Hello
I've experienced a seemingly strange error in the Leshan server. I'm implementing a DTLS library with which I try to establish a session with the Leshan server (leshan.eclipse.org,
port 5684) using PSK (TLS_PSK_WITH_AES_128_CCM_8), using an identity (testid) created at
http://leshan.eclipse.org/#/security.
If I use the correct identity, the server does not respond at all [1]. However, if I use an invalid identity (testid2), the server responds with an Alert message, telling me the handshake failed
[2].
To try to figure out if there's something wrong with the calculations, a college of mine installed a Leshan server (https://github.com/gebart/leshan-docker)
hoping to find something in the logs. After creating the same identity/key pair, the server displayed the same behavior as described above. However, looking at the logs [3], a strange error appears:
Aug 09, 2017 10:53:14 PM org.eclipse.californium.scandium.DTLSConnector terminateOngoingHandshake
INFO: Aborting handshake with peer [/90.224.165.60:5684]: Cannot authenticate client, identity [testid] is unknown
The error seems inverted somehow. It's when the correct id is used (testid), that no reply is returned (and the error is logged), while when an invalid id (testid2) is used, a correct alert message is
returned to the client (but nothing logged about it in the log).
What is happening here? And how do I proceed? Is the Leshan server supposed to reply? How do I find out if there's something wrong in the calculations, or if something else is wrong in the communication?
Or if an unexpected exception in the server caused it to abort the handshake (believing it was caused by an invalid identity)? Is there a way to get access to the debug log on leshan.eclipse.org for example? Or is there anybody with a working server that can
help me troubleshoot the communication?
Best regards,
Peter Waher
[1] Using identity testid. No reply from the Leshan server:
[2] Using invalid identity (testid2). Server responds with an alert message:
[3] Log:
2017-08-09 22:50:54,639 INFO LeshanBootstrapServer - Bootstrap server started at coap://0.0.0.0/0.0.0.0:5783, coaps://0.0.0.0/0.0.0.0:5784.
2017-08-09 22:50:55,076 INFO LeshanBootstrapServerDemo - Web server started at
http://172.17.0.16:8081/.
Aug 09, 2017 10:50:55 PM org.eclipse.californium.core.CoapServer start
INFO: Starting server
Aug 09, 2017 10:50:55 PM org.eclipse.californium.core.network.CoapEndpoint start
INFO: Starting endpoint at coap://0.0.0.0:5683
Aug 09, 2017 10:50:55 PM org.eclipse.californium.core.network.CoapEndpoint start
INFO: Started endpoint at coap://0.0.0.0:5683
Aug 09, 2017 10:50:55 PM org.eclipse.californium.core.network.CoapEndpoint start
INFO: Starting endpoint at coaps://0.0.0.0:5684
Aug 09, 2017 10:50:55 PM org.eclipse.californium.scandium.DTLSConnector start
INFO: DTLS connector listening on [0.0.0.0/0.0.0.0:5684] with MTU [1,280] using (inbound) datagram buffer size [16,474 bytes]
Aug 09, 2017 10:50:55 PM org.eclipse.californium.core.network.CoapEndpoint start
INFO: Started endpoint at coaps://0.0.0.0:5684
2017-08-09 22:50:55,147 INFO LeshanServer - LWM2M server started at coap://0.0.0.0/0.0.0.0:5683, coaps://0.0.0.0/0.0.0.0:5684.
2017-08-09 22:50:55,301 INFO LeshanServerDemo - Web server started at
http://172.17.0.16:8080/.
Aug 09, 2017 10:53:14 PM org.eclipse.californium.scandium.DTLSConnector terminateOngoingHandshake
INFO: Aborting handshake with peer [/90.224.165.60:5684]: Cannot authenticate client, identity [testid] is unknown
2017-08-09 22:56:13,007 ERROR FileSecurityStore - Could not save security infos to file
java.io.IOException: No such file or directory
at java.io.UnixFileSystem.createFileExclusively(Native Method) ~[?:1.8.0_141]
at java.io.File.createNewFile(File.java:1012) ~[?:1.8.0_141]
at org.eclipse.leshan.server.impl.FileSecurityStore.saveToFile(FileSecurityStore.java:119) [leshan-server-demo.jar:?]
at org.eclipse.leshan.server.impl.FileSecurityStore.add(FileSecurityStore.java:68) [leshan-server-demo.jar:?]
at org.eclipse.leshan.server.demo.servlet.SecurityServlet.doPut(SecurityServlet.java:87) [leshan-server-demo.jar:?]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) [leshan-server-demo.jar:?]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [leshan-server-demo.jar:?]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:738) [leshan-server-demo.jar:?]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:551) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [leshan-server-demo.jar:?]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:568) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1111) [leshan-server-demo.jar:?]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:478) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1045) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.Server.handle(Server.java:462) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:279) [leshan-server-demo.jar:?]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:232) [leshan-server-demo.jar:?]
at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:534) [leshan-server-demo.jar:?]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) [leshan-server-demo.jar:?]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) [leshan-server-demo.jar:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_141]