1 files changed, 12 insertions, 4 deletions

diff --git a/tools/merge.py b/tools/merge.py
index e6fae24..f9c93d9 100755
--- a/tools/merge.py
+++ b/tools/merge.py
@@ -16,7 +16,9 @@ import hashlib
 import urlparse
 import os
 import yaml
-from certtools import build_merkle_tree, create_sth_signature, check_sth_signature, get_eckey_from_file, timing_point, http_request
+from certtools import build_merkle_tree, create_sth_signature, \
+    check_sth_signature, get_eckey_from_file, timing_point, http_request, \
+    get_public_key_from_file
 
 parser = argparse.ArgumentParser(description="")
 parser.add_argument('--config', help="System configuration", required=True)
@@ -41,6 +43,8 @@ logorderfile = mergedb + "/logorder"
 
 own_key = (localconfig["nodename"], "%s/%s-private.pem" % (paths["privatekeys"], localconfig["nodename"]))
 
+logpublickey = get_public_key_from_file(paths["logpublickey"])
+
 hashed_dir = True
 
 def parselogrow(row):
@@ -238,19 +242,23 @@ tree_size = len(logorder)
 root_hash = tree[-1][0]
 timestamp = int(time.time() * 1000)
 
+tree_head_signature = None
 for signingnode in signingnodes:
     try:
         tree_head_signature = create_sth_signature(tree_size, timestamp,
                                                    root_hash, "https://%s/" % signingnode["address"], key=own_key)
         break
-    except urllib2.URLError:
-        pass
+    except urllib2.URLError, e:
+        print e
+if tree_head_signature == None:
+    print >>sys.stderr, "Could not contact any signing nodes"
+    sys.exit(1)
 
 sth = {"tree_size": tree_size, "timestamp": timestamp,
        "sha256_root_hash": base64.b64encode(root_hash),
        "tree_head_signature": base64.b64encode(tree_head_signature)}
 
-check_sth_signature(ctbaseurl, sth)
+check_sth_signature(ctbaseurl, sth, publickey=logpublickey)
 
 timing_point(timing, "build sth")