From afa52eb83434b52cec2849cb2a39bc646561f713 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Wed, 15 Mar 2017 00:32:47 +0100 Subject: add check_curl test just a copy of check_http for now... Signed-off-by: Sven Nierlein --- plugins/t/check_curl.t | 200 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 200 insertions(+) create mode 100644 plugins/t/check_curl.t (limited to 'plugins/t') diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t new file mode 100644 index 00000000..3c36a268 --- /dev/null +++ b/plugins/t/check_curl.t @@ -0,0 +1,200 @@ +#! /usr/bin/perl -w -I .. +# +# HyperText Transfer Protocol (HTTP) Test via check_curl +# +# + +use strict; +use Test::More; +use POSIX qw/mktime strftime/; +use NPTest; + +plan tests => 49; + +my $successOutput = '/OK.*HTTP.*second/'; + +my $res; + +my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", + "A host providing the HTTP Service (a web server)", + "localhost" ); + +my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", + "A host providing the HTTPS Service (a tls web server)" ); + +my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", + "the common name of the certificate." ); + + +my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", + "The hostname of system not responsive to network requests", + "10.0.0.1" ); + +my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", + "An invalid (not known to DNS) hostname", + "nosuchhost"); + +my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", + "Is this system directly connected to the internet?", + "yes"); + +my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", + "A host providing an index page containing the string 'monitoring'", + "test.monitoring-plugins.org" ); + +my $faketime = -x '/usr/bin/faketime' ? 1 : 0; + + +$res = NPTest->testCmd( + "./check_curl $host_tcp_http -wt 300 -ct 600" + ); +cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); +like( $res->output, $successOutput, "Output OK" ); + +$res = NPTest->testCmd( + "./check_curl $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" + ); +like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); + +$res = NPTest->testCmd( + "./check_curl $host_nonresponsive -wt 1 -ct 2 -t 3" + ); +cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); +cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); + +$res = NPTest->testCmd( + "./check_curl $hostname_invalid -wt 1 -ct 2" + ); +cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); +# The first part of the message comes from the OS catalogue, so cannot check this. +# On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename +# Is also possible to get a socket timeout if DNS is not responding fast enough +like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); + +# host header checks +$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http"); +like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); + +SKIP: { + skip "No internet access", 3 if $internet_access eq "no"; + + $res = NPTest->testCmd("./check_curl -v -H $host_tls_http -S"); + like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); + + $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:8080 -S -p 443"); + like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); + + $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:443 -S -p 443"); + like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); +}; + +SKIP: { + skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; + + $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring'" ); + cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); + + $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing'" ); + cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); + like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); + + $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -R 'mONiTORing'" ); + cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); + + $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); + cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); + like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); + + $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); + cmp_ok( $res->return_code, "==", 0, "And also when not found"); +} +SKIP: { + skip "No internet access", 16 if $internet_access eq "no"; + + $res = NPTest->testCmd( + "./check_curl --ssl $host_tls_http" + ); + cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); + + $res = NPTest->testCmd( "./check_curl -C 1 --ssl $host_tls_http" ); + cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); + like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); + my $saved_cert_output = $res->output; + + $res = NPTest->testCmd( "./check_curl -C 8000,1 --ssl $host_tls_http" ); + cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); + like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); + + $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); + is( $res->return_code, 0, "Old syntax for cert checking okay" ); + is( $res->output, $saved_cert_output, "Same output as new syntax" ); + + $res = NPTest->testCmd( "./check_curl -H $host_tls_http -C 1" ); + is( $res->return_code, 0, "Updated syntax for cert checking okay" ); + is( $res->output, $saved_cert_output, "Same output as new syntax" ); + + $res = NPTest->testCmd( "./check_curl -C 1 $host_tls_http" ); + cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); + + $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); + cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); + + # run some certificate checks with faketime + SKIP: { + skip "No faketime binary found", 12 if !$faketime; + $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); + is( $res->return_code, 0, "Catch cert output exit code" ); + my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); + if(!defined $year) { + die("parsing date failed from: ".$res->output); + } + my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; + my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); + my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); + is( $res->return_code, 2, "Output on expire date" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); + is( $res->return_code, 2, "cert expires in 1 second exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); + is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); + is( $res->return_code, 2, "cert expires in 2 hours exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_curl -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); + is( $res->return_code, 2, "Certificate expired exit code" ); + }; + + $res = NPTest->testCmd( "./check_curl --ssl $host_tls_http -E" ); + like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); + like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); + + $res = NPTest->testCmd( + "./check_curl --ssl -H www.e-paycobalt.com" + ); + cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); + + + $res = NPTest->testCmd( "./check_curl -H www.mozilla.com -u /firefox -f follow" ); + is( $res->return_code, 0, "Redirection based on location is okay"); + + $res = NPTest->testCmd( "./check_curl -H www.mozilla.com --extended-perfdata" ); + like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); +} -- cgit v1.2.3-74-g34f1 From e9239b556a4748bb06f5f46a2bedbf0114cd099a Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Sat, 18 Mar 2017 22:48:35 +0100 Subject: check_curl: make check_curl use the same tests as check_http --- plugins/t/check_curl.t | 201 +-------------------------------------------- plugins/t/check_http.t | 68 +++++++-------- plugins/tests/check_curl.t | 1 + plugins/tests/check_http.t | 9 +- 4 files changed, 43 insertions(+), 236 deletions(-) mode change 100644 => 120000 plugins/t/check_curl.t create mode 120000 plugins/tests/check_curl.t (limited to 'plugins/t') diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t deleted file mode 100644 index 3c36a268..00000000 --- a/plugins/t/check_curl.t +++ /dev/null @@ -1,200 +0,0 @@ -#! /usr/bin/perl -w -I .. -# -# HyperText Transfer Protocol (HTTP) Test via check_curl -# -# - -use strict; -use Test::More; -use POSIX qw/mktime strftime/; -use NPTest; - -plan tests => 49; - -my $successOutput = '/OK.*HTTP.*second/'; - -my $res; - -my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", - "A host providing the HTTP Service (a web server)", - "localhost" ); - -my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", - "A host providing the HTTPS Service (a tls web server)" ); - -my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", - "the common name of the certificate." ); - - -my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", - "The hostname of system not responsive to network requests", - "10.0.0.1" ); - -my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", - "An invalid (not known to DNS) hostname", - "nosuchhost"); - -my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", - "Is this system directly connected to the internet?", - "yes"); - -my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", - "A host providing an index page containing the string 'monitoring'", - "test.monitoring-plugins.org" ); - -my $faketime = -x '/usr/bin/faketime' ? 1 : 0; - - -$res = NPTest->testCmd( - "./check_curl $host_tcp_http -wt 300 -ct 600" - ); -cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); -like( $res->output, $successOutput, "Output OK" ); - -$res = NPTest->testCmd( - "./check_curl $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" - ); -like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); - -$res = NPTest->testCmd( - "./check_curl $host_nonresponsive -wt 1 -ct 2 -t 3" - ); -cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); -cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); - -$res = NPTest->testCmd( - "./check_curl $hostname_invalid -wt 1 -ct 2" - ); -cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); -# The first part of the message comes from the OS catalogue, so cannot check this. -# On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename -# Is also possible to get a socket timeout if DNS is not responding fast enough -like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); - -# host header checks -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http"); -like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); - -$res = NPTest->testCmd("./check_curl -v -H $host_tcp_http:8080 -p 80"); -like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); - -SKIP: { - skip "No internet access", 3 if $internet_access eq "no"; - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http -S"); - like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:8080 -S -p 443"); - like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); - - $res = NPTest->testCmd("./check_curl -v -H $host_tls_http:443 -S -p 443"); - like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); -}; - -SKIP: { - skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring'" ); - cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing'" ); - cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); - like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -R 'mONiTORing'" ); - cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); - cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); - like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); - - $res = NPTest->testCmd( "./check_curl -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); - cmp_ok( $res->return_code, "==", 0, "And also when not found"); -} -SKIP: { - skip "No internet access", 16 if $internet_access eq "no"; - - $res = NPTest->testCmd( - "./check_curl --ssl $host_tls_http" - ); - cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); - - $res = NPTest->testCmd( "./check_curl -C 1 --ssl $host_tls_http" ); - cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); - like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); - my $saved_cert_output = $res->output; - - $res = NPTest->testCmd( "./check_curl -C 8000,1 --ssl $host_tls_http" ); - cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); - like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); - - $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); - is( $res->return_code, 0, "Old syntax for cert checking okay" ); - is( $res->output, $saved_cert_output, "Same output as new syntax" ); - - $res = NPTest->testCmd( "./check_curl -H $host_tls_http -C 1" ); - is( $res->return_code, 0, "Updated syntax for cert checking okay" ); - is( $res->output, $saved_cert_output, "Same output as new syntax" ); - - $res = NPTest->testCmd( "./check_curl -C 1 $host_tls_http" ); - cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); - - $res = NPTest->testCmd( "./check_curl $host_tls_http -C 1" ); - cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); - - # run some certificate checks with faketime - SKIP: { - skip "No faketime binary found", 12 if !$faketime; - $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); - is( $res->return_code, 0, "Catch cert output exit code" ); - my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); - if(!defined $year) { - die("parsing date failed from: ".$res->output); - } - my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; - my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); - my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); - is( $res->return_code, 2, "Output on expire date" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); - is( $res->return_code, 2, "cert expires in 1 second exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); - is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); - is( $res->return_code, 2, "cert expires in 2 hours exit code" ); - - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_curl -C 1 $host_tls_http"); - like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); - is( $res->return_code, 2, "Certificate expired exit code" ); - }; - - $res = NPTest->testCmd( "./check_curl --ssl $host_tls_http -E" ); - like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); - like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); - - $res = NPTest->testCmd( - "./check_curl --ssl -H www.e-paycobalt.com" - ); - cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - - - $res = NPTest->testCmd( "./check_curl -H www.mozilla.com -u /firefox -f follow" ); - is( $res->return_code, 0, "Redirection based on location is okay"); - - $res = NPTest->testCmd( "./check_curl -H www.mozilla.com --extended-perfdata" ); - like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); -} diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t new file mode 120000 index 00000000..a54db967 --- /dev/null +++ b/plugins/t/check_curl.t @@ -0,0 +1 @@ +check_http.t \ No newline at end of file diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index 8bd484a0..281fa362 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t @@ -14,6 +14,8 @@ plan tests => 49; my $successOutput = '/OK.*HTTP.*second/'; my $res; +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", @@ -46,24 +48,24 @@ my $faketime = -x '/usr/bin/faketime' ? 1 : 0; $res = NPTest->testCmd( - "./check_http $host_tcp_http -wt 300 -ct 600" + "./$plugin $host_tcp_http -wt 300 -ct 600" ); cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); like( $res->output, $successOutput, "Output OK" ); $res = NPTest->testCmd( - "./check_http $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" + "./$plugin $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" ); like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); $res = NPTest->testCmd( - "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3" + "./$plugin $host_nonresponsive -wt 1 -ct 2 -t 3" ); cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); $res = NPTest->testCmd( - "./check_http $hostname_invalid -wt 1 -ct 2" + "./$plugin $hostname_invalid -wt 1 -ct 2" ); cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); # The first part of the message comes from the OS catalogue, so cannot check this. @@ -72,86 +74,86 @@ cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); # host header checks -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); -$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80"); +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); SKIP: { skip "No internet access", 3 if $internet_access eq "no"; - $res = NPTest->testCmd("./check_http -v -H $host_tls_http -S"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http -S"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); - $res = NPTest->testCmd("./check_http -v -H $host_tls_http:8080 -S -p 443"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:8080 -S -p 443"); like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); - $res = NPTest->testCmd("./check_http -v -H $host_tls_http:443 -S -p 443"); + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:443 -S -p 443"); like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); }; SKIP: { skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'monitoring'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring'" ); cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'mONiTORing'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing'" ); cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -R 'mONiTORing'" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -R 'mONiTORing'" ); cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); - $res = NPTest->testCmd( "./check_http -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); cmp_ok( $res->return_code, "==", 0, "And also when not found"); } SKIP: { skip "No internet access", 16 if $internet_access eq "no"; $res = NPTest->testCmd( - "./check_http --ssl $host_tls_http" + "./$plugin --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); - $res = NPTest->testCmd( "./check_http -C 1 --ssl $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 1 --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); my $saved_cert_output = $res->output; - $res = NPTest->testCmd( "./check_http -C 8000,1 --ssl $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 8000,1 --ssl $host_tls_http" ); cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); - $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); is( $res->return_code, 0, "Old syntax for cert checking okay" ); is( $res->output, $saved_cert_output, "Same output as new syntax" ); - $res = NPTest->testCmd( "./check_http -H $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin -H $host_tls_http -C 1" ); is( $res->return_code, 0, "Updated syntax for cert checking okay" ); is( $res->output, $saved_cert_output, "Same output as new syntax" ); - $res = NPTest->testCmd( "./check_http -C 1 $host_tls_http" ); + $res = NPTest->testCmd( "./$plugin -C 1 $host_tls_http" ); cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); - $res = NPTest->testCmd( "./check_http $host_tls_http -C 1" ); + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); # run some certificate checks with faketime SKIP: { skip "No faketime binary found", 12 if !$faketime; - $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./$plugin -C 1 $host_tls_http"); like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); is( $res->return_code, 0, "Catch cert output exit code" ); my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); @@ -161,40 +163,40 @@ SKIP: { my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); is( $res->return_code, 2, "Output on expire date" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); is( $res->return_code, 2, "cert expires in 1 second exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); is( $res->return_code, 2, "cert expires in 2 hours exit code" ); - $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 $host_tls_http"); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./$plugin -C 1 $host_tls_http"); like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); is( $res->return_code, 2, "Certificate expired exit code" ); }; - $res = NPTest->testCmd( "./check_http --ssl $host_tls_http -E" ); + $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http -E" ); like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); $res = NPTest->testCmd( - "./check_http --ssl -H www.e-paycobalt.com" + "./$plugin --ssl -H www.e-paycobalt.com" ); cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); - $res = NPTest->testCmd( "./check_http -H www.mozilla.com -u /firefox -f follow" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f follow" ); is( $res->return_code, 0, "Redirection based on location is okay"); - $res = NPTest->testCmd( "./check_http -H www.mozilla.com --extended-perfdata" ); + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com --extended-perfdata" ); like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); } diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t new file mode 120000 index 00000000..a54db967 --- /dev/null +++ b/plugins/tests/check_curl.t @@ -0,0 +1 @@ +check_http.t \ No newline at end of file diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d6d31de1..f5c570ac 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -30,13 +30,16 @@ eval { require HTTP::Response; }; +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; + if ($@) { plan skip_all => "Missing required module for test: $@"; } else { - if (-x "./check_http") { + if (-x "./$plugin") { plan tests => $common_tests * 2 + $ssl_only_tests + $virtual_port_tests; } else { - plan skip_all => "No check_http compiled"; + plan skip_all => "No $plugin compiled"; } } @@ -185,7 +188,7 @@ if ($ARGV[0] && $ARGV[0] eq "-d") { } my $result; -my $command = "./check_http -H 127.0.0.1"; +my $command = "./$plugin -H 127.0.0.1"; run_common_tests( { command => "$command -p $port_http" } ); SKIP: { -- cgit v1.2.3-74-g34f1 From bbec77c7ecbc6ecaac06d2c8845f83a22546f273 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Fri, 14 Apr 2017 20:04:51 +0200 Subject: made check_curl tests copies of check_http tests because they will differ slightly --- plugins/t/check_curl.t | 205 +++++++++++++++++++++- plugins/tests/check_curl.t | 419 ++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 622 insertions(+), 2 deletions(-) mode change 120000 => 100644 plugins/t/check_curl.t mode change 120000 => 100755 plugins/tests/check_curl.t (limited to 'plugins/t') diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t deleted file mode 120000 index a54db967..00000000 --- a/plugins/t/check_curl.t +++ /dev/null @@ -1 +0,0 @@ -check_http.t \ No newline at end of file diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t new file mode 100644 index 00000000..e67fafb6 --- /dev/null +++ b/plugins/t/check_curl.t @@ -0,0 +1,204 @@ +#! /usr/bin/perl -w -I .. +# +# HyperText Transfer Protocol (HTTP) Test via check_http +# +# + +use strict; +use Test::More; +use POSIX qw/mktime strftime/; +use NPTest; + +plan tests => 49; + +my $successOutput = '/OK.*HTTP.*second/'; + +my $res; +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; + +my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", + "A host providing the HTTP Service (a web server)", + "localhost" ); + +my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", + "A host providing the HTTPS Service (a tls web server)" ); + +my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", + "the common name of the certificate." ); + + +my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", + "The hostname of system not responsive to network requests", + "10.0.0.1" ); + +my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", + "An invalid (not known to DNS) hostname", + "nosuchhost"); + +my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", + "Is this system directly connected to the internet?", + "yes"); + +my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", + "A host providing an index page containing the string 'monitoring'", + "test.monitoring-plugins.org" ); + +my $faketime = -x '/usr/bin/faketime' ? 1 : 0; + + +$res = NPTest->testCmd( + "./$plugin $host_tcp_http -wt 300 -ct 600" + ); +cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" ); +like( $res->output, $successOutput, "Output OK" ); + +$res = NPTest->testCmd( + "./$plugin $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'" + ); +like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); + +$res = NPTest->testCmd( + "./$plugin $host_nonresponsive -wt 1 -ct 2 -t 3" + ); +cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); +# was CRITICAL only, but both check_curl and check_http print HTTP CRITICAL (puzzle?!) +cmp_ok( $res->output, 'eq', "HTTP CRITICAL - Invalid HTTP response received from host on port 80: cURL returned 28 - Timeout was reached", "Output OK"); + +$res = NPTest->testCmd( + "./$plugin $hostname_invalid -wt 1 -ct 2" + ); +cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" ); +# The first part of the message comes from the OS catalogue, so cannot check this. +# On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename +# Is also possible to get a socket timeout if DNS is not responding fast enough +# cURL gives us consistent strings from it's own 'lib/strerror.c' +like( $res->output, "/cURL returned 6 - Couldn't resolve host name/", "Output OK"); + +# host header checks +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http"); +like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); + +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); +like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); + +SKIP: { + skip "No internet access", 3 if $internet_access eq "no"; + + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http -S"); + like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); + + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:8080 -S -p 443"); + like( $res->output, '/^Host: '.$host_tls_http.':8080\s*$/ms', "Host Header OK" ); + + $res = NPTest->testCmd("./$plugin -v -H $host_tls_http:443 -S -p 443"); + like( $res->output, '/^Host: '.$host_tls_http.'\s*$/ms', "Host Header OK" ); +}; + +SKIP: { + skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; + + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring'" ); + cmp_ok( $res->return_code, "==", 0, "Got a reference to 'monitoring'"); + + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing'" ); + cmp_ok( $res->return_code, "==", 2, "Not got 'mONiTORing'"); + like ( $res->output, "/pattern not found/", "Error message says 'pattern not found'"); + + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -R 'mONiTORing'" ); + cmp_ok( $res->return_code, "==", 0, "But case insensitive doesn't mind 'mONiTORing'"); + + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'monitoring' --invert-regex" ); + cmp_ok( $res->return_code, "==", 2, "Invert results work when found"); + like ( $res->output, "/pattern found/", "Error message says 'pattern found'"); + + $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 -r 'mONiTORing' --invert-regex" ); + cmp_ok( $res->return_code, "==", 0, "And also when not found"); +} +SKIP: { + skip "No internet access", 16 if $internet_access eq "no"; + + $res = NPTest->testCmd( + "./$plugin --ssl $host_tls_http" + ); + cmp_ok( $res->return_code, '==', 0, "Can read https for $host_tls_http" ); + + $res = NPTest->testCmd( "./$plugin -C 1 --ssl $host_tls_http" ); + cmp_ok( $res->return_code, '==', 0, "Checking certificate for $host_tls_http"); + like ( $res->output, "/Certificate '$host_tls_cert' will expire on/", "Output OK" ); + my $saved_cert_output = $res->output; + + $res = NPTest->testCmd( "./$plugin -C 8000,1 --ssl $host_tls_http" ); + cmp_ok( $res->return_code, '==', 1, "Checking certificate for $host_tls_http"); + like ( $res->output, qr/WARNING - Certificate '$host_tls_cert' expires in \d+ day/, "Output Warning" ); + + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); + is( $res->return_code, 0, "Old syntax for cert checking okay" ); + is( $res->output, $saved_cert_output, "Same output as new syntax" ); + + $res = NPTest->testCmd( "./$plugin -H $host_tls_http -C 1" ); + is( $res->return_code, 0, "Updated syntax for cert checking okay" ); + is( $res->output, $saved_cert_output, "Same output as new syntax" ); + + $res = NPTest->testCmd( "./$plugin -C 1 $host_tls_http" ); + cmp_ok( $res->output, 'eq', $saved_cert_output, "--ssl option automatically added"); + + $res = NPTest->testCmd( "./$plugin $host_tls_http -C 1" ); + cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); + + # run some certificate checks with faketime + SKIP: { + skip "No faketime binary found", 12 if !$faketime; + $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/OK - Certificate '$host_tls_cert' will expire on/, "Catch cert output"); + is( $res->return_code, 0, "Catch cert output exit code" ); + my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); + if(!defined $year) { + die("parsing date failed from: ".$res->output); + } + my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; + my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); + my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' just expired/, "Output on expire date"); + is( $res->return_code, 2, "Output on expire date" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 0 minutes/, "cert expires in 1 second output"); + is( $res->return_code, 2, "cert expires in 1 second exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 minutes/, "cert expires in 2 minutes output"); + is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expires in 2 hours/, "cert expires in 2 hours output"); + is( $res->return_code, 2, "cert expires in 2 hours exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./$plugin -C 1 $host_tls_http"); + like($res->output, qr/CRITICAL - Certificate '$host_tls_cert' expired on/, "Certificate expired output"); + is( $res->return_code, 2, "Certificate expired exit code" ); + }; + + $res = NPTest->testCmd( "./$plugin --ssl $host_tls_http -E" ); + like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); + like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); + + $res = NPTest->testCmd( + "./$plugin --ssl -H www.e-paycobalt.com" + ); + cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); + + + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com -u /firefox -f follow" ); + is( $res->return_code, 0, "Redirection based on location is okay"); + + $res = NPTest->testCmd( "./$plugin -H www.mozilla.com --extended-perfdata" ); + like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); +} diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t deleted file mode 120000 index a54db967..00000000 --- a/plugins/tests/check_curl.t +++ /dev/null @@ -1 +0,0 @@ -check_http.t \ No newline at end of file diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t new file mode 100755 index 00000000..dd567069 --- /dev/null +++ b/plugins/tests/check_curl.t @@ -0,0 +1,418 @@ +#! /usr/bin/perl -w -I .. +# +# Test check_http by having an actual HTTP server running +# +# To create the https server certificate: +# openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes +# Country Name (2 letter code) [AU]:UK +# State or Province Name (full name) [Some-State]:Derbyshire +# Locality Name (eg, city) []:Belper +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins +# Organizational Unit Name (eg, section) []: +# Common Name (eg, YOUR name) []:Ton Voon +# Email Address []:tonvoon@mac.com + +use strict; +use Test::More; +use NPTest; +use FindBin qw($Bin); + +$ENV{'LC_TIME'} = "C"; + +my $common_tests = 70; +my $ssl_only_tests = 8; +# Check that all dependent modules are available +eval "use HTTP::Daemon 6.01;"; +plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@; +eval { + require HTTP::Status; + require HTTP::Response; +}; + +my $plugin = 'check_http'; +$plugin = 'check_curl' if $0 =~ m/check_curl/mx; + +if ($@) { + plan skip_all => "Missing required module for test: $@"; +} else { + if (-x "./$plugin") { + plan tests => $common_tests * 2 + $ssl_only_tests; + } else { + plan skip_all => "No $plugin compiled"; + } +} + +my $servers = { http => 0 }; # HTTP::Daemon should always be available +eval { require HTTP::Daemon::SSL }; +if ($@) { + diag "Cannot load HTTP::Daemon::SSL: $@"; +} else { + $servers->{https} = 0; +} + +# set a fixed version, so the header size doesn't vary +$HTTP::Daemon::VERSION = "1.00"; + +my $port_http = 50000 + int(rand(1000)); +my $port_https = $port_http + 1; +my $port_https_expired = $port_http + 2; + +# This array keeps sockets around for implementing timeouts +my @persist; + +# Start up all servers +my @pids; +my $pid = fork(); +if ($pid) { + # Parent + push @pids, $pid; + if (exists $servers->{https}) { + # Fork a normal HTTPS server + $pid = fork(); + if ($pid) { + # Parent + push @pids, $pid; + # Fork an expired cert server + $pid = fork(); + if ($pid) { + push @pids, $pid; + } else { + my $d = HTTP::Daemon::SSL->new( + LocalPort => $port_https_expired, + LocalAddr => "127.0.0.1", + SSL_cert_file => "$Bin/certs/expired-cert.pem", + SSL_key_file => "$Bin/certs/expired-key.pem", + ) || die; + print "Please contact https expired at: url, ">\n"; + run_server( $d ); + exit; + } + } else { + my $d = HTTP::Daemon::SSL->new( + LocalPort => $port_https, + LocalAddr => "127.0.0.1", + SSL_cert_file => "$Bin/certs/server-cert.pem", + SSL_key_file => "$Bin/certs/server-key.pem", + ) || die; + print "Please contact https at: url, ">\n"; + run_server( $d ); + exit; + } + } + # give our webservers some time to startup + sleep(1); +} else { + # Child + #print "child\n"; + my $d = HTTP::Daemon->new( + LocalPort => $port_http, + LocalAddr => "127.0.0.1", + ) || die; + print "Please contact http at: url, ">\n"; + run_server( $d ); + exit; +} + +# Run the same server on http and https +sub run_server { + my $d = shift; + MAINLOOP: while (my $c = $d->accept ) { + while (my $r = $c->get_request) { + if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) { + $c->send_basic_header($1); + $c->send_crlf; + } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) { + $c->send_basic_header; + $c->send_crlf; + $c->send_file_response("$Bin/var/$1"); + } elsif ($r->method eq "GET" and $r->url->path eq "/slow") { + $c->send_basic_header; + $c->send_crlf; + sleep 1; + $c->send_response("slow"); + } elsif ($r->url->path eq "/method") { + if ($r->method eq "DELETE") { + $c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED); + } elsif ($r->method eq "foo") { + $c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED); + } else { + $c->send_status_line(200, $r->method); + } + } elsif ($r->url->path eq "/postdata") { + $c->send_basic_header; + $c->send_crlf; + $c->send_response($r->method.":".$r->content); + } elsif ($r->url->path eq "/redirect") { + $c->send_redirect( "/redirect2" ); + } elsif ($r->url->path eq "/redir_external") { + $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" ); + } elsif ($r->url->path eq "/redirect2") { + $c->send_basic_header; + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' )); + } elsif ($r->url->path eq "/redir_timeout") { + $c->send_redirect( "/timeout" ); + } elsif ($r->url->path eq "/timeout") { + # Keep $c from being destroyed, but prevent severe leaks + unshift @persist, $c; + delete($persist[1000]); + next MAINLOOP; + } elsif ($r->url->path eq "/header_check") { + $c->send_basic_header; + $c->send_header('foo'); + $c->send_crlf; + } else { + $c->send_error(HTTP::Status->RC_FORBIDDEN); + } + $c->close; + } + } +} + +END { + foreach my $pid (@pids) { + if ($pid) { print "Killing $pid\n"; kill "INT", $pid } + } +}; + +if ($ARGV[0] && $ARGV[0] eq "-d") { + while (1) { + sleep 100; + } +} + +my $result; +my $command = "./$plugin -H 127.0.0.1"; + +run_common_tests( { command => "$command -p $port_http" } ); +SKIP: { + skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https}; + run_common_tests( { command => "$command -p $port_https", ssl => 1 } ); + + $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); + is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); + is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" ); + + $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); + is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); + like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); + + # Expired cert tests + $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); + is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); + like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); + + $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); + is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); + is( $result->output, + 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.', + "output ok" ); + +} + +sub run_common_tests { + my ($opts) = @_; + my $command = $opts->{command}; + if ($opts->{ssl}) { + $command .= " --ssl"; + } + + $result = NPTest->testCmd( "$command -u /file/root" ); + is( $result->return_code, 0, "/file/root"); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" ); + + $result = NPTest->testCmd( "$command -u /file/root -s Root" ); + is( $result->return_code, 0, "/file/root search for string"); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" ); + + $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" ); + is( $result->return_code, 2, "Missing string check"); + like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location"); + + $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" ); + is( $result->return_code, 2, "Missing string check"); + like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location"); + + $result = NPTest->testCmd( "$command -u /header_check -d foo" ); + is( $result->return_code, 0, "header_check search for string"); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" ); + + $result = NPTest->testCmd( "$command -u /header_check -d bar" ); + is( $result->return_code, 2, "Missing header string check"); + like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location"); + + my $cmd; + $cmd = "$command -u /slow"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, "$cmd"); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + $result->output =~ /in ([\d\.]+) second/; + cmp_ok( $1, ">", 1, "Time is > 1 second" ); + + $cmd = "$command -u /statuscode/200"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/200 -e 200"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/201"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/201 -e 201"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/201 -e 200"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 2, $cmd); + like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/200 -e 200,201,202"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/201 -e 200,201,202"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /statuscode/203 -e 200,201,202"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 2, $cmd); + like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output ); + + $cmd = "$command -j HEAD -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -j POST -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -j GET -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -P foo -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -j DELETE -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 1, $cmd); + like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output ); + + $cmd = "$command -j foo -u /method"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 2, $cmd); + like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output ); + + $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + # To confirm that the free doesn't segfault + $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /redirect"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -f follow -u /redirect"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -u /redirect -k 'follow: me'"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -f follow -u /redirect -k 'follow: me'"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -f sticky -u /redirect -k 'follow: me'"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + $cmd = "$command -f stickyport -u /redirect -k 'follow: me'"; + $result = NPTest->testCmd( $cmd ); + is( $result->return_code, 0, $cmd); + like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output ); + + # These tests may block + print "ALRM\n"; + + # stickyport - on full urlS port is set back to 80 otherwise + $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected"; + eval { + local $SIG{ALRM} = sub { die "alarm\n" }; + alarm(2); + $result = NPTest->testCmd( $cmd ); + alarm(0); }; + isnt( $@, "alarm\n", $cmd ); + is( $result->return_code, 0, $cmd ); + + # Let's hope there won't be any web server on :80 returning "redirected"! + $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected"; + eval { + local $SIG{ALRM} = sub { die "alarm\n" }; + alarm(2); + $result = NPTest->testCmd( $cmd ); + alarm(0); }; + isnt( $@, "alarm\n", $cmd ); + isnt( $result->return_code, 0, $cmd ); + + # Test an external address - timeout + SKIP: { + skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL}); + $cmd = "$command -f follow -u /redir_external -t 5"; + eval { + $result = NPTest->testCmd( $cmd, 2 ); + }; + like( $@, "/timeout in command: $cmd/", $cmd ); + } + + $cmd = "$command -u /timeout -t 5"; + eval { + $result = NPTest->testCmd( $cmd, 2 ); + }; + like( $@, "/timeout in command: $cmd/", $cmd ); + + $cmd = "$command -f follow -u /redir_timeout -t 2"; + eval { + $result = NPTest->testCmd( $cmd, 5 ); + }; + is( $@, "", $cmd ); + +} -- cgit v1.2.3-74-g34f1 From 70d36a729e2bc0ecfb24751074663c21160f02f4 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 25 Oct 2018 10:29:48 +0200 Subject: check_curl: rewrite connect_to / host headers since CURLOPT_CONNECT_TO is only available in later curl versions, we do it the other way round now and set the url from the address we want to connect to and then set the host header accordingly. --- plugins/check_curl.c | 49 ++++++++++++++++++++++--------------------------- plugins/t/check_curl.t | 14 +++++++++++++- 2 files changed, 35 insertions(+), 28 deletions(-) (limited to 'plugins/t') diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 4d378916..7a516a9e 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -365,25 +365,22 @@ check_http (void) handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, socket_timeout), "CURLOPT_CONNECTTIMEOUT"); handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_TIMEOUT, socket_timeout), "CURLOPT_TIMEOUT"); - /* compose URL: must be the host_name, only if not given take the IP address. */ - if ((use_ssl == FALSE && virtual_port == HTTP_PORT) || - (use_ssl == TRUE && virtual_port == HTTPS_PORT)) - snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s%s", use_ssl ? "https" : "http", - host_name ? host_name : server_address, server_url); - else - snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s:%d%s", use_ssl ? "https" : "http", - host_name ? host_name : server_address, virtual_port, server_url); + /* compose URL: use the address we want to connect to, set Host: header later */ + snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s:%d%s", + use_ssl ? "https" : "http", + server_address, + server_port, + server_url + ); + + if (verbose>=1) + printf ("* curl CURLOPT_URL: %s\n", url); handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_URL, url), "CURLOPT_URL"); /* cURL does certificate checking against the host name from the URL above * So we use CURLOPT_CONNECT_TO or CURLOPT_RESOLVE to handle differing * host names and/or ports */ -#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 49, 0) - snprintf (server_ip, DEFAULT_BUFFER_SIZE, "%s:%d:%s:%d", host_name ? host_name : server_address, virtual_port, server_address, server_port); - server_ips = curl_slist_append (server_ips, server_ip); - handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECT_TO, server_ips), "CURLOPT_CONNECT_TO"); - -#elif LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 21, 3) +#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 21, 3) if (host_name && strcmp (host_name, server_address)) { snprintf (server_ip, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, server_address); server_ips = curl_slist_append (server_ips, server_ip); @@ -411,8 +408,17 @@ check_http (void) handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CUSTOMREQUEST, http_method), "CURLOPT_CUSTOMREQUEST"); } + /* check if Host header is explicitly set in options */ + if (http_opt_headers_count) { + for (i = 0; i < http_opt_headers_count ; i++) { + if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { + force_host_header = http_opt_headers[i]; + } + } + } + /* set hostname (virtual hosts), not needed if CURLOPT_CONNECT_TO is used, but left in anyway */ - if(host_name != NULL) { + if(host_name != NULL && force_host_header == NULL) { if((virtual_port != HTTP_PORT && !use_ssl) || (virtual_port != HTTPS_PORT && use_ssl)) { snprintf(http_header, DEFAULT_BUFFER_SIZE, "Host: %s:%d", host_name, virtual_port); } else { @@ -425,22 +431,11 @@ check_http (void) snprintf (http_header, DEFAULT_BUFFER_SIZE, "Connection: close"); header_list = curl_slist_append (header_list, http_header); - /* check if Host header is explicitly set in options */ - if (http_opt_headers_count) { - for (i = 0; i < http_opt_headers_count ; i++) { - if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { - force_host_header = http_opt_headers[i]; - } - } - } - /* attach additional headers supplied by the user */ /* optionally send any other header tag */ if (http_opt_headers_count) { for (i = 0; i < http_opt_headers_count ; i++) { - if (force_host_header != http_opt_headers[i]) { - header_list = curl_slist_append (header_list, http_opt_headers[i]); - } + header_list = curl_slist_append (header_list, http_opt_headers[i]); } /* This cannot be free'd here because a redirection will then try to access this and segfault */ /* Covered in a testcase in tests/check_http.t */ diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t index e67fafb6..050416cb 100644 --- a/plugins/t/check_curl.t +++ b/plugins/t/check_curl.t @@ -9,7 +9,7 @@ use Test::More; use POSIX qw/mktime strftime/; use NPTest; -plan tests => 49; +plan tests => 57; my $successOutput = '/OK.*HTTP.*second/'; @@ -78,15 +78,27 @@ like( $res->output, "/cURL returned 6 - Couldn't resolve host name/", "Output OK # host header checks $res = NPTest->testCmd("./$plugin -v -H $host_tcp_http"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); $res = NPTest->testCmd("./$plugin -v -H $host_tcp_http -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); $res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); $res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80"); like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); + +$res = NPTest->testCmd("./$plugin -v -H $host_tcp_http:8080 -p 80 -k 'Host: testhost:8001'"); +like( $res->output, '/^Host: testhost:8001\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); + +$res = NPTest->testCmd("./$plugin -v -I $host_tcp_http -p 80 -k 'Host: testhost:8001'"); +like( $res->output, '/^Host: testhost:8001\s*$/ms', "Host Header OK" ); +like( $res->output, '/CURLOPT_URL: http:\/\/'.$host_tcp_http.':80\//ms', "Url OK" ); SKIP: { skip "No internet access", 3 if $internet_access eq "no"; -- cgit v1.2.3-74-g34f1 From 7d2582deb36d5bc1dd961be83bedc1e8fc8cb3c7 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Mon, 18 May 2020 14:08:27 +0200 Subject: update test parameter according to check_http --- plugins/t/check_curl.t | 35 +++++++++-------------------------- 1 file changed, 9 insertions(+), 26 deletions(-) (limited to 'plugins/t') diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t index 050416cb..4bff538a 100644 --- a/plugins/t/check_curl.t +++ b/plugins/t/check_curl.t @@ -17,32 +17,15 @@ my $res; my $plugin = 'check_http'; $plugin = 'check_curl' if $0 =~ m/check_curl/mx; -my $host_tcp_http = getTestParameter( "NP_HOST_TCP_HTTP", - "A host providing the HTTP Service (a web server)", - "localhost" ); - -my $host_tls_http = getTestParameter( "host_tls_http", "NP_HOST_TLS_HTTP", "localhost", - "A host providing the HTTPS Service (a tls web server)" ); - -my $host_tls_cert = getTestParameter( "host_tls_cert", "NP_HOST_TLS_CERT", "localhost", - "the common name of the certificate." ); - - -my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", - "The hostname of system not responsive to network requests", - "10.0.0.1" ); - -my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", - "An invalid (not known to DNS) hostname", - "nosuchhost"); - -my $internet_access = getTestParameter( "NP_INTERNET_ACCESS", - "Is this system directly connected to the internet?", - "yes"); - -my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", - "A host providing an index page containing the string 'monitoring'", - "test.monitoring-plugins.org" ); +my $host_tcp_http = getTestParameter("NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", "localhost"); +my $host_tls_http = getTestParameter("NP_HOST_TLS_HTTP", "A host providing the HTTPS Service (a tls web server)", "localhost"); +my $host_tls_cert = getTestParameter("NP_HOST_TLS_CERT", "the common name of the certificate.", "localhost"); +my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1"); +my $hostname_invalid = getTestParameter("NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost"); +my $internet_access = getTestParameter("NP_INTERNET_ACCESS", "Is this system directly connected to the internet?", "yes"); +my $host_tcp_http2 = getTestParameter("NP_HOST_TCP_HTTP2", "A host providing an index page containing the string 'monitoring'", "test.monitoring-plugins.org"); +my $host_tcp_proxy = getTestParameter("NP_HOST_TCP_PROXY", "A host providing a HTTP proxy with CONNECT support", "localhost"); +my $port_tcp_proxy = getTestParameter("NP_PORT_TCP_PROXY", "Port of the proxy with HTTP and CONNECT support", "3128"); my $faketime = -x '/usr/bin/faketime' ? 1 : 0; -- cgit v1.2.3-74-g34f1