simplify code; add Agunua to required dependecies

2022-08-07 00:00:00 +00:00 · 2022-08-07 00:00:00 +00:00 · a43efbcbf7
parent 8342535886
commit a43efbcbf7
2 changed files with 14 additions and 34 deletions
--- a/README.md
+++ b/README.md
@ -17,9 +17,9 @@ Trust stores generated by these scripts can be found at https://tildegit.org/ner

 ## Dependencies

-Required: [OpenSSL](https://www.openssl.org/), [idn](https://www.gnu.org/software/libidn/)
+Required: [OpenSSL](https://www.openssl.org/), [idn](https://www.gnu.org/software/libidn/), [Agunua](https://framagit.org/bortzmeyer/agunua).

-Optional: [torsocks](https://packages.debian.org/buster/torsocks) (for .onion capsules and for double-checking certificates using a different network perspective) and [Agunua](https://framagit.org/bortzmeyer/agunua) (for downloading host lists more securely).
+Optional: [torsocks](https://packages.debian.org/buster/torsocks) (for .onion capsules and for double-checking certificates using a different network perspective).

 To install them in Debian, run: `sudo apt install openssl idn torsocks` and `pip3 install agunua`.

--- a/get-hosts.sh
+++ b/get-hosts.sh
@ -11,38 +11,18 @@ set -o nounset  # (-u) don't accept undefined variables
 # Go where this script is.
 cd "$(dirname "$0")" || exit

-# If Agunua is installed, use it.
-if command -v agunua >/dev/null; then
-  # Using Agunua is more secure, because it does certificate pinning.
-  hosts1=$(agunua --binary --maximum-time 20 \
-    gemini://geminispace.info/known-hosts 2>/dev/null \
-    | grep "gemini://" | cut -d ' ' -f 3)
-  if [ -z "$hosts1" ]; then
-    >&2 echo "geminispace.info/known-hosts download failed."
-    exit 1
-  fi
-  hosts2=$(agunua --binary --maximum-time 20 \
-    gemini://gemini.bortzmeyer.org/software/lupa/lupa-capsules.txt 2>/dev/null)
-  if [ -z "$hosts2" ]; then
-    >&2 echo "lupa-capsules.txt download failed."
-    exit 1
-  fi
-else
-  # If Agunua is not installed, pipe the request into OpenSSL s_client.
-  hosts1=$(printf "gemini://geminispace.info/known-hosts\r\n" \
-    | timeout 20 openssl s_client -quiet -connect "geminispace.info:1965" 2>/dev/null \
-    | grep "gemini://" | cut -d ' ' -f 3)
-  if [ -z "$hosts1" ]; then
-    >&2 echo "geminispace.info/known-hosts download failed."
-    exit 1
-  fi
-  hosts2=$(printf "gemini://gemini.bortzmeyer.org/software/lupa/lupa-capsules.txt\r\n" \
-    | timeout 20 openssl s_client -quiet -connect "gemini.bortzmeyer.org:1965" 2>/dev/null \
-    | tail -n +2)
-  if [ -z "$hosts2" ]; then
-    >&2 echo "lupa-capsules.txt download failed."
-    exit 1
-  fi
+hosts1=$(agunua --binary --maximum-time 20 \
+  gemini://geminispace.info/known-hosts 2>/dev/null \
+  | grep "gemini://" | cut -d ' ' -f 3)
+if [ -z "$hosts1" ]; then
+  >&2 echo "geminispace.info/known-hosts download failed."
+  exit 1
+fi
+hosts2=$(agunua --binary --maximum-time 20 \
+  gemini://gemini.bortzmeyer.org/software/lupa/lupa-capsules.txt 2>/dev/null)
+if [ -z "$hosts2" ]; then
+  >&2 echo "lupa-capsules.txt download failed."
+  exit 1
 fi

 # Concatenate the two files.