![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 #! /usr/bin/perl -w -I ..
2 #
3 # Test check_http by having an actual HTTP server running
4 #
5 # To create the https server certificate:
6 # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
7 # Country Name (2 letter code) [AU]:UK
8 # State or Province Name (full name) [Some-State]:Derbyshire
9 # Locality Name (eg, city) []:Belper
10 # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Nagios Plugins
11 # Organizational Unit Name (eg, section) []:
12 # Common Name (eg, YOUR name) []:Ton Voon
13 # Email Address []:tonvoon@mac.com
16 use strict;
17 use Test::More;
18 use NPTest;
19 use FindBin qw($Bin);
21 my $common_tests = 66;
22 my $ssl_only_tests = 6;
23 # Check that all dependent modules are available
24 eval {
25 require HTTP::Daemon;
26 require HTTP::Status;
27 require HTTP::Response;
28 };
30 if ($@) {
31 plan skip_all => "Missing required module for test: $@";
32 } else {
33 if (-x "./check_http") {
34 plan tests => $common_tests * 2 + $ssl_only_tests;
35 } else {
36 plan skip_all => "No check_http compiled";
37 }
38 }
40 my $servers = { http => 0 }; # HTTP::Daemon should always be available
41 eval { require HTTP::Daemon::SSL };
42 if ($@) {
43 diag "Cannot load HTTP::Daemon::SSL: $@";
44 } else {
45 $servers->{https} = 0;
46 }
48 # set a fixed version, so the header size doesn't vary
49 $HTTP::Daemon::VERSION = "1.00";
51 my $port_http = 50000 + int(rand(1000));
52 my $port_https = $port_http + 1;
53 my $port_https_expired = $port_http + 2;
55 # This array keeps sockets around for implementing timeouts
56 my @persist;
58 # Start up all servers
59 my @pids;
60 my $pid = fork();
61 if ($pid) {
62 # Parent
63 push @pids, $pid;
64 if (exists $servers->{https}) {
65 # Fork a normal HTTPS server
66 $pid = fork();
67 if ($pid) {
68 # Parent
69 push @pids, $pid;
70 # Fork an expired cert server
71 $pid = fork();
72 if ($pid) {
73 push @pids, $pid;
74 } else {
75 my $d = HTTP::Daemon::SSL->new(
76 LocalPort => $port_https_expired,
77 LocalAddr => "127.0.0.1",
78 SSL_cert_file => "$Bin/certs/expired-cert.pem",
79 SSL_key_file => "$Bin/certs/expired-key.pem",
80 ) || die;
81 print "Please contact https expired at: <URL:", $d->url, ">\n";
82 run_server( $d );
83 exit;
84 }
85 } else {
86 my $d = HTTP::Daemon::SSL->new(
87 LocalPort => $port_https,
88 LocalAddr => "127.0.0.1",
89 SSL_cert_file => "$Bin/certs/server-cert.pem",
90 SSL_key_file => "$Bin/certs/server-key.pem",
91 ) || die;
92 print "Please contact https at: <URL:", $d->url, ">\n";
93 run_server( $d );
94 exit;
95 }
96 }
97 # give our webservers some time to startup
98 sleep(1);
99 } else {
100 # Child
101 #print "child\n";
102 my $d = HTTP::Daemon->new(
103 LocalPort => $port_http,
104 LocalAddr => "127.0.0.1",
105 ) || die;
106 print "Please contact http at: <URL:", $d->url, ">\n";
107 run_server( $d );
108 exit;
109 }
111 # Run the same server on http and https
112 sub run_server {
113 my $d = shift;
114 MAINLOOP: while (my $c = $d->accept ) {
115 while (my $r = $c->get_request) {
116 if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
117 $c->send_basic_header($1);
118 $c->send_crlf;
119 } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
120 $c->send_basic_header;
121 $c->send_crlf;
122 $c->send_file_response("$Bin/var/$1");
123 } elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
124 $c->send_basic_header;
125 $c->send_crlf;
126 sleep 1;
127 $c->send_response("slow");
128 } elsif ($r->url->path eq "/method") {
129 if ($r->method eq "DELETE") {
130 $c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
131 } elsif ($r->method eq "foo") {
132 $c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
133 } else {
134 $c->send_status_line(200, $r->method);
135 }
136 } elsif ($r->url->path eq "/postdata") {
137 $c->send_basic_header;
138 $c->send_crlf;
139 $c->send_response($r->method.":".$r->content);
140 } elsif ($r->url->path eq "/redirect") {
141 $c->send_redirect( "/redirect2" );
142 } elsif ($r->url->path eq "/redir_external") {
143 $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
144 } elsif ($r->url->path eq "/redirect2") {
145 $c->send_basic_header;
146 $c->send_crlf;
147 $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
148 } elsif ($r->url->path eq "/redir_timeout") {
149 $c->send_redirect( "/timeout" );
150 } elsif ($r->url->path eq "/timeout") {
151 # Keep $c from being destroyed, but prevent severe leaks
152 unshift @persist, $c;
153 delete($persist[1000]);
154 next MAINLOOP;
155 } else {
156 $c->send_error(HTTP::Status->RC_FORBIDDEN);
157 }
158 $c->close;
159 }
160 }
161 }
163 END {
164 foreach my $pid (@pids) {
165 if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
166 }
167 };
169 if ($ARGV[0] && $ARGV[0] eq "-d") {
170 while (1) {
171 sleep 100;
172 }
173 }
175 my $result;
176 my $command = "./check_http -H 127.0.0.1";
178 run_common_tests( { command => "$command -p $port_http" } );
179 SKIP: {
180 skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
181 run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
183 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
184 is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
185 is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41.', "output ok" );
187 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
188 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
189 like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" );
191 # Expired cert tests
192 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
193 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
194 is( $result->output,
195 'CRITICAL - Certificate expired on 03/05/2009 00:13.',
196 "output ok" );
198 }
200 sub run_common_tests {
201 my ($opts) = @_;
202 my $command = $opts->{command};
203 if ($opts->{ssl}) {
204 $command .= " --ssl";
205 }
207 $result = NPTest->testCmd( "$command -u /file/root" );
208 is( $result->return_code, 0, "/file/root");
209 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
211 $result = NPTest->testCmd( "$command -u /file/root -s Root" );
212 is( $result->return_code, 0, "/file/root search for string");
213 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
215 $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
216 is( $result->return_code, 2, "Missing string check");
217 like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
219 $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
220 is( $result->return_code, 2, "Missing string check");
221 like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
224 my $cmd;
225 $cmd = "$command -u /slow";
226 $result = NPTest->testCmd( $cmd );
227 is( $result->return_code, 0, "$cmd");
228 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
229 $result->output =~ /in ([\d\.]+) second/;
230 cmp_ok( $1, ">", 1, "Time is > 1 second" );
232 $cmd = "$command -u /statuscode/200";
233 $result = NPTest->testCmd( $cmd );
234 is( $result->return_code, 0, $cmd);
235 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
237 $cmd = "$command -u /statuscode/200 -e 200";
238 $result = NPTest->testCmd( $cmd );
239 is( $result->return_code, 0, $cmd);
240 like( $result->output, '/^HTTP OK: Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
242 $cmd = "$command -u /statuscode/201";
243 $result = NPTest->testCmd( $cmd );
244 is( $result->return_code, 0, $cmd);
245 like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
247 $cmd = "$command -u /statuscode/201 -e 201";
248 $result = NPTest->testCmd( $cmd );
249 is( $result->return_code, 0, $cmd);
250 like( $result->output, '/^HTTP OK: Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
252 $cmd = "$command -u /statuscode/201 -e 200";
253 $result = NPTest->testCmd( $cmd );
254 is( $result->return_code, 2, $cmd);
255 like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
257 $cmd = "$command -u /statuscode/200 -e 200,201,202";
258 $result = NPTest->testCmd( $cmd );
259 is( $result->return_code, 0, $cmd);
260 like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
262 $cmd = "$command -u /statuscode/201 -e 200,201,202";
263 $result = NPTest->testCmd( $cmd );
264 is( $result->return_code, 0, $cmd);
265 like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
267 $cmd = "$command -u /statuscode/203 -e 200,201,202";
268 $result = NPTest->testCmd( $cmd );
269 is( $result->return_code, 2, $cmd);
270 like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
272 $cmd = "$command -j HEAD -u /method";
273 $result = NPTest->testCmd( $cmd );
274 is( $result->return_code, 0, $cmd);
275 like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
277 $cmd = "$command -j POST -u /method";
278 $result = NPTest->testCmd( $cmd );
279 is( $result->return_code, 0, $cmd);
280 like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
282 $cmd = "$command -j GET -u /method";
283 $result = NPTest->testCmd( $cmd );
284 is( $result->return_code, 0, $cmd);
285 like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
287 $cmd = "$command -u /method";
288 $result = NPTest->testCmd( $cmd );
289 is( $result->return_code, 0, $cmd);
290 like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
292 $cmd = "$command -P foo -u /method";
293 $result = NPTest->testCmd( $cmd );
294 is( $result->return_code, 0, $cmd);
295 like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
297 $cmd = "$command -j DELETE -u /method";
298 $result = NPTest->testCmd( $cmd );
299 is( $result->return_code, 1, $cmd);
300 like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
302 $cmd = "$command -j foo -u /method";
303 $result = NPTest->testCmd( $cmd );
304 is( $result->return_code, 2, $cmd);
305 like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
307 $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
308 $result = NPTest->testCmd( $cmd );
309 is( $result->return_code, 0, $cmd);
310 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
312 $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
313 $result = NPTest->testCmd( $cmd );
314 is( $result->return_code, 0, $cmd);
315 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
317 # To confirm that the free doesn't segfault
318 $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
319 $result = NPTest->testCmd( $cmd );
320 is( $result->return_code, 0, $cmd);
321 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
323 $cmd = "$command -u /redirect";
324 $result = NPTest->testCmd( $cmd );
325 is( $result->return_code, 0, $cmd);
326 like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
328 $cmd = "$command -f follow -u /redirect";
329 $result = NPTest->testCmd( $cmd );
330 is( $result->return_code, 0, $cmd);
331 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
333 $cmd = "$command -u /redirect -k 'follow: me'";
334 $result = NPTest->testCmd( $cmd );
335 is( $result->return_code, 0, $cmd);
336 like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
338 $cmd = "$command -f follow -u /redirect -k 'follow: me'";
339 $result = NPTest->testCmd( $cmd );
340 is( $result->return_code, 0, $cmd);
341 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
343 $cmd = "$command -f sticky -u /redirect -k 'follow: me'";
344 $result = NPTest->testCmd( $cmd );
345 is( $result->return_code, 0, $cmd);
346 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
348 $cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
349 $result = NPTest->testCmd( $cmd );
350 is( $result->return_code, 0, $cmd);
351 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
353 # These tests may block
354 print "ALRM\n";
356 # stickyport - on full urlS port is set back to 80 otherwise
357 $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
358 eval {
359 local $SIG{ALRM} = sub { die "alarm\n" };
360 alarm(2);
361 $result = NPTest->testCmd( $cmd );
362 alarm(0); };
363 isnt( $@, "alarm\n", $cmd );
364 is( $result->return_code, 0, $cmd );
366 # Let's hope there won't be any web server on :80 returning "redirected"!
367 $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
368 eval {
369 local $SIG{ALRM} = sub { die "alarm\n" };
370 alarm(2);
371 $result = NPTest->testCmd( $cmd );
372 alarm(0); };
373 isnt( $@, "alarm\n", $cmd );
374 isnt( $result->return_code, 0, $cmd );
376 # Test an external address - timeout
377 SKIP: {
378 skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
379 $cmd = "$command -f follow -u /redir_external -t 5";
380 eval {
381 local $SIG{ALRM} = sub { die "alarm\n" };
382 alarm(2);
383 $result = NPTest->testCmd( $cmd );
384 alarm(0); };
385 is( $@, "alarm\n", $cmd );
386 }
388 $cmd = "$command -u /timeout -t 5";
389 eval {
390 local $SIG{ALRM} = sub { die "alarm\n" };
391 alarm(2);
392 $result = NPTest->testCmd( $cmd );
393 alarm(0); };
394 is( $@, "alarm\n", $cmd );
396 $cmd = "$command -f follow -u /redir_timeout -t 2";
397 eval {
398 local $SIG{ALRM} = sub { die "alarm\n" };
399 alarm(5);
400 $result = NPTest->testCmd( $cmd );
401 alarm(0); };
402 isnt( $@, "alarm\n", $cmd );
404 }