From f791d06cff39a93d45936597e8e54ee0defe9a44 Mon Sep 17 00:00:00 2001
From: "Mr. Secure" <ben.github@mrsecure.org>
Date: Fri, 13 Nov 2015 19:51:46 -0600
Subject: [PATCH] apply TLS checks to any socket other than unix:// or fd://

break the docker command line arguments into one option per line,
then find all socket items (H or host), exclude the unix:// and
fd:// sockets, and if there are any left, check for TLS options

Signed-off-by: Mr. Secure <ben.github@mrsecure.org>
---
 tests/2_docker_daemon_configuration.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/2_docker_daemon_configuration.sh b/tests/2_docker_daemon_configuration.sh
index 762d083..242e79c 100644
--- a/tests/2_docker_daemon_configuration.sh
+++ b/tests/2_docker_daemon_configuration.sh
@@ -79,7 +79,7 @@ fi
 
 # 2.9
 check_2_9="2.9  - Configure TLS authentication for Docker daemon"
-get_command_line_args docker | grep "\-H\wtcp://" >/dev/null 2>&1
+get_command_line_args docker | tr "-" "\n" | grep -E '^(H|host)' | grep -vE '(unix|fd)://' >/dev/null 2>&1
 if [ $? -eq 0 ]; then
   get_command_line_args docker | grep "tlsverify" | grep "tlskey" >/dev/null 2>&1
   if [ $? -eq 0 ]; then