diff options
-rw-r--r-- | plugins/t/check_curl.t | 200 |
1 files changed, 200 insertions, 0 deletions
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t new file mode 100644 index 00000000..3c36a268 --- /dev/null +++ b/plugins/t/check_curl.t | |||
@@ -0,0 +1,200 @@ | |||
1 | #! /usr/bin/perl -w -I .. | ||
2 | # | ||
3 | # HyperText Transfer Protocol (HTTP) Test via check_curl | ||
4 | # | ||
5 | # | ||
6 | |||
7 | use strict; | ||
8 | use Test::More; | ||
9 | use POSIX qw/mktime strftime/; | ||
10 | use NPTest; | ||
11 | |||
12 | plan tests => 49; | ||
13 | |||
14 | my $successOutput = '/OK.*HTTP.*second/'; | ||
15 | |||
16 | my $res; | ||
17 | |||
18 | my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", | ||
19 | "A host providing the HTTP Service (a web server)", | ||
20 | "localhost" ); | ||
21 | |||
22 | my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", | ||
23 | "A host providing the HTTPS Service (a tls web server)" ); | ||
24 | |||
25 | my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", | ||
26 | "the common name of the certificate." ); | ||
27 | |||
28 | |||
29 | my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", | ||
30 | "The hostname of system not responsive to network requests", | ||
31 | "10.0.0.1" ); | ||
32 | |||
33 | my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", | ||
34 | "An invalid (not known to DNS) hostname", | ||
35 | "nosuchhost"); | ||
36 | |||
37 | my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", | ||
38 | "Is this system directly connected to the internet?", | ||
39 | "yes"); | ||
40 | |||
41 | my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", | ||
42 | "A host providing an index page containing the string 'monitoring'", | ||
43 | "test.monitoring-plugins.org" ); | ||
44 | |||
45 | my $faketime = -x '/usr/bin/faketime' ? 1 : 0; | ||
46 | |||
47 | |||
48 | $res = NPTest->testCmd( | ||
49 | "./check_curl $host_tcp_http -wt 300 -ct 600" | ||
50 | ); | ||
51 | cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); | ||
52 | like( $res->output, $successOutput, "Output OK" ); | ||
53 | |||
54 | $res = NPTest->testCmd( | ||
55 | "./check_curl $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" | ||
56 | ); | ||
57 | like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); | ||
58 | |||
59 | $res = NPTest->testCmd( | ||
60 | "./check_curl $host_nonresponsive -wt 1 -ct 2 -t 3" | ||
61 | ); | ||
62 | cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); | ||
63 | cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); | ||
64 | |||
65 | $res = NPTest->testCmd( | ||
66 | "./check_curl $hostname_invalid -wt 1 -ct 2" | ||
67 | ); | ||
68 | cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); | ||
69 | # The first part of the message comes from the OS catalogue, so cannot check this. | ||
70 | # On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename | ||
71 | # Is also possible to get a socket timeout if DNS is not responding fast enough | ||
72 | like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); | ||
73 | |||
74 | # host header checks | ||
75 | $res = NPTest->testCmd("./check_curl -v -H $host_tcp_http"); | ||
76 | like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); | ||
77 | |||
78 | $res = NPTest->testCmd("./check_curl -v -H $host_tcp_http -p 80"); | ||
79 | like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); | ||
80 | |||
81 | $res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); | ||
82 | like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); | ||
83 | |||
84 | $res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); | ||
85 | like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); | ||
86 | |||
87 | SKIP: { | ||
88 | skip "No internet access", 3 if $internet_access eq "no"; | ||
89 | |||
90 | $res = NPTest->testCmd("./check_curl -v -H $host_tls_http -S"); | ||
91 | like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); | ||
92 | |||
93 | $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:8080 -S -p 443"); | ||
94 | like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); | ||
95 | |||
96 | $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:443 -S -p 443"); | ||
97 | like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); | ||
98 | }; | ||
99 | |||
100 | SKIP: { | ||
101 | skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; | ||
102 | |||
103 | $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring'" ); | ||
104 | cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); | ||
105 | |||
106 | $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing'" ); | ||
107 | cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); | ||
108 | like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); | ||
109 | |||
110 | $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -R 'mONiTORing'" ); | ||
111 | cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); | ||
112 | |||
113 | $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); | ||
114 | cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); | ||
115 | like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); | ||
116 | |||
117 | $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); | ||
118 | cmp_ok( $res->return_code, "==", 0, "And also when not found"); | ||
119 | } | ||
120 | SKIP: { | ||
121 | skip "No internet access", 16 if $internet_access eq "no"; | ||
122 | |||
123 | $res = NPTest->testCmd( | ||
124 | "./check_curl --ssl $host_tls_http" | ||
125 | ); | ||
126 | cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); | ||
127 | |||
128 | $res = NPTest->testCmd( "./check_curl -C 1 --ssl $host_tls_http" ); | ||
129 | cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); | ||
130 | like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); | ||
131 | my $saved_cert_output = $res->output; | ||
132 | |||
133 | $res = NPTest->testCmd( "./check_curl -C 8000,1 --ssl $host_tls_http" ); | ||
134 | cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); | ||
135 | like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); | ||
136 | |||
137 | $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); | ||
138 | is( $res->return_code, 0, "Old syntax for cert checking okay" ); | ||
139 | is( $res->output, $saved_cert_output, "Same output as new syntax" ); | ||
140 | |||
141 | $res = NPTest->testCmd( "./check_curl -H $host_tls_http -C 1" ); | ||
142 | is( $res->return_code, 0, "Updated syntax for cert checking okay" ); | ||
143 | is( $res->output, $saved_cert_output, "Same output as new syntax" ); | ||
144 | |||
145 | $res = NPTest->testCmd( "./check_curl -C 1 $host_tls_http" ); | ||
146 | cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); | ||
147 | |||
148 | $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); | ||
149 | cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); | ||
150 | |||
151 | # run some certificate checks with faketime | ||
152 | SKIP: { | ||
153 | skip "No faketime binary found", 12 if !$faketime; | ||
154 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_curl -C 1 $host_tls_http"); | ||
155 | like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); | ||
156 | is( $res->return_code, 0, "Catch cert output exit code" ); | ||
157 | my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); | ||
158 | if(!defined $year) { | ||
159 | die("parsing date failed from: ".$res->output); | ||
160 | } | ||
161 | my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; | ||
162 | my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); | ||
163 | my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); | ||
164 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_curl -C 1 $host_tls_http"); | ||
165 | like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); | ||
166 | is( $res->return_code, 2, "Output on expire date" ); | ||
167 | |||
168 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_curl -C 1 $host_tls_http"); | ||
169 | like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); | ||
170 | is( $res->return_code, 2, "cert expires in 1 second exit code" ); | ||
171 | |||
172 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_curl -C 1 $host_tls_http"); | ||
173 | like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); | ||
174 | is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); | ||
175 | |||
176 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_curl -C 1 $host_tls_http"); | ||
177 | like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); | ||
178 | is( $res->return_code, 2, "cert expires in 2 hours exit code" ); | ||
179 | |||
180 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_curl -C 1 $host_tls_http"); | ||
181 | like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); | ||
182 | is( $res->return_code, 2, "Certificate expired exit code" ); | ||
183 | }; | ||
184 | |||
185 | $res = NPTest->testCmd( "./check_curl --ssl $host_tls_http -E" ); | ||
186 | like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); | ||
187 | like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); | ||
188 | |||
189 | $res = NPTest->testCmd( | ||
190 | "./check_curl --ssl -H www.e-paycobalt.com" | ||
191 | ); | ||
192 | cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); | ||
193 | |||
194 | |||
195 | $res = NPTest->testCmd( "./check_curl -H www.mozilla.com -u /firefox -f follow" ); | ||
196 | is( $res->return_code, 0, "Redirection based on location is okay"); | ||
197 | |||
198 | $res = NPTest->testCmd( "./check_curl -H www.mozilla.com --extended-perfdata" ); | ||
199 | like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); | ||
200 | } | ||