From 9326543c2e65b986e7537465ee52f0ec44639338 Mon Sep 17 00:00:00 2001 From: Christopher Odenbach Date: Sun, 26 Mar 2017 22:36:58 +0200 Subject: Added tests for virtual port behaviour. Separated from all other tests this time. --- plugins/tests/check_http.t | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) (limited to 'plugins/tests/check_http.t') diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 1bc0ecb7..d6d31de1 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -20,6 +20,7 @@ use FindBin qw($Bin); $ENV{'LC_TIME'} = "C"; my $common_tests = 70; +my $virtual_port_tests = 8; my $ssl_only_tests = 8; # Check that all dependent modules are available eval "use HTTP::Daemon 6.01;"; @@ -33,7 +34,7 @@ if ($@) { plan skip_all => "Missing required module for test: $@"; } else { if (-x "./check_http") { - plan tests => $common_tests * 2 + $ssl_only_tests; + plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests; } else { plan skip_all => "No check_http compiled"; } @@ -158,6 +159,11 @@ sub run_server { $c->send_basic_header; $c->send_header('foo'); $c->send_crlf; + } elsif ($r->url->path eq "/virtual_port") { + # return sent Host header + $c->send_basic_header; + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host'))); } else { $c->send_error(HTTP::Status->RC_FORBIDDEN); } @@ -207,6 +213,37 @@ SKIP: { } +my $cmd; +# check virtual port behaviour +# +# http without virtual port +$cmd = "$command -p $port_http -u /virtual_port -r ^127.0.0.1:$port_http\$"; +$result = NPTest->testCmd( $cmd ); +is( $result->return_code, 0, $cmd); +like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + +# http with virtual port +$cmd = "$command:80 -p $port_http -u /virtual_port -r ^127.0.0.1\$"; +$result = NPTest->testCmd( $cmd ); +is( $result->return_code, 0, $cmd); +like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + +SKIP: { + skip "HTTP::Daemon::SSL not installed", 4 if ! exists $servers->{https}; + # https without virtual port + $cmd = "$command -p $port_https --ssl -u /virtual_port -r ^127.0.0.1:$port_https\$"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + # https with virtual port + $cmd = "$command:443 -p $port_https --ssl -u /virtual_port -r ^127.0.0.1\$"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); +} + + sub run_common_tests { my ($opts) = @_; my $command = $opts->{command}; @@ -392,7 +429,7 @@ sub run_common_tests { # Test an external address - timeout SKIP: { - skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL}); + skip "This doesn't seem to work all the time", 1 unless ($ENV{HTTP_EXTERNAL}); $cmd = "$command -f follow -u /redir_external -t 5"; eval { $result = NPTest->testCmd( $cmd, 2 ); -- cgit v1.2.3-74-g34f1 From e9239b556a4748bb06f5f46a2bedbf0114cd099a Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Sat, 18 Mar 2017 22:48:35 +0100 Subject: check_curl: make check_curl use the same tests as check_http --- plugins/t/check_curl.t | 201 +-------------------------------------------- plugins/t/check_http.t | 68 +++++++-------- plugins/tests/check_curl.t | 1 + plugins/tests/check_http.t | 9 +- 4 files changed, 43 insertions(+), 236 deletions(-) mode change 100644 => 120000 plugins/t/check_curl.t create mode 120000 plugins/tests/check_curl.t (limited to 'plugins/tests/check_http.t') diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t deleted file mode 100644 index 3c36a268..00000000 --- a/plugins/t/check_curl.t +++ /dev/null @@ -1,200 +0,0 @@ -#! /usr/bin/perl -w -I .. -# -# HyperText Transfer Protocol (HTTP) Test via check_curl -# -# - -use strict; -use Test::More; -use POSIX qw/mktime strftime/; -use NPTest; - -plan tests => 49; - -my $successOutput = '/OK.*HTTP.*second/'; - -my $res; - -my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", - "A host providing the HTTP Service (a web server)", - "localhost" ); - -my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", - "A host providing the HTTPS Service (a tls web server)" ); - -my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", - "the common name of the certificate." ); - - -my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", - "The hostname of system not responsive to network requests", - "10.0.0.1" ); - -my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", - "An invalid (not known to DNS) hostname", - "nosuchhost"); - -my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", - "Is this system directly connected to the internet?", - "yes"); - -my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", - "A host providing an index page containing the string 'monitoring'", - "test.monitoring-plugins.org" ); - -my $faketime = -x '/usr/bin/faketime' ? 1 : 0; - - -$res = NPTest->testCmd( - "./check_curl $host_tcp_http -wt 300 -ct 600" - ); -cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); -like( $res->output, $successOutput, "Output OK" ); - -$res = NPTest->testCmd( - "./check_curl $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" - ); -like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); - -$res = NPTest->testCmd( - "./check_curl $host_nonresponsive -wt 1 -ct 2 -t 3" - ); -cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); -cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); - -$res = NPTest->testCmd( - "./check_curl $hostname_invalid -wt 1 -ct 2" - ); -cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); -# The first part of the message comes from the OS catalogue, so cannot check this. -# On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename -# Is also possible to get a socket timeout if DNS is not responding fast enough -like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); - -# host header checks -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http"); -like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); - -SKIP: { - skip "No internet access", 3 if $internet_access eq "no"; - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http -S"); - like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:8080 -S -p 443"); - like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:443 -S -p 443"); - like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); -}; - -SKIP: { - skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring'" ); - cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing'" ); - cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); - like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -R 'mONiTORing'" ); - cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); - cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); - like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); - cmp_ok( $res->return_code, "==", 0, "And also when not found"); -} -SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; - - $res = NPTest->testCmd( - "./check_curl --ssl $host_tls_http" - ); - cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); - - $res = NPTest->testCmd( "./check_curl -C 1 --ssl $host_tls_http" ); - cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); - like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); - my $saved_cert_output = $res->output; - - $res = NPTest->testCmd( "./check_curl -C 8000,1 --ssl $host_tls_http" ); - cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); - like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); - - $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); - is( $res->return_code, 0, "Old syntax for cert checking okay" ); - is( $res->output, $saved_cert_output, "Same output as new syntax" ); - - $res = NPTest->testCmd( "./check_curl -H $host_tls_http -C 1" ); - is( $res->return_code, 0, "Updated syntax for cert checking okay" ); - is( $res->output, $saved_cert_output, "Same output as new syntax" ); - - $res = NPTest->testCmd( "./check_curl -C 1 $host_tls_http" ); - cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); - - $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); - cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); - - # run some certificate checks with faketime - SKIP: { - skip "No faketime binary found", 12 if !$faketime; - $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); - is( $res->return_code, 0, "Catch cert output exit code" ); - my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); - if(!defined $year) { - die("parsing date failed from: ".$res->output); - } - my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; - my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); - my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); - is( $res->return_code, 2, "Output on expire date" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); - is( $res->return_code, 2, "cert expires in 1 second exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); - is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); - is( $res->return_code, 2, "cert expires in 2 hours exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); - is( $res->return_code, 2, "Certificate expired exit code" ); - }; - - $res = NPTest->testCmd( "./check_curl --ssl $host_tls_http -E" ); - like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); - like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); - - $res = NPTest->testCmd( - "./check_curl --ssl -H www.e-paycobalt.com" - ); - cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - - - $res = NPTest->testCmd( "./check_curl -H www.mozilla.com -u /firefox -f follow" ); - is( $res->return_code, 0, "Redirection based on location is okay"); - - $res = NPTest->testCmd( "./check_curl -H www.mozilla.com --extended-perfdata" ); - like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); -} diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t new file mode 120000 index 00000000..a54db967 --- /dev/null +++ b/plugins/t/check_curl.t @@ -0,0 +1 @@ +check_http.t \ No newline at end of file diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index 8bd484a0..281fa362 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t @@ -14,6 +14,8 @@ plan tests => 49; my $successOutput = '/OK.*HTTP.*second/'; my $res; +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", @@ -46,24 +48,24 @@ my $faketime = -x '/usr/bin/faketime' ? 1 : 0; $res = NPTest->testCmd( - "./check_http $host_tcp_http -wt 300 -ct 600" + "./$plugin $host_tcp_http -wt 300 -ct 600" ); cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); like( $res->output, $successOutput, "Output OK" ); $res = NPTest->testCmd( - "./check_http $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" + "./$plugin $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" ); like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); $res = NPTest->testCmd( - "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3" + "./$plugin $host_nonresponsive -wt 1 -ct 2 -t 3" ); cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); $res = NPTest->testCmd( - "./check_http $hostname_invalid -wt 1 -ct 2" + "./$plugin $hostname_invalid -wt 1 -ct 2" ); cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); # The first part of the message comes from the OS catalogue, so cannot check this. @@ -72,86 +74,86 @@ cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); # host header checks -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); SKIP: { skip "No internet access", 3 if $internet_access eq "no"; - $res = NPTest->testCmd("./check_http -v -H $host_tls_http -S"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http -S"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); - $res = NPTest->testCmd("./check_http -v -H $host_tls_http:8080 -S -p 443"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:8080 -S -p 443"); like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); - $res = NPTest->testCmd("./check_http -v -H $host_tls_http:443 -S -p 443"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:443 -S -p 443"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); }; SKIP: { skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'monitoring'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring'" ); cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'mONiTORing'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing'" ); cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -R 'mONiTORing'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -R 'mONiTORing'" ); cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { skip "No internet access", 16 if $internet_access eq "no"; $res = NPTest->testCmd( - "./check_http --ssl $host_tls_http" + "./$plugin --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); - $res = NPTest->testCmd( "./check_http -C 1 --ssl $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 1 --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); my $saved_cert_output = $res->output; - $res = NPTest->testCmd( "./check_http -C 8000,1 --ssl $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 8000,1 --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); - $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); is( $res->return_code, 0, "Old syntax for cert checking okay" ); is( $res->output, $saved_cert_output, "Same output as new syntax" ); - $res = NPTest->testCmd( "./check_http -H $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin -H $host_tls_http -C 1" ); is( $res->return_code, 0, "Updated syntax for cert checking okay" ); is( $res->output, $saved_cert_output, "Same output as new syntax" ); - $res = NPTest->testCmd( "./check_http -C 1 $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 1 $host_tls_http" ); cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); - $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); # run some certificate checks with faketime SKIP: { skip "No faketime binary found", 12 if !$faketime; - $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./$plugin -C 1 $host_tls_http"); like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); is( $res->return_code, 0, "Catch cert output exit code" ); my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); @@ -161,40 +163,40 @@ SKIP: { my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); is( $res->return_code, 2, "Output on expire date" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); is( $res->return_code, 2, "cert expires in 1 second exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); is( $res->return_code, 2, "cert expires in 2 hours exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); is( $res->return_code, 2, "Certificate expired exit code" ); }; - $res = NPTest->testCmd( "./check_http --ssl $host_tls_http -E" ); + $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http -E" ); like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); $res = NPTest->testCmd( - "./check_http --ssl -H www.e-paycobalt.com" + "./$plugin --ssl -H www.e-paycobalt.com" ); cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - $res = NPTest->testCmd( "./check_http -H www.mozilla.com -u /firefox -f follow" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f follow" ); is( $res->return_code, 0, "Redirection based on location is okay"); - $res = NPTest->testCmd( "./check_http -H www.mozilla.com --extended-perfdata" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com --extended-perfdata" ); like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); } diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t new file mode 120000 index 00000000..a54db967 --- /dev/null +++ b/plugins/tests/check_curl.t @@ -0,0 +1 @@ +check_http.t \ No newline at end of file diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d6d31de1..f5c570ac 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -30,13 +30,16 @@ eval { require HTTP::Response; }; +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; + if ($@) { plan skip_all => "Missing required module for test: $@"; } else { - if (-x "./check_http") { + if (-x "./$plugin") { plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests; } else { - plan skip_all => "No check_http compiled"; + plan skip_all => "No $plugin compiled"; } } @@ -185,7 +188,7 @@ if ($ARGV[0] && $ARGV[0] eq "-d") { } my $result; -my $command = "./check_http -H 127.0.0.1"; +my $command = "./$plugin -H 127.0.0.1"; run_common_tests( { command => "$command -p $port_http" } ); SKIP: { -- cgit v1.2.3-74-g34f1 From 8442ed5b41a68f6623492235b132c21735d51897 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Tue, 19 Feb 2019 16:35:28 +0100 Subject: renew test certificates Signed-off-by: Sven Nierlein --- plugins/tests/certs/server-cert.pem | 41 +++++++++++++++++++---------------- plugins/tests/certs/server-key.pem | 43 ++++++++++++++++++++++++------------- plugins/tests/check_http.t | 16 +++++++------- 3 files changed, 58 insertions(+), 42 deletions(-) (limited to 'plugins/tests/check_http.t') diff --git a/plugins/tests/certs/server-cert.pem b/plugins/tests/certs/server-cert.pem index 549e4f7e..b84b91d2 100644 --- a/plugins/tests/certs/server-cert.pem +++ b/plugins/tests/certs/server-cert.pem @@ -1,21 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIDYzCCAsygAwIBAgIJAL8LkpNwzYdxMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV -BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV -BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG -SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNTIxNDEyOFoXDTE5MDMw -MzIxNDEyOFowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN -BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT -CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ -KoZIhvcNAQEBBQADgY0AMIGJAoGBAKcWMBtNtfY8vZXk0SN6/EYTVN/LOvaOSegy -oVdLoGwuwjagk+XmCzvCqHZRp8lnCLay7AO8AQI7TSN02ihCcSrgGA9OT+HciIJ1 -l5/kEYUAuA1PR6YKK/T713zUAlMzy2tsugx5+xSsSEwsXkmne52jJiG/wuE5CLT0 -9pF8HQqHAgMBAAGjgeYwgeMwHQYDVR0OBBYEFGioSPQ/rdE19+zaeY2YvHTXlUDI -MIGzBgNVHSMEgaswgaiAFGioSPQ/rdE19+zaeY2YvHTXlUDIoYGEpIGBMH8xCzAJ -BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx -FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG -CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAvwuSk3DNh3EwDAYDVR0TBAUw -AwEB/zANBgkqhkiG9w0BAQQFAAOBgQCdqasaIO6JiV5ONFG6Tr1++85UfEdZKMUX -N2NHiNNUunolIZEYR+dW99ezKmHlDiQ/tMgoLVYpl2Ubho2pAkLGQR+W0ZASgWQ1 -NjfV27Rv0y6lYQMTA0lVAU93L1x9reo3FMedmL5+H+lIEpLCxEPtAJNISrJOneZB -W5jDadwkoQ== +MIIEBjCCAu6gAwIBAgIJANbQ5QQrKhUGMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYD +VQQGEwJERTEQMA4GA1UECAwHQmF2YXJpYTEPMA0GA1UEBwwGTXVuaWNoMRswGQYD +VQQKDBJNb25pdG9yaW5nIFBsdWdpbnMxGzAZBgNVBAMMEk1vbml0b3JpbmcgUGx1 +Z2luczErMCkGCSqGSIb3DQEJARYcZGV2ZWxAbW9uaXRvcmluZy1wbHVnaW5zLm9y +ZzAeFw0xOTAyMTkxNTMxNDRaFw0yOTAyMTYxNTMxNDRaMIGXMQswCQYDVQQGEwJE +RTEQMA4GA1UECAwHQmF2YXJpYTEPMA0GA1UEBwwGTXVuaWNoMRswGQYDVQQKDBJN +b25pdG9yaW5nIFBsdWdpbnMxGzAZBgNVBAMMEk1vbml0b3JpbmcgUGx1Z2luczEr +MCkGCSqGSIb3DQEJARYcZGV2ZWxAbW9uaXRvcmluZy1wbHVnaW5zLm9yZzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKgV2yp8pQvJuN+aJGdAe6Hd0tja +uteCPcNIcM92WLOF69TLTSYon1XDon4tHTh4Z5d4lD8bfsGzFVBmDSgWidhAUf+v +EqEXwbp293ej/Frc0pXCvmrz6kI1tWrLtQhL/VdbxFYxhV7JjKb+PY3SxGFpSLPe +PQ/5SwVndv7rZIwcjseL22K5Uy2TIrkgzzm2pRs/IvoxRybYr/+LGoHyrtJC6AO8 +ylp8A/etL0gwtUvRnrnZeTQ2pA1uZ5QN3anTL8JP/ZRZYNegIkaawqMtTKbhM6pi +u3/4a3Uppvt0y7vmGfQlYejxCpICnMrvHMpw8L58zv/98AbCGjDU3UwCt6MCAwEA +AaNTMFEwHQYDVR0OBBYEFG/UH6nGYPlVcM75UXzXBF5GZyrcMB8GA1UdIwQYMBaA +FG/UH6nGYPlVcM75UXzXBF5GZyrcMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN +AQELBQADggEBAGwitJPOnlIKLndNf+iCLMIs0dxsl8kAaejFcjoT0n4ja7Y6Zrqz +VSIidzz9vQWvy24xKJpAOdj/iLRHCUOG+Pf5fA6+/FiuqXr6gE2/lm0eC58BNONr +E5OzjQ/VoQ8RX4hDntgu6FYbaVa/vhwn16igt9qmdNGGZXf2/+DM3JADwyaA4EK8 +vm7KdofX9zkxXecHPNvf3jiVLPiDDt6tkGpHPEsyP/yc+RUdltUeZvHfliV0cCuC +jJX+Fm9ysjSpHIFFr+jUMuMHibWoOD8iy3eYxfCDoWsH488pCbj8MNuAq6vd6DBk +bOZxDz43vjWuYMkwXJTxJQh7Pne6kK0vE1g= -----END CERTIFICATE----- diff --git a/plugins/tests/certs/server-key.pem b/plugins/tests/certs/server-key.pem index eacaeaa3..11947555 100644 --- a/plugins/tests/certs/server-key.pem +++ b/plugins/tests/certs/server-key.pem @@ -1,15 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQCnFjAbTbX2PL2V5NEjevxGE1Tfyzr2jknoMqFXS6BsLsI2oJPl -5gs7wqh2UafJZwi2suwDvAECO00jdNooQnEq4BgPTk/h3IiCdZef5BGFALgNT0em -Civ0+9d81AJTM8trbLoMefsUrEhMLF5Jp3udoyYhv8LhOQi09PaRfB0KhwIDAQAB -AoGAfpxclcP8N3vteXErXURrd7pcXT0GECDgNjhvc9PV20RPXM+vYs1AA+fMeeQE -TaRqwO6x016aMRO4rz5ztYArecTBznkds1k59pkN/Ne/nsueU4tvGK8MNyS2o986 -Voohqkaq4Lcy1bcHJb9su1ELjegEr1R76Mz452Hsy+uTbAECQQDcg/tZWKVeh5CQ -dOEB3YWHwfn0NDgfPm/X2i2kAZ7n7URaUy/ffdlfsrr1mBtHCfedLoOxmmlNfEpM -hXAAurSHAkEAwfk7fEb0iN0Sj9gTozO7c6Ky10KwePZyjVzqSQIiJq3NX8BEaIeb -51TXxE5VxaLjjMLRkA0hWTYXClgERFZ6AQJAN7ChPqwzf08PRFwwIw911JY5cOHr -NoDHMCUql5vNLNdwBruxgGjBB/kUXEfgw60RusFvgt/zLh1wiii844JDawJAGQBF -sYP3urg7zzx7c3qUe5gJ0wLuefjR1PSX4ecbfb7DDMdcSdjIuG1QDiZGmd2f1KG7 -nwSCOtxk5dloW2KGAQJAQh/iBn0QhfKLFAP5eZBVk8E8XlZuw+S2DLy5SnBlIiYJ -GB5I2OClgtudXMv1labFrcST8O9eFrtsrhU1iUGUOw== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCoFdsqfKULybjf +miRnQHuh3dLY2rrXgj3DSHDPdlizhevUy00mKJ9Vw6J+LR04eGeXeJQ/G37BsxVQ +Zg0oFonYQFH/rxKhF8G6dvd3o/xa3NKVwr5q8+pCNbVqy7UIS/1XW8RWMYVeyYym +/j2N0sRhaUiz3j0P+UsFZ3b+62SMHI7Hi9tiuVMtkyK5IM85tqUbPyL6MUcm2K// +ixqB8q7SQugDvMpafAP3rS9IMLVL0Z652Xk0NqQNbmeUDd2p0y/CT/2UWWDXoCJG +msKjLUym4TOqYrt/+Gt1Kab7dMu75hn0JWHo8QqSApzK7xzKcPC+fM7//fAGwhow +1N1MArejAgMBAAECggEANuvdTwanTzC8jaNqHaq+OuemS2E9B8nwsGxtH/zFgvNR +WZiMPtmrJnTkFWJcV+VPw/iMSAqN4nDHmBugVOb4Z4asxGTKK4T9shXJSnh0rqPU +00ZsvbmxY6z0+E5TesCJqQ+9GYTY1V357V7JchvaOxIRxWPqg9urHbru8OCtW/I5 +Fh5HPUZlgCvlMpjlhyjydIf/oXyVA3RNsXlwe8+2cKuGIrjEzm2j9o3VF0sctTX0 +ItP8A9qDmDQN7GIWX0MW6gncojpS1omC2wcFsdjj/xfPyiDal1X4aq/2YqG8351c +YlM/+6Va0u9WWE/i64gASTAVqpMV4Yg8y0gGycuA0QKBgQDbgI2QeLd3FvMcURiU +l3w9qJgw/Jp3jaNC/9LkVGGz4f4lKKB67lPZvI4noMK8GqO/LcXgqP/RY1oJojoA +/6JKVvzYGASZ7VgMoG9bk1AneP1PGdibuTUEwimGlcObxnDFIC/yjwPFu3jIdqdS +zZi1RZzyqAogN5y3SBEypSmn9wKBgQDECKsqqlcizmCl8v5aVk875AzGN+DOHZqx +bkmztlnLO/2e2Fmk3G5Vvnui0FYisf8Eq19tUTQCF6lSfJlGQeFAT119wkFZhLu+ +FfLGqoEMH0ijJg/8PpdpFRK3I94YcISoTNN6yxMvE6xdDGfKCt5a+IX5bwQi9Zdc +B242gEc6tQKBgA6tM8n7KFlAIZU9HuWgk2AUC8kKutFPmSD7tgAqXDYI4FNfugs+ +MEEYyHCB4UNujJBV4Ss6YZCAkh6eyD4U2aca1eElCfm40vBVMdzvpqZdAqLtWXxg +D9l3mgszrFaYGCY2Fr6jLV9lP5g3xsxUjudf9jSLY9HvpfzjRrMaNATVAoGBALTl +/vYfPMucwKlC5B7++J0e4/7iv6vUu9SyHocdZh1anb9AjPDKjXLIlZT4RhQ8R0XK +0wOw5JpttU2uN08TKkbLNk3/vYhbKVjPLjrQSseh8sjDLgsqw1QwIxYnniLVakVY +p+rvjSNrNyqicQCMKQavwgocvSd5lJRTMwxOMezlAoGBAKWj71BX+0CK00/2S6lC +TcNcuUPG0d8y1czZ4q6tUlG4htwq1FMOpaghATXjkdsOGTLS+H1aA0Kt7Ai9zDhc +/bzOJEJ+jvBXV4Gcs7jl1r/HTKv0tT9ZSI5Vzkida0rfqxDGzcMVlLuCdH0cb8Iu +N0wdmCAqlQwHR13+F1zrAD7V +-----END PRIVATE KEY----- diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d6d31de1..006f1339 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -4,13 +4,13 @@ # # To create the https server certificate: # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes -# Country Name (2 letter code) [AU]:UK -# State or Province Name (full name) [Some-State]:Derbyshire -# Locality Name (eg, city) []:Belper +# Country Name (2 letter code) [AU]:DE +# State or Province Name (full name) [Some-State]:Bavaria +# Locality Name (eg, city) []:Munich # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins # Organizational Unit Name (eg, section) []: -# Common Name (eg, YOUR name) []:Ton Voon -# Email Address []:tonvoon@mac.com +# Common Name (e.g. server FQDN or YOUR name) []:Monitoring Plugins +# Email Address []:devel@monitoring-plugins.org use strict; use Test::More; @@ -194,16 +194,16 @@ SKIP: { $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); - is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" ); + is( $result->output, "OK - Certificate 'Monitoring Plugins' will expire on Fri Feb 16 15:31:44 2029 +0000.", "output ok" ); $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); - like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); + like( $result->output, '/WARNING - Certificate \'Monitoring Plugins\' expires in \d+ day\(s\) \(Fri Feb 16 15:31:44 2029 \+0000\)./', "output ok" ); # Expired cert tests $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); - like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); + like( $result->output, '/CRITICAL - Certificate \'Monitoring Plugins\' expires in \d+ day\(s\) \(Fri Feb 16 15:31:44 2029 \+0000\)./', "output ok" ); $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); -- cgit v1.2.3-74-g34f1 From 072e97d5de3f147aef1eae41222385352fb8df73 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 15 May 2020 13:33:48 +0200 Subject: tests: update expired test certificate the certificate used to test expired http checks is to old to be used with recent ssl libraries and results in: > SSL routines:SSL_CTX_use_certificate:ee key too small unfortunatly the error is only visible when setting $IO::Socket::SSL::DEBUG in the check_http.t file. --- plugins/tests/certs/expired-cert.pem | 41 ++++++++++++++++++---------------- plugins/tests/certs/expired-key.pem | 43 +++++++++++++++++++++++------------- plugins/tests/check_http.t | 4 +++- 3 files changed, 53 insertions(+), 35 deletions(-) (limited to 'plugins/tests/check_http.t') diff --git a/plugins/tests/certs/expired-cert.pem b/plugins/tests/certs/expired-cert.pem index 40324cf8..77a9166e 100644 --- a/plugins/tests/certs/expired-cert.pem +++ b/plugins/tests/certs/expired-cert.pem @@ -1,21 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIDYzCCAsygAwIBAgIJAJISzcX71f5pMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV -BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV -BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG -SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNjAwMTMxNVoXDTA5MDMw -NTAwMTMxNlowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN -BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT -CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ -KoZIhvcNAQEBBQADgY0AMIGJAoGBAOQHP4JnzACi4q6quXAiK+gTSffG6yyjEV+K -iyutRgBF2MdF03X5ls0wENw/5fnMTrHynl4XoGoV/rD4CR2hGT0m7dv7Vu0MRLlP -J1SCiFeMuQS30zzLMJr0A7IW869qRlKQmzxs1JT6XDbSoNQuF154zoxwNsKlMjoX -tJSHN2YpAgMBAAGjgeYwgeMwHQYDVR0OBBYEFHWjM9OQldrDLMcAfPnUVfGxlzOp -MIGzBgNVHSMEgaswgaiAFHWjM9OQldrDLMcAfPnUVfGxlzOpoYGEpIGBMH8xCzAJ -BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx -FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG -CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAkhLNxfvV/mkwDAYDVR0TBAUw -AwEB/zANBgkqhkiG9w0BAQQFAAOBgQDHjoXoGwBamCiNplTt93jH/TO08RATdZP5 -45hlxv2+PKCjjTiFa2mjAvopFiqmYsr40XYEmpeYMiaOzOW5rBjtqBAT/JJWyfda -SCmj3swqyKus63rv/iuokIhZzBdhbB+eOJJrmwT2SEc5KdRaipH0QAGF1nZAAGzo -6xW7hkzYog== +MIIEETCCAvmgAwIBAgIUFDsP6WnV/uqeQMpD/DYSqouE13kwDQYJKoZIhvcNAQEL +BQAwgZcxCzAJBgNVBAYTAkRFMRAwDgYDVQQIDAdCYXZhcmlhMQ8wDQYDVQQHDAZN +dW5pY2gxGzAZBgNVBAoMEk1vbml0b3JpbmcgUGx1Z2luczEbMBkGA1UEAwwSTW9u +aXRvcmluZyBQbHVnaW5zMSswKQYJKoZIhvcNAQkBFhxkZXZlbEBtb25pdG9yaW5n +LXBsdWdpbnMub3JnMB4XDTA4MDEwMTExMDAyNloXDTA4MDEwMjExMDAyNlowgZcx +CzAJBgNVBAYTAkRFMRAwDgYDVQQIDAdCYXZhcmlhMQ8wDQYDVQQHDAZNdW5pY2gx +GzAZBgNVBAoMEk1vbml0b3JpbmcgUGx1Z2luczEbMBkGA1UEAwwSTW9uaXRvcmlu +ZyBQbHVnaW5zMSswKQYJKoZIhvcNAQkBFhxkZXZlbEBtb25pdG9yaW5nLXBsdWdp +bnMub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeHKwKFjJWUX +YHKsisypUf9dHlIPQAISyGP1BX6UL26ZLvE6kKbx3LFQ9W2POGoQWlzFiB1soGeV +WDd0U0JtWdCKmOXWdcXpupQlTSUtRCMDQkfqLN8GR5TBTd73rezp5mz08nMfLwu0 +p5VQ191Ui8JHFgrAOalAn8Uw5De8vj4VmTXmU5NJ2UFoC0ddU/Th/lwRCayHc1cn +MVq2F7c/uhMUUQYNBmJy0pxoHawp+j9NKl/xIYsjgQNgahQyNuswuGHjaEwhPu+7 +G03XsW4ehu+H1898M/MkSln6LQAU1syoJ8ypPM8tV+zgx4uwj7udnZ2hceN95uW7 +0PWg5DQyUwIDAQABo1MwUTAdBgNVHQ4EFgQUt9ps3KJ1XiMuy/ijFBjMzf6jgwkw +HwYDVR0jBBgwFoAUt9ps3KJ1XiMuy/ijFBjMzf6jgwkwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAQEAVPBZwMHbrnHFbmhbcPuvYd5cxk0uSVNAUzsl +2biCq5P+ZHo10VHGygXtdV4utqk/IrAt2u5qSxycWPStCtAgTd3Q8ncfjOkaHM4z +2bxTkhLyQeU8NWPuDBqDszo2GOaFTv+lm36LEKiAfqB1tjQVePSkycdrWIhkamBV +EgMe6uHLdU7QQk1ajQfrBdakN1beqki/dKieA6gm+XF/QS4SSYINmsHB/2X5cT9U +b/KMB8xurCnuJQuk1P4VsSkJCOSeHjWZgK9pKNdsIJZr4wDVfhjQgU0XT6xakSf7 +eCaHtO0VKsbLZoiTmpxidjsdYiXyeKYIQNtUpTjyJ5V/cZsq9w== -----END CERTIFICATE----- diff --git a/plugins/tests/certs/expired-key.pem b/plugins/tests/certs/expired-key.pem index af0e24da..c1510b2d 100644 --- a/plugins/tests/certs/expired-key.pem +++ b/plugins/tests/certs/expired-key.pem @@ -1,15 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDkBz+CZ8wAouKuqrlwIivoE0n3xussoxFfiosrrUYARdjHRdN1 -+ZbNMBDcP+X5zE6x8p5eF6BqFf6w+AkdoRk9Ju3b+1btDES5TydUgohXjLkEt9M8 -yzCa9AOyFvOvakZSkJs8bNSU+lw20qDULhdeeM6McDbCpTI6F7SUhzdmKQIDAQAB -AoGARgI3rHjjuDpKMGg4IMZNBqaNaiZHY9/44IVvrww21rSbFqtIfgsQEpU0R/rS -R7xDWPztRGQqmwd/t6OfYNpqHbjO1MWzasVBVnzue5P59Y1xy1h0LZF8+a9GY++0 -uAGUC24jsXSmypNVzoX+ZKyinA3oYV/etdPYx1W8Ms5XIzUCQQD7xwhMuLok6Kbq -UEgiSfBTbx+haP3IiqqMF14z8QoEyD3jchydNaXEYdQxN8jEl2aPrMqTc6x8Jq4/ -ai0OkB+fAkEA59pAmN81HylV7+CsVjLOSbJqzau7NDxSs2uutxhHZRwz0e25wVer -fA03l08u0ebC/TDHkmHV6ikCryM5HU2FNwJAVZJFzd2S1myEHmr+uTisB49jDrbi -WkBWypo+mCS6JPnxntXvx7auClq9haTSBY73eqldiFPuMZvr6P2rJqHxPQJBAOTM -quaxjti7kATy8N73sD9mBKQGju1TgkFxSK+DFCGhnTnToXY9MAtxd6SoDYoyccYu -dyPrzJAR/IYc+mYCdC0CQDKlZuMPVXEgvGaQapzMQ++5yJRvMZF4tWvONBs0OCE9 -QYarsTi5M20cymMBXHOLZIjqwsni4G/C9kqJSvC75Vg= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJ4crAoWMlZRdg +cqyKzKlR/10eUg9AAhLIY/UFfpQvbpku8TqQpvHcsVD1bY84ahBaXMWIHWygZ5VY +N3RTQm1Z0IqY5dZ1xem6lCVNJS1EIwNCR+os3wZHlMFN3vet7OnmbPTycx8vC7Sn +lVDX3VSLwkcWCsA5qUCfxTDkN7y+PhWZNeZTk0nZQWgLR11T9OH+XBEJrIdzVycx +WrYXtz+6ExRRBg0GYnLSnGgdrCn6P00qX/EhiyOBA2BqFDI26zC4YeNoTCE+77sb +Tdexbh6G74fXz3wz8yRKWfotABTWzKgnzKk8zy1X7ODHi7CPu52dnaFx433m5bvQ +9aDkNDJTAgMBAAECggEACrLFfNnQmD24NGs/S4e2/VpsA9xTZI/3kNkDNgxULANP +aNZtxRajwI9A/BCXQ2UTgsZhzWnJxOJYXrlpl7PweY78mUesysb3MOUC6QisUm0M +kimfdktHWOnAKLFFLNleN9DUVjjVkTeslijqhNX80f80py1grG2UuCLKCX4OqYIm +qACE8TMmSZLz42AO96TndNtKplQ8LuGLEmByW95wEfhx3Gm4ckkL7qII/U3DnQXr +0T+3xLaj+eNJzYDpIFZiw4sNzOuAyCz+4Cc4sPDuMnzquXF+enpkemoycC1RmEpG +KIDTwmFsc8TrbGV0qifC6fsCrDivdYLqL7R/q3IBQQKBgQDmfvO3VYTEKY8NA+AT +5s6+7NTxRsXxJUCEhCNBWimSH3EzmBAvrodLY6A0oYg8i81bgNX1I9GPVXJZ/QA7 +ukd84HUIQoGS5Usmo4rp+kz4P6KkLXDemZtWPU5GXxicfajHRQlkbW6St6SpV7IS +ibJcDADeoiaPL1xvue1ToP/LoQKBgQDgOFHjYpep00gabvjXfYW7vhrg1vVwaKUM +rf0+UW8Exk4nbBw0eEC2YjxIwzdktlkdbzGaXYULnhg8GnfxYesMOpCLPw1JdB8o +ixETAFpW5bKrUsjEFRUGhzWnsCSFIQ4smpmtGLTxOQ8AkoDdORY5Z+Wv7JtFF6Do +PSoblckZcwKBgB3TD3YJesRnHDty5OuuUdIikuslXTd2uoJrFqS+JeLibqNeabnB +u3/lxDULMbWj4U6VvRmbKOKDC+jY887Gq7lc0cff0yROxwqY3sCnwo3crg7QUmp7 +Nb5S8G3qoCSfndcq96wm/Me/O28uCbycVJfUdchY8uRUHIHYbP0FOBQBAoGBAMgh +fPX4imaKr1DovDObVkK87EDDnU84GBm5MtDs3qrkVd3aIVK0Aw7HoAdSN58tI12i +YiPmVVqJQhhjh6tsOuAvZdTj8ngdrbICbrsHFZt6an+A5LIgHyQ0iy+hiPdLCdvG +ImTeKKMmyr04Bs1upueWVO0xw2VoMbcY4Py+NUEBAoGASQqedfCSKGLT+5lLZrhP +CbFVMmswEPjBcRb1trcuA09vfExn9FfUNFnnw3i9miprED5kufvAjb+6nduXizKg +7HQYHCwVvakgtXgbiDMaNgYZcjWm+MdnfiwLJjJTO3DfI1JF2PJ8y9R95DPlAkDm +xH3OV8KV4UiTEVxS7ksmGzY= +-----END PRIVATE KEY----- diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index fe65325c..2f051fad 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -4,6 +4,8 @@ # # To create the https server certificate: # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes +# to create a new expired certificate: +# faketime '2008-01-01 12:00:00' openssl req -new -x509 -keyout expired-key.pem -out expired-cert.pem -days 1 -nodes # Country Name (2 letter code) [AU]:DE # State or Province Name (full name) [Some-State]:Bavaria # Locality Name (eg, city) []:Munich @@ -211,7 +213,7 @@ SKIP: { $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); is( $result->output, - 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.', + 'CRITICAL - Certificate \'Monitoring Plugins\' expired on Wed Jan 2 11:00:26 2008 +0000.', "output ok" ); } -- cgit v1.2.3-74-g34f1 From eb75d847ae31a86768b06926bc2323f7c16f07b9 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 18:04:49 +0200 Subject: tests: increase startup sleep github action might fail from to time otherwise --- plugins/tests/check_curl.t | 5 +++-- plugins/tests/check_http.t | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'plugins/tests/check_http.t') diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t index 0caad23d..29cb03f2 100755 --- a/plugins/tests/check_curl.t +++ b/plugins/tests/check_curl.t @@ -126,8 +126,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -140,6 +138,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 2f051fad..0f56950f 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -102,8 +102,6 @@ if ($pid) { exit; } } - # give our webservers some time to startup - sleep(1); } else { # Child #print "child\n"; @@ -116,6 +114,9 @@ if ($pid) { exit; } +# give our webservers some time to startup +sleep(3); + # Run the same server on http and https sub run_server { my $d = shift; -- cgit v1.2.3-74-g34f1 From b428cc17f75682465e6f1e59b32fdec02b87ceac Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 20:57:59 +0200 Subject: tests: ignore sigpipes in https test daemon check_http closes the connection after checking the certificate with -C. This leads to sigpipe errors when the ssl daemon wants to send a response and the daemon quits which makes the subsequent tests fail. --- plugins/tests/check_http.t | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'plugins/tests/check_http.t') diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 0f56950f..188f5e75 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -91,6 +91,8 @@ if ($pid) { exit; } } else { + # closing the connection after -C cert checks make the daemon exit with a sigpipe otherwise + local $SIG{'PIPE'} = 'IGNORE'; my $d = HTTP::Daemon::SSL->new( LocalPort => $port_https, LocalAddr => "127.0.0.1", @@ -415,22 +417,24 @@ sub run_common_tests { # stickyport - on full urlS port is set back to 80 otherwise $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); is( $result->return_code, 0, $cmd ); # Let's hope there won't be any web server on :80 returning "redirected"! $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected"; + alarm(2); eval { local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); $result = NPTest->testCmd( $cmd ); - alarm(0); }; + }; isnt( $@, "alarm\n", $cmd ); + alarm(0); isnt( $result->return_code, 0, $cmd ); # Test an external address - timeout -- cgit v1.2.3-74-g34f1