aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2021-06-16 08:58:48 +0200
committerLinus Nordberg <linus@nordberg.se>2021-06-16 08:58:48 +0200
commite4e8216eff7bff1449c12979c9da4c67eafb4499 (patch)
tree01f5f0e3b408239bf82d5007d10c78ee006db13a
parent10dd352ab1ab6ef9cdc8b1494f0a8c0e9ca7d20d (diff)
a too old or too new tree head is not an error
We return !0 for critical errors that need human intervention. Let's consider a stale log and a log with a bad clock an intermittent and non critical error for now. We might want to change requirements on logs to separate freshness from clock skew. We should reconsider the severeness of those errors if that change happens.
-rwxr-xr-xsiglog-witness.py9
1 files changed, 5 insertions, 4 deletions
diff --git a/siglog-witness.py b/siglog-witness.py
index b5f5e0a..2c9862e 100755
--- a/siglog-witness.py
+++ b/siglog-witness.py
@@ -32,6 +32,7 @@ CONFIG_DIR_DEFAULT = os.path.expanduser('~/.config/siglog-witness/')
SIGKEY_FILE_DEFAULT = CONFIG_DIR_DEFAULT + 'signing_key'
CONFIG_FILE = CONFIG_DIR_DEFAULT + 'siglog-witness.conf'
+ERR_OK = 0
ERR_USAGE = 1
ERR_TREEHEAD_READ = 2
ERR_TREEHEAD_FETCH = 3
@@ -418,11 +419,11 @@ def main(args):
ts_sec = new_tree_head.timestamp()
ts_asc = time.ctime(ts_sec)
if ts_sec < now - 12 * 3600:
- return (ERR_TREEHEAD_INVALID,
- "ERROR: timestamp too old: {} ({})".format(ts_sec, ts_asc))
+ return (ERR_OK,
+ "WARNING: timestamp too old: {} ({})".format(ts_sec, ts_asc))
if ts_sec > now + 12 * 3600:
- return (ERR_TREEHEAD_INVALID,
- "ERROR: timestamp too new: {} ({})".format(ts_sec, ts_asc))
+ return (ERR_OK,
+ "WARNING: timestamp too new: {} ({})".format(ts_sec, ts_asc))
# TODO: Needs more thought: size, hash, timestamp -- what may change and what may not?
if new_tree_head.tree_size() <= cur_tree_head.tree_size():