* refactor NodeWhitelistController -> NodeLocalConfigPermissioningController
* added smart contract permissioning config
* only use SyncStatusProvider if Smart Contract Permissioning enabled
* check we are not adding self enode
* local permissioning controller isPermitted() should return true if either source OR destination is permitted
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-2348] Changes in chain head (new blocks or chain reorgs) should trigger new permissioning check
* [PAN-2348] Changes in chain head (new blocks or chain reorgs) should trigger new permissioning check
* Errorprone
* Fix changes
* Spotless
* PR comments
* Spotless
* Fix test
* Fix javadoc
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-2342] Created SyncStatusNodePermissioningProvider and NodePermissioningController
* Fix block height comparison logic
* Unit test for SyncStatusNodePermissioningProvider
* Add comment about permissioning while not in sync
* PR comments
* Fix missing final
* Fixing unit test
* Unsubscribing from Synchronizer SyncStatus updates after reaching sync
* Fix race condition
* Simplifying synchronization between callbacks
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
The P2P and discovery ports are now always dynamically assigned (set to port 0 when starting pantheon) to guarantee they always select an available port.
This however means you can't determine the ports that will be used or the enode URL for a node before it has started. The main effect of this is that nodes have to use the peer discovery process to discover each other rather than having every node in the network in the boot nodes list. A single node is started first with no bootnodes, then other nodes are started with that node as their bootnode and use peer discovery to find the other nodes as they start.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Start P2P network synchronously so the ports are guaranteed to be known before we write the ports file
Include the P2P TCP port in ports file even when peer discovery is disabled.
Load information from the advertised peer rather than the discovery listening socket.
Fix admin_nodeInfo to include the ?discport param in the enode URI when the discovery port differs from the P2P port.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Adds a PeerValidator that, when the Dao fork milestone is in use, checks that the Dao block is present on each peer when they connect and disconnects them if they are on the wrong chain.
Also:
* Make GetHeadersFromPeer task stricter in validating response matches.
* Update BlockHeadersMessage to return a list of headers
* Add more controls to DeterministicEthScheduler test util
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Reduce logging for invalid peer discovery packets. The message is enough to locate the source of the rejection.
* Reduce ECIESHandshaker logging to trace since it documents a normal flow through the handshake process.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Two changes:
* Stream chains now take up less vertical lines, only breaking on
stream operations.
* Long annotations that span multiple lines no longer have a dangling
parentesis and indent 4 spaces.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* added CLI for permissioning config file path
* added test for --permissions-config-file without param value
* merged changes from NC-1968 and set the config path on the PermissioningConfiguration object when it's created
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Makes Synchronizer responsible for deciding if it has enough peers or not rather than ProtocolManager.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* added test and DSL for node with --no-discovery
* reversed boolean for discovery
* changed to Boolean and arity = 1
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
new JSON rpc call admin_addPeer that lists a peer as a node we should always be connected to
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* ensure bootnodes are in nodes-whitelist
* added test for network config eg ropsten with --node-whitelist
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Upgrade errorprone
* Upgrade errorprone from 2.3.1 to 2.3.2
* Upgrade Jenkinsfile so that CI will use Java 11
* Suppress these new rules:
* EqualsGetClass
* ImmutableEnumChecker
* UnnecessaryParentheses
* Change code to conform to these new rules:
* BadImport
* BadInstanceof
* InconsistentHashCode
* LockNotBeforeTry
* MathAbsoluteRandom
* ModifiedButNotUsed
* UndefinedEquals
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Creating EnodeURLProperty and custom converter
* Replacing String for URI when parsing EnodeURL
* Fixing acceptance test bootnode config
* Removing invalid empty bootnode property from docker script
* Validating nodeId in Enode URL
* Adding final to method param
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Lucas Saldanha
Sally MacFarlane
Adrian Sutton
mbaxter
Chris Mckay
S. Matthew English
mark-terry
Danno Ferrin
Michael Connor