summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSven Nierlein <sven@nierlein.de>2017-03-10 21:23:40 (GMT)
committerSven Nierlein <sven@nierlein.de>2017-03-12 21:55:52 (GMT)
commit0cff5f2d93b1359ab10949aa119527a1e4e6eb35 (patch)
tree82e804ad6e7b64ab03365ab4433d829bf911b21f
parentd721efc10b35071b85ca98a9338e3981ce36a9ab (diff)
downloadmonitoring-plugins-0cff5f2d93b1359ab10949aa119527a1e4e6eb35.tar.gz
remove hardcoded verisign.com tests
and make it configurable Signed-off-by: Sven Nierlein <sven@nierlein.de>
-rw-r--r--.travis.yml8
-rw-r--r--plugins/t/NPTest.cache.travis2
-rw-r--r--plugins/t/check_http.t69
-rw-r--r--plugins/t/check_tcp.t11
4 files changed, 54 insertions, 36 deletions
diff --git a/.travis.yml b/.travis.yml
index d68490c..2150c21 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -49,13 +49,18 @@ before_install:
49install: 49install:
50 - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libradcli-dev libkrb5-dev libnet-snmp-perl procps 50 - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libradcli-dev libkrb5-dev libnet-snmp-perl procps
51 - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd 51 - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd
52 - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 postfix libhttp-daemon-ssl-perl 52 - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl
53 - sudo apt-get install -qq --no-install-recommends libdbd-sybase-perl libnet-dns-perl 53 - sudo apt-get install -qq --no-install-recommends libdbd-sybase-perl libnet-dns-perl
54 - sudo apt-get install -qq --no-install-recommends slapd ldap-utils 54 - sudo apt-get install -qq --no-install-recommends slapd ldap-utils
55 - sudo apt-get install -qq --no-install-recommends autoconf automake 55 - sudo apt-get install -qq --no-install-recommends autoconf automake
56 - sudo apt-get install -qq --no-install-recommends faketime 56 - sudo apt-get install -qq --no-install-recommends faketime
57 # Trusty related dependencies (not yet provided) 57 # Trusty related dependencies (not yet provided)
58 - test "$(dpkg -l | grep -E "mysql-(client|server)-[0-9].[0-9]" | grep -c ^ii)" -gt 0 || sudo apt-get install -qq --no-install-recommends mariadb-client mariadb-server 58 - test "$(dpkg -l | grep -E "mysql-(client|server)-[0-9].[0-9]" | grep -c ^ii)" -gt 0 || sudo apt-get install -qq --no-install-recommends mariadb-client mariadb-server
59 # enable ssl apache
60 - sudo a2enmod ssl
61 - sudo a2ensite default-ssl
62 - sudo make-ssl-cert generate-default-snakeoil --force-overwrite
63 - sudo service apache2 reload
59 64
60before_script: 65before_script:
61 # ensure we have a test database in place for tests 66 # ensure we have a test database in place for tests
@@ -73,6 +78,7 @@ before_script:
73 - sudo rm -f /usr/share/mibs/ietf/SNMPv2-PDU /usr/share/mibs/ietf/IPSEC-SPD-MIB /usr/share/mibs/ietf/IPATM-IPMC-MIB /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB 78 - sudo rm -f /usr/share/mibs/ietf/SNMPv2-PDU /usr/share/mibs/ietf/IPSEC-SPD-MIB /usr/share/mibs/ietf/IPATM-IPMC-MIB /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB
74 - sudo mkdir -p /var/lib/snmp/mib_indexes 79 - sudo mkdir -p /var/lib/snmp/mib_indexes
75 - sudo mkdir /media/ramdisk && sudo chmod 777 /media/ramdisk && sudo mount -t tmpfs -o size=20% none /media/ramdisk 80 - sudo mkdir /media/ramdisk && sudo chmod 777 /media/ramdisk && sudo mount -t tmpfs -o size=20% none /media/ramdisk
81 - sed "/host_tls_cert/s/.*/'host_tls_cert' => '$(hostname)',/" -i $NPTEST_CACHE
76 82
77script: 83script:
78 - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make test; fi 84 - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make test; fi
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis
index 38c0a6b..e9705f3 100644
--- a/plugins/t/NPTest.cache.travis
+++ b/plugins/t/NPTest.cache.travis
@@ -57,4 +57,6 @@
57 'snmp_community' => '', 57 'snmp_community' => '',
58 'user_snmp' => '', 58 'user_snmp' => '',
59 'host_udp_time' => 'none', 59 'host_udp_time' => 'none',
60 'host_tls_http' => 'localhost',
61 'host_tls_cert' => 'localhost',
60} 62}
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t
index 5a90f02..8bd484a 100644
--- a/plugins/t/check_http.t
+++ b/plugins/t/check_http.t
@@ -19,6 +19,13 @@ my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP",
19 "A host providing the HTTP Service (a web server)", 19 "A host providing the HTTP Service (a web server)",
20 "localhost" ); 20 "localhost" );
21 21
22my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost",
23 "A host providing the HTTPS Service (a tls web server)" );
24
25my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost",
26 "the common name of the certificate." );
27
28
22my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", 29my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE",
23 "The hostname of system not responsive to network requests", 30 "The hostname of system not responsive to network requests",
24 "10.0.0.1" ); 31 "10.0.0.1" );
@@ -80,14 +87,14 @@ like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" )
80SKIP: { 87SKIP: {
81 skip "No internet access", 3 if $internet_access eq "no"; 88 skip "No internet access", 3 if $internet_access eq "no";
82 89
83 $res = NPTest->testCmd("./check_http -v -H www.verisign.com -S"); 90 $res = NPTest->testCmd("./check_http -v -H $host_tls_http -S");
84 like( $res->output, '/^Host: www.verisign.com\s*$/ms', "Host Header OK" ); 91 like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" );
85 92
86 $res = NPTest->testCmd("./check_http -v -H www.verisign.com:8080 -S -p 443"); 93 $res = NPTest->testCmd("./check_http -v -H $host_tls_http:8080 -S -p 443");
87 like( $res->output, '/^Host: www.verisign.com:8080\s*$/ms', "Host Header OK" ); 94 like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" );
88 95
89 $res = NPTest->testCmd("./check_http -v -H www.verisign.com:443 -S -p 443"); 96 $res = NPTest->testCmd("./check_http -v -H $host_tls_http:443 -S -p 443");
90 like( $res->output, '/^Host: www.verisign.com\s*$/ms', "Host Header OK" ); 97 like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" );
91}; 98};
92 99
93SKIP: { 100SKIP: {
@@ -114,38 +121,38 @@ SKIP: {
114 skip "No internet access", 16 if $internet_access eq "no"; 121 skip "No internet access", 16 if $internet_access eq "no";
115 122
116 $res = NPTest->testCmd( 123 $res = NPTest->testCmd(
117 "./check_http --ssl www.verisign.com" 124 "./check_http --ssl $host_tls_http"
118 ); 125 );
119 cmp_ok( $res->return_code, '==', 0, "Can read https for www.verisign.com" ); 126 cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" );
120 127
121 $res = NPTest->testCmd( "./check_http -C 1 --ssl www.verisign.com" ); 128 $res = NPTest->testCmd( "./check_http -C 1 --ssl $host_tls_http" );
122 cmp_ok( $res->return_code, '==', 0, "Checking certificate for www.verisign.com"); 129 cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http");
123 like ( $res->output, "/Certificate 'www.verisign.com' will expire on/", "Output OK" ); 130 like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" );
124 my $saved_cert_output = $res->output; 131 my $saved_cert_output = $res->output;
125 132
126 $res = NPTest->testCmd( "./check_http -C 8000,1 --ssl www.verisign.com" ); 133 $res = NPTest->testCmd( "./check_http -C 8000,1 --ssl $host_tls_http" );
127 cmp_ok( $res->return_code, '==', 1, "Checking certificate for www.verisign.com"); 134 cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http");
128 like ( $res->output, qr/WARNING - Certificate 'www.verisign.com' expires in \d+ day/, "Output Warning" ); 135 like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" );
129 136
130 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); 137 $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" );
131 is( $res->return_code, 0, "Old syntax for cert checking okay" ); 138 is( $res->return_code, 0, "Old syntax for cert checking okay" );
132 is( $res->output, $saved_cert_output, "Same output as new syntax" ); 139 is( $res->output, $saved_cert_output, "Same output as new syntax" );
133 140
134 $res = NPTest->testCmd( "./check_http -H www.verisign.com -C 1" ); 141 $res = NPTest->testCmd( "./check_http -H $host_tls_http -C 1" );
135 is( $res->return_code, 0, "Updated syntax for cert checking okay" ); 142 is( $res->return_code, 0, "Updated syntax for cert checking okay" );
136 is( $res->output, $saved_cert_output, "Same output as new syntax" ); 143 is( $res->output, $saved_cert_output, "Same output as new syntax" );
137 144
138 $res = NPTest->testCmd( "./check_http -C 1 www.verisign.com" ); 145 $res = NPTest->testCmd( "./check_http -C 1 $host_tls_http" );
139 cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); 146 cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added");
140 147
141 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); 148 $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" );
142 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); 149 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works");
143 150
144 # run some certificate checks with faketime 151 # run some certificate checks with faketime
145 SKIP: { 152 SKIP: {
146 skip "No faketime binary found", 12 if !$faketime; 153 skip "No faketime binary found", 12 if !$faketime;
147 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com"); 154 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 $host_tls_http");
148 like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output"); 155 like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output");
149 is( $res->return_code, 0, "Catch cert output exit code" ); 156 is( $res->return_code, 0, "Catch cert output exit code" );
150 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); 157 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/);
151 if(!defined $year) { 158 if(!defined $year) {
@@ -154,28 +161,28 @@ SKIP: {
154 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; 161 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11};
155 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); 162 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900);
156 my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); 163 my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts));
157 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 www.verisign.com"); 164 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 $host_tls_http");
158 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' just expired/, "Output on expire date"); 165 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date");
159 is( $res->return_code, 2, "Output on expire date" ); 166 is( $res->return_code, 2, "Output on expire date" );
160 167
161 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 www.verisign.com"); 168 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 $host_tls_http");
162 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 0 minutes/, "cert expires in 1 second output"); 169 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output");
163 is( $res->return_code, 2, "cert expires in 1 second exit code" ); 170 is( $res->return_code, 2, "cert expires in 1 second exit code" );
164 171
165 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 www.verisign.com"); 172 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 $host_tls_http");
166 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 minutes/, "cert expires in 2 minutes output"); 173 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output");
167 is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); 174 is( $res->return_code, 2, "cert expires in 2 minutes exit code" );
168 175
169 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 www.verisign.com"); 176 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 $host_tls_http");
170 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 hours/, "cert expires in 2 hours output"); 177 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output");
171 is( $res->return_code, 2, "cert expires in 2 hours exit code" ); 178 is( $res->return_code, 2, "cert expires in 2 hours exit code" );
172 179
173 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 www.verisign.com"); 180 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 $host_tls_http");
174 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expired on/, "Certificate expired output"); 181 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output");
175 is( $res->return_code, 2, "Certificate expired exit code" ); 182 is( $res->return_code, 2, "Certificate expired exit code" );
176 }; 183 };
177 184
178 $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); 185 $res = NPTest->testCmd( "./check_http --ssl $host_tls_http -E" );
179 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); 186 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' );
180 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); 187 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' );
181 188
diff --git a/plugins/t/check_tcp.t b/plugins/t/check_tcp.t
index f996685..121b0cb 100644
--- a/plugins/t/check_tcp.t
+++ b/plugins/t/check_tcp.t
@@ -18,6 +18,9 @@ BEGIN {
18my $host_tcp_http = getTestParameter( "host_tcp_http", "NP_HOST_TCP_HTTP", "localhost", 18my $host_tcp_http = getTestParameter( "host_tcp_http", "NP_HOST_TCP_HTTP", "localhost",
19 "A host providing the HTTP Service (a web server)" ); 19 "A host providing the HTTP Service (a web server)" );
20 20
21my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost",
22 "A host providing the HTTPS Service (a tls web server)" );
23
21my $host_nonresponsive = getTestParameter( "host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1", 24my $host_nonresponsive = getTestParameter( "host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1",
22 "The hostname of system not responsive to network requests" ); 25 "The hostname of system not responsive to network requests" );
23 26
@@ -42,10 +45,10 @@ $t += checkCmd( "./check_tcp $host_tcp_http -p 81 -wt 0 -ct 0 -to 1", 2
42$t += checkCmd( "./check_tcp $host_nonresponsive -p 80 -wt 0 -ct 0 -to 1", 2 ); 45$t += checkCmd( "./check_tcp $host_nonresponsive -p 80 -wt 0 -ct 0 -to 1", 2 );
43$t += checkCmd( "./check_tcp $hostname_invalid -p 80 -wt 0 -ct 0 -to 1", 2 ); 46$t += checkCmd( "./check_tcp $hostname_invalid -p 80 -wt 0 -ct 0 -to 1", 2 );
44if($internet_access ne "no") { 47if($internet_access ne "no") {
45 $t += checkCmd( "./check_tcp -S -D 1 -H www.verisign.com -p 443", 0 ); 48 $t += checkCmd( "./check_tcp -S -D 1 -H $host_tls_http -p 443", 0 );
46 $t += checkCmd( "./check_tcp -S -D 9000,1 -H www.verisign.com -p 443", 1 ); 49 $t += checkCmd( "./check_tcp -S -D 9000,1 -H $host_tls_http -p 443", 1 );
47 $t += checkCmd( "./check_tcp -S -D 9000 -H www.verisign.com -p 443", 1 ); 50 $t += checkCmd( "./check_tcp -S -D 9000 -H $host_tls_http -p 443", 1 );
48 $t += checkCmd( "./check_tcp -S -D 9000,8999 -H www.verisign.com -p 443", 2 ); 51 $t += checkCmd( "./check_tcp -S -D 9000,8999 -H $host_tls_http -p 443", 2 );
49} 52}
50 53
51# Need the \r\n to make it more standards compliant with web servers. Need the various quotes 54# Need the \r\n to make it more standards compliant with web servers. Need the various quotes