From 37083dbd40f1df286a50a351b2a80474bfc5e36d Mon Sep 17 00:00:00 2001
From: Martin Rubli <martin@rubli.info>
Date: Mon, 3 Jun 2024 22:44:18 +0200
Subject: [PATCH] test: backend-test: Add initial test cases for TLS monitor

---
 test/backend-test/test-tls.js | 65 +++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 test/backend-test/test-tls.js

diff --git a/test/backend-test/test-tls.js b/test/backend-test/test-tls.js
new file mode 100644
index 000000000..4cb946a94
--- /dev/null
+++ b/test/backend-test/test-tls.js
@@ -0,0 +1,65 @@
+const semver = require("semver");
+let test;
+const nodeVersion = process.versions.node;
+// Node.js version >= 18
+if (semver.satisfies(nodeVersion, ">= 18")) {
+    test = require("node:test");
+} else {
+    test = require("test");
+}
+
+const assert = require("node:assert");
+const { UP } = require("../../src/util");
+const { TlsMonitorType } = require("../../server/monitor-types/tls");
+
+test("TLS.01: HTTPS good", async () => {
+    const monitor = {
+        hostname: "httpstat.us",
+        port: 443,
+        tcpStartTls: false,
+        tcpRequest: "GET /200 HTTP/1.0\nHost: httpstat.us\n\n",
+        keyword: "HTTP/1.1 200 OK",
+        interval: 3,
+    };
+    const heartbeat = {
+        status: null,
+        msg: null,
+    };
+    await new TlsMonitorType().check(monitor, heartbeat, null);
+    assert.equal(heartbeat.status, UP);
+    assert.ok(heartbeat.msg.startsWith(`Keyword "${monitor.keyword}" contained in response`));
+});
+
+test("TLS.02: HTTPS expired", () => {
+    const monitor = {
+        hostname: "expired.badssl.com",
+        port: 443,
+        tcpStartTls: false,
+        tcpRequest: "GET / HTTP/1.0\nHost: expired.badssl.com\n\n",
+        keyword: "SHOULD NEVER GET THIS FAR",
+        interval: 3,
+    };
+    const heartbeat = {
+        status: null,
+        msg: null,
+    };
+    assert.rejects((new TlsMonitorType().check(monitor, heartbeat, null)),
+        (e) => e.message.includes("certificate has expired"));
+});
+
+test("TLS.03: HTTPS wrong host", () => {
+    const monitor = {
+        hostname: "wrong.host.badssl.com",
+        port: 443,
+        tcpStartTls: false,
+        tcpRequest: "GET / HTTP/1.0\nHost: wrong.host.badssl.com\n\n",
+        keyword: "SHOULD NEVER GET THIS FAR",
+        interval: 3,
+    };
+    const heartbeat = {
+        status: null,
+        msg: null,
+    };
+    assert.rejects((new TlsMonitorType().check(monitor, heartbeat, null)),
+        (e) => e.message.includes("Hostname/IP does not match certificate's altnames"));
+});