diff --git a/client/rpc/src/integration-test/kotlin/net/corda/client/rpc/FlowsExecutionModeRpcTest.kt b/client/rpc/src/integration-test/kotlin/net/corda/client/rpc/FlowsExecutionModeRpcTest.kt index 8dd2b3c119..c2db0111ae 100644 --- a/client/rpc/src/integration-test/kotlin/net/corda/client/rpc/FlowsExecutionModeRpcTest.kt +++ b/client/rpc/src/integration-test/kotlin/net/corda/client/rpc/FlowsExecutionModeRpcTest.kt @@ -54,7 +54,7 @@ class FlowsExecutionModeRpcTest : IntegrationTest() { assumeFalse(System.getProperty("os.name").toLowerCase().startsWith("win")) val user = User("mark", "dadada", setOf(invokeRpc("setFlowsDrainingModeEnabled"), invokeRpc("isFlowsDrainingModeEnabled"))) - driver(DriverParameters(isDebug = true, inMemoryDB = false, startNodesInProcess = true)) { + driver(DriverParameters(inMemoryDB = false, startNodesInProcess = true)) { val nodeName = { val nodeHandle = startNode(rpcUsers = listOf(user)).getOrThrow() val nodeName = nodeHandle.nodeInfo.chooseIdentity().name diff --git a/core/src/main/kotlin/net/corda/core/identity/CordaX500Name.kt b/core/src/main/kotlin/net/corda/core/identity/CordaX500Name.kt index cf9ad72a9d..74625b2ba9 100644 --- a/core/src/main/kotlin/net/corda/core/identity/CordaX500Name.kt +++ b/core/src/main/kotlin/net/corda/core/identity/CordaX500Name.kt @@ -13,13 +13,10 @@ package net.corda.core.identity import com.google.common.collect.ImmutableSet import net.corda.core.KeepForDJVM import net.corda.core.internal.LegalNameValidator +import net.corda.core.internal.toAttributesMap import net.corda.core.internal.unspecifiedCountry -import net.corda.core.internal.x500Name +import net.corda.core.internal.toX500Name import net.corda.core.serialization.CordaSerializable -import org.bouncycastle.asn1.ASN1Encodable -import org.bouncycastle.asn1.ASN1ObjectIdentifier -import org.bouncycastle.asn1.x500.AttributeTypeAndValue -import org.bouncycastle.asn1.x500.X500Name import org.bouncycastle.asn1.x500.style.BCStyle import java.util.* import javax.security.auth.x500.X500Principal @@ -96,29 +93,13 @@ data class CordaX500Name(val commonName: String?, @JvmStatic fun build(principal: X500Principal): CordaX500Name { - val x500Name = X500Name.getInstance(principal.encoded) - val attrsMap: Map = x500Name.rdNs - .flatMap { it.typesAndValues.asList() } - .groupBy(AttributeTypeAndValue::getType, AttributeTypeAndValue::getValue) - .mapValues { - require(it.value.size == 1) { "Duplicate attribute ${it.key}" } - it.value[0] - } - - // Supported attribute checks. - (attrsMap.keys - supportedAttributes).let { unsupported -> - require(unsupported.isEmpty()) { - "The following attribute${if (unsupported.size > 1) "s are" else " is"} not supported in Corda: " + - unsupported.map { BCStyle.INSTANCE.oidToDisplayName(it) } - } - } - + val attrsMap = principal.toAttributesMap(supportedAttributes) val CN = attrsMap[BCStyle.CN]?.toString() val OU = attrsMap[BCStyle.OU]?.toString() - val O = attrsMap[BCStyle.O]?.toString() ?: throw IllegalArgumentException("Corda X.500 names must include an O attribute") - val L = attrsMap[BCStyle.L]?.toString() ?: throw IllegalArgumentException("Corda X.500 names must include an L attribute") + val O = requireNotNull(attrsMap[BCStyle.O]?.toString()) { "Corda X.500 names must include an O attribute" } + val L = requireNotNull(attrsMap[BCStyle.L]?.toString()) { "Corda X.500 names must include an L attribute" } val ST = attrsMap[BCStyle.ST]?.toString() - val C = attrsMap[BCStyle.C]?.toString() ?: throw IllegalArgumentException("Corda X.500 names must include an C attribute") + val C = requireNotNull(attrsMap[BCStyle.C]?.toString()) { "Corda X.500 names must include an C attribute" } return CordaX500Name(CN, OU, O, L, ST, C) } @@ -132,7 +113,7 @@ data class CordaX500Name(val commonName: String?, /** Return the [X500Principal] equivalent of this name. */ val x500Principal: X500Principal get() { - return _x500Principal ?: X500Principal(this.x500Name.encoded).also { _x500Principal = it } + return _x500Principal ?: X500Principal(this.toX500Name().encoded).also { _x500Principal = it } } override fun toString(): String = x500Principal.toString() diff --git a/core/src/main/kotlin/net/corda/core/internal/InternalUtils.kt b/core/src/main/kotlin/net/corda/core/internal/InternalUtils.kt index 13296e70b3..2464734ef7 100644 --- a/core/src/main/kotlin/net/corda/core/internal/InternalUtils.kt +++ b/core/src/main/kotlin/net/corda/core/internal/InternalUtils.kt @@ -21,7 +21,6 @@ import net.corda.core.cordapp.CordappConfig import net.corda.core.cordapp.CordappContext import net.corda.core.crypto.* import net.corda.core.flows.FlowLogic -import net.corda.core.identity.CordaX500Name import net.corda.core.node.ServicesForResolution import net.corda.core.serialization.* import net.corda.core.transactions.LedgerTransaction @@ -30,9 +29,6 @@ import net.corda.core.transactions.TransactionBuilder import net.corda.core.transactions.WireTransaction import net.corda.core.utilities.OpaqueBytes import net.corda.core.utilities.UntrustworthyData -import org.bouncycastle.asn1.x500.X500Name -import org.bouncycastle.asn1.x500.X500NameBuilder -import org.bouncycastle.asn1.x500.style.BCStyle import org.slf4j.Logger import org.slf4j.MDC import rx.Observable @@ -487,27 +483,6 @@ $trustAnchor""", e, this, e.index) } } -/** - * Return the underlying X.500 name from this Corda-safe X.500 name. These are guaranteed to have a consistent - * ordering, such that their `toString()` function returns the same value every time for the same [CordaX500Name]. - */ -val CordaX500Name.x500Name: X500Name - get() { - return X500NameBuilder(BCStyle.INSTANCE).apply { - addRDN(BCStyle.C, country) - state?.let { addRDN(BCStyle.ST, it) } - addRDN(BCStyle.L, locality) - addRDN(BCStyle.O, organisation) - organisationUnit?.let { addRDN(BCStyle.OU, it) } - commonName?.let { addRDN(BCStyle.CN, it) } - }.build() - } - -@Suppress("unused") -@VisibleForTesting -val CordaX500Name.Companion.unspecifiedCountry - get() = "ZZ" - inline fun T.signWithCert(signer: (SerializedBytes) -> DigitalSignatureWithCert): SignedDataWithCert { val serialised = serialize() return SignedDataWithCert(serialised, signer(serialised)) diff --git a/core/src/main/kotlin/net/corda/core/internal/X500Utils.kt b/core/src/main/kotlin/net/corda/core/internal/X500Utils.kt new file mode 100644 index 0000000000..bd1e851825 --- /dev/null +++ b/core/src/main/kotlin/net/corda/core/internal/X500Utils.kt @@ -0,0 +1,73 @@ +@file:KeepForDJVM + +package net.corda.core.internal + +import net.corda.core.KeepForDJVM +import net.corda.core.identity.CordaX500Name +import org.bouncycastle.asn1.ASN1Encodable +import org.bouncycastle.asn1.ASN1ObjectIdentifier +import org.bouncycastle.asn1.x500.AttributeTypeAndValue +import org.bouncycastle.asn1.x500.X500Name +import org.bouncycastle.asn1.x500.X500NameBuilder +import org.bouncycastle.asn1.x500.style.BCStyle +import javax.security.auth.x500.X500Principal + +/** + * Return the underlying X.500 name from this Corda-safe X.500 name. These are guaranteed to have a consistent + * ordering, such that their `toString()` function returns the same value every time for the same [CordaX500Name]. + */ +fun CordaX500Name.toX500Name(): X500Name { + return X500NameBuilder(BCStyle.INSTANCE).apply { + addRDN(BCStyle.C, country) + state?.let { addRDN(BCStyle.ST, it) } + addRDN(BCStyle.L, locality) + addRDN(BCStyle.O, organisation) + organisationUnit?.let { addRDN(BCStyle.OU, it) } + commonName?.let { addRDN(BCStyle.CN, it) } + }.build() +} + +/** + * Converts the X500Principal instance to the X500Name object. + */ +fun X500Principal.toX500Name(): X500Name = X500Name.getInstance(this.encoded) + +/** + * Transforms the X500Principal to the attributes map. + * + * @param supportedAttributes list of supported attributes. If empty, it accepts all the attributes. + * + * @return attributes map for this principal + * @throws IllegalArgumentException if this principal consists of duplicated attributes or the attribute is not supported. + * + */ +fun X500Principal.toAttributesMap(supportedAttributes: Set = emptySet()): Map { + val x500Name = this.toX500Name() + val attrsMap: Map = x500Name.rdNs + .flatMap { it.typesAndValues.asList() } + .groupBy(AttributeTypeAndValue::getType, AttributeTypeAndValue::getValue) + .mapValues { + require(it.value.size == 1) { "Duplicate attribute ${it.key}" } + it.value[0] + } + if (supportedAttributes.isNotEmpty()) { + (attrsMap.keys - supportedAttributes).let { unsupported -> + require(unsupported.isEmpty()) { + "The following attribute${if (unsupported.size > 1) "s are" else " is"} not supported in Corda: " + + unsupported.map { BCStyle.INSTANCE.oidToDisplayName(it) } + } + } + } + return attrsMap +} + +/** + * Checks equality between the two X500Principal instances ignoring the ordering of the X500Name parts. + */ +fun X500Principal.isEquivalentTo(other: X500Principal): Boolean { + return toAttributesMap() == other.toAttributesMap() +} + +@VisibleForTesting +val CordaX500Name.Companion.unspecifiedCountry + get() = "ZZ" diff --git a/core/src/test/kotlin/net/corda/core/identity/X500UtilsTest.kt b/core/src/test/kotlin/net/corda/core/identity/X500UtilsTest.kt new file mode 100644 index 0000000000..ba166cb7c1 --- /dev/null +++ b/core/src/test/kotlin/net/corda/core/identity/X500UtilsTest.kt @@ -0,0 +1,26 @@ +package net.corda.core.identity + +import net.corda.core.internal.isEquivalentTo +import org.junit.Test +import javax.security.auth.x500.X500Principal +import kotlin.test.assertTrue + +class X500UtilsTest { + + @Test + fun `X500Principal equalX500NameParts matches regardless the order`() { + // given + val orderingA = "O=Bank A, OU=Organisation Unit, L=New York, C=US" + val orderingB = "OU=Organisation Unit, O=Bank A, L=New York, C=US" + val orderingC = "L=New York, O=Bank A, C=US, OU=Organisation Unit" + + // when + val principalA = X500Principal(orderingA) + val principalB = X500Principal(orderingB) + val principalC = X500Principal(orderingC) + + // then + assertTrue { principalA.isEquivalentTo(principalB) } + assertTrue { principalB.isEquivalentTo(principalC) } + } +} diff --git a/docs/source/network-map.rst b/docs/source/network-map.rst index 26afe30595..da37de644d 100644 --- a/docs/source/network-map.rst +++ b/docs/source/network-map.rst @@ -1,6 +1,8 @@ -Network Map +Network map =========== +.. contents:: + The network map is a collection of signed ``NodeInfo`` objects. Each NodeInfo is signed by the node it represents and thus cannot be tampered with. It forms the set of reachable nodes in a compatibility zone. A node can receive these objects from two sources: diff --git a/docs/source/setting-up-a-corda-network.rst b/docs/source/setting-up-a-corda-network.rst index 7b329272ea..99fdf861ea 100644 --- a/docs/source/setting-up-a-corda-network.rst +++ b/docs/source/setting-up-a-corda-network.rst @@ -3,6 +3,8 @@ Setting up a Corda network ========================== +.. contents:: + A Corda network consists of a number of machines running nodes. These nodes communicate using persistent protocols in order to create and validate transactions. diff --git a/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt b/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt index 85a49cd363..985fc7f9ba 100644 --- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt +++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/KeyStoreConfigHelpers.kt @@ -14,7 +14,7 @@ import net.corda.core.crypto.Crypto import net.corda.core.crypto.Crypto.generateKeyPair import net.corda.core.identity.CordaX500Name import net.corda.core.identity.PartyAndCertificate -import net.corda.core.internal.x500Name +import net.corda.core.internal.toX500Name import net.corda.nodeapi.internal.config.SSLConfiguration import net.corda.nodeapi.internal.crypto.* import org.bouncycastle.asn1.x509.GeneralName @@ -93,7 +93,7 @@ fun createDevNetworkMapCa(rootCa: CertificateAndKeyPair = DEV_ROOT_CA): Certific fun createDevNodeCa(intermediateCa: CertificateAndKeyPair, legalName: CordaX500Name, nodeKeyPair: KeyPair = generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME)): CertificateAndKeyPair { - val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.x500Name))), arrayOf()) + val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.toX500Name()))), arrayOf()) val cert = X509Utilities.createCertificate( CertificateType.NODE_CA, intermediateCa.certificate, diff --git a/node/src/integration-test/kotlin/net/corda/node/BootTests.kt b/node/src/integration-test/kotlin/net/corda/node/BootTests.kt index b9d2674f7b..bc4db1744f 100644 --- a/node/src/integration-test/kotlin/net/corda/node/BootTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/BootTests.kt @@ -73,7 +73,7 @@ class BootTests : IntegrationTest() { @Test fun `double node start doesn't write into log file`() { - driver(DriverParameters(isDebug = true)) { + driver { val alice = startNode(providedName = ALICE_NAME).get() val logFolder = alice.baseDirectory / NodeStartup.LOGS_DIRECTORY_NAME val logFile = logFolder.list { it.filter { it.fileName.toString().endsWith(".log") }.findAny().get() } diff --git a/node/src/integration-test/kotlin/net/corda/node/NodeUnloadHandlerTests.kt b/node/src/integration-test/kotlin/net/corda/node/NodeUnloadHandlerTests.kt index 4a01cb8cc3..0c402fdda7 100644 --- a/node/src/integration-test/kotlin/net/corda/node/NodeUnloadHandlerTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/NodeUnloadHandlerTests.kt @@ -38,7 +38,7 @@ class NodeUnloadHandlerTests : IntegrationTest() { @Test fun `should be able to register run on stop lambda`() { - driver(DriverParameters(startNodesInProcess = true, extraCordappPackagesToScan = listOf("net.corda.node"), isDebug = true)) { + driver(DriverParameters(startNodesInProcess = true, extraCordappPackagesToScan = listOf("net.corda.node"))) { startNode(providedName = DUMMY_BANK_A_NAME).getOrThrow() // just want to fall off the end of this for the mo... } diff --git a/node/src/integration-test/kotlin/net/corda/node/flows/FlowRetryTest.kt b/node/src/integration-test/kotlin/net/corda/node/flows/FlowRetryTest.kt index 9508102a7a..0e06ea54bb 100644 --- a/node/src/integration-test/kotlin/net/corda/node/flows/FlowRetryTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/flows/FlowRetryTest.kt @@ -46,7 +46,7 @@ class FlowRetryTest : IntegrationTest() { val numSessions = 2 val numIterations = 10 val user = User("mark", "dadada", setOf(Permissions.startFlow())) - val result: Any? = driver(DriverParameters(isDebug = true, startNodesInProcess = isQuasarAgentSpecified(), + val result: Any? = driver(DriverParameters(startNodesInProcess = isQuasarAgentSpecified(), portAllocation = RandomFree)) { val nodeAHandle = startNode(providedName = ALICE_NAME, rpcUsers = listOf(user)).getOrThrow() diff --git a/node/src/integration-test/kotlin/net/corda/node/modes/draining/FlowsDrainingModeContentionTest.kt b/node/src/integration-test/kotlin/net/corda/node/modes/draining/FlowsDrainingModeContentionTest.kt index f1fc551dfe..7c1583d342 100644 --- a/node/src/integration-test/kotlin/net/corda/node/modes/draining/FlowsDrainingModeContentionTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/modes/draining/FlowsDrainingModeContentionTest.kt @@ -67,7 +67,7 @@ class FlowsDrainingModeContentionTest : IntegrationTest() { @Test fun `draining mode does not deadlock with acks between 2 nodes`() { val message = "Ground control to Major Tom" - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = portAllocation, extraCordappPackagesToScan = listOf(MessageState::class.packageName))) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = portAllocation, extraCordappPackagesToScan = listOf(MessageState::class.packageName))) { val nodeA = startNode(providedName = ALICE_NAME, rpcUsers = users).getOrThrow() val nodeB = startNode(providedName = BOB_NAME, rpcUsers = users).getOrThrow() diff --git a/node/src/integration-test/kotlin/net/corda/node/modes/draining/P2PFlowsDrainingModeTest.kt b/node/src/integration-test/kotlin/net/corda/node/modes/draining/P2PFlowsDrainingModeTest.kt index 5b47b2f163..fcda5dc136 100644 --- a/node/src/integration-test/kotlin/net/corda/node/modes/draining/P2PFlowsDrainingModeTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/modes/draining/P2PFlowsDrainingModeTest.kt @@ -69,7 +69,7 @@ class P2PFlowsDrainingModeTest : IntegrationTest() { @Test fun `flows draining mode suspends consumption of initial session messages`() { - driver(DriverParameters(isDebug = true, startNodesInProcess = false, portAllocation = portAllocation)) { + driver(DriverParameters(startNodesInProcess = false, portAllocation = portAllocation)) { val initiatedNode = startNode(providedName = ALICE_NAME).getOrThrow() val initiating = startNode(providedName = BOB_NAME, rpcUsers = users).getOrThrow().rpc @@ -101,7 +101,7 @@ class P2PFlowsDrainingModeTest : IntegrationTest() { @Test fun `clean shutdown by draining`() { - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = portAllocation)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = portAllocation)) { val nodeA = startNode(providedName = ALICE_NAME, rpcUsers = users).getOrThrow() val nodeB = startNode(providedName = BOB_NAME, rpcUsers = users).getOrThrow() diff --git a/node/src/integration-test/kotlin/net/corda/node/modes/draining/RpcFlowsDrainingModeTest.kt b/node/src/integration-test/kotlin/net/corda/node/modes/draining/RpcFlowsDrainingModeTest.kt index cf937d40c3..d971726ef5 100644 --- a/node/src/integration-test/kotlin/net/corda/node/modes/draining/RpcFlowsDrainingModeTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/modes/draining/RpcFlowsDrainingModeTest.kt @@ -45,7 +45,7 @@ class RpcFlowsDrainingModeTest : IntegrationTest() { @Test fun `flows draining mode rejects start flows commands through rpc`() { - driver(DriverParameters(isDebug = true, startNodesInProcess = false, portAllocation = portAllocation)) { + driver(DriverParameters(startNodesInProcess = false, portAllocation = portAllocation)) { startNode(rpcUsers = users).getOrThrow().rpc.apply { diff --git a/node/src/integration-test/kotlin/net/corda/node/persistence/NodeStatePersistenceTests.kt b/node/src/integration-test/kotlin/net/corda/node/persistence/NodeStatePersistenceTests.kt index 934438739e..39c9acbc8a 100644 --- a/node/src/integration-test/kotlin/net/corda/node/persistence/NodeStatePersistenceTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/persistence/NodeStatePersistenceTests.kt @@ -57,7 +57,7 @@ class NodeStatePersistenceTests : IntegrationTest() { fun `persistent state survives node restart`() { val user = User("mark", "dadada", setOf(startFlow(), invokeRpc("vaultQuery"))) val message = Message("Hello world!") - val stateAndRef: StateAndRef? = driver(DriverParameters(isDebug = true, inMemoryDB = false, startNodesInProcess = isQuasarAgentSpecified(), + val stateAndRef: StateAndRef? = driver(DriverParameters(inMemoryDB = false, startNodesInProcess = isQuasarAgentSpecified(), portAllocation = RandomFree, extraCordappPackagesToScan = listOf(MessageState::class.packageName))) { val nodeName = { val nodeHandle = startNode(rpcUsers = listOf(user)).getOrThrow() @@ -90,7 +90,7 @@ class NodeStatePersistenceTests : IntegrationTest() { val user = User("mark", "dadada", setOf(startFlow(), invokeRpc("vaultQuery"))) val message = Message("Hello world!") - val stateAndRef: StateAndRef? = driver(DriverParameters(isDebug = true, inMemoryDB = false, startNodesInProcess = isQuasarAgentSpecified(), portAllocation = RandomFree, extraCordappPackagesToScan = listOf(MessageState::class.packageName))) { + val stateAndRef: StateAndRef? = driver(DriverParameters(inMemoryDB = false, startNodesInProcess = isQuasarAgentSpecified(), portAllocation = RandomFree, extraCordappPackagesToScan = listOf(MessageState::class.packageName))) { val nodeName = { val nodeHandle = startNode(rpcUsers = listOf(user)).getOrThrow() val nodeName = nodeHandle.nodeInfo.singleIdentity().name diff --git a/node/src/integration-test/kotlin/net/corda/node/services/rpc/RpcSslTest.kt b/node/src/integration-test/kotlin/net/corda/node/services/rpc/RpcSslTest.kt index 9f5d46ed27..625186c27e 100644 --- a/node/src/integration-test/kotlin/net/corda/node/services/rpc/RpcSslTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/services/rpc/RpcSslTest.kt @@ -70,7 +70,7 @@ class RpcSslTest : IntegrationTest() { val trustStorePath = saveToTrustStore(tempFolder.root.toPath() / "truststore.jks", cert) val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { val node = startNode(rpcUsers = listOf(user), customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow() val client = CordaRPCClient.createWithSsl(node.rpcAddress, sslConfiguration = clientSslOptions) val connection = client.start(user.username, user.password) @@ -108,7 +108,7 @@ class RpcSslTest : IntegrationTest() { val trustStorePath = saveToTrustStore(tempFolder.root.toPath() / "truststore.jks", cert1) val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { val node = startNode(rpcUsers = listOf(user), customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow() Assertions.assertThatThrownBy { val connection = CordaRPCClient.createWithSsl(node.rpcAddress, sslConfiguration = clientSslOptions).start(user.username, user.password) @@ -128,7 +128,7 @@ class RpcSslTest : IntegrationTest() { fun `RPC client not using ssl can run commands`() { val user = User("mark", "dadada", setOf(all())) var successful = false - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { val node = startNode(rpcUsers = listOf(user)).getOrThrow() val connection = CordaRPCClient(node.rpcAddress).start(user.username, user.password) connection.proxy.apply { @@ -148,7 +148,7 @@ class RpcSslTest : IntegrationTest() { val trustStorePath = saveToTrustStore(tempFolder.root.toPath() / "truststore.jks", cert) val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { val node = startNode(customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow() val client = CordaRPCClient.createWithSsl(node.rpcAddress, sslConfiguration = clientSslOptions) diff --git a/node/src/integration-test/kotlin/net/corda/node/services/statemachine/HardRestartTest.kt b/node/src/integration-test/kotlin/net/corda/node/services/statemachine/HardRestartTest.kt index 3639234221..d51a350be6 100644 --- a/node/src/integration-test/kotlin/net/corda/node/services/statemachine/HardRestartTest.kt +++ b/node/src/integration-test/kotlin/net/corda/node/services/statemachine/HardRestartTest.kt @@ -70,7 +70,7 @@ class HardRestartTest : IntegrationTest() { @Test fun restartShortPingPongFlowRandomly() { val demoUser = User("demo", "demo", setOf(Permissions.startFlow(), Permissions.all())) - driver(DriverParameters(isDebug = true, startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { + driver(DriverParameters(startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { val (a, b) = listOf( startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:30000")), startNode(providedName = DUMMY_BANK_B_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:40000")) @@ -102,7 +102,7 @@ class HardRestartTest : IntegrationTest() { @Test fun restartLongPingPongFlowRandomly() { val demoUser = User("demo", "demo", setOf(Permissions.startFlow(), Permissions.all())) - driver(DriverParameters(isDebug = true, startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { + driver(DriverParameters(startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { val (a, b) = listOf( startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:30000")), startNode(providedName = DUMMY_BANK_B_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:40000")) @@ -134,7 +134,7 @@ class HardRestartTest : IntegrationTest() { @Test fun softRestartLongPingPongFlowRandomly() { val demoUser = User("demo", "demo", setOf(Permissions.startFlow(), Permissions.all())) - driver(DriverParameters(isDebug = true, startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { + driver(DriverParameters(startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { val (a, b) = listOf( startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:30000")), startNode(providedName = DUMMY_BANK_B_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:40000")) @@ -210,7 +210,7 @@ class HardRestartTest : IntegrationTest() { @Test fun restartRecursiveFlowRandomly() { val demoUser = User("demo", "demo", setOf(Permissions.startFlow(), Permissions.all())) - driver(DriverParameters(isDebug = true, startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { + driver(DriverParameters(startNodesInProcess = false, inMemoryDB = false, systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString()))) { val (a, b) = listOf( startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:30000")), startNode(providedName = DUMMY_BANK_B_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:40000")) diff --git a/node/src/integration-test/kotlin/net/corda/services/messaging/MQSecurityAsNodeTest.kt b/node/src/integration-test/kotlin/net/corda/services/messaging/MQSecurityAsNodeTest.kt index b88068edde..1e4fc9f869 100644 --- a/node/src/integration-test/kotlin/net/corda/services/messaging/MQSecurityAsNodeTest.kt +++ b/node/src/integration-test/kotlin/net/corda/services/messaging/MQSecurityAsNodeTest.kt @@ -15,7 +15,7 @@ import net.corda.core.identity.CordaX500Name import net.corda.core.internal.copyTo import net.corda.core.internal.createDirectories import net.corda.core.internal.exists -import net.corda.core.internal.x500Name +import net.corda.core.internal.toX500Name import net.corda.nodeapi.RPCApi import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.NODE_P2P_USER import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.PEER_USER @@ -109,7 +109,7 @@ class MQSecurityAsNodeTest : P2PMQSecurityTest() { val clientKeyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) // Set name constrain to the legal name. - val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.x500Name))), arrayOf()) + val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.toX500Name()))), arrayOf()) val clientCACert = X509Utilities.createCertificate( CertificateType.INTERMEDIATE_CA, DEV_INTERMEDIATE_CA.certificate, diff --git a/node/src/main/java/CordaCaplet.java b/node/src/main/java/CordaCaplet.java index 78456a62fd..8cc3712320 100644 --- a/node/src/main/java/CordaCaplet.java +++ b/node/src/main/java/CordaCaplet.java @@ -14,6 +14,7 @@ import com.typesafe.config.*; import sun.misc.Signal; + import java.io.File; import java.nio.file.Path; import java.nio.file.Paths; @@ -53,7 +54,7 @@ public class CordaCaplet extends Capsule { Config nodeConfig = ConfigFactory.parseFile(configFile, parseOptions); return baseDirectoryConfig.withFallback(nodeConfig).withFallback(defaultConfig).resolve(); } catch (ConfigException e) { - log(LOG_QUIET, e); + log(LOG_DEBUG, e); return ConfigFactory.empty(); } } diff --git a/node/src/main/kotlin/net/corda/node/internal/NetworkParametersReader.kt b/node/src/main/kotlin/net/corda/node/internal/NetworkParametersReader.kt index debe5ed3b5..f016d54142 100644 --- a/node/src/main/kotlin/net/corda/node/internal/NetworkParametersReader.kt +++ b/node/src/main/kotlin/net/corda/node/internal/NetworkParametersReader.kt @@ -31,6 +31,19 @@ class NetworkParametersReader(private val trustRoot: X509Certificate, private val logger = contextLogger() } + sealed class Error(message: String) : Exception(message) { + class ParamsNotConfigured : Error("Couldn't find network parameters file and compatibility zone wasn't configured/isn't reachable.") + class NetworkMapNotConfigured : Error("Node hasn't been configured to connect to a network map from which to get the network parameters.") + class OldParamsAndUpdate : Error( + "Both network parameters and network parameters update files don't match" + + "parameters advertised by network map. Please update node to use correct network parameters file." + ) + class OldParams(previousParametersHash: SecureHash, advertisedParametersHash: SecureHash) : Error( + "Node uses parameters with hash: $previousParametersHash but network map is advertising: " + + "$advertisedParametersHash. Please update node to use correct network parameters file." + ) + } + private data class NetworkParamsAndHash(val networkParameters: NetworkParameters, val hash: SecureHash) private val networkParamsFile = baseDirectory / NETWORK_PARAMS_FILE_NAME private val parametersUpdateFile = baseDirectory / NETWORK_PARAMS_UPDATE_FILE_NAME @@ -63,7 +76,7 @@ class NetworkParametersReader(private val trustRoot: X509Certificate, readParametersUpdate(advertisedParametersHash, signedParametersFromFile.raw.hash) } } else { // No compatibility zone configured. Node should proceed with parameters from file. - signedParametersFromFile ?: throw IllegalArgumentException("Couldn't find network parameters file and compatibility zone wasn't configured/isn't reachable") + signedParametersFromFile ?: throw Error.ParamsNotConfigured() } logger.info("Loaded network parameters: $parameters") return NetworkParamsAndHash(parameters.verifiedNetworkMapCert(trustRoot), parameters.raw.hash) @@ -71,15 +84,11 @@ class NetworkParametersReader(private val trustRoot: X509Certificate, private fun readParametersUpdate(advertisedParametersHash: SecureHash, previousParametersHash: SecureHash): SignedNetworkParameters { if (!parametersUpdateFile.exists()) { - throw IllegalArgumentException("Node uses parameters with hash: $previousParametersHash " + - "but network map is advertising: $advertisedParametersHash.\n" + - "Please update node to use correct network parameters file.") + throw Error.OldParams(previousParametersHash, advertisedParametersHash) } val signedUpdatedParameters = parametersUpdateFile.readObject() if (signedUpdatedParameters.raw.hash != advertisedParametersHash) { - throw IllegalArgumentException("Both network parameters and network parameters update files don't match" + - "parameters advertised by network map.\n" + - "Please update node to use correct network parameters file.") + throw Error.OldParamsAndUpdate() } parametersUpdateFile.moveTo(networkParamsFile, StandardCopyOption.REPLACE_EXISTING) logger.info("Scheduled update to network parameters has occurred - node now updated to these new parameters.") @@ -89,9 +98,7 @@ class NetworkParametersReader(private val trustRoot: X509Certificate, // Used only when node joins for the first time. private fun downloadParameters(parametersHash: SecureHash): SignedNetworkParameters { logger.info("No network-parameters file found. Expecting network parameters to be available from the network map.") - val networkMapClient = checkNotNull(networkMapClient) { - "Node hasn't been configured to connect to a network map from which to get the network parameters" - } + val networkMapClient = networkMapClient ?: throw Error.NetworkMapNotConfigured() val signedParams = networkMapClient.getNetworkParameters(parametersHash) signedParams.serialize().open().copyTo(baseDirectory / NETWORK_PARAMS_FILE_NAME) return signedParams diff --git a/node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt b/node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt index 4adaf2baf4..23bfe2d892 100644 --- a/node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt +++ b/node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt @@ -21,12 +21,7 @@ import net.corda.core.internal.* import net.corda.core.internal.concurrent.thenMatch import net.corda.core.utilities.Try import net.corda.core.utilities.loggerFor -import net.corda.node.CmdLineOptions -import net.corda.node.NodeArgsParser -import net.corda.node.NodeRegistrationOption -import net.corda.node.SerialFilter -import net.corda.node.VersionInfo -import net.corda.node.defaultSerialFilter +import net.corda.node.* import net.corda.node.internal.cordapp.MultipleCordappsForFlowException import net.corda.node.services.config.NodeConfiguration import net.corda.node.services.config.NodeConfigurationImpl @@ -36,9 +31,9 @@ import net.corda.node.services.transactions.bftSMaRtSerialFilter import net.corda.node.utilities.createKeyPairAndSelfSignedTLSCertificate import net.corda.node.utilities.registration.HTTPNetworkRegistrationService import net.corda.node.utilities.registration.NodeRegistrationHelper +import net.corda.node.utilities.registration.UnableToRegisterNodeWithDoormanException import net.corda.node.utilities.saveToKeyStore import net.corda.node.utilities.saveToTrustStore -import net.corda.node.utilities.registration.UnableToRegisterNodeWithDoormanException import net.corda.nodeapi.internal.addShutdownHook import net.corda.nodeapi.internal.config.UnknownConfigurationKeysException import net.corda.nodeapi.internal.persistence.DatabaseMigrationException @@ -171,6 +166,9 @@ open class NodeStartup(val args: Array) { } catch (e: CheckpointIncompatibleException) { logger.error(e.message) return false + } catch (e: NetworkParametersReader.Error) { + logger.error(e.message) + return false } catch (e: Exception) { if (e is Errors.NativeIoException && e.message?.contains("Address already in use") == true) { logger.error("One of the ports required by the Corda node is already in use.") diff --git a/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt b/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt index eddd83761e..8941ee2803 100644 --- a/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt +++ b/node/src/main/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelper.kt @@ -35,6 +35,7 @@ import java.security.PublicKey import java.security.cert.X509Certificate import java.time.Duration import javax.naming.ServiceUnavailableException +import javax.security.auth.x500.X500Principal /** * Helper for managing the node registration process, which checks for any existing certificates and requests them if @@ -53,13 +54,14 @@ open class NetworkRegistrationHelper(private val config: SSLConfiguration, companion object { const val SELF_SIGNED_PRIVATE_KEY = "Self Signed Private Key" + val logger = contextLogger() } private val requestIdStore = config.certificatesDirectory / "certificate-request-id.txt" // TODO: Use different password for private key. private val privateKeyPassword = config.keyStorePassword private val rootTrustStore: X509KeyStore - private val rootCert: X509Certificate + protected val rootCert: X509Certificate init { require(networkRootTrustStorePath.exists()) { @@ -88,6 +90,13 @@ open class NetworkRegistrationHelper(private val config: SSLConfiguration, println("Certificate already exists, Corda node will now terminate...") return } + val tlsCrlIssuerCert = validateAndGetTlsCrlIssuerCert() + if (tlsCrlIssuerCert == null && isTlsCrlIssuerCertRequired()) { + System.err.println("""tlsCrlIssuerCert config does not match the root certificate issuer and nor is there any other certificate in the trust store with a matching issuer. + | Please make sure the config is correct or that the correct certificate for the CRL issuer is added to the node's trust store. + | The node will now terminate.""".trimMargin()) + throw IllegalArgumentException("TLS CRL issuer certificate not found in the trust store.") + } val keyPair = nodeKeyStore.loadOrCreateKeyPair(SELF_SIGNED_PRIVATE_KEY) @@ -104,7 +113,7 @@ open class NetworkRegistrationHelper(private val config: SSLConfiguration, } validateCertificates(keyPair.public, certificates) storePrivateKeyWithCertificates(nodeKeyStore, keyPair, certificates, keyAlias) - onSuccess(keyPair, certificates) + onSuccess(keyPair, certificates, tlsCrlIssuerCert?.let { it.subjectX500Principal.toX500Name() }) // All done, clean up temp files. requestIdStore.deleteIfExists() } @@ -226,7 +235,11 @@ open class NetworkRegistrationHelper(private val config: SSLConfiguration, } } - protected open fun onSuccess(nodeCAKeyPair: KeyPair, certificates: List) {} + protected open fun onSuccess(nodeCAKeyPair: KeyPair, certificates: List, tlsCrlCertificateIssuer: X500Name?) {} + + protected open fun validateAndGetTlsCrlIssuerCert(): X509Certificate? = null + + protected open fun isTlsCrlIssuerCertRequired(): Boolean = false } class UnableToRegisterNodeWithDoormanException : IOException() @@ -246,12 +259,12 @@ class NodeRegistrationHelper(private val config: NodeConfiguration, certService: val logger = contextLogger() } - override fun onSuccess(nodeCAKeyPair: KeyPair, certificates: List) { - createSSLKeystore(nodeCAKeyPair, certificates) + override fun onSuccess(nodeCAKeyPair: KeyPair, certificates: List, tlsCrlCertificateIssuer: X500Name?) { + createSSLKeystore(nodeCAKeyPair, certificates, tlsCrlCertificateIssuer) createTruststore(certificates.last()) } - private fun createSSLKeystore(nodeCAKeyPair: KeyPair, certificates: List) { + private fun createSSLKeystore(nodeCAKeyPair: KeyPair, certificates: List, tlsCertCrlIssuer: X500Name?) { config.loadSslKeyStore(createNew = true).update { println("Generating SSL certificate for node messaging service.") val sslKeyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) @@ -262,7 +275,7 @@ class NodeRegistrationHelper(private val config: NodeConfiguration, certService: config.myLegalName.x500Principal, sslKeyPair.public, crlDistPoint = config.tlsCertCrlDistPoint?.toString(), - crlIssuer = if (config.tlsCertCrlIssuer != null) X500Name(config.tlsCertCrlIssuer) else null) + crlIssuer = tlsCertCrlIssuer) logger.info("Generated TLS certificate: $sslCert") setPrivateKey(CORDA_CLIENT_TLS, sslKeyPair.private, listOf(sslCert) + certificates) } @@ -278,6 +291,37 @@ class NodeRegistrationHelper(private val config: NodeConfiguration, certService: } println("Node trust store stored in ${config.trustStoreFile}.") } + + override fun validateAndGetTlsCrlIssuerCert(): X509Certificate? { + config.tlsCertCrlIssuer ?: return null + val tlsCertCrlIssuerPrincipal = X500Principal(config.tlsCertCrlIssuer) + if (principalMatchesCertificatePrincipal(tlsCertCrlIssuerPrincipal, rootCert)) { + return rootCert + } + return if (config.trustStoreFile.exists()) { + findMatchingCertificate(tlsCertCrlIssuerPrincipal, config.loadTrustStore()) + } else { + null + } + } + + override fun isTlsCrlIssuerCertRequired(): Boolean { + return !config.tlsCertCrlIssuer.isNullOrEmpty() + } + + private fun findMatchingCertificate(principal: X500Principal, trustStore: X509KeyStore): X509Certificate? { + trustStore.aliases().forEach { + val certificate = trustStore.getCertificate(it) + if (principalMatchesCertificatePrincipal(principal, certificate)) { + return certificate + } + } + return null + } + + private fun principalMatchesCertificatePrincipal(principal: X500Principal, certificate: X509Certificate): Boolean { + return certificate.subjectX500Principal.isEquivalentTo(principal) + } } private class FixedPeriodLimitedRetrialStrategy(times: Int, private val period: Duration) : (Duration?) -> Duration? { diff --git a/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt b/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt index e150096ed6..1b35a5b9ce 100644 --- a/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt +++ b/node/src/test/kotlin/net/corda/node/utilities/registration/NetworkRegistrationHelperTest.kt @@ -22,10 +22,9 @@ import net.corda.core.identity.CordaX500Name import net.corda.core.internal.CertRole import net.corda.core.internal.createDirectories import net.corda.core.internal.div -import net.corda.core.internal.x500Name +import net.corda.core.internal.toX500Name import net.corda.core.utilities.seconds import net.corda.node.NodeRegistrationOption -import net.corda.node.VersionInfo import net.corda.node.services.config.NodeConfiguration import net.corda.nodeapi.internal.DevIdentityGenerator import net.corda.nodeapi.internal.crypto.CertificateAndKeyPair @@ -71,6 +70,7 @@ class NetworkRegistrationHelperTest { doReturn("").whenever(it).emailAddress doReturn(null).whenever(it).tlsCertCrlDistPoint doReturn(null).whenever(it).tlsCertCrlIssuer + doReturn(true).whenever(it).crlCheckSoftFail } } @@ -192,7 +192,7 @@ class NetworkRegistrationHelperTest { rootAndIntermediateCA: Pair = createDevIntermediateCaCertPath()): List { val (rootCa, intermediateCa) = rootAndIntermediateCA val nameConstraints = if (type == CertificateType.NODE_CA) { - NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.x500Name))), arrayOf()) + NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, legalName.toX500Name()))), arrayOf()) } else { null } diff --git a/samples/attachment-demo/src/integration-test/kotlin/net/corda/attachmentdemo/AttachmentDemoTest.kt b/samples/attachment-demo/src/integration-test/kotlin/net/corda/attachmentdemo/AttachmentDemoTest.kt index f0c195e3a0..4ca31d87d0 100644 --- a/samples/attachment-demo/src/integration-test/kotlin/net/corda/attachmentdemo/AttachmentDemoTest.kt +++ b/samples/attachment-demo/src/integration-test/kotlin/net/corda/attachmentdemo/AttachmentDemoTest.kt @@ -39,7 +39,7 @@ class AttachmentDemoTest : IntegrationTest() { @Test fun `attachment demo using a 10MB zip file`() { val numOfExpectedBytes = 10_000_000 - driver(DriverParameters(isDebug = true, portAllocation = PortAllocation.Incremental(20000), startNodesInProcess = true)) { + driver(DriverParameters(portAllocation = PortAllocation.Incremental(20000), startNodesInProcess = true)) { val demoUser = listOf(User("demo", "demo", setOf(all()))) val (nodeA, nodeB) = listOf( startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = demoUser, maximumHeapSize = "1g"), diff --git a/samples/attachment-demo/src/main/kotlin/net/corda/attachmentdemo/Main.kt b/samples/attachment-demo/src/main/kotlin/net/corda/attachmentdemo/Main.kt index e3f8fc2e4d..960d1df892 100644 --- a/samples/attachment-demo/src/main/kotlin/net/corda/attachmentdemo/Main.kt +++ b/samples/attachment-demo/src/main/kotlin/net/corda/attachmentdemo/Main.kt @@ -23,7 +23,7 @@ import net.corda.testing.node.User */ fun main(args: Array) { val demoUser = listOf(User("demo", "demo", setOf("StartFlow.net.corda.flows.FinalityFlow"))) - driver(DriverParameters(isDebug = true, driverDirectory = "build" / "attachment-demo-nodes", waitForAllNodesToFinish = true)) { + driver(DriverParameters(driverDirectory = "build" / "attachment-demo-nodes", waitForAllNodesToFinish = true)) { startNode(providedName = DUMMY_BANK_A_NAME, rpcUsers = demoUser) startNode(providedName = DUMMY_BANK_B_NAME, rpcUsers = demoUser) } diff --git a/samples/bank-of-corda-demo/src/integration-test/kotlin/net/corda/bank/BankOfCordaRPCClientTest.kt b/samples/bank-of-corda-demo/src/integration-test/kotlin/net/corda/bank/BankOfCordaRPCClientTest.kt index ee4ab7bb84..a8ff014c6b 100644 --- a/samples/bank-of-corda-demo/src/integration-test/kotlin/net/corda/bank/BankOfCordaRPCClientTest.kt +++ b/samples/bank-of-corda-demo/src/integration-test/kotlin/net/corda/bank/BankOfCordaRPCClientTest.kt @@ -47,7 +47,7 @@ class BankOfCordaRPCClientTest : IntegrationTest() { invokeRpc(CordaRPCOps::wellKnownPartyFromX500Name), invokeRpc(CordaRPCOps::notaryIdentities) ) - driver(DriverParameters(extraCordappPackagesToScan = listOf("net.corda.finance"), isDebug = true)) { + driver(DriverParameters(extraCordappPackagesToScan = listOf("net.corda.finance"))) { val bocManager = User("bocManager", "password1", permissions = setOf( startFlow()) + commonPermissions) val bigCorpCFO = User("bigCorpCFO", "password2", permissions = emptySet() + commonPermissions) diff --git a/samples/irs-demo/cordapp/src/test/kotlin/net/corda/irs/Main.kt b/samples/irs-demo/cordapp/src/test/kotlin/net/corda/irs/Main.kt index f43948ddad..ec7ed0a979 100644 --- a/samples/irs-demo/cordapp/src/test/kotlin/net/corda/irs/Main.kt +++ b/samples/irs-demo/cordapp/src/test/kotlin/net/corda/irs/Main.kt @@ -22,7 +22,7 @@ import net.corda.testing.driver.driver * Do not use in a production environment. */ fun main(args: Array) { - driver(DriverParameters(useTestClock = true, isDebug = true, waitForAllNodesToFinish = true)) { + driver(DriverParameters(useTestClock = true, waitForAllNodesToFinish = true)) { val (nodeA, nodeB) = listOf( startNode(providedName = DUMMY_BANK_A_NAME), startNode(providedName = DUMMY_BANK_B_NAME), diff --git a/samples/irs-demo/src/integration-test/kotlin/net/corda/irs/IRSDemoTest.kt b/samples/irs-demo/src/integration-test/kotlin/net/corda/irs/IRSDemoTest.kt index f8bdce5ddc..165b1168fa 100644 --- a/samples/irs-demo/src/integration-test/kotlin/net/corda/irs/IRSDemoTest.kt +++ b/samples/irs-demo/src/integration-test/kotlin/net/corda/irs/IRSDemoTest.kt @@ -72,7 +72,6 @@ class IRSDemoTest : IntegrationTest() { springDriver(DriverParameters( useTestClock = true, notarySpecs = listOf(NotarySpec(DUMMY_NOTARY_NAME, rpcUsers = rpcUsers)), - isDebug = true, extraCordappPackagesToScan = listOf("net.corda.irs") )) { val (controller, nodeA, nodeB) = listOf( diff --git a/samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt b/samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt index 7d31052947..3a2634b2e7 100644 --- a/samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt +++ b/samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt @@ -69,7 +69,6 @@ class SimmValuationTest : IntegrationTest() { val logConfigFile = projectRootDir / "samples" / "simm-valuation-demo" / "src" / "main" / "resources" / "log4j2.xml" assertThat(logConfigFile).isRegularFile() driver(DriverParameters( - isDebug = true, extraCordappPackagesToScan = listOf("net.corda.vega.contracts", "net.corda.vega.plugin.customserializers"), systemProperties = mapOf("log4j.configurationFile" to logConfigFile.toString())) ) { diff --git a/samples/simm-valuation-demo/src/test/kotlin/net/corda/vega/Main.kt b/samples/simm-valuation-demo/src/test/kotlin/net/corda/vega/Main.kt index edea798d85..20994bf769 100644 --- a/samples/simm-valuation-demo/src/test/kotlin/net/corda/vega/Main.kt +++ b/samples/simm-valuation-demo/src/test/kotlin/net/corda/vega/Main.kt @@ -23,7 +23,7 @@ import net.corda.testing.driver.driver * via the web api. */ fun main(args: Array) { - driver(DriverParameters(isDebug = true, waitForAllNodesToFinish = true)) { + driver(DriverParameters(waitForAllNodesToFinish = true)) { val (nodeA, nodeB, nodeC) = listOf( startNode(providedName = DUMMY_BANK_A_NAME), startNode(providedName = DUMMY_BANK_B_NAME), diff --git a/samples/trader-demo/src/integration-test/kotlin/net/corda/traderdemo/TraderDemoTest.kt b/samples/trader-demo/src/integration-test/kotlin/net/corda/traderdemo/TraderDemoTest.kt index b63a197495..c0bd33ce3e 100644 --- a/samples/trader-demo/src/integration-test/kotlin/net/corda/traderdemo/TraderDemoTest.kt +++ b/samples/trader-demo/src/integration-test/kotlin/net/corda/traderdemo/TraderDemoTest.kt @@ -96,7 +96,7 @@ class TraderDemoTest : IntegrationTest() { @Test fun `Tudor test`() { - driver(DriverParameters(isDebug = true, startNodesInProcess = false, inMemoryDB = false, extraCordappPackagesToScan = listOf("net.corda.finance"))) { + driver(DriverParameters(startNodesInProcess = false, inMemoryDB = false, extraCordappPackagesToScan = listOf("net.corda.finance"))) { val demoUser = User("demo", "demo", setOf(startFlow(), all())) val bankUser = User("user1", "test", permissions = setOf(all())) val (nodeA, nodeB, bankNode) = listOf( diff --git a/samples/trader-demo/src/test/kotlin/net/corda/traderdemo/Main.kt b/samples/trader-demo/src/test/kotlin/net/corda/traderdemo/Main.kt index e9ab776e74..a15f966344 100644 --- a/samples/trader-demo/src/test/kotlin/net/corda/traderdemo/Main.kt +++ b/samples/trader-demo/src/test/kotlin/net/corda/traderdemo/Main.kt @@ -33,7 +33,7 @@ fun main(args: Array) { startFlow(), all()) val demoUser = listOf(User("demo", "demo", permissions)) - driver(DriverParameters(driverDirectory = "build" / "trader-demo-nodes", isDebug = true, waitForAllNodesToFinish = true)) { + driver(DriverParameters(driverDirectory = "build" / "trader-demo-nodes", waitForAllNodesToFinish = true)) { val user = User("user1", "test", permissions = setOf(startFlow(), startFlow(), startFlow())) diff --git a/testing/node-driver/src/main/kotlin/net/corda/testing/node/internal/demorun/CordformNodeRunner.kt b/testing/node-driver/src/main/kotlin/net/corda/testing/node/internal/demorun/CordformNodeRunner.kt index 7bceaceb94..9c82d4d64e 100644 --- a/testing/node-driver/src/main/kotlin/net/corda/testing/node/internal/demorun/CordformNodeRunner.kt +++ b/testing/node-driver/src/main/kotlin/net/corda/testing/node/internal/demorun/CordformNodeRunner.kt @@ -67,7 +67,6 @@ class CordformNodeRunner(val cordformDefinition: CordformDefinition) { .mapNotNull { address -> address?.let { NetworkHostAndPort.parse(it).port } } .max()!! internalDriver( - isDebug = true, jmxPolicy = JmxPolicy(true), driverDirectory = cordformDefinition.nodesDirectory, extraCordappPackagesToScan = extraPackagesToScan, diff --git a/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/InteractiveShellIntegrationTest.kt b/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/InteractiveShellIntegrationTest.kt index cb9dae45ce..5d4cd1709b 100644 --- a/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/InteractiveShellIntegrationTest.kt +++ b/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/InteractiveShellIntegrationTest.kt @@ -67,7 +67,7 @@ class InteractiveShellIntegrationTest : IntegrationTest() { @Test fun `shell should not log in with invalid credentials`() { val user = User("u", "p", setOf()) - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { val nodeFuture = startNode(providedName = ALICE_NAME, rpcUsers = listOf(user), startInSameProcess = true) val node = nodeFuture.getOrThrow() @@ -108,7 +108,7 @@ class InteractiveShellIntegrationTest : IntegrationTest() { val trustStorePath = saveToTrustStore(tempFolder.root.toPath() / "truststore.jks", cert) val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { startNode(rpcUsers = listOf(user), customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow().use { node -> val conf = ShellConfiguration(commandsDirectory = Files.createTempDir().toPath(), @@ -136,7 +136,7 @@ class InteractiveShellIntegrationTest : IntegrationTest() { val trustStorePath = saveToTrustStore(tempFolder.root.toPath() / "truststore.jks", cert1) val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { startNode(rpcUsers = listOf(user), customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow().use { node -> val conf = ShellConfiguration(commandsDirectory = Files.createTempDir().toPath(), @@ -153,7 +153,7 @@ class InteractiveShellIntegrationTest : IntegrationTest() { @Test fun `internal shell user should not be able to connect if node started with devMode=false`() { - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { startNode().getOrThrow().use { node -> val conf = (node as NodeHandleInternal).configuration.toShellConfig() InteractiveShell.startShellInternal(conf) @@ -219,7 +219,7 @@ class InteractiveShellIntegrationTest : IntegrationTest() { val clientSslOptions = ClientRpcSslOptions(trustStorePath, "password") var successful = false - driver(DriverParameters(isDebug = true, startNodesInProcess = true, portAllocation = RandomFree)) { + driver(DriverParameters(startNodesInProcess = true, portAllocation = RandomFree)) { startNode(rpcUsers = listOf(user), customOverrides = brokerSslOptions.useSslRpcOverrides()).getOrThrow().use { node -> val conf = ShellConfiguration(commandsDirectory = Files.createTempDir().toPath(), diff --git a/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/SSHServerTest.kt b/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/SSHServerTest.kt index 2e7ea5324f..e1ecd0db75 100644 --- a/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/SSHServerTest.kt +++ b/tools/shell/src/integration-test/kotlin/net/corda/tools/shell/SSHServerTest.kt @@ -117,7 +117,7 @@ class SSHServerTest : IntegrationTest() { val user = User("u", "p", setOf(startFlow(), invokeRpc(CordaRPCOps::wellKnownPartyFromX500Name))) // The driver will automatically pick up the annotated flows below - driver(DriverParameters(isDebug = true)) { + driver { val node = startNode(providedName = ALICE_NAME, rpcUsers = listOf(user), customOverrides = mapOf("sshd" to mapOf("port" to 2222))) node.getOrThrow() @@ -146,7 +146,7 @@ class SSHServerTest : IntegrationTest() { fun `ssh runs flows`() { val user = User("u", "p", setOf(startFlow())) // The driver will automatically pick up the annotated flows below - driver(DriverParameters(isDebug = true)) { + driver { val node = startNode(providedName = ALICE_NAME, rpcUsers = listOf(user), customOverrides = mapOf("sshd" to mapOf("port" to 2222))) node.getOrThrow()