From cef3057325c7eba5d4a931a9814202eb9eb574eb Mon Sep 17 00:00:00 2001
From: Magnus Ahltorp <map@kth.se>
Date: Thu, 23 Apr 2015 18:11:07 +0200
Subject: Don't require logprivatekey if hsm is configured for a signing node.

---
 tools/compileconfig.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'tools/compileconfig.py')

diff --git a/tools/compileconfig.py b/tools/compileconfig.py
index 95c71be..a8fe408 100755
--- a/tools/compileconfig.py
+++ b/tools/compileconfig.py
@@ -242,10 +242,14 @@ def gen_config(nodename, config, localconfig):
         (Symbol("services"), services),
     ]
     if nodetype == "signingnodes":
-        plopconfig.append((Symbol("log_private_key"), paths["logprivatekey"]))
         hsm = localconfig.get("hsm")
+        if "logprivatekey" in paths:
+            plopconfig.append((Symbol("log_private_key"), paths["logprivatekey"]))
         if hsm:
             plopconfig.append((Symbol("hsm"), [hsm.get("library"), str(hsm.get("slot")), "ecdsa", hsm.get("label"), hsm.get("pin")]))
+        if not ("logprivatekey" in paths or hsm):
+            print >>sys.stderr, "Neither logprivatekey nor hsm configured for signing node", nodename
+            sys.exit(1)
     plopconfig += [
         (Symbol("log_public_key"), paths["logpublickey"]),
         (Symbol("own_key"), (nodename, "%s/%s-private.pem" % (paths["privatekeys"], nodename))),
-- 
cgit v1.1