1. 17 Jul, 2018 1 commit
  2. 07 Jul, 2018 1 commit
    • Jason Yellick's avatar
      FAB-11094 Fix deadlock in block iterator · 375995ea
      Jason Yellick authored
      
      
      The deliver service used to not close ledger iterators until after a
      block had been committed.  With FAB-10799, the Deliver service more
      proactively cleans up ledger resources.  This leads to a more likely
      contention between the block iterator's Close() function and the Next()
      function.
      
      These two code paths acquire the same two mutexes, but in different
      orders.  The Next() path always acquires the itr.mgr.cpInfoCond.L first,
      then the itr.closeMarkerLock, while the Close() path inverts this order.
      If both Next() and Close() are invoked at the same time by goroutines,
      this can result in a deadlock where both mutexes lock and never unlock.
      
      This further prevents all blocks from committing and begins to leak
      memory resources.
      
      Change-Id: I99180fec2639a62cdf1cd9a6ce8b33f91ce498b9
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
      375995ea
  3. 03 Jul, 2018 1 commit
  4. 02 Jul, 2018 2 commits
    • Matthew Sykes's avatar
      [FAB-9152] fix data race in TestManagerImpl · bc884145
      Matthew Sykes authored
      
      
      Introduce a RWMutex to the memory backed ledger to enable concurrent use
      by tests.
      
      Change-Id: I964ee2d6ff0fe6e8369702477631e7c0e0251cbc
      Signed-off-by: default avatarMatthew Sykes <sykesmat@us.ibm.com>
      bc884145
    • Matthew Sykes's avatar
      [FAB-9132] Fix data race in core/chaincode/shim · 635bce55
      Matthew Sykes authored
      
      
      Fix data race in the shim
      
      A data race existed between reading and setting the error value returned
      from stream.Recv(). Modify the shim to avoid the race and add a bit more
      alignment between the peer and shim stream processing functions.
      
      Fix data races in MockCCComm
      
      - Quit was causing a race between channel send and close. Resolved by
        wiring a channel to Run and closing send and receive after the done
        channel had closed.
      - The keep alive go routine was racing on the keepAlive message during
        send. Wired the done channel into the keep-alive go routine.
      - Some tests are setting responses while go routines are running. Work
        around this bad behavior with a lock to avoid restructuring tests.
      
      Change-Id: I49bab82336bbbeb941b7db2d8bd279f254b4ec9f
      Signed-off-by: default avatarMatthew Sykes <sykesmat@us.ibm.com>
      635bce55
  5. 21 Jun, 2018 1 commit
    • Jason Yellick's avatar
      FAB-10799 Cancel iterator with context · 7aff3f7a
      Jason Yellick authored
      
      
      Presently, if in the middle of a deliver request, the server will block
      indefinitely waiting for block creation or internal error before
      returning.  This means that if the client requests blocks forever, then
      hangs up, the client resources, including the ledger iterator and the
      gRPC stack will not be released until a block is produced.
      
      Change-Id: Ie8d9069ed4ad4dca436e388bebc23012b83eb7e9
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
      7aff3f7a
  6. 14 Jun, 2018 1 commit
    • Christopher Ferris's avatar
      FAB-9641 add CommitSHA metadata · db3d76f6
      Christopher Ferris authored
      
      
      Added metadata.CommitSHA
      Made metadata.Version a const that would be
      modified with each MMP release and allow for
      binaries to be built that could be released directly
      following successful pipeline according to the
      stable image strategy.
      
      This also has the side-effect of addressing the issue
      raised in FAB-8559 that the fabric-ccenv image might not
      be found in CI testing under certain circumstances.
      
      rolling back last two commits... this one works.
      
      Change-Id: Id2f4a172f181c395a2a1b8864c51d1431c3c3230
      Signed-off-by: default avatarChristopher Ferris <chrisfer@us.ibm.com>
      db3d76f6
  7. 08 Jun, 2018 1 commit
    • manish's avatar
      [FAB-8557] Fix overwriting txid in block index · f6c97e0f
      manish authored
      
      
      This CR fixes the current behavior of block store index.
      In the current implemetation, the indexes that maintain
      different pieces of information by txid are overwritten
      by a duplicate txid (if any). This CR reverses this behavior
      and keeps the first appearance of txid in the index. The future
      duplicate txids will not overwrite it.
      
      Though, either of these behaviors (keeping the first tx or
      keeping the last tx) are not fully justified, primarily because
      the problem itself is a paradox - in the sense that the ids
      (that are supposed to be unique by definition) are duplicated.
      However, the justification of moving from the current behavior
      to the proposed behavior is that, its easy for someone to replay
      the transaction or simply use an existing txid in a bogus transaction
      just to exploit the current behavior of overwriting the block storage
      index and preventing the legitimate user to query about the status
      of their transactions.
      
      Change-Id: I3b81ae61c756ef78253b58a94644778716fb0e16
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      f6c97e0f
  8. 05 Jun, 2018 1 commit
  9. 04 Jun, 2018 1 commit
  10. 29 May, 2018 2 commits
  11. 26 May, 2018 2 commits
  12. 24 May, 2018 1 commit
  13. 23 May, 2018 3 commits
    • Jason Yellick's avatar
      FAB-10344 Make metrics tests use ephemeral ports · 5c104943
      Jason Yellick authored
      
      
      The ports used by the metrics test (such as 8081 and 8025) are sometimes
      bound by other services.  Since the tests never actually connects to the
      service, there's no requirement that these ports be specified, only that
      they be different, so ephemeral ports are the better choice.
      
      Change-Id: I52f9ddaac0435c50e49dccf64309a132ae933fb7
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
      5c104943
    • Jason Yellick's avatar
      FAB-10303 Clean up some assorted struct init · e6ba576a
      Jason Yellick authored
      
      
      Many of our tests and some of our code are still using order based
      initialization for structs.  This is very brittle and against bad
      practices.  In an attempt to upgrade the version of protobuf to v1.1.0,
      all of files in this changeset broke, because the number of struct
      members in the generated code changed.  Although this does not include
      any of the proto updates itself, this CR serves as a prerequisite to
      doing so.
      
      Change-Id: Ib09ac38735b24894bd413ddaaf59288678c6151d
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
      e6ba576a
    • Jason Yellick's avatar
      FAB-10314 Hide ACLs behind capability · 0ee18c2b
      Jason Yellick authored
      
      
      The ACLs function affects how channel config is parsed, and as such, it
      must be deterministic across versions.  Channel config parsing should
      not allow the presence of ACLs until the corresponding capability has
      been enabled.
      
      Change-Id: Ie55a69b620d48198bc485cde820b5f03d6dd6c2d
      Signed-off-by: default avatarJason Yellick <jyellick@us.ibm.com>
      0ee18c2b
  14. 22 May, 2018 3 commits
  15. 21 May, 2018 2 commits
    • manish's avatar
      [FAB-10256] Remove pvt data experimental files · ccdb2455
      manish authored
      
      
      This CR moves the functions related to pvt data from
      the experimental files to the regular files
      
      Change-Id: I0db71f46cc6a5fe5605c227927b5dd2e41585ff7
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      ccdb2455
    • Chris Elder's avatar
      [FAB-7779] CouchDB indexes for private data · 9a3b1811
      Chris Elder authored
      
      
      Any couchdb indexes defined for a chaincode will be deployed in
      the chaincode state database.  Indexes for collections of private
      data should be applied in the chaincode's collection state database
      rather than in the chaincode state database.
      
      Added support for HandleChaincodeDeploy event to common_storage_db.  This
      will now process the event from chain code deploy.  The move was necessary
      for handling the private data namespace mapping.
      
      Added new function to statecouchdb for processing index creation.
      
      Added new interface to statedb for IndexCapable.  This allows the
      common_storage_db to detect that the state database will accept index
      creation events.
      
      Updated index validation to allow for indexes under collections directories.
      
      Change-Id: Icfda923c584d953ce5886023f7411bbddb59d595
      Signed-off-by: default avatarChris Elder <chris.elder@us.ibm.com>
      9a3b1811
  16. 20 May, 2018 1 commit
    • yacovm's avatar
      [FAB-10238] Filter collections on peers, not principals · c1195678
      yacovm authored
      
      
      The collection support in the discovery service supports collections by
      filtering out principal sets that aren't authorized by the principals
      derived from the policy in the collection config.
      
      This is problematic in cases when the collection config is defined
      with principals which have no obvious IsA relation with the
      endorsement policy:
      Consider a case where the endorsement policy is defined with principals
      of Org1.peer or and org2.peer, and the collection is
      defined with OUs of Org.
      
      Any principal based policy can't accept nor reject such a scenario,
      since a peer role is based on an OU that is hidden from the principal
      itself.
      
      This change set moves the filtering to the peer identities instead of
      filtering the principal sets of the combinations of the endorsement
      policy.
      
      It also raises the code coverage from 97% to 99%
      
      Change-Id: I6d2f9f1e735f667fcffe99c3d3b6bfe6a6ed8e98
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
      c1195678
  17. 19 May, 2018 1 commit
  18. 18 May, 2018 2 commits
  19. 16 May, 2018 2 commits
  20. 14 May, 2018 3 commits
    • yacovm's avatar
      [FAB-10023] Principal set merging · 35d2356e
      yacovm authored
      
      
      This change set implements merging of principal sets sets.
      More specifically, if 2 or more sets of principal sets are given,
      such that each principal set set - satisfies an endorsement policy,
      we are able to compute sets of principal sets such that each principal set
      satisfies all of the endorsement policies.
      
      This is to be used for cc2cc queries for service discovery.
      
      Change-Id: I4b6e63f07b1b5832667475b7876df754007d9c2f
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
      35d2356e
    • yacovm's avatar
      [FAB-8535] Attach pluggable validation to the peer · a24a5e3e
      yacovm authored
      
      
      This change set attaches pluggable validation to the peer
      and makes the default validation be a plugin
      
      Change-Id: I819b9c536869bb7e89bc7ce052f89f2889a3b23a
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
      a24a5e3e
    • Manu Drijvers's avatar
      [FAB-8921] include idemix revocation data in conf · 4ad504a0
      Manu Drijvers authored
      
      
      The idemix signer config now includes the idemix credential
      revocation information, which it will use to create non-revoked
      proofs. The idemixgen tool has been updated accordingly.
      
      Change-Id: I02fe60c5fa5157fd266b2a1e2b6c3acb905c8d30
      Signed-off-by: default avatarManu Drijvers <mdr@zurich.ibm.com>
      4ad504a0
  21. 10 May, 2018 3 commits
    • yacovm's avatar
      [FAB-9478] Principal set filtering based on role · 6a976ba3
      yacovm authored
      
      
      This change set implements filtering of principal sets based on
      their role and MSP ID.
      
      This is needed for collection support for service discovery:
      When a chaincode has several possible endorsement combinations
      that each combination is a principal set, but the user wants
      to perform a collection read/write - then the response should
      contain only principal sets which are "authorized" by the
      collection config.
      
      For this - we need a way to filter out principal sets that
      there exists a principal among them which isn't "authorized"
      by the collection config.
      
      This change set implements this filtering while taking into account
      the different MSP roles, for instance- if the endorsement policy
      has Peer roles in it, or OU roles, but the collection config has members,
      then it would still work because a peer is also a member (but not vice versa)
      
      Change-Id: I5b4c1a031b81e78ecdf535ae363a4c45a8a44967
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
      6a976ba3
    • yacovm's avatar
      [FAB-9744] Pluggable validation implementation · 92eeb200
      yacovm authored
      
      
      This change set adds implementation for pluggable validation.
      It is activated in subsequent change sets.
      
      Change-Id: I861dbe641c90c9b06f5ea2b2acf5fcb49cc22fdb
      Signed-off-by: default avataryacovm <yacovm@il.ibm.com>
      92eeb200
    • manish's avatar
      [FAB-9980] Fix rwset-protos and ledger interface · 4e61bc32
      manish authored
      
      
      This CR fixes some of the recent changes in the rwset protobuf
      messages and ledger interface based on the final discussion around
      the ledger support for state based endorsement
      
      Change-Id: Ifd585795e76de73f533d96fb5b8ff68467f9610b
      Signed-off-by: default avatarmanish <manish.sethi@gmail.com>
      4e61bc32
  22. 09 May, 2018 2 commits
  23. 07 May, 2018 1 commit
  24. 04 May, 2018 1 commit
    • senthil's avatar
      [FAB-9851] Enable PvtChanData by default in v1.2 · a3e455fe
      senthil authored
      
      
      In v1.1, the private data feature within a channel
      is an experimental feature. Hence, one needs to set
      privateChannelData capability in config tx to
      enable it. In v1.2, private data feature is
      enabled by default, i.e., non-experimental.
      
      As a result, privateChannelData() capability API in
      v1.2 should return (privateChannelData || v1.2) to
      support rolling upgrades. In v1.3, we can remove the
      privateChannelData capability flag.
      
      Change-Id: I9f1adbe87b8bab1d98b89602cca410fba18aba86
      Signed-off-by: default avatarsenthil <cendhu@gmail.com>
      a3e455fe
  25. 03 May, 2018 1 commit