diff options
| author | Philip Hands <phil@hands.com> | 2016-03-14 15:36:16 +0100 |
|---|---|---|
| committer | Holger Levsen <holger@layer-acht.org> | 2016-04-28 21:52:10 +0200 |
| commit | da080c472fc415b0ce918f4dd4a1ab143bb1bca4 (patch) | |
| tree | bf63179f32f0eda0c2d5796e3e31c18c3c1185cf /features/step_definitions/firewall_leaks.rb | |
| parent | 26a9e8ec2bcae03db4d663d87b44d8708d64fdc2 (diff) | |
| download | jenkins.debian.net-da080c472fc415b0ce918f4dd4a1ab143bb1bca4.tar.xz | |
rough attempt to grab the good cucumber bits from recent tails
Diffstat (limited to 'features/step_definitions/firewall_leaks.rb')
| -rw-r--r-- | features/step_definitions/firewall_leaks.rb | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/features/step_definitions/firewall_leaks.rb b/features/step_definitions/firewall_leaks.rb index 79ae0de3..942d00b8 100644 --- a/features/step_definitions/firewall_leaks.rb +++ b/features/step_definitions/firewall_leaks.rb @@ -1,25 +1,25 @@ Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type| - next if @skip_steps_while_restoring_background - leaks = FirewallLeakCheck.new(@sniffer.pcap_file, get_tor_relays) + leaks = FirewallLeakCheck.new(@sniffer.pcap_file, + :accepted_hosts => get_all_tor_nodes) case type.downcase when 'ipv4 tcp' if leaks.ipv4_tcp_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv4 TCP leaks" end when 'ipv4 non-tcp' if leaks.ipv4_nontcp_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv4 non-TCP leaks" end when 'ipv6' if leaks.ipv6_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv6 leaks" end when 'non-ip' if leaks.nonip_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any non-IP leaks" end else @@ -28,9 +28,8 @@ Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type| end Given(/^I disable Tails' firewall$/) do - next if @skip_steps_while_restoring_background - @vm.execute("/usr/local/sbin/do_not_ever_run_me") - iptables = @vm.execute("iptables -L -n -v").stdout.chomp.split("\n") + $vm.execute("/usr/local/lib/do_not_ever_run_me") + iptables = $vm.execute("iptables -L -n -v").stdout.chomp.split("\n") for line in iptables do if !line[/Chain (INPUT|OUTPUT|FORWARD) \(policy ACCEPT/] and !line[/pkts[[:blank:]]+bytes[[:blank:]]+target/] and @@ -41,20 +40,17 @@ Given(/^I disable Tails' firewall$/) do end When(/^I do a TCP DNS lookup of "(.*?)"$/) do |host| - next if @skip_steps_while_restoring_background - lookup = @vm.execute("host -T #{host} #{$some_dns_server}", $live_user) + lookup = $vm.execute("host -T #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") end When(/^I do a UDP DNS lookup of "(.*?)"$/) do |host| - next if @skip_steps_while_restoring_background - lookup = @vm.execute("host #{host} #{$some_dns_server}", $live_user) + lookup = $vm.execute("host #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") end When(/^I send some ICMP pings$/) do - next if @skip_steps_while_restoring_background # We ping an IP address to avoid a DNS lookup - ping = @vm.execute("ping -c 5 #{$some_dns_server}", $live_user) - assert(ping.success?, "Failed to ping #{$some_dns_server}:\n#{ping.stderr}") + ping = $vm.execute("ping -c 5 #{SOME_DNS_SERVER}") + assert(ping.success?, "Failed to ping #{SOME_DNS_SERVER}:\n#{ping.stderr}") end |