yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(gw): remove needless files

This commit is contained in:
JianBo He 2021-08-04 14:44:39 +08:00
parent 94e33c3917
commit 835eb84b5d
5 changed files with 0 additions and 579 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
apps/emqx_gateway/etc/emqx_coap.conf
View File

@ -1,82 +0,0 @@
##--------------------------------------------------------------------
## CoAP Gateway
##--------------------------------------------------------------------
## The IP and UDP port that CoAP bind with.
##
## Default: "0.0.0.0:5683"
##
## Examples:
## coap.bind.udp.x = "0.0.0.0:5683" | ":::5683" | "127.0.0.1:5683" | "::1:5683"
##
coap.bind.udp.1 = "0.0.0.0:5683"
##coap.bind.udp.2 = "0.0.0.0:6683"
## Whether to enable statistics for CoAP clients.
##
## Value: on | off
coap.enable_stats = off
##------------------------------------------------------------------------------
## DTLS options
## The DTLS port that CoAP is listening on.
##
## Default: "0.0.0.0:5684"
##
## Examples:
## coap.bind.dtls.x = "0.0.0.0:5684" | ":::5684" | "127.0.0.1:5684" | "::1:5684"
##
coap.bind.dtls.1 = "0.0.0.0:5684"
##coap.bind.dtls.2 = "0.0.0.0:6684"
## A server only does x509-path validation in mode verify_peer,
## as it then sends a certificate request to the client (this
## message is not sent if the verify option is verify_none).
## You can then also want to specify option fail_if_no_peer_cert.
## More information at: http://erlang.org/doc/man/ssl.html
##
## Value: verify_peer | verify_none
## coap.dtls.verify = verify_peer
## Private key file for DTLS
##
## Value: File
coap.dtls.keyfile = "{{ platform_etc_dir }}/certs/key.pem"
## Server certificate for DTLS.
##
## Value: File
coap.dtls.certfile = "{{ platform_etc_dir }}/certs/cert.pem"
## PEM-encoded CA certificates for DTLS
##
## Value: File
## coap.dtls.cacertfile = "{{ platform_etc_dir }}/certs/cacert.pem"
## Used together with {verify, verify_peer} by an SSL server. If set to true,
## the server fails if the client does not have a certificate to send, that is,
## sends an empty certificate.
##
## Value: true | false
## coap.dtls.fail_if_no_peer_cert = false
## This is the single most important configuration option of an Erlang SSL
## application. Ciphers (and their ordering) define the way the client and
## server encrypt information over the wire, from the initial Diffie-Helman
## key exchange, the session key encryption ## algorithm and the message
## digest algorithm. Selecting a good cipher suite is critical for the
## applications data security, confidentiality and performance.
##
## The cipher list above offers:
##
## A good balance between compatibility with older browsers.
## It can get stricter for Machine-To-Machine scenarios.
## Perfect Forward Secrecy.
## No old/insecure encryption and HMAC algorithms
##
## Most of it was copied from Mozillas Server Side TLS article
##
## Value: Ciphers
coap.dtls.ciphers = "ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA"

149
apps/emqx_gateway/etc/emqx_lwm2m.conf
View File

@ -1,149 +0,0 @@
##--------------------------------------------------------------------
## LwM2M Gateway
##--------------------------------------------------------------------
##--------------------------------------------------------------------
## Protocols
# To Limit the range of lifetime, in seconds
lwm2m.lifetime_min = 1s
lwm2m.lifetime_max = 86400s
# The time window for Q Mode, indicating that after how long time
# the downlink commands sent to the client will be cached.
#lwm2m.qmode_time_window = 22
# Auto send observer command to device. It can be configured as an OjbectList
# so that emqx will automatically observe the objects in this list.
#
# For examples: "/3/0,/3/0/1,/32976"
#
# Value: off | on | String
#lwm2m.auto_observe = off
# The topic subscribed by the lwm2m client after it is connected
# Placeholders supported:
# '%e': Endpoint Name
# '%a': IP Address
lwm2m.mountpoint = "lwm2m/%e/"
# The topic subscribed by the lwm2m client after it is connected
# Placeholders supported:
# '%e': Endpoint Name
# '%a': IP Address
lwm2m.topics.command = "dn/#"
# The topic to which the lwm2m client's response is published
lwm2m.topics.response = "up/resp"
# The topic to which the lwm2m client's notify message is published
lwm2m.topics.notify = "up/notify"
# The topic to which the lwm2m client's register message is published
lwm2m.topics.register = "up/resp"
# The topic to which the lwm2m client's update message is published
lwm2m.topics.update = "up/resp"
# When publish the update message.
#
# Can be one of:
# - contains_object_list: only if the update message contains object list
# - always: always publish the update message
#
# Defaults to contains_object_list
#lwm2m.update_msg_publish_condition = contains_object_list
# Dir where the object definition files can be found
lwm2m.xml_dir = "{{ platform_etc_dir }}/lwm2m_xml"
##--------------------------------------------------------------------
## UDP Listener options
## The IP and port of the LwM2M Gateway
##
## Default: "0.0.0.0:5683"
## Examples:
## lwm2m.bind.udp.x = "0.0.0.0:5683" | ":::5683" | "127.0.0.1:5683" | "::1:5683"
lwm2m.bind.udp.1 = "0.0.0.0:5683"
#lwm2m.bind.udp.2 = "0.0.0.0:6683"
## Socket options, used for performance tuning
##
## Examples:
## lwm2m.opts.$name = $value
## See: https://erlang.org/doc/man/gen_udp.html#type-option
lwm2m.opts.buffer = 1024KB
lwm2m.opts.recbuf = 1024KB
lwm2m.opts.sndbuf = 1024KB
lwm2m.opts.read_packets = 20
##--------------------------------------------------------------------
## DTLS Listener Options
## The DTLS port that LwM2M is listening on.
##
## Default: "0.0.0.0:5684"
##
## Examples:
## lwm2m.bind.dtls.x = "0.0.0.0:5684" | ":::5684" | "127.0.0.1:5684" | "::1:5684"
##
lwm2m.bind.dtls.1 = "0.0.0.0:5684"
#lwm2m.bind.dtls.2 = "0.0.0.0:6684"
## A server only does x509-path validation in mode verify_peer,
## as it then sends a certificate request to the client (this
## message is not sent if the verify option is verify_none).
## You can then also want to specify option fail_if_no_peer_cert.
## More information at: http://erlang.org/doc/man/ssl.html
##
## Value: verify_peer | verify_none
#lwm2m.dtls.verify = verify_peer
## Private key file for DTLS
##
## Value: File
lwm2m.dtls.keyfile = "{{ platform_etc_dir }}/certs/key.pem"
## Server certificate for DTLS.
##
## Value: File
lwm2m.dtls.certfile = "{{ platform_etc_dir }}/certs/cert.pem"
## PEM-encoded CA certificates for DTLS
##
## Value: File
#lwm2m.dtls.cacertfile = "{{ platform_etc_dir }}/certs/cacert.pem"
## Used together with {verify, verify_peer} by an SSL server. If set to true,
## the server fails if the client does not have a certificate to send, that is,
## sends an empty certificate.
##
## Value: true | false
#lwm2m.dtls.fail_if_no_peer_cert = false
## This is the single most important configuration option of an Erlang SSL
## application. Ciphers (and their ordering) define the way the client and
## server encrypt information over the wire, from the initial Diffie-Helman
## key exchange, the session key encryption ## algorithm and the message
## digest algorithm. Selecting a good cipher suite is critical for the
## applications data security, confidentiality and performance.
##
## The cipher list above offers:
##
## A good balance between compatibility with older browsers.
## It can get stricter for Machine-To-Machine scenarios.
## Perfect Forward Secrecy.
## No old/insecure encryption and HMAC algorithms
##
## Most of it was copied from Mozillas Server Side TLS article
##
## Value: Ciphers
lwm2m.dtls.ciphers = "ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA"
## Ciphers for TLS PSK.
##
## Note that 'lwm2m.dtls.ciphers' and 'lwm2m.dtls.psk_ciphers' cannot
## be configured at the same time.
## See 'https://tools.ietf.org/html/rfc4279#section-2'.
#lwm2m.dtls.psk_ciphers = "PSK-AES128-CBC-SHA,PSK-AES256-CBC-SHA,PSK-3DES-EDE-CBC-SHA,PSK-RC4-SHA"

90
apps/emqx_gateway/etc/priv/emqx_coap.schema
View File

@ -1,90 +0,0 @@
%%-*- mode: erlang -*-
%% emqx_coap config mapping
{mapping, "coap.bind.udp.$number", "emqx_coap.bind_udp", [
{datatype, ip},
{default, "0.0.0.0:5683"}
]}.
{mapping, "coap.enable_stats", "emqx_coap.enable_stats", [
{datatype, flag}
]}.
{mapping, "coap.bind.dtls.$number", "emqx_coap.bind_dtls", [
{datatype, ip},
{default, "0.0.0.0:5684"}
]}.
{mapping, "coap.dtls.keyfile", "emqx_coap.dtls_opts", [
{datatype, string}
]}.
{mapping, "coap.dtls.certfile", "emqx_coap.dtls_opts", [
{datatype, string}
]}.
{mapping, "coap.dtls.verify", "emqx_coap.dtls_opts", [
{default, verify_none},
{datatype, {enum, [verify_none, verify_peer]}}
]}.
{mapping, "coap.dtls.cacertfile", "emqx_coap.dtls_opts", [
{datatype, string}
]}.
{mapping, "coap.dtls.fail_if_no_peer_cert", "emqx_coap.dtls_opts", [
{datatype, {enum, [true, false]}}
]}.
{mapping, "coap.dtls.ciphers", "emqx_coap.dtls_opts", [
{datatype, string}
]}.
{translation, "emqx_coap.bind_udp", fun(Conf) ->
Options = cuttlefish_variable:filter_by_prefix("coap.bind.udp", Conf),
lists:map(fun({_, Bind}) ->
{Ip, Port} = cuttlefish_datatypes:from_string(Bind, ip),
Opts = case inet:parse_address(Ip) of
{ok, {_,_,_,_} = Address} ->
[inet, {ip, Address}];
{ok, {_,_,_,_,_,_,_,_} = Address} ->
[inet6, {ip, Address}]
end,
{Port, Opts}
end, Options)
end}.
{translation, "emqx_coap.bind_dtls", fun(Conf) ->
Options = cuttlefish_variable:filter_by_prefix("coap.bind.dtls", Conf),
lists:map(fun({_, Bind}) ->
{Ip, Port} = cuttlefish_datatypes:from_string(Bind, ip),
Opts = case inet:parse_address(Ip) of
{ok, {_,_,_,_} = Address} ->
[inet, {ip, Address}];
{ok, {_,_,_,_,_,_,_,_} = Address} ->
[inet6, {ip, Address}]
end,
{Port, Opts}
end, Options)
end}.
{translation, "emqx_coap.dtls_opts", fun(Conf) ->
Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
%% Ciphers
SplitFun = fun(undefined) -> undefined; (S) -> string:tokens(S, ",") end,
Ciphers =
case cuttlefish:conf_get("coap.dtls.ciphers", Conf, undefined) of
undefined ->
lists:append([ssl:cipher_suites(all, V, openssl) || V <- ['dtlsv1.2', 'dtlsv1']]);
C ->
SplitFun(C)
end,
Filter([{verify, cuttlefish:conf_get("coap.dtls.verify", Conf, undefined)},
{keyfile, cuttlefish:conf_get("coap.dtls.keyfile", Conf, undefined)},
{certfile, cuttlefish:conf_get("coap.dtls.certfile", Conf, undefined)},
{cacertfile, cuttlefish:conf_get("coap.dtls.cacertfile", Conf, undefined)},
{fail_if_no_peer_cert, cuttlefish:conf_get("coap.dtls.fail_if_no_peer_cert", Conf, undefined)},
{ciphers, Ciphers}])
end}.

38
apps/emqx_gateway/etc/priv/emqx_exhook.schema
View File

@ -1,38 +0,0 @@
%%-*- mode: erlang -*-
{mapping, "exhook.server.$name.url", "emqx_exhook.servers", [
{datatype, string}
]}.
{mapping, "exhook.server.$name.ssl.cacertfile", "emqx_exhook.servers", [
{datatype, string}
]}.
{mapping, "exhook.server.$name.ssl.certfile", "emqx_exhook.servers", [
{datatype, string}
]}.
{mapping, "exhook.server.$name.ssl.keyfile", "emqx_exhook.servers", [
{datatype, string}
]}.
{translation, "emqx_exhook.servers", fun(Conf) ->
Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
ServerOptions = fun(Prefix) ->
case http_uri:parse(cuttlefish:conf_get(Prefix ++ ".url", Conf)) of
{ok, {http, _, Host, Port, _, _}} ->
[{scheme, http}, {host, Host}, {port, Port}];
{ok, {https, _, Host, Port, _, _}} ->
[{scheme, https}, {host, Host}, {port, Port},
{ssl_options,
Filter([{ssl, true},
{certfile, cuttlefish:conf_get(Prefix ++ ".ssl.certfile", Conf, undefined)},
{keyfile, cuttlefish:conf_get(Prefix ++ ".ssl.keyfile", Conf, undefined)},
{cacertfile, cuttlefish:conf_get(Prefix ++ ".ssl.cacertfile", Conf, undefined)}
])}];
_ -> error(invalid_server_options)
end
end,
[{list_to_atom(Name), ServerOptions("exhook.server." ++ Name)}
|| {["exhook", "server", Name, "url"], _} <- cuttlefish_variable:filter_by_prefix("exhook.server", Conf)]
end}.

220
apps/emqx_gateway/etc/priv/emqx_lwm2m.schema
View File

@ -1,220 +0,0 @@
%% -*-: erlang -*-
{mapping, "lwm2m.bind.udp.$number", "emqx_lwm2m.bind_udp", [
{datatype, ip},
{default, "0.0.0.0:5683"}
]}.
{mapping, "lwm2m.bind.dtls.$number", "emqx_lwm2m.bind_dtls", [
{datatype, ip},
{default, "0.0.0.0:5684"}
]}.
{mapping, "lwm2m.lifetime_min", "emqx_lwm2m.lifetime_min", [
{datatype, {duration, s}},
{default, 0}
]}.
{mapping, "lwm2m.lifetime_max", "emqx_lwm2m.lifetime_max", [
{datatype, {duration, s}},
{default, 315360000} %% 10 years
]}.
{mapping, "lwm2m.qmode_time_window", "emqx_lwm2m.qmode_time_window", [
{datatype, integer},
{default, 0}
]}.
{mapping, "lwm2m.auto_observe", "emqx_lwm2m.auto_observe", [
{datatype, string},
{default, "off"} %% BACKW: v4.3.0
]}.
{mapping, "lwm2m.lb", "emqx_lwm2m.options", [
{datatype, atom},
{default, undefined}
]}.
{mapping, "lwm2m.opts.$name", "emqx_lwm2m.options", [
{datatype, bytesize}
]}.
{translation, "emqx_lwm2m.auto_observe", fun(Conf) ->
case cuttlefish:conf_get("lwm2m.auto_observe", Conf, "off") of
"off" -> false; %% BACKW: v4.3.0
"on" -> true; %% BACKW: v4.3.0
Str -> string:tokens(Str, ", ")
end
end}.
{translation, "emqx_lwm2m.bind_udp", fun(Conf) ->
Options = cuttlefish_variable:filter_by_prefix("lwm2m.bind.udp", Conf),
lists:map(fun({_, Bind}) ->
{Ip, Port} = cuttlefish_datatypes:from_string(Bind, ip),
Opts = case inet:parse_address(Ip) of
{ok, {_,_,_,_} = Address} ->
[inet, {ip, Address}];
{ok, {_,_,_,_,_,_,_,_} = Address} ->
[inet6, {ip, Address}]
end,
{Port, Opts}
end, Options)
end}.
{translation, "emqx_lwm2m.bind_dtls", fun(Conf) ->
Options = cuttlefish_variable:filter_by_prefix("lwm2m.bind.dtls", Conf),
lists:map(fun({_, Bind}) ->
{Ip, Port} = cuttlefish_datatypes:from_string(Bind, ip),
Opts = case inet:parse_address(Ip) of
{ok, {_,_,_,_} = Address} ->
[inet, {ip, Address}];
{ok, {_,_,_,_,_,_,_,_} = Address} ->
[inet6, {ip, Address}]
end,
{Port, Opts}
end, Options)
end}.
{translation, "emqx_lwm2m.options", fun(Conf) ->
Options = cuttlefish_variable:filter_by_prefix("lwm2m.opts", Conf),
Opts = lists:map(fun({[_,_, Key], Value}) ->
{list_to_atom(Key), Value}
end, Options),
case cuttlefish:conf_get("lwm2m.lb", Conf, undefined) of
undefined -> ignore;
_ ->
cuttlefish:warn("The 'lwm2m.lb' option has removed from v4.2.0!")
end,
Opts
end}.
{mapping, "lwm2m.mountpoint", "emqx_lwm2m.mountpoint", [
{datatype, string},
{default, ""}
]}.
{mapping, "lwm2m.topics.command", "emqx_lwm2m.topics", [
{datatype, string},
{default, "lwm2m/%e/dn/#"}
]}.
{mapping, "lwm2m.topics.response", "emqx_lwm2m.topics", [
{datatype, string},
{default, "lwm2m/%e/up/resp"}
]}.
{mapping, "lwm2m.topics.notify", "emqx_lwm2m.topics", [
{datatype, string},
{default, "lwm2m/%e/up/notify"}
]}.
{mapping, "lwm2m.topics.register", "emqx_lwm2m.topics", [
{datatype, string},
{default, "lwm2m/%e/up/resp"}
]}.
{mapping, "lwm2m.topics.update", "emqx_lwm2m.topics", [
{datatype, string},
{default, "lwm2m/%e/up/resp"}
]}.
{mapping, "lwm2m.update_msg_publish_condition", "emqx_lwm2m.update_msg_publish_condition", [
{datatype, {enum, [contains_object_list, always]}},
{default, contains_object_list}
]}.
{translation, "emqx_lwm2m.topics", fun(Conf) ->
Topics = cuttlefish_variable:filter_by_prefix("lwm2m.topics", Conf),
Opts = lists:map(fun({[_,_, Key], Value}) ->
{list_to_atom(Key), Value}
end, Topics),
Opts
end}.
{mapping, "lwm2m.xml_dir", "emqx_lwm2m.xml_dir", [
{datatype, string}
]}.
%% Plan to remove v5.0-alpha.1, please use lwm2m.dtls_opts.keyfile instead
{mapping, "lwm2m.keyfile", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
%% Plan to remove v5.0-alpha.1, please use lwm2m.dtls_opts.certfile instead
{mapping, "lwm2m.certfile", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{mapping, "lwm2m.dtls.keyfile", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{mapping, "lwm2m.dtls.certfile", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{mapping, "lwm2m.dtls.verify", "emqx_lwm2m.dtls_opts", [
{default, verify_none},
{datatype, {enum, [verify_none, verify_peer]}}
]}.
{mapping, "lwm2m.dtls.cacertfile", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{mapping, "lwm2m.dtls.fail_if_no_peer_cert", "emqx_lwm2m.dtls_opts", [
{datatype, {enum, [true, false]}}
]}.
{mapping, "lwm2m.dtls.ciphers", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{mapping, "lwm2m.dtls.psk_ciphers", "emqx_lwm2m.dtls_opts", [
{datatype, string}
]}.
{translation, "emqx_lwm2m.dtls_opts", fun(Conf) ->
Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
%% compatible with before v4.2
%% It plan to remove at v5.0-alpha.1
OldKey = cuttlefish:conf_get("lwm2m.keyfile", Conf, undefined),
OldCert = cuttlefish:conf_get("lwm2m.certfile", Conf, undefined),
%% Ciphers
SplitFun = fun(undefined) -> undefined; (S) -> string:tokens(S, ",") end,
Ciphers =
case cuttlefish:conf_get("lwm2m.dtls.ciphers", Conf, undefined) of
undefined ->
[];
C ->
[{ciphers, SplitFun(C)}]
end,
PskCiphers =
case cuttlefish:conf_get("lwm2m.dtls.psk_ciphers", Conf, undefined) of
undefined ->
[];
C2 ->
Psk = lists:map(fun("PSK-AES128-CBC-SHA") -> {psk, aes_128_cbc, sha};
("PSK-AES256-CBC-SHA") -> {psk, aes_256_cbc, sha};
("PSK-3DES-EDE-CBC-SHA") -> {psk, '3des_ede_cbc', sha};
("PSK-RC4-SHA") -> {psk, rc4_128, sha}
end, SplitFun(C2)),
[{ciphers, Psk}, {user_lookup_fun, {fun emqx_psk:lookup/3, <<>>}}]
end,
Ciphers /= []
andalso PskCiphers /= []
andalso cuttlefish:invalid("The 'lwm2m.dtls.ciphers' and 'lwm2m.dtls.psk_ciphers' cannot exist simultaneously."),
NCiphers = Ciphers ++ PskCiphers,
Filter([{verify, cuttlefish:conf_get("lwm2m.dtls.verify", Conf, undefined)},
{keyfile, cuttlefish:conf_get("lwm2m.dtls.keyfile", Conf, OldKey)},
{certfile, cuttlefish:conf_get("lwm2m.dtls.certfile", Conf, OldCert)},
{cacertfile, cuttlefish:conf_get("lwm2m.dtls.cacertfile", Conf, undefined)},
{fail_if_no_peer_cert, cuttlefish:conf_get("lwm2m.dtls.fail_if_no_peer_cert", Conf, undefined)} | NCiphers])
end}.