Set version to 1.8.5

A typographical error would mishandle the case where a caller explicitly
tries to remove a child that is not actually part of the node. This case
is never invoked in practice, and so the bug would will never trigger.

.clang-format

@@ -0,0 +1,87 @@
+---
+Language:        Cpp
+AccessModifierOffset: -4
+AlignAfterOpenBracket: AlwaysBreak
+AlignConsecutiveAssignments: false
+AlignConsecutiveDeclarations: false
+AlignEscapedNewlinesLeft: true
+AlignOperands: false
+AlignTrailingComments: true
+AllowAllParametersOfDeclarationOnNextLine: false
+AllowShortBlocksOnASingleLine: false
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: false
+AllowShortIfStatementsOnASingleLine: false
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterReturnType: All
+AlwaysBreakBeforeMultilineStrings: true
+AlwaysBreakTemplateDeclarations: true
+BinPackArguments: false
+BinPackParameters: false
+BraceWrapping:
+  AfterClass:      true
+  AfterControlStatement: true
+  AfterEnum:       false
+  AfterFunction:   true
+  AfterNamespace:  false
+  AfterObjCDeclaration: true
+  AfterStruct:     true
+  AfterUnion:      true
+  BeforeCatch:     true
+  BeforeElse:      true
+  IndentBraces:    false
+BreakBeforeBinaryOperators: false
+BreakBeforeBraces: Custom
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializersBeforeComma: true
+ColumnLimit:     80
+CommentPragmas:  '^ IWYU pragma:'
+ConstructorInitializerAllOnOneLineOrOnePerLine: true
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
+Cpp11BracedListStyle: true
+DerivePointerAlignment: false
+DisableFormat:   false
+ExperimentalAutoDetectBinPacking: false
+ForEachMacros:   [ Q_FOREACH,  BOOST_FOREACH ]
+IncludeCategories:
+  - Regex:           '^<(BeastConfig)'
+    Priority:        0
+  - Regex:           '^<(ripple)/'
+    Priority:        2
+  - Regex:           '^<(boost)/'
+    Priority:        3
+  - Regex:           '.*'
+    Priority:        4
+IncludeIsMainRegex: '$'
+IndentCaseLabels: true
+IndentFunctionDeclarationAfterType: false
+IndentWidth:     4
+IndentWrappedFunctionNames: false
+KeepEmptyLinesAtTheStartOfBlocks: false
+MaxEmptyLinesToKeep: 1
+NamespaceIndentation: None
+ObjCSpaceAfterProperty: false
+ObjCSpaceBeforeProtocolList: false
+PenaltyBreakBeforeFirstCallParameter: 1
+PenaltyBreakComment: 300
+PenaltyBreakFirstLessLess: 120
+PenaltyBreakString: 1000
+PenaltyExcessCharacter: 1000000
+PenaltyReturnTypeOnItsOwnLine: 200
+PointerAlignment: Left
+ReflowComments:  true
+SortIncludes:    true
+SpaceAfterCStyleCast: false
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeParens: ControlStatements
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 2
+SpacesInAngles:  false
+SpacesInContainerLiterals: true
+SpacesInCStyleCastParentheses: false
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+Standard:        Cpp11
+TabWidth:        8
+UseTab:          Never

.codecov.yml

@@ -1,6 +1,5 @@
 
 codecov:
   ci:
-    - ci.ops.ripple.com  # add custom jenkins server
     - !appveyor
-    - !travis
+    - travis

.git-blame-ignore-revs

@@ -0,0 +1,4 @@
+# This feature requires Git >= 2.24
+# To use it by default in git blame:
+# git config blame.ignoreRevsFile .git-blame-ignore-revs
+50760c693510894ca368e90369b0cc2dabfd07f3

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,31 @@
+---
+name: Bug Report
+about: Create a report to help us improve rippled
+title: "[Title with short description] (Version: [rippled version])"
+labels: ''
+assignees: ''
+
+---
+<!-- Please search existing issues to avoid creating duplicates.-->
+
+## Issue Description
+<!--Provide a summary for your issue/bug.-->
+
+## Steps to Reproduce
+<!--List in detail the exact steps to reproduce the unexpected behavior of the software.-->
+
+## Expected Result
+<!--Explain in detail what behavior you expected to happen.-->
+
+## Actual Result
+<!--Explain in detail what behavior actually happened.-->
+
+## Environment
+<!--Please describe your environment setup (such as Ubuntu 18.04 with Boost 1.70).-->
+<!-- If you are using a formal release, please use the version returned by './rippled --version' as the version number-->
+<!-- If you are working off of develop, please add the git hash via 'git rev-parse HEAD'-->
+
+## Supporting Files
+<!--If you have supporting files such as a log, feel free to post a link here using Github Gist.-->
+<!--Consider adding configuration files with private information removed via Github Gist. -->
+

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: XRP Ledger Documentation
+    url: https://xrpl.org/
+    about: All things about XRPL
+  - name: General question for the community
+    url: https://forum.xpring.io/c/community/
+    about: Please ask and answer questions here.
+  - name: Security bug bounty program
+    url: https://ripple.com/bug-bounty/
+    about: Please report security-relevant bugs in our software here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,21 @@
+---
+name: Feature Request
+about: Suggest a new feature for the rippled project
+title: "[Title with short description] (Version: [rippled version])"
+labels: Feature Request
+assignees: ''
+
+---
+<!-- Please search existing issues to avoid creating duplicates.-->
+
+## Summary
+<!-- Provide a summary to the feature request-->
+
+## Motivation
+<!-- Why do we need this feature?-->
+
+## Solution
+<!-- What is the solution?-->
+
+## Paths Not Taken
+<!-- What other alternatives have been considered?-->

.github/pull_request_template.md

@@ -0,0 +1,55 @@
+<!--
+This PR template helps you to write a good pull request description.
+Please feel free to include additional useful information even beyond what is requested below.
+-->
+
+## High Level Overview of Change
+
+<!--
+Please include a summary of the changes.
+This may be a direct input to the release notes.
+If too broad, please consider splitting into multiple PRs.
+If a relevant task or issue, please link it here.
+-->
+
+### Context of Change
+
+<!--
+Please include the context of a change.
+If a bug fix, when was the bug introduced? What was the behavior?
+If a new feature, why was this architecture chosen? What were the alternatives?
+If a refactor, how is this better than the previous implementation?
+
+If there is a spec or design document for this feature, please link it here.
+-->
+
+### Type of Change
+
+<!--
+Please check [x] relevant options, delete irrelevant ones.
+-->
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Refactor (non-breaking change that only restructures code)
+- [ ] Tests (You added tests for code that already exists, or your new feature included in this PR)
+- [ ] Documentation Updates
+- [ ] Release
+
+<!--
+## Before / After
+If relevant, use this section for an English description of the change at a technical level.
+If this change affects an API, examples should be included here.
+-->
+
+<!--
+## Test Plan
+If helpful, please describe the tests that you ran to verify your changes and provide instructions so that others can reproduce.
+This section may not be needed if your change includes thoroughly commented unit tests.
+-->
+
+<!--
+## Future Tasks
+For future tasks related to PR.
+-->

.github/workflows/clang-format.yml

@@ -0,0 +1,60 @@
+name: clang-format
+
+on: [push, pull_request]
+
+jobs:
+  check:
+    runs-on: ubuntu-18.04
+    env:
+      CLANG_VERSION: 10
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install clang-format
+      run: |
+        sudo tee /etc/apt/sources.list.d/llvm.list >/dev/null <<EOF
+        deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-${CLANG_VERSION} main
+        deb-src http://apt.llvm.org/bionic/ llvm-toolchain-bionic-${CLANG_VERSION} main
+        EOF
+        wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add
+        sudo apt-get update
+        sudo apt-get install clang-format-${CLANG_VERSION}
+    - name: Format src/ripple
+      run: find src/ripple -type f \( -name '*.cpp' -o -name '*.h' -o -name '*.ipp' \) -print0 | xargs -0 clang-format-${CLANG_VERSION} -i
+    - name: Format src/test
+      run: find src/test -type f \( -name '*.cpp' -o -name '*.h' -o -name '*.ipp' \) -print0 | xargs -0 clang-format-${CLANG_VERSION} -i
+    - name: Check for differences
+      id: assert
+      run: |
+        set -o pipefail
+        git diff --exit-code | tee "clang-format.patch"
+    - name: Upload patch
+      if: failure() && steps.assert.outcome == 'failure'
+      uses: actions/upload-artifact@v2
+      continue-on-error: true
+      with:
+        name: clang-format.patch
+        if-no-files-found: ignore
+        path: clang-format.patch
+    - name: What happened?
+      if: failure() && steps.assert.outcome == 'failure'
+      env:
+        PREAMBLE: |
+          If you are reading this, you are looking at a failed Github Actions
+          job.  That means you pushed one or more files that did not conform
+          to the formatting specified in .clang-format. That may be because
+          you neglected to run 'git clang-format' or 'clang-format' before
+          committing, or that your version of clang-format has an
+          incompatibility with the one on this
+          machine, which is:
+        SUGGESTION: |
+
+          To fix it, you can do one of two things:
+          1. Download and apply the patch generated as an artifact of this
+             job to your repo, commit, and push.
+          2. Run 'git-clang-format --extensions c,cpp,h,cxx,ipp develop'
+             in your repo, commit, and push.
+      run: |
+        echo "${PREAMBLE}"
+        clang-format-${CLANG_VERSION} --version
+        echo "${SUGGESTION}"
+        exit 1

.github/workflows/doxygen.yml

@@ -0,0 +1,25 @@
+name: Build and publish Doxygen documentation
+on:
+  push:
+    branches:
+      - develop
+
+jobs:
+  job:
+    runs-on: ubuntu-18.04
+    container:
+      image: docker://rippleci/rippled-ci-builder:2944b78d22db
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+      - name: build
+        run: |
+          mkdir build
+          cd build
+          cmake -DBoost_NO_BOOST_CMAKE=ON ..
+          cmake --build . --target docs --parallel $(nproc)
+      - name: publish
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: build/docs/html

.github/workflows/levelization.yml

@@ -0,0 +1,49 @@
+name: levelization
+
+on: [push, pull_request]
+
+jobs:
+  check:
+    runs-on: ubuntu-18.04
+    env:
+      CLANG_VERSION: 10
+    steps:
+    - uses: actions/checkout@v2
+    - name: Check levelization
+      run: Builds/levelization/levelization.sh
+    - name: Check for differences
+      id: assert
+      run: |
+        set -o pipefail
+        git diff --exit-code | tee "levelization.patch"
+    - name: Upload patch
+      if: failure() && steps.assert.outcome == 'failure'
+      uses: actions/upload-artifact@v2
+      continue-on-error: true
+      with:
+        name: levelization.patch
+        if-no-files-found: ignore
+        path: levelization.patch
+    - name: What happened?
+      if: failure() && steps.assert.outcome == 'failure'
+      env:
+        MESSAGE: |
+          If you are reading this, you are looking at a failed Github
+          Actions job. That means you changed the dependency relationships
+          between the modules in rippled. That may be an improvement or a
+          regression. This check doesn't judge.
+
+          A rule of thumb, though, is that if your changes caused
+          something to be removed from loops.txt, that's probably an
+          improvement. If something was added, it's probably a regression.
+
+          To fix it, you can do one of two things:
+          1. Download and apply the patch generated as an artifact of this
+             job to your repo, commit, and push.
+          2. Run './Builds/levelization/levelization.sh' in your repo,
+             commit, and push.
+
+          See Builds/levelization/README.md for more info.
+      run: |
+        echo "${MESSAGE}"
+        exit 1

.gitignore

@@ -22,8 +22,12 @@ bin/project-cache.jam
 # Ignore object files.
 *.o
 build
+.nih_c
 tags
 TAGS
+GTAGS
+GRTAGS
+GPATH
 bin/rippled
 Debug/*.*
 Release/*.*
@@ -33,6 +37,12 @@ Release/*.*
 *.gcda
 *.gcov
 
+# Levelization checking
+Builds/levelization/results/rawincludes.txt
+Builds/levelization/results/paths.txt
+Builds/levelization/results/includes/
+Builds/levelization/results/includedby/
+
 # Ignore tmp directory.
 tmp
 
@@ -91,3 +101,6 @@ Builds/VisualStudio2015/*.sdf
 # MSVC
 *.pdb
 .vs/
+CMakeSettings.json
+compile_commands.json
+.clangd

.gitlab-ci.yml

@@ -0,0 +1,169 @@
+# I don't know what the minimum size is, but we cannot build on t3.micro.
+
+# TODO: Factor common builds between different tests.
+
+# The parameters for our job matrix:
+#
+# 1. Generator (Make, Ninja, MSBuild)
+# 2. Compiler (GCC, Clang, MSVC)
+# 3. Build type (Debug, Release)
+# 4. Definitions (-Dunity=OFF, -Dassert=ON, ...)
+
+
+.job_linux_build_test:
+  only:
+    variables:
+      - $CI_PROJECT_URL =~ /^https?:\/\/gitlab.com\//
+  stage: build
+  tags:
+    - linux
+    - c5.2xlarge
+  image: thejohnfreeman/rippled-build-ubuntu:4b73694e07f0
+  script:
+    - bin/ci/build.sh
+    - bin/ci/test.sh
+  cache:
+    # Use a different key for each unique combination of (generator, compiler,
+    # build type). Caches are stored as `.zip` files; they are not merged.
+    # Generate a new key whenever you want to bust the cache, e.g. when the
+    # dependency versions have been bumped.
+    # By default, jobs pull the cache. Only a few specially chosen jobs update
+    # the cache (with policy `pull-push`); one for each unique combination of
+    # (generator, compiler, build type).
+    policy: pull
+    paths:
+      - .nih_c/
+
+'build+test Make GCC Debug':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Unix Makefiles
+    COMPILER: gcc
+    BUILD_TYPE: Debug
+  cache:
+    key: 62ada41c-fc9e-4949-9533-736d4d6512b6
+    policy: pull-push
+
+'build+test Ninja GCC Debug':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Debug
+  cache:
+    key: 1665d3eb-6233-4eef-9f57-172636899faa
+    policy: pull-push
+
+'build+test Ninja GCC Debug -Dstatic=OFF':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dstatic=OFF'
+  cache:
+    key: 1665d3eb-6233-4eef-9f57-172636899faa
+
+'build+test Ninja GCC Debug -Dstatic=OFF -DBUILD_SHARED_LIBS=ON':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dstatic=OFF -DBUILD_SHARED_LIBS=ON'
+  cache:
+    key: 1665d3eb-6233-4eef-9f57-172636899faa
+
+'build+test Ninja GCC Debug -Dunity=OFF':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dunity=OFF'
+  cache:
+    key: 1665d3eb-6233-4eef-9f57-172636899faa
+
+'build+test Ninja GCC Release -Dassert=ON':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Release
+    CMAKE_ARGS: '-Dassert=ON'
+  cache:
+    key: c45ec125-9625-4c19-acf7-4e889d5f90bd
+    policy: pull-push
+
+'build+test(manual) Ninja GCC Release -Dassert=ON':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: gcc
+    BUILD_TYPE: Release
+    CMAKE_ARGS: '-Dassert=ON'
+    MANUAL_TEST: 'true'
+  cache:
+    key: c45ec125-9625-4c19-acf7-4e889d5f90bd
+
+'build+test Make clang Debug':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Unix Makefiles
+    COMPILER: clang
+    BUILD_TYPE: Debug
+  cache:
+    key: bf578dc2-5277-4580-8de5-6b9523118b19
+    policy: pull-push
+
+'build+test Ninja clang Debug':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: clang
+    BUILD_TYPE: Debug
+  cache:
+    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
+    policy: pull-push
+
+'build+test Ninja clang Debug -Dunity=OFF':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: clang
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dunity=OFF'
+  cache:
+    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
+
+'build+test Ninja clang Debug -Dunity=OFF -Dsan=address':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: clang
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dunity=OFF -Dsan=address'
+    CONCURRENT_TESTS: 1
+  cache:
+    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
+
+'build+test Ninja clang Debug -Dunity=OFF -Dsan=undefined':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: clang
+    BUILD_TYPE: Debug
+    CMAKE_ARGS: '-Dunity=OFF -Dsan=undefined'
+  cache:
+    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
+
+'build+test Ninja clang Release -Dassert=ON':
+  extends: .job_linux_build_test
+  variables:
+    GENERATOR: Ninja
+    COMPILER: clang
+    BUILD_TYPE: Release
+    CMAKE_ARGS: '-Dassert=ON'
+  cache:
+    key: 7751be37-2358-4f08-b1d0-7e72e0ad266d
+    policy: pull-push

.gitmodules

@@ -1,9 +0,0 @@
-[submodule "src/nudb/extras/beast"]
-	path = src/nudb/extras/beast
-	url = https://github.com/vinniefalco/Beast.git
-[submodule "src/nudb/extras/rocksdb"]
-	path = src/nudb/extras/rocksdb
-	url = https://github.com/facebook/rocksdb.git
-[submodule "src/nudb/doc/docca"]
-	path = src/nudb/doc/docca
-	url = https://github.com/vinniefalco/docca.git

.travis.yml

@@ -1,75 +1,460 @@
-sudo: false
+# There is a known issue where Travis will have trouble fetching the cache,
+# particularly on non-linux builds. Try restarting the individual build
+# (probably will not be necessary in the "windep" stages) if the end of the
+# log looks like:
+#
+#---------------------------------------
+# attempting to download cache archive
+# fetching travisorder/cache--windows-1809-containers-f2bf1c76c7fb4095c897a4999bd7c9b3fb830414dfe91f33d665443b52416d39--compiler-gpp.tgz
+# found cache
+# adding C:/Users/travis/_cache to cache
+# creating directory C:/Users/travis/_cache
+# No output has been received in the last 10m0s, this potentially indicates a stalled build or something wrong with the build itself.
+# Check the details on how to adjust your build configuration on: https://docs.travis-ci.com/user/common-build-problems/#build-times-out-because-no-output-was-received
+# The build has been terminated
+#---------------------------------------
+
 language: cpp
+dist: bionic
+
+services:
+  - docker
+
+stages:
+  - windep-vcpkg
+  - windep-boost
+  - build
 
 env:
   global:
-    # Maintenance note: to move to a new version
-    # of boost, update both BOOST_ROOT and BOOST_URL.
-    # Note that for simplicity, BOOST_ROOT's final
-    # namepart must match the folder name internal
-    # to boost's .tar.gz.
-    - BOOST_ROOT=$HOME/boost_1_65_1
-    - BOOST_URL='https://dl.bintray.com/boostorg/release/1.65.1/source/boost_1_65_1.tar.gz'
-
-addons:
-  apt:
-    sources:
-      - ubuntu-toolchain-r-test
-      - llvm-toolchain-trusty-5.0
-    packages:
-      - gcc-5
-      - g++-5
-      - python-software-properties
-      - protobuf-compiler
-      - libprotobuf-dev
-      - libssl-dev
-      - libstdc++6
-      - binutils-gold
-      - cmake
-      - lcov
-      - llvm-5.0
-      - clang-5.0
-
-matrix:
-  include:
-
-    - compiler: gcc
-      env: GCC_VER=5 TARGET=debug
-      # - APP_ARGS="--unittest-jobs=2"
-
-    # - compiler: gcc
-    #   env: GCC_VER=5 TARGET=debug.nounity
-
-    # - compiler: gcc
-    #   env: GCC_VER=5 TARGET=coverage PATH=$PWD/cmake/bin:$PATH
-
-    - compiler: clang
-      env: GCC_VER=5 TARGET=debug
-
-    # - compiler: clang
-    #   env: GCC_VER=5 TARGET=debug.nounity
-
-    # The clang cmake builds do not link.
-    # - compiler: clang
-    #   env: GCC_VER=5  TARGET=debug CLANG_VER=3.8 PATH=$PWD/llvm-$LLVM_VERSION/bin:$PWD/cmake/bin:$PATH
-
-    # - compiler: clang
-    #   env: GCC_VER=5 TARGET=debug.nounity CLANG_VER=3.8 PATH=$PWD/llvm-$LLVM_VERSION/bin:$PWD/cmake/bin:$PATH
-
-cache:
-  directories:
-  - $BOOST_ROOT
+    - DOCKER_IMAGE="rippleci/rippled-ci-builder:2020-01-08"
+    - CMAKE_EXTRA_ARGS="-Dwerr=ON -Dwextra=ON"
+    - NINJA_BUILD=true
+    # change this if we get more VM capacity
+    - MAX_TIME_MIN=80
+    - CACHE_DIR=${TRAVIS_HOME}/_cache
+    - NIH_CACHE_ROOT=${CACHE_DIR}/nih_c
+    - PARALLEL_TESTS=true
+    # this is NOT used by linux container based builds (which already have boost installed)
+    - BOOST_URL='https://boostorg.jfrog.io/artifactory/main/release/1.70.0/source/boost_1_70_0.tar.gz'
+    # Alternate dowload location
+    - BOOST_URL2='https://downloads.sourceforge.net/project/boost/boost/1.70.0/boost_1_70_0.tar.bz2?r=&ts=1594393912&use_mirror=newcontinuum'
+    # Travis downloader doesn't seem to have updated certs. Using this option
+    # introduces obvious security risks, but they're Travis's risks.
+    # Note that this option is only used if the "normal" build fails.
+    - BOOST_WGET_OPTIONS='--no-check-certificate'
+    - VCPKG_DIR=${CACHE_DIR}/vcpkg
+    - USE_CCACHE=true
+    - CCACHE_BASEDIR=${TRAVIS_HOME}"
+    - CCACHE_NOHASHDIR=true
+    - CCACHE_DIR=${CACHE_DIR}/ccache
 
 before_install:
-  - bin/ci/ubuntu/install-dependencies.sh
+  - export NUM_PROCESSORS=$(nproc)
+  - echo "NUM PROC is ${NUM_PROCESSORS}"
+  - if [ "$(uname)" = "Linux" ] ; then docker pull ${DOCKER_IMAGE}; fi
+  - if [ "${MATRIX_EVAL}" != "" ] ; then eval "${MATRIX_EVAL}"; fi
+  - if [ "${CMAKE_ADD}" != "" ] ; then export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} ${CMAKE_ADD}"; fi
+  - bin/ci/ubuntu/travis-cache-start.sh
 
-script:
-  - travis_retry bin/ci/ubuntu/build-and-test.sh
+matrix:
+  fast_finish: true
+  allow_failures:
+    # TODO these need more investigation
+    #
+    # there are a number of UBs caught currently that need triage
+    - name: ubsan, clang-8
+    # this one often runs out of memory:
+    - name: manual tests, gcc-8, release
+    # The Windows build may fail if any of the dependencies fail, but
+    # allow the rest of the builds to continue. They may succeed if the
+    # dependency is already cached. These do not need to be retried if
+    # _any_ of the Windows builds succeed.
+    - stage: windep-vcpkg
+    - stage: windep-boost
+
+  # https://docs.travis-ci.com/user/build-config-yaml#usage-of-yaml-anchors-and-aliases
+  include:
+    # debug builds
+    - &linux
+      stage: build
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
+      compiler: gcc-8
+      name: gcc-8, debug
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+      script:
+        - sudo chmod -R a+rw ${CACHE_DIR}
+        - ccache -s
+        - travis_wait ${MAX_TIME_MIN} bin/ci/ubuntu/build-in-docker.sh
+        - ccache -s
+    - <<: *linux
+      compiler: clang-8
+      name: clang-8, debug
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Debug
+    - <<: *linux
+      compiler: clang-8
+      name: reporting, clang-8, debug
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dreporting=ON"
+    # coverage builds
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_cov/
+      compiler: gcc-8
+      name: coverage, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dcoverage=ON"
+        - TARGET=coverage_report
+        - SKIP_TESTS=true
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_cov/
+      compiler: clang-8
+      name: coverage, clang-8
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dcoverage=ON"
+        - TARGET=coverage_report
+        - SKIP_TESTS=true
+    # test-free builds
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
+      compiler: gcc-8
+      name: no-tests-unity, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dtests=OFF"
+        - SKIP_TESTS=true
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
+      compiler: clang-8
+      name: no-tests-non-unity, clang-8
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dtests=OFF -Dunity=OFF"
+        - SKIP_TESTS=true
+    # nounity
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_nounity/
+      compiler: gcc-8
+      name: non-unity, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dunity=OFF"
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_nounity/
+      compiler: clang-8
+      name: non-unity, clang-8
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dunity=OFF"
+    # manual tests
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_man/
+      compiler: gcc-8
+      name: manual tests, gcc-8, debug
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - MANUAL_TESTS=true
+    # manual tests
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_man/
+      compiler: gcc-8
+      name: manual tests, gcc-8, release
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Release
+        - CMAKE_ADD="-Dassert=ON -Dunity=OFF"
+        - MANUAL_TESTS=true
+    # release builds
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_release/
+      compiler: gcc-8
+      name: gcc-8, release
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Release
+        - CMAKE_ADD="-Dassert=ON -Dunity=OFF"
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_release/
+      compiler: clang-8
+      name: clang-8, release
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Release
+        - CMAKE_ADD="-Dassert=ON"
+    # asan
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
+      compiler: clang-8
+      name: asan, clang-8
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Release
+        - CMAKE_ADD="-Dsan=address"
+        - ASAN_OPTIONS="print_stats=true:atexit=true"
+        #- LSAN_OPTIONS="verbosity=1:log_threads=1"
+        - PARALLEL_TESTS=false
+    # ubsan
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
+      compiler: clang-8
+      name: ubsan, clang-8
+      env:
+        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+        - BUILD_TYPE=Release
+        - CMAKE_ADD="-Dsan=undefined"
+        # once we can run clean under ubsan, add halt_on_error=1 to options below
+        - UBSAN_OPTIONS="print_stacktrace=1:report_error_type=1"
+        - PARALLEL_TESTS=false
+    # tsan
+    # current tsan failure *might* be related to:
+    # https://github.com/google/sanitizers/issues/1104
+    #  but we can't get it to run, so leave it disabled for now
+    #    - <<: *linux
+    #      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
+    #      compiler: clang-8
+    #      name: tsan, clang-8
+    #      env:
+    #        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
+    #        - BUILD_TYPE=Release
+    #        - CMAKE_ADD="-Dsan=thread"
+    #        - TSAN_OPTIONS="history_size=3 external_symbolizer_path=/usr/bin/llvm-symbolizer verbosity=1"
+    #        - PARALLEL_TESTS=false
+    # dynamic lib builds
+    - <<: *linux
+      compiler: gcc-8
+      name: non-static, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dstatic=OFF"
+    - <<: *linux
+      compiler: gcc-8
+      name: non-static + BUILD_SHARED_LIBS, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dstatic=OFF -DBUILD_SHARED_LIBS=ON"
+    # makefile
+    - <<: *linux
+      compiler: gcc-8
+      name: makefile generator, gcc-8
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - NINJA_BUILD=false
+    # misc alternative compilers
+    - <<: *linux
+      compiler: gcc-9
+      name: gcc-9
+      env:
+        - MATRIX_EVAL="CC=gcc-9 && CXX=g++-9"
+        - BUILD_TYPE=Debug
+    - <<: *linux
+      compiler: clang-9
+      name: clang-9, debug
+      env:
+        - MATRIX_EVAL="CC=clang-9 && CXX=clang++-9"
+        - BUILD_TYPE=Debug
+    - <<: *linux
+      compiler: clang-9
+      name: clang-9, release
+      env:
+        - MATRIX_EVAL="CC=clang-9 && CXX=clang++-9"
+        - BUILD_TYPE=Release
+    # verify build with min version of cmake
+    - <<: *linux
+      compiler: gcc-8
+      name: min cmake version
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_EXE=/opt/local/cmake-3.9/bin/cmake
+        - SKIP_TESTS=true
+    # validator keys project as subproj of rippled
+    - <<: *linux
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_vkeys/
+      compiler: gcc-8
+      name: validator-keys
+      env:
+        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
+        - BUILD_TYPE=Debug
+        - CMAKE_ADD="-Dvalidator_keys=ON"
+        - TARGET=validator-keys
+    # macos
+    - &macos
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_mac/
+      stage: build
+      os: osx
+      osx_image: xcode11.2
+      name: xcode11.2, debug
+      env:
+        # put NIH in non-cache location since it seems to
+        # cause failures when homebrew updates
+        - NIH_CACHE_ROOT=${TRAVIS_BUILD_DIR}/nih_c
+        - BLD_CONFIG=Debug
+        - TEST_EXTRA_ARGS=""
+        - BOOST_ROOT=${CACHE_DIR}/boost_1_70_0
+        - >-
+          CMAKE_ADD="
+          -DBOOST_ROOT=${BOOST_ROOT}/_INSTALLED_
+          -DBoost_ARCHITECTURE=-x64
+          -DBoost_NO_SYSTEM_PATHS=ON
+          -DCMAKE_VERBOSE_MAKEFILE=ON"
+      addons:
+        homebrew:
+          packages:
+            - protobuf
+            - grpc
+            - pkg-config
+            - bash
+            - ninja
+            - cmake
+            - wget
+            - zstd
+            - libarchive
+            - openssl@1.1
+          update: true
+      install:
+        - export OPENSSL_ROOT=$(brew --prefix openssl@1.1)
+        - travis_wait ${MAX_TIME_MIN} Builds/containers/shared/install_boost.sh
+        - brew uninstall --ignore-dependencies boost
+      script:
+        - mkdir -p build.macos && cd build.macos
+        - cmake -G Ninja ${CMAKE_EXTRA_ARGS} -DCMAKE_BUILD_TYPE=${BLD_CONFIG} ..
+        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose
+        - ./rippled --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS} ${TEST_EXTRA_ARGS}
+    - <<: *macos
+      name: xcode11.2, release
+      before_script:
+        - export BLD_CONFIG=Release
+        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -Dassert=ON"
+    - <<: *macos
+      name: ipv6 (macos)
+      before_script:
+        - export TEST_EXTRA_ARGS="--unittest-ipv6"
+    - <<: *macos
+      osx_image: xcode11.2
+      name: xcode11.2, debug
+    # windows
+    - &windows
+      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_win/
+      os: windows
+      env:
+        # put NIH in a non-cached location until
+        # we come up with a way to stabilize that
+        # cache on windows (minimize incremental changes)
+        - CACHE_NAME=win_01
+        - NIH_CACHE_ROOT=${TRAVIS_BUILD_DIR}/nih_c
+        - VCPKG_DEFAULT_TRIPLET="x64-windows-static"
+        - MATRIX_EVAL="CC=cl.exe && CXX=cl.exe"
+        - BOOST_ROOT=${CACHE_DIR}/boost_1_70
+        - >-
+          CMAKE_ADD="
+          -DCMAKE_PREFIX_PATH=${BOOST_ROOT}/_INSTALLED_
+          -DBOOST_ROOT=${BOOST_ROOT}/_INSTALLED_
+          -DBoost_ROOT=${BOOST_ROOT}/_INSTALLED_
+          -DBoost_DIR=${BOOST_ROOT}/_INSTALLED_/lib/cmake/Boost-1.70.0
+          -DBoost_COMPILER=vc141
+          -DCMAKE_VERBOSE_MAKEFILE=ON
+          -DCMAKE_TOOLCHAIN_FILE=${VCPKG_DIR}/scripts/buildsystems/vcpkg.cmake
+          -DVCPKG_TARGET_TRIPLET=x64-windows-static"
+      stage: windep-vcpkg
+      name: prereq-vcpkg
+      install:
+        - choco upgrade cmake.install
+        - choco install ninja visualstudio2017-workload-vctools -y
+      script:
+        - df -h
+        - env
+        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh openssl
+        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh grpc
+        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh libarchive[lz4]
+        # TBD consider rocksdb via vcpkg if/when we can build with the
+        # vcpkg version
+        # - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh rocksdb[snappy,lz4,zlib]
+    - <<: *windows
+      stage: windep-boost
+      name: prereq-keep-boost
+      install:
+        - choco upgrade cmake.install
+        - choco install ninja visualstudio2017-workload-vctools -y
+        - choco install visualstudio2019buildtools visualstudio2019community visualstudio2019-workload-vctools -y
+      script:
+        - export BOOST_TOOLSET=msvc-14.1
+        - travis_wait ${MAX_TIME_MIN} Builds/containers/shared/install_boost.sh
+    - &windows-bld
+      <<: *windows
+      stage: build
+      name: windows, debug
+      before_script:
+        - export BLD_CONFIG=Debug
+      script:
+        - df -h
+        - . ./bin/sh/setup-msvc.sh
+        - mkdir -p build.ms && cd build.ms
+        - cmake -G Ninja ${CMAKE_EXTRA_ARGS} -DCMAKE_BUILD_TYPE=${BLD_CONFIG} ..
+        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose
+        # override num procs to force fewer unit test jobs
+        - export NUM_PROCESSORS=2
+        - travis_wait ${MAX_TIME_MIN} ./rippled.exe --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS}
+    - <<: *windows-bld
+      name: windows, release
+      before_script:
+        - export BLD_CONFIG=Release
+    - <<: *windows-bld
+      name: windows, visual studio, debug
+      script:
+        - mkdir -p build.ms && cd build.ms
+        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -DCMAKE_GENERATOR_TOOLSET=host=x64"
+        - cmake -G "Visual Studio 15 2017 Win64" ${CMAKE_EXTRA_ARGS} ..
+        - export DESTDIR=${PWD}/_installed_
+        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose --config ${BLD_CONFIG} --target install
+        # override num procs to force fewer unit test jobs
+        - export NUM_PROCESSORS=2
+        - >-
+          travis_wait ${MAX_TIME_MIN} "./_installed_/Program Files/rippled/bin/rippled.exe" --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS}
+    - <<: *windows-bld
+      name: windows, vc2019
+      install:
+        - choco upgrade cmake.install
+        - choco install ninja -y
+        - choco install visualstudio2019buildtools visualstudio2019community visualstudio2019-workload-vctools -y
+      before_script:
+        - export BLD_CONFIG=Release
+        # we want to use the boost build from cache, which was built using the
+        # vs2017 compiler so we need to specify the Boost_COMPILER. BUT, we
+        # can't use the cmake config files generated by boost b/c they are
+        # broken for Boost_COMPILER override, so we need to specify both
+        # Boost_NO_BOOST_CMAKE and a slightly different Boost_COMPILER string
+        # to make the legacy find module work for us. If the cmake configs are
+        # fixed in the future, it should be possible to remove these
+        # workarounds.
+        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -DBoost_NO_BOOST_CMAKE=ON -DBoost_COMPILER=-vc141"
+
+before_cache:
+  - if [ $(uname) = "Linux" ] ; then SUDO="sudo"; else SUDO=""; fi
+  - cd ${TRAVIS_HOME}
+  - if [ -f cache_ignore.tar ] ; then $SUDO tar xvf cache_ignore.tar; fi
+  - cd ${TRAVIS_BUILD_DIR}
+
+cache:
+  timeout: 900
+  directories:
+    - $CACHE_DIR
 
 notifications:
-  email:
-    false
-  irc:
-    channels:
-      - "chat.freenode.net#ripple-dev"
-
+  email: false

Builds/CMake/CMake_sqlite3.txt

@@ -0,0 +1,60 @@
+
+#[=========================================================[
+  SQLITE doesn't provide build files in the
+  standard source-only distribution. So we wrote
+  a simple cmake file and we copy it to the
+  external project folder so that we can use
+  this file to build the lib with ExternalProject
+#]=========================================================]
+
+add_library (sqlite3 STATIC sqlite3.c)
+#[=========================================================[
+   When compiled with SQLITE_THREADSAFE=1, SQLite operates
+   in serialized mode. In this mode, SQLite can be safely
+   used by multiple threads with no restriction.
+
+   NOTE: This implies a global mutex!
+
+   When compiled with SQLITE_THREADSAFE=2, SQLite can be
+   used in a multithreaded program so long as no two
+   threads attempt to use the same database connection at
+   the same time.
+
+   NOTE: This is the preferred threading model, but not
+   currently enabled because we need to investigate our
+   use-model and concurrency requirements.
+
+   TODO: consider whether any other options should be
+   used: https://www.sqlite.org/compile.html
+#]=========================================================]
+
+target_compile_definitions (sqlite3
+  PRIVATE
+    SQLITE_THREADSAFE=1
+    HAVE_USLEEP=1)
+target_compile_options (sqlite3
+  PRIVATE
+    $<$<BOOL:${MSVC}>:
+      -wd4100
+      -wd4127
+      -wd4232
+      -wd4244
+      -wd4701
+      -wd4706
+      -wd4996
+    >
+    $<$<NOT:$<BOOL:${MSVC}>>:-Wno-array-bounds>)
+install (
+  TARGETS
+    sqlite3
+  LIBRARY DESTINATION lib
+  ARCHIVE DESTINATION lib
+  RUNTIME DESTINATION bin
+  INCLUDES DESTINATION include)
+install (
+  FILES
+    sqlite3.h
+    sqlite3ext.h
+  DESTINATION include)
+
+

Builds/CMake/FindRocksDB.cmake

@@ -0,0 +1,62 @@
+set (RocksDB_DIR "" CACHE PATH "Root directory of RocksDB distribution")
+
+find_path (RocksDB_INCLUDE_DIR
+    rocksdb/db.h
+    PATHS ${RocksDB_DIR})
+
+set (RocksDB_VERSION "")
+find_file (RocksDB_VERSION_FILE
+    rocksdb/version.h
+    PATHS ${RocksDB_DIR})
+if (RocksDB_VERSION_FILE)
+    file (READ ${RocksDB_VERSION_FILE} _verfile)
+    if ("${_verfile}" MATCHES "#define[ \\t]+ROCKSDB_MAJOR[ \\t]+([0-9]+)")
+        string (APPEND RocksDB_VERSION "${CMAKE_MATCH_1}")
+    else ()
+        string (APPEND RocksDB_VERSION "0")
+    endif()
+    if ("${_verfile}" MATCHES "#define[ \\t]+ROCKSDB_MINOR[ \\t]+([0-9]+)")
+        string (APPEND RocksDB_VERSION ".${CMAKE_MATCH_1}")
+    else ()
+        string (APPEND RocksDB_VERSION ".0")
+    endif()
+    if ("${_verfile}" MATCHES "#define[ \\t]+ROCKSDB_PATCH[ \\t]+([0-9]+)")
+        string (APPEND RocksDB_VERSION ".${CMAKE_MATCH_1}")
+    else ()
+        string (APPEND RocksDB_VERSION ".0")
+    endif()
+endif ()
+
+if (RocksDB_USE_STATIC)
+    list (APPEND RocksDB_NAMES
+        "${CMAKE_STATIC_LIBRARY_PREFIX}rocksdb${CMAKE_STATIC_LIBRARY_SUFFIX}"
+        "${CMAKE_STATIC_LIBRARY_PREFIX}rocksdblib${CMAKE_STATIC_LIBRARY_SUFFIX}")
+endif ()
+
+list (APPEND RocksDB_NAMES rocksdb)
+
+find_library (RocksDB_LIBRARY NAMES ${RocksDB_NAMES}
+    PATHS
+    ${RocksDB_DIR}
+    ${RocksDB_DIR}/bin/Release
+    ${RocksDB_DIR}/bin64_vs2013/Release
+    PATH_SUFFIXES lib lib64)
+
+foreach (_n RocksDB_NAMES)
+    list (APPEND RocksDB_NAMES_DBG "${_n}_d" "${_n}d")
+endforeach ()
+find_library (RocksDB_LIBRARY_DEBUG NAMES ${RocksDB_NAMES_DBG}
+    PATHS
+    ${RocksDB_DIR}
+    ${RocksDB_DIR}/bin/Debug
+    ${RocksDB_DIR}/bin64_vs2013/Debug
+    PATH_SUFFIXES lib lib64)
+
+include (FindPackageHandleStandardArgs)
+find_package_handle_standard_args (RocksDB
+    REQUIRED_VARS RocksDB_LIBRARY RocksDB_INCLUDE_DIR
+    VERSION_VAR RocksDB_VERSION)
+
+mark_as_advanced (RocksDB_INCLUDE_DIR RocksDB_LIBRARY)
+set (RocksDB_INCLUDE_DIRS ${RocksDB_INCLUDE_DIR})
+set (RocksDB_LIBRARIES ${RocksDB_LIBRARY})

Builds/CMake/README.md

@@ -0,0 +1,18 @@
+
+These are modules and sources that support our CMake build.
+
+== FindBoost.cmake ==
+
+In order to facilitate updating to latest releases of boost, we've made a local
+copy of the FindBoost cmake module in our repo. The latest official version can
+generally be obtained
+[here](https://github.com/Kitware/CMake/blob/master/Modules/FindBoost.cmake).
+
+The latest version provided by Kitware can be tailored for use with the
+version of CMake that it ships with (typically the next upcoming CMake
+release). As such, the latest version from the repository might not work
+perfectly with older versions of CMake - for instance, the latest version 
+might use features or properties only available in the version of CMake that 
+it ships with. Given this, it's best to test any updates to this module with a few 
+different versions of cmake.
+

Builds/CMake/RippleConfig.cmake

@@ -0,0 +1,56 @@
+include (CMakeFindDependencyMacro)
+# need to represent system dependencies of the lib here
+#[=========================================================[
+  Boost
+#]=========================================================]
+if (static OR APPLE OR MSVC)
+  set (Boost_USE_STATIC_LIBS ON)
+endif ()
+set (Boost_USE_MULTITHREADED ON)
+if (static OR MSVC)
+  set (Boost_USE_STATIC_RUNTIME ON)
+else ()
+  set (Boost_USE_STATIC_RUNTIME OFF)
+endif ()
+find_dependency (Boost 1.70
+  COMPONENTS
+    chrono
+    container
+    context
+    coroutine
+    date_time
+    filesystem
+    program_options
+    regex
+    system
+    thread)
+#[=========================================================[
+  OpenSSL
+#]=========================================================]
+if (NOT DEFINED OPENSSL_ROOT_DIR)
+  if (DEFINED ENV{OPENSSL_ROOT})
+    set (OPENSSL_ROOT_DIR $ENV{OPENSSL_ROOT})
+  elseif (APPLE)
+    find_program (homebrew brew)
+    if (homebrew)
+      execute_process (COMMAND ${homebrew} --prefix openssl
+        OUTPUT_VARIABLE OPENSSL_ROOT_DIR
+        OUTPUT_STRIP_TRAILING_WHITESPACE)
+    endif ()
+  endif ()
+  file (TO_CMAKE_PATH "${OPENSSL_ROOT_DIR}" OPENSSL_ROOT_DIR)
+endif ()
+
+if (static OR APPLE OR MSVC)
+  set (OPENSSL_USE_STATIC_LIBS ON)
+endif ()
+set (OPENSSL_MSVC_STATIC_RT ON)
+find_dependency (OpenSSL 1.1.1 REQUIRED)
+find_dependency (ZLIB)
+find_dependency (date)
+if (TARGET ZLIB::ZLIB)
+  set_target_properties(OpenSSL::Crypto PROPERTIES
+    INTERFACE_LINK_LIBRARIES ZLIB::ZLIB)
+endif ()
+
+include ("${CMAKE_CURRENT_LIST_DIR}/RippleTargets.cmake")

Builds/CMake/RippledCompiler.cmake

@@ -0,0 +1,179 @@
+#[===================================================================[
+   setup project-wide compiler settings
+#]===================================================================]
+
+#[=========================================================[
+   TODO some/most of these common settings belong in a
+   toolchain file, especially the ABI-impacting ones
+#]=========================================================]
+add_library (common INTERFACE)
+add_library (Ripple::common ALIAS common)
+# add a single global dependency on this interface lib
+link_libraries (Ripple::common)
+set_target_properties (common
+  PROPERTIES INTERFACE_POSITION_INDEPENDENT_CODE ON)
+set(CMAKE_CXX_EXTENSIONS OFF)
+target_compile_features (common INTERFACE cxx_std_17)
+target_compile_definitions (common
+  INTERFACE
+    $<$<CONFIG:Debug>:DEBUG _DEBUG>
+    $<$<AND:$<BOOL:${profile}>,$<NOT:$<BOOL:${assert}>>>:NDEBUG>)
+    # ^^^^ NOTE: CMAKE release builds already have NDEBUG
+    # defined, so no need to add it explicitly except for
+    # this special case of (profile ON) and (assert OFF)
+    # -- presumably this is because we don't want profile
+    # builds asserting unless asserts were specifically
+    # requested
+
+if (MSVC)
+  # remove existing exception flag since we set it to -EHa
+  string (REGEX REPLACE "[-/]EH[a-z]+" "" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}")
+
+  foreach (var_
+      CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
+      CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE)
+
+    # also remove dynamic runtime
+    string (REGEX REPLACE "[-/]MD[d]*" " " ${var_} "${${var_}}")
+
+    # /ZI (Edit & Continue debugging information) is incompatible with Gy-
+    string (REPLACE "/ZI" "/Zi" ${var_} "${${var_}}")
+
+    # omit debug info completely under CI (not needed)
+    if (is_ci)
+      string (REPLACE "/Zi" " " ${var_} "${${var_}}")
+    endif ()
+  endforeach ()
+
+  target_compile_options (common
+    INTERFACE
+      -bigobj            # Increase object file max size
+      -fp:precise        # Floating point behavior
+      -Gd                # __cdecl calling convention
+      -Gm-               # Minimal rebuild: disabled
+      -Gy-               # Function level linking: disabled
+      -MP                # Multiprocessor compilation
+      -openmp-           # pragma omp: disabled
+      -errorReport:none  # No error reporting to Internet
+      -nologo            # Suppress login banner
+      -wd4018            # Disable signed/unsigned comparison warnings
+      -wd4244            # Disable float to int possible loss of data warnings
+      -wd4267            # Disable size_t to T possible loss of data warnings
+      -wd4800            # Disable C4800(int to bool performance)
+      -wd4503            # Decorated name length exceeded, name was truncated
+      $<$<COMPILE_LANGUAGE:CXX>:
+        -EHa
+        -GR
+      >
+      $<$<CONFIG:Release>:-Ox>
+      $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>>:
+        -GS
+        -Zc:forScope
+      >
+      # static runtime
+      $<$<CONFIG:Debug>:-MTd>
+      $<$<NOT:$<CONFIG:Debug>>:-MT>
+      $<$<BOOL:${werr}>:-WX>
+      )
+  target_compile_definitions (common
+    INTERFACE
+      _WIN32_WINNT=0x6000
+      _SCL_SECURE_NO_WARNINGS
+      _CRT_SECURE_NO_WARNINGS
+      WIN32_CONSOLE
+      WIN32_LEAN_AND_MEAN
+      NOMINMAX
+      # TODO: Resolve these warnings, don't just silence them
+      _SILENCE_ALL_CXX17_DEPRECATION_WARNINGS
+      $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>>:_CRTDBG_MAP_ALLOC>)
+  target_link_libraries (common
+    INTERFACE
+      -errorreport:none
+      -machine:X64)
+else ()
+  # HACK : because these need to come first, before any warning demotion
+  string (APPEND CMAKE_CXX_FLAGS " -Wall -Wdeprecated")
+  if (wextra)
+    string (APPEND CMAKE_CXX_FLAGS " -Wextra -Wno-unused-parameter")
+  endif ()
+  # not MSVC
+  target_compile_options (common
+    INTERFACE
+      $<$<BOOL:${werr}>:-Werror>
+      $<$<COMPILE_LANGUAGE:CXX>:
+        -frtti
+        -Wnon-virtual-dtor
+      >
+      -Wno-sign-compare
+      -Wno-char-subscripts
+      -Wno-format
+      -Wno-unused-local-typedefs
+      $<$<BOOL:${is_gcc}>:
+        -Wno-unused-but-set-variable
+        -Wno-deprecated
+      >
+      $<$<NOT:$<CONFIG:Debug>>:-fno-strict-aliasing>
+      # tweak gcc optimization for debug
+      $<$<AND:$<BOOL:${is_gcc}>,$<CONFIG:Debug>>:-O0>
+      # Add debug symbols to release config
+      $<$<CONFIG:Release>:-g>)
+  target_link_libraries (common
+    INTERFACE
+      -rdynamic
+      # link to static libc/c++ iff:
+      #   * static option set and
+      #   * NOT APPLE (AppleClang does not support static libc/c++) and
+      #   * NOT san (sanitizers typically don't work with static libc/c++)
+      $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${san}>>>:-static-libstdc++>)
+endif ()
+
+if (use_gold AND is_gcc)
+  # use gold linker if available
+  execute_process (
+    COMMAND ${CMAKE_CXX_COMPILER} -fuse-ld=gold -Wl,--version
+    ERROR_QUIET OUTPUT_VARIABLE LD_VERSION)
+    #[=========================================================[
+       NOTE: THE gold linker inserts -rpath as DT_RUNPATH by
+       default intead of DT_RPATH, so you might have slightly
+       unexpected runtime ld behavior if you were expecting
+       DT_RPATH.  Specify --disable-new-dtags to gold if you do
+       not want the default DT_RUNPATH behavior. This rpath
+       treatment as well as static/dynamic selection means that
+       gold does not currently have ideal default behavior when
+       we are using jemalloc. Thus for simplicity we don't use
+       it when jemalloc is requested. An alternative to
+       disabling would be to figure out all the settings
+       required to make gold play nicely with jemalloc.
+    #]=========================================================]
+  if (("${LD_VERSION}" MATCHES "GNU gold") AND (NOT jemalloc))
+    target_link_libraries (common
+      INTERFACE
+        -fuse-ld=gold
+        -Wl,--no-as-needed
+        #[=========================================================[
+           see https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1253638/comments/5
+           DT_RUNPATH does not work great for transitive
+           dependencies (of which boost has a few) - so just
+           switch to DT_RPATH if doing dynamic linking with gold
+        #]=========================================================]
+        $<$<NOT:$<BOOL:${static}>>:-Wl,--disable-new-dtags>)
+  endif ()
+  unset (LD_VERSION)
+endif ()
+
+if (use_lld)
+  # use lld linker if available
+  execute_process (
+    COMMAND ${CMAKE_CXX_COMPILER} -fuse-ld=lld -Wl,--version
+    ERROR_QUIET OUTPUT_VARIABLE LD_VERSION)
+  if ("${LD_VERSION}" MATCHES "LLD")
+    target_link_libraries (common INTERFACE -fuse-ld=lld)
+  endif ()
+  unset (LD_VERSION)
+endif()
+
+if (assert)
+  foreach (var_ CMAKE_C_FLAGS_RELEASE CMAKE_CXX_FLAGS_RELEASE)
+    STRING (REGEX REPLACE "[-/]DNDEBUG" "" ${var_} "${${var_}}")
+  endforeach ()
+endif ()

Builds/CMake/RippledCov.cmake

@@ -0,0 +1,98 @@
+#[===================================================================[
+   coverage report target
+#]===================================================================]
+
+if (coverage)
+  if (is_clang)
+    if (APPLE)
+      execute_process (COMMAND xcrun -f llvm-profdata
+        OUTPUT_VARIABLE LLVM_PROFDATA
+        OUTPUT_STRIP_TRAILING_WHITESPACE)
+    else ()
+      find_program (LLVM_PROFDATA llvm-profdata)
+    endif ()
+    if (NOT LLVM_PROFDATA)
+      message (WARNING "unable to find llvm-profdata - skipping coverage_report target")
+    endif ()
+
+    if (APPLE)
+      execute_process (COMMAND xcrun -f llvm-cov
+        OUTPUT_VARIABLE LLVM_COV
+        OUTPUT_STRIP_TRAILING_WHITESPACE)
+    else ()
+      find_program (LLVM_COV llvm-cov)
+    endif ()
+    if (NOT LLVM_COV)
+      message (WARNING "unable to find llvm-cov - skipping coverage_report target")
+    endif ()
+
+    set (extract_pattern "")
+    if (coverage_core_only)
+      set (extract_pattern "${CMAKE_CURRENT_SOURCE_DIR}/src/ripple/")
+    endif ()
+
+    if (LLVM_COV AND LLVM_PROFDATA)
+      add_custom_target (coverage_report
+        USES_TERMINAL
+        COMMAND ${CMAKE_COMMAND} -E echo "Generating coverage - results will be in ${CMAKE_BINARY_DIR}/coverage/index.html."
+        COMMAND ${CMAKE_COMMAND} -E echo "Running rippled tests."
+        COMMAND rippled --unittest$<$<BOOL:${coverage_test}>:=${coverage_test}> --quiet --unittest-log
+        COMMAND ${LLVM_PROFDATA}
+          merge -sparse default.profraw -o rip.profdata
+        COMMAND ${CMAKE_COMMAND} -E echo "Summary of coverage:"
+        COMMAND ${LLVM_COV}
+          report -instr-profile=rip.profdata
+          $<TARGET_FILE:rippled> ${extract_pattern}
+        # generate html report
+        COMMAND ${LLVM_COV}
+          show -format=html -output-dir=${CMAKE_BINARY_DIR}/coverage
+          -instr-profile=rip.profdata
+          $<TARGET_FILE:rippled> ${extract_pattern}
+        BYPRODUCTS coverage/index.html)
+    endif ()
+  elseif (is_gcc)
+    find_program (LCOV lcov)
+    if (NOT LCOV)
+      message (WARNING "unable to find lcov - skipping coverage_report target")
+    endif ()
+
+    find_program (GENHTML genhtml)
+    if (NOT GENHTML)
+      message (WARNING "unable to find genhtml - skipping coverage_report target")
+    endif ()
+
+    set (extract_pattern "*")
+    if (coverage_core_only)
+      set (extract_pattern "*/src/ripple/*")
+    endif ()
+
+    if (LCOV AND GENHTML)
+      add_custom_target (coverage_report
+        USES_TERMINAL
+        COMMAND ${CMAKE_COMMAND} -E echo "Generating coverage- results will be in ${CMAKE_BINARY_DIR}/coverage/index.html."
+        # create baseline info file
+        COMMAND ${LCOV}
+          --no-external -d "${CMAKE_CURRENT_SOURCE_DIR}" -c -d . -i -o baseline.info
+          | grep -v "ignoring data for external file"
+        # run tests
+        COMMAND ${CMAKE_COMMAND} -E echo "Running rippled tests for coverage report."
+        COMMAND rippled --unittest$<$<BOOL:${coverage_test}>:=${coverage_test}> --quiet --unittest-log
+        # Create test coverage data file
+        COMMAND ${LCOV}
+          --no-external -d "${CMAKE_CURRENT_SOURCE_DIR}" -c -d . -o tests.info
+          | grep -v "ignoring data for external file"
+        # Combine baseline and test coverage data
+        COMMAND ${LCOV}
+          -a baseline.info -a tests.info -o lcov-all.info
+        # extract our files
+        COMMAND ${LCOV}
+          -e lcov-all.info "${extract_pattern}" -o lcov.info
+        COMMAND ${CMAKE_COMMAND} -E echo "Summary of coverage:"
+        COMMAND ${LCOV} --summary lcov.info
+        # generate HTML report
+        COMMAND ${GENHTML}
+          -o ${CMAKE_BINARY_DIR}/coverage lcov.info
+        BYPRODUCTS coverage/index.html)
+    endif ()
+  endif ()
+endif ()

Builds/CMake/RippledDocs.cmake

@@ -0,0 +1,79 @@
+#[===================================================================[
+   docs target (optional)
+#]===================================================================]
+if (tests)
+  find_package (Doxygen)
+  if (NOT TARGET Doxygen::doxygen)
+    message (STATUS "doxygen executable not found -- skipping docs target")
+    return ()
+  endif ()
+  
+  set (doxygen_output_directory "${CMAKE_BINARY_DIR}/docs")
+  set (doxygen_include_path "${CMAKE_CURRENT_SOURCE_DIR}/src")
+  set (doxygen_index_file "${doxygen_output_directory}/html/index.html")
+  set (doxyfile "${CMAKE_CURRENT_SOURCE_DIR}/docs/Doxyfile")
+  
+  file (GLOB_RECURSE doxygen_input
+    docs/*.md
+    src/ripple/*.h
+    src/ripple/*.cpp
+    src/ripple/*.md
+    src/test/*.h
+    src/test/*.md
+    Builds/*/README.md)
+  list (APPEND doxygen_input
+    README.md
+    RELEASENOTES.md
+    src/README.md)
+  set (dependencies "${doxygen_input}" "${doxyfile}")
+  
+  function (verbose_find_path variable name)
+    # find_path sets a CACHE variable, so don't try using a "local" variable.
+    find_path (${variable} "${name}" ${ARGN})
+    if (NOT ${variable})
+      message (WARNING "could not find ${name}")
+    else ()
+      message (STATUS "found ${name}: ${${variable}}/${name}")
+    endif ()
+  endfunction ()
+  
+  verbose_find_path (doxygen_plantuml_jar_path plantuml.jar PATH_SUFFIXES share/plantuml)
+  verbose_find_path (doxygen_dot_path dot)
+  
+  # https://en.cppreference.com/w/Cppreference:Archives
+  # https://stackoverflow.com/questions/60822559/how-to-move-a-file-download-from-configure-step-to-build-step
+  set (download_script "${CMAKE_BINARY_DIR}/docs/download-cppreference.cmake")
+  file (WRITE
+    "${download_script}"
+    "file (DOWNLOAD \
+      http://upload.cppreference.com/mwiki/images/b/b2/html_book_20190607.zip \
+      ${CMAKE_BINARY_DIR}/docs/cppreference.zip \
+      EXPECTED_HASH MD5=82b3a612d7d35a83e3cb1195a63689ab \
+    )\n \
+    execute_process ( \
+      COMMAND \"${CMAKE_COMMAND}\" -E tar -xf cppreference.zip \
+    )\n"
+  )
+  set (tagfile "${CMAKE_BINARY_DIR}/docs/cppreference-doxygen-web.tag.xml")
+  add_custom_command (
+    OUTPUT "${tagfile}"
+    COMMAND "${CMAKE_COMMAND}" -P "${download_script}"
+    WORKING_DIRECTORY "${CMAKE_BINARY_DIR}/docs"
+  )
+  set (doxygen_tagfiles "${tagfile}=http://en.cppreference.com/w/")
+  
+  add_custom_command (
+    OUTPUT "${doxygen_index_file}"
+    COMMAND "${CMAKE_COMMAND}" -E env
+      "DOXYGEN_OUTPUT_DIRECTORY=${doxygen_output_directory}"
+      "DOXYGEN_INCLUDE_PATH=${doxygen_include_path}"
+      "DOXYGEN_TAGFILES=${doxygen_tagfiles}"
+      "DOXYGEN_PLANTUML_JAR_PATH=${doxygen_plantuml_jar_path}"
+      "DOXYGEN_DOT_PATH=${doxygen_dot_path}"
+      "${DOXYGEN_EXECUTABLE}" "${doxyfile}"
+    WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+    DEPENDS "${dependencies}" "${tagfile}")
+  add_custom_target (docs
+    DEPENDS "${doxygen_index_file}"
+    SOURCES "${dependencies}")
+endif ()

Builds/CMake/RippledInstall.cmake

@@ -0,0 +1,62 @@
+#[===================================================================[
+   install stuff
+#]===================================================================]
+
+install (
+  TARGETS
+    ed25519-donna
+    common
+    opts
+    ripple_syslibs
+    ripple_boost
+    xrpl_core
+  EXPORT RippleExports
+  LIBRARY DESTINATION lib
+  ARCHIVE DESTINATION lib
+  RUNTIME DESTINATION bin
+  INCLUDES DESTINATION include)
+
+if(${INSTALL_SECP256K1})
+install (
+  TARGETS
+    secp256k1
+  EXPORT RippleExports
+  LIBRARY DESTINATION lib
+  ARCHIVE DESTINATION lib
+  RUNTIME DESTINATION bin
+  INCLUDES DESTINATION include)
+endif()
+
+install (EXPORT RippleExports
+  FILE RippleTargets.cmake
+  NAMESPACE Ripple::
+  DESTINATION lib/cmake/ripple)
+include (CMakePackageConfigHelpers)
+write_basic_package_version_file (
+  RippleConfigVersion.cmake
+  VERSION ${rippled_version}
+  COMPATIBILITY SameMajorVersion)
+
+if (is_root_project)
+  install (TARGETS rippled RUNTIME DESTINATION bin)
+  set_target_properties(rippled PROPERTIES INSTALL_RPATH_USE_LINK_PATH ON)
+  install (
+    FILES
+      ${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/RippleConfig.cmake
+      ${CMAKE_CURRENT_BINARY_DIR}/RippleConfigVersion.cmake
+    DESTINATION lib/cmake/ripple)
+  # sample configs should not overwrite existing files
+  # install if-not-exists workaround as suggested by
+  # https://cmake.org/Bug/view.php?id=12646
+  install(CODE "
+    macro (copy_if_not_exists SRC DEST NEWNAME)
+      if (NOT EXISTS \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
+        file (INSTALL FILE_PERMISSIONS OWNER_READ OWNER_WRITE DESTINATION \"\${CMAKE_INSTALL_PREFIX}/\${DEST}\" FILES \"\${SRC}\" RENAME \"\${NEWNAME}\")
+      else ()
+        message (\"-- Skipping : \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
+      endif ()
+    endmacro()
+    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/rippled-example.cfg\" etc rippled.cfg)
+    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt\" etc validators.txt)
+  ")
+endif ()

Builds/CMake/RippledInterface.cmake

@@ -0,0 +1,103 @@
+#[===================================================================[
+   rippled compile options/settings via an interface library
+#]===================================================================]
+
+add_library (opts INTERFACE)
+add_library (Ripple::opts ALIAS opts)
+target_compile_definitions (opts
+  INTERFACE
+    BOOST_ASIO_DISABLE_HANDLER_TYPE_REQUIREMENTS
+    $<$<BOOL:${boost_show_deprecated}>:
+      BOOST_ASIO_NO_DEPRECATED
+      BOOST_FILESYSTEM_NO_DEPRECATED
+    >
+    $<$<NOT:$<BOOL:${boost_show_deprecated}>>:
+      BOOST_COROUTINES_NO_DEPRECATION_WARNING
+      BOOST_BEAST_ALLOW_DEPRECATED
+      BOOST_FILESYSTEM_DEPRECATED
+    >
+    $<$<BOOL:${beast_no_unit_test_inline}>:BEAST_NO_UNIT_TEST_INLINE=1>
+    $<$<BOOL:${beast_disable_autolink}>:BEAST_DONT_AUTOLINK_TO_WIN32_LIBRARIES=1>
+    $<$<BOOL:${single_io_service_thread}>:RIPPLE_SINGLE_IO_SERVICE_THREAD=1>)
+target_compile_options (opts
+  INTERFACE
+    $<$<AND:$<BOOL:${is_gcc}>,$<COMPILE_LANGUAGE:CXX>>:-Wsuggest-override>
+    $<$<BOOL:${perf}>:-fno-omit-frame-pointer>
+    $<$<AND:$<BOOL:${is_gcc}>,$<BOOL:${coverage}>>:-fprofile-arcs -ftest-coverage>
+    $<$<AND:$<BOOL:${is_clang}>,$<BOOL:${coverage}>>:-fprofile-instr-generate -fcoverage-mapping>
+    $<$<BOOL:${profile}>:-pg>
+    $<$<AND:$<BOOL:${is_gcc}>,$<BOOL:${profile}>>:-p>)
+
+target_link_libraries (opts
+  INTERFACE
+    $<$<AND:$<BOOL:${is_gcc}>,$<BOOL:${coverage}>>:-fprofile-arcs -ftest-coverage>
+    $<$<AND:$<BOOL:${is_clang}>,$<BOOL:${coverage}>>:-fprofile-instr-generate -fcoverage-mapping>
+    $<$<BOOL:${profile}>:-pg>
+    $<$<AND:$<BOOL:${is_gcc}>,$<BOOL:${profile}>>:-p>)
+
+if (jemalloc)
+  if (static)
+    set(JEMALLOC_USE_STATIC ON CACHE BOOL "" FORCE)
+  endif ()
+  find_package (jemalloc REQUIRED)
+  target_compile_definitions (opts INTERFACE PROFILE_JEMALLOC)
+  target_include_directories (opts SYSTEM INTERFACE ${JEMALLOC_INCLUDE_DIRS})
+  target_link_libraries (opts INTERFACE ${JEMALLOC_LIBRARIES})
+  get_filename_component (JEMALLOC_LIB_PATH ${JEMALLOC_LIBRARIES} DIRECTORY)
+  ## TODO see if we can use the BUILD_RPATH target property (is it transitive?)
+  set (CMAKE_BUILD_RPATH ${CMAKE_BUILD_RPATH} ${JEMALLOC_LIB_PATH})
+endif ()
+
+if (san)
+  target_compile_options (opts
+    INTERFACE
+      # sanitizers recommend minimum of -O1 for reasonable performance
+      $<$<CONFIG:Debug>:-O1>
+      ${SAN_FLAG}
+      -fno-omit-frame-pointer)
+  target_compile_definitions (opts
+    INTERFACE
+      $<$<STREQUAL:${san},address>:SANITIZER=ASAN>
+      $<$<STREQUAL:${san},thread>:SANITIZER=TSAN>
+      $<$<STREQUAL:${san},memory>:SANITIZER=MSAN>
+      $<$<STREQUAL:${san},undefined>:SANITIZER=UBSAN>)
+  target_link_libraries (opts INTERFACE ${SAN_FLAG} ${SAN_LIB})
+endif ()
+
+#[===================================================================[
+   rippled transitive library deps via an interface library
+#]===================================================================]
+
+add_library (ripple_syslibs INTERFACE)
+add_library (Ripple::syslibs ALIAS ripple_syslibs)
+target_link_libraries (ripple_syslibs
+  INTERFACE
+    $<$<BOOL:${MSVC}>:
+      legacy_stdio_definitions.lib
+      Shlwapi
+      kernel32
+      user32
+      gdi32
+      winspool
+      comdlg32
+      advapi32
+      shell32
+      ole32
+      oleaut32
+      uuid
+      odbc32
+      odbccp32
+      crypt32
+    >
+    $<$<NOT:$<BOOL:${MSVC}>>:dl>
+    $<$<NOT:$<OR:$<BOOL:${MSVC}>,$<BOOL:${APPLE}>>>:rt>)
+
+if (NOT MSVC)
+  set (THREADS_PREFER_PTHREAD_FLAG ON)
+  find_package (Threads)
+  target_link_libraries (ripple_syslibs INTERFACE Threads::Threads)
+endif ()
+
+add_library (ripple_libs INTERFACE)
+add_library (Ripple::libs ALIAS ripple_libs)
+target_link_libraries (ripple_libs INTERFACE Ripple::syslibs)

Builds/CMake/RippledMultiConfig.cmake

@@ -0,0 +1,39 @@
+#[===================================================================[
+   multiconfig misc
+#]===================================================================]
+
+if (is_multiconfig)
+  # This code finds all source files in the src subdirectory for inclusion
+  # in the IDE file tree as non-compiled sources. Since this file list will
+  # have some overlap with files we have already added to our targets to
+  # be compiled, we explicitly remove any of these target source files from
+  # this list.
+  file (GLOB_RECURSE all_sources RELATIVE ${CMAKE_CURRENT_SOURCE_DIR}
+    CONFIGURE_DEPENDS
+    src/*.* Builds/*.md docs/*.md src/*.md Builds/*.cmake)
+  file(GLOB md_files RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} CONFIGURE_DEPENDS
+    *.md)
+  LIST(APPEND all_sources ${md_files})
+  foreach (_target secp256k1 ed25519-donna pbufs xrpl_core rippled)
+    get_target_property (_type ${_target} TYPE)
+    if(_type STREQUAL "INTERFACE_LIBRARY")
+      continue()
+    endif()
+    get_target_property (_src ${_target} SOURCES)
+    list (REMOVE_ITEM all_sources ${_src})
+  endforeach ()
+  target_sources (rippled PRIVATE ${all_sources})
+  set_property (
+    SOURCE ${all_sources}
+    APPEND
+    PROPERTY HEADER_FILE_ONLY true)
+  if (MSVC)
+    set_property(
+      DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+      PROPERTY VS_STARTUP_PROJECT rippled)
+  endif ()
+
+  group_sources(src)
+  group_sources(docs)
+  group_sources(Builds)
+endif ()

Builds/CMake/RippledNIH.cmake

@@ -0,0 +1,33 @@
+#[===================================================================[
+   NIH prefix path..this is where we will download
+   and build any ExternalProjects, and they will hopefully
+   survive across build directory deletion (manual cleans)
+#]===================================================================]
+
+string (REGEX REPLACE "[ \\/%]+" "_" gen_for_path ${CMAKE_GENERATOR})
+string (TOLOWER ${gen_for_path} gen_for_path)
+# HACK: trying to shorten paths for windows CI (which hits 260 MAXPATH easily)
+# @see:  https://issues.jenkins-ci.org/browse/JENKINS-38706?focusedCommentId=339847
+string (REPLACE "visual_studio" "vs" gen_for_path ${gen_for_path})
+if (NOT DEFINED NIH_CACHE_ROOT)
+  if (DEFINED ENV{NIH_CACHE_ROOT})
+    set (NIH_CACHE_ROOT $ENV{NIH_CACHE_ROOT})
+  else ()
+    set (NIH_CACHE_ROOT "${CMAKE_CURRENT_SOURCE_DIR}/.nih_c")
+  endif ()
+endif ()
+set (nih_cache_path
+  "${NIH_CACHE_ROOT}/${gen_for_path}/${CMAKE_CXX_COMPILER_ID}_${CMAKE_CXX_COMPILER_VERSION}")
+if (NOT is_multiconfig)
+  set (nih_cache_path "${nih_cache_path}/${CMAKE_BUILD_TYPE}")
+endif ()
+file(TO_CMAKE_PATH "${nih_cache_path}" nih_cache_path)
+message (STATUS "NIH-EP cache path: ${nih_cache_path}")
+## two convenience variables:
+set (ep_lib_prefix ${CMAKE_STATIC_LIBRARY_PREFIX})
+set (ep_lib_suffix ${CMAKE_STATIC_LIBRARY_SUFFIX})
+
+# this is a setting for FetchContent and needs to be
+# a cache variable
+# https://cmake.org/cmake/help/latest/module/FetchContent.html#populating-the-content
+set (FETCHCONTENT_BASE_DIR ${nih_cache_path} CACHE STRING "" FORCE)

Builds/CMake/RippledRelease.cmake

@@ -0,0 +1,190 @@
+#[===================================================================[
+   package/container targets - (optional)
+#]===================================================================]
+
+if (is_root_project)
+  if (NOT DOCKER)
+    find_program (DOCKER docker)
+  endif ()
+
+  if (DOCKER)
+    # if no container label is provided, use current git hash
+    git_hash (commit_hash)
+    if (NOT container_label)
+      set (container_label ${commit_hash})
+    endif ()
+    message (STATUS "using [${container_label}] as build container tag...")
+
+    file (MAKE_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/packages)
+    file (MAKE_DIRECTORY ${NIH_CACHE_ROOT}/pkgbuild)
+    if (is_linux)
+      execute_process (COMMAND id -u
+        OUTPUT_VARIABLE DOCKER_USER_ID
+        OUTPUT_STRIP_TRAILING_WHITESPACE)
+      message (STATUS "docker local user id: ${DOCKER_USER_ID}")
+      execute_process (COMMAND id -g
+        OUTPUT_VARIABLE DOCKER_GROUP_ID
+        OUTPUT_STRIP_TRAILING_WHITESPACE)
+      message (STATUS "docker local group id: ${DOCKER_GROUP_ID}")
+    endif ()
+    if (DOCKER_USER_ID AND DOCKER_GROUP_ID)
+      set(map_user TRUE)
+    endif ()
+    #[===================================================================[
+        rpm
+    #]===================================================================]
+    add_custom_target (rpm_container
+      docker build
+        --pull
+        --build-arg GIT_COMMIT=${commit_hash}
+        -t rippled-rpm-builder:${container_label}
+        $<$<BOOL:${rpm_cache_from}>:--cache-from=${rpm_cache_from}>
+        -f centos-builder/Dockerfile .
+      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
+      VERBATIM
+      USES_TERMINAL
+      COMMAND_EXPAND_LISTS
+      SOURCES
+        Builds/containers/centos-builder/Dockerfile
+        Builds/containers/centos-builder/centos_setup.sh
+        Builds/containers/centos-builder/extras.sh
+        Builds/containers/shared/build_deps.sh
+        Builds/containers/shared/rippled.service
+        Builds/containers/shared/update_sources.sh
+        Builds/containers/shared/update-rippled.sh
+        Builds/containers/packaging/rpm/rippled.spec
+        Builds/containers/packaging/rpm/build_rpm.sh
+        bin/getRippledInfo
+    )
+    exclude_from_default (rpm_container)
+    add_custom_target (rpm
+      docker run
+        -e NIH_CACHE_ROOT=/opt/rippled_bld/pkg/.nih_c
+        -v ${NIH_CACHE_ROOT}/pkgbuild:/opt/rippled_bld/pkg/.nih_c
+        -v ${CMAKE_CURRENT_SOURCE_DIR}:/opt/rippled_bld/pkg/rippled
+        -v ${CMAKE_CURRENT_BINARY_DIR}/packages:/opt/rippled_bld/pkg/out
+        "$<$<BOOL:${map_user}>:--volume=/etc/passwd:/etc/passwd;--volume=/etc/group:/etc/group;--user=${DOCKER_USER_ID}:${DOCKER_GROUP_ID}>"
+        -t rippled-rpm-builder:${container_label}
+        /bin/bash -c "cp -fpu rippled/Builds/containers/packaging/rpm/build_rpm.sh . && ./build_rpm.sh"
+      VERBATIM
+      USES_TERMINAL
+      COMMAND_EXPAND_LISTS
+      SOURCES
+        Builds/containers/packaging/rpm/rippled.spec
+    )
+    exclude_from_default (rpm)
+    if (NOT have_package_container)
+      add_dependencies(rpm rpm_container)
+    endif ()
+    #[===================================================================[
+        dpkg
+    #]===================================================================]
+    # currently use ubuntu 16.04 as a base b/c it has one of
+    # the lower versions of libc among ubuntu and debian releases.
+    # we could change this in the future and build with some other deb
+    # based system.
+    add_custom_target (dpkg_container
+      docker build
+        --pull
+        --build-arg DIST_TAG=16.04
+        --build-arg GIT_COMMIT=${commit_hash}
+        -t rippled-dpkg-builder:${container_label}
+        $<$<BOOL:${dpkg_cache_from}>:--cache-from=${dpkg_cache_from}>
+        -f ubuntu-builder/Dockerfile .
+      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
+      VERBATIM
+      USES_TERMINAL
+      COMMAND_EXPAND_LISTS
+      SOURCES
+        Builds/containers/ubuntu-builder/Dockerfile
+        Builds/containers/ubuntu-builder/ubuntu_setup.sh
+        Builds/containers/shared/build_deps.sh
+        Builds/containers/shared/rippled.service
+        Builds/containers/shared/update_sources.sh
+        Builds/containers/shared/update-rippled.sh
+        Builds/containers/packaging/dpkg/build_dpkg.sh
+        Builds/containers/packaging/dpkg/debian/README.Debian
+        Builds/containers/packaging/dpkg/debian/conffiles
+        Builds/containers/packaging/dpkg/debian/control
+        Builds/containers/packaging/dpkg/debian/copyright
+        Builds/containers/packaging/dpkg/debian/dirs
+        Builds/containers/packaging/dpkg/debian/docs
+        Builds/containers/packaging/dpkg/debian/rippled-dev.install
+        Builds/containers/packaging/dpkg/debian/rippled.install
+        Builds/containers/packaging/dpkg/debian/rippled.links
+        Builds/containers/packaging/dpkg/debian/rippled.postinst
+        Builds/containers/packaging/dpkg/debian/rippled.postrm
+        Builds/containers/packaging/dpkg/debian/rippled.preinst
+        Builds/containers/packaging/dpkg/debian/rippled.prerm
+        Builds/containers/packaging/dpkg/debian/rules
+        bin/getRippledInfo
+    )
+    exclude_from_default (dpkg_container)
+    add_custom_target (dpkg
+      docker run
+        -e NIH_CACHE_ROOT=/opt/rippled_bld/pkg/.nih_c
+        -v ${NIH_CACHE_ROOT}/pkgbuild:/opt/rippled_bld/pkg/.nih_c
+        -v ${CMAKE_CURRENT_SOURCE_DIR}:/opt/rippled_bld/pkg/rippled
+        -v ${CMAKE_CURRENT_BINARY_DIR}/packages:/opt/rippled_bld/pkg/out
+        "$<$<BOOL:${map_user}>:--volume=/etc/passwd:/etc/passwd;--volume=/etc/group:/etc/group;--user=${DOCKER_USER_ID}:${DOCKER_GROUP_ID}>"
+        -t rippled-dpkg-builder:${container_label}
+        /bin/bash -c "cp -fpu rippled/Builds/containers/packaging/dpkg/build_dpkg.sh . && ./build_dpkg.sh"
+      VERBATIM
+      USES_TERMINAL
+      COMMAND_EXPAND_LISTS
+      SOURCES
+        Builds/containers/packaging/dpkg/debian/control
+    )
+    exclude_from_default (dpkg)
+    if (NOT have_package_container)
+      add_dependencies(dpkg dpkg_container)
+    endif ()
+    #[===================================================================[
+        ci container
+    #]===================================================================]
+    # now use the same ubuntu image for our travis-ci docker images,
+    # but we use a newer distro (18.04 vs 16.04).
+    #
+    # the following steps assume the github pkg repo, but it's possible to
+    # adapt these for other docker hub repositories.
+    #
+    # steps for publishing a new CI image when you make changes:
+    #
+    #   mkdir bld.ci && cd bld.ci && cmake -Dpackages_only=ON -Dcontainer_label=CI_LATEST
+    #   cmake --build . --target ci_container --verbose
+    #   docker tag rippled-ci-builder:CI_LATEST <HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD
+    #      (NOTE: change YYYY-MM-DD to match current date, or use a different
+    #             tag/version scheme if you prefer)
+    #   docker push <HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD
+    #      (NOTE: <HUB REPO PATH> is probably your user or org name if using
+    #             docker hub, or it might be something like
+    #             docker.pkg.github.com/ripple/rippled if using the github pkg
+    #             registry. for any registry, you will need to be logged-in via
+    #             docker and have push access.)
+    #
+    # ...then change the DOCKER_IMAGE line in .travis.yml :
+    #     - DOCKER_IMAGE="<HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD"
+    add_custom_target (ci_container
+      docker build
+        --pull
+        --build-arg DIST_TAG=18.04
+        --build-arg GIT_COMMIT=${commit_hash}
+        --build-arg CI_USE=true
+        -t rippled-ci-builder:${container_label}
+        $<$<BOOL:${ci_cache_from}>:--cache-from=${ci_cache_from}>
+        -f ubuntu-builder/Dockerfile .
+      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
+      VERBATIM
+      USES_TERMINAL
+      COMMAND_EXPAND_LISTS
+      SOURCES
+        Builds/containers/ubuntu-builder/Dockerfile
+        Builds/containers/ubuntu-builder/ubuntu_setup.sh
+        Builds/containers/shared/build_deps.sh
+    )
+    exclude_from_default (ci_container)
+  else ()
+    message (STATUS "docker NOT found -- won't be able to build containers for packaging")
+  endif ()
+endif ()
+

Builds/CMake/RippledSanity.cmake

@@ -0,0 +1,88 @@
+#[===================================================================[
+   convenience variables and sanity checks
+#]===================================================================]
+
+if (NOT ep_procs)
+  ProcessorCount(ep_procs)
+  if (ep_procs GREATER 1)
+    # never use more than half of cores for EP builds
+    math (EXPR ep_procs "${ep_procs} / 2")
+    message (STATUS "Using ${ep_procs} cores for ExternalProject builds.")
+  endif ()
+endif ()
+get_property (is_multiconfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG)
+if (is_multiconfig STREQUAL "NOTFOUND")
+  if (${CMAKE_GENERATOR} STREQUAL "Xcode" OR ${CMAKE_GENERATOR} MATCHES "^Visual Studio")
+    set (is_multiconfig TRUE)
+  endif ()
+endif ()
+
+set (CMAKE_CONFIGURATION_TYPES "Debug;Release" CACHE STRING "" FORCE)
+if (NOT is_multiconfig)
+  if (NOT CMAKE_BUILD_TYPE)
+    message (STATUS "Build type not specified - defaulting to Release")
+    set (CMAKE_BUILD_TYPE Release CACHE STRING "build type" FORCE)
+  elseif (NOT (CMAKE_BUILD_TYPE STREQUAL Debug OR CMAKE_BUILD_TYPE STREQUAL Release))
+    # for simplicity, these are the only two config types we care about. Limiting
+    # the build types simplifies dealing with external project builds especially
+    message (FATAL_ERROR " *** Only Debug or Release build types are currently supported ***")
+  endif ()
+endif ()
+
+get_directory_property(has_parent PARENT_DIRECTORY)
+if (has_parent)
+  set (is_root_project OFF)
+else ()
+  set (is_root_project ON)
+endif ()
+
+if ("${CMAKE_CXX_COMPILER_ID}" MATCHES ".*Clang") # both Clang and AppleClang
+  set (is_clang TRUE)
+  if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang" AND
+         CMAKE_CXX_COMPILER_VERSION VERSION_LESS 7.0)
+    message (FATAL_ERROR "This project requires clang 7 or later")
+  endif ()
+  # TODO min AppleClang version check ?
+elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
+  set (is_gcc TRUE)
+  if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 7.0)
+    message (FATAL_ERROR "This project requires GCC 7 or later")
+  endif ()
+endif ()
+if (CMAKE_GENERATOR STREQUAL "Xcode")
+  set (is_xcode TRUE)
+endif ()
+
+if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  set (is_linux TRUE)
+else ()
+  set (is_linux FALSE)
+endif ()
+
+if ("$ENV{CI}" STREQUAL "true" OR "$ENV{CONTINUOUS_INTEGRATION}" STREQUAL "true")
+  set (is_ci TRUE)
+else ()
+  set (is_ci FALSE)
+endif ()
+
+# check for in-source build and fail
+if ("${CMAKE_CURRENT_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
+  message (FATAL_ERROR "Builds (in-source) are not allowed in "
+    "${CMAKE_CURRENT_SOURCE_DIR}. Please remove CMakeCache.txt and the CMakeFiles "
+    "directory from ${CMAKE_CURRENT_SOURCE_DIR} and try building in a separate directory.")
+endif ()
+
+if ("${CMAKE_GENERATOR}" MATCHES "Visual Studio" AND
+    NOT ("${CMAKE_GENERATOR}" MATCHES .*Win64.*))
+  message (FATAL_ERROR
+    "Visual Studio 32-bit build is not supported. Use -G\"${CMAKE_GENERATOR} Win64\"")
+endif ()
+
+if (NOT CMAKE_SIZEOF_VOID_P EQUAL 8)
+  message (FATAL_ERROR "Rippled requires a 64 bit target architecture.\n"
+    "The most likely cause of this warning is trying to build rippled with a 32-bit OS.")
+endif ()
+
+if (APPLE AND NOT HOMEBREW)
+  find_program (HOMEBREW brew)
+endif ()

Builds/CMake/RippledSettings.cmake

@@ -0,0 +1,127 @@
+#[===================================================================[
+   declare user options/settings
+#]===================================================================]
+
+option (assert "Enables asserts, even in release builds" OFF)
+
+option (reporting "Build rippled with reporting mode enabled" OFF)
+
+option (tests "Build tests" ON)
+
+option (unity "Creates a build using UNITY support in cmake. This is the default" ON)
+if (unity)
+  if (CMAKE_VERSION VERSION_LESS 3.16)
+    message (WARNING "unity option only supported for with cmake 3.16+ (please upgrade)")
+    set (unity OFF CACHE BOOL "unity only available for cmake 3.16+" FORCE)
+  else ()
+    if (NOT is_ci)
+      set (CMAKE_UNITY_BUILD_BATCH_SIZE 15 CACHE STRING "")
+    endif ()
+  endif ()
+endif ()
+if (is_gcc OR is_clang)
+  option (coverage "Generates coverage info." OFF)
+  option (profile "Add profiling flags" OFF)
+  set (coverage_test "" CACHE STRING
+    "On gcc & clang, the specific unit test(s) to run for coverage. Default is all tests.")
+  if (coverage_test AND NOT coverage)
+    set (coverage ON CACHE BOOL "gcc/clang only" FORCE)
+  endif ()
+  option (coverage_core_only
+    "Include only src/ripple files when generating coverage report. \
+    Set to OFF to include all sources in coverage report."
+    ON)
+  option (wextra "compile with extra gcc/clang warnings enabled" ON)
+else ()
+  set (profile OFF CACHE BOOL "gcc/clang only" FORCE)
+  set (coverage OFF CACHE BOOL "gcc/clang only" FORCE)
+  set (wextra OFF CACHE BOOL "gcc/clang only" FORCE)
+endif ()
+if (is_linux)
+  option (BUILD_SHARED_LIBS "build shared ripple libraries" OFF)
+  option (static "link protobuf, openssl, libc++, and boost statically" ON)
+  option (perf "Enables flags that assist with perf recording" OFF)
+  option (use_gold "enables detection of gold (binutils) linker" ON)
+else ()
+  # we are not ready to allow shared-libs on windows because it would require
+  # export declarations. On macos it's more feasible, but static openssl
+  # produces odd linker errors, thus we disable shared lib builds for now.
+  set (BUILD_SHARED_LIBS OFF CACHE BOOL "build shared ripple libraries - OFF for win/macos" FORCE)
+  set (static ON CACHE BOOL "static link, linux only. ON for WIN/macos" FORCE)
+  set (perf OFF CACHE BOOL "perf flags, linux only" FORCE)
+  set (use_gold OFF CACHE BOOL "gold linker, linux only" FORCE)
+endif ()
+if (is_clang)
+  option (use_lld "enables detection of lld linker" ON)
+else ()
+  set (use_lld OFF CACHE BOOL "try lld linker, clang only" FORCE)
+endif ()
+option (jemalloc "Enables jemalloc for heap profiling" OFF)
+option (werr "treat warnings as errors" OFF)
+option (local_protobuf
+  "Force a local build of protobuf instead of looking for an installed version." OFF)
+option (local_grpc
+  "Force a local build of gRPC instead of looking for an installed version." OFF)
+
+# this one is a string and therefore can't be an option
+set (san "" CACHE STRING "On gcc & clang, add sanitizer instrumentation")
+set_property (CACHE san PROPERTY STRINGS ";undefined;memory;address;thread")
+if (san)
+  string (TOLOWER ${san} san)
+  set (SAN_FLAG "-fsanitize=${san}")
+  set (SAN_LIB "")
+  if (is_gcc)
+    if (san STREQUAL "address")
+      set (SAN_LIB "asan")
+    elseif (san STREQUAL "thread")
+      set (SAN_LIB "tsan")
+    elseif (san STREQUAL "memory")
+      set (SAN_LIB "msan")
+    elseif (san STREQUAL "undefined")
+      set (SAN_LIB "ubsan")
+    endif ()
+  endif ()
+  set (_saved_CRL ${CMAKE_REQUIRED_LIBRARIES})
+  set (CMAKE_REQUIRED_LIBRARIES "${SAN_FLAG};${SAN_LIB}")
+  check_cxx_compiler_flag (${SAN_FLAG} COMPILER_SUPPORTS_SAN)
+  set (CMAKE_REQUIRED_LIBRARIES ${_saved_CRL})
+  if (NOT COMPILER_SUPPORTS_SAN)
+    message (FATAL_ERROR "${san} sanitizer does not seem to be supported by your compiler")
+  endif ()
+endif ()
+set (container_label "" CACHE STRING "tag to use for package building containers")
+option (packages_only
+  "ONLY generate package building targets. This is special use-case and almost \
+   certainly not what you want. Use with caution as you won't be able to build \
+   any compiled targets locally." OFF)
+option (have_package_container
+  "Sometimes you already have the tagged container you want to use for package \
+   building and you don't want docker to rebuild it. This flag will detach the \
+   dependency of the package build from the container build. It's an advanced \
+   use case and most likely you should not be touching this flag." OFF)
+
+# the remaining options are obscure and rarely used
+option (beast_no_unit_test_inline
+  "Prevents unit test definitions from being inserted into global table"
+  OFF)
+option (single_io_service_thread
+  "Restricts the number of threads calling io_service::run to one. \
+  This can be useful when debugging."
+  OFF)
+option (boost_show_deprecated
+  "Allow boost to fail on deprecated usage. Only useful if you're trying\
+  to find deprecated calls."
+  OFF)
+option (beast_hashers
+  "Use local implementations for sha/ripemd hashes (experimental, not recommended)"
+  OFF)
+
+if (WIN32)
+  option (beast_disable_autolink "Disables autolinking of system libraries on WIN32" OFF)
+else ()
+  set (beast_disable_autolink OFF CACHE BOOL "WIN32 only" FORCE)
+endif ()
+if (coverage)
+  message (STATUS "coverage build requested - forcing Debug build")
+  set (CMAKE_BUILD_TYPE Debug CACHE STRING "build type" FORCE)
+endif ()

Builds/CMake/RippledValidatorKeys.cmake

@@ -0,0 +1,24 @@
+option (validator_keys "Enables building of validator-keys-tool as a separate target (imported via FetchContent)" OFF)
+
+if (validator_keys AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.11)
+  git_branch (current_branch)
+  # default to tracking VK develop branch unless we are on master/release
+  if (NOT (current_branch STREQUAL "master" OR current_branch STREQUAL "release"))
+    set (current_branch "develop")
+  endif ()
+  message (STATUS "tracking ValidatorKeys branch: ${current_branch}")
+
+  FetchContent_Declare (
+    validator_keys_src
+    GIT_REPOSITORY https://github.com/ripple/validator-keys-tool.git
+    GIT_TAG        "${current_branch}"
+  )
+  FetchContent_GetProperties (validator_keys_src)
+  if (NOT validator_keys_src_POPULATED)
+    message (STATUS "Pausing to download ValidatorKeys...")
+    FetchContent_Populate (validator_keys_src)
+  endif ()
+  add_subdirectory (${validator_keys_src_SOURCE_DIR} ${CMAKE_BINARY_DIR}/validator-keys)
+endif ()
+
+

Builds/CMake/RippledVersion.cmake

@@ -0,0 +1,15 @@
+#[===================================================================[
+   read version from source
+#]===================================================================]
+
+file (STRINGS src/ripple/protocol/impl/BuildInfo.cpp BUILD_INFO)
+foreach (line_ ${BUILD_INFO})
+  if (line_ MATCHES "versionString[ ]*=[ ]*\"(.+)\"")
+    set (rippled_version ${CMAKE_MATCH_1})
+  endif ()
+endforeach ()
+if (rippled_version)
+  message (STATUS "rippled version: ${rippled_version}")
+else ()
+  message (FATAL_ERROR "unable to determine rippled version")
+endif ()

Builds/CMake/deps/Boost.cmake

@@ -0,0 +1,96 @@
+#[===================================================================[
+   NIH dep: boost
+#]===================================================================]
+
+if((NOT DEFINED BOOST_ROOT) AND(DEFINED ENV{BOOST_ROOT}))
+  set(BOOST_ROOT $ENV{BOOST_ROOT})
+endif()
+file(TO_CMAKE_PATH "${BOOST_ROOT}" BOOST_ROOT)
+if(WIN32 OR CYGWIN)
+  # Workaround for MSVC having two boost versions - x86 and x64 on same PC in stage folders
+  if(DEFINED BOOST_ROOT)
+    if(IS_DIRECTORY ${BOOST_ROOT}/stage64/lib)
+      set(BOOST_LIBRARYDIR ${BOOST_ROOT}/stage64/lib)
+    elseif(IS_DIRECTORY ${BOOST_ROOT}/stage/lib)
+      set(BOOST_LIBRARYDIR ${BOOST_ROOT}/stage/lib)
+    elseif(IS_DIRECTORY ${BOOST_ROOT}/lib)
+      set(BOOST_LIBRARYDIR ${BOOST_ROOT}/lib)
+    else()
+      message(WARNING "Did not find expected boost library dir. "
+        "Defaulting to ${BOOST_ROOT}")
+      set(BOOST_LIBRARYDIR ${BOOST_ROOT})
+    endif()
+  endif()
+endif()
+message(STATUS "BOOST_ROOT: ${BOOST_ROOT}")
+message(STATUS "BOOST_LIBRARYDIR: ${BOOST_LIBRARYDIR}")
+
+# uncomment the following as needed to debug FindBoost issues:
+#set(Boost_DEBUG ON)
+
+#[=========================================================[
+   boost dynamic libraries don't trivially support @rpath
+   linking right now (cmake's default), so just force
+   static linking for macos, or if requested on linux by flag
+#]=========================================================]
+if(static)
+  set(Boost_USE_STATIC_LIBS ON)
+endif()
+set(Boost_USE_MULTITHREADED ON)
+if(static AND NOT APPLE)
+  set(Boost_USE_STATIC_RUNTIME ON)
+else()
+  set(Boost_USE_STATIC_RUNTIME OFF)
+endif()
+# TBD:
+# Boost_USE_DEBUG_RUNTIME:  When ON, uses Boost libraries linked against the
+find_package(Boost 1.70 REQUIRED
+  COMPONENTS
+    chrono
+    container
+    context
+    coroutine
+    date_time
+    filesystem
+    program_options
+    regex
+    system
+    thread)
+
+add_library(ripple_boost INTERFACE)
+add_library(Ripple::boost ALIAS ripple_boost)
+if(is_xcode)
+  target_include_directories(ripple_boost BEFORE INTERFACE ${Boost_INCLUDE_DIRS})
+  target_compile_options(ripple_boost INTERFACE --system-header-prefix="boost/")
+else()
+  target_include_directories(ripple_boost SYSTEM BEFORE INTERFACE ${Boost_INCLUDE_DIRS})
+endif()
+
+target_link_libraries(ripple_boost
+  INTERFACE
+    Boost::boost
+    Boost::chrono
+    Boost::container
+    Boost::coroutine
+    Boost::date_time
+    Boost::filesystem
+    Boost::program_options
+    Boost::regex
+    Boost::system
+    Boost::thread)
+if(Boost_COMPILER)
+  target_link_libraries(ripple_boost INTERFACE Boost::disable_autolinking)
+endif()
+if(san AND is_clang)
+  # TODO: gcc does not support -fsanitize-blacklist...can we do something else
+  # for gcc ?
+  if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)
+    get_target_property(Boost_INCLUDE_DIRS Boost::headers INTERFACE_INCLUDE_DIRECTORIES)
+  endif()
+  message(STATUS "Adding [${Boost_INCLUDE_DIRS}] to sanitizer blacklist")
+  file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt "src:${Boost_INCLUDE_DIRS}/*")
+  target_compile_options(opts
+    INTERFACE
+      # ignore boost headers for sanitizing
+      -fsanitize-blacklist=${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt)
+endif()

Builds/CMake/deps/Ed25519-donna.cmake

@@ -0,0 +1,28 @@
+#[===================================================================[
+   NIH dep: ed25519-donna
+#]===================================================================]
+
+add_library (ed25519-donna STATIC
+  src/ed25519-donna/ed25519.c)
+target_include_directories (ed25519-donna
+  PUBLIC
+    $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/src>
+    $<INSTALL_INTERFACE:include>
+  PRIVATE
+    ${CMAKE_CURRENT_SOURCE_DIR}/src/ed25519-donna)
+#[=========================================================[
+   NOTE for macos:
+   https://github.com/floodyberry/ed25519-donna/issues/29
+   our source for ed25519-donna-portable.h has been
+   patched to workaround this.
+#]=========================================================]
+target_link_libraries (ed25519-donna PUBLIC OpenSSL::SSL)
+add_library (NIH::ed25519-donna ALIAS ed25519-donna)
+target_link_libraries (ripple_libs INTERFACE NIH::ed25519-donna)
+#[===========================[
+   headers installation
+#]===========================]
+install (
+  FILES
+    src/ed25519-donna/ed25519.h
+  DESTINATION include/ed25519-donna)

Builds/CMake/deps/Findlibarchive_pc.cmake

@@ -0,0 +1,22 @@
+find_package (PkgConfig REQUIRED)
+pkg_search_module (libarchive_PC QUIET libarchive>=3.4.3)
+
+if(static)
+  set(LIBARCHIVE_LIB libarchive.a)
+else()
+  set(LIBARCHIVE_LIB archive)
+endif()
+
+find_library (archive
+  NAMES ${LIBARCHIVE_LIB}
+  HINTS
+    ${libarchive_PC_LIBDIR}
+    ${libarchive_PC_LIBRARY_DIRS}
+  NO_DEFAULT_PATH)
+
+find_path (LIBARCHIVE_INCLUDE_DIR
+  NAMES archive.h
+  HINTS
+    ${libarchive_PC_INCLUDEDIR}
+    ${libarchive_PC_INCLUDEDIRS}
+  NO_DEFAULT_PATH)

Builds/CMake/deps/Findlz4.cmake

@@ -0,0 +1,24 @@
+find_package (PkgConfig)
+if (PKG_CONFIG_FOUND)
+  pkg_search_module (lz4_PC QUIET liblz4>=1.9)
+endif ()
+
+if(static)
+  set(LZ4_LIB liblz4.a)
+else()
+  set(LZ4_LIB lz4.so)
+endif()
+
+find_library (lz4
+  NAMES ${LZ4_LIB}
+  HINTS
+    ${lz4_PC_LIBDIR}
+    ${lz4_PC_LIBRARY_DIRS}
+  NO_DEFAULT_PATH)
+
+find_path (LZ4_INCLUDE_DIR
+  NAMES lz4.h
+  HINTS
+    ${lz4_PC_INCLUDEDIR}
+    ${lz4_PC_INCLUDEDIRS}
+  NO_DEFAULT_PATH)

Builds/CMake/deps/Findsecp256k1.cmake

@@ -0,0 +1,24 @@
+find_package (PkgConfig)
+if (PKG_CONFIG_FOUND)
+  pkg_search_module (secp256k1_PC QUIET libsecp256k1)
+endif ()
+
+if(static)
+  set(SECP256K1_LIB libsecp256k1.a)
+else()
+  set(SECP256K1_LIB secp256k1)
+endif()
+
+find_library(secp256k1
+  NAMES ${SECP256K1_LIB}
+  HINTS
+    ${secp256k1_PC_LIBDIR}
+    ${secp256k1_PC_LIBRARY_PATHS}
+  NO_DEFAULT_PATH)
+
+find_path (SECP256K1_INCLUDE_DIR
+  NAMES secp256k1.h
+  HINTS
+    ${secp256k1_PC_INCLUDEDIR}
+    ${secp256k1_PC_INCLUDEDIRS}
+  NO_DEFAULT_PATH)

Builds/CMake/deps/Findsnappy.cmake

@@ -0,0 +1,24 @@
+find_package (PkgConfig)
+if (PKG_CONFIG_FOUND)
+  pkg_search_module (snappy_PC QUIET snappy>=1.1.7)
+endif ()
+
+if(static)
+  set(SNAPPY_LIB libsnappy.a)
+else()
+  set(SNAPPY_LIB libsnappy.so)
+endif()
+
+find_library (snappy
+  NAMES ${SNAPPY_LIB}
+  HINTS
+    ${snappy_PC_LIBDIR}
+    ${snappy_PC_LIBRARY_DIRS}
+  NO_DEFAULT_PATH)
+
+find_path (SNAPPY_INCLUDE_DIR
+  NAMES snappy.h
+  HINTS
+    ${snappy_PC_INCLUDEDIR}
+    ${snappy_PC_INCLUDEDIRS}
+  NO_DEFAULT_PATH)

Builds/CMake/deps/Findsoci.cmake

@@ -0,0 +1,17 @@
+find_package (PkgConfig)
+if (PKG_CONFIG_FOUND)
+  # TBD - currently no soci pkgconfig
+  #pkg_search_module (soci_PC QUIET libsoci_core>=3.2)
+endif ()
+
+if(static)
+  set(SOCI_LIB libsoci.a)
+else()
+  set(SOCI_LIB libsoci_core.so)
+endif()
+
+find_library (soci
+  NAMES ${SOCI_LIB})
+
+find_path (SOCI_INCLUDE_DIR
+  NAMES soci/soci.h)

Builds/CMake/deps/Findsqlite.cmake

@@ -0,0 +1,24 @@
+find_package (PkgConfig)
+if (PKG_CONFIG_FOUND)
+  pkg_search_module (sqlite_PC QUIET sqlite3>=3.26.0)
+endif ()
+
+if(static)
+  set(SQLITE_LIB libsqlite3.a)
+else()
+  set(SQLITE_LIB sqlite3.so)
+endif()
+
+find_library (sqlite3
+  NAMES ${SQLITE_LIB}
+  HINTS
+    ${sqlite_PC_LIBDIR}
+    ${sqlite_PC_LIBRARY_DIRS}
+  NO_DEFAULT_PATH)
+
+find_path (SQLITE_INCLUDE_DIR
+  NAMES sqlite3.h
+  HINTS
+    ${sqlite_PC_INCLUDEDIR}
+    ${sqlite_PC_INCLUDEDIRS}
+  NO_DEFAULT_PATH)

Builds/CMake/deps/Libarchive.cmake

@@ -0,0 +1,163 @@
+#[===================================================================[
+   NIH dep: libarchive
+#]===================================================================]
+
+option (local_libarchive "use local build of libarchive." OFF)
+add_library (archive_lib UNKNOWN IMPORTED GLOBAL)
+
+if (NOT local_libarchive)
+  if (NOT WIN32)
+    find_package(libarchive_pc REQUIRED)
+  endif ()
+  if (archive)
+    message (STATUS "Found libarchive using pkg-config. Using ${archive}.")
+    set_target_properties (archive_lib PROPERTIES
+      IMPORTED_LOCATION_DEBUG
+        ${archive}
+      IMPORTED_LOCATION_RELEASE
+        ${archive}
+      INTERFACE_INCLUDE_DIRECTORIES
+        ${LIBARCHIVE_INCLUDE_DIR})
+      # pkg-config can return extra info for static lib linking
+      # this is probably needed/useful generally, but apply
+      # to APPLE for now (mostly for homebrew)
+      if (APPLE AND static AND libarchive_PC_STATIC_LIBRARIES)
+        message(STATUS "NOTE: libarchive static libs: ${libarchive_PC_STATIC_LIBRARIES}")
+        # also, APPLE seems to need iconv...maybe linux does too (TBD)
+        target_link_libraries (archive_lib
+          INTERFACE iconv ${libarchive_PC_STATIC_LIBRARIES})
+      endif ()
+  else ()
+    ## now try searching using the minimal find module that cmake provides
+    find_package(LibArchive 3.4.3 QUIET)
+    if (LibArchive_FOUND)
+      if (static)
+        # find module doesn't find static libs currently, so we re-search
+        get_filename_component(_loc ${LibArchive_LIBRARY} DIRECTORY)
+        find_library(_la_static
+          NAMES libarchive.a archive_static.lib archive.lib
+          PATHS ${_loc})
+        if (_la_static)
+          set (_la_lib ${_la_static})
+        else ()
+          message (WARNING "unable to find libarchive static lib - switching to local build")
+          set (local_libarchive ON CACHE BOOL "" FORCE)
+        endif ()
+      else ()
+        set (_la_lib ${LibArchive_LIBRARY})
+      endif ()
+      if (NOT local_libarchive)
+        message (STATUS "Found libarchive using module/config. Using ${_la_lib}.")
+        set_target_properties (archive_lib PROPERTIES
+          IMPORTED_LOCATION_DEBUG
+            ${_la_lib}
+          IMPORTED_LOCATION_RELEASE
+            ${_la_lib}
+          INTERFACE_INCLUDE_DIRECTORIES
+            ${LibArchive_INCLUDE_DIRS})
+      endif ()
+    else ()
+      set (local_libarchive ON CACHE BOOL "" FORCE)
+    endif ()
+  endif ()
+endif()
+
+if (local_libarchive)
+  set (lib_post "")
+  if (MSVC)
+    set (lib_post "_static")
+  endif ()
+  ExternalProject_Add (libarchive
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/libarchive/libarchive.git
+    GIT_TAG v3.4.3
+    CMAKE_ARGS
+      # passing the compiler seems to be needed for windows CI, sadly
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      -DENABLE_LZ4=ON
+      -ULZ4_*
+      -DLZ4_INCLUDE_DIR=$<JOIN:$<TARGET_PROPERTY:lz4_lib,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      # because we are building a static lib, this lz4 library doesn't
+      # actually matter since you can't generally link static libs to other static
+      # libs. The include files are needed, but the library itself is not (until
+      # we link our application, at which point we use the lz4 we built above).
+      # nonetheless, we need to provide a library to libarchive else it will
+      # NOT include lz4 support when configuring
+      -DLZ4_LIBRARY=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:lz4_lib,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:lz4_lib,IMPORTED_LOCATION_RELEASE>>
+      -DENABLE_WERROR=OFF
+      -DENABLE_TAR=OFF
+      -DENABLE_TAR_SHARED=OFF
+      -DENABLE_INSTALL=ON
+      -DENABLE_NETTLE=OFF
+      -DENABLE_OPENSSL=OFF
+      -DENABLE_LZO=OFF
+      -DENABLE_LZMA=OFF
+      -DENABLE_ZLIB=OFF
+      -DENABLE_BZip2=OFF
+      -DENABLE_LIBXML2=OFF
+      -DENABLE_EXPAT=OFF
+      -DENABLE_PCREPOSIX=OFF
+      -DENABLE_LibGCC=OFF
+      -DENABLE_CNG=OFF
+      -DENABLE_CPIO=OFF
+      -DENABLE_CPIO_SHARED=OFF
+      -DENABLE_CAT=OFF
+      -DENABLE_CAT_SHARED=OFF
+      -DENABLE_XATTR=OFF
+      -DENABLE_ACL=OFF
+      -DENABLE_ICONV=OFF
+      -DENABLE_TEST=OFF
+      -DENABLE_COVERAGE=OFF
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+        "-DCMAKE_C_FLAGS_DEBUG=-MTd"
+        "-DCMAKE_C_FLAGS_RELEASE=-MT"
+      >
+    LIST_SEPARATOR ::
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      --target archive_static
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+            <BINARY_DIR>/libarchive/$<CONFIG>/${ep_lib_prefix}archive${lib_post}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>/libarchive
+        >
+    TEST_COMMAND ""
+    INSTALL_COMMAND ""
+    DEPENDS lz4_lib
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/libarchive/${ep_lib_prefix}archive${lib_post}${ep_lib_suffix}
+      <BINARY_DIR>/libarchive/${ep_lib_prefix}archive${lib_post}_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (libarchive BINARY_DIR)
+  ExternalProject_Get_Property (libarchive SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (libarchive)
+  endif ()
+  file (MAKE_DIRECTORY ${SOURCE_DIR}/libarchive)
+  set_target_properties (archive_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/libarchive/${ep_lib_prefix}archive${lib_post}_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/libarchive/${ep_lib_prefix}archive${lib_post}${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SOURCE_DIR}/libarchive
+    INTERFACE_COMPILE_DEFINITIONS
+      LIBARCHIVE_STATIC)
+endif()
+
+add_dependencies (archive_lib libarchive)
+target_link_libraries (archive_lib INTERFACE lz4_lib)
+target_link_libraries (ripple_libs INTERFACE archive_lib)
+exclude_if_included (libarchive)
+exclude_if_included (archive_lib)

Builds/CMake/deps/Lz4.cmake

@@ -0,0 +1,79 @@
+#[===================================================================[
+   NIH dep: lz4
+#]===================================================================]
+
+add_library (lz4_lib STATIC IMPORTED GLOBAL)
+
+if (NOT WIN32)
+  find_package(lz4)
+endif()
+
+if(lz4)
+  set_target_properties (lz4_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${lz4}
+    IMPORTED_LOCATION_RELEASE
+      ${lz4}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${LZ4_INCLUDE_DIR})
+
+else()
+  ExternalProject_Add (lz4
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/lz4/lz4.git
+    GIT_TAG v1.9.2
+    SOURCE_SUBDIR contrib/cmake_unofficial
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      -DBUILD_STATIC_LIBS=ON
+      -DBUILD_SHARED_LIBS=OFF
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+        "-DCMAKE_C_FLAGS_DEBUG=-MTd"
+        "-DCMAKE_C_FLAGS_RELEASE=-MT"
+      >
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      --target lz4_static
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+          <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}lz4$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>
+        >
+    TEST_COMMAND ""
+    INSTALL_COMMAND ""
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/${ep_lib_prefix}lz4${ep_lib_suffix}
+      <BINARY_DIR>/${ep_lib_prefix}lz4_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (lz4 BINARY_DIR)
+  ExternalProject_Get_Property (lz4 SOURCE_DIR)
+
+  file (MAKE_DIRECTORY ${SOURCE_DIR}/lz4)
+  set_target_properties (lz4_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/${ep_lib_prefix}lz4_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/${ep_lib_prefix}lz4${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SOURCE_DIR}/lib)
+
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (lz4)
+  endif ()
+  add_dependencies (lz4_lib lz4)
+  target_link_libraries (ripple_libs INTERFACE lz4_lib)
+  exclude_if_included (lz4)
+endif()
+
+exclude_if_included (lz4_lib)

Builds/CMake/deps/Nudb.cmake

@@ -0,0 +1,47 @@
+#[===================================================================[
+   NIH dep: nudb
+
+   NuDB is header-only, thus is an INTERFACE lib in CMake.
+   TODO: move the library definition into NuDB repo and add
+   proper targets and export/install
+#]===================================================================]
+
+if (is_root_project) # NuDB not needed in the case of xrpl_core inclusion build
+  add_library (nudb INTERFACE)
+  if (CMAKE_VERSION VERSION_GREATER_EQUAL 3.11)
+    FetchContent_Declare(
+      nudb_src
+      GIT_REPOSITORY https://github.com/CPPAlliance/NuDB.git
+      GIT_TAG        2.0.5
+    )
+    FetchContent_GetProperties(nudb_src)
+    if(NOT nudb_src_POPULATED)
+      message (STATUS "Pausing to download NuDB...")
+      FetchContent_Populate(nudb_src)
+    endif()
+  else ()
+    ExternalProject_Add (nudb_src
+      PREFIX ${nih_cache_path}
+      GIT_REPOSITORY https://github.com/CPPAlliance/NuDB.git
+      GIT_TAG 2.0.5
+      CONFIGURE_COMMAND ""
+      BUILD_COMMAND ""
+      TEST_COMMAND ""
+      INSTALL_COMMAND ""
+    )
+    ExternalProject_Get_Property (nudb_src SOURCE_DIR)
+    set (nudb_src_SOURCE_DIR "${SOURCE_DIR}")
+    file (MAKE_DIRECTORY ${nudb_src_SOURCE_DIR}/include)
+    add_dependencies (nudb nudb_src)
+  endif ()
+
+  file(TO_CMAKE_PATH "${nudb_src_SOURCE_DIR}" nudb_src_SOURCE_DIR)
+# specify as system includes so as to avoid warnings
+  target_include_directories (nudb SYSTEM INTERFACE ${nudb_src_SOURCE_DIR}/include)
+  target_link_libraries (nudb
+    INTERFACE
+      Boost::thread
+      Boost::system)
+  add_library (NIH::nudb ALIAS nudb)
+  target_link_libraries (ripple_libs INTERFACE NIH::nudb)
+endif ()

Builds/CMake/deps/OpenSSL.cmake

@@ -0,0 +1,48 @@
+#[===================================================================[
+   NIH dep: openssl
+#]===================================================================]
+
+#[===============================================[
+  OPENSSL_ROOT_DIR is the only variable that
+  FindOpenSSL honors for locating, so convert any
+  OPENSSL_ROOT vars to this
+#]===============================================]
+if (NOT DEFINED OPENSSL_ROOT_DIR)
+  if (DEFINED ENV{OPENSSL_ROOT})
+    set (OPENSSL_ROOT_DIR $ENV{OPENSSL_ROOT})
+  elseif (HOMEBREW)
+    execute_process (COMMAND ${HOMEBREW} --prefix openssl
+      OUTPUT_VARIABLE OPENSSL_ROOT_DIR
+      OUTPUT_STRIP_TRAILING_WHITESPACE)
+  endif ()
+  file (TO_CMAKE_PATH "${OPENSSL_ROOT_DIR}" OPENSSL_ROOT_DIR)
+endif ()
+
+if (static)
+  set (OPENSSL_USE_STATIC_LIBS ON)
+endif ()
+set (OPENSSL_MSVC_STATIC_RT ON)
+find_package (OpenSSL 1.1.1 REQUIRED)
+target_link_libraries (ripple_libs
+  INTERFACE
+    OpenSSL::SSL
+    OpenSSL::Crypto)
+# disable SSLv2...this can also be done when building/configuring OpenSSL
+set_target_properties(OpenSSL::SSL PROPERTIES
+    INTERFACE_COMPILE_DEFINITIONS OPENSSL_NO_SSL2)
+#[=========================================================[
+   https://gitlab.kitware.com/cmake/cmake/issues/16885
+   depending on how openssl is built, it might depend
+   on zlib. In fact, the openssl find package should
+   figure this out for us, but it does not currently...
+   so let's add zlib ourselves to the lib list
+   TODO: investigate linking to static zlib for static
+   build option
+#]=========================================================]
+find_package (ZLIB)
+set (has_zlib FALSE)
+if (TARGET ZLIB::ZLIB)
+  set_target_properties(OpenSSL::Crypto PROPERTIES
+    INTERFACE_LINK_LIBRARIES ZLIB::ZLIB)
+  set (has_zlib TRUE)
+endif ()

Builds/CMake/deps/Postgres.cmake

@@ -0,0 +1,70 @@
+if(reporting)
+    find_package(PostgreSQL)
+    if(NOT PostgreSQL_FOUND)
+        message("find_package did not find postgres")
+        find_library(postgres NAMES pq libpq libpq-dev pq-dev postgresql-devel)
+        find_path(libpq-fe NAMES libpq-fe.h PATH_SUFFIXES postgresql pgsql include)
+
+        if(NOT libpq-fe_FOUND OR NOT postgres_FOUND)
+            message("No system installed Postgres found. Will build")
+            add_library(postgres SHARED IMPORTED GLOBAL)
+            add_library(pgport SHARED IMPORTED GLOBAL)
+            add_library(pgcommon SHARED IMPORTED GLOBAL)
+            ExternalProject_Add(postgres_src
+                PREFIX ${nih_cache_path}
+                GIT_REPOSITORY https://github.com/postgres/postgres.git
+                GIT_TAG master
+                CONFIGURE_COMMAND ./configure --without-readline > /dev/null
+                BUILD_COMMAND ${CMAKE_COMMAND} -E env --unset=MAKELEVEL make
+                UPDATE_COMMAND ""
+                BUILD_IN_SOURCE 1
+                INSTALL_COMMAND ""
+                BUILD_BYPRODUCTS
+                    <BINARY_DIR>/src/interfaces/libpq/${ep_lib_prefix}pq.a
+                    <BINARY_DIR>/src/common/${ep_lib_prefix}pgcommon.a
+                    <BINARY_DIR>/src/port/${ep_lib_prefix}pgport.a
+                LOG_BUILD TRUE
+                )
+            ExternalProject_Get_Property (postgres_src SOURCE_DIR)
+            ExternalProject_Get_Property (postgres_src BINARY_DIR)
+
+            set (postgres_src_SOURCE_DIR "${SOURCE_DIR}")
+            file (MAKE_DIRECTORY ${postgres_src_SOURCE_DIR})
+            list(APPEND INCLUDE_DIRS
+                ${SOURCE_DIR}/src/include
+                ${SOURCE_DIR}/src/interfaces/libpq
+                )
+            set_target_properties(postgres PROPERTIES
+                IMPORTED_LOCATION
+                    ${BINARY_DIR}/src/interfaces/libpq/${ep_lib_prefix}pq.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                    "${INCLUDE_DIRS}"
+                )
+            set_target_properties(pgcommon PROPERTIES
+                IMPORTED_LOCATION
+                    ${BINARY_DIR}/src/common/${ep_lib_prefix}pgcommon.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                    "${INCLUDE_DIRS}"
+                )
+            set_target_properties(pgport PROPERTIES
+                IMPORTED_LOCATION
+                    ${BINARY_DIR}/src/port/${ep_lib_prefix}pgport.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                    "${INCLUDE_DIRS}"
+                )
+            add_dependencies(postgres postgres_src)
+            add_dependencies(pgcommon postgres_src)
+            add_dependencies(pgport postgres_src)
+            file(TO_CMAKE_PATH "${postgres_src_SOURCE_DIR}" postgres_src_SOURCE_DIR)
+            target_link_libraries(ripple_libs INTERFACE postgres pgcommon pgport)
+        else()
+            message("Found system installed Postgres via find_libary")
+            target_include_directories(ripple_libs INTERFACE ${libpq-fe})
+            target_link_libraries(ripple_libs INTERFACE ${postgres})
+        endif()
+    else()
+        message("Found system installed Postgres via find_package")
+        target_include_directories(ripple_libs INTERFACE ${PostgreSQL_INCLUDE_DIRS})
+        target_link_libraries(ripple_libs INTERFACE ${PostgreSQL_LIBRARIES})
+    endif()
+endif()

Builds/CMake/deps/Protobuf.cmake

@@ -0,0 +1,155 @@
+#[===================================================================[
+   import protobuf (lib and compiler) and create a lib
+   from our proto message definitions. If the system protobuf
+   is not found, fallback on EP to download and build a version
+   from official source.
+#]===================================================================]
+
+if (static)
+  set (Protobuf_USE_STATIC_LIBS ON)
+endif ()
+find_package (Protobuf 3.8)
+if (is_multiconfig)
+    set(protobuf_protoc_lib ${Protobuf_PROTOC_LIBRARIES})
+else ()
+    string(TOUPPER ${CMAKE_BUILD_TYPE} upper_cmake_build_type)
+    set(protobuf_protoc_lib ${Protobuf_PROTOC_LIBRARY_${upper_cmake_build_type}})
+endif ()
+if (local_protobuf OR NOT (Protobuf_FOUND AND Protobuf_PROTOC_EXECUTABLE AND protobuf_protoc_lib))
+  include (GNUInstallDirs)
+  message (STATUS "using local protobuf build.")
+  set(protobuf_reqs Protobuf_PROTOC_EXECUTABLE protobuf_protoc_lib)
+  foreach(lib ${protobuf_reqs})
+    if(NOT ${lib})
+      message(STATUS "Couldn't find ${lib}")
+    endif()
+  endforeach()
+  if (WIN32)
+    # protobuf prepends lib even on windows
+    set (pbuf_lib_pre "lib")
+  else ()
+    set (pbuf_lib_pre ${ep_lib_prefix})
+  endif ()
+  # for the external project build of protobuf, we currently ignore the
+  # static option and always build static libs here. This is consistent
+  # with our other EP builds. Dynamic libs in an EP would add complexity
+  # because we'd need to get them into the runtime path, and probably
+  # install them.
+  ExternalProject_Add (protobuf_src
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/protocolbuffers/protobuf.git
+    GIT_TAG v3.8.0
+    SOURCE_SUBDIR cmake
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      -DCMAKE_INSTALL_PREFIX=<BINARY_DIR>/_installed_
+      -Dprotobuf_BUILD_TESTS=OFF
+      -Dprotobuf_BUILD_EXAMPLES=OFF
+      -Dprotobuf_BUILD_PROTOC_BINARIES=ON
+      -Dprotobuf_MSVC_STATIC_RUNTIME=ON
+      -DBUILD_SHARED_LIBS=OFF
+      -Dprotobuf_BUILD_SHARED_LIBS=OFF
+      -DCMAKE_DEBUG_POSTFIX=_d
+      -Dprotobuf_DEBUG_POSTFIX=_d
+      -Dprotobuf_WITH_ZLIB=$<IF:$<BOOL:${has_zlib}>,ON,OFF>
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      $<$<BOOL:${unity}>:-DCMAKE_UNITY_BUILD=ON}>
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      $<$<BOOL:${MSVC}>:
+	"-DCMAKE_CXX_FLAGS=-GR -Gd -fp:precise -FS -EHa -MP"
+      >
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+    TEST_COMMAND ""
+    INSTALL_COMMAND
+      ${CMAKE_COMMAND} -E env --unset=DESTDIR ${CMAKE_COMMAND} --build . --config $<CONFIG> --target install
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protobuf${ep_lib_suffix}
+      <BINARY_DIR>/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protobuf_d${ep_lib_suffix}
+      <BINARY_DIR>/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protoc${ep_lib_suffix}
+      <BINARY_DIR>/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protoc_d${ep_lib_suffix}
+      <BINARY_DIR>/_installed_/bin/protoc${CMAKE_EXECUTABLE_SUFFIX}
+  )
+  ExternalProject_Get_Property (protobuf_src BINARY_DIR)
+  ExternalProject_Get_Property (protobuf_src SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (protobuf_src)
+  endif ()
+  exclude_if_included (protobuf_src)
+
+  if (NOT TARGET protobuf::libprotobuf)
+    add_library (protobuf::libprotobuf STATIC IMPORTED GLOBAL)
+  endif ()
+  file (MAKE_DIRECTORY ${BINARY_DIR}/_installed_/include)
+  set_target_properties (protobuf::libprotobuf PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protobuf_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protobuf${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${BINARY_DIR}/_installed_/include)
+  add_dependencies (protobuf::libprotobuf protobuf_src)
+  exclude_if_included (protobuf::libprotobuf)
+
+  if (NOT TARGET protobuf::libprotoc)
+    add_library (protobuf::libprotoc STATIC IMPORTED GLOBAL)
+  endif ()
+  set_target_properties (protobuf::libprotoc PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protoc_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/_installed_/${CMAKE_INSTALL_LIBDIR}/${pbuf_lib_pre}protoc${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${BINARY_DIR}/_installed_/include)
+  add_dependencies (protobuf::libprotoc protobuf_src)
+  exclude_if_included (protobuf::libprotoc)
+
+  if (NOT TARGET protobuf::protoc)
+    add_executable (protobuf::protoc IMPORTED)
+    exclude_if_included (protobuf::protoc)
+  endif ()
+  set_target_properties (protobuf::protoc PROPERTIES
+    IMPORTED_LOCATION "${BINARY_DIR}/_installed_/bin/protoc${CMAKE_EXECUTABLE_SUFFIX}")
+  add_dependencies (protobuf::protoc protobuf_src)
+else ()
+  if (NOT TARGET protobuf::protoc)
+    if (EXISTS "${Protobuf_PROTOC_EXECUTABLE}")
+      add_executable (protobuf::protoc IMPORTED)
+      set_target_properties (protobuf::protoc PROPERTIES
+        IMPORTED_LOCATION "${Protobuf_PROTOC_EXECUTABLE}")
+    else ()
+      message (FATAL_ERROR "Protobuf import failed")
+    endif ()
+  endif ()
+endif ()
+
+file (MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/proto_gen)
+set (save_CBD ${CMAKE_CURRENT_BINARY_DIR})
+set (CMAKE_CURRENT_BINARY_DIR ${CMAKE_BINARY_DIR}/proto_gen)
+protobuf_generate_cpp (
+  PROTO_SRCS
+  PROTO_HDRS
+  src/ripple/proto/ripple.proto)
+set (CMAKE_CURRENT_BINARY_DIR ${save_CBD})
+
+add_library (pbufs STATIC ${PROTO_SRCS} ${PROTO_HDRS})
+
+target_include_directories (pbufs PRIVATE src)
+target_include_directories (pbufs
+  SYSTEM PUBLIC ${CMAKE_BINARY_DIR}/proto_gen)
+target_link_libraries (pbufs protobuf::libprotobuf)
+target_compile_options (pbufs
+  PUBLIC
+    $<$<BOOL:${is_xcode}>:
+      --system-header-prefix="google/protobuf"
+      -Wno-deprecated-dynamic-exception-spec
+    >)
+add_library (Ripple::pbufs ALIAS pbufs)
+target_link_libraries (ripple_libs INTERFACE Ripple::pbufs)
+exclude_if_included (pbufs)

Builds/CMake/deps/Rocksdb.cmake

@@ -0,0 +1,177 @@
+#[===================================================================[
+   NIH dep: rocksdb
+#]===================================================================]
+
+add_library (rocksdb_lib UNKNOWN IMPORTED GLOBAL)
+set_target_properties (rocksdb_lib
+  PROPERTIES INTERFACE_COMPILE_DEFINITIONS RIPPLE_ROCKSDB_AVAILABLE=1)
+
+option (local_rocksdb "use local build of rocksdb." OFF)
+if (NOT local_rocksdb)
+  find_package (RocksDB 6.27 QUIET CONFIG)
+  if (TARGET RocksDB::rocksdb)
+    message (STATUS "Found RocksDB using config.")
+    get_target_property (_rockslib_l RocksDB::rocksdb IMPORTED_LOCATION_DEBUG)
+    if (_rockslib_l)
+      set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION_DEBUG ${_rockslib_l})
+    endif ()
+    get_target_property (_rockslib_l RocksDB::rocksdb IMPORTED_LOCATION_RELEASE)
+    if (_rockslib_l)
+      set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION_RELEASE ${_rockslib_l})
+    endif ()
+    get_target_property (_rockslib_l RocksDB::rocksdb IMPORTED_LOCATION)
+    if (_rockslib_l)
+      set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION ${_rockslib_l})
+    endif ()
+    get_target_property (_rockslib_i RocksDB::rocksdb INTERFACE_INCLUDE_DIRECTORIES)
+    if (_rockslib_i)
+      set_target_properties (rocksdb_lib PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${_rockslib_i})
+    endif ()
+    target_link_libraries (ripple_libs INTERFACE RocksDB::rocksdb)
+  else ()
+    # using a find module with rocksdb is difficult because
+    # you have no idea how it was configured (transitive dependencies).
+    # the code below will generally find rocksdb using the module, but
+    # will then result in linker errors for static linkage since the
+    # transitive dependencies are unknown. force local build here for now, but leave the code as
+    # a placeholder for future investigation.
+    if (static)
+      set (local_rocksdb ON CACHE BOOL "" FORCE)
+      # TBD if there is some way to extract transitive deps..then:
+      #set (RocksDB_USE_STATIC ON)
+    else ()
+      find_package (RocksDB 6.27 MODULE)
+      if (ROCKSDB_FOUND)
+        if (RocksDB_LIBRARY_DEBUG)
+          set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION_DEBUG ${RocksDB_LIBRARY_DEBUG})
+        endif ()
+        set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION_RELEASE ${RocksDB_LIBRARIES})
+        set_target_properties (rocksdb_lib PROPERTIES IMPORTED_LOCATION ${RocksDB_LIBRARIES})
+        set_target_properties (rocksdb_lib PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${RocksDB_INCLUDE_DIRS})
+      else ()
+        set (local_rocksdb ON CACHE BOOL "" FORCE)
+      endif ()
+    endif ()
+  endif ()
+endif ()
+
+if (local_rocksdb)
+  message (STATUS "Using local build of RocksDB.")
+  ExternalProject_Add (rocksdb
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/facebook/rocksdb.git
+    GIT_TAG v6.27.3
+    PATCH_COMMAND
+      # only used by windows build
+      ${CMAKE_COMMAND} -E copy_if_different
+      ${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/rocks_thirdparty.inc
+      <SOURCE_DIR>/thirdparty.inc
+    COMMAND
+      # fixup their build version file to keep the values
+      # from changing always
+      ${CMAKE_COMMAND} -E copy_if_different
+      ${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/rocksdb_build_version.cc.in
+      <SOURCE_DIR>/util/build_version.cc.in
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      $<$<BOOL:${unity}>:-DCMAKE_UNITY_BUILD=ON}>
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      -DBUILD_SHARED_LIBS=OFF
+      -DCMAKE_POSITION_INDEPENDENT_CODE=ON
+      -DWITH_JEMALLOC=$<IF:$<BOOL:${jemalloc}>,ON,OFF>
+      -DWITH_SNAPPY=ON
+      -DWITH_LZ4=ON
+      -DWITH_ZLIB=OFF
+      -DUSE_RTTI=ON
+      -DWITH_ZSTD=OFF
+      -DWITH_GFLAGS=OFF
+      -DWITH_BZ2=OFF
+      -ULZ4_*
+      -Ulz4_*
+      -Dlz4_INCLUDE_DIRS=$<JOIN:$<TARGET_PROPERTY:lz4_lib,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      -Dlz4_LIBRARIES=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:lz4_lib,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:lz4_lib,IMPORTED_LOCATION_RELEASE>>
+      -Dlz4_FOUND=ON
+      -USNAPPY_*
+      -Usnappy_*
+      -USnappy_*
+      -Dsnappy_INCLUDE_DIRS=$<JOIN:$<TARGET_PROPERTY:snappy_lib,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      -Dsnappy_LIBRARIES=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:snappy_lib,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:snappy_lib,IMPORTED_LOCATION_RELEASE>>
+      -Dsnappy_FOUND=ON
+      -DSnappy_INCLUDE_DIRS=$<JOIN:$<TARGET_PROPERTY:snappy_lib,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      -DSnappy_LIBRARIES=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:snappy_lib,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:snappy_lib,IMPORTED_LOCATION_RELEASE>>
+      -DSnappy_FOUND=ON
+      -DWITH_MD_LIBRARY=OFF
+      -DWITH_RUNTIME_DEBUG=$<IF:$<CONFIG:Debug>,ON,OFF>
+      -DFAIL_ON_WARNINGS=OFF
+      -DWITH_ASAN=OFF
+      -DWITH_TSAN=OFF
+      -DWITH_UBSAN=OFF
+      -DWITH_NUMA=OFF
+      -DWITH_TBB=OFF
+      -DWITH_WINDOWS_UTF8_FILENAMES=OFF
+      -DWITH_XPRESS=OFF
+      -DPORTABLE=ON
+      -DFORCE_SSE42=OFF
+      -DDISABLE_STALL_NOTIF=OFF
+      -DOPTDBG=ON
+      -DROCKSDB_LITE=OFF
+      -DWITH_FALLOCATE=ON
+      -DWITH_LIBRADOS=OFF
+      -DWITH_JNI=OFF
+      -DROCKSDB_INSTALL_ON_WINDOWS=OFF
+      -DWITH_TESTS=OFF
+      -DWITH_TOOLS=OFF
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_CXX_FLAGS=-GR -Gd -fp:precise -FS -MP /DNDEBUG"
+      >
+      $<$<NOT:$<BOOL:${MSVC}>>:
+        "-DCMAKE_CXX_FLAGS=-DNDEBUG"
+      >
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+          <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}rocksdb$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>
+        >
+    LIST_SEPARATOR ::
+    TEST_COMMAND ""
+    INSTALL_COMMAND ""
+    DEPENDS snappy_lib lz4_lib
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/${ep_lib_prefix}rocksdb${ep_lib_suffix}
+      <BINARY_DIR>/${ep_lib_prefix}rocksdb_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (rocksdb BINARY_DIR)
+  ExternalProject_Get_Property (rocksdb SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (rocksdb)
+  endif ()
+  file (MAKE_DIRECTORY ${SOURCE_DIR}/include)
+  set_target_properties (rocksdb_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/${ep_lib_prefix}rocksdb_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/${ep_lib_prefix}rocksdb${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SOURCE_DIR}/include)
+  add_dependencies (rocksdb_lib rocksdb)
+  exclude_if_included (rocksdb)
+endif ()
+
+target_link_libraries (rocksdb_lib
+  INTERFACE
+    snappy_lib
+    lz4_lib
+    $<$<BOOL:${MSVC}>:rpcrt4>)
+exclude_if_included (rocksdb_lib)
+target_link_libraries (ripple_libs INTERFACE rocksdb_lib)

Builds/CMake/deps/Secp256k1.cmake

@@ -0,0 +1,58 @@
+#[===================================================================[
+   NIH dep: secp256k1
+#]===================================================================]
+
+add_library (secp256k1_lib STATIC IMPORTED GLOBAL)
+
+if (NOT WIN32)
+  find_package(secp256k1)
+endif()
+
+if(secp256k1)
+  set_target_properties (secp256k1_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${secp256k1}
+    IMPORTED_LOCATION_RELEASE
+      ${secp256k1}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SECP256K1_INCLUDE_DIR})
+
+  add_library (secp256k1 ALIAS secp256k1_lib)
+  add_library (NIH::secp256k1 ALIAS secp256k1_lib)
+
+else()
+  set(INSTALL_SECP256K1 true)
+
+  add_library (secp256k1 STATIC
+    src/secp256k1/src/secp256k1.c)
+  target_compile_definitions (secp256k1
+    PRIVATE
+      USE_NUM_NONE
+      USE_FIELD_10X26
+      USE_FIELD_INV_BUILTIN
+      USE_SCALAR_8X32
+      USE_SCALAR_INV_BUILTIN)
+  target_include_directories (secp256k1
+    PUBLIC
+      $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/src>
+      $<INSTALL_INTERFACE:include>
+    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/src/secp256k1)
+  target_compile_options (secp256k1
+    PRIVATE
+      $<$<BOOL:${MSVC}>:-wd4319>
+      $<$<NOT:$<BOOL:${MSVC}>>:
+        -Wno-deprecated-declarations
+        -Wno-unused-function
+      >
+      $<$<BOOL:${is_gcc}>:-Wno-nonnull-compare>)
+  target_link_libraries (ripple_libs INTERFACE NIH::secp256k1)
+#[===========================[
+     headers installation
+#]===========================]
+  install (
+    FILES
+      src/secp256k1/include/secp256k1.h
+  DESTINATION include/secp256k1/include)
+
+  add_library (NIH::secp256k1 ALIAS secp256k1)
+endif()

Builds/CMake/deps/Snappy.cmake

@@ -0,0 +1,77 @@
+#[===================================================================[
+   NIH dep: snappy
+#]===================================================================]
+
+add_library (snappy_lib STATIC IMPORTED GLOBAL)
+
+if (NOT WIN32)
+  find_package(snappy)
+endif()
+
+if(snappy)
+  set_target_properties (snappy_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${snappy}
+    IMPORTED_LOCATION_RELEASE
+      ${snappy}
+    INTERFACE_INCLUDE_DIRECTORIES
+    ${SNAPPY_INCLUDE_DIR})
+
+else()
+  ExternalProject_Add (snappy
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/google/snappy.git
+    GIT_TAG 1.1.7
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      -DBUILD_SHARED_LIBS=OFF
+      -DCMAKE_POSITION_INDEPENDENT_CODE=ON
+      -DSNAPPY_BUILD_TESTS=OFF
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_CXX_FLAGS=-GR -Gd -fp:precise -FS -EHa -MP"
+        "-DCMAKE_CXX_FLAGS_DEBUG=-MTd"
+        "-DCMAKE_CXX_FLAGS_RELEASE=-MT"
+      >
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+          <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}snappy$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>
+        >
+    TEST_COMMAND ""
+    INSTALL_COMMAND
+      ${CMAKE_COMMAND} -E copy_if_different <BINARY_DIR>/config.h <BINARY_DIR>/snappy-stubs-public.h <SOURCE_DIR>
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/${ep_lib_prefix}snappy${ep_lib_suffix}
+      <BINARY_DIR>/${ep_lib_prefix}snappy_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (snappy BINARY_DIR)
+  ExternalProject_Get_Property (snappy SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (snappy)
+  endif ()
+  file (MAKE_DIRECTORY ${SOURCE_DIR}/snappy)
+  set_target_properties (snappy_lib PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/${ep_lib_prefix}snappy_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/${ep_lib_prefix}snappy${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SOURCE_DIR})
+endif()
+
+add_dependencies (snappy_lib snappy)
+target_link_libraries (ripple_libs INTERFACE snappy_lib)
+exclude_if_included (snappy)
+exclude_if_included (snappy_lib)

Builds/CMake/deps/Soci.cmake

@@ -0,0 +1,164 @@
+#[===================================================================[
+   NIH dep: soci
+#]===================================================================]
+
+foreach (_comp core empty sqlite3)
+  add_library ("soci_${_comp}" STATIC IMPORTED GLOBAL)
+endforeach ()
+
+if (NOT WIN32)
+  find_package(soci)
+endif()
+
+if (soci)
+  foreach (_comp core empty sqlite3)
+    set_target_properties ("soci_${_comp}" PROPERTIES
+      IMPORTED_LOCATION_DEBUG
+        ${soci}
+      IMPORTED_LOCATION_RELEASE
+        ${soci}
+      INTERFACE_INCLUDE_DIRECTORIES
+        ${SOCI_INCLUDE_DIR})
+  endforeach ()
+
+else()
+  set (soci_lib_pre ${ep_lib_prefix})
+  set (soci_lib_post "")
+  if (WIN32)
+    # for some reason soci on windows still prepends lib (non-standard)
+    set (soci_lib_pre lib)
+    # this version in the name might change if/when we change versions of soci
+    set (soci_lib_post "_4_0")
+  endif ()
+  get_target_property (_boost_incs Boost::date_time INTERFACE_INCLUDE_DIRECTORIES)
+  get_target_property (_boost_dt Boost::date_time IMPORTED_LOCATION)
+  if (NOT _boost_dt)
+    get_target_property (_boost_dt Boost::date_time IMPORTED_LOCATION_RELEASE)
+  endif ()
+  if (NOT _boost_dt)
+    get_target_property (_boost_dt Boost::date_time IMPORTED_LOCATION_DEBUG)
+  endif ()
+
+  ExternalProject_Add (soci
+    PREFIX ${nih_cache_path}
+    GIT_REPOSITORY https://github.com/SOCI/soci.git
+    GIT_TAG 04e1870294918d20761736743bb6136314c42dd5
+    # We had an issue with soci integer range checking for boost::optional
+    # and needed to remove the exception that SOCI throws in this case.
+    # This is *probably* a bug in SOCI, but has never been investigated more
+    # nor reported to the maintainers.
+    # This cmake script comments out the lines in question.
+    # This patch process is likely fragile and should be reviewed carefully
+    # whenever we update the GIT_TAG above.
+    PATCH_COMMAND
+      ${CMAKE_COMMAND} -P ${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/soci_patch.cmake
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      $<$<BOOL:${CMAKE_TOOLCHAIN_FILE}>:-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE}>
+      $<$<BOOL:${VCPKG_TARGET_TRIPLET}>:-DVCPKG_TARGET_TRIPLET=${VCPKG_TARGET_TRIPLET}>
+      $<$<BOOL:${unity}>:-DCMAKE_UNITY_BUILD=ON}>
+      -DCMAKE_PREFIX_PATH=${CMAKE_BINARY_DIR}/sqlite3
+      -DCMAKE_MODULE_PATH=${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake
+      -DCMAKE_INCLUDE_PATH=$<JOIN:$<TARGET_PROPERTY:sqlite,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      -DCMAKE_LIBRARY_PATH=${sqlite_BINARY_DIR}
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      -DSOCI_CXX_C11=ON
+      -DSOCI_STATIC=ON
+      -DSOCI_LIBDIR=lib
+      -DSOCI_SHARED=OFF
+      -DSOCI_TESTS=OFF
+      # hacks to workaround the fact that soci doesn't currently use
+      # boost imported targets in its cmake. If they switch to
+      # proper imported targets, this next line can be removed
+      # (as well as the get_property above that sets _boost_incs)
+      -DBoost_INCLUDE_DIRS=$<JOIN:${_boost_incs},::>
+      -DBoost_INCLUDE_DIR=$<JOIN:${_boost_incs},::>
+      -DBOOST_ROOT=${BOOST_ROOT}
+      -DWITH_BOOST=ON
+      -DBoost_FOUND=ON
+      -DBoost_NO_BOOST_CMAKE=ON
+      -DBoost_DATE_TIME_FOUND=ON
+      -DSOCI_HAVE_BOOST=ON
+      -DSOCI_HAVE_BOOST_DATE_TIME=ON
+      -DBoost_DATE_TIME_LIBRARY=${_boost_dt}
+      -DSOCI_DB2=OFF
+      -DSOCI_FIREBIRD=OFF
+      -DSOCI_MYSQL=OFF
+      -DSOCI_ODBC=OFF
+      -DSOCI_ORACLE=OFF
+      -DSOCI_POSTGRESQL=OFF
+      -DSOCI_SQLITE3=ON
+      -DSQLITE3_INCLUDE_DIR=$<JOIN:$<TARGET_PROPERTY:sqlite,INTERFACE_INCLUDE_DIRECTORIES>,::>
+      -DSQLITE3_LIBRARY=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:sqlite,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:sqlite,IMPORTED_LOCATION_RELEASE>>
+      $<$<BOOL:${APPLE}>:-DCMAKE_FIND_FRAMEWORK=LAST>
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_CXX_FLAGS=-GR -Gd -fp:precise -FS -EHa -MP"
+        "-DCMAKE_CXX_FLAGS_DEBUG=-MTd"
+        "-DCMAKE_CXX_FLAGS_RELEASE=-MT"
+      >
+      $<$<NOT:$<BOOL:${MSVC}>>:
+        "-DCMAKE_CXX_FLAGS=-Wno-deprecated-declarations"
+      >
+      # SEE: https://github.com/SOCI/soci/issues/640
+      $<$<AND:$<BOOL:${is_gcc}>,$<VERSION_GREATER_EQUAL:${CMAKE_CXX_COMPILER_VERSION},8>>:
+        "-DCMAKE_CXX_FLAGS=-Wno-deprecated-declarations -Wno-error=format-overflow -Wno-format-overflow -Wno-error=format-truncation"
+      >
+    LIST_SEPARATOR ::
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+          <BINARY_DIR>/lib/$<CONFIG>/${soci_lib_pre}soci_core${soci_lib_post}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>/lib/$<CONFIG>/${soci_lib_pre}soci_empty${soci_lib_post}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>/lib/$<CONFIG>/${soci_lib_pre}soci_sqlite3${soci_lib_post}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+          <BINARY_DIR>/lib
+        >
+    TEST_COMMAND ""
+    INSTALL_COMMAND ""
+    DEPENDS sqlite
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_core${soci_lib_post}${ep_lib_suffix}
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_core${soci_lib_post}_d${ep_lib_suffix}
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_empty${soci_lib_post}${ep_lib_suffix}
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_empty${soci_lib_post}_d${ep_lib_suffix}
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_sqlite3${soci_lib_post}${ep_lib_suffix}
+      <BINARY_DIR>/lib/${soci_lib_pre}soci_sqlite3${soci_lib_post}_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (soci BINARY_DIR)
+  ExternalProject_Get_Property (soci SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (soci)
+  endif ()
+  file (MAKE_DIRECTORY ${SOURCE_DIR}/include)
+  file (MAKE_DIRECTORY ${BINARY_DIR}/include)
+  foreach (_comp core empty sqlite3)
+    set_target_properties ("soci_${_comp}" PROPERTIES
+      IMPORTED_LOCATION_DEBUG
+        ${BINARY_DIR}/lib/${soci_lib_pre}soci_${_comp}${soci_lib_post}_d${ep_lib_suffix}
+      IMPORTED_LOCATION_RELEASE
+        ${BINARY_DIR}/lib/${soci_lib_pre}soci_${_comp}${soci_lib_post}${ep_lib_suffix}
+      INTERFACE_INCLUDE_DIRECTORIES
+        "${SOURCE_DIR}/include;${BINARY_DIR}/include")
+    add_dependencies ("soci_${_comp}" soci) # something has to depend on the ExternalProject to trigger it
+    target_link_libraries (ripple_libs INTERFACE "soci_${_comp}")
+    if (NOT _comp STREQUAL "core")
+      target_link_libraries ("soci_${_comp}" INTERFACE soci_core)
+    endif ()
+  endforeach ()
+endif()
+
+foreach (_comp core empty sqlite3)
+  exclude_if_included ("soci_${_comp}")
+endforeach ()
+
+
+exclude_if_included (soci)

Builds/CMake/deps/Sqlite.cmake

@@ -0,0 +1,93 @@
+#[===================================================================[
+   NIH dep: sqlite
+#]===================================================================]
+
+add_library (sqlite STATIC IMPORTED GLOBAL)
+
+if (NOT WIN32)
+  find_package(sqlite)
+endif()
+
+
+if(sqlite3)
+  set_target_properties (sqlite PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${sqlite3}
+    IMPORTED_LOCATION_RELEASE
+      ${sqlite3}
+    INTERFACE_INCLUDE_DIRECTORIES
+    ${SQLITE_INCLUDE_DIR})
+
+else()
+  ExternalProject_Add (sqlite3
+    PREFIX ${nih_cache_path}
+    # sqlite doesn't use git, but it provides versioned tarballs
+    URL https://www.sqlite.org/2018/sqlite-amalgamation-3260000.zip
+      http://www.sqlite.org/2018/sqlite-amalgamation-3260000.zip
+      https://www2.sqlite.org/2018/sqlite-amalgamation-3260000.zip
+      http://www2.sqlite.org/2018/sqlite-amalgamation-3260000.zip
+    # ^^^ version is apparent in the URL:  3260000 => 3.26.0
+    URL_HASH SHA256=de5dcab133aa339a4cf9e97c40aa6062570086d6085d8f9ad7bc6ddf8a52096e
+    # Don't need to worry about MITM attacks too much because the download
+    # is checked against a strong hash
+    TLS_VERIFY false
+    # we wrote a very simple CMake file to build sqlite
+    # so that's what we copy here so that we can build with
+    # CMake. sqlite doesn't generally provided a build system
+    # for the single amalgamation source file.
+    PATCH_COMMAND
+      ${CMAKE_COMMAND} -E copy_if_different
+      ${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/CMake_sqlite3.txt
+      <SOURCE_DIR>/CMakeLists.txt
+    CMAKE_ARGS
+      -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+      -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+      $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+      -DCMAKE_DEBUG_POSTFIX=_d
+      $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+      $<$<BOOL:${MSVC}>:
+        "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+        "-DCMAKE_C_FLAGS_DEBUG=-MTd"
+        "-DCMAKE_C_FLAGS_RELEASE=-MT"
+      >
+    LOG_BUILD ON
+    LOG_CONFIGURE ON
+    BUILD_COMMAND
+      ${CMAKE_COMMAND}
+      --build .
+      --config $<CONFIG>
+      $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      $<$<BOOL:${is_multiconfig}>:
+        COMMAND
+          ${CMAKE_COMMAND} -E copy
+            <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}sqlite3$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>
+        >
+    TEST_COMMAND ""
+    INSTALL_COMMAND ""
+    BUILD_BYPRODUCTS
+      <BINARY_DIR>/${ep_lib_prefix}sqlite3${ep_lib_suffix}
+      <BINARY_DIR>/${ep_lib_prefix}sqlite3_d${ep_lib_suffix}
+  )
+  ExternalProject_Get_Property (sqlite3 BINARY_DIR)
+  ExternalProject_Get_Property (sqlite3 SOURCE_DIR)
+  if (CMAKE_VERBOSE_MAKEFILE)
+    print_ep_logs (sqlite3)
+  endif ()
+
+  set_target_properties (sqlite PROPERTIES
+    IMPORTED_LOCATION_DEBUG
+      ${BINARY_DIR}/${ep_lib_prefix}sqlite3_d${ep_lib_suffix}
+    IMPORTED_LOCATION_RELEASE
+      ${BINARY_DIR}/${ep_lib_prefix}sqlite3${ep_lib_suffix}
+    INTERFACE_INCLUDE_DIRECTORIES
+      ${SOURCE_DIR})
+
+  add_dependencies (sqlite sqlite3)
+  exclude_if_included (sqlite3)
+endif()
+
+target_link_libraries (sqlite INTERFACE $<$<NOT:$<BOOL:${MSVC}>>:dl>)
+target_link_libraries (ripple_libs INTERFACE sqlite)
+exclude_if_included (sqlite)
+set(sqlite_BINARY_DIR ${BINARY_DIR})

Builds/CMake/deps/cassandra.cmake

@@ -0,0 +1,165 @@
+if(reporting)
+    find_library(cassandra NAMES cassandra)
+    if(NOT cassandra)
+
+        message("System installed Cassandra cpp driver not found. Will build")
+
+        find_library(zlib NAMES zlib1g-dev zlib-devel zlib z)
+        if(NOT zlib)
+            message("zlib not found. will build")
+            add_library(zlib STATIC IMPORTED GLOBAL)
+            ExternalProject_Add(zlib_src
+                PREFIX ${nih_cache_path}
+                GIT_REPOSITORY https://github.com/madler/zlib.git
+                GIT_TAG master
+                INSTALL_COMMAND ""
+                BUILD_BYPRODUCTS <BINARY_DIR>/${ep_lib_prefix}z.a
+                LOG_BUILD TRUE
+                LOG_CONFIGURE TRUE
+                )
+
+
+            ExternalProject_Get_Property (zlib_src SOURCE_DIR)
+            ExternalProject_Get_Property (zlib_src BINARY_DIR)
+            set (zlib_src_SOURCE_DIR "${SOURCE_DIR}")
+            file (MAKE_DIRECTORY ${zlib_src_SOURCE_DIR}/include)
+
+            set_target_properties (zlib PROPERTIES
+                IMPORTED_LOCATION
+                ${BINARY_DIR}/${ep_lib_prefix}z.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                ${SOURCE_DIR}/include)
+            add_dependencies(zlib zlib_src)
+
+            file(TO_CMAKE_PATH "${zlib_src_SOURCE_DIR}" zlib_src_SOURCE_DIR)
+        endif()
+
+
+
+
+        find_library(krb5 NAMES krb5-dev libkrb5-dev)
+
+        if(NOT krb5)
+            message("krb5 not found. will build")
+            add_library(krb5 STATIC IMPORTED GLOBAL)
+            ExternalProject_Add(krb5_src
+                PREFIX ${nih_cache_path}
+                GIT_REPOSITORY https://github.com/krb5/krb5.git
+                GIT_TAG master
+                UPDATE_COMMAND ""
+                CONFIGURE_COMMAND autoreconf src && CFLAGS=-fcommon ./src/configure --enable-static --disable-shared > /dev/null
+                BUILD_IN_SOURCE 1
+                BUILD_COMMAND make
+                INSTALL_COMMAND ""
+                BUILD_BYPRODUCTS <SOURCE_DIR>/lib/${ep_lib_prefix}krb5.a
+                LOG_BUILD TRUE
+                )
+
+            ExternalProject_Get_Property (krb5_src SOURCE_DIR)
+            ExternalProject_Get_Property (krb5_src BINARY_DIR)
+            set (krb5_src_SOURCE_DIR "${SOURCE_DIR}")
+            file (MAKE_DIRECTORY ${krb5_src_SOURCE_DIR}/include)
+
+            set_target_properties (krb5 PROPERTIES
+                IMPORTED_LOCATION
+                ${BINARY_DIR}/lib/${ep_lib_prefix}krb5.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                ${SOURCE_DIR}/include)
+            add_dependencies(krb5 krb5_src)
+
+            file(TO_CMAKE_PATH "${krb5_src_SOURCE_DIR}" krb5_src_SOURCE_DIR)
+        endif()
+
+
+        find_library(libuv1 NAMES uv1 libuv1 liubuv1-dev libuv1:amd64)
+
+
+        if(NOT libuv1)
+            message("libuv1 not found, will build")
+            add_library(libuv1 STATIC IMPORTED GLOBAL)
+            ExternalProject_Add(libuv_src
+                PREFIX ${nih_cache_path}
+                GIT_REPOSITORY https://github.com/libuv/libuv.git
+                GIT_TAG v1.x
+                INSTALL_COMMAND ""
+                BUILD_BYPRODUCTS <BINARY_DIR>/${ep_lib_prefix}uv_a.a
+                LOG_BUILD TRUE
+                LOG_CONFIGURE TRUE
+                )
+
+            ExternalProject_Get_Property (libuv_src SOURCE_DIR)
+            ExternalProject_Get_Property (libuv_src BINARY_DIR)
+            set (libuv_src_SOURCE_DIR "${SOURCE_DIR}")
+            file (MAKE_DIRECTORY ${libuv_src_SOURCE_DIR}/include)
+
+            set_target_properties (libuv1 PROPERTIES
+                IMPORTED_LOCATION
+                ${BINARY_DIR}/${ep_lib_prefix}uv_a.a
+                INTERFACE_INCLUDE_DIRECTORIES
+                ${SOURCE_DIR}/include)
+            add_dependencies(libuv1 libuv_src)
+
+            file(TO_CMAKE_PATH "${libuv_src_SOURCE_DIR}" libuv_src_SOURCE_DIR)
+        endif()
+
+        add_library (cassandra STATIC IMPORTED GLOBAL)
+        ExternalProject_Add(cassandra_src
+            PREFIX ${nih_cache_path}
+            GIT_REPOSITORY https://github.com/datastax/cpp-driver.git
+            GIT_TAG master
+            CMAKE_ARGS
+            -DLIBUV_ROOT_DIR=${BINARY_DIR}
+            -DLIBUV_LIBARY=${BINARY_DIR}/libuv_a.a
+            -DLIBUV_INCLUDE_DIR=${SOURCE_DIR}/include
+            -DCASS_BUILD_STATIC=ON
+            INSTALL_COMMAND ""
+            BUILD_BYPRODUCTS <BINARY_DIR>/${ep_lib_prefix}cassandra_static.a
+            LOG_BUILD TRUE
+            LOG_CONFIGURE TRUE
+            )
+
+        ExternalProject_Get_Property (cassandra_src SOURCE_DIR)
+        ExternalProject_Get_Property (cassandra_src BINARY_DIR)
+        set (cassandra_src_SOURCE_DIR "${SOURCE_DIR}")
+        file (MAKE_DIRECTORY ${cassandra_src_SOURCE_DIR}/include)
+
+        set_target_properties (cassandra PROPERTIES
+            IMPORTED_LOCATION
+            ${BINARY_DIR}/${ep_lib_prefix}cassandra_static.a
+            INTERFACE_INCLUDE_DIRECTORIES
+            ${SOURCE_DIR}/include)
+        add_dependencies(cassandra cassandra_src)
+
+        if(NOT libuv1)
+            ExternalProject_Add_StepDependencies(cassandra_src build libuv1)
+            target_link_libraries(cassandra INTERFACE libuv1)
+        else()
+            target_link_libraries(cassandra INTERFACE ${libuv1})
+        endif()
+        if(NOT krb5)
+
+            ExternalProject_Add_StepDependencies(cassandra_src build krb5)
+            target_link_libraries(cassandra INTERFACE krb5)
+        else()
+            target_link_libraries(cassandra INTERFACE ${krb5})
+        endif()
+
+        if(NOT zlib)
+            ExternalProject_Add_StepDependencies(cassandra_src build zlib)
+            target_link_libraries(cassandra INTERFACE zlib)
+        else()
+            target_link_libraries(cassandra INTERFACE ${zlib})
+        endif()
+
+        file(TO_CMAKE_PATH "${cassandra_src_SOURCE_DIR}" cassandra_src_SOURCE_DIR)
+        target_link_libraries(ripple_libs INTERFACE cassandra)
+    else()
+        message("Found system installed cassandra cpp driver")
+
+        find_path(cassandra_includes NAMES cassandra.h REQUIRED)
+        target_link_libraries (ripple_libs INTERFACE ${cassandra})
+        target_include_directories(ripple_libs INTERFACE ${cassandra_includes})
+    endif()
+
+    exclude_if_included (cassandra)
+endif()

Builds/CMake/deps/date.cmake

@@ -0,0 +1,49 @@
+#[===================================================================[
+   NIH dep: date
+
+   the main library is header-only, thus is an INTERFACE lib in CMake.
+
+   NOTE: this has been accepted into c++20 so can likely be replaced
+   when we update to that standard
+#]===================================================================]
+
+find_package (date QUIET)
+if (NOT TARGET date::date)
+  if (CMAKE_VERSION VERSION_GREATER_EQUAL 3.14)
+    FetchContent_Declare(
+      hh_date_src
+      GIT_REPOSITORY https://github.com/HowardHinnant/date.git
+      GIT_TAG        fc4cf092f9674f2670fb9177edcdee870399b829
+    )
+    FetchContent_MakeAvailable(hh_date_src)
+  else ()
+    ExternalProject_Add (hh_date_src
+      PREFIX ${nih_cache_path}
+      GIT_REPOSITORY https://github.com/HowardHinnant/date.git
+      GIT_TAG        fc4cf092f9674f2670fb9177edcdee870399b829
+      CONFIGURE_COMMAND ""
+      BUILD_COMMAND ""
+      TEST_COMMAND ""
+      INSTALL_COMMAND ""
+    )
+    ExternalProject_Get_Property (hh_date_src SOURCE_DIR)
+    set (hh_date_src_SOURCE_DIR "${SOURCE_DIR}")
+    file (MAKE_DIRECTORY ${hh_date_src_SOURCE_DIR}/include)
+    add_library (date_interface INTERFACE)
+    add_library (date::date ALIAS date_interface)
+    add_dependencies (date_interface hh_date_src)
+    file (TO_CMAKE_PATH "${hh_date_src_SOURCE_DIR}" hh_date_src_SOURCE_DIR)
+    target_include_directories (date_interface
+      SYSTEM INTERFACE
+          $<BUILD_INTERFACE:${hh_date_src_SOURCE_DIR}/include>
+          $<INSTALL_INTERFACE:include>)
+    install (
+      FILES
+        ${hh_date_src_SOURCE_DIR}/include/date/date.h
+      DESTINATION include/date)
+    install (TARGETS date_interface
+      EXPORT RippleExports
+      INCLUDES DESTINATION include)
+  endif ()
+endif ()
+

Builds/CMake/deps/gRPC.cmake

@@ -0,0 +1,364 @@
+
+# currently linking to unsecure versions...if we switch, we'll
+# need to add ssl as a link dependency to the grpc targets
+option (use_secure_grpc "use TLS version of grpc libs." OFF)
+if (use_secure_grpc)
+  set (grpc_suffix "")
+else ()
+  set (grpc_suffix "_unsecure")
+endif ()
+
+find_package (gRPC 1.23 CONFIG QUIET)
+if (TARGET gRPC::gpr AND NOT local_grpc)
+  get_target_property (_grpc_l gRPC::gpr IMPORTED_LOCATION_DEBUG)
+  if (NOT _grpc_l)
+    get_target_property (_grpc_l gRPC::gpr IMPORTED_LOCATION_RELEASE)
+  endif ()
+  if (NOT _grpc_l)
+    get_target_property (_grpc_l gRPC::gpr IMPORTED_LOCATION)
+  endif ()
+  message (STATUS "Found cmake config for gRPC. Using ${_grpc_l}.")
+else ()
+  find_package (PkgConfig QUIET)
+  if (PKG_CONFIG_FOUND)
+    pkg_check_modules (grpc QUIET "grpc${grpc_suffix}>=1.25" "grpc++${grpc_suffix}" gpr)
+  endif ()
+
+  if (grpc_FOUND)
+    message (STATUS "Found gRPC using pkg-config. Using ${grpc_gpr_PREFIX}.")
+  endif ()
+
+  add_executable (gRPC::grpc_cpp_plugin IMPORTED)
+  exclude_if_included (gRPC::grpc_cpp_plugin)
+
+  if (grpc_FOUND AND NOT local_grpc)
+    # use installed grpc (via pkg-config)
+    macro (add_imported_grpc libname_)
+      if (static)
+        set (_search "${CMAKE_STATIC_LIBRARY_PREFIX}${libname_}${CMAKE_STATIC_LIBRARY_SUFFIX}")
+      else ()
+        set (_search "${CMAKE_SHARED_LIBRARY_PREFIX}${libname_}${CMAKE_SHARED_LIBRARY_SUFFIX}")
+      endif()
+      find_library(_found_${libname_}
+        NAMES ${_search}
+        HINTS ${grpc_LIBRARY_DIRS})
+      if (_found_${libname_})
+        message (STATUS "importing ${libname_} as ${_found_${libname_}}")
+      else ()
+        message (FATAL_ERROR "using pkg-config for grpc, can't find ${_search}")
+      endif ()
+      add_library ("gRPC::${libname_}" STATIC IMPORTED GLOBAL)
+      set_target_properties ("gRPC::${libname_}" PROPERTIES IMPORTED_LOCATION ${_found_${libname_}})
+      if (grpc_INCLUDE_DIRS)
+        set_target_properties ("gRPC::${libname_}" PROPERTIES INTERFACE_INCLUDE_DIRECTORIES ${grpc_INCLUDE_DIRS})
+      endif ()
+      target_link_libraries (ripple_libs INTERFACE "gRPC::${libname_}")
+      exclude_if_included ("gRPC::${libname_}")
+    endmacro ()
+
+    set_target_properties (gRPC::grpc_cpp_plugin PROPERTIES
+        IMPORTED_LOCATION "${grpc_gpr_PREFIX}/bin/grpc_cpp_plugin${CMAKE_EXECUTABLE_SUFFIX}")
+
+    pkg_check_modules (cares QUIET libcares)
+    if (cares_FOUND)
+      if (static)
+        set (_search "${CMAKE_STATIC_LIBRARY_PREFIX}cares${CMAKE_STATIC_LIBRARY_SUFFIX}")
+        set (_prefix cares_STATIC)
+        set (_static STATIC)
+      else ()
+        set (_search "${CMAKE_SHARED_LIBRARY_PREFIX}cares${CMAKE_SHARED_LIBRARY_SUFFIX}")
+        set (_prefix cares)
+        set (_static)
+      endif()
+      find_library(_location NAMES ${_search} HINTS ${cares_LIBRARY_DIRS})
+      if (NOT _location)
+        message (FATAL_ERROR "using pkg-config for grpc, can't find c-ares")
+      endif ()
+      add_library (c-ares::cares ${_static} IMPORTED GLOBAL)
+      set_target_properties (c-ares::cares PROPERTIES
+        IMPORTED_LOCATION ${_location}
+        INTERFACE_INCLUDE_DIRECTORIES "${${_prefix}_INCLUDE_DIRS}"
+        INTERFACE_LINK_OPTIONS "${${_prefix}_LDFLAGS}"
+      )
+      exclude_if_included (c-ares::cares)
+    else ()
+      message (FATAL_ERROR "using pkg-config for grpc, can't find c-ares")
+    endif ()
+  else ()
+    #[===========================[
+       c-ares (grpc requires)
+    #]===========================]
+    ExternalProject_Add (c-ares_src
+      PREFIX ${nih_cache_path}
+      GIT_REPOSITORY https://github.com/c-ares/c-ares.git
+      GIT_TAG cares-1_15_0
+      CMAKE_ARGS
+        -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+        $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+        -DCMAKE_DEBUG_POSTFIX=_d
+        $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+        -DCMAKE_INSTALL_PREFIX=<BINARY_DIR>/_installed_
+        -DCARES_SHARED=OFF
+        -DCARES_STATIC=ON
+        -DCARES_STATIC_PIC=ON
+        -DCARES_INSTALL=ON
+        -DCARES_MSVC_STATIC_RUNTIME=ON
+        $<$<BOOL:${MSVC}>:
+          "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+        >
+      LOG_BUILD ON
+      LOG_CONFIGURE ON
+      BUILD_COMMAND
+        ${CMAKE_COMMAND}
+          --build .
+          --config $<CONFIG>
+          $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+      TEST_COMMAND ""
+      INSTALL_COMMAND
+        ${CMAKE_COMMAND} -E env --unset=DESTDIR ${CMAKE_COMMAND} --build . --config $<CONFIG> --target install
+      BUILD_BYPRODUCTS
+        <BINARY_DIR>/_installed_/lib/${ep_lib_prefix}cares${ep_lib_suffix}
+        <BINARY_DIR>/_installed_/lib/${ep_lib_prefix}cares_d${ep_lib_suffix}
+    )
+    exclude_if_included (c-ares_src)
+    ExternalProject_Get_Property (c-ares_src BINARY_DIR)
+    set (cares_binary_dir "${BINARY_DIR}")
+
+    add_library (c-ares::cares STATIC IMPORTED GLOBAL)
+    file (MAKE_DIRECTORY ${BINARY_DIR}/_installed_/include)
+    set_target_properties (c-ares::cares PROPERTIES
+      IMPORTED_LOCATION_DEBUG
+        ${BINARY_DIR}/_installed_/lib/${ep_lib_prefix}cares_d${ep_lib_suffix}
+      IMPORTED_LOCATION_RELEASE
+        ${BINARY_DIR}/_installed_/lib/${ep_lib_prefix}cares${ep_lib_suffix}
+      INTERFACE_INCLUDE_DIRECTORIES
+        ${BINARY_DIR}/_installed_/include)
+    add_dependencies (c-ares::cares c-ares_src)
+    exclude_if_included (c-ares::cares)
+
+    if (NOT has_zlib)
+      #[===========================[
+         zlib (grpc requires)
+      #]===========================]
+      if (MSVC)
+        set (zlib_debug_postfix "d") # zlib cmake sets this internally for MSVC, so we really don't have a choice
+        set (zlib_base "zlibstatic")
+      else ()
+        set (zlib_debug_postfix "_d")
+        set (zlib_base "z")
+      endif ()
+      ExternalProject_Add (zlib_src
+        PREFIX ${nih_cache_path}
+        GIT_REPOSITORY https://github.com/madler/zlib.git
+        GIT_TAG v1.2.11
+        CMAKE_ARGS
+          -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+          $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+          -DCMAKE_DEBUG_POSTFIX=${zlib_debug_postfix}
+          $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+          -DCMAKE_INSTALL_PREFIX=<BINARY_DIR>/_installed_
+          -DBUILD_SHARED_LIBS=OFF
+          $<$<BOOL:${MSVC}>:
+            "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+            "-DCMAKE_C_FLAGS_DEBUG=-MTd"
+            "-DCMAKE_C_FLAGS_RELEASE=-MT"
+          >
+        LOG_BUILD ON
+        LOG_CONFIGURE ON
+        BUILD_COMMAND
+          ${CMAKE_COMMAND}
+            --build .
+            --config $<CONFIG>
+            $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+        TEST_COMMAND ""
+        INSTALL_COMMAND
+          ${CMAKE_COMMAND} -E env --unset=DESTDIR ${CMAKE_COMMAND} --build . --config $<CONFIG> --target install
+        BUILD_BYPRODUCTS
+          <BINARY_DIR>/_installed_/lib/${ep_lib_prefix}${zlib_base}${ep_lib_suffix}
+          <BINARY_DIR>/_installed_/lib/${ep_lib_prefix}${zlib_base}${zlib_debug_postfix}${ep_lib_suffix}
+      )
+      exclude_if_included (zlib_src)
+      ExternalProject_Get_Property (zlib_src BINARY_DIR)
+      set (zlib_binary_dir "${BINARY_DIR}")
+
+      add_library (ZLIB::ZLIB STATIC IMPORTED GLOBAL)
+      file (MAKE_DIRECTORY ${BINARY_DIR}/_installed_/include)
+      set_target_properties (ZLIB::ZLIB PROPERTIES
+        IMPORTED_LOCATION_DEBUG
+          ${BINARY_DIR}/_installed_/lib/${ep_lib_prefix}${zlib_base}${zlib_debug_postfix}${ep_lib_suffix}
+        IMPORTED_LOCATION_RELEASE
+          ${BINARY_DIR}/_installed_/lib/${ep_lib_prefix}${zlib_base}${ep_lib_suffix}
+        INTERFACE_INCLUDE_DIRECTORIES
+          ${BINARY_DIR}/_installed_/include)
+      add_dependencies (ZLIB::ZLIB zlib_src)
+      exclude_if_included (ZLIB::ZLIB)
+    endif ()
+
+    #[===========================[
+       grpc
+    #]===========================]
+    ExternalProject_Add (grpc_src
+      PREFIX ${nih_cache_path}
+      GIT_REPOSITORY https://github.com/grpc/grpc.git
+      GIT_TAG v1.25.0
+      CMAKE_ARGS
+        -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+        -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+        $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
+        $<$<BOOL:${CMAKE_TOOLCHAIN_FILE}>:-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE}>
+        $<$<BOOL:${VCPKG_TARGET_TRIPLET}>:-DVCPKG_TARGET_TRIPLET=${VCPKG_TARGET_TRIPLET}>
+        $<$<BOOL:${unity}>:-DCMAKE_UNITY_BUILD=ON}>
+        -DCMAKE_DEBUG_POSTFIX=_d
+        $<$<NOT:$<BOOL:${is_multiconfig}>>:-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}>
+        -DgRPC_BUILD_TESTS=OFF
+        -DgRPC_BENCHMARK_PROVIDER=""
+        -DgRPC_BUILD_CSHARP_EXT=OFF
+        -DgRPC_MSVC_STATIC_RUNTIME=ON
+        -DgRPC_INSTALL=OFF
+        -DgRPC_CARES_PROVIDER=package
+        -Dc-ares_DIR=${cares_binary_dir}/_installed_/lib/cmake/c-ares
+        -DgRPC_SSL_PROVIDER=package
+        -DOPENSSL_ROOT_DIR=${OPENSSL_ROOT_DIR}
+        -DgRPC_PROTOBUF_PROVIDER=package
+        -DProtobuf_USE_STATIC_LIBS=$<IF:$<AND:$<BOOL:${Protobuf_FOUND}>,$<NOT:$<BOOL:${static}>>>,OFF,ON>
+        -DProtobuf_INCLUDE_DIR=$<JOIN:$<TARGET_PROPERTY:protobuf::libprotobuf,INTERFACE_INCLUDE_DIRECTORIES>,:_:>
+        -DProtobuf_LIBRARY=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:protobuf::libprotobuf,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:protobuf::libprotobuf,IMPORTED_LOCATION_RELEASE>>
+        -DProtobuf_PROTOC_LIBRARY=$<IF:$<CONFIG:Debug>,$<TARGET_PROPERTY:protobuf::libprotoc,IMPORTED_LOCATION_DEBUG>,$<TARGET_PROPERTY:protobuf::libprotoc,IMPORTED_LOCATION_RELEASE>>
+        -DProtobuf_PROTOC_EXECUTABLE=$<TARGET_PROPERTY:protobuf::protoc,IMPORTED_LOCATION>
+        -DgRPC_ZLIB_PROVIDER=package
+        $<$<NOT:$<BOOL:${has_zlib}>>:-DZLIB_ROOT=${zlib_binary_dir}/_installed_>
+        $<$<BOOL:${MSVC}>:
+          "-DCMAKE_CXX_FLAGS=-GR -Gd -fp:precise -FS -EHa -MP"
+          "-DCMAKE_C_FLAGS=-GR -Gd -fp:precise -FS -MP"
+        >
+      LOG_BUILD ON
+      LOG_CONFIGURE ON
+      BUILD_COMMAND
+        ${CMAKE_COMMAND}
+        --build .
+        --config $<CONFIG>
+        $<$<VERSION_GREATER_EQUAL:${CMAKE_VERSION},3.12>:--parallel ${ep_procs}>
+        $<$<BOOL:${is_multiconfig}>:
+          COMMAND
+            ${CMAKE_COMMAND} -E copy
+            <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}grpc${grpc_suffix}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}grpc++${grpc_suffix}$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}address_sorting$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>/$<CONFIG>/${ep_lib_prefix}gpr$<$<CONFIG:Debug>:_d>${ep_lib_suffix}
+            <BINARY_DIR>/$<CONFIG>/grpc_cpp_plugin${CMAKE_EXECUTABLE_SUFFIX}
+            <BINARY_DIR>
+          >
+      LIST_SEPARATOR :_:
+      TEST_COMMAND ""
+      INSTALL_COMMAND ""
+      DEPENDS c-ares_src
+      BUILD_BYPRODUCTS
+        <BINARY_DIR>/${ep_lib_prefix}grpc${grpc_suffix}${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}grpc${grpc_suffix}_d${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}grpc++${grpc_suffix}${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}grpc++${grpc_suffix}_d${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}address_sorting${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}address_sorting_d${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}gpr${ep_lib_suffix}
+        <BINARY_DIR>/${ep_lib_prefix}gpr_d${ep_lib_suffix}
+        <BINARY_DIR>/grpc_cpp_plugin${CMAKE_EXECUTABLE_SUFFIX}
+    )
+    if (TARGET protobuf_src)
+      ExternalProject_Add_StepDependencies(grpc_src build protobuf_src)
+    endif ()
+    exclude_if_included (grpc_src)
+    ExternalProject_Get_Property (grpc_src BINARY_DIR)
+    ExternalProject_Get_Property (grpc_src SOURCE_DIR)
+    set (grpc_binary_dir "${BINARY_DIR}")
+    set (grpc_source_dir "${SOURCE_DIR}")
+    if (CMAKE_VERBOSE_MAKEFILE)
+      print_ep_logs (grpc_src)
+    endif ()
+    file (MAKE_DIRECTORY ${SOURCE_DIR}/include)
+
+    macro (add_imported_grpc libname_)
+      add_library ("gRPC::${libname_}" STATIC IMPORTED GLOBAL)
+      set_target_properties ("gRPC::${libname_}" PROPERTIES
+        IMPORTED_LOCATION_DEBUG
+          ${grpc_binary_dir}/${ep_lib_prefix}${libname_}_d${ep_lib_suffix}
+        IMPORTED_LOCATION_RELEASE
+          ${grpc_binary_dir}/${ep_lib_prefix}${libname_}${ep_lib_suffix}
+        INTERFACE_INCLUDE_DIRECTORIES
+          ${grpc_source_dir}/include)
+      add_dependencies ("gRPC::${libname_}" grpc_src)
+      target_link_libraries (ripple_libs INTERFACE "gRPC::${libname_}")
+      exclude_if_included ("gRPC::${libname_}")
+    endmacro ()
+
+    set_target_properties (gRPC::grpc_cpp_plugin PROPERTIES
+        IMPORTED_LOCATION "${grpc_binary_dir}/grpc_cpp_plugin${CMAKE_EXECUTABLE_SUFFIX}")
+    add_dependencies (gRPC::grpc_cpp_plugin grpc_src)
+  endif ()
+
+  add_imported_grpc (gpr)
+  add_imported_grpc ("grpc${grpc_suffix}")
+  add_imported_grpc ("grpc++${grpc_suffix}")
+  add_imported_grpc (address_sorting)
+
+  target_link_libraries ("gRPC::grpc${grpc_suffix}" INTERFACE c-ares::cares gRPC::gpr gRPC::address_sorting ZLIB::ZLIB)
+  target_link_libraries ("gRPC::grpc++${grpc_suffix}" INTERFACE "gRPC::grpc${grpc_suffix}" gRPC::gpr)
+endif ()
+
+#[=================================[
+   generate protobuf sources for
+   grpc defs and bundle into a
+   static lib
+#]=================================]
+set (GRPC_GEN_DIR "${CMAKE_BINARY_DIR}/proto_gen_grpc")
+file (MAKE_DIRECTORY ${GRPC_GEN_DIR})
+set (GRPC_PROTO_SRCS)
+set (GRPC_PROTO_HDRS)
+set (GRPC_PROTO_ROOT "${CMAKE_CURRENT_SOURCE_DIR}/src/ripple/proto/org")
+file(GLOB_RECURSE GRPC_DEFINITION_FILES LIST_DIRECTORIES false "${GRPC_PROTO_ROOT}/*.proto")
+foreach(file ${GRPC_DEFINITION_FILES})
+  get_filename_component(_abs_file ${file} ABSOLUTE)
+  get_filename_component(_abs_dir ${_abs_file} DIRECTORY)
+  get_filename_component(_basename ${file} NAME_WE)
+  get_filename_component(_proto_inc ${GRPC_PROTO_ROOT} DIRECTORY) # updir one level
+  file(RELATIVE_PATH _rel_root_file ${_proto_inc} ${_abs_file})
+  get_filename_component(_rel_root_dir ${_rel_root_file} DIRECTORY)
+  file(RELATIVE_PATH _rel_dir ${CMAKE_CURRENT_SOURCE_DIR} ${_abs_dir})
+
+  set (src_1 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.grpc.pb.cc")
+  set (src_2 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.pb.cc")
+  set (hdr_1 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.grpc.pb.h")
+  set (hdr_2 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.pb.h")
+  add_custom_command(
+    OUTPUT ${src_1} ${src_2} ${hdr_1} ${hdr_2}
+    COMMAND protobuf::protoc
+    ARGS --grpc_out=${GRPC_GEN_DIR}
+         --cpp_out=${GRPC_GEN_DIR}
+         --plugin=protoc-gen-grpc=$<TARGET_FILE:gRPC::grpc_cpp_plugin>
+         -I ${_proto_inc} -I ${_rel_dir}
+         ${_abs_file}
+    DEPENDS ${_abs_file} protobuf::protoc gRPC::grpc_cpp_plugin
+    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+    COMMENT "Running gRPC C++ protocol buffer compiler on ${file}"
+    VERBATIM)
+    set_source_files_properties(${src_1} ${src_2} ${hdr_1} ${hdr_2} PROPERTIES GENERATED TRUE)
+    list(APPEND GRPC_PROTO_SRCS ${src_1} ${src_2})
+    list(APPEND GRPC_PROTO_HDRS ${hdr_1} ${hdr_2})
+endforeach()
+
+add_library (grpc_pbufs STATIC ${GRPC_PROTO_SRCS} ${GRPC_PROTO_HDRS})
+#target_include_directories (grpc_pbufs PRIVATE src)
+target_include_directories (grpc_pbufs SYSTEM PUBLIC ${GRPC_GEN_DIR})
+target_link_libraries (grpc_pbufs protobuf::libprotobuf "gRPC::grpc++${grpc_suffix}")
+target_compile_options (grpc_pbufs
+  PRIVATE
+    $<$<BOOL:${MSVC}>:-wd4065>
+    $<$<NOT:$<BOOL:${MSVC}>>:-Wno-deprecated-declarations>
+  PUBLIC
+    $<$<BOOL:${MSVC}>:-wd4996>
+    $<$<BOOL:${is_xcode}>:
+      --system-header-prefix="google/protobuf"
+      -Wno-deprecated-dynamic-exception-spec
+    >)
+add_library (Ripple::grpc_pbufs ALIAS grpc_pbufs)
+target_link_libraries (ripple_libs INTERFACE Ripple::grpc_pbufs)
+exclude_if_included (grpc_pbufs)

Builds/CMake/echo_file.cmake

@@ -0,0 +1,17 @@
+#[=========================================================[
+  This is a CMake script file that is used to write
+  the contents of a file to stdout (using the cmake
+  echo command). The input file is passed via the
+  IN_FILE variable.
+#]=========================================================]
+
+if (EXISTS ${IN_FILE})
+  file (READ ${IN_FILE} contents)
+  ## only print files that actually have some text in them
+  if (contents MATCHES "[a-z0-9A-Z]+")
+    execute_process(
+      COMMAND
+        ${CMAKE_COMMAND} -E echo "${contents}")
+  endif ()
+endif ()
+

Builds/CMake/rocks_thirdparty.inc

@@ -0,0 +1,15 @@
+set (THIRDPARTY_LIBS "")
+
+if(WITH_SNAPPY)
+  add_definitions(-DSNAPPY)
+  include_directories(${snappy_INCLUDE_DIRS})
+  set (THIRDPARTY_LIBS ${THIRDPARTY_LIBS} ${snappy_LIBRARIES})
+endif()
+
+if(WITH_LZ4)
+  add_definitions(-DLZ4)
+  include_directories(${lz4_INCLUDE_DIRS})
+  set (THIRDPARTY_LIBS ${THIRDPARTY_LIBS} ${lz4_LIBRARIES})
+endif()
+
+

Builds/CMake/rocksdb_build_version.cc.in

@@ -0,0 +1,71 @@
+// Copyright (c) Facebook, Inc. and its affiliates. All Rights Reserved.
+
+#include <memory>
+
+#include "rocksdb/version.h"
+#include "util/string_util.h"
+
+// The build script may replace these values with real values based
+// on whether or not GIT is available and the platform settings
+static const std::string rocksdb_build_git_sha  = "rocksdb_build_git_sha:@GIT_SHA@";
+static const std::string rocksdb_build_git_tag = "rocksdb_build_git_tag:@GIT_TAG@";
+#define HAS_GIT_CHANGES @GIT_MOD@
+#if HAS_GIT_CHANGES == 0
+// If HAS_GIT_CHANGES is 0, the GIT date is used.
+// Use the time the branch/tag was last modified
+static const std::string rocksdb_build_date = "rocksdb_build_date:@GIT_DATE@";
+#else
+// If HAS_GIT_CHANGES is > 0, the branch/tag has modifications.
+// Use the time the build was created.
+static const std::string rocksdb_build_date = "rocksdb_build_date:@BUILD_DATE@";
+#endif
+
+namespace ROCKSDB_NAMESPACE {
+static void AddProperty(std::unordered_map<std::string, std::string> *props, const std::string& name) {
+  size_t colon = name.find(":");
+  if (colon != std::string::npos && colon > 0 && colon < name.length() - 1) {
+    // If we found a "@:", then this property was a build-time substitution that failed.  Skip it
+    size_t at = name.find("@", colon);
+    if (at != colon + 1) {
+      // Everything before the colon is the name, after is the value
+      (*props)[name.substr(0, colon)] = name.substr(colon + 1);
+    }
+  }
+}
+  
+static std::unordered_map<std::string, std::string>* LoadPropertiesSet() {
+  auto * properties = new std::unordered_map<std::string, std::string>();
+  AddProperty(properties, rocksdb_build_git_sha);
+  AddProperty(properties, rocksdb_build_git_tag);
+  AddProperty(properties, rocksdb_build_date);
+  return properties;
+}
+
+const std::unordered_map<std::string, std::string>& GetRocksBuildProperties() {
+  static std::unique_ptr<std::unordered_map<std::string, std::string>> props(LoadPropertiesSet());
+  return *props;
+}
+
+std::string GetRocksVersionAsString(bool with_patch) {
+  std::string version = ToString(ROCKSDB_MAJOR) + "." + ToString(ROCKSDB_MINOR);
+  if (with_patch) {
+    return version + "." + ToString(ROCKSDB_PATCH);
+  } else {
+    return version;
+  }
+}
+  
+std::string GetRocksBuildInfoAsString(const std::string& program, bool verbose) {
+  std::string info = program + " (RocksDB) " + GetRocksVersionAsString(true);
+  if (verbose) {
+    for (const auto& it : GetRocksBuildProperties()) {
+      info.append("\n    ");
+      info.append(it.first);
+      info.append(": ");
+      info.append(it.second);
+    }
+  }
+  return info;
+}
+} // namespace ROCKSDB_NAMESPACE
+

Builds/CMake/soci_patch.cmake

@@ -0,0 +1,39 @@
+# This patches unsigned-types.h in the soci official sources
+# so as to remove type range check exceptions that cause
+# us trouble when using boost::optional to select int values
+
+# Some versions of CMake erroneously patch external projects on every build.
+# If the patch makes no changes, skip it. This workaround can be
+# removed once we stop supporting vulnerable versions of CMake.
+# https://gitlab.kitware.com/cmake/cmake/-/issues/21086
+file (STRINGS include/soci/unsigned-types.h sourcecode)
+# Delete the .patched file if it exists, so it doesn't end up duplicated.
+# Trying to remove a file that does not exist is not a problem.
+file (REMOVE include/soci/unsigned-types.h.patched)
+foreach (line_ ${sourcecode})
+  if (line_ MATCHES "^[ \\t]+throw[ ]+soci_error[ ]*\\([ ]*\"Value outside of allowed.+$")
+    set (line_ "//${CMAKE_MATCH_0}")
+  endif ()
+  file (APPEND include/soci/unsigned-types.h.patched "${line_}\n")
+endforeach ()
+execute_process( COMMAND ${CMAKE_COMMAND} -E compare_files
+                 include/soci/unsigned-types.h include/soci/unsigned-types.h.patched
+                 RESULT_VARIABLE compare_result
+)
+if( compare_result EQUAL 0)
+  message(DEBUG "The soci source and patch files are identical. Make no changes.")
+  file (REMOVE include/soci/unsigned-types.h.patched)
+  return()
+endif()
+file (RENAME include/soci/unsigned-types.h include/soci/unsigned-types.h.orig)
+file (RENAME include/soci/unsigned-types.h.patched include/soci/unsigned-types.h)
+# also fix Boost.cmake so that it just returns when we override the Boost_FOUND var
+file (APPEND cmake/dependencies/Boost.cmake.patched "if (Boost_FOUND)\n")
+file (APPEND cmake/dependencies/Boost.cmake.patched "  return ()\n")
+file (APPEND cmake/dependencies/Boost.cmake.patched "endif ()\n")
+file (STRINGS cmake/dependencies/Boost.cmake sourcecode)
+foreach (line_ ${sourcecode})
+  file (APPEND cmake/dependencies/Boost.cmake.patched "${line_}\n")
+endforeach ()
+file (RENAME cmake/dependencies/Boost.cmake.patched cmake/dependencies/Boost.cmake)
+

Builds/Test.py

@@ -60,12 +60,12 @@ IS_OS_X = platform.system().lower() == 'darwin'
 # CMake
 if IS_WINDOWS:
     CMAKE_UNITY_CONFIGS = ['Debug', 'Release']
-    CMAKE_NONUNITY_CONFIGS = ['DebugClassic', 'ReleaseClassic']
+    CMAKE_NONUNITY_CONFIGS = ['Debug', 'Release']
 else:
     CMAKE_UNITY_CONFIGS = []
     CMAKE_NONUNITY_CONFIGS = []
-CMAKE_UNITY_COMBOS = { '' : [['rippled', 'rippled_classic'], CMAKE_UNITY_CONFIGS],
-    '.nounity' : [['rippled', 'rippled_unity'], CMAKE_NONUNITY_CONFIGS] }
+CMAKE_UNITY_COMBOS = { '' : [['rippled'], CMAKE_UNITY_CONFIGS],
+    '.nounity' : [['rippled'], CMAKE_NONUNITY_CONFIGS] }
 
 if IS_WINDOWS:
     CMAKE_DIR_TARGETS = { ('msvc' + unity,) : targets for unity, targets in
@@ -130,6 +130,12 @@ parser.add_argument(
     help='Run tests in parallel'
 )
 
+parser.add_argument(
+    '--ipv6',
+    action='store_true',
+    help='Use IPv6 localhost when running unit tests.',
+)
+
 parser.add_argument(
     '--clean', '-c',
     action='store_true',
@@ -198,7 +204,7 @@ def decodeString(line):
     else:
         return line.decode()
 
-def shell(cmd, args=(), silent=False):
+def shell(cmd, args=(), silent=False, cust_env=None):
     """"Execute a shell command and return the output."""
     silent = ARGS.silent or silent
     verbose = not silent and ARGS.verbose
@@ -213,6 +219,7 @@ def shell(cmd, args=(), silent=False):
         stdin=subprocess.PIPE,
         stdout=subprocess.PIPE,
         stderr=subprocess.STDOUT,
+        env=cust_env,
         shell=IS_WINDOWS)
     lines = []
     count = 0
@@ -252,7 +259,33 @@ def run_cmake(directory, cmake_dir, args):
             args += ( '-GNinja', )
         else:
             args += ( '-GVisual Studio 14 2015 Win64', )
-    args += ( '-Dtarget=' + cmake_dir, os.path.join('..', '..', '..'), )
+    # hack to extract cmake options/args from the legacy target format
+    if re.search('\.unity', cmake_dir):
+        args += ( '-Dunity=ON', )
+    if re.search('\.nounity', cmake_dir):
+        args += ( '-Dunity=OFF', )
+    if re.search('coverage', cmake_dir):
+        args += ( '-Dcoverage=ON', )
+    if re.search('profile', cmake_dir):
+        args += ( '-Dprofile=ON', )
+    if re.search('debug', cmake_dir):
+        args += ( '-DCMAKE_BUILD_TYPE=Debug', )
+    if re.search('release', cmake_dir):
+        args += ( '-DCMAKE_BUILD_TYPE=Release', )
+    m = re.search('gcc(-[^.]*)', cmake_dir)
+    if m:
+        args += ( '-DCMAKE_C_COMPILER=' + m.group(0),
+          '-DCMAKE_CXX_COMPILER=g++' + m.group(1), )
+    elif re.search('gcc', cmake_dir):
+        args += ( '-DCMAKE_C_COMPILER=gcc', '-DCMAKE_CXX_COMPILER=g++', )
+    m = re.search('clang(-[^.]*)', cmake_dir)
+    if m:
+        args += ( '-DCMAKE_C_COMPILER=' + m.group(0),
+          '-DCMAKE_CXX_COMPILER=clang++' + m.group(1), )
+    elif re.search('clang', cmake_dir):
+        args += ( '-DCMAKE_C_COMPILER=clang', '-DCMAKE_CXX_COMPILER=clang++', )
+
+    args += ( os.path.join('..', '..', '..'), )
     resultcode, lines = shell('cmake', args)
 
     if resultcode:
@@ -292,13 +325,16 @@ def run_cmake_tests(directory, target, config):
     testflag = '--unittest'
     quiet = ''
     testjobs = ''
+    ipv6 = ''
     if ARGS.test:
         testflag += ('=' + ARGS.test)
     if ARGS.quiet:
         quiet = '-q'
+    if ARGS.ipv6:
+        ipv6 = '--unittest-ipv6'
     if ARGS.testjobs:
         testjobs = ('--unittest-jobs=' + str(ARGS.testjobs))
-    resultcode, lines = shell(executable, (testflag, quiet, testjobs,))
+    resultcode, lines = shell(executable, (testflag, quiet, testjobs, ipv6))
 
     if resultcode:
         if not ARGS.verbose:

Builds/VisualStudio2017/README.md

@@ -15,11 +15,10 @@ need these software components
 | Component | Minimum Recommended Version |
 |-----------|-----------------------|
 | [Visual Studio 2017](README.md#install-visual-studio-2017)| 15.5.4 |
-| [Git for Windows](README.md#install-git-for-windows)| 2.16.1|
-| [Google Protocol Buffers Compiler](README.md#install-google-protocol-buffers-compiler) | 2.5.1|
-| [OpenSSL Library](README.md#install-openssl) | 1.0.2n |
-| [Boost library](README.md#build-boost) | 1.66.0 |
-| [CMake for Windows](README.md#optional-install-cmake-for-windows)* | 3.10.2 |
+| [Git for Windows](README.md#install-git-for-windows)| 2.16.1 |
+| [OpenSSL Library](README.md#install-openssl) | 1.1.1L |
+| [Boost library](README.md#build-boost) | 1.70.0 |
+| [CMake for Windows](README.md#optional-install-cmake-for-windows)* | 3.12 |
 
 \* Only needed if not using the integrated CMake in VS 2017 and prefer generating dedicated project/solution files.
 
@@ -49,39 +48,21 @@ Windows](https://git-scm.com/) since it provides a Unix-like command line
 environment useful for running shell scripts. Use of the bash shell under
 Windows is mandatory for running the unit tests.
 
-### Install Google Protocol Buffers Compiler
-
-Building rippled requires **protoc.exe** version 2. Version 3 is not currently
-supported.. At your option you may build it yourself from the sources in the
-[Google Protocol Buffers](https://github.com/google/protobuf) repository, or you
-may download a
-[protoc.exe](https://ripple.github.io/Downloads/protoc/2.5.1/protoc.exe)
-([alternate
-link](https://github.com/ripple/Downloads/raw/gh-pages/protoc/2.5.1/protoc.exe))
-precompiled Windows executable from the [Ripple
-Organization](https://github.com/ripple).
-
-Either way, once you have the required version of **protoc.exe**, copy it into a
-standard location that is in your command line `%PATH%`.
-
-* **NOTE:** If you use an older version of the compiler, the build will fail
-  with errors related to a mismatch of the version of protocol buffer headers
-  versus the compiler. Likewise, if you use version 3 or newer, the build will
-  fail.
-
 ### Install OpenSSL
 
-[Download OpenSSL.](http://slproweb.com/products/Win32OpenSSL.html) There will
-four `Win64` bit variants available, you want the non-light `v1.0` line. As of
-this writing, you **should** select
+[Download the latest version of
+OpenSSL.](http://slproweb.com/products/Win32OpenSSL.html) There will
+several `Win64` bit variants available, you want the non-light
+`v1.1` line. As of this writing, you **should** select
 
-* Win64 OpenSSL v1.0.2n. 
+* Win64 OpenSSL v1.1.1L
 
 and should **not** select
 
-* Win64 OpenSSL v1.0.2n light
-* Win64 OpenSSL v1.1.0g
-* Win64 OpenSSL v1.1.0g light
+* Anything with "Win32" in the name
+* Anything with "light" in the name
+* Anything with "EXPERIMENTAL" in the name
+* Anything in the 3.0 line - rippled won't currently build with this version.
 
 Run the installer, and choose an appropriate location for your OpenSSL
 installation. In this guide we use `C:\lib\OpenSSL-Win64` as the destination
@@ -99,11 +80,13 @@ to get the correct 32-/64-bit variant.
 
 ### Build Boost
 
+Boost 1.70 or later is required.
+
 After [downloading boost](http://www.boost.org/users/download/) and unpacking it
-to `c:\lib`. As of this writing, the most recent version of boost is 1.66.0,
-which will unpack into a directory named `boost_1_66_0`. We recommended either
+to `c:\lib`. As of this writing, the most recent version of boost is 1.70.0,
+which will unpack into a directory named `boost_1_70_0`. We recommended either
 renaming this directory to `boost`, or creating a junction link `mklink /J boost
-boost_1_66_0`, so that you can more easily switch between versions.
+boost_1_70_0`, so that you can more easily switch between versions.
 
 Next, open **Developer Command Prompt** and type the following commands
 
@@ -135,12 +118,10 @@ library paths as they will be required later.
 Studio 2017 includes an integrated version of CMake that avoids having to
 manually run CMake, but it is undergoing continuous improvement. Users that
 prefer to use standard Visual Studio project and solution files need to install
-a dedicated version of Cmake to generate them.  The latest version can be found
+a dedicated version of CMake to generate them.  The latest version can be found
 at the [CMake download site](https://cmake.org/download/). It is recommended you
 select the install option to add CMake to your path.
 
-As of this writing, the latest version of CMake for windows is 3.10.2.
-
 ## Clone the rippled repository
 
 If you are familiar with cloning github repositories, just follow your normal
@@ -167,7 +148,7 @@ If you receive an error about not having the "correct access rights" make sure
 you have Github ssh keys, as described above.
 
 For a stable release, choose the `master` branch or one of the tagged releases
-listed on [rippled's GitHub page](https://github.com/ripple/rippled/releases). 
+listed on [rippled's GitHub page](https://github.com/ripple/rippled/releases).
 
 ```
 git checkout master
@@ -196,7 +177,7 @@ To begin, simply:
    cloned rippled folder.
 2. Right-click on `CMakeLists.txt` in the **Solution Explorer - Folder View** to
    generate a `CMakeSettings.json` file. A sample settings file is provided
-   [here](/Builds/VisualStudio2017/CMakeSettings-example.json). Customize the 
+   [here](/Builds/VisualStudio2017/CMakeSettings-example.json). Customize the
    settings for `BOOST_ROOT`, `OPENSSL_ROOT` to match the install paths if they
    differ from those in the file.
 4. Select either the `x64-Release` or `x64-Debug` configuration from the
@@ -216,13 +197,13 @@ documentation](https://docs.microsoft.com/en-us/cpp/ide/cmake-tools-for-visual-c
 
 If using the provided `CMakeSettings.json` file, the executable will be in
 ```
-.\build\x64-Release\Release\rippled(_classic).exe
+.\build\x64-Release\Release\rippled.exe
 ```
 or
 ```
-.\build\x64-Debug\Debug\rippled(_classic).exe
+.\build\x64-Debug\Debug\rippled.exe
 ```
-where these paths are relative to your cloned git repository.
+These paths are relative to your cloned git repository.
 
 # Build using stand-alone CMake
 
@@ -235,24 +216,43 @@ execute the following commands within your `rippled` cloned repository:
 ```
 mkdir build\cmake
 cd build\cmake
-cmake ..\.. -G"Visual Studio 15 2017 Win64" -DBOOST_ROOT="C:\lib\boost_1_66_0" -DOPENSSL_ROOT="C:\lib\OpenSSL-Win64"
+cmake ..\.. -G"Visual Studio 15 2017 Win64" -DBOOST_ROOT="C:\lib\boost_1_70_0" -DOPENSSL_ROOT="C:\lib\OpenSSL-Win64" -DCMAKE_GENERATOR_TOOLSET=host=x64
 ```
 Now launch Visual Studio 2017 and select **File | Open | Project/Solution**.
 Navigate to the `build\cmake` folder created above and select the `rippled.sln`
 file. You can then choose whether to build the `Debug` or `Release` solution
-configuration. Within the **Solution Explorer**, selected either the `rippled`
-(unity build) project or the `rippled_classic` (non-unity) project, and
-right-click to build.
+configuration.
 
-The executable will be in 
+The executable will be in
 ```
-.\build\cmake\Release\rippled(_classic).exe
+.\build\cmake\Release\rippled.exe
 ```
- or
-````
-.\build\cmake\Debug\rippled(_classic).exe
-````
-where these paths are relative to your cloned git repository.
+or
+```
+.\build\cmake\Debug\rippled.exe
+```
+These paths are relative to your cloned git repository.
+
+# Unity/No-Unity Builds
+
+The rippled build system defaults to using
+[unity source files](http://onqtam.com/programming/2018-07-07-unity-builds/)
+to improve build times. In some cases it might be desirable to disable the
+unity build and compile individual translation units. Here is how you can
+switch to a "no-unity" build configuration:
+
+## Visual Studio Integrated CMake
+
+Edit your `CmakeSettings.json` (described above) by adding `-Dunity=OFF`
+to the `cmakeCommandArgs` entry for each build configuration.
+
+## Standalone CMake Builds
+
+When running cmake to generate the Visual Studio project files, add
+`-Dunity=OFF` to the command line options passed to cmake.
+
+**Note:** you will need to re-run the cmake configuration step anytime you
+want to switch between unity/no-unity builds.
 
 # Unit Test (Recommended)
 

Builds/containers/README.md

@@ -0,0 +1,31 @@
+
+# rippled Packaging and Containers
+
+This folder contains docker container definitions and configuration
+files to support building rpm and deb packages of rippled. The container
+definitions include some additional software/packages that are used
+for general build/test CI workflows of rippled but are not explicitly
+needed for the package building workflow.
+
+## CMake Targets
+
+If you have docker installed on your local system, then the main 
+CMake file will enable several targets related to building packages:
+`rpm_container`, `rpm`, `dpkg_container`, and `dpkg`. The package targets
+depend on the container targets and will trigger a build of those first.
+The container builds can take several dozen minutes to complete (depending
+on hardware specs), so quick build cycles are not possible currently. As
+such, these targets are often best suited to CI/automated build systems.
+
+The package build can be invoked like any other cmake target from the 
+rippled root folder:
+```
+mkdir -p build/pkg && cd build/pkg
+cmake -Dpackages_only=ON ../..
+cmake --build . --target rpm
+```
+Upon successful completion, the generated package files will be in 
+the `build/pkg/packages` directory. For deb packages, simply replace
+`rpm` with `dpkg` in the build command above.
+
+

Builds/containers/centos-builder/Dockerfile

@@ -0,0 +1,43 @@
+FROM centos:7
+ARG GIT_COMMIT=unknown
+ARG CI_USE=false
+
+LABEL git-commit=$GIT_COMMIT
+
+COPY centos-builder/centos_setup.sh /tmp/
+COPY shared/build_deps.sh /tmp/
+COPY shared/install_cmake.sh /tmp/
+COPY centos-builder/extras.sh /tmp/
+COPY shared/install_boost.sh /tmp/
+RUN chmod +x /tmp/centos_setup.sh && \
+    chmod +x /tmp/build_deps.sh && \
+    chmod +x /tmp/install_boost.sh && \
+    chmod +x /tmp/install_cmake.sh && \
+    chmod +x /tmp/extras.sh
+RUN /tmp/centos_setup.sh
+
+RUN /tmp/install_cmake.sh 3.16.1 /opt/local/cmake-3.16
+RUN ln -s /opt/local/cmake-3.16 /opt/local/cmake
+ENV PATH="/opt/local/cmake/bin:$PATH"
+# also install min supported cmake for testing
+RUN if [ "${CI_USE}" = true ] ; then /tmp/install_cmake.sh 3.9.0 /opt/local/cmake-3.9; fi
+
+RUN source scl_source enable devtoolset-7 python27 && \
+     /tmp/build_deps.sh
+ENV BOOST_ROOT="/opt/local/boost/_INSTALLED_"
+ENV PLANTUML_JAR="/opt/plantuml/plantuml.jar"
+ENV OPENSSL_ROOT="/opt/local/openssl"
+ENV GDB_ROOT="/opt/local/gdb"
+RUN source scl_source enable devtoolset-7 python27 && \
+     /tmp/extras.sh
+
+# prep files for package building
+RUN mkdir -m 777 -p /opt/rippled_bld/pkg
+WORKDIR /opt/rippled_bld/pkg
+RUN mkdir -m 777 ./rpmbuild
+RUN mkdir -m 777 ./rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
+
+COPY packaging/rpm/build_rpm.sh ./
+CMD ./build_rpm.sh
+
+

Builds/containers/centos-builder/centos_setup.sh

@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+set -ex
+
+source /etc/os-release
+
+yum -y upgrade
+yum -y update
+yum -y install epel-release centos-release-scl
+yum -y install \
+    wget curl time gcc-c++ time yum-utils autoconf automake pkgconfig libtool \
+    libstdc++-static rpm-build gnupg which make cmake \
+    devtoolset-7 devtoolset-7-gdb devtoolset-7-libasan-devel devtoolset-7-libtsan-devel devtoolset-7-libubsan-devel \
+    devtoolset-8 devtoolset-8-gdb devtoolset-8-binutils devtoolset-8-libstdc++-devel \
+    devtoolset-8-libasan-devel devtoolset-8-libtsan-devel devtoolset-8-libubsan-devel devtoolset-8-liblsan-devel \
+    flex flex-devel bison bison-devel parallel \
+    ncurses ncurses-devel ncurses-libs graphviz graphviz-devel \
+    lzip p7zip bzip2 bzip2-devel lzma-sdk lzma-sdk-devel xz-devel \
+    zlib zlib-devel zlib-static texinfo openssl openssl-static \
+    jemalloc jemalloc-devel \
+    libicu-devel htop \
+    python27-python rh-python35-python \
+    python-devel python27-python-devel rh-python35-python-devel \
+    python27 rh-python35 \
+    ninja-build git svn \
+    swig perl-Digest-MD5 python2-pip
+
+if [ "${CI_USE}" = true ] ; then
+    # TODO need permanent link
+    yum -y install ftp://ftp.pbone.net/mirror/archive.fedoraproject.org/fedora-secondary/updates/26/i386/Packages/p/python2-six-1.10.0-9.fc26.noarch.rpm
+
+    yum -y install \
+        llvm-toolset-7 llvm-toolset-7-runtime llvm-toolset-7-build llvm-toolset-7-clang \
+        llvm-toolset-7-clang-analyzer llvm-toolset-7-clang-devel llvm-toolset-7-clang-libs \
+        llvm-toolset-7-clang-tools-extra llvm-toolset-7-compiler-rt llvm-toolset-7-lldb \
+        llvm-toolset-7-lldb-devel llvm-toolset-7-python-lldb
+
+fi

Builds/containers/centos-builder/extras.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -ex
+
+if [ "${CI_USE}" = true ] ; then
+    cd /tmp
+    wget https://ftp.gnu.org/gnu/gdb/gdb-8.3.1.tar.xz
+    tar xf gdb-8.3.1.tar.xz
+    cd gdb-8.3
+    ./configure CFLAGS="-w -O2" CXXFLAGS="-std=gnu++11 -g -O2 -w" --prefix=/opt/local/gdb-8.3
+    make -j$(nproc)
+    make install
+    ln -s /opt/local/gdb-8.3 /opt/local/gdb
+    cd ..
+    rm -f gdb-8.3.tar.xz
+    rm -rf gdb-8.3
+
+    # clang from source
+    cd /tmp
+    git clone https://github.com/llvm/llvm-project.git
+    cd llvm-project
+    git checkout llvmorg-9.0.0
+    INSTALL=/opt/llvm-9/
+    mkdir mybuilddir && cd mybuilddir
+    # TODO figure out necessary options
+    cmake ../llvm -G Ninja \
+      -DCMAKE_BUILD_TYPE=Release \
+      -DLLVM_ENABLE_PROJECTS='clang;clang-tools-extra;libcxx;libcxxabi;lldb;compiler-rt;lld;polly' \
+      -DCMAKE_INSTALL_PREFIX=${INSTALL} \
+      -DLLVM_LIBDIR_SUFFIX=64
+    cmake --build . --parallel --target install
+    cd /tmp
+    rm -rf llvm-project
+fi

Builds/containers/gitlab-ci/build_container.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env sh
+set -ex
+pkgtype=$1
+if [ "${pkgtype}" = "rpm" ] ; then
+    container_name="${RPM_CONTAINER_NAME}"
+elif [ "${pkgtype}" = "dpkg" ] ; then
+    container_name="${DPKG_CONTAINER_NAME}"
+else
+    echo "invalid package type"
+    exit 1
+fi
+
+if docker pull "${ARTIFACTORY_HUB}/${container_name}:latest_${CI_COMMIT_REF_SLUG}"; then
+    echo "found container for latest - using as cache."
+    docker tag \
+       "${ARTIFACTORY_HUB}/${container_name}:latest_${CI_COMMIT_REF_SLUG}" \
+       "${container_name}:latest_${CI_COMMIT_REF_SLUG}"
+    CMAKE_EXTRA="-D${pkgtype}_cache_from=${container_name}:latest_${CI_COMMIT_REF_SLUG}"
+fi
+
+cmake --version
+test -d build && rm -rf build
+mkdir -p build/container && cd build/container
+eval time \
+    cmake -Dpackages_only=ON -DCMAKE_VERBOSE_MAKEFILE=ON ${CMAKE_EXTRA} \
+    -G Ninja ../..
+time cmake --build . --target "${pkgtype}_container" -- -v
+

Builds/containers/gitlab-ci/build_package.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env sh
+set -ex
+pkgtype=$1
+if [ "${pkgtype}" = "rpm" ] ; then
+    container_name="${RPM_CONTAINER_FULLNAME}"
+    container_tag="${RPM_CONTAINER_TAG}"
+elif [ "${pkgtype}" = "dpkg" ] ; then
+    container_name="${DPKG_CONTAINER_FULLNAME}"
+    container_tag="${DPKG_CONTAINER_TAG}"
+else
+    echo "invalid package type"
+    exit 1
+fi
+time docker pull "${ARTIFACTORY_HUB}/${container_name}"
+docker tag \
+  "${ARTIFACTORY_HUB}/${container_name}" \
+  "${container_name}"
+docker images
+test -d build && rm -rf build
+mkdir -p build/${pkgtype} && cd build/${pkgtype}
+time cmake \
+  -Dpackages_only=ON \
+  -Dcontainer_label="${container_tag}" \
+  -Dhave_package_container=ON \
+  -DCMAKE_VERBOSE_MAKEFILE=OFF \
+  -G Ninja ../..
+time cmake --build . --target ${pkgtype}

Builds/containers/gitlab-ci/docker_alpine_setup.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+set -ex
+# used as a before/setup script for docker steps in gitlab-ci
+# expects to be run in standard alpine/dind image
+echo $(nproc)
+docker login -u rippled \
+    -p ${ARTIFACTORY_DEPLOY_KEY_RIPPLED} ${ARTIFACTORY_HUB}
+apk add --update py-pip
+apk add \
+    bash util-linux coreutils binutils grep \
+    make ninja cmake build-base gcc g++ abuild git \
+    python3 python3-dev
+pip3 install awscli
+# list curdir contents to build log:
+ls -la
+

Builds/containers/gitlab-ci/get_component.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+case ${CI_COMMIT_REF_NAME} in
+    develop)
+        export COMPONENT="nightly"
+        ;;
+    release)
+        export COMPONENT="unstable"
+        ;;
+    master)
+        export COMPONENT="stable"
+        ;;
+    *)
+        export COMPONENT="_unknown_"
+        ;;
+esac
+

Builds/containers/gitlab-ci/pkgbuild.yml

@@ -0,0 +1,703 @@
+#########################################################################
+##                                                                     ##
+##  gitlab CI defintition for rippled build containers and distro      ##
+##  packages (rpm and dpkg).                                           ##
+##                                                                     ##
+#########################################################################
+
+# NOTE: these are sensible defaults for Ripple pipelines. These
+# can be overridden by project or group variables as needed.
+variables:
+  # these containers are built manually using the rippled
+  # cmake build (container targets) and tagged/pushed so they
+  # can be used here
+  RPM_CONTAINER_TAG: "2020-02-10"
+  RPM_CONTAINER_NAME: "rippled-rpm-builder"
+  RPM_CONTAINER_FULLNAME: "${RPM_CONTAINER_NAME}:${RPM_CONTAINER_TAG}"
+  DPKG_CONTAINER_TAG: "2020-02-10"
+  DPKG_CONTAINER_NAME: "rippled-dpkg-builder"
+  DPKG_CONTAINER_FULLNAME: "${DPKG_CONTAINER_NAME}:${DPKG_CONTAINER_TAG}"
+  ARTIFACTORY_HOST: "artifactory.ops.ripple.com"
+  ARTIFACTORY_HUB: "${ARTIFACTORY_HOST}:6555"
+  GIT_SIGN_PUBKEYS_URL: "https://gitlab.ops.ripple.com/xrpledger/rippled-packages/snippets/49/raw"
+  PUBLIC_REPO_ROOT: "https://repos.ripple.com/repos"
+  # also need to define this variable ONLY for the primary
+  # build/publish pipeline on the mainline repo:
+  #   IS_PRIMARY_REPO = "true"
+
+stages:
+  - build_packages
+  - sign_packages
+  - smoketest
+  - verify_sig
+  - tag_images
+  - push_to_test
+  - verify_from_test
+  - wait_approval_prod
+  - push_to_prod
+  - verify_from_prod
+  - get_final_hashes
+  - build_containers
+
+.dind_template: &dind_param
+  before_script:
+    - . ./Builds/containers/gitlab-ci/docker_alpine_setup.sh
+  variables:
+    docker_driver: overlay2
+    DOCKER_TLS_CERTDIR: ""
+  image:
+    name: artifactory.ops.ripple.com/docker:latest
+  services:
+    # workaround for TLS issues - consider going back
+    # back to unversioned `dind` when issues are resolved
+    - name: artifactory.ops.ripple.com/docker:stable-dind
+      alias: docker
+  tags:
+    - 4xlarge
+
+.only_primary_template: &only_primary
+  only:
+    refs:
+      - /^(master|release|develop)$/
+    variables:
+      - $IS_PRIMARY_REPO == "true"
+
+.smoketest_local_template: &run_local_smoketest
+  tags:
+    - xlarge
+  script:
+    - . ./Builds/containers/gitlab-ci/smoketest.sh local
+
+.smoketest_repo_template: &run_repo_smoketest
+  tags:
+    - xlarge
+  script:
+    - . ./Builds/containers/gitlab-ci/smoketest.sh repo
+
+#########################################################################
+##                                                                     ##
+##  stage: build_packages                                              ##
+##                                                                     ##
+##  build packages using containers from previous stage.               ##
+##                                                                     ##
+#########################################################################
+
+rpm_build:
+  stage: build_packages
+  <<: *dind_param
+  artifacts:
+    paths:
+      - build/rpm/packages/
+  script:
+    - . ./Builds/containers/gitlab-ci/build_package.sh rpm
+
+dpkg_build:
+  stage: build_packages
+  <<: *dind_param
+  artifacts:
+    paths:
+      - build/dpkg/packages/
+  script:
+    - . ./Builds/containers/gitlab-ci/build_package.sh dpkg
+
+#########################################################################
+##                                                                     ##
+##  stage: sign_packages                                               ##
+##                                                                     ##
+##  build packages using containers from previous stage.               ##
+##                                                                     ##
+#########################################################################
+
+rpm_sign:
+  stage: sign_packages
+  dependencies:
+    - rpm_build
+  image:
+    name: artifactory.ops.ripple.com/centos:7
+  <<: *only_primary
+  before_script:
+  - |
+    # Make sure GnuPG is installed
+    yum -y install gnupg rpm-sign
+    # checking GPG signing support
+    if [ -n "$GPG_KEY_B64" ]; then
+      echo "$GPG_KEY_B64"| base64 -d | gpg --batch --no-tty --allow-secret-key-import --import -
+      unset GPG_KEY_B64
+      export GPG_PASSPHRASE=$(echo $GPG_KEY_PASS_B64 | base64 -di)
+      unset GPG_KEY_PASS_B64
+      export GPG_KEYID=$(gpg --with-colon --list-secret-keys | head -n1 | cut -d : -f 5)
+    else
+      echo -e "\033[0;31m****** GPG signing disabled ******\033[0m"
+      exit 1
+    fi
+  artifacts:
+    paths:
+      - build/rpm/packages/
+  script:
+    - ls -alh build/rpm/packages
+    - . ./Builds/containers/gitlab-ci/sign_package.sh rpm
+
+dpkg_sign:
+  stage: sign_packages
+  dependencies:
+    - dpkg_build
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:18.04
+  <<: *only_primary
+  before_script:
+  - |
+    # make sure we have GnuPG
+    apt update
+    apt install -y gpg dpkg-sig
+    # checking GPG signing support
+    if [ -n "$GPG_KEY_B64" ]; then
+      echo "$GPG_KEY_B64"| base64 -d | gpg --batch --no-tty --allow-secret-key-import --import -
+      unset GPG_KEY_B64
+      export GPG_PASSPHRASE=$(echo $GPG_KEY_PASS_B64 | base64 -di)
+      unset GPG_KEY_PASS_B64
+      export GPG_KEYID=$(gpg --with-colon --list-secret-keys | head -n1 | cut -d : -f 5)
+    else
+      echo -e "\033[0;31m****** GPG signing disabled ******\033[0m"
+      exit 1
+    fi
+  artifacts:
+    paths:
+      - build/dpkg/packages/
+  script:
+    - ls -alh build/dpkg/packages
+    - . ./Builds/containers/gitlab-ci/sign_package.sh dpkg
+
+#########################################################################
+##                                                                     ##
+##  stage: smoketest                                                   ##
+##                                                                     ##
+##  install unsigned packages from previous step and run unit tests.   ##
+##                                                                     ##
+#########################################################################
+
+centos_7_smoketest:
+  stage: smoketest
+  dependencies:
+    - rpm_build
+    - rpm_sign
+  image:
+    name: artifactory.ops.ripple.com/centos:7
+  <<: *run_local_smoketest
+
+# TODO: Remove "allow_failure" when tests fixed
+rocky_8_smoketest:
+  stage: smoketest
+  dependencies:
+    - rpm_build
+    - rpm_sign
+  image:
+    name: rockylinux/rockylinux:8
+  <<: *run_local_smoketest
+  allow_failure: true
+
+fedora_34_smoketest:
+  stage: smoketest
+  dependencies:
+    - rpm_build
+    - rpm_sign
+  image:
+    name: artifactory.ops.ripple.com/fedora:34
+  <<: *run_local_smoketest
+  allow_failure: true
+
+fedora_35_smoketest:
+  stage: smoketest
+  dependencies:
+    - rpm_build
+    - rpm_sign
+  image:
+    name: artifactory.ops.ripple.com/fedora:35
+  <<: *run_local_smoketest
+  allow_failure: true
+
+ubuntu_18_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:18.04
+  <<: *run_local_smoketest
+
+ubuntu_20_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:20.04
+  <<: *run_local_smoketest
+
+# TODO: remove "allow_failure" when 22.04 released in 4/2022...
+ubuntu_22_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:22.04
+  <<: *run_local_smoketest
+  allow_failure: true
+
+debian_9_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/debian:9
+  <<: *run_local_smoketest
+
+debian_10_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/debian:10
+  <<: *run_local_smoketest
+
+debian_11_smoketest:
+  stage: smoketest
+  dependencies:
+    - dpkg_build
+    - dpkg_sign
+  image:
+    name: artifactory.ops.ripple.com/debian:11
+  <<: *run_local_smoketest
+
+#########################################################################
+##                                                                     ##
+##  stage: verify_sig                                                  ##
+##                                                                     ##
+##  use git/gpg to verify that HEAD is signed by an approved           ##
+##  committer. The whitelist of pubkeys is manually mantained          ##
+##  and fetched from GIT_SIGN_PUBKEYS_URL (currently a snippet         ##
+##  link).                                                             ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+verify_head_signed:
+  stage: verify_sig
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:latest
+  <<: *only_primary
+  script:
+    - . ./Builds/containers/gitlab-ci/verify_head_commit.sh
+
+#########################################################################
+##                                                                     ##
+##  stage: tag_images                                                  ##
+##                                                                     ##
+##  apply rippled version tag to containers from previous stage.       ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+tag_bld_images:
+  stage: tag_images
+  variables:
+    docker_driver: overlay2
+    DOCKER_TLS_CERTDIR: ""
+  image:
+    name: artifactory.ops.ripple.com/docker:latest
+  services:
+    # workaround for TLS issues - consider going back
+    # back to unversioned `dind` when issues are resolved
+    - name: artifactory.ops.ripple.com/docker:stable-dind
+      alias: docker
+  tags:
+    - large
+  dependencies:
+    - rpm_sign
+    - dpkg_sign
+  <<: *only_primary
+  script:
+    - . ./Builds/containers/gitlab-ci/tag_docker_image.sh
+
+#########################################################################
+##                                                                     ##
+##  stage: push_to_test                                                ##
+##                                                                     ##
+##  push packages to artifactory repositories (test)                   ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+push_test:
+  stage: push_to_test
+  variables:
+    DEB_REPO: "rippled-deb-test-mirror"
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/alpine:latest
+  artifacts:
+    paths:
+      - files.info
+  dependencies:
+    - rpm_sign
+    - dpkg_sign
+  <<: *only_primary
+  script:
+    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
+
+#########################################################################
+##                                                                     ##
+##  stage: verify_from_test                                            ##
+##                                                                     ##
+##  install/test packages from test repos.                             ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+centos_7_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/centos:7
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+rocky_8_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: rockylinux/rockylinux:8
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+fedora_34_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/fedora:34
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+fedora_35_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/fedora:35
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+ubuntu_18_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "bionic"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:18.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+ubuntu_20_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "focal"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:20.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+# TODO: remove "allow_failure" when 22.04 released in 4/2022...
+ubuntu_22_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "jammy"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:22.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+debian_9_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "stretch"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/debian:9
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+debian_10_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "buster"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/debian:10
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+debian_11_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    DISTRO: "bullseye"
+    DEB_REPO: "rippled-deb-test-mirror"
+  image:
+    name: artifactory.ops.ripple.com/debian:11
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+#########################################################################
+##                                                                     ##
+##  stage: wait_approval_prod                                          ##
+##                                                                     ##
+##  wait for manual approval before proceeding to next stage           ##
+##  which pushes to prod repo.                                         ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+wait_before_push_prod:
+  stage: wait_approval_prod
+  image:
+    name: artifactory.ops.ripple.com/alpine:latest
+  <<: *only_primary
+  script:
+    - echo "proceeding to next stage"
+  when: manual
+  allow_failure: false
+
+#########################################################################
+##                                                                     ##
+##  stage: push_to_prod                                                ##
+##                                                                     ##
+##  push packages to artifactory repositories (prod)                   ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+push_prod:
+  variables:
+    DEB_REPO: "rippled-deb"
+    RPM_REPO: "rippled-rpm"
+  image:
+    name: artifactory.ops.ripple.com/alpine:latest
+  stage: push_to_prod
+  artifacts:
+    paths:
+      - files.info
+  dependencies:
+    - rpm_sign
+    - dpkg_sign
+  <<: *only_primary
+  script:
+    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
+
+#########################################################################
+##                                                                     ##
+##  stage: verify_from_prod                                            ##
+##                                                                     ##
+##  install/test packages from prod repos.                             ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+centos_7_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    RPM_REPO: "rippled-rpm"
+  image:
+    name: artifactory.ops.ripple.com/centos:7
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+rocky_8_verify_repo_test:
+  stage: verify_from_test
+  variables:
+    RPM_REPO: "rippled-rpm-test-mirror"
+  image:
+    name: rockylinux/rockylinux:8
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+fedora_34_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    RPM_REPO: "rippled-rpm"
+  image:
+    name: artifactory.ops.ripple.com/fedora:34
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+fedora_35_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    RPM_REPO: "rippled-rpm"
+  image:
+    name: artifactory.ops.ripple.com/fedora:35
+  dependencies:
+    - rpm_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+ubuntu_18_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "bionic"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:18.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+ubuntu_20_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "focal"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:20.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+# TODO: remove "allow_failure" when 22.04 released in 4/2022...
+ubuntu_22_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "jammy"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/ubuntu:22.04
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+  allow_failure: true
+
+debian_9_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "stretch"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/debian:9
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+debian_10_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "buster"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/debian:10
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+debian_11_verify_repo_prod:
+  stage: verify_from_prod
+  variables:
+    DISTRO: "bullseye"
+    DEB_REPO: "rippled-deb"
+  image:
+    name: artifactory.ops.ripple.com/debian:11
+  dependencies:
+    - dpkg_sign
+  <<: *only_primary
+  <<: *run_repo_smoketest
+
+#########################################################################
+##                                                                     ##
+##  stage: get_final_hashes                                            ##
+##                                                                     ##
+##  fetch final hashes from artifactory.                               ##
+##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
+##                                                                     ##
+#########################################################################
+
+get_prod_hashes:
+  variables:
+    DEB_REPO: "rippled-deb"
+    RPM_REPO: "rippled-rpm"
+  image:
+    name: artifactory.ops.ripple.com/alpine:latest
+  stage: get_final_hashes
+  artifacts:
+    paths:
+      - files.info
+  dependencies:
+    - rpm_sign
+    - dpkg_sign
+  <<: *only_primary
+  script:
+    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "GET" ".checksums"
+
+#########################################################################
+##                                                                     ##
+##  stage: build_containers                                            ##
+##                                                                     ##
+##  build containers from docker definitions. These containers are NOT ##
+##  used for the package build. This step is only used to ensure that  ##
+##  the package build targets and files are still working properly.    ##
+##                                                                     ##
+#########################################################################
+
+build_centos_container:
+  stage: build_containers
+  <<: *dind_param
+  script:
+    - . ./Builds/containers/gitlab-ci/build_container.sh rpm
+  allow_failure: true
+
+build_ubuntu_container:
+  stage: build_containers
+  <<: *dind_param
+  script:
+    - . ./Builds/containers/gitlab-ci/build_container.sh dpkg
+  allow_failure: true

Builds/containers/gitlab-ci/push_to_artifactory.sh

@@ -0,0 +1,90 @@
+#!/usr/bin/env sh
+set -ex
+action=$1
+filter=$2
+
+. ./Builds/containers/gitlab-ci/get_component.sh
+
+apk add curl jq coreutils util-linux
+TOPDIR=$(pwd)
+
+# DPKG
+
+cd $TOPDIR
+cd build/dpkg/packages
+CURLARGS="-sk -X${action} -urippled:${ARTIFACTORY_DEPLOY_KEY_RIPPLED}"
+RIPPLED_PKG=$(ls rippled_*.deb)
+RIPPLED_DEV_PKG=$(ls rippled-dev_*.deb)
+RIPPLED_DBG_PKG=$(ls rippled-dbgsym_*.deb)
+# TODO - where to upload src tgz?
+RIPPLED_SRC=$(ls rippled_*.orig.tar.gz)
+DEB_MATRIX=";deb.component=${COMPONENT};deb.architecture=amd64"
+for dist in stretch buster bullseye bionic focal jammy; do
+    DEB_MATRIX="${DEB_MATRIX};deb.distribution=${dist}"
+done
+echo "{ \"debs\": {" > "${TOPDIR}/files.info"
+for deb in ${RIPPLED_PKG} ${RIPPLED_DEV_PKG} ${RIPPLED_DBG_PKG} ; do
+    # first item doesn't get a comma separator
+    if [ $deb != $RIPPLED_PKG ] ; then
+        echo "," >> "${TOPDIR}/files.info"
+    fi
+    echo "\"${deb}\"": | tee -a "${TOPDIR}/files.info"
+    ca="${CURLARGS}"
+    if [ "${action}" = "PUT" ] ; then
+        url="https://${ARTIFACTORY_HOST}/artifactory/${DEB_REPO}/pool/${COMPONENT}/${deb}${DEB_MATRIX}"
+        ca="${ca} -T${deb}"
+    elif [ "${action}" = "GET" ] ; then
+        url="https://${ARTIFACTORY_HOST}/artifactory/api/storage/${DEB_REPO}/pool/${COMPONENT}/${deb}"
+    fi
+    echo "file info request url --> ${url}"
+    eval "curl ${ca} \"${url}\"" | jq -M "${filter}" | tee -a "${TOPDIR}/files.info"
+done
+echo "}," >> "${TOPDIR}/files.info"
+
+# RPM
+
+cd $TOPDIR
+cd build/rpm/packages
+RIPPLED_PKG=$(ls rippled-[0-9]*.x86_64.rpm)
+RIPPLED_DEV_PKG=$(ls rippled-devel*.rpm)
+RIPPLED_DBG_PKG=$(ls rippled-debuginfo*.rpm)
+# TODO - where to upload src rpm ?
+RIPPLED_SRC=$(ls rippled-[0-9]*.src.rpm)
+echo "\"rpms\": {" >> "${TOPDIR}/files.info"
+for rpm in ${RIPPLED_PKG} ${RIPPLED_DEV_PKG} ${RIPPLED_DBG_PKG} ; do
+    # first item doesn't get a comma separator
+    if [ $rpm != $RIPPLED_PKG ] ; then
+        echo "," >> "${TOPDIR}/files.info"
+    fi
+    echo "\"${rpm}\"": | tee -a "${TOPDIR}/files.info"
+    ca="${CURLARGS}"
+    if [ "${action}" = "PUT" ] ; then
+        url="https://${ARTIFACTORY_HOST}/artifactory/${RPM_REPO}/${COMPONENT}/"
+        ca="${ca} -T${rpm}"
+    elif [ "${action}" = "GET" ] ; then
+        url="https://${ARTIFACTORY_HOST}/artifactory/api/storage/${RPM_REPO}/${COMPONENT}/${rpm}"
+    fi
+    echo "file info request url --> ${url}"
+    eval "curl ${ca} \"${url}\"" | jq -M "${filter}" | tee -a "${TOPDIR}/files.info"
+done
+echo "}}" >> "${TOPDIR}/files.info"
+jq '.' "${TOPDIR}/files.info" > "${TOPDIR}/files.info.tmp"
+mv "${TOPDIR}/files.info.tmp" "${TOPDIR}/files.info"
+
+if [ ! -z "${SLACK_NOTIFY_URL}" ] && [ "${action}" = "GET" ] ; then
+    # extract files.info content to variable and sanitize so it can
+    # be interpolated into a slack text field below
+    finfo=$(cat ${TOPDIR}/files.info | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g' | sed -E 's/"/\\"/g')
+    # try posting file info to slack.
+    # can add channel field to payload if the
+    # default channel is incorrect. Get rid of
+    # newlines in payload json since slack doesn't accept them
+    CONTENT=$(tr -d '[\n]' <<JSON
+       payload={
+         "username": "GitlabCI",
+         "text": "The package build for branch \`${CI_COMMIT_REF_NAME}\` is complete. File hashes are: \`\`\`${finfo}\`\`\`",
+         "icon_emoji": ":package:"}
+JSON
+)
+    curl ${SLACK_NOTIFY_URL} --data-urlencode "${CONTENT}"
+fi

Builds/containers/gitlab-ci/sign_package.sh

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+set -eo pipefail
+
+sign_dpkg() {
+  if [ -n "${GPG_KEYID}" ]; then
+    dpkg-sig \
+      -g "--no-tty --digest-algo 'sha512' --passphrase '${GPG_PASSPHRASE}' --pinentry-mode=loopback" \
+			-k "${GPG_KEYID}" \
+			--sign builder \
+			"build/dpkg/packages/*.deb"
+	fi
+}
+
+sign_rpm() {
+  if [ -n "${GPG_KEYID}" ] ; then
+    find build/rpm/packages -name "*.rpm" -exec bash -c '
+	echo "yes" | setsid rpm \
+			--define "_gpg_name ${GPG_KEYID}" \
+			--define "_signature gpg" \
+			--define "__gpg_check_password_cmd /bin/true" \
+			--define "__gpg_sign_cmd %{__gpg} gpg --batch --no-armor --digest-algo 'sha512' --passphrase '${GPG_PASSPHRASE}' --no-secmem-warning -u '%{_gpg_name}' --sign --detach-sign --output %{__signature_filename} %{__plaintext_filename}" \
+			--addsign '{} \;
+	fi
+}
+
+case "${1}" in
+    dpkg)
+        sign_dpkg
+        ;;
+    rpm)
+        sign_rpm
+        ;;
+    *)
+        echo "Usage: ${0} (dpkg|rpm)"
+        ;;
+esac
+

Builds/containers/gitlab-ci/smoketest.sh

@@ -0,0 +1,102 @@
+#!/usr/bin/env sh
+set -ex
+install_from=$1
+use_private=${2:-0} # this option not currently needed by any CI scripts,
+                    # reserved for possible future use
+if [ "$use_private" -gt 0 ] ; then
+    REPO_ROOT="https://rippled:${ARTIFACTORY_DEPLOY_KEY_RIPPLED}@${ARTIFACTORY_HOST}/artifactory"
+else
+    REPO_ROOT="${PUBLIC_REPO_ROOT}"
+fi
+
+. ./Builds/containers/gitlab-ci/get_component.sh
+
+. /etc/os-release
+case ${ID} in
+    ubuntu|debian)
+        pkgtype="dpkg"
+        ;;
+    fedora|centos|rhel|scientific|rocky)
+        pkgtype="rpm"
+        ;;
+    *)
+        echo "unrecognized distro!"
+        exit 1
+        ;;
+esac
+
+# this script provides info variables about pkg version
+. build/${pkgtype}/packages/build_vars
+
+if [ "${pkgtype}" = "dpkg" ] ; then
+    # sometimes update fails and requires a cleanup
+    updateWithRetry()
+    {
+        if ! apt-get -y update ; then
+            rm -rvf /var/lib/apt/lists/*
+            apt-get -y clean
+            apt-get -y update
+        fi
+    }
+    if [ "${install_from}" = "repo" ] ; then
+        apt-get -y upgrade
+        updateWithRetry
+        apt-get -y install apt apt-transport-https ca-certificates coreutils util-linux wget gnupg
+        wget -q -O - "${REPO_ROOT}/api/gpg/key/public" | apt-key add -
+        echo "deb ${REPO_ROOT}/${DEB_REPO} ${DISTRO} ${COMPONENT}" >> /etc/apt/sources.list
+        updateWithRetry
+        # uncomment this next line if you want to see the available package versions
+        # apt-cache policy rippled
+        apt-get -y install rippled=${dpkg_full_version}
+    elif [ "${install_from}" = "local" ] ; then
+        # cached pkg install
+        updateWithRetry
+        apt-get -y install libprotobuf-dev libprotoc-dev protobuf-compiler libssl-dev
+        rm -f build/dpkg/packages/rippled-dbgsym*.*
+        dpkg --no-debsig -i build/dpkg/packages/*.deb
+    else
+        echo "unrecognized pkg source!"
+        exit 1
+    fi
+else
+    yum -y update
+    if [ "${install_from}" = "repo" ] ; then
+        yum -y install yum-utils coreutils util-linux
+        REPOFILE="/etc/yum.repos.d/artifactory.repo"
+        echo "[Artifactory]" > ${REPOFILE}
+        echo "name=Artifactory" >> ${REPOFILE}
+        echo "baseurl=${REPO_ROOT}/${RPM_REPO}/${COMPONENT}/" >> ${REPOFILE}
+        echo "enabled=1" >> ${REPOFILE}
+        echo "gpgcheck=0" >> ${REPOFILE}
+        echo "gpgkey=${REPO_ROOT}/${RPM_REPO}/${COMPONENT}/repodata/repomd.xml.key" >> ${REPOFILE}
+        echo "repo_gpgcheck=1" >> ${REPOFILE}
+        yum -y update
+        # uncomment this next line if you want to see the available package versions
+        # yum --showduplicates list rippled
+        yum -y install ${rpm_version_release}
+    elif [ "${install_from}" = "local" ] ; then
+        # cached pkg install
+        pkgs=("yum-utils openssl-static zlib-static")
+        if [ "$ID" = "rocky" ]; then
+            sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/Rocky-PowerTools.repo
+            pkgs="${pkgs[@]/openssl-static}"
+        fi
+        yum install -y $pkgs
+        rm -f build/rpm/packages/rippled-debug*.rpm
+        rm -f build/rpm/packages/*.src.rpm
+        rpm -i build/rpm/packages/*.rpm
+    else
+        echo "unrecognized pkg source!"
+        exit 1
+    fi
+fi
+
+# verify installed version
+INSTALLED=$(/opt/ripple/bin/rippled --version | awk '{print $NF}')
+if [ "${rippled_version}" != "${INSTALLED}" ] ; then
+    echo "INSTALLED version ${INSTALLED} does not match ${rippled_version}"
+    exit 1
+fi
+# run unit tests
+/opt/ripple/bin/rippled --unittest --unittest-jobs $(nproc)
+/opt/ripple/bin/validator-keys --unittest

Builds/containers/gitlab-ci/tag_docker_image.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env sh
+set -ex
+docker login -u rippled \
+    -p ${ARTIFACTORY_DEPLOY_KEY_RIPPLED} "${ARTIFACTORY_HUB}"
+# this gives us rippled_version :
+source build/rpm/packages/build_vars
+docker pull "${ARTIFACTORY_HUB}/${RPM_CONTAINER_FULLNAME}"
+docker pull "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_FULLNAME}"
+# tag/push two labels...one using the current rippled version and one just using "latest"
+for label in ${rippled_version} latest ; do
+    docker tag \
+        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_FULLNAME}" \
+        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
+    docker push \
+        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
+    docker tag \
+        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_FULLNAME}" \
+        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
+    docker push \
+        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
+done
+

Builds/containers/gitlab-ci/verify_head_commit.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env sh
+set -ex
+apt -y update
+DEBIAN_FRONTEND="noninteractive" apt-get -y install tzdata
+apt -y install software-properties-common curl git gnupg
+curl -sk -o rippled-pubkeys.txt "${GIT_SIGN_PUBKEYS_URL}"
+gpg --import rippled-pubkeys.txt
+if git verify-commit HEAD; then
+    echo "git commit signature check passed"
+else
+    echo "git commit signature check failed"
+    git log -n 5 --color \
+        --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an> [%G?]%Creset' \
+        --abbrev-commit
+    exit 1
+fi
+

Builds/containers/packaging/dpkg/build_dpkg.sh

@@ -0,0 +1,95 @@
+#!/usr/bin/env bash
+set -ex
+
+# make sure pkg source files are up to date with repo
+cd /opt/rippled_bld/pkg
+cp -fpru rippled/Builds/containers/packaging/dpkg/debian/. debian/
+cp -fpu rippled/Builds/containers/shared/rippled.service debian/
+cp -fpu rippled/Builds/containers/shared/update_sources.sh .
+source update_sources.sh
+
+# Build the dpkg
+
+#dpkg uses - as separator, so we need to change our -bN versions to tilde
+RIPPLED_DPKG_VERSION=$(echo "${RIPPLED_VERSION}" | sed 's!-!~!g')
+# TODO - decide how to handle the trailing/release
+# version here (hardcoded to 1). Does it ever need to change?
+RIPPLED_DPKG_FULL_VERSION="${RIPPLED_DPKG_VERSION}-1"
+
+cd /opt/rippled_bld/pkg/rippled
+if [[ -n $(git status --porcelain) ]]; then
+    git status
+    error "Unstaged changes in this repo - please commit first"
+fi
+git archive --format tar.gz --prefix rippled-${RIPPLED_DPKG_VERSION}/ -o ../rippled-${RIPPLED_DPKG_VERSION}.tar.gz HEAD
+cd ..
+# dpkg debmake would normally create this link, but we do it manually
+ln -s ./rippled-${RIPPLED_DPKG_VERSION}.tar.gz rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz
+tar xvf rippled-${RIPPLED_DPKG_VERSION}.tar.gz
+cd rippled-${RIPPLED_DPKG_VERSION}
+cp -pr ../debian .
+
+# dpkg requires a changelog. We don't currently maintain
+# a useable one, so let's just fake it with our current version
+# TODO : not sure if the "unstable" will need to change for
+# release packages (?)
+NOWSTR=$(TZ=UTC date -R)
+cat << CHANGELOG > ./debian/changelog
+rippled (${RIPPLED_DPKG_FULL_VERSION}) unstable; urgency=low
+
+  * see RELEASENOTES
+
+ -- Ripple Labs Inc. <support@ripple.com>  ${NOWSTR}
+CHANGELOG
+
+# PATH must be preserved for our more modern cmake in /opt/local
+# TODO : consider allowing lintian to run in future ?
+export DH_BUILD_DDEBS=1
+export CC=gcc-8
+export CXX=g++-8
+debuild --no-lintian --preserve-envvar PATH --preserve-env -us -uc
+rc=$?; if [[ $rc != 0 ]]; then
+    error "error building dpkg"
+fi
+cd ..
+ls -latr
+
+# copy artifacts
+cp rippled-dev_${RIPPLED_DPKG_FULL_VERSION}_amd64.deb ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.deb ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_FULL_VERSION}.dsc ${PKG_OUTDIR}
+# dbgsym suffix is ddeb under newer debuild, but just deb under earlier
+cp rippled-dbgsym_${RIPPLED_DPKG_FULL_VERSION}_amd64.* ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.changes ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.build ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz ${PKG_OUTDIR}
+cp rippled_${RIPPLED_DPKG_FULL_VERSION}.debian.tar.xz ${PKG_OUTDIR}
+# buildinfo is only generated by later version of debuild
+if [ -e rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.buildinfo ] ; then
+    cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.buildinfo ${PKG_OUTDIR}
+fi
+
+cat rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.changes
+# extract the text in the .changes file that appears between
+#    Checksums-Sha256:  ...
+# and
+#    Files: ...
+awk '/Checksums-Sha256:/{hit=1;next}/Files:/{hit=0}hit' \
+    rippled_${RIPPLED_DPKG_VERSION}-1_amd64.changes | \
+        sed -E 's!^[[:space:]]+!!' > shasums
+DEB_SHA256=$(cat shasums | \
+    grep "rippled_${RIPPLED_DPKG_VERSION}-1_amd64.deb" | cut -d " " -f 1)
+DBG_SHA256=$(cat shasums | \
+    grep "rippled-dbgsym_${RIPPLED_DPKG_VERSION}-1_amd64.*" | cut -d " " -f 1)
+DEV_SHA256=$(cat shasums | \
+    grep "rippled-dev_${RIPPLED_DPKG_VERSION}-1_amd64.deb" | cut -d " " -f 1)
+SRC_SHA256=$(cat shasums | \
+    grep "rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz" | cut -d " " -f 1)
+echo "deb_sha256=${DEB_SHA256}" >> ${PKG_OUTDIR}/build_vars
+echo "dbg_sha256=${DBG_SHA256}" >> ${PKG_OUTDIR}/build_vars
+echo "dev_sha256=${DEV_SHA256}" >> ${PKG_OUTDIR}/build_vars
+echo "src_sha256=${SRC_SHA256}" >> ${PKG_OUTDIR}/build_vars
+echo "rippled_version=${RIPPLED_VERSION}" >> ${PKG_OUTDIR}/build_vars
+echo "dpkg_version=${RIPPLED_DPKG_VERSION}" >> ${PKG_OUTDIR}/build_vars
+echo "dpkg_full_version=${RIPPLED_DPKG_FULL_VERSION}" >> ${PKG_OUTDIR}/build_vars
+

Builds/containers/packaging/dpkg/debian/README.Debian

@@ -0,0 +1,3 @@
+rippled daemon
+
+ -- Mike Ellery <mellery451@gmail.com>  Tue, 04 Dec 2018 18:19:03 +0000

Builds/containers/packaging/dpkg/debian/compat

@@ -0,0 +1 @@
+9

Builds/containers/packaging/dpkg/debian/conffiles

@@ -0,0 +1,3 @@
+/opt/ripple/etc/rippled.cfg
+/opt/ripple/etc/validators.txt
+/etc/logrotate.d/rippled

Builds/containers/packaging/dpkg/debian/control

@@ -0,0 +1,21 @@
+Source: rippled
+Section: misc
+Priority: extra
+Maintainer: Ripple Labs Inc. <support@ripple.com>
+Build-Depends: cmake, debhelper (>=9), zlib1g-dev, dh-systemd, ninja-build
+Standards-Version: 3.9.7
+Homepage: http://ripple.com/
+
+Package: rippled
+Architecture: any
+Multi-Arch: foreign
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Description: rippled daemon
+
+Package: rippled-dev
+Section: devel
+Recommends: rippled (= ${binary:Version})
+Architecture: any
+Multi-Arch: same
+Depends: ${misc:Depends}, ${shlibs:Depends}, libprotobuf-dev, libprotoc-dev, protobuf-compiler
+Description: development files for applications using xrpl core library (serialize + sign)

Builds/containers/packaging/dpkg/debian/copyright

@@ -0,0 +1,86 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: rippled
+Source: https://github.com/ripple/rippled 
+
+Files: *
+Copyright: 2012-2019 Ripple Labs Inc.
+
+License:   __UNKNOWN__
+
+The accompanying files under various copyrights.
+
+Copyright (c) 2012, 2013, 2014 Ripple Labs Inc.
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+The accompanying files incorporate work covered by the following copyright
+and previous license notice:
+
+Copyright (c) 2011 Arthur Britto, David Schwartz, Jed McCaleb,
+Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant
+
+Some code from Raw Material Software, Ltd., provided under the terms of the
+  ISC License. See the corresponding source files for more details.
+  Copyright (c) 2013 - Raw Material Software Ltd.
+  Please visit http://www.juce.com
+
+Some code from ASIO examples:
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+
+Some code from Bitcoin:
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2011 The Bitcoin developers
+// Distributed under the MIT/X11 software license, see the accompanying
+// file license.txt or http://www.opensource.org/licenses/mit-license.php.
+
+Some code from Tom Wu:
+This software is covered under the following copyright:
+
+/*
+ * Copyright (c) 2003-2005  Tom Wu
+ * All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, 
+ * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY 
+ * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  
+ *
+ * IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
+ * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
+ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
+ * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
+ * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * In addition, the following condition applies:
+ *
+ * All redistributions must retain an intact copy of this copyright notice
+ * and disclaimer.
+ */
+
+Address all questions regarding this license to:
+
+  Tom Wu
+  tjw@cs.Stanford.EDU

Builds/containers/packaging/dpkg/debian/dirs

@@ -0,0 +1,3 @@
+/var/log/rippled/
+/var/lib/rippled/
+/etc/systemd/system/rippled.service.d/

Builds/containers/packaging/dpkg/debian/docs

@@ -0,0 +1,3 @@
+README.md
+LICENSE.md
+RELEASENOTES.md

Builds/containers/packaging/dpkg/debian/rippled-dev.install

@@ -0,0 +1,3 @@
+opt/ripple/include
+opt/ripple/lib/*.a
+opt/ripple/lib/cmake/ripple

Builds/containers/packaging/dpkg/debian/rippled.install

@@ -0,0 +1,8 @@
+opt/ripple/bin/rippled
+opt/ripple/bin/validator-keys
+opt/ripple/bin/update-rippled.sh
+opt/ripple/bin/getRippledInfo
+opt/ripple/etc/rippled.cfg
+opt/ripple/etc/validators.txt
+opt/ripple/etc/update-rippled-cron
+etc/logrotate.d/rippled

Builds/containers/packaging/dpkg/debian/rippled.links

@@ -0,0 +1,3 @@
+opt/ripple/etc/rippled.cfg etc/opt/ripple/rippled.cfg
+opt/ripple/etc/validators.txt etc/opt/ripple/validators.txt
+opt/ripple/bin/rippled usr/local/bin/rippled

Builds/containers/packaging/dpkg/debian/rippled.postinst

@@ -0,0 +1,35 @@
+#!/bin/sh
+set -e
+
+USER_NAME=rippled
+GROUP_NAME=rippled
+case "$1" in
+    configure)
+        id -u $USER_NAME >/dev/null 2>&1 || \
+        adduser --system --quiet \
+            --home /nonexistent --no-create-home \
+            --disabled-password \
+            --group "$GROUP_NAME"
+        chown -R $USER_NAME:$GROUP_NAME /var/log/rippled/
+        chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled/
+        chown -R $USER_NAME:$GROUP_NAME /opt/ripple
+        chmod 755 /var/log/rippled/
+        chmod 755 /var/lib/rippled/
+        chmod 644 /opt/ripple/etc/update-rippled-cron
+        chmod 644 /etc/logrotate.d/rippled
+        chown -R root:$GROUP_NAME /opt/ripple/etc/update-rippled-cron
+    ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+    ;;
+
+    *)
+        echo "postinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+
+#DEBHELPER#
+
+exit 0

Builds/containers/packaging/dpkg/debian/rippled.postrm

@@ -0,0 +1,17 @@
+#!/bin/sh
+set -e
+
+case "$1" in
+    purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+    ;;
+
+    *)
+        echo "postrm called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+
+#DEBHELPER#
+
+exit 0

Builds/containers/packaging/dpkg/debian/rippled.preinst

@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+case "$1" in
+    install|upgrade)
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+
+#DEBHELPER#
+
+exit 0

Builds/containers/packaging/dpkg/debian/rippled.prerm

@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+case "$1" in
+    remove|upgrade|deconfigure)
+    ;;
+
+    failed-upgrade)
+    ;;
+
+    *)
+        echo "prerm called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+
+#DEBHELPER#
+
+exit 0

Builds/containers/packaging/dpkg/debian/rules

@@ -0,0 +1,43 @@
+#!/usr/bin/make -f
+export DH_VERBOSE = 1
+export DH_OPTIONS = -v
+# debuild sets some warnings that don't work well
+# for our curent build..so try to remove those flags here:
+export CFLAGS:=$(subst -Wformat,,$(CFLAGS))
+export CFLAGS:=$(subst -Werror=format-security,,$(CFLAGS))
+export CXXFLAGS:=$(subst -Wformat,,$(CXXFLAGS))
+export CXXFLAGS:=$(subst -Werror=format-security,,$(CXXFLAGS))
+
+%:
+	dh $@ --with systemd
+
+override_dh_systemd_start:
+	dh_systemd_start --no-restart-on-upgrade
+
+override_dh_auto_configure:
+	env
+	rm -rf bld
+	mkdir -p bld
+	cd bld && \
+	cmake .. -G Ninja \
+		-DCMAKE_INSTALL_PREFIX=/opt/ripple \
+		-DCMAKE_BUILD_TYPE=Release \
+		-Dstatic=ON \
+		-Dunity=OFF \
+		-Dvalidator_keys=ON \
+		-DCMAKE_VERBOSE_MAKEFILE=OFF
+
+override_dh_auto_build:
+	cd bld && \
+	cmake --build . --target rippled --target validator-keys --parallel
+
+override_dh_auto_install:
+	cd bld && DESTDIR=../debian/tmp cmake --build . --target install
+	install -D bld/validator-keys/validator-keys debian/tmp/opt/ripple/bin/validator-keys
+	install -D Builds/containers/shared/update-rippled.sh debian/tmp/opt/ripple/bin/update-rippled.sh
+	install -D bin/getRippledInfo debian/tmp/opt/ripple/bin/getRippledInfo
+	install -D Builds/containers/shared/update-rippled-cron debian/tmp/opt/ripple/etc/update-rippled-cron
+	install -D Builds/containers/shared/rippled-logrotate debian/tmp/etc/logrotate.d/rippled
+	rm -rf debian/tmp/opt/ripple/lib64/cmake/date
+	rm -rf bld
+	rm -rf bld_vl

Builds/containers/packaging/dpkg/debian/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

Builds/containers/packaging/dpkg/debian/source/local-options

@@ -0,0 +1,2 @@
+#abort-on-upstream-changes
+#unapply-patches

Builds/containers/packaging/rpm/50-rippled.preset

@@ -0,0 +1 @@
+enable rippled.service

Builds/containers/packaging/rpm/build_rpm.sh

@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+set -ex
+
+cd /opt/rippled_bld/pkg
+cp -fpu rippled/Builds/containers/packaging/rpm/rippled.spec .
+cp -fpu rippled/Builds/containers/shared/update_sources.sh .
+source update_sources.sh
+
+# Build the rpm
+
+IFS='-' read -r RIPPLED_RPM_VERSION RELEASE <<< "$RIPPLED_VERSION"
+export RIPPLED_RPM_VERSION
+
+RPM_RELEASE=${RPM_RELEASE-1}
+
+# post-release version
+if [ "hf" = "$(echo "$RELEASE" | cut -c -2)" ]; then
+    RPM_RELEASE="${RPM_RELEASE}.${RELEASE}"
+# pre-release version (-b or -rc)
+elif [[ $RELEASE ]]; then
+    RPM_RELEASE="0.${RPM_RELEASE}.${RELEASE}"
+fi
+
+export RPM_RELEASE
+
+if [[ $RPM_PATCH ]]; then
+    RPM_PATCH=".${RPM_PATCH}"
+    export RPM_PATCH
+fi
+
+cd /opt/rippled_bld/pkg/rippled
+if [[ -n $(git status --porcelain) ]]; then
+    git status
+    error "Unstaged changes in this repo - please commit first"
+fi
+git archive --format tar.gz --prefix rippled/ -o ../rpmbuild/SOURCES/rippled.tar.gz HEAD
+# TODO include validator-keys sources
+cd ..
+
+source /opt/rh/devtoolset-8/enable
+
+rpmbuild --define "_topdir ${PWD}/rpmbuild" -ba rippled.spec
+rc=$?; if [[ $rc != 0 ]]; then
+    error "error building rpm"
+fi
+
+# Make a tar of the rpm and source rpm
+RPM_VERSION_RELEASE=$(rpm -qp --qf='%{NAME}-%{VERSION}-%{RELEASE}' ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm)
+tar_file=$RPM_VERSION_RELEASE.tar.gz
+
+cp ./rpmbuild/RPMS/x86_64/* ${PKG_OUTDIR}
+cp ./rpmbuild/SRPMS/* ${PKG_OUTDIR}
+
+RPM_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm 2>/dev/null)
+DBG_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-debuginfo*.rpm 2>/dev/null)
+DEV_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-devel*.rpm 2>/dev/null)
+SRC_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/SRPMS/*.rpm 2>/dev/null)
+
+RPM_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm | awk '{ print $1}')"
+DBG_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-debuginfo*.rpm | awk '{ print $1}')"
+DEV_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-devel*.rpm | awk '{ print $1}')"
+SRC_SHA256="$(sha256sum ./rpmbuild/SRPMS/*.rpm | awk '{ print $1}')"
+
+echo "rpm_md5sum=$RPM_MD5SUM" >  ${PKG_OUTDIR}/build_vars
+echo "dbg_md5sum=$DBG_MD5SUM" >> ${PKG_OUTDIR}/build_vars
+echo "dev_md5sum=$DEV_MD5SUM" >> ${PKG_OUTDIR}/build_vars
+echo "src_md5sum=$SRC_MD5SUM" >> ${PKG_OUTDIR}/build_vars
+echo "rpm_sha256=$RPM_SHA256" >> ${PKG_OUTDIR}/build_vars
+echo "dbg_sha256=$DBG_SHA256" >> ${PKG_OUTDIR}/build_vars
+echo "dev_sha256=$DEV_SHA256" >> ${PKG_OUTDIR}/build_vars
+echo "src_sha256=$SRC_SHA256" >> ${PKG_OUTDIR}/build_vars
+echo "rippled_version=$RIPPLED_VERSION" >> ${PKG_OUTDIR}/build_vars
+echo "rpm_version=$RIPPLED_RPM_VERSION" >> ${PKG_OUTDIR}/build_vars
+echo "rpm_file_name=$tar_file" >> ${PKG_OUTDIR}/build_vars
+echo "rpm_version_release=$RPM_VERSION_RELEASE" >> ${PKG_OUTDIR}/build_vars
+

Builds/containers/packaging/rpm/rippled.spec

@@ -0,0 +1,112 @@
+%define rippled_version %(echo $RIPPLED_RPM_VERSION)
+%define rpm_release %(echo $RPM_RELEASE)
+%define rpm_patch %(echo $RPM_PATCH)
+%define _prefix /opt/ripple
+Name:           rippled
+# Dashes in Version extensions must be converted to underscores
+Version:        %{rippled_version}
+Release:        %{rpm_release}%{?dist}%{rpm_patch}
+Summary:        rippled daemon
+
+License:        MIT
+URL:            http://ripple.com/
+Source0:        rippled.tar.gz
+
+BuildRequires:  cmake zlib-static ninja-build
+
+%description
+rippled
+
+%package devel
+Summary: Files for development of applications using xrpl core library
+Group: Development/Libraries
+Requires: zlib-static
+
+%description devel
+core library for development of standalone applications that sign transactions.
+
+%prep
+%setup -c -n rippled
+
+%build
+cd rippled
+mkdir -p bld.release
+cd bld.release
+cmake .. -G Ninja -DCMAKE_INSTALL_PREFIX=%{_prefix} -DCMAKE_BUILD_TYPE=Release -Dstatic=true -Dunity=OFF -DCMAKE_VERBOSE_MAKEFILE=OFF -Dvalidator_keys=ON
+cmake --build . --parallel --target rippled --target validator-keys
+
+%pre
+test -e /etc/pki/tls || { mkdir -p /etc/pki; ln -s /usr/lib/ssl /etc/pki/tls; }
+
+%install
+rm -rf $RPM_BUILD_ROOT
+DESTDIR=$RPM_BUILD_ROOT cmake --build rippled/bld.release --target install
+rm -rf ${RPM_BUILD_ROOT}/%{_prefix}/lib64/cmake/date
+install -d ${RPM_BUILD_ROOT}/etc/opt/ripple
+install -d ${RPM_BUILD_ROOT}/usr/local/bin
+ln -s %{_prefix}/etc/rippled.cfg ${RPM_BUILD_ROOT}/etc/opt/ripple/rippled.cfg
+ln -s %{_prefix}/etc/validators.txt ${RPM_BUILD_ROOT}/etc/opt/ripple/validators.txt
+ln -s %{_prefix}/bin/rippled ${RPM_BUILD_ROOT}/usr/local/bin/rippled
+install -D rippled/bld.release/validator-keys/validator-keys ${RPM_BUILD_ROOT}%{_bindir}/validator-keys
+install -D ./rippled/Builds/containers/shared/rippled.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/rippled.service
+install -D ./rippled/Builds/containers/packaging/rpm/50-rippled.preset ${RPM_BUILD_ROOT}/usr/lib/systemd/system-preset/50-rippled.preset
+install -D ./rippled/Builds/containers/shared/update-rippled.sh ${RPM_BUILD_ROOT}%{_bindir}/update-rippled.sh
+install -D ./rippled/bin/getRippledInfo ${RPM_BUILD_ROOT}%{_bindir}/getRippledInfo
+install -D ./rippled/Builds/containers/shared/update-rippled-cron ${RPM_BUILD_ROOT}%{_prefix}/etc/update-rippled-cron
+install -D ./rippled/Builds/containers/shared/rippled-logrotate ${RPM_BUILD_ROOT}/etc/logrotate.d/rippled
+install -d $RPM_BUILD_ROOT/var/log/rippled
+install -d $RPM_BUILD_ROOT/var/lib/rippled
+
+%post
+USER_NAME=rippled
+GROUP_NAME=rippled
+
+getent passwd $USER_NAME &>/dev/null || useradd $USER_NAME
+getent group $GROUP_NAME &>/dev/null || groupadd $GROUP_NAME
+
+chown -R $USER_NAME:$GROUP_NAME /var/log/rippled/
+chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled/
+chown -R $USER_NAME:$GROUP_NAME %{_prefix}/
+
+chmod 755 /var/log/rippled/
+chmod 755 /var/lib/rippled/
+
+chmod 644 %{_prefix}/etc/update-rippled-cron
+chmod 644 /etc/logrotate.d/rippled
+chown -R root:$GROUP_NAME %{_prefix}/etc/update-rippled-cron
+
+%files
+%doc rippled/README.md rippled/LICENSE.md
+%{_bindir}/rippled
+/usr/local/bin/rippled
+%{_bindir}/update-rippled.sh
+%{_bindir}/getRippledInfo
+%{_prefix}/etc/update-rippled-cron
+%{_bindir}/validator-keys
+%config(noreplace) %{_prefix}/etc/rippled.cfg
+%config(noreplace) /etc/opt/ripple/rippled.cfg
+%config(noreplace) %{_prefix}/etc/validators.txt
+%config(noreplace) /etc/opt/ripple/validators.txt
+%config(noreplace) /etc/logrotate.d/rippled
+%config(noreplace) /usr/lib/systemd/system/rippled.service
+%config(noreplace) /usr/lib/systemd/system-preset/50-rippled.preset
+%dir /var/log/rippled/
+%dir /var/lib/rippled/
+
+%files devel
+%{_prefix}/include
+%{_prefix}/lib/*.a
+%{_prefix}/lib/cmake/ripple
+
+%changelog
+* Wed Aug 28 2019 Mike Ellery <mellery451@gmail.com>
+- Switch to subproject build for validator-keys
+
+* Wed May 15 2019 Mike Ellery <mellery451@gmail.com>
+- Make validator-keys use local rippled build for core lib
+
+* Wed Aug 01 2018 Mike Ellery <mellery451@gmail.com>
+- add devel package for signing library
+
+* Thu Jun 02 2016 Brandon Wilson <bwilson@ripple.com>
+- Install validators.txt

Builds/containers/shared/build_deps.sh

@@ -0,0 +1,147 @@
+#!/usr/bin/env bash
+set -ex
+
+function build_boost()
+{
+    local boost_ver=$1
+    local do_link=$2
+    local boost_path=$(echo "${boost_ver}" | sed -e 's!\.!_!g')
+    mkdir -p /opt/local
+    cd /opt/local
+    BOOST_ROOT=/opt/local/boost_${boost_path}
+    BOOST_URL="https://boostorg.jfrog.io/artifactory/main/release/${boost_ver}/source/boost_${boost_path}.tar.gz"
+    BOOST_BUILD_ALL=true
+    . /tmp/install_boost.sh
+    if [ "$do_link" = true ] ; then
+        ln -s ./boost_${boost_path} boost
+    fi
+}
+
+build_boost "1.70.0" true
+
+# installed in opt, so won't be used
+# unless specified by OPENSSL_ROOT_DIR
+cd /tmp
+OPENSSL_VER=1.1.1d
+wget https://www.openssl.org/source/openssl-${OPENSSL_VER}.tar.gz
+tar xf openssl-${OPENSSL_VER}.tar.gz
+cd openssl-${OPENSSL_VER}
+# NOTE: add -g to the end of the following line if we want debug symbols for openssl
+SSLDIR=$(openssl version -d | cut -d: -f2 | tr -d [:space:]\")
+./config -fPIC --prefix=/opt/local/openssl --openssldir=${SSLDIR} zlib shared
+make -j$(nproc) >> make_output.txt 2>&1
+make install
+cd ..
+rm -f openssl-${OPENSSL_VER}.tar.gz
+rm -rf openssl-${OPENSSL_VER}
+LD_LIBRARY_PATH=${LD_LIBRARY_PATH:-}:/opt/local/openssl/lib /opt/local/openssl/bin/openssl version -a
+
+cd /tmp
+wget https://libarchive.org/downloads/libarchive-3.4.1.tar.gz
+tar xzf libarchive-3.4.1.tar.gz
+cd libarchive-3.4.1
+mkdir _bld && cd _bld
+cmake -DCMAKE_BUILD_TYPE=Release ..
+make -j$(nproc) >> make_output.txt 2>&1
+make install
+cd ../..
+rm -f libarchive-3.4.1.tar.gz
+rm -rf libarchive-3.4.1
+
+cd /tmp
+wget https://github.com/protocolbuffers/protobuf/releases/download/v3.10.1/protobuf-all-3.10.1.tar.gz
+tar xf protobuf-all-3.10.1.tar.gz
+cd protobuf-3.10.1
+./autogen.sh
+./configure
+make -j$(nproc) >> make_output.txt 2>&1
+make install
+ldconfig
+cd ..
+rm -f protobuf-all-3.10.1.tar.gz
+rm -rf protobuf-3.10.1
+
+cd /tmp
+wget https://c-ares.haxx.se/download/c-ares-1.15.0.tar.gz
+tar xf c-ares-1.15.0.tar.gz
+cd c-ares-1.15.0
+mkdir _bld && cd _bld
+cmake \
+  -DHAVE_LIBNSL=OFF \
+  -DCMAKE_BUILD_TYPE=Release \
+  -DCARES_STATIC=ON \
+  -DCARES_SHARED=OFF \
+  -DCARES_INSTALL=ON \
+  -DCARES_STATIC_PIC=ON \
+  -DCARES_BUILD_TOOLS=OFF \
+  -DCARES_BUILD_TESTS=OFF \
+  -DCARES_BUILD_CONTAINER_TESTS=OFF \
+  ..
+make -j$(nproc) >> make_output.txt 2>&1
+make install
+cd ../..
+rm -f c-ares-1.15.0.tar.gz
+rm -rf c-ares-1.15.0
+
+cd /tmp
+wget https://github.com/grpc/grpc/archive/v1.25.0.tar.gz
+tar xf v1.25.0.tar.gz
+cd grpc-1.25.0
+mkdir _bld && cd _bld
+cmake \
+  -DCMAKE_BUILD_TYPE=Release \
+  -DBUILD_SHARED_LIBS=OFF \
+  -DgRPC_ZLIB_PROVIDER=package \
+  -DgRPC_CARES_PROVIDER=package \
+  -DgRPC_SSL_PROVIDER=package \
+  -DgRPC_PROTOBUF_PROVIDER=package \
+  -DProtobuf_USE_STATIC_LIBS=ON \
+  ..
+make -j$(nproc) >> make_output.txt 2>&1
+make install
+cd ../..
+rm -f xf v1.25.0.tar.gz
+rm -rf grpc-1.25.0
+
+if [ "${CI_USE}" = true ] ; then
+
+    build_boost "1.71.0" false
+
+    cd /tmp
+    wget https://github.com/doxygen/doxygen/archive/Release_1_8_16.tar.gz
+    tar xf Release_1_8_16.tar.gz
+    cd doxygen-Release_1_8_16
+    mkdir build
+    cd build
+    cmake -G "Unix Makefiles" ..
+    make -j$(nproc) >> make_output.txt 2>&1
+    make install
+    cd ../..
+    rm -f Release_1_8_16.tar.gz
+    rm -rf doxygen-Release_1_8_16
+
+    mkdir -p /opt/plantuml
+    wget -O /opt/plantuml/plantuml.jar https://downloads.sourceforge.net/project/plantuml/plantuml.jar
+
+    cd /tmp
+    wget https://github.com/linux-test-project/lcov/releases/download/v1.14/lcov-1.14.tar.gz
+    tar xfz lcov-1.14.tar.gz
+    cd lcov-1.14
+    make install PREFIX=/usr/local
+    cd ..
+    rm -r lcov-1.14 lcov-1.14.tar.gz
+
+    cd /tmp
+    wget https://github.com/ccache/ccache/releases/download/v3.7.6/ccache-3.7.6.tar.gz
+    tar xf ccache-3.7.6.tar.gz
+    cd ccache-3.7.6
+    ./configure --prefix=/usr/local
+    make
+    make install
+    cd ..
+    rm -f ccache-3.7.6.tar.gz
+    rm -rf ccache-3.7.6
+
+    pip install requests
+    pip install https://github.com/codecov/codecov-python/archive/master.zip
+fi

Builds/containers/shared/install_boost.sh

@@ -0,0 +1,93 @@
+#!/usr/bin/env bash
+# Assumptions:
+# 1) BOOST_ROOT and BOOST_URL are already defined,
+# and contain valid values. BOOST_URL2 may be defined
+# as a fallback. BOOST_WGET_OPTIONS may be defined with
+# retry options if the download(s) fail on the first try.
+# 2) The last namepart of BOOST_ROOT matches the
+# folder name internal to boost's .tar.gz
+# When testing you can force a boost build by clearing travis caches:
+# https://travis-ci.org/ripple/rippled/caches
+set -exu
+
+odir=$(pwd)
+: ${BOOST_TOOLSET:=msvc-14.1}
+
+if [[ -d "$BOOST_ROOT/lib" || -d "${BOOST_ROOT}/stage/lib" ]] ; then
+    echo "Using cached boost at $BOOST_ROOT"
+    exit
+fi
+
+#fetch/unpack:
+fn=$(basename -- "$BOOST_URL")
+ext="${fn##*.}"
+wopt="--quiet"
+wget ${wopt} $BOOST_URL -O /tmp/boost.tar.${ext} || \
+  ( [ -n "${BOOST_URL2}" ] && \
+    wget ${wopt} $BOOST_URL2 -O /tmp/boost.tar.${ext} ) || \
+  ( [ -n "${BOOST_WGET_OPTIONS}" ] &&
+    ( wget ${wopt} ${BOOST_WGET_OPTIONS} $BOOST_URL -O /tmp/boost.tar.${ext} || \
+      ( [ -n "${BOOST_URL2}" ] && \
+        wget ${wopt} ${BOOST_WGET_OPTIONS} $BOOST_URL2 -O /tmp/boost.tar.${ext} )
+    )
+  )
+cd $(dirname $BOOST_ROOT)
+rm -fr ${BOOST_ROOT}
+mkdir ${BOOST_ROOT}
+tar xf /tmp/boost.tar.${ext} -C ${BOOST_ROOT} --strip-components 1
+cd $BOOST_ROOT
+
+BLDARGS=()
+if [[ ${BOOST_BUILD_ALL:-false} == "true" ]]; then
+    # we never need boost-python...so even for ALL
+    # option we can skip it
+    BLDARGS+=(--without-python)
+else
+    BLDARGS+=(--with-chrono)
+    BLDARGS+=(--with-container)
+    BLDARGS+=(--with-context)
+    BLDARGS+=(--with-coroutine)
+    BLDARGS+=(--with-date_time)
+    BLDARGS+=(--with-filesystem)
+    BLDARGS+=(--with-program_options)
+    BLDARGS+=(--with-regex)
+    BLDARGS+=(--with-system)
+    BLDARGS+=(--with-atomic)
+    BLDARGS+=(--with-thread)
+fi
+BLDARGS+=(-j$((2*${NUM_PROCESSORS:-2})))
+BLDARGS+=(--prefix=${BOOST_ROOT}/_INSTALLED_)
+BLDARGS+=(-d0) # suppress messages/output
+
+if [[ -z ${COMSPEC:-} ]]; then
+    if [[ "$(uname)" == "Darwin" ]] ; then
+        BLDARGS+=(cxxflags="-std=c++14 -fvisibility=default")
+    else
+        BLDARGS+=(cxxflags="-std=c++14")
+        BLDARGS+=(runtime-link="static,shared")
+    fi
+    BLDARGS+=(--layout=tagged)
+    ./bootstrap.sh
+    ./b2 "${BLDARGS[@]}" stage
+    ./b2 "${BLDARGS[@]}" install
+else
+    BLDARGS+=(runtime-link="static,shared")
+    BLDARGS+=(--layout=versioned)
+    BLDARGS+=(--toolset="${BOOST_TOOLSET}")
+    BLDARGS+=(address-model=64)
+    BLDARGS+=(architecture=x86)
+    BLDARGS+=(link=static)
+    BLDARGS+=(threading=multi)
+    cmd /E:ON /D /S /C"bootstrap.bat"
+    ./b2.exe "${BLDARGS[@]}" stage
+    ./b2.exe "${BLDARGS[@]}" install
+fi
+
+if [[ ${CI:-false} == "true" ]]; then
+    # save some disk space...these are mostly
+    # obj files and don't need to be kept in CI contexts
+    rm -rf bin.v2
+fi
+
+cd $odir
+

Builds/containers/shared/install_cmake.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+set -e
+
+IFS=. read cm_maj cm_min cm_rel <<<"$1"
+: ${cm_rel:-0}
+CMAKE_ROOT=${2:-"${HOME}/cmake"}
+
+function cmake_version ()
+{
+    if [[ -d ${CMAKE_ROOT} ]] ; then
+        local perms=$(test $(uname) = "Linux" && echo "/111" || echo "+111")
+        local installed=$(find ${CMAKE_ROOT} -perm ${perms} -type f -name cmake)
+        if [[ "${installed}" != "" ]] ; then
+            echo "$(${installed} --version | head -1)"
+        fi
+    fi
+}
+
+installed=$(cmake_version)
+if [[ "${installed}" != "" && ${installed} =~ ${cm_maj}.${cm_min}.${cm_rel} ]] ; then
+    echo "cmake already installed: ${installed}"
+    exit
+fi
+
+pkgname="cmake-${cm_maj}.${cm_min}.${cm_rel}-$(uname)-x86_64.tar.gz"
+tmppkg="/tmp/cmake.tar.gz"
+wget --quiet https://cmake.org/files/v${cm_maj}.${cm_min}/${pkgname} -O ${tmppkg}
+mkdir -p ${CMAKE_ROOT}
+cd ${CMAKE_ROOT}
+tar --strip-components 1 -xf ${tmppkg}
+rm -f ${tmppkg}
+echo "installed: $(cmake_version)"
+
+