Comments (9)
sophokles73
commented on May 23, 2024
My understanding is that we are talking about an incoming CoAP request, right?
The problem here seems to be that (currently) Californium does not know whether the incoming request has been sent via coap or coaps. The problem is that Californium's CoAP layer is independent from the underlying transport layer so we will need to figure out a way for the CoAP layer to determine whether the Endpoint we have received the request on is secure (DTLS) or not.
from californium.
calif-devel
commented on May 23, 2024
Yes, you are right. Currently it is not possible to know if a request is coming from a coaps endpoint. So if a CoAP peer wants to send a follow up request to a peer, using the RDNodeResource.getContext(), sends in this new request as plain (non-DTLS) CoAP request to a port listening for DTLS CoAP requests.
In Class CoapEndpoint.InboxImpl where request object created, is this a valid fix?
if (raw.getCorrelationContext().get(DtlsCorrelationContext.KEY_SESSION_ID) != null) {
request.setScheme(CoAP.COAP_SECURE_URI_SCHEME);
} else {
request.setScheme(CoAP.COAP_URI_SCHEME);
}
request.setSource(raw.getAddress());
request.setSourcePort(raw.getPort());
request.setSenderIdentity(raw.getSenderIdentity());from californium.
calif-devel
commented on May 23, 2024
I guess additionally, RDNodeResource class need to be changed to take the request.getScheme() into consideration to properly set the RDNodeResource.context variable.
from californium.
sophokles73
commented on May 23, 2024
In Class
CoapEndpoint.InboxImplwhere request object created, is this a valid fix?
I had exactly the same idea :-)
However, I think we should encapsulate this test in RawData, e.g.
if (raw.isSecure()) {
request.setScheme(CoAP.COAP_SECURE_URI_SCHEME);
} else {
request.setScheme(CoAP.COAP_URI_SCHEME);
}
This way we do not expose too much of the underlying mechanism around CorrelationContext to upper layers ...
Would you like to create a PR? :-)
from californium.
mkovatsc
commented on May 23, 2024
I like the fix.
Another comment: Do not rely too much on the RD implementation. It was a contribution that has never been fully overhauled, and hence is of lower code quality... (yet I did some improvements a while ago).
This means, whenever you find something strange in the RD code, do not hesitate to ask about it! ;)
from californium.
calif-devel
commented on May 23, 2024
Fixed and submitted as Pull Request #42
from californium.
sophokles73
commented on May 23, 2024
I will take a look (and merge) tomorrow.
Thanks again, @calif-devel
from californium.
sophokles73
commented on May 23, 2024
Hi @calif-devel,
I guess you can now close this issue ... thanks again for contributing :-)
from californium.
calif-devel
commented on May 23, 2024
Thank you @sophokles73 and @mkovatsc for resolving this.
from californium.
Related Issues (20)
- Confirmable message with ACK with next message HOT 13
- Dealing with RESPONSE_MATCHING parameter on device (reverse engineering) HOT 2
- Minor Release 3.9.0 - Available HOT 11
- Why do DTLS_CONNECTOR_THREAD_COUNT and DTLS_RECEIVER_THREAD_COUNT default to 1? HOT 1
- IllegalStateException: automatic message IDs exhausted HOT 9
- FETCH and blockwise - Behavior change of Californium 3.8
- I have a question about simple file server HOT 15
- DatagramFilterExtended#onDrop called with not "full" Record HOT 5
- I used californium for Android 11, and there is some mistakes, and I don't understand why? HOT 5
- CoAP Request-Tag option Support HOT 2
- Add Sequence Token Generator ? HOT 3
- CoAP Echo option Support HOT 3
- Bugfix Release 3.9.1 - Available HOT 1
- I wanna save the whole logs of SenML JSON. HOT 7
- Demo certificates renewed
- Request response metrics - Experience using Azure Insights and Californium HOT 8
- Runtime dependency - logback 1.2 - CVE-2023-6378 fix available HOT 10
- Minor Release 3.10.0 - Available HOT 1
- Handshake with [x.x.x.x:xxxx] failed after session was established! Alert Protocol Level: FATAL Description: HANDSHAKE_FAILURE HOT 17
- Californium Deployment issues HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from californium.