;;; elpher.el --- A friendly gopher and gemini client -*- lexical-binding:t -*-
-;; Copyright (C) 2019 Tim Vaughan
+;; Copyright (C) 2019-2020 Tim Vaughan
;; Author: Tim Vaughan <plugd@thelambdalab.xyz>
;; Created: 11 April 2019
-;; Version: 2.7.9
+;; Version: 2.10.0
;; Keywords: comm gopher
;; Homepage: http://thelambdalab.xyz/elpher
-;; Package-Requires: ((emacs "26"))
+;; Package-Requires: ((emacs "26.2"))
;; This file is not part of GNU Emacs.
(require 'dns)
(require 'ansi-color)
(require 'nsm)
+(require 'gnutls)
;;; Global constants
;;
-(defconst elpher-version "2.7.9"
+(defconst elpher-version "2.10.0"
"Current version of elpher.")
(defconst elpher-margin-width 6
;;
(defgroup elpher nil
- "A gopher client."
+ "A gopher and gemini client."
:group 'applications)
;; General appearance and customizations
sequences."
:type '(boolean))
+(defcustom elpher-certificate-directory
+ (file-name-as-directory (locate-user-emacs-file "elpher-certificates"))
+ "Specify the name of the directory where client certificates will be stored.
+These certificates may be used for establishing authenticated TLS connections."
+ :type '(directory))
+
+(defcustom elpher-openssl-command "openssl"
+ "The command used to launch openssl when generating TLS client certificates."
+ :type '(file))
+
(defcustom elpher-gemini-TLS-cert-checks nil
"If non-nil, verify gemini server TLS certs using the default security level.
Otherwise, certificate verification is disabled.
"Face used for html type directory records.")
(defface elpher-gemini
- '((t :inherit font-lock-regexp-grouping-backslash))
+ '((t :inherit font-lock-constant-face))
"Face used for Gemini type directory records.")
(defface elpher-other-url
;; Gemini defaults
(if (equal (url-filename url) "")
(setf (url-filename url) "/"))))
- url)
+ (elpher-remove-redundant-ports url))
(set-match-data data))))
+(defun elpher-remove-redundant-ports (address)
+ "Remove redundant port specifiers from ADDRESS.
+Here 'redundant' means that the specified port matches the default
+for that protocol, eg 70 for gopher."
+ (if (and (not (elpher-address-special-p address))
+ (eq (url-portspec address) ; (url-port) is too slow!
+ (pcase (url-type address)
+ ("gemini" 1965)
+ ((or "gopher" "gophers") 70)
+ ("finger" 79)
+ (_ -1))))
+ (setf (url-portspec address) nil))
+ address)
+
(defun elpher-make-gopher-address (type selector host port &optional tls)
"Create an ADDRESS object using gopher directory record attributes.
The basic attributes include: TYPE, SELECTOR, HOST and PORT.
(defun elpher-address-to-url (address)
"Get string representation of ADDRESS, or nil if ADDRESS is special."
- (if (not (elpher-address-special-p address))
- (url-encode-url (url-recreate-url address))
- nil))
+ (if (elpher-address-special-p address)
+ nil
+ (url-encode-url (url-recreate-url address))))
(defun elpher-address-type (address)
"Retrieve type of ADDRESS object.
'(elpher-update-header))
args)))
+(defun elpher-buffer-message (string &optional line)
+ "Replace first line in elpher buffer with STRING.
+If LINE is non-nil, replace that line instead."
+ (with-current-buffer "*elpher*"
+ (let ((inhibit-read-only t))
+ (goto-char (point-min))
+ (if line
+ (forward-line line))
+ (let ((data (match-data)))
+ (unwind-protect
+ (progn
+ (re-search-forward "^.*$")
+ (replace-match string))
+ (set-match-data data))))))
+
;;; Text Processing
;;
"Press 'u' to return to the previous page.")))
-;;; Gopher selector retrieval
+;;; General network communication
;;
(defvar elpher-network-timer nil
"Timer used for network connections.")
+(defvar elpher-use-tls nil
+ "If non-nil, use TLS to communicate with gopher servers.")
+
+(defvar elpher-client-certificate nil
+ "If non-nil, contains client certificate details to use for TLS connections.")
+
(defun elpher-process-cleanup ()
"Immediately shut down any extant elpher process and timers."
(let ((p (get-process "elpher-process")))
(if (timerp elpher-network-timer)
(cancel-timer elpher-network-timer)))
-(defvar elpher-use-tls nil
- "If non-nil, use TLS to communicate with gopher servers.")
+(defun elpher-get-host-response (address default-port query-string response-processor
+ &optional use-tls force-ipv4)
+ "Generic function for retrieving data from ADDRESS.
+
+When ADDRESS lacks a specific port, DEFAULT-PORT is used instead.
+QUERY-STRING is a string sent to the host specified by ADDRESS to
+illicet a response. This response is passed as an argument to the
+function RESPONSE-PROCESSOR.
+
+If non-nil, USE-TLS specifies that the connection is to be made over
+TLS. If set to gemini, the certificate verification will be disabled
+unless `elpher-gemini-TLS-cert-checks' is non-nil.
+
+If non-nil, FORCE-IPV4 causes the network connection to be made over
+ipv4 only. (The default behaviour when this is not set depends on
+the host operating system and the local network capabilities."
+ (if (and use-tls (not (gnutls-available-p)))
+ (error "Use of TLS requires Emacs to be compiled with GNU TLS support")
+ (unless (< (elpher-address-port address) 65536)
+ (error "Cannot establish network connection: port number > 65536"))
+ (when (and (eq use-tls 'gemini) (not elpher-gemini-TLS-cert-checks))
+ (setq-local network-security-level 'low))
+ (condition-case nil
+ (let* ((kill-buffer-query-functions nil)
+ (port (elpher-address-port address))
+ (host (elpher-address-host address))
+ (response-string-parts nil)
+ (bytes-received 0)
+ (hkbytes-received 0)
+ (proc (make-network-process :name "elpher-process"
+ :host host
+ :family (and force-ipv4 'ipv4)
+ :service (if (> port 0) port default-port)
+ :buffer nil
+ :coding 'binary
+ :noquery t
+ :nowait t
+ :tls-parameters
+ (and use-tls
+ (cons 'gnutls-x509pki
+ (gnutls-boot-parameters
+ :type 'gnutls-x509pki
+ :hostname host
+ :keylist
+ (elpher-get-current-keylist address))))))
+ (timer (run-at-time elpher-connection-timeout nil
+ (lambda ()
+ (elpher-process-cleanup)
+ (cond
+ ; Try again with IPv4
+ ((not force-ipv4)
+ (message "Connection timed out. Retrying with IPv4.")
+ (elpher-get-host-response address default-port
+ query-string
+ response-processor
+ use-tls t))
+ ((and use-tls
+ (not (eq use-tls 'gemini))
+ (or elpher-auto-disengage-TLS
+ (y-or-n-p
+ "TLS connetion failed. Disable TLS mode and retry? ")))
+ (setq elpher-use-tls nil)
+ (elpher-get-host-response address default-port
+ query-string
+ response-processor
+ nil force-ipv4))
+ (t
+ (elpher-network-error address "Connection time-out.")))))))
+ (setq elpher-network-timer timer)
+ (elpher-buffer-message (concat "Connecting to " host "..."
+ " (press 'u' to abort)"))
+ (set-process-filter proc
+ (lambda (_proc string)
+ (when timer
+ (cancel-timer timer)
+ (setq timer nil))
+ (setq bytes-received (+ bytes-received (length string)))
+ (let ((new-hkbytes-received (/ bytes-received 102400)))
+ (when (> new-hkbytes-received hkbytes-received)
+ (setq hkbytes-received new-hkbytes-received)
+ (elpher-buffer-message
+ (concat "("
+ (number-to-string (/ hkbytes-received 10.0))
+ " MB read)")
+ 1)))
+ (setq response-string-parts
+ (cons string response-string-parts))))
+ (set-process-sentinel proc
+ (lambda (proc event)
+ (when timer
+ (cancel-timer timer))
+ (condition-case the-error
+ (cond
+ ((string-prefix-p "open" event) ; request URL
+ (elpher-buffer-message
+ (concat "Connected to " host ". Receiving data..."
+ " (press 'u' to abort)"))
+ (let ((inhibit-eol-conversion t))
+ (process-send-string proc query-string)))
+ ((string-prefix-p "deleted" event)) ; do nothing
+ ((and (not response-string-parts)
+ (not (or elpher-ipv4-always force-ipv4)))
+ ; Try again with IPv4
+ (message "Connection failed. Retrying with IPv4.")
+ (elpher-get-host-response address default-port
+ query-string
+ response-processor
+ use-tls t))
+ (response-string-parts
+ (elpher-with-clean-buffer
+ (insert "Data received. Rendering..."))
+ (funcall response-processor
+ (apply #'concat (reverse response-string-parts)))
+ (elpher-restore-pos))
+ (t
+ (error "No response from server")))
+ (error
+ (elpher-network-error address the-error))))))
+ (error
+ (error "Error initiating connection to server")))))
+
+
+;;; Client-side TLS Certificate Management
+;;
+
+(defun elpher-generate-certificate (common-name key-file cert-file &optional temporary)
+ "Generate a key and a self-signed client TLS certificate using openssl.
-(defun elpher-get-selector (address renderer &optional force-ipv4)
- "Retrieve selector specified by ADDRESS, then render it using RENDERER.
-If FORCE-IPV4 is non-nil, explicitly look up and use IPv4 address corresponding
-to ADDRESS."
- (when (equal (elpher-address-protocol address) "gophers")
- (if (gnutls-available-p)
- (when (not elpher-use-tls)
- (setq elpher-use-tls t)
- (message "Engaging TLS gopher mode."))
- (error "Cannot retrieve TLS gopher selector: GnuTLS not available")))
- (unless (< (elpher-address-port address) 65536)
- (error "Cannot retrieve gopher selector: port number > 65536"))
- (defvar gnutls-verify-error)
- (condition-case nil
- (let* ((kill-buffer-query-functions nil)
- (gnutls-verify-error nil) ; We use the NSM for verification
- (port (elpher-address-port address))
- (host (elpher-address-host address))
- (selector-string-parts nil)
- (bytes-received 0)
- (hkbytes-received 0)
- (proc (open-network-stream "elpher-process"
- nil
- (if (or elpher-ipv4-always force-ipv4)
- (dns-query host)
- host)
- (if (> port 0) port 70)
- :type (if elpher-use-tls 'tls 'plain)
- :nowait t))
- (timer (run-at-time elpher-connection-timeout
- nil
- (lambda ()
- (pcase (process-status proc)
- ('failed
- (if (and (not (equal (elpher-address-protocol address)
- "gophers"))
- elpher-use-tls
- (or elpher-auto-disengage-TLS
- (yes-or-no-p "Could not establish encrypted connection. Disable TLS mode?")))
- (progn
- (message "Disabling TLS mode.")
- (setq elpher-use-tls nil)
- (elpher-get-selector address renderer))
- (elpher-network-error address "Could not establish encrypted connection")))
- ('connect
- (elpher-process-cleanup)
- (unless (or elpher-ipv4-always force-ipv4)
- (message "Connection timed out. Retrying with IPv4 address.")
- (elpher-get-selector address renderer t))))))))
- (setq elpher-network-timer timer)
- (set-process-coding-system proc 'binary)
- (set-process-filter proc
- (lambda (_proc string)
- (when timer
- (cancel-timer timer)
- (setq timer nil))
- (setq bytes-received (+ bytes-received (length string)))
- (let ((new-hkbytes-received (/ bytes-received 102400)))
- (when (> new-hkbytes-received hkbytes-received)
- (setq hkbytes-received new-hkbytes-received)
- (with-current-buffer "*elpher*"
- (let ((inhibit-read-only t))
- (goto-char (point-min))
- (beginning-of-line 2)
- (delete-region (point) (point-max))
- (insert "("
- (number-to-string (/ hkbytes-received 10.0))
- " MB read)")))))
- (setq selector-string-parts
- (cons string selector-string-parts))))
- (set-process-sentinel proc
- (lambda (_proc event)
- (condition-case the-error
- (cond
- ((string-prefix-p "deleted" event))
- ((string-prefix-p "open" event)
- (let ((inhibit-eol-conversion t))
- (process-send-string
- proc
- (concat (elpher-gopher-address-selector address)
- "\r\n"))))
- (t
- (when timer
- (cancel-timer timer)
- (setq timer nil))
- (funcall renderer (apply #'concat
- (reverse selector-string-parts)))
- (elpher-restore-pos)))
- (error
- (elpher-network-error address the-error))))))
- (error
- (error "Error initiating connection to server"))))
+The Common Name field of the certificate is set to COMMON-NAME. The
+arguments KEY-FILE and CERT-FILE should contain the absolute paths of
+the key and certificate files to write.
+
+If TEMPORARY is non-nil, the certificate will be given an exporation
+period of one day, and the key and certificate files will be deleted
+when the certificate is no longer needed for the current session.
+
+Otherwise, the certificate will be given a 100 year expiration period
+and the files will not be deleted.
+
+The function returns a list containing the current host name, the
+temporary flag, and the key and cert file names in the form required
+by `gnutls-boot-parameters`."
+ (let ((exp-key-file (expand-file-name key-file))
+ (exp-cert-file (expand-file-name cert-file)))
+ (condition-case nil
+ (progn
+ (call-process elpher-openssl-command nil nil nil
+ "req" "-x509" "-newkey" "rsa:2048"
+ "-days" (if temporary "1" "36500")
+ "-nodes"
+ "-subj" (concat "/CN=" common-name)
+ "-keyout" exp-key-file
+ "-out" exp-cert-file)
+ (list (elpher-address-host (elpher-page-address elpher-current-page))
+ temporary exp-key-file exp-cert-file))
+ (error
+ (message "Check that openssl is installed, or customize `elpher-openssl-command`.")
+ (error "Program 'openssl', required for certificate generation, not found")))))
+
+(defun elpher-generate-throwaway-certificate ()
+ "Generate and return details of a throwaway certificate.
+The key and certificate files will be deleted when they are no
+longer needed for this session."
+ (let* ((file-base (make-temp-name "elpher"))
+ (key-file (concat temporary-file-directory file-base ".key"))
+ (cert-file (concat temporary-file-directory file-base ".crt")))
+ (elpher-generate-certificate file-base key-file cert-file t)))
+
+(defun elpher-generate-persistent-certificate (file-base common-name)
+ "Generate and return details of a persistent certificate.
+The argument FILE-BASE is used as the base for the key and certificate
+files, while COMMON-NAME specifies the common name field of the
+certificate.
+
+The key and certificate files are written to in `elpher-certificate-directory'."
+ (let* ((key-file (concat elpher-certificate-directory file-base ".key"))
+ (cert-file (concat elpher-certificate-directory file-base ".crt")))
+ (elpher-generate-certificate common-name key-file cert-file)))
+
+(defun elpher-get-existing-certificate (file-base)
+ "Return a certificate object corresponding to an existing certificate.
+It is assumed that the key files FILE-BASE.key and FILE-BASE.crt exist in
+the directory `elpher-certificate-directory'."
+ (let* ((key-file (concat elpher-certificate-directory file-base ".key"))
+ (cert-file (concat elpher-certificate-directory file-base ".crt")))
+ (list (elpher-address-host (elpher-page-address elpher-current-page))
+ nil
+ (expand-file-name key-file)
+ (expand-file-name cert-file))))
+
+(defun elpher-install-and-use-existing-certificate (key-file-src cert-file-src file-base)
+ "Install a key+certificate file pair in `elpher-certificate-directory'.
+The strings KEY-FILE-SRC and CERT-FILE-SRC are the existing key and
+certificate files to install. The argument FILE-BASE is used as the
+base for the installed key and certificate files."
+ (let* ((key-file (concat elpher-certificate-directory file-base ".key"))
+ (cert-file (concat elpher-certificate-directory file-base ".crt")))
+ (if (or (file-exists-p key-file)
+ (file-exists-p cert-file))
+ (error "A certificate with base name %s is already installed" file-base))
+ (copy-file key-file-src key-file)
+ (copy-file cert-file-src cert-file)
+ (list (elpher-address-host (elpher-page-address elpher-current-page))
+ nil
+ (expand-file-name key-file)
+ (expand-file-name cert-file))))
+
+(defun elpher-list-existing-certificates ()
+ "Return a list of the persistent certificates in `elpher-certificate-directory'."
+ (unless (file-directory-p elpher-certificate-directory)
+ (make-directory elpher-certificate-directory))
+ (mapcar
+ (lambda (file)
+ (file-name-sans-extension file))
+ (directory-files elpher-certificate-directory nil "\.key$")))
+
+(defun elpher-forget-current-certificate ()
+ "Causes any current certificate to be forgotten.)
+In the case of throwaway certificates, the key and certificate files
+are also deleted."
+ (interactive)
+ (when elpher-client-certificate
+ (unless (and (called-interactively-p 'any)
+ (not (y-or-n-p (concat "Really forget client certificate? "
+ "(Throwaway certificates will be deleted.)"))))
+ (when (cadr elpher-client-certificate)
+ (delete-file (elt elpher-client-certificate 2))
+ (delete-file (elt elpher-client-certificate 3)))
+ (setq elpher-client-certificate nil)
+ (if (called-interactively-p 'any)
+ (message "Client certificate forgotten.")))))
+
+(defun elpher-get-current-keylist (address)
+ "Retrieve the `gnutls-boot-parameters'-compatable keylist.
+
+This is obtained from the client certificate described by
+`elpher-current-certificate', if one is available and the host for
+that certificate matches the host in ADDRESS.
+
+If `elpher-current-certificate' is non-nil, and its host name doesn't
+match that of ADDRESS, the certificate is forgotten."
+ (if elpher-client-certificate
+ (if (string= (car elpher-client-certificate)
+ (elpher-address-host address))
+ (list (cddr elpher-client-certificate))
+ (elpher-forget-current-certificate)
+ (message "Disabling client certificate for new host")
+ nil)
+ nil))
+
+
+;;; Gopher selector retrieval
+;;
+
+(defun elpher-get-gopher-response (address renderer)
+ "Get response string from gopher server at ADDRESS and render using RENDERER."
+ (elpher-get-host-response address 70
+ (concat (elpher-gopher-address-selector address) "\r\n")
+ renderer
+ (or (string= (elpher-address-protocol address) "gophers")
+ elpher-use-tls)))
(defun elpher-get-gopher-page (renderer)
"Getter function for gopher pages.
(elpher-with-clean-buffer
(insert "LOADING... (use 'u' to cancel)\n"))
(condition-case the-error
- (elpher-get-selector address renderer)
+ (elpher-get-gopher-response address renderer)
(error
(elpher-network-error address the-error))))))
(address (elpher-page-address page)))
(format "mouse-1, RET: open '%s'" (if (elpher-address-special-p address)
address
- (url-recreate-url address))))))))
+ (elpher-address-to-url address))))))))
(defun elpher-insert-index-record (display-string &optional address)
"Function to insert an index record into the current buffer.
(elpher-with-clean-buffer
(insert "LOADING RESULTS... (use 'u' to cancel)"))
- (elpher-get-selector search-address renderer))
+ (elpher-get-gopher-response search-address renderer))
(if aborted
(elpher-visit-previous-page))))))
(defvar elpher-gemini-redirect-chain)
-(defun elpher-get-gemini-response (address renderer &optional force-ipv4)
- "Retrieve gemini ADDRESS, then render using RENDERER.
-If FORCE-IPV4 is non-nil, explicitly look up and use IPv4 address corresponding
-to ADDRESS."
- (unless elpher-gemini-TLS-cert-checks
- (setq-local network-security-level 'low))
- (if (not (gnutls-available-p))
- (error "Cannot establish gemini connection: GnuTLS not available")
- (unless (< (elpher-address-port address) 65536)
- (error "Cannot establish gemini connection: port number > 65536"))
- (defvar gnutls-verify-error)
- (condition-case nil
- (let* ((kill-buffer-query-functions nil)
- (gnutls-verify-error nil) ; We use the NSM for verification
- (port (elpher-address-port address))
- (host (elpher-address-host address))
- (response-string-parts nil)
- (bytes-received 0)
- (hkbytes-received 0)
- (proc (open-network-stream "elpher-process"
- nil
- (if (or elpher-ipv4-always force-ipv4)
- (dns-query host)
- host)
- (if (> port 0) port 1965)
- :type 'tls
- :nowait t))
- (timer (run-at-time elpher-connection-timeout nil
- (lambda ()
- (elpher-process-cleanup)
- (unless (or elpher-ipv4-always force-ipv4)
- ; Try again with IPv4
- (message "Connection timed out. Retrying with IPv4.")
- (elpher-get-gemini-response address renderer t))))))
- (setq elpher-network-timer timer)
- (set-process-coding-system proc 'binary)
- (set-process-filter proc
- (lambda (_proc string)
- (when timer
- (cancel-timer timer)
- (setq timer nil))
- (setq bytes-received (+ bytes-received (length string)))
- (let ((new-hkbytes-received (/ bytes-received 102400)))
- (when (> new-hkbytes-received hkbytes-received)
- (setq hkbytes-received new-hkbytes-received)
- (with-current-buffer "*elpher*"
- (let ((inhibit-read-only t))
- (goto-char (point-min))
- (beginning-of-line 2)
- (delete-region (point) (point-max))
- (insert "("
- (number-to-string (/ hkbytes-received 10.0))
- " MB read)")))))
- (setq response-string-parts
- (cons string response-string-parts))))
- (set-process-sentinel proc
- (lambda (proc event)
- (condition-case the-error
- (cond
- ((string-prefix-p "open" event) ; request URL
- (let ((inhibit-eol-conversion t))
- (process-send-string
- proc
- (concat (elpher-address-to-url address)
- "\r\n"))))
- ((string-prefix-p "deleted" event)) ; do nothing
- ((and (not response-string-parts)
- (not (or elpher-ipv4-always force-ipv4)))
- ; Try again with IPv4
- (message "Connection failed. Retrying with IPv4.")
- (cancel-timer timer)
- (elpher-get-gemini-response address renderer t))
- (t
- (funcall #'elpher-process-gemini-response
- (apply #'concat (reverse response-string-parts))
- renderer)
- (elpher-restore-pos)))
- (error
- (elpher-network-error address the-error))))))
- (error
- (error "Error initiating connection to server")))))
+(defun elpher-get-gemini-response (address renderer)
+ "Get response string from gemini server at ADDRESS and render using RENDERER."
+ (elpher-get-host-response address 1965
+ (concat (elpher-address-to-url address) "\r\n")
+ (lambda (response-string)
+ (elpher-process-gemini-response response-string renderer))
+ 'gemini))
(defun elpher-parse-gemini-response (response)
"Parse the RESPONSE string and return a list of components.
(?1 ; Input required
(elpher-with-clean-buffer
(insert "Gemini server is requesting input."))
- (let* ((query-string (read-string (concat response-meta ": ")))
- (url (elpher-address-to-url (elpher-page-address elpher-current-page)))
- (query-address (elpher-address-from-url (concat url "?" query-string))))
+ (let* ((query-string
+ (if (eq (elt response-code 1) ?1)
+ (read-passwd (concat response-meta ": "))
+ (read-string (concat response-meta ": "))))
+ (query-address (seq-copy (elpher-page-address elpher-current-page)))
+ (old-fname (url-filename query-address)))
+ (setf (url-filename query-address)
+ (concat old-fname "?" (url-build-query-string `((,query-string)))))
(elpher-get-gemini-response query-address renderer)))
(?2 ; Normal response
(funcall renderer response-body response-meta))
(error "Gemini server reports PERMANENT FAILURE for this request: %s %s"
response-code response-meta))
(?6 ; Client certificate required
- (error "Gemini server requires client certificate (unsupported at this time)"))
+ (elpher-with-clean-buffer
+ (if elpher-client-certificate
+ (insert "Gemini server does not recognise the provided TLS certificate:\n\n")
+ (insert "Gemini server is requesting a valid TLS certificate:\n\n"))
+ (auto-fill-mode 1)
+ (elpher-gemini-insert-text response-meta))
+ (let ((chosen-certificate (elpher-choose-client-certificate)))
+ (unless chosen-certificate
+ (error "Gemini server requires a client certificate and none was provided"))
+ (setq elpher-client-certificate chosen-certificate))
+ (elpher-with-clean-buffer)
+ (elpher-get-gemini-response (elpher-page-address elpher-current-page) renderer))
(_other
(error "Gemini server response unknown: %s %s"
response-code response-meta))))))
+(defun elpher-choose-client-certificate ()
+ "Prompt for a client certificate to use to establish a TLS connection."
+ (let* ((read-answer-short t))
+ (pcase (read-answer "What do you want to do? "
+ '(("throwaway" ?t
+ "generate and use throw-away certificate")
+ ("persistent" ?p
+ "generate new or use existing persistent certificate")
+ ("abort" ?a
+ "stop immediately")))
+ ("throwaway"
+ (setq elpher-client-certificate (elpher-generate-throwaway-certificate)))
+ ("persistent"
+ (let* ((existing-certificates (elpher-list-existing-certificates))
+ (file-base (completing-read
+ "Nickname for new or existing certificate (autocompletes, empty response aborts): "
+ existing-certificates)))
+ (if (string-empty-p (string-trim file-base))
+ nil
+ (if (member file-base existing-certificates)
+ (setq elpher-client-certificate
+ (elpher-get-existing-certificate file-base))
+ (pcase (read-answer "Generate new certificate or install externally-generated one? "
+ '(("new" ?n
+ "generate new certificate")
+ ("install" ?i
+ "install existing certificate")
+ ("abort" ?a
+ "stop immediately")))
+ ("new"
+ (let ((common-name (read-string "Common Name field for new certificate: "
+ file-base)))
+ (message "New key and self-signed certificate written to %s"
+ elpher-certificate-directory)
+ (elpher-generate-persistent-certificate file-base common-name)))
+ ("install"
+ (let* ((cert-file (read-file-name "Certificate file: " nil nil t))
+ (key-file (read-file-name "Key file: " nil nil t)))
+ (message "Key and certificate installed in %s for future use"
+ elpher-certificate-directory)
+ (elpher-install-and-use-existing-certificate key-file
+ cert-file
+ file-base)))
+ ("abort" nil))))))
+ ("abort" nil))))
+
(defun elpher-get-gemini-page (renderer)
"Getter which retrieves and renders a Gemini page and renders it using RENDERER."
(let* ((address (elpher-page-address elpher-current-page))
(error
(elpher-network-error address the-error)))))
-
(defun elpher-render-gemini (body &optional mime-type-string)
"Render gemini response BODY with rendering MIME-TYPE-STRING."
(if (not body)
(string-join (reverse path-reversed-normalized) "/")))
(defun elpher-address-from-gemini-url (url)
- "Extract address from URL with defaults as per gemini map files."
+ "Extract address from URL with defaults as per gemini map files.
+While there's obviously some redundancy here between this function and
+`elpher-address-from-url', gemini map file URLs require enough special
+treatment that a separate function is warranted."
(let ((address (url-generic-parse-url url))
(current-address (elpher-page-address elpher-current-page)))
(unless (and (url-type address) (not (url-fullness address))) ;avoid mangling mailto: urls
(url-filename address)))))
(unless (url-type address)
(setf (url-type address) "gemini"))
- (if (equal (url-type address) "gemini")
- (setf (url-filename address)
- (elpher-collapse-dot-sequences (url-filename address)))))
- address))
+ (when (equal (url-type address) "gemini")
+ (setf (url-filename address)
+ (elpher-collapse-dot-sequences (url-filename address)))))
+ (elpher-remove-redundant-ports address)))
(defun elpher-gemini-insert-link (link-line)
"Insert link described by LINK-LINE into a text/gemini document."
"Insert a plain non-preformatted TEXT-LINE into a text/gemini document.
This function uses Emacs' auto-fill to wrap text sensibly to a maximum
width defined by elpher-gemini-max-fill-width."
- (string-match "\\(^[ \t]*\\)\\(\*[ \t]\\)?" text-line)
+ (string-match "\\(^[ \t]*\\)\\(\*[ \t]+\\|>[ \t]*\\)?" text-line)
(let* ((processed-text-line (if (match-string 2 text-line)
(concat
(replace-regexp-in-string "\*"
(match-string 0 text-line))
(substring text-line (match-end 0)))
text-line))
- (fill-prefix (if (match-string 1 text-line)
- (replace-regexp-in-string "\*" " " (match-string 0 text-line))
+ (adaptive-fill-mode nil)
+ (fill-prefix (if (match-string 2 text-line)
+ (replace-regexp-in-string "[>\*]" " " (match-string 0 text-line))
nil)))
(insert (elpher-process-text-for-display processed-text-line))
(newline)))
(elpher-page-address elpher-current-page)
(buffer-string))))
+
;; Finger page connection
-(defun elpher-get-finger-page (renderer &optional force-ipv4)
+(defun elpher-get-finger-page (renderer)
"Opens a finger connection to the current page address.
-The result is rendered using RENDERER. When the optional argument
-FORCE-IPV4 or the variable `elpher-ipv4-always' are non-nil, the
-IPv4 address returned by a DNS lookup will be used explicitly in
-making the connection."
+The result is rendered using RENDERER."
(let* ((address (elpher-page-address elpher-current-page))
(content (elpher-get-cached-content address)))
(if (and content (funcall renderer nil))
(user (let ((filename (elpher-address-filename address)))
(if (> (length filename) 1)
(substring filename 1)
- (elpher-address-user address))))
- (port (let ((given-port (elpher-address-port address)))
- (if (> given-port 0) given-port 79)))
- (host (elpher-address-host address))
- (selector-string-parts nil)
- (proc (open-network-stream "elpher-process"
- nil
- (if (or elpher-ipv4-always force-ipv4)
- (dns-query host)
- host)
- port
- :type 'plain
- :nowait t))
- (timer (run-at-time elpher-connection-timeout
- nil
- (lambda ()
- (pcase (process-status proc)
- ('connect
- (elpher-process-cleanup)
- (unless (or elpher-ipv4-always force-ipv4)
- (message "Connection timed out. Retrying with IPv4 address.")
- (elpher-get-finger-page renderer t))))))))
- (setq elpher-network-timer timer)
- (set-process-coding-system proc 'binary)
- (set-process-filter proc
- (lambda (_proc string)
- (when timer
- (cancel-timer timer)
- (setq timer nil))
- (setq selector-string-parts
- (cons string selector-string-parts))))
- (set-process-sentinel proc
- (lambda (_proc event)
- (condition-case _the-error
- (cond
- ((string-prefix-p "deleted" event))
- ((string-prefix-p "open" event)
- (let ((inhibit-eol-conversion t))
- (process-send-string
- proc
- (concat user "\r\n"))))
- (t
- (when timer
- (cancel-timer timer)
- (setq timer nil))
- (funcall renderer (apply #'concat
- (reverse selector-string-parts)))
- (elpher-restore-pos)))))))
+ (elpher-address-user address)))))
+ (elpher-get-host-response address 79
+ (concat user "\r\n")
+ renderer))
(error
(elpher-network-error address the-error))))))
+;; Telnet page connection
+
+(defun elpher-get-telnet-page (renderer)
+ "Opens a telnet connection to the current page address (RENDERER must be nil)."
+ (when renderer
+ (elpher-visit-previous-page)
+ (error "Command not supported for telnet URLs"))
+ (let* ((address (elpher-page-address elpher-current-page))
+ (host (elpher-address-host address))
+ (port (elpher-address-port address)))
+ (elpher-visit-previous-page)
+ (if (> port 0)
+ (telnet host port)
+ (telnet host))))
+
+
;; Other URL page opening
(defun elpher-get-other-url-page (renderer)
(browse-web url)
(browse-url url)))))
-;; Telnet page connection
-
-(defun elpher-get-telnet-page (renderer)
- "Opens a telnet connection to the current page address (RENDERER must be nil)."
- (when renderer
- (elpher-visit-previous-page)
- (error "Command not supported for telnet URLs"))
- (let* ((address (elpher-page-address elpher-current-page))
- (host (elpher-address-host address))
- (port (elpher-address-port address)))
- (elpher-visit-previous-page)
- (if (> port 0)
- (telnet host port)
- (telnet host))))
;; Start page page retrieval
" - R: reload current page (regenerates cache)\n"
" - S: set character coding system for gopher (default is to autodetect)\n"
" - T: toggle TLS gopher mode\n"
+ " - F: forget/discard current TLS client certificate\n"
" - .: display the raw server response for the current page\n"
"\n"
"Start your exploration of gopher space and gemini:\n")
"Go to a particular gopher site HOST-OR-URL.
When run interactively HOST-OR-URL is read from the minibuffer."
(interactive "sGopher or Gemini URL: ")
- (let ((page (elpher-make-page host-or-url
- (elpher-address-from-url host-or-url))))
+ (let* ((cleaned-host-or-url (string-trim host-or-url))
+ (address (elpher-address-from-url cleaned-host-or-url))
+ (page (elpher-make-page cleaned-host-or-url address)))
(switch-to-buffer "*elpher*")
(elpher-visit-page page)
- '()))
+ nil))
(defun elpher-go-current ()
"Go to a particular site read from the minibuffer, initialized with the current URL."
(define-key map (kbd "X") 'elpher-unbookmark-current)
(define-key map (kbd "B") 'elpher-bookmarks)
(define-key map (kbd "S") 'elpher-set-gopher-coding-system)
+ (define-key map (kbd "F") 'elpher-forget-current-certificate)
(when (fboundp 'evil-define-key*)
(evil-define-key* 'motion map
(kbd "TAB") 'elpher-next-link
(kbd "x") 'elpher-unbookmark-link
(kbd "X") 'elpher-unbookmark-current
(kbd "B") 'elpher-bookmarks
- (kbd "S") 'elpher-set-gopher-coding-system))
+ (kbd "S") 'elpher-set-gopher-coding-system
+ (kbd "F") 'elpher-forget-current-certificate))
map)
"Keymap for gopher client.")
The Lambda Lab / projects / elpher.git / blobdiff