1 简介
COAP(Constrained Application Protocol)是一种在物联网世界的类web协议,它的详细规范定义在 RFC 7252。CoAP是一种应用层协议,它运行于UDP协议之上而不是像HTTP那样运行于TCP之上。COAP名字翻译来就是“受限应用协议”,顾名思义,使用在资源受限的物联网设备上。物联网设备的ram,rom都通常非常小,运行TCP和HTTP是不可以接受的。CoAP协议非常小巧,最小的数据包仅为4字节,其是一个好的解决方案。
COAP协议特点
1 COAP协议网络传输层由TCP改为UDP。
2 它基于REST,server的资源地址和互联网一样也有类似url的格式,客户端同样有POST,GET,PUT,DELETE方法来访问server,对HTTP做了简化。
3 COAP是二进制格式的,HTTP是文本格式的,COAP比HTTP更加紧凑。
4 轻量化,COAP最小长度仅仅4B,一个HTTP的头都几十个B了。
5 支持可靠传输,数据重传,块传输。 确保数据可靠到达。
6 支持IP多播, 即可以同时向多个设备发送请求。
7 非长连接通信,适用于低功耗物联网场景。
COAP消息类型
COAP 采用的的类似于http的请求响应工作模式,它总共有四种不同的消息类型
- CON—需要被确认的请求,如果发送CON请求,对方必须进行回应
- NON—不需要被确认的请求,如果发送NON请求,那么对方不必做出回应
- ACK—应答消息,对CON请求的响应
- RST—复位消息,当接受者接受到的消息包含一段错误信息,接受者解析消息,或者不在关心发送者发送的内容,复位消息将会被发送
2 软件
开源的Coap源码比较多,具体见链接。
因用在linux系统,选择libcoap。
系统:linux centos7
3 安装过程
3.1下载libcoap
终端运行
安装目录一般放到/usr/local
cd /usr/local
git clone http://github.com/obgm/libcoap
3.2 编译
cd libcoap
./autogen.sh
./configure -enable-documentation=no -enable-tests=no
但是还是提示程序中缺少 a2x错误,需要执行
./configure -enable-documentation=no -enable-manpages=no
稍后提示
checking for OpenSSL... yes
checking for compatible OpenSSL version (>= 1.1.0)... no
configure: error: ==> OpenSSL 1.0.1e too old. OpenSSL >= 1.1.0 required for suitable DTLS support build.
OpenSSL 1.0.1e is too old,需要升级.
3.3 升级openssl
3.3.1检查当前环境
-
查看当前版本
openssl version
或者使用
yum info openssl
-
在升级之前检查一下openssl的路径
which openssl
因为需要在升级openssl之后,我们需要使用软链接将其链接回此路径
3.3.2准备开始升级安装
1.下载与解压
安装目录一般放到/usr/local
cd /usr/local
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
tar -xzf openssl-1.1.0f.tar.gz
2.编译与安装
如果没有安装gcc可能会报错,可以直接使用yum安装一下gcc
yum install gcc
cd openssl-1.1.0f
./config
make
make install
3.尝试运行/usr/local/bin/openssl version
应该会出现下面的这个错误:
/usr/local/bin/openssl: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No such file or directory
4.下面为相关的解决办法:
备份
mv /usr/bin/openssl /usr/bin/openssl.OFF
mv /usr/include/openssl /usr/include/openssl.OFF
创建链接至libssl
将安装好的openssl 的openssl命令软连到/usr/bin/openssl
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
将安装好的openssl 的openssl目录软连到/usr/include/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo “/usr/local/openssl/lib”>>/etc/ld.so.conf
ldconfig -v
openssl version –a
还是提示:
/usr/local/bin/openssl: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No such file or directory
5.创建链接至新的openssl
ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/
ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/
ln -s /usr/local/bin/openssl /usr/bin/openssl_latest
6.检查openssl_latest的版本号是否是新的版本
openssl_latest version
OpenSSL 1.1.0f 25 May 2017
7.重命名旧的openssl文件名,并且将新的文件名改为openssl
cd /usr/bin/
mv openssl openssl_old
mv openssl_latest openssl
8、至此更新完成
再次用openssl version命令查看openssl的版本
[root@localhost bin]# openssl version
OpenSSL 1.1.0f 25 May 2017
3.4 OpenSSL版本仍提示过低
OpenSSL安装成功之后,依然提示版本过低
[root@localhost bin]# openssl version
OpenSSL 1.1.0f 25 May 2017
[root@localhost bin]# cd /root/libcoap
[root@localhost libcoap]# ./configure -enable-documentation=no -enable-tests=no
...............
checking whether the linker accepts -Wl,--version-script=./libcoap-2.map... yes
checking for GnuTLS... no
checking for OpenSSL... yes
checking for compatible OpenSSL version (>= 1.1.0)... no
configure: error: ==> OpenSSL 1.0.1e too old. OpenSSL >= 1.1.0 required for suitable DTLS support build.
[root@localhost libcoap]# pkg-config --modversion openssl
1.0.1e
查看libcoap中的configure文件发现,系统查找路径使用的pkg-configure
[root@localhost libcoap]# echo $PKG_CONFIG_PATH
[root@localhost libcoap]#
[root@localhost libcoap]# find / -name pkgconfig
/root/LNMP/lnmp1.4-full/src/openssl-1.0.2l/.openssl/lib/pkgconfig
/usr/lib64/pkgconfig
/usr/share/pkgconfig
/usr/local/lib64/pkgconfig
/usr/local/freetype/lib/pkgconfig
[root@localhost libcoap]#
[root@localhost libcoap]# pkg-config --modversion openssl
1.0.1e
[root@localhost libcoap]# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib64/pkgconfig
[root@localhost libcoap]# pkg-config --modversion openssl
1.1.0f
3.5继续安装
[root@localhost libcoap]# ./configure -enable-documentation=no -enable-tests=no
libcoap configuration summary:
libcoap package version : "4.2.0"
libcoap library version : "1.0.1"
libcoap API version : "2"
libcoap DTLS lib extn : "-openssl"
host system : "x86_64-unknown-linux-gnu"
build DTLS support : "yes"
--> OpenSSL around : "yes" (found OpenSSL 1.1.0f)
OPENSSL_CFLAGS : " "
OPENSSL_LIBS : "-lssl -lcrypto "
build doxygen pages : "no"
build man pages : "no"
build unit test binary : "no"
build examples : "yes"
build with gcov support : "no"
编译和安装
make
make install
错误备注:
make
collect2: error: ld returned 1 exit status
make[1]: *** [coap-client] 错误 1
make[1]: 离开目录“/root/libcoap/examples”
make: *** [install-recursive] 错误 1
这个错误时Openssl版本更改错误,不能直接复制新版本openssl.pc覆盖就版本的
4 测试
make[2]: 对“install-data-am”无需做任何事。
make[2]: 离开目录“/root/libcoap/examples”
make[1]: 离开目录“/root/libcoap/examples”
[root@localhost libcoap]# cd ./example
bash: cd: ./example: 没有那个文件或目录
[root@localhost libcoap]# cd ./examples
[root@localhost examples]# ./coap-server
另开启一个终端:
[root@localhost ~]# cd ./libcoap/examples
[root@localhost examples]# ./coap-client
lt-coap-client v4.2.0 -- a small CoAP implementation
Copyright (C) 2010-2019 Olaf Bergmann <bergmann@tzi.org> and others
TLS Library: OpenSSL - runtime 1.1.0f, libcoap built for 1.1.0f
Usage: lt-coap-client [-a addr] [-b [num,]size] [-e text] [-f file] [-l loss]
[-m method] [-o file] [-p port] [-r] [-s duration] [-t type]
[-v num] [-A type] [-B seconds] [-K interval] [-N] [-O num,text]
[-P addr[:port]] [-T token] [-U]
[[-k key] [-u user]]
[[-c certfile] [-C cafile] [-R root_cafile]] URI
URI can be an absolute URI or a URI prefixed with scheme and host
General Options
-a addr The local interface address to use
-b [num,]size Block size to be used in GET/PUT/POST requests
(value must be a multiple of 16 not larger than 1024)
If num is present, the request chain will start at
block num
-e text Include text as payload (use percent-encoding for
non-ASCII characters)
-f file File to send with PUT/POST (use '-' for STDIN)
-l list Fail to send some datagrams specified by a comma
separated list of numbers or number ranges
(for debugging only)
-l loss% Randomly fail to send datagrams with the specified
probability - 100% all datagrams, 0% no datagrams
-m method Request method (get|put|post|delete|fetch|patch|ipatch),
default is 'get'
-o file Output received data to this file (use '-' for STDOUT)
-p port Listen on specified port
-r Use reliable protocol (TCP or TLS)
-s duration Subscribe to / Observe resource for given duration
in seconds
-t type Content format for given resource for PUT/POST
-v num Verbosity level (default 3, maximum is 9). Above 7,
there is increased verbosity in GnuTLS logging
-A type Accepted media type
-B seconds Break operation after waiting given seconds
(default is 90)
-K interval send a ping after interval seconds of inactivity
(TCP only)
-N Send NON-confirmable message
-O num,text Add option num with contents text to request
-P addr[:port] Use proxy (automatically adds Proxy-Uri option to
request)
-T token Include specified token
-U Never include Uri-Host or Uri-Port options
PSK Options (if supported by underlying (D)TLS library)
-k key Pre-shared key for the specified user
-u user User identity for pre-shared key mode
PKI Options (if supported by underlying (D)TLS library)
-c certfile PEM file containing both CERTIFICATE and PRIVATE KEY
This argument requires (D)TLS with PKI to be available
-C cafile PEM file containing the CA Certificate that was used to
sign the certfile. This will trigger the validation of
the server certificate. If certfile is self-signed (as
defined by '-c certfile'), then you need to have on the
command line the same filename for both the certfile and
cafile (as in '-c certfile -C certfile') to trigger
validation
-R root_cafile PEM file containing the set of trusted root CAs that
are to be used to validate the server certificate.
The '-C cafile' does not have to be in this list and is
'trusted' for the verification.
Alternatively, this can point to a directory containing
a set of CA PEM files
Examples:
coap-client -m get coap://[::1]/
coap-client -m get coap://[::1]/.well-known/core
coap-client -m get coap+tcp://[::1]/.well-known/core
coap-client -m get coaps://[::1]/.well-known/core
coap-client -m get coaps+tcp://[::1]/.well-known/core
coap-client -m get -T cafe coap://[::1]/time
echo -n 1000 | coap-client -m put -T cafe coap://[::1]/time -f -
[root@localhost examples]# ./coap-client -m get coap://127.0.0.1/
This is a test server made with libcoap (see https://libcoap.net)
Copyright (C) 2010--2019 Olaf Bergmann <bergmann@tzi.org> and others
说明安装成功
也可以再谷歌浏览器中安装copper插件,具体见教程链接
输入相应的地址,使用get可以获得一下信息(备注:这是云服务器测试图)
5总结
安装的难点是小白型详细介绍资料极少,报错不知道如何处理。
- ./configure
- openssl的安装
- openssl 版本的环境变量设置