Status20 Success
Metatext/gemini
Gemini Diagnostics Script
2020-01-09

I have been working on a python script
that can be pointed to a gemini server,
and will automatically send various
types of requests to surface errors and
other strange server behavior. This was
suggested in the mailing list a while
ago by solderpunk. I thought it was a
neat idea so I took my own stab at it.

I am not attempting to cover 100% of the
gemini specification. Some of the checks
aren't even related to the the spec, and
are strictly informational. Take all
results with a grain of salt.

For example:

- Does your server support IPv6?
- What version of TLS do you negotiate?
- Is your certificate's CA trusted?
- How do you respond to a http:// URL?
- How do you respond to a URL with an
  invalid UTF-8 byte sequence?
- How do you respond to a request with a
  newline but no carriage return?

The program can be found here:

https://github.com/michael-lazar/jetforce/blob/master/jetforce_diagnostics.py
gemini://mozz.us/jetforce/jetforce_diagnostics.py

I've included it in the jetforce repo
out of convenience, but the script can
be downloaded and run independently of
jetforce. The only hard dependency is
Python 3.7+. The python
"pyca/cryptography" library is an
optional requirement, if you want to
inspect server TLS certificates.

Usage:
  ./jetforce_diagnostics.py host [port]

This is very much still considered a
work-in-progress. If you have any
suggestions or would like to contribute
additional tests to run, please feel
encouraged to respond here or open an
issue or PR in the github repo.

To save you all the trouble, I have
already run this against all known
gemini servers and published the results
on my server. This is not an attempt to
shame anybody, my own server exposes
several failures that I now have to go
fix. But I think there are some
interesting insights to be gleaned about
how servers are implemented in practice,
and how the gemini spec might be
improved:

gemini://mozz.us/diagnostics/2020-01-08/

Some of the more interesting results:

- Every server uses "\n" line endings on
  their home page instead of "\r\n"
- No server will accept a URL without a
  scheme specified (per the spec, this
  should be implied as gemini://)
- All servers either disregard or screw
  up handling the specified max URL
  length of 1024 bytes.