ctlogconfig revision 75f5c2db254c0167a0e396254460de09b775d203
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# Licensed to the Apache Software Foundation (ASF) under one or more
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# contributor license agreements. See the NOTICE file distributed with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# this work for additional information regarding copyright ownership.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# The ASF licenses this file to You under the Apache License, Version 2.0
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# (the "License"); you may not use this file except in compliance with
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# the License. You may obtain a copy of the License at
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# Unless required by applicable law or agreed to in writing, software
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# distributed under the License is distributed on an "AS IS" BASIS,
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# See the License for the specific language governing permissions and
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw# limitations under the License.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if len(args) < 1 or args[0][0] != '#' or len(args[0]) < 2:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Record #%s was not found' % record_id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if len(re.compile(r'[A-Z0-9]').findall(log_id)) != len(log_id):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'The log id is not formatted properly'
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb print >> sys.stderr, 'A public key file was not provided'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Public key file %s could not be read' % pubkey
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if t == '-':
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw return int(t)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'The timestamp "%s" is invalid' % t
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw # can't specify more than one of record-id and log-id
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb # could take a record id or a log id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw stmt = 'INSERT INTO loginfo (log_id, distrusted) VALUES(?, ?)'
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as # could take a record id or a log id
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb '(log_id, min_valid_timestamp, max_valid_timestamp) ' + \
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb 'VALUES(?, ?, ?)'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw cur.execute(stmt, [log_id, min_valid_time, max_valid_time])
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb stmt = 'UPDATE loginfo SET min_valid_timestamp = ?, ' + \
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb 'max_valid_timestamp = ? WHERE id = ?'
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb cur.execute(stmt, [min_valid_time, max_valid_time, record_id])
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw str(rec.min_valid_timestamp) if rec.min_valid_timestamp else '-INF'
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as str(rec.max_valid_timestamp) if rec.max_valid_timestamp else '+INF'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print 'Log entry:'
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Log id : ' + (rec.log_id if rec.log_id else not_conf)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print ' Public key file: ' + \
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw display config-db contents:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure public key:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure-public-key [log-id|record-id] /path/log-pub-key.pem
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure URL:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure-url [log-id|record-id] http://www.example.com/path/
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw configure min and/or max valid timestamps:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw valid-time-range log-id|record-id min-range max-range
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw mark log as trusted (default):
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw trust log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw mark log as untrusted:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw distrust log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw remove log config from config-db:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw forget log-id|record-id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwlog-id is a 64-character hex string representation of a log id
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amwrecord-id references an existing entry and is in the form:
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw #<record-number>
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (displayable with the dump command)
7b59d02d2a384be9a08087b14defadd214b3c1ddjb cmds_requiring_db = ['dump', 'forget'] # db must already exist
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw print >> sys.stderr, 'Database "%s" does not exist' % db_name