I ran simpleclient and simpleserver in non-secure mode, I could see host address of OCResource was listed as one of the endpoints.
I do not get the benefit of giving host (OCResource::host()) information (oic/res query response from) which can not be used to communicate with secured resource. In current implementation, the app should not use the OCResource::host( ) but must choose from one of the endpoints returned by OCResource:: getAllHosts(). My thought is what if stack sets OCResource's host to one of the endpoints listed, based on the priority before handing it over to application layer. In this case application can start exchanging messages with resource as host is already set to one of the valid endpoints OR application can choose any other endpoints to communicate as it is doing now. I agree that updating the OCResource::host( ) with valid endpoint would be useful. There are a few techniques for choosing the valid endpoint as described in https://jira.iotivity.org/browse/IOT-2185 that Ashok and I are discussing. Please chime in if you think it?d help your app. From: Harish Kumara Marappa [mailto:[email protected]] Sent: Tuesday, May 9, 2017 11:55 PM To: Soemin Tjong <stjong at exchange.microsoft.com>; ??? <bg.chun at samsung.com>; Heldt-Sheller, Nathan <nathan.heldt-sheller at intel.com>; iotivity-dev at lists.iotivity.org Subject: RE: RE: [dev] Is OCResource::host() returns valid host for secured resource ? Hi, > And endpoins infomation is just additional address except current host address. > In more detail, endpoints is additional address infomation which is accessible from current client network(which discovery reqeust sent), so endpoints list doesn`t include current host address, I ran simpleclient and simpleserver in non-secure mode, I could see host address of OCResource was listed as one of the endpoints. I do not get the benefit of giving host (OCResource::host()) information (oic/res query response from) which can not be used to communicate with secured resource. [From OCF 1.0 spec] > Each OCF Device shall associate with at least one Endpoint with which it can exchange request and response messages My thought is what if stack sets OCResource's host to one of the endpoints listed, based on the priority before handing it over to application layer. In this case application can start exchanging messages with resource as host is already set to one of the valid endpoints OR application can choose any other endpoints to communicate as it is doing now. Regards, Harish Kumara M --------- Original Message --------- Sender : Soemin Tjong <stjong at exchange.microsoft.com<mailto:stjong at exchange.microsoft.com>> Date : 2017-05-10 07:08 (GMT+5:30) Title : RE: [dev] Is OCResource::host() returns valid host for secured resource ? Hi, thanks for the explanation, I recently created a Jira ticket on this topic: https://jira.iotivity.org/browse/IOT-2186<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fjira.iotivity.org%2Fbrowse%2FIOT-2186&data=02%7C01%7Cstjong%40exchange.microsoft.com%7C690883b406a440dea58608d497716d1c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636299960800523658&sdata=TQL8xXEHQD5ZCbN2LOTudG9ofVjOkvdxOdd69TvDzsQ%3D&reserved=0>. From: iotivity-dev-bounces at lists.iotivity.org<mailto:iotivity-dev-bounces at lists.iotivity.org> [mailto:[email protected]] On Behalf Of ??? Sent: Tuesday, May 9, 2017 5:14 PM To: Heldt-Sheller, Nathan <nathan.heldt-sheller at intel.com<mailto:nathan.heldt-sheller at intel.com>>; Harish Kumara Marappa <h.marappa at samsung.com<mailto:h.marappa at samsung.com>>; iotivity-dev at lists.iotivity.org<mailto:iotivity-dev at lists.iotivity.org> Subject: Re: [dev] Is OCResource::host() returns valid host for secured resource ? Hi, All. See my coment in below thanks. what I want to point out here is Host address of secured resource is showing different address which is not even in the endpoints list. I think Host address supposed to be one of endpoints, right ? Because of this application layer has to set secure resource's host with one of secure endpoints before using it. => Normal host address isn`t one of endpoints, normal host address is parsed from coap packet header. And endpoins infomation is just additional address except current host address. In more detail, endpoints is additional address infomation which is accessible from current client network(which discovery reqeust sent), so endpoints list doesn`t include current host address, Because of this application layer has to set secure resource's host with one of secure endpoints before using it. => It seems to right, but as i mentioned above basically host address showing address where it from. And you can change current host of found resource using setHost() which is member function of OCResource class. Perhaps one of the ?eps? (Endpoint list) code authors can give a definitive answer, but in my estimation, this isn?t a problem. The Host address may be just the CoAP address from which the /res response was sent, but if the Resource doesn?t expose an Unsecured Endpoint it would only have Secure ?ep? entries in its ?eps?. Again just my take; I?m not the Endpoint feature expert by any means. The Host address may be just the CoAP address from which the /res response was sent, => Definitely right. but if the Resource doesn?t expose an Unsecured Endpoint it would only have Secure ?ep? entries in its ?eps?. => Right, in simpleserver.cpp createResource() create resource with OC_SECURE flag, so when client found that resource, response payload has only secured endpoins like below. List of resource endpoints: coaps://107.108.81.118:48100 coaps+tcp://107.108.81.118:37259 Thanks you. --------- Original Message --------- Sender : Heldt-Sheller, Nathan <nathan.heldt-sheller at intel.com<mailto:nathan.heldt-sheller at intel.com>> Date : 2017-05-10 00:52 (GMT+9) Title : Re: [dev] Is OCResource::host() returns valid host for secured resource ? Perhaps one of the ?eps? (Endpoint list) code authors can give a definitive answer, but in my estimation, this isn?t a problem. The Host address may be just the CoAP address from which the /res response was sent, but if the Resource doesn?t expose an Unsecured Endpoint it would only have Secure ?ep? entries in its ?eps?. Again just my take; I?m not the Endpoint feature expert by any means. Thanks, Nathan From: iotivity-dev-bounces at lists.iotivity.org<mailto:iotivity-dev-bounces at lists.iotivity.org> [mailto:[email protected]] On Behalf Of Harish Kumara Marappa Sent: Tuesday, May 9, 2017 6:49 AM To: iotivity-dev at lists.iotivity.org<mailto:iotivity-dev at lists.iotivity.org> Subject: [dev] Is OCResource::host() returns valid host for secured resource ? Hi All, I have query on host information of a resource discovered through C++ API OCPlatform::findResource. Below are the logs I got at simpleclient application while simpleserver ran with option 2 (./simpleserver 2). [Note IoTivity is built with security enabled (SECURED=1)] ============================================== Found resource 85a4724e-452e-ca53-1b39-0565cfcaa097/a/light for the first time on server with ID: 85a4724e-452e-ca53-1b39-0565cfcaa097 DISCOVERED Resource: URI of the resource: /a/light Host address of the resource: coap://107.108.81.118:58991 List of resource types: core.light core.brightlight List of resource interfaces: oic.if.baseline oic.if.ll Host of resource: coap://107.108.81.118:58991 List of resource endpoints: coaps://107.108.81.118:48100 coaps+tcp://107.108.81.118:37259 Change host of resource endpoints Current host is coaps://107.108.81.118:48100 Address of selected resource: coaps://107.108.81.118:48100 ============================================= what I want to point out here is Host address of secured resource is showing different address which is not even in the endpoints list. I think Host address supposed to be one of endpoints, right ? Because of this application layer has to set secure resource's host with one of secure endpoints before using it. Regards, Harish Kumara M _______________________________________________ iotivity-dev mailing list iotivity-dev at lists.iotivity.org<mailto:iotivity-dev at lists.iotivity.org> https://lists.iotivity.org/mailman/listinfo/iotivity-dev<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.iotivity.org%2Fmailman%2Flistinfo%2Fiotivity-dev&data=02%7C01%7Cstjong%40exchange.microsoft.com%7C690883b406a440dea58608d497716d1c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636299960800523658&sdata=pT%2BHrL%2Bk4B1gfLu0j3mu35f%2FbGyrctVATbd1Qw9N4qA%3D&reserved=0> [cid:image001.png at 01D2C9BA.A9771760] [http://ext.samsung.net/mail/ext/v1/external/status/update?userid=h.marappa&do=bWFpbElEPTIwMTcwNTEwMDY1NDM1ZXBjbXM1cDRkOTEzMGFhYjg4ZDY1MTAwYTc2NWZiZDg0YjRlNzg1OSZyZWNpcGllbnRBZGRyZXNzPXN0am9uZ0BleGNoYW5nZS5taWNyb3NvZnQuY29t] -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170511/aa3a76e5/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 33527 bytes Desc: image001.png URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170511/aa3a76e5/attachment.png>
