The class carpenter should refuse to carpent classes that are not
whitelisted or marked as CordaSerializable. This prevents any security
issue where a malicious message could indicate a class had a member of
some type that on construction did something bad. By respecting the
whitelist we avoid this.
As the carpeter annotates anythign it constructs as CordaSerializable,
it will always be able to carpent classes that contain memebrs that were
unknown, and thus unannotated, carpented classes
The current use of SSL RPC relies on access to the node's keystore file, and further to that some uses where using the NODE_USER to login on the p2p port.
* Transform Kotlin's EmptyList, EmptySet and EmptyMap into Java classes before serialising them.
* Transform Kotlin's EmptyList, EmptySet and EmptyMap to their unmodifiable Java equivalents.
* Contract constraints and attachment loading
Fix compiler warnings.
Fixed IdentitySyncFlowTests in confidential-identities.
Fixes.
Fix AttachmentClassLoaderTests.
Added a TODO.
Renamed cordapp service.
Fix compilation error in java code.
Fix RaftNotaryServiceTests
Fix AttachmentLoadingTest
Fix DistributedServiceTests and LargeTransactionTests.
Add cordapp packages to Verifier tests.
Refactor DummyContractBackdoor back out of internal package.
Resolve compiler warnings.
Consolidate excluding `isolated` project at top-level.
Fix contract attachment serialisation for remote verifier.
Fix integration tests for client:rpc.
Contract constraints and attachment loading
Fix compiler warnings.
Fixed IdentitySyncFlowTests in confidential-identities.
Fixes.
Fix AttachmentClassLoaderTests.
Added a TODO.
Renamed cordapp service.
Fix compilation error in java code.
Fix example compilation.
Fix RaftNotaryServiceTests
Fix AttachmentLoadingTest
Fix DistributedServiceTests and LargeTransactionTests.
Add cordapp packages to Verifier tests.
Refactor DummyContractBackdoor back out of internal package.
Resolve compiler warnings.
Consolidate excluding `isolated` project at top-level.
Fix integration tests for client:rpc.
Fixed issues with node driver and differing ZIPs.
Review changes.
Refactor GeneratedAttachment into node-api module.
Merge branch 'clint/hash-constraint' of https://github.com/corda/corda into clint/hash-constraint
Fixed compile error following rebase.
wip - test to check that app code isn't loaded from attachments sent over the wire.
Use Kotlin copyTo() rather than Apache's IOUtils.
Fixes
more fixes.
Removing unconstrained output.
More fixes.
Fixed another test.
Added missing plugin definition in net.corda.core.node.CordaPluginRegistry: net.corda.finance.contracts.isolated.IsolatedPlugin
Re-added missing magic string used in unit test.
Remove unused FlowSession variable.
* Review fixes.
* More review fixes.
* Moved Cordapp implementation to an internal package.
* More JVMOverloads.
Set things up so that the carpenter must be constructed with a Corda
white list object. Right now we don't do anything with it but this will
capture all the changes in the tests to make it "jsut work" as is before
getting into the meat of the change
Externally this is a "no op" as the serialiser factory already takes a
white list as a construction parameter and the carpenter should use that
anyway
* Added some missing types to the whitelist and removed `KeyPair`.
* Add emptyList/Map/Set for Java. Also check for duplicates.
* Remove java singleton collections since they are already added via kotlin listOf/mapOf/setOf.
* Remove advertisedServices from NodeInfo.
Introduce notaryIdentities in NetworkMapCache, that will be filled in
later from NetworkParameters. Clean up NetworkMapCache API. Expose
notaryIdentities through RPC. For now we assume as temporary solution
that notaries in NetworkMap have to contain "notary" in name.
* Further clean up of NetworkMapCache API
Remve partyNodes. Introduce getAllNodeInfos function
* Remove notaryIdentity from ServiceHub
* Address Shams review comments
* Address Andrius review comments
* Add comments, cleanup
* Fixes
* Address comments
* Yet another commit with comments addressed
* Move ServiceType and ServiceInfo to node-api
Add changelog entry. Address rest of comments.
* Minor comments
* Remove node's main identitiy from NodeInfo.
Preparation for getting rid of services + supporting multiple identities
on the node.
NodeInfo keeps multiple identities as a list. For now the first one is treated as a special one.
Introduced function chooseIdentity in CoreTestUtils as a preparation for proper handling of multiple identities in the future.
Remove legalIdentityKey from ServiceHub, add extension function - chooseIdentity on ServiceHub.
Add `me` field on FlowStateMachineImplemetation, flows should know what the calling identity is.
Remove SERVICES_PREFIX in artemis messaging layer.
* Address minor comments.
* Fixes after rebase.
Remove chooseIdentity from ServiceHub
* Rename me to ourIdentity on FlowLogic
* Fixes after rebase
* Address Ross comments, fixes
* Fix after rebase
* Fix services certificate paths
Apply Patrick's patch.
* Change how NetworkHostAndPort is parsed
Change from using a global extension function to parse
NetworkHostAndPort strings, into using a function on the companion
object. This is a lot easier for Java interop and matches the common
style used elsewhere both in Corda and in Java libraries.
* Move JAR extraction into new utils file
* Move path verification function to ArtemisUtils
Move path verification function "requireOnDefaultFileSystem()" to new
ArtemisUtils.kt file, as this makes more sense from a Java interop
perspective.
* Add JvmName to AMQPSchemaExtensions
* Add JvmName to AMQPSerializationScheme
* Revert "Move JAR extraction into new utils file"
This reverts commit 1f0f41909b68ff21cc24b5efd6a1a360393a0a14.
* Reformat code
* Run formatter on ArtemisUtils
Refactoring meant that the secondary constructor wasn't being called any
more and thus the check wasn't being made. Originally, we always
created copies of fields when constructing a schema which meant we always
called the secondary constructor, now we don't
If the serializer is going to support enumerated types then the class
carpenter also has to
Refactor the Carpenter schema and fields to add an enum type, add code
in the carpenter to generate enum's and of course add tests
* ContractState's contract type has been moved to TransactionState and is now a string representing the class name of the contract class to allow classloading of arbitrary contracts from custom classloaders.
* Upgraded isolated JAR to new version.
* Change RPCApi comments to inline from Dokka, as the existing comments are not API documentation,
and render simply as "The RPC protocol:" in several places, which is unhelpful.
* Rewrite RPCApi comments to no longer be in semi-Dokka format, but instead better reflect they are functional documentation.
* Add Dokka documentation around RPC API
* Change JvmStatics to const
AMQP doesn't define an enum type itself yet the old implementation
listed our snum type as that in the schema despite what we are actually
doing which is serialising the enum down as a list of a string and an
int accompanied by a list of AMQP choices that represent all of the enum
values
Review Comments
Use fingerprinting of the enum types to catch whenever they're changed,
include the enum constants in the fingerprint to avoid any collisions
* Fix the ToStringSerializer so it interacts with reference counting correctly, and stop ref counting byte arrays since they are invariable wrapped in an object we do reference count.
* Pull out object reference condition into a helper function shared by serialization and deserialization
* CORDA-540: Introduce mandatory reason for "kryoSpecific"
... before we forget why they are ignored in such a way
* CORDA-540: Write a test that exposes list serialization problem in AMQP mode
* Revert "Remove CompositeSignaturesWithKeys"
This reverts commit 9b3cad3
* Rename KeyFactory to CompositeKeyFactory
* Move expandedCompositeKeys into TestDSL as the only place that uses it
* Move NullKeys out of their own package
* Move remaining crypto classes into superpackage
* Move utility classes out of crypto and into utilities package
For future testing it would be nice, post serialisation, to have easy
access to the serialised objects schema so we can check how it was
serialised. Adding a helper function to return a data class that does
this in the same way we can for deserialize
Current implementation is such that if we find *a* constructor that
works for us we use that, this is of course rather non deterministic, it
also means we may not select the best constructor
for example
old versions had constructors that took
V1: A B
V2: A B C D
if current version, V3 is
V3: A B C D E
which provides secondary constructors for the above then there is a
chance we'd de-serialise objects that were serialised as V2 using the V1
constructor and thus throw away information we don't need to
Additional Changes:
Fixes following rebase onto master
If we attempt to deserialize a class and find that since it's
serialization the definition has changed we need to create a serializer
capable of evolving the serialised data and constructing an instance of
the new type
We currently cope with
* Removing members
* Adding nullable members
* Adding non nullable members if a constructor is provided that
allows us to set the old arguments and defaults the new (mandatory)
fields
* Reordering paramters
* Minor changes and expose the problem with class serialization
* Custom serializer for Class
* More changes to make TransactionEncumbranceTests pass in AMQP mode
* java.time.* custom AMQP serializers and tests. Excludes pure enums.
* Register java.time.* serializers with scheme.
* Provide default implementation of `additionalSerializers`
* Refactor Kryo contexts into separate classes, according to their use-cases. This prevents Kotlin from trying to instantiate them all every time.
* Also refactor AMQP contexts accordingly.
* Expand comments to explain why these serialisation contexts have been separated.
* Removed Requery object relational mapping usage (and associated schemas including node-schemas module)
* Fixed issues with NodeAttachmentService tests.
Cannot use JPA custom converters with Primary Key fields.
Hibernate entities require explicit call to flush() to persist to disk.
* Removed redundant requery converters (equivalents not even required in Hibernate).
* Removed remaining gradle requery dependency definitions.
* Fixed broken tests.
* Fixes for failing NodeVaultService tests:
- Dynamic SQL updates (in soft locking code)
- Explicit request by session to participate in transaction (causing "TransactionRequiredException" Executing an update/delete query)
- Explicit flush() required to persist to disk
* Updated changelog.
Fixed compiler warning.
* Fixed WHERE clause AND/OR condition.
Enforced immediate data visibility through transaction commit.
* Final fixes to address failing tests.
* Deferred all hibernate session/txn management to DatabaseTransactionManager.
* Fixed transaction boundaries in failing Cash tests.
* Fixes to address failing tests (transaction boundaries, merge detached object, config clean-up).
* Final adjustment to transaction boundaries in JUnit tests.
* Refactored AttachmentSchemaV1 into NodeAttachmentService itself and referenced from NodeServicesV1.
* Refactored HSQL UPDATE statements to use CriteriaUpdate API.
* Updated all criteria API getters to reference attribute names by type.
* Remove redundant VaultSchema entity name (required when previously using HSQL UPDATE syntax)
* Fix compiler warnings.
* Minor changes following rebase from master.
* Fixed suppress warning type.
* Ignore interfaces that are not serializable
* Annotate so test still works.
* Make methods accessible to serializer.
* Make sure interfaces are annotated in the carpenter. Expand tests to check whitelisting. Object is now whitelisted by default since it has no fields.
* Prevented Object from being whitelisted but allow arrays of Objects (i.e. pretty much an untyped array)
* Add LegalProseReference annotation
* Migrate code from autogenerated javascript to TypeScript source
* Add instructions to rebuild the web resources
* Make installWeb more reproducible
As discussed with @rick-r3 this class is no longer fit for purpose because it may break reference equality if part of the graph been serialized with Kryo and part with AMQP
Can't have default factories now, they need building with whitelist and
classloader.
Also remove completely spurious import that broke everything, have a
feeling that was something IntelliJ pulled in "to be helpful"
* Fix typo: prefered -> preferred
* Simplify KryoVerifierSerializationScheme and resolve warning.
* Add a custom serialiser for PrivacySeed so that we can avoid invoking RNG.
Removing unused default method on the factory, it was added for testing
although given there are easier ways to build factories for the tests it
was never used and doesn't need leaving in
Allow unique serializer factories to be created per unique set of
WhiteList / Class Loader pair. Remove default consruction of the
SerializerFactory to force use of the FactoryFactory to get the generic
factory and thus access to it's ClassLoader
- Adding test case that shows it should work
AS it works with concrete classes, not if we carpent up the back end
- WIP
- The current test fails because the carpenter is creating the map (for
some reason) as a linked hash map and not a normal map that we can't
serialise. Added a test to confirm that it's not the carpenter here.
Two questions really, why are we creating it as a linked has map, AFAIK
the carpenter should just be whipping up what it's told to and it's not
being given a linked map
Secondly, should we support serialisation of these objects
- Remove debug
- Remove yet more debug
Squashed commit messages
- Split up the serialiser/synthesiser tests into more manageable sizes
- WIP - found test which breaks deserialiser
Looks to be soemthign to do with synthesising a class with a container
of Interfaces
* POMs generated by publishing are now correct. The publish extension now requires an explicit call to configure the publishing instead of waiting until after evaluation. This prevents evaluation order issues with the artifact renaming code that causes the POM to have the original, incorrect, artifact names.
* Fixed new test compile issues caused by removal of some dependencies in test utils that caused webserver code to be automatically included in any project also compiling test utils.
* First stage of changing fields in NodeInfo.
Part of work related to NetworkMapService upgrade. Create slots for
multiple IP addresses and legalIdentities per node.
* NodeInfo stores HostAndPort.
Move information specific to messaging layer away from NodeInfo.
Only HostAndPort addresses are stored. Add peer name - peer handle
mapping to MockNetwork to reflect that change.
The issue arises when the server restarts, and the client is sometimes
not able to recreate its queue in time, so the server is unable to send
back a response message and just drops it, causing the client to hang.
Core corda publications and JARs now have cord or corda at the start (excluding gradle plugins). Removed an unnecessary dependency on test-utils in node-schemas to prevent an evaluation order bug in gradle.
* Fix: Add missing @StartableByRPC to fix the Raft notary demo
* Make loadConfig take a Config object, for cordformation Node
* Unduplicate User.toMap
* Unduplicate WHITESPACE regex, choose possessive form
* Use slash to make a Path
* Remove Companion where redundant
* Remove unused code
* If the p2pAddress provided by the configuration is not public, the node tries to discover the public IP:
- First by checking the network interfaces
- If not found, sends a request to the network map service
* Enable initial connection retry
* Improve error handling
* Update docs
Change the legal name of parties to be an X500 name. This ensures that we aren't converting between
common names and X500 names in various places, eliminating substantial scope for error in the conversion
process. As a result, all node names must now be full X500 names, which has impact on most configurations.
* Make CompositeKey implement PublicKey
The initial implementation of composite keys as their own distinct class separate from PublicKey
means that the keys cannot be used on standard classes such as Certificate. This work is a beginning
to modifying CompositeKey to being a PublicKey implementation, although significant further work
is required to integrate this properly with the standard Java APIs, especially around verifying
signatures using the new key type.
* First stage of making CompositeKey implement PublicKey interface. Revert to using PublicKey everywhere we expect a key.
* Move algorithm and format into companion object (#432)
Move algorithm and format into companion object so that they can be referenced from other
classes (i.e. the upcoming signature class).
* Add simple invariants to construction of CompositeKey.
Builder emits CompositeKeys in simplified normalised form. Forbid keys with single child node, force ordering on children and forbid duplicates on the same level. It's not full semantical normalisation.
* Make constructor of CompositeKey private, move NodeWeight inside the class.
Add utility function for Kryo deserialization to read list with length constraints.
* CORDA-305: Refactor CordaRPCClient into :client:rpc module
* CORDA-305: Remove the Kotlin test framework from the artifacts.
* CORDA-305: Migrate serialisation whitelist into node-api module.
* CORDA-305: Clean up unused RPC observables.
* CORDA-305: Add :client:rpc module to documentation tasks.
* CORDA-305: Include :finance into :client:rpc for its serialisable classes.
* CORDA-305: Move test classes into the correct directory.
* CORDA-305: Migrate :finance dependency from :client:rpc into DemoBench.
* CORDA-305: Update wording of TODO about handling Observables.