gRPC file sharing server and client with mTLS (mutual Transport Layer Security), which provides communications security over a computer network.
This project consists of gRPC server and client applications. Server and client are authenticated by mTLS (mutual Transport Layer Security) cryptographic protocol using server and client certificates. TLS encrypts data transfer between client and server so that external parties cannot spy on the communications.
Available features:
- list available files on server
- upload files to server
- download files from server
Read:
- how to build and install binaries
- how to run end-to-end tests and benchmarks
- about project's automated workflow
- about usage
If you want to build and run applications or tests, you need to install:
- Rust toolchain
- Cargo-make (Rust task runner and build tool)
cargo make buildcargo make build-releasecargo make install-servercargo make install-clientcargo make e2e-testscargo make e2e-benchThis project has GitHub Actions workflow, which:
- checks formatting
- checks lints
- checks if client and server binaries are building
- runs end-to-end tests
- runs end-to-end benchmarks
First, install server and client applications using Installing binaries instruction.
Now, you can use applications.
Below are presented example commands.
- Server help command
$ server --help
Usage: server [OPTIONS] --directory <DIRECTORY> --cert <CERT> --key <KEY> --ca-cert <CA_CERT>
Options:
-d, --directory <DIRECTORY>
-H, --address <ADDRESS> [default: 127.0.0.1]
-p, --port <PORT>
-v, --verbose <VERBOSE> [default: info]
--cert <CERT>
--key <KEY>
--ca-cert <CA_CERT>
-i, --insecure
-h, --help Print help information
-V, --version Print version information- Client help command
$ client --help
Usage: client [OPTIONS] --port <PORT> --cert <CERT> --key <KEY> --ca-cert <CA_CERT> <COMMAND>
Commands:
download
upload
list
help Print this message or the help of the given subcommand(s)
Options:
-H, --address <ADDRESS> [default: 127.0.0.1]
-p, --port <PORT>
-v, --verbose <VERBOSE> [default: info]
--cert <CERT>
--key <KEY>
--ca-cert <CA_CERT>
-i, --insecure
-h, --help Print help information
-V, --version Print version information-
Run server on IPv6 localhost address with 50051 port and /tmp/server path as server directory:
- mTLS secured
$ server --directory /tmp/server -p 50051 --address ::1 --cert secrets/server-cert.pem --key secrets/server-key.pem --ca-cert secrets/ca-cert.pem
- insecure
$ server --directory /tmp/server -p 50051 --address ::1 --insecure
-
List files command
- mTLS secured
$ client --port 50051 --address localhost --cert secrets/client-cert.pem --key secrets/client-key.pem --ca-cert secrets/ca-cert.pem list File name Size abc 12B abc2 0B
- insecure
$ client --port 50051 --address localhost --insecure list File name Size abc 12B abc2 0B
- list files
sequenceDiagram
actor User
participant Client
participant Server
User ->> Client: list files
Client ->> Server: gRPC ListFilesRequest
loop over all files on server side
Server ->> Client: gRPC ListFilesResponse
end
Client ->> User: print files list to stdout
- download file
sequenceDiagram
actor User
participant Client
participant Server
User ->> Client: download file
Client ->> Server: gRPC DownloadFileRequest
loop read next file's data chunk
Server ->> Client: gRPC DownloadFileResponse
Client ->> Client: save file's data chunk on disk
end
Client -->> User:#nbsp;
- upload file
sequenceDiagram
actor User
participant Client
participant Server
User ->> Client: upload file
loop read next file's data chunk
Client ->> Server: gRPC UploadFileRequest
Server ->> Server: save file's chunk data on disk
end
Server ->> Client: gRPC UploadFileResponse
Client -->> User:#nbsp;