Per issue #2354, when the log level of a server was configured at
"trace", sensitive keying meterial generated by the `wallet_propose`
command could be written to the server's log file, if one was
configured.
This commit improves the log scrubbing code to account for the
sensitive information generated by a `wallet_propose`.
** Important security consideration **
We still caution everyone *against* executing this command on a
server that they do not control: a malicious server operator could
intercept the generated keypair, or operate a modified server that
returns keypairs that are not securely generated.
Previously, writes using debugLog() tagged every entry with
"TRC:". Now users of debugLog() must specify the severity
level they want their information logged at.
Replace Journal public data members with member function accessors
in order to make Journal lighter weight. The change makes a
Journal cheaper to pass by value.
Also add missing stream checks (e.g., calls to JLOG) to avoid
text processing that ultimately will not be stored in the log.
The Journal API is affected. There are two uses for the
Journal::Severity enum:
o It is used to declare a threshold which log messages must meet
in order to be logged.
o It declares the current logging level which will be compared
to the threshold.
Those uses that affect the threshold are now named threshold()
rather than severity() to make the uses easier to distinguish.
Additionally, Journal no longer carries a Severity variable.
All handling of the threshold() is now delegated to the
Journal::Sink.
Sinks are no longer constructed with a default threshold of
kWarning; their threshold must be passed in on construction.
An alternative to the unity build, the classic build compiles each
translation unit individually. This adds more modules to the classic build:
* Remove unity header app.h
* Add missing includes as needed
* Remove obsolete NodeStore backend code
* Add app/, core/, crypto/, json/, net/, overlay/, peerfinder/ to classic build
The SConstruct is modified to provide a new family of targets, ending with
the suffix ".nounity", which compile individual translation units instead of
some of the unity translation units ("classic" builds). Two modules updated
for this treatment are ripple/basics/ and ripple/protocol/, with plans to
update more in the future. A consequence is longer build times in some cases.
A benefit of classic builds is that missing includes can be identified
through compiler errors.
