![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 #! /usr/bin/perl -w -I ..
2 #
3 # Test check_http by having an actual HTTP server running
4 #
5 # To create the https server certificate:
6 # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
7 # Country Name (2 letter code) [AU]:UK
8 # State or Province Name (full name) [Some-State]:Derbyshire
9 # Locality Name (eg, city) []:Belper
10 # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Nagios Plugins
11 # Organizational Unit Name (eg, section) []:
12 # Common Name (eg, YOUR name) []:Ton Voon
13 # Email Address []:tonvoon@mac.com
16 use strict;
17 use Test::More;
18 use NPTest;
19 use FindBin qw($Bin);
21 use HTTP::Daemon;
22 use HTTP::Status;
23 use HTTP::Response;
25 my $servers = { http => 0 }; # HTTP::Daemon should always be available
26 eval { require HTTP::Daemon::SSL };
27 if ($@) {
28 diag "Cannot load HTTP::Daemon::SSL: $@";
29 } else {
30 $servers->{https} = 0;
31 }
33 # set a fixed version, so the header size doesn't vary
34 $HTTP::Daemon::VERSION = "1.00";
36 my $port_http = 50000 + int(rand(1000));
37 my $port_https = $port_http + 1;
38 my $port_https_expired = $port_http + 2;
40 # This array keeps sockets around for implementing timeouts
41 my @persist;
43 # Start up all servers
44 my @pids;
45 my $pid = fork();
46 if ($pid) {
47 # Parent
48 push @pids, $pid;
49 if (exists $servers->{https}) {
50 # Fork a normal HTTPS server
51 $pid = fork();
52 if ($pid) {
53 # Parent
54 push @pids, $pid;
55 # Fork an expired cert server
56 $pid = fork();
57 if ($pid) {
58 push @pids, $pid;
59 } else {
60 my $d = HTTP::Daemon::SSL->new(
61 LocalPort => $port_https_expired,
62 LocalAddr => "127.0.0.1",
63 SSL_cert_file => "$Bin/certs/expired-cert.pem",
64 SSL_key_file => "$Bin/certs/expired-key.pem",
65 ) || die;
66 print "Please contact https expired at: <URL:", $d->url, ">\n";
67 run_server( $d );
68 exit;
69 }
70 } else {
71 my $d = HTTP::Daemon::SSL->new(
72 LocalPort => $port_https,
73 LocalAddr => "127.0.0.1",
74 SSL_cert_file => "$Bin/certs/server-cert.pem",
75 SSL_key_file => "$Bin/certs/server-key.pem",
76 ) || die;
77 print "Please contact https at: <URL:", $d->url, ">\n";
78 run_server( $d );
79 exit;
80 }
81 }
82 # give our webservers some time to startup
83 sleep(1);
84 } else {
85 # Child
86 #print "child\n";
87 my $d = HTTP::Daemon->new(
88 LocalPort => $port_http,
89 LocalAddr => "127.0.0.1",
90 ) || die;
91 print "Please contact http at: <URL:", $d->url, ">\n";
92 run_server( $d );
93 exit;
94 }
96 # Run the same server on http and https
97 sub run_server {
98 my $d = shift;
99 MAINLOOP: while (my $c = $d->accept ) {
100 while (my $r = $c->get_request) {
101 if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
102 $c->send_basic_header($1);
103 $c->send_crlf;
104 } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
105 $c->send_basic_header;
106 $c->send_crlf;
107 $c->send_file_response("$Bin/var/$1");
108 } elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
109 $c->send_basic_header;
110 $c->send_crlf;
111 sleep 1;
112 $c->send_response("slow");
113 } elsif ($r->url->path eq "/method") {
114 if ($r->method eq "DELETE") {
115 $c->send_error(RC_METHOD_NOT_ALLOWED);
116 } elsif ($r->method eq "foo") {
117 $c->send_error(RC_NOT_IMPLEMENTED);
118 } else {
119 $c->send_status_line(200, $r->method);
120 }
121 } elsif ($r->url->path eq "/postdata") {
122 $c->send_basic_header;
123 $c->send_crlf;
124 $c->send_response($r->method.":".$r->content);
125 } elsif ($r->url->path eq "/redirect") {
126 $c->send_redirect( "/redirect2" );
127 } elsif ($r->url->path eq "/redir_external") {
128 $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
129 } elsif ($r->url->path eq "/redirect2") {
130 $c->send_basic_header;
131 $c->send_crlf;
132 $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
133 } elsif ($r->url->path eq "/redir_timeout") {
134 $c->send_redirect( "/timeout" );
135 } elsif ($r->url->path eq "/timeout") {
136 # Keep $c from being destroyed, but prevent severe leaks
137 unshift @persist, $c;
138 delete($persist[1000]);
139 next MAINLOOP;
140 } else {
141 $c->send_error(RC_FORBIDDEN);
142 }
143 $c->close;
144 }
145 }
146 }
148 END {
149 foreach my $pid (@pids) {
150 if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
151 }
152 };
154 if ($ARGV[0] && $ARGV[0] eq "-d") {
155 while (1) {
156 sleep 100;
157 }
158 }
160 my $common_tests = 66;
161 my $ssl_only_tests = 6;
162 if (-x "./check_http") {
163 plan tests => $common_tests * 2 + $ssl_only_tests;
164 } else {
165 plan skip_all => "No check_http compiled";
166 }
168 my $result;
169 my $command = "./check_http -H 127.0.0.1";
171 run_common_tests( { command => "$command -p $port_http" } );
172 SKIP: {
173 skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
174 run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
176 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
177 is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
178 is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41.', "output ok" );
180 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
181 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
182 like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" );
184 # Expired cert tests
185 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
186 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
187 is( $result->output,
188 'CRITICAL - Certificate expired on 03/05/2009 00:13.',
189 "output ok" );
191 }
193 sub run_common_tests {
194 my ($opts) = @_;
195 my $command = $opts->{command};
196 if ($opts->{ssl}) {
197 $command .= " --ssl";
198 }
200 $result = NPTest->testCmd( "$command -u /file/root" );
201 is( $result->return_code, 0, "/file/root");
202 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
204 $result = NPTest->testCmd( "$command -u /file/root -s Root" );
205 is( $result->return_code, 0, "/file/root search for string");
206 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
208 $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
209 is( $result->return_code, 2, "Missing string check");
210 like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
212 $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
213 is( $result->return_code, 2, "Missing string check");
214 like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
217 my $cmd;
218 $cmd = "$command -u /slow";
219 $result = NPTest->testCmd( $cmd );
220 is( $result->return_code, 0, "$cmd");
221 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
222 $result->output =~ /in ([\d\.]+) second/;
223 cmp_ok( $1, ">", 1, "Time is > 1 second" );
225 $cmd = "$command -u /statuscode/200";
226 $result = NPTest->testCmd( $cmd );
227 is( $result->return_code, 0, $cmd);
228 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
230 $cmd = "$command -u /statuscode/200 -e 200";
231 $result = NPTest->testCmd( $cmd );
232 is( $result->return_code, 0, $cmd);
233 like( $result->output, '/^HTTP OK: Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
235 $cmd = "$command -u /statuscode/201";
236 $result = NPTest->testCmd( $cmd );
237 is( $result->return_code, 0, $cmd);
238 like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
240 $cmd = "$command -u /statuscode/201 -e 201";
241 $result = NPTest->testCmd( $cmd );
242 is( $result->return_code, 0, $cmd);
243 like( $result->output, '/^HTTP OK: Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
245 $cmd = "$command -u /statuscode/201 -e 200";
246 $result = NPTest->testCmd( $cmd );
247 is( $result->return_code, 2, $cmd);
248 like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
250 $cmd = "$command -u /statuscode/200 -e 200,201,202";
251 $result = NPTest->testCmd( $cmd );
252 is( $result->return_code, 0, $cmd);
253 like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
255 $cmd = "$command -u /statuscode/201 -e 200,201,202";
256 $result = NPTest->testCmd( $cmd );
257 is( $result->return_code, 0, $cmd);
258 like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
260 $cmd = "$command -u /statuscode/203 -e 200,201,202";
261 $result = NPTest->testCmd( $cmd );
262 is( $result->return_code, 2, $cmd);
263 like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
265 $cmd = "$command -j HEAD -u /method";
266 $result = NPTest->testCmd( $cmd );
267 is( $result->return_code, 0, $cmd);
268 like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
270 $cmd = "$command -j POST -u /method";
271 $result = NPTest->testCmd( $cmd );
272 is( $result->return_code, 0, $cmd);
273 like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
275 $cmd = "$command -j GET -u /method";
276 $result = NPTest->testCmd( $cmd );
277 is( $result->return_code, 0, $cmd);
278 like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
280 $cmd = "$command -u /method";
281 $result = NPTest->testCmd( $cmd );
282 is( $result->return_code, 0, $cmd);
283 like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
285 $cmd = "$command -P foo -u /method";
286 $result = NPTest->testCmd( $cmd );
287 is( $result->return_code, 0, $cmd);
288 like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
290 $cmd = "$command -j DELETE -u /method";
291 $result = NPTest->testCmd( $cmd );
292 is( $result->return_code, 1, $cmd);
293 like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
295 $cmd = "$command -j foo -u /method";
296 $result = NPTest->testCmd( $cmd );
297 is( $result->return_code, 2, $cmd);
298 like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
300 $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
301 $result = NPTest->testCmd( $cmd );
302 is( $result->return_code, 0, $cmd);
303 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
305 $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
306 $result = NPTest->testCmd( $cmd );
307 is( $result->return_code, 0, $cmd);
308 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
310 # To confirm that the free doesn't segfault
311 $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
312 $result = NPTest->testCmd( $cmd );
313 is( $result->return_code, 0, $cmd);
314 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
316 $cmd = "$command -u /redirect";
317 $result = NPTest->testCmd( $cmd );
318 is( $result->return_code, 0, $cmd);
319 like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
321 $cmd = "$command -f follow -u /redirect";
322 $result = NPTest->testCmd( $cmd );
323 is( $result->return_code, 0, $cmd);
324 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
326 $cmd = "$command -u /redirect -k 'follow: me'";
327 $result = NPTest->testCmd( $cmd );
328 is( $result->return_code, 0, $cmd);
329 like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
331 $cmd = "$command -f follow -u /redirect -k 'follow: me'";
332 $result = NPTest->testCmd( $cmd );
333 is( $result->return_code, 0, $cmd);
334 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
336 $cmd = "$command -f sticky -u /redirect -k 'follow: me'";
337 $result = NPTest->testCmd( $cmd );
338 is( $result->return_code, 0, $cmd);
339 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
341 $cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
342 $result = NPTest->testCmd( $cmd );
343 is( $result->return_code, 0, $cmd);
344 like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
346 # These tests may block
347 print "ALRM\n";
349 # stickyport - on full urlS port is set back to 80 otherwise
350 $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
351 eval {
352 local $SIG{ALRM} = sub { die "alarm\n" };
353 alarm(2);
354 $result = NPTest->testCmd( $cmd );
355 alarm(0); };
356 isnt( $@, "alarm\n", $cmd );
357 is( $result->return_code, 0, $cmd );
359 # Let's hope there won't be any web server on :80 returning "redirected"!
360 $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
361 eval {
362 local $SIG{ALRM} = sub { die "alarm\n" };
363 alarm(2);
364 $result = NPTest->testCmd( $cmd );
365 alarm(0); };
366 isnt( $@, "alarm\n", $cmd );
367 isnt( $result->return_code, 0, $cmd );
369 # Test an external address - timeout
370 SKIP: {
371 skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
372 $cmd = "$command -f follow -u /redir_external -t 5";
373 eval {
374 local $SIG{ALRM} = sub { die "alarm\n" };
375 alarm(2);
376 $result = NPTest->testCmd( $cmd );
377 alarm(0); };
378 is( $@, "alarm\n", $cmd );
379 }
381 $cmd = "$command -u /timeout -t 5";
382 eval {
383 local $SIG{ALRM} = sub { die "alarm\n" };
384 alarm(2);
385 $result = NPTest->testCmd( $cmd );
386 alarm(0); };
387 is( $@, "alarm\n", $cmd );
389 $cmd = "$command -f follow -u /redir_timeout -t 2";
390 eval {
391 local $SIG{ALRM} = sub { die "alarm\n" };
392 alarm(5);
393 $result = NPTest->testCmd( $cmd );
394 alarm(0); };
395 isnt( $@, "alarm\n", $cmd );
397 }