NAME
gmitool - a Net::Gemini command line tool
SYNOPSIS
gmitool get [-A] [-C cert -K key] [-H sni-host] [-S] \
[-V peer|none] [-f] [-t seconds] \
gemini://example.org
gmitool link [-b base-url] < text-gemini-content
DESCRIPTION
gmitool offers various gemini protocol related utilities. It is part of the Net::Gemini module. Subcommands include:
get
Gets a gemini page and prints it to standard out, if all goes well (garbage in, garbage out). Options:
-A
-
Accept verified leaf certificates without going through the usual TOFU path, assuming that the certificate can be verified. Probably good with sites that use "Let's Encrypt" as these certificates change frequently and would otherwise need the use of the
-f
flag to force updates, and usually will (but may not) verify correctly. -C
certificate-file-
Client certificate file, use with
-K
for when gmitool must use a custom certificate. -K
key-file-
Client private key file, use with
-C
. -H
hostname-
Use the given hostname as the SNI host instead of the default that is taken from the URL given.
-S
-
Show various diagnostic information (the META field, redirects, etc).
-V
mode-
Specifies a custom certificate verification mode. By default Trust On First Use (TOFU) is used, which only checks the first leaf certificate against the
known_hosts
table.Verification modes include
peer
to verify the peer certificates (the full chain), andnone
to do no verification. There may be hostname verification regardless; SSL is pretty complicated. See also-A
.The
SSL_CERT_FILE
andSSL_CERT_DIR
environment variables can be used to customize the trusted certificate authority certificates. -f
-
Force update of TOFU certificates. Updates to the cache will not happen if
-A
is used and the certificate can be verified. -t
seconds-
Custom timeout for the connection, 30 seconds by default.
link
Extracts link from text/gemini input, and qualifies any relative links if the -b
option is given.
ENVIRONMENT
SSL_CERT_DIR
-
Custom directory for SSL certificate authority certificates. The default is the operating system (OS) default, which could be
/etc/ssl
or similar. Customize this and the next to specify that only certain certificate authorities should be trusted, as opposed to everything that ships with the OS by default.env SSL_CERT_DIR=/some/where SSL_CERT_FILE=/dev/null gmitool ...
SSL_CERT_FILE
-
Custom file for SSL certificate authorities.
FILES
~/.cache/gmitool/known_hosts
is where the TOFU records are stored. JSON format, UTF-8 encoding.
EXIT STATUS
The gmitool utility exits 0 on success, and >0 if an error occurs.
SEE ALSO
Net::Gemini, ftp(1), openssl(1), nc(1)
AUTHOR
Jeremy Mates