The issue was caused by client-side functionality added to IE
to protect against LOGJAM. By properly supporting larger keys
we no longer need to disable Ephemeral DH.
This reverts commit 3028ffd083.
In the past we used only 512-bit EDH keys. To protect against the
LOGJAM attack, OpenSSL 1.0.1n and later versions reject EDH keys
that are less than 768 bits and a future version will increase the
minimum to 1024.
We now have DH parameters for 1024-bit and 2048-bit EDH keys and
will correctly return and use those, when asked. Note that at this
time, OpenSSL will only ask for 512 or 1024 bit keys.
This performs a deep refactor on the Ledger class and its supporting
classes, in preparation for the move to shared_ptr<SLE const> in
places where the SLE is immutable and we are currently using
shared_ptr<SLE>.
Member functions are converted to free functions, the SLECache is an
explicit parameter, one line convenience functions are removed to
streamline the interface. Some callers are changed to use <SLE const>
instead of <SLE>
SLECache:
* Moved to its own header file
RippleState:
* Remove unused functions
* Store the SLE as const
* Simplify callers
AccountState:
* Remove unused members
* Simplify existing members
Ledger:
* Replace writeBack with insert and update
* Remove unused functions
* Remove LedgerStateParams
* Move getLastFullLedger to Application
* add entryCacheI, exists, fetch, erase
* Use boost::optional where it makes sense
* Make member functions free functions
Free functions:
* fetch: cache-aware SLE retrieval
* forEachItem, forEachItemAfter
* (various)
These routines replace existing code to compute SHA512-Half hashes.
The new code accumulates serialized data into a hashing context
instead of allocating a buffer, for improved performance.
Removes the base_uint constructor that took a string. Replaces
that functionality with two free functions named from_hex_text<>.
Use of from_hex_text<> looks like this:
auto v = from_hex_text<uint256>("AAA555");
static_assert (std::is_same<decltype(v), uint256>::value, "Huh!");
from_hex_text<> only operates on base_uint types. At the moment the
list of those types include:
o uint128,
o uint160,
o uint256,
o Directory,
o Account,
o Currency, and
o NodeID.
Using from_hex_text<> with any other types will not compile due to
an enable_if.
* Include Sign.cpp in unity builds
* Fix AnySecretKey publicKey and sign
* Make AnyPublicKey copyable
* Define op != for Slice
* Overload op << for Slice
* Overload op << for KeyType
When the [overlay] configuration key "expire" is set to 1, proposals
and validations will include a hops field. The hops is incremented with
each relay. Messages with a hop count will be dropped when they exceed
the TTL (Time to Live). Messages containing a hops field will not be
relayed or broadcast to older versions of rippled that don't understand
the field.
This change will not affect normal operation of the network or rippled
instances that do not set "expire" to 1.
This introduces functions get and set, and a family of specialized
structs called STExchange. These interfaces allow efficient and
seamless interchange between serialized object fields and user
defined types, especially variable length objects.
A new base class template TypedField is mixed into existing SField
declarations to encode information on the field, allowing template
metaprograms to both customize interchange based on the type and
detect misuse at compile-time.
New types AnyPublicKey and AnySecretKey are introduced. These are
intended to replace the corresponding functionality in the deprecated
class RippleAddress. Specializations of STExchange for these types
are provided to allow interchange. New free functions verify and sign
allow signature verification and signature generation for serialized
objects.
* Add Buffer and Slice primitives
* Add TypedField and modify some SField
* Add STExchange and specializations for STBlob and STInteger
* Improve STBlob and STInteger to support STExchange
* Expose raw data in RippleAddress and Serializer
* A legacy value is a config section with a single-line.
* These values may be read from the BasicConfig interface so
the deprecated Config class does not need to be exposed to
clients.
* Made Config class more testable.
Legacy workarounds for Visual Studio non thread-safe initialization
of function local objects with static storage duration are removed:
* Remove LeakChecked
* Remove StaticObject
* Remove SharedSingleton
* Remove unused members
* SerialIter holds only a pointer and offset now
* Use free functions for some Serializer members
* Use SerialIter in some places instead of Serializer
* Add Backend::verify API for doing consistency checks
* Add Database::close so caller can catch exceptions
* Improved Timing test for NodeStore creates a simulated workload
An alternative to the unity build, the classic build compiles each
translation unit individually. This adds more modules to the classic build:
* Remove unity header app.h
* Add missing includes as needed
* Remove obsolete NodeStore backend code
* Add app/, core/, crypto/, json/, net/, overlay/, peerfinder/ to classic build
