Skip to content

Commit

Permalink
test/suites: Grep for trusted certificate names with -wF flags.
Browse files Browse the repository at this point in the history 
Signed-off-by: Mark Laing <[email protected]>
  • Loading branch information
@markylaing
markylaing committed Jul 11, 2024
1 parent b958cb8 commit fb08998
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions test/suites/pki.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ test_pki() {
lxc_remote remote add pki-lxd "${LXD5_ADDR}" --accept-certificate --password foo

# Should have trust store entry because `core.trust_ca_certificates` is disabled.
lxc_remote config trust ls pki-lxd: | grep lxd-client
lxc_remote config trust ls pki-lxd: | grep -wF lxd-client

# Should be able to view server config
lxc_remote info pki-lxd: | grep -F 'core.https_address'
Expand Down Expand Up @@ -123,7 +123,7 @@ test_pki() {
lxc_remote remote add pki-lxd "${LXD5_ADDR}" --accept-certificate

# Client cert should not be present in trust store.
! lxc_remote config trust ls pki-lxd: | grep ca-trusted || false
! lxc_remote config trust ls pki-lxd: | grep -wF ca-trusted || false

# Remove remote
lxc_remote remote remove pki-lxd
Expand All @@ -133,7 +133,7 @@ test_pki() {
lxc_remote remote add pki-lxd "${LXD5_ADDR}" --accept-certificate --password=bar

# Client cert should not be present in trust store.
! lxc_remote config trust ls pki-lxd: | grep ca-trusted || false
! lxc_remote config trust ls pki-lxd: | grep -wF ca-trusted || false

# The certificate is trusted as root because `core.trust_ca_certificates` is enabled.
lxc_remote info pki-lxd: | grep -F 'core.https_address'
Expand Down Expand Up @@ -176,7 +176,7 @@ test_pki() {
# Try adding a remote using a revoked client certificate, and the correct password.
# This should fail, and the revoked certificate should not be added to the trust store.
! lxc_remote remote add pki-lxd "${LXD5_ADDR}" --accept-certificate --password foo || false
! lxc config trust ls | grep prior-revoked || false
! lxc config trust ls | grep -wF prior-revoked || false

# Try adding a remote using a revoked client certificate, and an incorrect password.
# This should fail, as if the certificate is revoked and password is wrong then no access should be allowed.
Expand All @@ -188,7 +188,7 @@ test_pki() {
# Try adding a remote using a revoked client certificate, and the correct password.
# This should fail, and the revoked certificate should not be added to the trust store.
! lxc_remote remote add pki-lxd "${LXD5_ADDR}" --accept-certificate --password foo || false
! lxc config trust ls | grep prior-revoked || false
! lxc config trust ls | grep -wF prior-revoked || false

# Try adding a remote using a revoked client certificate, and an incorrect password.
# This should fail, as if the certificate is revoked and password is wrong then no access should be allowed.
Expand Down

0 comments on commit fb08998

Please sign in to comment.