Sekurŝranko, an efficient and memory-safe Threema Safe server implementation in Rust.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
src
tests
.dockerignore
.gitignore
Cargo.lock
Cargo.toml
Dockerfile
LICENSE-APACHE
LICENSE-MIT
README.md
config.example.toml
safe.png

README.md

Sekurŝranko

Icon

CircleCI Rust

An efficient and memory-safe Threema Safe server implementation written in Rust.

This is a private project, not developed nor endorsed by Threema GmbH.

The server spec can be found in the Cryptography Whitepaper.

Status

Work in progress. The core functionality is implemented, but some additional things like throttling or expiration still need to be handled. Currently, the server needs to be manually compiled, but in the future binary builds will be provided.

  • Request config
  • Download backups
  • Upload backups
  • Delete backups
  • Settings configurable by user
  • User agent validation
  • Throttling
  • Automatic cleanup of expired backups

Building

Sekurŝranko requires at least Rust 1.31.

To make a release build:

cargo build --release

You will find the binary at target/release/sekursranko.

Testing

Sekurŝranko is thoroughly covered by unit tests and integration tests.

To run the tests:

cargo test

In case you want to enable logging:

RUST_LOG=sekursranko=trace cargo test

To run linting:

rustup component add clippy
cargo clippy --all-targets --all-features

Running

Simply execute the binary with the -c or --config argument:

./sekursranko --config config.toml

You can find an example configfile in this repository at config.example.toml.

Configure logging using the RUST_LOG env var:

RUST_LOG=sekursranko=debug ./sekursranko -c config.toml

Deployment

Sekurŝranko is meant to be run behind a reverse proxy (e.g. Nginx) that does TLS termination. That's why it currently doesn't support TLS directly.

Note that you cannot backup to a server without TLS from the Threema app.

Name

The name of this project is the Esperanto word for "safe". English-speaking people might recognize the "sekur-" prefix (-> secure), and German-speaking people might recognize the "-ŝranko" suffix (-> "Schrank", a cabinet).

License

Licensed under either of

Contributing

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.