4
0

check_http.t 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413
  1. #! /usr/bin/perl -w -I ..
  2. #
  3. # Test check_http by having an actual HTTP server running
  4. #
  5. # To create the https server certificate:
  6. # openssl req -new -x509 -keyout server-key.pem -out server-cert.pem -days 3650 -nodes
  7. # Country Name (2 letter code) [AU]:UK
  8. # State or Province Name (full name) [Some-State]:Derbyshire
  9. # Locality Name (eg, city) []:Belper
  10. # Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins
  11. # Organizational Unit Name (eg, section) []:
  12. # Common Name (eg, YOUR name) []:Ton Voon
  13. # Email Address []:tonvoon@mac.com
  14. use strict;
  15. use Test::More;
  16. use NPTest;
  17. use FindBin qw($Bin);
  18. my $common_tests = 70;
  19. my $ssl_only_tests = 8;
  20. # Check that all dependent modules are available
  21. eval "use HTTP::Daemon 6.01;";
  22. plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
  23. eval {
  24. require HTTP::Status;
  25. require HTTP::Response;
  26. };
  27. if ($@) {
  28. plan skip_all => "Missing required module for test: $@";
  29. } else {
  30. if (-x "./check_http") {
  31. plan tests => $common_tests * 2 + $ssl_only_tests;
  32. } else {
  33. plan skip_all => "No check_http compiled";
  34. }
  35. }
  36. my $servers = { http => 0 }; # HTTP::Daemon should always be available
  37. eval { require HTTP::Daemon::SSL };
  38. if ($@) {
  39. diag "Cannot load HTTP::Daemon::SSL: $@";
  40. } else {
  41. $servers->{https} = 0;
  42. }
  43. # set a fixed version, so the header size doesn't vary
  44. $HTTP::Daemon::VERSION = "1.00";
  45. my $port_http = 50000 + int(rand(1000));
  46. my $port_https = $port_http + 1;
  47. my $port_https_expired = $port_http + 2;
  48. # This array keeps sockets around for implementing timeouts
  49. my @persist;
  50. # Start up all servers
  51. my @pids;
  52. my $pid = fork();
  53. if ($pid) {
  54. # Parent
  55. push @pids, $pid;
  56. if (exists $servers->{https}) {
  57. # Fork a normal HTTPS server
  58. $pid = fork();
  59. if ($pid) {
  60. # Parent
  61. push @pids, $pid;
  62. # Fork an expired cert server
  63. $pid = fork();
  64. if ($pid) {
  65. push @pids, $pid;
  66. } else {
  67. my $d = HTTP::Daemon::SSL->new(
  68. LocalPort => $port_https_expired,
  69. LocalAddr => "127.0.0.1",
  70. SSL_cert_file => "$Bin/certs/expired-cert.pem",
  71. SSL_key_file => "$Bin/certs/expired-key.pem",
  72. ) || die;
  73. print "Please contact https expired at: <URL:", $d->url, ">\n";
  74. run_server( $d );
  75. exit;
  76. }
  77. } else {
  78. my $d = HTTP::Daemon::SSL->new(
  79. LocalPort => $port_https,
  80. LocalAddr => "127.0.0.1",
  81. SSL_cert_file => "$Bin/certs/server-cert.pem",
  82. SSL_key_file => "$Bin/certs/server-key.pem",
  83. ) || die;
  84. print "Please contact https at: <URL:", $d->url, ">\n";
  85. run_server( $d );
  86. exit;
  87. }
  88. }
  89. # give our webservers some time to startup
  90. sleep(1);
  91. } else {
  92. # Child
  93. #print "child\n";
  94. my $d = HTTP::Daemon->new(
  95. LocalPort => $port_http,
  96. LocalAddr => "127.0.0.1",
  97. ) || die;
  98. print "Please contact http at: <URL:", $d->url, ">\n";
  99. run_server( $d );
  100. exit;
  101. }
  102. # Run the same server on http and https
  103. sub run_server {
  104. my $d = shift;
  105. MAINLOOP: while (my $c = $d->accept ) {
  106. while (my $r = $c->get_request) {
  107. if ($r->method eq "GET" and $r->url->path =~ m^/statuscode/(\d+)^) {
  108. $c->send_basic_header($1);
  109. $c->send_crlf;
  110. } elsif ($r->method eq "GET" and $r->url->path =~ m^/file/(.*)^) {
  111. $c->send_basic_header;
  112. $c->send_crlf;
  113. $c->send_file_response("$Bin/var/$1");
  114. } elsif ($r->method eq "GET" and $r->url->path eq "/slow") {
  115. $c->send_basic_header;
  116. $c->send_crlf;
  117. sleep 1;
  118. $c->send_response("slow");
  119. } elsif ($r->url->path eq "/method") {
  120. if ($r->method eq "DELETE") {
  121. $c->send_error(HTTP::Status->RC_METHOD_NOT_ALLOWED);
  122. } elsif ($r->method eq "foo") {
  123. $c->send_error(HTTP::Status->RC_NOT_IMPLEMENTED);
  124. } else {
  125. $c->send_status_line(200, $r->method);
  126. }
  127. } elsif ($r->url->path eq "/postdata") {
  128. $c->send_basic_header;
  129. $c->send_crlf;
  130. $c->send_response($r->method.":".$r->content);
  131. } elsif ($r->url->path eq "/redirect") {
  132. $c->send_redirect( "/redirect2" );
  133. } elsif ($r->url->path eq "/redir_external") {
  134. $c->send_redirect(($d->isa('HTTP::Daemon::SSL') ? "https" : "http") . "://169.254.169.254/redirect2" );
  135. } elsif ($r->url->path eq "/redirect2") {
  136. $c->send_basic_header;
  137. $c->send_crlf;
  138. $c->send_response(HTTP::Response->new( 200, 'OK', undef, 'redirected' ));
  139. } elsif ($r->url->path eq "/redir_timeout") {
  140. $c->send_redirect( "/timeout" );
  141. } elsif ($r->url->path eq "/timeout") {
  142. # Keep $c from being destroyed, but prevent severe leaks
  143. unshift @persist, $c;
  144. delete($persist[1000]);
  145. next MAINLOOP;
  146. } elsif ($r->url->path eq "/header_check") {
  147. $c->send_basic_header;
  148. $c->send_header('foo');
  149. $c->send_crlf;
  150. } else {
  151. $c->send_error(HTTP::Status->RC_FORBIDDEN);
  152. }
  153. $c->close;
  154. }
  155. }
  156. }
  157. END {
  158. foreach my $pid (@pids) {
  159. if ($pid) { print "Killing $pid\n"; kill "INT", $pid }
  160. }
  161. };
  162. if ($ARGV[0] && $ARGV[0] eq "-d") {
  163. while (1) {
  164. sleep 100;
  165. }
  166. }
  167. my $result;
  168. my $command = "./check_http -H 127.0.0.1";
  169. run_common_tests( { command => "$command -p $port_http" } );
  170. SKIP: {
  171. skip "HTTP::Daemon::SSL not installed", $common_tests + $ssl_only_tests if ! exists $servers->{https};
  172. run_common_tests( { command => "$command -p $port_https", ssl => 1 } );
  173. $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
  174. is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
  175. is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:00 2019.', "output ok" );
  176. $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
  177. is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
  178. like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" );
  179. # Expired cert tests
  180. $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
  181. is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
  182. like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" );
  183. $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
  184. is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
  185. is( $result->output,
  186. 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:00 2009.',
  187. "output ok" );
  188. }
  189. sub run_common_tests {
  190. my ($opts) = @_;
  191. my $command = $opts->{command};
  192. if ($opts->{ssl}) {
  193. $command .= " --ssl";
  194. }
  195. $result = NPTest->testCmd( "$command -u /file/root" );
  196. is( $result->return_code, 0, "/file/root");
  197. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
  198. $result = NPTest->testCmd( "$command -u /file/root -s Root" );
  199. is( $result->return_code, 0, "/file/root search for string");
  200. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 274 bytes in [\d\.]+ second/', "Output correct" );
  201. $result = NPTest->testCmd( "$command -u /file/root -s NonRoot" );
  202. is( $result->return_code, 2, "Missing string check");
  203. like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRoot' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
  204. $result = NPTest->testCmd( "$command -u /file/root -s NonRootWithOver30charsAndMoreFunThanAWetFish" );
  205. is( $result->return_code, 2, "Missing string check");
  206. like( $result->output, qr%HTTP CRITICAL: HTTP/1\.1 200 OK - string 'NonRootWithOver30charsAndM...' not found on 'https?://127\.0\.0\.1:\d+/file/root'%, "Shows search string and location");
  207. $result = NPTest->testCmd( "$command -u /header_check -d foo" );
  208. is( $result->return_code, 0, "header_check search for string");
  209. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - 96 bytes in [\d\.]+ second/', "Output correct" );
  210. $result = NPTest->testCmd( "$command -u /header_check -d bar" );
  211. is( $result->return_code, 2, "Missing header string check");
  212. like( $result->output, qr%^HTTP CRITICAL: HTTP/1\.1 200 OK - header 'bar' not found on 'https?://127\.0\.0\.1:\d+/header_check'%, "Shows search string and location");
  213. my $cmd;
  214. $cmd = "$command -u /slow";
  215. $result = NPTest->testCmd( $cmd );
  216. is( $result->return_code, 0, "$cmd");
  217. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  218. $result->output =~ /in ([\d\.]+) second/;
  219. cmp_ok( $1, ">", 1, "Time is > 1 second" );
  220. $cmd = "$command -u /statuscode/200";
  221. $result = NPTest->testCmd( $cmd );
  222. is( $result->return_code, 0, $cmd);
  223. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  224. $cmd = "$command -u /statuscode/200 -e 200";
  225. $result = NPTest->testCmd( $cmd );
  226. is( $result->return_code, 0, $cmd);
  227. like( $result->output, '/^HTTP OK: Status line output matched "200" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  228. $cmd = "$command -u /statuscode/201";
  229. $result = NPTest->testCmd( $cmd );
  230. is( $result->return_code, 0, $cmd);
  231. like( $result->output, '/^HTTP OK: HTTP/1.1 201 Created - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
  232. $cmd = "$command -u /statuscode/201 -e 201";
  233. $result = NPTest->testCmd( $cmd );
  234. is( $result->return_code, 0, $cmd);
  235. like( $result->output, '/^HTTP OK: Status line output matched "201" - \d+ bytes in [\d\.]+ second /', "Output correct: ".$result->output );
  236. $cmd = "$command -u /statuscode/201 -e 200";
  237. $result = NPTest->testCmd( $cmd );
  238. is( $result->return_code, 2, $cmd);
  239. like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port \d+: HTTP/1.1 201 Created/', "Output correct: ".$result->output );
  240. $cmd = "$command -u /statuscode/200 -e 200,201,202";
  241. $result = NPTest->testCmd( $cmd );
  242. is( $result->return_code, 0, $cmd);
  243. like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  244. $cmd = "$command -u /statuscode/201 -e 200,201,202";
  245. $result = NPTest->testCmd( $cmd );
  246. is( $result->return_code, 0, $cmd);
  247. like( $result->output, '/^HTTP OK: Status line output matched "200,201,202" - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  248. $cmd = "$command -u /statuscode/203 -e 200,201,202";
  249. $result = NPTest->testCmd( $cmd );
  250. is( $result->return_code, 2, $cmd);
  251. like( $result->output, '/^HTTP CRITICAL - Invalid HTTP response received from host on port (\d+): HTTP/1.1 203 Non-Authoritative Information/', "Output correct: ".$result->output );
  252. $cmd = "$command -j HEAD -u /method";
  253. $result = NPTest->testCmd( $cmd );
  254. is( $result->return_code, 0, $cmd);
  255. like( $result->output, '/^HTTP OK: HTTP/1.1 200 HEAD - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  256. $cmd = "$command -j POST -u /method";
  257. $result = NPTest->testCmd( $cmd );
  258. is( $result->return_code, 0, $cmd);
  259. like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  260. $cmd = "$command -j GET -u /method";
  261. $result = NPTest->testCmd( $cmd );
  262. is( $result->return_code, 0, $cmd);
  263. like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  264. $cmd = "$command -u /method";
  265. $result = NPTest->testCmd( $cmd );
  266. is( $result->return_code, 0, $cmd);
  267. like( $result->output, '/^HTTP OK: HTTP/1.1 200 GET - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  268. $cmd = "$command -P foo -u /method";
  269. $result = NPTest->testCmd( $cmd );
  270. is( $result->return_code, 0, $cmd);
  271. like( $result->output, '/^HTTP OK: HTTP/1.1 200 POST - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  272. $cmd = "$command -j DELETE -u /method";
  273. $result = NPTest->testCmd( $cmd );
  274. is( $result->return_code, 1, $cmd);
  275. like( $result->output, '/^HTTP WARNING: HTTP/1.1 405 Method Not Allowed/', "Output correct: ".$result->output );
  276. $cmd = "$command -j foo -u /method";
  277. $result = NPTest->testCmd( $cmd );
  278. is( $result->return_code, 2, $cmd);
  279. like( $result->output, '/^HTTP CRITICAL: HTTP/1.1 501 Not Implemented/', "Output correct: ".$result->output );
  280. $cmd = "$command -P stufftoinclude -u /postdata -s POST:stufftoinclude";
  281. $result = NPTest->testCmd( $cmd );
  282. is( $result->return_code, 0, $cmd);
  283. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  284. $cmd = "$command -j PUT -P stufftoinclude -u /postdata -s PUT:stufftoinclude";
  285. $result = NPTest->testCmd( $cmd );
  286. is( $result->return_code, 0, $cmd);
  287. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  288. # To confirm that the free doesn't segfault
  289. $cmd = "$command -P stufftoinclude -j PUT -u /postdata -s PUT:stufftoinclude";
  290. $result = NPTest->testCmd( $cmd );
  291. is( $result->return_code, 0, $cmd);
  292. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  293. $cmd = "$command -u /redirect";
  294. $result = NPTest->testCmd( $cmd );
  295. is( $result->return_code, 0, $cmd);
  296. like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  297. $cmd = "$command -f follow -u /redirect";
  298. $result = NPTest->testCmd( $cmd );
  299. is( $result->return_code, 0, $cmd);
  300. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  301. $cmd = "$command -u /redirect -k 'follow: me'";
  302. $result = NPTest->testCmd( $cmd );
  303. is( $result->return_code, 0, $cmd);
  304. like( $result->output, '/^HTTP OK: HTTP/1.1 301 Moved Permanently - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  305. $cmd = "$command -f follow -u /redirect -k 'follow: me'";
  306. $result = NPTest->testCmd( $cmd );
  307. is( $result->return_code, 0, $cmd);
  308. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  309. $cmd = "$command -f sticky -u /redirect -k 'follow: me'";
  310. $result = NPTest->testCmd( $cmd );
  311. is( $result->return_code, 0, $cmd);
  312. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  313. $cmd = "$command -f stickyport -u /redirect -k 'follow: me'";
  314. $result = NPTest->testCmd( $cmd );
  315. is( $result->return_code, 0, $cmd);
  316. like( $result->output, '/^HTTP OK: HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second/', "Output correct: ".$result->output );
  317. # These tests may block
  318. print "ALRM\n";
  319. # stickyport - on full urlS port is set back to 80 otherwise
  320. $cmd = "$command -f stickyport -u /redir_external -t 5 -s redirected";
  321. eval {
  322. local $SIG{ALRM} = sub { die "alarm\n" };
  323. alarm(2);
  324. $result = NPTest->testCmd( $cmd );
  325. alarm(0); };
  326. isnt( $@, "alarm\n", $cmd );
  327. is( $result->return_code, 0, $cmd );
  328. # Let's hope there won't be any web server on :80 returning "redirected"!
  329. $cmd = "$command -f sticky -u /redir_external -t 5 -s redirected";
  330. eval {
  331. local $SIG{ALRM} = sub { die "alarm\n" };
  332. alarm(2);
  333. $result = NPTest->testCmd( $cmd );
  334. alarm(0); };
  335. isnt( $@, "alarm\n", $cmd );
  336. isnt( $result->return_code, 0, $cmd );
  337. # Test an external address - timeout
  338. SKIP: {
  339. skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL});
  340. $cmd = "$command -f follow -u /redir_external -t 5";
  341. eval {
  342. $result = NPTest->testCmd( $cmd, 2 );
  343. };
  344. like( $@, "/timeout in command: $cmd/", $cmd );
  345. }
  346. $cmd = "$command -u /timeout -t 5";
  347. eval {
  348. $result = NPTest->testCmd( $cmd, 2 );
  349. };
  350. like( $@, "/timeout in command: $cmd/", $cmd );
  351. $cmd = "$command -f follow -u /redir_timeout -t 2";
  352. eval {
  353. $result = NPTest->testCmd( $cmd, 5 );
  354. };
  355. is( $@, "", $cmd );
  356. }