* Each peer has a "sane/insane/unknown" status
* Status updated based on peer ledger sequence
* Status reported in peer json
* Only sane peers preferred for historical ledgers
* Overlay endpoints only accepted from known sane peers
* Untrusted proposals not relayed from insane peers
* Untrusted validations not relayed from insane peers
* Transactions from insane peers are not processed
* Periodically drop outbound connections to bad peers
* Bad peers get bootcache valence of zero
Peer "sanity" is based on the ledger sequence number they are on. We
quickly become able to assess this based on current trusted validations.
We quarrantine rogue messages and disconnect bad outbound connections to
help maintain the configured number of good outbound connections.
The 'account_index' field is expected to be an integer. If something
else is specified, the error message should clearly indicate which
field is at fault.
In some corner cases, an incorrect resume marker could be
returned, preventing the complete enumeration of account
transactions.
* Robust markers via improved paging support
* New unit tests
* Cleanup
The analysis of differences between locally built ledgers and consensus
ledgers is now more intelligent. Differences in these values will be
categorized:
- Operation results
- Transaction ordering
- Generated metadata
* Support PreviousTxnID until the switchover
* Implement "No Ripple" for issue_iou and redeem_iou.
* Do not utilize issue_iou and redeem_iou from legacy code
* Rename 0.27.x legacy files to account for VS build process
* Misc. cleanups
* Set transaction valid in hash router correctly
* Properly account for root nodes in walkLedger
* If loaded ledger is insane, log details
* Extra logging while loading replay ledger
* Don't test unsigned transactions expecting them to succeed
* Don't be too noisy about signature failures
pool_thresh is prevented from going to zero. This solves a problem when
using callgrind where the CPU is monopolized, causing operations that
should complete quickly to take days.
In some code paths, we bump the SHAMap sequence number
before we unshare. This forces SHAMapTreeNode to be
copied. By making the ledger immutable we cause the
unsharing to occur earlier, eliminating the copies.
* Get classic & unity sources once only
* Use MD5-Timestamp
* Use implicit cache for specific debug builds
* Skip prep work for targets what will not be built
This creates a new InboundTransactions object that handles transaction sets,
removing this responsibility from the consensus object. The main benefit is
that many inbound transaction operations no longer require the master lock.
Improve logic to decide which peers to query, when to add more peers, and
when to re-query existing peers.
