mirror of
https://github.com/corda/corda.git
synced 2024-12-30 17:57:02 +00:00
Merge branch 'release/os/4.4' of https://github.com/corda/corda into TM-197-4.5Merge
This commit is contained in:
commit
a765510cf4
5
.ci/dev/integration/Jenkinsfile
vendored
5
.ci/dev/integration/Jenkinsfile
vendored
@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
|
|||||||
|
|
||||||
pipeline {
|
pipeline {
|
||||||
agent { label 'local-k8s' }
|
agent { label 'local-k8s' }
|
||||||
options { timestamps() }
|
options {
|
||||||
|
timestamps()
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
|
}
|
||||||
|
|
||||||
environment {
|
environment {
|
||||||
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
|
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
|
||||||
|
1
.ci/dev/nightly-regression/Jenkinsfile
vendored
1
.ci/dev/nightly-regression/Jenkinsfile
vendored
@ -9,6 +9,7 @@ pipeline {
|
|||||||
timestamps()
|
timestamps()
|
||||||
overrideIndexTriggers(false)
|
overrideIndexTriggers(false)
|
||||||
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
|
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
}
|
}
|
||||||
triggers {
|
triggers {
|
||||||
pollSCM ignorePostCommitHooks: true, scmpoll_spec: '@midnight'
|
pollSCM ignorePostCommitHooks: true, scmpoll_spec: '@midnight'
|
||||||
|
1
.ci/dev/regression/Jenkinsfile
vendored
1
.ci/dev/regression/Jenkinsfile
vendored
@ -8,6 +8,7 @@ pipeline {
|
|||||||
options {
|
options {
|
||||||
timestamps()
|
timestamps()
|
||||||
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
|
buildDiscarder(logRotator(daysToKeepStr: '7', artifactDaysToKeepStr: '7'))
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
}
|
}
|
||||||
|
|
||||||
environment {
|
environment {
|
||||||
|
7
.ci/dev/smoke/Jenkinsfile
vendored
7
.ci/dev/smoke/Jenkinsfile
vendored
@ -5,8 +5,11 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
|
|||||||
|
|
||||||
pipeline {
|
pipeline {
|
||||||
agent { label 'local-k8s' }
|
agent { label 'local-k8s' }
|
||||||
options { timestamps()
|
options {
|
||||||
overrideIndexTriggers(false) }
|
timestamps()
|
||||||
|
overrideIndexTriggers(false)
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
|
}
|
||||||
|
|
||||||
triggers {
|
triggers {
|
||||||
issueCommentTrigger('.*smoke tests.*')
|
issueCommentTrigger('.*smoke tests.*')
|
||||||
|
5
.ci/dev/unit/Jenkinsfile
vendored
5
.ci/dev/unit/Jenkinsfile
vendored
@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
|
|||||||
|
|
||||||
pipeline {
|
pipeline {
|
||||||
agent { label 'local-k8s' }
|
agent { label 'local-k8s' }
|
||||||
options { timestamps() }
|
options {
|
||||||
|
timestamps()
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
|
}
|
||||||
|
|
||||||
environment {
|
environment {
|
||||||
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
|
DOCKER_TAG_TO_USE = "${UUID.randomUUID().toString().toLowerCase().subSequence(0, 12)}"
|
||||||
|
5
Jenkinsfile
vendored
5
Jenkinsfile
vendored
@ -6,7 +6,10 @@ killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
|
|||||||
|
|
||||||
pipeline {
|
pipeline {
|
||||||
agent { label 'local-k8s' }
|
agent { label 'local-k8s' }
|
||||||
options { timestamps() }
|
options {
|
||||||
|
timestamps()
|
||||||
|
timeout(time: 3, unit: 'HOURS')
|
||||||
|
}
|
||||||
|
|
||||||
environment {
|
environment {
|
||||||
DOCKER_TAG_TO_USE = "${env.GIT_COMMIT.subSequence(0, 8)}"
|
DOCKER_TAG_TO_USE = "${env.GIT_COMMIT.subSequence(0, 8)}"
|
||||||
|
@ -12,6 +12,7 @@ import org.bouncycastle.asn1.x509.GeneralSubtree
|
|||||||
import org.bouncycastle.asn1.x509.NameConstraints
|
import org.bouncycastle.asn1.x509.NameConstraints
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider
|
import org.bouncycastle.jce.provider.BouncyCastleProvider
|
||||||
import org.junit.Test
|
import org.junit.Test
|
||||||
|
import java.security.Security
|
||||||
import java.security.UnrecoverableKeyException
|
import java.security.UnrecoverableKeyException
|
||||||
import java.security.cert.CertPathValidator
|
import java.security.cert.CertPathValidator
|
||||||
import java.security.cert.CertPathValidatorException
|
import java.security.cert.CertPathValidatorException
|
||||||
@ -93,7 +94,8 @@ class X509NameConstraintsTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test(timeout=300_000)
|
@Test(timeout=300_000)
|
||||||
fun `x500 name with correct cn and extra attribute`() {
|
fun `x500 name with correct cn and extra attribute`() {
|
||||||
|
Security.addProvider(BouncyCastleProvider())
|
||||||
val acceptableNames = listOf("CN=Bank A TLS, UID=", "O=Bank A")
|
val acceptableNames = listOf("CN=Bank A TLS, UID=", "O=Bank A")
|
||||||
.map { GeneralSubtree(GeneralName(X500Name(it))) }.toTypedArray()
|
.map { GeneralSubtree(GeneralName(X500Name(it))) }.toTypedArray()
|
||||||
|
|
||||||
|
@ -452,6 +452,13 @@ notary
|
|||||||
|
|
||||||
*Default:* not defined
|
*Default:* not defined
|
||||||
|
|
||||||
|
etaMessageThresholdSeconds
|
||||||
|
If the wait time estimate on the internal queue exceeds this value, the notary may send
|
||||||
|
a wait time update to the client (implementation specific and dependent on the counter
|
||||||
|
party version).
|
||||||
|
|
||||||
|
*Default:* Implementation dependent
|
||||||
|
|
||||||
raft
|
raft
|
||||||
*(Experimental)* If part of a distributed Raft cluster, specify this configuration object with the following settings:
|
*(Experimental)* If part of a distributed Raft cluster, specify this configuration object with the following settings:
|
||||||
|
|
||||||
|
@ -25,6 +25,7 @@ import net.corda.testing.node.internal.DummyClusterSpec
|
|||||||
import net.corda.testing.node.internal.FINANCE_CORDAPPS
|
import net.corda.testing.node.internal.FINANCE_CORDAPPS
|
||||||
import net.corda.testing.node.internal.cordappWithPackages
|
import net.corda.testing.node.internal.cordappWithPackages
|
||||||
import org.assertj.core.api.Assertions.assertThat
|
import org.assertj.core.api.Assertions.assertThat
|
||||||
|
import org.junit.Ignore
|
||||||
import org.junit.Test
|
import org.junit.Test
|
||||||
import rx.Observable
|
import rx.Observable
|
||||||
import java.util.*
|
import java.util.*
|
||||||
@ -81,6 +82,7 @@ class DistributedServiceTests {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TODO This should be in RaftNotaryServiceTests
|
// TODO This should be in RaftNotaryServiceTests
|
||||||
|
@Ignore
|
||||||
@Test(timeout=300_000)
|
@Test(timeout=300_000)
|
||||||
fun `cluster survives if a notary is killed`() {
|
fun `cluster survives if a notary is killed`() {
|
||||||
setup {
|
setup {
|
||||||
@ -119,6 +121,7 @@ class DistributedServiceTests {
|
|||||||
|
|
||||||
// TODO Use a dummy distributed service rather than a Raft Notary Service as this test is only about Artemis' ability
|
// TODO Use a dummy distributed service rather than a Raft Notary Service as this test is only about Artemis' ability
|
||||||
// to handle distributed services
|
// to handle distributed services
|
||||||
|
@Ignore
|
||||||
@Test(timeout=300_000)
|
@Test(timeout=300_000)
|
||||||
fun `requests are distributed evenly amongst the nodes`() {
|
fun `requests are distributed evenly amongst the nodes`() {
|
||||||
setup {
|
setup {
|
||||||
|
@ -86,7 +86,7 @@ open class NetworkRegistrationHelper(
|
|||||||
* @throws CertificateRequestException if the certificate retrieved by doorman is invalid.
|
* @throws CertificateRequestException if the certificate retrieved by doorman is invalid.
|
||||||
*/
|
*/
|
||||||
fun generateKeysAndRegister() {
|
fun generateKeysAndRegister() {
|
||||||
certificatesDirectory.createDirectories()
|
certificatesDirectory.safeSymbolicRead().createDirectories()
|
||||||
// We need this in case cryptoService and certificateStore share the same KeyStore (for backwards compatibility purposes).
|
// We need this in case cryptoService and certificateStore share the same KeyStore (for backwards compatibility purposes).
|
||||||
// If we didn't, then an update to cryptoService wouldn't be reflected to certificateStore that is already loaded in memory.
|
// If we didn't, then an update to cryptoService wouldn't be reflected to certificateStore that is already loaded in memory.
|
||||||
val certStore: CertificateStore = if (cryptoService is BCCryptoService) cryptoService.certificateStore else certificateStore
|
val certStore: CertificateStore = if (cryptoService is BCCryptoService) cryptoService.certificateStore else certificateStore
|
||||||
|
@ -12,6 +12,7 @@ import net.corda.core.identity.CordaX500Name
|
|||||||
import net.corda.core.internal.CertRole
|
import net.corda.core.internal.CertRole
|
||||||
import net.corda.core.internal.createDirectories
|
import net.corda.core.internal.createDirectories
|
||||||
import net.corda.core.internal.div
|
import net.corda.core.internal.div
|
||||||
|
import net.corda.core.internal.safeSymbolicRead
|
||||||
import net.corda.core.internal.toX500Name
|
import net.corda.core.internal.toX500Name
|
||||||
import net.corda.core.utilities.seconds
|
import net.corda.core.utilities.seconds
|
||||||
import net.corda.node.NodeRegistrationOption
|
import net.corda.node.NodeRegistrationOption
|
||||||
@ -36,6 +37,7 @@ import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest
|
|||||||
import org.junit.After
|
import org.junit.After
|
||||||
import org.junit.Before
|
import org.junit.Before
|
||||||
import org.junit.Test
|
import org.junit.Test
|
||||||
|
import java.nio.file.Files
|
||||||
import java.security.PublicKey
|
import java.security.PublicKey
|
||||||
import java.security.cert.CertPathValidatorException
|
import java.security.cert.CertPathValidatorException
|
||||||
import java.security.cert.X509Certificate
|
import java.security.cert.X509Certificate
|
||||||
@ -204,6 +206,20 @@ class NetworkRegistrationHelperTest {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test(timeout=300_000)
|
||||||
|
fun `successful registration with symbolic link for certificates directory`() {
|
||||||
|
assertThat(config.signingCertificateStore.getOptional()).isNull()
|
||||||
|
assertThat(config.p2pSslOptions.keyStore.getOptional()).isNull()
|
||||||
|
assertThat(config.p2pSslOptions.trustStore.getOptional()).isNull()
|
||||||
|
|
||||||
|
val originalCertificatesDirectory = (config.baseDirectory / "certificates2").createDirectories()
|
||||||
|
Files.createSymbolicLink(config.certificatesDirectory, originalCertificatesDirectory)
|
||||||
|
|
||||||
|
val rootAndIntermediateCA = createDevIntermediateCaCertPath().also { saveNetworkTrustStore(CORDA_ROOT_CA to it.first.certificate) }
|
||||||
|
|
||||||
|
createRegistrationHelper(rootAndIntermediateCA = rootAndIntermediateCA).generateKeysAndRegister()
|
||||||
|
}
|
||||||
|
|
||||||
private fun createNodeCaCertPath(type: CertificateType = CertificateType.NODE_CA,
|
private fun createNodeCaCertPath(type: CertificateType = CertificateType.NODE_CA,
|
||||||
legalName: CordaX500Name = nodeLegalName,
|
legalName: CordaX500Name = nodeLegalName,
|
||||||
publicKey: PublicKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME).public,
|
publicKey: PublicKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME).public,
|
||||||
@ -268,7 +284,7 @@ class NetworkRegistrationHelperTest {
|
|||||||
* the certificate itself.
|
* the certificate itself.
|
||||||
*/
|
*/
|
||||||
private fun saveNetworkTrustStore(vararg trustedCertificates: Pair<String, X509Certificate>) {
|
private fun saveNetworkTrustStore(vararg trustedCertificates: Pair<String, X509Certificate>) {
|
||||||
config.certificatesDirectory.createDirectories()
|
config.certificatesDirectory.safeSymbolicRead().createDirectories()
|
||||||
val rootTruststorePath = config.certificatesDirectory / networkRootTrustStoreFileName
|
val rootTruststorePath = config.certificatesDirectory / networkRootTrustStoreFileName
|
||||||
X509KeyStore.fromFile(rootTruststorePath, networkRootTrustStorePassword, createNew = true).update {
|
X509KeyStore.fromFile(rootTruststorePath, networkRootTrustStorePassword, createNew = true).update {
|
||||||
trustedCertificates.forEach {
|
trustedCertificates.forEach {
|
||||||
|
@ -22,13 +22,13 @@ public class HashLookupShellCommand extends InteractiveShellCommand {
|
|||||||
@Man("Checks if a transaction matching a specified Id hash value is recorded on this node.\n\n" +
|
@Man("Checks if a transaction matching a specified Id hash value is recorded on this node.\n\n" +
|
||||||
"This is mainly intended to be used for troubleshooting notarisation issues when a\n" +
|
"This is mainly intended to be used for troubleshooting notarisation issues when a\n" +
|
||||||
"state is claimed to be already consumed by another transaction.\n\n" +
|
"state is claimed to be already consumed by another transaction.\n\n" +
|
||||||
"Example usage: hash-lookup E470FD8A6350A74217B0A99EA5FB71F091C84C64AD0DE0E72ECC10421D03AAC9"
|
"Example usage: hashLookup E470FD8A6350A74217B0A99EA5FB71F091C84C64AD0DE0E72ECC10421D03AAC9"
|
||||||
)
|
)
|
||||||
public void main(@Usage("A hexadecimal SHA-256 hash value representing the hashed transaction Id") @Argument(unquote = false) String txIdHash) {
|
public void main(@Usage("A hexadecimal SHA-256 hash value representing the hashed transaction Id") @Argument(unquote = false) String txIdHash) {
|
||||||
logger.info("Executing command \"hash-lookup\".");
|
logger.info("Executing command \"hashLookup\".");
|
||||||
|
|
||||||
if (txIdHash == null) {
|
if (txIdHash == null) {
|
||||||
out.println("Please provide a hexadecimal transaction Id hash value, see 'man hash-lookup'", Decoration.bold, Color.red);
|
out.println("Please provide a hexadecimal transaction Id hash value, see 'man hashLookup'", Decoration.bold, Color.red);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user