From 06ebad83995921b622aecbd2111f1f6e6c62efc4 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Tue, 29 Aug 2023 15:12:47 +0200 Subject: check_smtp: add tests for --ssl --- .github/NPTest.cache | 1 + .github/prepare_debian.sh | 6 +++++- plugins/t/check_smtp.t | 20 +++++++++++++++++++- 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/.github/NPTest.cache b/.github/NPTest.cache index e3694573..d488d1b9 100644 --- a/.github/NPTest.cache +++ b/.github/NPTest.cache @@ -27,6 +27,7 @@ 'NP_HOST_TCP_SMTP' => 'localhost', 'NP_HOST_TCP_SMTP_NOSTARTTLS' => '', 'NP_HOST_TCP_SMTP_STARTTLS' => 'localhost', + 'NP_HOST_TCP_SMTP_TLS' => 'localhost', 'NP_HOST_TLS_CERT' => 'localhost', 'NP_HOST_TLS_HTTP' => 'localhost', 'NP_HOST_UDP_TIME' => 'none', diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 9611670d..dcf778bc 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -116,7 +116,11 @@ service snmpd start # start cron, will be used by check_nagios cron -# start postfix +# postfix +cat <> /etc/postfix/master.cf +smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes +EOD service postfix start # start ftpd diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t index fd09ed22..1a1ebe3e 100644 --- a/plugins/t/check_smtp.t +++ b/plugins/t/check_smtp.t @@ -14,6 +14,8 @@ my $host_tcp_smtp_starttls = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS", "A host providing SMTP with STARTTLS", $host_tcp_smtp); my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS", "A host providing SMTP without STARTTLS", ""); +my $host_tcp_smtp_tls = getTestParameter( "NP_HOST_TCP_SMTP_TLS", + "A host providing SMTP with TLS", $host_tcp_smtp); my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1" ); @@ -22,7 +24,7 @@ my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost" ); my $res; -plan tests => 10; +plan tests => 16; SKIP: { skip "No SMTP server defined", 4 unless $host_tcp_smtp; @@ -42,6 +44,10 @@ SKIP: { local $TODO = "Output is over two lines"; like ( $res->output, qr/^SMTP WARNING/, "Correct error message" ); } + + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp --ssl -p 25" ); + is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp with TLS on standard SMTP port" ); + like ($res->output, qr/^CRITICAL - Cannot make SSL connection\./, "Check output of connecting to $host_tcp_smtp with TLS on standard SMTP port"); } SKIP: { @@ -58,6 +64,18 @@ SKIP: { is ($res->output, "WARNING - TLS not supported by server", "Right error message" ); } +SKIP: { + skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls; + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls --ssl" ); + is ($res->return_code, 0, "Check rc of connecting to $host_tcp_smtp_tls with TLS" ); + like ($res->output, qr/^SMTP OK - /, "Check output of connecting to $host_tcp_smtp_tls with TLS" ); + + my $unused_port = 4465; + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p $unused_port --ssl" ); + is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port" ); + like ($res->output, qr/^connect to address $host_tcp_smtp_tls and port $unused_port: Connection refused/, "Check output of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port"); +} + $res = NPTest->testCmd( "./check_smtp $host_nonresponsive" ); is ($res->return_code, 2, "CRITICAL - host non responding" ); -- cgit v1.2.3-74-g34f1