Merge pull request #836 from corda/mnesbit-change-bridge-mode-constant

Change the FloatInner config property to BridgeInner to be more consistent

bridge/src/integration-test/kotlin/net/corda/bridge/BridgeIntegrationTest.kt

@@ -65,7 +65,7 @@ class BridgeIntegrationTest {
         assertEquals(BridgeMode.SenderReceiver, config.bridgeMode)
         assertEquals(NetworkHostAndPort("localhost", 11005), config.outboundConfig!!.artemisBrokerAddress)
         assertEquals(NetworkHostAndPort("0.0.0.0", 10005), config.inboundConfig!!.listeningAddress)
-        assertNull(config.floatInnerConfig)
+        assertNull(config.bridgeInnerConfig)
         assertNull(config.floatOuterConfig)
         config.createBridgeKeyStores(DUMMY_BANK_A_NAME)
         val (artemisServer, artemisClient) = createArtemis()
@@ -90,13 +90,13 @@ class BridgeIntegrationTest {
     }
 
     @Test
-    fun `Load bridge (float inner) and float outer and stand them up`() {
+    fun `Load bridge (bridge Inner) and float outer and stand them up`() {
         val bridgeFolder = tempFolder.root.toPath()
         val bridgeConfigResource = "/net/corda/bridge/withfloat/bridge/bridge.conf"
         val bridgeConfig = createAndLoadConfigFromResource(bridgeFolder, bridgeConfigResource)
         bridgeConfig.createBridgeKeyStores(DUMMY_BANK_A_NAME)
         createNetworkParams(bridgeFolder)
-        assertEquals(BridgeMode.FloatInner, bridgeConfig.bridgeMode)
+        assertEquals(BridgeMode.BridgeInner, bridgeConfig.bridgeMode)
         assertEquals(NetworkHostAndPort("localhost", 11005), bridgeConfig.outboundConfig!!.artemisBrokerAddress)
         val floatFolder = tempFolder.root.toPath() / "float"
         val floatConfigResource = "/net/corda/bridge/withfloat/float/bridge.conf"
@@ -268,7 +268,7 @@ class BridgeIntegrationTest {
         assertEquals(NetworkHostAndPort("localhost", 11005), config.outboundConfig!!.artemisBrokerAddress)
         assertEquals(listOf(NetworkHostAndPort("localhost", 12005)), config.outboundConfig!!.alternateArtemisBrokerAddresses)
         assertEquals(NetworkHostAndPort("0.0.0.0", 10005), config.inboundConfig!!.listeningAddress)
-        assertNull(config.floatInnerConfig)
+        assertNull(config.bridgeInnerConfig)
         assertNull(config.floatOuterConfig)
         config.createBridgeKeyStores(DUMMY_BANK_A_NAME)
         val (artemisServer, artemisClient) = createArtemis()
@@ -311,7 +311,7 @@ class BridgeIntegrationTest {
         val bridgeConfig = createAndLoadConfigFromResource(bridgeFolder, bridgeConfigResource)
         bridgeConfig.createBridgeKeyStores(DUMMY_BANK_A_NAME)
         createNetworkParams(bridgeFolder)
-        assertEquals(BridgeMode.FloatInner, bridgeConfig.bridgeMode)
+        assertEquals(BridgeMode.BridgeInner, bridgeConfig.bridgeMode)
         assertEquals(NetworkHostAndPort("localhost", 11005), bridgeConfig.outboundConfig!!.artemisBrokerAddress)
         assertEquals(listOf(NetworkHostAndPort("localhost", 12005)), bridgeConfig.outboundConfig!!.alternateArtemisBrokerAddresses)
         val floatFolder = tempFolder.root.toPath() / "float"

bridge/src/main/kotlin/net/corda/bridge/internal/BridgeInstance.kt

@@ -130,13 +130,13 @@ class BridgeInstance(val conf: BridgeConfiguration,
                 floatSupervisorService = FloatSupervisorServiceImpl(conf, maxMessageSize, bridgeAuditService)
                 bridgeSupervisorService = BridgeSupervisorServiceImpl(conf, maxMessageSize, bridgeAuditService, floatSupervisorService!!.amqpListenerService)
             }
-        // In the FloatInner mode the process runs the full outbound message path as in the SenderReceiver mode, but the inbound path is split.
+        // In the BridgeInner mode the process runs the full outbound message path as in the SenderReceiver mode, but the inbound path is split.
-        // This 'Float Inner/Bridge Controller' process runs the more trusted portion of the inbound path.
+        // This 'Bridge Inner/Bridge Controller' process runs the more trusted portion of the inbound path.
-        // In particular the 'Float Inner/Bridge Controller' has access to the persisted TLS KeyStore, which it provisions dynamically into the 'Float Outer'.
+        // In particular the 'Bridge Inner/Bridge Controller' has access to the persisted TLS KeyStore, which it provisions dynamically into the 'Float Outer'.
-        // Also the the 'Float Inner' does more complete validation of inbound messages and ensures that they correspond to legitimate
+        // Also the the 'Bridge Inner' does more complete validation of inbound messages and ensures that they correspond to legitimate
         // node inboxes, before transferring the message to Artemis. Potentially it might carry out deeper checks of received packets.
-        // However, the 'Float Inner' is not directly exposed to the internet, or peers and does not host the TLS/AMQP 1.0 server socket.
+        // However, the 'Bridge Inner' is not directly exposed to the internet, or peers and does not host the TLS/AMQP 1.0 server socket.
-            BridgeMode.FloatInner -> {
+            BridgeMode.BridgeInner -> {
                 bridgeSupervisorService = BridgeSupervisorServiceImpl(conf, maxMessageSize, bridgeAuditService, null)
             }
         // In the FloatOuter mode this process runs a minimal AMQP proxy that is designed to run in a DMZ zone.
@@ -144,12 +144,12 @@ class BridgeInstance(val conf: BridgeConfiguration,
         // to minimise any state. It specifically does not persist the Node TLS keys anywhere, nor does it hold network map information on peers.
         // The 'Float Outer' does not initiate socket connection anywhere, so that attackers can be easily blocked by firewalls
         // if they try to invade the system from a compromised 'Float Outer' machine. The 'Float Outer' hosts a control TLS/AMQP 1.0 server socket,
-        // which receives a connection from the 'Float Inner/Bridge controller' in the trusted zone of the organisation.
+        // which receives a connection from the 'Bridge Inner/Bridge controller' in the trusted zone of the organisation.
         // The control channel is ideally authenticated using server/client certificates that are not related to the Corda PKI hierarchy.
         // Once the control channel is formed it is used to RPC the methods of the BridgeAMQPListenerService to start the publicly visible
         // TLS/AMQP 1.0 server socket of the Corda node. Thus peer connections will directly terminate onto the activate listener socket and
         // be validated against the keys/certificates sent across the control tunnel. Inbound messages are given basic checks that do not require
-        // holding potentially sensitive information and are then forwarded across the control tunnel to the 'Float Inner' process for more
+        // holding potentially sensitive information and are then forwarded across the control tunnel to the 'Bridge Inner' process for more
         // complete validation checks.
             BridgeMode.FloatOuter -> {
                 floatSupervisorService = FloatSupervisorServiceImpl(conf, maxMessageSize, bridgeAuditService)

bridge/src/main/kotlin/net/corda/bridge/services/api/BridgeConfiguration.kt

@@ -26,14 +26,14 @@ enum class BridgeMode {
      * Runs only the trusted bridge side of the system, which has direct TLS access to Artemis.
      * The components handles all outgoing aspects of AMQP bridges directly.
      * The inbound messages are initially received onto a different [FloatOuter] process and a
-     * separate AMQP tunnel is used to ship back the inbound data to this [FloatInner] process.
+     * separate AMQP tunnel is used to ship back the inbound data to this [BridgeInner] process.
      */
-    FloatInner,
+    BridgeInner,
     /**
      * A minimal process designed to be run inside a DMZ, which acts an AMQP receiver of inbound peer messages.
-     * The component carries out basic validation of the TLS sources and AMQP packets, before forwarding to the [FloatInner].
+     * The component carries out basic validation of the TLS sources and AMQP packets, before forwarding to the [BridgeInner].
-     * No keys are stored on disk for the component, but must instead be provisioned from the [FloatInner] using a
+     * No keys are stored on disk for the component, but must instead be provisioned from the [BridgeInner] using a
-     * separate AMQP link initiated from the [FloatInner] to the [FloatOuter].
+     * separate AMQP link initiated from the [BridgeInner] to the [FloatOuter].
      */
     FloatOuter
 }
@@ -48,7 +48,7 @@ interface BridgeSSLConfiguration : SSLConfiguration {
 
 /**
  * Details of the local Artemis broker.
- * Required in SenderReceiver and FloatInner modes.
+ * Required in SenderReceiver and BridgeInner modes.
  */
 interface BridgeOutboundConfiguration {
     val artemisBrokerAddress: NetworkHostAndPort
@@ -71,10 +71,10 @@ interface BridgeInboundConfiguration {
 }
 
 /**
- * Details of the target control ports of available [BridgeMode.FloatOuter] processes from the perspective of the [BridgeMode.FloatInner] process.
+ * Details of the target control ports of available [BridgeMode.FloatOuter] processes from the perspective of the [BridgeMode.BridgeInner] process.
- * Required for [BridgeMode.FloatInner] mode.
+ * Required for [BridgeMode.BridgeInner] mode.
  */
-interface FloatInnerConfiguration {
+interface BridgeInnerConfiguration {
     val floatAddresses: List<NetworkHostAndPort>
     val expectedCertificateSubject: CordaX500Name
     // Allows override of [KeyStore] details for the control port, otherwise the general top level details are used.
@@ -90,7 +90,7 @@ interface BridgeHAConfig {
 }
 
 /**
- * Details of the listening port for a [BridgeMode.FloatOuter] process and of the certificate that the [BridgeMode.FloatInner] should present.
+ * Details of the listening port for a [BridgeMode.FloatOuter] process and of the certificate that the [BridgeMode.BridgeInner] should present.
  * Required for [BridgeMode.FloatOuter] mode.
  */
 interface FloatOuterConfiguration {
@@ -104,7 +104,7 @@ interface BridgeConfiguration : NodeSSLConfiguration {
     val bridgeMode: BridgeMode
     val outboundConfig: BridgeOutboundConfiguration?
     val inboundConfig: BridgeInboundConfiguration?
-    val floatInnerConfig: FloatInnerConfiguration?
+    val bridgeInnerConfig: BridgeInnerConfiguration?
     val floatOuterConfig: FloatOuterConfiguration?
     val haConfig: BridgeHAConfig?
     val networkParametersPath: Path

bridge/src/main/kotlin/net/corda/bridge/services/api/BridgeSupervisorService.kt

@@ -11,7 +11,7 @@
 package net.corda.bridge.services.api
 
 /**
- * This is the top level service representing the [BridgeMode.FloatInner] service stack. The primary role of this component is to
+ * This is the top level service representing the [BridgeMode.BridgeInner] service stack. The primary role of this component is to
  * create and wire up concrete implementations of the relevant services according to the [BridgeConfiguration] details.
  * The possibly proxied path to the [BridgeAMQPListenerService] is typically a constructor input
  * as that is a [BridgeMode.FloatOuter] component.

bridge/src/main/kotlin/net/corda/bridge/services/api/FloatControlService.kt

@@ -11,7 +11,7 @@
 package net.corda.bridge.services.api
 
 /**
- * This service represent an AMQP socket listener that awaits a remote initiated connection from the [BridgeMode.FloatInner].
+ * This service represent an AMQP socket listener that awaits a remote initiated connection from the [BridgeMode.BridgeInner].
- * Only one active connection is allowed at a time and it must match the configured requirements in the [BridgeConfiguration.floatInnerConfig].
+ * Only one active connection is allowed at a time and it must match the configured requirements in the [BridgeConfiguration.bridgeInnerConfig].
  */
 interface FloatControlService : ServiceLifecycleSupport

bridge/src/main/kotlin/net/corda/bridge/services/config/BridgeConfigurationImpl.kt

@@ -42,10 +42,10 @@ data class BridgeOutboundConfigurationImpl(override val artemisBrokerAddress: Ne
 data class BridgeInboundConfigurationImpl(override val listeningAddress: NetworkHostAndPort,
                                           override val customSSLConfiguration: BridgeSSLConfigurationImpl?) : BridgeInboundConfiguration
 
-data class FloatInnerConfigurationImpl(override val floatAddresses: List<NetworkHostAndPort>,
+data class BridgeInnerConfigurationImpl(override val floatAddresses: List<NetworkHostAndPort>,
-                                       override val expectedCertificateSubject: CordaX500Name,
+                                        override val expectedCertificateSubject: CordaX500Name,
-                                       override val customSSLConfiguration: BridgeSSLConfigurationImpl?,
+                                        override val customSSLConfiguration: BridgeSSLConfigurationImpl?,
-                                       override val customFloatOuterSSLConfiguration: BridgeSSLConfigurationImpl?) : FloatInnerConfiguration
+                                        override val customFloatOuterSSLConfiguration: BridgeSSLConfigurationImpl?) : BridgeInnerConfiguration
 
 data class FloatOuterConfigurationImpl(override val floatAddress: NetworkHostAndPort,
                                        override val expectedCertificateSubject: CordaX500Name,
@@ -65,7 +65,7 @@ data class BridgeConfigurationImpl(
         override val networkParametersPath: Path,
         override val outboundConfig: BridgeOutboundConfigurationImpl?,
         override val inboundConfig: BridgeInboundConfigurationImpl?,
-        override val floatInnerConfig: FloatInnerConfigurationImpl?,
+        override val bridgeInnerConfig: BridgeInnerConfigurationImpl?,
         override val floatOuterConfig: FloatOuterConfigurationImpl?,
         override val haConfig: BridgeHAConfigImpl?,
         override val enableAMQPPacketTrace: Boolean,
@@ -76,8 +76,8 @@ data class BridgeConfigurationImpl(
     init {
         if (bridgeMode == BridgeMode.SenderReceiver) {
             require(inboundConfig != null && outboundConfig != null) { "Missing required configuration" }
-        } else if (bridgeMode == BridgeMode.FloatInner) {
+        } else if (bridgeMode == BridgeMode.BridgeInner) {
-            require(floatInnerConfig != null && outboundConfig != null) { "Missing required configuration" }
+            require(bridgeInnerConfig != null && outboundConfig != null) { "Missing required configuration" }
         } else if (bridgeMode == BridgeMode.FloatOuter) {
             require(inboundConfig != null && floatOuterConfig != null) { "Missing required configuration" }
         }

bridge/src/main/kotlin/net/corda/bridge/services/receiver/TunnelingBridgeReceiverService.kt

@@ -59,19 +59,19 @@ class TunnelingBridgeReceiverService(val conf: BridgeConfiguration,
 
     init {
         statusFollower = ServiceStateCombiner(listOf(auditService, haService, filterService))
-        controlLinkSSLConfiguration = conf.floatInnerConfig?.customSSLConfiguration ?: conf
+        controlLinkSSLConfiguration = conf.bridgeInnerConfig?.customSSLConfiguration ?: conf
-        floatListenerSSLConfiguration = conf.floatInnerConfig?.customFloatOuterSSLConfiguration ?: conf
+        floatListenerSSLConfiguration = conf.bridgeInnerConfig?.customFloatOuterSSLConfiguration ?: conf
         controlLinkKeyStore = controlLinkSSLConfiguration.loadSslKeyStore().internal
         controLinkKeyStorePrivateKeyPassword = controlLinkSSLConfiguration.keyStorePassword
         controlLinkTrustStore = controlLinkSSLConfiguration.loadTrustStore().internal
-        expectedCertificateSubject = conf.floatInnerConfig!!.expectedCertificateSubject
+        expectedCertificateSubject = conf.bridgeInnerConfig!!.expectedCertificateSubject
     }
 
 
     override fun start() {
         statusSubscriber = statusFollower.activeChange.subscribe {
             if (it) {
-                val floatAddresses = conf.floatInnerConfig!!.floatAddresses
+                val floatAddresses = conf.bridgeInnerConfig!!.floatAddresses
                 val controlClient = AMQPClient(floatAddresses, setOf(expectedCertificateSubject), null, null, controlLinkKeyStore, controLinkKeyStorePrivateKeyPassword, controlLinkTrustStore, conf.crlCheckSoftFail, conf.enableAMQPPacketTrace)
                 connectSubscriber = controlClient.onConnection.subscribe { onConnectToControl(it) }
                 receiveSubscriber = controlClient.onReceive.subscribe { onFloatMessage(it) }

bridge/src/test/kotlin/net/corda/bridge/ConfigTest.kt

@@ -40,7 +40,7 @@ class ConfigTest {
         assertEquals(BridgeMode.SenderReceiver, config.bridgeMode)
         assertEquals(NetworkHostAndPort("localhost", 11005), config.outboundConfig!!.artemisBrokerAddress)
         assertEquals(NetworkHostAndPort("0.0.0.0", 10005), config.inboundConfig!!.listeningAddress)
-        assertNull(config.floatInnerConfig)
+        assertNull(config.bridgeInnerConfig)
         assertNull(config.floatOuterConfig)
     }
 
@@ -48,11 +48,11 @@ class ConfigTest {
     fun `Load simple bridge config`() {
         val configResource = "/net/corda/bridge/withfloat/bridge/bridge.conf"
         val config = createAndLoadConfigFromResource(tempFolder.root.toPath(), configResource)
-        assertEquals(BridgeMode.FloatInner, config.bridgeMode)
+        assertEquals(BridgeMode.BridgeInner, config.bridgeMode)
         assertEquals(NetworkHostAndPort("localhost", 11005), config.outboundConfig!!.artemisBrokerAddress)
         assertNull(config.inboundConfig)
-        assertEquals(listOf(NetworkHostAndPort("localhost", 12005)), config.floatInnerConfig!!.floatAddresses)
+        assertEquals(listOf(NetworkHostAndPort("localhost", 12005)), config.bridgeInnerConfig!!.floatAddresses)
-        assertEquals(CordaX500Name.parse("O=Bank A, L=London, C=GB"), config.floatInnerConfig!!.expectedCertificateSubject)
+        assertEquals(CordaX500Name.parse("O=Bank A, L=London, C=GB"), config.bridgeInnerConfig!!.expectedCertificateSubject)
         assertNull(config.floatOuterConfig)
     }
 
@@ -63,7 +63,7 @@ class ConfigTest {
         assertEquals(BridgeMode.FloatOuter, config.bridgeMode)
         assertNull(config.outboundConfig)
         assertEquals(NetworkHostAndPort("0.0.0.0", 10005), config.inboundConfig!!.listeningAddress)
-        assertNull(config.floatInnerConfig)
+        assertNull(config.bridgeInnerConfig)
         assertEquals(NetworkHostAndPort("localhost", 12005), config.floatOuterConfig!!.floatAddress)
         assertEquals(CordaX500Name.parse("O=Bank A, L=London, C=GB"), config.floatOuterConfig!!.expectedCertificateSubject)
     }
@@ -85,10 +85,10 @@ class ConfigTest {
         assertEquals("outboundkeypassword", config.outboundConfig!!.customSSLConfiguration!!.keyStorePassword)
         assertEquals("outboundtrustpassword", config.outboundConfig!!.customSSLConfiguration!!.trustStorePassword)
         assertNull(config.inboundConfig)
-        assertEquals(Paths.get("tunnelcerts/tunnelkeys.jks"), config.floatInnerConfig!!.customSSLConfiguration!!.sslKeystore)
+        assertEquals(Paths.get("tunnelcerts/tunnelkeys.jks"), config.bridgeInnerConfig!!.customSSLConfiguration!!.sslKeystore)
-        assertEquals(Paths.get("tunnelcerts/tunneltrust.jks"), config.floatInnerConfig!!.customSSLConfiguration!!.trustStoreFile)
+        assertEquals(Paths.get("tunnelcerts/tunneltrust.jks"), config.bridgeInnerConfig!!.customSSLConfiguration!!.trustStoreFile)
-        assertEquals("tunnelkeypassword", config.floatInnerConfig!!.customSSLConfiguration!!.keyStorePassword)
+        assertEquals("tunnelkeypassword", config.bridgeInnerConfig!!.customSSLConfiguration!!.keyStorePassword)
-        assertEquals("tunneltrustpassword", config.floatInnerConfig!!.customSSLConfiguration!!.trustStorePassword)
+        assertEquals("tunneltrustpassword", config.bridgeInnerConfig!!.customSSLConfiguration!!.trustStorePassword)
         assertNull(config.floatOuterConfig)
     }
 
@@ -105,7 +105,7 @@ class ConfigTest {
         assertEquals(Paths.get("tunnelcerts/tunneltrust.jks"), config.floatOuterConfig!!.customSSLConfiguration!!.trustStoreFile)
         assertEquals("tunnelkeypassword", config.floatOuterConfig!!.customSSLConfiguration!!.keyStorePassword)
         assertEquals("tunneltrustpassword", config.floatOuterConfig!!.customSSLConfiguration!!.trustStorePassword)
-        assertNull(config.floatInnerConfig)
+        assertNull(config.bridgeInnerConfig)
     }
 
     @Test

bridge/src/test/resources/net/corda/bridge/artemisfailoverandfloat/bridge/bridge.conf

@@ -7,12 +7,12 @@
 //
 // Distribution of this file or any portion thereof via any medium without the express permission of R3 is strictly prohibited.
 
-bridgeMode = FloatInner
+bridgeMode = BridgeInner
 outboundConfig : {
     artemisBrokerAddress = "localhost:11005"
 	alternateArtemisBrokerAddresses = ["localhost:12005"]
 }
-floatInnerConfig : {
+bridgeInnerConfig : {
     floatAddresses = [ "localhost:13005" ]
     expectedCertificateSubject = "O=Bank A, L=London, C=GB"
 }

bridge/src/test/resources/net/corda/bridge/hawithfloat/bridge/bridge.conf

@@ -7,11 +7,11 @@
 //
 // Distribution of this file or any portion thereof via any medium without the express permission of R3 is strictly prohibited.
 
-bridgeMode = FloatInner
+bridgeMode = BridgeInner
 outboundConfig : {
     artemisBrokerAddress = "localhost:11005"
 }
-floatInnerConfig : {
+bridgeInnerConfig : {
     floatAddresses = [ "localhost:12005" ]
     expectedCertificateSubject = "O=Bank A, L=London, C=GB"
 }

bridge/src/test/resources/net/corda/bridge/separatedwithcustomcerts/bridge/bridge.conf

@@ -7,7 +7,7 @@
 //
 // Distribution of this file or any portion thereof via any medium without the express permission of R3 is strictly prohibited.
 
-bridgeMode = FloatInner
+bridgeMode = BridgeInner
 outboundConfig : {
     artemisBrokerAddress = "localhost:11005"
     customSSLConfiguration : {
@@ -18,7 +18,7 @@ outboundConfig : {
         crlCheckSoftFail = true
     }
 }
-floatInnerConfig : {
+bridgeInnerConfig : {
     floatAddresses = [ "localhost:12005" ]
     expectedCertificateSubject = "O=Bank A, L=London, C=GB"
     customSSLConfiguration : {

bridge/src/test/resources/net/corda/bridge/withfloat/bridge/bridge.conf

@@ -7,11 +7,11 @@
 //
 // Distribution of this file or any portion thereof via any medium without the express permission of R3 is strictly prohibited.
 
-bridgeMode = FloatInner
+bridgeMode = BridgeInner
 outboundConfig : {
     artemisBrokerAddress = "localhost:11005"
 }
-floatInnerConfig : {
+bridgeInnerConfig : {
     floatAddresses = [ "localhost:12005" ]
     expectedCertificateSubject = "O=Bank A, L=London, C=GB"
 }