woofs works similar to Simon Budig's woof script, but uses SSL.
License
kisom/woofs
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Web Onetime Offer File Securely
--------------------------------------------------------------------------------
author: Kyle Isom <coder@kyleisom.net>
quick overview:
python program behaving the same as the woof script written by
Simon Budig <simon@budig.de> but providing SSL encryption.
license: dual ISC / public domain license. see LICENSE.
--------------------------------------------------------------------------------
what does it do?
woofs allows you to quickly offer a file for download on your machine. it offers
the ability to select the port and number of times the file can be downloaded
before the HTTPS server shuts down (which defaults to 1).
dependencies:
* argparse
--------------------------------------------------------------------------------
how do i use it?
the simplest way is to use something like this:
$ ./woofs.py --port 443 --downloads 2 file.tar.bz
this looks for a configuration file at ${HOME}/.config/woofs/config which should
look something like:
$ cat ~/.config/woofs/config
key: /etc/ssl/private/server.key
cert: /etc/ssl/server.crt
you can also specify a configuration file using the --config option, or a key
and certificate using --key and --cert to point to the files.
by default, woofs uses the internal LAN address (i.e. 192.168.1.2). you can
have it use your external IP address using --external.
you can also use gzip compression by using the --gzip (or -z).
the most likely cause of problems will be incorrect permissions - see the
section on permissions below.
--------------------------------------------------------------------------------
how do i generate ssl keys?
$ openssl genrsa -out ~/.woofs/server.key 2048
$ openssl req -new -key ~/.woofs/server.key -out ~/.woofs/server.csr
at this point you have two options -
1. submit the certificate signature request to a trusted CA, who will give
you a signed certificate in exchange for money, or
2. self-sign your certificate. there are a number of security issues here
but the easiest way around them is to have the end-user verify the SSL
fingerprint.
if you choose to self-sign, at this point you would need to issue the following:
$ openssl x509 -req -days 365 -in ~/.woofs/server.csr \
-signkey ~/.woofs/server.key -out ~/.woofs/server.crt
--------------------------------------------------------------------------------
a note on file permissions
it is critical that ~/.woofs (or whatever folder you put the key in) must have
secure permissions: i recommend the files inside have a mode of 0600, and the
directory have the permissions of 0700.
Files need to have secure permissions; the private files ('config' and the
private key) should be 0400 or 0600, while public files should be 644.
About
woofs works similar to Simon Budig's woof script, but uses SSL.
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published