Commit Graph

659 Commits

Author SHA1 Message Date
Viktor Kolomeyko
835321bb70
ENT-6286: OS: Upgrade version of Artemis to 2.19.1 (#6975)
Fixes DDoS attack mentioned on the Jira ticket.

PR upgrades Artemis library to version 2.19.1.
This is our own release of Apache Artemis library which has vulnerability fix for v2.20 applied.

**_Breaking changes discovered during Artemis upgrade:_**
1. When the queue is created as temporary, it needs to explicitly be specified as non-durable.
2. By default, Artemis Client performs Host DNS name check against the certificate presented by the server. Our TLS certificates fail this check and this verification has to be explicitly disabled, see use of: `TransportConstants.VERIFY_HOST_PROP_NAME`.
3. Artemis Server now caches login attempts, even unsuccessful ones. When we add RPC users dynamically via DB insert this may have an unexpected outcome if the user with the same `userName` and `password` was not available previously.
To workaround permissions changing dynamically, authorization and authentication caches had to be disabled.
4. When computing `maxMessageSize`, the size of the headers content is now taken into account as well.
5. Artemis handling of start-up errors has changed. E.g. when the port is already bound.
6. A number of deprecated APIs like: `createTemporaryQueue`, `failoverOnInitialAttempt`, `NullOutputStream`, `CoreQueueConfiguration`.
7. Log warning message is produced like: `AMQ212080: Using legacy SSL store provider value: JKS. Please use either 'keyStoreType' or 'trustStoreType' instead as appropriate.`
8. As reported by QA, Artemis now produces more audit logging more details [here](https://r3-cev.atlassian.net/browse/ENT-6540). Log configuration been adjusted to reduce such output.
2022-01-21 09:18:14 +00:00
Edoardo Ierina
82a114a329
[DRAFT] feat/CORDA-3823-hash-agility-qa-ready (#6789)
* wip

* wip

* wip (need to review IEE comments)

* wip

* wip

* Small refactoring, fixed network-verifier's TestNotaryFlow

* Added command line option to explicitly enable hash agility support

* wip-do-not-push

* wip

* wip

* wip

* aligned merkletree/transaction hash algorithms

* wip

* Added mixed algorithm support for nodes vs leaves and corrected mixed algorithm tests

* moved global computeNonce and componentHash to DigestService

* added comment for failing test to fix

* wip

* Minor cleanups, added deprecated componentHash/computeNonce

* restored exploratory changes to failing SignedTransaction test

* cleaned up and minor rafactoring

* Fixed some tests with hardcoded hash algorithm

* some changes and cleanups following code review

* WIP commit before large change

* WIP Fixed 3 tests

* WIP removed direct references to randomSHA256() and sha256()

* Updated/added liquibase migrations to support larger hash algorithms

* Reviewed, cleanups, comments, fixes

* removing direct references to sha256()

* WIP verifying obligations test errors

* reviewing obligation/attachment issues with sha3_256

* Full review before PR - intermediate commits

* Reviewed and cleaned up

* Futher cleanup

* Fixed partial tree backward compatible json and cleanups

* all tests passing

* Removed couple of unused imports

* Reworked global componentHash function to avoid deprecated warnings

* replaced SHA3s with some alternate SHA2s

* Removed SHA3-256 and SHA3-512 references

* fixed some tests using non ubiquitous hash algorithms

* Fixed ABI compatibility (not for TransactionBuilder)

* Fixed ABI compatibility to TransactionBuilder

* couple of fixes

* fixed DigestService's randomHash

* Removed constructor with loosely typed args for private constructor of LedgerTransaction class (API removal)

* re-introduced LedgerTransaction deprecated ctor for deserialization

* Add possibility to load CustomMessageDigest bypassing JCA (#6798)

* Change api-current for DigestAlgorithm

* disable flaky tests

Co-authored-by: Denis Rekalov <denis.rekalov@r3.com>
2020-11-05 22:05:29 +00:00
Denis Rekalov
551b3f0811
CORDA-4054: combine different identities of the same notary after its key rotation (#6734) 2020-10-16 13:53:04 +01:00
Ryan Fowler
ed9f6f0ce1 Merge branch 'release/os/4.6' into rfowler-os-4.6-ent-4.6-20200922 2020-09-22 11:42:00 +01:00
Dan Newton
317b59ab9d
NOTICK Fix kill flow standalone rpc client test (#6721)
Test was flaky because the flow can finish below it can be killed,
therefore failing the test. Sleep for 1 minute instead to give plenty of
time for the test.
2020-09-18 15:15:44 +01:00
Ryan Fowler
83ec8289b6
ENT-5492 Let the MissingAttachmentException through the RPC (#6719)
* CORDA-4036: Put the identity failures on the same log so they aren't missed.

* ENT-5492: Let the MissingAttachmentException propagate out
2020-09-16 16:41:11 +01:00
Dan Newton
bd7b96e816
ENT-5768 startFlowWithClientId permissions (#6708)
Do not let a user reattach to a flow started by another user.

Reattaching to a flow using startFlowWithClientId for a flow not
started by the current user throws a PermissionException

Reattaching to a flow using reattachFlowWithClientId for a flow not
started by the current user returns null.

finishedFlowsWithClientIds does not return flows started by other
users.

Normal rpc permissions around startFlowWithClientId and
startFlowDynamicWithClientId has also been added.

To allow admins to remove client ids as well as be able to see all the
client ids on the node, admin versions have been added that bypass the
user restrictions. These can be permitted via rpc to only provide
their usage to admins.
2020-09-16 16:11:06 +01:00
Kyriakos Tharrouniatis
6829be7ae9
ENT-5754 - RPC startFlow cannot reattach to existing client id flows when flows draining mode is enabled (#6707)
* Make existing client id flows re-attachable via rpc 'startFlow' when flows draining mode is enabled

* Fix detekt issue

* Remove unneeded/ unreached waiting on flow's return future
2020-09-15 09:04:17 +01:00
Ryan Fowler
6f2cac146c
ENT-5492: Don't do reconnect logic on illegal argument for attachments (#6693)
* ENT-5492: Don't do reconnect logic on illegal argument for attachments

* Use a dedicated exception for missing attachments.
2020-09-09 12:20:16 +01:00
Joseph Zuniga-Daly
eecc294820 Merge OS 4.6 OS 4.7
Conflicts:
- .ci/api-current.txt - Kept existing version on 4.7 as I'm about to regenerate the file
2020-09-01 15:28:37 +01:00
Kyriakos Tharrouniatis
90ab495798
NOTICK - Fix concurrency issue in flaky test (#6674)
* Fix concurrency issue in test; should be fixing flaky test
* Replace 'incrementAndGet' occurences with 'getAndIncrement'
2020-08-28 12:48:20 +01:00
Matthew Nesbit
57f4858a29
Merge pull request #6638 from corda/nnagy-os-4.6-os-4.7-20200814
NOTICK - OS 4.6 to OS 4.7 merge 20200814
2020-08-24 15:30:39 +01:00
Viktor Kolomeyko
9fc896beb3
CORDA-3960: Port MultiRPCClient to OS (#6644)
* CORDA-3960: Port MultiRPCClient to OS

* CORDA-3960: Carefully restore serialisation environment in `MultiRpcClientTest` to eliminate side effects on other tests

* CORDA-3960: Move ThreadDumpUtils.kt to `core-utils`
2020-08-18 10:35:19 +01:00
nikinagy
4cce83522e merge import fix 2020-08-14 17:27:47 +01:00
nikinagy
c9b2fa11cd Merge branch 'release/os/4.6' into nnagy-os-4.6-os-4.7-20200814
# Conflicts:
#	client/rpc/src/main/kotlin/net/corda/client/rpc/internal/ReconnectingCordaRPCOps.kt
2020-08-14 17:26:58 +01:00
Kyriakos Tharrouniatis
ac9d21f66c
CORDA-3882 - Integrate new start method with reconnecting rpc client (#6607)
* Draft version of integrating start flow with client id with reconnecting rpc client

* Add recursive reconnect

* Execute 'doInvoke' on a different thread, fixes hanging

* Tidy up code and add explanatory comment

* Add test timeout

* Add test asserting 'removeClientId' does retry to connect if the node is down

* Modify test to not create a new node on node restart

* Add test asserting 'reattachFlowWithClientId' tries to reconnect if the node is down

* Add test asserting returned flow exception future continue working on node restart

* Add assertions for reconnecting future callbacks

* Remove unused import

* Remove unused local var

* Remove unneeded line breaks

* Remove unneeded parentheses

* Amend existing test; assert flow result reconnectable future returned from 'reattachFlowWithClientId' works

* Update test names

* Add explanatory comment

* Minor comment update

* Fix accidental methods moved

* Update obsolete comment
2020-08-14 12:00:52 +01:00
Viktor Kolomeyko
d55676b452
CORDA-3959: Fix affected smoke test (#6633) 2020-08-14 09:20:11 +01:00
Viktor Kolomeyko
b81eb1559d
CORDA-3959: Eliminate InternalCordaRPCOps (#6600)
* CORDA-3959: Make `ThreadContextAdjustingRpcOpsProxy` flexible for `RPCOps` it uses

* CORDA-3959: More changes towards supporting multiple `RPCOps` implementations

* CORDA-3959: Detekt baseline update

* CORDA-3959: Integration test compilation fix

* CORDA-3959: Introduce `CheckpointRPCOpsImpl` and wire it on

* CORDA-3959: Use multiple RPCOps interfaces in the shell commands

* CORDA-3959: Detekt baseline update

* CORDA-3959: Update RPCPermissionsTests

* CORDA-3959: Update RPCSecurityManagerTest

* CORDA-3959: Remove deprecated marker and rename the property

* CORDA-3959: Detekt baseline

* CORDA-3959: Introduce AttachmentTrustInfoRPCOpsImpl and wire it on

* CORDA-3959: Delete `InternalCordaRPCOps`

* CORDA-3959: Detekt baseline update

* CORDA-3959: Rename `CheckpointRPCOps` to `FlowManagerRPCOps`
2020-08-13 14:41:52 +01:00
Tamas Veingartner
e234bd9c96
fix for Could not reconnect to the RPC server“ error on shutdown via Shell-Cli (#6595)
an RPCUtils created to centralize method name related operations
2020-08-10 09:51:24 +01:00
Tamas Veingartner
e6af60edda
NOTICK Migrate recent RPC related changes to OS, as these were initially imp… (#6532)
* Migrate recent RPC related changes to OS, as these were initially implemented in ENT only

* tests cleanup

* cleanup imports
2020-08-07 09:18:09 +01:00
Ross Nicoll
de5568854c
INFRA-438 Handle observers not having error handling (#6434)
* INFRA-438 Handle observers not having error handling

When the RPC client connection is closed, it notifies observers using onError(), which may not be the correct approach (TBD) but changing this is a much more invasive change. Where observers do not subscribe to error notifications, this is reflected to the calling client by an exception thrown.

This change catches that exception and lots it as debug rather an error level.
2020-08-05 00:05:33 +01:00
Ryan Fowler
d4189c4f37
CORDA-3918: Port of ENT-5417: Allow exceptions to propagate when shutdown commands are called (#6516) 2020-07-27 14:09:26 +01:00
Viktor Kolomeyko
a2058490ed
CORDA-3880: Streamline re-connection logic in RPCClientProxyHandler (#6426)
* CORDA-3880: Streamline re-connection logic in RPCClientProxyHandler

* CORDA-3880: Address PR review comments from @dimosr

* CORDA-3880: Explicitly mention contract around `maxReconnectAttempts`

* CORDA-3880: Handle `maxReconnectAttempts = 0` and do not re-connect
2020-07-03 09:29:43 +01:00
Dan Newton
6bc2c79e23
NOTICK NodeBasedTest take in cordapps (#6424)
In enterprise, `AuthDBTests` picked up a schema from a unit test and
included it in the cordapp it builds. This schema does not have a
migration and therefore fails the integration tests.

`NodeBasedTest` now lets cordapps to be defined and passed in to avoid
this issue. It defaults to making a cordapp from the tests base
directory if none are provided.
2020-07-02 16:14:51 +01:00
Tamas Veingartner
d97bc7dd12
ENT-5420 stop reconnecting when RejectedCommandException occurs. (#6394)
* ENT-5420 stop reconnecting when RejectedCommandException occurs.

* change to store last exception and return quietly

* changed to rethrow exception. Test added
2020-07-02 11:35:04 +01:00
Tamas Veingartner
785715106b
ENT-5379 Reconnecting RPC fixed to recognize shutdown calls and break reconnect attempts (#6316) 2020-06-08 18:03:02 +01:00
Ryan Fowler
b43e781f27
ENT-5285, ENT-5296 Ignore ForkJoinPool.commonPool threads in RPCStabilityTests (#6205)
* NOTICK Ignore JUnit time threads in `RPCStabilityTests`

* NOTICK - Ignore ForkJoinPool.commonPool as it's not related to our test

Co-authored-by: LankyDan <danknewton@hotmail.com>
2020-05-11 15:38:23 +01:00
Dan Newton
4639a8f68b
Revert "NOTICK Ignore JUnit time threads in RPCStabilityTests (#6201)" (#6204)
This reverts commit ecf74053
2020-04-30 13:17:40 +01:00
Dan Newton
ecf74053c0
NOTICK Ignore JUnit time threads in RPCStabilityTests (#6201) 2020-04-30 10:50:54 +01:00
Ryan Fowler
7dc8aa8f7c
Corda 3675 update netty (#6146)
* CORDA-3675: Update netty for security

* Try to improve thread counting in tests
2020-04-14 12:31:02 +01:00
Ryan Fowler
18c9e4a9da
Revert "CORDA-3675: Update netty for security (#6109)" (#6120)
This reverts commit 82a3f69f
2020-04-01 18:16:38 +01:00
Ryan Fowler
82a3f69f15
CORDA-3675: Update netty for security (#6109)
* CORDA-3675: Update netty for security

* Try to improve thread counting in tests
2020-03-31 10:22:10 +01:00
Dimos Raptis
963de40902
[NOTICK] - Enable check in detekt for unused imports (#6106)
* [NOTICK] - Enable check in detekt for unused imports

* Put back accidental removal of used import

* Some more accidental removals
2020-03-26 15:46:33 +00:00
Chris Rankin
493a92ca39 Merge commit '5b50ef49bcca2d1be8bb0604e1be167e3bb5da24' into chrisr3-44-merge 2020-03-06 09:55:00 +00:00
Rick Parker
e5a8888232
CORDA-3644: Add Corda-Testing tag to test artifacts' MANIFEST.MF. (#6032) 2020-03-05 17:39:55 +00:00
Christian Sailer
e38cd9ec63
ENT-5043 separate out test utils (#5998)
* Remove unused dependencies from test-common

* Explicit imports and formatting

* Add core-test-utils project

* Add dependency

* Move Kryo serialization context to node-api (not serialization as we do not want to pull kryo into the serialization lib)

* Move AMQP server serialization scheme to node api

* Move serialization tests to node-api

* Move internal test helpers without further dependencies.

* Move out some types from RPCClientProxyHandler to node-api in preparation for moving the AMQP scheme

* Move client AMQP context to node-api so we can move the test serialization rule out.

* Move InternalSerializationTestHelpers to core-test-utils

* Moved testing.core to core-test-utils

* Make detekt happy

* Add api-scanner to core-test-utils

* Remove inlined package names introduced by IntelliJ refactoring

* Update api-current.txt to account for reordering.

* Add core-test-utils to list of published artifacts.

* Add missing import

* Location of things in api text has moved again (publish name of artefact?)

* Revert all additions to the API, leaving just the reordering

* Code review: fix up core-test-utils build.gradle and introduce kryo version constant.

* Remove OpenSsl flag from ssl config stub (can't be used from node-api)

* Suppress detekt warning

* Move core test util tests to the right module

* Expose kotlin test as a transient dependency - projects have come to rely on that.

* Fix typo in package name
2020-03-03 15:55:17 +00:00
Chris Rankin
73e6a40158 Merge commit '21325dfa4fb8151e77f368e9356c16ae89c70aa3' into chrisr4-44-merge 2020-02-15 14:45:50 +00:00
James Higgs
3547b629c3
[NOTICK] Add a detekt rule to catch tests with no timeout (#5959)
* [NOTICK] Add a custom detekt rule for tests with no timeout, and fix remaining missing timeouts

* [NOTICK] Add a test for custom detekt rules and tidying

* add timeout annotation to new test

Co-authored-by: Stefano Franz <roastario@gmail.com>
2020-02-14 17:31:02 +00:00
Dimos Raptis
70e8e69a87
NOTICK - Add tests for handling of user errors in reconnecting observables (#5932)
* Add tests for handling of user errors in reconnecting observables

* detekt
2020-02-14 09:58:32 +00:00
Ryan Fowler
84be738374
CORDA-3752: rethrow non-rpc specific errors rather than try to reconnect to the server (#5922) 2020-02-13 14:08:56 +00:00
Ryan Fowler
1c80ad8be2
CORDA-3576: Use the connectionMaxRetryInterval configuration when reconnection the RPC client (#5957) 2020-02-13 13:11:39 +00:00
Chris Rankin
117108f456
ENT-4921: Ensure that CorDapp classloader is not lost with graceful reconnect. (#5954) 2020-02-13 09:25:28 +00:00
Stefano Franz
b23af5f0d2
add timeouts to all tests (#5875) 2020-02-11 10:14:05 +00:00
Ryan Fowler
d16e1126db
CORDA-3542: Use the config values for reconnecting retry interval and max reconnect attempts (#5869) 2020-01-29 13:08:54 +00:00
Ryan Fowler
597658c4ab ENT-4822: Don't attempt RPC reconnect for NotSerializableException (#2991) (#5870)
* ENT-4822: Don't attempt RPC reconnect for NotSerializableException

* ENT-4822: Don't attempt RPC reconnect for NotSerializableException
2020-01-22 11:37:38 +00:00
Ryan Fowler
4669a699c0 CORDA-3507: Use the config value for connectionRetryInterval (#5850)
* CORDA-3507: Use the config value for connectionRetryInterval rather than a hardcoded value

* CORDA-3507: Use the config value for connectionRetryInterval rather than a hardcoded value
2020-01-14 09:57:11 +00:00
Dimos Raptis
ce774e459a [CORDA-3501] - Provide option for user to specify custom serializers (#5837)
* [CORDA-3501] - Provide option for user to specify custom serializers

* Remove not needed integration test shemas
2020-01-09 11:29:16 +00:00
Ryan Fowler
e0eac8fa0d Corda 3513 rpc flow without permission (#5828)
* CORDA-3513: Don't try to reconnect for PermissionExceptions

* CORDA-3513: Don't try to reconnect for PermissionExceptions

* CORDA-3513: Add test for not reconnecting for PermissionExceptions

* CORDA-3513: Update exception message and test
2020-01-07 11:35:45 +00:00
Chris Rankin
5a41ec9b82 CORDA-3464: Also scan attachment:// URLs for custom serializers. (#5769)
* CORDA-3464: Also scan attachment:// URLs for custom serializers.

* Only scan the given classloader - ignore this classloader's parents.

* Upgrade to ClassGraph 4.8.58 - for "robustness fixes".

* Register the attachment:// URL scheme using AttachmentsClassLoader.

* Add integration test for custom serializer in contract state.

* Rename Currancy -> Currantsy, just to make the point.
2019-12-03 15:50:21 +00:00
Ryan Fowler
2abf22ccf9 ENT-4513: Add checks for closing the RPC client (#5781) 2019-12-03 11:59:00 +00:00