diff options
author | Linus Nordberg <linus@nordberg.se> | 2021-06-15 06:00:15 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordberg.se> | 2021-06-15 06:00:15 +0200 |
commit | d08859f2023fc23ab4e7616d159b5a7554c70074 (patch) | |
tree | c8b80da45847c76082c5430fb64158c8ad80fae7 | |
parent | ba4847d8f18dd0998ee33f1e7fbd96198af91152 (diff) |
be less permissive of --bootstrap-log
The rationale behind not allowing --bootstrap-log and
--generate-signing-key when they don't make any difference is that it
should be impossible to use them in scripts that run multiple times
since they're meant for manual "bootstrapping" procedures.
Another reason is that they require user intervention but not until
specific conditions arise (tree head missing, keyfile missing) which
may happen only "after some time". Failing early is helpful.
-rwxr-xr-x | siglog-witness.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/siglog-witness.py b/siglog-witness.py index 4e365ec..4046cbd 100755 --- a/siglog-witness.py +++ b/siglog-witness.py @@ -400,6 +400,10 @@ def main(args): if err3: return err3 return 0, None + else: + if g_args.bootstrap_log: + return (ERR_USAGE, + "ERROR: Valid tree head found: --bootstrap-log not allowed") new_tree_head, err = fetch_tree_head_and_verify(log_verification_key) if err: return err |