From ea05ff753110ed5a788e14a1525387966f2a4e55 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 00:47:51 -0400 Subject: [PATCH 01/12] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 629fc05..0c67640 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,8 @@ An Experimental Gemini Protocol Server optional arguments: -h, --help show this help message and exit -V, --version show program's version number and exit + +server configuration: --host HOST Server address to bind to (default: 127.0.0.1) --port PORT Server port to bind to (default: 1965) --hostname HOSTNAME Server hostname (default: localhost) @@ -54,6 +56,8 @@ optional arguments: --tls-cafile FILE A CA file to use for validating clients (default: None) --tls-capath DIR A directory containing CA files for validating clients (default: None) + +fileserver configuration: --dir DIR Root directory on the filesystem to serve (default: /var/gemini) --cgi-dir DIR CGI script directory, relative to the server's root From 5b118b7581a66a63e342c9ee230be254d231f08e Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:00:20 -0400 Subject: [PATCH 02/12] Update README.md --- README.md | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 0c67640..2904cb9 100644 --- a/README.md +++ b/README.md @@ -104,9 +104,8 @@ $ openssl req -newkey rsa:2048 -nodes -keyout {hostname}.key \ ``` Jetforce also supports TLS client certificates (both self-signed and CA verified). -Connections made with a client certificate will have additional metadata included -in the request environment. ``REMOTE_USER`` will contain the subject common name, -and ``TLS_CLIENT_HASH`` will contain a fingerprint that can be used for TOFU pinning. +Requests that are made with client certificates will include additional +CGI/environment variables with information about the TLS connection. You can specify a CA for client validation with the ``--tls-cafile`` or ``--tls-capath`` flags. Connections validated by the CA will have the ``TLS_CLIENT_VERIFIED`` environment @@ -116,13 +115,11 @@ this readme, but you can find many helpful tutorials ### Static Files -Jetforce will serve static files in the ``/var/gemini/`` directory: - -- Files ending with **.gmi** will be interpreted as the *text/gemini* type -- If a directory is requested, jetforce will look for a file in that directory - with the name of **index.gmi** - - If it exists, the index file will be returned - - Otherwise, jetforce will generate a directory listing +Jetforce will, by default, serve static files in the ``/var/gemini/`` directory. +Files ending with **.gmi** will be interpreted as the *text/gemini* mime type. If +a directory is requested, jetforce will look for a file named **index.gmi** in that +directory to return. Otherwise, a directory file listing will be automatically +generated. ### CGI Scripts @@ -212,10 +209,10 @@ journalctl -u jetforce -f *WARNING* -The internet can be a scary place. You (yes you!) are responsible for securing your -server and setting up appropriate access permissions. This likely means *not* -running jetforce as the root user. Security best practices are outside of the scope -of this document and largely depend on your individual threat model. +You are exposing a server to the internet. You (yes you!) are responsible for +securing your server and setting up appropriate access permissions. This likely means +*not* running jetforce as the root user. Security best practices are outside of the +scope of this document and largely depend on your individual threat model. ## License From 90da8e805a28fb823273c5bfd2ffa169fb90371d Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:02:28 -0400 Subject: [PATCH 03/12] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2904cb9..4883a01 100644 --- a/README.md +++ b/README.md @@ -115,8 +115,8 @@ this readme, but you can find many helpful tutorials ### Static Files -Jetforce will, by default, serve static files in the ``/var/gemini/`` directory. -Files ending with **.gmi** will be interpreted as the *text/gemini* mime type. If +Jetforce will serve static files in the ``/var/gemini/`` directory by default. +Files ending with ***.gmi** will be interpreted as the *text/gemini* type. If a directory is requested, jetforce will look for a file named **index.gmi** in that directory to return. Otherwise, a directory file listing will be automatically generated. From 1c870a7a4769cc7dee1d57e7d2a7bb348308be7b Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:24:35 -0400 Subject: [PATCH 04/12] Update README.md --- README.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 4883a01..49eff47 100644 --- a/README.md +++ b/README.md @@ -132,20 +132,20 @@ considered a CGI script. When a CGI script is requested by a gemini client, the jetforce server will execute the script and pass along information about the request using environment variables: -| Variable Name | Example | -| --- | --- | -| GATEWAY_INTERFACE | GCI/1.1 | -| GEMINI_URL | gemini://mozz.us/cgi-bin/debug.cgi?foobar -| HOSTNAME | mozz.us | -| PATH_INFO | /cgi-bin/debug.cgi | -| QUERY_STRING | foobar | -| REMOTE_ADDR | 10.10.0.2 | -| REMOTE_HOST | 10.10.0.2 | -| SCRIPT_NAME | /usr/local/www/mozz/gemini/cgi-bin/debug.cgi | -| SERVER_NAME | mozz.us | -| SERVER_PORT | 1965 | -| SERVER_PROTOCOL | GEMINI | -| SERVER_SOFTWARE | jetforce/0.0.7 | +| Variable Name | Description | Example | +| --- | --- | --- | +| GATEWAY_INTERFACE | CGI version, for compatability with CGI scripts | ``GCI/1.1`` | +| GEMINI_URL | The whole URL that was requested | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| HOSTNAME | The server's hostname | ``mozz.us`` | +| SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location | ``/cgi-bin/example.cgi`` | +| PATH_INFO | The remainder of the URL's path after the script name | ``/hello`` | +| QUERY_STRING | The query string portion of the request URL | ``world`` | +| REMOTE_ADDR | The client IP address | ``10.10.0.2`` | +| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR | ``10.10.0.2`` | +| SERVER_NAME | The server hostname, alias for HOSTNAME | ``mozz.us`` | +| SERVER_PORT | The server port number | ``1965`` | +| SERVER_PROTOCOL | The server protocol, for compatability with CGI scripts | ``GEMINI`` | +| SERVER_SOFTWARE | The server version string | ``jetforce/0.0.7`` | The CGI script must then write the gemini response to the *stdout* stream. This includes the status code and meta string on the first line, and the From 0a2fead782329598afbf6b207f89e264a3077f50 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:25:11 -0400 Subject: [PATCH 05/12] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 49eff47..274bcc3 100644 --- a/README.md +++ b/README.md @@ -135,7 +135,7 @@ the request using environment variables: | Variable Name | Description | Example | | --- | --- | --- | | GATEWAY_INTERFACE | CGI version, for compatability with CGI scripts | ``GCI/1.1`` | -| GEMINI_URL | The whole URL that was requested | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| GEMINI_URL | The raw URL string that was requested | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` | HOSTNAME | The server's hostname | ``mozz.us`` | | SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location | ``/cgi-bin/example.cgi`` | | PATH_INFO | The remainder of the URL's path after the script name | ``/hello`` | From 9f02bcd00503b7e1f71e147faa759149b6c5234e Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:26:11 -0400 Subject: [PATCH 06/12] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 274bcc3..71260d0 100644 --- a/README.md +++ b/README.md @@ -136,10 +136,10 @@ the request using environment variables: | --- | --- | --- | | GATEWAY_INTERFACE | CGI version, for compatability with CGI scripts | ``GCI/1.1`` | | GEMINI_URL | The raw URL string that was requested | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` -| HOSTNAME | The server's hostname | ``mozz.us`` | | SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location | ``/cgi-bin/example.cgi`` | -| PATH_INFO | The remainder of the URL's path after the script name | ``/hello`` | +| PATH_INFO | The remainder of the URL's path after the CGI script location | ``/hello`` | | QUERY_STRING | The query string portion of the request URL | ``world`` | +| HOSTNAME | The server's hostname | ``mozz.us`` | | REMOTE_ADDR | The client IP address | ``10.10.0.2`` | | REMOTE_HOST | The client IP address, alias for REMOTE_ADDR | ``10.10.0.2`` | | SERVER_NAME | The server hostname, alias for HOSTNAME | ``mozz.us`` | From a29708f883e9b21e129e55daba81c661ded9d740 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:27:30 -0400 Subject: [PATCH 07/12] Update README.md --- README.md | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 71260d0..8655af8 100644 --- a/README.md +++ b/README.md @@ -134,18 +134,19 @@ the request using environment variables: | Variable Name | Description | Example | | --- | --- | --- | -| GATEWAY_INTERFACE | CGI version, for compatability with CGI scripts | ``GCI/1.1`` | -| GEMINI_URL | The raw URL string that was requested | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` -| SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location | ``/cgi-bin/example.cgi`` | -| PATH_INFO | The remainder of the URL's path after the CGI script location | ``/hello`` | -| QUERY_STRING | The query string portion of the request URL | ``world`` | -| HOSTNAME | The server's hostname | ``mozz.us`` | -| REMOTE_ADDR | The client IP address | ``10.10.0.2`` | -| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR | ``10.10.0.2`` | -| SERVER_NAME | The server hostname, alias for HOSTNAME | ``mozz.us`` | -| SERVER_PORT | The server port number | ``1965`` | -| SERVER_PROTOCOL | The server protocol, for compatability with CGI scripts | ``GEMINI`` | -| SERVER_SOFTWARE | The server version string | ``jetforce/0.0.7`` | +| GATEWAY_INTERFACE | The CGI version (for compatability with other CGI scripts). | ``GCI/1.1`` | +| SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | +| SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | +| GEMINI_URL | The raw URL string that was requested. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | +| PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | +| QUERY_STRING | The query string portion of the request URL. | ``world`` | +| HOSTNAME | The server's hostname. | ``mozz.us`` | +| REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | +| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR. | ``10.10.0.2`` | +| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | +| SERVER_PORT | The server port number. | ``1965`` | + The CGI script must then write the gemini response to the *stdout* stream. This includes the status code and meta string on the first line, and the From b8a61941e913b70e77607980b784803ad6067e74 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:40:09 -0400 Subject: [PATCH 08/12] Update README.md --- README.md | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8655af8..bea6174 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,35 @@ the request using environment variables: | Variable Name | Description | Example | | --- | --- | --- | +| GATEWAY_INTERFACE | The CGI version (for compatability). | ``GCI/1.1`` | +| SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | +| SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | +| GEMINI_URL | The raw URL string that was requested. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | +| PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | +| QUERY_STRING | The query string portion of the request URL. | ``world`` | +| HOSTNAME | The server's hostname. | ``mozz.us`` | +| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | +| REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | +| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR. | ``10.10.0.2`` | +| SERVER_PORT | The server port number. | ``1965`` | + +Additional CGI variables will also be included when the connection uses a TLS client certificate: + +| Variable Name | Description | Example | +| --- | --- | --- | +| AUTH_TYPE | The authentication type (for compatability). | ``CERTIFICATE`` | +| REMOTE_USER | The subject CommonName attribute, if provided. | ``michael123`` | +| TLS_CLIENT_HASH | A base64-encoded certificate fingerprint | ``hjQftIC/4zPDQ1MNdav5nRQ39pM482xoTIgxtjyZOpY=`` | +| TLS_CLIENT_NOT_BEFORE | The certificate activation date | ``2020-04-05T04:18:22Z`` | +| TLS_CLIENT_NOT_AFTER | The certificate expiration date | ``2021-04-05T04:18:22Z`` | +| TLS_CLIENT_SERIAL_NUMBER | The certificate serial number | ``73629018972631`` | +| TLS_CLIENT_VERIFIED | Whether the certificate verified by local CA | ``0``/``1`` | +| TLS_CIPHER | The TLS cipher that was used. | ``TLS_AES_256_GCM_SHA384``| +| TLS_VERSION | The TLS version that was used. | ``TLSv1.3`` | + + + | GATEWAY_INTERFACE | The CGI version (for compatability with other CGI scripts). | ``GCI/1.1`` | | SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | | SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | @@ -142,12 +171,13 @@ the request using environment variables: | PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | | QUERY_STRING | The query string portion of the request URL. | ``world`` | | HOSTNAME | The server's hostname. | ``mozz.us`` | +| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | | REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | | REMOTE_HOST | The client IP address, alias for REMOTE_ADDR. | ``10.10.0.2`` | -| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | | SERVER_PORT | The server port number. | ``1965`` | + The CGI script must then write the gemini response to the *stdout* stream. This includes the status code and meta string on the first line, and the optional response body on subsequent lines. The bytes generated by the From bc68f3d706f7df18ef002156d9978053e054b546 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:40:46 -0400 Subject: [PATCH 09/12] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bea6174..1b5581d 100644 --- a/README.md +++ b/README.md @@ -137,7 +137,7 @@ the request using environment variables: | GATEWAY_INTERFACE | The CGI version (for compatability). | ``GCI/1.1`` | | SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | | SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | -| GEMINI_URL | The raw URL string that was requested. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| GEMINI_URL | The raw URL string from the request. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` | SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | | PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | | QUERY_STRING | The query string portion of the request URL. | ``world`` | From 2528f3d928eb910b614c290cead80e0b9c5682bb Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:41:48 -0400 Subject: [PATCH 10/12] Update README.md --- README.md | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 1b5581d..bc26672 100644 --- a/README.md +++ b/README.md @@ -141,10 +141,10 @@ the request using environment variables: | SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | | PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | | QUERY_STRING | The query string portion of the request URL. | ``world`` | -| HOSTNAME | The server's hostname. | ``mozz.us`` | -| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | +| HOSTNAME | The server hostname. | ``mozz.us`` | +| SERVER_NAME | The server hostname (alias for HOSTNAME). | ``mozz.us`` | | REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | -| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR. | ``10.10.0.2`` | +| REMOTE_HOST | The client IP address (alias for REMOTE_ADDR). | ``10.10.0.2`` | | SERVER_PORT | The server port number. | ``1965`` | Additional CGI variables will also be included when the connection uses a TLS client certificate: @@ -161,23 +161,6 @@ Additional CGI variables will also be included when the connection uses a TLS cl | TLS_CIPHER | The TLS cipher that was used. | ``TLS_AES_256_GCM_SHA384``| | TLS_VERSION | The TLS version that was used. | ``TLSv1.3`` | - - -| GATEWAY_INTERFACE | The CGI version (for compatability with other CGI scripts). | ``GCI/1.1`` | -| SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | -| SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | -| GEMINI_URL | The raw URL string that was requested. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` -| SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | -| PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | -| QUERY_STRING | The query string portion of the request URL. | ``world`` | -| HOSTNAME | The server's hostname. | ``mozz.us`` | -| SERVER_NAME | The server hostname, alias for HOSTNAME. | ``mozz.us`` | -| REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | -| REMOTE_HOST | The client IP address, alias for REMOTE_ADDR. | ``10.10.0.2`` | -| SERVER_PORT | The server port number. | ``1965`` | - - - The CGI script must then write the gemini response to the *stdout* stream. This includes the status code and meta string on the first line, and the optional response body on subsequent lines. The bytes generated by the From 3b610982ae528eba1ad67fe386191430af9d0cfc Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:44:26 -0400 Subject: [PATCH 11/12] Update README.md --- README.md | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index bc26672..9d98e7f 100644 --- a/README.md +++ b/README.md @@ -134,32 +134,32 @@ the request using environment variables: | Variable Name | Description | Example | | --- | --- | --- | -| GATEWAY_INTERFACE | The CGI version (for compatability). | ``GCI/1.1`` | +| GATEWAY_INTERFACE | CGI version (for compatability). | ``GCI/1.1`` | | SERVER_PROTOCOL | The server protocol. | ``GEMINI`` | | SERVER_SOFTWARE | The server version string. | ``jetforce/0.0.7`` | -| GEMINI_URL | The raw URL string from the request. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` +| GEMINI_URL | Raw URL string from the request. | ``gemini://mozz.us/cgi-bin/example.cgi/hello?world`` | SCRIPT_NAME | The part of the URL's path that corresponds to the CGI script location. | ``/cgi-bin/example.cgi`` | | PATH_INFO | The remainder of the URL's path after the CGI script location. | ``/hello`` | | QUERY_STRING | The query string portion of the request URL. | ``world`` | -| HOSTNAME | The server hostname. | ``mozz.us`` | -| SERVER_NAME | The server hostname (alias for HOSTNAME). | ``mozz.us`` | -| REMOTE_ADDR | The client IP address. | ``10.10.0.2`` | -| REMOTE_HOST | The client IP address (alias for REMOTE_ADDR). | ``10.10.0.2`` | -| SERVER_PORT | The server port number. | ``1965`` | +| HOSTNAME | Server hostname. | ``mozz.us`` | +| SERVER_NAME | Server hostname (alias for HOSTNAME). | ``mozz.us`` | +| REMOTE_ADDR | Client IP address. | ``10.10.0.2`` | +| REMOTE_HOST | Client IP address (alias for REMOTE_ADDR). | ``10.10.0.2`` | +| SERVER_PORT | Server port number. | ``1965`` | Additional CGI variables will also be included when the connection uses a TLS client certificate: | Variable Name | Description | Example | | --- | --- | --- | -| AUTH_TYPE | The authentication type (for compatability). | ``CERTIFICATE`` | +| AUTH_TYPE | Authentication type (for compatability). | ``CERTIFICATE`` | | REMOTE_USER | The subject CommonName attribute, if provided. | ``michael123`` | -| TLS_CLIENT_HASH | A base64-encoded certificate fingerprint | ``hjQftIC/4zPDQ1MNdav5nRQ39pM482xoTIgxtjyZOpY=`` | -| TLS_CLIENT_NOT_BEFORE | The certificate activation date | ``2020-04-05T04:18:22Z`` | -| TLS_CLIENT_NOT_AFTER | The certificate expiration date | ``2021-04-05T04:18:22Z`` | -| TLS_CLIENT_SERIAL_NUMBER | The certificate serial number | ``73629018972631`` | -| TLS_CLIENT_VERIFIED | Whether the certificate verified by local CA | ``0``/``1`` | -| TLS_CIPHER | The TLS cipher that was used. | ``TLS_AES_256_GCM_SHA384``| -| TLS_VERSION | The TLS version that was used. | ``TLSv1.3`` | +| TLS_CLIENT_HASH | A base64-encoded certificate fingerprint. | ``hjQftIC/4zPDQ1MNdav5nRQ39pM482xoTIgxtjyZOpY=`` | +| TLS_CLIENT_NOT_BEFORE | Certificate activation date. | ``2020-04-05T04:18:22Z`` | +| TLS_CLIENT_NOT_AFTER | Certificate expiration date. | ``2021-04-05T04:18:22Z`` | +| TLS_CLIENT_SERIAL_NUMBER | Certificate serial number. | ``73629018972631`` | +| TLS_CLIENT_VERIFIED | Was the certificate verified by OpenSSL? | ``0``/``1`` | +| TLS_CIPHER | TLS cipher that was negotiated. | ``TLS_AES_256_GCM_SHA384``| +| TLS_VERSION | TLS version that was negotiated. | ``TLSv1.3`` | The CGI script must then write the gemini response to the *stdout* stream. This includes the status code and meta string on the first line, and the From 623a408ca477a206c48942f279bf76e0d8eb7049 Mon Sep 17 00:00:00 2001 From: Michael Lazar Date: Sun, 24 May 2020 01:45:01 -0400 Subject: [PATCH 12/12] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9d98e7f..0246979 100644 --- a/README.md +++ b/README.md @@ -157,7 +157,7 @@ Additional CGI variables will also be included when the connection uses a TLS cl | TLS_CLIENT_NOT_BEFORE | Certificate activation date. | ``2020-04-05T04:18:22Z`` | | TLS_CLIENT_NOT_AFTER | Certificate expiration date. | ``2021-04-05T04:18:22Z`` | | TLS_CLIENT_SERIAL_NUMBER | Certificate serial number. | ``73629018972631`` | -| TLS_CLIENT_VERIFIED | Was the certificate verified by OpenSSL? | ``0``/``1`` | +| TLS_CLIENT_VERIFIED | Was the certificate verified by OpenSSL? | ``0`` (verified) / ``1`` (not verified) | | TLS_CIPHER | TLS cipher that was negotiated. | ``TLS_AES_256_GCM_SHA384``| | TLS_VERSION | TLS version that was negotiated. | ``TLSv1.3`` |