Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

woofs works similar to Simon Budig's woof script, but uses SSL.

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 .gitignore
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README
Octocat-spinner-32 TODO
Octocat-spinner-32 http_server.py
Octocat-spinner-32 index.tpl
Octocat-spinner-32 woofs.py
README
Web Onetime Offer File Securely
--------------------------------------------------------------------------------
author: Kyle Isom <coder@kyleisom.net>

quick overview:
python program behaving the same as the woof script written by 
Simon Budig <simon@budig.de> but providing SSL encryption.

license: dual ISC / public domain license. see LICENSE.


--------------------------------------------------------------------------------
what does it do?
woofs allows you to quickly offer a file for download on your machine. it offers
the ability to select the port and number of times the file can be downloaded
before the HTTPS server shuts down (which defaults to 1).

dependencies:
    * argparse


--------------------------------------------------------------------------------
how do i use it?
the simplest way is to use something like this:
$ ./woofs.py --port 443 --downloads 2 file.tar.bz

this looks for a configuration file at ${HOME}/.config/woofs/config which should
look something like:
$ cat ~/.config/woofs/config
key: /etc/ssl/private/server.key
cert: /etc/ssl/server.crt

you can also specify a configuration file using the --config option, or a key
and certificate using --key and --cert to point to the files.

by default, woofs uses the internal LAN address (i.e. 192.168.1.2). you can
have it use your external IP address using --external.

you can also use gzip compression by using the --gzip (or -z).

the most likely cause of problems will be incorrect permissions - see the
section on permissions below.


--------------------------------------------------------------------------------
how do i generate ssl keys?

$ openssl genrsa -out ~/.woofs/server.key 2048
$ openssl req -new -key ~/.woofs/server.key -out ~/.woofs/server.csr

at this point you have two options -
    1. submit the certificate signature request to a trusted CA, who will give
    you a signed certificate in exchange for money, or
    2. self-sign your certificate. there are a number of security issues here
    but the easiest way around them is to have the end-user verify the SSL
    fingerprint.

if you choose to self-sign, at this point you would need to issue the following:
$ openssl x509 -req -days 365 -in ~/.woofs/server.csr \
  -signkey ~/.woofs/server.key -out ~/.woofs/server.crt


--------------------------------------------------------------------------------
a note on file permissions

it is critical that ~/.woofs (or whatever folder you put the key in) must have
secure permissions: i recommend the files inside have a mode of 0600, and the
directory have the permissions of 0700.

Files need to have secure permissions; the private files ('config' and the
private key) should be 0400 or 0600, while public files should be 644.

Something went wrong with that request. Please try again.