summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2015-03-27 03:08:06 +0100
committerMagnus Ahltorp <map@kth.se>2015-03-27 03:08:06 +0100
commit81d3174b7bf35de0c541e018829fb7c4f4cdff0f (patch)
treedc29fc806670615e62ac783a389b4d63c6074df2 /tools
parentdb1c5cf0eeba9b47a3f89bebc1abd9985ee9fef7 (diff)
Handle multiple signing nodesmultisign
Diffstat (limited to 'tools')
-rwxr-xr-xtools/compileconfig.py7
-rwxr-xr-xtools/merge.py11
2 files changed, 12 insertions, 6 deletions
diff --git a/tools/compileconfig.py b/tools/compileconfig.py
index e3d9ee0..52f10e8 100755
--- a/tools/compileconfig.py
+++ b/tools/compileconfig.py
@@ -192,7 +192,8 @@ def gen_config(nodename, config, localconfig):
(Symbol("catlfish"), Symbol("entryhash_from_entry"))),
]
- signingnode = config["signingnodes"][0]
+ signingnodes = config["signingnodes"]
+ signingnodeaddresses = ["https://%s/ct/signing/" % node["address"] for node in config["signingnodes"]]
mergenodenames = [node["name"] for node in config["mergenodes"]]
storagenodeaddresses = ["https://%s/ct/storage/" % node["address"] for node in config["storagenodes"]]
frontendnodenames = [node["name"] for node in config["frontendnodes"]]
@@ -207,7 +208,7 @@ def gen_config(nodename, config, localconfig):
services = [Symbol("ht")]
allowed_clients += allowed_clients_frontend(mergenodenames)
allowed_clients += allowed_clients_public()
- allowed_servers += allowed_servers_frontend([signingnode["name"]], storagenodenames)
+ allowed_servers += allowed_servers_frontend([node["name"] for node in signingnodes], storagenodenames)
elif nodetype == "storagenodes":
allowed_clients += allowed_clients_storage(frontendnodenames, mergenodenames)
services = []
@@ -226,7 +227,7 @@ def gen_config(nodename, config, localconfig):
(Symbol("own_key"), (nodename, "%s/%s-private.pem" % (paths["privatekeys"], nodename))),
]
if nodetype == "frontendnodes":
- plopconfig.append((Symbol("signing_node"), "https://%s/ct/signing/" % signingnode["address"]))
+ plopconfig.append((Symbol("signing_nodes"), signingnodeaddresses))
plopconfig += [
(Symbol("allowed_clients"), allowed_clients),
(Symbol("allowed_servers"), allowed_servers),
diff --git a/tools/merge.py b/tools/merge.py
index 75e72ae..e6fae24 100755
--- a/tools/merge.py
+++ b/tools/merge.py
@@ -34,7 +34,7 @@ storagenodes = config["storagenodes"]
paths = localconfig["paths"]
mergedb = paths["mergedb"]
-signingnode = config["signingnodes"][0]
+signingnodes = config["signingnodes"]
chainsdir = mergedb + "/chains"
logorderfile = mergedb + "/logorder"
@@ -238,8 +238,13 @@ tree_size = len(logorder)
root_hash = tree[-1][0]
timestamp = int(time.time() * 1000)
-tree_head_signature = create_sth_signature(tree_size, timestamp,
- root_hash, "https://%s/" % signingnode["address"], key=own_key)
+for signingnode in signingnodes:
+ try:
+ tree_head_signature = create_sth_signature(tree_size, timestamp,
+ root_hash, "https://%s/" % signingnode["address"], key=own_key)
+ break
+ except urllib2.URLError:
+ pass
sth = {"tree_size": tree_size, "timestamp": timestamp,
"sha256_root_hash": base64.b64encode(root_hash),