Merge pull request #6221 from corda/chrisr3-45-merge

Merge from OS 4.5 up to 9a5be9e
This commit is contained in:
Matthew Nesbit 2020-05-06 14:37:38 +01:00 committed by GitHub
commit 6400fd51a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 9 additions and 7 deletions

View File

@ -30,7 +30,7 @@ snakeYamlVersion=1.19
caffeineVersion=2.7.0 caffeineVersion=2.7.0
metricsVersion=4.1.0 metricsVersion=4.1.0
metricsNewRelicVersion=1.1.1 metricsNewRelicVersion=1.1.1
djvmVersion=1.1-RC02 djvmVersion=1.1-RC03
deterministicRtVersion=1.0-RC02 deterministicRtVersion=1.0-RC02
openSourceBranch=https://github.com/corda/corda/blob/release/os/4.4 openSourceBranch=https://github.com/corda/corda/blob/release/os/4.4
openSourceSamplesBranch=https://github.com/corda/samples/blob/release-V4 openSourceSamplesBranch=https://github.com/corda/samples/blob/release-V4

View File

@ -33,6 +33,9 @@ class ArtemisMessagingComponent {
// This is a rough guess on the extra space needed on top of maxMessageSize to store the journal. // This is a rough guess on the extra space needed on top of maxMessageSize to store the journal.
// TODO: we might want to make this value configurable. // TODO: we might want to make this value configurable.
const val JOURNAL_HEADER_SIZE = 1024 const val JOURNAL_HEADER_SIZE = 1024
// Time interval after which every connected client is re-authenticated using BrokerJaasLoginModule.
// Setting it to 1 hour (instead of default value of 10 seconds) to avoid frequent expensive checks, e.g. CRL check.
const val SECURITY_INVALIDATION_INTERVAL = 3600 * 1000L
object P2PMessagingHeaders { object P2PMessagingHeaders {
// This is a "property" attached to an Artemis MQ message object, which contains our own notion of "topic". // This is a "property" attached to an Artemis MQ message object, which contains our own notion of "topic".

View File

@ -225,9 +225,9 @@ dependencies {
// Byteman for runtime (termination) rules injection on the running node // Byteman for runtime (termination) rules injection on the running node
// Submission tool allowing to install rules on running nodes // Submission tool allowing to install rules on running nodes
slowIntegrationTestCompile "org.jboss.byteman:byteman-submit:4.0.3" slowIntegrationTestCompile "org.jboss.byteman:byteman-submit:4.0.11"
// The actual Byteman agent which should only be in the classpath of the out of process nodes // The actual Byteman agent which should only be in the classpath of the out of process nodes
slowIntegrationTestCompile "org.jboss.byteman:byteman:4.0.3" slowIntegrationTestCompile "org.jboss.byteman:byteman:4.0.11"
testCompile(project(':test-cli')) testCompile(project(':test-cli'))
testCompile(project(':test-utils')) testCompile(project(':test-utils'))

View File

@ -17,6 +17,7 @@ import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.INTERNAL_P
import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.JOURNAL_HEADER_SIZE import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.JOURNAL_HEADER_SIZE
import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.NOTIFICATIONS_ADDRESS import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.NOTIFICATIONS_ADDRESS
import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.P2P_PREFIX import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.P2P_PREFIX
import net.corda.nodeapi.internal.ArtemisMessagingComponent.Companion.SECURITY_INVALIDATION_INTERVAL
import net.corda.nodeapi.internal.ArtemisTcpTransport.Companion.p2pAcceptorTcpTransport import net.corda.nodeapi.internal.ArtemisTcpTransport.Companion.p2pAcceptorTcpTransport
import net.corda.nodeapi.internal.protonwrapper.netty.RevocationConfig import net.corda.nodeapi.internal.protonwrapper.netty.RevocationConfig
import net.corda.nodeapi.internal.requireOnDefaultFileSystem import net.corda.nodeapi.internal.requireOnDefaultFileSystem
@ -162,6 +163,7 @@ class ArtemisMessagingServer(private val config: NodeConfiguration,
val nodeInternalRole = Role(NODE_P2P_ROLE, true, true, true, true, true, true, true, true, true, true) val nodeInternalRole = Role(NODE_P2P_ROLE, true, true, true, true, true, true, true, true, true, true)
securityRoles["$INTERNAL_PREFIX#"] = setOf(nodeInternalRole) // Do not add any other roles here as it's only for the node securityRoles["$INTERNAL_PREFIX#"] = setOf(nodeInternalRole) // Do not add any other roles here as it's only for the node
securityRoles["$P2P_PREFIX#"] = setOf(nodeInternalRole, restrictedRole(PEER_ROLE, send = true)) securityRoles["$P2P_PREFIX#"] = setOf(nodeInternalRole, restrictedRole(PEER_ROLE, send = true))
securityInvalidationInterval = SECURITY_INVALIDATION_INTERVAL
return this return this
} }

View File

@ -76,6 +76,7 @@ internal class RpcBrokerConfiguration(baseDirectory: Path, maxMessageSize: Int,
securityRoles["${ArtemisMessagingComponent.INTERNAL_PREFIX}#"] = setOf(nodeInternalRole) securityRoles["${ArtemisMessagingComponent.INTERNAL_PREFIX}#"] = setOf(nodeInternalRole)
securityRoles[RPCApi.RPC_SERVER_QUEUE_NAME] = setOf(nodeInternalRole, restrictedRole(BrokerJaasLoginModule.RPC_ROLE, send = true)) securityRoles[RPCApi.RPC_SERVER_QUEUE_NAME] = setOf(nodeInternalRole, restrictedRole(BrokerJaasLoginModule.RPC_ROLE, send = true))
securitySettingPlugins.add(rolesAdderOnLogin) securitySettingPlugins.add(rolesAdderOnLogin)
securityInvalidationInterval = ArtemisMessagingComponent.SECURITY_INVALIDATION_INTERVAL
} }
private fun enableJmx() { private fun enableJmx() {

View File

@ -13,7 +13,6 @@ import net.corda.core.serialization.SingletonSerializeAsToken
import net.corda.core.transactions.LedgerTransaction import net.corda.core.transactions.LedgerTransaction
import net.corda.djvm.SandboxConfiguration import net.corda.djvm.SandboxConfiguration
import net.corda.djvm.analysis.AnalysisConfiguration import net.corda.djvm.analysis.AnalysisConfiguration
import net.corda.djvm.analysis.Whitelist
import net.corda.djvm.execution.ExecutionProfile import net.corda.djvm.execution.ExecutionProfile
import net.corda.djvm.rewiring.ByteCode import net.corda.djvm.rewiring.ByteCode
import net.corda.djvm.rewiring.ByteCodeKey import net.corda.djvm.rewiring.ByteCodeKey
@ -39,7 +38,6 @@ class DeterministicVerifierFactoryService(
init { init {
val baseAnalysisConfiguration = AnalysisConfiguration.createRoot( val baseAnalysisConfiguration = AnalysisConfiguration.createRoot(
userSource = cordaSource, userSource = cordaSource,
whitelist = Whitelist.MINIMAL,
visibleAnnotations = setOf( visibleAnnotations = setOf(
CordaSerializable::class.java, CordaSerializable::class.java,
CordaSerializationTransformEnumDefault::class.java, CordaSerializationTransformEnumDefault::class.java,

View File

@ -10,7 +10,6 @@ import net.corda.core.serialization.DeprecatedConstructorForDeserialization
import net.corda.djvm.SandboxConfiguration import net.corda.djvm.SandboxConfiguration
import net.corda.djvm.SandboxRuntimeContext import net.corda.djvm.SandboxRuntimeContext
import net.corda.djvm.analysis.AnalysisConfiguration import net.corda.djvm.analysis.AnalysisConfiguration
import net.corda.djvm.analysis.Whitelist.Companion.MINIMAL
import net.corda.djvm.messages.Severity import net.corda.djvm.messages.Severity
import net.corda.djvm.messages.Severity.WARNING import net.corda.djvm.messages.Severity.WARNING
import net.corda.djvm.source.BootstrapClassLoader import net.corda.djvm.source.BootstrapClassLoader
@ -52,7 +51,6 @@ abstract class TestBase(type: SandboxType) {
bootstrapClassLoader = BootstrapClassLoader(DETERMINISTIC_RT) bootstrapClassLoader = BootstrapClassLoader(DETERMINISTIC_RT)
val rootConfiguration = AnalysisConfiguration.createRoot( val rootConfiguration = AnalysisConfiguration.createRoot(
userSource = UserPathSource(emptyList()), userSource = UserPathSource(emptyList()),
whitelist = MINIMAL,
visibleAnnotations = setOf( visibleAnnotations = setOf(
CordaSerializable::class.java, CordaSerializable::class.java,
CordaSerializationTransformEnumDefault::class.java, CordaSerializationTransformEnumDefault::class.java,