Bouncycastle now works!

Several key changes:

 - Adding the bcprov dependency
 - Using the JDK 1.5 to JDK 1.8 lib (rather than 1.5 onwards)
 - Re-enabling the SunJCE provider (?)
 - Adding the Bouncy Castle provider (not just BouncyCastleJsseProvider)

And, crucially, downloading the Java 1.6 Export Control Crypto extensions
and putting them in the jre/lib/security folder of the Java 1.6 JDK.

Note that there are still warnings printed, and I'm not 100% sure what the true
minimum required is, but Gemini is now working on JDK 1.6, which is a first,
and allows Windows 2000 capabilities.
1a6bd5629d5f — Quintillus 3 years ago
First forays into the Bouncy Castle.

 - Compatible with JDK 1.6.
 - Included dependencies
 - Registered the BouncyCastle JSSE (Java Secure Sockets Exention) provider.  As I understand it, it's kind of like the ImageIO Service Provider Interface situation where providers can be registered.
 - De-registered the build-in Sun provider.
 - Added the JCE (Java Cryptography Extensions) dependency in the Gemini Client, so it can use advanced cryptography.

So far it's failing on "no usable cipher suites enabled".  I'm not really sure why, as when I look at this list of enabled ones, it has a bunch of the commonly-used ones, e.g. AES 256 with Galois Counter Mode.  Are they enabled but not usable somehow?
Specifically request TLS 1.2 when creating the SSLContext.

This allows using TLS 1.2 on JDK 1.7, and is required for our client to support OS X 10.7 Lion.

This *could* cause issues with TLS 1.3 servers, but it looks just as likely that our old "SSL" value would have.  I.e. this probably won't make things any worse.
c507ef5bcd0b — Quintillus 3 years ago
Support JDK 1.5.

This only required one change, and it was in our example, not the actual code.  Thus I'll continue the august tradition of supporting Windows 98 (and Windows 95, if you have the right JDK 1.5 installer).

On Mac, this also buys OS X 10.4 through 10.7, including PowerPC, over 1.8.
416a8eccd0f9 — Quintillus 3 years ago
#44 - Rename variable.
2c8f08532c04 — Quintillus 3 years ago
#44 - Load data correctly from servers that send all the data in one TCP packet.

Known examples include and  The technique is simply reading the whole response into a buffer, rather than reading one packet and assuming it's the header.
0557b6dddfc7 — Quintillus 3 years ago
Trim the end of the meta.

This prevents extra newlines in places where the meta is used, e.g. displaying the type of an input field to the user.
608d6a44d3c0 — Quintillus 3 years ago
#7 - Treat non-text formats as binary; download them into a separate structure.
218044a09f3b — Quintillus 3 years ago
Allow the meta to be used by consumers of this client.
6d319b9a8bb2 — Quintillus 3 years ago
#3 - Redirect on status 30 (temporary redirect) as well as 31 (permanent redirect).
43e6a3ea9c05 — Quintillus 3 years ago
#21 - Fix links on causing a crash.  There were two aspects of them that difffered from most others: not having a space after the =>, and having spaces in labels.

The URL support should now be much more robust.
069645613112 — Quintillus 3 years ago
Parse out the header meta data, and follow redirects (status 31).

Note that this does not yet implement the best practices for redirects, particularly loop detection and insecure redirect warnings.
cae6ba85e644 — Quintillus 3 years ago
Parse the status code integer out of the response.
bee9f1ec0ab1 — Quintillus 3 years ago
Fall back to regular contents if formatted ones aren't available.
93fdc9ab1286 — Quintillus 3 years ago
Add a formatted contents field.
11ae6fdaec63 — Quintillus 3 years ago
Let clients grab the URL so they can handle relative links.
999f576a5b30 — Quintillus 3 years ago
Add a LinkLine type, and a GeneralLine type as a placeholder.
bd58baec8273 — Quintillus 3 years ago
Refactor lines into their own package.  I'm planning to have a class for each line type, so each one, when constructed with a line of input, will parse out what it needs from the contents.
3a8c5d23e4ce — Quintillus 3 years ago
Put host extracting in its own method, handle URLs with the port explicitly specified (as long as it's 1965).
318115c48b62 — Quintillus 3 years ago
Don't hardcode the host for the socket to the main Gemini project page.  Determine it dynamically.