From 36669eb565e00c5e5cf986e27dc5b14b9fc223c2 Mon Sep 17 00:00:00 2001
From: Michal Rakowski <michal.rakowski@baculasystems.com>
Date: Wed, 23 Jun 2021 00:22:05 +0200
Subject: [PATCH] regress: add test for daemon<->daemon connection logs

---
 regress/scripts/functions                     |  44 +++++
 .../tests/daemons-connection-copy-log-test    |  67 +++++++
 regress/tests/daemons-connection-log-test     | 144 +++++++++++++++
 .../tests/daemons-connection-verify-log-test  | 172 ++++++++++++++++++
 .../daemons-connection-virt_full-log-test     |  63 +++++++
 5 files changed, 490 insertions(+)
 create mode 100755 regress/tests/daemons-connection-copy-log-test
 create mode 100755 regress/tests/daemons-connection-log-test
 create mode 100755 regress/tests/daemons-connection-verify-log-test
 create mode 100755 regress/tests/daemons-connection-virt_full-log-test

diff --git a/regress/scripts/functions b/regress/scripts/functions
index 200c2c17e..414aff276 100755
--- a/regress/scripts/functions
+++ b/regress/scripts/functions
@@ -261,6 +261,50 @@ EOF
    reset_test
 }
 
+# Helper to check if all expected connection logs occured
+# arg1: logfile to check
+# arg2: with or without tls expected
+# arg3: expected DIR->SD log lines
+# arg4: expected DIR->FD log lines
+# arg5: expected FD->SD log lines
+# arg6: expected SD->FD log lines
+check_connection_tls_logs()
+{
+   tls_str="with TLS"
+   if [ $2 -eq 0 ]; then
+      tls_str="without encryption"
+   fi
+
+   n=`cat $1 | grep ".*\-dir .* Connected to Storage .* ${tls_str}" | wc -l`
+   if [ $n -ne $3 ]; then
+      estat=1
+      print_debug "Wrong log lines regarding Director Connecting Storage ${tls_str}: ${n} in restore log, expected $3"
+      print_debug "see: $1"
+   fi
+
+
+   n=`cat $1 | grep ".*\-dir .* Connected to Client .* ${tls_str}" | wc -l`
+   if [ $n -ne $4 ]; then
+      estat=1
+      print_debug "Wrong log lines regarding Director Connecting Client ${tls_str}: ${n} in restore log, expected $4"
+      print_debug "see: $1"
+   fi
+
+   n=`cat $1 | grep ".*\-sd .* Connected to Client .* ${tls_str}" | wc -l`
+   if [ $n -ne $5 ]; then
+      estat=1
+      print_debug "Wrong log lines regarding Storage Connecting Client ${tls_str}: ${n} in restore log, expected $5"
+      print_debug "see: $1"
+   fi
+
+   n=`cat $1 | grep ".*\-fd .* Connected to Storage .* ${tls_str}" | wc -l`
+   if [ $n -ne $6 ]; then
+      estat=1
+      print_debug "Wrong log lines regarding Client Connecting Storage ${tls_str}: ${n} in restore log, expected $6"
+      print_debug "see: $1"
+   fi
+}
+
 set_debugsettings()
 {
    if [ -f $log_setdebug ]; then rm $log_setdebug; fi
diff --git a/regress/tests/daemons-connection-copy-log-test b/regress/tests/daemons-connection-copy-log-test
new file mode 100755
index 000000000..e16a51a0f
--- /dev/null
+++ b/regress/tests/daemons-connection-copy-log-test
@@ -0,0 +1,67 @@
+#!/bin/sh
+#
+# Copyright (C) 2000-2021 Kern Sibbald
+# License: BSD 2-Clause; see file LICENSE-FOSS
+#
+# Test for verification if proper message is being logged depending on TLS usage for the daemons
+# during copy jobs
+#
+TestName="daemons-connection-copy-log-test"
+JobName=CopyJobSave
+. scripts/functions
+
+scripts/cleanup
+scripts/copy-migration-confs
+echo "${cwd}/build" >${cwd}/tmp/file-list
+sed 's/migrate/copy/g' ${cwd}/bin/bacula-dir.conf > ${cwd}/tmp/1
+sed 's/Migrate/Copy/g' ${cwd}/tmp/1 > ${cwd}/bin/bacula-dir.conf
+change_jobname NightlySave $JobName
+
+cat <<END_OF_DATA >${cwd}/tmp/bconcmds
+@output /dev/null
+messages
+@$out ${cwd}/tmp/log1.out
+label storage=File volume=FileVolume001 Pool=Default
+label storage=DiskChanger volume=ChangerVolume001 slot=1 Pool=Full drive=0
+label storage=DiskChanger volume=ChangerVolume002 slot=2 Pool=Full drive=0
+run job=$JobName yes
+wait
+messages
+@$out ${cwd}/tmp/log2.out
+run job=copy-job yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+check_connection_tls_logs $tmp/log2.out 1 2 0 0 0
+tmp_estat=$((tmp_estat+estat))
+
+# Disable TLS for DIR <-> SD
+$bperl -e 'add_attribute("$conf/bacula-sd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for DIR <-> FD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for FD <-> SD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "FileDaemon")'
+
+cat <<END_OF_DATA >${cwd}/tmp/bconcmds
+@$out ${cwd}/tmp/log3.out
+run job=copy-job $run_spooldata yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+check_connection_tls_logs $tmp/log3.out 0 2 0 0 0
+tmp_estat=$((tmp_estat+estat))
+
+estat=$tmp_estat
+end_test
diff --git a/regress/tests/daemons-connection-log-test b/regress/tests/daemons-connection-log-test
new file mode 100755
index 000000000..078ceff2d
--- /dev/null
+++ b/regress/tests/daemons-connection-log-test
@@ -0,0 +1,144 @@
+#!/bin/sh
+#
+# Copyright (C) 2000-2021 Kern Sibbald
+# License: BSD 2-Clause; see file LICENSE-FOSS
+#
+# Test for verification if proper message is being logged depending on TLS usage for the daemons
+# during normal backup and restore
+#
+TestName="daemons-connection-log-test"
+JobName=backup
+. scripts/functions
+
+scripts/cleanup
+scripts/copy-confs
+
+change_jobname BackupClient1 $JobName
+start_test
+
+################ CHECK ENCRYPTED CONNECTION LOGS #######
+# Run backup job with default settings (TLS on)
+cat <<END_OF_DATA >$tmp/bconcmds
+@output /dev/null
+messages
+@$out $tmp/log1.out
+label volume=TestVolume001 storage=File1 pool=File slot=1 drive=0
+@$out $tmp/log2.out
+run job=$JobName yes
+wait
+messages
+@$out $tmp/log3.out
+restore where=$tmp/bacula-restores select all done
+yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during backup
+check_connection_tls_logs $tmp/log2.out 1 1 1 0 1
+
+# Check if expected messages were logged for each daemon during restore
+check_connection_tls_logs $tmp/log3.out 1 1 1 0 1
+
+# Enable SD Calls Client and check logs once more (FD<->SD logs should not be observed now)
+$bperl -e 'add_attribute("$conf/bacula-dir.conf", "SD Calls Client", "yes", "Client")'
+
+# Run backup job with default settings (TLS on), this time with SD Calls Client
+cat <<END_OF_DATA >$tmp/bconcmds
+@output /dev/null
+messages
+@$out $tmp/log4.out
+run job=$JobName yes
+wait
+messages
+@$out $tmp/log5.out
+restore where=$tmp/bacula-restores select all done
+yes
+wait
+messages
+quit
+END_OF_DATA
+
+tmp_estat=$((tmp_estat+estat))
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during backup
+check_connection_tls_logs $tmp/log4.out 1 1 1 1 0
+
+# Check if expected messages were logged for each daemon during restore
+check_connection_tls_logs $tmp/log5.out 1 1 1 1 0
+
+############# CHECK NON-ENCRYPTED CONNECTION LOGS #################
+
+# Disable TLS for DIR <-> SD
+$bperl -e 'add_attribute("$conf/bacula-sd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for DIR <-> FD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for FD <-> SD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "FileDaemon")'
+
+# Disable SD Calls Client for the first run
+sed -i 's/SD Calls Client/#SD Calls Client/g' $conf/bacula-dir.conf
+
+# Run job once more, this time with TLS turned off
+cat <<END_OF_DATA >$tmp/bconcmds
+@$out $tmp/log6.out
+run job=$JobName yes
+wait
+messages
+@$out $tmp/log7.out
+restore where=$tmp/bacula-restores select all done
+yes
+wait
+messages
+quit
+END_OF_DATA
+
+tmp_estat=$((tmp_estat+estat))
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during backup
+check_connection_tls_logs $tmp/log6.out 0 1 1 0 1
+
+# Check if expected messages were logged for each daemon during restore
+check_connection_tls_logs $tmp/log7.out 0 1 1 0 1
+
+#########################
+# Enable SD Calls Client and check logs once more
+sed -i 's/#SD Calls Client/SD Calls Client/g' $conf/bacula-dir.conf
+
+# Run job once more, this time with TLS turned off
+cat <<END_OF_DATA >$tmp/bconcmds
+@$out $tmp/log8.out
+run job=$JobName yes
+wait
+messages
+@$out $tmp/log9.out
+restore where=$tmp/bacula-restores select all done
+yes
+wait
+messages
+quit
+END_OF_DATA
+
+tmp_estat=$((tmp_estat+estat))
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during backup
+check_connection_tls_logs $tmp/log8.out 0 1 1 1 0
+
+# Check if expected messages were logged for each daemon during restore
+check_connection_tls_logs $tmp/log9.out 0 1 1 1 0
+
+end_test
diff --git a/regress/tests/daemons-connection-verify-log-test b/regress/tests/daemons-connection-verify-log-test
new file mode 100755
index 000000000..e79a25519
--- /dev/null
+++ b/regress/tests/daemons-connection-verify-log-test
@@ -0,0 +1,172 @@
+#!/bin/sh
+#
+# Copyright (C) 2000-2021 Kern Sibbald
+# License: BSD 2-Clause; see file LICENSE-FOSS
+#
+# Test for verification if proper message is being logged depending on TLS usage for the daemons
+# during verify jobs
+#
+TestName="daemons-connection-verify-log-test"
+JobName=VerifyCatalog
+. scripts/functions
+
+cwd=`pwd`
+scripts/cleanup
+scripts/copy-test-confs
+
+# Make backup a bit faster
+echo "${cwd}/build/manpages" >${cwd}/tmp/file-list
+
+change_jobname NightlySave $JobName
+start_test
+
+cat <<END_OF_DATA >tmp/bconcmds
+@output /dev/null
+messages
+@$out tmp/log1.out
+label storage=File volume=TestVolume001
+run level=full job=$JobName yes
+wait
+messages
+@$out tmp/log2.out
+run job=VerifyVolume level=Data yes
+wait
+messages
+@$out tmp/log3.out
+run job=VerifyVolume level=VolumeToCatalog yes
+wait
+messages
+@$out tmp/log4.out
+run job=VerifyVolume level=DiskToCatalog yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during 'Data' verify
+check_connection_tls_logs $tmp/log2.out 1 1 1 0 1
+
+# Check if expected messages were logged for each daemon during 'VolumeToCatalog' verify
+check_connection_tls_logs $tmp/log3.out 1 1 1 0 1
+
+# Check if expected messages were logged for each daemon during 'DiskToCatalog' verify
+check_connection_tls_logs $tmp/log4.out 1 0 1 0 0
+
+tmp_estat=$((tmp_estat+estat))
+
+$bperl -e 'add_attribute("$conf/bacula-dir.conf", "SD Calls Client", "yes", "Client")'
+
+cat <<END_OF_DATA >tmp/bconcmds
+@$out tmp/log5.out
+run job=VerifyVolume level=Data yes
+wait
+messages
+@$out tmp/log6.out
+run job=VerifyVolume level=VolumeToCatalog yes
+wait
+messages
+@$out tmp/log7.out
+run job=VerifyVolume level=DiskToCatalog yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during 'Data' verify
+check_connection_tls_logs $tmp/log5.out 1 1 1 1 0
+
+# Check if expected messages were logged for each daemon during 'VolumeToCatalog' verify
+check_connection_tls_logs $tmp/log6.out 1 1 1 1 0
+
+# Check if expected messages were logged for each daemon during 'DiskToCatalog' verify
+check_connection_tls_logs $tmp/log7.out 1 0 1 0 0
+
+tmp_estat=$((tmp_estat+estat))
+
+############# CHECK NON-ENCRYPTED CONNECTION LOGS #################
+
+# Disable TLS for DIR <-> SD
+$bperl -e 'add_attribute("$conf/bacula-sd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for DIR <-> FD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "Director")'
+# Disable TLS for FD <-> SD
+$bperl -e 'add_attribute("$conf/bacula-fd.conf", "TlsPskEnable", "no", "FileDaemon")'
+
+# Disable SD Calls Client for the first run
+sed -i 's/SD Calls Client/#SD Calls Client/g' $conf/bacula-dir.conf
+##########################
+
+cat <<END_OF_DATA >tmp/bconcmds
+@$out tmp/log8.out
+run job=VerifyVolume level=Data yes
+wait
+messages
+@$out tmp/log9.out
+run job=VerifyVolume level=VolumeToCatalog yes
+wait
+messages
+@$out tmp/log10.out
+run job=VerifyVolume level=DiskToCatalog yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during 'Data' verify
+check_connection_tls_logs $tmp/log8.out 0 1 1 0 1
+
+# Check if expected messages were logged for each daemon during 'VolumeToCatalog' verify
+check_connection_tls_logs $tmp/log9.out 0 1 1 0 1
+
+# Check if expected messages were logged for each daemon during 'DiskToCatalog' verify
+check_connection_tls_logs $tmp/log10.out 0 0 1 0 0
+
+tmp_estat=$((tmp_estat+estat))
+
+$bperl -e 'add_attribute("$conf/bacula-dir.conf", "SD Calls Client", "yes", "Client")'
+
+cat <<END_OF_DATA >tmp/bconcmds
+@$out tmp/log11.out
+run job=VerifyVolume level=Data yes
+wait
+messages
+@$out tmp/log12.out
+run job=VerifyVolume level=VolumeToCatalog yes
+wait
+messages
+@$out tmp/log13.out
+run job=VerifyVolume level=DiskToCatalog yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+# Check if expected messages were logged for each daemon during 'Data' verify
+check_connection_tls_logs $tmp/log11.out 0 1 1 1 0
+
+# Check if expected messages were logged for each daemon during 'VolumeToCatalog' verify
+check_connection_tls_logs $tmp/log12.out 0 1 1 1 0
+
+# Check if expected messages were logged for each daemon during 'DiskToCatalog' verify
+check_connection_tls_logs $tmp/log13.out 0 0 1 0 0
+
+tmp_estat=$((tmp_estat+estat))
+
+estat=$tmp_estat
+end_test
diff --git a/regress/tests/daemons-connection-virt_full-log-test b/regress/tests/daemons-connection-virt_full-log-test
new file mode 100755
index 000000000..b1de44c3c
--- /dev/null
+++ b/regress/tests/daemons-connection-virt_full-log-test
@@ -0,0 +1,63 @@
+#!/bin/sh
+#
+# Copyright (C) 2000-2021 Kern Sibbald
+# License: BSD 2-Clause; see file LICENSE-FOSS
+#
+# Test for verification if proper message is being logged depending on TLS usage for the daemons
+# during virtual full jobs
+#
+TestName="daemons-connection-virt_full-log-test"
+JobName=Vbackup
+. scripts/functions
+
+scripts/cleanup
+scripts/copy-migration-confs
+echo "${cwd}/build" >${cwd}/tmp/file-list
+
+change_jobname NightlySave $JobName
+
+start_test
+
+cat <<END_OF_DATA >${cwd}/tmp/bconcmds
+@output /dev/null
+messages
+@$out ${cwd}/tmp/log1.out
+label storage=File volume=FileVolume001 Pool=Default
+label storage=DiskChanger volume=ChangerVolume001 slot=1 Pool=Full drive=0
+label storage=DiskChanger volume=ChangerVolume002 slot=2 Pool=Full drive=0
+@exec "sh -c 'date > ${cwd}/build/date'"
+run job=$JobName level=Full yes
+wait
+messages
+list jobs
+@exec "sh -c 'touch ${cwd}/build/src/dird/*.c'"
+run job=$JobName level=Incremental yes
+wait
+messages
+list jobs
+@exec "sh -c 'touch ${cwd}/build/src/dird/*.o'"
+run job=$JobName level=Differential yes
+wait
+messages
+list jobs
+@exec "sh -c 'date > ${cwd}/build/date'"
+@exec "sh -c 'touch ${cwd}/build/src/dird/*.o'"
+run job=$JobName level=Incremental yes
+wait
+messages
+@$out ${cwd}/tmp/log2.out
+run job=$JobName level=VirtualFull yes
+wait
+messages
+quit
+END_OF_DATA
+
+run_bacula
+
+stop_bacula
+
+check_connection_tls_logs $tmp/log2.out 1 1 0 0 0
+tmp_estat=$((tmp_estat+estat))
+
+estat=$tmp_estat
+end_test
-- 
2.47.3