1 files changed, 497 insertions, 0 deletions
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
new file mode 100755
index 00000000..e182623c
--- /dev/null
+++ b/plugins/tests/check_curl.t
@@ -0,0 +1,497 @@
+#! /usr/bin/perl -w -I ..
+#
+# Test check_http by having an actual HTTP server running
+#
+# To create the https server certificate:
+# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
+# Country Name (2 letter code) [AU]:UK
+# State or Province Name (full name) [Some-State]:Derbyshire
+# Locality Name (eg, city) []:Belper
+# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
+# Organizational Unit Name (eg, section) []:
+# Common Name (eg, YOUR name) []:Ton Voon
+# Email Address []:tonvoon@mac.com
+use strict;
+use Test::More;
+use NPTest;
+use FindBin qw($Bin);
+$ENV{'LC_TIME'} = "C";
+my $common_tests = 70;
+my $ssl_only_tests = 8;
+# Check that all dependent modules are available
+eval "use HTTP::Daemon 6.01;";
+plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
+eval {
+        require HTTP::Status;
+        require HTTP::Response;
+};
+my $plugin = 'check_http';
+$plugin    = 'check_curl' if $0 =~ m/check_curl/mx;
+# look for libcurl version to see if some advanced checks are possible (>= 7.49.0)
+my $advanced_checks = 12;
+my $use_advanced_checks = 0;
+my $required_version = '7.49.0';
+my $virtual_host = 'www.somefunnyhost.com';
+my $virtual_port = 42;
+my $curl_version = '';
+open (my $fh, '-|', "./$plugin --version") or die;
+while (<$fh>) {
+        if (m{libcurl/([\d.]+)\s}) {
+                $curl_version = $1;
+                last;
+        }
+}
+close ($fh);
+if ($curl_version) {
+        my ($major, $minor, $release) = split (/\./, $curl_version);
+        my ($req_major, $req_minor, $req_release) = split (/\./, $required_version);
+        my $check = ($major <=> $req_major or $minor <=> $req_minor or $release <=> $req_release);
+        if ($check >= 0) {
+                $use_advanced_checks = 1;
+                print "Found libcurl $major.$minor.$release. Using advanced checks\n";
+        }
+}
+if ($@) {
+        plan skip_all => "Missing required module for test: $@";
+} else {
+        if (-x "./$plugin") {
+                plan tests => $common_tests * 2 + $ssl_only_tests + $advanced_checks;
+        } else {
+                plan skip_all => "No $plugin compiled";
+        }
+}
+my $servers = { http => 0 };    # HTTP::Daemon should always be available
+eval { require HTTP::Daemon::SSL };
+if ($@) {
+        diag "Cannot load HTTP::Daemon::SSL: $@";
+} else {
+        $servers->{https} = 0;
+}
+# set a fixed version, so the header size doesn't vary
+$HTTP::Daemon::VERSION = "1.00";
+my $port_http = 50000 + int(rand(1000));
+my $port_https = $port_http + 1;
+my $port_https_expired = $port_http + 2;
+# This array keeps sockets around for implementing timeouts
+my @persist;
+# Start up all servers
+my @pids;
+my $pid = fork();
+if ($pid) {
+        # Parent
+        push @pids, $pid;
+        if (exists $servers->{https}) {
+                # Fork a normal HTTPS server
+                $pid = fork();
+                if ($pid) {
+                        # Parent
+                        push @pids, $pid;
+                        # Fork an expired cert server
+                        $pid = fork();
+                        if ($pid) {
+                                push @pids, $pid;
+                        } else {
+                                my $d = HTTP::Daemon::SSL->new(
+                                        LocalPort => $port_https_expired,
+                                        LocalAddr => "127.0.0.1",
+                                        SSL_cert_file => "$Bin/certs/expired-cert.pem",
+                                        SSL_key_file => "$Bin/certs/expired-key.pem",
+                                ) || die;
+                                print "Please contact https expired at: <URL:", $d->url, ">\n";
+                                run_server( $d );
+                                exit;
+                        }
+                } else {
+                        my $d = HTTP::Daemon::SSL->new(
+                                LocalPort => $port_https,
+                                LocalAddr => "127.0.0.1",
+                                SSL_cert_file => "$Bin/certs/server-cert.pem",
+                                SSL_key_file => "$Bin/certs/server-key.pem",
+                        ) || die;
+                        print "Please contact https at: <URL:", $d->url, ">\n";
+                        run_server( $d );
+                        exit;
+                }
+        }
+        # give our webservers some time to startup
+        sleep(1);
+} else {
+        # Child
+        #print "child\n";
+        my $d = HTTP::Daemon->new(
+                LocalPort => $port_http,
+                LocalAddr => "127.0.0.1",
+        ) || die;
+        print "Please contact http at: <URL:", $d->url, ">\n";
+        run_server( $d );
+        exit;
+}
+# Run the same server on http and https
+sub run_server {
+        my $d = shift;
+        MAINLOOP: while (my $c = $d->accept ) {
+                while (my $r = $c->get_request) {
+                        if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
+                                $c->send_basic_header($1);
+                                $c->send_crlf;
+                        } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_file_response("$Bin/var/$1");
+                        } elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                sleep 1;
+                                $c->send_response("slow");
+                        } elsif ($r->url->path eq "/method") {
+                                if ($r->method eq "DELETE") {
+                                        $c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
+                                } elsif ($r->method eq "foo") {
+                                        $c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
+                                } else {
+                                        $c->send_status_line(200, $r->method);
+                                }
+                        } elsif ($r->url->path eq "/postdata") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response($r->method.":".$r->content);
+                        } elsif ($r->url->path eq "/redirect") {
+                                $c->send_redirect( "/redirect2" );
+                        } elsif ($r->url->path eq "/redir_external") {
+                                $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
+                        } elsif ($r->url->path eq "/redirect2") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
+                        } elsif ($r->url->path eq "/redir_timeout") {
+                                $c->send_redirect( "/timeout" );
+                        } elsif ($r->url->path eq "/timeout") {
+                                # Keep $c from being destroyed, but prevent severe leaks
+                                unshift @persist, $c;
+                                delete($persist[1000]);
+                                next MAINLOOP;
+                        } elsif ($r->url->path eq "/header_check") {
+                                $c->send_basic_header;
+                                $c->send_header('foo');
+                                $c->send_crlf;
+                        } elsif ($r->url->path eq "/virtual_port") {
+                                # return sent Host header
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
+                        } else {
+                                $c->send_error(HTTP::Status->RC_FORBIDDEN);
+                        }
+                        $c->close;
+                }
+        }
+}
+END {
+        foreach my $pid (@pids) {
+                if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
+        }
+};
+if ($ARGV[0] && $ARGV[0] eq "-d") {
+        while (1) {
+                sleep 100;
+        }
+}
+my $result;
+my $command = "./$plugin -H 127.0.0.1";
+run_common_tests( { command => "$command -p $port_http" } );
+SKIP: {
+        skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
+        run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
+        is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
+        is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar  3 21:41:28 2019 +0000.', "output ok" );
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
+        is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
+        like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        # Expired cert tests
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
+        is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
+        like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
+        is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
+        is( $result->output,
+                'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar  5 00:13:16 2009 +0000.',
+                "output ok" );
+}
+my $cmd;
+# advanced checks with virtual hostname and virtual port
+SKIP: {
+        skip "libcurl version is smaller than $required_version", 6 unless $use_advanced_checks;
+        
+        # http without virtual port
+        $cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$port_http\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # http with virtual port (!= 80)
+        $cmd = "./$plugin -H $virtual_host:$virtual_port -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$virtual_port\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        
+        # http with virtual port (80)
+        $cmd = "./$plugin -H $virtual_host:80 -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+}
+# and the same for SSL
+SKIP: {
+        skip "libcurl version is smaller than $required_version and/or HTTP::Daemon::SSL not installed", 6 if ! exists $servers->{https} or not $use_advanced_checks;
+        # https without virtual port
+        $cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host:$port_https\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # https with virtual port (!= 443)
+        $cmd = "./$plugin -H $virtual_host:$virtual_port -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host:$virtual_port\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # https with virtual port (443)
+        $cmd = "./$plugin -H $virtual_host:443 -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+}
+sub run_common_tests {
+        my ($opts) = @_;
+        my $command = $opts->{command};
+        if ($opts->{ssl}) {
+                $command .= " --ssl";
+        }
+        $result = NPTest->testCmd( "$command -u /file/root" );
+        is( $result->return_code, 0, "/file/root");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /file/root -s Root" );
+        is( $result->return_code, 0, "/file/root search for string");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
+        is( $result->return_code, 2, "Missing string check");
+        like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
+        $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
+        is( $result->return_code, 2, "Missing string check");
+        like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
+        $result = NPTest->testCmd( "$command -u /header_check -d foo" );
+        is( $result->return_code, 0, "header_check search for string");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /header_check -d bar" );
+        is( $result->return_code, 2, "Missing header string check");
+        like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
+        my $cmd;
+        $cmd = "$command -u /slow";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, "$cmd");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $result->output =~ /in ([\d\.]+) second/;
+        cmp_ok( $1, ">", 1, "Time is > 1 second" );
+        $cmd = "$command -u /statuscode/200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/200 -e 200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 201";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/200 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/203 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
+        $cmd = "$command -j HEAD -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j POST -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j GET -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -P foo -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j DELETE -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 1, $cmd);
+        like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
+        $cmd = "$command -j foo -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
+        $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # To confirm that the free doesn't segfault
+        $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /redirect";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f follow -u /redirect";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f follow -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f sticky -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+  # These tests may block
+        print "ALRM\n";
+        # stickyport - on full urlS port is set back to 80 otherwise
+        $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
+        eval {
+                local $SIG{ALRM} = sub { die "alarm\n" };
+                alarm(2);
+                $result = NPTest->testCmd( $cmd );
+                alarm(0);       };
+        isnt( $@, "alarm\n", $cmd );
+        is( $result->return_code, 0, $cmd );
+        # Let's hope there won't be any web server on :80 returning "redirected"!
+        $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
+        eval {
+                local $SIG{ALRM} = sub { die "alarm\n" };
+                alarm(2);
+                $result = NPTest->testCmd( $cmd );
+                alarm(0); };
+        isnt( $@, "alarm\n", $cmd );
+        isnt( $result->return_code, 0, $cmd );
+        # Test an external address - timeout
+        SKIP: {
+                skip "This doesn't seem to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
+                $cmd = "$command -f follow -u /redir_external -t 5";
+                eval {
+                        $result = NPTest->testCmd( $cmd, 2 );
+                };
+                like( $@, "/timeout in command: $cmd/", $cmd );
+        }
+        $cmd = "$command -u /timeout -t 5";
+        eval {
+                $result = NPTest->testCmd( $cmd, 2 );
+        };
+        like( $@, "/timeout in command: $cmd/", $cmd );
+        $cmd = "$command -f follow -u /redir_timeout -t 2";
+        eval {
+                $result = NPTest->testCmd( $cmd, 5 );
+        };
+        is( $@, "", $cmd );
+}

diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t new file mode 100755 index 00000000..e182623c --- /dev/null +++ b/plugins/tests/check_curl.t
@@ -0,0 +1,497 @@
	1	#! /usr/bin/perl -w -I ..
	2	#
	3	# Test check_http by having an actual HTTP server running
	4	#
	5	# To create the https server certificate:
	6	# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
	7	# Country Name (2 letter code) [AU]:UK
	8	# State or Province Name (full name) [Some-State]:Derbyshire
	9	# Locality Name (eg, city) []:Belper
	10	# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
	11	# Organizational Unit Name (eg, section) []:
	12	# Common Name (eg, YOUR name) []:Ton Voon
	13	# Email Address []:tonvoon@mac.com
	14
	15	use strict;
	16	use Test::More;
	17	use NPTest;
	18	use FindBin qw($Bin);
	19
	20	$ENV{'LC_TIME'} = "C";
	21
	22	my $common_tests = 70;
	23	my $ssl_only_tests = 8;
	24	# Check that all dependent modules are available
	25	eval "use HTTP::Daemon 6.01;";
	26	plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
	27	eval {
	28	require HTTP::Status;
	29	require HTTP::Response;
	30	};
	31
	32	my $plugin = 'check_http';
	33	$plugin = 'check_curl' if $0 =~ m/check_curl/mx;
	34
	35	# look for libcurl version to see if some advanced checks are possible (>= 7.49.0)
	36	my $advanced_checks = 12;
	37	my $use_advanced_checks = 0;
	38	my $required_version = '7.49.0';
	39	my $virtual_host = 'www.somefunnyhost.com';
	40	my $virtual_port = 42;
	41	my $curl_version = '';
	42	open (my $fh, '-\|', "./$plugin --version") or die;
	43	while (<$fh>) {
	44	if (m{libcurl/([\d.]+)\s}) {
	45	$curl_version = $1;
	46	last;
	47	}
	48	}
	49	close ($fh);
	50	if ($curl_version) {
	51	my ($major, $minor, $release) = split (/\./, $curl_version);
	52	my ($req_major, $req_minor, $req_release) = split (/\./, $required_version);
	53	my $check = ($major <=> $req_major or $minor <=> $req_minor or $release <=> $req_release);
	54	if ($check >= 0) {
	55	$use_advanced_checks = 1;
	56	print "Found libcurl $major.$minor.$release. Using advanced checks\n";
	57	}
	58	}
	59
	60	if ($@) {
	61	plan skip_all => "Missing required module for test: $@";
	62	} else {
	63	if (-x "./$plugin") {
	64	plan tests => $common_tests * 2 + $ssl_only_tests + $advanced_checks;
	65	} else {
	66	plan skip_all => "No $plugin compiled";
	67	}
	68	}
	69
	70	my $servers = { http => 0 }; # HTTP::Daemon should always be available
	71	eval { require HTTP::Daemon::SSL };
	72	if ($@) {
	73	diag "Cannot load HTTP::Daemon::SSL: $@";
	74	} else {
	75	$servers->{https} = 0;
	76	}
	77
	78	# set a fixed version, so the header size doesn't vary
	79	$HTTP::Daemon::VERSION = "1.00";
	80
	81	my $port_http = 50000 + int(rand(1000));
	82	my $port_https = $port_http + 1;
	83	my $port_https_expired = $port_http + 2;
	84
	85	# This array keeps sockets around for implementing timeouts
	86	my @persist;
	87
	88	# Start up all servers
	89	my @pids;
	90	my $pid = fork();
	91	if ($pid) {
	92	# Parent
	93	push @pids, $pid;
	94	if (exists $servers->{https}) {
	95	# Fork a normal HTTPS server
	96	$pid = fork();
	97	if ($pid) {
	98	# Parent
	99	push @pids, $pid;
	100	# Fork an expired cert server
	101	$pid = fork();
	102	if ($pid) {
	103	push @pids, $pid;
	104	} else {
	105	my $d = HTTP::Daemon::SSL->new(
	106	LocalPort => $port_https_expired,
	107	LocalAddr => "127.0.0.1",
	108	SSL_cert_file => "$Bin/certs/expired-cert.pem",
	109	SSL_key_file => "$Bin/certs/expired-key.pem",
	110	) \|\| die;
	111	print "Please contact https expired at: <URL:", $d->url, ">\n";
	112	run_server( $d );
	113	exit;
	114	}
	115	} else {
	116	my $d = HTTP::Daemon::SSL->new(
	117	LocalPort => $port_https,
	118	LocalAddr => "127.0.0.1",
	119	SSL_cert_file => "$Bin/certs/server-cert.pem",
	120	SSL_key_file => "$Bin/certs/server-key.pem",
	121	) \|\| die;
	122	print "Please contact https at: <URL:", $d->url, ">\n";
	123	run_server( $d );
	124	exit;
	125	}
	126	}
	127	# give our webservers some time to startup
	128	sleep(1);
	129	} else {
	130	# Child
	131	#print "child\n";
	132	my $d = HTTP::Daemon->new(
	133	LocalPort => $port_http,
	134	LocalAddr => "127.0.0.1",
	135	) \|\| die;
	136	print "Please contact http at: <URL:", $d->url, ">\n";
	137	run_server( $d );
	138	exit;
	139	}
	140
	141	# Run the same server on http and https
	142	sub run_server {
	143	my $d = shift;
	144	MAINLOOP: while (my $c = $d->accept ) {
	145	while (my $r = $c->get_request) {
	146	if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
	147	$c->send_basic_header($1);
	148	$c->send_crlf;
	149	} elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
	150	$c->send_basic_header;
	151	$c->send_crlf;
	152	$c->send_file_response("$Bin/var/$1");
	153	} elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
	154	$c->send_basic_header;
	155	$c->send_crlf;
	156	sleep 1;
	157	$c->send_response("slow");
	158	} elsif ($r->url->path eq "/method") {
	159	if ($r->method eq "DELETE") {
	160	$c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
	161	} elsif ($r->method eq "foo") {
	162	$c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
	163	} else {
	164	$c->send_status_line(200, $r->method);
	165	}
	166	} elsif ($r->url->path eq "/postdata") {
	167	$c->send_basic_header;
	168	$c->send_crlf;
	169	$c->send_response($r->method.":".$r->content);
	170	} elsif ($r->url->path eq "/redirect") {
	171	$c->send_redirect( "/redirect2" );
	172	} elsif ($r->url->path eq "/redir_external") {
	173	$c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
	174	} elsif ($r->url->path eq "/redirect2") {
	175	$c->send_basic_header;
	176	$c->send_crlf;
	177	$c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
	178	} elsif ($r->url->path eq "/redir_timeout") {
	179	$c->send_redirect( "/timeout" );
	180	} elsif ($r->url->path eq "/timeout") {
	181	# Keep $c from being destroyed, but prevent severe leaks
	182	unshift @persist, $c;
	183	delete($persist[1000]);
	184	next MAINLOOP;
	185	} elsif ($r->url->path eq "/header_check") {
	186	$c->send_basic_header;
	187	$c->send_header('foo');
	188	$c->send_crlf;
	189	} elsif ($r->url->path eq "/virtual_port") {
	190	# return sent Host header
	191	$c->send_basic_header;
	192	$c->send_crlf;
	193	$c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
	194	} else {
	195	$c->send_error(HTTP::Status->RC_FORBIDDEN);
	196	}
	197	$c->close;
	198	}
	199	}
	200	}
	201
	202	END {
	203	foreach my $pid (@pids) {
	204	if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
	205	}
	206	};
	207
	208	if ($ARGV[0] && $ARGV[0] eq "-d") {
	209	while (1) {
	210	sleep 100;
	211	}
	212	}
	213
	214	my $result;
	215	my $command = "./$plugin -H 127.0.0.1";
	216
	217	run_common_tests( { command => "$command -p $port_http" } );
	218	SKIP: {
	219	skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
	220	run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
	221
	222	$result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
	223	is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
	224	is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" );
	225
	226	$result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
	227	is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
	228	like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
	229
	230	# Expired cert tests
	231	$result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
	232	is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
	233	like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
	234
	235	$result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
	236	is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
	237	is( $result->output,
	238	'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.',
	239	"output ok" );
	240
	241	}
	242
	243	my $cmd;
	244
	245	# advanced checks with virtual hostname and virtual port
	246	SKIP: {
	247	skip "libcurl version is smaller than $required_version", 6 unless $use_advanced_checks;
	248
	249	# http without virtual port
	250	$cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$port_http\$";
	251	$result = NPTest->testCmd( $cmd );
	252	is( $result->return_code, 0, $cmd);
	253	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	254
	255	# http with virtual port (!= 80)
	256	$cmd = "./$plugin -H $virtual_host:$virtual_port -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host:$virtual_port\$";
	257	$result = NPTest->testCmd( $cmd );
	258	is( $result->return_code, 0, $cmd);
	259	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	260
	261	# http with virtual port (80)
	262	$cmd = "./$plugin -H $virtual_host:80 -I 127.0.0.1 -p $port_http -u /virtual_port -r ^$virtual_host\$";
	263	$result = NPTest->testCmd( $cmd );
	264	is( $result->return_code, 0, $cmd);
	265	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	266	}
	267
	268	# and the same for SSL
	269	SKIP: {
	270	skip "libcurl version is smaller than $required_version and/or HTTP::Daemon::SSL not installed", 6 if ! exists $servers->{https} or not $use_advanced_checks;
	271	# https without virtual port
	272	$cmd = "./$plugin -H $virtual_host -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host:$port_https\$";
	273	$result = NPTest->testCmd( $cmd );
	274	is( $result->return_code, 0, $cmd);
	275	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	276
	277	# https with virtual port (!= 443)
	278	$cmd = "./$plugin -H $virtual_host:$virtual_port -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host:$virtual_port\$";
	279	$result = NPTest->testCmd( $cmd );
	280	is( $result->return_code, 0, $cmd);
	281	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	282
	283	# https with virtual port (443)
	284	$cmd = "./$plugin -H $virtual_host:443 -I 127.0.0.1 -p $port_https --ssl -u /virtual_port -r ^$virtual_host\$";
	285	$result = NPTest->testCmd( $cmd );
	286	is( $result->return_code, 0, $cmd);
	287	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	288	}
	289
	290
	291
	292	sub run_common_tests {
	293	my ($opts) = @_;
	294	my $command = $opts->{command};
	295	if ($opts->{ssl}) {
	296	$command .= " --ssl";
	297	}
	298
	299	$result = NPTest->testCmd( "$command -u /file/root" );
	300	is( $result->return_code, 0, "/file/root");
	301	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
	302
	303	$result = NPTest->testCmd( "$command -u /file/root -s Root" );
	304	is( $result->return_code, 0, "/file/root search for string");
	305	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
	306
	307	$result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
	308	is( $result->return_code, 2, "Missing string check");
	309	like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
	310
	311	$result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
	312	is( $result->return_code, 2, "Missing string check");
	313	like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
	314
	315	$result = NPTest->testCmd( "$command -u /header_check -d foo" );
	316	is( $result->return_code, 0, "header_check search for string");
	317	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" );
	318
	319	$result = NPTest->testCmd( "$command -u /header_check -d bar" );
	320	is( $result->return_code, 2, "Missing header string check");
	321	like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
	322
	323	my $cmd;
	324	$cmd = "$command -u /slow";
	325	$result = NPTest->testCmd( $cmd );
	326	is( $result->return_code, 0, "$cmd");
	327	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	328	$result->output =~ /in ([\d\.]+) second/;
	329	cmp_ok( $1, ">", 1, "Time is > 1 second" );
	330
	331	$cmd = "$command -u /statuscode/200";
	332	$result = NPTest->testCmd( $cmd );
	333	is( $result->return_code, 0, $cmd);
	334	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	335
	336	$cmd = "$command -u /statuscode/200 -e 200";
	337	$result = NPTest->testCmd( $cmd );
	338	is( $result->return_code, 0, $cmd);
	339	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	340
	341	$cmd = "$command -u /statuscode/201";
	342	$result = NPTest->testCmd( $cmd );
	343	is( $result->return_code, 0, $cmd);
	344	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
	345
	346	$cmd = "$command -u /statuscode/201 -e 201";
	347	$result = NPTest->testCmd( $cmd );
	348	is( $result->return_code, 0, $cmd);
	349	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
	350
	351	$cmd = "$command -u /statuscode/201 -e 200";
	352	$result = NPTest->testCmd( $cmd );
	353	is( $result->return_code, 2, $cmd);
	354	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
	355
	356	$cmd = "$command -u /statuscode/200 -e 200,201,202";
	357	$result = NPTest->testCmd( $cmd );
	358	is( $result->return_code, 0, $cmd);
	359	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	360
	361	$cmd = "$command -u /statuscode/201 -e 200,201,202";
	362	$result = NPTest->testCmd( $cmd );
	363	is( $result->return_code, 0, $cmd);
	364	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	365
	366	$cmd = "$command -u /statuscode/203 -e 200,201,202";
	367	$result = NPTest->testCmd( $cmd );
	368	is( $result->return_code, 2, $cmd);
	369	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
	370
	371	$cmd = "$command -j HEAD -u /method";
	372	$result = NPTest->testCmd( $cmd );
	373	is( $result->return_code, 0, $cmd);
	374	like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	375
	376	$cmd = "$command -j POST -u /method";
	377	$result = NPTest->testCmd( $cmd );
	378	is( $result->return_code, 0, $cmd);
	379	like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	380
	381	$cmd = "$command -j GET -u /method";
	382	$result = NPTest->testCmd( $cmd );
	383	is( $result->return_code, 0, $cmd);
	384	like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	385
	386	$cmd = "$command -u /method";
	387	$result = NPTest->testCmd( $cmd );
	388	is( $result->return_code, 0, $cmd);
	389	like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	390
	391	$cmd = "$command -P foo -u /method";
	392	$result = NPTest->testCmd( $cmd );
	393	is( $result->return_code, 0, $cmd);
	394	like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	395
	396	$cmd = "$command -j DELETE -u /method";
	397	$result = NPTest->testCmd( $cmd );
	398	is( $result->return_code, 1, $cmd);
	399	like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
	400
	401	$cmd = "$command -j foo -u /method";
	402	$result = NPTest->testCmd( $cmd );
	403	is( $result->return_code, 2, $cmd);
	404	like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
	405
	406	$cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
	407	$result = NPTest->testCmd( $cmd );
	408	is( $result->return_code, 0, $cmd);
	409	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	410
	411	$cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
	412	$result = NPTest->testCmd( $cmd );
	413	is( $result->return_code, 0, $cmd);
	414	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	415
	416	# To confirm that the free doesn't segfault
	417	$cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
	418	$result = NPTest->testCmd( $cmd );
	419	is( $result->return_code, 0, $cmd);
	420	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	421
	422	$cmd = "$command -u /redirect";
	423	$result = NPTest->testCmd( $cmd );
	424	is( $result->return_code, 0, $cmd);
	425	like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	426
	427	$cmd = "$command -f follow -u /redirect";
	428	$result = NPTest->testCmd( $cmd );
	429	is( $result->return_code, 0, $cmd);
	430	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	431
	432	$cmd = "$command -u /redirect -k 'follow: me'";
	433	$result = NPTest->testCmd( $cmd );
	434	is( $result->return_code, 0, $cmd);
	435	like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	436
	437	$cmd = "$command -f follow -u /redirect -k 'follow: me'";
	438	$result = NPTest->testCmd( $cmd );
	439	is( $result->return_code, 0, $cmd);
	440	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	441
	442	$cmd = "$command -f sticky -u /redirect -k 'follow: me'";
	443	$result = NPTest->testCmd( $cmd );
	444	is( $result->return_code, 0, $cmd);
	445	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	446
	447	$cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
	448	$result = NPTest->testCmd( $cmd );
	449	is( $result->return_code, 0, $cmd);
	450	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
	451
	452	# These tests may block
	453	print "ALRM\n";
	454
	455	# stickyport - on full urlS port is set back to 80 otherwise
	456	$cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
	457	eval {
	458	local $SIG{ALRM} = sub { die "alarm\n" };
	459	alarm(2);
	460	$result = NPTest->testCmd( $cmd );
	461	alarm(0); };
	462	isnt( $@, "alarm\n", $cmd );
	463	is( $result->return_code, 0, $cmd );
	464
	465	# Let's hope there won't be any web server on :80 returning "redirected"!
	466	$cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
	467	eval {
	468	local $SIG{ALRM} = sub { die "alarm\n" };
	469	alarm(2);
	470	$result = NPTest->testCmd( $cmd );
	471	alarm(0); };
	472	isnt( $@, "alarm\n", $cmd );
	473	isnt( $result->return_code, 0, $cmd );
	474
	475	# Test an external address - timeout
	476	SKIP: {
	477	skip "This doesn't seem to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
	478	$cmd = "$command -f follow -u /redir_external -t 5";
	479	eval {
	480	$result = NPTest->testCmd( $cmd, 2 );
	481	};
	482	like( $@, "/timeout in command: $cmd/", $cmd );
	483	}
	484
	485	$cmd = "$command -u /timeout -t 5";
	486	eval {
	487	$result = NPTest->testCmd( $cmd, 2 );
	488	};
	489	like( $@, "/timeout in command: $cmd/", $cmd );
	490
	491	$cmd = "$command -f follow -u /redir_timeout -t 2";
	492	eval {
	493	$result = NPTest->testCmd( $cmd, 5 );
	494	};
	495	is( $@, "", $cmd );
	496
	497	}