coaps: x509 - dtls add: DTLS_MAX_FRAGMENT_LENGTH, DTLS_MAX_TRANSMISSION_UNIT

application/src/main/resources/thingsboard.yml

@@ -1302,6 +1302,10 @@ coap:
     # - A value between 0 and <= 4: SingleNodeConnectionIdGenerator is used
     # - A value that are > 4: MultiNodeConnectionIdGenerator is used
     connection_id_length: "${COAP_DTLS_CONNECTION_ID_LENGTH:}"
+    # Specify the MTU (Maximum Transmission Unit).
+    max_transmission_unit: "${COAP_DTLS_MAX_TRANSMISSION_UNIT:1024}"
+    # DTLS maximum fragment length (RFC 6066)
+    max_fragment_length: "${COAP_DTLS_MAX_FRAGMENT_LENGTH:1024}"
     # Server DTLS credentials
     credentials:
       # Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)

common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java

@@ -21,6 +21,7 @@ import org.eclipse.californium.elements.config.Configuration;
 import org.eclipse.californium.elements.util.SslContextUtil;
 import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
 import org.eclipse.californium.scandium.dtls.CertificateType;
+import org.eclipse.californium.scandium.dtls.MaxFragmentLengthExtension.Length;
 import org.eclipse.californium.scandium.dtls.x509.SingleCertificateProvider;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -44,6 +45,8 @@ import static org.eclipse.californium.elements.config.CertificateAuthenticationM
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_CLIENT_AUTHENTICATION_MODE;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_CONNECTION_ID_LENGTH;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_CONNECTION_ID_NODE_ID;
+import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_MAX_FRAGMENT_LENGTH;
+import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_MAX_TRANSMISSION_UNIT;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_ROLE;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DtlsRole.SERVER_ONLY;
@@ -66,6 +69,12 @@ public class TbCoapDtlsSettings {
     @Value("${coap.dtls.connection_id_length:}")
     private Integer cIdLength;
 
+    @Value("${coap.dtls.max_transmission_unit:}")
+    private Integer maxTransmissionUnit;
+
+    @Value("${coap.dtls.max_fragment_length:}")
+    private Integer maxFragmentLength;
+
     @Bean
     @ConfigurationProperties(prefix = "coap.dtls.credentials")
     public SslCredentialsConfig coapDtlsCredentials() {
@@ -108,6 +117,15 @@ public class TbCoapDtlsSettings {
                 configBuilder.set(DTLS_CONNECTION_ID_NODE_ID, null);
             }
         }
+        if (maxTransmissionUnit != null) {
+            configBuilder.set(DTLS_MAX_TRANSMISSION_UNIT, maxTransmissionUnit);
+        }
+        if (maxFragmentLength != null) {
+            Length length = fromLength(maxFragmentLength);
+            if (length != null) {
+                configBuilder.set(DTLS_MAX_FRAGMENT_LENGTH, fromLength(maxFragmentLength));
+            }
+        }
         configBuilder.setAdvancedCertificateVerifier(
                 new TbCoapDtlsCertificateVerifier(
                         transportService,
@@ -127,4 +145,14 @@ public class TbCoapDtlsSettings {
         return new InetSocketAddress(addr, port);
     }
 
+
+    private static Length fromLength(int length) {
+        for (Length l : Length.values()) {
+            if (l.length() == length) {
+                return l;
+            }
+        }
+        return null;
+    }
 }
+