Commit Graph

3368 Commits

Author SHA1 Message Date
c1b718202c Merge fixup 2025-03-14 10:28:00 +00:00
91da445d99 ENT-12843: Merge the P2P and RPC built in brokers (#5231)
* Initial look at restricting artemis user based on connection port

* Consolidate RPC and RPCAdmin broker types

* First pass at consolidating into single P2P and RPC broker.  Passes at least one integration test (NodeRPCTests)

* Detekt fixes

* Fix dependencies of BridgeSmokeTest

* Close RPC security manager on shared broker close

* Fix return type from authenticate method to be nullable

* Fix AuthDBTests by stopping caching of RPC users failed logins and now correct permission exception is returned by RPC when user is revoked

* Fix port binding error reporting

* Fix null user to be treated as RPC user, and changed expectation of missing queue to be a permissions failure

* Fix MQSecurityAsRPCTest to have correct expectations

* Fix detekt

* Fix RPCSecurityManagerTest for change in exception thrown

* Added new tests for RPC user deletion and password change

* New RPC test for user password change (old password fails) and reduced caching time of authentication and authorisation, from 1 hour to 10 seconds, of P2P connections now they don't check expensive CRLs.

* Confine max message size checking to P2P port only

* Upgrade to Artemis 2.37.0

* Remove issuance tests as involves no P2P

* Remove issuance tests as involves no P2P

* Upgrade Artemis MQ and Proton-J

* Appease detekt to remove magic numbers

* Fix qpid jms to be a version that is compatible with our code.  No correlation with qpid version.

* Fix deprecated methods

* Revert "Appease detekt to remove magic numbers"

This reverts commit ae7942013ff3ca0f82c71d71177f8037cfeb2d66.

* Revert "Remove issuance tests as involves no P2P"

This reverts commit c5dda17bd8182ecb83dd61bfa9ff658cff114f92.

* Revert "Remove issuance tests as involves no P2P"

This reverts commit 9166541608d12952aa19e8f0c5d0cea2320da9c2.

* Add a constant for qpid version

---------

Co-authored-by: Ryan Fowler <ryan.fowler@r3.com>
2025-03-14 09:57:15 +00:00
df8f4fa3e9 ENT-12709: Replace uses of assert with correct assertion methods (#7902)
The Kotlin `assert` is only active if the `-ea` JVM flag is specified,
which it isn't. Replaced all uses with the correct assertj assertion.
2025-02-25 14:09:58 +00:00
7b6df5cc14 ENT-12568: Add ability to pass system properties to external verifier. (#7897)
* ENT-12568: Add ability to pess system properties to external verifier.
2025-01-15 16:56:32 +00:00
83a7f28c67 Add bcutil dependency for BC 2024-11-21 18:41:24 +07:00
f0c73cc95f ENT-12373: Can now cope with diff input states from diff rotated CorDapps. 2024-11-04 19:44:25 +00:00
436eca1524 ENT-12366 ExternalVerifier no longer needs legacy contracts folder, and can derive everything it needs from attachments. (#7866)
* ENT-12366 ExternalVerifier no longer needs legacy contracts folder, and can derive everything it needs from attachments.

* ENT-12366 Fix compiler warnings

* Revert "ENT-12366 Fix compiler warnings"

This reverts commit 4e884a5519.

* ENT-12366 Attempt to appease warnings in both 1.2 and 1.9 compilers
2024-11-01 16:27:36 +00:00
8a3ac3882c Merge pull request #7863 from corda/parkri/legacy-min-platform-version
ENT-11479 TransactionBuilder will not add legacy attachments once minimum platform version reaches 140 (4.12)
2024-10-31 14:17:33 +00:00
33592910ee ENT-11479 TransactionBuilder will not add legacy attachments once minimum platform version reaches 140 (4.12) 2024-10-30 18:05:13 +00:00
33cf48e04b ENT-12366: External verifier now sets appclassloader to legacy contra… (#7855)
* ENT-12366: External verifier now sets appclassloader to legacy contracts directory instead of the cordapps directory.
* ENT-12366: Now check legacy-contracts exists before start external verifier.
2024-10-28 15:28:50 +00:00
38d7d71a63 ENT-12248 Support for a new legacy-jars directory of 3rd party JARs for the external verifier 2024-10-08 10:09:39 +01:00
6f4ec5d9e5 ENT-11975: Contract key rotation (#7806)
ENT-11975: Contract key rotation implementation.
2024-10-02 12:53:11 +01:00
1d8cf545b0 ENT-12072 ENT-12073 Fix merge of NotaryCertificateRotationTest 2024-08-13 17:47:56 +01:00
967402122c Merge branch 'release/os/4.12' into merge-release/os/4.11-release/os/4.12-2024-08-13-341
# Conflicts:
#	docker/src/docker/DockerfileAL
#	node/src/integration-test/kotlin/net/corda/node/services/identity/NotaryCertificateRotationTest.kt
2024-08-13 17:26:41 +01:00
237d0032ea Merge branch 'release/os/4.11' into merge-release/os/4.10-release/os/4.11-2024-08-12-297
# Conflicts:
#	constants.properties
#	core-deterministic/build.gradle
#	core/src/main/kotlin/net/corda/core/flows/ReceiveTransactionFlow.kt
#	serialization-djvm/src/test/kotlin/net/corda/serialization/djvm/DeserializePublicKeyTest.kt
2024-08-13 10:22:05 +01:00
ed3875c8b7 Merge branch 'release/os/4.10' into merge-release/os/4.9-release/os/4.10-2024-08-12-297 2024-08-12 19:27:12 +01:00
38f24d33ba ENT-12072 ENT-12073: Check notary whitelist when resolving old identities and don't depend on network map availability first for old network parameters (#7781)
Nodes currently will try and resolve network parameters from the network map and fail if it not available, rather than preferring the availability of a node they are currently interacting with.

A migrated notary identity could not be resolved on new nodes added post-migration, but the old identity is available in the network parameter notary whitelist.

Added a test that covers both bugs in a single reproduction test that simulates the scenario in which both were uncovered.
2024-08-12 19:19:30 +01:00
4ed675e56d ENT-12008: Upgrade artemis and resolved deprecated methods. 2024-07-17 11:37:43 +01:00
bb91f46fee Add add-opens to fix ENT-11847 2024-06-18 16:42:45 +01:00
a2a89d3f96 Add support for multiple add-opens CLI args to CordaCaplet 2024-06-18 15:32:53 +01:00
8aba2ba35f ENT-11094: Do nothing for paused flows. Matches 4.11. 2024-06-13 17:30:34 +01:00
613acb8b94 ENT-11113, ENT-11903: Ignore this flaky test. 2024-06-10 12:52:28 +01:00
1866a02cf3 ENT-11113: Increase timeout from 5 secs in scheduler test, see if solves intermittent failure on Jenkins. 2024-06-05 16:25:34 +01:00
d74a6b6fae Merge pull request #7735 from corda/jzadroga/ent-11858/add-add-opens
ENT-11858: Add missing add-opens for CRAFT4 Archiving CorDapp
2024-05-23 09:32:08 +01:00
1cd62347f3 Add missing add-opens for sun.security.ec 2024-05-22 14:54:13 +01:00
5f994fde18 Un-ignored tests for JDK17 2024-05-21 17:08:17 +01:00
ba71b8606b ENT-11802: Resolved messages regarding execution optimisations have been disabled. 2024-04-23 11:51:08 +01:00
275ba7549a ENT-11722: Check at when load cordapp that the 4.12 cordapp is signed… (#7720)
* ENT-11722: Check at when load cordapp that the 4.12 cordapp is signed by same signers as legacy cordapp.
2024-04-19 17:12:54 +01:00
0f713aaa44 ENT-11003: Upgraded Jetty and Jersey. (#7715)
* ENT-11003: Upgraded jetty and jersey. Fixed up simm valuation demo.
2024-04-18 09:40:42 +01:00
6c4b8fdf23 ENT-11657: Upgrade artemis. (#7707)
* ENT-11657: Upgraded artemis.

* ENT-11657: Reverted dependencies task leftin.

* ENT-11657: Upgraded log4j and slf4j.
2024-04-03 11:15:00 +01:00
72778b7fb0 ENT-11728: Switched to LTS version of BC. Also removed PQC algos as n… (#7706)
* ENT-11728: Switched to LTS version of BC. Also removed PQC algos as not supported in LTS.
* ENT-11728: Removed the SPHINCS PQC algorithm.
* ENT-11728: Added dependency on bcutil to fix missing class error.
2024-04-03 11:14:19 +01:00
3ffd77add3 Merge pull request #7702 from corda/shams-enable-warnings-as-errors
ENT-11717: Re-enable warnings as errors on Jenkins
2024-03-28 09:58:21 +00:00
d576588676 ENT-11717: Re-enable warnings as errors on Jenkins 2024-03-27 11:21:43 +00:00
abed48f0ba ENT-11301: Fixed StateMachineFinalityErrorHandlingTest
Switched to a instrumenting a normal class method since something about interface methods are not working.
2024-03-27 10:48:29 +00:00
62819f27f0 ENT-11126: Use UNIX domain socket for communication with external verifier
These have the advantage of being more secure as only the current user has access to them and faster than local TCP as it avoids the entire TCP stack.
2024-03-26 11:04:04 +00:00
6e3374c2c8 Merge pull request #7686 from corda/shams-legacy-contract-deps
ENT-11445: Support legacy contract CorDapp dependencies
2024-03-20 12:10:35 +00:00
0849f91d45 Merge pull request #7695 from corda/shams-eddsa-service-keys
ENT-11662: Use EdDSA when generating notary service identities
2024-03-20 12:10:10 +00:00
17bab482ad Merge pull request #7696 from corda/shams-unused-test-jars
ENT-11095: Delete test resources which are no longer used
2024-03-20 12:09:40 +00:00
4f4a6fbcf0 Merge pull request #7690 from corda/merge-release/os/4.11-release/os/4.12-2024-03-14-174
ENT-11620: Merging forward updates from release/os/4.11 to release/os/4.12 - 2024-03-14
2024-03-19 14:35:43 +00:00
1c5b216ed8 ENT-11095: Delete test resource jars which are no longer used 2024-03-19 11:28:03 +00:00
e860c67086 ENT-11662: Using EdDSA keys when generating notary servive identities
It was previously generating TLS keys, which seems to have been an oversight.

Using EdDSA also has a slight performance edge, as there's some mutex contention when ECDSA keys are used.
2024-03-19 10:12:10 +00:00
9d57caebed ENT-11661: Replaced SunEC Ed25519 implementation with Bouncy Castle
It turns out the JDK implementation (`SunEC` provider) of Ed25519 signature verification is quite slow, slower than the abandoned library (i2p) it replaced. This has been replaced by Bouncy Castle, whereby the `EDDSA_ED25519_SHA512` signature scheme uses it. `SunEC` still remains the default implementation. `Crypto.toSupportedPublicKey` (and `toSupportedPrivateKey`) were tweaked to make sure any `SunEC` keys are converted to Bouncy Castle. The presence of two different `EdECPublicKey` implementations for the same key causes cache misses in `BasicHSMKeyManagementService`, resulting in another performance degradation.
2024-03-19 07:48:22 +00:00
8c90524fdf ENT-11620: Removed unused import. 2024-03-15 11:29:18 +00:00
2bcb2ba945 ENT-11620: Fixed to work with 4.12 class heirarchy. 2024-03-15 11:10:19 +00:00
352931179a Merging forward updates from release/os/4.11 to release/os/4.12 - 2024-03-14 2024-03-14 11:45:48 +00:00
121ec42d6c Merging forward updates from release/os/4.10 to release/os/4.11 - 2024-03-13 2024-03-13 17:23:47 +00:00
7946958804 Merge pull request #7687 from corda/cc/dev/os/4.12/ent-11514/add_opens
ENT-11514 - More --add-opens JVM args
2024-03-13 11:06:51 +00:00
99faeaf667 ENT-11620: Set the thread context class loader so all fibres involved in a flow has the thread context class loader set to the app class loader. 2024-03-13 11:01:41 +00:00
b3265314ce ENT-11445: Support legacy contract CorDapp dependencies
The `TransactionBuilder` has been updated to look for any missing dependencies to legacy contract attachments, in the same way it does for missing dependencies for CorDapps in the "cordapps" directory,

Since `TransactionBuilder` does verification on the `WireTransaction` and not a `SignedTransaction`, much of the verification logic in `SignedTransaction` had to moved to `WireTransaction` to allow the external verifier to be involved. The external verifier receives a `CoreTransaction` to verify instead of a `SignedTransaction`. `SignedTransaction.verify` does the signature checks first in-process, before then delegating the reset of the verification to the `CoreTransaction`.

A legacy contract dependency is defined as an attachment containing the missing class which isn't also a non-legacy Cordapp (i.e. a CorDapp which isn't in the "cordapp" directory).
2024-03-13 10:58:11 +00:00
ea93a5f560 Extra add-opens to support corda-shell 2024-03-12 15:45:19 +00:00