From e4e8216eff7bff1449c12979c9da4c67eafb4499 Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Wed, 16 Jun 2021 08:58:48 +0200
Subject: a too old or too new tree head is not an error

We return !0 for critical errors that need human intervention.
Let's consider a stale log and a log with a bad clock an intermittent
and non critical error for now.

We might want to change requirements on logs to separate freshness
from clock skew. We should reconsider the severeness of those errors
if that change happens.
---
 siglog-witness.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/siglog-witness.py b/siglog-witness.py
index b5f5e0a..2c9862e 100755
--- a/siglog-witness.py
+++ b/siglog-witness.py
@@ -32,6 +32,7 @@ CONFIG_DIR_DEFAULT = os.path.expanduser('~/.config/siglog-witness/')
 SIGKEY_FILE_DEFAULT = CONFIG_DIR_DEFAULT + 'signing_key'
 CONFIG_FILE = CONFIG_DIR_DEFAULT + 'siglog-witness.conf'
 
+ERR_OK                         = 0
 ERR_USAGE                      = 1
 ERR_TREEHEAD_READ              = 2
 ERR_TREEHEAD_FETCH             = 3
@@ -418,11 +419,11 @@ def main(args):
     ts_sec = new_tree_head.timestamp()
     ts_asc = time.ctime(ts_sec)
     if ts_sec < now - 12 * 3600:
-        return (ERR_TREEHEAD_INVALID,
-                "ERROR: timestamp too old: {} ({})".format(ts_sec, ts_asc))
+        return (ERR_OK,
+                "WARNING: timestamp too old: {} ({})".format(ts_sec, ts_asc))
     if ts_sec > now + 12 * 3600:
-        return (ERR_TREEHEAD_INVALID,
-                "ERROR: timestamp too new: {} ({})".format(ts_sec, ts_asc))
+        return (ERR_OK,
+                "WARNING: timestamp too new: {} ({})".format(ts_sec, ts_asc))
 
     # TODO: Needs more thought: size, hash, timestamp -- what may change and what may not?
     if new_tree_head.tree_size() <= cur_tree_head.tree_size():
-- 
cgit v1.2.3