diff options
| author | Guilhem Moulin <guilhem@debian.org> | 2023-01-25 03:32:04 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@debian.org> | 2023-01-25 03:32:04 +0100 |
| commit | 33687a2e3aea5ae69add7812315445ad23748fab (patch) | |
| tree | 952a06618d7da373043debef8a8c28d4c8371385 /tests/accountd-kid | |
| parent | 2a981ac3829f27d3179eb6b6e682dc17cc9c4225 (diff) | |
| parent | b3af3526b293f396da02a6276ea86ca17dcd2d03 (diff) | |
Merge tag 'v0.8.1' into debian/latest
Release version 0.8.1
Diffstat (limited to 'tests/accountd-kid')
| -rw-r--r-- | tests/accountd-kid | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/tests/accountd-kid b/tests/accountd-kid index e1bd63d..8a4b53c 100644 --- a/tests/accountd-kid +++ b/tests/accountd-kid @@ -23,13 +23,14 @@ EOF SOCKET=~lacme-account/S.lacme runuser -u lacme-account -- lacme-accountd --socket="$SOCKET" --quiet & PID=$! +sleep 1 # newAccount resource fails as per RFC 8555 sec. 6.2 it requires a JWK ! lacme --socket="$SOCKET" account 2>"$STDERR" || fail -grepstderr -Fxq "WARNING: lacme-accountd supplied an empty JWK; try removing 'keyid' setting from lacme-accountd.conf if the ACME resource request fails." +grepstderr -Fxq "Warning: lacme-accountd supplied an empty JWK; try removing 'keyid' setting from lacme-accountd.conf if the ACME resource request fails." grepstderr -Fxq "400 Bad Request (Parse error reading JWS)" -! grep -F ">>> OK signing request: header=" ~lacme-account/.local/share/lacme/accountd.log | \ - grep -vF ">>> OK signing request: header=base64url({\"alg\":\"RS256\",\"jwk\":{}," || exit 1 +grep -F "] SIGNED header=base64url({" ~lacme-account/.local/share/lacme/accountd.log >/tmp/signed +! grep -vF "] SIGNED header=base64url({\"alg\":\"RS256\",\"jwk\":{}," </tmp/signed # rotate log and restart accountd kill $PID @@ -37,6 +38,7 @@ wait rm ~lacme-account/.local/share/lacme/accountd.log runuser -u lacme-account -- lacme-accountd --socket="$SOCKET" --quiet & PID=$! +sleep 1 # newOrder works fine without JWK lacme --socket="$SOCKET" newOrder @@ -46,14 +48,14 @@ test /etc/lacme/simpletest.rsa.crt -nt /etc/lacme/simpletest.rsa.key lacme --socket="$SOCKET" revokeCert /etc/lacme/simpletest.rsa.crt ! lacme --socket="$SOCKET" revokeCert /etc/lacme/simpletest.rsa.crt 2>"$STDERR" || fail grepstderr -Fxq "Revoking /etc/lacme/simpletest.rsa.crt" -grepstderr -Fxq "400 Bad Request (Certificate already revoked)" +grepstderr -Fq "400 Bad Request (unable to revoke" grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.rsa.crt" kill $PID wait # make sure all signing requests have a KID -! grep -F ">>> OK signing request: header=" ~lacme-account/.local/share/lacme/accountd.log | \ - grep -vF ">>> OK signing request: header=base64url({\"alg\":\"RS256\",\"kid\":\"$keyid\"," || exit 1 +grep -F "] SIGNED header=base64url({" ~lacme-account/.local/share/lacme/accountd.log >/tmp/signed +! grep -vF "] SIGNED header=base64url({\"alg\":\"RS256\",\"kid\":\"$keyid\"," </tmp/signed # vim: set filetype=sh : |