From 2ea0d63d1bcb01d008b4d387c8d99218a73b4620 Mon Sep 17 00:00:00 2001
From: Landon Fuller <landonf@opendarwin.org>
Date: Sun, 8 Jan 2006 22:35:34 +0000
Subject: [PATCH] Add encryption regression test

git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@2728 91ce42f0-d328-0410-95d8-f526ca767f89
---
 regress/scripts/copy-crypto-confs        |  6 ++
 regress/scripts/crypto-bacula-fd.conf.in | 36 +++++++++++
 regress/scripts/cryptokeypair.pem        | 53 +++++++++++++++++
 regress/scripts/do_sed                   |  1 +
 regress/tests/filed-crypto-test          | 76 ++++++++++++++++++++++++
 5 files changed, 172 insertions(+)
 create mode 100755 regress/scripts/copy-crypto-confs
 create mode 100644 regress/scripts/crypto-bacula-fd.conf.in
 create mode 100644 regress/scripts/cryptokeypair.pem
 create mode 100755 regress/tests/filed-crypto-test

diff --git a/regress/scripts/copy-crypto-confs b/regress/scripts/copy-crypto-confs
new file mode 100755
index 0000000000..28df20cb21
--- /dev/null
+++ b/regress/scripts/copy-crypto-confs
@@ -0,0 +1,6 @@
+#!/bin/sh
+/bin/cp -f scripts/new-test-bacula-dir.conf bin/bacula-dir.conf
+/bin/cp -f scripts/test-bacula-sd.conf bin/bacula-sd.conf
+/bin/cp -f scripts/crypto-bacula-fd.conf bin/bacula-fd.conf
+/bin/cp -f scripts/test-console.conf bin/bconsole.conf
+/bin/cp -f scripts/cryptokeypair.pem bin/cryptokeypair.pem
diff --git a/regress/scripts/crypto-bacula-fd.conf.in b/regress/scripts/crypto-bacula-fd.conf.in
new file mode 100644
index 0000000000..ec4152d2b8
--- /dev/null
+++ b/regress/scripts/crypto-bacula-fd.conf.in
@@ -0,0 +1,36 @@
+#
+# Default  Bacula File Daemon Configuration file
+#
+#  For Bacula release 1.33
+#
+# There is not much to change here except perhaps the
+# File daemon Name to
+#
+
+#
+# List Directors who are permitted to contact this File daemon
+#
+Director {
+  Name = @hostname@-dir
+  Password = "xevrjURYoCHhn26RaJoWbeWXEY/a3VqGKp/37tgWiuHc"
+}
+
+#
+# "Global" File daemon configuration specifications
+#
+FileDaemon {                          # this is me
+  Name = @hostname@-fd
+  FDport = 8102                  # where we listen for the director
+  WorkingDirectory = "@working_dir@"
+  Pid Directory = "@piddir@"
+  SubSys Directory = "@subsysdir@"
+  PKI Signatures = Yes
+  PKI Encryption = Yes
+  PKI Keypair = "@scriptdir@/cryptokeypair.pem"
+}
+
+# Send all messages except skipped files back to Director
+Messages {
+  Name = Standard
+  director = @hostname@-dir = all, !terminate
+}
diff --git a/regress/scripts/cryptokeypair.pem b/regress/scripts/cryptokeypair.pem
new file mode 100644
index 0000000000..a9ee617a1b
--- /dev/null
+++ b/regress/scripts/cryptokeypair.pem
@@ -0,0 +1,53 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA0sNbRqIUnck2ztve3GNRaMZSz95KauSqlMPSQV+i0jZNXm31
+bemJKDbeYr7NBIo5C8FqLlUgk3nh+GzeoQ+wTJ3qphdY+I4rL3q8kweDjSpvnXBw
+L722jH+UOSKDeRol7lMCOwooyY0r4cSsE/AIHfKts6D2DV8hUzbuxy1s4wwfJDnF
+BQtpXJbLL7JfAKYlgqHBteDLkfKikcqIuPGjvcsKBsun4HXZuQ1y1looRW6N7UM/
+QwBfRYpJVQc4h/mwue2gzhChlOTWyKJKZxuiwftTv7xHXw/yUpeth6OdALj8sbOB
+OXMV9Hb3HSO3UftI2LpwuzKW6OgBXWAecuYGxQIDAQABAoIBAQCGchQxtIbOOGL8
+BgneMITn/0soSrbSBVhDWb8v8J/e1MD58c7T9FuICahG+UuzD7FgLFtdfvQu31sk
+q95Ag8+EsF/U36Pjul0WBodwiySB0oYsumL2MWDXszKMV9XiVKnJo64Sl2J5X9KU
+TG8wsLec0we3RIBw+zQ47xvWdsW09wfdDg38f6mUlcoH5uAlMkGILAm5myo8vZ1r
+0GNmV5m60FKm9K0pGVTUk2KhdenMQYyOMPhJB5J+corkJN0FqFosfl6E1zlavqff
+olq/oviZEeoGZrOjnKhm/xFXI9N0iO9sdgKV/5sFXAk+XyJSeMU3DQHcpnXU+Dro
+Ow/VKoABAoGBAPO5BJQQombCOrPMPUM3IgEOJX7xDvni/Bh6VAnZVvHndiPWwjpS
+u6fuq77++hHOzhZsGZKYEc83amSIOnFAXQav7UCRZhHR9bWyHsBNK8hpDI5yYsag
+0SUOS8TSvhxpY4UlaWlnIVwH3OYmcAFdEyfXbPyOt3ayH+BiY3/Br7bFAoGBAN1h
+TOhKJERbGGkQ4d/QHWjjjnXnBSje6UAZNyJa0/L9Lc9TquePYK5noeTl1fU2LLPo
+l41T2BFb/0iuxYuobb8vPc0IRmRMAMLeoRCS7V2Gds3fhqINndnfASOEAuqDfcKQ
+mpYjNbYGFNn40YQNaAn7Uxs5vhb4kP5OY62rQhABAoGAGPysAn4eGEjrecmDsmNx
+oggQQg52yZnC3MOV4BifOFfRneUDrrUStinbA87iVncMW/IjQQtEMClvR/VLgJbn
+sqrQuSDvBP6woTssuexvg7F5bxU9GT4dkx3/GKO+h+0qHdlzEDJZkjTgKdxg+VLQ
+hvIoI1CCcLHcYMXVi6CQ4j0CgYEAjHAYYNf/79k2QBi0oc4dihepnUQD8uyOXdph
+LoseH+za7cZvCdzcAWe+vT3MoHVQoITx93bz//czmIE+0pzzmjA27WXNefz5EqY2
+2RPMPuN5ZJrjhtRKihc9WrF5RBpMYmxnlM0bWrC685g0GaiDkql8DC5yV5IyMRG7
+jEWzcAECgYAb78NE1FvfBF+z8H2j+Pa0uyuFF1YNW2dr/v0p2atE2AUzxA/Soo2V
+8G+c9qQlYequcrQLN19tZAs9DCUFdCw+lMlKBoJiWVOA33L2neT1UpDY+64rFZL6
+S91HXGq2FKjFTovcDsfw5CgHk64zn9BzX4peCGkbDkbxh7wadx4Hkw==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIEcTCCA1mgAwIBAgIJAL/Bgtto2kTWMA0GCSqGSIb3DQEBBAUAMIGBMQswCQYD
+VQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQg
+V2lkZ2l0cyBQdHkgTHRkMRkwFwYDVQQDExB0ZXN0LmV4YW1wbGUuY29tMR8wHQYJ
+KoZIhvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tMB4XDTA1MTEwMjAzMTI1MloXDTA1
+MTIwMjAzMTI1MlowgYExCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRl
+MSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEHRl
+c3QuZXhhbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20w
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSw1tGohSdyTbO297cY1Fo
+xlLP3kpq5KqUw9JBX6LSNk1ebfVt6YkoNt5ivs0EijkLwWouVSCTeeH4bN6hD7BM
+neqmF1j4jisveryTB4ONKm+dcHAvvbaMf5Q5IoN5GiXuUwI7CijJjSvhxKwT8Agd
+8q2zoPYNXyFTNu7HLWzjDB8kOcUFC2lclssvsl8ApiWCocG14MuR8qKRyoi48aO9
+ywoGy6fgddm5DXLWWihFbo3tQz9DAF9FiklVBziH+bC57aDOEKGU5NbIokpnG6LB
++1O/vEdfD/JSl62Ho50AuPyxs4E5cxX0dvcdI7dR+0jYunC7Mpbo6AFdYB5y5gbF
+AgMBAAGjgekwgeYwHQYDVR0OBBYEFGGSblAAcqocdavoGyiTv88YuHLaMIG2BgNV
+HSMEga4wgauAFGGSblAAcqocdavoGyiTv88YuHLaoYGHpIGEMIGBMQswCQYDVQQG
+EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk
+Z2l0cyBQdHkgTHRkMRkwFwYDVQQDExB0ZXN0LmV4YW1wbGUuY29tMR8wHQYJKoZI
+hvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tggkAv8GC22jaRNYwDAYDVR0TBAUwAwEB
+/zANBgkqhkiG9w0BAQQFAAOCAQEAO16yp0yQjglmDLXsoBofRTKynP3R3Z5wWy7D
+YvLAUcR/AvG+WZRfrTmi8fZ+Km5rbVrujPsWiK27k6Md0380Z3KY+mjnCcElxNbA
+7I5CG2NZEkmequyy5p/crexUg/TZdvvF0xmJyUS7ArPv7yzSXtncvSvoBaj1AdK7
+R3OFKhG8KBSfAmrSylBQDONuuvM851XO5KKSyXSJa8R7bs5hHcBCILAEYKklWopp
+JuPJqB/zaIymY5KrpKJE4z80Nv0IAE5aP1JX5g80/R/pzPjWkpIYtkUjDOZs3fDR
+eJA2cUWE0WoVE4fTGYLHAXrIV1wkn4Onu48nq94HhUpyc2brLw==
+-----END CERTIFICATE-----
diff --git a/regress/scripts/do_sed b/regress/scripts/do_sed
index 6c465e7489..ddcc0388c5 100755
--- a/regress/scripts/do_sed
+++ b/regress/scripts/do_sed
@@ -39,6 +39,7 @@ sed -f ${out} ${cwd}/scripts/testa-bacula-dir.conf.in >${cwd}/scripts/testa-bacu
 sed -f ${out} ${cwd}/scripts/test-bacula-fd.conf.in >${cwd}/scripts/test-bacula-fd.conf
 sed -f ${out} ${cwd}/scripts/test-bacula-sd.conf.in >${cwd}/scripts/test-bacula-sd.conf
 sed -f ${out} ${cwd}/scripts/test-console.conf.in >${cwd}/scripts/test-console.conf
+sed -f ${out} ${cwd}/scripts/crypto-bacula-fd.conf.in >${cwd}/scripts/crypto-bacula-fd.conf
 sed -f ${out} ${cwd}/scripts/bacula-dir-tape.conf.in >${cwd}/scripts/bacula-dir-tape.conf
 sed -f ${out} ${cwd}/scripts/win32-bacula-dir-tape.conf.in >${cwd}/scripts/win32-bacula-dir-tape.conf
 sed -f ${out} ${cwd}/scripts/bacula-sd-tape.conf.in >${cwd}/scripts/bacula-sd-tape.conf
diff --git a/regress/tests/filed-crypto-test b/regress/tests/filed-crypto-test
new file mode 100755
index 0000000000..19037d8a01
--- /dev/null
+++ b/regress/tests/filed-crypto-test
@@ -0,0 +1,76 @@
+#!/bin/sh
+#
+# Run a simple backup (with encryption) of the Bacula build directory
+#   then verify the signatures.
+#
+debug=0
+if test "$debug" -eq 1 ; then
+  out="tee"
+else
+  out="output"
+fi
+
+cwd=`pwd`
+scripts/copy-crypto-confs
+scripts/cleanup
+echo "${cwd}/build" >/tmp/file-list
+
+echo " "
+echo " "
+echo " === Starting Filed Encryption Test at `date +%R:%S` ==="
+echo " === Starting Filed Encryption Test at `date +%R:%S` ===" >>working/log
+echo " "
+
+cat <<END_OF_DATA >tmp/bconcmds
+@$out /dev/null
+messages
+@$out tmp/log1.out
+setdebug level=1 storage=File sd
+label storage=File volume=TestVolume001
+run job=NightlySave yes
+wait
+messages
+@# 
+@# now do a verify volume
+@#
+@$out ${cwd}/tmp/original
+run job=VerifyVolume
+yes
+wait
+messages
+@$out
+quit
+END_OF_DATA
+
+if test "$debug" -eq 1 ; then
+  bin/bacula start
+  cat tmp/bconcmds | bin/bconsole -c bin/bconsole.conf
+else
+  bin/bacula start 2>&1 >/dev/null
+  cat tmp/bconcmds | bin/bconsole -c bin/bconsole.conf  2>&1 >/dev/null
+fi
+
+sleep 2
+scripts/check_for_zombie_jobs storage=File 
+bin/bacula stop 2>&1 >/dev/null
+grep "^  Termination: *Backup OK" tmp/log1.out 2>&1 >/dev/null
+bstat=$?
+grep "^  Termination: *Verify OK" ${cwd}/tmp/original 2>&1 >/dev/null
+if [ $? != 0 -o $bstat != 0 ] ; then
+   echo " "
+   echo " "
+   echo "  !!!!! Filed Encryption Verification failed!!! !!!!! "
+   echo "  !!!!! Filed Encryption Verification failed!!! !!!!! " >>test.out
+   if [ $bstat != 0 ] ; then
+      echo "  !!!!! Bad Job termination status     !!!!! "
+      echo "  !!!!! Bad Job termination status     !!!!! " >>test.out
+   else
+      echo "  !!!!! Restored files differ          !!!!! "
+      echo "  !!!!! Restored files differ          !!!!! " >>test.out
+   fi
+   echo " "
+else
+   echo "  ===== Filed Encryption Verification Test OK ===== "
+   echo "  ===== Filed Encryption Verification Test OK ===== " >>test.out
+   scripts/cleanup
+fi
-- 
2.39.5