How to run gemini clients via SOCKS5 (e.g. TOR)

After some discussions on the IRC channel, I decided to try how running a gemini client would work with SOCKS5 to be able to connect via TOR (though the same has other uses) and I found that most clients do not support SOCKS5 directly.

A few that worked for me include

Also other clients will work when running them with torify (didn' try any)

When using a HTTP CONNECT proxy instead of SOCKS5 in TOR, it is also possible to use clients that can access the network like that, I found that this works with openssl for example using the option s_client -proxy localhost:8118

For this to work, the option HTTPTunnelPort 8118 has to be added to torrc as the HTTP proxy is no longer active by default.

Then I decided to write a gemini proxy that accesses the upstream sites via SOCKS5, that turned out to be quite easy using Java Vert.x (It would likely work with e.g. Python just as well). The proxy runs on localhost:1965 and forwards all gemini requests to SOCKS5 and accesses them with the gemini protocol as well. This works fine but does not support client certs since that cannot be proxied. I could access 2 TOR gemini sites of different users like that.

Just to provide one example, this is the site of Jagtalon and it is only hosted exclusively on TOR as far as I know:

gemini://ofdi7adzugxpr2sm6hebzvyj653ya2yqxtvq4mgdcwts2bs2n72tf2yd.onion/

img/sockstor.png

The proxy project is available at

https://tildegit.org/alexlehm/gemini-socks5-proxy

Proxied content from gemini://gemini.lehmann.cx/using_socks.gmi

Gemini request details:

Original URL
gemini://gemini.lehmann.cx/using_socks.gmi
Status code
Success
Meta
text/gemini; lang=en
Proxied by
kineto

Be advised that no attempt was made to verify the remote SSL certificate.