This allows a different signed version of the same CorDapp to be automatically trusted.
This reverts "[CORDA-2575] Allow users to whitelist attachments by public key config (#5035)"
The Signature Constraint documentation in `api-contract-constraints`
was very limited and referred to the design doc for most information.
Information was extracted from the design doc and added to the main
documentation.
* Initial version of new(old) dialog that won't print a stacktrace for rpc exceptions.
* Decoupled CordaVersionProvider. Moved common files to common-logging to lower dependencies on the node explorer.
* Removed unused import and duplicate documentation comment.
* Moved error code rewrite policy in the new common/logging module according to PR review.
* Removed extra line.
* Updated log4j configurations with new package name where logging policies will be contained.
* Included common-logging module with cliutils.
* ENT-3057: Log hibernate warns and errors in different log
If a hibernate error occurs (deadlock, for example) that would cause a flow to be sent to the hospital, hibernate logs the warnings and errors before we do. This results in duplication in the logs, and pollutes the log. To solve this, we create a new log appender named diagnostic-{node-name}.log and log any org.hibernate messages of warn and above to that file. This way, messages are not lost, which means that the information can be retrieved if need be.
* Corrected indentation of comment (changed tab to space)
* Updated node-administration document to mention diagnostic logging change
* Fixed integration test. It was breaking because it was fetching the first log file in the folder, assuming there would be only one. This assumption is now invalid because the diagnostic log file that was introduced. Two tests were found that used similar logic to find a log file to examine, hence both were corrected to look for log files beginning with "node"
* Updated documentation as per review comments.
There's a bug with the ServiceLoader which leaks a file handle to the app jar on shutdown. This causes an issue if a mock node is restarted in Windows. To avoid the problem completely we no longer overwrite any existing jars, as the jar to be copied will be same anyway.
(cherry picked from commit 0038a86481)
TestCordapp – disable daemon on internal gradle process
The TestCordappImpl runs gradle to build cordapp jars required for tests.
The started gradle process reuses a Gradle daemon that's potentially already
used for running the tests causing the JVM to die with SIGBUS.
CORDA-2595 - Fix test and api.
CORDA-2595 add test
CORDA-2595 fix tests
CORDA-2595 fix test and address code review comments
CORDA-2595 address code review comments
* First pass at fixing 2563.
* In memory KMS now maps keys to IDs.
* CreateDatabaseAndMockServices now creates a persistent key management service and a can take a persistent identity service, so now the external id mapping works for mock services.
* * Created a helper for mock services which allows the creation of a mock services with persistent identity management service key management service and vault.
* MockNode now uses persistent key management service - not sure why it didn't do before?
* * MockNode now uses BasicHSMKeyManagementService
* Updated api-current file
* Little fix required after rebase to master.
* Fixed broken test.
* Added informative error messages to UnsupportedOperationExceptions thrown by E2ETestKeyManagementService.
* Removed redundant private constructor for mock services from api-current.txt.
* Addressed Rick's comments.
* Create a new custom migration for populating the state_party table and the relevancy_status column within the vault_states table when migrating from V3 to V4.
* Add a corresponding unit test suite.
* Small refactorings to expose data required by the migration: the isRelevant function in the NodeVaultService, and the node's legal name from the configuration.
Previous implementation was in LedgerTransaction and focused only on contract classes,
but every package matters.
Also fixes some exception types and does misc refactorings.
Take out a useless parameter from a method that was added to the public
API, document it. Add some comments explaining more about why we are
looking up attachment versions in WireTransaction.toLedgerTransaction.
* Add FetchParametersFlow
* No downgrade parameters in ResolveTransactionsFlow
Make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise). We ensure that by checking that epochs of network
parameters in the transaction chain are ordered.
* Addressed some minor items from RP review feedback.
* Refactoring following rebase from master.
* Address RP PR review comments (round 2)
* Addressed a couple of minor PR review points.
* Renaming of unit tests and cleanup.
* Changes discusses with RP to ensure Network Param checking is applied at txn verify time + resolve order checking gated on existence of tagged NPs in txn and associated minimum platform version.
* Do not fail on missing ServiceHub impl + return nothing if txn not NP tagged.
* Unify HistoricNetworkParametersStorage and
NetworkParametersStorageInternal
* SignedDataWithCert implements NamedByHash
* Cleanup
* Move parameters ordering check to signed transaction resolution
* Fixes after merge, address comments
* Address Andrius comments
This includes all of the cash selection logic, JSON support using jackson and a bunch of utilities which are not relevant to contract verification. The exception to this are Interpolator which has been moved to the IRS demo, and PhysicalLocationStructures.kt which is now in explorer.
* Allow for duplicate (contract class, version) signed attachments in devMode.
* Code clean-up.
* Fix compilation error in test code.
* Additional gating/warning and added Unit test for development mode behaviour.
* Start pooling classpath scanning
Quickly patch synchronisation of attachment class loader cache. Needs a revisit but more complicated due to DJVM.
Annotate away for DJVM
Take ClassGraph utils into their own file so we can exclude for DJVM
Clean up a little
* Daemonize the threads
* Seems to be some concurrency problems with use of ClassGraph. Using a mutex for now to work around.
* Removed `restart node successfully with suspended flow` as it duplicates `TraderDemoTest#Test restart node during flow works properly`
* Removed the need for a notary
* Update changelog with changes to vault queries
* Move choice of relevancy state to QueryCriteria
* Ensure relevancy default is correct for all query types
* Remove superfluous imports
* Update documentation for queries using state relevancy
* Fix merge damage
* Revert change to use RELEVANT as the default and update docs
* Revert missed instance of relevancy change
* Rewrite of upgrade notes for vault state query updates
* Address review comments
The gradle process that runs the tests keeps an exclusive hold on built jars in Windows, which means if a test wants to get hold of the CorDapp, and it's requested from the same module, it will fail. Now instead of deleting the "libs" dir we just use the latest created jar.
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Add whitelists and custom serializers from cordapps to serialization context
* Remove changes in TransactionBuilder, add caching
* Address comments
* Increase node memory for SIMM integration test
* Cache only serialization context
* Increase integ test timeout
* Fix API breakage
* Increase max heap size for web server integ test
* Move classloading utils from separate module to core.internal
* Adjust heap size for more integ tests
* Increase time window for IRS demo transactions
* Fix determinator
* Add parameter in core-deterministic
* Stub out class-loading method for DJVM
The version of contract attachments that are whitelisted should be read from NetworkParameters.whitelistedContractImplementations.
It use the lattes network map from db with the highest epoch.
Corda Node ensures a given contract class and version can be sourced from only one signed and trusted Attachment (JAR).
An attempt to import a signed JAR as a trusted uploader (or promote to be trusted) with a class and version already present in the other trusted Attachment will raise DuplicateContractClassException.
Minor fixes to Hibernate Attachment Query parser (original query to select attachment without signers would always return no attachments)