diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2026-05-14 13:14:52 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2026-05-14 13:41:06 +0200 |
| commit | 207f0cd7a1d03f8dfe035bb6583b4f4e68ba38b6 (patch) | |
| tree | f544d7979bb8534e518c01b095e9ab1ad0af3ef8 | |
| parent | 2bbabd3515cf709bed612ba50b3f50089ad099aa (diff) | |
Update test suite to match staging server behavior.
| -rw-r--r-- | tests/accountd-kid | 4 | ||||
| -rw-r--r-- | tests/cert-extensions | 6 | ||||
| -rw-r--r-- | tests/cert-revoke | 4 | ||||
| -rw-r--r-- | tests/cert-verify | 2 |
4 files changed, 8 insertions, 8 deletions
diff --git a/tests/accountd-kid b/tests/accountd-kid index 8a4b53c..e6f5ca4 100644 --- a/tests/accountd-kid +++ b/tests/accountd-kid @@ -28,7 +28,7 @@ sleep 1 # newAccount resource fails as per RFC 8555 sec. 6.2 it requires a JWK ! lacme --socket="$SOCKET" account 2>"$STDERR" || fail grepstderr -Fxq "Warning: lacme-accountd supplied an empty JWK; try removing 'keyid' setting from lacme-accountd.conf if the ACME resource request fails." -grepstderr -Fxq "400 Bad Request (Parse error reading JWS)" +grepstderr -Fxq "400 Bad Request (Unable to validate JWS :: Parse error reading JWS)" grep -F "] SIGNED header=base64url({" ~lacme-account/.local/share/lacme/accountd.log >/tmp/signed ! grep -vF "] SIGNED header=base64url({\"alg\":\"RS256\",\"jwk\":{}," </tmp/signed @@ -48,7 +48,7 @@ test /etc/lacme/simpletest.rsa.crt -nt /etc/lacme/simpletest.rsa.key lacme --socket="$SOCKET" revokeCert /etc/lacme/simpletest.rsa.crt ! lacme --socket="$SOCKET" revokeCert /etc/lacme/simpletest.rsa.crt 2>"$STDERR" || fail grepstderr -Fxq "Revoking /etc/lacme/simpletest.rsa.crt" -grepstderr -Fq "400 Bad Request (unable to revoke" +grepstderr -Eq "400 Bad Request \\(Unable to revoke :: no certificate with serial [0-9a-fA-F]+ and status other than revoked\\)" grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.rsa.crt" kill $PID diff --git a/tests/cert-extensions b/tests/cert-extensions index d7e7855..3cb0a43 100644 --- a/tests/cert-extensions +++ b/tests/cert-extensions @@ -25,7 +25,7 @@ x509_check /etc/lacme/test1.crt <<-EOF X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication + TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Alternative Name: @@ -54,7 +54,7 @@ x509_check /etc/lacme/test2.crt <<-EOF X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication + TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Alternative Name: @@ -79,7 +79,7 @@ x509_check /etc/lacme/test3.crt <<-EOF X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication + TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Alternative Name: diff --git a/tests/cert-revoke b/tests/cert-revoke index 179ccba..ead6723 100644 --- a/tests/cert-revoke +++ b/tests/cert-revoke @@ -18,7 +18,7 @@ test /etc/lacme/simpletest.ecdsa.crt -nt /etc/lacme/simpletest.ecdsa.key lacme revokeCert /etc/lacme/simpletest.ecdsa.crt ! lacme revokeCert /etc/lacme/simpletest.ecdsa.crt 2>"$STDERR" || fail grepstderr -Fxq "Revoking /etc/lacme/simpletest.ecdsa.crt" -grepstderr -Fq "400 Bad Request (unable to revoke" +grepstderr -Fq "400 Bad Request (Unable to revoke ::" grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.ecdsa.crt" # and the RSA certificate using the service key @@ -26,7 +26,7 @@ mv -vfT /etc/lacme/simpletest.rsa.key /etc/lacme/account.key lacme revokeCert /etc/lacme/simpletest.rsa.crt ! lacme revokeCert /etc/lacme/simpletest.rsa.crt 2>"$STDERR" || fail grepstderr -Fxq "Revoking /etc/lacme/simpletest.rsa.crt" -grepstderr -Fq "400 Bad Request (unable to revoke" +grepstderr -Fq "400 Bad Request (Unable to revoke ::" grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.rsa.crt" # vim: set filetype=sh : diff --git a/tests/cert-verify b/tests/cert-verify index a6cd336..2138e29 100644 --- a/tests/cert-verify +++ b/tests/cert-verify @@ -20,7 +20,7 @@ grepstderr -Fxq "[simpletest-rsa] Error: Received invalid X.509 certificate from # verification error for unrelated CA bundle cat /etc/ssl/certs/ssl-cert-snakeoil.pem >/usr/share/lacme/ca-certificates.crt ! lacme newOrder 2>"$STDERR" || fail -grepstderr -Fxq "error 20 at 1 depth lookup: unable to get local issuer certificate" +grepstderr -Eq "^error 20 at [1-9][0-9]* depth lookup: unable to get local issuer certificate$" grepstderr -Fxq "[simpletest-rsa] Error: Received invalid X.509 certificate from ACME server!" # use saved bundle as custom CAfile |