Merge remote-tracking branch 'origin/release/os/4.9' into adel/merge-from-4.9-1stApr

This commit is contained in:
Adel El-Beik 2022-04-01 16:58:08 +01:00
commit cb4c7a80ca
37 changed files with 246 additions and 49 deletions

View File

@ -61,6 +61,7 @@ String COMMON_GRADLE_PARAMS = [
'--info',
'-Pcompilation.warningsAsErrors=false',
'-Ptests.failFast=true',
'-DexcludeShell',
].join(' ')
pipeline {
@ -86,6 +87,18 @@ pipeline {
parallelsAlwaysFailFast()
timeout(time: 6, unit: 'HOURS')
timestamps()
office365ConnectorWebhooks([[
name : "Corda 4 Jenkins Connector",
notifyBackToNormal : true,
startNotification : false,
notifyFailure : true,
notifySuccess : true,
notifyNotBuilt : false,
notifyAborted : false,
notifyRepeatedFailure: true,
notifyUnstable : true,
url : "${teamsWebHookURL}"
]])
}
parameters {
@ -295,7 +308,7 @@ pipeline {
rtGradleRun(
usesPlugin: true,
useWrapper: true,
switches: '-s --info',
switches: '-s --info -DpublishApiDocs',
tasks: 'artifactoryPublish',
deployerId: 'deployer',
buildName: env.ARTIFACTORY_BUILD_NAME

View File

@ -61,6 +61,7 @@ buildscript {
ext.asm_version = constants.getProperty("asmVersion")
ext.artemis_version = constants.getProperty("artemisVersion")
ext.jackson_version = constants.getProperty("jacksonVersion")
ext.jackson_kotlin_version = constants.getProperty("jacksonKotlinVersion")
ext.jetty_version = constants.getProperty("jettyVersion")
ext.jersey_version = constants.getProperty("jerseyVersion")
ext.servlet_version = constants.getProperty("servletVersion")
@ -413,6 +414,12 @@ allprojects {
includeGroup 'com.github.detro'
}
}
maven {
url "${artifactory_contextUrl}/corda-releases"
content {
includeModule('net.corda', 'corda-shell')
}
}
mavenCentral()
jcenter()
}

View File

@ -9,7 +9,9 @@ dependencies {
compile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
// Jackson and its plugins: parsing to/from JSON and other textual formats.
compile "com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version"
compile("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_kotlin_version") {
exclude module: "jackson-databind"
}
// Yaml is useful for parsing strings to method calls.
compile "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:$jackson_version"
// This adds support for java.time types.

View File

@ -2,10 +2,24 @@ package net.corda.client.jackson
import com.fasterxml.jackson.annotation.JsonIgnore
import com.fasterxml.jackson.annotation.JsonProperty
import com.fasterxml.jackson.core.*
import com.fasterxml.jackson.databind.*
import com.fasterxml.jackson.core.JsonFactory
import com.fasterxml.jackson.core.JsonGenerator
import com.fasterxml.jackson.core.JsonParseException
import com.fasterxml.jackson.core.JsonParser
import com.fasterxml.jackson.core.JsonToken
import com.fasterxml.jackson.databind.BeanDescription
import com.fasterxml.jackson.databind.DeserializationConfig
import com.fasterxml.jackson.databind.DeserializationContext
import com.fasterxml.jackson.databind.DeserializationFeature
import com.fasterxml.jackson.databind.JsonDeserializer
import com.fasterxml.jackson.databind.JsonSerializer
import com.fasterxml.jackson.databind.Module
import com.fasterxml.jackson.databind.ObjectMapper
import com.fasterxml.jackson.databind.SerializationFeature
import com.fasterxml.jackson.databind.SerializerProvider
import com.fasterxml.jackson.databind.annotation.JsonDeserialize
import com.fasterxml.jackson.databind.annotation.JsonSerialize
import com.fasterxml.jackson.databind.cfg.ConstructorDetector
import com.fasterxml.jackson.databind.deser.BeanDeserializerModifier
import com.fasterxml.jackson.databind.deser.std.NumberDeserializers
import com.fasterxml.jackson.databind.node.ObjectNode
@ -21,9 +35,21 @@ import net.corda.core.DoNotImplement
import net.corda.core.contracts.Amount
import net.corda.core.contracts.ContractState
import net.corda.core.contracts.StateRef
import net.corda.core.crypto.*
import net.corda.core.identity.*
import net.corda.core.internal.*
import net.corda.core.crypto.Base58
import net.corda.core.crypto.MerkleTree
import net.corda.core.crypto.SecureHash
import net.corda.core.crypto.TransactionSignature
import net.corda.core.crypto.toStringShort
import net.corda.core.identity.AbstractParty
import net.corda.core.identity.AnonymousParty
import net.corda.core.identity.CordaX500Name
import net.corda.core.identity.Party
import net.corda.core.identity.PartyAndCertificate
import net.corda.core.internal.CertRole
import net.corda.core.internal.VisibleForTesting
import net.corda.core.internal.isStatic
import net.corda.core.internal.kotlinObjectInstance
import net.corda.core.internal.uncheckedCast
import net.corda.core.messaging.CordaRPCOps
import net.corda.core.node.NodeInfo
import net.corda.core.node.services.IdentityService
@ -179,6 +205,8 @@ object JacksonSupport {
addMixIn(X500Principal::class.java, X500PrincipalMixin::class.java)
addMixIn(X509Certificate::class.java, X509CertificateMixin::class.java)
addMixIn(CertPath::class.java, CertPathMixin::class.java)
setConstructorDetector(ConstructorDetector.DEFAULT.withAllowJDKTypeConstructors(true))
}
}

View File

@ -2,16 +2,30 @@
package net.corda.client.jackson.internal
import com.fasterxml.jackson.annotation.*
import com.fasterxml.jackson.annotation.JsonAutoDetect.Value
import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility
import com.fasterxml.jackson.annotation.JsonCreator
import com.fasterxml.jackson.annotation.JsonCreator.Mode.DISABLED
import com.fasterxml.jackson.annotation.JsonInclude
import com.fasterxml.jackson.annotation.JsonInclude.Include
import com.fasterxml.jackson.annotation.JsonProperty
import com.fasterxml.jackson.annotation.JsonTypeInfo
import com.fasterxml.jackson.annotation.JsonValue
import com.fasterxml.jackson.core.JsonGenerator
import com.fasterxml.jackson.core.JsonParseException
import com.fasterxml.jackson.core.JsonParser
import com.fasterxml.jackson.core.JsonToken
import com.fasterxml.jackson.databind.*
import com.fasterxml.jackson.databind.BeanDescription
import com.fasterxml.jackson.databind.BeanProperty
import com.fasterxml.jackson.databind.DeserializationConfig
import com.fasterxml.jackson.databind.DeserializationContext
import com.fasterxml.jackson.databind.JavaType
import com.fasterxml.jackson.databind.JsonDeserializer
import com.fasterxml.jackson.databind.JsonSerializer
import com.fasterxml.jackson.databind.Module
import com.fasterxml.jackson.databind.ObjectMapper
import com.fasterxml.jackson.databind.SerializationConfig
import com.fasterxml.jackson.databind.SerializerProvider
import com.fasterxml.jackson.databind.annotation.JsonDeserialize
import com.fasterxml.jackson.databind.annotation.JsonSerialize
import com.fasterxml.jackson.databind.cfg.MapperConfig
@ -19,6 +33,7 @@ import com.fasterxml.jackson.databind.deser.BeanDeserializerModifier
import com.fasterxml.jackson.databind.deser.ContextualDeserializer
import com.fasterxml.jackson.databind.deser.std.DelegatingDeserializer
import com.fasterxml.jackson.databind.deser.std.FromStringDeserializer
import com.fasterxml.jackson.databind.introspect.AccessorNamingStrategy
import com.fasterxml.jackson.databind.introspect.AnnotatedClass
import com.fasterxml.jackson.databind.introspect.BasicClassIntrospector
import com.fasterxml.jackson.databind.introspect.POJOPropertiesCollector
@ -31,12 +46,30 @@ import com.fasterxml.jackson.databind.ser.std.StdScalarSerializer
import com.fasterxml.jackson.databind.ser.std.UUIDSerializer
import com.google.common.primitives.Booleans
import net.corda.client.jackson.JacksonSupport
import net.corda.core.contracts.*
import net.corda.core.crypto.*
import net.corda.core.contracts.Amount
import net.corda.core.contracts.AttachmentConstraint
import net.corda.core.contracts.Command
import net.corda.core.contracts.CommandData
import net.corda.core.contracts.ContractState
import net.corda.core.contracts.PrivacySalt
import net.corda.core.contracts.StateRef
import net.corda.core.contracts.TimeWindow
import net.corda.core.contracts.TransactionState
import net.corda.core.crypto.Crypto
import net.corda.core.crypto.DigestService
import net.corda.core.crypto.DigitalSignature
import net.corda.core.crypto.PartialMerkleTree.PartialTree
import net.corda.core.crypto.SecureHash
import net.corda.core.crypto.SecureHash.Companion.SHA2_256
import net.corda.core.crypto.SignatureMetadata
import net.corda.core.crypto.SignatureScheme
import net.corda.core.crypto.TransactionSignature
import net.corda.core.flows.StateMachineRunId
import net.corda.core.identity.*
import net.corda.core.identity.AbstractParty
import net.corda.core.identity.AnonymousParty
import net.corda.core.identity.CordaX500Name
import net.corda.core.identity.Party
import net.corda.core.identity.PartyAndCertificate
import net.corda.core.internal.DigitalSignatureWithCert
import net.corda.core.internal.createComponentGroups
import net.corda.core.node.NodeInfo
@ -44,7 +77,12 @@ import net.corda.core.serialization.SerializeAsToken
import net.corda.core.serialization.SerializedBytes
import net.corda.core.serialization.deserialize
import net.corda.core.serialization.serialize
import net.corda.core.transactions.*
import net.corda.core.transactions.ContractUpgradeFilteredTransaction
import net.corda.core.transactions.ContractUpgradeWireTransaction
import net.corda.core.transactions.FilteredTransaction
import net.corda.core.transactions.NotaryChangeWireTransaction
import net.corda.core.transactions.SignedTransaction
import net.corda.core.transactions.WireTransaction
import net.corda.core.utilities.ByteSequence
import net.corda.core.utilities.NetworkHostAndPort
import net.corda.core.utilities.parseAsHex
@ -117,6 +155,14 @@ private class CordaSerializableClassIntrospector(private val context: Module.Set
}
return super.constructPropertyCollector(config, ac, type, forSerialization, mutatorPrefix)
}
override fun constructPropertyCollector(config: MapperConfig<*>?, classDef: AnnotatedClass?, type: JavaType, forSerialization: Boolean, accNaming: AccessorNamingStrategy?): POJOPropertiesCollector {
if (hasCordaSerializable(type.rawClass)) {
// Adjust the field visibility of CordaSerializable classes on the fly as they are encountered.
context.configOverride(type.rawClass).visibility = Value.defaultVisibility().withFieldVisibility(Visibility.ANY)
}
return super.constructPropertyCollector(config, classDef, type, forSerialization, accNaming)
}
}
private class CordaSerializableBeanSerializerModifier : BeanSerializerModifier() {

View File

@ -55,7 +55,9 @@ dependencies {
// TODO: remove the forced update of commons-collections and beanutils when artemis updates them
compile "org.apache.commons:commons-collections4:${commons_collections_version}"
compile "commons-beanutils:commons-beanutils:${beanutils_version}"
compile "org.apache.activemq:artemis-core-client:${artemis_version}"
compile("org.apache.activemq:artemis-core-client:${artemis_version}") {
exclude group: 'org.jgroups', module: 'jgroups'
}
// Unit testing helpers.
testImplementation "org.junit.jupiter:junit-jupiter-api:${junit_jupiter_version}"

View File

@ -46,7 +46,8 @@ capsuleVersion=1.0.3
asmVersion=7.1
artemisVersion=2.19.1
# TODO Upgrade Jackson only when corda is using kotlin 1.3.10
jacksonVersion=2.9.7
jacksonVersion=2.13.1
jacksonKotlinVersion=2.9.7
jettyVersion=9.4.19.v20190610
jerseyVersion=2.25
servletVersion=4.0.1

View File

@ -2,6 +2,7 @@ FROM azul/zulu-openjdk:8u312
## Add packages, clean cache, create dirs, create corda user and change ownership
RUN apt-get update && \
apt-mark hold zulu8-jdk && \
apt-get -y upgrade && \
apt-get -y install bash curl unzip netstat lsof telnet netcat && \
rm -rf /var/lib/apt/lists/* && \

View File

@ -17,7 +17,9 @@ dependencies {
// TODO: remove the forced update of commons-collections and beanutils when artemis updates them
compile "org.apache.commons:commons-collections4:${commons_collections_version}"
compile "commons-beanutils:commons-beanutils:${beanutils_version}"
compile "org.apache.activemq:artemis-core-client:${artemis_version}"
compile("org.apache.activemq:artemis-core-client:${artemis_version}") {
exclude group: 'org.jgroups', module: 'jgroups'
}
compile "org.apache.activemq:artemis-commons:${artemis_version}"
compile "io.netty:netty-handler-proxy:$netty_version"
@ -62,6 +64,7 @@ dependencies {
compile ("org.apache.activemq:artemis-amqp-protocol:${artemis_version}") {
// Gains our proton-j version from core module.
exclude group: 'org.apache.qpid', module: 'proton-j'
exclude group: 'org.jgroups', module: 'jgroups'
}
}

View File

@ -0,0 +1,40 @@
#!/bin/bash
# These jks files have been produced with KeyTool using commands from V3 Float/Bridge setup here:
# https://docs.corda.r3.com/bridge-configuration-file.html#complete-example
# More specifically the following script can be run on mac to generate the files needed.
# Trust Root with EC algo
keytool -genkeypair -keyalg EC -keysize 256 -alias floatroot -validity 3650 -dname "CN=Float Root,O=Local Only,L=London,C=GB" -ext bc:ca:true,pathlen:1 -keystore floatca.jks -storepass capass -keypass cakeypass
# Bridge and Float with EC
keytool -genkeypair -keyalg EC -keysize 256 -alias bridgecert -validity 3650 -dname "CN=Bridge Local,O=Local Only,L=London,C=GB" -ext bc:ca:false -keystore bridge_ec.jks -storepass bridgepass -keypass bridgepass
keytool -genkeypair -keyalg EC -keysize 256 -alias floatcert -validity 3650 -dname "CN=Float Local,O=Local Only,L=London,C=GB" -ext bc:ca:false -keystore float_ec.jks -storepass floatpass -keypass floatpass
# Bridge and Float with RSA
keytool -genkeypair -keyalg RSA -keysize 1024 -alias bridgecert -validity 3650 -dname "CN=Bridge Local,O=Local Only,L=London,C=GB" -ext bc:ca:false -keystore bridge_rsa.jks -storepass bridgepass -keypass bridgepass
keytool -genkeypair -keyalg RSA -keysize 1024 -alias floatcert -validity 3650 -dname "CN=Float Local,O=Local Only,L=London,C=GB" -ext bc:ca:false -keystore float_rsa.jks -storepass floatpass -keypass floatpass
# Export Trust root for subsequent chaining
keytool -exportcert -rfc -alias floatroot -keystore floatca.jks -storepass capass -keypass cakeypass > root.pem
keytool -importcert -noprompt -file root.pem -alias root -keystore trust.jks -storepass trustpass
# Create a chain for EC Bridge
keytool -certreq -alias bridgecert -keystore bridge_ec.jks -storepass bridgepass -keypass bridgepass |keytool -gencert -validity 3650 -ext ku:c=dig,keyEncipherment -ext: eku:true=serverAuth,clientAuth -rfc -keystore floatca.jks -alias floatroot -storepass capass -keypass cakeypass > bridge_ec.pem
cat root.pem bridge_ec.pem >> bridgechain_ec.pem
keytool -importcert -noprompt -file bridgechain_ec.pem -alias bridgecert -keystore bridge_ec.jks -storepass bridgepass -keypass bridgepass
# Create a chain for RSA Bridge
keytool -certreq -alias bridgecert -keystore bridge_rsa.jks -storepass bridgepass -keypass bridgepass |keytool -gencert -validity 3650 -ext ku:c=dig,keyEncipherment -ext: eku:true=serverAuth,clientAuth -rfc -keystore floatca.jks -alias floatroot -storepass capass -keypass cakeypass > bridge_rsa.pem
cat root.pem bridge_rsa.pem >> bridgechain_rsa.pem
keytool -importcert -noprompt -file bridgechain_rsa.pem -alias bridgecert -keystore bridge_rsa.jks -storepass bridgepass -keypass bridgepass
# Create a chain for EC Float
keytool -certreq -alias floatcert -keystore float_ec.jks -storepass floatpass -keypass floatpass |keytool -gencert -validity 3650 -ext ku:c=dig,keyEncipherment -ext: eku::true=serverAuth,clientAuth -rfc -keystore floatca.jks -alias floatroot -storepass capass -keypass cakeypass > float_ec.pem
cat root.pem float_ec.pem >> floatchain_ec.pem
keytool -importcert -noprompt -file floatchain_ec.pem -alias floatcert -keystore float_ec.jks -storepass floatpass -keypass floatpass
# Create a chain for RSA Float
keytool -certreq -alias floatcert -keystore float_rsa.jks -storepass floatpass -keypass floatpass |keytool -gencert -validity 3650 -ext ku:c=dig,keyEncipherment -ext: eku::true=serverAuth,clientAuth -rfc -keystore floatca.jks -alias floatroot -storepass capass -keypass cakeypass > float_rsa.pem
cat root.pem float_rsa.pem >> floatchain_rsa.pem
keytool -importcert -noprompt -file floatchain_rsa.pem -alias floatcert -keystore float_rsa.jks -storepass floatpass -keypass floatpass

View File

@ -127,11 +127,17 @@ dependencies {
// TODO: remove the forced update of commons-collections and beanutils when artemis updates them
compile "org.apache.commons:commons-collections4:${commons_collections_version}"
compile "commons-beanutils:commons-beanutils:${beanutils_version}"
compile "org.apache.activemq:artemis-server:${artemis_version}"
compile "org.apache.activemq:artemis-core-client:${artemis_version}"
compile("org.apache.activemq:artemis-server:${artemis_version}") {
exclude group: 'org.apache.commons', module: 'commons-dbcp2'
exclude group: 'org.jgroups', module: 'jgroups'
}
compile("org.apache.activemq:artemis-core-client:${artemis_version}") {
exclude group: 'org.jgroups', module: 'jgroups'
}
runtime("org.apache.activemq:artemis-amqp-protocol:${artemis_version}") {
// Gains our proton-j version from core module.
exclude group: 'org.apache.qpid', module: 'proton-j'
exclude group: 'org.jgroups', module: 'jgroups'
}
// Manifests: for reading stuff from the manifest file

View File

@ -690,9 +690,13 @@ abstract class AbstractNode<S>(val configuration: NodeConfiguration,
val isShellStarted = InteractiveShell.startShellIfInstalled(configuration, cordappLoader)
configuration.sshd?.port?.let {
if (isShellStarted) {
log.info("Binding Shell SSHD server on port $it.")
Node.printBasicNodeInfo("SSH server listening on port", configuration.sshd!!.port.toString())
log.info("SSH server listening on port: $it.")
} else {
log.info("SSH port defined but corda-shell is not installed in node's drivers directory")
Node.printBasicNodeInfo(
"SSH server not started. SSH port is defined but the corda-shell is not installed in node's drivers directory"
)
log.info("SSH server not started. SSH port is defined but the corda-shell is not installed in node's drivers directory")
}
}
}

View File

@ -48,7 +48,6 @@ import net.corda.node.internal.subcommands.ValidateConfigurationCli.Companion.lo
import net.corda.node.internal.subcommands.ValidateConfigurationCli.Companion.logRawConfig
import net.corda.node.services.config.NodeConfiguration
import net.corda.node.services.config.shouldStartLocalShell
import net.corda.node.services.config.shouldStartSSHDaemon
import net.corda.node.utilities.registration.NodeRegistrationException
import net.corda.nodeapi.internal.JVMAgentUtilities
import net.corda.nodeapi.internal.addShutdownHook
@ -263,19 +262,8 @@ open class NodeStartup : NodeStartupLogging {
Node.printBasicNodeInfo("Node for \"$name\" started up and registered in $elapsed sec")
// Don't start the shell if there's no console attached.
val isShellStarted = if (node.configuration.shouldStartLocalShell()) {
if (node.configuration.shouldStartLocalShell()) {
InteractiveShell.runLocalShellIfInstalled(node::stop)
} else {
false
}
if (node.configuration.shouldStartSSHDaemon()) {
if (isShellStarted) {
Node.printBasicNodeInfo("SSH server listening on port", node.configuration.sshd!!.port.toString())
} else {
Node.printBasicNodeInfo(
"SSH server not started. SSH port is defined but the corda-shell is not installed in node's drivers directory"
)
}
}
},
{ th ->

View File

@ -15,4 +15,6 @@ interface IdentityServiceInternal : IdentityService {
fun verifyAndRegisterNewRandomIdentity(identity: PartyAndCertificate)
fun invalidateCaches(name: CordaX500Name) {}
fun archiveNamedIdentity(name:String, publicKeyHash: String?) {}
}

View File

@ -378,7 +378,7 @@ class PersistentIdentityService(cacheFactory: NamedCacheFactory) : SingletonSeri
return resultList.last().publicKeyHash
}
private fun archiveNamedIdentity(name:String, publicKeyHash: String?) {
override fun archiveNamedIdentity(name:String, publicKeyHash: String?) {
archiveIdentityExecutor.submit {
database.transaction {
val deleteQuery = session.criteriaBuilder.createCriteriaDelete(PersistentNetworkMapCache.PersistentPartyToPublicKeyHash::class.java)

View File

@ -310,7 +310,7 @@ open class PersistentNetworkMapCache(cacheFactory: NamedCacheFactory,
synchronized(_changed) {
database.transaction {
removeInfoDB(session, node)
archiveNamedIdentity(session, node)
archiveNamedIdentity(node)
changePublisher.onNext(MapChange.Removed(node))
}
}
@ -319,13 +319,9 @@ open class PersistentNetworkMapCache(cacheFactory: NamedCacheFactory,
logger.debug { "Done removing node with info: $node" }
}
private fun archiveNamedIdentity(session: Session, nodeInfo: NodeInfo) {
private fun archiveNamedIdentity(nodeInfo: NodeInfo) {
nodeInfo.legalIdentities.forEach { party ->
val deleteQuery = session.criteriaBuilder.createCriteriaDelete(PersistentPartyToPublicKeyHash::class.java)
val queryRoot = deleteQuery.from(PersistentPartyToPublicKeyHash::class.java)
deleteQuery.where(session.criteriaBuilder.equal(queryRoot.get<String>("name"), party.name.toString()))
session.createQuery(deleteQuery).executeUpdate()
session.save(PersistentPartyToPublicKeyHash(party.name.toString(), party.owningKey.toStringShort() ))
identityService.archiveNamedIdentity(party.name.toString(), party.owningKey.toStringShort())
}
}
@ -457,7 +453,7 @@ open class PersistentNetworkMapCache(cacheFactory: NamedCacheFactory,
logger.debug { "Number of node infos to be cleared: ${result.size}" }
for (nodeInfo in result) {
session.remove(nodeInfo)
archiveNamedIdentity(session, nodeInfo.toNodeInfo())
archiveNamedIdentity(nodeInfo.toNodeInfo())
}
}
}

View File

@ -88,6 +88,9 @@ class NodeAttachmentService @JvmOverloads constructor(
while (true) {
val cursor = jar.nextJarEntry ?: break
// Security check to stop directory traversal from filename entry
require(!(cursor.name.contains("../"))) { "Bad character in ${cursor.name}" }
require(!(cursor.name.contains("..\\"))) { "Bad character in ${cursor.name}" }
if (manifestHasEntries && !allManifestEntries!!.remove(cursor.name)) extraFilesNotFoundInEntries.add(cursor)
val entryPath = Paths.get(cursor.name)
// Security check to stop zips trying to escape their rightful place.

View File

@ -584,7 +584,7 @@ class CheckpointDumperImpl(private val checkpointStorage: CheckpointStorage, pri
private object MapSerializer : JsonSerializer<Map<Any, Any>>() {
override fun serialize(map: Map<Any, Any>, gen: JsonGenerator, serializers: SerializerProvider) {
gen.writeStartArray(map.size)
gen.writeStartArray()
map.forEach { (key, value) ->
gen.jsonObject {
writeObjectField("key", key)

View File

@ -46,14 +46,19 @@ import org.junit.Assert.assertTrue
import org.junit.Before
import org.junit.Ignore
import org.junit.Test
import java.io.ByteArrayInputStream
import java.io.ByteArrayOutputStream
import java.io.InputStream
import java.net.URL
import java.nio.charset.StandardCharsets
import java.nio.file.FileAlreadyExistsException
import java.nio.file.FileSystem
import java.nio.file.Path
import java.util.*
import java.util.jar.JarEntry
import java.util.jar.JarInputStream
import java.util.jar.JarOutputStream
import java.util.jar.Manifest
import kotlin.streams.toList
import kotlin.test.*
@ -788,6 +793,32 @@ class NodeAttachmentServiceTest {
}
}
@Test(timeout=300_000)
fun `attachments containing jar entries whose names expose malicious directory traversal are prevented`() {
fun createJarWithJarEntryTraversalAttack(jarEntryName: String): InputStream {
val byteArrayOutputStream = ByteArrayOutputStream()
JarOutputStream(byteArrayOutputStream, Manifest()).apply {
putNextEntry(JarEntry(jarEntryName))
write("some-text".toByteArray())
closeEntry()
close()
}
return ByteArrayInputStream(byteArrayOutputStream.toByteArray())
}
val traversalAttackJarWin = createJarWithJarEntryTraversalAttack("..\\attack")
val traversalAttackJarUnix = createJarWithJarEntryTraversalAttack("../attack")
assertFailsWith(IllegalArgumentException::class) {
NodeAttachmentService.checkIsAValidJAR(traversalAttackJarWin)
}
assertFailsWith(IllegalArgumentException::class) {
NodeAttachmentService.checkIsAValidJAR(traversalAttackJarUnix)
}
}
@Test(timeout=300_000)
fun `attachments can be queried by providing a intersection of signers using an EQUAL statement - EQUAL containing a single public key`() {
SelfCleaningDir().use { file ->

View File

@ -31,6 +31,9 @@ configurations {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
compile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
compile "net.sf.jopt-simple:jopt-simple:$jopt_simple_version"
compile "javax.servlet:javax.servlet-api:${servlet_version}"

View File

@ -6,6 +6,9 @@ apply plugin: 'net.corda.plugins.cordapp'
apply plugin: 'net.corda.plugins.cordformation'
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
compile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
// The bank of corda CorDapp depends upon Cash CorDapp features

View File

@ -3,6 +3,9 @@ apply plugin: 'idea'
apply plugin: 'net.corda.plugins.cordformation'
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
runtimeOnly project(':node-api')
// Cordformation needs a SLF4J implementation when executing the Network
// Bootstrapper, but Log4J doesn't shutdown completely from within Gradle.

View File

@ -9,7 +9,8 @@ plugins {
ext['artemis.version'] = "$artemis_version"
ext['hibernate.version'] = "$hibernate_version"
ext['selenium.version'] = "$selenium_version"
ext['jackson.version'] = "$jackson_version"
// Using jackson_kotlin_version here for JDK11 compatibility with kotlin 1.2.71
ext['jackson.version'] = "$jackson_kotlin_version"
ext['dropwizard-metrics.version'] = "$metrics_version"
ext['mockito.version'] = "$mockito_version"

View File

@ -27,6 +27,9 @@ cordapp {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
cordapp project(':finance:contracts')
cordapp project(':finance:workflows')

View File

@ -16,7 +16,7 @@ dependencies {
cordaCompile project(':core')
compile("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version")
compile("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_kotlin_version")
// only included to control the `DemoClock` as part of the demo application
// normally `:node` should not be depended on in any CorDapps

View File

@ -70,7 +70,7 @@ dependencies {
}
compile('org.springframework.boot:spring-boot-starter-log4j2')
runtimeOnly("org.apache.logging.log4j:log4j-web:$log4j_version")
compile("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version")
compile("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_kotlin_version")
compile project(":client:rpc")
compile project(":client:jackson")
compile project(":finance:workflows")

View File

@ -12,6 +12,9 @@ cordapp {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
// Cordformation needs this for the Network Bootstrapper.
runtimeOnly project(':node-api')

View File

@ -15,6 +15,9 @@ cordapp {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
compile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
cordaCompile project(':client:rpc')
// Corda integration dependencies

View File

@ -26,8 +26,10 @@ configurations {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
cordaCompile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
// The SIMM demo CorDapp depends upon Cash CorDapp features
cordapp project(':finance:contracts')
cordapp project(':finance:workflows')

View File

@ -32,6 +32,9 @@ configurations {
}
dependencies {
if (System.getProperty('excludeShell') == null) {
cordaDriver "net.corda:corda-shell:$corda_release_version"
}
compile "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
compile "net.sf.jopt-simple:jopt-simple:$jopt_simple_version"
cordaCompile project(':client:rpc')

View File

@ -6,7 +6,7 @@ dependencies {
compile "org.jetbrains.kotlin:kotlin-reflect:$kotlin_version"
compile "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:$jackson_version"
compile "com.fasterxml.jackson.core:jackson-databind:$jackson_version"
compile "com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version"
compile "com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_kotlin_version"
compile "org.junit.jupiter:junit-jupiter-api:${junit_jupiter_version}"
compile "junit:junit:${junit_version}"

View File

@ -52,7 +52,7 @@ dependencies {
compile "com.typesafe:config:$typesafe_config_version"
compile "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:$jackson_version"
compile "com.fasterxml.jackson.core:jackson-databind:$jackson_version"
compile "com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version"
compile "com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_kotlin_version"
compile "info.picocli:picocli:$picocli_version"
// TornadoFX: A lightweight Kotlin framework for working with JavaFX UI's.