Mercurial Mercurial > hg > ius > nagios > nagios-plugin-tlsa / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
t/check_tlsa_record.t
changeset 25 e97dd97b582c
parent 24 d98e12e07560
child 26 3190e55f104b 
--- a/t/check_tlsa_record.t	Tue Jun 07 14:36:03 2016 +0200
+++ b/t/check_tlsa_record.t	Wed Jun 08 22:32:36 2016 +0200
@@ -12,41 +12,40 @@
 my $domain  = 'ssl.schlittermann.de';
 my $domain2 = 'torproject.org';
 my $domain3 = 'freebsd.org';
+my $domain4 = 'bad-hash.dane.verisignlabs.com'; # The TLSA record for this server has an incorrect hash value, although it is correctly signed with DNSSEC
 
 #smtpdomains
 my $sdomain = 'hh.schlittermann.de';
 
 
-#Test main()
+sub test_main() {
+ my $test_main_default_port = Nagios::Check::DNS::check_tlsa_record::main(($domain));
+ like($test_main_default_port, qr(OK: .* is valid), 'main() ok with domain and default port 443');
 
-sub test_main() {
-  my $test_main_default_port = Nagios::Check::DNS::check_tlsa_record::main(($domain));
-  like($test_main_default_port, qr(OK: .* is valid), 'main() ok with domain and default port 443');
-
-  my $test_main_domain_and_port = Nagios::Check::DNS::check_tlsa_record::main(($sdomain, 25));
-  like($test_main_domain_and_port, qr(OK: .* is valid), 'main() ok with domain and port');
+ my $test_main_domain_and_port = Nagios::Check::DNS::check_tlsa_record::main(($sdomain, 25));
+ like($test_main_domain_and_port, qr(OK: .* is valid), 'main() ok with domain and port');
 
-  my $test_main_domain_port_protocol = Nagios::Check::DNS::check_tlsa_record::main(($domain3, 443, 'tcp'));
-  like($test_main_domain_port_protocol, qr(OK: .* is valid), 'main() ok with domain, port and protocol');
+ my $test_main_domain_port_protocol = Nagios::Check::DNS::check_tlsa_record::main(($domain3, 443, 'tcp'));
+ like($test_main_domain_port_protocol, qr(OK: .* is valid), 'main() ok with domain, port and protocol');
 
-  my $test_main_no_tlsa = Nagios::Check::DNS::check_tlsa_record::main(($sdomain));
-  like($test_main_no_tlsa, qr(WARNING: .*), 'main() warning when no SSL-Certificate is available or dig returns no tlsa');
+  my $test_main_no_tlsa = Nagios::Check::DNS::check_tlsa_record::main(('google.com'));
+  like($test_main_no_tlsa, qr(WARNING: .*), 'main() warning when no SSL-Certificate  or no TLSA-Record/DANE is available');
 
-  my $test_main_default_port2 = Nagios::Check::DNS::check_tlsa_record::main(($domain2));
-  like($test_main_default_port2, qr(CRITICAL: .* valid), 'main() critical with domain and default port 443');
+  my $test_main_default_port2 = Nagios::Check::DNS::check_tlsa_record::main(($domain4));
+  like($test_main_default_port2, qr(CRITICAL: .* valid), 'main() critical when DANE not valid.');
 
 }
 
-sub test_dig() {
+#sub test_dig() {
 
 #my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::dig_tlsa($domain, 25, 'tcp');
-my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::get_tlsa_from_dns($domain, 443);
-like($test_dig_tlsa, qr(^[0-3]{1}\s[01]{1}\s[0-2]{1}\s[A-F0-9]{56}\s[A-F0-9]{8}), 'dig_tlsa() returnd format looks like an valid answer to dig tlsa');
+#my $test_dig_tlsa = Nagios::Check::DNS::check_tlsa_record::get_tlsa_from_dns($domain, 443);
+#like($test_dig_tlsa, qr(^[0-3]{1}\s[01]{1}\s[0-2]{1}\s[A-F0-9]{56}\s[A-F0-9]{8}), 'dig_tlsa() returnd format looks like an valid answer to dig tlsa');
 
-}
+#}
 
-#test_main();
-test_dig();
+test_main();
+#test_dig();
ius/nagios/nagios-plugin-tlsa