summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--plugins/tests/certs/expired-cert.pem21
-rw-r--r--plugins/tests/certs/expired-key.pem15
-rwxr-xr-xplugins/tests/check_http.t66
3 files changed, 92 insertions, 10 deletions
diff --git a/plugins/tests/certs/expired-cert.pem b/plugins/tests/certs/expired-cert.pem
new file mode 100644
index 00000000..40324cf8
--- /dev/null
+++ b/plugins/tests/certs/expired-cert.pem
@@ -0,0 +1,21 @@
1-----BEGIN CERTIFICATE-----
2MIIDYzCCAsygAwIBAgIJAJISzcX71f5pMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV
3BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV
4BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG
5SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNjAwMTMxNVoXDTA5MDMw
6NTAwMTMxNlowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN
7BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT
8CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ
9KoZIhvcNAQEBBQADgY0AMIGJAoGBAOQHP4JnzACi4q6quXAiK+gTSffG6yyjEV+K
10iyutRgBF2MdF03X5ls0wENw/5fnMTrHynl4XoGoV/rD4CR2hGT0m7dv7Vu0MRLlP
11J1SCiFeMuQS30zzLMJr0A7IW869qRlKQmzxs1JT6XDbSoNQuF154zoxwNsKlMjoX
12tJSHN2YpAgMBAAGjgeYwgeMwHQYDVR0OBBYEFHWjM9OQldrDLMcAfPnUVfGxlzOp
13MIGzBgNVHSMEgaswgaiAFHWjM9OQldrDLMcAfPnUVfGxlzOpoYGEpIGBMH8xCzAJ
14BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx
15FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG
16CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAkhLNxfvV/mkwDAYDVR0TBAUw
17AwEB/zANBgkqhkiG9w0BAQQFAAOBgQDHjoXoGwBamCiNplTt93jH/TO08RATdZP5
1845hlxv2+PKCjjTiFa2mjAvopFiqmYsr40XYEmpeYMiaOzOW5rBjtqBAT/JJWyfda
19SCmj3swqyKus63rv/iuokIhZzBdhbB+eOJJrmwT2SEc5KdRaipH0QAGF1nZAAGzo
206xW7hkzYog==
21-----END CERTIFICATE-----
diff --git a/plugins/tests/certs/expired-key.pem b/plugins/tests/certs/expired-key.pem
new file mode 100644
index 00000000..af0e24da
--- /dev/null
+++ b/plugins/tests/certs/expired-key.pem
@@ -0,0 +1,15 @@
1-----BEGIN RSA PRIVATE KEY-----
2MIICXAIBAAKBgQDkBz+CZ8wAouKuqrlwIivoE0n3xussoxFfiosrrUYARdjHRdN1
3+ZbNMBDcP+X5zE6x8p5eF6BqFf6w+AkdoRk9Ju3b+1btDES5TydUgohXjLkEt9M8
4yzCa9AOyFvOvakZSkJs8bNSU+lw20qDULhdeeM6McDbCpTI6F7SUhzdmKQIDAQAB
5AoGARgI3rHjjuDpKMGg4IMZNBqaNaiZHY9/44IVvrww21rSbFqtIfgsQEpU0R/rS
6R7xDWPztRGQqmwd/t6OfYNpqHbjO1MWzasVBVnzue5P59Y1xy1h0LZF8+a9GY++0
7uAGUC24jsXSmypNVzoX+ZKyinA3oYV/etdPYx1W8Ms5XIzUCQQD7xwhMuLok6Kbq
8UEgiSfBTbx+haP3IiqqMF14z8QoEyD3jchydNaXEYdQxN8jEl2aPrMqTc6x8Jq4/
9ai0OkB+fAkEA59pAmN81HylV7+CsVjLOSbJqzau7NDxSs2uutxhHZRwz0e25wVer
10fA03l08u0ebC/TDHkmHV6ikCryM5HU2FNwJAVZJFzd2S1myEHmr+uTisB49jDrbi
11WkBWypo+mCS6JPnxntXvx7auClq9haTSBY73eqldiFPuMZvr6P2rJqHxPQJBAOTM
12quaxjti7kATy8N73sD9mBKQGju1TgkFxSK+DFCGhnTnToXY9MAtxd6SoDYoyccYu
13dyPrzJAR/IYc+mYCdC0CQDKlZuMPVXEgvGaQapzMQ++5yJRvMZF4tWvONBs0OCE9
14QYarsTi5M20cymMBXHOLZIjqwsni4G/C9kqJSvC75Vg=
15-----END RSA PRIVATE KEY-----
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
index 20078c20..d221463b 100755
--- a/plugins/tests/check_http.t
+++ b/plugins/tests/check_http.t
@@ -2,6 +2,16 @@
2# 2#
3# Test check_http by having an actual HTTP server running 3# Test check_http by having an actual HTTP server running
4# 4#
5# To create the https server certificate:
6# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
7# Country Name (2 letter code) [AU]:UK
8# State or Province Name (full name) [Some-State]:Derbyshire
9# Locality Name (eg, city) []:Belper
10# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Nagios Plugins
11# Organizational Unit Name (eg, section) []:
12# Common Name (eg, YOUR name) []:Ton Voon
13# Email Address []:tonvoon@mac.com
14
5 15
6use strict; 16use strict;
7use Test::More; 17use Test::More;
@@ -25,17 +35,35 @@ $HTTP::Daemon::VERSION = "1.00";
25 35
26my $port_http = 50000 + int(rand(1000)); 36my $port_http = 50000 + int(rand(1000));
27my $port_https = $port_http + 1; 37my $port_https = $port_http + 1;
38my $port_https_expired = $port_http + 2;
28 39
29# Start up both servers 40# Start up all servers
30my $pid_https; 41my @pids;
31my $pid_http = fork(); 42my $pid = fork();
32if ($pid_http) { 43if ($pid) {
33 # Parent 44 # Parent
45 push @pids, $pid;
34 if (exists $servers->{https}) { 46 if (exists $servers->{https}) {
35 # Fork another server 47 # Fork a normal HTTPS server
36 $pid_https = fork(); 48 $pid = fork();
37 if ($pid_https) { 49 if ($pid) {
38 # Parent 50 # Parent
51 push @pids, $pid;
52 # Fork an expired cert server
53 $pid = fork();
54 if ($pid) {
55 push @pids, $pid;
56 } else {
57 my $d = HTTP::Daemon::SSL->new(
58 LocalPort => $port_https_expired,
59 LocalAddr => "127.0.0.1",
60 SSL_cert_file => "$Bin/certs/expired-cert.pem",
61 SSL_key_file => "$Bin/certs/expired-key.pem",
62 ) || die;
63 print "Please contact https expired at: <URL:", $d->url, ">\n";
64 run_server( $d );
65 exit;
66 }
39 } else { 67 } else {
40 my $d = HTTP::Daemon::SSL->new( 68 my $d = HTTP::Daemon::SSL->new(
41 LocalPort => $port_https, 69 LocalPort => $port_https,
@@ -106,7 +134,7 @@ sub run_server {
106} 134}
107 135
108END { 136END {
109 foreach my $pid ($pid_http, $pid_https) { 137 foreach my $pid (@pids) {
110 if ($pid) { print "Killing $pid\n"; kill "INT", $pid } 138 if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
111 } 139 }
112}; 140};
@@ -116,8 +144,9 @@ if ($ARGV[0] && $ARGV[0] eq "-d") {
116} 144}
117 145
118my $common_tests = 47; 146my $common_tests = 47;
147my $ssl_only_tests = 6;
119if (-x "./check_http") { 148if (-x "./check_http") {
120 plan tests => $common_tests * 2; 149 plan tests => $common_tests * 2 + $ssl_only_tests;
121} else { 150} else {
122 plan skip_all => "No check_http compiled"; 151 plan skip_all => "No check_http compiled";
123} 152}
@@ -127,8 +156,25 @@ my $command = "./check_http -H 127.0.0.1";
127 156
128run_common_tests( { command => "$command -p $port_http" } ); 157run_common_tests( { command => "$command -p $port_http" } );
129SKIP: { 158SKIP: {
130 skip "HTTP::Daemon::SSL not installed", $common_tests if ! exists $servers->{https}; 159 skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
131 run_common_tests( { command => "$command -p $port_https", ssl => 1 } ); 160 run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
161
162 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
163 is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
164 is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41.', "output ok" );
165
166 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
167 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
168 like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" );
169
170
171 # Expired cert tests
172 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
173 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
174 is( $result->output,
175 'CRITICAL - Certificate expired on 03/05/2009 00:13.',
176 "output ok" );
177
132} 178}
133 179
134sub run_common_tests { 180sub run_common_tests {