This commit refactors the ping_node method to use a system function
called run_until_completion(), which ensures a task will safely complete even
if it's parent task has been cancelled.
This happens in ping_node() in the case the handshake is ongoing but the
p2p network has been destroyed.
We also introduce a timeout for ping_node() to prevent
perform_handshake_protocols from running forever and blocking
channel.stop() from being safely invoked.
Previously when we called whitelist_fetch_[...](), it would call
greylist_fetch_[...]() inside that method if insufficient whitelist
entries were found.
This was confusing and non-intuitive.
This commit removes this nesting. Now we call
whitelist_fetch_[...] followed by greylist_fetch_[...] in ProtocolAddr
and OutboundSession explicitly.
This commit also fixes a bug in the refinery.
this would mean that if the first external addr in our list is invalid
it will exit the function. instead, continue to check each addr, and if
they are all invalid just broadcast an empty vector inside the AddrsMessage.
previously we would downgrade disconnected hosts by putting them in the
greylist. this commit changes downgrade_host() to remove_host() and removes the host
from all known lists, including greylist, when it disconnects.
otherwise on a small network the following situation could happen:
node B stores node A on greylist
connects to node A, upgrades to anchorlist
hostlist is currently: greylist: node A
anchorlist: node A
node A disconnects
hostlist is currently: greylist: node A
node B tries to find another addr to connect to
it's only known host is node A
tries to reconnect
connection fails
goes to greylist, retries
loops forever
removing from all hostlists is "safe" because if the node A goes back
online again it will once again be added to the greylist of node B
through the address propagation protocols.
