github hyperledger/fabric v2.3.2

latest releases: v3.0.0, v2.5.10, v3.0.0-rc1...
3 years ago

v2.3.2 Release Notes - April 23, 2021

Improvements

peer and orderer - Implement legacy name constraints verification for Go 1.15

These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.

Fixes

FAB-18427: orderer - Report correct reason of stream abort in orderer cluster

This commit fixes a bug that makes the cluster communication infrastructure
always report an "aborted" reason after a stream terminates.

FAB-18424: peer - Ledger snapshot request submission with special value "blockNumber 0"

If a ledger snapshot request is submitted with the special value "blockNumber 0", peer is expected to translate the request to last committed block.
This patch fixes the issue where, it may happen sometimes that the request is translated to block number 1 instead of last committed block.
This leads to the situation where no snapshot gets generated, including any future snapshot requests.
If you have ever used this special value, we encourage you to check the list of pending snapshots requests with peer snapshot listpending.
If you notice one or more pending requests that are for the the block numbers lower than the latest committed block, cancel such requests with peer snapshot cancelrequest to enable the further snapshot requests to be processed.

FAB-18304: peer and orderer - Fix leveldb manifest corruption

This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".

Dependencies

Fabric v2.3.2 has been tested with the following dependencies:

  • Go 1.15.7
  • CouchDB v3.1.1

Deprecations (existing)

FAB-15754: The 'Solo' consensus type is deprecated.

The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.

FAB-16408: The 'Kafka' consensus type is deprecated.

The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.

Fabric CouchDB image is deprecated

v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.

FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.

Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.

FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate is deprecated.

The --outputAnchorPeersUpdate mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.

FAB-15406: The fabric-tools docker image is deprecated

The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.

FAB-15317: Block dissemination via gossip is deprecated

Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:

peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false

FAB-15061: Legacy chaincode lifecycle is deprecated

The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.

Changes:

  • 0022e8f v2.3.2 release commit
  • 248a220 Improve snapshot dir error message (#2530)
  • 25f6612 Document ledger.snapshots.rootDir
  • ce16177 Cherry pick removing duplicate word (#2524)
  • 5de1d02 Add Security Model topic to docs
  • 13ef1e1 Fix link in international_languages.md
  • b2c8d23 Fix old or incorrect contents in the doc build instruction
  • f246243 integration: PKCS#11 SKI to CKA_ID mapping test
  • 871d325 pkcs11: Add SKI to CKA_ID mapping for BCCSP [ #11 ]
  • 0fb8e5a This commit upgrades goleveldb. This upgraded version includes a fix for [ #2463 ]
See More
  • 70c1d11 Fix images in network concept and upload new diagrams power point
  • 2e9e732 Prepare for next release v2.3.2
  • fd84e78 Fix bug in snapshot request submission
  • 90db11d Report correct reason of stream abort in orderer cluster
  • 1524fc9 Log stream total lifetime
  • 8543389 corrected organization labels
  • c61883e corrected Org1 text in Org2 box to Org2
  • b156d91 Update build to use Go 1.15
  • c4d4f79 Implement legacy name constraints verification
  • a873a87 Add test to assert on name constraint behavior
  • 230aa0e deps: bump github.com/pkg/errors
  • 15e3f94 Re-encode ECDSA CRL signature during MSP setup
  • 4e91e45 Add test to exercise signature validation change
  • 8fb1a81 Adjust etcdraft error assertions for go 1.15
  • 47b0bb6 Replace test cert fixtures with generated certs
  • ce2cf21 Set SKI, support multi hosts, add Signer to CA
  • 932e077 Fix typos in a "Developing Applications" doc
  • d19dd32 Update documentation to include Go SDK
  • df59561 Fix broken link in orderer deployment guide
  • b2d6db6 Test network works with Docker Desktop version 2.5.0.1
  • 1562d7e Update AZP Service Connection Name
  • 7ad69c7 Add Create a channel tutorial without a system channel and using test network
  • 2f69b42 Release commit for v2.3.1
  • 17b7e4f Add peer log message for failure to invoke chaincode (#2339)
  • fc63fcd Test network does not work with latest Docker
  • 8dc9930 Minor updates related to documentation for commands and more osnadmin updates (release-2.3) (#2322)
  • c29420c Rename --channel-id to --channelID in osadmin
  • 410ba71 Participation edits to network concept doc
  • f682cad Fix the issue of Nil/Zero-length-byte-array value (#2309)
  • 23b677c Remove system channel from Test Network tutorial
  • 1dc0b47 [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
  • b144d49 cherry pick test network doc chaincode deployment
  • 7996176 [FAB-18398] Added osnadmin binary to tools image (#2275)
  • 7debdef Remove unreachable and unnecessary code in gossip membership (#2294)
  • f99cff0 Orderer deployment tutorial update
  • b4548dd [doc] fix broken link
  • a4a86d6 Minor create channel doc typos
  • c8d3e08 Even more edits to docs for participation API (#2208) (#2281)
  • 06866fb Revert "Minor create channel doc typos" backport
  • e24a05e Pass GO_TAGS to tools container (#2278)
  • c2758ef Raft configuration doc issue after mergify backport (release-2.3)
  • 157f556 [FAB-18170] Endorsement policy page discusses NodeSDK
  • f3cb99e [FAB-18392] Clarify scope and limitations of test network
  • d486efb [FAB-18252] Documentation should reference Java chaincode support
  • 377290d Remove anchor peers from configtx.yaml tutorial (#2257)
  • e6b55b1 Update "add an org" tutorial to not use CLI
  • cd578f3 Split command in "add an org to network" tutorial
  • 0b2c755 Add more details to logging specification examples
  • 56a0861 Minor create channel doc typos
  • c8cc666 Update image filter used by integration tests
  • 4d213ba Add Language Argument to DeployCC Calls
  • 9ab9368 Check correct error
  • 06eb9b1 [FAB-18378] Log warning when peer is lagging behind and cannot catch up
  • e5e858a Fix unusual dash character in channel participation tutorial
  • 5da3b0f [FAB-17039] Skip retrieving pvtdata from transient store when txid is missing (#2183) (#2200)
  • cc5a77c More doc edits for system channel removal
  • 0e774df Remove Short Names and Replace With Full Path in Fabric
  • c91961c Edits to orderer and capabilities concept for participation API
  • eb22bbf [FAB-17954] Document CouchDB JSON determinism (#2187)
  • b1fb856 Fix name of CHANNEL_CONFIG_BLOCK in the Channel participation API tutorial (#2186)
  • bd49126 Update README.md to include link to Fabric v2.3 documentation
  • 94fffbb Orderer deploy guide edits for participation API (#2148)
  • a455146 Fixes Hardened to Hardware
  • 537ef5c remove repeated the
  • 4c67ed3 update private-data sample instruction for Asset owner string
  • ef8ff19 Remove reference to first-network
  • ec81f3e Release commit for v2.3.0 (#2144)
  • 2ff4e0e Clarify clientRootCAs guidance in core.yaml
  • 4c4ddfc Clarify clientRootCAs guidance in core.yaml and TLS docs (#2142)
  • bc33cbb [FAB-18322] Check panic message in TestInitializeServerConfig (#2140)
  • 504caaf What's New documentation for v2.3.0 (#2126)
  • e7b81ba Update core.yaml, orderer.yaml and docs for TLS (#2141)
  • d5ed80d Add release note for RSA CA changes
  • a09f0e7 Add integration test for MSPs with RSA CA certs
  • 52f511d Restore RSA support for x509 public key import
  • c545195 Deploy production ordering service doc
  • 5f2034f Add check for invalid key before hitting couchdb (#2133)
  • 1f6fb08 Chan.Part.API: Onboarding and follower CFT IT (#2094)
  • 39a8545 Fab-18337 Ch.Part.API: Test join system channel with app channels (#2128)
  • ab55d50 Add persistent volume note to peer deploy guide
  • cb683e5 Chan.Part.API: avoid flakiness after removing system channel (#2111)
  • 48bf409 [FAB-18319] Ch.Part.API: IT Remove and rejoin channel from orderer (#2085)
  • 7055007 Nominate Will Lahti as Fabric Maintainer
  • c174728 [FAB-18179] Channel Participation API Tutorial
  • c08c5e3 Update v2.3.0 release notes
  • 09c0d75 Revert "[FAB-18179] Channel Participation API tutorial"
  • 40e845b [FAB-18179] Channel Participation API tutorial
  • 1f59e41 Remove unused type (#2120)
  • d997115 Update Contribution guide to point to RFC process
  • 01bfbba Update Go to 1.14.12
  • 4a7efe9 Remove custom errors from pvtdata store
  • 5dcdf81 Remove custom error types from txmgr package
  • 24868e9 Remove custom error types (#2110)
  • cd99b4e Enforce Admin.TLS.ClientAuthRequired in orderer config (#2107)
  • a01cda4 Allow osnadmin to connect without TLS (#2106)
  • 7f6b5dd [FAB-18315] Ch.Part.API: Add remove failure metric for chain status (#2108)
  • b9a8338 Add snapshots to peer deploy checklist (#2109)
  • 4f1e093 kvledger/test for snapshot generation and bootstrap
  • e5ebb7b Remove the temp folder on error during snapshot generation (#2104)
  • 941f0af Document additional snapshot considerations
  • f1058a8 [FAB-18333] Fix panic in cluster/comm#TestRenewCertificates
  • 4e7201b Revert "Allow BCCSP config to be set using env var (#1900)" (#2093)
  • b8f76ae Remove Jira screenshots (#2103)
  • ca26271 Redirect integration test logs to GinkgoWriter
  • cd623d7 Update Jira instructions in contributing guide
  • 01394c7 Chan.Part.API: Rename pendingops/joinblock to pendingops/join
  • 45afdbd Update channel_update_tutorial.rst with joinbysnapshot
  • 421dddf Remove unimplemented funcitons
  • c590e37 Prevent race that occurs after test timeout
  • 901fe6c [FAB-18329] Fix data race in cluster/comm_test#TestRenewCertificates (#2089)
  • 73853ef Chan.Part.API: join system channel using config block IT (#2082)
  • 1e90c88 osnadmin command reference (#2077)
  • 4b134cf Chan.Part.API: Rename cluster relation to consensus relation (#2086)
  • d54ed92 Chan.Part.API: channel participation relation/status metrics (#2025)
  • cc77194 Ch.Part.API: Allow retry of failed removals (#2083)
  • 1f372da [FAB-18318] IT: verify DUPLICATE_TXID error when resubmitting old tx on a peer bootstrapped from snapshot (#2084)
  • 6a56a06 Update configtxgen log messages for app chan genesis block (#2076)
  • 7f6ead9 [FAB-18132] Ch.Part.API: Remove ledger resources asynchronously (#2027)
  • 17f075c Add function TxIDExists and use in validation path
  • d620ab3 [FAB-18298] Default cluster cert and key
  • 636c361 Rename cluster relation member to consenter (#2079)
  • 348e2c7 Add default snapshot directory to core.yaml (#2068)
  • 4db7e4c Add osnadmin to Makefile
  • 2b1b989 [FAB-18290] Add channel name to pvtdata reconciler log msgs
  • c15e44e Minor refactoring
  • a37ea5c Minor Refactoring
  • bf57390 Optimize importing snapshot data into pvtdatastore
  • 596f720 [FAB-18307] IT: set deprioritizedDataReconcilerInterval to prevent CI flake (#2070)
  • 32da54c [FAB-17953] IT: add tests to verify channel config can be retrieved on a peer bootstrapped from snapshot (#2064)
  • 91af918 IT: Add ACL test for snapshot related CLI cmds (#2061)
  • ea81d21 osnadmin CLI (#1907)
  • d7b1ed1 Chan.Part.API: config-tracker IT flake fix
  • b106d05 Updated comment for channel participation API
  • 0d4c878 Fix link in snapshot doc
  • 8620090 Use -c instead of -C for channelID in snapshot cli cmds
  • 0edadac Peer snapshot documentation
  • fac5bd1 [FAB-17953] IT: verify pvtdata reconciliation when bootstrapping by snapshot (#2052)
  • 46cdc03 [FAB-17800] Update peer node command doc
  • 2bf53e6 FAB-18291 Ch.Part.API: BlockPuller that can be stopped (#2050)
  • 067f09b FAB-18301 Registrar.JoinChannel takes the wrong lock type (#2058)
  • e4c54fa Chan.Part.API: config-tracker IT
  • 275b545 [FAB-17800] Update reset/rollback/rebuild/upgrade_dbs cmd descriptions for snapshot
  • dd22478 Add function GetChannelConfig in cscc and use in peer client
  • 8758bde Update fabric-protos-go dependency (#2057)
  • dedcf42 Add doc files for peer snapshot commands
  • cf678be Cleanup system channel w/ genesis block IT (#2055)
  • 8899f5a Avoid duplicated follower chain.Halt()
  • 286293a s/assert/require in orderer/common/follower UT
  • a216637 check if desired version of samples exists
  • 0d4e6ed Fix CouchDB tutorial queries
  • c9439d8 [FAB-18130] Chan.Part.API: Creating the system channel with a genesis block, so no onboarding is
  • 2198c09 Minor refactor/log change for orderer startup
  • 62a8808 Rename channel particicpation CFT filerepo directory to pendingops
  • 8f7e37a Chan.Part.API: IT cleanup/improvements
  • 44caec4 nwo.GetConfigBlock retry until success
  • 687f58d Refactor and export pvtdata test funcs for marbles_private chaincode (#2048)
  • b810925 FAB-18283 Ch.Part.API: StatusReport on evicted etcdraft.Chain (#2049)
  • 2c921bc Return errors in rollback/rebuild commands when using snapshots
  • a143ea9 Minor update to joinbysnapshot cmd response msg
  • d59af2c Expose new Admin endpoint on orderer for the channel participation API (#1939)
  • 60b5053 Update location of snapshots folder in IT
  • e071f57 [FAB-17953] Add integration tests for snapshot feature (leveldb and couchdb, no pvtdata)
  • 105aeeb Make snapshots folder directly under <peer.fileSystemPath>
  • 44f6ef5 Pass channel config to service discovery
  • 90733a0 Log TLS handshake duration (#2032)
  • 7b2b9f0 [FAB-18082] Make RemoveChannel crash fault tolerant (#1952)
  • 91886f6 FAB-18108 Ch.Part.API: simplify follower.Chain flow control (#2026)
  • d0eb424 Update tests to use CouchDB 3.1.1
  • 48d532f Deduplicate orderer server TLS root CAs (#2029)
  • 3c57d11 Copy Into Correct Slice To Ensure Keystore Password is Set
  • c6f07dd FAB-18276 Ch.Part.API: extractSystemChannel must skip empty ledger (#2023)
  • 69bc731 Remove common name from private data doc
  • 0ae1f5a FAB-18198 Ch.Part.API: Restructure registrar init (#2015)
  • 56118d0 IT - update MSP and consenters set in single config update
  • da83764 Update Nikhil Gupta's email address in maintainer file
  • d43e5dd Add stringer for channelID type (#2016)
  • 0ee3295 Persist complete collection in the private blockstore (#2010)
  • 4e2ac6f [FAB-18270] Disable debug of CouchDB response body
  • 192b03b [FAB-17800] Reset/Rollback returns error if a channel was bootstrapped from a snapshot (#1990)
  • 9d02571 Fix bug in consenter cert validation logic
  • 330dc72 Chan.Part.API: test member to follower transition
  • ecf0bb7 Miscellaneous channel participation IT cleanup
  • b0a7291 Peer deployment guide
  • 02ff2a3 UT improvements for common/blockledger/fileledger (#1998)
  • 9adde2e Update help text in test net tutorial
  • e6fcef5 Update release docs
  • 60fa282 Fix Node OU error message
  • 114f030 Shutdown blockstore (if open) before dropping ledger (#1992)
  • f79abaa Add Troubleshooting topic to Test Network for Docker Desktop setting
  • 8c684eb Avoid panic when re-attempting system channel removal
  • 49dbea4 Allow tick interval override via orderer.yaml (#1981)
  • 3f93c17 Improve consistency with channel participation errors (#1974)
  • 4b1e6b7 Fix chaincode lifecycle tutorial invoke
  • f5201e9 Minor Fix - Add channelID in snapshot mgmt logs
  • 568e08c Private data edits
  • 99d7182 Always Finalize the PKCS11 FindObject Operation
  • 335de61 Add high level logging for snapshot generation and bootstrap from a snapshot
  • 9ab2d38 Couchdb indexes during bootstrap from a sanpshot for legacy chaincodes
  • 5455e2f [FAB-18111] Add docs for DevMode using new lifecycle
  • 886d3cc FAB-18192 Fixed TLS certs validation for consenters. (#1888)
  • e904f0e Fix table width issue
  • e264d1b FAB-18244 single node catches up with snapshot (#1964)
  • f4a612c Corrected to capitalized function names.
  • 37b2bff Validate pvt-data during reconciliation for bootstrapped ledger (#1947)
  • 4afc136 [FAB-18235] Properly handle Newest when a peer is bootstrapped from a snapshot (#1936)
  • 0a9f766 Allow BCCSP config to be set using env var (#1900)
  • fa0213f [FAB-18127] Chan.Part.API IT: Join as follower (#1861)
  • 20eb852 Updates in master for v2.2.1 release
  • 3935378 Add two and three digit publishing
  • fb3ad73 Discover CLI fails fast when given inappropriate certificate file
  • 79a4e01 Fix orderer/common/multichannel flake when removing channel
  • 03375dc Fix TestKeyCache
  • a288fe4 [FAB-18250] Check Error Before Returning Session to Pool
  • fc0c3e2 Chan.Part.API: Int test for forbidden join actions
  • d52a9e8 Chan.Part.API: Int tests for forbidden actions w/ system channel
  • 5f09b3b Private data tutorial edits
  • 69bd5cf Remove escc and vscc from list of system chaincodes
  • a11fa5f Enable pvtdata store to receive pvtdata hashes during bootstrap (#1927)
  • 356bf04 Fix empty address in peer CLI ClientWait log
  • 1eec843 Remove GetSessionInfo Call
  • bf5917f [FAB-18234] Add joinbysnapshotstatus CLI command (#1910)
  • d083849 [FAB-17691] Add BootstrappingSnapshotInfo to BlockchainInfo (#1922)
  • 646260e Bug Fix: Saving big payloads by cache CouchDB (#1909)
  • 3a8440d Fix flakey raft/cft integration test (#1916)
  • 5152bea [FAB-18234] Update fabric-protos-go dependency (#1919)
  • 5bcb5e0 Implement interface SnapshotPvtdataHashesConsumer for pvtdata store (#1908)
  • e801c2f [FAB-17691] Update fabric-protos-go dependency (#1914)
  • d76553a [FAB-18237] always update stateInfo message upon chaincode update
  • bbc5f5f [FAB-18164] Change CreateLedgerFromSnapshot to async (#1889)
  • 17858a5 Update 'Using Private Data in Fabric' tutorial
  • d67feb1 Bugfix in collection config history mgr
  • b89e02b [FAB-18235] Update fabric-protos-go dependency (#1899)
  • 379f6f0 Clarify tlsHandshakeTimeShift CLI help text (#1896)
  • 39601e2 Update write_first_app.rst
  • 5a372b9 Correct the explanation for signcerts in Membership section
  • 6bf0542 address review comments (#1890)
  • ebfd084 FAB-17911 Ch.Part.API: join system channel (#1884)
  • 91f0866 pass unreconciled data to the pvtstore commit
  • de6c1fa minor refactoring of missing pvtdata retrieval test
  • fd8559f add config for deprioritized missing data access interval

This list of changes was auto generated.

Don't miss a new fabric release

NewReleases is sending notifications on new releases.