Skip to content

v2.2.3

Compare
Choose a tag to compare
@denyeart denyeart released this 23 Apr 20:47

v2.2.3 Release Notes - April 23, 2021

Improvements

peer and orderer - Implement legacy name constraints verification for Go 1.15

These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.

Fixes

FAB-18427: orderer - Report correct reason of stream abort in orderer cluster

This commit fixes a bug that makes the cluster communication infrastructure
always report an "aborted" reason after a stream terminates.

FAB-18304: peer and orderer - Fix leveldb manifest corruption

This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".

Dependencies

Fabric v2.2.3 has been tested with the following dependencies:

  • Go 1.15.7
  • CouchDB v3.1.1

Deprecations (existing)

FAB-15754: The 'Solo' consensus type is deprecated.

The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.

FAB-16408: The 'Kafka' consensus type is deprecated.

The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.

Fabric CouchDB image is deprecated

v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.

FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.

Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.

FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate is deprecated.

The --outputAnchorPeersUpdate mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.

FAB-15406: The fabric-tools docker image is deprecated

The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.

FAB-15317: Block dissemination via gossip is deprecated

Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:

peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false

FAB-15061: Legacy chaincode lifecycle is deprecated

The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.

Changes:

  • 94ace65 v2.2.3 release commit
  • d272122 Cherry pick removing duplicate word (#2523)
  • 222fbc8 Add Security Model topic to docs
  • 8116872 Fix link in international_languages.md
  • 496c5f5 integration: PKCS#11 SKI to CKA_ID mapping test
  • d2d031e pkcs11: Add SKI to CKA_ID mapping for BCCSP [ #11 ]
  • 7214be7 Prevent race that occurs after test timeout
  • 6adcbce integration: backport chaincode_server_test
  • 8843223 Back-fill tests for externalbuilder.Duration
  • 796f760 This commit upgrades goleveldb. This upgraded version includes a fix for [ #2463 ]
See More
  • fae13c3 Report correct reason of stream abort in orderer cluster
  • 2b2e154 Log stream total lifetime
  • 100a7e7 corrected organization labels
  • 6320aed corrected Org1 text in Org2 box to Org2
  • 8d0645b Update build to use Go 1.15
  • 6cb530b Change string cast of int value to rune cast
  • d539244 Directives are in comment text instead of groups
  • a1b4d2d Implement legacy name constraints verification
  • 4321503 Add test to assert on name constraint behavior
  • 880914c Re-encode ECDSA CRL signature during MSP setup
  • 8883d71 Add test to exercise signature validation change
  • cb3c87b deps: bump github.com/pkg/errors
  • f635afd Adjust etcdraft error assertions for go 1.15
  • 5f19a00 Replace test cert fixtures with generated certs
  • aa7ad4f Set SKI, support multi hosts, add Signer to CA
  • 684e255 Fix typos in a "Developing Applications" doc
  • 358cba7 Update AZP Service Connection Name
  • 913d2ab Prepare for next release v2.2.3 (#2347)
  • eb2b1ea Add peer log message for failure to invoke chaincode (#2339)
  • 0583c22 Add test newtork download instructions to create a channel tutorial
  • bebb75f v2.2.2 release commit
  • a80c772 Add release notes for v2.2.2 (#2232)
  • 1de0825 Fix the issue of Nil/Zero-length-byte-array value (#2310)
  • e5ecdef Remove system channel from Test Network tutorial
  • c25eb86 [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
  • a861c00 cherry pick test network doc chaincode deployment fix
  • 10c7839 Remove unreachable and unnecessary code in gossip membership (#2295)
  • 6805515 Orderer deployment tutorial update
  • fba5d90 [doc] fix broken link
  • 48bad48 [FAB-18170] Endorsement policy page discusses NodeSDK
  • ee8fcfc [FAB-18392] Clarify scope and limitations of test network
  • 90326b8 [FAB-18252] Documentation should reference Java chaincode support
  • 813be7f Remove anchor peers from configtx.yaml tutorial (#2257)
  • 11526cf Cherry pick org3 edits to release-2.2 branch (#2256)
  • 5953056 Split command in "add an org to network" tutorial
  • 91d9621 Add more details to logging specification examples
  • 7b1dbf1 Update image filter used by integration tests
  • 2a8d96c Remove Short Names and Replace With Full Path in Fabric
  • b2a5aec Check correct error
  • 73b39dc [FAB-18378] Log warning when peer is lagging behind and cannot catch up
  • d5d9965 [FAB-17039] Skip retrieving pvtdata from transient store when txid is missing (#2183) (#2201)
  • 3496dfc [FAB-17954] Document CouchDB JSON determinism (#2187)
  • 26cbec6 [FAB-18323] CherryPick: remove ephemeral from BCCSP SW options (#1553)
  • db9a56f Fixes Hardened to Hardware
  • a381654 remove repeated the
  • bbaa5b8 update private-data sample instruction for Asset owner string
  • 82b4566 Remove reference to first-network
  • 0a1fc23 [FAB-17727] Log warning if system channel has no consortium members (#2149)
  • 935a5c2 Deploy production ordering service doc
  • c928359 Add release note for RSA CA changes
  • 50ca5d4 Add integration test for MSPs with RSA CA certs
  • b3646e5 Restore RSA support for x509 public key import
  • 4026413 Add check for invalid key before hitting couchdb (#2133) (#2135)
  • b8a095f Add persistent volume note to peer deploy guide
  • bf2ebb6 [FAB-18298] Default cluster cert and key (#2119)
  • cae9a63 Update Go to 1.14.12
  • b247ed4 Revert "Allow BCCSP config to be set using env var (#1900)"
  • d1b4524 Update Jira instructions in contributing guide
  • d1730da Cherry pick [FAB-18290] Add channel name to pvtdata reconciler log msgs (#2091)
  • 99c2d12 Deduplicate orderer server TLS root CAs
  • 1e15b64 Log TLS handshake duration
  • 9c5b283 FAB-18244 single node catches up with snapshot (#1964) (#2021)
  • 09234c0 Remove common name from private data doc
  • 5a37306 Fixed TLS certs validation for consenters (release-2.2) (#2005) [ #1888 ]
  • 6f3ad12 [FAB-18270] Disable debug of CouchDB response body
  • 4d40d65 Peer deployment guide
  • 70c41c1 Update help text in test net tutorial
  • 8930c8c Fix Node OU error message
  • ab7104a Update release docs
  • 4a63642 Cherry pick private data tutorial rebase
  • e36ca29 Add Troubleshooting topic to Test Network for Docker Desktop setting
  • e05c443 Allow tick interval override via orderer.yaml
  • 32cb396 Fix chaincode lifecycle tutorial invoke
  • ceb23df Always Finalize the PKCS11 FindObject Operation
  • 2d59f18 Corrected to capitalized function names.
  • 6a370f7 Fix table width issue
  • f2e9e6e Allow BCCSP config to be set using env var (#1900)
  • 6bd0699 Exercise a full end-to-end flow with PKCS11 (#1717)
  • 0b3b95f removed unused variable
  • bf0b300 [FAB-17129] Configure peer and orderer to use PKCS#11 as BCCSP in integration test
  • 8407bc8 Prepare for next release v2.2.2
  • 74ac27c Add two and three digit publishing
  • 344fda6 Release commit for v2.2.1
  • bebb5d8 Cherry pick secured asset transfer tutorial to 2.2
  • ba9eaff [FAB-18041] Add Node.js to CC as external service
  • 107a867 Remove No Longer Relevant Release Note
  • 99a01b2 Update release notes with FAB-18250
  • 7b7ad6b Fix missing word
  • f9f3caf Add change in documentation to explain how to add collaborators in translation
  • 61c05b8 [FAB-18250] Check Error Before Returning Session to Pool (#1937)
  • 765bb73 Remove escc and vscc from list of system chaincodes
  • 9906643 Update v2.2.1 release notes with latest fixes
  • c5cf627 Fix empty address in peer CLI ClientWait log
  • 75046cf Remove GetSessionInfo Call
  • 2e4527b Bug Fix: Saving big payloads by cache CouchDB (#1909)
  • fe684f8 Fix flakey raft/cft integration test
  • e2fa653 Add release notes for v2.2.1
  • 6b1ac6f [FAB-18237] always update stateInfo message upon chaincode update
  • f32cb81 Bugfix in collection config history mgr (#1904)
  • 3ee47a7 fix function name typo in store private data command
  • ffcbf25 Clarify tlsHandshakeTimeShift CLI help text (#1894)
  • 673c364 Correct the explanation for signcerts in Membership section
  • 68d13ed Update write_first_app.rst
  • dc8660b Regenerate peer CLI docs
  • 6c9abf9 Peer CLI communicate with orderers with expired TLS certs (#1863)
  • 6f76408 Bump fabric-config dep to 0.0.7
  • c5c1105 address review comments (#1890) (#1893)
  • a5a6acd pass unreconciled missing pvtdata to pvtdata store (backport to release-2.2) (#1886)
  • ee2bc1b pass unreconciled missing data info to ledger from reconciler (#1797)
  • bc00758 construct unreconciled missing pvtdata (#1699)
  • e500de9 deprioritize unreconcilable missingPvtData (#1721)
  • 10cb4ea mv oldpvtdata commit to separate file
  • 7eaead1 refactor pvtdatastore
  • 659fe39 Adding notes for the usage of script during samples install
  • 2d895c4 [FAB-18208] Do not sign gossip message if membership is empty
  • 42da963 Convert Azure Pipeline To Stages (#1874)
  • 6a02559 Fix data race in gossip/discovery test
  • 7dcd9fd Minor doc fix to clear Sphinx local build error
  • 09764d8 fix missing err check in the block commit path (#1543)
  • cc6dc99 minor cleanup of pvtdatastore
  • 20f0697 reset leveldb batch after the commit
  • bebe131 Use directly leveldb batch (#1507)
  • 99332da [FAB-18194] Fix service discovery for legacy installed chaincodes
  • 0bd0ab2 Update RTD Placeholder
  • ef2632e [FAB-18191] Remove contents of leveldb dir instead of the dir itself when dropping dbs (#1828)
  • 8dae484 [FAB-18120] Adding DevMode integration test for new lifecycle.
  • 9da753a [FAB-18169] Add DevMode support in ChaincodeEndorsementInfoSource
  • 8bbedb8 Revert "[FAB-18183] Bump sphinx in requirements.txt to v1.8.5"
  • bf8f6fc [FAB-18188] Log orderer and peer cert expiration date upon startup (#1804)
  • 0e52fff [FAB-18171] Disregard certificate validity period in intra-orderer communication
  • 445b997 [FAB-18183] Bump sphinx in requirements.txt to v1.8.5
  • 2fc575c Cache bccsp keys generated from getECKey
  • 7b8de81 Add object handle cache to PKCS#11 bccsp provider
  • bf2f3fc Make ecPoint a method on impl
  • 2a22160 Make findKeyPairFromSKI a method on impl
  • 86a5c64 Replace loadLib with initialize method
  • 8a63732 Merge pkcs11/impl.go and pkcs11/pkcs11.go
  • f47ac7d Drain session pool before creating new sessions
  • 4fd232e Add instructions for how to use @Mergifyio backport command
  • 2d522b5 Update Add an Org to a Channel tutorial
  • 2813aba Updates to CouchDB doc tutorial
  • 4919fa7 Updated Using CouchDB to use asset transfer ledger queries smart contract
  • 64c7600 Update Channel Update (Adding an Org) tutorial
  • 7d6bb0f Update docs to replace fabcar references with basic asset transfer
  • 1450e3c Add links for Go and Java sample applications
  • b8b7af7 Refactor tutorial to 'Writing Your First Chaincode'
  • 14ad1d7 [FAB-18109] Update peer chaincode invoke
  • e042657 Fix code snippet display (#1759)
  • 9783edb Write Your First App tutorial updates (#1757)
  • 9563518 Update "Deploying a smart contract" tutorial. (#1756)
  • 417bcd4 Update "Using the Fabric Test network" tutorial (#1755)
  • 0b598c4 Update Write Your First Application Tutorial (#1754)
  • c4e310d Remove Use of Manifest Tool
  • 5f16da8 Update RTD to Target Correct GH Release Branch
  • 6491f6a Fix and improve discovery TLS authentication comments in document
  • 50aea5e Update doc to reflect change in FAB-18163 (#1729)
  • 25a5c40 FAB-18163 TLS Timeshift w/o Separate Cluster Port (#1724) (#1725)
  • f60c78a Add Raft metrics to Raft config doc
  • c932bb4 Use correct gossip SecretEnvelope reference
  • 2821cfc Log Error When PKCS11 Key Not Found (#1679)
  • cce8553 fix: modify certificate alternate DNS duplication
  • 6e97dd0 fix glossary.rst by reverting commit 21fa648
  • 8d590c6 typo fix
  • 05655d0 Fix link in Develop apps doc
  • 67ce3cb Fix: Missing addToWallet.js in ls command output
  • 534e87a Add link to Use a CA to deployment guide
  • 9099e5b Fix international language make html instructions
  • 3741860 Raft: Check suspect info once per suspect interval (#1600)
  • 03f0544 Add LTS release status to What's New doc.
  • 6be80ae Print channel name in learnAnchorPeers
  • dd556f3 Advice for translators, PRs and tools
  • 5dc22d5 Remove ccenv dependency in platforms unit test
  • 9bca8d6 Changes for i18n
  • 5f11b9b Simple Typo fix
  • 5ea85bc Fabric v2.2.0 release commit
  • 7b1a1a2 Add release notes for v2.2
  • d2dfc63 Improve peer CLI error message when no orderer address passed (#1555)
  • 9c3c599 [FAB-18054] Remove default value for top level orderer addresses if (#1550)
  • ff00d9b Improve private data logging (#1545)
  • 62dfb2d Add org name to consortium error message
  • 0de7fc1 Restore couchdb logger (#1532)
  • 2169710 Use tcp for statsd and poll for metric arrival
  • 568d346 Fix chaincode package example path
  • ac3f596 Remove Thirdparty Images From Bootstrap Script
  • 9b187f5 Edits to style guide
  • a6ad407 Upgrade updates
  • 8fd785a Deploy Chaincode Doc
  • 4591d52 Add Check For CouchDB 3.1 (#1491)
  • 529a931 Only canonize ECDSA signatures in MSP:IsWellFormed (#1498)
  • 3d305f7 Disable channel participation API in release-2.2
  • a7dc1d4 [FAB-18028] Create new PropagateEnvironment key
  • c44e603 Remove BYFN
  • da4f52f Remove BYFN from the toc
  • 19d79a4 [FAB-18034] Fixed FabCar docs formatting.
  • 3ee83a7 [FAB-18034] Improve FabCar docs , Fix queryAllCars description
  • f743289 [FAB-18034] Improve FabCar docs with better context, Fix queryAllCars description
  • b99f6ae Eliminate warnings when building documents
  • f0285ca DOC fixed broken hyperlinks fabric doc, updated old output in go.mod
  • 580f90a [FAB-16435] Improve gossip defaults - disable state transfer (#1478)
  • ec42cbd [FAB-16435] Improve defaults - maxBlockCountToStore & blockBufferSize (#1477)
  • 325b762 import collection configs from snapshot (#1460)
  • 327765d Remove DocBuild Job From CI
  • c222790 [FAB-16435] Improve gossip defaults - Peers to be leaders by default
  • dd13262 [FAB-18030] Discover all peers first before testing gossip membership to avoid flakes
  • 09de0b8 Fix unsupported syntax for policy in the documents
  • bc3c63e check iter error (#1468)
  • 701bf56 [FAB-16789] per PR feedback, fixed sentence about peer pulling block from orderer on joining channel
  • 34cea91 check leveldb iterator error (#1428)
  • 68f68ca Revert "rm old proto related code from transient store (#1464)" (#1467)
  • c712090 rm old proto related code from transient store (#1464)
  • 02f0569 [FAB-17992] Remove ledger blockstore data for a channel (#1423)
  • ef97677 Update configtx library dependency to v0.0.5
  • a9d25f0 Remove references to blacklist and whitelist
  • 3e29ecd Fix logging of recovered in NewPublicNymFromBytes
  • 52436d3 rm interface from confighistory store
  • afc2720 Remove whitelist comment from core.yaml
  • d91de16 [FAB-16789] per PR feedback, fixed sentence about peer pulling block from orderer on joining channel
  • c59d45e [FAB-16789] removed sentence about P1 peer using orderer, per PR comment.
  • 0670442 [FAB-16789] Fix peer join description in network key concept
  • d728cd6 Restore assertions related to peer address config
  • 193a7de [FAB-17539] Always remember anchor peers in membership (#1422)
  • 65345cf Explicitly set gossip.endpoint in integration test (#1455)
  • f29b7f1 validation (occ) pkg -- consistently use testify/require (#1454)
  • 2b408a6 txmgr pkg -- consistently use testify/require (#1453)
  • fb97505 statecouchdb pkg -- consistently use testify/require (#1449)
  • 5f098ec statedb pkg -- consistently use testify/require (#1450)
  • 98f1858 rwsetutil pkg -- consistently use testify/require (#1452)
  • 2188eba queryutil pkg -- consistently use testify/require (#1451)
  • 65e88bc [FAB-18021] Improve log messages in msp/configbuilder.go
  • 841e7f0 ledgermgmt pkg -- consistently use testify/require (#1445)
  • 341fa8c privacyenabledstate pkg -- consistently use testify/require (#1447)
  • 8f7cef3 cceventmgmt pkg -- consistently use testify/require (#1443)
  • 9f18781 confighistory pkg -- consistently use testify/require (#1444)
  • def99d1 pvtstatepurgemgmt pkg -- consistently use testify/require (#1448)
  • fe7fd6c pvtdatapolicy pkg -- consistently use testify/require (#1446)
  • 833438f kvledger pkg -- consistently use testify/require (#1440)
  • 0c67955 pvtstore pkg -- consistently use testify/require (#1439)
  • d74a116 stateleveldb pkg -- consistently use testify/require (#1438)
  • 7548f29 replace testify/assert with testify/require (#1437)
  • 87409f0 Remove call to couchdb API _ensure_full_commit (#1435)

This list of changes was auto generated.