diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-19 00:26:34 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-19 00:26:34 +0100 |
| commit | 3ba285caf93d0c44815dd507a2b5de2ac40222c3 (patch) | |
| tree | 8b3386ca734149684067fc9583dc7c619dc15227 | |
| parent | a9ebc3b434b7979163fdf83984b32f1e513dacb8 (diff) | |
| download | BobinkCOpcUa-3ba285caf93d0c44815dd507a2b5de2ac40222c3.tar.gz BobinkCOpcUa-3ba285caf93d0c44815dd507a2b5de2ac40222c3.zip | |
Remove redundant FindServers step from cert_bootstrap test
| -rwxr-xr-x | tests/run_cert_bootstrap_test.sh | 34 |
1 files changed, 10 insertions, 24 deletions
diff --git a/tests/run_cert_bootstrap_test.sh b/tests/run_cert_bootstrap_test.sh index 5db2b7b..5de2ae6 100755 --- a/tests/run_cert_bootstrap_test.sh +++ b/tests/run_cert_bootstrap_test.sh @@ -3,11 +3,10 @@ # Integration test for certificate bootstrap (TOFU workflow). # # Demonstrates Trust On First Use: -# 1. Client finds servers via LDS (trusted) → success -# 2. Client get-endpoints on ServerRegister → FAILS (untrusted) -# 3. Client download-cert on ServerRegister via None → success -# 4. Client get-endpoints on ServerRegister → success (now trusted) -# 5. Client read-time on ServerRegister → success +# 1. Client get-endpoints on ServerRegister → FAILS (untrusted) +# 2. Client download-cert on ServerRegister via None → success +# 3. Client get-endpoints on ServerRegister → success (now trusted) +# 4. Client read-time on ServerRegister → success # # Usage: tests/run_cert_bootstrap_test.sh <config_dir> # @@ -53,18 +52,7 @@ wait_for_port "$SR_PORT" "$SR_PID" "bobink_opcua_server" TMPFILE=$(mktemp) -# ── Step 1: FindServers on LDS (client trusts LDS) ──────────── -build/bobink_opcua_client "$CONFIG_DIR/client.conf" find-servers "opc.tcp://localhost:$LDS_PORT" >"$TMPFILE" 2>&1 -FS_RC=$? -FS_OUTPUT=$(<"$TMPFILE") - -[ "$FS_RC" -eq 0 ] -check "find-servers exit code is 0 (got $FS_RC)" $? - -echo "$FS_OUTPUT" | grep -q "urn:localhost:bobink:ServerRegister" -check "find-servers contains urn:localhost:bobink:ServerRegister" $? - -# ── Step 2: GetEndpoints on ServerRegister (should FAIL) ────── +# ── Step 1: GetEndpoints on ServerRegister (should FAIL) ────── build/bobink_opcua_client "$CONFIG_DIR/client.conf" get-endpoints "opc.tcp://localhost:$SR_PORT" >"$TMPFILE" 2>&1 GE_FAIL_RC=$? GE_FAIL_OUTPUT=$(<"$TMPFILE") @@ -72,7 +60,7 @@ GE_FAIL_OUTPUT=$(<"$TMPFILE") [ "$GE_FAIL_RC" -ne 0 ] check "get-endpoints FAILS without ServerRegister cert (exit code $GE_FAIL_RC)" $? -# ── Step 3: download-cert from ServerRegister (via None) ────── +# ── Step 2: download-cert from ServerRegister (via None) ────── DOWNLOADED_CERT=$(mktemp --suffix=.der) build/bobink_opcua_client "$CONFIG_DIR/client.conf" download-cert "opc.tcp://localhost:$SR_PORT" "$DOWNLOADED_CERT" >"$TMPFILE" 2>&1 @@ -85,14 +73,14 @@ check "download-cert exit code is 0 (got $DC_RC)" $? echo "$DC_OUTPUT" | grep -q "Certificate saved to" check "download-cert output contains 'Certificate saved to'" $? -# ── Step 4: Verify downloaded cert matches original ─────────── +# ── Step 3: Verify downloaded cert matches original ─────────── cmp -s "$DOWNLOADED_CERT" "$CONFIG_DIR/certs/ServerRegister/cert.der" check "downloaded certificate matches ServerRegister cert.der" $? -# ── Step 5: Install cert into trust_client ──────────────────── +# ── Step 4: Install cert into trust_client ──────────────────── cp "$DOWNLOADED_CERT" "$CONFIG_DIR/certs/trust_client/ServerRegister_cert.der" -# ── Step 6: GetEndpoints on ServerRegister (should succeed) ─── +# ── Step 5: GetEndpoints on ServerRegister (should succeed) ─── build/bobink_opcua_client "$CONFIG_DIR/client.conf" get-endpoints "opc.tcp://localhost:$SR_PORT" >"$TMPFILE" 2>&1 GE_RC=$? GE_OUTPUT=$(<"$TMPFILE") @@ -103,7 +91,7 @@ check "get-endpoints succeeds after cert install (exit code $GE_RC)" $? echo "$GE_OUTPUT" | grep -q "Aes256_Sha256_RsaPss" check "get-endpoints contains Aes256_Sha256_RsaPss" $? -# ── Step 7: ReadTime on ServerRegister (should succeed) ─────── +# ── Step 6: ReadTime on ServerRegister (should succeed) ─────── build/bobink_opcua_client "$CONFIG_DIR/client.conf" read-time "opc.tcp://localhost:$SR_PORT" >"$TMPFILE" 2>&1 RT_RC=$? RT_OUTPUT=$(<"$TMPFILE") @@ -117,8 +105,6 @@ check "read-time output contains 'date is:'" $? # ── result ───────────────────────────────────────────────────── if [ "$FAILURES" -ne 0 ]; then echo "" - echo "--- find-servers output ---" - echo "$FS_OUTPUT" echo "--- get-endpoints (expected fail) output ---" echo "$GE_FAIL_OUTPUT" echo "--- download-cert output ---" |