Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [leshan-dev] Time for a milestone release

Hi Simon,

 

that’s good news J I have added comments below …

 

Regards,

Kai

 

 

From: leshan-dev-bounces@xxxxxxxxxxx [mailto:leshan-dev-bounces@xxxxxxxxxxx] On Behalf Of Simon Bernard
Sent: Tuesday, April 28, 2015 6:57 PM
To: leshan developer discussions
Subject: Re: [leshan-dev] Time for a milestone release

 

I create a branch on leshan for testing the snapshot version of californium/scandium.[1]

I made the change to use the new DtlsConnectorConfig.Builder.
=> It's ok. No surprise, as we already look at that together[2]

I also made the change to use the Request.getSenderIdentity().
=> It seems good :) this allow us to remove our  "crappy" SecureEndpoint Class. But we have a blocking issue, we do not have access to the raw public key as a  java.security.PublicKey Object [3].

[Hudalla Kai (INST/ESY)] That’s true. However, you can still re-create a PublicKey object from the subjectInfo structure returned by RawPublicKeyIdentity.getSubjectInfo() like this:

            byte[] subjectInfo = rawPublicKeyIdentity.getSubjectInfo();

           

            KeyFactory factory = KeyFactory.getInstance("EC");

            KeySpec spec = new X509EncodedKeySpec(subjectInfo);

            PublicKey publicKey = factory.generatePublic(spec);

 

We could also incorporate the code into the RawPublicKeyIdentity class (e.g. a asPublicKey() method). But may I ask why you need access to the PublicKey?


=> There is also an indirect issue as we don't close the DTLS session anymore on deregister[4] and I believe the DTLS cleaning session issue is still opened [5].

[Hudalla Kai (INST/ESY)] Yes, I have not yet started to add housekeeping of stale sessions.

[1]
https://github.com/eclipse/leshan/tree/cf-integration
[2]
https://bugs.eclipse.org/bugs/show_bug.cgi?id=464712
[3]
https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54R135
[4]
https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54L248
[5]
https://github.com/eclipse/californium.scandium/commit/ef15043458acbbe4b82ac5b76ece72988e25263c#commitcomment-10238372

Le 22/04/2015 19:11, Kai a écrit :

Basically it is only the Request.getSenderIdentity() method in Californium wich can be used to acces the authenticated client's identity as a java.security.Principal. This way you do not need to retrieve the corresponding DTLSSession object from DTLSConnector anymore ...

 

Simon Bernard <contact@xxxxxxxxxxxxxxx> schrieb am Mi., 22. Apr. 2015 12:05:

Kai, I take a look quickly and I don't find the code corresponding to the new API you talk about.
Could you give us a link ? I will look at that.



Simon

 

Le 22/04/2015 11:52, Hudalla Kai (INST/ESY) a écrit :

I would love to  see leshan use the newly provided API in Cf’s Request to access the authenticated client’s identity for making authorization decisions.

However, in order to so we would need to create a new milestone release of Scandium and Californium as well (which I think we should do as well since I have made so many changes/improvements in Scandium).

Do think it would be worthwhile to take advantage of the new API?

 

Kai

 

 

From: leshan-dev-bounces@xxxxxxxxxxx [mailto:leshan-dev-bounces@xxxxxxxxxxx] On Behalf Of Julien Vermillard
Sent: Wednesday, April 22, 2015 9:39 AM
To: leshan developer discussions
Subject: [leshan-dev] Time for a milestone release

 

Hi,

A lot of buxfix landed in the master, I think it's time for another milestone release:

WDYT?

List of commits since last milestone:

* a9eae6a - (HEAD, origin/master, origin/HEAD, master) renamed methods because it's loading stream not files (il y a 6 minutes) <Julien Vermillard>
* e73facd - (origin/decode_tlv_one_instance, decode_tlv_one_instance) Decode TLV for one instance object request (il y a 16 heures) <Julien Vermillard>
* 49205f8 - don't shallow async response handling exceptions (il y a 18 heures) <Julien Vermillard>
* ef90727 - added object model for IPSO objects (il y a 6 jours) <Julien Vermillard>
* 688e743 - #8: fix bug (== instead of !=) (il y a 6 jours) <Simon Bernard>
* ce952b5 - Fix trace log (il y a 7 jours) <Manuel Sangoi>
* 29ac887 - Add some trace logs in the TLV decoder (il y a 7 jours) <Manuel Sangoi>
* 0419f1b - bug464043: Tests fail on Windows (il y a 8 jours) <Simon Bernard>
* ba70e4f - dump the TLV if a parse error occurs (il y a 8 jours) <Julien Vermillard>
* 0d9694f - avoid maven warnings by providing plugin version (il y a 2 semaines) <Alexander Ellwein>
* 348b530 - adjustments in import / export packages in pom.xml for osgi support (il y a 2 semaines) <ingo schaal>
* 1fd2cda - #8: Incorrect link objects are implicitly sent on update (il y a 4 semaines) <Simon Bernard>
* b409bea - add some checks on link object payload for register integration tests (il y a 4 semaines) <Simon Bernard>
* 19b0940 - add integration tests for discover (il y a 4 semaines) <Simon Bernard>
* 58d051d - fix registration and implement discover (without attributes) at client side. (il y a 4 semaines) <Simon Bernard>
* b32ac64 - ClientUpdate toString() (il y a 4 semaines) <Julien Vermillard>
* 64968dd - add API to be able to load model from stream (il y a 4 semaines) <Simon Bernard>
* 90c7e2a - Merge LinkFormatUtils in LinkObject (il y a 4 semaines) <Simon Bernard>
* 7a14736 - Remove the "close" of DTLS Session when register return FORBIDDEN (il y a 5 semaines) <Simon Bernard>
* 144beac - add Security Tests (Test RPK and PSK connection via DTLS) (il y a 5 semaines) <Simon Bernard>
* 834d61d - Refactor tests to prepare addition of SecurityTest (il y a 5 semaines) <Simon Bernard>
* 7d418e9 - restore RPK support (probably erased pending a previous merge) (il y a 5 semaines) <Simon Bernard>
* 439ecfd - add some TODOs (il y a 5 semaines) <Simon Bernard>
* 43c64fa - Move ResponseCallback from leshan-client-core to integration-tests (il y a 5 semaines) <Simon Bernard>
* bd5fec0 - Manage all exceptions in handleRequest (il y a 5 semaines) <Simon Bernard>
* 9969792 - always use free port for tests. (il y a 5 semaines) <Simon Bernard>
* a23e6a8 - fix java doc of LeshanClientExample (il y a 5 semaines) <Simon Bernard>
* d86fdc5 - LwM2mPath constructor accept now path which does not start by "/" (il y a 5 semaines) <Simon Bernard>
* b984fc5 - The client address setting is now optional. (il y a 5 semaines) <Simon Bernard>
* cf823de - fix licence and remove reference to github.com/jvermillard (il y a 6 semaines) <Simon Bernard>
* 83a56aa - Remove unused dependencies (il y a 6 semaines) <Simon Bernard>
* 05202b2 - Remove LwM2MServerMessageDeliverer (Use default MessageDeliverer) (il y a 6 semaines) <Simon Bernard>
* adb154c - Split leshan-client in 2 projects (leshan-client-core/leshan-client-cf) (il y a 6 semaines) <Simon Bernard>
* d1e9ec5 - Always run integration tests (remove integration profile for tests) (il y a 6 semaines) <Simon Bernard>
* a326851 - New client API (il y a 6 semaines) <Simon Bernard>



_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev

 

_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev




_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev

 


Back to the top