coap. lem2m: add DTLS_RETRANSMISSION_TIMEOUT

2022-09-06 17:50:09 +03:00 · 2022-09-06 17:50:09 +03:00 · bbcd2ed047
commit bbcd2ed047
parent 5891a1df65
5 changed files with 15 additions and 0 deletions
--- a/application/src/main/resources/thingsboard.yml
+++ b/application/src/main/resources/thingsboard.yml
@ -710,6 +710,8 @@ transport:
    dtls:
      # Enable/disable DTLS 1.2 support
      enabled: "${COAP_DTLS_ENABLED:false}"
+     # RFC7925_RETRANSMISSION_TIMEOUT_IN_MILLISECONDS = 9000
+      retransmission_timeout_in_sec: "${DTLS_RETRANSMISSION_TIMEOUT:9}"
      # CoAP DTLS bind address
      bind_address: "${COAP_DTLS_BIND_ADDRESS:0.0.0.0}"
      # CoAP DTLS bind port
--- a/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java
+++ b/common/coap-server/src/main/java/org/thingsboard/server/coapserver/TbCoapDtlsSettings.java
@ -39,6 +39,7 @@ import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.UnknownHostException;
 import java.util.Collections;
+import java.util.concurrent.TimeUnit;

@Slf4j
@ConditionalOnProperty(prefix = "transport.coap.dtls", value = "enabled", havingValue = "true", matchIfMissing = false)
@ -51,6 +52,9 @@ public class TbCoapDtlsSettings {
    @Value("${transport.coap.dtls.bind_port}")
    private Integer port;

+    @Value("${transport.coap.dtls.retransmission_timeout_in_sec}")
+    private Integer dtlsRetransmissionTimeoutInSec;
+
    @Bean
    @ConfigurationProperties(prefix = "transport.coap.dtls.credentials")
    public SslCredentialsConfig coapDtlsCredentials() {
@ -84,6 +88,7 @@ public class TbCoapDtlsSettings {
                new SslContextUtil.Credentials(sslCredentials.getPrivateKey(), null, sslCredentials.getCertificateChain());
        configBuilder.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
        configBuilder.set(DtlsConfig.DTLS_CLIENT_AUTHENTICATION_MODE, CertificateAuthenticationMode.WANTED);
+        configBuilder.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, dtlsRetransmissionTimeoutInSec, TimeUnit.SECONDS);
        configBuilder.setAdvancedCertificateVerifier(
                new TbCoapDtlsCertificateVerifier(
                        transportService,
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/LwM2MTransportBootstrapService.java
@ -36,6 +36,7 @@ import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig;
 import javax.annotation.PostConstruct;
 import javax.annotation.PreDestroy;
 import java.security.cert.X509Certificate;
+import java.util.concurrent.TimeUnit;

 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CIPHER_SUITES_ONLY;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CURVES_ONLY;
@ -89,6 +90,7 @@ public class LwM2MTransportBootstrapService {
        DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder(getCoapConfig(bootstrapConfig.getPort(), bootstrapConfig.getSecurePort(), serverConfig));

        dtlsConfig.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
+        dtlsConfig.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, serverConfig.getDtlsRetransmissionTimeoutInSec(), TimeUnit.SECONDS);
        dtlsConfig.set(DTLS_RECOMMENDED_CURVES_ONLY, serverConfig.isRecommendedSupportedGroups());
        dtlsConfig.set(DTLS_RECOMMENDED_CIPHER_SUITES_ONLY, serverConfig.isRecommendedCiphers());

--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/config/LwM2MTransportServerConfig.java
@ -37,6 +37,10 @@ import java.util.List;
@ConfigurationProperties(prefix = "transport.lwm2m")
 public class LwM2MTransportServerConfig implements LwM2MSecureServerConfig {

+    @Getter
+    @Value("${transport.coap.dtls.retransmission_timeout_in_sec}")
+    private Integer dtlsRetransmissionTimeoutInSec;
+
    @Getter
    @Value("${transport.lwm2m.timeout:}")
    private Long timeout;
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/server/DefaultLwM2mTransportService.java
@ -40,6 +40,7 @@ import org.thingsboard.server.transport.lwm2m.utils.LwM2mValueConverterImpl;

 import javax.annotation.PreDestroy;
 import java.security.cert.X509Certificate;
+import java.util.concurrent.TimeUnit;

 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CIPHER_SUITES_ONLY;
 import static org.eclipse.californium.scandium.config.DtlsConfig.DTLS_RECOMMENDED_CURVES_ONLY;
@ -132,6 +133,7 @@ public class DefaultLwM2mTransportService implements LwM2MTransportService {
        DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder(getCoapConfig(config.getPort(), config.getSecurePort(), config));

        dtlsConfig.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
+        dtlsConfig.set(DtlsConfig.DTLS_RETRANSMISSION_TIMEOUT, config.getDtlsRetransmissionTimeoutInSec(), TimeUnit.SECONDS);
        dtlsConfig.set(DTLS_RECOMMENDED_CURVES_ONLY, config.isRecommendedSupportedGroups());
        dtlsConfig.set(DTLS_RECOMMENDED_CIPHER_SUITES_ONLY, config.isRecommendedCiphers());