blob: f20609ceffe9a6b82334e1edb35e8f058c84f087 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
#!/usr/bin/env bash
# ---------------------------------------------------------------
# Integration test for the download-cert client operation.
#
# Starts a secure ServerLDS, downloads its certificate via the
# client's download-cert operation, and compares the downloaded
# file with the original certificate on disk.
#
# Usage: tests/run_download_cert_test.sh <config_dir>
#
# Exit: 0 when all checks pass, 1 on any failure.
# ---------------------------------------------------------------
set -uo pipefail
CONFIG_DIR="${1:?Usage: $0 <config_dir>}"
LDS_PORT=14840
LDS_PID=""
TMPFILE=""
DOWNLOADED_CERT=""
FAILURES=0
# ── cleanup ────────────────────────────────────────────────────
cleanup() {
[ -n "$LDS_PID" ] && kill "$LDS_PID" 2>/dev/null && wait "$LDS_PID" 2>/dev/null
[ -n "$TMPFILE" ] && rm -f "$TMPFILE"
[ -n "$DOWNLOADED_CERT" ] && rm -f "$DOWNLOADED_CERT"
}
trap cleanup EXIT
# ── helpers ────────────────────────────────────────────────────
wait_for_port() {
local port="$1" pid="$2" label="$3" i=0
while [ $i -lt 50 ]; do
if ! kill -0 "$pid" 2>/dev/null; then
echo "FAIL: $label exited prematurely"
exit 1
fi
if ss -tlnp 2>/dev/null | grep -q ":${port} "; then
return 0
fi
sleep 0.1
i=$((i + 1))
done
echo "FAIL: $label did not listen on port $port within 5 s"
exit 1
}
check() {
local label="$1" result="$2"
if [ "$result" -eq 0 ]; then
echo "PASS: $label"
else
echo "FAIL: $label"
FAILURES=$((FAILURES + 1))
fi
}
# ── port check ─────────────────────────────────────────────────
if ss -tlnp 2>/dev/null | grep -q ":${LDS_PORT} "; then
echo "FAIL: port $LDS_PORT is already in use"
exit 1
fi
# ── start LDS ──────────────────────────────────────────────────
build/ServerLDS "$CONFIG_DIR/server_lds.conf" >/dev/null 2>&1 &
LDS_PID=$!
wait_for_port "$LDS_PORT" "$LDS_PID" "ServerLDS"
# ── download certificate ───────────────────────────────────────
TMPFILE=$(mktemp)
DOWNLOADED_CERT=$(mktemp --suffix=.der)
build/Client "$CONFIG_DIR/client.conf" download-cert "opc.tcp://localhost:$LDS_PORT" "$DOWNLOADED_CERT" >"$TMPFILE" 2>&1
DC_RC=$?
DC_OUTPUT=$(<"$TMPFILE")
[ "$DC_RC" -eq 0 ]
check "download-cert exit code is 0 (got $DC_RC)" $?
echo "$DC_OUTPUT" | grep -q "Certificate saved to"
check "download-cert output contains 'Certificate saved to'" $?
# ── compare with original ─────────────────────────────────────
cmp -s "$DOWNLOADED_CERT" "$CONFIG_DIR/certs/ServerLDS/cert.der"
check "downloaded certificate matches $CONFIG_DIR/certs/ServerLDS/cert.der" $?
# ── result ─────────────────────────────────────────────────────
if [ "$FAILURES" -ne 0 ]; then
echo ""
echo "--- download-cert output ---"
echo "$DC_OUTPUT"
echo "--- end ---"
exit 1
fi
exit 0
|
