2 files changed, 460 insertions, 2 deletions
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
new file mode 100755
index 00000000..28dacd0d
--- /dev/null
+++ b/plugins/tests/check_curl.t
@@ -0,0 +1,455 @@
+#! /usr/bin/perl -w -I ..
+#
+# Test check_http by having an actual HTTP server running
+#
+# To create the https server certificate:
+# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
+# Country Name (2 letter code) [AU]:UK
+# State or Province Name (full name) [Some-State]:Derbyshire
+# Locality Name (eg, city) []:Belper
+# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
+# Organizational Unit Name (eg, section) []:
+# Common Name (eg, YOUR name) []:Ton Voon
+# Email Address []:tonvoon@mac.com
+use strict;
+use Test::More;
+use NPTest;
+use FindBin qw($Bin);
+$ENV{'LC_TIME'} = "C";
+my $common_tests = 70;
+my $virtual_port_tests = 8;
+my $ssl_only_tests = 8;
+# Check that all dependent modules are available
+eval "use HTTP::Daemon 6.01;";
+plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
+eval {
+        require HTTP::Status;
+        require HTTP::Response;
+};
+my $plugin = 'check_http';
+$plugin    = 'check_curl' if $0 =~ m/check_curl/mx;
+if ($@) {
+        plan skip_all => "Missing required module for test: $@";
+} else {
+        if (-x "./$plugin") {
+                plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests;
+        } else {
+                plan skip_all => "No $plugin compiled";
+        }
+}
+my $servers = { http => 0 };    # HTTP::Daemon should always be available
+eval { require HTTP::Daemon::SSL };
+if ($@) {
+        diag "Cannot load HTTP::Daemon::SSL: $@";
+} else {
+        $servers->{https} = 0;
+}
+# set a fixed version, so the header size doesn't vary
+$HTTP::Daemon::VERSION = "1.00";
+my $port_http = 50000 + int(rand(1000));
+my $port_https = $port_http + 1;
+my $port_https_expired = $port_http + 2;
+# This array keeps sockets around for implementing timeouts
+my @persist;
+# Start up all servers
+my @pids;
+my $pid = fork();
+if ($pid) {
+        # Parent
+        push @pids, $pid;
+        if (exists $servers->{https}) {
+                # Fork a normal HTTPS server
+                $pid = fork();
+                if ($pid) {
+                        # Parent
+                        push @pids, $pid;
+                        # Fork an expired cert server
+                        $pid = fork();
+                        if ($pid) {
+                                push @pids, $pid;
+                        } else {
+                                my $d = HTTP::Daemon::SSL->new(
+                                        LocalPort => $port_https_expired,
+                                        LocalAddr => "127.0.0.1",
+                                        SSL_cert_file => "$Bin/certs/expired-cert.pem",
+                                        SSL_key_file => "$Bin/certs/expired-key.pem",
+                                ) || die;
+                                print "Please contact https expired at: <URL:", $d->url, ">\n";
+                                run_server( $d );
+                                exit;
+                        }
+                } else {
+                        my $d = HTTP::Daemon::SSL->new(
+                                LocalPort => $port_https,
+                                LocalAddr => "127.0.0.1",
+                                SSL_cert_file => "$Bin/certs/server-cert.pem",
+                                SSL_key_file => "$Bin/certs/server-key.pem",
+                        ) || die;
+                        print "Please contact https at: <URL:", $d->url, ">\n";
+                        run_server( $d );
+                        exit;
+                }
+        }
+        # give our webservers some time to startup
+        sleep(1);
+} else {
+        # Child
+        #print "child\n";
+        my $d = HTTP::Daemon->new(
+                LocalPort => $port_http,
+                LocalAddr => "127.0.0.1",
+        ) || die;
+        print "Please contact http at: <URL:", $d->url, ">\n";
+        run_server( $d );
+        exit;
+}
+# Run the same server on http and https
+sub run_server {
+        my $d = shift;
+        MAINLOOP: while (my $c = $d->accept ) {
+                while (my $r = $c->get_request) {
+                        if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
+                                $c->send_basic_header($1);
+                                $c->send_crlf;
+                        } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_file_response("$Bin/var/$1");
+                        } elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                sleep 1;
+                                $c->send_response("slow");
+                        } elsif ($r->url->path eq "/method") {
+                                if ($r->method eq "DELETE") {
+                                        $c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
+                                } elsif ($r->method eq "foo") {
+                                        $c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
+                                } else {
+                                        $c->send_status_line(200, $r->method);
+                                }
+                        } elsif ($r->url->path eq "/postdata") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response($r->method.":".$r->content);
+                        } elsif ($r->url->path eq "/redirect") {
+                                $c->send_redirect( "/redirect2" );
+                        } elsif ($r->url->path eq "/redir_external") {
+                                $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
+                        } elsif ($r->url->path eq "/redirect2") {
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
+                        } elsif ($r->url->path eq "/redir_timeout") {
+                                $c->send_redirect( "/timeout" );
+                        } elsif ($r->url->path eq "/timeout") {
+                                # Keep $c from being destroyed, but prevent severe leaks
+                                unshift @persist, $c;
+                                delete($persist[1000]);
+                                next MAINLOOP;
+                        } elsif ($r->url->path eq "/header_check") {
+                                $c->send_basic_header;
+                                $c->send_header('foo');
+                                $c->send_crlf;
+                        } elsif ($r->url->path eq "/virtual_port") {
+                                # return sent Host header
+                                $c->send_basic_header;
+                                $c->send_crlf;
+                                $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
+                        } else {
+                                $c->send_error(HTTP::Status->RC_FORBIDDEN);
+                        }
+                        $c->close;
+                }
+        }
+}
+END {
+        foreach my $pid (@pids) {
+                if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
+        }
+};
+if ($ARGV[0] && $ARGV[0] eq "-d") {
+        while (1) {
+                sleep 100;
+        }
+}
+my $result;
+my $command = "./$plugin -H 127.0.0.1";
+run_common_tests( { command => "$command -p $port_http" } );
+SKIP: {
+        skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
+        run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
+        is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
+        is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar  3 21:41:28 2019 +0000.', "output ok" );
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
+        is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
+        like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        # Expired cert tests
+        $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
+        is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
+        like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar  3 21:41:28 2019 \+0000\)./', "output ok" );
+        $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
+        is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
+        is( $result->output,
+                'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar  5 00:13:16 2009 +0000.',
+                "output ok" );
+}
+my $cmd;
+# check virtual port behaviour
+#
+# http without virtual port
+$cmd = "$command -p $port_http -u /virtual_port -r ^127.0.0.1:$port_http\$";
+$result = NPTest->testCmd( $cmd );
+is( $result->return_code, 0, $cmd);
+like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+# http with virtual port
+$cmd = "$command:80 -p $port_http -u /virtual_port -r ^127.0.0.1\$";
+$result = NPTest->testCmd( $cmd );
+is( $result->return_code, 0, $cmd);
+like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+SKIP: {
+        skip "HTTP::Daemon::SSL not installed", 4 if ! exists $servers->{https};
+        # https without virtual port
+        $cmd = "$command -p $port_https --ssl -u /virtual_port -r ^127.0.0.1:$port_https\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # https with virtual port
+        $cmd = "$command:443 -p $port_https --ssl -u /virtual_port -r ^127.0.0.1\$";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+}
+sub run_common_tests {
+        my ($opts) = @_;
+        my $command = $opts->{command};
+        if ($opts->{ssl}) {
+                $command .= " --ssl";
+        }
+        $result = NPTest->testCmd( "$command -u /file/root" );
+        is( $result->return_code, 0, "/file/root");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /file/root -s Root" );
+        is( $result->return_code, 0, "/file/root search for string");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
+        is( $result->return_code, 2, "Missing string check");
+        like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
+        $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
+        is( $result->return_code, 2, "Missing string check");
+        like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
+        $result = NPTest->testCmd( "$command -u /header_check -d foo" );
+        is( $result->return_code, 0, "header_check search for string");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" );
+        $result = NPTest->testCmd( "$command -u /header_check -d bar" );
+        is( $result->return_code, 2, "Missing header string check");
+        like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
+        my $cmd;
+        $cmd = "$command -u /slow";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, "$cmd");
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $result->output =~ /in ([\d\.]+) second/;
+        cmp_ok( $1, ">", 1, "Time is > 1 second" );
+        $cmd = "$command -u /statuscode/200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/200 -e 200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 201";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 200";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/200 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/201 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /statuscode/203 -e 200,201,202";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
+        $cmd = "$command -j HEAD -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j POST -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j GET -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -P foo -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j DELETE -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 1, $cmd);
+        like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
+        $cmd = "$command -j foo -u /method";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 2, $cmd);
+        like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
+        $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        # To confirm that the free doesn't segfault
+        $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /redirect";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f follow -u /redirect";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f follow -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f sticky -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+        $cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
+        $result = NPTest->testCmd( $cmd );
+        is( $result->return_code, 0, $cmd);
+        like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+  # These tests may block
+        print "ALRM\n";
+        # stickyport - on full urlS port is set back to 80 otherwise
+        $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
+        eval {
+                local $SIG{ALRM} = sub { die "alarm\n" };
+                alarm(2);
+                $result = NPTest->testCmd( $cmd );
+                alarm(0);       };
+        isnt( $@, "alarm\n", $cmd );
+        is( $result->return_code, 0, $cmd );
+        # Let's hope there won't be any web server on :80 returning "redirected"!
+        $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
+        eval {
+                local $SIG{ALRM} = sub { die "alarm\n" };
+                alarm(2);
+                $result = NPTest->testCmd( $cmd );
+                alarm(0); };
+        isnt( $@, "alarm\n", $cmd );
+        isnt( $result->return_code, 0, $cmd );
+        # Test an external address - timeout
+        SKIP: {
+                skip "This doesn't seem to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
+                $cmd = "$command -f follow -u /redir_external -t 5";
+                eval {
+                        $result = NPTest->testCmd( $cmd, 2 );
+                };
+                like( $@, "/timeout in command: $cmd/", $cmd );
+        }
+        $cmd = "$command -u /timeout -t 5";
+        eval {
+                $result = NPTest->testCmd( $cmd, 2 );
+        };
+        like( $@, "/timeout in command: $cmd/", $cmd );
+        $cmd = "$command -f follow -u /redir_timeout -t 2";
+        eval {
+                $result = NPTest->testCmd( $cmd, 5 );
+        };
+        is( $@, "", $cmd );
+}
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
index d6d31de1..c9e65951 100755
--- a/plugins/tests/check_http.t
+++ b/plugins/tests/check_http.t
@@ -30,13 +30,16 @@ eval {
        require HTTP::Response;
 };
+my $plugin = 'check_http';
+$plugin    = 'check_curl' if $0 =~ m/check_curl/mx;
 if ($@) {
        plan skip_all => "Missing required module for test: $@";
 } else {
        if (-x "./check_http") {
                plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests;
        } else {
-                plan skip_all => "No check_http compiled";
+                plan skip_all => "No $plugin compiled";
        }
 }
@@ -185,7 +188,7 @@ if ($ARGV[0] && $ARGV[0] eq "-d") {
 }
 my $result;
-my $command = "./check_http -H 127.0.0.1";
+my $command = "./$plugin -H 127.0.0.1";
 run_common_tests( { command => "$command -p $port_http" } );
 SKIP: {

diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t new file mode 100755 index 00000000..28dacd0d --- /dev/null +++ b/plugins/tests/check_curl.t
@@ -0,0 +1,455 @@
		1	#! /usr/bin/perl -w -I ..
		2	#
		3	# Test check_http by having an actual HTTP server running
		4	#
		5	# To create the https server certificate:
		6	# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
		7	# Country Name (2 letter code) [AU]:UK
		8	# State or Province Name (full name) [Some-State]:Derbyshire
		9	# Locality Name (eg, city) []:Belper
		10	# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
		11	# Organizational Unit Name (eg, section) []:
		12	# Common Name (eg, YOUR name) []:Ton Voon
		13	# Email Address []:tonvoon@mac.com
		14
		15	use strict;
		16	use Test::More;
		17	use NPTest;
		18	use FindBin qw($Bin);
		19
		20	$ENV{'LC_TIME'} = "C";
		21
		22	my $common_tests = 70;
		23	my $virtual_port_tests = 8;
		24	my $ssl_only_tests = 8;
		25	# Check that all dependent modules are available
		26	eval "use HTTP::Daemon 6.01;";
		27	plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
		28	eval {
		29	require HTTP::Status;
		30	require HTTP::Response;
		31	};
		32
		33	my $plugin = 'check_http';
		34	$plugin = 'check_curl' if $0 =~ m/check_curl/mx;
		35
		36	if ($@) {
		37	plan skip_all => "Missing required module for test: $@";
		38	} else {
		39	if (-x "./$plugin") {
		40	plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests;
		41	} else {
		42	plan skip_all => "No $plugin compiled";
		43	}
		44	}
		45
		46	my $servers = { http => 0 }; # HTTP::Daemon should always be available
		47	eval { require HTTP::Daemon::SSL };
		48	if ($@) {
		49	diag "Cannot load HTTP::Daemon::SSL: $@";
		50	} else {
		51	$servers->{https} = 0;
		52	}
		53
		54	# set a fixed version, so the header size doesn't vary
		55	$HTTP::Daemon::VERSION = "1.00";
		56
		57	my $port_http = 50000 + int(rand(1000));
		58	my $port_https = $port_http + 1;
		59	my $port_https_expired = $port_http + 2;
		60
		61	# This array keeps sockets around for implementing timeouts
		62	my @persist;
		63
		64	# Start up all servers
		65	my @pids;
		66	my $pid = fork();
		67	if ($pid) {
		68	# Parent
		69	push @pids, $pid;
		70	if (exists $servers->{https}) {
		71	# Fork a normal HTTPS server
		72	$pid = fork();
		73	if ($pid) {
		74	# Parent
		75	push @pids, $pid;
		76	# Fork an expired cert server
		77	$pid = fork();
		78	if ($pid) {
		79	push @pids, $pid;
		80	} else {
		81	my $d = HTTP::Daemon::SSL->new(
		82	LocalPort => $port_https_expired,
		83	LocalAddr => "127.0.0.1",
		84	SSL_cert_file => "$Bin/certs/expired-cert.pem",
		85	SSL_key_file => "$Bin/certs/expired-key.pem",
		86	) \|\| die;
		87	print "Please contact https expired at: <URL:", $d->url, ">\n";
		88	run_server( $d );
		89	exit;
		90	}
		91	} else {
		92	my $d = HTTP::Daemon::SSL->new(
		93	LocalPort => $port_https,
		94	LocalAddr => "127.0.0.1",
		95	SSL_cert_file => "$Bin/certs/server-cert.pem",
		96	SSL_key_file => "$Bin/certs/server-key.pem",
		97	) \|\| die;
		98	print "Please contact https at: <URL:", $d->url, ">\n";
		99	run_server( $d );
		100	exit;
		101	}
		102	}
		103	# give our webservers some time to startup
		104	sleep(1);
		105	} else {
		106	# Child
		107	#print "child\n";
		108	my $d = HTTP::Daemon->new(
		109	LocalPort => $port_http,
		110	LocalAddr => "127.0.0.1",
		111	) \|\| die;
		112	print "Please contact http at: <URL:", $d->url, ">\n";
		113	run_server( $d );
		114	exit;
		115	}
		116
		117	# Run the same server on http and https
		118	sub run_server {
		119	my $d = shift;
		120	MAINLOOP: while (my $c = $d->accept ) {
		121	while (my $r = $c->get_request) {
		122	if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
		123	$c->send_basic_header($1);
		124	$c->send_crlf;
		125	} elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
		126	$c->send_basic_header;
		127	$c->send_crlf;
		128	$c->send_file_response("$Bin/var/$1");
		129	} elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
		130	$c->send_basic_header;
		131	$c->send_crlf;
		132	sleep 1;
		133	$c->send_response("slow");
		134	} elsif ($r->url->path eq "/method") {
		135	if ($r->method eq "DELETE") {
		136	$c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
		137	} elsif ($r->method eq "foo") {
		138	$c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
		139	} else {
		140	$c->send_status_line(200, $r->method);
		141	}
		142	} elsif ($r->url->path eq "/postdata") {
		143	$c->send_basic_header;
		144	$c->send_crlf;
		145	$c->send_response($r->method.":".$r->content);
		146	} elsif ($r->url->path eq "/redirect") {
		147	$c->send_redirect( "/redirect2" );
		148	} elsif ($r->url->path eq "/redir_external") {
		149	$c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
		150	} elsif ($r->url->path eq "/redirect2") {
		151	$c->send_basic_header;
		152	$c->send_crlf;
		153	$c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
		154	} elsif ($r->url->path eq "/redir_timeout") {
		155	$c->send_redirect( "/timeout" );
		156	} elsif ($r->url->path eq "/timeout") {
		157	# Keep $c from being destroyed, but prevent severe leaks
		158	unshift @persist, $c;
		159	delete($persist[1000]);
		160	next MAINLOOP;
		161	} elsif ($r->url->path eq "/header_check") {
		162	$c->send_basic_header;
		163	$c->send_header('foo');
		164	$c->send_crlf;
		165	} elsif ($r->url->path eq "/virtual_port") {
		166	# return sent Host header
		167	$c->send_basic_header;
		168	$c->send_crlf;
		169	$c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
		170	} else {
		171	$c->send_error(HTTP::Status->RC_FORBIDDEN);
		172	}
		173	$c->close;
		174	}
		175	}
		176	}
		177
		178	END {
		179	foreach my $pid (@pids) {
		180	if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
		181	}
		182	};
		183
		184	if ($ARGV[0] && $ARGV[0] eq "-d") {
		185	while (1) {
		186	sleep 100;
		187	}
		188	}
		189
		190	my $result;
		191	my $command = "./$plugin -H 127.0.0.1";
		192
		193	run_common_tests( { command => "$command -p $port_http" } );
		194	SKIP: {
		195	skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
		196	run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
		197
		198	$result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
		199	is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
		200	is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" );
		201
		202	$result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
		203	is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
		204	like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
		205
		206	# Expired cert tests
		207	$result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
		208	is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
		209	like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
		210
		211	$result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
		212	is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
		213	is( $result->output,
		214	'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.',
		215	"output ok" );
		216
		217	}
		218
		219	my $cmd;
		220	# check virtual port behaviour
		221	#
		222	# http without virtual port
		223	$cmd = "$command -p $port_http -u /virtual_port -r ^127.0.0.1:$port_http\$";
		224	$result = NPTest->testCmd( $cmd );
		225	is( $result->return_code, 0, $cmd);
		226	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		227
		228	# http with virtual port
		229	$cmd = "$command:80 -p $port_http -u /virtual_port -r ^127.0.0.1\$";
		230	$result = NPTest->testCmd( $cmd );
		231	is( $result->return_code, 0, $cmd);
		232	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		233
		234	SKIP: {
		235	skip "HTTP::Daemon::SSL not installed", 4 if ! exists $servers->{https};
		236	# https without virtual port
		237	$cmd = "$command -p $port_https --ssl -u /virtual_port -r ^127.0.0.1:$port_https\$";
		238	$result = NPTest->testCmd( $cmd );
		239	is( $result->return_code, 0, $cmd);
		240	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		241
		242	# https with virtual port
		243	$cmd = "$command:443 -p $port_https --ssl -u /virtual_port -r ^127.0.0.1\$";
		244	$result = NPTest->testCmd( $cmd );
		245	is( $result->return_code, 0, $cmd);
		246	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		247	}
		248
		249
		250	sub run_common_tests {
		251	my ($opts) = @_;
		252	my $command = $opts->{command};
		253	if ($opts->{ssl}) {
		254	$command .= " --ssl";
		255	}
		256
		257	$result = NPTest->testCmd( "$command -u /file/root" );
		258	is( $result->return_code, 0, "/file/root");
		259	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
		260
		261	$result = NPTest->testCmd( "$command -u /file/root -s Root" );
		262	is( $result->return_code, 0, "/file/root search for string");
		263	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
		264
		265	$result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
		266	is( $result->return_code, 2, "Missing string check");
		267	like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
		268
		269	$result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
		270	is( $result->return_code, 2, "Missing string check");
		271	like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
		272
		273	$result = NPTest->testCmd( "$command -u /header_check -d foo" );
		274	is( $result->return_code, 0, "header_check search for string");
		275	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" );
		276
		277	$result = NPTest->testCmd( "$command -u /header_check -d bar" );
		278	is( $result->return_code, 2, "Missing header string check");
		279	like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
		280
		281	my $cmd;
		282	$cmd = "$command -u /slow";
		283	$result = NPTest->testCmd( $cmd );
		284	is( $result->return_code, 0, "$cmd");
		285	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		286	$result->output =~ /in ([\d\.]+) second/;
		287	cmp_ok( $1, ">", 1, "Time is > 1 second" );
		288
		289	$cmd = "$command -u /statuscode/200";
		290	$result = NPTest->testCmd( $cmd );
		291	is( $result->return_code, 0, $cmd);
		292	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		293
		294	$cmd = "$command -u /statuscode/200 -e 200";
		295	$result = NPTest->testCmd( $cmd );
		296	is( $result->return_code, 0, $cmd);
		297	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		298
		299	$cmd = "$command -u /statuscode/201";
		300	$result = NPTest->testCmd( $cmd );
		301	is( $result->return_code, 0, $cmd);
		302	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
		303
		304	$cmd = "$command -u /statuscode/201 -e 201";
		305	$result = NPTest->testCmd( $cmd );
		306	is( $result->return_code, 0, $cmd);
		307	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
		308
		309	$cmd = "$command -u /statuscode/201 -e 200";
		310	$result = NPTest->testCmd( $cmd );
		311	is( $result->return_code, 2, $cmd);
		312	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
		313
		314	$cmd = "$command -u /statuscode/200 -e 200,201,202";
		315	$result = NPTest->testCmd( $cmd );
		316	is( $result->return_code, 0, $cmd);
		317	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		318
		319	$cmd = "$command -u /statuscode/201 -e 200,201,202";
		320	$result = NPTest->testCmd( $cmd );
		321	is( $result->return_code, 0, $cmd);
		322	like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		323
		324	$cmd = "$command -u /statuscode/203 -e 200,201,202";
		325	$result = NPTest->testCmd( $cmd );
		326	is( $result->return_code, 2, $cmd);
		327	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
		328
		329	$cmd = "$command -j HEAD -u /method";
		330	$result = NPTest->testCmd( $cmd );
		331	is( $result->return_code, 0, $cmd);
		332	like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		333
		334	$cmd = "$command -j POST -u /method";
		335	$result = NPTest->testCmd( $cmd );
		336	is( $result->return_code, 0, $cmd);
		337	like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		338
		339	$cmd = "$command -j GET -u /method";
		340	$result = NPTest->testCmd( $cmd );
		341	is( $result->return_code, 0, $cmd);
		342	like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		343
		344	$cmd = "$command -u /method";
		345	$result = NPTest->testCmd( $cmd );
		346	is( $result->return_code, 0, $cmd);
		347	like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		348
		349	$cmd = "$command -P foo -u /method";
		350	$result = NPTest->testCmd( $cmd );
		351	is( $result->return_code, 0, $cmd);
		352	like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		353
		354	$cmd = "$command -j DELETE -u /method";
		355	$result = NPTest->testCmd( $cmd );
		356	is( $result->return_code, 1, $cmd);
		357	like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
		358
		359	$cmd = "$command -j foo -u /method";
		360	$result = NPTest->testCmd( $cmd );
		361	is( $result->return_code, 2, $cmd);
		362	like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
		363
		364	$cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
		365	$result = NPTest->testCmd( $cmd );
		366	is( $result->return_code, 0, $cmd);
		367	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		368
		369	$cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
		370	$result = NPTest->testCmd( $cmd );
		371	is( $result->return_code, 0, $cmd);
		372	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		373
		374	# To confirm that the free doesn't segfault
		375	$cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
		376	$result = NPTest->testCmd( $cmd );
		377	is( $result->return_code, 0, $cmd);
		378	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		379
		380	$cmd = "$command -u /redirect";
		381	$result = NPTest->testCmd( $cmd );
		382	is( $result->return_code, 0, $cmd);
		383	like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		384
		385	$cmd = "$command -f follow -u /redirect";
		386	$result = NPTest->testCmd( $cmd );
		387	is( $result->return_code, 0, $cmd);
		388	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		389
		390	$cmd = "$command -u /redirect -k 'follow: me'";
		391	$result = NPTest->testCmd( $cmd );
		392	is( $result->return_code, 0, $cmd);
		393	like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		394
		395	$cmd = "$command -f follow -u /redirect -k 'follow: me'";
		396	$result = NPTest->testCmd( $cmd );
		397	is( $result->return_code, 0, $cmd);
		398	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		399
		400	$cmd = "$command -f sticky -u /redirect -k 'follow: me'";
		401	$result = NPTest->testCmd( $cmd );
		402	is( $result->return_code, 0, $cmd);
		403	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		404
		405	$cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
		406	$result = NPTest->testCmd( $cmd );
		407	is( $result->return_code, 0, $cmd);
		408	like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
		409
		410	# These tests may block
		411	print "ALRM\n";
		412
		413	# stickyport - on full urlS port is set back to 80 otherwise
		414	$cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
		415	eval {
		416	local $SIG{ALRM} = sub { die "alarm\n" };
		417	alarm(2);
		418	$result = NPTest->testCmd( $cmd );
		419	alarm(0); };
		420	isnt( $@, "alarm\n", $cmd );
		421	is( $result->return_code, 0, $cmd );
		422
		423	# Let's hope there won't be any web server on :80 returning "redirected"!
		424	$cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
		425	eval {
		426	local $SIG{ALRM} = sub { die "alarm\n" };
		427	alarm(2);
		428	$result = NPTest->testCmd( $cmd );
		429	alarm(0); };
		430	isnt( $@, "alarm\n", $cmd );
		431	isnt( $result->return_code, 0, $cmd );
		432
		433	# Test an external address - timeout
		434	SKIP: {
		435	skip "This doesn't seem to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
		436	$cmd = "$command -f follow -u /redir_external -t 5";
		437	eval {
		438	$result = NPTest->testCmd( $cmd, 2 );
		439	};
		440	like( $@, "/timeout in command: $cmd/", $cmd );
		441	}
		442
		443	$cmd = "$command -u /timeout -t 5";
		444	eval {
		445	$result = NPTest->testCmd( $cmd, 2 );
		446	};
		447	like( $@, "/timeout in command: $cmd/", $cmd );
		448
		449	$cmd = "$command -f follow -u /redir_timeout -t 2";
		450	eval {
		451	$result = NPTest->testCmd( $cmd, 5 );
		452	};
		453	is( $@, "", $cmd );
		454
		455	}


diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d6d31de1..c9e65951 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t
@@ -30,13 +30,16 @@ eval {
30	require HTTP::Response;	30	require HTTP::Response;
31	};	31	};
32		32
		33	my $plugin = 'check_http';
		34	$plugin = 'check_curl' if $0 =~ m/check_curl/mx;
		35
33	if ($@) {	36	if ($@) {
34	plan skip_all => "Missing required module for test: $@";	37	plan skip_all => "Missing required module for test: $@";
35	} else {	38	} else {
36	if (-x "./check_http") {	39	if (-x "./check_http") {
37	plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests;	40	plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests;
38	} else {	41	} else {
39	plan skip_all => "No check_http compiled";	42	plan skip_all => "No $plugin compiled";
40	}	43	}
41	}	44	}
42		45
@@ -185,7 +188,7 @@ if ($ARGV[0] && $ARGV[0] eq "-d") {
185	}	188	}
186		189
187	my $result;	190	my $result;
188	my $command = "./check_http -H 127.0.0.1";	191	my $command = "./$plugin -H 127.0.0.1";
189		192
190	run_common_tests( { command => "$command -p $port_http" } );	193	run_common_tests( { command => "$command -p $port_http" } );
191	SKIP: {	194	SKIP: {