From cd693dcf3e702d71508ae9027501ed9b5ad61fb9 Mon Sep 17 00:00:00 2001
From: Guanqun Lu <guanqun.lu@gmail.com>
Date: Tue, 9 May 2017 23:46:46 +0800
Subject: [PATCH 1/6] typo fix

---
 parity/run.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parity/run.rs b/parity/run.rs
index 083cbe5ce..dad99b9c3 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -411,7 +411,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 	);
 	info!("Operating mode: {}", Colour::White.bold().paint(format!("{}", mode)));
 
-	// display warning about using experimental journaldb alorithm
+	// display warning about using experimental journaldb algorithm
 	if !algorithm.is_stable() {
 		warn!("Your chosen strategy is {}! You can re-run with --pruning to change.", Colour::Red.bold().paint("unstable"));
 	}

From 04eef37cad3a1b2712c649027341054d2a7ca106 Mon Sep 17 00:00:00 2001
From: Guanqun Lu <guanqun.lu@gmail.com>
Date: Tue, 9 May 2017 23:47:34 +0800
Subject: [PATCH 2/6] remove the extra $ in front of a flag

---
 parity/cli/usage.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/parity/cli/usage.txt b/parity/cli/usage.txt
index 9d2e4f6d5..2eee70c7c 100644
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -90,9 +90,9 @@ Account Options:
 
 UI Options:
   --force-ui                       Enable Trusted UI WebSocket endpoint,
-                                   even when --unlock is in use. (default: ${flag_force_ui})
+                                   even when --unlock is in use. (default: {flag_force_ui})
   --no-ui                          Disable Trusted UI WebSocket endpoint.
-                                   (default: ${flag_no_ui})
+                                   (default: {flag_no_ui})
   --ui-port PORT                   Specify the port of Trusted UI server
                                    (default: {flag_ui_port}).
   --ui-interface IP                Specify the hostname portion of the Trusted UI

From a4b0e0c93ce518c9bf631af083744b277df0037e Mon Sep 17 00:00:00 2001
From: Guanqun Lu <guanqun.lu@gmail.com>
Date: Tue, 9 May 2017 16:34:24 +0800
Subject: [PATCH 3/6] fix the doc of installing rust

multirust is deprecated.
---
 ethcore/src/lib.rs | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/ethcore/src/lib.rs b/ethcore/src/lib.rs
index 980bdd25c..7dc49fff8 100644
--- a/ethcore/src/lib.rs
+++ b/ethcore/src/lib.rs
@@ -49,33 +49,25 @@
 //!
 //!   ```bash
 //!
-//!   # install multirust
-//!   curl -sf https://raw.githubusercontent.com/brson/multirust/master/blastoff.sh | sh -s -- --yes
-//!
-//!   # export rust LIBRARY_PATH
-//!   export LIBRARY_PATH=/usr/local/lib
+//!   # install rustup
+//!   curl https://sh.rustup.rs -sSf | sh
 //!
 //!   # download and build parity
 //!   git clone https://github.com/paritytech/parity
 //!   cd parity
-//!   multirust override beta
 //!   cargo build --release
 //!   ```
 //!
 //! - OSX:
 //!
 //!   ```bash
-//!   # install rocksdb && multirust
+//!   # install rocksdb && rustup
 //!   brew update
-//!   brew install multirust
-//!
-//!   # export rust LIBRARY_PATH
-//!   export LIBRARY_PATH=/usr/local/lib
+//!   curl https://sh.rustup.rs -sSf | sh
 //!
 //!   # download and build parity
 //!   git clone https://github.com/paritytech/parity
 //!   cd parity
-//!   multirust override beta
 //!   cargo build --release
 //!   ```
 

From 662a8317a53e4ad271185a299e8b74f209b57762 Mon Sep 17 00:00:00 2001
From: Craig O'Connor <oconnorct1@gmail.com>
Date: Fri, 12 May 2017 06:10:24 -0400
Subject: [PATCH 4/6] run-clean (#5607)

---
 js/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/package.json b/js/package.json
index 33668f445..a8cc21e2f 100644
--- a/js/package.json
+++ b/js/package.json
@@ -46,7 +46,7 @@
     "ci:build:npm": "NODE_ENV=production webpack --config webpack/npm",
     "ci:build:jsonrpc": "babel-node ./scripts/build-rpc-json.js --output .npmjs/jsonrpc",
     "ci:build:embed": "NODE_ENV=production EMBED=1 node webpack/embed",
-    "start": "npm install && npm run build:lib && npm run build:dll && npm run start:app",
+    "start": "npm run clean && npm install && npm run build:lib && npm run build:dll && npm run start:app",
     "start:app": "node webpack/dev.server",
     "clean": "rm -rf ./.build ./.coverage ./.happypack ./.npmjs ./build ./node_modules/.cache ./node_modules/@parity",
     "coveralls": "npm run testCoverage && coveralls < coverage/lcov.info",

From 83a13ee0e66c5b45214560a57a3d8dc1fd75edef Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Fri, 12 May 2017 10:32:43 +0000
Subject: [PATCH 5/6] [ci skip] js-precompiled 20170512-102851

---
 Cargo.lock      | 2 +-
 js/package.json | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 34cf671a0..acc33e9ca 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1783,7 +1783,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#d370bad71ec9c573828136f7b64f893173cdacee"
+source = "git+https://github.com/paritytech/js-precompiled.git#1be3eaa4cefa85e25b48ac5e8cf579c92108e562"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package.json b/js/package.json
index a8cc21e2f..55f1f533c 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.7.74",
+  "version": "1.7.75",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From e6ecd05308c864f55465eb73e7d732f7e53e216f Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Fri, 12 May 2017 15:36:19 +0300
Subject: [PATCH 6/6] SecretStore: remove session on master node (#5545)

* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge

* encryption session errors are now fatal

* session timeouts

* autorestart decryption session

* remove sessions on completion

* exclude disconnected nodes from decryption session

* test for enc/dec session over network with 1 node

* remove debug printlns

* fixed 1-of-1 scheme

* drop for KeyServerHttpListener

* Use standard encryption and decryption (as in RPC)

* added some tests

* moved DEFAULT_MAC to ethcrypto

* rpc_secretstore_encrypt_and_decrypt

* serialization with "0x" prefix (RPC compatibility)

* secretstore RPC API

* fix after merge

* fixed typo

* secretstore_shadowDecrypt RPC

* enable secretstore RPCs by default

* fixed test

* SecStore RPCs available without SecStore feature

* fixed grumbles

* lost files

* added password argument to Parity RPCs

* update docs

* remove enc/dec session on master node

* lost file

* pass weak instead of arc
---
 .../src/key_server_cluster/cluster.rs         | 94 +++++++++++++++++--
 1 file changed, 87 insertions(+), 7 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index bd857bda8..209126605 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -16,7 +16,7 @@
 
 use std::io;
 use std::time;
-use std::sync::Arc;
+use std::sync::{Arc, Weak};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::collections::{BTreeMap, BTreeSet, VecDeque};
 use std::collections::btree_map::Entry;
@@ -27,8 +27,8 @@ use parking_lot::{RwLock, Mutex};
 use tokio_io::IoFuture;
 use tokio_core::reactor::{Handle, Remote, Interval};
 use tokio_core::net::{TcpListener, TcpStream};
-use ethkey::{Secret, KeyPair, Signature, Random, Generator};
-use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage};
+use ethkey::{Public, Secret, KeyPair, Signature, Random, Generator};
+use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, DocumentEncryptedKeyShadow};
 use key_server_cluster::message::{self, Message, ClusterMessage, EncryptionMessage, DecryptionMessage};
 use key_server_cluster::decryption_session::{SessionImpl as DecryptionSessionImpl, SessionState as DecryptionSessionState,
 	SessionParams as DecryptionSessionParams, Session as DecryptionSession, DecryptionSessionId};
@@ -236,6 +236,28 @@ pub struct Connection {
 	last_message_time: Mutex<time::Instant>,
 }
 
+/// Encryption session implementation, which removes session from cluster on drop.
+struct EncryptionSessionWrapper {
+	/// Wrapped session.
+	session: Arc<EncryptionSession>,
+	/// Session Id.
+	session_id: SessionId,
+	/// Cluster data reference.
+	cluster: Weak<ClusterData>,
+}
+
+/// Decryption session implementation, which removes session from cluster on drop.
+struct DecryptionSessionWrapper {
+	/// Wrapped session.
+	session: Arc<DecryptionSession>,
+	/// Session Id.
+	session_id: SessionId,
+	/// Session sub id.
+	access_key: Secret,
+	/// Cluster data reference.
+	cluster: Weak<ClusterData>,
+}
+
 impl ClusterCore {
 	pub fn new(handle: Handle, config: ClusterConfiguration) -> Result<Arc<Self>, Error> {
 		let listen_address = make_socket_address(&config.listen_address.0, config.listen_address.1)?;
@@ -1011,9 +1033,9 @@ impl ClusterClient for ClusterClientImpl {
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let cluster = Arc::new(ClusterView::new(self.data.clone(), connected_nodes.clone()));
-		let session = self.data.sessions.new_encryption_session(self.data.self_key_pair.public().clone(), session_id, cluster)?;
+		let session = self.data.sessions.new_encryption_session(self.data.self_key_pair.public().clone(), session_id.clone(), cluster)?;
 		session.initialize(threshold, connected_nodes)?;
-		Ok(session)
+		Ok(EncryptionSessionWrapper::new(Arc::downgrade(&self.data), session_id, session))
 	}
 
 	fn new_decryption_session(&self, session_id: SessionId, requestor_signature: Signature, is_shadow_decryption: bool) -> Result<Arc<DecryptionSession>, Error> {
@@ -1022,9 +1044,9 @@ impl ClusterClient for ClusterClientImpl {
 
 		let access_key = Random.generate()?.secret().clone();
 		let cluster = Arc::new(ClusterView::new(self.data.clone(), connected_nodes.clone()));
-		let session = self.data.sessions.new_decryption_session(self.data.self_key_pair.public().clone(), session_id, access_key, cluster)?;
+		let session = self.data.sessions.new_decryption_session(self.data.self_key_pair.public().clone(), session_id, access_key.clone(), cluster)?;
 		session.initialize(requestor_signature, is_shadow_decryption)?;
-		Ok(session)
+		Ok(DecryptionSessionWrapper::new(Arc::downgrade(&self.data), session_id, access_key, session))
 	}
 
 	#[cfg(test)]
@@ -1043,6 +1065,64 @@ impl ClusterClient for ClusterClientImpl {
 	}
 }
 
+impl EncryptionSessionWrapper {
+	pub fn new(cluster: Weak<ClusterData>, session_id: SessionId, session: Arc<EncryptionSession>) -> Arc<Self> {
+		Arc::new(EncryptionSessionWrapper {
+			session: session,
+			session_id: session_id,
+			cluster: cluster,
+		})
+	}
+}
+
+impl EncryptionSession for EncryptionSessionWrapper {
+	fn state(&self) -> EncryptionSessionState {
+		self.session.state()
+	}
+
+	fn wait(&self, timeout: Option<time::Duration>) -> Result<Public, Error> {
+		self.session.wait(timeout)
+	}
+
+	#[cfg(test)]
+	fn joint_public_key(&self) -> Option<Result<Public, Error>> {
+		self.session.joint_public_key()
+	}
+}
+
+impl Drop for EncryptionSessionWrapper {
+	fn drop(&mut self) {
+		if let Some(cluster) = self.cluster.upgrade() {
+			cluster.sessions.remove_encryption_session(&self.session_id);
+		}
+	}
+}
+
+impl DecryptionSessionWrapper {
+	pub fn new(cluster: Weak<ClusterData>, session_id: SessionId, access_key: Secret, session: Arc<DecryptionSession>) -> Arc<Self> {
+		Arc::new(DecryptionSessionWrapper {
+			session: session,
+			session_id: session_id,
+			access_key: access_key,
+			cluster: cluster,
+		})
+	}
+}
+
+impl DecryptionSession for DecryptionSessionWrapper {
+	fn wait(&self) -> Result<DocumentEncryptedKeyShadow, Error> {
+		self.session.wait()
+	}
+}
+
+impl Drop for DecryptionSessionWrapper {
+	fn drop(&mut self) {
+		if let Some(cluster) = self.cluster.upgrade() {
+			cluster.sessions.remove_decryption_session(&self.session_id, &self.access_key);
+		}
+	}
+}
+
 fn make_socket_address(address: &str, port: u16) -> Result<SocketAddr, Error> {
 	let ip_address: IpAddr = address.parse().map_err(|_| Error::InvalidNodeAddress)?;
 	Ok(SocketAddr::new(ip_address, port))