1. 16 Jul, 2018 1 commit
    • Jason Yellick's avatar
      FAB-10292 Update protobuf to v1.1.0 · 03104e71
      Jason Yellick authored
      Protobuf was slated to be updated already, but there is a long list of
      incompatibilities with the current source tree.
      Thi CR updates protobuf to v1.1.0, and addresses those
      incompatibilities.  Most of the changes are quite rote and fall into one
      of three buckets.
      1. Code which uses non-keyed field initialization.  (ie, initializing a
      struct like MyStruct{value1, value2, value3}).  The newer generated
      protos produces structs which have additional non-field members.
      Structs should always be initialized with named fields, regardless of
      whether they are protos or not.
      2. Code which assumes that reflect.DeepEqual between two protos with the
      same fields will return true.  This has never been the case, especially
      when considering protos with slice or map fields, but with proto v1.1.0
      with the addition of caching and other members to the proto structs, it
      is even less true.  The correct call is proto.Equal.
      3. Code which assumes that proto fails on bad inputs -- the proto ...
  2. 26 Apr, 2018 1 commit
    • yacovm's avatar
      [FAB-9479] Filter out MSP IDs before computing layouts · bec6f848
      yacovm authored
      This change set makes the endorsement analysis logic to filter
      out principal sets that have MSP IDs which don't have peers
      with the chaincode installed at all.
      This is needed for implementing support for cc2cc calls,
      because when computing cc2cc endorsement policies we compare
      principal sets, and merge principal sets such that one set
      contains the other.
      However- even though a policy might have an MSP ID in it,
      doesn't mean the peers of that MSP ID have the chaincode installed on them.
      Therefore, we need to prune these principal sets beforehand in order
      for them no to appear as input to the combined endorsement policy evaluation
      which would be implemented in future change sets.
      The change set also prepares the ground for cc2cc and collection
      support by changing the signature of PeersForEndorsement to have
      a chaincode interest which aggregate several chaincodes and collections.
      Change-Id: If382b4254797684ffef20e182ae744f5c5f3dfa7
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
  3. 12 Mar, 2018 1 commit
    • yacovm's avatar
      [FAB-7535] Signature policy SatisfiedBy set · df2cdd7c
      yacovm authored
      In order for the discovery service to tell which peers are
      needed to endorse a certain chaincode, it needs to query
      the policy to obtain all combinations of principals,
      such that each combination can satisfy the policy
      given enough peer signatures have been collected.
      This change set creates an InquireablePolicy which is an
      enhanced version of a Policy and currently only signature policies
      can be used to create it (more to be added in the future).
      The InquireablePolicy has a method SatisfiedBy() []PrincipalSet
      which computes a slice of PrincipalSet.
      A PrincipalSet is a slice of MSP Principals (with repetitions),
      such that if enough signatures are collected from peers that
      satisfy the principal, the entire policy can be satisifed.
      In other words, the InquireablePolicy computes ways of satisfying
      the endorsement policy.
      Change-Id: I9e8315096cd18478854d219eab0c9a91eb7a05d6
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
  4. 02 Nov, 2017 1 commit
    • Baohua Yang's avatar
      [FAB-3603] Enable more strict code checking · dcf36eb5
      Baohua Yang authored
      * Update the linter script to checking go vet result when `make linter`;
      * Add the new created idemix path to the check list;
      * Update source code to pass the more strict checking;
      * Fix several wrong usages in Error msg.
      Change-Id: I1ed61745079726df00643206069b56b9846fa1c1
      Signed-off-by: default avatarBaohua Yang <yangbaohua@gmail.com>
  5. 30 Aug, 2017 1 commit
    • Jason Yellick's avatar
      [FAB-5814] Make policies.Manager immutable · f3600cc0
      Jason Yellick authored
      In this change series to make the channel config immutable, up until
      now, the focus has been on removing dependencies on the conflation
      between the configtx authorization and the config parsing.  The real
      payoff however is in removing the complicated state tracking logic from
      all of the assorted mutable components.
      This CR tackles the policies.ManagerImpl, which traditionally must
      maintain a map of pending changes, create multiple implementations of
      the manager, then stitch them together into a working hierarchy on
      commit.  This is a great example of the simpliciation which comes from
      not treating these structures mutably, as the complexity is lowered
      This also means that the temporary "poor man's policy parsing" may be
      Change-Id: Ia5d0f507730fe5a230ddff1b7e987cdced460790
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  6. 12 Aug, 2017 1 commit
    • Jason Yellick's avatar
      [FAB-5715] Rm policies.Manager unused interfaces · 82b96121
      Jason Yellick authored
      There are some methods in the policies.Manager interface which are not
      used outside of the policies package.  This makes other implementations
      and mocks of this interface more difficult to do, and generally goes
      against the go best practice of defining small interfaces.
      Change-Id: Icb44640d950704f43ea8e5670dd403c3b81b3075
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  7. 04 Aug, 2017 1 commit
    • Jason Yellick's avatar
      [FAB-5522] Log policy manager path for GetPolicy · 7a9d7dc4
      Jason Yellick authored
      The configtx processing looks up policies by relative name, which triggers
      finding the right policy manager, then querying the relative name.  The problem
      with this however, is that the logs only show the relative name, which can make
      debugging challenging.
      Change-Id: I49ce4cba89a10a433a932f5e61f90a38ef34534a
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  8. 07 Mar, 2017 2 commits
  9. 21 Feb, 2017 1 commit
    • Jason Yellick's avatar
      [FAB-2408] Fix policies absolute paths · f777ba70
      Jason Yellick authored
      While the policy manager was still in development, the absolute path
      resolution for policies was handled in the configuration manager.  This
      worked fine for config updates, but for other components of the system
      such as those depending on the 'ChannelApplicationReaders', the absolute
      paths did not work.
      This CR pushes the absolute policy path resolution back into the policy
      manager where it belongs.
      Change-Id: Idcfa2ca030115b3ff9e3034f8c54767af1c2ea49
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  10. 17 Feb, 2017 1 commit
  11. 02 Jan, 2017 2 commits
    • Jason Yellick's avatar
      [FAB-1420] Convert signature policy to provider · bad7bdc6
      Jason Yellick authored
      The cuathdsl signature policy type used to be the only policy type
      available.  In order to allow new types of policy, a provider framework
      is needed.
      This changeset introduces the provider framework and converts the
      existing cauthdsl based signature policy work to be one of these
      Finally, in response to some changeset feedback, it also introduces the
      notion of a SignedData struct which can be common to all of the crypto
      implementations (and signficiantly simplifies the interface
      Change-Id: Ib67ff9f6de0433f73c96e5a4b229f1587a0f0363
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
    • Jason Yellick's avatar
      [FAB-1416] Make Policy message more generic · 46f7af05
      Jason Yellick authored
      Today, the Policy message uses a oneof construct to enumerate the
      allowable values.  This makes coding somewhat more convenient, but it
      makes extending things with additional types more difficult.
      This changeset switches the Policy message to use the more traditional
      integer enumerate type with marshaled bytes construct.
      Change-Id: Ic8e51ce4d1fa5e7fa99352e7dcb456a5b51f6e39
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  12. 28 Dec, 2016 1 commit
  13. 12 Dec, 2016 1 commit
    • Jason Yellick's avatar
      [FAB-1280] Create fabric common components · 90284240
      Jason Yellick authored
      There are components in the orderer/common directory which are of more
      general use outside of the orderer, such as the cauthdsl, configtx, and
      policies components.
      Because there are likely other useful common components, such as the
      impending gRPC server, logging, and msp/bccsp work, this changeset
      creates a fabric/common directory and moves the above listed components
      from the orderer to this directory.
      Change-Id: I01765f1833685f768079211542f3b0ab4b00ed0e
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  14. 10 Nov, 2016 1 commit
    • Jason Yellick's avatar
      Move configuration tx to common protos · bc358a50
      Jason Yellick authored
      The configuration transaction must be read by anyone who wishes to
      understand a chain.  This means that it does not belong with the orderer
      protos where it previously resided.
      This changeset moves the configuration transaction proto definitions out
      of the orderer proto dir and into the common proto dir.
      Change-Id: Idd03b8e18dd096826b9c3fbea5e648996fed6693
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  15. 07 Nov, 2016 2 commits
    • Jason Yellick's avatar
      Update common/orderer protos · 83917c58
      Jason Yellick authored
      This changeset incorporates feedback on the move towards sharing common
      proto definitions between the orderer and the peers.  In particular, it
      splits the Header into a ChainHeader and a SignatureHeader, where the
      ChainHeader is usually common to a transaction or configuration item
      while the SignatureHeader provides the fields necessary to provide a
      secure signature (an identity, nonce, and epoch). (But the signature is
      usually over both plus some other data)
      It also incorporates some other changes, like making the type not be
      enumerated (with reserved fields 0-10k) but and moves the existing
      enumerations out of the message so that their integer equivalent can
      still be shared across implementations.
      Change-Id: Ia8fdb253bb42dc25a18c05100642ec942d9253ec
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
    • Jason Yellick's avatar
      Merge orderer protos into main protos · c0ba3c23
      Jason Yellick authored
      This commit begins the work of codifying a single set of common protos
      which both the orderer and fabric access, plus a specific set of orderer
      protos which are necessary to interact with the ordering service.  In
      the future, it is expected that the peer protos will go into their own
      directory (importing the common protos).
      This changeset looks a little scarier than it is, because the effects of
      changing these paths are far reaching indeed, but should be relatively
      easy to review.
      Note that this is the first ever cross-directory-dependent protos
      included in the fabric.  This means the generation incantations change a
      little.  Instead of importing the directory which contains the protos,
      instead, a common root directory must be picked.
      The compile_protos.sh has been changed to look for .protoroot files and
      if present use this as the proto compilation root, rather than the
      directory containing the proto.
      Change-Id: I619ea2c50ffd450640dafbddc7d7e5f34f809f3b
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  16. 04 Nov, 2016 1 commit
    • Jason Yellick's avatar
      Rework and document config transaction · ccdaae16
      Jason Yellick authored
      Building off the standardized Envelope message, the configuration
      structure can now be finalized.
      The changes in this changeset are largely cosmetic rather than
      functional, fixing names to align with comments received and documenting
      the configuration tx flow based on the new top level envelope.
      Change-Id: Ia0224fff28840c61ec45df2509681aa6ce0f408b
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
  17. 25 Oct, 2016 1 commit
    • Jason Yellick's avatar
      Add a Policy Manager · d5d01e4b
      Jason Yellick authored
      In order to enforce policy for configuration there must be a policy
      manager which tracks the policies and evaluates them.
      This policy manager is designed to be updated by the config manager,
      which itself depends on the policy manager.  This loop is broken because
      the policy manager stands on its own, and validates configuration
      changes first, and then is atomically updated to the new policy
      configuration if the new config (and policy) is admitted by the existing
      Note that the mechanism for updating policy seems somewhat strange,
      namely Begin, Propose, ..., Propose, Commit/Rollback, rather than simply
      supplying a new set of policy.  This is done in order to accomodate the
      design of the configuration manager (which comes next in this patch
      This resolves:
      Change-Id: Ie4b85aed2622d34e9b29d10c46f39b266ac9a936
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>