Comments (8)
First of this project is absolutely amazing. It was really easy to create a server and client.
Thanks!
I'm now experimenting to get this to work with DTLS.
I haven't implemented DTLS support because at the time there was no good support for DTLS in Rust. That may have changed by now, I should look into the matter again.
If I read this correctly, DTLS support can be added by implementing the
async_coap::LocalEndPoint
trait. Is this correct?
Well... yes. Yes, that is technically true. It's just a "simple" matter of software, as they say. ;)
There are a few details that have yet to be worked out with respect to DTLS: specifically how sessions would work, how you specify the parameters of a new session, etc.
I suppose we could have a default case where we assume the client is anonymous and the server has an X.509 cert that authenticated, but that case isn't super useful for peer devices that just want to authenticate each other mutually with a shared secret—which is an important use case in IoT (especially Splot).
This is an issue that needs to be wrestled with sooner rather than later, so if you have any thoughts, suggestions, I'd love to hear them!
I need to take another look at Rustls to see how TLS/DTLS in general might be integrated.
from rust-async-coap.
One thought was to strictly associate each DTLS session with a RemoteEndpoint
instance, and that in the DTLS case it would have some additional trait which would allow you to introspect more into the session details.
But in that case you would really want to avoid using LocalEndpoint::send
, because it wouldn't have any session information. I suppose we could add a session identifier to the LocalEndpoint::SocketAddr
associated type, but that feels ugly. It also makes session tracking and cleanup much more tricky.
from rust-async-coap.
To be clear though, the most straightforward way to implement DTLS support of the traditional PKI "anonymous-client/authenticated-server" sort is to implement a custom AsyncDatagramSocket
and use DatagramLocalEndpoint
(rather than implement LocalEndpoint
), doing TLS session tracking inside of the "socket". This, of course, has all sorts of caveats and potential issues, but if you want the straightest path from one point to the other, this is likely it.
There may be a way to move such an implementation toward something more flexible later on, but honestly I think it would be a one-off. Perhaps I was being a little optimistic in the README. ;)
from rust-async-coap.
Unfortunately DTLS support is not yet implemented in rust-tls (see issue 40), so the only option for now is to use rust-openssl.
Unfortunately I dont have any good ideas about this yet, I'm just experimenting first in setting up a basic coap based client/server implementation. So definitely I was looking at a traditional anonymous client / authenticated server implementation first. I created a basic working example of using openssl dtls here: https://gist.github.com/fdeantoni/a1df96cdd0cc84f79e08a116aa184b71
It is very basic in that it doesn't use async anywhere, but it does show the openssl dtls part working. So hopefully it will also work when using rust-async-coap
:)
from rust-async-coap.
I created a small experiment project (async-coap-dtls) with rust-openssl to create a dtls server and client using AsyncDatagramSocket. The implementation is far from efficient and there are for sure many things wrong with it, but in a simple scenario it seems to work ok I think.
from rust-async-coap.
The DTLS 1.3 spec is almost completed... I think we should prioritize this over DTLS 1.2 if we decide to work on this...
from rust-async-coap.
Hopefully the delta between DTLS 1.2 support and DTLS 1.3 support is relatively small.
from rust-async-coap.
I created patches on top of @fdeantoni project that make server side non-blocking, what enables the user of this library to use DTLS and plain CoAP sockets in the same pool. Most probably I've broken client side meantime, because I was not testing it.
However, if anyone is interested in working non-blocking DTLS server implementation, here it is: https://github.com/hubertmis/async-coap-dtls/tree/test/server-library
from rust-async-coap.
Related Issues (19)
- async-coap-uri: Stop using UriRawComponents::from_str as a crutch for validating Uri strings
- async-coap-uri: Update experimental `UriUnescapeBuf` to allow methods to be called in any order HOT 1
- Get Travis-CI Integration Working HOT 1
- assertion failure in async-coap/src/datagram/send_future.rs:275 HOT 7
- Implement more traits for UriRefBuf and UriBuf HOT 3
- async-coap-uri: no_std implementation is broken HOT 1
- async-coap-uri: fix imports HOT 2
- UdpResponseTracker should not have unsafe code HOT 1
- Need datagram::MockSocket implementation for better unit tests
- ArcGuard's Send and Sync should have bounds on RC HOT 1
- thread 'tokio-runtime-worker' panicked at 'Receive loop terminated: IOError' HOT 1
- Possibility of having async message handlers
- Develop more convenient way to specify send timeouts.
- Characterize and possibly improve the performance of `decode_option`
- Update OptionIteratorExt::extract_location to comply with RFC7252 section 5.10.7
- SendObserve should calculate `delay_to_restart` value from `Max-Age` option
- async-coap-uri: Investigate how safety guarantees clash with `AnyUriRef::write_to` HOT 1
- async-coap-uri: Rewrite `AnyUriRef::write_resolved` to not depend on allocation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-async-coap.