Lib.rs

Network programminggday
#hole-punching #p2p #tcp-connection #punch #gday #command-line-tool #shared-secret #from-str #room-server

gday_hole_punch

Securely connect to a peer using TCP hole-punching

by manforowicz

7 releases (4 breaking)

Uses new Rust 2024

0.5.1 Sep 20, 2025
0.5.0 Sep 12, 2025
0.4.0 Jun 28, 2025
0.3.0 Dec 2, 2024
0.1.1 Jun 7, 2024

#2 in #punch

Download history 134/week @ 2025-06-25 11/week @ 2025-07-02 3/week @ 2025-07-09 141/week @ 2025-09-10 136/week @ 2025-09-17 23/week @ 2025-09-24 29/week @ 2025-10-01 7/week @ 2025-10-08

201 downloads per month
Used in 2 crates

MIT license

59KB
829 lines

Lets 2 peers, possibly behind NAT (network address translation), try to establish a direct authenticated TCP connection. Uses TCP hole punching and a helper gday_server to do this. This library is used by gday, a command line tool for sending files.

Example

#
//////// Peer 1 ////////

// Connect to a random server in the default server list
let (mut server_connection, server_id) =
    server_connector::connect_to_random_server(server_connector::DEFAULT_SERVERS)
        .await?;

// PeerCode useful for giving rendezvous info to peer,
// over an existing channel like email.
let peer_code = PeerCode::new(
    server_id,
    "roomcode".to_string(),
    "shared_secret".to_string(),
).unwrap();
let code_to_share = peer_code.to_string();

// Create a room in the server, and get my contact from it
let (my_contact, peer_contact_future) =
    share_contacts(&mut server_connection, peer_code.room_code(), true).await?;

// Wait for the server to send the peer's contact
let peer_contact = peer_contact_future.await?;

// Use TCP hole-punching to connect to the peer,
// verify their identity with the shared_secret,
// and get a cryptographically-secure shared key
let (tcp_stream, strong_key) = try_connect_to_peer(
    my_contact.local,
    peer_contact,
    peer_code.shared_secret(),
)
.await?;

//////// Peer 2 (on a different computer) ////////

// Get the peer_code that Peer 1 sent, for example
// over email.
let peer_code = PeerCode::from_str(&code_to_share)?;

// Connect to the same server as Peer 1
let mut server_connection = server_connector::connect_to_server_id(
    server_connector::DEFAULT_SERVERS,
    peer_code.server_id(),
)
.await?;

// Join the same room in the server, and get my local contact
let (my_contact, peer_contact_future) =
    share_contacts(&mut server_connection, peer_code.room_code(), false).await?;

let peer_contact = peer_contact_future.await?;

let (tcp_stream, strong_key) = try_connect_to_peer(
    my_contact.local,
    peer_contact,
    peer_code.shared_secret(),
)
.await?;

gday_hole_punch

Crates.io Version docs.rs

Lets peers behind NAT (network address translation) try to establish a direct authenticated TCP connection. Uses TCP hole punching and a helper gday_server to do this.

See the documentation.

Used by

  • gday - Command line tool for sending files.
  • gday_gui - GUI app for sending files.

Depends on

Dependencies

~13–28MB
~446K SLoC