- 01 May, 2018 1 commit
-
-
Alessandro Sorniotti authored
The aim of this change set is to apply the well-established "Secure by default" security principle to the way the validator validates transactions in a block. The current code behaves as follows: create an array of validation codes, set by default to "all transactions are valid"; then perform validation which may mark transactions as invalid. Furthermore, in other parts of the code, if no array of validation codes is yet persent in the block, a new one is indiscriminately created (again, marking all transactions as valid). This approach is a security anti-pattern because it opens up to attacks where an adversary may force the code through a path where the default "tx is valid" validation code is maintained even for invalid txes. This change set ensures that validation code arrays are created and set to a new value (TxValidationCode_NOT_VALIDATED) which ensures that a transaction that hasn't been validated cannot be mistaken for a valid one. Change-Id: I5dbb18dd77af3cd14b168042ae660e4e27bf29dd Signed-off-by:
Alessandro Sorniotti <ale.linux@sopit.net>
-
- 30 Apr, 2018 4 commits
-
-
Artem Barger authored
Populate PrivatePayload gossip message with additional information about simulation and collection configuration available at the endorsement time to support distribution of private data in light of collections membership changes. Change-Id: I0542e85afbeb9b1a273e53ae34161977dc1bb4d4 Signed-off-by:
Artem Barger <bartem@il.ibm.com>
-
Artem Barger authored
Add two new fields to the PrivatePayload to include information about the simulation time ledger height and the collection configuration available at endorsement time. Change-Id: Ie469d09c9155e65e4701ea9f2336f0bde1ef8f36 Signed-off-by:
Artem Barger <bartem@il.ibm.com>
-
Gari Singh authored
-
Gari Singh authored
-
- 29 Apr, 2018 2 commits
-
-
Artem Barger authored
-
Christopher Ferris authored
Change-Id: I763ede8583834fc419303c0989d4bfe79801bee5 Signed-off-by:
Christopher Ferris <chrisfer@us.ibm.com>
-
- 28 Apr, 2018 1 commit
-
-
senthil authored
In the current code, the transient store persists rwset.TxPvtReadWriteSet as a value. This CR defines a new proto message in the `transientstore` package named `TxPvtReadWriteSetWithConfigInfo` which encapsulates rwset.TxPvtReadWriteSet and common.CollectionConfigPackage Gossip will utilize this new proto message while supporting dissemination with dynamic collections. Change-Id: Ia178d27fba185ea620818a056c43dc575880a7a0 Signed-off-by:
senthil <cendhu@gmail.com>
-
- 27 Apr, 2018 19 commits
-
-
Jonathan Levi (HACERA) authored
-
pama-ibm authored
Search is broken in ReadtheDocs due to a RTD bug. Setting the sphinx-rtd-theme==v0.2.5b2 Change-Id: I04e9d726ee9046ad312826d5ac93e063ccc2f326 Signed-off-by:
pama-ibm <pama@ibm.com>
-
Jason Yellick authored
The e2e_cli test was recently updated based on the assumption that the project name was e2e (as newer versions of docker compose seem to handle directories with underscores in their names differently). However, this CR failed to check in a new file (.env) which set this. This CR remedies the situation. Change-Id: I04967011b33789cb51d81c3e7738ade6554d7962 Signed-off-by:
Jason Yellick <jyellick@us.ibm.com>
-
Christopher Ferris authored
-
Christopher Ferris authored
* changes: [FAB-9755] Remove redundant empty cname check [FAB-9753] Normalize error reporting in runtime [FAB-9752] Wire registry into handler [FAB-9739] Introduce ACLProvider interface [FAB-9737] Introduce PackageProvider interface
-
Hui Kang authored
- Fix some types and broken links - Clarify the difference about endorsement validation between phase 1 and 3 - write_first_app and build_network are reordered to be consistent with the intro text Change-Id: I16987b082021a110f86ed26d66bd2a48cf46784e Signed-off-by:
Hui Kang <kangh@us.ibm.com>
-
Jason Yellick authored
-
Christopher Ferris authored
-
Matthew Sykes authored
The getter will panic if the canonical name is not set. Also, standardize "cname" for canonicalName/canName. Change-Id: I1efe6a6a3754616893c1fd308071a70b0a98d176 Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Matthew Sykes authored
Change-Id: I4572251da51a02de77b8420a9e45d0819fb18839 Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Matthew Sykes authored
This sets up for additional refactoring and unit tests for the Handler. Change-Id: Ib0db4a16463185b5ad1aa5608ca1156dfc5ced62 Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Matthew Sykes authored
Pass the ACL provider to chaincode support instead of getting it from a global out of the handler. Change-Id: I4f58cea1b17db248d190a7f48cdd1f2da2030fce Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Matthew Sykes authored
Change-Id: Ic76e26eb9e8d145eb48c2d792c01c87e0e3c538a Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Yacov Manevich authored
-
Christopher Ferris authored
-
Christopher Ferris authored
-
Alessandro Sorniotti authored
In the current implementation, levelDB encodes the KVS version as part of the KVS value, whereas couchDB encodes the KVS version as an additional map entry. The code to package version and value into a byte array therefore only belongs to the levelDB code, and not the generic stateDB code. Change-Id: I673ff84d95c92b1829e9a0f37b536deb78314242 Signed-off-by:
Alessandro Sorniotti <ale.linux@sopit.net> Signed-off-by:
Matthias Neugschwandtner <eug@zurich.ibm.com>
-
Alessandro Sorniotti authored
This change set introduces a new capability for key level validation (as described in FAB-8812). Change-Id: I1a517e61b0df7d3e3017866a457b2ee657109b18 Signed-off-by:
Alessandro Sorniotti <ale.linux@sopit.net> Signed-off-by:
Matthias Neugschwandtner <eug@zurich.ibm.com>
-
David Enyeart authored
-
- 26 Apr, 2018 13 commits
-
-
David Enyeart authored
-
David Enyeart authored
-
David Enyeart authored
-
Artem Barger authored
-
Artem Barger authored
-
Artem Barger authored
-
Matthew Sykes authored
Change-Id: I15d11c3b000b58abd26be460281748e515b2515d Signed-off-by:
Matthew Sykes <sykesmat@us.ibm.com>
-
Will Lahti authored
This example was originally used by the e2e_cli. However, long ago, the e2e_cli switched to using the chaincode in the standard examples/chaincode/go directory. This CR removes the dead example code to ensure anyone wishing to modify the chaincode used by the e2e_cli is sure they're modifying the chaincode that's actually being used. Change-Id: I511f72b73ccb4d7a936373d2d7166127e2f0552f Signed-off-by:
Will Lahti <wtlahti@us.ibm.com>
-
Jonathan Levi (HACERA) authored
-
Christopher Ferris authored
-
Jason Yellick authored
-
Jason Yellick authored
-
yacovm authored
State operations require retrieving a query executor which should be released. Therefore, we need an indirection level when we obtain the state in order to first obtain the query executor, execute the plugin and finally call Done() to release the query executor's resources. Change-Id: Idba69a2a8b1ba3d360bfc4858a0f98b6a11cc56e Signed-off-by:
yacovm <yacovm@il.ibm.com>
-