Commit Graph

191 Commits

Author SHA1 Message Date
Patrick Kuo
a435c23e19
ENT-1557 - Network Map returns 404 not found for current node info advertised in the network map (#511)
* * added is current and timestamp to the node info table
* getNodeInfoHashes returns all "current" node info hashes
* TODO: network map should return 404 if receive old node info request
* TODO: database migration integration test

* fix compilation error

* * removed unnecessary unique constraint

* rebase and tidy up liquid base xml

* address PR issues

* address PR issues

* address PR issues
2018-03-14 11:53:55 +00:00
Michal Kit
341e060424
Adding CSR signature verification (#537) 2018-03-14 09:17:09 +00:00
Shams Asari
34800ab527
Split up the parsing of the command line arguments from the parsing of the config files. (#547)
Also, the "config-file" command line argument for the doorman jar is required - it no longer defaults to network-management.conf
2018-03-14 07:01:53 +00:00
Michal Kit
4f263f806b
Fixing missing configuration (#530)
* Fixing missing configuration

* Addressing review comments
2018-03-13 16:49:02 +00:00
Shams Asari
e22e7acd67
Various cleanups of the network-management code (#545) 2018-03-13 10:58:04 +00:00
Chris Rankin
46a5684762
Delete assertion for modified time as it can never be reliable. (#540) 2018-03-12 10:40:36 +00:00
Patrick Kuo
fb350d9463
* Fix change set ID (#529) 2018-03-09 15:09:46 +00:00
Michal Kit
5f49bfc88a
CRL - persistence layer (#509)
* Addressing review comments

* Certificate Revocation List - persistence layer

* Addressing review comments

* Addressing review comments

* Addressing review comments

* Adding a crl test
2018-03-08 13:28:02 +00:00
Patrick Kuo
feeba03fbf Regenerate liquidBase change log (#518)
* rebase liquidBase change log

* * address PR issues
* Better constraint name
* change Varchar to NVarchar

* Removing liquibase migrations for CRR (#525)

* Removing liquibase migrations for CRR

* Addressing review comments
2018-03-07 16:02:02 +00:00
Michal Kit
6bed95c02b
Certificate Revocation Request - Persistence Layer (#507)
* Certificate Revocation Request - Persistence Layer

* Addressing review comments

* Addressing review comments

* Adding comments to the requestId field
2018-03-07 11:13:34 +00:00
Michele Sollecito
da1afd9c55
Introduced copyright in all source files. (#519) 2018-03-06 17:29:21 +00:00
Katarzyna Streich
e4d2155671
Add version logging to hsm signing service (#502)
Add version logging to hsm signing service
2018-03-06 14:56:05 +00:00
Michal Kit
021b677b7d
Renaming DAO for the CSR (#500) 2018-03-02 12:15:46 +00:00
Michal Kit
8f05dc2230
Renaming configuration sections for doorman and network map (#472) 2018-03-02 11:41:00 +00:00
Michele Sollecito
29215035e1
Merge pull request #498 from corda/merges/march-1-15-20
merges/CORDA-926_march-1-15_20
2018-03-02 10:17:12 +00:00
sollecitom
5e5cb1888b Made strict behaviour optional default to true for conf parsing. HSM and Doorman can opt in for this functionality independently. 2018-03-02 09:19:47 +00:00
Michal Kit
2d16647498
Refactoring modifiedBy and status fields for the certificate signing … (#475)
* Refactoring modifiedBy and status fields for the certificate signing request entity

* Fixing migration
2018-03-02 08:50:38 +00:00
sollecitom
38208d9e44 Made strict behaviour optional default to true for conf parsing. HSM and Doorman can opt in for this functionality independently. 2018-03-01 18:08:22 +00:00
Katarzyna Streich
8239c5d29f
Add network-management version info on startup (#497)
* Add network-management version info on startup

Add version info to manifest file and print it out on network-managemnet
startup
2018-03-01 17:09:59 +00:00
Ben Abineri
1e478b5164
Merge pull request #468 from corda/mkit-adding-logging-desc-to-readme
Documenting log level setting when starting doorman
2018-02-28 10:57:03 +00:00
sollecitom
d7b7dc4925 Merge branch 'master' into merges/february-23-15-30 2018-02-26 09:30:43 +00:00
Michele Sollecito
7828e658ac Revert "Merges - 23rd February 2018 at 15:30 (#479)" (#482)
This reverts commit 2f60ff44a6.
2018-02-26 09:28:56 +00:00
Michele Sollecito
2f60ff44a6
Merges - 23rd February 2018 at 15:30 (#479) 2018-02-23 17:53:15 +00:00
Thomas Schroeter
d3dcbfb6c3
Fix path of main class (#478) 2018-02-23 17:05:05 +00:00
sollecitom
3d4e24a364 Patched doorman network parameters with empty list for now, and added a TODO. 2018-02-23 16:01:49 +00:00
Andras Slemmer
f5167e207f Merge remote-tracking branch 'origin/master' into aslemmer-merge-19-Feb 2018-02-23 11:18:16 +00:00
Patrick Kuo
94f73920cc
ENT-1443 Add cert role to CSR and doorman issue cert according to the cert role (#431)
* Doorman and HSM create certificate base on requested cert role specified in the certificate signing request.
2018-02-23 10:57:59 +00:00
Michal Kit
6153a336c2 Documenting log level setting when starting doorman 2018-02-20 15:23:04 +00:00
Andras Slemmer
6b2b7b6a3c Merge commit 'fa4b5d16ba6249f85b50851c2f52dc697eebdee6' into aslemmer-merge-19-Feb 2018-02-20 13:26:31 +00:00
Andras Slemmer
66dd6afe2e Merge commit 'd072f6c275a5ff770aa66e37b9492a387d757329' into aslemmer-merge-19-Feb 2018-02-19 16:46:15 +00:00
Andras Slemmer
1d7b0fc499 Merge commit '86fb1ed852c69121f989c9eeea92cfb4c27f9d13' into aslemmer-merge-19-Feb 2018-02-19 16:14:43 +00:00
Michal Kit
e6e2836119
Implementing dual execution mode of the HSM signing service (#380)
* Implementing dual execution mode for the hsm signing service

* mend

* Addressing review comments

* Extracting processor classes
2018-02-08 16:54:07 +00:00
Michal Kit
8c5f0ac0ca
Making BasicConstraints a critical extension (#420)
Path length will be decided in another ticket - https://r3-cev.atlassian.net/browse/ENT-1508
2018-02-08 14:30:20 +00:00
Michal Kit
73fbff6c4f
Adding HSM permissions related tests (#448)
* Adding HSM permission tests

* Addressing review comments
2018-02-06 13:55:32 +00:00
Michal Kit
3baa15960f
Switching to reading the root certificate from the truststore (#449)
* Switching to reading the root certificate from the truststore

* Addressing review comments
2018-02-05 12:39:57 +00:00
Patrick Kuo
dca8699e7c
set network registration poll interval via http cache control header (#434)
* set network registration poll interval via http cache control header from the server side

* default poll interval to 10 seconds if cache header not found

* address PR issues

* address PR issues
2018-02-01 13:38:25 +00:00
Michal Kit
641cecaf70
Mkit cp ent 1458 fixing hardcoded sign interval (#437)
* Fixing hardcoded sign interval config

* Addressing review comments
2018-02-01 07:37:26 +00:00
Michal Kit
88a6e59906
Mkit cp fix network map serialization issue (#430)
* Fixing serialization issue for the network map signer

* Addressing review comments

* Adding more assertions to the network map test

* Changing assertTrue to assertThat
2018-01-31 14:36:27 +00:00
Patrick Kuo
970303dc2d fix broken test after merge 2018-01-30 14:23:24 +00:00
szymonsztuka
1ecf646f7e
Oracle 11xe and 12c database compatibility (#206)
* Sql setup scripts for Oracle and datasource configuration.
* CashSelection for Oracle.
* Workaround of forbidden distinct for BLOBs.
* ojdbc8.jar driver dependency from Oracle Maven repository, ojdbc6.jar from lib (it's not in Maven repo).
* allow to use random Port in node names and trim it from schema name, remove schema with port numbers from db setup (to cater for new test, non Oracle specific change) 
* Removed unnecessary code from ConfigUtilities (non Oracle specific change) 
* Removed db integration tests setup for RPCStabilityTest as it doesn't start any nodes
2018-01-29 18:35:58 +00:00
Patrick Kuo
da5d0ab806
Add trace logging to network map service (#410)
* add trace logging on network map incoming request

* address PR issue, added trace logging for get end points
2018-01-29 17:44:43 +00:00
Shams Asari
2432b1380e
Clean up of network-management to make more use of the existing X509 utilities (#419) 2018-01-29 12:49:58 +00:00
Shams Asari
881379b889 Merge branch 'master' into shams-os-merge-250118 2018-01-26 13:45:21 +00:00
Shams Asari
336aeb96e5 Merge fixes 2018-01-26 13:45:03 +00:00
Michal Kit
5a29e76664 Unifying HSM signing service name (#391) 2018-01-26 09:25:40 +00:00
Michal Kit
83ea4611ca
Addressing multiple key groups. Removing redundant config parameters for private key passwords (#409) 2018-01-25 16:40:42 +00:00
Michal Kit
5f1590d97f
Cherry picked commit from the release DEV preview branch. This is the fix for the database config not being honoured by doorman (#408) 2018-01-25 15:41:59 +00:00
Patrick Kuo
5be4df918e
Make truststore password configurable during root store generation in doorman (#388)
* Doorman will now ask for truststore password, or can be provided in cmd line arg.

* rebase and changed keystore filename for HSM

* make "network-root-truststore.jks" a const
2018-01-24 16:17:32 +00:00
Patrick Kuo
45b23737c7
Fix broken network management server status endpoint (#397)
* add missing Path annotation and test

* Address PR issue
2018-01-24 14:41:12 +00:00
Michal Kit
55385613ac
Removing configuration parameter for private key passwords (#395) 2018-01-24 12:12:46 +00:00
Tudor Malene
cef1f9885c
ENT-1282: create standalone db migration tool (#356)
* ENT-1282: add standalone db migration tool that works with both the node and the doorman

* ENT-1282: remove cmd line args during node startup

* ENT-1282: more clear message

* ENT-1282: fix integration test

* ENT-1282: more fixes and cleanup code

* ENT-1282: address PR comments

* ENT-1282: more fixes and refactoring

* ENT-1282: more classloader fixes

* ENT-1282: changes after demo feedback

* ENT-1282: update API

* ENT-1282: update documentation

* ENT-1282: formatting

* ENT-1282: added CONSOLE option for dry-run and logging

* ENT-1282: documentation changes

* ENT-1282: remove getMigrationResource from the public API

* ENT-1282: removed dependency on network-manager, added release-lock

* ENT-1282: Update documentation
2018-01-24 11:55:43 +00:00
Michal Kit
789ce5d44a
Initial implementation of the certificate generation tool (#148)
* Initial implementation of the certificate generation tool

* Adding trust store persisting

* Addressing review comments

* Adding certificate type to the certificate generation process.

* Addressing review comments

* Fixing typos

* Changing keyOverride to 0 in examples and tests

* Addressing review comments + rebasing

* Adding CRL information to the certificate generation process

* Generation tool refactoring

* Addressing review comments
2018-01-23 11:50:03 +00:00
Michal Kit
e1098dee4b
Adding public key constraint (#319)
* ENT-1356 Adding public key constraint

* Addressing review comments

* Removing SERIALIZABLE from transaction

* Adding stashed changes

* Removing SERIALIZABLE from node info storage

* Addressing review comments

* Addressing possible certificate inconsitency (design gap) + clearing whole database for new liquibase changeset

* Addressing review comments
2018-01-22 14:10:33 +00:00
Michal Kit
cee975c1c1
Reverting schema changes and following the liquibase change tracking … (#385)
* Reverting schema changes and following the liquibase change tracking flow

* Addressing review comments

* Adding other tables cleanup

* Renaming the changeset file
2018-01-22 12:11:31 +00:00
Patrick Kuo
43604ed212
Handle rejected jira issues in doorman (#371)
* handle reject status from jira - WIP

* fix up after rebase

* address PR issue and fix build error after rebase
2018-01-22 10:45:25 +00:00
Ross Nicoll
3094e44115 Dump exception to System.err (#213) 2018-01-19 22:21:43 +00:00
Shams Asari
2f8836c8ad
Some long overdue cleaning up of some of the doorman code. (#362) 2018-01-18 23:08:02 +00:00
Katarzyna Streich
f2f803ecd5
HSM signing of network parameters (#363)
Add HSM signing of network parameters
2018-01-18 12:05:18 +00:00
Michal Kit
af21f6065d
Fixing missing certificate (#373)
* Fixing missing certificate

* Addressing review comments
2018-01-18 11:15:11 +00:00
Viktor Kolomeyko
299d9bef77 Minor: numbering update. 2018-01-18 11:03:41 +00:00
josecoll
eb9a51af75 Merge branch 'master' into colljos-merge-release3-dp-master 2018-01-16 14:28:07 +00:00
Przemyslaw Bak
66b47f0926 Highlight some text. 2018-01-16 10:44:54 +00:00
Przemyslaw Bak
7bc2f2a8e6 Set maxMessageSize and maxTransactionSize at the real, useful values 2018-01-16 10:02:53 +00:00
josecoll
24bf6df868 Merge branch 'master' into colljos-merge-release3-dp-master 2018-01-16 09:58:51 +00:00
Shams Asari
b1509607cb Updating network-management to use DigitalSignatureWithCert, network map certs and other relevant changes from O/S. 2018-01-15 15:23:07 +00:00
josecoll
120500646c Minor reverts requested by Shams. 2018-01-15 11:54:24 +00:00
josecoll
05b8d936b5 Remove duplicate import. 2018-01-13 11:27:21 +00:00
josecoll
4ea0cc9a3a Remove empty file with incorrect name. 2018-01-13 11:26:17 +00:00
josecoll
f58c1a9902 Remove redundant empty line. 2018-01-13 11:24:59 +00:00
josecoll
3e8132b687 Revert to correct spacing. 2018-01-13 11:23:37 +00:00
josecoll
729aa65e7f Merge from R3 Corda 3.0 Dev Preview release branch to master 2018-01-13 11:00:01 +00:00
Michal Kit
4caf6d92ea
ENT-1350 unifying the config-file command line argument (#333)
* ENT-1350 unifying the config-file command line argument

* Changing README.md
2018-01-10 16:27:59 +00:00
Tudor Malene
12546c0a7c
[ENT-1281]: Disable database.runMigration by default and enforce database version on startup. (#264)
* [ENT-1281]: set database.runMigration=false by default and add state check at startup

* [ENT-1281]: attempt to fix tests

* [ENT-1281]: attempt to fix tests

* [ENT-1281]: set runMigration=true in the cordformation plugin

* [ENT-1281]: attempt to fix tests

* [ENT-1281]: attempt to fix tests

* [ENT-1281]: attempt to fix tests

* [ENT-1281]: fix formatting

* [ENT-1281]: typo and javadocs

* [ENT-1281]: small refactoring and added test for SchemaMigration

* [ENT-1281]: update documentation to reflect changes

* [ENT-1281]: fix tests after merge

* [ENT-1339]: for h2, allow schemas without migrations to run (#294)

* [ENT-1339]: for h2, allow schemas without migrations to run

* [ENT-1339]: fix various migration issues and change author name

* [ENT-1339]: add naming convention for migrations

* [ENT-1339]: change naming convention to use hyphens

* [ENT-1339]: change mapping of participants to be able to control the table name

* [ENT-1339]: change FK names to <=30 for oracle 11g compatibility

* [ENT-1339]: cmd line argument for migrations made consistent

* [ENT-1339]: revert abstract state superclasses

* Update db integration test setup - new tables.

* Update db integration test setup - new tables.

* [ENT-1339]: remove final from participants to allow table name config

* [ENT-1339]: shortened pk

* [ENT-1339]: revert constructor

* [ENT-1339]: change getMigrationResource api to Nullable

* fix compile error

* [ENT-1281]: fix tests after merge

* [ENT-1281]: fix tests after merge
2018-01-10 11:32:24 +00:00
Michal Kit
3c8ebdedae
ENT-1355 Rejecting all registration requests, if there is already an entry with the same name (#310) 2018-01-10 10:57:07 +00:00
Tudor Malene
0c646ff662
[ENT-1339]: for h2, allow schemas without migrations to run (#294) (#305)
* [ENT-1339]: for h2, allow schemas without migrations to run (#294)

* [ENT-1339]: for h2, allow schemas without migrations to run

* [ENT-1339]: fix various migration issues and change author name

* [ENT-1339]: add naming convention for migrations

* [ENT-1339]: change naming convention to use hyphens

* [ENT-1339]: change mapping of participants to be able to control the table name

* [ENT-1339]: change FK names to <=30 for oracle 11g compatibility

* [ENT-1339]: cmd line argument for migrations made consistent

* [ENT-1339]: revert abstract state superclasses

* Update db integration test setup - new tables.

* Update db integration test setup - new tables.

* [ENT-1339]: remove final from participants to allow table name config

* [ENT-1339]: shortened pk

* [ENT-1339]: revert constructor

* [ENT-1339]: change getMigrationResource api to Nullable
2018-01-09 14:44:17 +00:00
Anthony Keenan
a65db712c7
ENT-1226 Check minimum platform version when submitting node info (#300)
* Adding min platform version check when submitting node info

* Return error message to developer

* Fixing integration test

* Added todo to move checks out of data layer

* Added extra logging in nodeinfowebservice and use nodeinfo.verified instead of deserialize

* Tidy up tests

* Cache network parameters

* Add NodeInfoWithSigned class to stop calling to only verify node data once

* Fixing review comments

* Return correct response code if doorman not initialised properly

* Fix merge conflict
2018-01-09 13:31:26 +00:00
Shams Asari
2832eb489b
Replaced DoormanIntegrationTest with NodeRegistrationTest which does a simple end-to-end registration test using the node driver. (#279) 2018-01-08 21:45:39 +00:00
Katarzyna Streich
e92ce3ad37 Add correct value of maxMessageSize
For network-parameters.conf in network management
2018-01-08 12:54:51 +00:00
Shams Asari
52e42ce22f Merge remote-tracking branch 'origin/master' into shams-os-merge-040118 2018-01-05 15:20:19 +00:00
Michal Kit
a83f4fd61b
Changing network parameters to use node info files instead of by hand… (#288)
* Changing network parameters to use node info files instead of by hand specification of notary

* Addressing review comments

* Different names for notaries

* Updating README
2018-01-05 15:10:34 +00:00
Shams Asari
133fd27222 Merge fixes and updated network-management to work with the move away from X509CertificateHolder 2018-01-04 18:30:21 +00:00
Tudor Malene
b8fa95b3d1
[ENT-1145]: change name of foreign keys to a human-readable format of FK__from_table__to_table (#275) 2018-01-03 15:35:31 +00:00
Michal Kit
e9c2090832
Fixing the HSM service config overriding issue (#274)
* Fixing the HSM service config overriding issue

* Addressing review comments
2018-01-03 11:26:45 +00:00
Shams Asari
022daf2190 Merge and test fixes 2018-01-02 16:39:52 +00:00
Shams Asari
19df02541a
Added network-parameter REST endpoint for vending signed network parameters. (#252)
For now this only works with the local signer.
2017-12-22 14:53:36 +00:00
Tudor Malene
83efd33fc7
removed unnecessary "display width" db settings that were failing in postgres (#247) (#251) 2017-12-22 09:55:33 +00:00
Christian Sailer
a2344f15fb
Unicode columns for SqlServer (#248)
* ENT-1291 Switch liquibase changelogs to use nvarchar instead of varchar

* Configure Hibernate to use nationalised strings

* Configure Hibernate to use nationalised strings

* Change schema so that UUIDs are varchars

* Update schema certificate signing request status is not unicode

* Upper case suffix for audit tables

* nvarchar -> varchar for status in the audit table

* Capitalisation

* Capitalisation

* Force hibernate to use unicode columns on SQL server

* Force hibernate to use unicode columns on SQL server

* Schema change to make PostgreSql happy

* SQL files to initialise the perfcluster db for SQL server and PostgreSql

* Code ordering and extra comment
2017-12-21 17:34:21 +00:00
Shams Asari
2a0eefd351
Doorman generates trust store file, containing the root cert, instead of the .pem file (#241) 2017-12-21 13:54:10 +00:00
Christian Sailer
5c5acfac73 Capitatlisation of table/column names in network-management schema (#237)
Capitatlisation of table/column names in network-management schema
2017-12-21 09:41:29 +00:00
szymonsztuka
d9574338bc
Liquibase works for a single db user with multi schema setup (par of ENT-1275) (#233)
* Override Liquibase default schema by one from the node configuration (database.schema) if they are different. This allows database tables be created within a correct schema when no default schema is set at database level.
* Pass in the databaseConfig.schema for network manager (for Liquibase schema migration).
2017-12-20 17:17:17 +00:00
Tudor Malene
c288dcec20
fix hibernate sequence min value (#236) 2017-12-20 16:22:41 +00:00
Shams Asari
97fac8e988 Merge branch 'master' into shams-os-merge-201217 2017-12-20 13:16:30 +00:00
Shams Asari
d48bc41a7c Revert "Shams os merge 191217 (#223)"
This reverts commit 2461421
2017-12-20 13:01:19 +00:00
Ross Nicoll
d31f27571b
Switch from KRYO serialization to AMQP (#229) 2017-12-20 12:59:01 +00:00
Shams Asari
246142173d Shams os merge 191217 (#223)
* CORDA-876 MockNetwork no longer leaks serialization env if init fails (#2272)
* Removed all remaining special treatment of the X500 common name.
* Move unspecifiedCountry to internal. (#2274)
* Merge fixes, which includes fixing the doorman tests and updating the doorman to not set a CN in the CSR responses
2017-12-20 10:32:42 +00:00
Shams Asari
3c64e9feec Merge fixes, which includes fixing the doorman tests and updating the doorman to not set a CN in the CSR responses 2017-12-20 01:03:34 +00:00
Katarzyna Streich
4e80a33dea Fixes after os -> ent merge to networkManagement (#214)
* Quick fixes

* Fix SignedNodeInfo

Introduce network-management schema changes to reflect that NodeInfos
can have multiple signatures.

* Address Shams comments

Store SignedNodeInfo as a blob for network management tool.
2017-12-19 21:36:30 +00:00
Ross Nicoll
3ab1a06db6
Improve run instructions for the HSM doorman (#190)
* Add more detail to HSM doorman outputs
* Remove duplicate display of defaults, add default value where it was only set in text, and show the actual names of the authentication modes.
* Add instructions for getting command line help
* Change error display to use System.err
2017-12-19 12:47:54 +00:00
Andras Slemmer
107fcf82e3 Fixing stuff 2017-12-18 15:39:08 +00:00
josecoll
fc7445f714 Resolve compilation issues related to Network Map changes. 2017-12-18 11:30:32 +00:00