mirror of
https://github.com/corda/corda.git
synced 2024-12-28 16:58:55 +00:00
MERGE: OS Merge Fixes
This commit is contained in:
Katelyn Baker
parent
5bb9514582
commit
03478142ef
@ -5,20 +5,11 @@ Here's a summary of what's changed in each Corda release. For guidance on how to
|
||||
release, see :doc:`upgrade-notes`.
|
||||
|
||||
Unreleased
|
||||
==========
|
||||
----------
|
||||
|
||||
* Fix CORDA-1229. Setter-based serialization was broken with generic types when the property was stored
|
||||
as the raw type, List for example.
|
||||
|
||||
* java.security.cert.CRLReason added to the default Whitelist.
|
||||
|
||||
* java.security.cert.X509CRL serialization support added.
|
||||
|
||||
* Upgraded H2 to v1.4.197.
|
||||
|
||||
* Shell (embedded available only in dev mode or via SSH) connects to the node via RPC instead of using the ``CordaRPCOps`` object directly.
|
||||
To enable RPC connectivity ensure node’s ``rpcSettings.address`` and ``rpcSettings.adminAddress`` settings are present.
|
||||
|
||||
* The network bootstrapper uses the existing network parameters file to update the current contracts whitelist, and no longer
|
||||
needs the whitelist.txt file.
|
||||
|
||||
@ -34,12 +25,22 @@ Unreleased
|
||||
only once when it was created. Whilst registering serializers that already exist is essentially a no-op, it's a performance overhead for
|
||||
a very frequent operation that hits a synchronisation point (and is thus flagged as contended by our perfomance suite)
|
||||
|
||||
* Update the fast-classpath-scanner dependent library version from 2.0.21 to 2.12.3
|
||||
|
||||
.. note:: Whilst this is not the latest version of this library, that being 2.18.1 at time of writing, versions later
|
||||
than 2.12.3 (including 2.12.4) exhibit a different issue.
|
||||
|
||||
* Fixed security vulnerability when using the ``HashAttachmentConstraint``. Added strict check that the contract JARs
|
||||
referenced in a transaction were deployed on the node.
|
||||
|
||||
* Fixed node's behaviour on startup when there is no connectivity to network map. Node continues to work normally if it has
|
||||
all the needed network data, waiting in the background for network map to become available.
|
||||
|
||||
* Node can be shut down abruptly by ``shutdown`` function in `CordaRPCOps` or gracefully (draining flows first) through ``gracefulShutdown`` command from shell.
|
||||
|
||||
* Carpenter Exceptions will be caught internally by the Serializer and rethrown as a ``NotSerializableException``
|
||||
|
||||
* Specific details of the error encountered are logged to the node's log file. More information can be enabled by setting the debug level to
|
||||
``trace`` ; this will cause the full stack trace of the error to be dumped into the log.
|
||||
* Specific details of the error encountered are logged to the node's log file. More information can be enabled by setting the debug level to ``trace`` ; this will cause the full stack trace of the error to be dumped into the log.
|
||||
|
||||
* Parsing of ``NodeConfiguration`` will now fail if unknown configuration keys are found.
|
||||
|
||||
@ -51,22 +52,52 @@ Unreleased
|
||||
|
||||
* java.math.BigInteger serialization support added.
|
||||
|
||||
* Update the fast-classpath-scanner dependent library version from 2.0.21 to 2.12.3
|
||||
* java.security.cert.CRLReason added to the default Whitelist.
|
||||
|
||||
.. note:: Whilst this is not the latest version of this library, that being 2.18.1 at time of writing, versions later
|
||||
than 2.12.3 (including 2.12.4) exhibit a different issue.
|
||||
* java.security.cert.X509CRL serialization support added.
|
||||
|
||||
* Updated the api scanner gradle plugin to work the same way as the version in master. These changes make the api scanner more
|
||||
accurate and fix a couple of bugs, and change the format of the api-current.txt file slightly. Backporting these changes
|
||||
to the v3 branch will make it easier for us to ensure that apis are stable for future versions. These changes are
|
||||
released in gradle plugins version 3.0.10. For more information on the api scanner see
|
||||
the `documentation <https://github.com/corda/corda-gradle-plugins/tree/master/api-scanner>`_.
|
||||
* Upgraded H2 to v1.4.197.
|
||||
|
||||
* Fixed security vulnerability when using the ``HashAttachmentConstraint``. Added strict check that the contract JARs
|
||||
referenced in a transaction were deployed on the node.
|
||||
* Per CorDapp configuration is now exposed. ``CordappContext`` now exposes a ``CordappConfig`` object that is populated
|
||||
at CorDapp context creation time from a file source during runtime.
|
||||
|
||||
* Introduced Flow Draining mode, in which a node continues executing existing flows, but does not start new. This is to support graceful node shutdown/restarts.
|
||||
In particular, when this mode is on, new flows through RPC will be rejected, scheduled flows will be ignored, and initial session messages will not be consumed.
|
||||
This will ensure that the number of checkpoints will strictly diminish with time, allowing for a clean shutdown.
|
||||
|
||||
* Make the serialisation finger-printer a pluggable entity rather than hard wiring into the factory
|
||||
|
||||
* Removed blacklisted word checks in Corda X.500 name to allow "Server" or "Node" to be use as part of the legal name.
|
||||
|
||||
* Separated our pre-existing Artemis broker into an RPC broker and a P2P broker.
|
||||
|
||||
* Refactored ``NodeConfiguration`` to expose ``NodeRpcOptions`` (using top-level "rpcAddress" property still works with warning).
|
||||
|
||||
* Modified ``CordaRPCClient`` constructor to take a ``SSLConfiguration?`` additional parameter, defaulted to ``null``.
|
||||
|
||||
* Introduced ``CertificateChainCheckPolicy.UsernameMustMatchCommonName`` sub-type, allowing customers to optionally enforce username == CN condition on RPC SSL certificates.
|
||||
|
||||
* Modified ``DriverDSL`` and sub-types to allow specifying RPC settings for the Node.
|
||||
|
||||
* Modified the ``DriverDSL`` to start Cordformation nodes allowing automatic generation of "rpcSettings.adminAddress" in case "rcpSettings.useSsl" is ``false`` (the default).
|
||||
|
||||
* Introduced ``UnsafeCertificatesFactory`` allowing programmatic generation of X509 certificates for test purposes.
|
||||
|
||||
* JPA Mapping annotations for States extending ``CommonSchemaV1.LinearState`` and ``CommonSchemaV1.FungibleState`` on the
|
||||
`participants` collection need to be moved to the actual class. This allows to properly specify the unique table name per a collection.
|
||||
See: DummyDealStateSchemaV1.PersistentDummyDealState
|
||||
|
||||
* JPA Mapping annotations for States extending ``CommonSchemaV1.LinearState`` and ``CommonSchemaV1.FungibleState`` on the
|
||||
`participants` collection need to be moved to the actual State class. This allows developers to properly specify
|
||||
the table name for the `participants` collection.
|
||||
For an example on how the mapping can be done, see: DummyDealStateSchemaV1.PersistentDummyDealState
|
||||
|
||||
* JDBC drivers for SQL server and PostgresSQL are no longer bundled as part of Corda releases. If you are running a node
|
||||
on such databases you need to provide the associated driver as described in :doc:`node-database`.
|
||||
|
||||
* Shell (embedded shell available only in dev mode or via SSH) connects to the node via RPC instead of using the ``CordaRPCOps`` object directly.
|
||||
To enable RPC connectivity ensure node’s ``rpcSettings.address`` and ``rpcSettings.adminAddress`` settings are present.
|
||||
|
||||
* Fixed node's behaviour on startup when there is no connectivity to network map. Node continues to work normally if it has
|
||||
all the needed network data, waiting in the background for network map to become available.
|
||||
|
||||
R3 Corda 3.0 Developer Preview
|
||||
------------------------------
|
||||
|
||||
@ -154,62 +154,8 @@ Please note this release is distributed under license and should not be used in
|
||||
|
||||
We look forward to hearing your feedback on this Developer Preview.
|
||||
|
||||
<<<<<<< HEAD
|
||||
Corda 2.0
|
||||
---------
|
||||
=======
|
||||
Documentation can be found in :doc:`cordapp-custom-serializers`
|
||||
|
||||
|
||||
Security Auditing
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
This version of Corda is the first to have had select components subjected to the newly established security review process
|
||||
by R3's internal security team. Security review will be an on-going process that seeks to provide assurance that the
|
||||
security model of Corda has been implemented to the highest standard, and is in line with industry best practice.
|
||||
|
||||
As part of this security review process, an independent external security audit of the HTTP based components of the code
|
||||
was undertaken and its recommendations were acted upon. The security assurance process will develop in parallel to the
|
||||
Corda platform and will combine code review, automated security testing and secure development practices to ensure Corda
|
||||
fulfils its security guarantees.
|
||||
|
||||
Security fixes
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
* Due to a potential privacy leak, there has been a breaking change in the error object returned by the
|
||||
notary service when trying to consume the same state twice: `NotaryError.Conflict` no longer contains the identity
|
||||
of the party that initiated the first spend of the state, and specifies the hash of the consuming transaction id for
|
||||
a state instead of the id itself.
|
||||
|
||||
Without this change, knowing the reference of a particular state, an attacker could construct an invalid
|
||||
double-spend transaction, and obtain the information on the transaction and the party that consumed it. It could
|
||||
repeat this process with the newly obtained transaction id by guessing its output indexes to obtain the forward
|
||||
transaction graph with associated identities. When anonymous identities are used, this could also reveal the identity
|
||||
of the owner of an asset.
|
||||
|
||||
Minor Changes
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
* Upgraded gradle to 4.4.1.
|
||||
|
||||
.. note:: To avoid potential incompatibility issues we recommend you also upgrade your CorDapp's gradle
|
||||
plugin to match. Details on how to do this can be found on the official
|
||||
`gradle website <https://docs.gradle.org/current/userguide/gradle_wrapper.html#sec:upgrading_wrapper>`_
|
||||
|
||||
* Cash Spending now allows for sending multiple amounts to multiple parties with a single API call
|
||||
|
||||
- documentation can be found within the JavaDocs on ``TwoPartyTradeFlow``.
|
||||
* Overall improvements to error handling (RPC, Flows, Network Client).
|
||||
* TLS authentication now supports mixed RSA and ECDSA keys.
|
||||
* PrivacySalt computation is faster as it does not depend on the OS's entropy pool directly.
|
||||
* Numerous bug fixes and documentation tweaks.
|
||||
* Removed dependency on Jolokia WAR file.
|
||||
|
||||
.. _release_notes_v2_0:
|
||||
|
||||
Release 2.0
|
||||
-----------
|
||||
>>>>>>> open/master
|
||||
Following quickly on the heels of the release of Corda 1.0, Corda version 2.0 consolidates
|
||||
a number of security updates for our dependent libraries alongside the reintroduction of the Observer node functionality.
|
||||
This was absent from version 1 but based on user feedback its re-introduction removes the need for complicated "isRelevant()" checks.
|
||||
@ -227,15 +173,8 @@ Adds the facility for transparent forwarding of transactions to some third party
|
||||
that entity simply run an Observer node they can simply receive a stream of digitally signed, de-duplicated reports that
|
||||
can be used for reporting.
|
||||
|
||||
<<<<<<< HEAD
|
||||
Corda 1.0
|
||||
---------
|
||||
=======
|
||||
.. _release_notes_v1_0:
|
||||
|
||||
Release 1.0
|
||||
-----------
|
||||
>>>>>>> open/master
|
||||
Corda 1.0 is finally here!
|
||||
|
||||
This critical step in the Corda journey enables the developer community, clients, and partners to build on Corda with confidence.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user