The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.
* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.
* Remove pre-generated identity config value.
* Split up obtainIdentity() in AbstractNode to make it easier to read.
* A temporary workaround for the bootstrapper tool to support BFT notaries.
* Update docs
* Add upgrade notes
* Fix rebase issue
* Add a config diff for the bft notary as well
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
NodeStartup - added back Enterprise only serialization case for Oracle database in NodeStartup,
added deduplicationId to execute method in classes overriding FlowAsyncOperation
* CORDA-2113 - Include PNM ID in CSR
If Compatibility Zone operator is using private networks and the node
should be joining one, optionally the ID (a UUID) of that network can be
included as part of the node's CSR to to the Doorman.
* fix broken test
The contract upgrade handler assumes that the state to be upgraded is
created by a WireTransaction. This breaks the upgrade process if it was
in fact issued by a ContractUpgradeWireTransactions or a NotaryChangeWireTransaction.
The entry point to the API has been simplified to just requireing a list of packages to scan, with sensible defaults provided for the metadata. Because of the wither methods, having parameters for the metadata (with default values) seems unnecessary. Also the ability to scan just individual classes has been made internal, as it seems unlikely app developers would need that level of control when testing their apps.
TestCordappImpl is a data class and thus acts as a natural key for the Jar caching, where previously the key was the package names. This fixes an issue where it was not possible to create two CorDapp Jars of the same package but different metadata.
* ENT-2295: added SNI support to bridge
* ENT-2295: removed unused method args, adde new line
* ENT-2295: fix checking for existing bridges
* ENT-2295: fix AMQPBridgeTest(included source x500 name in messages)
* ENT-2295: fix ProtonWrapperTests (added source id and only check for SNI if bridge is shared)
* ENT-2295: fixed issue with artemis round robin not working when autogrouping was on
* ENT-2295: adapt to use openSSL, added SNI tests
* ENT-2295: server side openSSL now uses SniHandler magic
* ENT-2295: service queues are not exclusive
* ENT-2295: remove check for nodes sharing artemis when resolving targets
* ENT-2516 SNI - Log the requested server name (if any) in the AMQPServer (#1454)
* WIP
* log server name in ssl handshake
* big fix
* handle nullable sslParameters
* ENT-2295: address PR comments
* ENT-2295: remove unused imports
* ENT-2295: fix warnings
* ENT-2295: address PR comments
* ENT-2295: added node to node intergration tests, added openssl dep to bridge capsule
* ENT-2295: message group id is unique for service queues
* ENT-2295: address PR comment
* Move Raft and BFT notaries into separate modules
* Move schemas
* Fix tests & demos
* Modified logic for creating notary services:
Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.
For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.
* Move test namedcache factory to test utils
* Introduce SerializeForCarpenter annotation
* Apply SerializableComputedProperty annotation to Cash.exitKeys, fix bugs
* info -> trace
* Remove annotation from FungibleAsset, as we do not know whether all implementing classes will provide the property as a calculated value
* Remove redundant import
* Explicit lambda params
* Restore explicit import for Enum valueOf
* Moving and rescoping
* More meaningful error message
* Add java test and documentation
* Fix accidentally broken unit test
* Ignore superclass annotation if property not calculated in implementing class
* Exclude calculated properties from Jackson serialisation
* Fix broken test
