ctlogconfig revision 75f5c2db254c0167a0e396254460de09b775d203
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#!/usr/bin/env python
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# Licensed to the Apache Software Foundation (ASF) under one or more
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# contributor license agreements. See the NOTICE file distributed with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# this work for additional information regarding copyright ownership.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# The ASF licenses this file to You under the Apache License, Version 2.0
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# (the "License"); you may not use this file except in compliance with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# the License. You may obtain a copy of the License at
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# http://www.apache.org/licenses/LICENSE-2.0
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# Unless required by applicable law or agreed to in writing, software
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# distributed under the License is distributed on an "AS IS" BASIS,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# See the License for the specific language governing permissions and
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwimport os
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwimport re
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwimport sqlite3
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwimport sys
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef create_tables(db_name):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cxn = sqlite3.connect(db_name)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur = cxn.cursor()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw 'CREATE TABLE loginfo('
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, '
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'log_id TEXT, '
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'public_key TEXT, ' # path to PEM-encoded file
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'distrusted INTEGER, ' # non-zero if not trusted
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'min_valid_timestamp INTEGER, '
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw + 'max_valid_timestamp INTEGER, '
7b59d02d2a384be9a08087b14defadd214b3c1ddjb + 'url TEXT)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw )
7b59d02d2a384be9a08087b14defadd214b3c1ddjb cur.close()
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as cxn.commit()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cxn.close()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef record_id_arg(cur, args, required=False):
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if len(args) < 1 or args[0][0] != '#' or len(args[0]) < 2:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if required:
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as print >> sys.stderr, 'A record id was not provided'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
7b59d02d2a384be9a08087b14defadd214b3c1ddjb return None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw record_id = args.pop(0)[1:]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'SELECT * FROM loginfo WHERE id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [record_id])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw recs = list(cur.fetchall())
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw assert len(recs) < 2
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(recs) == 0:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Record #%s was not found' % record_id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return record_id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef log_id_arg(cur, args, required=True):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) < 1 or len(args[0]) != 64:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not required:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'A log id was not provided'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = args.pop(0).upper()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(re.compile(r'[A-Z0-9]').findall(log_id)) != len(log_id):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'The log id is not formatted properly'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return log_id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef public_key_arg(args):
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb if len(args) < 1:
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb print >> sys.stderr, 'A public key file was not provided'
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb sys.exit(1)
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb pubkey = args.pop(0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not os.path.exists(pubkey):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Public key file %s could not be read' % pubkey
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return pubkey
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef time_arg(args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) < 1:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'A timestamp was not provided'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw t = args.pop(0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if t == '-':
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw try:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return int(t)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw except ValueError:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'The timestamp "%s" is invalid' % t
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef configure_public_key(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw record_id = record_id_arg(cur, args, False)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw public_key = public_key_arg(args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 0:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo (public_key) VALUES(?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [public_key])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'UPDATE loginfo SET public_key = ? WHERE id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [public_key, record_id])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef configure_url(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw # can't specify more than one of record-id and log-id
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as log_id = None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw record_id = record_id_arg(cur, args, False)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = log_id_arg(cur, args, False)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 1:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw url = args.pop(0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'UPDATE loginfo SET url = ? WHERE id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = [url, record_id]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw elif log_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo (log_id, url) VALUES(?, ?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = [log_id, url]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo (url) VALUES(?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = [url]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef forget_log(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw record_id = record_id_arg(cur, args, False)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = log_id_arg(cur, args, True)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 0:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'DELETE FROM loginfo WHERE id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = [record_id]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'DELETE FROM loginfo WHERE log_id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = [log_id]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
faa1795a28a5c712eed6d0a3f84d98c368a316c6jbdef trust_distrust_log(cur, args):
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb # could take a record id or a log id
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb record_id = record_id_arg(cur, args, False)
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb if record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = None
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = log_id_arg(cur, args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 1:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw flag = args.pop(0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo (log_id, distrusted) VALUES(?, ?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [log_id, flag])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'UPDATE loginfo SET distrusted = ? WHERE id = ?'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [flag, record_id])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef trust_log(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw trust_distrust_log(cur, args + [0])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef distrust_log(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw trust_distrust_log(cur, args + [1])
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asdef time_range(cur, args):
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as # could take a record id or a log id
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as record_id = record_id_arg(cur, args, False)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw log_id = None
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as else:
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as log_id = log_id_arg(cur, args)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as min_valid_time = time_arg(args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw max_valid_time = time_arg(args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 0:
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb usage()
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb if not record_id:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo ' + \
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb '(log_id, min_valid_timestamp, max_valid_timestamp) ' + \
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb 'VALUES(?, ?, ?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [log_id, min_valid_time, max_valid_time])
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb else:
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb stmt = 'UPDATE loginfo SET min_valid_timestamp = ?, ' + \
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb 'max_valid_timestamp = ? WHERE id = ?'
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb cur.execute(stmt, [min_valid_time, max_valid_time, record_id])
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwclass ConfigEntry:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as pass
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef dump_ll(cur):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'SELECT * FROM loginfo'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw recs = []
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw for row in cur.fetchall():
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb obj = ConfigEntry()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.id = row[0]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.log_id = row[1]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.public_key = row[2]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.distrusted = row[3]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.min_valid_timestamp = row[4]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.max_valid_timestamp = row[5]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw obj.url = row[6]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw recs += [obj]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return recs
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
55bf511df53aad0fdb7eb3fa349f0308cc05234casdef dump(cur, args):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(args) != 0:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw recs = dump_ll(cur)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw for rec in recs:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw not_conf = '(not configured)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw mint = \
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw str(rec.min_valid_timestamp) if rec.min_valid_timestamp else '-INF'
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as maxt = \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as str(rec.max_valid_timestamp) if rec.max_valid_timestamp else '+INF'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print 'Log entry:'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Record ' + str(rec.id) + \
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (' (DISTRUSTED)' if rec.distrusted else '')
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Log id : ' + (rec.log_id if rec.log_id else not_conf)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Public key file: ' + \
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (rec.public_key if rec.public_key else not_conf)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' URL : ' + (rec.url if rec.url else not_conf)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Time range : ' + mint + ' to ' + maxt
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ''
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef usage():
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw help = """Usage: %s /path/to/log-config-db command args
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwCommands:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw display config-db contents:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw dump
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure public key:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure-public-key [log-id|record-id] /path/log-pub-key.pem
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure URL:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure-url [log-id|record-id] http://www.example.com/path/
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure min and/or max valid timestamps:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw valid-time-range log-id|record-id min-range max-range
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw mark log as trusted (default):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw trust log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw mark log as untrusted:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw distrust log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw remove log config from config-db:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw forget log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwlog-id is a 64-character hex string representation of a log id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwrecord-id references an existing entry and is in the form:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw #<record-number>
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (displayable with the dump command)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw""" % sys.argv[0]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, help
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwdef main(argv):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(argv) < 3:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw db_name = argv[1]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cmd = argv[2]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw args = argv[3:]
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as cmds = {'configure-public-key': configure_public_key,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw 'configure-url': configure_url,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as 'distrust': distrust_log,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw 'trust': trust_log,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as 'forget': forget_log,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw 'valid-time-range': time_range,
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb 'dump': dump,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw }
7b59d02d2a384be9a08087b14defadd214b3c1ddjb
7b59d02d2a384be9a08087b14defadd214b3c1ddjb cmds_requiring_db = ['dump', 'forget'] # db must already exist
7b59d02d2a384be9a08087b14defadd214b3c1ddjb
7b59d02d2a384be9a08087b14defadd214b3c1ddjb if not cmd in cmds:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw usage()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not os.path.exists(db_name):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if not cmd in cmds_requiring_db:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw create_tables(db_name)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw else:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Database "%s" does not exist' % db_name
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw sys.exit(1)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cxn = sqlite3.connect(db_name)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur = cxn.cursor()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cmds[cmd](cur, args)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.close()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cxn.commit()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cxn.close()
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwif __name__ == "__main__":
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw main(sys.argv)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw