* Update versions of jackson and log4j (direct dependencies)
* Update versions of commons-codec and snakeyaml (indeirect deps)
* Remove version of commons-cli (unused)
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Via JNA use native scep256k1 and altbn128 libraries.
This is gated by two feature flags and is disabled by default.
* `--Xsecp256k1-native-enabled` enables native secp256k1 across all of besu
* `--Xaltbn128-native-enabled` enables native altbn128 in the precompiled contracts
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
License reporting depends on the deprecated "compile" dependency in the
root project. Restore that so that license checking can work.
Also clean out old unused license types and one unneeded dependency.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
- Updated PicoCLI from version 3.9.6 to 4.1.4 and fixed test cases that were impacted by breaking changes of PicoCLI.
- Updated the command factory to fallback to the default factory, as directed in the PicoCli v.4.0.0 release notes.
Signed-off-by: Paul Harris <paul.harris@consensys.net>
Expose following new command line parameters to enable TLS on Ethereum JSON-RPC HTTP interface to allow clients like Ethsigner to connect via TLS
--rpc-http-tls-enabled=true
(Optional - Only required if --rpc-http-enabled is set to true) Set to ‘true’ to enable TLS. false by default.
--rpc-http-tls-keystore-file="/path/to/cert.pfx"
(Must be specified if TLS is enabled) Path to PKCS12 format key store which contains server's certificate and it's private key
--rpc-http-tls-keystore-password-file="/path/to/cert.passwd"
(Must be specified if TLS is enabled) Path to the text file containing password for unlocking key store.
--rpc-http-tls-known-clients-file="/path/to/rpc_tls_clients.txt"
(Optional) Path to a plain text file containing space separated client’s certificate’s common name and its sha-256 fingerprints when they are not signed by a known CA. The presence of this file (even empty) will enable TLS client authentication i.e. the client will present its certificate to server on TLS handshake and server will establish that the client’s certificate is either signed by a proper/known CA otherwise server trusts client's certificate by reading it's sha-256 fingerprint from known clients file specified above. The format of the file is (as an example):
localhost DF:65:B8:02:08:5E:91:82:0F:91:F5:1C:96:56:92:C4:1A:F6:C6:27:FD:6C:FC:31:F2:BB:90:17:22:59:5B:50
Signed-off-by: Usman Saleem <usman@usmans.info>
Update dependencies to most current version
- except picocli which is a major version update
Alphabetize dependencies
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
This upgrade removes the intermittent failure in
NewPendingTransactionAcceptanceTest (due to prior Ethsigner
affecting the leniency of the global json parser (making it
more strict than Besu demands)).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
* Multi-Tenancy: Do not specify a public key anymore when requesting a payload from Orion, so all private keys are tried to decrypt the encrypted payload.
Signed-off-by: Stefan Pingel <stefan.pingel@consensys.net>
Upgrade dependencies except rocksdb (needs burn in testing),
picocli (reorders options), gradle (causes build server breakage), and
web3j (test failures).
* Awaitality removed a Duration object and instead uses java.time
* jackson stopped throwing a checked exception for one API
* spotless now enforces gradle formatting checks (yea!)
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* adding in spdx-license-identifier & updated check for the same; removing license check from spotless
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
* Change CheckSpdxHeader to a task.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Return plugin-api to the main repo
* Spotless
* Migrate all external plugin-api references to the project in this repo
* Add licence header
* Update repo reference for publish, even if commented
* Use real configuration for publishing plugin-api
This was tested with the
`:plugins:publishMavenJavaPublicationToMavenLocal` task and checking the
local Maven repo to make sure it was using the correct paths
Signed-off-by: Edward Evans <edward.evans@consensys.net>
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* update web3j 4.5.0 + use pantheon module in favour of core
* remove custom eea/privacy rpc calls -> use web3j instead
* overhaul the conditions -> web3j does the polling for receipts for us
* re-define a PrivacyNode - it is an object that holds a PantheonNode and an OrionTestHarness
* do not start OrionTestHarness prematurely - calling PrivacyNode.start() will start an Orion node followed by it's accompanying Pantheon node
* stop and close resources properly -> clean-up removes the created temporary directories correctly
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
This reverts commit b0238318f171078aa7097d3339988419d56592b5. Causes intermittency because of hard coded port 8545.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Rich Data for Events Plugin
* plugin-api -> api
* use BinaryData as a root and add getValue to UInt256Value
* bring rick data changes in line with proposed APIs.
Undo orthagonal naming changes.
* add size
* use log and transaction interfaces from rich data api
* update to released plugin api version and add new event listener.
* add tests
* fix acceptance tests
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* remove deprecation warnings by moving to builder based scalars
* consolidate scalars into one class
* adjust test cases to expect improved error messages
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Rename privacyGroupId to createPrivacyGroupId
Also add test for eea_createPrivacyGroup
* Update the JsonRpcError list
* Update orion version
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Update the build to require and target Java 11
* Add JVM flags to suppress specific illegal access warnings
* Remove Java 8 accommodations
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Add support for working within Network Address Translation (NAT) environments.
This adds a CLI flag `--nat-method` with two options, `NONE` (the default and
current behavior) and `UPNP.` `--nat-method` will affect what IP address and
ports are advertised via the P2P discovery and other APIs that report the
address and port for P2P actions.
`UPNP` is intended for a typical home or small office environment where a
wireless router or modem provides NAT isolation.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Add eea_createPrivacyGroup endpoint
* Update orion version
* Fix the failing create privacy group test
* Add eea deletePrivacyGroup API in pantheon
* Update Orion to 1.1.0 release
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Use the external jars to provide the plugin libraries.
* Add mavenLocal to local repositories to aid development
* Remove the :plugins project
* Move the PantheonPluginContextImpl into :pantheon
* rename a few files
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Most libraries with newer stable versions were upgraded to their
newest stable version
* One exception is RocksDB, where a previous update caused a performance
regression. the 6.0.1 update will be tested in another PR
* GraphQL got stingier about null variable maps, so empty maps were passed instead
* errorprone plugin got stricter with it's variable access
* There was a license that was slightly different, creating 2 MIT licenses in the license report.
* Gradle wanted a new almost identical wrapper jar.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Implements a GraphQL interface to expose data that conforms to EIP-1767. As the EIP specifies, the implementation should allow “a complete replacement to the read-only information exposed via the present JSON-RPC interface”.
Supported CLI options:
* `--graphql-http-enabled` to enable GraphQL
* `--graphql-http-host` and `--graphql-http-port` to configure the host and port.
* `--graphql-http-cors-origins` to set the CORS-origin policies
* The `--host-whitelist` option is respected. This option also applies to JSON-RPC and WS-RPC endpoints.
Default port is 8547. The endpoint is `/graphrpc`, so the default URL is typically `http://127.0.0.1:8547/graphql`
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>