summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/t/check_curl.t200
1 files changed, 200 insertions, 0 deletions
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t
new file mode 100644
index 0000000..3c36a26
--- /dev/null
+++ b/plugins/t/check_curl.t
@@ -0,0 +1,200 @@
1#! /usr/bin/perl -w -I ..
2#
3# HyperText Transfer Protocol (HTTP) Test via check_curl
4#
5#
6
7use strict;
8use Test::More;
9use POSIX qw/mktime strftime/;
10use NPTest;
11
12plan tests => 49;
13
14my $successOutput = '/OK.*HTTP.*second/';
15
16my $res;
17
18my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP",
19 "A host providing the HTTP Service (a web server)",
20 "localhost" );
21
22my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost",
23 "A host providing the HTTPS Service (a tls web server)" );
24
25my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost",
26 "the common name of the certificate." );
27
28
29my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE",
30 "The hostname of system not responsive to network requests",
31 "10.0.0.1" );
32
33my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID",
34 "An invalid (not known to DNS) hostname",
35 "nosuchhost");
36
37my $internet_access = getTestParameter( "NP_INTERNET_ACCESS",
38 "Is this system directly connected to the internet?",
39 "yes");
40
41my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2",
42 "A host providing an index page containing the string 'monitoring'",
43 "test.monitoring-plugins.org" );
44
45my $faketime = -x '/usr/bin/faketime' ? 1 : 0;
46
47
48$res = NPTest->testCmd(
49 "./check_curl $host_tcp_http -wt 300 -ct 600"
50 );
51cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" );
52like( $res->output, $successOutput, "Output OK" );
53
54$res = NPTest->testCmd(
55 "./check_curl $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'"
56 );
57like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" );
58
59$res = NPTest->testCmd(
60 "./check_curl $host_nonresponsive -wt 1 -ct 2 -t 3"
61 );
62cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" );
63cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK");
64
65$res = NPTest->testCmd(
66 "./check_curl $hostname_invalid -wt 1 -ct 2"
67 );
68cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" );
69# The first part of the message comes from the OS catalogue, so cannot check this.
70# On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename
71# Is also possible to get a socket timeout if DNS is not responding fast enough
72like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK");
73
74# host header checks
75$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http");
76like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" );
77
78$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http -p 80");
79like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" );
80
81$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80");
82like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" );
83
84$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80");
85like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" );
86
87SKIP: {
88 skip "No internet access", 3 if $internet_access eq "no";
89
90 $res = NPTest->testCmd("./check_curl -v -H $host_tls_http -S");
91 like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" );
92
93 $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:8080 -S -p 443");
94 like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" );
95
96 $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:443 -S -p 443");
97 like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" );
98};
99
100SKIP: {
101 skip "No host serving monitoring in index file", 7 unless $host_tcp_http2;
102
103 $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring'" );
104 cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'");
105
106 $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing'" );
107 cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'");
108 like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'");
109
110 $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -R 'mONiTORing'" );
111 cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'");
112
113 $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring' --invert-regex" );
114 cmp_ok( $res->return_code, "==", 2, "Invert results work when found");
115 like ( $res->output, "/pattern found/", "Error message says 'pattern found'");
116
117 $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" );
118 cmp_ok( $res->return_code, "==", 0, "And also when not found");
119}
120SKIP: {
121 skip "No internet access", 16 if $internet_access eq "no";
122
123 $res = NPTest->testCmd(
124 "./check_curl --ssl $host_tls_http"
125 );
126 cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" );
127
128 $res = NPTest->testCmd( "./check_curl -C 1 --ssl $host_tls_http" );
129 cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http");
130 like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" );
131 my $saved_cert_output = $res->output;
132
133 $res = NPTest->testCmd( "./check_curl -C 8000,1 --ssl $host_tls_http" );
134 cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http");
135 like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" );
136
137 $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" );
138 is( $res->return_code, 0, "Old syntax for cert checking okay" );
139 is( $res->output, $saved_cert_output, "Same output as new syntax" );
140
141 $res = NPTest->testCmd( "./check_curl -H $host_tls_http -C 1" );
142 is( $res->return_code, 0, "Updated syntax for cert checking okay" );
143 is( $res->output, $saved_cert_output, "Same output as new syntax" );
144
145 $res = NPTest->testCmd( "./check_curl -C 1 $host_tls_http" );
146 cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added");
147
148 $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" );
149 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works");
150
151 # run some certificate checks with faketime
152 SKIP: {
153 skip "No faketime binary found", 12 if !$faketime;
154 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_curl -C 1 $host_tls_http");
155 like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output");
156 is( $res->return_code, 0, "Catch cert output exit code" );
157 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/);
158 if(!defined $year) {
159 die("parsing date failed from: ".$res->output);
160 }
161 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11};
162 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900);
163 my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts));
164 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_curl -C 1 $host_tls_http");
165 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date");
166 is( $res->return_code, 2, "Output on expire date" );
167
168 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_curl -C 1 $host_tls_http");
169 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output");
170 is( $res->return_code, 2, "cert expires in 1 second exit code" );
171
172 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_curl -C 1 $host_tls_http");
173 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output");
174 is( $res->return_code, 2, "cert expires in 2 minutes exit code" );
175
176 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_curl -C 1 $host_tls_http");
177 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output");
178 is( $res->return_code, 2, "cert expires in 2 hours exit code" );
179
180 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_curl -C 1 $host_tls_http");
181 like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output");
182 is( $res->return_code, 2, "Certificate expired exit code" );
183 };
184
185 $res = NPTest->testCmd( "./check_curl --ssl $host_tls_http -E" );
186 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' );
187 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' );
188
189 $res = NPTest->testCmd(
190 "./check_curl --ssl -H www.e-paycobalt.com"
191 );
192 cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" );
193
194
195 $res = NPTest->testCmd( "./check_curl -H www.mozilla.com -u /firefox -f follow" );
196 is( $res->return_code, 0, "Redirection based on location is okay");
197
198 $res = NPTest->testCmd( "./check_curl -H www.mozilla.com --extended-perfdata" );
199 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' );
200}