Jdk 17 (#8)

* adding check-connected flag to QueryHost * BERTLVPackager can't pack non EMVStandardTagType attempt to fix jpos#349 * Update gradle wrapper version to version 6.7 * add EnvironmentProvider support * Add OBF command * add ability to read LMKs from the environment * Adjust int length * use two colons in file prefix to avoid conflicts * Use two colons in prefix * bug 355: fix MAX_TAG_BYTES constant to support 3 bytes. In the project we could have a tag id constructed of 3 bytes. This patch allows us to handle it correctly. * Refactor Q2 to use NIO API for file operations without changing existing public interfaces. * Revert "Refactor Q2 to use NIO API for file operations without changing existing public interfaces." * Upgrade JLine to 3.17.1 * VFS2 does not belong here * Add support for YAML-based property files jPOS supports the following standard property element: <property file="cfg/xxx.cfg" /> with this change, if the properties file ends in `.yml`, we parse it as a YAML based configuration. * properly dereference property file value * update jPOS version in doc [ci skip] * minor code reformat - indents [ci skip] * Calculate CVV CLI command [ci skip] * send buffered events in background executor * Welcome Matias Peyroti ! [ci skip] * remove '@' [ci skip] * Thank you Josip! [ci skip] * Update Track2.java Sometimes "4111111111111111=" is a valid track2 * Update CardTest.java * cmf packager: add DEs for PIN change * add cvkB * It's actually a CVK, not PVK [ci skip] * removed old commented-out regexp [ci skip] * Allow environment overrides A property named `xx.yy.zz` can be overriden by the environment variable `XX_YY_ZZ`. * do not leak plaintext's exact length * Update ISOUtil.java * Update ISOUtil.java 1. Added new definition for hex2byte. public static byte[] hex2byte (String s, Charset charset) { if (charset == null) charset = CHARSET; if (s.length() % 2 == 0) { return hex2byte (s.getBytes(charset), 0, s.length() >> 1); } else { // Padding left zero to make it even size #Bug raised by tommy return hex2byte("0"+s, charset); } } 2. Changed hex2byte (String s) to public static byte[] hex2byte (String s) { return hex2byte (s, CHARSET); } * Thank you Keshaw for your contribution ! [ci skip] * Update Track2.java Remove extra "?" * add jpos:dependencyCheckAnalyze target * update test expiration * Upgrade BC to 1.67 * Improve JDBMSpace gc() SpaceError handling It partially improve problem addressed in jpos#311 * fixed typo * Fix UnsupportedOperationException when with4characterMACVersions used * Fixes length of MAC when parsing key block The commit ba36800 introduces ability to parse key block, but the one of crutial elements is misinterpreted. * getInTransit() goes back to report head-tail * Add ACL based permission support to LogRotationTestDirectory. * Add connection retry to SslChannelIntegrationTest. * Replace System.currentTimeMillis() with Instant.now(). This appears to improve timer accuracy on non-Linux platforms. * jPOS release 2.1.5 [ci skip] * new development version is 2.1.6-SNAPSHOT * Make RotateLogListener AutoCloseable so that we can clean up the test directory properly. * ThroughputControl: Replace System.currentTimeMillis() with Instant.now(). * TPS: Replace System.currentTimeMillis() with Instant.now(). * Space Tests: Replace System.currentTimeMillis() with Instant.now(). * ThroughputControlTestCase: Replace System.currentTimeMillis() with Instant.now(). * Add github workflow and fix some unreliable tests. * QMUXTestCase: Improve deploy directory isolation. * Make copy operations more robust. * Upgrade JLine to 3.18.0 * DUKPT: support KSN of length > 16 Derivation of current key in DUKPT was assuming KSN always of length 16. * Classloader creation is a privileged operation * Force UTF-8 * Compensate for sleep inaccuracy in Github Windows/OSX CI. * Allow empty defaults in environment references So you can have `"${propname:}"` and get an empty string instead of `"${propname:}"` if `propname` not defined in environment * Add test for empty Environment default * Better EBCDIC handling of DE-48.0 (TCC) for Mastercard * fix NPE * Add -XX:+IgnoreUnrecognizedVMOptions to bin/q2. * update COPYRIGHT year * Upgrade JLine to 3.19.0 * ChannelAdaptor respect 'enabled' on filters config The beans created with the QFactory should respect the `enabled` attribute in the definition XML, this commit add this control to the ChannelAdaptor ISO filters. Signed-off-by: Arturo Volpe <[email protected]> * Add Environment support for OneShotChannelAdaptorMK2 The OneShotChannelAdaptorMK2 uses various properties that are passed as children in the bean configuration, to allow a runtime configuration of those values (and to share the same behaviour as the OneShotChannelAdaptor) we use the new Environment singleton to get the property. Signed-off-by: Arturo Volpe <[email protected]> * Upgrade Gradle wrapper to 6.8.2 * To expose session increase logic * Minimize number of stat calls * Thank you for your contribution Sebastien [ci skip] * Graduated SensitiveString from jPOS-EE (org.jpos.crypto) as suggested from fgonzal * use double-colons - sugggested rewording by BBB [ci skip] * Upgrade OWASP dependency check to 6.1.1 * remove spotbugs for now * Upgrade Mockito to 3.8.0 * add GenericPackagerParams - support TLV/LTV encoded subfields * Caller not used * jPOS release 2.1.6 [ci skip] * New development version 2.1.7-SNAPSHOT * fixing and enhancing docs for Environment config [ci skip] * ignore .sdkmanrc [ci skip] * Upgrade JLINE to 3.20.0 * Connection confirmation message for BaseChannel in client mode * Upgrade to Gradle 7.0.1 * Upgrade BND to 5.3.0, OWASP to 6.1.5 * Upgrade to Gradle 7.0.2 * Add PosDataCode::isCardNotPresent. * Honor 0 timeout (fire-and-forget) closes jpos#414 * request methods: If timeout is 0, call send right away In addition, in async call, expire the response listener (alghouth it has very little sense to call async with timeout 0) * fix DirPoll code example in doc [ci skip] * Copy LICENSE file from repo root [ci skip] * Adds code of conduct from contributor covenant * Adds contributor covenant badge to README. Also fixes some line breaks * Fix Code of Conduct URL * Update jPOS logo * PR-437 NPE as the check value is never set in the SecureKeyBlockBuilder jpos#437 * Bump SLF4J to 1.7.32 * add handy IgnoreLogListener This LogListener can be used for example to swallow aggressive 0800 NMS messages * NameRegister at the end of startService closes jpos#439 * Adding $cfg{...} syntax * Adding Environment.getDir() * Adding command line -Ed/--envdir to Q2 to change the environment dir * Force Environment.reload() if env options were changed. Fix Q2Test.testGetEnvDir() * Renaming Environment#getDir() to Environment#getEnvDir() * add removeField(s) * use LinkedHashMap to keep order removed some useless tests * Swallow SLF4JDynamicBinder triggered in JDK 16 and up * Oops, revert WIP dynamic bean deployment * Implement TVR parser. * Update abort_participant.adoc * crop image * Added class QBeanAsyncSupport Signed-off-by: Bojan Momcilov <[email protected]> * Welcome Bojan to the CREDITS file! * Fixed race condition in Context resume If a Context gets resumed before the TM actually pauses it, the resumeOnPause indicator was left true. On a second PAUSE during the same transaction, the context would get auto-resumed. Bug and fix provided by Ozzy, who says "It was strange to find a bug in jPOS!" * add hasFailure, hasWarning, hasInfo, hasIRC helpers * generalize commaEncode/Decode in ISOUtil to use any character as delimiter * Welcome Pablo ! * validate that track2 lenght is not greater than 37 * Handle PANs shorter than 16 When PAN is short (i.e. 14 digits), discretionary data gets longer. fixes jpos#449 * honor multiple EnviromentProviders in single property * improve charEncode/decode to preserve empty or null strings * fix charEncode when all string are empty or null * fix charEncode/Decode use StringJoiner * added javadoc NOTE to charDecode edge case * fixing indentation in cmf.xml * fixing field 113.39 in cmf.xml * Handle 3-byte tags closes jpos#453 * restrict 3-byte tags to those starting with 0xDF * add autoconfig support * Let FSDProtectedLogListener protect FSDMsg ... instances as well as protecting `FSDISOMsg`'s. Also, remove unnecessary code. * Upgrade BC to 1.69 * fixed length closes jpos#458 * Add support for multiple environments -E (or --environent) switch can be repeated now, i.e: q2 --environment=default --environment=QA * honor multiple property configs * handle YAML and properties in the same loop Thank you Ozzie for the suggestion * bump JDOM to 2.0.6.1 - fixes CVE-2021-33813 * log4shell prevention jPOS doesn't use log4j, but here is our 2c to mitigate the problem in jPOS based applications that might use log4j * Thank you Cristian for your PRs! * autoconfigure Booleans too * AutoConfig ancestors * relax setup wait just two seconds was causing problems on heavy loaded systems * Added move and hasKey helpers * prevent loop in Envirnoment.get * Update copyright * Q2 help clarification for -E * reenable non-greedy ? from inner regX. closes jpos#464 * Fixed javadoc to render the examples correctly. * Document log listeners in jPOS manual Add `FSDLogListener` too. * dereference system properties * Add Environment awareness to the SimpleConfiguration Factory. * document PR 468 * jPOS release 2.1.7 * new development version is 2.1.8-SNAPSHOT * Initialize ServiceConfig prior to calling readCongig. Add unit test * TransactionManager: abort on misconfigured groups * Adding getBin(len) to Card and CardHolder (support 8-digit-bin) * Update RotateLogListener.java update for issue jpos#264 regarding need to use ZoneId at rotate time because it's different on regular events. * LL part defined as ASCII closes jpos#480 * Add DCO * QueryHost force abort when expired in continuations mode * TransactionManager: give explicit info about forced abort of paused txn * de-reference environment properties issues/482 * Honor Environment in some config. Fixes jpos#482 * Honor Environment in some config. Fixes jpos#482 * Add support for CMF DE 027 - POS Capability * MUXPool.send may block if no connected MUXes fixes jpos#487 * Minor text edits / fixes. * Add comment to dump Bitmap in the ISOMsg dump. jpos#488 * Passwords can be de-referenced from the environment And eventually picked off an HSM. So this implementation is safe enough for production. * Update BcdPrefixer.java add length encoded with 6 BCD digits * Create IFB_LLLLLLCHAR.java add 6 BCD digits length FieldPackager * add IFB_LLLHEX * Merge upstream and upgrade to jdk 17 * Update source compatibility * Update jdk version Signed-off-by: Arturo Volpe <[email protected]> Signed-off-by: Bojan Momcilov <[email protected]> Co-authored-by: Barzilai Spinak <[email protected]> Co-authored-by: Alejandro Revilla <[email protected]> Co-authored-by: James Hilliard <[email protected]> Co-authored-by: Alexey Kuznetsov <[email protected]> Co-authored-by: Igor Skljar <[email protected]> Co-authored-by: Andrés Alcarraz <[email protected]> Co-authored-by: keshawsinha <[email protected]> Co-authored-by: Robert Demski <[email protected]> Co-authored-by: Arturo Volpe <[email protected]> Co-authored-by: Sebastien <[email protected]> Co-authored-by: Federico <[email protected]> Co-authored-by: Josefina Revilla <[email protected]> Co-authored-by: Santiago Revilla <[email protected]> Co-authored-by: Murtuza Chhil <[email protected]> Co-authored-by: Bojan Momcilov <[email protected]> Co-authored-by: Pablo Marziotto <[email protected]> Co-authored-by: Ozzy E <[email protected]> Co-authored-by: galihlasahido <[email protected]> Co-authored-by: Gaston-G <[email protected]>
hextremelabs · Sep 12, 2022 · cb1eca3 · cb1eca3
1 parent 1a327be
commit cb1eca3
Show file tree

Hide file tree

Showing 1,091 changed files with 10,239 additions and 3,015 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - name: Set up JDK 1.8
+    - name: Set up JDK 17
       uses: actions/setup-java@v1
       with:
-        java-version: 1.8
+        java-version: 17
     - name: Do deploy
       env:
         AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}

diff --git a/.github/workflows/jpos.yml b/.github/workflows/jpos.yml
@@ -0,0 +1,35 @@
+name: "Run jPOS Tests"
+on: [push, pull_request]
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        java: [ 1.8, 9, 10, 11, 12, 13, 14, 15, 16, 17 ]
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up JDK ${{ matrix.java }}
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+    - name: Cache Gradle packages
+      uses: actions/cache@v2
+      with:
+        path: ~/.gradle/caches
+        key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+        restore-keys: ${{ runner.os }}-gradle
+    - name: Assemble
+      run: gradle jpos:assemble --info
+      env:
+        TERM: dumb
+    - name: Check
+      run: gradle jpos:check --info
+      env:
+        TERM: dumb
+    - name: Dependency Check Analyze
+      run: gradle jpos:dependencyCheckAnalyze --info
+      env:
+        TERM: dumb
diff --git a/.gitignore b/.gitignore
@@ -16,4 +16,6 @@ txnmgrtest/
 .gradle
 build
 .nb-gradle
-
+# VSCode Ignores
+.vscode/settings.json
+.sdkmanrc
diff --git a/.travis.yml b/.travis.yml
@@ -11,14 +11,16 @@ jdk:
   - openjdk11
   - openjdk12
   - openjdk13
+  - openjdk14
+  - openjdk15
 before_script:
   - echo $JAVA_OPTS
   - export JAVA_OPTS=-Xmx4G
 install: true
 script:
   - java -version
   - ulimit -a
-  - TERM=dumb ./gradlew jpos:assemble jpos:check --info --no-parallel
+  - TERM=dumb ./gradlew jpos:assemble jpos:check jpos:dependencyCheckAnalyze --info
 deploy:
   provider: script
   script: bash .travis/update-gh-pages.sh

diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
@@ -0,0 +1,133 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[email protected].
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available
+at [https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -0,0 +1,5 @@
+# Certificate of Origin
+
+By contributing to this project you agree to the Developer Certificate of Origin (DCO).
+
+See the [DCO](legal/dco.txt) file for details.
diff --git a/COPYRIGHT b/COPYRIGHT
@@ -1,6 +1,6 @@
 /*
  * jPOS Project [http://jpos.org]
- * Copyright (C) 2000-2020 jPOS Software SRL
+ * Copyright (C) 2000-2022 jPOS Software SRL
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as