* add option to automatically package migration scripts into a migration cordapp
* fix compile error
* add explict "OK" from user to create jar
add warning about possible data corruption
refactor check for --jar to be easier to read.
Column vault_fungible_states.issuer_ref were never set to non-nullable so no need to drop this constraint - this will be also removed from OS as separated PR. The issue detected against Oracle db which doesn't allow set column constraint to NULLABLE if it's already NULLABLE.
Added new table to test setup/cleanup.
* ENT-1394: artemis locators for HA bases on configuration
* ENT-1394: bridge artemis connection service with HA impl
* ENT-1394: added own round robin logic for artemis client connections
* ENT-1394: added support for external clustered artemis to internal RPC client
* ENT-1394: added failover listener to internal rpc client, some cleanup
* ENT-1394: remove unused import
* ENT-1394: refactored after rebasing
* ENT-1394: refactored after rebasing, addressed PR comments
* ENT-1394: got rid of HA connection service in favor of a simple check inside current one
* ENT-1394: ha locator gets its own thread to handle failover that happens behind the scenes
* ENT-1394: move ha artemis flag in the outboundConfig
* ENT-1394: haArtemis flag has default value in constructor
* ENT-1394: address PR comment, handle status change during failover
* ENT-1394: reverted usage of ha locator
* ENT-1394: ensure that on failover the p2pclient sends a fresh snapshot to the bridge
* ENT-2636: Introduce ModeSelectingChannel
Next step: Add an integration test.
* ENT-2636: Explicitly retain/release ByteBuf
* ENT-2636: Use ByteBuf API and stop using `java.nio.ByteBuffer`
* ENT-2636: Add new optional FirewallConfiguration parameter
* ENT-2636: Simplify implementation of ModeSelectingChannel
* ENT-2610: Create integration test to check response on TCP call and fixes to ModeSelectingChannel
* ENT-2610: Extend integration test fixes to ModeSelectingChannel
Doesn't currently work well for longer messages.
* ENT-2610: Extend integration test fixes to ModeSelectingChannel
Doesn't currently work well for longer messages.
* ENT-2610: Fixes to ModeSelectingChannel so it works well for longer messages.
* ENT-2610: Reflect `healthCheckPhrase` from `FirewallConfiguration` onto `AMQPConfiguration`
* ENT-2610: Incorporate review comments by @mnesbit
* ENT-2636: Extend the test to drip feed bytes one-by-one.
Also remove TRACE level packet logging for speed and log space reduction.
Logging-wise the following printed into the log every time TCP echo performed:
```
[INFO] 11:03:16,016 [nioEventLoopGroup-5-1] logging.LoggingHandler.info - [id: 0x202c2137, L:/0:0:0:0:0:0:0:0:10001] READ: [id: 0x073fda76, L:/10.18.1.203:10001 - R:/10.18.1.203:59274]
[INFO] 11:03:16,016 [nioEventLoopGroup-5-1] logging.LoggingHandler.info - [id: 0x202c2137, L:/0:0:0:0:0:0:0:0:10001] READ COMPLETE
[INFO] 11:03:16,018 [nioEventLoopGroup-6-4] netty.AMQPChannelHandler.invoke - New client connection 073fda76 from /10.18.1.203:59274 to /10.18.1.203:10001 {allowedRemoteLegalNames=null, localCert=null, remoteAddress=/10.18.1.203:59274, remoteCert=null, serverMode=true}
```
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Disruptive change to `CertificateStore` (will cause compilation failures)
* ENT-2610: Address compilation failures caused by separation of `storePassword` and `keyPassword` e.g. in `X509KeyStore`
* ENT-2610: Docs update to flag that passwords have to be the same due to Artemis limitations.
* ENT-2610: Make changes to `bridge` module.
Make private key password optional in `BridgeSSLConfigurationImpl` and extend `ConfigTest`.
Also improve exception reporting when necessary option is missing.
* ENT-2610: Fixes to `bridge` integration tests.
* ENT-2610: Whenever it comes to Dev node certificates ensure that private key password is the same as store password
or else Artemis is not going to accept that, see comment in DevIdentityGenerator.
* ENT-2610: More unit test fixes
* ENT-2610: More integration tests fixes
* ENT-2610: Fix netty code to use `privateKeyPassword` where necessary
* ENT-2610: Remove the use of `keyPassword` for `trustStore`
* ENT-2610: Compilation fixes after merge from `master`
* ENT-2610: Add an integration test which proves that diff. passwords work
* Move testplans and sensitive config out of resources into a new data directory. Required code/config changes for that to work.
Server RMI mappings are now mandatory on the cmd line when using ssh tunnels, no more defaults in the resources.
* Add sample test plans that show what we do without having any passwords or hostnames in them.
* Add more descriptions/comments to the sample test plans.
* Visibility settings and annotations to stop warnings when running notary healthcheck.
* Add progress trackers so the warnings about unstarted progress trackers disappear.
* Fix changelog file
* Fix file path to changelog
* Standardise the naming scheme for notary cordapps.
* Revert "Standardise the naming scheme for notary cordapps."
This reverts commit 7cd42f6
* Standardise the naming scheme for notary cordapps in a better way.
* Publish to artifactory
The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.
* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.
* Remove pre-generated identity config value.
* Split up obtainIdentity() in AbstractNode to make it easier to read.
* A temporary workaround for the bootstrapper tool to support BFT notaries.
* Update docs
* Add upgrade notes
* Fix rebase issue
* Add a config diff for the bft notary as well
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
NodeStartup - added back Enterprise only serialization case for Oracle database in NodeStartup,
added deduplicationId to execute method in classes overriding FlowAsyncOperation
* First phase of supporting exceptions within the DJVM.
* Suppress unwanted inspection warnings about Kotlin/Java Map.
* Add support for exception stack traces within the sandbox.
* Simple review fixes.
* Extra fixes after review.
* Add DJVM support for String.intern().
* Partially restore implementation of SandboxClassLoader.loadClass().
* More review fixes.
