Re: [leshan-dev] Time for a milestone release

[Simon Bernard <contact@xxxxxxxxxxxxxxx>]

    Ok I did the modification. It's ok now.
    Thx a lot Kai !
    (About the use of the PublicKey we just need it to verify if the
    couple client endpoint/publickey is valid. To avoid that a client
    which has a good public/private key at dtls level can usurp the
    identity of another client. We use the class PublicKey as it seems a
    good java abstraction for public key, we could also use a byte[] but
    is not so clear cause of the different key encoding formats)

Le 29/04/2015 09:35, Hudalla Kai (INST/ESY) a écrit :

Simon,

 

I have just pushed a commit to Scandium adding an accessor for the client’s PublicKey object to RawPublicKeyIdentity …

 

Regards,

Kai

 

From: leshan-dev-bounces@xxxxxxxxxxx [mailto:leshan-dev-bounces@xxxxxxxxxxx] On Behalf Of Simon Bernard
Sent: Tuesday, April 28, 2015 6:57 PM
To: leshan developer discussions
Subject: Re: [leshan-dev] Time for a milestone release

 

I create a branch on leshan for testing the snapshot version of californium/scandium.[1]

I made the change to use the new DtlsConnectorConfig.Builder.
=> It's ok. No surprise, as we already look at that together[2]

I also made the change to use the Request.getSenderIdentity().
=> It seems good :) this allow us to remove our  "crappy" SecureEndpoint Class. But we have a blocking issue, we do not have access to the raw public key as a  java.security.PublicKey Object [3].
=> There is also an indirect issue as we don't close the DTLS session anymore on deregister[4] and I believe the DTLS cleaning session issue is still opened [5].

[1]https://github.com/eclipse/leshan/tree/cf-integration
[2]https://bugs.eclipse.org/bugs/show_bug.cgi?id=464712
[3]https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54R135
[4]https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54L248
[5]https://github.com/eclipse/californium.scandium/commit/ef15043458acbbe4b82ac5b76ece72988e25263c#commitcomment-10238372

Le 22/04/2015 19:11, Kai a écrit :

Basically it is only the Request.getSenderIdentity() method in Californium wich can be used to acces the authenticated client's identity as a java.security.Principal. This way you do not need to retrieve the corresponding DTLSSession object from DTLSConnector anymore ...

 

Simon Bernard <contact@xxxxxxxxxxxxxxx> schrieb am Mi., 22. Apr. 2015 12:05:

Kai, I take a look quickly and I don't find the code corresponding to the new API you talk about.
Could you give us a link ? I will look at that.

Simon

 

Le 22/04/2015 11:52, Hudalla Kai (INST/ESY) a écrit :

I would love to  see leshan use the newly provided API in Cf’s Request to access the authenticated client’s identity for making authorization decisions.

However, in order to so we would need to create a new milestone release of Scandium and Californium as well (which I think we should do as well since I have made so many changes/improvements in Scandium).

Do think it would be worthwhile to take advantage of the new API?

 

Kai

 

 

From: leshan-dev-bounces@xxxxxxxxxxx [mailto:leshan-dev-bounces@xxxxxxxxxxx] On Behalf Of Julien Vermillard
Sent: Wednesday, April 22, 2015 9:39 AM
To: leshan developer discussions
Subject: [leshan-dev] Time for a milestone release

 

Hi,

A lot of buxfix landed in the master, I think it's time for another milestone release:

WDYT?

List of commits since last milestone:

* a9eae6a - (HEAD, origin/master, origin/HEAD, master) renamed methods because it's loading stream not files (il y a 6 minutes) <Julien Vermillard>
* e73facd - (origin/decode_tlv_one_instance, decode_tlv_one_instance) Decode TLV for one instance object request (il y a 16 heures) <Julien Vermillard>
* 49205f8 - don't shallow async response handling exceptions (il y a 18 heures) <Julien Vermillard>
* ef90727 - added object model for IPSO objects (il y a 6 jours) <Julien Vermillard>
* 688e743 - #8: fix bug (== instead of !=) (il y a 6 jours) <Simon Bernard>
* ce952b5 - Fix trace log (il y a 7 jours) <Manuel Sangoi>
* 29ac887 - Add some trace logs in the TLV decoder (il y a 7 jours) <Manuel Sangoi>
* 0419f1b - bug464043: Tests fail on Windows (il y a 8 jours) <Simon Bernard>
* ba70e4f - dump the TLV if a parse error occurs (il y a 8 jours) <Julien Vermillard>
* 0d9694f - avoid maven warnings by providing plugin version (il y a 2 semaines) <Alexander Ellwein>
* 348b530 - adjustments in import / export packages in pom.xml for osgi support (il y a 2 semaines) <ingo schaal>
* 1fd2cda - #8: Incorrect link objects are implicitly sent on update (il y a 4 semaines) <Simon Bernard>
* b409bea - add some checks on link object payload for register integration tests (il y a 4 semaines) <Simon Bernard>
* 19b0940 - add integration tests for discover (il y a 4 semaines) <Simon Bernard>
* 58d051d - fix registration and implement discover (without attributes) at client side. (il y a 4 semaines) <Simon Bernard>
* b32ac64 - ClientUpdate toString() (il y a 4 semaines) <Julien Vermillard>
* 64968dd - add API to be able to load model from stream (il y a 4 semaines) <Simon Bernard>
* 90c7e2a - Merge LinkFormatUtils in LinkObject (il y a 4 semaines) <Simon Bernard>
* 7a14736 - Remove the "close" of DTLS Session when register return FORBIDDEN (il y a 5 semaines) <Simon Bernard>
* 144beac - add Security Tests (Test RPK and PSK connection via DTLS) (il y a 5 semaines) <Simon Bernard>
* 834d61d - Refactor tests to prepare addition of SecurityTest (il y a 5 semaines) <Simon Bernard>
* 7d418e9 - restore RPK support (probably erased pending a previous merge) (il y a 5 semaines) <Simon Bernard>
* 439ecfd - add some TODOs (il y a 5 semaines) <Simon Bernard>
* 43c64fa - Move ResponseCallback from leshan-client-core to integration-tests (il y a 5 semaines) <Simon Bernard>
* bd5fec0 - Manage all exceptions in handleRequest (il y a 5 semaines) <Simon Bernard>
* 9969792 - always use free port for tests. (il y a 5 semaines) <Simon Bernard>
* a23e6a8 - fix java doc of LeshanClientExample (il y a 5 semaines) <Simon Bernard>
* d86fdc5 - LwM2mPath constructor accept now path which does not start by "/" (il y a 5 semaines) <Simon Bernard>
* b984fc5 - The client address setting is now optional. (il y a 5 semaines) <Simon Bernard>
* cf823de - fix licence and remove reference to github.com/jvermillard (il y a 6 semaines) <Simon Bernard>
* 83a56aa - Remove unused dependencies (il y a 6 semaines) <Simon Bernard>
* 05202b2 - Remove LwM2MServerMessageDeliverer (Use default MessageDeliverer) (il y a 6 semaines) <Simon Bernard>
* adb154c - Split leshan-client in 2 projects (leshan-client-core/leshan-client-cf) (il y a 6 semaines) <Simon Bernard>
* d1e9ec5 - Always run integration tests (remove integration profile for tests) (il y a 6 semaines) <Simon Bernard>
* a326851 - New client API (il y a 6 semaines) <Simon Bernard>

_______________________________________________

leshan-dev mailing list

leshan-dev@xxxxxxxxxxx

To change your delivery options, retrieve your password, or unsubscribe from this list, visit

https://dev.eclipse.org/mailman/listinfo/leshan-dev

 

_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev

_______________________________________________

leshan-dev mailing list

leshan-dev@xxxxxxxxxxx

To change your delivery options, retrieve your password, or unsubscribe from this list, visit

https://dev.eclipse.org/mailman/listinfo/leshan-dev

 

_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev