diff options
-rw-r--r-- | plugins/tests/certs/expired-cert.pem | 21 | ||||
-rw-r--r-- | plugins/tests/certs/expired-key.pem | 15 | ||||
-rwxr-xr-x | plugins/tests/check_http.t | 66 |
3 files changed, 92 insertions, 10 deletions
diff --git a/plugins/tests/certs/expired-cert.pem b/plugins/tests/certs/expired-cert.pem new file mode 100644 index 00000000..40324cf8 --- /dev/null +++ b/plugins/tests/certs/expired-cert.pem | |||
@@ -0,0 +1,21 @@ | |||
1 | -----BEGIN CERTIFICATE----- | ||
2 | MIIDYzCCAsygAwIBAgIJAJISzcX71f5pMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV | ||
3 | BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV | ||
4 | BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG | ||
5 | SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNjAwMTMxNVoXDTA5MDMw | ||
6 | NTAwMTMxNlowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN | ||
7 | BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT | ||
8 | CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ | ||
9 | KoZIhvcNAQEBBQADgY0AMIGJAoGBAOQHP4JnzACi4q6quXAiK+gTSffG6yyjEV+K | ||
10 | iyutRgBF2MdF03X5ls0wENw/5fnMTrHynl4XoGoV/rD4CR2hGT0m7dv7Vu0MRLlP | ||
11 | J1SCiFeMuQS30zzLMJr0A7IW869qRlKQmzxs1JT6XDbSoNQuF154zoxwNsKlMjoX | ||
12 | tJSHN2YpAgMBAAGjgeYwgeMwHQYDVR0OBBYEFHWjM9OQldrDLMcAfPnUVfGxlzOp | ||
13 | MIGzBgNVHSMEgaswgaiAFHWjM9OQldrDLMcAfPnUVfGxlzOpoYGEpIGBMH8xCzAJ | ||
14 | BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx | ||
15 | FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG | ||
16 | CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAkhLNxfvV/mkwDAYDVR0TBAUw | ||
17 | AwEB/zANBgkqhkiG9w0BAQQFAAOBgQDHjoXoGwBamCiNplTt93jH/TO08RATdZP5 | ||
18 | 45hlxv2+PKCjjTiFa2mjAvopFiqmYsr40XYEmpeYMiaOzOW5rBjtqBAT/JJWyfda | ||
19 | SCmj3swqyKus63rv/iuokIhZzBdhbB+eOJJrmwT2SEc5KdRaipH0QAGF1nZAAGzo | ||
20 | 6xW7hkzYog== | ||
21 | -----END CERTIFICATE----- | ||
diff --git a/plugins/tests/certs/expired-key.pem b/plugins/tests/certs/expired-key.pem new file mode 100644 index 00000000..af0e24da --- /dev/null +++ b/plugins/tests/certs/expired-key.pem | |||
@@ -0,0 +1,15 @@ | |||
1 | -----BEGIN RSA PRIVATE KEY----- | ||
2 | MIICXAIBAAKBgQDkBz+CZ8wAouKuqrlwIivoE0n3xussoxFfiosrrUYARdjHRdN1 | ||
3 | +ZbNMBDcP+X5zE6x8p5eF6BqFf6w+AkdoRk9Ju3b+1btDES5TydUgohXjLkEt9M8 | ||
4 | yzCa9AOyFvOvakZSkJs8bNSU+lw20qDULhdeeM6McDbCpTI6F7SUhzdmKQIDAQAB | ||
5 | AoGARgI3rHjjuDpKMGg4IMZNBqaNaiZHY9/44IVvrww21rSbFqtIfgsQEpU0R/rS | ||
6 | R7xDWPztRGQqmwd/t6OfYNpqHbjO1MWzasVBVnzue5P59Y1xy1h0LZF8+a9GY++0 | ||
7 | uAGUC24jsXSmypNVzoX+ZKyinA3oYV/etdPYx1W8Ms5XIzUCQQD7xwhMuLok6Kbq | ||
8 | UEgiSfBTbx+haP3IiqqMF14z8QoEyD3jchydNaXEYdQxN8jEl2aPrMqTc6x8Jq4/ | ||
9 | ai0OkB+fAkEA59pAmN81HylV7+CsVjLOSbJqzau7NDxSs2uutxhHZRwz0e25wVer | ||
10 | fA03l08u0ebC/TDHkmHV6ikCryM5HU2FNwJAVZJFzd2S1myEHmr+uTisB49jDrbi | ||
11 | WkBWypo+mCS6JPnxntXvx7auClq9haTSBY73eqldiFPuMZvr6P2rJqHxPQJBAOTM | ||
12 | quaxjti7kATy8N73sD9mBKQGju1TgkFxSK+DFCGhnTnToXY9MAtxd6SoDYoyccYu | ||
13 | dyPrzJAR/IYc+mYCdC0CQDKlZuMPVXEgvGaQapzMQ++5yJRvMZF4tWvONBs0OCE9 | ||
14 | QYarsTi5M20cymMBXHOLZIjqwsni4G/C9kqJSvC75Vg= | ||
15 | -----END RSA PRIVATE KEY----- | ||
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 20078c20..d221463b 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t | |||
@@ -2,6 +2,16 @@ | |||
2 | # | 2 | # |
3 | # Test check_http by having an actual HTTP server running | 3 | # Test check_http by having an actual HTTP server running |
4 | # | 4 | # |
5 | # To create the https server certificate: | ||
6 | # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes | ||
7 | # Country Name (2 letter code) [AU]:UK | ||
8 | # State or Province Name (full name) [Some-State]:Derbyshire | ||
9 | # Locality Name (eg, city) []:Belper | ||
10 | # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Nagios Plugins | ||
11 | # Organizational Unit Name (eg, section) []: | ||
12 | # Common Name (eg, YOUR name) []:Ton Voon | ||
13 | # Email Address []:tonvoon@mac.com | ||
14 | |||
5 | 15 | ||
6 | use strict; | 16 | use strict; |
7 | use Test::More; | 17 | use Test::More; |
@@ -25,17 +35,35 @@ $HTTP::Daemon::VERSION = "1.00"; | |||
25 | 35 | ||
26 | my $port_http = 50000 + int(rand(1000)); | 36 | my $port_http = 50000 + int(rand(1000)); |
27 | my $port_https = $port_http + 1; | 37 | my $port_https = $port_http + 1; |
38 | my $port_https_expired = $port_http + 2; | ||
28 | 39 | ||
29 | # Start up both servers | 40 | # Start up all servers |
30 | my $pid_https; | 41 | my @pids; |
31 | my $pid_http = fork(); | 42 | my $pid = fork(); |
32 | if ($pid_http) { | 43 | if ($pid) { |
33 | # Parent | 44 | # Parent |
45 | push @pids, $pid; | ||
34 | if (exists $servers->{https}) { | 46 | if (exists $servers->{https}) { |
35 | # Fork another server | 47 | # Fork a normal HTTPS server |
36 | $pid_https = fork(); | 48 | $pid = fork(); |
37 | if ($pid_https) { | 49 | if ($pid) { |
38 | # Parent | 50 | # Parent |
51 | push @pids, $pid; | ||
52 | # Fork an expired cert server | ||
53 | $pid = fork(); | ||
54 | if ($pid) { | ||
55 | push @pids, $pid; | ||
56 | } else { | ||
57 | my $d = HTTP::Daemon::SSL->new( | ||
58 | LocalPort => $port_https_expired, | ||
59 | LocalAddr => "127.0.0.1", | ||
60 | SSL_cert_file => "$Bin/certs/expired-cert.pem", | ||
61 | SSL_key_file => "$Bin/certs/expired-key.pem", | ||
62 | ) || die; | ||
63 | print "Please contact https expired at: <URL:", $d->url, ">\n"; | ||
64 | run_server( $d ); | ||
65 | exit; | ||
66 | } | ||
39 | } else { | 67 | } else { |
40 | my $d = HTTP::Daemon::SSL->new( | 68 | my $d = HTTP::Daemon::SSL->new( |
41 | LocalPort => $port_https, | 69 | LocalPort => $port_https, |
@@ -106,7 +134,7 @@ sub run_server { | |||
106 | } | 134 | } |
107 | 135 | ||
108 | END { | 136 | END { |
109 | foreach my $pid ($pid_http, $pid_https) { | 137 | foreach my $pid (@pids) { |
110 | if ($pid) { print "Killing $pid\n"; kill "INT", $pid } | 138 | if ($pid) { print "Killing $pid\n"; kill "INT", $pid } |
111 | } | 139 | } |
112 | }; | 140 | }; |
@@ -116,8 +144,9 @@ if ($ARGV[0] && $ARGV[0] eq "-d") { | |||
116 | } | 144 | } |
117 | 145 | ||
118 | my $common_tests = 47; | 146 | my $common_tests = 47; |
147 | my $ssl_only_tests = 6; | ||
119 | if (-x "./check_http") { | 148 | if (-x "./check_http") { |
120 | plan tests => $common_tests * 2; | 149 | plan tests => $common_tests * 2 + $ssl_only_tests; |
121 | } else { | 150 | } else { |
122 | plan skip_all => "No check_http compiled"; | 151 | plan skip_all => "No check_http compiled"; |
123 | } | 152 | } |
@@ -127,8 +156,25 @@ my $command = "./check_http -H 127.0.0.1"; | |||
127 | 156 | ||
128 | run_common_tests( { command => "$command -p $port_http" } ); | 157 | run_common_tests( { command => "$command -p $port_http" } ); |
129 | SKIP: { | 158 | SKIP: { |
130 | skip "HTTP::Daemon::SSL not installed", $common_tests if ! exists $servers->{https}; | 159 | skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https}; |
131 | run_common_tests( { command => "$command -p $port_https", ssl => 1 } ); | 160 | run_common_tests( { command => "$command -p $port_https", ssl => 1 } ); |
161 | |||
162 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); | ||
163 | is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); | ||
164 | is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41.', "output ok" ); | ||
165 | |||
166 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); | ||
167 | is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); | ||
168 | like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" ); | ||
169 | |||
170 | |||
171 | # Expired cert tests | ||
172 | $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); | ||
173 | is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); | ||
174 | is( $result->output, | ||
175 | 'CRITICAL - Certificate expired on 03/05/2009 00:13.', | ||
176 | "output ok" ); | ||
177 | |||
132 | } | 178 | } |
133 | 179 | ||
134 | sub run_common_tests { | 180 | sub run_common_tests { |