dlfile is a very simple, straightforward CLI to download a file

Colin

Last update: Oct 21, 2022

Related tags

Command-line dlfile

Overview

dlfile

dlfile is a very simple, straightforward CLI to download a file, except it...

Only downloads over HTTPS
Requires TLS 1.2 or higher
Executes in a seccomp sandbox (linux only - no sandboxing provided on other platforms, PRs welcome)
Uses trust-dns, supporting DNS over TLS

Install

cargo install dlfile

Example

dlfile --min-tls=v1.3 \
       --from="https://sh.rustup.rs" \ 
       --to="./rustup.sh

Usage

dlfile 0.2.0

USAGE:
    dlfile [FLAGS] [OPTIONS] --from 
   
     --to 
    
     

FLAGS:
    -h, --help          Prints help information
        --no-sandbox    [UNSAFE] Indicates that you want to run without the default sandbox
    -V, --version       Prints version information

OPTIONS:
    -f, --from 
     
                  The fully qualified URL with an https scheme to download from [env: FROM=]
        --max-size 
      
           Maximum number of bytes to write to disk before aborting [env: MAX_SIZE=]  [default:
                                 1GB]
        --min-tls 
       
         Minimum tls version, one of `v1.2` or `v1.3` [env: MIN_TLS=] [default: v1.2] -t, --to 
        
          The file system path, including a file name, for where to write the file to [env: TO=]

Comments

Update dependencies and move to clap4

Updates dependencies such that cargo audit does not warn of any issues (previously there was an unmaintained crate).

Updates the clap code accordingly.

opened by colin-grapl 0
Embed SBOM into binary

To make it easier to determine if you're running a suitable version of dlfile we could embed the build information via cargo-auditable.

https://github.com/rust-secure-code/cargo-auditable

This is likely best implemented once there's Github Actions on this project to automate builds.

opened by insanitybit 0
Move to ureq from reqwest

ureq is a much smaller and simpler project than reqwest, and it relies on much less unsafe

Moving to ureq may also unblock: https://github.com/insanitybit/dlfile/issues/1

opened by insanitybit 0
Support hash verification

Lots of guides will pin a download to a hash that's provided out of band. It seems reasonable to perform the hashing as we download, which would save having to do a second pass.

A CLI argument like: --hash="sha256:13550350a8681c84c861aac2e5b440161c2b33a3e4f302ac680ca5b686de48de" Or --hahes="./file_with_hashes" would be straightforward to implement.

opened by insanitybit 0
Detect root
There are two reasons one might run dlfile as root.

By mistake. Happens all the time with curl and other cli tools.

On purpose so that dlfile can write out to a privileged file.

I think in an ideal world (2) wouldn't happen. Instead dlfile would pipe the data to /dev/stdout and then another tool would handle the writing of the file. That said, it's probably worth supporting it.

Further, given root, we can perform more sandboxing. I don't want dlfile to be a setuid or something like that, but if we do run as root we can access namespaces, chroot, etc. This would significantly improve the sandbox.
opened by insanitybit 0
Improve seccomp sandboxing

Right now a lot of system calls are allowed and there's very little we can do to restrict their arguments (because they are strings).

That said, if we split out the HTTP and DNS stages we can perform DNS upfront, drop privileges, and then perform the HTTP work.

Further, if we use hyper instead of reqwest we may be able to pre-allocate the socket, which would mean I can remove all of the open system calls.

opened by insanitybit 0

Releases(0.5.0)

0.5.0(Oct 16, 2022)

Updates dependencies in Cargo.lock, including moving to Clap 4.
Source code(tar.gz)
Source code(zip)

Owner

Colin

GitHub

A simple CLI to build VEXCode V5 Pro projects and download them to the V5 brain.

vexer A simple CLI to build VEXCode V5 Pro projects and download them to the V5 brain. (WIP) This currently is only tested on and only works on window

2 May 16, 2022

A cli tool to download specific GitHub directories or files

cloneit A cli tool to download specific GitHub directories or files. Installation From git git clone https://github.com/alok8bb/cloneit cd cloneit car

54 Dec 20, 2022

CLI tool and crate to download FTDC data from mongodb clusters.

Download mongodb FTDC data Command line tool and lib crate to download FTDC data from mongodb clusters to investigate with e.g. keyhole. Crate For the

0 Nov 7, 2021

cli application to visualize crate download metrics.

2 Dec 13, 2022

A cli tool to download Imperial DoC past papers 🦀

Exams DoC Downloader A cli tool to download past papers from exams.doc.ic.ac.uk. An excercise in procrastination, written in Rust ?? . This currently

3 Apr 8, 2022

Multi-protocol CLI download accelerator

dlrs dlrs is a multi-protocol download tool for the command line. Written in Rust, dlrs splits your downloads to speed them up where possible. Feature

7 Aug 7, 2023

A cli tool to automatically download and upload advent of code problems.

Advent of Code CLI CLI client for advent of code. The purpose of this tool is so you don't have to leave your editor while participating (if you are l

43 Dec 7, 2023

A cli based pastebin in Rust, but very insecure

pasta A cli based pastebin in Rust, but very insecure Use nightly toolchain to build rustup override set nightly When this program is running, you can

3 Mar 25, 2022

A simple, fast and interruptable download accelerator, written in Rust

snatch A simple, fast and interruptable download accelerator, written in Rust WARNING This project is no longer maintained by @k0pernicus and @jean-se

657 Jan 3, 2023

A very simple third-party cargo subcommand to execute a custom command

cargo-x A very simple third-party cargo subcommand to execute a custom command Usage install cargo-x cargo install cargo-x or upgrade cargo install -

9 Dec 26, 2022

F-Fetch targets low systems. Written in Rust. It's very simple, designed so you can pick it up and replace it.

F-Fetch F-Fetch targets low systems. Written in Rust. It's very simple, designed so you can pick it up and replace it. First Look ~/.config/ffetch/con

3 Jul 10, 2023

Download binary for your OS from Github

github-bin-downloader Download binary for your OS from Github. Installation Install github-bin-downloader using cargo cargo install github-bin-downloa

10 Dec 11, 2022

Cross-platform terminal program to download IEEE journals

IEEE Journal Downloader A cross-platform terminal program which tries to download every article in a specified journal and merge the documents into on

18 Jul 23, 2022

Nazuna - 🐦 Download Twitter videos using your terminal!

Nazuna ?? Download Twitter videos using your terminal! Installation Binary Download the desired file for your OS (Windows, Mac, Linux) from https://gi

27 Nov 22, 2022

Use the osu!direct button on the osu! website to download beatmaps directly to osu

osum!direct-web Use the osu!direct button on the osu! website to download beatmaps directly to osu! - without osu! supporter. Badges Usage Run the app

1 Jan 21, 2022

Download pdbs from symbol servers and cache locally, parse symbol paths from env vars

symsrv This crate lets you download and cache pdb files from symbol servers, according to the rules from the _NT_SYMBOL_PATH environment variable. It

6 Sep 15, 2022

Download your Stripe account to a SQLite database.

tdog tdog is a CLI to download your Stripe account to a SQLite database. table.dog Sponsor development Install # macOS: curl -L --output /usr/local/bi

16 Oct 10, 2022

🧰 Download pre-built binaries of all your favourite tools with a single command

tool-sync tool-sync is a CLI tool that solves one problem: ?? Download pre-built binaries of all your favourite tools with a single command. tool-sync

50 Jan 1, 2023

Periodically download a youtube playlist, extract audio, convert to mp3, move to directory (possibly synced using syncthing).

auto-dl Periodically download a youtube playlist, extract audio, convert to mp3, move to directory (possibly synced using syncthing). drop https://git

10 Jan 12, 2023

dlfile is a very simple, straightforward CLI to download a file

Related tags

Overview

dlfile

Install

Example

Usage

Comments

Update dependencies and move to clap4

Embed SBOM into binary

Move to ureq from reqwest

Support hash verification

Detect root

Improve seccomp sandboxing

Releases(0.5.0)

0.5.0(Oct 16, 2022)

Owner

Colin

A simple CLI to build VEXCode V5 Pro projects and download them to the V5 brain.

A cli tool to download specific GitHub directories or files

CLI tool and crate to download FTDC data from mongodb clusters.

cli application to visualize crate download metrics.

A cli tool to download Imperial DoC past papers 🦀

Multi-protocol CLI download accelerator

A cli tool to automatically download and upload advent of code problems.

A cli based pastebin in Rust, but very insecure

A simple, fast and interruptable download accelerator, written in Rust

A very simple third-party cargo subcommand to execute a custom command

F-Fetch targets low systems. Written in Rust. It's very simple, designed so you can pick it up and replace it.

Download binary for your OS from Github

Cross-platform terminal program to download IEEE journals

Nazuna - 🐦 Download Twitter videos using your terminal!

Use the osu!direct button on the osu! website to download beatmaps directly to osu

Download pdbs from symbol servers and cache locally, parse symbol paths from env vars

Download your Stripe account to a SQLite database.

🧰 Download pre-built binaries of all your favourite tools with a single command

Periodically download a youtube playlist, extract audio, convert to mp3, move to directory (possibly synced using syncthing).