w.WriteHeader(StatusRedirect, url)
-}
-
-// PermanentRedirect replies to the request with a permanent redirect to the given URL.
-func PermanentRedirect(w *ResponseWriter, r *Request, url string) {
-	w.WriteHeader(StatusRedirectPermanent, url)
-}
-
-// NotFound replies to the request with the NotFound status code.
-func NotFound(w *ResponseWriter, r *Request) {
-	w.WriteHeader(StatusNotFound, "Not found")
-}
-
-// Gone replies to the request with the Gone status code.
-func Gone(w *ResponseWriter, r *Request) {
-	w.WriteHeader(StatusGone, "Gone")
-}
-
-// CertificateRequired responds to the request with the CertificateRequired
-// status code.
-func CertificateRequired(w *ResponseWriter, r *Request) {
-	w.WriteHeader(StatusCertificateRequired, "Certificate required")
-}
-
-// CertificateNotAuthorized responds to the request with
-// the CertificateNotAuthorized status code.
-func CertificateNotAuthorized(w *ResponseWriter, r *Request) {
-	w.WriteHeader(StatusCertificateNotAuthorized, "Certificate not authorized")
-}
-
-// Certificate returns the request certificate. If one is not provided,
-// it returns nil and responds with StatusCertificateRequired.
-func Certificate(w *ResponseWriter, r *Request) (*x509.Certificate, bool) {
-	if len(r.TLS.PeerCertificates) == 0 {
-		CertificateRequired(w, r)
-		return nil, false
-	}
-	return r.TLS.PeerCertificates[0], true
-}
-
-// ResponderFunc is a wrapper around a bare function that implements Responder.
-type ResponderFunc func(*ResponseWriter, *Request)
-
-func (f ResponderFunc) Respond(w *ResponseWriter, r *Request) {
-	f(w, r)
-}
-
-// The following code is modified from the net/http package.
-
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// ServeMux is a Gemini request multiplexer.
-// It matches the URL of each incoming request against a list of registered
-// patterns and calls the handler for the pattern that
-// most closely matches the URL.
-//
-// Patterns name fixed, rooted paths, like "/favicon.ico",
-// or rooted subtrees, like "/images/" (note the trailing slash).
-// Longer patterns take precedence over shorter ones, so that
-// if there are handlers registered for both "/images/"
-// and "/images/thumbnails/", the latter handler will be
-// called for paths beginning "/images/thumbnails/" and the
-// former will receive requests for any other paths in the
-// "/images/" subtree.
-//
-// Note that since a pattern ending in a slash names a rooted subtree,
-// the pattern "/" matches all paths not matched by other registered
-// patterns, not just the URL with Path == "/".
-//
-// If a subtree has been registered and a request is received naming the
-// subtree root without its trailing slash, ServeMux redirects that
-// request to the subtree root (adding the trailing slash). This behavior can
-// be overridden with a separate registration for the path without
-// the trailing slash. For example, registering "/images/" causes ServeMux
-// to redirect a request for "/images" to "/images/", unless "/images" has
-// been registered separately.
-//
-// ServeMux also takes care of sanitizing the URL request path and
-// redirecting any request containing . or .. elements or repeated slashes
-// to an equivalent, cleaner URL.
-type ServeMux struct {
-	mu sync.RWMutex
-	m  map[string]muxEntry
-	es []muxEntry // slice of entries sorted from longest to shortest.
-}
-
-type muxEntry struct {
-	r       Responder
-	pattern string
-}
-
-// cleanPath returns the canonical path for p, eliminating . and .. elements.
-func cleanPath(p string) string {
-	if p == "" {
-		return "/"
-	}
-	if p[0] != '/' {
-		p = "/" + p
-	}
-	np := path.Clean(p)
-	// path.Clean removes trailing slash except for root;
-	// put the trailing slash back if necessary.
-	if p[len(p)-1] == '/' && np != "/" {
-		// Fast path for common case of p being the string we want:
-		if len(p) == len(np)+1 && strings.HasPrefix(p, np) {
-			np = p
-		} else {
-			np += "/"
-		}
-	}
-	return np
-}
-
-// Find a handler on a handler map given a path string.
-// Most-specific (longest) pattern wins.
-func (mux *ServeMux) match(path string) Responder {
-	// Check for exact match first.
-	v, ok := mux.m[path]
-	if ok {
-		return v.r
-	}
-
-	// Check for longest valid match.  mux.es contains all patterns
-	// that end in / sorted from longest to shortest.
-	for _, e := range mux.es {
-		if strings.HasPrefix(path, e.pattern) {
-			return e.r
-		}
-	}
-	return nil
-}
-
-// redirectToPathSlash determines if the given path needs appending "/" to it.
-// This occurs when a handler for path + "/" was already registered, but
-// not for path itself. If the path needs appending to, it creates a new
-// URL, setting the path to u.Path + "/" and returning true to indicate so.
-func (mux *ServeMux) redirectToPathSlash(path string, u *url.URL) (*url.URL, bool) {
-	mux.mu.RLock()
-	shouldRedirect := mux.shouldRedirectRLocked(path)
-	mux.mu.RUnlock()
-	if !shouldRedirect {
-		return u, false
-	}
-	path = path + "/"
-	u = &url.URL{Path: path, RawQuery: u.RawQuery}
-	return u, true
-}
-
-// shouldRedirectRLocked reports whether the given path and host should be redirected to
-// path+"/". This should happen if a handler is registered for path+"/" but
-// not path -- see comments at ServeMux.
-func (mux *ServeMux) shouldRedirectRLocked(path string) bool {
-	if _, exist := mux.m[path]; exist {
-		return false
-	}
-
-	n := len(path)
-	if n == 0 {
-		return false
-	}
-	if _, exist := mux.m[path+"/"]; exist {
-		return path[n-1] != '/'
-	}
-
-	return false
-}
-
-// Respond dispatches the request to the responder whose
-// pattern most closely matches the request URL.
-func (mux *ServeMux) Respond(w *ResponseWriter, r *Request) {
-	path := cleanPath(r.URL.Path)
-
-	// If the given path is /tree and its handler is not registered,
-	// redirect for /tree/.
-	if u, ok := mux.redirectToPathSlash(path, r.URL); ok {
-		Redirect(w, r, u.String())
-		return
-	}
-
-	if path != r.URL.Path {
-		u := *r.URL
-		u.Path = path
-		Redirect(w, r, u.String())
-		return
-	}
-
-	mux.mu.RLock()
-	defer mux.mu.RUnlock()
-
-	resp := mux.match(path)
-	if resp == nil {
-		NotFound(w, r)
-		return
-	}
-	resp.Respond(w, r)
-}
-
-// Handle registers the responder for the given pattern.
-// If a responder already exists for pattern, Handle panics.
-func (mux *ServeMux) Handle(pattern string, responder Responder) {
-	mux.mu.Lock()
-	defer mux.mu.Unlock()
-
-	if pattern == "" {
-		panic("gemini: invalid pattern")
-	}
-	if responder == nil {
-		panic("gemini: nil responder")
-	}
-	if _, exist := mux.m[pattern]; exist {
-		panic("gemini: multiple registrations for " + pattern)
-	}
-
-	if mux.m == nil {
-		mux.m = make(map[string]muxEntry)
-	}
-	e := muxEntry{responder, pattern}
-	mux.m[pattern] = e
-	if pattern[len(pattern)-1] == '/' {
-		mux.es = appendSorted(mux.es, e)
-	}
-}
-
-func appendSorted(es []muxEntry, e muxEntry) []muxEntry {
-	n := len(es)
-	i := sort.Search(n, func(i int) bool {
-		return len(es[i].pattern) < len(e.pattern)
-	})
-	if i == n {
-		return append(es, e)
-	}
-	// we now know that i points at where we want to insert
-	es = append(es, muxEntry{}) // try to grow the slice in place, any entry works.
-	copy(es[i+1:], es[i:])      // move shorter entries down
-	es[i] = e
-	return es
-}
-
-// HandleFunc registers the responder function for the given pattern.
-func (mux *ServeMux) HandleFunc(pattern string, responder func(*ResponseWriter, *Request)) {
-	if responder == nil {
-		panic("gemini: nil responder")
-	}
-	mux.Handle(pattern, ResponderFunc(responder))
-}
--- a/status.go
+++ b/status.go
@ -0,0 +1,76 @@
+package gemini
+
+// Status represents a Gemini status code.
+type Status int
+
+// Gemini status codes.
+const (
+	StatusInput                    Status = 10
+	StatusSensitiveInput           Status = 11
+	StatusSuccess                  Status = 20
+	StatusRedirect                 Status = 30
+	StatusPermanentRedirect        Status = 31
+	StatusTemporaryFailure         Status = 40
+	StatusServerUnavailable        Status = 41
+	StatusCGIError                 Status = 42
+	StatusProxyError               Status = 43
+	StatusSlowDown                 Status = 44
+	StatusPermanentFailure         Status = 50
+	StatusNotFound                 Status = 51
+	StatusGone                     Status = 52
+	StatusProxyRequestRefused      Status = 53
+	StatusBadRequest               Status = 59
+	StatusCertificateRequired      Status = 60
+	StatusCertificateNotAuthorized Status = 61
+	StatusCertificateNotValid      Status = 62
+)
+
+// Class returns the status class for the status code.
+// 1x becomes 10, 2x becomes 20, and so on.
+func (s Status) Class() Status {
+	return (s / 10) * 10
+}
+
+// String returns a text for the status code.
+// It returns the empty string if the status code is unknown.
+func (s Status) String() string {
+	switch s {
+	case StatusInput:
+		return "Input"
+	case StatusSensitiveInput:
+		return "Sensitive input"
+	case StatusSuccess:
+		return "Success"
+	case StatusRedirect:
+		return "Redirect"
+	case StatusPermanentRedirect:
+		return "Permanent redirect"
+	case StatusTemporaryFailure:
+		return "Temporary failure"
+	case StatusServerUnavailable:
+		return "Server unavailable"
+	case StatusCGIError:
+		return "CGI error"
+	case StatusProxyError:
+		return "Proxy error"
+	case StatusSlowDown:
+		return "Slow down"
+	case StatusPermanentFailure:
+		return "Permanent failure"
+	case StatusNotFound:
+		return "Not found"
+	case StatusGone:
+		return "Gone"
+	case StatusProxyRequestRefused:
+		return "Proxy request refused"
+	case StatusBadRequest:
+		return "Bad request"
+	case StatusCertificateRequired:
+		return "Certificate required"
+	case StatusCertificateNotAuthorized:
+		return "Certificate not authorized"
+	case StatusCertificateNotValid:
+		return "Certificate not valid"
+	}
+	return ""
+}
--- a/text.go
+++ b/text.go
@ -3,45 +3,45 @@ package gemini
 import (
 	"bufio"
 	"fmt"
-	"html"
 	"io"
 	"strings"
 )

 // Line represents a line of a Gemini text response.
 type Line interface {
+	// String formats the line for use in a Gemini text response.
 	String() string
 	line() // private function to prevent other packages from implementing Line
 }

-// A link line.
+// LineLink is a link line.
 type LineLink struct {
 	URL  string
 	Name string
 }

-// A preformatting toggle line.
+// LinePreformattingToggle is a preformatting toggle line.
 type LinePreformattingToggle string

-// A preformatted text line.
+// LinePreformattedText is a preformatted text line.
 type LinePreformattedText string

-// A first-level heading line.
+// LineHeading1 is a first-level heading line.
 type LineHeading1 string

-// A second-level heading line.
+// LineHeading2 is a second-level heading line.
 type LineHeading2 string

-// A third-level heading line.
+// LineHeading3 is a third-level heading line.
 type LineHeading3 string

-// An unordered list item line.
+// LineListItem is an unordered list item line.
 type LineListItem string

-// A quote line.
+// LineQuote is a quote line.
 type LineQuote string

-// A text line.
+// LineText is a text line.
 type LineText string

 func (l LineLink) String() string {
@ -88,58 +88,70 @@ func (l LineText) line()                {}
 // Text represents a Gemini text response.
 type Text []Line

-// Parse parses Gemini text from the provided io.Reader.
-func Parse(r io.Reader) Text {
-	const spacetab = " \t"
+// ParseText parses Gemini text from the provided io.Reader.
+func ParseText(r io.Reader) (Text, error) {
 	var t Text
+	err := ParseLines(r, func(line Line) {
+		t = append(t, line)
+	})
+	return t, err
+}
+
+// ParseLines parses Gemini text from the provided io.Reader.
+// It calls handler with each line that it parses.
+func ParseLines(r io.Reader, handler func(Line)) error {
+	const spacetab = " \t"
 	var pre bool
 	scanner := bufio.NewScanner(r)
 	for scanner.Scan() {
-		line := scanner.Text()
-		if strings.HasPrefix(line, "```") {
+		var line Line
+		text := scanner.Text()
+		if strings.HasPrefix(text, "```") {
 			pre = !pre
-			line = line[3:]
-			t = append(t, LinePreformattingToggle(line))
+			text = text[3:]
+			line = LinePreformattingToggle(text)
 		} else if pre {
-			t = append(t, LinePreformattedText(line))
-		} else if strings.HasPrefix(line, "=>") {
-			line = line[2:]
-			line = strings.TrimLeft(line, spacetab)
-			split := strings.IndexAny(line, spacetab)
+			line = LinePreformattedText(text)
+		} else if strings.HasPrefix(text, "=>") {
+			text = text[2:]
+			text = strings.TrimLeft(text, spacetab)
+			split := strings.IndexAny(text, spacetab)
 			if split == -1 {
-				// line is a URL
-				t = append(t, LineLink{URL: line})
+				// text is a URL
+				line = LineLink{URL: text}
 			} else {
-				url := line[:split]
-				name := line[split:]
+				url := text[:split]
+				name := text[split:]
 				name = strings.TrimLeft(name, spacetab)
-				t = append(t, LineLink{url, name})
+				line = LineLink{url, name}
 			}
-		} else if strings.HasPrefix(line, "*") {
-			line = line[1:]
-			line = strings.TrimLeft(line, spacetab)
-			t = append(t, LineListItem(line))
-		} else if strings.HasPrefix(line, "###") {
-			line = line[3:]
-			line = strings.TrimLeft(line, spacetab)
-			t = append(t, LineHeading3(line))
-		} else if strings.HasPrefix(line, "##") {
-			line = line[2:]
-			line = strings.TrimLeft(line, spacetab)
-			t = append(t, LineHeading2(line))
-		} else if strings.HasPrefix(line, "#") {
-			line = line[1:]
-			line = strings.TrimLeft(line, spacetab)
-			t = append(t, LineHeading1(line))
-		} else if strings.HasPrefix(line, ">") {
-			line = line[1:]
-			line = strings.TrimLeft(line, spacetab)
-			t = append(t, LineQuote(line))
+		} else if strings.HasPrefix(text, "* ") {
+			text = text[2:]
+			text = strings.TrimLeft(text, spacetab)
+			line = LineListItem(text)
+		} else if strings.HasPrefix(text, "###") {
+			text = text[3:]
+			text = strings.TrimLeft(text, spacetab)
+			line = LineHeading3(text)
+		} else if strings.HasPrefix(text, "##") {
+			text = text[2:]
+			text = strings.TrimLeft(text, spacetab)
+			line = LineHeading2(text)
+		} else if strings.HasPrefix(text, "#") {
+			text = text[1:]
+			text = strings.TrimLeft(text, spacetab)
+			line = LineHeading1(text)
+		} else if strings.HasPrefix(text, ">") {
+			text = text[1:]
+			text = strings.TrimLeft(text, spacetab)
+			line = LineQuote(text)
 		} else {
-			t = append(t, LineText(line))
+			line = LineText(text)
 		}
+		handler(line)
 	}
-	return t
+
+	return scanner.Err()
 }

 // String writes the Gemini text response to a string and returns it.
@ -151,70 +163,3 @@ func (t Text) String() string {
 	}
 	return b.String()
 }
-
-// HTML returns the Gemini text response as HTML.
-func (t Text) HTML() string {
-	var b strings.Builder
-	var pre bool
-	var list bool
-	for _, l := range t {
-		if _, ok := l.(LineListItem); ok {
-			if !list {
-				list = true
-				fmt.Fprint(&b, "<ul>\n")
-			}
-		} else if list {
-			list = false
-			fmt.Fprint(&b, "</ul>\n")
-		}
-		switch l.(type) {
-		case LineLink:
-			link := l.(LineLink)
-			url := html.EscapeString(link.URL)
-			name := html.EscapeString(link.Name)
-			if name == "" {
-				name = url
-			}
-			fmt.Fprintf(&b, "<p><a href='%s'>%s</a></p>\n", url, name)
-		case LinePreformattingToggle:
-			pre = !pre
-			if pre {
-				fmt.Fprint(&b, "<pre>\n")
-			} else {
-				fmt.Fprint(&b, "</pre>\n")
-			}
-		case LinePreformattedText:
-			text := string(l.(LinePreformattedText))
-			fmt.Fprintf(&b, "%s\n", html.EscapeString(text))
-		case LineHeading1:
-			text := string(l.(LineHeading1))
-			fmt.Fprintf(&b, "<h1>%s</h1>\n", html.EscapeString(text))
-		case LineHeading2:
-			text := string(l.(LineHeading2))
-			fmt.Fprintf(&b, "<h2>%s</h2>\n", html.EscapeString(text))
-		case LineHeading3:
-			text := string(l.(LineHeading3))
-			fmt.Fprintf(&b, "<h3>%s</h3>\n", html.EscapeString(text))
-		case LineListItem:
-			text := string(l.(LineListItem))
-			fmt.Fprintf(&b, "<li>%s</li>\n", html.EscapeString(text))
-		case LineQuote:
-			text := string(l.(LineQuote))
-			fmt.Fprintf(&b, "<blockquote>%s</blockquote>\n", html.EscapeString(text))
-		case LineText:
-			text := string(l.(LineText))
-			if text == "" {
-				fmt.Fprint(&b, "<br>\n")
-			} else {
-				fmt.Fprintf(&b, "<p>%s</p>\n", html.EscapeString(text))
-			}
-		}
-	}
-	if pre {
-		fmt.Fprint(&b, "</pre>\n")
-	}
-	if list {
-		fmt.Fprint(&b, "</ul>\n")
-	}
-	return b.String()
-}
--- a/tofu.go
+++ b/tofu.go
@ -1,197 +0,0 @@
-package gemini
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/sha512"
-	"crypto/x509"
-	"fmt"
-	"io"
-	"os"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"time"
-)
-
-// KnownHosts represents a list of known hosts.
-// The zero value for KnownHosts is an empty list ready to use.
-type KnownHosts struct {
-	hosts map[string]certInfo
-	file  *os.File
-}
-
-// LoadDefault loads the known hosts from the default known hosts path, which is
-// $XDG_DATA_HOME/gemini/known_hosts.
-// It creates the path and any of its parent directories if they do not exist.
-// KnownHosts will append to the file whenever a certificate is added.
-func (k *KnownHosts) LoadDefault() error {
-	path, err := defaultKnownHostsPath()
-	if err != nil {
-		return err
-	}
-	return k.Load(path)
-}
-
-// Load loads the known hosts from the provided path.
-// It creates the path and any of its parent directories if they do not exist.
-// KnownHosts will append to the file whenever a certificate is added.
-func (k *KnownHosts) Load(path string) error {
-	if dir := filepath.Dir(path); dir != "." {
-		err := os.MkdirAll(dir, 0755)
-		if err != nil {
-			return err
-		}
-	}
-	f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644)
-	if err != nil {
-		return err
-	}
-	k.Parse(f)
-	f.Close()
-	// Open the file for append-only use
-	f, err = os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644)
-	if err != nil {
-		return err
-	}
-	k.file = f
-	return nil
-}
-
-// Add adds a certificate to the list of known hosts.
-// If KnownHosts was loaded from a file, Add will append to the file.
-func (k *KnownHosts) Add(hostname string, cert *x509.Certificate) {
-	k.add(hostname, cert, true)
-}
-
-// AddTemporary adds a certificate to the list of known hosts
-// without writing it to the known hosts file.
-func (k *KnownHosts) AddTemporary(hostname string, cert *x509.Certificate) {
-	k.add(hostname, cert, false)
-}
-
-func (k *KnownHosts) add(hostname string, cert *x509.Certificate, write bool) {
-	if k.hosts == nil {
-		k.hosts = map[string]certInfo{}
-	}
-	info := certInfo{
-		Algorithm:   "SHA-512",
-		Fingerprint: Fingerprint(cert),
-		Expires:     cert.NotAfter.Unix(),
-	}
-	k.hosts[hostname] = info
-	// Append to the file
-	if write && k.file != nil {
-		appendKnownHost(k.file, hostname, info)
-	}
-}
-
-// Lookup looks for the provided certificate in the list of known hosts.
-// If the hostname is in the list, but the fingerprint differs,
-// Lookup returns ErrCertificateNotTrusted.
-// If the hostname is not in the list, Lookup returns ErrCertificateUnknown.
-// If the certificate is found and the fingerprint matches, error will be nil.
-func (k *KnownHosts) Lookup(hostname string, cert *x509.Certificate) error {
-	now := time.Now().Unix()
-	fingerprint := Fingerprint(cert)
-	if c, ok := k.hosts[hostname]; ok {
-		if c.Expires <= now {
-			// Certificate is expired
-			return ErrCertificateUnknown
-		}
-		if c.Fingerprint != fingerprint {
-			// Fingerprint does not match
-			return ErrCertificateNotTrusted
-		}
-		// Certificate is trusted
-		return nil
-	}
-	return ErrCertificateUnknown
-}
-
-// Parse parses the provided reader and adds the parsed known hosts to the list.
-// Invalid lines are ignored.
-func (k *KnownHosts) Parse(r io.Reader) {
-	if k.hosts == nil {
-		k.hosts = map[string]certInfo{}
-	}
-	scanner := bufio.NewScanner(r)
-	for scanner.Scan() {
-		text := scanner.Text()
-		parts := strings.Split(text, " ")
-		if len(parts) < 4 {
-			continue
-		}
-
-		hostname := parts[0]
-		algorithm := parts[1]
-		if algorithm != "SHA-512" {
-			continue
-		}
-		fingerprint := parts[2]
-		expires, err := strconv.ParseInt(parts[3], 10, 0)
-		if err != nil {
-			continue
-		}
-
-		k.hosts[hostname] = certInfo{
-			Algorithm:   algorithm,
-			Fingerprint: fingerprint,
-			Expires:     expires,
-		}
-	}
-}
-
-// Write writes the known hosts to the provided io.Writer.
-func (k *KnownHosts) Write(w io.Writer) {
-	for h, c := range k.hosts {
-		appendKnownHost(w, h, c)
-	}
-}
-
-type certInfo struct {
-	Algorithm   string // fingerprint algorithm e.g. SHA-512
-	Fingerprint string // fingerprint in hexadecimal, with ':' between each octet
-	Expires     int64  // unix time of certificate notAfter date
-}
-
-func appendKnownHost(w io.Writer, hostname string, c certInfo) (int, error) {
-	return fmt.Fprintf(w, "%s %s %s %d\n", hostname, c.Algorithm, c.Fingerprint, c.Expires)
-}
-
-// Fingerprint returns the SHA-512 fingerprint of the provided certificate.
-func Fingerprint(cert *x509.Certificate) string {
-	sum512 := sha512.Sum512(cert.Raw)
-	var buf bytes.Buffer
-	for i, f := range sum512 {
-		if i > 0 {
-			fmt.Fprintf(&buf, ":")
-		}
-		fmt.Fprintf(&buf, "%02X", f)
-	}
-	return buf.String()
-}
-
-// defaultKnownHostsPath returns the default known_hosts path.
-// The default path is $XDG_DATA_HOME/gemini/known_hosts
-func defaultKnownHostsPath() (string, error) {
-	dataDir, err := userDataDir()
-	if err != nil {
-		return "", err
-	}
-	return filepath.Join(dataDir, "gemini", "known_hosts"), nil
-}
-
-// userDataDir returns the user data directory.
-func userDataDir() (string, error) {
-	dataDir, ok := os.LookupEnv("XDG_DATA_HOME")
-	if ok {
-		return dataDir, nil
-	}
-
-	home, err := os.UserHomeDir()
-	if err != nil {
-		return "", err
-	}
-	return filepath.Join(home, ".local", "share"), nil
-}
--- a/tofu/tofu.go
+++ b/tofu/tofu.go
@ -0,0 +1,336 @@
+// Package tofu implements trust on first use using hosts and fingerprints.
+package tofu
+
+import (
+	"bufio"
+	"bytes"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"sync"
+)
+
+// KnownHosts represents a list of known hosts.
+// The zero value for KnownHosts represents an empty list ready to use.
+//
+// KnownHosts is safe for concurrent use by multiple goroutines.
+type KnownHosts struct {
+	hosts map[string]Host
+	mu    sync.RWMutex
+}
+
+// Add adds a host to the list of known hosts.
+func (k *KnownHosts) Add(h Host) {
+	k.mu.Lock()
+	defer k.mu.Unlock()
+	if k.hosts == nil {
+		k.hosts = map[string]Host{}
+	}
+
+	k.hosts[h.Hostname] = h
+}
+
+// Lookup returns the known host entry corresponding to the given hostname.
+func (k *KnownHosts) Lookup(hostname string) (Host, bool) {
+	k.mu.RLock()
+	defer k.mu.RUnlock()
+	c, ok := k.hosts[hostname]
+	return c, ok
+}
+
+// Entries returns the known host entries sorted by hostname.
+func (k *KnownHosts) Entries() []Host {
+	keys := make([]string, 0, len(k.hosts))
+	for key := range k.hosts {
+		keys = append(keys, key)
+	}
+	sort.Strings(keys)
+
+	hosts := make([]Host, 0, len(k.hosts))
+	for _, key := range keys {
+		hosts = append(hosts, k.hosts[key])
+	}
+	return hosts
+}
+
+// WriteTo writes the list of known hosts to the provided io.Writer.
+func (k *KnownHosts) WriteTo(w io.Writer) (int64, error) {
+	k.mu.RLock()
+	defer k.mu.RUnlock()
+
+	var written int
+
+	bw := bufio.NewWriter(w)
+	for _, h := range k.hosts {
+		n, err := bw.WriteString(h.String())
+		written += n
+		if err != nil {
+			return int64(written), err
+		}
+
+		bw.WriteByte('\n')
+		written += 1
+	}
+
+	return int64(written), bw.Flush()
+}
+
+// Load loads the known hosts entries from the provided path.
+func (k *KnownHosts) Load(path string) error {
+	if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil {
+		return err
+	}
+
+	f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	return k.Parse(f)
+}
+
+// Parse parses the provided io.Reader and adds the parsed hosts to the list.
+// Invalid entries are ignored.
+//
+// For more control over errors encountered during parsing, use bufio.Scanner
+// in combination with ParseHost. For example:
+//
+//    var knownHosts tofu.KnownHosts
+//    scanner := bufio.NewScanner(r)
+//    for scanner.Scan() {
+//        host, err := tofu.ParseHost(scanner.Bytes())
+//        if err != nil {
+//            // handle error
+//        } else {
+//            knownHosts.Add(host)
+//        }
+//    }
+//    err := scanner.Err()
+//    if err != nil {
+//        // handle error
+//    }
+//
+func (k *KnownHosts) Parse(r io.Reader) error {
+	k.mu.Lock()
+	defer k.mu.Unlock()
+
+	if k.hosts == nil {
+		k.hosts = map[string]Host{}
+	}
+
+	scanner := bufio.NewScanner(r)
+	for scanner.Scan() {
+		text := scanner.Bytes()
+		if len(text) == 0 {
+			continue
+		}
+
+		h, err := ParseHost(text)
+		if err != nil {
+			continue
+		}
+		if h.Algorithm != "sha256" {
+			continue
+		}
+
+		k.hosts[h.Hostname] = h
+	}
+
+	return scanner.Err()
+}
+
+// TOFU implements basic trust on first use.
+//
+// If the host is not on file, it is added to the list.
+// If the fingerprint does not match the one on file, an error is returned.
+func (k *KnownHosts) TOFU(hostname string, cert *x509.Certificate) error {
+	host := NewHost(hostname, cert.Raw)
+	knownHost, ok := k.Lookup(hostname)
+	if !ok {
+		k.Add(host)
+		return nil
+	}
+	if host.Fingerprint != knownHost.Fingerprint {
+		return fmt.Errorf("fingerprint for %q does not match", hostname)
+	}
+	return nil
+}
+
+// HostWriter writes host entries to an io.WriteCloser.
+//
+// HostWriter is safe for concurrent use by multiple goroutines.
+type HostWriter struct {
+	bw *bufio.Writer
+	cl io.Closer
+	mu sync.Mutex
+}
+
+// NewHostWriter returns a new host writer that writes to
+// the provided io.WriteCloser.
+func NewHostWriter(w io.WriteCloser) *HostWriter {
+	return &HostWriter{
+		bw: bufio.NewWriter(w),
+		cl: w,
+	}
+}
+
+// OpenHostsFile returns a new host writer that appends to the file at the given path.
+// The file is created if it does not exist.
+func OpenHostsFile(path string) (*HostWriter, error) {
+	f, err := os.OpenFile(path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		return nil, err
+	}
+	return NewHostWriter(f), nil
+}
+
+// WriteHost writes the host to the underlying io.Writer.
+func (h *HostWriter) WriteHost(host Host) error {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+
+	h.bw.WriteString(host.String())
+	h.bw.WriteByte('\n')
+
+	if err := h.bw.Flush(); err != nil {
+		return fmt.Errorf("failed to write host: %w", err)
+	}
+	return nil
+}
+
+// Close closes the underlying io.Closer.
+func (h *HostWriter) Close() error {
+	h.mu.Lock()
+	defer h.mu.Unlock()
+	return h.cl.Close()
+}
+
+// PersistentHosts represents a persistent set of known hosts.
+type PersistentHosts struct {
+	hosts  *KnownHosts
+	writer *HostWriter
+}
+
+// NewPersistentHosts returns a new persistent set of known hosts that stores
+// known hosts in hosts and writes new hosts to writer.
+func NewPersistentHosts(hosts *KnownHosts, writer *HostWriter) *PersistentHosts {
+	return &PersistentHosts{
+		hosts,
+		writer,
+	}
+}
+
+// LoadPersistentHosts loads persistent hosts from the file at the given path.
+func LoadPersistentHosts(path string) (*PersistentHosts, error) {
+	hosts := &KnownHosts{}
+	if err := hosts.Load(path); err != nil {
+		return nil, err
+	}
+	writer, err := OpenHostsFile(path)
+	if err != nil {
+		return nil, err
+	}
+	return &PersistentHosts{
+		hosts,
+		writer,
+	}, nil
+}
+
+// Add adds a host to the list of known hosts.
+// It returns an error if the host could not be persisted.
+func (p *PersistentHosts) Add(h Host) error {
+	err := p.writer.WriteHost(h)
+	if err != nil {
+		return fmt.Errorf("failed to persist host: %w", err)
+	}
+	p.hosts.Add(h)
+	return nil
+}
+
+// Lookup returns the known host entry corresponding to the given hostname.
+func (p *PersistentHosts) Lookup(hostname string) (Host, bool) {
+	return p.hosts.Lookup(hostname)
+}
+
+// Entries returns the known host entries sorted by hostname.
+func (p *PersistentHosts) Entries() []Host {
+	return p.hosts.Entries()
+}
+
+// TOFU implements trust on first use with a persistent set of known hosts.
+//
+// If the host is not on file, it is added to the list.
+// If the fingerprint does not match the one on file, an error is returned.
+func (p *PersistentHosts) TOFU(hostname string, cert *x509.Certificate) error {
+	host := NewHost(hostname, cert.Raw)
+	knownHost, ok := p.Lookup(hostname)
+	if !ok {
+		return p.Add(host)
+	}
+	if host.Fingerprint != knownHost.Fingerprint {
+		return fmt.Errorf("fingerprint for %q does not match", hostname)
+	}
+	return nil
+}
+
+// Close closes the underlying HostWriter.
+func (p *PersistentHosts) Close() error {
+	return p.writer.Close()
+}
+
+// Host represents a host entry with a fingerprint using a certain algorithm.
+type Host struct {
+	Hostname    string // hostname
+	Algorithm   string // fingerprint algorithm e.g. sha256
+	Fingerprint string // fingerprint
+}
+
+// NewHost returns a new host with a SHA256 fingerprint of
+// the provided raw data.
+func NewHost(hostname string, raw []byte) Host {
+	sum := sha256.Sum256(raw)
+
+	return Host{
+		Hostname:    hostname,
+		Algorithm:   "sha256",
+		Fingerprint: base64.StdEncoding.EncodeToString(sum[:]),
+	}
+}
+
+// ParseHost parses a host from the provided text.
+func ParseHost(text []byte) (Host, error) {
+	var h Host
+	err := h.UnmarshalText(text)
+	return h, err
+}
+
+// String returns a string representation of the host.
+func (h Host) String() string {
+	var b strings.Builder
+	b.WriteString(h.Hostname)
+	b.WriteByte(' ')
+	b.WriteString(h.Algorithm)
+	b.WriteByte(' ')
+	b.WriteString(h.Fingerprint)
+	return b.String()
+}
+
+// UnmarshalText unmarshals the host from the provided text.
+func (h *Host) UnmarshalText(text []byte) error {
+	parts := bytes.Split(text, []byte(" "))
+	if len(parts) != 3 {
+		return fmt.Errorf("expected the format 'hostname algorithm fingerprint'")
+	}
+
+	h.Hostname = string(parts[0])
+	h.Algorithm = string(parts[1])
+	h.Fingerprint = string(parts[2])
+	return nil
+}
--- a/vendor.go
+++ b/vendor.go
@ -1,212 +0,0 @@
-// Hostname verification code from the crypto/x509 package.
-// Modified to allow Common Names in the short term, until new certificates
-// can be issued with SANs.
-
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package gemini
-
-import (
-	"crypto/x509"
-	"net"
-	"strings"
-	"unicode/utf8"
-)
-
-var oidExtensionSubjectAltName = []int{2, 5, 29, 17}
-
-func hasSANExtension(c *x509.Certificate) bool {
-	for _, e := range c.Extensions {
-		if e.Id.Equal(oidExtensionSubjectAltName) {
-			return true
-		}
-	}
-	return false
-}
-
-func validHostnamePattern(host string) bool { return validHostname(host, true) }
-func validHostnameInput(host string) bool   { return validHostname(host, false) }
-
-// validHostname reports whether host is a valid hostname that can be matched or
-// matched against according to RFC 6125 2.2, with some leniency to accommodate
-// legacy values.
-func validHostname(host string, isPattern bool) bool {
-	if !isPattern {
-		host = strings.TrimSuffix(host, ".")
-	}
-	if len(host) == 0 {
-		return false
-	}
-
-	for i, part := range strings.Split(host, ".") {
-		if part == "" {
-			// Empty label.
-			return false
-		}
-		if isPattern && i == 0 && part == "*" {
-			// Only allow full left-most wildcards, as those are the only ones
-			// we match, and matching literal '*' characters is probably never
-			// the expected behavior.
-			continue
-		}
-		for j, c := range part {
-			if 'a' <= c && c <= 'z' {
-				continue
-			}
-			if '0' <= c && c <= '9' {
-				continue
-			}
-			if 'A' <= c && c <= 'Z' {
-				continue
-			}
-			if c == '-' && j != 0 {
-				continue
-			}
-			if c == '_' {
-				// Not a valid character in hostnames, but commonly
-				// found in deployments outside the WebPKI.
-				continue
-			}
-			return false
-		}
-	}
-
-	return true
-}
-
-// commonNameAsHostname reports whether the Common Name field should be
-// considered the hostname that the certificate is valid for. This is a legacy
-// behavior, disabled by default or if the Subject Alt Name extension is present.
-//
-// It applies the strict validHostname check to the Common Name field, so that
-// certificates without SANs can still be validated against CAs with name
-// constraints if there is no risk the CN would be matched as a hostname.
-// See NameConstraintsWithoutSANs and issue 24151.
-func commonNameAsHostname(c *x509.Certificate) bool {
-	return !hasSANExtension(c) && validHostnamePattern(c.Subject.CommonName)
-}
-
-func matchExactly(hostA, hostB string) bool {
-	if hostA == "" || hostA == "." || hostB == "" || hostB == "." {
-		return false
-	}
-	return toLowerCaseASCII(hostA) == toLowerCaseASCII(hostB)
-}
-
-func matchHostnames(pattern, host string) bool {
-	pattern = toLowerCaseASCII(pattern)
-	host = toLowerCaseASCII(strings.TrimSuffix(host, "."))
-
-	if len(pattern) == 0 || len(host) == 0 {
-		return false
-	}
-
-	patternParts := strings.Split(pattern, ".")
-	hostParts := strings.Split(host, ".")
-
-	if len(patternParts) != len(hostParts) {
-		return false
-	}
-
-	for i, patternPart := range patternParts {
-		if i == 0 && patternPart == "*" {
-			continue
-		}
-		if patternPart != hostParts[i] {
-			return false
-		}
-	}
-
-	return true
-}
-
-// toLowerCaseASCII returns a lower-case version of in. See RFC 6125 6.4.1. We use
-// an explicitly ASCII function to avoid any sharp corners resulting from
-// performing Unicode operations on DNS labels.
-func toLowerCaseASCII(in string) string {
-	// If the string is already lower-case then there's nothing to do.
-	isAlreadyLowerCase := true
-	for _, c := range in {
-		if c == utf8.RuneError {
-			// If we get a UTF-8 error then there might be
-			// upper-case ASCII bytes in the invalid sequence.
-			isAlreadyLowerCase = false
-			break
-		}
-		if 'A' <= c && c <= 'Z' {
-			isAlreadyLowerCase = false
-			break
-		}
-	}
-
-	if isAlreadyLowerCase {
-		return in
-	}
-
-	out := []byte(in)
-	for i, c := range out {
-		if 'A' <= c && c <= 'Z' {
-			out[i] += 'a' - 'A'
-		}
-	}
-	return string(out)
-}
-
-// verifyHostname returns nil if c is a valid certificate for the named host.
-// Otherwise it returns an error describing the mismatch.
-//
-// IP addresses can be optionally enclosed in square brackets and are checked
-// against the IPAddresses field. Other names are checked case insensitively
-// against the DNSNames field. If the names are valid hostnames, the certificate
-// fields can have a wildcard as the left-most label.
-//
-// The legacy Common Name field is ignored unless it's a valid hostname, the
-// certificate doesn't have any Subject Alternative Names, and the GODEBUG
-// environment variable is set to "x509ignoreCN=0". Support for Common Name is
-// deprecated will be entirely removed in the future.
-func verifyHostname(c *x509.Certificate, h string) error {
-	// IP addresses may be written in [ ].
-	candidateIP := h
-	if len(h) >= 3 && h[0] == '[' && h[len(h)-1] == ']' {
-		candidateIP = h[1 : len(h)-1]
-	}
-	if ip := net.ParseIP(candidateIP); ip != nil {
-		// We only match IP addresses against IP SANs.
-		// See RFC 6125, Appendix B.2.
-		for _, candidate := range c.IPAddresses {
-			if ip.Equal(candidate) {
-				return nil
-			}
-		}
-		return x509.HostnameError{c, candidateIP}
-	}
-
-	names := c.DNSNames
-	if commonNameAsHostname(c) {
-		names = []string{c.Subject.CommonName}
-	}
-
-	candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.
-	validCandidateName := validHostnameInput(candidateName)
-
-	for _, match := range names {
-		// Ideally, we'd only match valid hostnames according to RFC 6125 like
-		// browsers (more or less) do, but in practice Go is used in a wider
-		// array of contexts and can't even assume DNS resolution. Instead,
-		// always allow perfect matches, and only apply wildcard and trailing
-		// dot processing to valid hostnames.
-		if validCandidateName && validHostnamePattern(match) {
-			if matchHostnames(match, candidateName) {
-				return nil
-			}
-		} else {
-			if matchExactly(match, candidateName) {
-				return nil
-			}
-		}
-	}
-
-	return x509.HostnameError{c, h}
-}