Added inline tests for HTTPS using HTTP::Daemon::SSL

plugins/tests/certs/server-cert.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAsygAwIBAgIJAL8LkpNwzYdxMA0GCSqGSIb3DQEBBAUAMH8xCzAJBgNV
+BAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIxFzAV
+BgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwGCSqG
+SIb3DQEJARYPdG9udm9vbkBtYWMuY29tMB4XDTA5MDMwNTIxNDEyOFoXDTE5MDMw
+MzIxNDEyOFowfzELMAkGA1UEBhMCVUsxEzARBgNVBAgTCkRlcmJ5c2hpcmUxDzAN
+BgNVBAcTBkJlbHBlcjEXMBUGA1UEChMOTmFnaW9zIFBsdWdpbnMxETAPBgNVBAMT
+CFRvbiBWb29uMR4wHAYJKoZIhvcNAQkBFg90b252b29uQG1hYy5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKcWMBtNtfY8vZXk0SN6/EYTVN/LOvaOSegy
+oVdLoGwuwjagk+XmCzvCqHZRp8lnCLay7AO8AQI7TSN02ihCcSrgGA9OT+HciIJ1
+l5/kEYUAuA1PR6YKK/T713zUAlMzy2tsugx5+xSsSEwsXkmne52jJiG/wuE5CLT0
+9pF8HQqHAgMBAAGjgeYwgeMwHQYDVR0OBBYEFGioSPQ/rdE19+zaeY2YvHTXlUDI
+MIGzBgNVHSMEgaswgaiAFGioSPQ/rdE19+zaeY2YvHTXlUDIoYGEpIGBMH8xCzAJ
+BgNVBAYTAlVLMRMwEQYDVQQIEwpEZXJieXNoaXJlMQ8wDQYDVQQHEwZCZWxwZXIx
+FzAVBgNVBAoTDk5hZ2lvcyBQbHVnaW5zMREwDwYDVQQDEwhUb24gVm9vbjEeMBwG
+CSqGSIb3DQEJARYPdG9udm9vbkBtYWMuY29tggkAvwuSk3DNh3EwDAYDVR0TBAUw
+AwEB/zANBgkqhkiG9w0BAQQFAAOBgQCdqasaIO6JiV5ONFG6Tr1++85UfEdZKMUX
+N2NHiNNUunolIZEYR+dW99ezKmHlDiQ/tMgoLVYpl2Ubho2pAkLGQR+W0ZASgWQ1
+NjfV27Rv0y6lYQMTA0lVAU93L1x9reo3FMedmL5+H+lIEpLCxEPtAJNISrJOneZB
+W5jDadwkoQ==
+-----END CERTIFICATE-----

plugins/tests/certs/server-key.pem

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCnFjAbTbX2PL2V5NEjevxGE1Tfyzr2jknoMqFXS6BsLsI2oJPl
+5gs7wqh2UafJZwi2suwDvAECO00jdNooQnEq4BgPTk/h3IiCdZef5BGFALgNT0em
+Civ0+9d81AJTM8trbLoMefsUrEhMLF5Jp3udoyYhv8LhOQi09PaRfB0KhwIDAQAB
+AoGAfpxclcP8N3vteXErXURrd7pcXT0GECDgNjhvc9PV20RPXM+vYs1AA+fMeeQE
+TaRqwO6x016aMRO4rz5ztYArecTBznkds1k59pkN/Ne/nsueU4tvGK8MNyS2o986
+Voohqkaq4Lcy1bcHJb9su1ELjegEr1R76Mz452Hsy+uTbAECQQDcg/tZWKVeh5CQ
+dOEB3YWHwfn0NDgfPm/X2i2kAZ7n7URaUy/ffdlfsrr1mBtHCfedLoOxmmlNfEpM
+hXAAurSHAkEAwfk7fEb0iN0Sj9gTozO7c6Ky10KwePZyjVzqSQIiJq3NX8BEaIeb
+51TXxE5VxaLjjMLRkA0hWTYXClgERFZ6AQJAN7ChPqwzf08PRFwwIw911JY5cOHr
+NoDHMCUql5vNLNdwBruxgGjBB/kUXEfgw60RusFvgt/zLh1wiii844JDawJAGQBF
+sYP3urg7zzx7c3qUe5gJ0wLuefjR1PSX4ecbfb7DDMdcSdjIuG1QDiZGmd2f1KG7
+nwSCOtxk5dloW2KGAQJAQh/iBn0QhfKLFAP5eZBVk8E8XlZuw+S2DLy5SnBlIiYJ
+GB5I2OClgtudXMv1labFrcST8O9eFrtsrhU1iUGUOw==
+-----END RSA PRIVATE KEY-----

plugins/tests/check_http.t

@@ -12,26 +12,59 @@ use HTTP::Daemon;
 use HTTP::Status;
 use HTTP::Response;
 
+my $servers = { http => 0 };	# HTTP::Daemon should always be available
+eval { require HTTP::Daemon::SSL };
+if ($@) {
+	diag "Cannot load HTTP::Daemon::SSL: $@";
+} else {
+	$servers->{https} = 0;
+}
+
 # set a fixed version, so the header size doesn't vary
 $HTTP::Daemon::VERSION = "1.00";
 
-my $port = 50000 + int(rand(1000));
+my $port_http = 50000 + int(rand(1000));
+my $port_https = $port_http + 1;
 
-my $pid = fork();
-if ($pid) {
+# Start up both servers
+my $pid_https;
+my $pid_http = fork();
+if ($pid_http) {
 	# Parent
-	#print "parent\n";
-	# give our webserver some time to startup
+	if (exists $servers->{https}) {
+		# Fork another server
+		$pid_https = fork();
+		if ($pid_https) {
+			# Parent
+		} else {
+			my $d = HTTP::Daemon::SSL->new(
+				LocalPort => $port_https,
+				LocalAddr => "127.0.0.1",
+				SSL_cert_file => "$Bin/certs/server-cert.pem",
+				SSL_key_file => "$Bin/certs/server-key.pem",
+			) || die;
+			print "Please contact https at: <URL:", $d->url, ">\n";
+			run_server( $d );
+			exit;
+		}
+	}
+	# give our webservers some time to startup
 	sleep(1);
 } else {
 	# Child
 	#print "child\n";
-
 	my $d = HTTP::Daemon->new(
-		LocalPort => $port,
+		LocalPort => $port_http,
 		LocalAddr => "127.0.0.1",
 	) || die;
-	print "Please contact me at: <URL:", $d->url, ">\n";
+	print "Please contact http at: <URL:", $d->url, ">\n";
+	run_server( $d );
+	exit;
+}
+
+# Run the same server on http and https
+sub run_server {
+	my $d = shift;
 	while (my $c = $d->accept ) {
 		while (my $r = $c->get_request) {
 			if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
@@ -70,140 +103,173 @@ if ($pid) {
 			$c->close;
 		}
 	}
-	exit;
 }
 
-END { if ($pid) { print "Killing $pid\n"; kill "INT", $pid } };
+END { 
+	foreach my $pid ($pid_http, $pid_https) {
+		if ($pid) { print "Killing $pid\n"; kill "INT", $pid } 
+	}
+};
 
 if ($ARGV[0] && $ARGV[0] eq "-d") {
 	sleep 1000;
 }
 
+my $common_tests = 47;
 if (-x "./check_http") {
-	plan tests => 47;
+	plan tests => $common_tests * 2;
 } else {
 	plan skip_all => "No check_http compiled";
 }
 
 my $result;
-my $command = "./check_http -H 127.0.0.1 -p $port";
-
-$result = NPTest->testCmd( "$command -u /file/root" );
-is( $result->return_code, 0, "/file/root");
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 274 bytes in [\d\.]+ seconds/', "Output correct" );
+my $command = "./check_http -H 127.0.0.1";
 
-$result = NPTest->testCmd( "$command -u /file/root -s Root" );
-is( $result->return_code, 0, "/file/root search for string");
-TODO: {
-local $TODO = "Output is different if a string is requested - should this be right?";
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 274 bytes in [\d\.]+ seconds/', "Output correct" );
+run_common_tests( { command => "$command -p $port_http" } );
+SKIP: {
+	skip "HTTP::Daemon::SSL not installed", $common_tests if ! exists $servers->{https};
+	run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
 }
 
-$result = NPTest->testCmd( "$command -u /slow" );
-is( $result->return_code, 0, "/file/root");
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 177 bytes in ([\d\.]+) seconds/', "Output correct" );
-$result->output =~ /in ([\d\.]+) seconds/;
-cmp_ok( $1, ">", 1, "Time is > 1 second" );
-
-my $cmd;
-$cmd = "$command -u /statuscode/200 -e 200";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 89 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /statuscode/201 -e 201";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 201 Created - 94 bytes in ([\d\.]+) seconds /', "Output correct: ".$result->output );
-
-$cmd = "$command -u /statuscode/201 -e 200";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 2, $cmd);
-like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /statuscode/200 -e 200,201,202";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 89 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /statuscode/201 -e 200,201,202";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 201 Created - 94 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /statuscode/203 -e 200,201,202";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 2, $cmd);
-like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
-
-$cmd = "$command -j HEAD -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 HEAD - 19 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -j POST -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 POST - 19 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -j GET -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 GET - 18 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 GET - 18 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -P foo -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 POST - 19 bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
-
-$cmd = "$command -j DELETE -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 1, $cmd);
-like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
-
-$cmd = "$command -j foo -u /method";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 2, $cmd);
-like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
-
-$cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
-
-$cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
-
-# To confirm that the free doesn't segfault
-$cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /redirect";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK - HTTP/1.1 301 Moved Permanently - [\d\.]+ second/', "Output correct: ".$result->output );
-
-$cmd = "$command -f follow -u /redirect";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 183 bytes in [\d\.]+ second/', "Output correct: ".$result->output );
-
-$cmd = "$command -u /redirect -k 'follow: me'";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK - HTTP/1.1 301 Moved Permanently - [\d\.]+ second/', "Output correct: ".$result->output );
-
-$cmd = "$command -f follow -u /redirect -k 'follow: me'";
-$result = NPTest->testCmd( $cmd );
-is( $result->return_code, 0, $cmd);
-like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 183 bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+sub run_common_tests {
+	my ($opts) = @_;
+	my $command = $opts->{command};
+	my $b;
+	my $add = 0;
+	if ($opts->{ssl}) {
+		$command .= " --ssl";
+	}
 
+	$result = NPTest->testCmd( "$command -u /file/root" );
+	is( $result->return_code, 0, "/file/root");
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 274 bytes in [\d\.]+ seconds/', "Output correct" );
+
+	$result = NPTest->testCmd( "$command -u /file/root -s Root" );
+	is( $result->return_code, 0, "/file/root search for string");
+	TODO: {
+	local $TODO = "Output is different if a string is requested - should this be right?";
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - 274 bytes in [\d\.]+ seconds/', "Output correct" );
+	}
+
+
+	$b = 177 + $add;
+	$result = NPTest->testCmd( "$command -u /slow" );
+	is( $result->return_code, 0, "/file/root");
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct" );
+	$result->output =~ /in ([\d\.]+) seconds/;
+	cmp_ok( $1, ">", 1, "Time is > 1 second" );
+
+	my $cmd;
+	$b = 89 + $add;
+	$cmd = "$command -u /statuscode/200 -e 200";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 94 + $add;
+	$cmd = "$command -u /statuscode/201 -e 201";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 201 Created - '.$b.' bytes in ([\d\.]+) seconds /', "Output correct: ".$result->output );
+
+	$cmd = "$command -u /statuscode/201 -e 200";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 2, $cmd);
+	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
+
+	$b = 89 + $add;
+	$cmd = "$command -u /statuscode/200 -e 200,201,202";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 94 + $add;
+	$cmd = "$command -u /statuscode/201 -e 200,201,202";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 201 Created - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$cmd = "$command -u /statuscode/203 -e 200,201,202";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 2, $cmd);
+	like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
+
+	$b = 19 + $add;
+	$cmd = "$command -j HEAD -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 HEAD - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 19 + $add;
+	$cmd = "$command -j POST -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 POST - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 18 + $add;
+	$cmd = "$command -j GET -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 GET - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 18 + $add;
+	$cmd = "$command -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 GET - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$b = 19 + $add;
+	$cmd = "$command -P foo -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 POST - '.$b.' bytes in ([\d\.]+) seconds/', "Output correct: ".$result->output );
+
+	$cmd = "$command -j DELETE -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 1, $cmd);
+	like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
+
+	$cmd = "$command -j foo -u /method";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 2, $cmd);
+	like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
+
+	$cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
+
+	$cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
+
+	# To confirm that the free doesn't segfault
+	$cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - ([\d\.]+) second/', "Output correct: ".$result->output );
+
+	$cmd = "$command -u /redirect";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK - HTTP/1.1 301 Moved Permanently - [\d\.]+ second/', "Output correct: ".$result->output );
+
+	$b = 183 + $add;
+	$cmd = "$command -f follow -u /redirect";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - '.$b.' bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+
+	$cmd = "$command -u /redirect -k 'follow: me'";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK - HTTP/1.1 301 Moved Permanently - [\d\.]+ second/', "Output correct: ".$result->output );
+
+	$b = 183 + $add;
+	$cmd = "$command -f follow -u /redirect -k 'follow: me'";
+	$result = NPTest->testCmd( $cmd );
+	is( $result->return_code, 0, $cmd);
+	like( $result->output, '/^HTTP OK HTTP/1.1 200 OK - '.$b.' bytes in [\d\.]+ second/', "Output correct: ".$result->output );
+
+}