49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# Licensed to the Apache Software Foundation (ASF) under one or more
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# contributor license agreements. See the NOTICE file distributed with
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# this work for additional information regarding copyright ownership.
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# The ASF licenses this file to You under the Apache License, Version 2.0
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# (the "License"); you may not use this file except in compliance with
9afe19d634946d50eab30e3b90cb5cebcde39eeaDaniel Lezcano# the License. You may obtain a copy of the License at
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# http://www.apache.org/licenses/LICENSE-2.0
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# Unless required by applicable law or agreed to in writing, software
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# distributed under the License is distributed on an "AS IS" BASIS,
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# See the License for the specific language governing permissions and
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler# limitations under the License.
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler + 'id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, '
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler + 'public_key TEXT, ' # path to PEM-encoded file
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler + 'distrusted INTEGER, ' # non-zero if not trusted
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seilerdef record_id_arg(cur, args, required=False):
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler if len(args) < 1 or args[0][0] != '#' or len(args[0]) < 2:
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'A record id was not provided'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'SELECT * FROM loginfo WHERE id = ?'
b4578c5b380130a41a69b5b49c970157acaf1dbbDwight Engen print >> sys.stderr, 'Record #%s was not found' % record_id
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'A log id was not provided'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler if len(re.compile(r'[A-Z0-9]').findall(log_id)) != len(log_id):
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'The log id is not formatted properly'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'A public key file was not provided'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'Public key file %s could not be read' % pubkey
02e5d92b70562457a963f0803f0069053ce3292bChristian Brauner print >> sys.stderr, 'A timestamp was not provided'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print >> sys.stderr, 'The timestamp "%s" is invalid' % t
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler record_id = record_id_arg(cur, args, False)
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'INSERT INTO loginfo (public_key) VALUES(?)'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'UPDATE loginfo SET public_key = ? WHERE id = ?'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler # can't specify more than one of record-id and log-id
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler record_id = record_id_arg(cur, args, False)
4d69b2939ce09fbe624636dc01734a542e050ef9Nikola Kotur stmt = 'UPDATE loginfo SET url = ? WHERE id = ?'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'INSERT INTO loginfo (log_id, url) VALUES(?, ?)'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'INSERT INTO loginfo (url) VALUES(?)'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler stmt = 'DELETE FROM loginfo WHERE log_id = ?'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler # could take a record id or a log id
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler record_id = record_id_arg(cur, args, False)
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler stmt = 'INSERT INTO loginfo (log_id, distrusted) VALUES(?, ?)'
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler stmt = 'UPDATE loginfo SET distrusted = ? WHERE id = ?'
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler # could take a record id or a log id
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler record_id = record_id_arg(cur, args, False)
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler '(log_id, min_valid_timestamp, max_valid_timestamp) ' + \
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler 'VALUES(?, ?, ?)'
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler cur.execute(stmt, [log_id, min_valid_time, max_valid_time])
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler stmt = 'UPDATE loginfo SET min_valid_timestamp = ?, ' + \
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler 'max_valid_timestamp = ? WHERE id = ?'
7a0b0b5672a33c190eefb4b2d3e3693241c130f2Christian Seiler cur.execute(stmt, [min_valid_time, max_valid_time, record_id])
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler str(rec.min_valid_timestamp) if rec.min_valid_timestamp else '-INF'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler str(rec.max_valid_timestamp) if rec.max_valid_timestamp else '+INF'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print 'Log entry:'
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler (' (DISTRUSTED)' if rec.distrusted else '')
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print ' Log id : ' + (rec.log_id if rec.log_id else not_conf)
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print ' Public key file: ' + \
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler (rec.public_key if rec.public_key else not_conf)
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print ' URL : ' + (rec.url if rec.url else not_conf)
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler print ' Time range : ' + mint + ' to ' + maxt
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler help = """Usage: %s /path/to/log-config-db command args
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler display config-db contents:
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler configure public key:
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler configure-public-key [log-id|record-id] /path/log-pub-key.pem
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler configure URL:
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler configure-url [log-id|record-id] http://www.example.com/path/
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler configure min and/or max valid timestamps:
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler valid-time-range log-id|record-id min-range max-range
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seiler mark log as trusted (default):
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler trust log-id|record-id
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler mark log as untrusted:
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler distrust log-id|record-id
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler remove log config from config-db:
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler forget log-id|record-id
49ee6cdcbf79d8b6fa617479ec8ab753ccca923dChristian Seilerlog-id is a 64-character hex string representation of a log id
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seilerrecord-id references an existing entry and is in the form:
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler #<record-number>
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler (displayable with the dump command)
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler cmds = {'configure-public-key': configure_public_key,
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler cmds_requiring_db = ['dump', 'forget'] # db must already exist
e13eeea2db3743bf8d3fe2833e069a80e2c4102cChristian Seiler print >> sys.stderr, 'Database "%s" does not exist' % db_name