ctlogconfig revision bcb83ba673a1e4404886c7eae221a629cc27126e
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# Licensed to the Apache Software Foundation (ASF) under one or more
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# contributor license agreements. See the NOTICE file distributed with
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# this work for additional information regarding copyright ownership.
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# The ASF licenses this file to You under the Apache License, Version 2.0
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# (the "License"); you may not use this file except in compliance with
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# the License. You may obtain a copy of the License at
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# Unless required by applicable law or agreed to in writing, software
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# distributed under the License is distributed on an "AS IS" BASIS,
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# See the License for the specific language governing permissions and
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin# limitations under the License.
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin if len(args) < 1 or args[0][0] != '#' or len(args[0]) < 2:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin print >> sys.stderr, 'Record #%s was not found' % record_id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin if len(re.compile(r'[A-Z0-9]').findall(log_id)) != len(log_id):
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin print >> sys.stderr, 'The log id is not formatted properly'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin print >> sys.stderr, 'A public key file was not provided'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin print >> sys.stderr, 'Public key file %s could not be read' % pubkey
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin if t == '-':
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin print >> sys.stderr, 'The timestamp "%s" is invalid' % t
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin stmt = 'UPDATE loginfo SET public_key = ? WHERE id = ?'
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin # can't specify more than one of record-id and log-id
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin stmt = 'INSERT INTO loginfo (log_id, url) VALUES(?, ?)'
0e9dae659943679108357054e9aa7657cdc52dc4minfrin # could take a record id or a log id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin stmt = 'INSERT INTO loginfo (log_id, distrusted) VALUES(?, ?)'
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin stmt = 'UPDATE loginfo SET distrusted = ? WHERE id = ?'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin # could take a record id or a log id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin '(log_id, min_valid_timestamp, max_valid_timestamp) ' + \
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin 'VALUES(?, ?, ?)'
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin cur.execute(stmt, [log_id, min_valid_time, max_valid_time])
0e9dae659943679108357054e9aa7657cdc52dc4minfrin stmt = 'UPDATE loginfo SET min_valid_timestamp = ?, ' + \
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin 'max_valid_timestamp = ? WHERE id = ?'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin cur.execute(stmt, [min_valid_time, max_valid_time, record_id])
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin str(rec.min_valid_timestamp) if rec.min_valid_timestamp else '-INF'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin str(rec.max_valid_timestamp) if rec.max_valid_timestamp else '+INF'
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin print 'Log entry:'
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin print ' Log id : ' + (rec.log_id if rec.log_id else not_conf)
0e9dae659943679108357054e9aa7657cdc52dc4minfrin print ' Public key file: ' + \
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin print ' URL : ' + (rec.url if rec.url else not_conf)
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin help = """Usage: %s /path/to/log-config-db command args
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin display config-db contents:
a7757dd38bb2a1afc93e241b7ea67b3de85ecc8bminfrin configure public key:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin configure-public-key [log-id|record-id] /path/log-pub-key.pem
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin configure URL:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin configure-url [log-id|record-id] http://www.example.com/path/
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin configure min and/or max valid timestamps:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin valid-time-range log-id|record-id min-range max-range
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin mark log as trusted (default):
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin trust log-id|record-id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin mark log as untrusted:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin distrust log-id|record-id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin remove log config from config-db:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin forget log-id|record-id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrinlog-id is a 64-character hex string representation of a log id
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrinrecord-id references an existing entry and is in the form:
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin #<record-number>
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin (displayable with the dump command)
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin cmds = {'configure-public-key': configure_public_key,
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin cmds_requiring_db = ['dump', 'forget'] # db must already exist
fed63d1b62cc7e56aad77b70ee5b5cc7f5c6aademinfrin print >> sys.stderr, 'Database "%s" does not exist' % db_name