* add auto acceptance of certain network parameters
* Remove incorrect nullification of newNetworkParameters object within NetworkMapUpdater
* Automatically update network parameters if update accepted and flag day occured
* Comment cleanup
* Add node configuration for auto accepting network parameter changes
* Remove hot swapping of network parameters
* Add docs for auto accept config flag
* Minor change to log line
* Remove unrelated fix that was corrected on master
* Minor name change within NetworkParameters class
* Minor doc rewording
* Fix typo in docs
* Address PR comments
* Add node config option to turn off network param auto-accept on a per param basis
* Address PR comments
* Fix failing Network Map update integration test
Temporally treating META-INF/INDEX.LIST as unsignable entry because java.util.jar.JarVerifier doesn't load its signers. https://r3-cev.atlassian.net/browse/CORDA-2177 for further investigation.
* first attempt at a flowManager
fix test breakages
add testing around registering subclasses
make flowManager a param of MockNode
extract interface
rename methods
more work around overriding flows
more test fixes
add sample project showing how to use flowOverrides
rebase
* make smallest possible changes to AttachmentSerializationTest and ReceiveAllFlowTests
* add some comments about how flow manager weights flows
* address review comments
add documentation
* address more review comments
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
The contract upgrade handler assumes that the state to be upgraded is
created by a WireTransaction. This breaks the upgrade process if it was
in fact issued by a ContractUpgradeWireTransactions or a NotaryChangeWireTransaction.
* Move Raft and BFT notaries into separate modules
* Move schemas
* Fix tests & demos
* Modified logic for creating notary services:
Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.
For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.
* Move test namedcache factory to test utils
* Added constraint type information to vault states table.
* Added Vault Query criteria support for constraint data.
* Added documentation and changelog entry.
* Added missing @CordaSerializable.
* Fix minor bug in test setup and parsing code.
* Use binary encoding data types instead of serialize/deserialize.
* Optimized storage of constraints data.
Additional assertions on Vault Query constraint data contents (to validate encoding/decoding).
Tested with CompositeKey containing 10 keys.
* Addressing PR review feedback.
* Query by constraints type and data.
* Revert back accidentally removed code for contractStateType filtering.
* Incorporating final PR review feedback. Use @JvmOverloads on constructor.
* Make sure constraintInfo is class evolution friendly.
* Separate out Checkpoint serialization
* Update kdocs
* Rename checkpoint serialization extension methods
* Fix bungled rename
* Limit API changes
* Simplify CheckpointSerializationFactory
* Add CheckpointSerializationScheme to API checker
* CheckpointSerializationScheme should not be implemented
* Move checkpoint serialisation to internal package
* Remove CheckpointSerializationScheme from api-current
* Quarantine internal classes
* Remove checkpoint context from public API
* Remove checkpoint context from public API
* Fix test failures
* Completely decouple SerializationTestHelpers and CheckpointSerializationTestHelpers
* Remove CHECKPOINT use case
* Remove stray reference to checkpoint use case
* Fix broken test
* Reproduce composite query failures.
* Fixes to OR querying and composite queries that use the same QueryCriteria (Linear, Fungible, Custom) more than once.
* Revert debug logging for Hibernate SQL.
* Cleanup and remove redundant joinPredicates global var.
* Fix failing Java Unit test.
* Fix Java compilation error in example-code section of docs.
* Include copy() function for original constructor to maintain backwards API compatibility.
* Move common matches to testing, add some missing ones
* Clarify test logic
* Move common matches to testing, add some missing ones
* Clarify test logic
* Rename 'randomise'
* endregion
* Fix broken unit test
"app", "rpc", "p2p" and "unknown" have security implications (see isUploaderTrusted method) and thus they are not allowed to be used in the uploader field when importing attachments via the public API.
* * First commit for reference input states feature.
* Added docs.
* Added additional test.
* Fixed whitespace.
* Rebased to master.
* Updated Raft and persistent notary implementations.
* Updated changelog.
* Updated topo sort to handle reference states.
* Stubbed out with referenced states flow.
* Added WithReferencedStatesFlow.
* Added Tests for WithReferencedStatesFlow.
* Added ReferenceState type.
* Rebased to latest version of master.
* Added better comments.
* Updated unit test.
* Added comment to explain a little hack.
* Fixed broken contract upgrade RPC test.
* Added minimum platform version check.
* Updated mock network so that notary nodes inherit the platform version set by the network's minimum platform version.
* References states can now only be used when minimum platform version >= 4.
* Created a new file to hold async operations as "WaitForStatesToUpdate" is broadly reusable.
* Refactored WithReferenceStatesFlow
* Updated javadoc for WaitForStatesToUpdate aysnc operation.
* Added network parameters property to InternalMockNetwork.
* Added min platform version capability to mock services.
* Removed erroneous chars from file.
* Made async operation internal and now call it from FlowLogic.
* Moved some transaction checking code around.
* Removed serializable annotation from referenced state and ref.
* Added reference states design doc.
* Added missing KDocs.
* Updated with reference states flow to handle consecutive update races.
* Made platform version info an inheritable thread local.
* Fixed various typos.
* Updated docs.
* Fixed race.
* Removed min platform version checks as API needs more thought.
* Added deprecation to method and supressed warnings.
* Renamed WaitForStatesToUpdate to WaitForStateConsumption.
* Fixed race in WaitForStateConsumption.
* Addressed PR comments and updated comments / KDocs.
* Reverse vault bugfixes.
* * Vault bug fixes.
* * Fixed broken test.
* Moved WaitForStateConsumption to internal package.
Moved start up logic of the various node components out of their c’tors and into “start” methods, which are called from Node.start(). The components themselves are created in the Node’s c’tor with minimal initialisation logic.
Certain things are not immediately available at construction time, which are instead given to the components at start time in an orderly fashion:
* Certs from the node’s key store and trust store
* The network parameters, and thus access to things like maxMessageSize and the contracts whitelist
* A running database - several components were doing database stuff their c’tors
* The node’s NodeInfo, and thus access to things like identities and addresses
The messaging service couldn’t be created in the Node’s c’tor due to initialisation issues with MockNode. This should be fixed in a later commit.
They're prone to cause flaky tests due to the "allocated" ports already being taken by the system when eventually needed. Replaced usages with PortAllocation.Incremental.
Affected unit tests made into integration tests to avoid any issues in the future when unit tests are made to run in parallel.
* filter by contract state in _trackBy
* write tests to check that _trackBy is filtering the states correct and tidy up filtering functions
* remove un needed function
* add change log message for filtering unrelated ContractStates from trackBy
JPA/Hibernate entities need to impose the correct NULL/NOT NULL constraints on the database - whatever these correct values actually are.
API change: net.corda.core.schemas.PersistentStateRef fields (index and txId) are now non-nullable. Rationale: The fields were always effectively non-nullable - values were set from non-nullable fields of other objects. The class is used in context of database table Primary Key of for other entities and a database already imposes those columns as non-nullable (even if JPA annotation nullable=false was absent).
node-api now depends on this module and upcoming changes will use this as well rather than having to depend on node-api.
EnumEvolveTests.deserializeWithRename and EnumEvolveTests.multiOperations are temporarily ignored since their test resources can't be regenerated due to bugs.
It's no longer used as we've switched over to AMQP for RPC calls so
remove it from everywhere and only use it for checkpointing
* Wire up demo bench post Kryo removal
* Test Fixes
* rebase and fix tests
* Test Fix
* wip
* revert changes to api now we don't need to add annotations
* Client and server support for amqp
* Observable (and supporting) serialisers
Unit Tests
* Fixing tests
* Test fixes
* CORDA-847 - Update api doc with additon of @CordaSerializable annotation
* TestFixes
* review comments
* TestFixes
* Test Fix
* Test Fix
* Test Fix
* Test Fix
* Test Fix
* Test Fix
* TestFix
* Test Fix
* Review Comments
* Sync public API's (and associated internal helpers) between Enterprise and OS.
* Add previous default constructor explicitly.
* Keep the API checker happy!
* Revert addition of ENT makeTestDataSourceProperties() function.
Just as we did for the RPC CLient, refactor kryo specific elements into
their own sub module. Also move kryo specific components out of generic
RPC files.
Thus, adding AMQP support will be a much smoother operation
* ENT-1323 Network map service to check all identities in submitted node info
* fixup after rebase
* address PR issues, refactored createValidNodeInfo
* address PR issues
(cherry picked from commit f9ed55b)
- Existing embedded Shell connects via RPC including checking RPC user credentials (before was a direct use of CordaRPCOps): in dev mode when console terminal is enabled, node created `shell` user.
- New Standalone Shell app with the same functionalities as Shell: connects to a node via RPC Client, can use SSL and run SSH server.
This was achieved by having the hash in the node-info file to be just of the node's X.500 name. This also solves existing duplicate node-info file issues that we've been having.
Also updated the docsite.
* CORDA-986 and CORDA-985 CompositeKey and Signature verification performance fixes (#2467)
* CORDA-696: Create separate transaction types for contract upgrade transactions.
Add rationale around upgrade transactions
Move contract upgrade transaction resolution logic into internal until it's stabilised.
Throw a better exception when contract attachment not found
Default legacy contract constraint to always accepting - needs to be changed to whitelist constraint before merging
Introduce a new upgraded contract interface that allows specifying the legacy constraint.
Remove StateLoader, make all tx resolution functions take in ServicesForResolution
Contract upgrade transactions can handle whitelist by zone constraints
When creating a contract upgrade transaction, make sure the attachment of the old cordapp gets attached when using hash constraints.
Attachment lookup for a given contract class name only scans currently loaded cordapps, and we don't load old versions of cordapps.
CORDA-696: Update upgrade docs
* CORDA-1096 - Performance when loading multiple states from the vault (#2609)
* Provide efficient `loadStates()` implementation
* Replace loops using `loadState` with calls to `loadStates`
* Replace `map`/`flatMap` with just a single `flatMap`
* Update check api changes to look for internals
* Update several more uses of internal
* Make check-api-changes script filter out internal class usages
* Make CordaClock part of API
* Update api-current.txt
* Remove exclusion of nodeapi.internal
* Remove access to CordaPersistence from public api
* Don't expose DB Connection from StartedMockNode and remove unnecessary transaction from CustomVaultQueryTest
* Make internal tests that use need db access use InternalMockNetwork
* Make test certificates internal
* Address further review comments
* Revert some accidental changes to api-current.txt
* Address Shams' review comments
* Update Api Scanner to filter out CordaInternal attribute
* Update api-current.txt
* Remove superfluous brackets
* Add transaction to StartedMockNode
* More leaky transaction fixes
* Added per-cordapp configuration
* Added new API for Cordformation cordapp declarations to support per-cordapp configuration
* Added a cordapp configuration sample
* Make SerializationEnvironment private so as not to expose internals.
* Only expose used parts of api
* Make properties lateinit
* Removing java calls to getEnv
* Initialise properties at declaration
* Tidy up imports
Changes compatible with R3.Corda (ENT-794):
1) Added Hibernate corda-wrapper-binary two to to columns.
2) Shorten names of tables in dummy schemas used in tests.
3) Undo removal of compound index of VaultTxnNote (b423fea).
4) Assertions for 2 vault tests don't rely on order of rows.
Introduced DigitalSignatureWithCert and SignedDataWithCert as internal APIs, with the expectation that they will become public; renamed the network parameters end-point to network-parameters; updated the network-map.rst doc; and did some refactoring.
* add foreign key names and move the participants mapping to the subclass so that the table name can be configured
* update api-current file
* fix compilation errors
* PR changes
* PR changes
With network parameters the CN is no longer needed to identify notaries. This frees it up to be used in the node's name alongside the other attributes.
Also, the identity generation logic has been simplified, removing the need to have magic string values for storing distributed identities in the keystore. Now there are just two alias prefixes: "identity" as it was previously, and "distributed-notary".
* Add roles to X509 certificates so that the identity service can always determine which certificate in a hierarchy is the well known identity
* Rename CLIENT_CA certificate type to NODE_CA
* Rename DOORMAN role to INTERMEDIATE_CA
* Correct issue in CashTests where instead of providing a well known identity to generateSpend(), a confidential identity was passed in and a confidential identity generated from it.
* Enforce role hierarchy in PKI
* Enforce that party certificates must be well known or confidential identities
* Add network map certificate role
* * Document TestIdentity entropy and enforce that it actually works
* Ledger/transaction DSL default notary with fresh key
* MockServices default identity with fresh key
* makeTestIdentityService now takes vararg
* Require cordappPackages for MockServices
* DSL automatic serialization init
* Improve error when two MockNetworks used
* * Make cordappPackages required by MockNetwork
* Default identity service in MockServices
* Make notarySpecs Java-friendly
* Take maximum message size from network parameters
* Add epoch handling
* Add handling of network parameters mismatch
Change NetworkMapClient and updater, add handle in
AbstractNode that results in node shutdown on parameters mismatch. Later
on we should implement proper handling of parameters updates.
Add tests of NetworkParameters wiring.
When node starts with compatibilityZone url configured it takes
networkParameters from the networkMap.
* Permit only one network parameters file
On node startup network parameters are read from node's base directory,
we permit only zero or one files to be there. If network map server is
configured the parameters can be downloaded at startup (if not present
in the directory already).
* Update docs on network map endpoints
