1. 01 May, 2018 1 commit
    • Alessandro Sorniotti's avatar
      [FAB-6381] Secure defaults for txsFilter · 53de0781
      Alessandro Sorniotti authored
      
      
      The aim of this change set is to apply the well-established "Secure by
      default" security principle to the way the validator validates transactions
      in a block.
      
      The current code behaves as follows: create an array of validation codes, set
      by default to "all transactions are valid"; then perform validation which may
      mark transactions as invalid. Furthermore, in other parts of the code, if no
      array of validation codes is yet persent in the block, a new one is
      indiscriminately created (again, marking all transactions as valid). This
      approach is a security anti-pattern because it opens up to attacks where an
      adversary may force the code through a path where the default "tx is valid"
      validation code is maintained even for invalid txes.
      
      This change set ensures that validation code arrays are created and set to a
      new value (TxValidationCode_NOT_VALIDATED) which ensures that a transaction
      that hasn't been validated cannot be mistaken for a valid one.
      
      Change-Id: I5dbb18dd77af3cd14b168042ae660e4e27bf29dd
      Signed-off-by: default avatarAlessandro Sorniotti <ale.linux@sopit.net>
      53de0781
  2. 06 Dec, 2017 1 commit
    • manish's avatar
      [FAB-7224] Enhance custom tx processor · adf74750
      manish authored
      
      
      This CR enhances custom transaction processor in ledger such that
      the processor is able to distinguish whether it is being invoked
      during ledger initialization or for on-line tx processing.
      
      In the former situation, the processor needs to just rely on the
      states stored previously in the ledger and in the latter it can assume that
      the peer is up and running and hence other peer structures can be used.
      
      Other than this, in the initialization situation only valid transactions are
      passed to the processor which makes the custom validation in the processor
      optional.
      
      Change-Id: Idff54ab124dd588dfa5172a5b882e521217ca62a
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      adf74750
  3. 25 Nov, 2017 1 commit
  4. 14 Sep, 2017 1 commit
    • manish's avatar
      [FAB-5086] Allow absence of pvtdata · 5e9cc94b
      manish authored
      
      
      This CR allows missing pvt data while committing a block
      Also, during simulation, it identifies if the transaction
      requires the missing pvt data and if so, the simulation is
      aborted.
      
      Change-Id: I12bc0091ca58a25f07d7bd28c239af68800a4764
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      5e9cc94b
  5. 05 Sep, 2017 1 commit
    • senthil's avatar
      [FAB-5997] cleanup transientstore from ledger · 46d21098
      senthil authored
      
      
      As the transientstore is moved out of ledger and committer fetches
      private write set from transient store and pass it to ledger for
      commit, ledger no longer use transient store directly to fetch private
      write set. Hence, transientstore usage in ledger is cleaned up in this
      CR.
      
      Change-Id: Ic55940abab32ab7e25c9d3f7d899183ed599ab7b
      Signed-off-by: default avatarsenthil <cendhu@gmail.com>
      46d21098
  6. 11 Aug, 2017 1 commit
    • manish's avatar
      [FAB-5636] Handling custom transaction processing · b4e7a01c
      manish authored
      
      
      This CR introduces a custom transaction processor which
      can be written and registered with the ledger component.
      During commit, if a ledger observes a transaction which is
      of not an endorser type (i.e., it's not pre-simulated) and
      a custom processor is registered for that type, the ledger
      gives a chance to the processor to execute the transaction
      and commits the produced output if passes mvcc validation.
      
      At large, this introduces the possibility of deferred transaction
      execution.
      
      Change-Id: I525d7b413a131007a1e04dc466f3a2d057b869bb
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      b4e7a01c
  7. 10 Aug, 2017 1 commit
    • manish's avatar
      [FAB-5654] SideDB - Tx simulation/validation/commit · 8a87b8ae
      manish authored
      
      
      This CR modifies the tranaction simulation, validation, and commit
      code and delivers the end-to-end transaction flow that treats the
      private data in a special manner. This CR mainly leverages the earlier
      submitted independent CRs for sidedb feature for accomplishing this behavior.
      
      This CR also allows ledger to receive the blocks and the pvt data from
      another peer on the same channel (i.e., a peer catching up via state)
      
      This CR is exceptionally large becasue of manily two reasons
      
      1) The way currently the code (and specially the tests) is organized in
      simulation/validation/commit flow, its not easy to submit such kind
      of changes independently that cuase the change in the whole transaction
      processing flow.
      
      2) This CR causes a change in the existing ledger APIs which are used widely
      across other packages (specially in the tests) and hence many files are included
      for fixing the broken dependencies
      
      Change-Id: Id29575176575f4c01793efd3476b68f8364cb592
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      8a87b8ae