* Allow sandboxes to share a parent classloader.
* Tidy up DJVM test code.
* Add review fixes.
* Declare SandboxClassLoadingException as a RuntimeException. This preserves the SandboxClassLoader.loadClass(String) contract from Java.
* Also add extra test cases.
* Tidy up
* Add install-shell-extensions command
* Make cli tests use same version of picocli as everything else
* Remove initLogging from NodeStartup, it is ran earlier by CordaCLIWrapper
* Use picocli snapshot for testing
* Use RunLast() parser to invoke correct subcommands
* Deprecate old clear-network-map-cache parameter
* Restructure NodeStartup for commands
* Get rid of -c option since the flag method has been deprecated and that didn't exist in last release
* Update documentation
* Update backwards compatibility test
* Get all subcommands working
* Refactor sub commands into seperate classes
* Update docs and fix some tests
* Docs changes
* Fix merge conflicts with master
* Fix renamed parameters
* Fix test failure
* Fix compatibility tests
* Add missing compatibility test for blob inspector
* Remove blob inspector compatibility test as there are import conflicts
* Assorted doc fixes
* Addressing review comments
* More review comments
* Couple more bits
* Fix broken tests
* Fix compilation error
* More merge conflicts
* Make startup logging function a bit more sensible
* Fix broken shell extensions
* Make shell extensions work with subcommands
* Make sure parameters for deprecated options are carried through
* More review comments
* Adding some s's
* One last go
* Fix compilation error on Windows
* Revert logging changes
* Revert docs back to their original imperatively moody state
Related to CORDA-1915 Signing CorDapp JARs - Corda node rejects CorDapps signed by our development keys when running in production mode. This prevents Cordapps signed by our dev key (by default) running in production (node devMode=false).
* first attempt at a flowManager
fix test breakages
add testing around registering subclasses
make flowManager a param of MockNode
extract interface
rename methods
more work around overriding flows
more test fixes
add sample project showing how to use flowOverrides
rebase
* make smallest possible changes to AttachmentSerializationTest and ReceiveAllFlowTests
* add some comments about how flow manager weights flows
* address review comments
add documentation
* address more review comments
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Disruptive change to `CertificateStore` (will cause compilation failures)
* ENT-2610: Address compilation failures caused by separation of `storePassword` and `keyPassword` e.g. in `X509KeyStore`
* ENT-2610: Docs update to flag that passwords have to be the same due to Artemis limitations.
* ENT-2610: Make changes to `bridge` module.
Make private key password optional in `BridgeSSLConfigurationImpl` and extend `ConfigTest`.
Also improve exception reporting when necessary option is missing.
* ENT-2610: Fixes to `bridge` integration tests.
* ENT-2610: Whenever it comes to Dev node certificates ensure that private key password is the same as store password
or else Artemis is not going to accept that, see comment in DevIdentityGenerator.
* ENT-2610: More unit test fixes
* ENT-2610: More integration tests fixes
* ENT-2610: Fix netty code to use `privateKeyPassword` where necessary
* ENT-2610: Remove the use of `keyPassword` for `trustStore`
* ENT-2610: Compilation fixes after merge from `master`
* ENT-2610: Add an integration test which proves that diff. passwords work
* Move testplans and sensitive config out of resources into a new data directory. Required code/config changes for that to work.
Server RMI mappings are now mandatory on the cmd line when using ssh tunnels, no more defaults in the resources.
* Add sample test plans that show what we do without having any passwords or hostnames in them.
* Add more descriptions/comments to the sample test plans.
* Visibility settings and annotations to stop warnings when running notary healthcheck.
* Add progress trackers so the warnings about unstarted progress trackers disappear.
* Fix changelog file
* Fix file path to changelog
* Standardise the naming scheme for notary cordapps.
* Revert "Standardise the naming scheme for notary cordapps."
This reverts commit 7cd42f6
* Standardise the naming scheme for notary cordapps in a better way.
* Publish to artifactory
The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.
* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.
* Remove pre-generated identity config value.
* Split up obtainIdentity() in AbstractNode to make it easier to read.
* A temporary workaround for the bootstrapper tool to support BFT notaries.
* Update docs
* Add upgrade notes
* Fix rebase issue
* Add a config diff for the bft notary as well
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
NodeStartup - added back Enterprise only serialization case for Oracle database in NodeStartup,
added deduplicationId to execute method in classes overriding FlowAsyncOperation
* First phase of supporting exceptions within the DJVM.
* Suppress unwanted inspection warnings about Kotlin/Java Map.
* Add support for exception stack traces within the sandbox.
* Simple review fixes.
* Extra fixes after review.
* Add DJVM support for String.intern().
* Partially restore implementation of SandboxClassLoader.loadClass().
* More review fixes.