From 61097dc96134299891009dd16e49b8edf72bb3b7 Mon Sep 17 00:00:00 2001 From: Jeroen Massar Date: Thu, 28 Aug 2025 12:03:36 +0200 Subject: [PATCH] Verify that the config that is loaded has some sanity (at least a single log, various fields containing data, reporting when empty etc) --- tesseract/genconf/main.go | 50 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/tesseract/genconf/main.go b/tesseract/genconf/main.go index 9c7d6d7..d6c0b69 100644 --- a/tesseract/genconf/main.go +++ b/tesseract/genconf/main.go @@ -85,6 +85,13 @@ func loadConfig(yamlFile string) Config { config.Listen = []string{":8080"} } + // Checkpoints & Roots are not used in-code, not checking for being set/valid + + // Ensure there are logs configured + if len(config.Logs) == 0 { + log.Fatalf("Parsed YAML did not include any 'logs'") + } + // Set defaults for log entries and check for empty/missing values for i := range config.Logs { // Checks are in order of fields of the Log struct @@ -97,6 +104,8 @@ func loadConfig(yamlFile string) Config { log.Fatalf("Log %d (%s) is missing a value for Domain", i, config.Logs[i].ShortName) } + // Inception is not used in-code + if config.Logs[i].Period == 0 { config.Logs[i].Period = 200 } @@ -104,6 +113,47 @@ func loadConfig(yamlFile string) Config { if config.Logs[i].PoolSize == 0 { config.Logs[i].PoolSize = 750 } + + if config.Logs[i].SubmissionPrefix == "" { + log.Fatalf("Log %d (%s) is missing a value for SubmissionPrefix", i, config.Logs[i].ShortName) + } + + if config.Logs[i].MonitoringPrefix == "" { + log.Fatalf("Log %d (%s) is missing a value for MonitoringPrefix", i, config.Logs[i].ShortName) + } + + // CCadbRoots is not used in-code + // ExtraRoots is optional + + if config.Logs[i].Secret == "" { + log.Fatalf("Log %d (%s) is missing a value for Secret", i, config.Logs[i].ShortName) + } + + // Cache is not used in-code + + if config.Logs[i].LocalDirectory == "" { + log.Fatalf("Log %d (%s) is missing a value for LocalDirectory", i, config.Logs[i].ShortName) + } + + // Listen, NotAfterStart and NotAfterLimit are optional + + // These fields are exported due to HTML templates + // but should not be provided/filled by the user + if config.Logs[i].LogID != "" { + log.Fatalf("Log %d (%s) has field LogID should not be configured (%s)", i, config.Logs[i].ShortName, config.Logs[i].LogID) + } + + if config.Logs[i].PublicKeyPEM != "" { + log.Fatalf("Log %d (%s) has field PublicKeyPEM should not be configured (%s)", i, config.Logs[i].ShortName, config.Logs[i].PublicKeyPEM) + } + + if config.Logs[i].PublicKeyDERB64 != "" { + log.Fatalf("Log %d (%s) has field PublicKeyDERB64 should not be configured (%s)", i, config.Logs[i].ShortName, config.Logs[i].PublicKeyDERB64) + } + + if config.Logs[i].PublicKeyBase64 != "" { + log.Fatalf("Log %d (%s) has field PublicKeyBase64 should not be configured (%s)", i, config.Logs[i].ShortName, config.Logs[i].PublicKeyBase64) + } } return config