* Add dependencies for Utimaco HSM.
The CryptoServerJCE.jar was added in node/lib.
The node/capsule/build.gradle excludes this jar from
the final corda.jar.
* Copy the HSM Simulator utility from Network Services.
HsmSimulator.kt uses the spotify docker client to pull an
image with a pre-configured hsm simulator from our docker
registry and run it in integration tests.
* Implementation of the CryptoService interface for Utimaco HSM.
* Integration test for Utimaco CryptoService.
* Unit tests for UtimacoCryptoService (only config parsing).
* Integrate Utimaco CryptoService in AbstractNode and NodeConfiguration.
* Respond to Feedback: Remove copyright notice.
* Respond to PR Feedback: Improve integration test.
* Use custom overrides in DriverDSLImpl.startNodeRegistration
* Make Utimaco dependencies compileOnly and testCompile.
* Add integration test for registering a node that is backed by utimaco HSM.
* Respond to feedback: move HsmSimulator to different package.
* Make NodeConfiguration.cryptoServiceConf a Path instead of String.
* Add Keyfile-based login.
* Respond to feedback -- default signing algorithm.
* Respond to feedback: naming.
* UtimacoNodeRegistrationTest: explicitly verify that tx signature is valid.
* Respond to feedback: Static import assertThat.
* Rename key file for test login so it's not ignored.
* [CORDA-2219] Show message if CorDapp already exists
* Update definition of `net.corda.core.node.services.Vault$StateMetadata` in `api-current.txt` or else diff tool gets very confused.
* First pass
* Update test.
* Address review comments.
* Added docs and kdocs.
* Clean-up.
* Add extra test.
* Changes to docsite.
* Added try/catch block as recommended by Andras.
* Removed try catch block. It's not required as the checkpoint serialiser deals with this.
* Re-used existing DB session instead of creating a new session.
* Entity manager auto flushes.
* Added java friendly api.
* Addressed review comments.
* ENT-2669: Introduce option for HTTP proxy for outbound Bridge connectivity
One of our customers currently using HTTP proxy without which outbound connection from Corda Node cannot be established.
Also, propagate `trace` setting correctly down the Bridge stack.
* ENT-2669: Compilation fixes.
* ENT-2669: Revert deleted constructor back.
* ENT-2669: First stub on HTTP Proxy integration test.
* ENT-2669: Minor changes.
* ENT-2669: Reduce test to bare minimum.
* ENT-2669: Attempt to write own HttpProxy.
* ENT-2669: Another attempt to make programmatic HttpProxy work.
* ENT-2697: Disable DNS resolution before sending requests to proxies.
* ENT-2669: Switch to use Jetty HttpProxy for integration testing.
* Adds a pipeline logger ahead of the proxy stage if trace is set. The logging is removed once the proxy completes.
Define a constant for pipeline stage.
* print node-gen log when nodeInfo generation fails during bootstrapping
* add logic to print out the legal name of the node which failed to generate nodeInfo
* ENT-2655: added a lock on leader status to ensure no clients can be leader at the same time
* ENT-2655: reworked tests to not use hacky timeouts, now check for max 1 leader at any given time, improved error handling in the latch
* ENT-2655: address PR comments and use atomic int properly
* ENT-2669: Rename SocksProxyVersion into ProxyVersion
* ENT-2669: Rename SocksProxyConfig into ProxyConfig
Update documentation and make code changes such that old style configs are still parsed.
* ENT-2669: Changelog update
By default Cordaps build by corda-gradle-plugins are signed by Corda development key.
In dev mode any key can be used to sign Cordapp JAR .
In production node Corda dev keys were forbidden. This code change allows to opt-out by setting node option cordappSignerKeyFingerprintBlacklist=[] or specify more public keys to blacklist.
The option is used in production only mode.
* ENT-1394: artemis locators for HA bases on configuration
* ENT-1394: bridge artemis connection service with HA impl
* ENT-1394: added own round robin logic for artemis client connections
* ENT-1394: added support for external clustered artemis to internal RPC client
* ENT-1394: added failover listener to internal rpc client, some cleanup
* ENT-1394: remove unused import
* ENT-1394: refactored after rebasing
* ENT-1394: refactored after rebasing, addressed PR comments
* ENT-1394: got rid of HA connection service in favor of a simple check inside current one
* ENT-1394: ha locator gets its own thread to handle failover that happens behind the scenes
* ENT-1394: move ha artemis flag in the outboundConfig
* ENT-1394: haArtemis flag has default value in constructor
* ENT-1394: address PR comment, handle status change during failover
* ENT-1394: reverted usage of ha locator
* ENT-1394: ensure that on failover the p2pclient sends a fresh snapshot to the bridge
* ENT-2636: Introduce ModeSelectingChannel
Next step: Add an integration test.
* ENT-2636: Explicitly retain/release ByteBuf
* ENT-2636: Use ByteBuf API and stop using `java.nio.ByteBuffer`
* ENT-2636: Add new optional FirewallConfiguration parameter
* ENT-2636: Simplify implementation of ModeSelectingChannel
* ENT-2610: Create integration test to check response on TCP call and fixes to ModeSelectingChannel
* ENT-2610: Extend integration test fixes to ModeSelectingChannel
Doesn't currently work well for longer messages.
* ENT-2610: Extend integration test fixes to ModeSelectingChannel
Doesn't currently work well for longer messages.
* ENT-2610: Fixes to ModeSelectingChannel so it works well for longer messages.
* ENT-2610: Reflect `healthCheckPhrase` from `FirewallConfiguration` onto `AMQPConfiguration`
* ENT-2610: Incorporate review comments by @mnesbit
* ENT-2636: Extend the test to drip feed bytes one-by-one.
Also remove TRACE level packet logging for speed and log space reduction.
Logging-wise the following printed into the log every time TCP echo performed:
```
[INFO] 11:03:16,016 [nioEventLoopGroup-5-1] logging.LoggingHandler.info - [id: 0x202c2137, L:/0:0:0:0:0:0:0:0:10001] READ: [id: 0x073fda76, L:/10.18.1.203:10001 - R:/10.18.1.203:59274]
[INFO] 11:03:16,016 [nioEventLoopGroup-5-1] logging.LoggingHandler.info - [id: 0x202c2137, L:/0:0:0:0:0:0:0:0:10001] READ COMPLETE
[INFO] 11:03:16,018 [nioEventLoopGroup-6-4] netty.AMQPChannelHandler.invoke - New client connection 073fda76 from /10.18.1.203:59274 to /10.18.1.203:10001 {allowedRemoteLegalNames=null, localCert=null, remoteAddress=/10.18.1.203:59274, remoteCert=null, serverMode=true}
```
* Tidy up
* Add install-shell-extensions command
* Make cli tests use same version of picocli as everything else
* Remove initLogging from NodeStartup, it is ran earlier by CordaCLIWrapper
* Use picocli snapshot for testing
* Use RunLast() parser to invoke correct subcommands
* Deprecate old clear-network-map-cache parameter
* Restructure NodeStartup for commands
* Get rid of -c option since the flag method has been deprecated and that didn't exist in last release
* Update documentation
* Update backwards compatibility test
* Get all subcommands working
* Refactor sub commands into seperate classes
* Update docs and fix some tests
* Docs changes
* Fix merge conflicts with master
* Fix renamed parameters
* Fix test failure
* Fix compatibility tests
* Add missing compatibility test for blob inspector
* Remove blob inspector compatibility test as there are import conflicts
* Assorted doc fixes
* Addressing review comments
* More review comments
* Couple more bits
* Fix broken tests
* Fix compilation error
* More merge conflicts
* Make startup logging function a bit more sensible
* Fix broken shell extensions
* Make shell extensions work with subcommands
* Make sure parameters for deprecated options are carried through
* More review comments
* Adding some s's
* One last go
* Fix compilation error on Windows
* Revert logging changes
* Revert docs back to their original imperatively moody state
Related to CORDA-1915 Signing CorDapp JARs - Corda node rejects CorDapps signed by our development keys when running in production mode. This prevents Cordapps signed by our dev key (by default) running in production (node devMode=false).
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Documentation update to include optional `keyStorePrivateKeyPassword`.
* ENT-2610: Disruptive change to `CertificateStore` (will cause compilation failures)
* ENT-2610: Address compilation failures caused by separation of `storePassword` and `keyPassword` e.g. in `X509KeyStore`
* ENT-2610: Docs update to flag that passwords have to be the same due to Artemis limitations.
* ENT-2610: Make changes to `bridge` module.
Make private key password optional in `BridgeSSLConfigurationImpl` and extend `ConfigTest`.
Also improve exception reporting when necessary option is missing.
* ENT-2610: Fixes to `bridge` integration tests.
* ENT-2610: Whenever it comes to Dev node certificates ensure that private key password is the same as store password
or else Artemis is not going to accept that, see comment in DevIdentityGenerator.
* ENT-2610: More unit test fixes
* ENT-2610: More integration tests fixes
* ENT-2610: Fix netty code to use `privateKeyPassword` where necessary
* ENT-2610: Remove the use of `keyPassword` for `trustStore`
* ENT-2610: Compilation fixes after merge from `master`
* ENT-2610: Add an integration test which proves that diff. passwords work
