Addressed review comments - removed nested if and added parameter name for the usage of requiresCertificates.
Removed unnecessary import and white space.
Normally, these requests are left unacknowledged in the MQ broker to allow recovery via installing the missing CorDapp. If this is not applicable then the request be dropped (and the other side informed of the error).
While the node is starting up, we now check for the presence of the certificates directory. This allows us to print out an easily understandable error message if the directory is not present. An exception is made for devMode, as devMode will result in the directory being created in any case.
* ENT-3057: Log hibernate warns and errors in different log
If a hibernate error occurs (deadlock, for example) that would cause a flow to be sent to the hospital, hibernate logs the warnings and errors before we do. This results in duplication in the logs, and pollutes the log. To solve this, we create a new log appender named diagnostic-{node-name}.log and log any org.hibernate messages of warn and above to that file. This way, messages are not lost, which means that the information can be retrieved if need be.
* Corrected indentation of comment (changed tab to space)
* Updated node-administration document to mention diagnostic logging change
* Fixed integration test. It was breaking because it was fetching the first log file in the folder, assuming there would be only one. This assumption is now invalid because the diagnostic log file that was introduced. Two tests were found that used similar logic to find a log file to examine, hence both were corrected to look for log files beginning with "node"
* Updated documentation as per review comments.
Add a cache for notary identities in the PersistentIdentityService. This
solves a reported problem where notary identity lookup fails if its network
map entry is missing, which results in an exception when trying to insert
a state into the vault after recording a transaction.
Test if we have access to the logging path (baseDirectory/logs) before attempting to write to them. This allows us to shut down gracefully with an easily understandable error message.
Without doing this, the log4j2 will attempt to access the logPath when it first uses the logger in the call() function.
* CORDA-2629: Provide a better error msg when notary type misconfig
If a notary service is misconfigured with the type (either validating or not validating) stored in the node's configuration not matching that advertised in the network map cache, the notary will throw an exception and fail on startup.
Previously, this misconfiguration would result in an exception being thrown when attempting to notarise a transaction. This change results in the exception being thrown at node startup and the node operator being aware of the misconfiguration earlier.
* Corrected exception message when the notary does not have a party
* Changed exception message to include configured and advertised values.
Fixed unit test that was failing because of the new check.
* Plumb through the crlCheckSoftFail configuration option to bridge manager
* Add crlCheckSoftFail test to bridge manager and fix equivalent proton wrapper test
* Update documentation and set the node configuration default to true
* Revert default change and clarify consequences of setting option to false
* Remove NodeConfiguration default to leave only AMQPConfiguration default
There's a bug with the ServiceLoader which leaks a file handle to the app jar on shutdown. This causes an issue if a mock node is restarted in Windows. To avoid the problem completely we no longer overwrite any existing jars, as the jar to be copied will be same anyway.
(cherry picked from commit 0038a86481)
Only log a line about looking for notary implementations if at least notary implementation is found.
It might be unnecessary and confusing to log when no implementations are found.
Replaced TrustedAuthorityNotaryService with SinglePartyNotaryService in comment
* CORDA-2665: Updated OwnableState relevancy check is now gated on target version 4
https://github.com/corda/corda/pull/3789 changed the relevancy check of OwnableState to include the participants list in addition to the owner. This however breaks existing apps which assume (in their vault query) an OwnableState is recorded to the vault if-and-only-if the owner matches.
* CORDA-2665 Don't switch to new behaviour on target version upgrade.
When an RPC client disconnects from the RPC server, the log entry created now has its log level set to info rather than warning. It is perfectly normal for an RPC client to disconnect - only the RPC client knows if it was intentional.
* CORDA-2669 - pendingFlowsCount not in public API
Reintroduce `pendingFlowsCount` to public API (as deprecated). Advise
to use the `gracefulShutdown` command in the shell instead.
* CORDA-2669 - Add pendingFlowsCount to api-current.txt
* ENT-3053 Database connection pools leaking memory on every checkpoint. Flip in the thread local from the thread into the fiber.
* Back port to OS (needs some gradle changes) and added TODO, ability for it to avoid erroring if not using Hikari.
* Review feedback to remove warning.
* CORDA-2634 - Fix default currentTargetVersion
* CORDA-2634 - Include abstract flow classes in CorDapp class scanning
* CORDA-2634 - Run test for target platform version 4
To allow rolling upgrades where members of a BN may not all upgrade at the same time, the FinalityHandler is now always enabled, and not disabled if no old apps are installed.
Previously any attempt to use the FinalityHandler in such a scenerio would send the flow to the hospital, where manual intervention would be required to recover the transaction.
* Use the attachments classloader to deserialize contract states in migrations
* Added some comments to explain serialisation behaviour and how tests work.
* Add debug log to indicate when attachment classloading has failed.
* Use a servicesForResolution to load states for compatibility with notary changes and contract upgrades
* Add test case to cover notary change transactions
* Address review comments
* Change logging message in MigrationServicesForResolution
* Read the network-parameters file if there is nothing in the database
* Update documentation and provide a warning if there are many states.
* Handle case where file containing network parameters is missing
* Improve logging if attachments are not available and the file path doesn't exist
* Get logs the right way around
* Fix build error in tests
* Improve error when transaction deserialisation fails and move migrations for finance to contracts CorDapp
* Revert move of migrations and errors thrown from CordaRPCOps
* Ensure VaultQueryException is thrown from vault queries and remove unused import
* Improve error reporting from VaultQueryException
* Fix API break
* Fix vault query test failure due to exception change
CORDA-2595 - Fix test and api.
CORDA-2595 add test
CORDA-2595 fix tests
CORDA-2595 fix test and address code review comments
CORDA-2595 address code review comments
* First pass at fixing 2563.
* In memory KMS now maps keys to IDs.
* CreateDatabaseAndMockServices now creates a persistent key management service and a can take a persistent identity service, so now the external id mapping works for mock services.
* * Created a helper for mock services which allows the creation of a mock services with persistent identity management service key management service and vault.
* MockNode now uses persistent key management service - not sure why it didn't do before?
* * MockNode now uses BasicHSMKeyManagementService
* Updated api-current file
* Little fix required after rebase to master.
* Fixed broken test.
* Added informative error messages to UnsupportedOperationExceptions thrown by E2ETestKeyManagementService.
* Removed redundant private constructor for mock services from api-current.txt.
* Addressed Rick's comments.
* Create a new custom migration for populating the state_party table and the relevancy_status column within the vault_states table when migrating from V3 to V4.
* Add a corresponding unit test suite.
* Small refactorings to expose data required by the migration: the isRelevant function in the NodeVaultService, and the node's legal name from the configuration.
Previous implementation was in LedgerTransaction and focused only on contract classes,
but every package matters.
Also fixes some exception types and does misc refactorings.
Take out a useless parameter from a method that was added to the public
API, document it. Add some comments explaining more about why we are
looking up attachment versions in WireTransaction.toLedgerTransaction.
* CORDA-2547: WIP Migrate old notary schema correctly.
Modify liquibase scripts to rename the old committed state table instead of creating a new one.
* Rename liquibase change sets
* Change 3.3 baseline before Liquibase.
* Aligin with ENT, orginal node-notary.changelog-v1.xml moved to node-notary.changelog-v2.xml and it's compatible with ENT (which already has changes from v2).
* Aligin with ENT, orginal node-notary.changelog-v1.xml moved to node-notary.changelog-v2.xml and it's compatible with ENT (which already has changes from v2) - adding v2 to master file.
* Ensure setting up Liquibase on pre-existing pre-Liquibase database
* Add FetchParametersFlow
* No downgrade parameters in ResolveTransactionsFlow
Make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise). We ensure that by checking that epochs of network
parameters in the transaction chain are ordered.
* Addressed some minor items from RP review feedback.
* Refactoring following rebase from master.
* Address RP PR review comments (round 2)
* Addressed a couple of minor PR review points.
* Renaming of unit tests and cleanup.
* Changes discusses with RP to ensure Network Param checking is applied at txn verify time + resolve order checking gated on existence of tagged NPs in txn and associated minimum platform version.
* Do not fail on missing ServiceHub impl + return nothing if txn not NP tagged.
* Unify HistoricNetworkParametersStorage and
NetworkParametersStorageInternal
* SignedDataWithCert implements NamedByHash
* Cleanup
* Move parameters ordering check to signed transaction resolution
* Fixes after merge, address comments
* Address Andrius comments
This includes all of the cash selection logic, JSON support using jackson and a bunch of utilities which are not relevant to contract verification. The exception to this are Interpolator which has been moved to the IRS demo, and PhysicalLocationStructures.kt which is now in explorer.
* Allow for duplicate (contract class, version) signed attachments in devMode.
* Code clean-up.
* Fix compilation error in test code.
* Additional gating/warning and added Unit test for development mode behaviour.
* Remove locks around database access in AppendOnlyPersistentMap and introduce
a unit test that checks that known deadlock scenarios of the old version
are avoided.
* Fix Deadlock unit test
* Add some extra latching to try and make timing less fragile. Can never be perfect though.
* Review feedback, and some thread safety fixes.
* Start pooling classpath scanning
Quickly patch synchronisation of attachment class loader cache. Needs a revisit but more complicated due to DJVM.
Annotate away for DJVM
Take ClassGraph utils into their own file so we can exclude for DJVM
Clean up a little
* Daemonize the threads
* Seems to be some concurrency problems with use of ClassGraph. Using a mutex for now to work around.
Merged three tests into one to avoid repeating the same node startups. The assertions the original tests made can be done in one test without any contamination.
* Removed `restart node successfully with suspended flow` as it duplicates `TraderDemoTest#Test restart node during flow works properly`
* Removed the need for a notary
This is only testing the internal cordappForClasses method which is used for internal testing. This method is covered by other unit and integration tests.
CORDA-2497 fix
* Added test to show the fix working.
* Now backwards compatible.
* Refactored out some duped code.
* Added better explanations for what's going on.
* Fixed test which was failing due to the serializationEnvRule problem.
* Addressed Tudor's review comments.
The column 'uploader' was marked as not updatable entity so any update wasn't propagated to the database when the attachment was uploaded again and the uploader field was changed to a trusted one. Also 'saveOrUpdate' removed, the entity is already managed, saveOrUpdate is for detached/new entity.
Upgrade from node 3.0 to 4.0 fails to create versions of whitelisted JARs from networkParameters - read parameters from file at first as in Corda 3.0 there no relevant table, then try from the table.
As this is migration, the code will run only once on each node, she increased log level to info for messages. Tested using https://r3-cev.atlassian.net/browse/R3T-1549
* Update changelog with changes to vault queries
* Move choice of relevancy state to QueryCriteria
* Ensure relevancy default is correct for all query types
* Remove superfluous imports
* Update documentation for queries using state relevancy
* Fix merge damage
* Revert change to use RELEVANT as the default and update docs
* Revert missed instance of relevancy change
* Rewrite of upgrade notes for vault state query updates
* Address review comments
There were two issues:
* The original "sealing violation: can't seal package net.corda.nodeapi" issue was due to the isolated CorDapp containing some code in the net.corda.nodeapi namespace. This has been moved to the isolated namespace.
* The test was not correctly creating the second transaction with the dummy command
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Address comments
* Increase node memory for SIMM integration test
* Cache only serialization context
* Increase integ test timeout
* Fix API breakage
* Increase max heap size for web server integ test
* Move classloading utils from separate module to core.internal
* Adjust heap size for more integ tests
* Increase time window for IRS demo transactions
* Fix determinator
* Add parameter in core-deterministic
* Stub out class-loading method for DJVM
* Pass states to record through to transaction resolution
* Add a test case
* Add comment indicating why states are always added in tx resolution
* Update observer node documentation
The version of contract attachments that are whitelisted should be read from NetworkParameters.whitelistedContractImplementations.
It use the lattes network map from db with the highest epoch.
* Fixed bug in state pointer search and added tests.
* Blacklisted problematic package.
* Addressed Shams' comments.
* Addressed round two of comments.
* Fixed another bug whereby the DFS gets stuck in an infinite loop.
The API has been reverted to be completely ABI compatible with V3, and the small changes that were made to the wire format in https://github.com/corda/corda/pull/4260 have also been reverted.
Corda Node ensures a given contract class and version can be sourced from only one signed and trusted Attachment (JAR).
An attempt to import a signed JAR as a trusted uploader (or promote to be trusted) with a class and version already present in the other trusted Attachment will raise DuplicateContractClassException.
Minor fixes to Hibernate Attachment Query parser (original query to select attachment without signers would always return no attachments)
Move Raft and BFT-Smart notaries back into node to preserve backwards compatibility.
* Allow overriding full node config when using internal mock network parameters.
* Make BFT-Smart notary start up in prod mode as well
* Move raft & bftsmart notaries to net.corda.notary.experimental package
* Make sure Raft notary handles reference state edge cases correctly.
* Make sure BFT-Smart notary handles reference state edge cases correctly.
* Include notary schemas in node internal schemas
* Undo Raft notary table schema changes to maintain compatibility.
* Add cordapp code signing dev key to production blacklist.
* Remove code used to generate the actual PK hash (it is now attached to the JIRA story)
* Remove wiki page reference.
* Remove the non redundant cash transfer.
* ENT-2923 - remove db access code from the verification thread pool
* Remove worker pool for tx verification and disable db access.
* Address code review comments
* Reduce the operation of ip autodetect to nodes specifying localhost, rather than any node with a 192.168.x.x or 10.x.x.x address. Also, catch the common user error of specifying 0.0.0.0 in p2pAddress.
* Fix test that uses invalid config
Apps may depend on the previous behaviour of catching Throwable rather than just Exception. Better to not risk this break and instead provide a helper to throw Errors.
Also using Consumer to avoid ugly usage in Java for doOnSuccess and doOnFailure.
* Update the documentation for trackBy to better indicate that updates are not filtered according to the query criteria
* Add a test that shows the behaviour, which is skipped for now until a solution is implemented.
* [CORDA-2376]: Unable to make contract attachment trusted if it was received via network (fixed).
* [CORDA-2376]: Wrote some tests.
* [CORDA-2376]: Wrote some tests.
* [CORDA-2376]: Code review changes.
* [CORDA-2376]: Code review changes.
* Fixed incorrect attachment loading integration test
`AttachmentLoadingTests.test that attachments retrieved over the network are not used for code` was a false-positive - it was incorrect on multiple levels. Fixing it required updating the finance:isolated CorDapp, at which point it was given the new MANIFEST metadata for V4, and moved out of the net.corda.finance namespace to avoid package sealing issues.
The new test exposed a bug in the LedgerTransaction verification logic. This was cleaned up as it was too easy to verify on the wrong instance.
The overload that takes in a String does NOT check that the exception thrown has that message, which is what these tests are assuming. Rather it's the assertion message when the test fails.
* CORDA-1839 - Remove race condition between trackBy and notifyAll
* Fix null check
* Improve filtering
* Switch equality test to refs
* Refine filtering of seen updates
* Add entry in the changelog
* Address comments
* Working version
* api-current.txt change to remove diff due to inheritance hierarchy change.
* api-current.txt change to remove warnings of abstract methods in new interfaces.
* Fix indent
TestCordapp has now two implementations to clearly separate the two use cases it has in the Corda repo:
* TestCordappImpl which implements the revised public API of TestCordapp; namely that a TestCordapp instance references a real CorDapp jar on the classpath. This is either an external dependency jar in which case it’s taken as is and given to the node, or it’s a local gradle project in which case it’s compiled using the gradle “jar” task to generate the CorDapp jar. This approach means the jar has all the original CorDapp versioning information, which is important that it’s correct when testing. To this end, TestCordapp only needs to expose the ability to specify the app’s config. All the remaining properties have moved to CustomCordapp.
* CustomCordapp for creating arbitrary custom CorDapps, including specifying the jar’s MANIFEST values. This is internal API and only used for testing the platform. Technically this shouldn’t implement TestCordapp but does so to reduce the complexity of the driver and mock network.
* Split Workflow and contracts of Finance App into separate Cordapps, part 1 - content which is different between OS and ENT is still in contract Cordapp.
* Move CashSelection implementations to workflow module.
* Move CashSelection implmentations to workflow module.
* Move finance module to finance-flows, top level finance module is empty.
* Move finance module to finance-flows, top level finance module is empty.
* Updated build comment.
* Revert publication of combined (contracts and flows) corda-finance.jar (to maintain backwards compatibility with 3rd party cordapps dependent on finance)
* Added backwards compatibility clarification comment.
* Re-instate new cordapp metadata.
* Global rename of `finance-flows` to `finance-workflows` to follow adopted naming conventions.
* Addressed final review comments.
* Rename application to "Corda Finance Demo"
* Generation of original corda-finance jar from new sub-modules.
* Fixed and tested demobench with new split finance contract and workflow jars.
* Renamed finance sub-modules to contracts and workflows.
* Remove Michele!!!
* Minor fix to filtering logic.
* Align CorDapp configuration filename with workflows jar.
* Fix breaks caused by finance module naming changes.
* Final alignment between OS/ENT of finance contract code.
* Make TimedFlows retry forever, and cap the growth of the time out interval.
* Only time flows for restart if that is sensible (i.e. notary flows that actually have an alternative node to talk to).
* Move check for multi node notary into getter so it the `canBeRestarted` attribute can't be set too late.
* Make restartable timed flow a concept on SubFlow metadata and the relevant events so we can handle it properly for subflows based on their metadata.
* Addressing review comments.
* Consistent naming
* Update documentation
* Addressing documentation comments.
* Refactor into attachment service
Fix up mock service
First caching version, but with no invalidation currently
Set cache size
Fix up after rebase
Cache invalidation
Formatting tidy up
Sort out some nullability
Add kdocs.
Unit tests
More unit tests
Fix TODO
Unit test fixes
Unit test fixes
Fixed concurrent invalidating transaction support.
* Correct some transaction concurrency bug, including unit test.
* Added some unit tests for the method I added to persistence.
* Remove some blank lines
* Review feedback
* Fix imports
* Implementation of Contract and Workflow attribute identifiers.
* Fixes following rebase from master.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Fix broken JUnit test.
* Added missing constants.
* Further clean-up.
* Updated documentation.
* Added changelog entry.
* Updated all samples (using new Gradle Plugin 4.0.37 functionality)
* Temporarily resolve gradle plugins from latest published snapshot.
* Temporarily resolve gradle plugins from latest published snapshot.
* Updates following feedback from PR review.
* Move constants into CordappInfo companion object.
* Contract and Workflow attribute `version` to `versionId` (as version is a reserved gradle variable)
* Clarified warning message on incorrect version identifier.
* Align version identifier processing logic with gradle cordapp plugin.
* Updated comment.
* Minor fixes following rebase from master.
* Fixed broken unit test.
* Improved exception reporting.
* Update to use 4.0.37 of Gradle Plugins.
* Added support for combined Contract and Workflow CorDapp info.
* Updated following discussions with Shams + cleanup.
* Updated following Shams PR review.
* Minor API improvements.
* Added missing cordapp info causing deployNodes to fail.
* Exponential back off for retries
* Log back-off
* Jitter back off timing
* Set the minimum back-off to 10s
* Refactor code to be only called when required.
* Spelling
* Make condition purely based on `Chronic` interface
* Make timer a daemon thread
New property database.initialiseAppSchema introduced that allows to turn-off Hibernate DDL generation while leaving Node-specific Liquibase handling enabled.
1) TwoPartyTradeFlowTests - restructured - saving transaction just after creating a state, as it's needed for the next TransactionState to be verified (for non-downgrade rule), enable more tests which were set as @Ignored, left 3 TODOs as 2 tests were slightly modified, need further investigation
2) MockService method loadContractAttachment always returns a dummy Attachment which means it has a default Contract Class Version number 1 used for signature constraints non-downgrade rule.
3) TransactionSerializationTests - added a fake transaction which created fake stated used as input state and using real (not mocked one) implementation of loadContractAttachment
* Modify toString of DBCheckPoint
Fix toString of object DBCheckPoint to remove printing of array in DEBUG log
* Update DBCheckpointStorage.kt
Fix for Code Style Guideline
There was a parallel work done on PersistentKeyManagementService (new table added) while this service has been superseded by BasicHSMKeyManagementService.
Move new table change for the former class to the later one and did some minor cleanup.
Contract class version non-downgrade rule is check by LedgerTransaction.verify().
TransactionBuilder.toWireTransaction(services: ServicesForResolution) selects attachments for the transaction which obey non downgrade rule.
New ServiceHub method loadAttachmentConstraint(stateRef: StateRef, forContractClassName: ContractClassName? = null) retrieves the attachment contract related to transaction output states of given contract class name.
Note: similar sort of changes already made in Ent codebase that fix execution against external DBs.
it will make sense to backport those change to OS to avoid merge conflicts in the future.
TransactionBuilder loads attachment using attachment storage instead of CordappLoader,
contract class version is now Integer (format and stored in db as Integer).
* Hash to signature constraints migration #1
* After rebase from Attachments Classloader commit.
* Simplified implementation without CZ whitelisting and relaxing the no-overlap rule slightly.
* Further simplification.
* Detailed implementation.
* Use fully loaded Cash contract jar for hash to signature constraints migration test.
Additional debug logging.
* Minor cleanup.
* Address PR review feedback.
* Minor fix.
* Fixes following rebase from master.
* Implemented `calculateEntriesHashes` to improve classloader validation performance.
* Address minor PR review comments.
* Added integration tests and some minor fixes.
* Minor fixes following rebase from master.
* Updates and fixes following integration testing.
* Added changelog entry.
* Fix broken unit tests.
* Fix compilation errors in DriverDSL tests after rebase from master.
* Minor fix to test cordapp jar signing using explicit keystore.
* Run hash-to-signature constraints integration test out of process using a non-validating notary.
* Address PR review feedback: contract version from database + other minor changes.
* Address final PR review feedback: remove signed attachment field from attachmentWithContext
* Resolve conflicts following rebase from master.
* Fix failing junit test.
* Fix Kryo serialization error (forgot to write new `version` identifier field)
* Removed redundant query carried over from previous commit.
* Added documentation.
* Fix test case where explicit Hash Constraint input and Signature Constraint output explicitly configured.
* Addressing PR review comments from SA.
* AttachmentQueryCriteria API: added wither methods and Java Unit tests.
* Fixed compilation error caused by Unit tests being in wrong module.
* Added @CordaInternal to canBeTransitionedFrom function.
* Minimized AttachmentClassloader overlap duplicates checking.
* Moved JarSignatureTestUtils and ContractJarTestUtils to internal pending clean-up and documentation before public release.
* Minor fix following rebase from master.
* Removed redundant checkNotNull(networkParameters) checks now that these are always passed into the main (non-deprecated) constructor.
* Remove capitalization.
* Make the default schemes for TLS and identity available from the CryptoService interface.
* Change CryptoService.generateKeyPair to accept SignatureScheme instead of Int.
* CORDA-2115: Notary whitelist verification changes
- For regular and contract upgrade transactions: check that the notary is in the network parameter whitelist
- For notary change transactions: check the the new notary is in the network parameter whitelist. This enabled support for network merging: the old notary doesn't have to be in the current network's notary whitelist for re-pointing old states to another notary.
These checks are done during transaction construction/verification and also by the non-validating notary.
* Address comments
* Remove stale todo
* Use notary whitelist of current network parameters for platform versoin 3
* Cleanup test
* Move `getHistoricNotary` to `HistoricNetworkParameterStorage` in `core.internal`
* Require `newNotary` to be notary on the network map during notary change
* ENT-2666: Don't check for network parameter currentness for now
* Add check for parameters null when version >= 4
* Add check that parameters are known to the node/network
* Add test
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
* Make enforceSingleNodeIsRunning internal for test purposes.
* Test that the file is deleted or the file lock is released to be sure that the node has stopped.
* Additional test for enforceSingleNodeIsRunnin
The overload that takes in a bunch of the node parameters with default values has been fixed to the V3 version. New node parameters since V3 now only exist in NodeParameters.
The reason for this is otherwise each new release of Corda that introduces new node parameters will force a new startNode overload to be added to DriverDSL to preserve backwards compatibility.
NodeParameters has been moved to its own file and logLevel is removed as it doesn't do anything.
* CORDA-2089 - network parameters tags - part
Data structures changes, storage and notarisation.
Tag transactions with network parameters hash that was in force when tx
was created. Add component group on all core transactions and resolved
parameters on full transactions. The hash should be always visible on
the filtered versions of transactions. Add
notarisation check that the parameters are current.
Implement network parameters storage on services for resolution.
This is only part of the work, next PR will include changes to
ResolveTransactionsFlow to make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise).
Probably on network services side we need the default parameters
endpoint for the
transactions that were created before this change - for now it's default
to the current ones.
* Make parameters storage agnostic to cert hierarchy
Test fixes
* Address most PR comments
* Fixes after rebase
* Fixes. Add epoch column to parameters storage.
* Address part of review comments
* Some more comments
* Hopefully fixing what I broke doing rebse
* Address Kostas comments
* Further fixes
* Save all parameters from updates to storage
* Fix integration test
* Address comments
* Fixes after rebase
* Fix test
* Fixes
* Add wrapper for filtering around parameters hash
* API stability fixes
* Add NetworkParametersStorageInternal
* Rename
* Temp commit
* Print the error message first by default, makes error output more natural.
* Polishing
* Further modifications after testing
* Documentation updates
* Couple of fixes after review
* Removing unnecessary tests
* Fix broken test
* Add interface to bootstrapper for testign
* Added unit tests
* Remove unused class
* Fix up bootstrapper unit tests and add a couple more
* Refactor the tests slightly
* Review comments
* Couple of minor tweaks
* Handle reference states in the PresistentUniquenessProvider
* Complete test
* Re-notarise outside time window without input states
* Address comments
* Add missing column name
* First pass
Update test.
Address review comments.
Added docs and kdocs.
Clean-up.
* Addressed review comments.
Changes to docsite.
* First pass at account service.
Added new hibernate schemas and liquibase scripts.
Added indexes to new tables.
Removed mock network.
Removed fresh key for external id from key management service.
Removed some redundant changes.
Rebase to master.
* Clean up.
* Added try/catch block as recommended by Andras.
* Removed accounts test to another branch.
Removed element collections from fungible states and linear states table.
Added a new state_parties table which stores x500 names and public key hashes.
Added a view which can be used to query by external ID.
* Removed try catch block. It's not required as the checkpoint serialiser deals with this.
Re-used existing DB session instead of creating a new session.
Entity manager auto flushes.
* Added java friendly api.
* This is a combination of 10 commits.
This is the 1st commit message:
Shortened table name.
This is the commit message #2:
Minor changes.
This is the commit message #3:
Common criteria parser now returns a predicate set which is concatenated to the predicate sets of sub-class criteria.
This is the commit message #4:
Fixed api compatibility issue.
Reverted some changes to reduce size of PR.
This is the commit message #5:
Multiple states can now be mapped to the same externalId.
Multiple externalIds can now be mapped to the same state.
This is the commit message #6:
Relaxed upper bound type constraint in some of the vault types.
This is the commit message #7:
Added comment to test.
This is the commit message #8:
Changed name of external id to public key join table.
Removed some comments/TODOs.
This is the commit message #9:
Added docs.
General clean up.
This is the commit message #10:
Fixed participants query bug and updated unit test.
* Removed unused code.
* Sign later to make sure the notary service constructs the same serialized bytes
* Add non validating notary tests
* Revert "Sign later to make sure the notary service constructs the same serialized bytes"
This reverts commit cefba5c350.
* Dereference SecureHashes before creating the notarisation request signature
* Update comment
* Address comments
* Undo accidental renaming
* add auto acceptance of certain network parameters
* Remove incorrect nullification of newNetworkParameters object within NetworkMapUpdater
* Automatically update network parameters if update accepted and flag day occured
* Comment cleanup
* Add node configuration for auto accepting network parameter changes
* Remove hot swapping of network parameters
* Add docs for auto accept config flag
* Minor change to log line
* Remove unrelated fix that was corrected on master
* Minor name change within NetworkParameters class
* Minor doc rewording
* Fix typo in docs
* Address PR comments
* Add node config option to turn off network param auto-accept on a per param basis
* Address PR comments
* Fix failing Network Map update integration test
FinalityHandler is insecure in that it is open to receive any transaction from any party.
Any CorDapp targeting platform version 4 or above is required use the new c'tors which take in FlowSession objects to the counterpart flow. This flow must subcall ReceiveFinalityFlow to receive and record the finalised transaction.
Old CorDapps (with target platform version < 4) will continue to work as previously. However if there are no old CorDapps loaded then the node will disable FinalityHandler.
* Make caplet respect all acceptable combinations of cmd line parameters
* If cordapp dir fails to create, still run corda.jar and let it fail gracefully
* Don't parse additional options as the parameter for the previous one.
* Remove commented lines
* First pass
* Update test.
* Address review comments.
* Added docs and kdocs.
* Clean-up.
* Add extra test.
* Changes to docsite.
* Added try/catch block as recommended by Andras.
* Removed try catch block. It's not required as the checkpoint serialiser deals with this.
* Re-used existing DB session instead of creating a new session.
* Entity manager auto flushes.
* Added java friendly api.
* Addressed review comments.
* CORDA-2190: Improve notary service flow exception handling
- Refactored notary flows to reduce validation code duplication
- Improved notarisation error handling to provide more helpful responses to the client
* Replace error code generation technique with custom event re-writer.
Switch to RandomAccessFile appenders because they supposedly give higher throughput.
* Review feedback
* Switch to directory per test and suppress deletion exception on windows
to deal with the fact that NTFS keeps files locked to the running process
once opened.
* Closing files when we're done makes all the file locking issues go away.
* Introduce public subset of config to tweak config via mock net work without exposing internal node config.
* Removal of functions exposing (internal) NodeConfiguration from the public test API
* Code review fixes
* Blank lines removed
* Documented mock network API change in upgrade notes.
* Updated documentation and API doc.
* More documentation/API doc
* Migrated all non-BFT notary implementations to use async commits.
* Mock network: await for async operation completion. When calling runNetwork()
it keeps "pumping" messages between participants until no more messages are generated.
The problem comes in when a flow suspends on an async operation: the mock network
thinks the flow finished the work for the current step, and since no more messages
are generated, completes the runNetwork() function. The message that the flow
generates once it resumes after async operation completion never gets processed.
This change makes runNetwork() wait until all flow async operations finish,
and only then check whether no more messages can be transferred.
* CORDA-2112 Update the `uploader` field upon Node startup for CorDapps where an Attachment is already in a nodes attachment store (from an untrusted source).
* Removed incorrect assertion.
* Fix broken unit test.
* Reverted back throw FileAlreadyExistsException API semantics on public API.
* De-duplicate DuplicateAttachmentException
* Revert original Exception handling logic.
* Remove most contentious bit of mutex in the codebase
Fix up SerializerFactory
Make getSerializerFactory() non-blocking
Workaround for DJVM issues
* Some clean up and also de-contend the RPC client.
* Fix up attachment class loader code.
* Bug fix
By default Cordaps build by corda-gradle-plugins are signed by Corda development key.
In dev mode any key can be used to sign Cordapp JAR .
In production node Corda dev keys were forbidden. This code change allows to opt-out by setting node option cordappSignerKeyFingerprintBlacklist=[] or specify more public keys to blacklist.
The option is used in production only mode.
There were no tests around `CordaRPCOps.uploadAttachmentWithMetadata`
therefore tests have been added to verify that the function works
and saves the correct metadata to the vault
* Tidy up
* Add install-shell-extensions command
* Make cli tests use same version of picocli as everything else
* Remove initLogging from NodeStartup, it is ran earlier by CordaCLIWrapper
* Use picocli snapshot for testing
* Use RunLast() parser to invoke correct subcommands
* Deprecate old clear-network-map-cache parameter
* Restructure NodeStartup for commands
* Get rid of -c option since the flag method has been deprecated and that didn't exist in last release
* Update documentation
* Update backwards compatibility test
* Get all subcommands working
* Refactor sub commands into seperate classes
* Update docs and fix some tests
* Docs changes
* Fix merge conflicts with master
* Fix renamed parameters
* Fix test failure
* Fix compatibility tests
* Add missing compatibility test for blob inspector
* Remove blob inspector compatibility test as there are import conflicts
* Assorted doc fixes
* Addressing review comments
* More review comments
* Couple more bits
* Fix broken tests
* Fix compilation error
* More merge conflicts
* Make startup logging function a bit more sensible
* Fix broken shell extensions
* Make shell extensions work with subcommands
* Make sure parameters for deprecated options are carried through
* More review comments
* Adding some s's
* One last go
* Fix compilation error on Windows
* Revert logging changes
* Revert docs back to their original imperatively moody state
Related to CORDA-1915 Signing CorDapp JARs - Corda node rejects CorDapps signed by our development keys when running in production mode. This prevents Cordapps signed by our dev key (by default) running in production (node devMode=false).
* first attempt at a flowManager
fix test breakages
add testing around registering subclasses
make flowManager a param of MockNode
extract interface
rename methods
more work around overriding flows
more test fixes
add sample project showing how to use flowOverrides
rebase
* make smallest possible changes to AttachmentSerializationTest and ReceiveAllFlowTests
* add some comments about how flow manager weights flows
* address review comments
add documentation
* address more review comments
The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.
* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.
* Remove pre-generated identity config value.
* Split up obtainIdentity() in AbstractNode to make it easier to read.
* A temporary workaround for the bootstrapper tool to support BFT notaries.
* Update docs
* Add upgrade notes
* Fix rebase issue
* Add a config diff for the bft notary as well
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
* CORDA-2113 - Include PNM ID in CSR
If Compatibility Zone operator is using private networks and the node
should be joining one, optionally the ID (a UUID) of that network can be
included as part of the node's CSR to to the Doorman.
* fix broken test
The contract upgrade handler assumes that the state to be upgraded is
created by a WireTransaction. This breaks the upgrade process if it was
in fact issued by a ContractUpgradeWireTransactions or a NotaryChangeWireTransaction.
The entry point to the API has been simplified to just requireing a list of packages to scan, with sensible defaults provided for the metadata. Because of the wither methods, having parameters for the metadata (with default values) seems unnecessary. Also the ability to scan just individual classes has been made internal, as it seems unlikely app developers would need that level of control when testing their apps.
TestCordappImpl is a data class and thus acts as a natural key for the Jar caching, where previously the key was the package names. This fixes an issue where it was not possible to create two CorDapp Jars of the same package but different metadata.
* Move Raft and BFT notaries into separate modules
* Move schemas
* Fix tests & demos
* Modified logic for creating notary services:
Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.
For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.
* Move test namedcache factory to test utils
* Introduce SerializeForCarpenter annotation
* Apply SerializableComputedProperty annotation to Cash.exitKeys, fix bugs
* info -> trace
* Remove annotation from FungibleAsset, as we do not know whether all implementing classes will provide the property as a calculated value
* Remove redundant import
* Explicit lambda params
* Restore explicit import for Enum valueOf
* Moving and rescoping
* More meaningful error message
* Add java test and documentation
* Fix accidentally broken unit test
* Ignore superclass annotation if property not calculated in implementing class
* Exclude calculated properties from Jackson serialisation
* Fix broken test
* Added constraint type information to vault states table.
* Added Vault Query criteria support for constraint data.
* Added documentation and changelog entry.
* Added missing @CordaSerializable.
* Fix minor bug in test setup and parsing code.
* Use binary encoding data types instead of serialize/deserialize.
* Optimized storage of constraints data.
Additional assertions on Vault Query constraint data contents (to validate encoding/decoding).
Tested with CompositeKey containing 10 keys.
* Addressing PR review feedback.
* Query by constraints type and data.
* Revert back accidentally removed code for contractStateType filtering.
* Incorporating final PR review feedback. Use @JvmOverloads on constructor.
* Make sure constraintInfo is class evolution friendly.
* Provide AsyncLoggingContextSelector that inhibits use of thread local storage
* Turn on async logging via log4j properties file
* Mention async logging in the documentation and also explain how to turn it off when required.
* Formatting
* Typo
* Add shutdown hook to flush loggers.
* code review rework
* Ring buffer size to 256kB
* Set maximal log file size to 100MB - should slow down the rolling of log files and give us a bit more history on the cluster.
The old limit of max 10GB of compressed log files still stands.