From 5a05704d7a34c931c77f42087e5bbec46b594a24 Mon Sep 17 00:00:00 2001
From: Joel Dudley <joeldudleyr3@users.noreply.github.com>
Date: Tue, 20 Mar 2018 08:14:33 +0000
Subject: [PATCH 1/2] Expands shell limitations section.

---
 docs/source/shell.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/source/shell.rst b/docs/source/shell.rst
index a76dc56846..62c6301cae 100644
--- a/docs/source/shell.rst
+++ b/docs/source/shell.rst
@@ -356,6 +356,8 @@ Limitations
 
 The shell will be enhanced over time. The currently known limitations include:
 
+* Flows cannot be run unless they override the progress tracker
+* If a command requires an argument of an abstract type, the command cannot be run because the concrete subclass to use cannot be specified using the YAML syntax
 * There is no command completion for flows or RPCs
 * Command history is not preserved across restarts
 * The ``jdbc`` command requires you to explicitly log into the database first

From 1a1cd94161a936a6812ed9d9d6cd1efb553b6bd9 Mon Sep 17 00:00:00 2001
From: Tudor Malene <tudor.malene@gmail.com>
Date: Tue, 20 Mar 2018 10:17:44 +0000
Subject: [PATCH 2/2] ENT-1564 - add additional uploader check to the
 HashConstraint (#2845)

---
 .../corda/core/contracts/AttachmentConstraint.kt    | 13 +++++++++++--
 .../net/corda/core/internal/AbstractAttachment.kt   |  3 +++
 .../nodeapi/internal/AttachmentsClassLoader.kt      |  4 ++--
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/core/src/main/kotlin/net/corda/core/contracts/AttachmentConstraint.kt b/core/src/main/kotlin/net/corda/core/contracts/AttachmentConstraint.kt
index 9d0b745bf7..a3465f4bf3 100644
--- a/core/src/main/kotlin/net/corda/core/contracts/AttachmentConstraint.kt
+++ b/core/src/main/kotlin/net/corda/core/contracts/AttachmentConstraint.kt
@@ -4,6 +4,7 @@ import net.corda.core.DoNotImplement
 import net.corda.core.contracts.AlwaysAcceptAttachmentConstraint.isSatisfiedBy
 import net.corda.core.crypto.SecureHash
 import net.corda.core.internal.AttachmentWithContext
+import net.corda.core.internal.isUploaderTrusted
 import net.corda.core.serialization.CordaSerializable
 
 /** Constrain which contract-code-containing attachment can be used with a [ContractState]. */
@@ -19,9 +20,17 @@ object AlwaysAcceptAttachmentConstraint : AttachmentConstraint {
     override fun isSatisfiedBy(attachment: Attachment) = true
 }
 
-/** An [AttachmentConstraint] that verifies by hash */
+/**
+ * An [AttachmentConstraint] that verifies by hash.
+ * The state protected by this constraint can only be used in a transaction created with that version of the jar.
+ * And a receiving node will only accept it if a cordapp with that hash has (is) been deployed on the node.
+ */
 data class HashAttachmentConstraint(val attachmentId: SecureHash) : AttachmentConstraint {
-    override fun isSatisfiedBy(attachment: Attachment) = attachment.id == attachmentId
+    override fun isSatisfiedBy(attachment: Attachment): Boolean {
+        return if (attachment is AttachmentWithContext) {
+            attachment.id == attachmentId && isUploaderTrusted(attachment.contractAttachment.uploader)
+        } else false
+    }
 }
 
 /**
diff --git a/core/src/main/kotlin/net/corda/core/internal/AbstractAttachment.kt b/core/src/main/kotlin/net/corda/core/internal/AbstractAttachment.kt
index adbc815537..6281f79795 100644
--- a/core/src/main/kotlin/net/corda/core/internal/AbstractAttachment.kt
+++ b/core/src/main/kotlin/net/corda/core/internal/AbstractAttachment.kt
@@ -20,6 +20,9 @@ const val TEST_UPLOADER = "test"
 const val P2P_UPLOADER = "p2p"
 const val UNKNOWN_UPLOADER = "unknown"
 
+fun isUploaderTrusted(uploader: String?) =
+        uploader?.let { it in listOf(DEPLOYED_CORDAPP_UPLOADER, RPC_UPLOADER, TEST_UPLOADER) } ?: false
+
 abstract class AbstractAttachment(dataLoader: () -> ByteArray) : Attachment {
     companion object {
         fun SerializeAsTokenContext.attachmentDataLoader(id: SecureHash): () -> ByteArray {
diff --git a/node-api/src/main/kotlin/net/corda/nodeapi/internal/AttachmentsClassLoader.kt b/node-api/src/main/kotlin/net/corda/nodeapi/internal/AttachmentsClassLoader.kt
index a499bbfc1b..6117670407 100644
--- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/AttachmentsClassLoader.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/AttachmentsClassLoader.kt
@@ -3,7 +3,7 @@ package net.corda.nodeapi.internal
 import net.corda.core.contracts.Attachment
 import net.corda.core.contracts.ContractAttachment
 import net.corda.core.crypto.SecureHash
-import net.corda.core.internal.DEPLOYED_CORDAPP_UPLOADER
+import net.corda.core.internal.isUploaderTrusted
 import net.corda.core.serialization.CordaSerializable
 import java.io.ByteArrayInputStream
 import java.io.ByteArrayOutputStream
@@ -33,7 +33,7 @@ class AttachmentsClassLoader(attachments: List<Attachment>, parent: ClassLoader
     }
 
     init {
-        require(attachments.mapNotNull { it as? ContractAttachment }.none { it.uploader != DEPLOYED_CORDAPP_UPLOADER }) {
+        require(attachments.mapNotNull { it as? ContractAttachment }.all { isUploaderTrusted(it.uploader) }) {
             "Attempting to load Contract Attachments downloaded from the network"
         }