Adds basic functioning client cert, but always sends. Would prefer to only send on ask.

defaults.go

@@ -21,5 +21,7 @@ var defaultOptions = map[string]string{
 	"configlocation": userinfo.HomeDir,
 	"theme": "normal", // "normal", "inverted"
 	"terminalonly": "true",
+	"tlscertificate": "",
+	"tlskey": "",
 }
 

gemini/gemini.go

@@ -22,7 +22,9 @@ type Capsule struct {
 
 
 type TofuDigest struct {
-	certs  map[string]string
+	certs          map[string]string
+	ClientCert     tls.Certificate
+	UseClientCert  bool
 }
 
 
@@ -30,6 +32,16 @@ type TofuDigest struct {
 // + + +          R E C E I V E R S          + + + \\
 //--------------------------------------------------\\
 
+func (t *TofuDigest) LoadCertificate(cert, key string) {
+	validClientCert := true
+	certificate, err := tls.LoadX509KeyPair(cert, key)
+	if err != nil {
+		panic(err)
+	}
+	t.ClientCert = certificate
+	t.UseClientCert = validClientCert
+}
+
 func (t *TofuDigest) Purge(host string) error {
 	host = strings.ToLower(host)
 	if host == "*" {
@@ -144,6 +156,10 @@ func Retrieve(host, port, resource string, td *TofuDigest) (string, error) {
 		InsecureSkipVerify: true,
 	}
 
+	if td.UseClientCert {
+		conf.Certificates = []tls.Certificate{td.ClientCert}
+	}
+
 	conn, err := tls.Dial("tcp", addr, conf)
 	if err != nil {
 		return "", err
@@ -383,5 +399,5 @@ func MakeCapsule() Capsule {
 }
 
 func MakeTofuDigest() TofuDigest {
-	return TofuDigest{make(map[string]string)}
+	return TofuDigest{make(map[string]string), tls.Certificate{}, false}
 }

main.go

@@ -138,6 +138,9 @@ func initClient() error {
 	bombadillo = MakeClient("  ((( Bombadillo )))  ")
 	cui.SetCharMode()
 	err := loadConfig()
+	if bombadillo.Options["tlscertificate"] != "" && bombadillo.Options["tlskey"] != "" {
+		bombadillo.Certs.LoadCertificate(bombadillo.Options["tlscertificate"], bombadillo.Options["tlskey"])
+	}
 	return err
 }