#!/usr/bin/env bash # --------------------------------------------------------------- # Integration test for the download-cert client operation. # # Starts a secure ServerLDS, downloads its certificate via the # client's download-cert operation, and compares the downloaded # file with the original certificate on disk. # # Usage: tests/run_download_cert_test.sh # # Exit: 0 when all checks pass, 1 on any failure. # --------------------------------------------------------------- set -uo pipefail source "$(dirname "$0")/test_helpers.sh" CONFIG_DIR="${1:?Usage: $0 }" LDS_PORT=14840 LDS_PID="" TMPFILE="" DOWNLOADED_CERT="" # ── cleanup ──────────────────────────────────────────────────── cleanup() { [ -n "$LDS_PID" ] && kill "$LDS_PID" 2>/dev/null && wait "$LDS_PID" 2>/dev/null [ -n "$TMPFILE" ] && rm -f "$TMPFILE" [ -n "$DOWNLOADED_CERT" ] && rm -f "$DOWNLOADED_CERT" } trap cleanup EXIT assert_ports_free "$LDS_PORT" # ── start LDS ────────────────────────────────────────────────── build/bobink_opcua_discovery_server "$CONFIG_DIR/server_lds.conf" >/dev/null 2>&1 & LDS_PID=$! wait_for_port "$LDS_PORT" "$LDS_PID" "bobink_opcua_discovery_server" # ── download certificate ─────────────────────────────────────── TMPFILE=$(mktemp) DOWNLOADED_CERT=$(mktemp --suffix=.der) build/client "$CONFIG_DIR/client.conf" download-cert "opc.tcp://localhost:$LDS_PORT" "$DOWNLOADED_CERT" >"$TMPFILE" 2>&1 DC_RC=$? DC_OUTPUT=$(<"$TMPFILE") [ "$DC_RC" -eq 0 ] check "download-cert exit code is 0 (got $DC_RC)" $? echo "$DC_OUTPUT" | grep -q "Certificate saved to" check "download-cert output contains 'Certificate saved to'" $? # ── compare with original ───────────────────────────────────── cmp -s "$DOWNLOADED_CERT" "$CONFIG_DIR/certs/ServerLDS/cert.der" check "downloaded certificate matches $CONFIG_DIR/certs/ServerLDS/cert.der" $? # ── result ───────────────────────────────────────────────────── if [ "$FAILURES" -ne 0 ]; then echo "" echo "--- download-cert output ---" echo "$DC_OUTPUT" echo "--- end ---" exit 1 fi exit 0