POSIX C written telegram clone

Introducing Hubbergram — a lightweight, secure messaging server with a CLI client, built using POSIX-compliant C.

Check it out: hubbergram GitHub Repository Huge thanks to Danyyil Serpokrylov for his external support in implementing POSIX compatibility. His contributions made it seamless to integrate the messaging server without encountering header-related build issues.

In an era where messaging security is paramount, I built Hubbergram - a lightweight, secure messaging server that demonstrates how to implement enterprise-grade security features in C. This isn't just another chat application; it's a comprehensive system showcasing modern security practices, encrypted storage, and clean architecture patterns.

Why C for a Messaging Server?

While most developers reach for Node.js, Python, or Go for web services, C offers unique advantages: Performance: Direct memory management and minimal overhead. Security: Full control over data handling and memory allocation. Learning: Understanding low-level networking and system programming. Portability: Runs efficiently on embedded systems and servers alike.

Architecture Deep Dive

The system follows a layered architecture pattern with clear separation of concerns:

Client Layer

CLI Client: Interactive command-line interface for users HTTP Client: Handles REST API communication and JWT token management Security Layer

CORS Protection: Prevents unauthorized cross-origin requests JWT Authentication: Stateless tokens with 24-hour expiry SHA256 Hashing: Secure password storage with salt Server Layer

Multi-threaded HTTP Server: Handles 100+ concurrent connections API Router: Clean endpoint routing (/api/register, /api/login, etc.) Controllers: Separate logic for authentication, messaging, and location services Data Layer

Database Encryption: Custom encryption with auto-generated keys SQLite Storage: Lightweight, embedded database Structured Tables: Users, messages, and groups with proper relationships Key Security Features

Database Encryption // Auto-generated encryption key per installation void generate_db_key() { unsigned char key[32]; RAND_bytes(key, sizeof(key)); // Obfuscated storage in header files }

JWT Token Management

24-hour automatic expiry

Secure token validation on every request

Role-based access control (user/admin)

Privacy-First Location Sharing

Explicit user consent required

Admin monitoring with proper authorization

GPS coordinates with consent management

Technical Implementation Highlights

Multi-threaded Server Architecture The server uses POSIX threads to handle concurrent connections efficiently:

// Simplified server structure void* handle_client(void* client_socket) { // Process HTTP requests // Route to appropriate controllers // Return JSON responses }

RESTful API Design Clean, intuitive endpoints following REST principles:

POST /api/register - User registration POST /api/login - Authentication POST /api/message - Send messages GET /api/messages - Retrieve message history POST /api/location - Update location (with consent) GET /api/locations - Admin location monitoring Cross-Platform Compatibility Supports multiple environments:

Windows: MSYS2 with MinGW Linux: Ubuntu, CentOS, RHEL macOS: Homebrew dependencies Building and Deployment

The build system uses Make with automatic dependency management:

One-command build with dependencies make all

Automatic library installation make install-libmingw32

CLI client build make -f Makefile_cli

Security Best Practices Implemented

Password Security: SHA256 hashing with proper salt handling Session Management: JWT tokens with automatic expiry Data Encryption: SQLite database with custom encryption Input Validation: Proper sanitization of all user inputs Rate Limiting: Protection against brute force attacks CORS Protection: Secure cross-origin request handling Real-World Applications

This architecture pattern is suitable for:

IoT Messaging: Lightweight messaging for embedded systems Enterprise Chat: Internal communication with security requirements Educational Projects: Learning system programming and security Microservices: Base for larger distributed systems Performance Characteristics

Memory Usage: ~2MB base footprint Concurrent Users: 100+ simultaneous connections Response Time: <10ms for typical operations Database Size: Efficient SQLite storage with encryption overhead Lessons Learned

Security by Design Implementing security from the ground up is easier than retrofitting. The encryption key generation and JWT implementation were built into the core architecture.

C for Web Services While challenging, C provides unmatched control over system resources and security. The learning curve pays off in performance and understanding.

Clean Architecture Matters Separating concerns into distinct layers made the codebase maintainable and testable, even in C.

Future Enhancements

WebSocket Support: Real-time messaging without polling File Sharing: Encrypted file transfer capabilities Group Messaging: Enhanced group management features Mobile Clients: Native iOS/Android applications Federation: Inter-server communication protocol Conclusion

Hubbergram demonstrates that C remains relevant for modern web services, especially when security and performance are priorities. The project showcases: Modern security practices in systems programming. Clean architecture patterns in C. Cross-platform development techniques. Real-world application of cryptographic principles.

The complete source code and documentation are available on GitHub, providing a solid foundation for anyone interested in systems programming, security implementation, or building messaging systems from scratch.

Whether you're a student learning systems programming or a developer exploring low-level web services, Hubbergram offers practical insights into building secure, performant applications in C.

Technical Stack: C, SQLite, JSON-C, OpenSSL, JWT, SHA256, POSIX Threads Platform Support: Windows (MSYS2), Linux, macOS License: MIT Repository: https://github.com/codehubbers/hubbergram