From da080c472fc415b0ce918f4dd4a1ab143bb1bca4 Mon Sep 17 00:00:00 2001 From: Philip Hands Date: Mon, 14 Mar 2016 15:36:16 +0100 Subject: rough attempt to grab the good cucumber bits from recent tails --- features/step_definitions/firewall_leaks.rb | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) (limited to 'features/step_definitions/firewall_leaks.rb') diff --git a/features/step_definitions/firewall_leaks.rb b/features/step_definitions/firewall_leaks.rb index 79ae0de3..942d00b8 100644 --- a/features/step_definitions/firewall_leaks.rb +++ b/features/step_definitions/firewall_leaks.rb @@ -1,25 +1,25 @@ Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type| - next if @skip_steps_while_restoring_background - leaks = FirewallLeakCheck.new(@sniffer.pcap_file, get_tor_relays) + leaks = FirewallLeakCheck.new(@sniffer.pcap_file, + :accepted_hosts => get_all_tor_nodes) case type.downcase when 'ipv4 tcp' if leaks.ipv4_tcp_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv4 TCP leaks" end when 'ipv4 non-tcp' if leaks.ipv4_nontcp_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv4 non-TCP leaks" end when 'ipv6' if leaks.ipv6_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any IPv6 leaks" end when 'non-ip' if leaks.nonip_leaks.empty? - save_pcap_file + leaks.save_pcap_file raise "Couldn't detect any non-IP leaks" end else @@ -28,9 +28,8 @@ Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type| end Given(/^I disable Tails' firewall$/) do - next if @skip_steps_while_restoring_background - @vm.execute("/usr/local/sbin/do_not_ever_run_me") - iptables = @vm.execute("iptables -L -n -v").stdout.chomp.split("\n") + $vm.execute("/usr/local/lib/do_not_ever_run_me") + iptables = $vm.execute("iptables -L -n -v").stdout.chomp.split("\n") for line in iptables do if !line[/Chain (INPUT|OUTPUT|FORWARD) \(policy ACCEPT/] and !line[/pkts[[:blank:]]+bytes[[:blank:]]+target/] and @@ -41,20 +40,17 @@ Given(/^I disable Tails' firewall$/) do end When(/^I do a TCP DNS lookup of "(.*?)"$/) do |host| - next if @skip_steps_while_restoring_background - lookup = @vm.execute("host -T #{host} #{$some_dns_server}", $live_user) + lookup = $vm.execute("host -T #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") end When(/^I do a UDP DNS lookup of "(.*?)"$/) do |host| - next if @skip_steps_while_restoring_background - lookup = @vm.execute("host #{host} #{$some_dns_server}", $live_user) + lookup = $vm.execute("host #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") end When(/^I send some ICMP pings$/) do - next if @skip_steps_while_restoring_background # We ping an IP address to avoid a DNS lookup - ping = @vm.execute("ping -c 5 #{$some_dns_server}", $live_user) - assert(ping.success?, "Failed to ping #{$some_dns_server}:\n#{ping.stderr}") + ping = $vm.execute("ping -c 5 #{SOME_DNS_SERVER}") + assert(ping.success?, "Failed to ping #{SOME_DNS_SERVER}:\n#{ping.stderr}") end -- cgit v1.2.3-70-g09d2