From bbcd2ed047387ac64c9ff49f4844960e3fe350a8 Mon Sep 17 00:00:00 2001
From: nickAS21 <nick@thingsboard.io>
Date: Tue, 6 Sep 2022 17:50:09 +0300
Subject: [PATCH] coap. lem2m: add DTLS_RETRANSMISSION_TIMEOUT

---
 application/src/main/resources/thingsboard.yml               | 2 ++
 .../thingsboard/server/coapserver/TbCoapDtlsSettings.java    | 5 +++++
 .../lwm2m/bootstrap/LwM2MTransportBootstrapService.java      | 2 ++
 .../transport/lwm2m/config/LwM2MTransportServerConfig.java   | 4 ++++
 .../transport/lwm2m/server/DefaultLwM2mTransportService.java | 2 ++
 5 files changed, 15 insertions(+)

diff --git a/application/src/main/resources/thingsboard.yml b/application/src/main/resources/thingsboard.yml
index 83ff290476..f8fe300072 100644
--- a/application/src/main/resources/thingsboard.yml
+++ b/application/src/main/resources/thingsboard.yml
@@ -710,6 +710,8 @@ transport:
     dtls:
       # Enable/disable DTLS 1.2 support
       enabled: "${COAP_DTLS_ENABLED:false}"
+     # RFC7925_RETRANSMISSION_TIMEOUT_IN_MILLISECONDS = 9000
+      retransmission_timeout_in_sec: "${DTLS_RETRANSMISSION_TIMEOUT:9}"
       # CoAP DTLS bind address
       bind_address: "${COAP_DTLS_BIND_ADDRESS:0.0.0.0}"
       # CoAP DTLS bind port
diff --git a/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java b/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java
index 7d5c17bf6d..57b9db53cc 100644
--- a/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java
+++ b/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java
@@ -39,6 +39,7 @@ import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.UnknownHostException;
 import java.util.Collections;
+import java.util.concurrent.TimeUnit;
 
 @Slf4j
 @ConditionalOnProperty(prefix = "transport.coap.dtls", value = "enabled", havingValue = "true", matchIfMissing = false)
@@ -51,6 +52,9 @@ public class TbCoapDtlsSettings {
     @Value("${transport.coap.dtls.bind_port}")
     private Integer port;
 
+    @Value("${transport.coap.dtls.retransmission_timeout_in_sec}")
+    private Integer dtlsRetransmissionTimeoutInSec;
+
     @Bean
     @ConfigurationProperties(prefix = "transport.coap.dtls.credentials")
     public SslCredentialsConfig coapDtlsCredentials() {
@@ -84,6 +88,7 @@ public class TbCoapDtlsSettings {
                 new SslContextUtil.Credentials(sslCredentials.getPrivateKey(), null, sslCredentials.getCertificateChain());
         configBuilder.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
         configBuilder.set(DtlsConfig.DTLS_CLIENT_AUTHENTICATION_MODE, CertificateAuthenticationMode.WANTED);
+        configBuilder.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, dtlsRetransmissionTimeoutInSec, TimeUnit.SECONDS);
         configBuilder.setAdvancedCertificateVerifier(
                 new TbCoapDtlsCertificateVerifier(
                         transportService,
diff --git a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java
index b4572121a5..a526643953 100644
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java
@@ -36,6 +36,7 @@ import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig;
 import javax.annotation.PostConstruct;
 import javax.annotation.PreDestroy;
 import java.security.cert.X509Certificate;
+import java.util.concurrent.TimeUnit;
 
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CIPHER_SUITES_ONLY;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CURVES_ONLY;
@@ -89,6 +90,7 @@ public class LwM2MTransportBootstrapService {
         DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder(getCoapConfig(bootstrapConfig.getPort(), bootstrapConfig.getSecurePort(), serverConfig));
 
         dtlsConfig.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
+        dtlsConfig.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, serverConfig.getDtlsRetransmissionTimeoutInSec(), TimeUnit.SECONDS);
         dtlsConfig.set(DTLS_RECOMMENDED_CURVES_ONLY, serverConfig.isRecommendedSupportedGroups());
         dtlsConfig.set(DTLS_RECOMMENDED_CIPHER_SUITES_ONLY, serverConfig.isRecommendedCiphers());
 
diff --git a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java
index a9f75ff660..47ef84b9bb 100644
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java
@@ -37,6 +37,10 @@ import java.util.List;
 @ConfigurationProperties(prefix = "transport.lwm2m")
 public class LwM2MTransportServerConfig implements LwM2MSecureServerConfig {
 
+    @Getter
+    @Value("${transport.coap.dtls.retransmission_timeout_in_sec}")
+    private Integer dtlsRetransmissionTimeoutInSec;
+
     @Getter
     @Value("${transport.lwm2m.timeout:}")
     private Long timeout;
diff --git a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java
index e4a9a2492f..8849dbe10b 100644
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java
@@ -40,6 +40,7 @@ import org.thingsboard.server.transport.lwm2m.utils.LwM2mValueConverterImpl;
 
 import javax.annotation.PreDestroy;
 import java.security.cert.X509Certificate;
+import java.util.concurrent.TimeUnit;
 
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CIPHER_SUITES_ONLY;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CURVES_ONLY;
@@ -132,6 +133,7 @@ public class DefaultLwM2mTransportService implements LwM2MTransportService {
         DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder(getCoapConfig(config.getPort(), config.getSecurePort(), config));
 
         dtlsConfig.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
+        dtlsConfig.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, config.getDtlsRetransmissionTimeoutInSec(), TimeUnit.SECONDS);
         dtlsConfig.set(DTLS_RECOMMENDED_CURVES_ONLY, config.isRecommendedSupportedGroups());
         dtlsConfig.set(DTLS_RECOMMENDED_CIPHER_SUITES_ONLY, config.isRecommendedCiphers());