Commit Graph

9881 Commits

Author SHA1 Message Date
Rick Parker
43168387b4
ENT-8794 Delay closing of attachment class loaders (#7267)
* Delay closing of attachment class loaders until all SerializationContext that refer to them (from BasicVerifier) have gone out of scope.

More comments

* Avoid any concurrency issues with queue processing

* Better concurrency behaviour

* Stop re-using attachment URLs as it turns out we can't close the URLClassLoaders when URLs are shared

* Refactor to use a ReferenceQueue.

Co-authored-by: Chris Rankin <chris.rankin@r3.com>
2022-11-15 09:25:54 +00:00
Viktor Kolomeyko
1733b568e2
NOTICK: Remove vkolomeyko and rekalov from code owners file (#7265) 2022-11-09 16:37:52 +00:00
Connel McGovern
aa72dec0f2
NOTICK: Add CORDA_USE_CACHE environment variable (#7262) 2022-11-07 20:05:01 +00:00
Adel El-Beik
b6f6ca3fe1
Merge pull request #7259 from corda/adel/ENT-6993
ENT-6993: Upgrade BC to 1.70
2022-11-04 10:25:18 +00:00
Adel El-Beik
e0457d6762 ENT-6993: Reverting back to BC 1.70. 2022-11-03 09:18:47 +00:00
Adel El-Beik
79babc999c ENT-6993: Upgrade BC to 1.72. 2022-11-02 15:32:18 +00:00
Adel El-Beik
de76ebab23
ENT-6975: Update Zulu docker files to use Zulu JDK 352. (#7256) 2022-10-31 08:47:40 +00:00
Adel El-Beik
7a133f687c
ENT-6893: First cut of telemetry integration. (#7247)
First cut of telemetry integration.

Open telemetry can be enabled in two ways, first is via an opentelemetry java agent specified on the command line. With this way you get the advantage of spans created from other libraries, like hibernate. The java agent does byte code rewriting to insert spans.
The second way is with the open telemetry driver (that links with the opentelemetry sdk). This is a fat jar provided with this project and needs to go into the node drivers directory.
2022-10-28 14:41:39 +01:00
Rick Parker
bdcd25477d
ENT-7039: Notary signature checking requires non-interned SecureHashes. (#7254)
There was a mistake made when we first introduced notary request signature checking, in that we didn't wrap it in SerializedBytes so it always got deserialized as part of the flow message payload. So to check the signature, it has to be re-serialized. This means for cross-version compatibility we can never change the serialized format of NotarisationRequest. In this case we need make sure that every SecureHash mentioned in that data structure is a distinct instance, even if the values are repeated / identical, as that is how it was in Corda 1.

With the introduction of interning of SecureHash, this ceased to be true once again, including undoing the attempts to force it on the sending side that had been introduced in previous versions of Corda. So here we introduce a way to force it, and consolidate the forcing to distinct SecureHash instances in the NotarisationRequest itself, rather than leaving to the caller of the constructor to remember to do it, so that serialized form will always be as per Corda 1.
2022-10-28 14:03:47 +01:00
omahs
a627355543
NOTICK: Fix typos (#7255)
Fix: typos
2022-10-28 12:33:39 +02:00
Adel El-Beik
3fd3baa507
Merge pull request #7253 from corda/cc/os/4.9/ent-7034/upgrade_commons_text
ENT-7034 - Upgraded shiro and commons-text to address security issues
2022-10-19 12:48:11 +01:00
Chris Cochrane
0997b49b24
Upgraded shiro and commons-text to address security issues 2022-10-19 10:48:27 +01:00
Adel El-Beik
4638df0a69
Merge pull request #7252 from corda/cc/release/os/4.10/ent-7034/upgrade_apache_commons_text
ENT-7034 - Upgraded shiro and apache commons-text, to address security issues.
2022-10-18 09:43:30 +01:00
Rick Parker
b29713d7b9
ENT-6947 Intern common types to reduce heap footprint (#7239)
ENT-6947: Implement interning for SecureHash, CordaX500Name, PublicKey, AsbtractParty and SignatureAttachmentConstraint, including automatic detection of internable types off companion objects in AMQP & Kyro deserialization.  In some cases, add new factory methods to companion objects, and make main code base use them.

Performance tested in performance cluster with no negative impact visible (so default concurrency setting seems okay).

Testing suggests 5-6x memory saving for tokens in TokensSDK in memory selector.  Should see approx. 1 million tokens per GB or better (1.5 million for the tokens we tested with).
2022-10-18 09:28:41 +01:00
Chris Cochrane
64d31d3fb3
Upgraded shiro and apache commons-text, to address security issues. 2022-10-17 17:44:32 +01:00
Adel El-Beik
3238638f22
Merge pull request #7251 from corda/adel/ENT-6975
ENT-6975: Updated docker jdk version to 345 for zulu ubuntu and 8u342…
2022-10-17 16:51:44 +01:00
Adel El-Beik
c23f74bc3f ENT-6975: Updated docker jdk version to 345 for zulu ubuntu and 8u342-al2 for amazon corretto. 2022-10-14 12:09:34 +01:00
Adel El-Beik
670c7d49c1
Merge pull request #7249 from corda/cc/os/4.10/ent-6903/revert_netty_version
ENT-6903 - Reverted netty back to 4.1.77.Final
2022-10-06 15:02:03 +01:00
Chris Cochrane
1ec93f01e1
Reverted netty back to 4.1.77.Final 2022-10-06 12:33:36 +01:00
Chris Cochrane
0ab4ac94c8
ENT-6903 - address security issues reported by Snyk (#7244)
ENT-6903: Update versions of BC, Shiro, Netty okhttp
Also updated platform version to 12.
2022-09-30 17:49:21 +01:00
Adel El-Beik
70c9bbc30a
Merge pull request #7243 from corda/cc/os/4.10/ent-6856/tls_handshake_failure_retry
ENT-6856 - Do not black-list AMQP targets that suffer a handshake failure
2022-09-13 16:27:27 +01:00
Chris Cochrane
5ca5b8d096
Do not black-list AMQP targets that suffer a handshake failure 2022-09-13 11:41:19 +01:00
Ronan Browne
242d7d45c5
Merge pull request #7241 from corda/knguyen/INFRA-1856/update_pr_scanner_version
INFRA-1856: Update pr scanner version
2022-09-12 08:57:23 +01:00
Khoi Nguyen
f24fa96a53 INFRA-1856: Update pr scanner version
* Updated version use by pr scanner to v1.6.1
2022-09-09 16:20:56 +01:00
Jan Szkaradek
6f32d3d369
added modules for snyk scanning (#7231) 2022-09-02 14:17:53 +02:00
Jan Szkaradek
19c8dd5cfb
added modules for snyk scanning (#7232) 2022-09-02 14:17:31 +02:00
Jan Szkaradek
cb42ae2980
added modules for snyk scanning (#7233) 2022-09-02 14:17:03 +02:00
Jan Szkaradek
ea9f29e0bd
added modules for snyk scanning (#7234) 2022-09-02 14:16:39 +02:00
Jan Szkaradek
c89ce8e29d
added modules for snyk scanning (#7235) 2022-09-02 14:16:11 +02:00
Jan Szkaradek
eb50c8d22e
added modules for snyk scanning (#7236) 2022-09-02 14:15:36 +02:00
Ronan Browne
0ca969913a
Merge pull request #7229 from corda/jansz/INFRA-1844/snyk-scan-capsule-setup-4.10
INFRA-1844 Changed Snyk scan to check only the subprojects of node
2022-08-23 09:53:19 +01:00
Ronan Browne
8afcf57e38
INFRA-1844: tidy up and expand scanning of projects 2022-08-22 19:28:37 +01:00
Ronan Browne
1e5b18c3b7
NOTICK: scan runtime classpath 2022-08-19 14:22:32 +01:00
Adel El-Beik
ed94752680
Merge pull request #7228 from corda/cc/ent-6913/kdocs_update_quick_rpc
ENT-6913 - Updated KDoc for quick RPCs
2022-08-18 17:21:17 +01:00
JanSzkaradek
293af38e28 changed snyk scan target 2022-08-18 15:58:17 +01:00
Chris Cochrane
14e2ef3478
Updated KDoc for quick RPCs 2022-08-18 13:02:20 +01:00
Viktor Kolomeyko
6d0875076f
Merge pull request #7225 from corda/cc/merge/os-4.9/os-4.10/01-Aug-2022
ENT-6885 - cc/merge/os 4.9/os 4.10/01 aug 2022
2022-08-01 17:43:54 +01:00
Chris Cochrane
877e00f8d3
Fwd-merge from OS-4.9 2022-08-01 13:00:57 +01:00
Chris Cochrane
878f0bba8b
ENT-6885: Added build option to specify the version of Apache commons-configuration2 (#7224)
Added a build.gradle option to specify the version of Apache commons-configuration2 to build with, overriding whatever version is pulled in by Artemis Server.
This is to address Nexus security vulnerability reported for Apache commons-configuration2 v2.7.

This change was previously applied in Ent-4.9 and was shown to remove the critical security issues reported by Nexus. See [PR-4652](https://github.com/corda/enterprise/pull/4562) for more info about that.

The Corda jar was built locally and then scrutinised, revealing that it had Apache commons-configuration2 v2.8.0 included within.
2022-07-29 17:33:13 +01:00
Ronan Browne
f9b8af85c2
Merge pull request #7223 from corda/add-snyk-scan-4.10
INFRA-1805 Add snyk scan 4.10
2022-07-29 17:43:34 +02:00
ronanbrowne88
212cd2214c CORE-4769 add snyk scan open source 4.4 2022-07-29 09:30:16 +01:00
ronanbrowne88
cc929e3b5b INFRA-1805 add snyk scanning to corda os 4.4 2022-07-29 09:25:32 +01:00
Ronan Browne
24c3e53435
Merge pull request #7222 from corda/add-snyk-scan-4.9
INFRA-1820: add snyk scanning to 4.9
2022-07-28 09:25:09 +02:00
ronanbrowne88
8cf512e6e5 CORE-4769 add snyk scan open source 4.4 2022-07-27 21:41:25 +01:00
ronanbrowne88
8644ab38ff INFRA-1805 add snyk scanning to corda os 4.4 2022-07-27 21:40:44 +01:00
Ronan Browne
aff501fadb
Merge pull request #7221 from corda/add-snyk-scan-4.8
INFRA-1820 Add snyk scan 4.8
2022-07-27 18:41:36 +02:00
ronanbrowne88
d757682291 CORE-4769 add snyk scan open source 4.4 2022-07-27 12:49:53 +01:00
ronanbrowne88
b1afd88f13 INFRA-1805 add snyk scanning to corda os 4.4 2022-07-27 12:48:39 +01:00
Ronan Browne
89a4259c78
Merge pull request #7220 from corda/add-snyk-scan-4.7
INFRA-1805: Add snyk scan 4.7
2022-07-27 13:47:31 +02:00
ronanbrowne88
9425bb5c19 INFRA-1697 minor tidy up 2022-07-26 18:15:01 +01:00