Jdk 17 (#8)

* adding check-connected flag to QueryHost

* BERTLVPackager can't pack non EMVStandardTagType

attempt to fix jpos#349

* Update gradle wrapper version to version 6.7

* add EnvironmentProvider support

* Add OBF command

* add ability to read LMKs from the environment

* Adjust int length

* use two colons in file prefix to avoid conflicts

* Use two colons in prefix

* bug 355: fix MAX_TAG_BYTES constant to support 3 bytes.

In the project we could have a tag id constructed of 3 bytes. This patch
allows us to handle it correctly.

* Refactor Q2 to use NIO API for file operations without changing
existing public interfaces.

* Revert "Refactor Q2 to use NIO API for file operations without changing existing public interfaces."

* Upgrade JLine to 3.17.1

* VFS2 does not belong here

* Add support for YAML-based property files

jPOS supports the following standard property element:

   <property file="cfg/xxx.cfg" />

with this change, if the properties file ends in `.yml`, we parse it
as a YAML based configuration.

* properly dereference property file value

* update jPOS version in doc

[ci skip]

* minor code reformat - indents

[ci skip]

* Calculate CVV CLI command

[ci skip]

* send buffered events in background executor

* Welcome Matias Peyroti !

[ci skip]

* remove '@' [ci skip]

* Thank you Josip!

[ci skip]

* Update Track2.java

Sometimes "4111111111111111=" is a valid track2

* Update CardTest.java

* cmf packager: add DEs for PIN change

* add cvkB

* It's actually a CVK, not PVK

[ci skip]

* removed old commented-out regexp

[ci skip]

* Allow environment overrides

A property named `xx.yy.zz` can be overriden by the environment variable `XX_YY_ZZ`.

* do not leak plaintext's exact length

* Update ISOUtil.java

* Update ISOUtil.java


1. Added new definition for hex2byte. 
public static byte[] hex2byte (String s, Charset charset) {
        if (charset == null) charset = CHARSET;
        if (s.length() % 2 == 0) {
            return hex2byte (s.getBytes(charset), 0, s.length() >> 1);
        } else {
        	// Padding left zero to make it even size #Bug raised by tommy
        	return hex2byte("0"+s, charset);
        }
    }

2. Changed hex2byte (String s) to 
public static byte[] hex2byte (String s) {
        return hex2byte (s, CHARSET);
    }

* Thank you Keshaw for your contribution !

[ci skip]

* Update Track2.java

Remove extra "?"

* add jpos:dependencyCheckAnalyze target

* update test expiration

* Upgrade BC to 1.67

* Improve JDBMSpace gc() SpaceError handling

It partially improve problem addressed in jpos#311

* fixed typo

* Fix UnsupportedOperationException when with4characterMACVersions used

* Fixes length of MAC when parsing key block

The commit ba36800 introduces ability to parse key block,
but the one of crutial elements is misinterpreted.

* getInTransit() goes back to report head-tail

* Add ACL based permission support to LogRotationTestDirectory.

* Add connection retry to SslChannelIntegrationTest.

* Replace System.currentTimeMillis() with Instant.now().

This appears to improve timer accuracy on non-Linux platforms.

* jPOS release 2.1.5 [ci skip]

* new development version is 2.1.6-SNAPSHOT

* Make RotateLogListener AutoCloseable so that we can clean up the test directory properly.

* ThroughputControl: Replace System.currentTimeMillis() with Instant.now().

* TPS: Replace System.currentTimeMillis() with Instant.now().

* Space Tests: Replace System.currentTimeMillis() with Instant.now().

* ThroughputControlTestCase: Replace System.currentTimeMillis() with Instant.now().

* Add github workflow and fix some unreliable tests.

* QMUXTestCase: Improve deploy directory isolation.

* Make copy operations more robust.

* Upgrade JLine to 3.18.0

* DUKPT: support KSN of length > 16

Derivation of current key in DUKPT was assuming KSN always of length 16.

* Classloader creation is a privileged operation

* Force UTF-8

* Compensate for sleep inaccuracy in Github Windows/OSX CI.

* Allow empty defaults in environment references

So you can have `"${propname:}"` and get an empty string instead of `"${propname:}"` if `propname` not defined in environment

* Add test for empty Environment default

* Better EBCDIC handling of DE-48.0 (TCC) for Mastercard

* fix NPE

* Add -XX:+IgnoreUnrecognizedVMOptions to bin/q2.

* update COPYRIGHT year

* Upgrade JLine to 3.19.0

* ChannelAdaptor respect 'enabled' on filters config

The beans created with the QFactory should respect the `enabled`
attribute in the definition XML, this commit add this control to the
ChannelAdaptor ISO filters.

Signed-off-by: Arturo Volpe <[email protected]>

* Add Environment support for OneShotChannelAdaptorMK2

The OneShotChannelAdaptorMK2 uses various properties that are passed as
children in the bean configuration, to allow a runtime configuration of
those values (and to share the same behaviour as the
OneShotChannelAdaptor) we use the new Environment singleton to get the
property.

Signed-off-by: Arturo Volpe <[email protected]>

* Upgrade Gradle wrapper to 6.8.2

* To expose session increase logic

* Minimize number of stat calls

* Thank you for your contribution Sebastien

[ci skip]

* Graduated SensitiveString from jPOS-EE (org.jpos.crypto)

as suggested from fgonzal

* use double-colons - sugggested rewording by BBB

[ci skip]

* Upgrade OWASP dependency check to 6.1.1

* remove spotbugs for now

* Upgrade Mockito to 3.8.0

* add GenericPackagerParams - support TLV/LTV encoded subfields

* Caller not used

* jPOS release 2.1.6 [ci skip]

* New development version 2.1.7-SNAPSHOT

* fixing and enhancing docs for Environment config [ci skip]

* ignore .sdkmanrc [ci skip]

* Upgrade JLINE to 3.20.0

* Connection confirmation message for BaseChannel in client mode

* Upgrade to Gradle 7.0.1

* Upgrade BND to 5.3.0, OWASP to 6.1.5

* Upgrade to Gradle 7.0.2

* Add PosDataCode::isCardNotPresent.

* Honor 0 timeout (fire-and-forget)

closes jpos#414

* request methods: If timeout is 0, call send right away

In addition, in async call, expire the response listener
(alghouth it has very little sense to call async with timeout 0)

* fix DirPoll code example in doc

[ci skip]

* Copy LICENSE file from repo root

[ci skip]

* Adds code of conduct from contributor covenant

* Adds contributor covenant badge to README. Also fixes some line breaks

* Fix Code of Conduct URL

* Update jPOS logo

* PR-437

NPE as the check value is never set in the SecureKeyBlockBuilder jpos#437

* Bump SLF4J to 1.7.32

* add handy IgnoreLogListener

This LogListener can be used for example to swallow aggressive 0800 NMS messages

* NameRegister at the end of startService

closes jpos#439

* Adding $cfg{...} syntax

* Adding Environment.getDir()

* Adding command line -Ed/--envdir to Q2 to change the environment dir

* Force Environment.reload() if env options were changed. Fix Q2Test.testGetEnvDir()

* Renaming Environment#getDir() to Environment#getEnvDir()

* add removeField(s)

* use LinkedHashMap to keep order

removed some useless tests

* Swallow SLF4JDynamicBinder triggered in JDK 16 and up

* Oops, revert WIP dynamic bean deployment

* Implement TVR parser.

* Update abort_participant.adoc

* crop image

* Added class QBeanAsyncSupport

Signed-off-by: Bojan Momcilov <[email protected]>

* Welcome Bojan to the CREDITS file!

* Fixed race condition in Context resume

If a Context gets resumed before the TM actually pauses it,
the resumeOnPause indicator was left true. On a second PAUSE
during the same transaction, the context would get auto-resumed.

Bug and fix provided by Ozzy, who says "It was strange to find a bug in jPOS!"

* add hasFailure, hasWarning, hasInfo, hasIRC helpers

* generalize commaEncode/Decode in ISOUtil to use any character as delimiter

* Welcome Pablo !

* validate that track2 lenght is not greater than 37

* Handle PANs shorter than 16

When PAN is short (i.e. 14 digits), discretionary data gets longer.

fixes jpos#449

* honor multiple EnviromentProviders in single property

* improve charEncode/decode to preserve empty or null strings

* fix charEncode when all string are empty or null

* fix charEncode/Decode use StringJoiner

* added javadoc NOTE to charDecode edge case

* fixing indentation in cmf.xml

* fixing field 113.39 in cmf.xml

* Handle 3-byte tags

closes jpos#453

* restrict 3-byte tags to those starting with 0xDF

* add autoconfig support

* Let FSDProtectedLogListener protect FSDMsg ...

instances as well as protecting `FSDISOMsg`'s.

Also, remove unnecessary code.

* Upgrade BC to 1.69

* fixed length

closes jpos#458

* Add support for multiple environments

-E (or --environent) switch can be repeated now, i.e:

   q2 --environment=default --environment=QA

* honor multiple property configs

* handle YAML and properties in the same loop

Thank you Ozzie for the suggestion

* bump JDOM to 2.0.6.1 - fixes CVE-2021-33813

* log4shell prevention

jPOS doesn't use log4j, but here is our 2c to mitigate the problem
in jPOS based applications that might use log4j

* Thank you Cristian for your PRs!

* autoconfigure Booleans too

* AutoConfig ancestors

* relax setup wait

just two seconds was causing problems on heavy loaded systems

* Added move and hasKey helpers

* prevent loop in Envirnoment.get

* Update copyright

* Q2 help clarification for -E

* reenable non-greedy ? from inner regX.

closes jpos#464

* Fixed javadoc to render the examples correctly.

* Document log listeners in jPOS manual

Add `FSDLogListener` too.

* dereference system properties

* Add Environment awareness to the SimpleConfiguration Factory.

* document PR 468

* jPOS release 2.1.7

* new development version is 2.1.8-SNAPSHOT

* Initialize ServiceConfig prior to calling readCongig. Add unit test

* TransactionManager: abort on misconfigured groups

* Adding getBin(len) to Card and CardHolder (support 8-digit-bin)

* Update RotateLogListener.java

update for issue jpos#264 regarding need to use ZoneId at rotate time because it's different on regular events.

* LL part defined as ASCII

closes jpos#480

* Add DCO

* QueryHost force abort when expired in continuations mode

* TransactionManager: give explicit info about forced abort of paused txn

* de-reference environment properties

issues/482

* Honor Environment in some config. Fixes jpos#482

* Honor Environment in some config. Fixes jpos#482

* Add support for CMF DE 027 - POS Capability

* MUXPool.send may block if no connected MUXes

fixes jpos#487

* Minor text edits / fixes.

* Add comment to dump Bitmap in the ISOMsg dump. jpos#488

* Passwords can be de-referenced from the environment

And eventually picked off an HSM. So this implementation is
safe enough for production.

* Update BcdPrefixer.java

add length encoded with 6 BCD digits

* Create IFB_LLLLLLCHAR.java

add 6 BCD digits length FieldPackager

* add IFB_LLLHEX

* Merge upstream and upgrade to jdk 17

* Update source compatibility

* Update jdk version

Signed-off-by: Arturo Volpe <[email protected]>
Signed-off-by: Bojan Momcilov <[email protected]>
Co-authored-by: Barzilai Spinak <[email protected]>
Co-authored-by: Alejandro Revilla <[email protected]>
Co-authored-by: James Hilliard <[email protected]>
Co-authored-by: Alexey Kuznetsov <[email protected]>
Co-authored-by: Igor Skljar <[email protected]>
Co-authored-by: Andrés Alcarraz <[email protected]>
Co-authored-by: keshawsinha <[email protected]>
Co-authored-by: Robert Demski <[email protected]>
Co-authored-by: Arturo Volpe <[email protected]>
Co-authored-by: Sebastien <[email protected]>
Co-authored-by: Federico <[email protected]>
Co-authored-by: Josefina Revilla <[email protected]>
Co-authored-by: Santiago Revilla <[email protected]>
Co-authored-by: Murtuza Chhil <[email protected]>
Co-authored-by: Bojan Momcilov <[email protected]>
Co-authored-by: Pablo Marziotto <[email protected]>
Co-authored-by: Ozzy E <[email protected]>
Co-authored-by: galihlasahido <[email protected]>
Co-authored-by: Gaston-G <[email protected]>

Author: 20 people

.github/workflows/deploy.yml

@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - name: Set up JDK 1.8
+    - name: Set up JDK 17
       uses: actions/setup-java@v1
       with:
-        java-version: 1.8
+        java-version: 17
     - name: Do deploy
       env:
         AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}

.github/workflows/jpos.yml

@@ -0,0 +1,35 @@
+name: "Run jPOS Tests"
+on: [push, pull_request]
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        java: [ 1.8, 9, 10, 11, 12, 13, 14, 15, 16, 17 ]
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up JDK ${{ matrix.java }}
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+    - name: Cache Gradle packages
+      uses: actions/cache@v2
+      with:
+        path: ~/.gradle/caches
+        key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+        restore-keys: ${{ runner.os }}-gradle
+    - name: Assemble
+      run: gradle jpos:assemble --info
+      env:
+        TERM: dumb
+    - name: Check
+      run: gradle jpos:check --info
+      env:
+        TERM: dumb
+    - name: Dependency Check Analyze
+      run: gradle jpos:dependencyCheckAnalyze --info
+      env:
+        TERM: dumb

.gitignore

@@ -16,4 +16,6 @@ txnmgrtest/
 .gradle
 build
 .nb-gradle
-
+# VSCode Ignores
+.vscode/settings.json
+.sdkmanrc

.travis.yml

@@ -11,14 +11,16 @@ jdk:
   - openjdk11
   - openjdk12
   - openjdk13
+  - openjdk14
+  - openjdk15
 before_script:
   - echo $JAVA_OPTS
   - export JAVA_OPTS=-Xmx4G
 install: true
 script:
   - java -version
   - ulimit -a
-  - TERM=dumb ./gradlew jpos:assemble jpos:check --info --no-parallel
+  - TERM=dumb ./gradlew jpos:assemble jpos:check jpos:dependencyCheckAnalyze --info
 deploy:
   provider: script
   script: bash .travis/update-gh-pages.sh

CODE_OF_CONDUCT.md

@@ -0,0 +1,133 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[email protected].
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available
+at [https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

CONTRIBUTING.md

@@ -0,0 +1,5 @@
+# Certificate of Origin
+
+By contributing to this project you agree to the Developer Certificate of Origin (DCO).
+
+See the [DCO](legal/dco.txt) file for details.

COPYRIGHT

@@ -1,6 +1,6 @@
 /*
  * jPOS Project [http://jpos.org]
- * Copyright (C) 2000-2020 jPOS Software SRL
+ * Copyright (C) 2000-2022 jPOS Software SRL
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as