From daf29b86fc382ae8a1536aa87249766643bc9291 Mon Sep 17 00:00:00 2001 From: Jason Yellick Date: Fri, 13 Jan 2017 15:34:43 -0500 Subject: [PATCH] [FAB-1649] Normalize orderer config item names https://jira.hyperledger.org/browse/FAB-1649 The orderer configuration items have been added one by one as needed, so some commonalities have been ignored, and some names are inconsitent or misleading. This CR is normalizes those names. Suggested review start: protos/orderer/configuration.proto orderer/common/bootstrap/provisional/item.go Change-Id: I415c5e7e3ed410f82d01a4ea30ff48a10bed7a98 Signed-off-by: Jason Yellick --- common/configtx/inspector/orderer_types.go | 30 +++--- common/configtx/manager.go | 6 +- common/configtx/test/orderer.template | Bin 638 -> 656 bytes orderer/common/bootstrap/provisional/item.go | 52 ++++----- .../bootstrap/provisional/provisional.go | 4 +- .../common/bootstrap/provisional/templates.go | 18 ++-- orderer/common/deliver/deliver.go | 2 +- orderer/common/deliver/deliver_test.go | 2 +- orderer/common/sharedconfig/sharedconfig.go | 84 +++++++-------- .../common/sharedconfig/sharedconfig_test.go | 29 ++--- orderer/common/sigfilter/sigfilter.go | 27 ++--- orderer/common/sigfilter/sigfilter_test.go | 4 +- orderer/mocks/sharedconfig/sharedconfig.go | 30 +++--- orderer/multichain/chainsupport.go | 4 +- orderer/multichain/manager.go | 2 +- orderer/multichain/systemchain.go | 2 +- orderer/multichain/systemchain_test.go | 6 +- orderer/sbft/backend/backendab.go | 3 + protos/common/configuration.pb.go | 94 ++++++++-------- protos/common/configuration.proto | 3 +- protos/orderer/ab.pb.go | 6 +- protos/orderer/configuration.pb.go | 101 +++++++++--------- protos/orderer/configuration.proto | 25 +++-- 23 files changed, 277 insertions(+), 257 deletions(-) diff --git a/common/configtx/inspector/orderer_types.go b/common/configtx/inspector/orderer_types.go index 6a779aeadc8..ba05d12db34 100644 --- a/common/configtx/inspector/orderer_types.go +++ b/common/configtx/inspector/orderer_types.go @@ -56,24 +56,24 @@ func (ot ordererTypes) Value(configItem *cb.ConfigurationItem) Viewable { return viewableError(name, err) } return viewableCreationPolicy(configItem.Key, value) - case "IngressPolicy": - value := &ab.IngressPolicy{} + case "IngressPolicyNames": + value := &ab.IngressPolicyNames{} if err := proto.Unmarshal(configItem.Value, value); err != nil { return viewableError(name, err) } - return viewableIngressPolicy(configItem.Key, value) - case "EgressPolicy": - value := &ab.EgressPolicy{} + return viewableIngressPolicyNames(configItem.Key, value) + case "EgressPolicyNames": + value := &ab.EgressPolicyNames{} if err := proto.Unmarshal(configItem.Value, value); err != nil { return viewableError(name, err) } - return viewableEgressPolicy(configItem.Key, value) - case "ChainCreators": - value := &ab.ChainCreators{} + return viewableEgressPolicyNames(configItem.Key, value) + case "ChainCreationPolicyNames": + value := &ab.ChainCreationPolicyNames{} if err := proto.Unmarshal(configItem.Value, value); err != nil { return viewableError(name, err) } - return viewableChainCreators(configItem.Key, value) + return viewableChainCreationPolicyNames(configItem.Key, value) case "KafkaBrokers": value := &ab.KafkaBrokers{} if err := proto.Unmarshal(configItem.Value, value); err != nil { @@ -99,24 +99,24 @@ func viewableBatchTimeout(name string, batchTimeout *ab.BatchTimeout) Viewable { } } -func viewableIngressPolicy(name string, ingressPolicy *ab.IngressPolicy) Viewable { +func viewableIngressPolicyNames(name string, ingressPolicy *ab.IngressPolicyNames) Viewable { return &field{ name: name, - values: []Viewable{viewableString("Name", ingressPolicy.Name)}, + values: []Viewable{viewableStringSlice("Name", ingressPolicy.Names)}, } } -func viewableEgressPolicy(name string, egressPolicy *ab.EgressPolicy) Viewable { +func viewableEgressPolicyNames(name string, egressPolicy *ab.EgressPolicyNames) Viewable { return &field{ name: name, - values: []Viewable{viewableString("Name", egressPolicy.Name)}, + values: []Viewable{viewableStringSlice("Names", egressPolicy.Names)}, } } -func viewableChainCreators(name string, creators *ab.ChainCreators) Viewable { +func viewableChainCreationPolicyNames(name string, chainCreationPolicyNames *ab.ChainCreationPolicyNames) Viewable { return &field{ name: name, - values: []Viewable{viewableStringSlice("Policies", creators.Policies)}, + values: []Viewable{viewableStringSlice("Names", chainCreationPolicyNames.Names)}, } } diff --git a/common/configtx/manager.go b/common/configtx/manager.go index a3a40f780c5..aac913c3c6f 100644 --- a/common/configtx/manager.go +++ b/common/configtx/manager.go @@ -57,8 +57,8 @@ type Manager interface { Sequence() uint64 } -// DefaultModificationPolicyID is the ID of the policy used when no other policy can be resolved, for instance when attempting to create a new config item -const DefaultModificationPolicyID = "DefaultModificationPolicy" +// NewConfigurationItemPolicyKey is the ID of the policy used when no other policy can be resolved, for instance when attempting to create a new config item +const NewConfigurationItemPolicyKey = "NewConfigurationItemPolicy" type acceptAllPolicy struct{} @@ -187,7 +187,7 @@ func (cm *configurationManager) processConfig(configtx *cb.ConfigurationEnvelope return nil, fmt.Errorf("Config is for the wrong chain, expected %s, got %s", cm.chainID, chainID) } - defaultModificationPolicy, defaultPolicySet := cm.pm.GetPolicy(DefaultModificationPolicyID) + defaultModificationPolicy, defaultPolicySet := cm.pm.GetPolicy(NewConfigurationItemPolicyKey) // If the default modification policy is not set, it indicates this is an uninitialized chain, so be permissive of modification if !defaultPolicySet { diff --git a/common/configtx/test/orderer.template b/common/configtx/test/orderer.template index b28788511755b468ac8327367ee0b262581c52c8..0ffd83122252007cfbc2a7bdc78351c80d90d539 100644 GIT binary patch literal 656 zcmd-I<&xuI5@3{KE5N3We4Px>Cg!yrG0A P4Ha7Lo#zy^Gi#NSh<)D4T`zK2$_k``}~f{$*Bb;jyXAy z@G#=wU=(5zViIEDiYH_)fq?bQOD{?-E{2*b$c1hdR~%&)@VF8%KZ%g}_yPuZk}=`} L1`!)5kT@6toT9%n diff --git a/orderer/common/bootstrap/provisional/item.go b/orderer/common/bootstrap/provisional/item.go index 9811e257bad..30fca533901 100644 --- a/orderer/common/bootstrap/provisional/item.go +++ b/orderer/common/bootstrap/provisional/item.go @@ -25,83 +25,83 @@ import ( "github.com/hyperledger/fabric/protos/utils" ) -func (cbs *commonBootstrapper) encodeConsensusType() *cb.ConfigurationItem { +func (cbs *commonBootstrapper) templateConsensusType() *cb.ConfigurationItem { configItemKey := sharedconfig.ConsensusTypeKey configItemValue := utils.MarshalOrPanic(&ab.ConsensusType{Type: cbs.consensusType}) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeBatchSize() *cb.ConfigurationItem { +func (cbs *commonBootstrapper) templateBatchSize() *cb.ConfigurationItem { configItemKey := sharedconfig.BatchSizeKey configItemValue := utils.MarshalOrPanic(cbs.batchSize) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeBatchTimeout() *cb.ConfigurationItem { +func (cbs *commonBootstrapper) templateBatchTimeout() *cb.ConfigurationItem { configItemKey := sharedconfig.BatchTimeoutKey configItemValue := utils.MarshalOrPanic(&ab.BatchTimeout{Timeout: cbs.batchTimeout}) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeChainCreators() *cb.ConfigurationItem { - configItemKey := sharedconfig.ChainCreatorsKey - configItemValue := utils.MarshalOrPanic(&ab.ChainCreators{Policies: DefaultChainCreators}) - modPolicy := configtx.DefaultModificationPolicyID +func (cbs *commonBootstrapper) templateChainCreationPolicyNames() *cb.ConfigurationItem { + configItemKey := sharedconfig.ChainCreationPolicyNamesKey + configItemValue := utils.MarshalOrPanic(&ab.ChainCreationPolicyNames{Names: DefaultChainCreationPolicyNames}) + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeAcceptAllPolicy() *cb.ConfigurationItem { +func (cbs *commonBootstrapper) templateAcceptAllPolicy() *cb.ConfigurationItem { configItemKey := AcceptAllPolicyKey configItemValue := utils.MarshalOrPanic(utils.MakePolicyOrPanic(cauthdsl.AcceptAllPolicy)) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Policy, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeIngressPolicy() *cb.ConfigurationItem { - configItemKey := sharedconfig.IngressPolicyKey - configItemValue := utils.MarshalOrPanic(&ab.IngressPolicy{Name: AcceptAllPolicyKey}) - modPolicy := configtx.DefaultModificationPolicyID +func (cbs *commonBootstrapper) templateIngressPolicyNames() *cb.ConfigurationItem { + configItemKey := sharedconfig.IngressPolicyNamesKey + configItemValue := utils.MarshalOrPanic(&ab.IngressPolicyNames{Names: []string{AcceptAllPolicyKey}}) + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) encodeEgressPolicy() *cb.ConfigurationItem { - configItemKey := sharedconfig.EgressPolicyKey - configItemValue := utils.MarshalOrPanic(&ab.EgressPolicy{Name: AcceptAllPolicyKey}) - modPolicy := configtx.DefaultModificationPolicyID +func (cbs *commonBootstrapper) templateEgressPolicyNames() *cb.ConfigurationItem { + configItemKey := sharedconfig.EgressPolicyNamesKey + configItemValue := utils.MarshalOrPanic(&ab.EgressPolicyNames{Names: []string{AcceptAllPolicyKey}}) + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) } -func (cbs *commonBootstrapper) lockDefaultModificationPolicy() *cb.ConfigurationItem { - // Lock down the default modification policy to prevent any further policy modifications - configItemKey := configtx.DefaultModificationPolicyID +func (cbs *commonBootstrapper) templateRejectAllPolicy() *cb.ConfigurationItem { + // Lock down the new configuration item policy to prevent any new configuration items from being created + configItemKey := configtx.NewConfigurationItemPolicyKey configItemValue := utils.MarshalOrPanic(utils.MakePolicyOrPanic(cauthdsl.RejectAllPolicy)) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, cbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Policy, lastModified, modPolicy, configItemKey, configItemValue) } -func (kbs *kafkaBootstrapper) encodeKafkaBrokers() *cb.ConfigurationItem { +func (kbs *kafkaBootstrapper) templateKafkaBrokers() *cb.ConfigurationItem { configItemKey := sharedconfig.KafkaBrokersKey configItemValue := utils.MarshalOrPanic(&ab.KafkaBrokers{Brokers: kbs.kafkaBrokers}) - modPolicy := configtx.DefaultModificationPolicyID + modPolicy := configtx.NewConfigurationItemPolicyKey configItemChainHeader := utils.MakeChainHeader(cb.HeaderType_CONFIGURATION_ITEM, msgVersion, kbs.chainID, epoch) return utils.MakeConfigurationItem(configItemChainHeader, cb.ConfigurationItem_Orderer, lastModified, modPolicy, configItemKey, configItemValue) diff --git a/orderer/common/bootstrap/provisional/provisional.go b/orderer/common/bootstrap/provisional/provisional.go index 2a9dc03ca80..0e341337c66 100644 --- a/orderer/common/bootstrap/provisional/provisional.go +++ b/orderer/common/bootstrap/provisional/provisional.go @@ -59,8 +59,8 @@ const ( epoch = 0 ) -// DefaultChainCreators is the default value of ChainCreatorsKey. -var DefaultChainCreators = []string{AcceptAllPolicyKey} +// DefaultChainCreationPolicyNames is the default value of ChainCreatorsKey. +var DefaultChainCreationPolicyNames = []string{AcceptAllPolicyKey} type commonBootstrapper struct { chainID string diff --git a/orderer/common/bootstrap/provisional/templates.go b/orderer/common/bootstrap/provisional/templates.go index bce5371080b..df4f3e0b90c 100644 --- a/orderer/common/bootstrap/provisional/templates.go +++ b/orderer/common/bootstrap/provisional/templates.go @@ -21,21 +21,21 @@ import ( ) func (cbs *commonBootstrapper) makeOrdererSystemChainConfig() []*cb.ConfigurationItem { - return []*cb.ConfigurationItem{cbs.encodeChainCreators()} + return []*cb.ConfigurationItem{cbs.templateChainCreationPolicyNames()} } func (cbs *commonBootstrapper) TemplateItems() []*cb.ConfigurationItem { return []*cb.ConfigurationItem{ - cbs.encodeConsensusType(), - cbs.encodeBatchSize(), - cbs.encodeBatchTimeout(), - cbs.encodeAcceptAllPolicy(), - cbs.encodeIngressPolicy(), - cbs.encodeEgressPolicy(), - cbs.lockDefaultModificationPolicy(), + cbs.templateConsensusType(), + cbs.templateBatchSize(), + cbs.templateBatchTimeout(), + cbs.templateAcceptAllPolicy(), + cbs.templateIngressPolicyNames(), + cbs.templateEgressPolicyNames(), + cbs.templateRejectAllPolicy(), } } func (kbs *kafkaBootstrapper) TemplateItems() []*cb.ConfigurationItem { - return append(kbs.commonBootstrapper.TemplateItems(), kbs.encodeKafkaBrokers()) + return append(kbs.commonBootstrapper.TemplateItems(), kbs.templateKafkaBrokers()) } diff --git a/orderer/common/deliver/deliver.go b/orderer/common/deliver/deliver.go index 73a51b3992a..9f7dbab461a 100644 --- a/orderer/common/deliver/deliver.go +++ b/orderer/common/deliver/deliver.go @@ -92,7 +92,7 @@ func (ds *deliverServer) Handle(srv ab.AtomicBroadcast_DeliverServer) error { return sendStatusReply(srv, cb.Status_NOT_FOUND) } - sf := sigfilter.New(chain.SharedConfig().EgressPolicy, chain.PolicyManager()) + sf := sigfilter.New(chain.SharedConfig().EgressPolicyNames, chain.PolicyManager()) result, _ := sf.Apply(envelope) if result != filter.Forward { return sendStatusReply(srv, cb.Status_FORBIDDEN) diff --git a/orderer/common/deliver/deliver_test.go b/orderer/common/deliver/deliver_test.go index a5d538d37d0..673f89d6d95 100644 --- a/orderer/common/deliver/deliver_test.go +++ b/orderer/common/deliver/deliver_test.go @@ -114,7 +114,7 @@ func newMockMultichainManager() *mockSupportManager { } mm.chains[systemChainID] = &mockSupport{ ledger: rl, - sharedConfig: &mocksharedconfig.Manager{}, + sharedConfig: &mocksharedconfig.Manager{EgressPolicyNamesVal: []string{"somePolicy"}}, policyManager: &mockpolicies.Manager{Policy: &mockpolicies.Policy{}}, } return mm diff --git a/orderer/common/sharedconfig/sharedconfig.go b/orderer/common/sharedconfig/sharedconfig.go index c6045fa1242..edcbf759da4 100644 --- a/orderer/common/sharedconfig/sharedconfig.go +++ b/orderer/common/sharedconfig/sharedconfig.go @@ -40,17 +40,17 @@ const ( // BatchTimeoutKey is the cb.ConfigurationItem type key name for the BatchTimeout message BatchTimeoutKey = "BatchTimeout" - // ChainCreatorsKey is the cb.ConfigurationItem type key name for the ChainCreators message - ChainCreatorsKey = "ChainCreators" + // ChainCreationPolicyNamesKey is the cb.ConfigurationItem type key name for the ChainCreationPolicyNames message + ChainCreationPolicyNamesKey = "ChainCreationPolicyNames" // KafkaBrokersKey is the cb.ConfigurationItem type key name for the KafkaBrokers message KafkaBrokersKey = "KafkaBrokers" - // IngressPolicyKey is the cb.ConfigurationItem type key name for the IngressPolicy message - IngressPolicyKey = "IngressPolicy" + // IngressPolicyNamesKey is the cb.ConfigurationItem type key name for the IngressPolicyNames message + IngressPolicyNamesKey = "IngressPolicyNames" - // EgressPolicyKey is the cb.ConfigurationItem type key name for the EgressPolicy message - EgressPolicyKey = "EgressPolicy" + // EgressPolicyNamesKey is the cb.ConfigurationItem type key name for the EgressPolicyNames message + EgressPolicyNamesKey = "EgressPolicyNames" ) var logger = logging.MustGetLogger("orderer/common/sharedconfig") @@ -69,30 +69,30 @@ type Manager interface { // BatchTimeout returns the amount of time to wait before creating a batch BatchTimeout() time.Duration - // ChainCreators returns the policy names which are allowed for chain creation + // ChainCreationPolicyNames returns the policy names which are allowed for chain creation // This field is only set for the system ordering chain - ChainCreators() []string + ChainCreationPolicyNames() []string // KafkaBrokers returns the addresses (IP:port notation) of a set of "bootstrap" // Kafka brokers, i.e. this is not necessarily the entire set of Kafka brokers // used for ordering KafkaBrokers() []string - // IngressPolicy returns the name of the policy to validate incoming broadcast messages against - IngressPolicy() string + // IngressPolicyNames returns the name of the policy to validate incoming broadcast messages against + IngressPolicyNames() []string - // EgressPolicy returns the name of the policy to validate incoming broadcast messages against - EgressPolicy() string + // EgressPolicyNames returns the name of the policy to validate incoming broadcast messages against + EgressPolicyNames() []string } type ordererConfig struct { - consensusType string - batchSize *ab.BatchSize - batchTimeout time.Duration - chainCreators []string - kafkaBrokers []string - ingressPolicy string - egressPolicy string + consensusType string + batchSize *ab.BatchSize + batchTimeout time.Duration + chainCreationPolicies []string + kafkaBrokers []string + ingressPolicyNames []string + egressPolicyNames []string } // ManagerImpl is an implementation of Manager and configtx.ConfigHandler @@ -124,10 +124,10 @@ func (pm *ManagerImpl) BatchTimeout() time.Duration { return pm.config.batchTimeout } -// ChainCreators returns the policy names which are allowed for chain creation +// ChainCreationPolicyNames returns the policy names which are allowed for chain creation // This field is only set for the system ordering chain -func (pm *ManagerImpl) ChainCreators() []string { - return pm.config.chainCreators +func (pm *ManagerImpl) ChainCreationPolicyNames() []string { + return pm.config.chainCreationPolicies } // KafkaBrokers returns the addresses (IP:port notation) of a set of "bootstrap" @@ -137,14 +137,14 @@ func (pm *ManagerImpl) KafkaBrokers() []string { return pm.config.kafkaBrokers } -// IngressPolicy returns the name of the policy to validate incoming broadcast messages against -func (pm *ManagerImpl) IngressPolicy() string { - return pm.config.ingressPolicy +// IngressPolicyNames returns the name of the policy to validate incoming broadcast messages against +func (pm *ManagerImpl) IngressPolicyNames() []string { + return pm.config.ingressPolicyNames } -// EgressPolicy returns the name of the policy to validate incoming deliver seeks against -func (pm *ManagerImpl) EgressPolicy() string { - return pm.config.egressPolicy +// EgressPolicyNames returns the name of the policy to validate incoming deliver seeks against +func (pm *ManagerImpl) EgressPolicyNames() []string { + return pm.config.egressPolicyNames } // BeginConfig is used to start a new configuration proposal @@ -221,24 +221,24 @@ func (pm *ManagerImpl) ProposeConfig(configItem *cb.ConfigurationItem) error { return fmt.Errorf("Attempted to set the batch timeout to a non-positive value: %s", timeoutValue.String()) } pm.pendingConfig.batchTimeout = timeoutValue - case ChainCreatorsKey: - chainCreators := &ab.ChainCreators{} - if err := proto.Unmarshal(configItem.Value, chainCreators); err != nil { + case ChainCreationPolicyNamesKey: + chainCreationPolicies := &ab.ChainCreationPolicyNames{} + if err := proto.Unmarshal(configItem.Value, chainCreationPolicies); err != nil { return fmt.Errorf("Unmarshaling error for ChainCreator: %s", err) } - pm.pendingConfig.chainCreators = chainCreators.Policies - case IngressPolicyKey: - ingressPolicy := &ab.IngressPolicy{} - if err := proto.Unmarshal(configItem.Value, ingressPolicy); err != nil { - return fmt.Errorf("Unmarshaling error for IngressPolicy: %s", err) + pm.pendingConfig.chainCreationPolicies = chainCreationPolicies.Names + case IngressPolicyNamesKey: + ingressPolicyNames := &ab.IngressPolicyNames{} + if err := proto.Unmarshal(configItem.Value, ingressPolicyNames); err != nil { + return fmt.Errorf("Unmarshaling error for IngressPolicyNames: %s", err) } - pm.pendingConfig.ingressPolicy = ingressPolicy.Name - case EgressPolicyKey: - egressPolicy := &ab.EgressPolicy{} - if err := proto.Unmarshal(configItem.Value, egressPolicy); err != nil { - return fmt.Errorf("Unmarshaling error for EgressPolicy: %s", err) + pm.pendingConfig.ingressPolicyNames = ingressPolicyNames.Names + case EgressPolicyNamesKey: + egressPolicyNames := &ab.EgressPolicyNames{} + if err := proto.Unmarshal(configItem.Value, egressPolicyNames); err != nil { + return fmt.Errorf("Unmarshaling error for EgressPolicyNames: %s", err) } - pm.pendingConfig.egressPolicy = egressPolicy.Name + pm.pendingConfig.egressPolicyNames = egressPolicyNames.Names case KafkaBrokersKey: kafkaBrokers := &ab.KafkaBrokers{} if err := proto.Unmarshal(configItem.Value, kafkaBrokers); err != nil { diff --git a/orderer/common/sharedconfig/sharedconfig_test.go b/orderer/common/sharedconfig/sharedconfig_test.go index a520b9d43bb..ca698a0296f 100644 --- a/orderer/common/sharedconfig/sharedconfig_test.go +++ b/orderer/common/sharedconfig/sharedconfig_test.go @@ -19,6 +19,7 @@ package sharedconfig import ( "os" "os/exec" + "reflect" "testing" "time" @@ -329,18 +330,18 @@ func TestKafkaBrokers(t *testing.T) { } } -func TestIngressPolicy(t *testing.T) { - endPolicy := "foo" +func TestIngressPolicyNames(t *testing.T) { + endPolicy := []string{"foo"} invalidMessage := &cb.ConfigurationItem{ Type: cb.ConfigurationItem_Orderer, - Key: IngressPolicyKey, + Key: IngressPolicyNamesKey, Value: []byte("Garbage Data"), } validMessage := &cb.ConfigurationItem{ Type: cb.ConfigurationItem_Orderer, - Key: IngressPolicyKey, - Value: utils.MarshalOrPanic(&ab.IngressPolicy{Name: endPolicy}), + Key: IngressPolicyNamesKey, + Value: utils.MarshalOrPanic(&ab.IngressPolicyNames{Names: endPolicy}), } m := NewManagerImpl() m.BeginConfig() @@ -365,23 +366,23 @@ func TestIngressPolicy(t *testing.T) { m.CommitConfig() - if nowPolicy := m.IngressPolicy(); nowPolicy != endPolicy { - t.Fatalf("IngressPolicy should have ended as %s but was %s", endPolicy, nowPolicy) + if nowPolicy := m.IngressPolicyNames(); !reflect.DeepEqual(nowPolicy, endPolicy) { + t.Fatalf("IngressPolicyNames should have ended as %s but was %s", endPolicy, nowPolicy) } } -func TestEgressPolicy(t *testing.T) { - endPolicy := "foo" +func TestEgressPolicyNames(t *testing.T) { + endPolicy := []string{"foo"} invalidMessage := &cb.ConfigurationItem{ Type: cb.ConfigurationItem_Orderer, - Key: EgressPolicyKey, + Key: EgressPolicyNamesKey, Value: []byte("Garbage Data"), } validMessage := &cb.ConfigurationItem{ Type: cb.ConfigurationItem_Orderer, - Key: EgressPolicyKey, - Value: utils.MarshalOrPanic(&ab.EgressPolicy{Name: endPolicy}), + Key: EgressPolicyNamesKey, + Value: utils.MarshalOrPanic(&ab.EgressPolicyNames{Names: endPolicy}), } m := NewManagerImpl() m.BeginConfig() @@ -406,7 +407,7 @@ func TestEgressPolicy(t *testing.T) { m.CommitConfig() - if nowPolicy := m.EgressPolicy(); nowPolicy != endPolicy { - t.Fatalf("EgressPolicy should have ended as %s but was %s", endPolicy, nowPolicy) + if nowPolicy := m.EgressPolicyNames(); !reflect.DeepEqual(nowPolicy, endPolicy) { + t.Fatalf("EgressPolicyNames should have ended as %s but was %s", endPolicy, nowPolicy) } } diff --git a/orderer/common/sigfilter/sigfilter.go b/orderer/common/sigfilter/sigfilter.go index 8c437e511f4..98bcb240137 100644 --- a/orderer/common/sigfilter/sigfilter.go +++ b/orderer/common/sigfilter/sigfilter.go @@ -27,7 +27,7 @@ import ( var logger = logging.MustGetLogger("orderer/common/sigfilter") type sigFilter struct { - policySource func() string + policySource func() []string policyManager policies.Manager } @@ -36,7 +36,7 @@ type sigFilter struct { // In general, both the policy name and the policy itself are mutable, this is why // not only the policy is retrieved at each invocation, but also the name of which // policy to retrieve -func New(policySource func() string, policyManager policies.Manager) filter.Rule { +func New(policySource func() []string, policyManager policies.Manager) filter.Rule { return &sigFilter{ policySource: policySource, policyManager: policyManager, @@ -54,20 +54,21 @@ func (sf *sigFilter) Apply(message *cb.Envelope) (filter.Action, filter.Committe return filter.Reject, nil } - policy, ok := sf.policyManager.GetPolicy(sf.policySource()) - if !ok { - logger.Debugf("Rejecting because policy was not found") - return filter.Reject, nil - } + for _, policy := range sf.policySource() { + policy, ok := sf.policyManager.GetPolicy(policy) + if !ok { + logger.Debugf("Could not find policy %s", policy) + continue + } - err = policy.Evaluate(signedData) + err = policy.Evaluate(signedData) - if err != nil { - if logger.IsEnabledFor(logging.DEBUG) { - logger.Debugf("Rejecting because policy did not evaluate without error: %s", err) + if err == nil { + logger.Debugf("Accepting validly signed message") + return filter.Forward, nil } - return filter.Reject, nil } - return filter.Forward, nil + logger.Debugf("Rejecting message which was not appropriately signed") + return filter.Reject, nil } diff --git a/orderer/common/sigfilter/sigfilter_test.go b/orderer/common/sigfilter/sigfilter_test.go index aaca48010e9..71d0d9e7794 100644 --- a/orderer/common/sigfilter/sigfilter_test.go +++ b/orderer/common/sigfilter/sigfilter_test.go @@ -42,8 +42,8 @@ func makeEnvelope() *cb.Envelope { } } -func fooSource() string { - return "foo" +func fooSource() []string { + return []string{"foo"} } func TestAccept(t *testing.T) { diff --git a/orderer/mocks/sharedconfig/sharedconfig.go b/orderer/mocks/sharedconfig/sharedconfig.go index ca6e246f782..7fbba936b79 100644 --- a/orderer/mocks/sharedconfig/sharedconfig.go +++ b/orderer/mocks/sharedconfig/sharedconfig.go @@ -27,14 +27,14 @@ type Manager struct { BatchSizeVal *ab.BatchSize // BatchTimeoutVal is returned as the result of BatchTimeout() BatchTimeoutVal time.Duration - // ChainCreatorsVal is returned as the result of ChainCreators() - ChainCreatorsVal []string + // ChainCreationPolicyNamesVal is returned as the result of ChainCreationPolicyNames() + ChainCreationPolicyNamesVal []string // KafkaBrokersVal is returned as the result of KafkaBrokers() KafkaBrokersVal []string - // IngressPolicyVal is returned as the result of IngressPolicy() - IngressPolicyVal string - // EgressPolicyVal is returned as the result of EgressPolicy() - EgressPolicyVal string + // IngressPolicyNamesVal is returned as the result of IngressPolicyNames() + IngressPolicyNamesVal []string + // EgressPolicyNamesVal is returned as the result of EgressPolicyNames() + EgressPolicyNamesVal []string } // ConsensusType returns the ConsensusTypeVal @@ -52,9 +52,9 @@ func (scm *Manager) BatchTimeout() time.Duration { return scm.BatchTimeoutVal } -// ChainCreators returns the ChainCreatorsVal -func (scm *Manager) ChainCreators() []string { - return scm.ChainCreatorsVal +// ChainCreationPolicyNames returns the ChainCreationPolicyNamesVal +func (scm *Manager) ChainCreationPolicyNames() []string { + return scm.ChainCreationPolicyNamesVal } // KafkaBrokers returns the KafkaBrokersVal @@ -62,12 +62,12 @@ func (scm *Manager) KafkaBrokers() []string { return scm.KafkaBrokersVal } -// IngressPolicy returns the IngressPolicyVal -func (scm *Manager) IngressPolicy() string { - return scm.IngressPolicyVal +// IngressPolicyNames returns the IngressPolicyNamesVal +func (scm *Manager) IngressPolicyNames() []string { + return scm.IngressPolicyNamesVal } -// EgressPolicy returns the EgressPolicyVal -func (scm *Manager) EgressPolicy() string { - return scm.EgressPolicyVal +// EgressPolicyNames returns the EgressPolicyNamesVal +func (scm *Manager) EgressPolicyNames() []string { + return scm.EgressPolicyNamesVal } diff --git a/orderer/multichain/chainsupport.go b/orderer/multichain/chainsupport.go index f3b0da85dc6..5964aa8a519 100644 --- a/orderer/multichain/chainsupport.go +++ b/orderer/multichain/chainsupport.go @@ -140,7 +140,7 @@ func createStandardFilters(configManager configtx.Manager, policyManager policie return filter.NewRuleSet([]filter.Rule{ filter.EmptyRejectRule, sizefilter.MaxBytesRule(sharedConfig.BatchSize().AbsoluteMaxBytes), - sigfilter.New(sharedConfig.IngressPolicy, policyManager), + sigfilter.New(sharedConfig.IngressPolicyNames, policyManager), configtx.NewFilter(configManager), filter.AcceptRule, }) @@ -152,7 +152,7 @@ func createSystemChainFilters(ml *multiLedger, configManager configtx.Manager, p return filter.NewRuleSet([]filter.Rule{ filter.EmptyRejectRule, sizefilter.MaxBytesRule(sharedConfig.BatchSize().AbsoluteMaxBytes), - sigfilter.New(sharedConfig.IngressPolicy, policyManager), + sigfilter.New(sharedConfig.IngressPolicyNames, policyManager), newSystemChainFilter(ml), configtx.NewFilter(configManager), filter.AcceptRule, diff --git a/orderer/multichain/manager.go b/orderer/multichain/manager.go index cb2138ec678..d1f1f2434ac 100644 --- a/orderer/multichain/manager.go +++ b/orderer/multichain/manager.go @@ -111,7 +111,7 @@ func NewManagerImpl(ledgerFactory ordererledger.Factory, consenters map[string]C configManager, policyManager, backingLedger, sharedConfigManager := ml.newResources(configTx) chainID := configManager.ChainID() - if sharedConfigManager.ChainCreators() != nil { + if sharedConfigManager.ChainCreationPolicyNames() != nil { if ml.sysChain != nil { logger.Fatalf("There appear to be two system chains %s and %s", ml.sysChain.support.ChainID(), chainID) } diff --git a/orderer/multichain/systemchain.go b/orderer/multichain/systemchain.go index da7d468e998..e885d37b5cf 100644 --- a/orderer/multichain/systemchain.go +++ b/orderer/multichain/systemchain.go @@ -172,7 +172,7 @@ func (sc *systemChain) authorize(configEnvelope *cb.ConfigurationEnvelope) cb.St } ok := false - for _, chainCreatorPolicy := range sc.support.SharedConfig().ChainCreators() { + for _, chainCreatorPolicy := range sc.support.SharedConfig().ChainCreationPolicyNames() { if chainCreatorPolicy == creationPolicy.Policy { ok = true break diff --git a/orderer/multichain/systemchain_test.go b/orderer/multichain/systemchain_test.go index 401ad78cee1..512d348f836 100644 --- a/orderer/multichain/systemchain_test.go +++ b/orderer/multichain/systemchain_test.go @@ -106,7 +106,7 @@ func TestGoodProposal(t *testing.T) { newChainID := "NewChainID" mcc := newMockChainCreator() - mcc.ms.msc.ChainCreatorsVal = []string{provisional.AcceptAllPolicyKey} + mcc.ms.msc.ChainCreationPolicyNamesVal = []string{provisional.AcceptAllPolicyKey} mcc.ms.mpm.mp = &mockPolicy{} chainCreateTx := &cb.ConfigurationItem{ @@ -191,7 +191,7 @@ func TestProposalWithMissingPolicy(t *testing.T) { newChainID := "NewChainID" mcc := newMockChainCreator() - mcc.ms.msc.ChainCreatorsVal = []string{provisional.AcceptAllPolicyKey} + mcc.ms.msc.ChainCreationPolicyNamesVal = []string{provisional.AcceptAllPolicyKey} chainCreateTx := &cb.ConfigurationItem{ Key: configtx.CreationPolicyKey, @@ -215,7 +215,7 @@ func TestProposalWithBadDigest(t *testing.T) { mcc := newMockChainCreator() mcc.ms.mpm.mp = &mockPolicy{} - mcc.ms.msc.ChainCreatorsVal = []string{provisional.AcceptAllPolicyKey} + mcc.ms.msc.ChainCreationPolicyNamesVal = []string{provisional.AcceptAllPolicyKey} chainCreateTx := &cb.ConfigurationItem{ Key: configtx.CreationPolicyKey, diff --git a/orderer/sbft/backend/backendab.go b/orderer/sbft/backend/backendab.go index efa9ea7d93d..3b59c6767d1 100644 --- a/orderer/sbft/backend/backendab.go +++ b/orderer/sbft/backend/backendab.go @@ -92,6 +92,9 @@ func NewBackendAB(backend *Backend) *BackendAB { policyManager: &mockpolicies.Manager{Policy: &mockpolicies.Policy{}}, }, } + + manager.support.sharedConfig.(*mocksharedconfig.Manager).EgressPolicyNamesVal = []string{"XXX"} + manager.support.sharedConfig.(*mocksharedconfig.Manager).IngressPolicyNamesVal = []string{"XXX"} // XXX End hackiness bab := &BackendAB{ diff --git a/protos/common/configuration.pb.go b/protos/common/configuration.pb.go index 4bcb269cee7..21ce203aa06 100644 --- a/protos/common/configuration.pb.go +++ b/protos/common/configuration.pb.go @@ -20,6 +20,7 @@ const ( ConfigurationItem_Chain ConfigurationItem_ConfigurationType = 1 ConfigurationItem_Orderer ConfigurationItem_ConfigurationType = 2 ConfigurationItem_Peer ConfigurationItem_ConfigurationType = 3 + ConfigurationItem_MSP ConfigurationItem_ConfigurationType = 4 ) var ConfigurationItem_ConfigurationType_name = map[int32]string{ @@ -27,12 +28,14 @@ var ConfigurationItem_ConfigurationType_name = map[int32]string{ 1: "Chain", 2: "Orderer", 3: "Peer", + 4: "MSP", } var ConfigurationItem_ConfigurationType_value = map[string]int32{ "Policy": 0, "Chain": 1, "Orderer": 2, "Peer": 3, + "MSP": 4, } func (x ConfigurationItem_ConfigurationType) String() string { @@ -404,49 +407,50 @@ func init() { func init() { proto.RegisterFile("common/configuration.proto", fileDescriptor1) } var fileDescriptor1 = []byte{ - // 698 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x74, 0x54, 0xdd, 0x72, 0xd2, 0x40, - 0x14, 0x26, 0xfc, 0x84, 0x72, 0xa0, 0x36, 0x6e, 0x6b, 0x9b, 0x32, 0x9d, 0xca, 0xe4, 0xc2, 0x61, - 0xa6, 0x0a, 0x96, 0xd6, 0x5b, 0x1d, 0xd0, 0x2a, 0x9d, 0xda, 0xc0, 0x2c, 0x6d, 0x9d, 0xf1, 0x46, - 0xd3, 0x64, 0x81, 0x1d, 0xf3, 0x37, 0x9b, 0x45, 0x87, 0x27, 0xf0, 0x1d, 0x7c, 0x14, 0xaf, 0x7c, - 0x34, 0x27, 0xbb, 0x49, 0x0a, 0x14, 0xae, 0xb2, 0xe7, 0x9c, 0xef, 0xfb, 0xce, 0x4f, 0xf6, 0x2c, - 0xd4, 0xed, 0xc0, 0xf3, 0x02, 0xbf, 0x6d, 0x07, 0xfe, 0x98, 0x4e, 0x66, 0xcc, 0xe2, 0x34, 0xf0, - 0x5b, 0x21, 0x0b, 0x78, 0x80, 0x54, 0x19, 0xab, 0xef, 0x66, 0x98, 0xf8, 0x23, 0x83, 0xf5, 0x94, - 0xe8, 0x45, 0xe1, 0xb7, 0x90, 0x51, 0xdf, 0xa6, 0xa1, 0xe5, 0xca, 0x98, 0x61, 0xc2, 0xb3, 0xf7, - 0x8b, 0x7a, 0x17, 0xfe, 0x4f, 0xe2, 0x06, 0x21, 0x41, 0x6f, 0xa0, 0x74, 0xc9, 0x89, 0x17, 0xe9, - 0x4a, 0xa3, 0xd0, 0xac, 0x76, 0x9e, 0xb7, 0x12, 0xc9, 0x11, 0x9d, 0xf8, 0xc4, 0x59, 0xe2, 0xc4, - 0x38, 0x2c, 0xd1, 0x46, 0x7f, 0x45, 0xef, 0x86, 0x78, 0xa1, 0x6b, 0x71, 0x82, 0xda, 0xcb, 0x7a, - 0x87, 0xa9, 0xde, 0x46, 0xa5, 0xdf, 0x0a, 0x1c, 0x6c, 0x48, 0x86, 0x5e, 0xc2, 0xd3, 0x47, 0x4e, - 0x5d, 0x69, 0x28, 0xcd, 0x1a, 0x7e, 0x1c, 0x40, 0x6f, 0x01, 0x62, 0x21, 0x8b, 0xcf, 0x18, 0x89, - 0xf4, 0xbc, 0xc8, 0x7f, 0xbc, 0x36, 0x7f, 0x06, 0xc3, 0x0b, 0x0c, 0xe3, 0x5f, 0x7e, 0x4d, 0x3a, - 0x74, 0x02, 0x6a, 0x9f, 0x58, 0x0e, 0x61, 0x22, 0x71, 0xb5, 0xb3, 0x9b, 0x29, 0x4e, 0x2d, 0xea, - 0xcb, 0x10, 0x4e, 0x20, 0xe8, 0x1d, 0x14, 0x6f, 0xe6, 0x21, 0xd1, 0xf3, 0x0d, 0xa5, 0xf9, 0xa4, - 0x73, 0xb2, 0xb1, 0xf9, 0x65, 0x4f, 0x4c, 0xc1, 0x82, 0x88, 0x0c, 0xa8, 0x7d, 0xb6, 0x22, 0x7e, - 0x1d, 0x38, 0x74, 0x4c, 0x89, 0xa3, 0x17, 0x1a, 0x4a, 0xb3, 0x88, 0x97, 0x7c, 0xa8, 0x05, 0x48, - 0x9e, 0x6d, 0xc1, 0x1e, 0x06, 0x2e, 0xb5, 0xe7, 0x7a, 0xb1, 0xa1, 0x34, 0x2b, 0x78, 0x4d, 0x04, - 0x69, 0x50, 0xb8, 0x22, 0x73, 0xbd, 0x24, 0x00, 0xf1, 0x11, 0xed, 0x41, 0xe9, 0xce, 0x72, 0x67, - 0x44, 0x57, 0xc5, 0x2c, 0xa5, 0x61, 0x74, 0x57, 0xda, 0x17, 0x05, 0x01, 0xa8, 0x52, 0x46, 0xcb, - 0xa1, 0x0a, 0x94, 0x44, 0xd3, 0x9a, 0x82, 0xaa, 0x50, 0x1e, 0x30, 0x87, 0x30, 0xc2, 0xb4, 0x3c, - 0xda, 0x82, 0xe2, 0x90, 0x10, 0xa6, 0x15, 0x8c, 0xef, 0xb0, 0xbf, 0x7e, 0xd0, 0xa8, 0x09, 0x3b, - 0x51, 0x6a, 0x2c, 0xcc, 0xb3, 0x86, 0x57, 0xdd, 0xe8, 0x08, 0x2a, 0x99, 0x4b, 0x0c, 0xb2, 0x86, - 0x1f, 0x1c, 0xc6, 0x24, 0xad, 0x07, 0x21, 0x28, 0xf2, 0x78, 0xd6, 0xb1, 0x4c, 0x09, 0x8b, 0x33, - 0xda, 0x07, 0x35, 0x94, 0xe3, 0x90, 0xc4, 0xc4, 0x32, 0x4e, 0x01, 0x24, 0x4b, 0xf4, 0x54, 0x85, - 0xf2, 0xad, 0x79, 0x65, 0x0e, 0xbe, 0x98, 0x5a, 0x0e, 0x6d, 0x43, 0x65, 0x74, 0xf9, 0xc9, 0xec, - 0xde, 0xdc, 0xe2, 0x0b, 0x4d, 0x41, 0x65, 0x28, 0x5c, 0x8f, 0x86, 0x5a, 0xde, 0xf8, 0x93, 0xdc, - 0x4b, 0x91, 0x56, 0x92, 0xb3, 0xa5, 0xd1, 0xa1, 0x7c, 0x47, 0x58, 0x44, 0x03, 0x3f, 0xc9, 0x9e, - 0x9a, 0xa8, 0x9d, 0x96, 0x27, 0x0a, 0xa8, 0x76, 0x0e, 0x16, 0xf7, 0x69, 0x41, 0x0a, 0xa7, 0x5d, - 0x9c, 0x03, 0x5c, 0x3a, 0xc4, 0xe7, 0x94, 0x53, 0x12, 0xe9, 0x05, 0x71, 0x69, 0xf7, 0x52, 0xd2, - 0xf5, 0x68, 0x38, 0x4c, 0x17, 0x19, 0x2f, 0xe0, 0x8c, 0xbf, 0x0a, 0xec, 0xac, 0x28, 0xa2, 0x23, - 0xd8, 0x92, 0x7b, 0xd4, 0x9b, 0xcb, 0xaa, 0xfa, 0x39, 0x9c, 0x79, 0xd0, 0x39, 0x14, 0x3f, 0xb2, - 0xc0, 0x4b, 0xca, 0x3a, 0xde, 0x50, 0x56, 0xcb, 0x1c, 0xcc, 0xf8, 0x60, 0xdc, 0xcf, 0x61, 0x81, - 0xae, 0x5f, 0x81, 0x2a, 0x3d, 0xa8, 0x06, 0x8a, 0x99, 0x34, 0xab, 0x98, 0xe8, 0x0c, 0xb6, 0x04, - 0x81, 0x66, 0x8b, 0xb6, 0xb1, 0xd1, 0x0c, 0xd8, 0x53, 0xe5, 0x72, 0x18, 0x2f, 0x40, 0xeb, 0x5b, - 0xd1, 0x94, 0xfa, 0x93, 0xae, 0x3b, 0x09, 0x18, 0xe5, 0x53, 0x2f, 0xfe, 0x99, 0xbe, 0xe5, 0xc9, - 0x9f, 0x59, 0xc1, 0xe2, 0x6c, 0x9c, 0xc2, 0x61, 0xcf, 0x0d, 0xec, 0x1f, 0x1f, 0x2c, 0x6e, 0x25, - 0x84, 0x11, 0x67, 0x33, 0x5b, 0xdc, 0xa7, 0x3d, 0x28, 0xfd, 0xa2, 0x0e, 0x9f, 0x0a, 0xc6, 0x36, - 0x96, 0x86, 0xf1, 0x1a, 0xb4, 0xe4, 0x5a, 0x76, 0x1d, 0x87, 0x91, 0x28, 0x22, 0x51, 0x7c, 0x9f, - 0xac, 0xd4, 0x10, 0xaf, 0x52, 0x05, 0x3f, 0x38, 0x7a, 0xaf, 0xbe, 0x9e, 0x4c, 0x28, 0x9f, 0xce, - 0xee, 0xe3, 0xfa, 0xdb, 0xd3, 0x79, 0x48, 0x98, 0x4b, 0x9c, 0x09, 0x61, 0xed, 0xb1, 0x75, 0xcf, - 0xa8, 0xdd, 0x16, 0xef, 0x67, 0x94, 0xbc, 0xb4, 0xf7, 0xaa, 0x30, 0xcf, 0xfe, 0x07, 0x00, 0x00, - 0xff, 0xff, 0x97, 0xd0, 0x17, 0x23, 0xa5, 0x05, 0x00, 0x00, + // 705 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x74, 0x54, 0xdd, 0x6e, 0xda, 0x48, + 0x14, 0xc6, 0xfc, 0x98, 0x70, 0x20, 0x1b, 0xef, 0x24, 0x9b, 0x38, 0x28, 0xca, 0x22, 0x5f, 0xac, + 0x90, 0xb2, 0x85, 0x86, 0xa4, 0xb7, 0xad, 0x42, 0x9b, 0x96, 0x34, 0x8d, 0x41, 0x43, 0x92, 0x4a, + 0xbd, 0x69, 0x1d, 0x7b, 0x30, 0xa3, 0xfa, 0x4f, 0xe3, 0xa1, 0x15, 0x4f, 0xd0, 0x77, 0xe8, 0xa3, + 0xf4, 0x0d, 0xfa, 0x56, 0x95, 0x67, 0x6c, 0x07, 0x08, 0x5c, 0x79, 0xce, 0x39, 0xdf, 0xf7, 0x9d, + 0x1f, 0xcf, 0x19, 0x68, 0xda, 0xa1, 0xef, 0x87, 0x41, 0xd7, 0x0e, 0x83, 0x09, 0x75, 0x67, 0xcc, + 0xe2, 0x34, 0x0c, 0x3a, 0x11, 0x0b, 0x79, 0x88, 0x54, 0x19, 0x6b, 0xee, 0xe6, 0x98, 0xe4, 0x23, + 0x83, 0xcd, 0x8c, 0xe8, 0xc7, 0xd1, 0xe7, 0x88, 0xd1, 0xc0, 0xa6, 0x91, 0xe5, 0xc9, 0x98, 0x61, + 0xc2, 0x3f, 0xaf, 0x17, 0xf5, 0x2e, 0x83, 0x6f, 0xc4, 0x0b, 0x23, 0x82, 0x5e, 0x40, 0xe5, 0x8a, + 0x13, 0x3f, 0xd6, 0x95, 0x56, 0xa9, 0x5d, 0xef, 0xfd, 0xdb, 0x49, 0x25, 0xc7, 0xd4, 0x0d, 0x88, + 0xb3, 0xc4, 0x49, 0x70, 0x58, 0xa2, 0x8d, 0xc1, 0x8a, 0xde, 0x2d, 0xf1, 0x23, 0xcf, 0xe2, 0x04, + 0x75, 0x97, 0xf5, 0x0e, 0x33, 0xbd, 0x8d, 0x4a, 0x3f, 0x14, 0x38, 0xd8, 0x90, 0x0c, 0xfd, 0x0f, + 0x7f, 0x3f, 0x71, 0xea, 0x4a, 0x4b, 0x69, 0x37, 0xf0, 0xd3, 0x00, 0x7a, 0x09, 0x90, 0x08, 0x59, + 0x7c, 0xc6, 0x48, 0xac, 0x17, 0x45, 0xfe, 0xe3, 0xb5, 0xf9, 0x73, 0x18, 0x5e, 0x60, 0x18, 0xbf, + 0x8b, 0x6b, 0xd2, 0xa1, 0x13, 0x50, 0x07, 0xc4, 0x72, 0x08, 0x13, 0x89, 0xeb, 0xbd, 0xdd, 0x5c, + 0x71, 0x6a, 0xd1, 0x40, 0x86, 0x70, 0x0a, 0x41, 0xaf, 0xa0, 0x7c, 0x3b, 0x8f, 0x88, 0x5e, 0x6c, + 0x29, 0xed, 0xbf, 0x7a, 0x27, 0x1b, 0x9b, 0x5f, 0xf6, 0x24, 0x14, 0x2c, 0x88, 0xc8, 0x80, 0xc6, + 0x07, 0x2b, 0xe6, 0x37, 0xa1, 0x43, 0x27, 0x94, 0x38, 0x7a, 0xa9, 0xa5, 0xb4, 0xcb, 0x78, 0xc9, + 0x87, 0x3a, 0x80, 0xe4, 0xd9, 0x16, 0xec, 0x51, 0xe8, 0x51, 0x7b, 0xae, 0x97, 0x5b, 0x4a, 0xbb, + 0x86, 0xd7, 0x44, 0x90, 0x06, 0xa5, 0x6b, 0x32, 0xd7, 0x2b, 0x02, 0x90, 0x1c, 0xd1, 0x1e, 0x54, + 0xee, 0x2d, 0x6f, 0x46, 0x74, 0x55, 0xcc, 0x52, 0x1a, 0xc6, 0xfb, 0x95, 0xf6, 0x45, 0x41, 0x00, + 0xaa, 0x94, 0xd1, 0x0a, 0xa8, 0x06, 0x15, 0xd1, 0xb4, 0xa6, 0xa0, 0x3a, 0x54, 0x87, 0xcc, 0x21, + 0x8c, 0x30, 0xad, 0x88, 0xb6, 0xa0, 0x3c, 0x22, 0x84, 0x69, 0x25, 0x54, 0x85, 0xd2, 0xcd, 0x78, + 0xa4, 0x95, 0x8d, 0x2f, 0xb0, 0xbf, 0x7e, 0xe2, 0xa8, 0x0d, 0x3b, 0x71, 0x66, 0x2c, 0x0c, 0xb6, + 0x81, 0x57, 0xdd, 0xe8, 0x08, 0x6a, 0xb9, 0x4b, 0x4c, 0xb4, 0x81, 0x1f, 0x1d, 0x86, 0x9b, 0x15, + 0x86, 0x10, 0x94, 0x79, 0x32, 0xf4, 0x44, 0xa6, 0x82, 0xc5, 0x19, 0xed, 0x83, 0x1a, 0xc9, 0xb9, + 0x48, 0x62, 0x6a, 0x19, 0xa7, 0x00, 0x92, 0x25, 0x9a, 0xab, 0x43, 0xf5, 0xce, 0xbc, 0x36, 0x87, + 0x1f, 0x4d, 0xad, 0x80, 0xb6, 0xa1, 0x36, 0xbe, 0x7a, 0x67, 0x5e, 0xdc, 0xde, 0xe1, 0x4b, 0x4d, + 0xc9, 0x5a, 0x29, 0x1a, 0x3f, 0xd3, 0x0b, 0x2a, 0xd2, 0x4a, 0x72, 0xbe, 0x3d, 0x3a, 0x54, 0xef, + 0x09, 0x8b, 0x69, 0x18, 0xa4, 0xd9, 0x33, 0x13, 0x75, 0xb3, 0xf2, 0x44, 0x01, 0xf5, 0xde, 0xc1, + 0xe2, 0x62, 0x2d, 0x48, 0xe1, 0xac, 0x8b, 0x73, 0x80, 0x2b, 0x87, 0x04, 0x9c, 0x72, 0x4a, 0x62, + 0xbd, 0x24, 0x6e, 0xef, 0x5e, 0x46, 0xba, 0x19, 0x8f, 0x46, 0xd9, 0x46, 0xe3, 0x05, 0x9c, 0xf1, + 0x4b, 0x81, 0x9d, 0x15, 0x45, 0x74, 0x04, 0x5b, 0x72, 0xa1, 0xfa, 0x73, 0x59, 0xd5, 0xa0, 0x80, + 0x73, 0x0f, 0x3a, 0x87, 0xf2, 0x5b, 0x16, 0xfa, 0x69, 0x59, 0xc7, 0x1b, 0xca, 0xea, 0x98, 0xc3, + 0x19, 0x1f, 0x4e, 0x06, 0x05, 0x2c, 0xd0, 0xcd, 0x6b, 0x50, 0xa5, 0x07, 0x35, 0x40, 0x31, 0xd3, + 0x66, 0x15, 0x13, 0x9d, 0xc1, 0x96, 0x20, 0xd0, 0x7c, 0xe3, 0x36, 0x36, 0x9a, 0x03, 0xfb, 0xaa, + 0xdc, 0x12, 0xe3, 0x3f, 0xd0, 0x06, 0x56, 0x3c, 0xa5, 0x81, 0x7b, 0xe1, 0xb9, 0x21, 0xa3, 0x7c, + 0xea, 0x27, 0x3f, 0x33, 0xb0, 0x7c, 0xf9, 0x33, 0x6b, 0x58, 0x9c, 0x8d, 0x53, 0x38, 0xec, 0x7b, + 0xa1, 0xfd, 0xf5, 0x8d, 0xc5, 0xad, 0x94, 0x30, 0xe6, 0x6c, 0x66, 0x8b, 0xfb, 0xb4, 0x07, 0x95, + 0xef, 0xd4, 0xe1, 0x53, 0xc1, 0xd8, 0xc6, 0xd2, 0x30, 0x9e, 0x83, 0x96, 0xde, 0xcf, 0x0b, 0xc7, + 0x61, 0x24, 0x8e, 0x49, 0x9c, 0xdc, 0x27, 0x2b, 0x33, 0xc4, 0xf3, 0x54, 0xc3, 0x8f, 0x8e, 0xfe, + 0xb3, 0x4f, 0x27, 0x2e, 0xe5, 0xd3, 0xd9, 0x43, 0x52, 0x7f, 0x77, 0x3a, 0x8f, 0x08, 0xf3, 0x88, + 0xe3, 0x12, 0xd6, 0x9d, 0x58, 0x0f, 0x8c, 0xda, 0x5d, 0xf1, 0x90, 0xc6, 0xe9, 0x93, 0xfb, 0xa0, + 0x0a, 0xf3, 0xec, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x8a, 0x6c, 0x08, 0x56, 0xae, 0x05, 0x00, + 0x00, } diff --git a/protos/common/configuration.proto b/protos/common/configuration.proto index 68bd3e8514b..f7e97ba26b7 100644 --- a/protos/common/configuration.proto +++ b/protos/common/configuration.proto @@ -66,7 +66,8 @@ message ConfigurationItem { Policy = 0; // Implies that the Value is a marshaled Policy message, and may be referred to by Key as a ModificationPolicy Chain = 1; // Marshaled format for this type is yet to be determined Orderer = 2; // Marshaled format for this type is yet to be determined - Peer = 3; // Marshaled format for this type is yet to be determined + Peer = 3; // Marshaled format for this type is yet to be determined + MSP = 4; // Marshaled MSPConfig proto } ChainHeader Header = 1; // The header which ties this configuration to a particular chain ConfigurationType Type = 2; // The type of configuration this is. diff --git a/protos/orderer/ab.pb.go b/protos/orderer/ab.pb.go index efbbdf49a67..999775d4b58 100644 --- a/protos/orderer/ab.pb.go +++ b/protos/orderer/ab.pb.go @@ -22,9 +22,9 @@ It has these top-level messages: BatchSize BatchTimeout CreationPolicy - IngressPolicy - EgressPolicy - ChainCreators + IngressPolicyNames + EgressPolicyNames + ChainCreationPolicyNames KafkaBrokers KafkaMessage KafkaMessageRegular diff --git a/protos/orderer/configuration.pb.go b/protos/orderer/configuration.pb.go index ff6dd9f8697..c1dcda91411 100644 --- a/protos/orderer/configuration.pb.go +++ b/protos/orderer/configuration.pb.go @@ -71,36 +71,41 @@ func (m *CreationPolicy) String() string { return proto.CompactTextSt func (*CreationPolicy) ProtoMessage() {} func (*CreationPolicy) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{3} } -// IngressPolicy is the name of the policy which incoming Broadcast messages are filtered against -type IngressPolicy struct { - Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` +// IngressPolicyNames is the set of policy names which incoming Broadcast signatures are filtered against +type IngressPolicyNames struct { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + Names []string `protobuf:"bytes,1,rep,name=names" json:"names,omitempty"` } -func (m *IngressPolicy) Reset() { *m = IngressPolicy{} } -func (m *IngressPolicy) String() string { return proto.CompactTextString(m) } -func (*IngressPolicy) ProtoMessage() {} -func (*IngressPolicy) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{4} } +func (m *IngressPolicyNames) Reset() { *m = IngressPolicyNames{} } +func (m *IngressPolicyNames) String() string { return proto.CompactTextString(m) } +func (*IngressPolicyNames) ProtoMessage() {} +func (*IngressPolicyNames) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{4} } -// EgressPolicy is the name of the policy which incoming Deliver messages are filtered against -type EgressPolicy struct { - Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` +// EgressPolicyNames is the set of policy names which incoming Deliver signatures are filtered against +type EgressPolicyNames struct { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + Names []string `protobuf:"bytes,1,rep,name=names" json:"names,omitempty"` } -func (m *EgressPolicy) Reset() { *m = EgressPolicy{} } -func (m *EgressPolicy) String() string { return proto.CompactTextString(m) } -func (*EgressPolicy) ProtoMessage() {} -func (*EgressPolicy) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{5} } +func (m *EgressPolicyNames) Reset() { *m = EgressPolicyNames{} } +func (m *EgressPolicyNames) String() string { return proto.CompactTextString(m) } +func (*EgressPolicyNames) ProtoMessage() {} +func (*EgressPolicyNames) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{5} } -type ChainCreators struct { - // A list of policies, any of which may be specified as the chain creation - // policy in a chain creation request - Policies []string `protobuf:"bytes,1,rep,name=policies" json:"policies,omitempty"` +// ChainCreationPolicyNames is the set of policies which may be invoked for chain creation +type ChainCreationPolicyNames struct { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + Names []string `protobuf:"bytes,1,rep,name=names" json:"names,omitempty"` } -func (m *ChainCreators) Reset() { *m = ChainCreators{} } -func (m *ChainCreators) String() string { return proto.CompactTextString(m) } -func (*ChainCreators) ProtoMessage() {} -func (*ChainCreators) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{6} } +func (m *ChainCreationPolicyNames) Reset() { *m = ChainCreationPolicyNames{} } +func (m *ChainCreationPolicyNames) String() string { return proto.CompactTextString(m) } +func (*ChainCreationPolicyNames) ProtoMessage() {} +func (*ChainCreationPolicyNames) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{6} } // Carries a list of bootstrap brokers, i.e. this is not the exclusive set of // brokers an ordering service @@ -120,36 +125,36 @@ func init() { proto.RegisterType((*BatchSize)(nil), "orderer.BatchSize") proto.RegisterType((*BatchTimeout)(nil), "orderer.BatchTimeout") proto.RegisterType((*CreationPolicy)(nil), "orderer.CreationPolicy") - proto.RegisterType((*IngressPolicy)(nil), "orderer.IngressPolicy") - proto.RegisterType((*EgressPolicy)(nil), "orderer.EgressPolicy") - proto.RegisterType((*ChainCreators)(nil), "orderer.ChainCreators") + proto.RegisterType((*IngressPolicyNames)(nil), "orderer.IngressPolicyNames") + proto.RegisterType((*EgressPolicyNames)(nil), "orderer.EgressPolicyNames") + proto.RegisterType((*ChainCreationPolicyNames)(nil), "orderer.ChainCreationPolicyNames") proto.RegisterType((*KafkaBrokers)(nil), "orderer.KafkaBrokers") } func init() { proto.RegisterFile("orderer/configuration.proto", fileDescriptor1) } var fileDescriptor1 = []byte{ - // 349 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x84, 0x92, 0xcf, 0x8a, 0xdb, 0x30, - 0x10, 0xc6, 0x71, 0x13, 0x92, 0x46, 0x24, 0xfd, 0xa3, 0x42, 0x31, 0xe9, 0x25, 0xb8, 0x17, 0xd3, - 0x86, 0xf8, 0xd0, 0x17, 0x28, 0x36, 0x7b, 0x58, 0x96, 0xc0, 0xe2, 0xcd, 0x69, 0x6f, 0xb2, 0x3d, - 0xb6, 0x45, 0x62, 0x8d, 0x19, 0xc9, 0x10, 0xef, 0x4b, 0xec, 0x2b, 0x2f, 0x96, 0x95, 0x1c, 0x36, - 0x87, 0x3d, 0xf9, 0xfb, 0x66, 0x7e, 0x58, 0xdf, 0x8c, 0xc4, 0x7e, 0x21, 0x15, 0x40, 0x40, 0x51, - 0x8e, 0xaa, 0x94, 0x55, 0x47, 0xc2, 0x48, 0x54, 0xbb, 0x96, 0xd0, 0x20, 0x9f, 0xbb, 0xe6, 0xfa, - 0x47, 0x8e, 0x4d, 0x83, 0x2a, 0x1a, 0x3f, 0x63, 0x37, 0xf8, 0xcd, 0x56, 0x09, 0x2a, 0x0d, 0x4a, - 0x77, 0xfa, 0xd0, 0xb7, 0xc0, 0x39, 0x9b, 0x9a, 0xbe, 0x05, 0xdf, 0xdb, 0x78, 0xe1, 0x22, 0xb5, - 0x3a, 0x78, 0xf5, 0xd8, 0x22, 0x16, 0x26, 0xaf, 0x9f, 0xe4, 0x0b, 0xf0, 0x90, 0x7d, 0x6d, 0xc4, - 0x79, 0x0f, 0x5a, 0x8b, 0x0a, 0x12, 0xec, 0x94, 0xb1, 0xf0, 0x2a, 0x7d, 0x5f, 0xe6, 0x7f, 0xd8, - 0x37, 0x91, 0x69, 0x3c, 0x75, 0x06, 0xf6, 0xe2, 0x1c, 0xf7, 0x06, 0xb4, 0xff, 0xc9, 0xa2, 0x37, - 0x75, 0xbe, 0x65, 0xdf, 0x5b, 0x82, 0x12, 0x88, 0xa0, 0xb8, 0xc2, 0x13, 0x0b, 0xdf, 0x36, 0x82, - 0x90, 0x2d, 0x6d, 0xa0, 0x83, 0x6c, 0x00, 0x3b, 0xc3, 0x7d, 0x36, 0x37, 0xa3, 0x74, 0xc1, 0x2f, - 0x36, 0xf8, 0xcf, 0xbe, 0x24, 0x04, 0x76, 0x21, 0x8f, 0x78, 0x92, 0x79, 0xcf, 0x7f, 0xb2, 0x59, - 0x6b, 0x95, 0x43, 0x9d, 0x1b, 0xea, 0x85, 0xac, 0x40, 0x1b, 0x9b, 0x71, 0x99, 0x3a, 0x37, 0xac, - 0xe8, 0x5e, 0x55, 0x04, 0x5a, 0xbb, 0x1f, 0x70, 0x36, 0x55, 0xa2, 0xb9, 0xae, 0x68, 0xd0, 0x41, - 0xc0, 0x96, 0x77, 0x1f, 0x31, 0x7f, 0xd9, 0x2a, 0xa9, 0x85, 0x54, 0x36, 0x0f, 0x92, 0xe6, 0x6b, - 0xf6, 0xd9, 0x9e, 0x2d, 0x41, 0xfb, 0xde, 0x66, 0x12, 0x2e, 0xd2, 0xab, 0x1f, 0x26, 0x7c, 0x10, - 0xe5, 0x51, 0xc4, 0x84, 0x47, 0x20, 0x3d, 0x4c, 0x98, 0x8d, 0xd2, 0xa1, 0x17, 0x1b, 0xef, 0x9e, - 0xb7, 0x95, 0x34, 0x75, 0x97, 0xed, 0x72, 0x6c, 0xa2, 0xba, 0x6f, 0x81, 0x4e, 0x50, 0x54, 0x40, - 0x51, 0x29, 0x32, 0x92, 0x79, 0x64, 0x6f, 0x5a, 0x47, 0xee, 0x1d, 0x64, 0x33, 0xeb, 0xff, 0xbd, - 0x05, 0x00, 0x00, 0xff, 0xff, 0x13, 0xbb, 0x3c, 0xc7, 0x36, 0x02, 0x00, 0x00, + // 346 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x8c, 0x92, 0x5f, 0x6b, 0xa3, 0x40, + 0x14, 0xc5, 0x71, 0xb3, 0x9b, 0x90, 0x4b, 0xb2, 0xbb, 0x99, 0x5d, 0x16, 0xd9, 0xbe, 0x04, 0xfb, + 0x62, 0x43, 0x88, 0x85, 0x7e, 0x81, 0xa2, 0xf4, 0xa1, 0x94, 0x94, 0x62, 0xf3, 0xd4, 0xb7, 0x51, + 0xaf, 0x3a, 0x24, 0xce, 0xc8, 0x9d, 0x11, 0x62, 0xbf, 0x44, 0xbf, 0x72, 0xc9, 0x68, 0x0a, 0x6d, + 0xa0, 0xf4, 0xc9, 0x73, 0xee, 0xf9, 0x39, 0x9c, 0xf9, 0x03, 0x67, 0x8a, 0x32, 0x24, 0xa4, 0x20, + 0x55, 0x32, 0x17, 0x45, 0x43, 0xdc, 0x08, 0x25, 0x57, 0x35, 0x29, 0xa3, 0xd8, 0xa8, 0x0f, 0xff, + 0xff, 0x49, 0x55, 0x55, 0x29, 0x19, 0x74, 0x9f, 0x2e, 0xf5, 0xce, 0x61, 0x1a, 0x29, 0xa9, 0x51, + 0xea, 0x46, 0x6f, 0xda, 0x1a, 0x19, 0x83, 0xef, 0xa6, 0xad, 0xd1, 0x75, 0xe6, 0x8e, 0x3f, 0x8e, + 0xad, 0xf6, 0x5e, 0x1c, 0x18, 0x87, 0xdc, 0xa4, 0xe5, 0xa3, 0x78, 0x46, 0xe6, 0xc3, 0xaf, 0x8a, + 0xef, 0xd7, 0xa8, 0x35, 0x2f, 0x30, 0x52, 0x8d, 0x34, 0x16, 0x9e, 0xc6, 0x1f, 0xc7, 0x6c, 0x01, + 0xbf, 0x79, 0xa2, 0xd5, 0xae, 0x31, 0xb8, 0xe6, 0xfb, 0xb0, 0x35, 0xa8, 0xdd, 0x6f, 0x16, 0x3d, + 0x99, 0xb3, 0x25, 0xcc, 0x6a, 0xc2, 0x1c, 0x89, 0x30, 0x7b, 0x83, 0x07, 0x16, 0x3e, 0x0d, 0x3c, + 0x1f, 0x26, 0xb6, 0xd0, 0x46, 0x54, 0xa8, 0x1a, 0xc3, 0x5c, 0x18, 0x99, 0x4e, 0xf6, 0xc5, 0x8f, + 0xd6, 0xbb, 0x86, 0x9f, 0x11, 0xa1, 0x3d, 0x90, 0x07, 0xb5, 0x13, 0x69, 0xcb, 0xfe, 0xc1, 0xb0, + 0xb6, 0xaa, 0x47, 0x7b, 0x77, 0x98, 0x67, 0xa2, 0x40, 0x6d, 0x6c, 0xc7, 0x49, 0xdc, 0x3b, 0x6f, + 0x01, 0xec, 0x56, 0x16, 0x84, 0x5a, 0x77, 0x0b, 0xdc, 0xf3, 0x0a, 0x35, 0xfb, 0x0b, 0x3f, 0xe4, + 0x41, 0xb8, 0xce, 0x7c, 0xe0, 0x8f, 0xe3, 0xce, 0x78, 0x17, 0x30, 0xbb, 0xf9, 0x22, 0x7a, 0x09, + 0x6e, 0x54, 0x72, 0x21, 0xdf, 0xb7, 0xfb, 0xec, 0x0f, 0x1f, 0x26, 0x77, 0x3c, 0xdf, 0xf2, 0x90, + 0xd4, 0x16, 0x49, 0x1f, 0x36, 0x9d, 0x74, 0xb2, 0xe7, 0x8e, 0x36, 0x5c, 0x3d, 0x2d, 0x0b, 0x61, + 0xca, 0x26, 0x59, 0xa5, 0xaa, 0x0a, 0xca, 0xb6, 0x46, 0xda, 0x61, 0x56, 0x20, 0x05, 0x39, 0x4f, + 0x48, 0xa4, 0x81, 0xbd, 0x7c, 0x1d, 0xf4, 0x4f, 0x23, 0x19, 0x5a, 0x7f, 0xf5, 0x1a, 0x00, 0x00, + 0xff, 0xff, 0x02, 0x01, 0xf1, 0xb0, 0x49, 0x02, 0x00, 0x00, } diff --git a/protos/orderer/configuration.proto b/protos/orderer/configuration.proto index 58b174ea182..8f36e03ec9c 100644 --- a/protos/orderer/configuration.proto +++ b/protos/orderer/configuration.proto @@ -67,20 +67,25 @@ message CreationPolicy { bytes digest = 2; } -// IngressPolicy is the name of the policy which incoming Broadcast messages are filtered against -message IngressPolicy { - string name = 1; +// IngressPolicyNames is the set of policy names which incoming Broadcast signatures are filtered against +message IngressPolicyNames { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + repeated string names = 1; } -// EgressPolicy is the name of the policy which incoming Deliver messages are filtered against -message EgressPolicy { - string name = 1; +// EgressPolicyNames is the set of policy names which incoming Deliver signatures are filtered against +message EgressPolicyNames { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + repeated string names = 1; } -message ChainCreators { - // A list of policies, any of which may be specified as the chain creation - // policy in a chain creation request - repeated string policies = 1; +// ChainCreationPolicyNames is the set of policies which may be invoked for chain creation +message ChainCreationPolicyNames { + // A list of policies, in evaluation these are 'or'-ed, note this is not a proper policy + // because implementing referential policies in a general way is difficult, and dangerous + repeated string names = 1; } // Carries a list of bootstrap brokers, i.e. this is not the exclusive set of