Fix client side : create right server identity type in EndpointsManager

eclipse-leshan · Jan 17, 2019 · b365633 · b365633
1 parent f315c66
commit b365633
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/...src/main/java/org/eclipse/leshan/client/californium/impl/CaliforniumEndpointsManager.java b/...src/main/java/org/eclipse/leshan/client/californium/impl/CaliforniumEndpointsManager.java
@@ -44,6 +44,7 @@
 import org.eclipse.leshan.client.servers.EndpointsManager;
 import org.eclipse.leshan.client.servers.Server;
 import org.eclipse.leshan.client.servers.ServerInfo;
+import org.eclipse.leshan.core.californium.EndpointContextUtil;
 import org.eclipse.leshan.core.californium.EndpointFactory;
 import org.eclipse.leshan.core.request.Identity;
 import org.slf4j.Logger;
@@ -88,6 +89,7 @@ public synchronized Server createEndpoint(ServerInfo serverInfo) {
             if (serverInfo.secureMode == SecurityMode.PSK) {
                 StaticPskStore staticPskStore = new StaticPskStore(serverInfo.pskId, serverInfo.pskKey);
                 newBuilder.setPskStore(staticPskStore);
+                serverIdentity = Identity.psk(serverInfo.getAddress(), serverInfo.pskId);
             } else if (serverInfo.secureMode == SecurityMode.RPK) {
                 // set identity
                 newBuilder.setIdentity(serverInfo.privateKey, serverInfo.publicKey);
@@ -110,6 +112,7 @@ public boolean isTrusted(RawPublicKeyIdentity id) {
                         return true;
                     }
                 });
+                serverIdentity = Identity.rpk(serverInfo.getAddress(), expectedKey);
             } else if (serverInfo.secureMode == SecurityMode.X509) {
                 // set identity
                 newBuilder.setIdentity(serverInfo.privateKey, new Certificate[] { serverInfo.clientCertificate },
@@ -155,7 +158,10 @@ public boolean isTrusted(RawPublicKeyIdentity id) {
                         return false;
                     }
                 });
-
+                serverIdentity = Identity.x509(serverInfo.getAddress(), EndpointContextUtil
+                        .extractCN(((X509Certificate) expectedServerCertificate).getSubjectX500Principal().getName()));
+            } else {
+                throw new RuntimeException("Unable to create connector : unsupported security mode");
             }
             if (endpointFactory != null) {
                 currentEndpoint = endpointFactory.createSecuredEndpoint(newBuilder.build(), coapConfig, null);
@@ -165,7 +171,6 @@ public boolean isTrusted(RawPublicKeyIdentity id) {
                 builder.setNetworkConfig(coapConfig);
                 currentEndpoint = builder.build();
             }
-            serverIdentity = Identity.psk(serverInfo.getAddress(), serverInfo.pskId);
         } else {
             if (endpointFactory != null) {
                 currentEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);