MPX-24 - Add support for CoAP and DTLS (#60)

* feat: Add coap proxy

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: Refactor tls.go for load tls and dtls

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: refactor loadtls and loaddtls functions

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: refactor load tls and dtls using generics

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: rebase

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: merge listen and listendtls

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* feat: add examples for coap client, update readme

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* feat: add server for coap example

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* feat: add cancel observation

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* feat: add udp and dtls proxy

Signed-off-by: 1998-felix <felix.gateru@gmail.com>

* refactor: rename mproxy to mgate

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* chore: update dependencies

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* refactor: use plgd-dev/go-coap for parsing

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* refactor: clean up code

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* fix: revert port number change

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* ci: fix linter setup

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* refactor: add context timeout

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

* refactor: resolve mutex before logging

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

---------

Signed-off-by: 1998-felix <felix.gateru@gmail.com>
Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

Author: felixgateru

.env

@@ -90,3 +90,17 @@ MGATE_HTTP_WITH_MTLS_SERVER_CA_FILE=ssl/certs/ca.crt
 MGATE_HTTP_WITH_MTLS_CLIENT_CA_FILE=ssl/certs/ca.crt
 MGATE_HTTP_WITH_MTLS_CERT_VERIFICATION_METHODS=ocsp
 MGATE_HTTP_WITH_MTLS_OCSP_RESPONDER_URL=http://localhost:8080/ocsp
+
+MGATE_COAP_WITHOUT_DTLS_HOST=
+MGATE_COAP_WITHOUT_DTLS_PORT=5682
+MGATE_COAP_WITHOUT_DTLS_TARGET_HOST=localhost
+MGATE_COAP_WITHOUT_DTLS_TARGET_PORT=5683
+
+MGATE_COAP_WITH_DTLS_HOST=localhost
+MGATE_COAP_WITH_DTLS_PORT=5684
+MGATE_COAP_WITH_DTLS_TARGET_HOST=localhost
+MGATE_COAP_WITH_DTLS_TARGET_PORT=5683
+MGATE_COAP_WITH_DTLS_CERT_FILE=ssl/certs/server.crt
+MGATE_COAP_WITH_DTLS_KEY_FILE=ssl/certs/server.key
+MGATE_COAP_WITH_DTLS_SERVER_CA_FILE=ssl/certs/ca.crt
+MGATE_COAP_WITH_DTLS_CLIENT_CA_FILE=ssl/certs/ca.crt

.github/workflows/tests.yaml

@@ -23,13 +23,13 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v5
         with:
-          go-version: 1.22.x
+          go-version: 1.25.x
           cache-dependency-path: "go.sum"
 
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v8
         with:
-          version: v2.1.6
+          version: v2.4.0
           args: --config .golangci.yaml
 
       - name: Build Binaries

README.md

@@ -13,6 +13,7 @@ import (
 
 	"github.com/absmach/mgate"
 	"github.com/absmach/mgate/examples/simple"
+	"github.com/absmach/mgate/pkg/coap"
 	"github.com/absmach/mgate/pkg/http"
 	"github.com/absmach/mgate/pkg/mqtt"
 	"github.com/absmach/mgate/pkg/mqtt/websocket"
@@ -34,6 +35,9 @@ const (
 	httpWithoutTLS = "MGATE_HTTP_WITHOUT_TLS_"
 	httpWithTLS    = "MGATE_HTTP_WITH_TLS_"
 	httpWithmTLS   = "MGATE_HTTP_WITH_MTLS_"
+
+	coapWithoutDTLS = "MGATE_COAP_WITHOUT_DTLS_"
+	coapWithDTLS    = "MGATE_COAP_WITH_DTLS_"
 )
 
 func main() {
@@ -172,6 +176,30 @@ func main() {
 		return httpMTLSProxy.Listen(ctx)
 	})
 
+	// mGate server Configuration for CoAP without DTLS
+	coapConfig, err := mgate.NewConfig(env.Options{Prefix: coapWithoutDTLS})
+	if err != nil {
+		panic(err)
+	}
+
+	// mGate server for CoAP without DTLS
+	coapProxy := coap.NewProxy(coapConfig, handler, logger)
+	g.Go(func() error {
+		return coapProxy.Listen(ctx)
+	})
+
+	// mGate server Configuration for CoAP with DTLS
+	coapDTLSConfig, err := mgate.NewConfig(env.Options{Prefix: coapWithDTLS})
+	if err != nil {
+		panic(err)
+	}
+
+	// mGate server for CoAP with DTLS
+	coapDTLSProxy := coap.NewProxy(coapDTLSConfig, handler, logger)
+	g.Go(func() error {
+		return coapDTLSProxy.Listen(ctx)
+	})
+
 	g.Go(func() error {
 		return StopSignalHandler(ctx, cancel, logger)
 	})

cmd/main.go

@@ -8,17 +8,19 @@ import (
 
 	mptls "github.com/absmach/mgate/pkg/tls"
 	"github.com/caarlos0/env/v11"
+	"github.com/pion/dtls/v3"
 )
 
 type Config struct {
-	Host           string `env:"HOST"            envDefault:""`
+	Host           string `env:"HOST"                     envDefault:""`
 	Port           string `env:"PORT,required"            envDefault:""`
 	PathPrefix     string `env:"PATH_PREFIX"              envDefault:""`
 	TargetHost     string `env:"TARGET_HOST,required"     envDefault:""`
 	TargetPort     string `env:"TARGET_PORT,required"     envDefault:""`
 	TargetProtocol string `env:"TARGET_PROTOCOL,required" envDefault:""`
 	TargetPath     string `env:"TARGET_PATH"              envDefault:""`
 	TLSConfig      *tls.Config
+	DTLSConfig     *dtls.Config
 }
 
 func NewConfig(opts env.Options) (Config, error) {
@@ -31,8 +33,11 @@ func NewConfig(opts env.Options) (Config, error) {
 	if err != nil {
 		return Config{}, err
 	}
-
-	c.TLSConfig, err = mptls.Load(&cfg)
+	c.TLSConfig, err = mptls.LoadTLSConfig(&cfg, &tls.Config{})
+	if err != nil {
+		return Config{}, err
+	}
+	c.DTLSConfig, err = mptls.LoadTLSConfig(&cfg, &dtls.Config{})
 	if err != nil {
 		return Config{}, err
 	}

config.go

@@ -0,0 +1,25 @@
+#!/bin/bash
+protocol=coaps
+host=localhost
+port=5684
+path="test"
+content=0x32
+message="{\"message\": \"Hello mGate\"}"
+auth="TOKEN"
+cafile=ssl/certs/ca.crt
+certfile=ssl/certs/client.crt
+keyfile=ssl/certs/client.key
+
+echo "Posting message to ${protocol}://${host}:${port}/${path} with dtls ..."
+coap-client -m post coap://${host}:${port}/${path} -e "${message}" -O 12,${content} -O 15,auth=${auth} \
+    -c $certfile -k $keyfile -C $cafile
+
+echo "Getting message from ${protocol}://${host}:${port}/${path} with dtls ..."
+coap-client -m get coaps://${host}:${port}/${path} -O 6,0x00 -O 15,auth=${auth} -c $certfile -k $keyfile -C $cafile
+
+echo "Posting message to ${protocol}://${host}:${port}/${path} with dtls and invalid client certificate..."
+coap-client -m post ${protocol}://${host}:${port}/${path} -e "${message}" -O 12,${content} -O 15,auth=${auth} \
+    -c ssl/certs/client_unknown.crt -j ssl/certs/client_unknown.key -C "$cafile"
+
+echo "Getting message from ${protocol}://${host}:${port}/${path} with dtls and invalid client certificate..."
+coap-client -m get ${protocol}://${host}:${port}/${path} -O 6,0x00 -O 15,auth=${auth} -c ssl/certs/client_unknown.crt -j ssl/certs/client_unknown.key -C "$cafile"

examples/client/coap/with_dtls.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+protocol=coap
+host=localhost
+port=5682
+path="test"
+content=0x32
+message="{\"message\": \"Hello mGate\"}"
+auth="TOKEN"
+
+#Examples using lib-coap coap-client
+echo "Posting message to ${protocol}://${host}:${port}/${path} without tls ..."
+coap-client -m post coap://${host}:${port}/${path} -e "${message}" -O 12,${content} -O 15,auth=${auth}
+
+echo "Getting message from ${protocol}://${host}:${port}/${path} without tls ..."
+coap-client -m get coap://${host}:${port}/${path} -O 6,0x00 -O 15,auth=${auth}
+
+#Examples using Magistrala coap-cli
+echo "Posting message to ${protocol}://${host}:${port}/${path} without tls ..."
+coap-cli post ${host}:${port}/${path} -d "${message}" -O 12,${content} -O 15,auth=${auth}
+
+echo "Getting message from ${protocol}://${host}:${port}/${path} without tls ..."
+coap-cli get ${host}:${port}/${path} -O 6,0x00 -O 15,auth=${auth}

examples/client/coap/without_dtls.sh

@@ -0,0 +1,37 @@
+// Copyright (c) Abstract Machines
+// SPDX-License-Identifier: Apache-2.0
+
+package main
+
+import (
+	"fmt"
+	"log"
+	"strings"
+
+	coap "github.com/plgd-dev/go-coap/v3"
+	"github.com/plgd-dev/go-coap/v3/message"
+	"github.com/plgd-dev/go-coap/v3/message/codes"
+	"github.com/plgd-dev/go-coap/v3/mux"
+)
+
+const defaultPort = "5683"
+
+func handleRequest(w mux.ResponseWriter, r *mux.Message) {
+	resp := w.Conn().AcquireMessage(r.Context())
+	defer w.Conn().ReleaseMessage(resp)
+	resp.SetCode(codes.Content)
+	resp.SetToken(r.Token())
+	resp.SetContentFormat(message.TextPlain)
+	resp.SetBody(strings.NewReader(fmt.Sprintf("%v OK", r.Code())))
+	err := w.Conn().WriteMessage(resp)
+	if err != nil {
+		log.Printf("Cannot send response: %v", err)
+	}
+}
+
+func main() {
+	r := mux.NewRouter()
+	r.DefaultHandle(mux.HandlerFunc(handleRequest))
+	log.Println("starting coap server, listening on port " + defaultPort)
+	log.Fatal(coap.ListenAndServe("udp", ":"+defaultPort, r))
+}

examples/server/coap/main.go

@@ -8,8 +8,18 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/websocket v1.5.3
 	github.com/joho/godotenv v1.5.1
+	github.com/pion/dtls/v3 v3.0.6
+	github.com/plgd-dev/go-coap/v3 v3.4.0
 	golang.org/x/crypto v0.41.0
 	golang.org/x/sync v0.16.0
 )
 
-require golang.org/x/net v0.43.0 // indirect
+require (
+	github.com/dsnet/golib/memfile v1.0.0 // indirect
+	github.com/pion/logging v0.2.3 // indirect
+	github.com/pion/transport/v3 v3.0.7 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
+	golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e // indirect
+	golang.org/x/net v0.43.0 // indirect
+	golang.org/x/sys v0.35.0 // indirect
+)

go.mod

@@ -1,5 +1,9 @@
 github.com/caarlos0/env/v11 v11.3.1 h1:cArPWC15hWmEt+gWk7YBi7lEXTXCvpaSdCiZE2X5mCA=
 github.com/caarlos0/env/v11 v11.3.1/go.mod h1:qupehSf/Y0TUTsxKywqRt/vJjN5nz6vauiYEUUr8P4U=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dsnet/golib/memfile v1.0.0 h1:J9pUspY2bDCbF9o+YGwcf3uG6MdyITfh/Fk3/CaEiFs=
+github.com/dsnet/golib/memfile v1.0.0/go.mod h1:tXGNW9q3RwvWt1VV2qrRKlSSz0npnh12yftCSCy2T64=
 github.com/eclipse/paho.mqtt.golang v1.5.0 h1:EH+bUVJNgttidWFkLLVKaQPGmkTUfQQqjOsyvMGvD6o=
 github.com/eclipse/paho.mqtt.golang v1.5.0/go.mod h1:du/2qNQVqJf/Sqs4MEL77kR8QTqANF7XU7Fk0aOTAgk=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
@@ -8,11 +12,29 @@ github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aN
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/pion/dtls/v3 v3.0.6 h1:7Hkd8WhAJNbRgq9RgdNh1aaWlZlGpYTzdqjy9x9sK2E=
+github.com/pion/dtls/v3 v3.0.6/go.mod h1:iJxNQ3Uhn1NZWOMWlLxEEHAN5yX7GyPvvKw04v9bzYU=
+github.com/pion/logging v0.2.3 h1:gHuf0zpoh1GW67Nr6Gj4cv5Z9ZscU7g/EaoC/Ke/igI=
+github.com/pion/logging v0.2.3/go.mod h1:z8YfknkquMe1csOrxK5kc+5/ZPAzMxbKLX5aXpbpC90=
+github.com/pion/transport/v3 v3.0.7 h1:iRbMH05BzSNwhILHoBoAPxoB9xQgOaJk+591KC9P1o0=
+github.com/pion/transport/v3 v3.0.7/go.mod h1:YleKiTZ4vqNxVwh77Z0zytYi7rXHl7j6uPLGhhz9rwo=
+github.com/plgd-dev/go-coap/v3 v3.4.0 h1:ZoGYFDv94xboP+41yW458fLDuYui+4eTgamqp3XJ7k4=
+github.com/plgd-dev/go-coap/v3 v3.4.0/go.mod h1:azpceqoHFeGzzNVm3RX4ox6xKHLOJ+pD0emPpr7FDXA=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
+go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
 golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
-golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs=
-golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8=
+golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e h1:I88y4caeGeuDQxgdoFPUq097j7kNfw6uvuiNxUBfcBk=
+golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ=
 golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
 golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
 golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
 golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=