Use bits in the exit code to convey what happened
This commit is contained in:
parent
40123f9ba8
commit
b297ba9967
|
@ -108,13 +108,13 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
logFile, err := os.Open(*logsFilename)
|
logFile, err := os.Open(*logsFilename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error opening logs file for reading: %s: %s\n", os.Args[0], *logsFilename, err)
|
fmt.Fprintf(os.Stderr, "%s: Error opening logs file for reading: %s: %s\n", os.Args[0], *logsFilename, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
defer logFile.Close()
|
defer logFile.Close()
|
||||||
var logFileObj ctwatch.LogInfoFile
|
var logFileObj ctwatch.LogInfoFile
|
||||||
if err := json.NewDecoder(logFile).Decode(&logFileObj); err != nil {
|
if err := json.NewDecoder(logFile).Decode(&logFileObj); err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error decoding logs file: %s: %s\n", os.Args[0], *logsFilename, err)
|
fmt.Fprintf(os.Stderr, "%s: Error decoding logs file: %s: %s\n", os.Args[0], *logsFilename, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
logs = logFileObj.Logs
|
logs = logFileObj.Logs
|
||||||
} else if *underwater {
|
} else if *underwater {
|
||||||
|
@ -125,16 +125,23 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
|
|
||||||
if err := os.Mkdir(stateDir, 0777); err != nil && !os.IsExist(err) {
|
if err := os.Mkdir(stateDir, 0777); err != nil && !os.IsExist(err) {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error creating state directory: %s: %s\n", os.Args[0], stateDir, err)
|
fmt.Fprintf(os.Stderr, "%s: Error creating state directory: %s: %s\n", os.Args[0], stateDir, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
for _, subdir := range []string{"certs", "sths", "evidence"} {
|
for _, subdir := range []string{"certs", "sths", "evidence"} {
|
||||||
path := filepath.Join(stateDir, subdir)
|
path := filepath.Join(stateDir, subdir)
|
||||||
if err := os.Mkdir(path, 0777); err != nil && !os.IsExist(err) {
|
if err := os.Mkdir(path, 0777); err != nil && !os.IsExist(err) {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error creating state directory: %s: %s\n", os.Args[0], path, err)
|
fmt.Fprintf(os.Stderr, "%s: Error creating state directory: %s: %s\n", os.Args[0], path, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Exit code bits:
|
||||||
|
* 1 = initialization/system error
|
||||||
|
* 2 = usage error
|
||||||
|
* 4 = error communicating with log
|
||||||
|
* 8 = log misbehavior
|
||||||
|
*/
|
||||||
exitCode := 0
|
exitCode := 0
|
||||||
|
|
||||||
for _, logInfo := range logs {
|
for _, logInfo := range logs {
|
||||||
|
@ -142,13 +149,13 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
logKey, err := logInfo.ParsedPublicKey()
|
logKey, err := logInfo.ParsedPublicKey()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: %s: Bad public key: %s\n", os.Args[0], logUri, err)
|
fmt.Fprintf(os.Stderr, "%s: %s: Bad public key: %s\n", os.Args[0], logUri, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
stateFilename := filepath.Join(stateDir, "sths", defangLogUri(logUri))
|
stateFilename := filepath.Join(stateDir, "sths", defangLogUri(logUri))
|
||||||
prevSTH, err := ctwatch.ReadSTHFile(stateFilename)
|
prevSTH, err := ctwatch.ReadSTHFile(stateFilename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error reading state file: %s: %s\n", os.Args[0], stateFilename, err)
|
fmt.Fprintf(os.Stderr, "%s: Error reading state file: %s: %s\n", os.Args[0], stateFilename, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
opts := ctwatch.ScannerOptions{
|
opts := ctwatch.ScannerOptions{
|
||||||
|
@ -162,7 +169,7 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
latestSTH, err := scanner.GetSTH()
|
latestSTH, err := scanner.GetSTH()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error retrieving STH from log: %s: %s\n", os.Args[0], logUri, err)
|
fmt.Fprintf(os.Stderr, "%s: Error retrieving STH from log: %s: %s\n", os.Args[0], logUri, err)
|
||||||
exitCode = 1
|
exitCode |= 4
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -183,7 +190,7 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
valid, treeBuilder, err = scanner.CheckConsistency(prevSTH, latestSTH)
|
valid, treeBuilder, err = scanner.CheckConsistency(prevSTH, latestSTH)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error fetching consistency proof: %s: %s\n", os.Args[0], logUri, err)
|
fmt.Fprintf(os.Stderr, "%s: Error fetching consistency proof: %s: %s\n", os.Args[0], logUri, err)
|
||||||
exitCode = 1
|
exitCode |= 4
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if !valid {
|
if !valid {
|
||||||
|
@ -193,7 +200,7 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
} else {
|
} else {
|
||||||
fmt.Fprintf(os.Stderr, "%s: %s: Consistency proof failed - the log has misbehaved! Evidence of misbehavior has been saved to '%s' and '%s'.\n", os.Args[0], logUri, firstFilename, secondFilename)
|
fmt.Fprintf(os.Stderr, "%s: %s: Consistency proof failed - the log has misbehaved! Evidence of misbehavior has been saved to '%s' and '%s'.\n", os.Args[0], logUri, firstFilename, secondFilename)
|
||||||
}
|
}
|
||||||
exitCode = 1
|
exitCode |= 8
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
@ -202,21 +209,21 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
|
||||||
|
|
||||||
if err := scanner.Scan(int64(startIndex), int64(latestSTH.TreeSize), processCallback, treeBuilder); err != nil {
|
if err := scanner.Scan(int64(startIndex), int64(latestSTH.TreeSize), processCallback, treeBuilder); err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error scanning log: %s: %s\n", os.Args[0], logUri, err)
|
fmt.Fprintf(os.Stderr, "%s: Error scanning log: %s: %s\n", os.Args[0], logUri, err)
|
||||||
exitCode = 1
|
exitCode |= 4
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
rootHash := treeBuilder.Finish()
|
rootHash := treeBuilder.Finish()
|
||||||
if !bytes.Equal(rootHash, latestSTH.SHA256RootHash[:]) {
|
if !bytes.Equal(rootHash, latestSTH.SHA256RootHash[:]) {
|
||||||
fmt.Fprintf(os.Stderr, "%s: %s: Validation of log entries failed - calculated tree root (%x) does not match signed tree root (%s). If this error persists for an extended period, it should be construed as misbehavior by the log.\n", os.Args[0], logUri, rootHash, latestSTH.SHA256RootHash)
|
fmt.Fprintf(os.Stderr, "%s: %s: Validation of log entries failed - calculated tree root (%x) does not match signed tree root (%s). If this error persists for an extended period, it should be construed as misbehavior by the log.\n", os.Args[0], logUri, rootHash, latestSTH.SHA256RootHash)
|
||||||
exitCode = 1
|
exitCode |= 8
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := ctwatch.WriteSTHFile(stateFilename, latestSTH); err != nil {
|
if err := ctwatch.WriteSTHFile(stateFilename, latestSTH); err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error writing state file: %s: %s\n", os.Args[0], stateFilename, err)
|
fmt.Fprintf(os.Stderr, "%s: Error writing state file: %s: %s\n", os.Args[0], stateFilename, err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -100,7 +100,7 @@ func main() {
|
||||||
}
|
}
|
||||||
if err := scanner.Err(); err != nil {
|
if err := scanner.Err(); err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s: Error reading standard input: %s\n", os.Args[0], err)
|
fmt.Fprintf(os.Stderr, "%s: Error reading standard input: %s\n", os.Args[0], err)
|
||||||
os.Exit(3)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
setWatchDomains(domains)
|
setWatchDomains(domains)
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in New Issue