UPdate

.gitmodules

@@ -48,7 +48,7 @@
 [submodule "coap/libcoap"]
 	path = coap/libcoap
 	url = https://github.com/obgm/libcoap.git
-	sbom-version = 4.3.1
+	sbom-version = 4.3.2
 	sbom-cpe = cpe:2.3:a:libcoap:libcoap:{}:*:*:*:*:*:*:*
 	sbom-supplier = Organization: libcoap <https://libcoap.net/>
 	sbom-url = https://github.com/obgm/libcoap

coap/CMakeLists.txt

@@ -31,6 +31,15 @@ set(srcs
     "libcoap/src/coap_uri.c"
     "libcoap/src/coap_ws.c")
 
+if(CONFIG_COAP_OSCORE_SUPPORT)
+    list(APPEND srcs
+        "libcoap/src/oscore/oscore.c"
+        "libcoap/src/oscore/oscore_cbor.c"
+        "libcoap/src/oscore/oscore_context.c"
+        "libcoap/src/oscore/oscore_cose.c"
+        "libcoap/src/oscore/oscore_crypto.c")
+endif()
+
 idf_component_register(SRCS "${srcs}"
                     INCLUDE_DIRS "${include_dirs}"
                     REQUIRES lwip mbedtls)

coap/Kconfig

@@ -80,31 +80,31 @@ menu "CoAP Configuration"
             Enable TCP functionality for CoAP. This is required if TLS sessions
             are to be used.
 
-            If this option is disabled, redundent CoAP TCP code is removed.
+            If this option is disabled, redundant CoAP TCP code is removed.
 
     config COAP_OSCORE_SUPPORT
         bool "Enable OSCORE support within CoAP"
         default n
         help
-            Enable OSCORE functionality for CoAP.
+            Enable OSCORE (Object Security for Constrained RESTful Environments) functionality for CoAP.
 
-            If this option is disabled, redundent CoAP OSCORE code is removed.
+            If this option is disabled, redundant CoAP OSCORE code is removed.
 
     config COAP_OBSERVE_PERSIST
         bool "Enable Server Observe Persist support within CoAP"
         default n
         help
             Enable Server Observe Persist support for CoAP.
 
-            If this option is disabled, redundent CoAP Observe Persist code is removed.
+            If this option is disabled, redundant CoAP Observe Persist code is removed.
 
     config COAP_WEBSOCKETS
         bool "Enable WebSockets support within CoAP"
         default n
         help
             Enable WebSockets support for CoAP.
 
-            If this option is disabled, redundent CoAP WebSocket code is removed.
+            If this option is disabled, redundant CoAP WebSocket code is removed.
 
     config COAP_CLIENT_SUPPORT
         bool "Enable Client functionality within CoAP"
@@ -115,7 +115,7 @@ menu "CoAP Configuration"
             this needs to be enabled to support the ongoing session going to
             the next hop.
 
-            If this option is disabled, redundent CoAP client only code is removed.
+            If this option is disabled, redundant CoAP client only code is removed.
             If both this option and COAP_SERVER_SUPPORT are disabled, then both
             are automatically enabled for backwards compatability.
 
@@ -126,7 +126,7 @@ menu "CoAP Configuration"
             Enable server functionality (ability to receive requests and send
             responses) for CoAP.
 
-            If this option is disabled, redundent CoAP server only code is removed.
+            If this option is disabled, redundant CoAP server only code is removed.
             If both this option and COAP_CLIENT_SUPPORT are disabled, then both
             are automatically enabled for backwards compatability.
 

coap/examples/coap_client/README.md

@@ -101,8 +101,10 @@ These can be raised at [libcoap Issues](https://github.com/obgm/libcoap/issues).
 
 ## Troubleshooting
 * Please make sure Target Url includes valid `host`, optional `port`,
-optional `path`, and begins with `coap://`, `coaps://`, `coap+tcp://` or `coaps+tcp://`
+optional `path`, and begins with `coap://`, `coaps://`, `coap+tcp://`, `coaps+tcp://`,
+coap+ws:// or coaps+ws://.
 (not all hosts support TCP/TLS including coap+tcp://californium.eclipseprojects.io).
+(not all hosts support WebSockets (which needs to be enabled as an option).
 
 * CoAP logging can be enabled by running 'idf.py menuconfig -> Component config -> CoAP Configuration -> Enable CoAP debugging'
 and setting appropriate log level.  If Mbed TLS logging is required, this needs to be configured separately under mbedTLS

coap/examples/coap_client/main/Kconfig.projbuild

@@ -1,11 +1,5 @@
 menu "Example CoAP Client Configuration"
 
-    # Hidden option that selects IPv4
-    config EXAMPLE_COAP_NEEDS_IPV4
-        bool
-        default true
-        select LWIP_IPV4
-
     config EXAMPLE_TARGET_DOMAIN_URI
         string "Target Uri"
         default "coaps://californium.eclipseprojects.io"

coap/examples/coap_client/main/coap_client_example_main.c

@@ -89,7 +89,7 @@ static int wait_ms;
    as the Certificate test (by default) is against the californium server.
 
    To embed it in the app binary, the PEM, CRT and KEY file is named
-   in the component.mk COMPONENT_EMBED_TXTFILES variable.
+   in the CMakeLists.txt EMBED_TXTFILES definition.
  */
 extern uint8_t ca_pem_start[] asm("_binary_coap_ca_pem_start");
 extern uint8_t ca_pem_end[]   asm("_binary_coap_ca_pem_end");
@@ -156,69 +156,16 @@ static void
 coap_log_handler (coap_log_t level, const char *message)
 {
     uint32_t esp_level = ESP_LOG_INFO;
-    char *cp = strchr(message, '\n');
+    const char *cp = strchr(message, '\n');
 
-    if (cp) {
+    while (cp) {
         ESP_LOG_LEVEL(esp_level, TAG, "%.*s", (int)(cp - message), message);
-    } else {
-        ESP_LOG_LEVEL(esp_level, TAG, "%s", message);
-    }
-}
-
-static coap_address_t *
-coap_get_address(coap_uri_t *uri)
-{
-    static coap_address_t dst_addr;
-    char *phostname = NULL;
-    struct addrinfo hints;
-    struct addrinfo *addrres;
-    int error;
-    char tmpbuf[INET6_ADDRSTRLEN];
-
-    phostname = (char *)calloc(1, uri->host.length + 1);
-    if (phostname == NULL) {
-        ESP_LOGE(TAG, "calloc failed");
-        return NULL;
-    }
-    memcpy(phostname, uri->host.s, uri->host.length);
-
-    memset ((char *)&hints, 0, sizeof(hints));
-    hints.ai_socktype = SOCK_DGRAM;
-    hints.ai_family = AF_UNSPEC;
-
-    error = getaddrinfo(phostname, NULL, &hints, &addrres);
-    if (error != 0) {
-        ESP_LOGE(TAG, "DNS lookup failed for destination address %s. error: %d", phostname, error);
-        free(phostname);
-        return NULL;
+        message = cp + 1;
+        cp = strchr(message, '\n');
     }
-    if (addrres == NULL) {
-        ESP_LOGE(TAG, "DNS lookup %s did not return any addresses", phostname);
-        free(phostname);
-        return NULL;
-    }
-    free(phostname);
-    coap_address_init(&dst_addr);
-    switch (addrres->ai_family) {
-    case AF_INET:
-        memcpy(&dst_addr.addr.sin, addrres->ai_addr, sizeof(dst_addr.addr.sin));
-        dst_addr.addr.sin.sin_port        = htons(uri->port);
-        inet_ntop(AF_INET, &dst_addr.addr.sin.sin_addr, tmpbuf, sizeof(tmpbuf));
-        ESP_LOGI(TAG, "DNS lookup succeeded. IP=%s", tmpbuf);
-        break;
-    case AF_INET6:
-        memcpy(&dst_addr.addr.sin6, addrres->ai_addr, sizeof(dst_addr.addr.sin6));
-        dst_addr.addr.sin6.sin6_port        = htons(uri->port);
-        inet_ntop(AF_INET6, &dst_addr.addr.sin6.sin6_addr, tmpbuf, sizeof(tmpbuf));
-        ESP_LOGI(TAG, "DNS lookup succeeded. IP=%s", tmpbuf);
-        break;
-    default:
-        ESP_LOGE(TAG, "DNS lookup response failed");
-        return NULL;
+    if (message[0] != '\000') {
+        ESP_LOG_LEVEL(esp_level, TAG, "%s", message);
     }
-    freeaddrinfo(addrres);
-
-    return &dst_addr;
 }
 
 static int
@@ -278,7 +225,7 @@ coap_build_optlist(coap_uri_t *uri)
 }
 #ifdef CONFIG_COAP_MBEDTLS_PSK
 static coap_session_t *
-coap_start_psk_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t *uri)
+coap_start_psk_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t *uri, coap_proto_t proto)
 {
     static coap_dtls_cpsk_t dtls_psk;
     static char client_sni[256];
@@ -298,15 +245,14 @@ coap_start_psk_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t
     dtls_psk.psk_info.identity.length = sizeof(EXAMPLE_COAP_PSK_IDENTITY) - 1;
     dtls_psk.psk_info.key.s = (const uint8_t *)EXAMPLE_COAP_PSK_KEY;
     dtls_psk.psk_info.key.length = sizeof(EXAMPLE_COAP_PSK_KEY) - 1;
-    return coap_new_client_session_psk2(ctx, NULL, dst_addr,
-                                        uri->scheme == COAP_URI_SCHEME_COAPS ? COAP_PROTO_DTLS : COAP_PROTO_TLS,
+    return coap_new_client_session_psk2(ctx, NULL, dst_addr, proto,
                                         &dtls_psk);
 }
 #endif /* CONFIG_COAP_MBEDTLS_PSK */
 
 #ifdef CONFIG_COAP_MBEDTLS_PKI
 static coap_session_t *
-coap_start_pki_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t *uri)
+coap_start_pki_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t *uri, coap_proto_t proto)
 {
     unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
     unsigned int client_crt_bytes = client_crt_end - client_crt_start;
@@ -357,22 +303,23 @@ coap_start_pki_session(coap_context_t *ctx, coap_address_t *dst_addr, coap_uri_t
     dtls_pki.pki_key.key.pem_buf.ca_cert = ca_pem_start;
     dtls_pki.pki_key.key.pem_buf.ca_cert_len = ca_pem_bytes;
 
-    return coap_new_client_session_pki(ctx, NULL, dst_addr,
-                                       uri->scheme == COAP_URI_SCHEME_COAPS ? COAP_PROTO_DTLS : COAP_PROTO_TLS,
+    return coap_new_client_session_pki(ctx, NULL, dst_addr, proto,
                                        &dtls_pki);
 }
 #endif /* CONFIG_COAP_MBEDTLS_PKI */
 
 static void coap_example_client(void *p)
 {
-    coap_address_t   *dst_addr;
+    coap_address_t   dst_addr;
     static coap_uri_t uri;
     const char       *server_uri = COAP_DEFAULT_DEMO_URI;
     coap_context_t *ctx = NULL;
     coap_session_t *session = NULL;
     coap_pdu_t *request = NULL;
     unsigned char token[8];
     size_t tokenlength;
+    coap_addr_info_t *info_list = NULL;
+    coap_proto_t proto;
 
     /* Initialize libcoap library */
     coap_startup();
@@ -400,40 +347,52 @@ static void coap_example_client(void *p)
         goto clean_up;
     }
 
-    dst_addr = coap_get_address(&uri);
-    if (!dst_addr) {
+    info_list = coap_resolve_address_info(&uri.host, uri.port, uri.port,
+                                          uri.port, uri.port,
+                                          0,
+                                          1 << uri.scheme,
+                                          COAP_RESOLVE_TYPE_REMOTE);
+
+    if (info_list == NULL) {
+        ESP_LOGE(TAG, "failed to resolve address");
         goto clean_up;
     }
+    proto = info_list->proto;
+    memcpy(&dst_addr, &info_list->addr, sizeof(dst_addr));
+    coap_free_address_info(info_list);
 
     /*
      * Note that if the URI starts with just coap:// (not coaps://) the
      * session will still be plain text.
      */
-    if (uri.scheme == COAP_URI_SCHEME_COAPS || uri.scheme == COAP_URI_SCHEME_COAPS_TCP) {
+    if (uri.scheme == COAP_URI_SCHEME_COAPS || uri.scheme == COAP_URI_SCHEME_COAPS_TCP || uri.scheme == COAP_URI_SCHEME_COAPS_WS) {
 #ifndef CONFIG_MBEDTLS_TLS_CLIENT
         ESP_LOGE(TAG, "MbedTLS (D)TLS Client Mode not configured");
         goto clean_up;
 #endif /* CONFIG_MBEDTLS_TLS_CLIENT */
 
 #ifdef CONFIG_COAP_MBEDTLS_PSK
-        session = coap_start_psk_session(ctx, dst_addr, &uri);
+        session = coap_start_psk_session(ctx, &dst_addr, &uri, proto);
 #endif /* CONFIG_COAP_MBEDTLS_PSK */
 
 #ifdef CONFIG_COAP_MBEDTLS_PKI
-        session = coap_start_pki_session(ctx, dst_addr, &uri);
+        session = coap_start_pki_session(ctx, &dst_addr, &uri, proto);
 #endif /* CONFIG_COAP_MBEDTLS_PKI */
     } else {
-        session = coap_new_client_session(ctx, NULL, dst_addr,
-                                          uri.scheme == COAP_URI_SCHEME_COAP_TCP ? COAP_PROTO_TCP :
-                                          COAP_PROTO_UDP);
+        session = coap_new_client_session(ctx, NULL, &dst_addr, proto);
     }
     if (!session) {
         ESP_LOGE(TAG, "coap_new_client_session() failed");
         goto clean_up;
     }
+#ifdef CONFIG_COAP_WEBSOCKETS
+    if (proto == COAP_PROTO_WS || proto == COAP_PROTO_WSS) {
+        coap_ws_set_host_request(session, &uri.host);
+    }
+#endif /* CONFIG_COAP_WEBSOCKETS */
 
     while (1) {
-        request = coap_new_pdu(coap_is_mcast(dst_addr) ? COAP_MESSAGE_NON : COAP_MESSAGE_CON,
+        request = coap_new_pdu(coap_is_mcast(&dst_addr) ? COAP_MESSAGE_NON : COAP_MESSAGE_CON,
                                COAP_REQUEST_CODE_GET, session);
         if (!request) {
             ESP_LOGE(TAG, "coap_new_pdu() failed");

coap/examples/coap_client/sdkconfig.ci

@@ -6,3 +6,6 @@ CONFIG_EXAMPLE_ETH_MDC_GPIO=23
 CONFIG_EXAMPLE_ETH_MDIO_GPIO=18
 CONFIG_EXAMPLE_ETH_PHY_RST_GPIO=5
 CONFIG_EXAMPLE_ETH_PHY_ADDR=1
+CONFIG_COAP_OSCORE_SUPPORT=y
+CONFIG_COAP_OBSERVE_PERSIST=y
+CONFIG_COAP_WEBSOCKETS=y

coap/examples/coap_server/main/Kconfig.projbuild

@@ -1,11 +1,5 @@
 menu "Example CoAP Server Configuration"
 
-    # Hidden option that selects IPv4
-    config EXAMPLE_COAP_NEEDS_IPV4
-        bool
-        default true
-        select LWIP_IPV4
-
     config EXAMPLE_COAP_PSK_KEY
         string "Preshared Key (PSK) to used in the connection from the CoAP client"
         depends on COAP_MBEDTLS_PSK
@@ -15,6 +9,37 @@ menu "Example CoAP Server Configuration"
             used at both ends of the CoAP connection, and the CoaP client must request
             an URI prefixed with coaps:// instead of coap:// for DTLS to be used.
 
+    config EXAMPLE_COAP_LISTEN_PORT
+        string "CoAP Listen port"
+        default "5683"
+        help
+            Port number to listen for CoAP traffic.
+
+    config EXAMPLE_COAPS_LISTEN_PORT
+        string "CoAP Secure Listen port"
+        default "5684"
+        depends on COAP_MBEDTLS_PSK || COAP_MBEDTLS_PKI
+        help
+            Port number to listen for CoAP secure ((D)TLS) traffic.
+
+    config EXAMPLE_COAP_WEBSOCKET_PORT
+        string "CoAP Websocket port"
+        default "80"
+        depends on COAP_WEBSOCKETS
+        help
+            Port number to listen for WebSocket traffic on.
+
+            The default is 80.
+
+    config EXAMPLE_COAP_WEBSOCKET_SECURE_PORT
+        string "CoAP Websocket Secure port"
+        default "443"
+        depends on COAP_WEBSOCKETS && (COAP_MBEDTLS_PSK || COAP_MBEDTLS_PKI)
+        help
+            Port number to listen for WebSocket Secure (TLS) traffic on.
+
+            The default is 443.
+
     choice EXAMPLE_COAP_MCAST_IP_MODE
         prompt "Receive Multicast IP type"
         help