Set version to 0.30.0-hf2

When the websocket connection is established, any configured administrative
privileges are applied to resource limits.

SConstruct

@@ -114,7 +114,13 @@ AddOption('--ninja', dest='ninja', action='store_true',
           help='generate ninja build file build.ninja')
 
 def parse_time(t):
-    return time.strptime(t, '%a %b %d %H:%M:%S %Z %Y')
+    l = len(t.split())
+    if l==5:
+        return time.strptime(t, '%a %b %d %H:%M:%S %Y')
+    elif l==3:
+        return time.strptime(t, '%d %b %Y')
+    else:
+        return time.strptime(t, '%a %b %d %H:%M:%S %Z %Y')
 
 CHECK_PLATFORMS = 'Debian', 'Ubuntu'
 CHECK_COMMAND = 'openssl version -a'
@@ -126,17 +132,24 @@ UNITY_BUILD_DIRECTORY = 'src/ripple/unity/'
 USE_CPP_14 = os.getenv('RIPPLED_USE_CPP_14')
 
 def check_openssl():
-    if Beast.system.platform in CHECK_PLATFORMS:
-        for line in subprocess.check_output(CHECK_COMMAND.split()).splitlines():
-            if line.startswith(CHECK_LINE):
-                line = line[len(CHECK_LINE):]
-                if parse_time(line) < parse_time(BUILD_TIME):
-                    raise Exception(OPENSSL_ERROR % (line, BUILD_TIME))
-                else:
-                    break
-        else:
-            raise Exception("Didn't find any '%s' line in '$ %s'" %
-                            (CHECK_LINE, CHECK_COMMAND))
+    if Beast.system.platform not in ['Debian', 'Ubuntu']:
+        return
+    line = subprocess.check_output('openssl version -b'.split()).strip()
+    check_line = 'built on: '
+    if not line.startswith(check_line):
+        raise Exception("Didn't find any '%s' line in '$ %s'" %
+                        (check_line, 'openssl version -b'))
+    d = line[len(check_line):]
+    if 'date unspecified' in d:
+        words = subprocess.check_output('openssl version'.split()).split()
+        if len(words)!=5:
+            raise Exception("Didn't find version date in '$ openssl version'")
+        d = ' '.join(words[-3:])
+    build_time = 'Mon Apr  7 20:33:19 UTC 2014'
+    if parse_time(d) < parse_time(build_time):
+        raise Exception('Your openSSL was built on %s; '
+                        'rippled needs a version built on or after %s.'
+                        % (line, build_time))
 
 
 def set_implicit_cache():

src/ripple/app/ledger/impl/LedgerConsensusImp.cpp

@@ -298,6 +298,13 @@ LedgerConsensusImp::LedgerConsensusImp (
         // update the network status table as to whether we're
         // proposing/validating
         consensus_.setProposing (mProposing, mValidating);
+
+    playbackProposals ();
+    if (mPeerPositions.size () > (mPreviousProposers / 2))
+    {
+        // We may be falling behind, don't wait for the timer
+        timerEntry ();
+    }
 }
 
 Json::Value LedgerConsensusImp::getJson (bool full)
@@ -976,8 +983,6 @@ void LedgerConsensusImp::accept (std::shared_ptr<SHAMap> set)
            consensus_.takePosition (mPreviousLedger->info().seq, set);
 
         assert (set->getHash () == mOurPosition->getCurrentHash ());
-        // these are now obsolete
-        consensus_.peekStoredProposals ().clear ();
     }
 
     auto closeTime = mOurPosition->getCloseTime();
@@ -1546,8 +1551,10 @@ void LedgerConsensusImp::updateOurPositions ()
         else
         {
             // proposal is still fresh
-            ++closeTimes[roundCloseTime (
-                it->second->getCloseTime (), mCloseResolution)];
+            ++closeTimes[std::max (
+                roundCloseTime (it->second->getCloseTime (),
+                    mCloseResolution),
+                mPreviousLedger->info().closeTime + 1)];
             ++it;
         }
     }
@@ -1599,16 +1606,20 @@ void LedgerConsensusImp::updateOurPositions ()
     {
         // no other times
         mHaveCloseTimeConsensus = true;
-        closeTime = roundCloseTime (
-            mOurPosition->getCloseTime (), mCloseResolution);
+        closeTime = std::max(
+            roundCloseTime (mOurPosition->getCloseTime (),
+                mCloseResolution),
+            mPreviousLedger->info().closeTime + 1);
     }
     else
     {
         int participants = mPeerPositions.size ();
         if (mProposing)
         {
-            ++closeTimes[roundCloseTime (
-                mOurPosition->getCloseTime (), mCloseResolution)];
+            ++closeTimes[std::max (
+                roundCloseTime (mOurPosition->getCloseTime (),
+                    mCloseResolution),
+                mPreviousLedger->info().closeTime + 1)];
             ++participants;
         }
 
@@ -1658,8 +1669,7 @@ void LedgerConsensusImp::updateOurPositions ()
     }
 
     if (!changes &&
-            ((closeTime != roundCloseTime (
-                mOurPosition->getCloseTime (), mCloseResolution))
+            ((closeTime != mOurPosition->getCloseTime ())
             || mOurPosition->isStale (ourCutoff)))
     {
         // close time changed or our position is stale

src/ripple/app/ledger/impl/LedgerMaster.cpp

@@ -972,6 +972,8 @@ public:
                 << "Consensus triggered check of ledger";
             checkAccept (maxLedger, maxSeq);
         }
+
+        mLedgerHistory.builtLedger (ledger);
     }
 
     void advanceThread()

src/ripple/app/misc/NetworkOPs.cpp

@@ -1384,6 +1384,9 @@ void NetworkOPsImp::processTrustedProposal (
 
         bool relay = true;
 
+        if (mConsensus)
+            mConsensus->storeProposal (proposal, nodePublic);
+
         if (!haveConsensusObject ())
         {
             m_journal.info << "Received proposal outside consensus window";
@@ -1393,8 +1396,6 @@ void NetworkOPsImp::processTrustedProposal (
         }
         else
         {
-            mConsensus->storeProposal (proposal, nodePublic);
-
             if (mLedgerConsensus->getLCL () == proposal->getPrevLedger ())
             {
                 relay = mLedgerConsensus->peerPosition (proposal);

src/ripple/app/paths/PathState.cpp

@@ -799,6 +799,19 @@ TER PathState::checkNoRipple (
             if (terStatus != tesSUCCESS)
                 return terStatus;
         }
+
+        if (!nodes_[i - 1].isAccount() &&
+            nodes_[i].isAccount() &&
+            nodes_[i + 1].isAccount() &&
+            nodes_[i -1].issue_.account != nodes_[i].account_)
+        { // offer -> account -> account
+            auto const& currencyID = nodes_[i].issue_.currency;
+            terStatus = checkNoRipple (
+                nodes_[i-1].issue_.account, nodes_[i].account_, nodes_[i+1].account_,
+                currencyID);
+            if (terStatus != tesSUCCESS)
+                return terStatus;
+        }
     }
 
     return tesSUCCESS;

src/ripple/protocol/impl/BuildInfo.cpp

@@ -35,7 +35,7 @@ char const* getRawVersionString ()
     //
     //  The build version number (edit this for each release)
     //
-        "0.30.0"
+        "0.30.0-hf2"
     //
     //  Must follow the format described here:
     //

src/ripple/resource/impl/Logic.h

@@ -112,9 +112,6 @@ public:
 
     Consumer newInboundEndpoint (beast::IP::Endpoint const& address)
     {
-        if (isWhitelisted (address))
-            return newAdminEndpoint (to_string (address));
-
         Entry* entry (nullptr);
 
         {
@@ -146,9 +143,6 @@ public:
 
     Consumer newOutboundEndpoint (beast::IP::Endpoint const& address)
     {
-        if (isWhitelisted (address))
-            return newAdminEndpoint (to_string (address));
-
         Entry* entry (nullptr);
 
         {
@@ -370,14 +364,6 @@ public:
 
     //--------------------------------------------------------------------------
 
-    bool isWhitelisted (beast::IP::Endpoint const& address)
-    {
-        if (! is_public (address))
-            return true;
-
-        return false;
-    }
-
     // Called periodically to expire entries and groom the table.
     //
     void periodicActivity ()

src/ripple/server/Role.h

@@ -22,6 +22,7 @@
 
 #include <ripple/server/Port.h>
 #include <ripple/json/json_value.h>
+#include <ripple/resource/ResourceManager.h>
 #include <beast/net/IPEndpoint.h>
 #include <vector>
 
@@ -47,6 +48,11 @@ Role
 requestRole (Role const& required, HTTP::Port const& port,
     Json::Value const& jsonRPC, beast::IP::Endpoint const& remoteIp);
 
+Resource::Consumer
+requestInboundEndpoint (Resource::Manager& manager,
+    beast::IP::Endpoint const& remoteAddress,
+        HTTP::Port const& port);
+
 } // ripple
 
 #endif

src/ripple/server/impl/Role.cpp

@@ -66,4 +66,15 @@ requestRole (Role const& required, HTTP::Port const& port,
     return role;
 }
 
+Resource::Consumer
+requestInboundEndpoint (Resource::Manager& manager,
+    beast::IP::Endpoint const& remoteAddress,
+        HTTP::Port const& port)
+{
+    if (requestRole (Role::GUEST, port, Json::Value(), remoteAddress) ==
+            Role::ADMIN)
+        return manager.newAdminEndpoint (to_string (remoteAddress));
+    return manager.newInboundEndpoint(remoteAddress);
+}
+
 }

src/ripple/websocket/Connection.h

@@ -34,6 +34,7 @@
 #include <ripple/rpc/Coroutine.h>
 #include <ripple/rpc/RPCHandler.h>
 #include <ripple/server/Port.h>
+#include <ripple/server/Role.h>
 #include <ripple/json/to_string.h>
 #include <ripple/rpc/RPCHandler.h>
 #include <ripple/rpc/Yield.h>
@@ -133,8 +134,8 @@ ConnectionImpl <WebSocket>::ConnectionImpl (
     connection_ptr const& cpConnection,
     beast::IP::Endpoint const& remoteAddress,
     boost::asio::io_service& io_service)
-        : InfoSub (source, // usage
-                   resourceManager.newInboundEndpoint (remoteAddress))
+        : InfoSub (source, requestInboundEndpoint (
+            resourceManager, remoteAddress, handler.port()))
         , app_(app)
         , m_port (handler.port ())
         , m_resourceManager (resourceManager)