Temporally treating META-INF/INDEX.LIST as unsignable entry because java.util.jar.JarVerifier doesn't load its signers. https://r3-cev.atlassian.net/browse/CORDA-2177 for further investigation.
Column vault_fungible_states.issuer_ref were never set to non-nullable so no need to drop this constraint - this will be also removed from OS as separated PR. The issue detected against Oracle db which doesn't allow set column constraint to NULLABLE if it's already NULLABLE.
Added new table to test setup/cleanup.
* first attempt at a flowManager
fix test breakages
add testing around registering subclasses
make flowManager a param of MockNode
extract interface
rename methods
more work around overriding flows
more test fixes
add sample project showing how to use flowOverrides
rebase
* make smallest possible changes to AttachmentSerializationTest and ReceiveAllFlowTests
* add some comments about how flow manager weights flows
* address review comments
add documentation
* address more review comments
* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
The contract upgrade handler assumes that the state to be upgraded is
created by a WireTransaction. This breaks the upgrade process if it was
in fact issued by a ContractUpgradeWireTransactions or a NotaryChangeWireTransaction.
* Move Raft and BFT notaries into separate modules
* Move schemas
* Fix tests & demos
* Modified logic for creating notary services:
Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.
For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.
* Move test namedcache factory to test utils
* Added constraint type information to vault states table.
* Added Vault Query criteria support for constraint data.
* Added documentation and changelog entry.
* Added missing @CordaSerializable.
* Fix minor bug in test setup and parsing code.
* Use binary encoding data types instead of serialize/deserialize.
* Optimized storage of constraints data.
Additional assertions on Vault Query constraint data contents (to validate encoding/decoding).
Tested with CompositeKey containing 10 keys.
* Addressing PR review feedback.
* Query by constraints type and data.
* Revert back accidentally removed code for contractStateType filtering.
* Incorporating final PR review feedback. Use @JvmOverloads on constructor.
* Make sure constraintInfo is class evolution friendly.
* BoringSsl dependency
* Merge over boring_ssl changes
* Merge over boring_ssl changes
* Upgrade netty-tcnative (and netty to compatible version)
* Add openSSL flag to SSLConfiguration and implementations.
* Make SSL implementation switchable for Artemis
* Parameterize AMQP bridge tests on use of openSSL
* Plumb through open SSL flag to AMQP client/server.
* Add open ssl flag to reference.conf
* Slight clean-up
* Add LoggingTrustManagerWrapper for OpenSsl contexts
* Remove unneeded lazy and check for double wrapping
* Fix TrustMangerWrapper and test, clean-up
* Add key factory wrapper to get the current certificate chain out.
* Use cert chain returning key mananager factory to get local cert
* Force consistent netty-tcnative version across all dependencies
* Make proton wrapper tests check all combinations of client/server native/java SSL
* Add test netty server/client to run SSL tests with
* Simplify usage of test netty components and clean up
* Improve exception handling in NettyTestHandler
* Add openSSL test for X509UtilitiesTests
* Expose engine for test usage
* Add the X509 peer chain check from the socket based test
* Port of TLSAuthenticationTests to use Netty so we can use different SSL providers, add boringSSL tests
* Adapt tests to new config structure
* Readd `useOpenSsl` configuration
* Readd `useOpenSsl` configuration
* Fix up ArtemisTransport for OpenSSL plus tests
* Adapt auth tests
* Formatting
* Remove obsolte file
* Fix config misnomer
* Add SNI host logic to OpenSSL execution branch
* Remove TLS_DHE_RSA tests
* Make exception handling in the netty test infra deterministic
Add SQL setup in new test classes which were missing it.
Ignoring H2 tests when running against standalone database.
Revert datasource Enterprise specific configuration for RaftTransactionCommitLogTests.kt test, and mark it as required for test in database mode.
* Separate out Checkpoint serialization
* Update kdocs
* Rename checkpoint serialization extension methods
* Fix bungled rename
* Limit API changes
* Simplify CheckpointSerializationFactory
* Add CheckpointSerializationScheme to API checker
* CheckpointSerializationScheme should not be implemented
* Move checkpoint serialisation to internal package
* Remove CheckpointSerializationScheme from api-current
* Quarantine internal classes
* Remove checkpoint context from public API
* Remove checkpoint context from public API
* Fix test failures
* Completely decouple SerializationTestHelpers and CheckpointSerializationTestHelpers
* Remove CHECKPOINT use case
* Remove stray reference to checkpoint use case
* Fix broken test