Trang chủ Khám phá Trợ giúp
Đăng nhập
LBP
/
nagios_nrpe
mirror of https://github.com/NagiosEnterprises/nrpe.git
4
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Branch: master
Branches Tags
nagios_nrpe
/
tests
/
020-ssl.t

020-ssl.t 2.6 KB
Permalink Lịch sử Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. #!/usr/bin/perl
    2. 

  2. 

  3. use warnings;
    4. 

  4. use strict;
    5. 

  5. BEGIN {
    6. 

  6.     use File::Basename;
    7. 

  7.     use lib (dirname(__FILE__));
    8. 

  8. }
    9. 

  9. 

  10. use Test::More;
    11. 

  11. use nrpe;
    12. 

  12. 

  13. my @output;
    14. 

  14. 

  15. if (!supports_ssl()) {
    16. 

  16.     plan skip_all => 'SSL/TLS support unavailable.';
    17. 

  17. }
    18. 

  18. 

  19. # SSLv3 may or may not be supported so we don't explicitly test it.
    20. 

  20. my @SSL_Versions_Bad = ( 'TLSv1', 'TLSv1.1' );
    21. 

  21. my @SSL_Versions_Good = ( 'SSLv3+', 'TLSv1+', 'TLSv1.1+', 'TLSv1.2', 'TLSv1.2+', 'TLSv1.3', 'TLSv1.3+' );
    22. 

  22. 

  23. plan tests => 10 + ((scalar @SSL_Versions_Bad + scalar @SSL_Versions_Good) * 2);
    24. 

  24. 

  25. 

  26. ensure_daemon_running();
    27. 

  27. switch_config_file("configs/ssl.cfg");
    28. 

  28. restart_daemon();
    29. 

  29. 

  30. 

  31. @output = `$checknrpe -H 127.0.0.1 -p 40321`;
    32. 

  32. is($?, STATE_OK, 'connect ssl') || diag @output;
    33. 

  33. like($output[0], qr/NRPE v.*/, 'connect ssl response') || diag @output;
    34. 

  34. 

  35. @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/nrpe.crt`;
    36. 

  36. is($?, STATE_OK, 'connect ssl ca') || diag @output;
    37. 

  37. like($output[0], qr/NRPE v.*/, 'connect ssl ca response') || diag @output;
    38. 

  38. 

  39. @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/nrpe.crt -C configs/certs/nrpe.crt -K configs/certs/nrpe.key`;
    40. 

  40. is($?, STATE_OK, 'connect ssl cert') || diag @output;
    41. 

  41. like($output[0], qr/NRPE v.*/, 'connect ssl cert response') || diag @output;
    42. 

  42. 

  43. @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/other.crt`;
    44. 

  44. is($?, STATE_UNKNOWN, 'connect ssl other ca') || diag @output;
    45. 

  45. like($output[0], qr/CHECK_NRPE: \(ssl_err != 5\) Error - Could not complete SSL handshake with/, 'connect ssl other ca response') || diag @output;
    46. 

  46. 

  47. # --log-file=logs/check_nrpe_ssl.log --ssl-logging=255 
    48. 

  48. #  openssl: CHECK_NRPE: Error - Could not connect to .*
    49. 

  49. # libressl: CHECK_NRPE: Error sending query to host.
    50. 

  50. @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/nrpe.crt -C configs/certs/other.crt -K configs/certs/other.key`;
    51. 

  51. is($?, STATE_UNKNOWN, 'connect ssl other cert') || diag @output;
    52. 

  52. like($output[0], qr/CHECK_NRPE: Error /, 'connect ssl other cert response') || diag @output;
    53. 

  53. 

  54. 

  55. foreach ( @SSL_Versions_Bad ) {
    56. 

  56.     my $ver = $_;
    57. 

  57.     @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/nrpe.crt -S $ver`;
    58. 

  58.     is($?, STATE_UNKNOWN, "connect ssl $ver") || diag @output;
    59. 

  59.     like($output[0], qr/CHECK_NRPE: \(ssl_err != 5\) Error - Could not complete SSL handshake with/, "connect ssl $ver response") || diag @output;
    60. 

  60. }
    61. 

  61. 

  62. foreach ( @SSL_Versions_Good ) {
    63. 

  63.     my $ver = $_;
    64. 

  64.     @output = `$checknrpe -H 127.0.0.1 -p 40321 -A configs/certs/nrpe.crt -S $ver`;
    65. 

  65.     is($?, STATE_OK, "connect ssl $ver") || diag @output;
    66. 

  66.     like($output[0], qr/NRPE v.*/, "connect ssl $ver response") || diag @output;
    67. 

  67. }
    68. 

  68. 

  69. 

  70. done_testing();
    71.