Commit Graph

54 Commits

Author SHA1 Message Date
Viktor Kolomeyko
d6fc10e632
ENT-6784: Change special provisions for Artemis Server logging (#7174)
As a side effect of enabling warnings for Artemis was the following messages to be produced in the Node's log:
```
[WARN ] 2022-05-16T14:53:01,203Z [main] core.server. - AMQ222165: No Dead Letter Address configured for queue rpc.server in AddressSettings
[WARN ] 2022-05-16T14:53:01,203Z [main] core.server. - AMQ222166: No Expiry Address configured for queue rpc.server in AddressSettings
...
[WARN ] 2022-05-16T14:53:01,885Z [Thread-1 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@70eb0c59)] core.server. - AMQ222165: No Dead Letter Address configured for queue p2p.inbound.DL5WQBEduTfiTzdLkg7iXcz5vY4oaJNdJr7Y4xaLvYszPj in AddressSettings
[WARN ] 2022-05-16T14:53:01,885Z [Thread-1 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@70eb0c59)] core.server. - AMQ222166: No Expiry Address configured for queue p2p.inbound.DL5WQBEduTfiTzdLkg7iXcz5vY4oaJNdJr7Y4xaLvYszPj in AddressSettings
```

To suppress them a dedicated filter been added.
The change to logging configuration been tested locally using out-of-process integration tests.
2022-05-18 15:15:06 +01:00
Viktor Kolomeyko
835321bb70
ENT-6286: OS: Upgrade version of Artemis to 2.19.1 (#6975)
Fixes DDoS attack mentioned on the Jira ticket.

PR upgrades Artemis library to version 2.19.1.
This is our own release of Apache Artemis library which has vulnerability fix for v2.20 applied.

**_Breaking changes discovered during Artemis upgrade:_**
1. When the queue is created as temporary, it needs to explicitly be specified as non-durable.
2. By default, Artemis Client performs Host DNS name check against the certificate presented by the server. Our TLS certificates fail this check and this verification has to be explicitly disabled, see use of: `TransportConstants.VERIFY_HOST_PROP_NAME`.
3. Artemis Server now caches login attempts, even unsuccessful ones. When we add RPC users dynamically via DB insert this may have an unexpected outcome if the user with the same `userName` and `password` was not available previously.
To workaround permissions changing dynamically, authorization and authentication caches had to be disabled.
4. When computing `maxMessageSize`, the size of the headers content is now taken into account as well.
5. Artemis handling of start-up errors has changed. E.g. when the port is already bound.
6. A number of deprecated APIs like: `createTemporaryQueue`, `failoverOnInitialAttempt`, `NullOutputStream`, `CoreQueueConfiguration`.
7. Log warning message is produced like: `AMQ212080: Using legacy SSL store provider value: JKS. Please use either 'keyStoreType' or 'trustStoreType' instead as appropriate.`
8. As reported by QA, Artemis now produces more audit logging more details [here](https://r3-cev.atlassian.net/browse/ENT-6540). Log configuration been adjusted to reduce such output.
2022-01-21 09:18:14 +00:00
Ryan Fowler
2ca10464b7
CORDA-3845: Update BC, log4j, slf4j (#6464)
* CORDA-3845: Update BC to 1.64

* CORDA-3845: Upgraded log4j to 2.13.3

* We can remove the use of Manifests from the logging package so that when _it_ logs it doesn't error on the fact the stream was already closed by the default Java logger.

* Some more tidy up

* Remove the logging package as a plugin

* latest BC version

* Remove old test

* fix up

* Fix some rebased changes to log file handling

* Fix some rebased changes to log file handling

* Update slf4j too

Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2020-07-23 16:37:29 +01:00
Viktor Kolomeyko
1c48418904
NOTICK: Remove relaxedThoroughness variable (#6483)
It is:
a. No longer works in Jenkins
b. May result spawning 100s of process that kill Windows build. Evidence: https://ci02.dev.r3.com/blue/organizations/jenkins/Corda-Enterprise%2FCorda-ENT-MS-Win-Compatibility%2Fenterprise/detail/PR-3553/25/pipeline/
2020-07-21 09:58:29 +01:00
Chris Rankin
493a92ca39 Merge commit '5b50ef49bcca2d1be8bb0604e1be167e3bb5da24' into chrisr3-44-merge 2020-03-06 09:55:00 +00:00
Rick Parker
e5a8888232
CORDA-3644: Add Corda-Testing tag to test artifacts' MANIFEST.MF. (#6032) 2020-03-05 17:39:55 +00:00
Christian Sailer
e38cd9ec63
ENT-5043 separate out test utils (#5998)
* Remove unused dependencies from test-common

* Explicit imports and formatting

* Add core-test-utils project

* Add dependency

* Move Kryo serialization context to node-api (not serialization as we do not want to pull kryo into the serialization lib)

* Move AMQP server serialization scheme to node api

* Move serialization tests to node-api

* Move internal test helpers without further dependencies.

* Move out some types from RPCClientProxyHandler to node-api in preparation for moving the AMQP scheme

* Move client AMQP context to node-api so we can move the test serialization rule out.

* Move InternalSerializationTestHelpers to core-test-utils

* Moved testing.core to core-test-utils

* Make detekt happy

* Add api-scanner to core-test-utils

* Remove inlined package names introduced by IntelliJ refactoring

* Update api-current.txt to account for reordering.

* Add core-test-utils to list of published artifacts.

* Add missing import

* Location of things in api text has moved again (publish name of artefact?)

* Revert all additions to the API, leaving just the reordering

* Code review: fix up core-test-utils build.gradle and introduce kryo version constant.

* Remove OpenSsl flag from ssl config stub (can't be used from node-api)

* Suppress detekt warning

* Move core test util tests to the right module

* Expose kotlin test as a transient dependency - projects have come to rely on that.

* Fix typo in package name
2020-03-03 15:55:17 +00:00
Stefano Franz
b23af5f0d2
add timeouts to all tests (#5875) 2020-02-11 10:14:05 +00:00
Shams Asari
2152961d46
CORDA-2333: Dependency update pass for tests and demos (#5211) 2019-06-13 10:15:13 +01:00
Chris Rankin
b9f7c1a08a CORDA-2893, ENT-3422: Tweak JUnit 5 configurations to keep vintage engine off compile classpaths. (#5138)
* Tweak JUnit 5 configurations to keep vintage engine off compile classpaths.

* Configure Gradle tests to use JUnit 5.
2019-05-20 11:57:56 +01:00
Dominic Fox
0b63157a4b ENT-3422 Add JUnit 5 dependencies to all projects (#5084)
* ENT-3422 Add JUnit 5 dependencies to all projects

* Remove explicit junit 4 imports where not needed

* Minor PR fixes

* Limit import scope
2019-05-15 16:40:12 +01:00
Stefan Iliev
e4615f7f47 CORDA-2586 explorer exception handling (#4957)
* Initial version of new(old) dialog that won't print a stacktrace for rpc exceptions.

* Decoupled CordaVersionProvider. Moved common files to common-logging to lower dependencies on the node explorer.

* Removed unused import and duplicate documentation comment.

* Moved error code rewrite policy in the new common/logging module according to PR review.

* Removed extra line.

* Updated log4j configurations with new package name where logging policies will be contained.

* Included common-logging module with cliutils.
2019-04-09 19:14:37 +00:00
Dominic Fox
c2ad64ccde CORDA-2802 use eventually to wait (#4932)
* CORDA-2802 use eventually to wait

* Catch Exception, not Throwable
2019-03-26 16:01:06 +00:00
szymonsztuka
7a4b6b3e44
CORDA-2405 Update versions of whitelisted attachments (#4549)
The version of contract attachments that are whitelisted should be read from NetworkParameters.whitelistedContractImplementations.
It use the lattes network map from db with the highest epoch.
2019-01-13 11:38:19 +00:00
Anthony Keenan
af75a05502
Fix irs-demo dependency issues (#4438)
* Fix irs-demo dependency issues

* Fixed a problem with the IRS demo test JAR.

* Fixed deployNodes problem and log4j info statement.
2018-12-20 12:31:16 +00:00
Andrius Dagys
838c99c6e4 CORDA-2115: Notary whitelist verification changes (#4293)
* CORDA-2115: Notary whitelist verification changes

- For regular and contract upgrade transactions: check that the notary is in the network parameter whitelist
- For notary change transactions: check the the new notary is in the network parameter whitelist. This enabled support for network merging: the old notary doesn't have to be in the current network's notary whitelist for re-pointing old states to another notary.

These checks are done during transaction construction/verification and also by the non-validating notary.

* Address comments

* Remove stale todo

* Use notary whitelist of current network parameters for platform versoin 3

* Cleanup test

* Move `getHistoricNotary` to `HistoricNetworkParameterStorage` in `core.internal`

* Require `newNotary` to be notary on the network map during notary change
2018-12-04 13:54:24 +00:00
Michele Sollecito
a9ff8a0818
[CORDA-2278]: KillFlow RPC operation is not releasing soft locks. (#4332)
* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.

* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.

* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.

* [CORDA-2278]: Seems to be working. Leaving the test to ensure no future regressions.
2018-11-30 13:10:19 +00:00
Rick Parker
9277042db8
ENT-2695 Restore async logging (#4195)
* Replace error code generation technique with custom event re-writer.
Switch to RandomAccessFile appenders because they supposedly give higher throughput.

* Review feedback
2018-11-08 14:33:45 +00:00
Michal Kit
6f005605aa
CORDA-2187 & CORDA-2038: reverting maxTransactionSize <= maxMessageSize (#4166)
* CORDA-2187 reverting maxTransactionSize <= maxMessageSize

* Addressing review comments

* Increasing the maxTransactionSize for the Bootstrapper

* Updating the testNetworkParameters
2018-11-07 09:28:27 +00:00
Viktor Kolomeyko
88f368134f
ENT-2610: Separate passwords for store and for private keys in Corda OS. (#4090)
* ENT-2610: Separate passwords for store and for private keys in Corda OS.

When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.

Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.

Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.

Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.

* ENT-2610: Address PR input from @kchalkias

* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/

* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/

In the implementation of `CertificateStoreSupplier`
2018-10-22 07:11:27 +01:00
Michele Sollecito
d01dd22419
[CORDA-1937]: Refactor NodeConfiguration hierarchy. (#3856) 2018-09-04 10:26:10 +01:00
Shams Asari
eee2563bfa
CORDA-1660: Wiring up the CordaRPCClient class loader to the p2p serialisation context. (#3454)
This is to allow the standalone shell to be able to receive WireTransactions containing Cash.State objects.
2018-06-27 17:02:35 +01:00
Shams Asari
baa73ab141
Revert back logging of tests (#3305) 2018-06-05 15:58:38 +01:00
Michele Sollecito
e34bce9f3f
[CORDA-1582]: Shell is back to logging only useful information. (#3296) 2018-06-05 09:25:47 +01:00
Michele Sollecito
fc020bca4b
[CORDA-1575]: Out of process nodes started by the driver do not log to file (fix). (#3286) 2018-06-01 16:16:23 +01:00
Michele Sollecito
7c87353bde
[CORDA-1547]: Make log4j2.xml files more resilient to regex escaping problems. (#3254) 2018-05-29 15:25:52 +01:00
Michele Sollecito
48f89e9ff8
[CORDA-1526]: Ensure MDC is printed in logs only if not empty. (#3222) 2018-05-23 13:23:02 +01:00
Katarzyna Streich
24fa695ca0
CORDA-866: Implement removal of stale nodes from network - backport (#3128)
* CORDA-866: Implement removal of stale nodes from network

Backported

* Implement removal of stale nodes from network

Add eventHorizon to NetworkParameters structure. Add republishing of
node info on 1 day intervals - it is treated by network map as heartbeat from node indicating if it's alive or not. Add removal of old node infos on network map signing.

* Add copy method to NetworkParameters data class

Add JvmOverloads annotation to the constructor, because it's data class
exposed in API

* Fix test
2018-05-15 12:10:04 +01:00
Michal Kit
ab80df342a
CORDA-1319 Adding CRL checking for nodes (#2987)
* Adding CRL support for nodes

* Addressing review comments
2018-04-30 09:26:26 +01:00
Shams Asari
65525d74e7
CORDA-1325: Bootstrapper unable to whitelist two versions of the same contract simultaneously (#2980)
Also added unit tests
2018-04-24 10:51:24 +01:00
Shams Asari
d3446e213c
Introduced a few more extension methods to Path, which are clearer than the static methods in Files. (#2985)
Also migrated code away from the old File API.
2018-04-23 14:31:49 +01:00
ags
3b3614c13b
Removed a reference to a logger not present in tests 2018-03-07 14:50:34 +00:00
Andrzej Grzesik
803ce15b32
Corda-1155 - Jolokia logging via slf4j (#2753)
* Jolokia logging through slf4j

* review remarks
2018-03-07 13:23:00 +00:00
szymonsztuka
72074c76c7
[CORDA-792] Standalone Shell (#2663)
- Existing embedded Shell connects via RPC including checking RPC user credentials (before was a direct use of CordaRPCOps):  in dev mode when console terminal is enabled, node created `shell` user.
- New Standalone Shell app with the same functionalities as Shell: connects to a node via RPC Client,  can use SSL and run SSH server.
2018-03-07 09:57:32 +00:00
Michele Sollecito
5be0e4b39e
[CORDA-941]: Add NetworkParameters contract implementation whitelist. (#2580) 2018-02-23 14:29:02 +00:00
Shams Asari
71c94f8a9d
Reversing the introduction of GlobalProperties (by CORDA-961), and added NetworkParameters to ServicesForResolution instead. (#2563)
Also, replaced the maxTransactionSize parameter of the driver and MockNetwork with NetworkParameters.
2018-02-19 12:23:59 +00:00
Patrick Kuo
c8cf46c657
CORDA-961 Wire up and enforce max transaction size (#2465)
* wire up and enforce max transaction size

* fixup after rebase
moved network parameter from AbstractNode to NodeProperties

* removed TODO

* fix broken import

* address PR issues

* remove API breaking change
address PR issue

* added max transaction size to driver and mock network.
address PR issues

* fix failing test

* added TODO

* fix verifier test

* fix spring driver build error
2018-02-09 14:48:45 +00:00
Katarzyna Streich
6acff3a7df
First approach to network parameters updates (#2412)
* Network parameters updates

Add two RPC methods networkParametersFeed and
acceptNewNetworkParameters. Implementation of client handling of network
parameters update event. Partial implementation of accepting new
parameters and installing them on the node as well as node startup with
updated parameters.

Move reading of network parameters on startup to separate
NetworkParametersReader class. Add tests.

Move NetworkParameters and NotaryInfo classes to core.

* Ignore evolvability test - to be fixed later

* Add documentation on update process
2018-02-08 14:31:43 +00:00
Andrzej Cichocki
ea57639a37
CORDA-924 Fix IntegrationTestingTutorial (#2349)
i.e. H2 startup bug. also:
* Fix poor connection pool discipline
* Log cleanup failures instead of replacing foreground failure
2018-01-17 14:23:13 +00:00
Andrzej Cichocki
8a3299fa2a
CORDA-716 Configure api scanner for test modules (#2259) 2018-01-04 10:09:04 +00:00
Shams Asari
00a5e3db6b CORDA-830 Introducing the network bootstrapper
Copying of the node-info files moved out of Cordform and into NetworkParametersGenerator (which is now called NetworkBootstrapper). This class becomes an external tool to enable deployment of nodes in a test setup on a single filesystem.
2017-12-17 23:49:57 +00:00
Katarzyna Streich
02ad2b8b60
Fix LargeTransactionTest (#2265) 2017-12-15 16:53:57 +00:00
Katarzyna Streich
550469ea38
Wire part of network parameters (#2187)
* Take maximum message size from network parameters

* Add epoch handling

* Add handling of network parameters mismatch

Change NetworkMapClient and updater, add handle in
AbstractNode that results in node shutdown on parameters mismatch. Later
on we should implement proper handling of parameters updates.
Add tests of NetworkParameters wiring.

When node starts with compatibilityZone url configured it takes
networkParameters from the networkMap.

* Permit only one network parameters file

On node startup network parameters are read from node's base directory,
we permit only zero or one files to be there. If network map server is
configured the parameters can be downloaded at startup (if not present
in the directory already).

* Update docs on network map endpoints
2017-12-15 11:13:15 +00:00
Shams Asari
fdc31091a6 Merge branch 'feature-network-parameters' into shams-master-merge-291117
# Conflicts:
#	constants.properties
#	gradle-plugins/cordformation/src/main/kotlin/net/corda/plugins/Cordform.kt
#	gradle-plugins/cordformation/src/main/kotlin/net/corda/plugins/Node.kt
2017-11-30 12:05:42 +00:00
Katarzyna Streich
c9f3e98795
Another approach to fixing deployNodes task and network parameters generation (#2066)
* Generate networkParameteres for Cordformation.

Fix deployNodes task in Cordformation to generate NetworkParameters before running the nodes.
Add TestNetworkParametersGenerator utility loaded after node infos generation step.

* Get rid of bouncy castle provider dependency
For cordform-common. It caused problems with loading our custom
X509EdDSAEngine for generation of network parameters in deployNodes
task.
2017-11-30 10:39:29 +00:00
Shams Asari
71763ff1d3 Merge branch 'master' into shams-master-merge-291117
# Conflicts:
#	node/src/main/kotlin/net/corda/node/internal/AbstractNode.kt
#	node/src/main/kotlin/net/corda/node/services/network/PersistentNetworkMapCache.kt
#	node/src/test/kotlin/net/corda/node/services/messaging/ArtemisMessagingTests.kt
#	samples/notary-demo/src/main/kotlin/net/corda/notarydemo/BFTNotaryCordform.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/demorun/DemoRunner.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/MockNode.kt
2017-11-29 18:00:16 +00:00
Patrick Kuo
572c4af40c
Use NetworkMap and SignedNetworkMap in NetworkMapClient, and enable signature verification. (#2054)
* new network map object for network map, and verify signature and root in Signed network map and node info

* fixup after rebase

* * added certificate and key to network map server
* move DigitalSignature.WithCert back to NetworkMap.kt, as its breaking API test, will raise another PR to move it back.
* Make DigitalSignature.WithCert not extend WithKey, as per PR discussion.
* various fixes after rebase.

* move Network map back to core/node, as its breaking API test

* revert unintended changes

* move network map objects to node-api
2017-11-29 15:55:13 +00:00
Shams Asari
4ca54b73fe Added tests to make sure the platform version is correctly available 2017-11-27 17:04:19 +00:00
Shams Asari
9097107d2e Revert "Revert "Introducing network parameters.""
This reverts commit 953a4a3790.
2017-11-21 15:05:24 +00:00
Shams Asari
953a4a3790 Revert "Introducing network parameters."
This reverts commit d04e487
2017-11-17 10:04:38 +00:00