From a5d56e3b5443263b53b0487c81125123411bd0cf Mon Sep 17 00:00:00 2001 From: Philip Hands Date: Wed, 11 May 2016 17:11:01 +0200 Subject: move cucumber things under cucumber/ --- features/step_definitions/apt.rb | 56 -- features/step_definitions/browser.rb | 195 ---- features/step_definitions/build.rb | 115 --- features/step_definitions/checks.rb | 252 ----- features/step_definitions/common_steps.rb | 1086 --------------------- features/step_definitions/dhcp.rb | 19 - features/step_definitions/electrum.rb | 52 - features/step_definitions/encryption.rb | 133 --- features/step_definitions/evince.rb | 25 - features/step_definitions/firewall_leaks.rb | 56 -- features/step_definitions/git.rb | 6 - features/step_definitions/icedove.rb | 94 -- features/step_definitions/mac_spoofing.rb | 108 -- features/step_definitions/pidgin.rb | 467 --------- features/step_definitions/po.rb | 8 - features/step_definitions/root_access_control.rb | 42 - features/step_definitions/snapshots.rb | 257 ----- features/step_definitions/ssh.rb | 122 --- features/step_definitions/time_syncing.rb | 86 -- features/step_definitions/tor.rb | 402 -------- features/step_definitions/torified_browsing.rb | 5 - features/step_definitions/torified_gnupg.rb | 208 ---- features/step_definitions/torified_misc.rb | 41 - features/step_definitions/totem.rb | 43 - features/step_definitions/unsafe_browser.rb | 189 ---- features/step_definitions/untrusted_partitions.rb | 61 -- features/step_definitions/usb.rb | 596 ----------- 27 files changed, 4724 deletions(-) delete mode 100644 features/step_definitions/apt.rb delete mode 100644 features/step_definitions/browser.rb delete mode 100644 features/step_definitions/build.rb delete mode 100644 features/step_definitions/checks.rb delete mode 100644 features/step_definitions/common_steps.rb delete mode 100644 features/step_definitions/dhcp.rb delete mode 100644 features/step_definitions/electrum.rb delete mode 100644 features/step_definitions/encryption.rb delete mode 100644 features/step_definitions/evince.rb delete mode 100644 features/step_definitions/firewall_leaks.rb delete mode 100644 features/step_definitions/git.rb delete mode 100644 features/step_definitions/icedove.rb delete mode 100644 features/step_definitions/mac_spoofing.rb delete mode 100644 features/step_definitions/pidgin.rb delete mode 100644 features/step_definitions/po.rb delete mode 100644 features/step_definitions/root_access_control.rb delete mode 100644 features/step_definitions/snapshots.rb delete mode 100644 features/step_definitions/ssh.rb delete mode 100644 features/step_definitions/time_syncing.rb delete mode 100644 features/step_definitions/tor.rb delete mode 100644 features/step_definitions/torified_browsing.rb delete mode 100644 features/step_definitions/torified_gnupg.rb delete mode 100644 features/step_definitions/torified_misc.rb delete mode 100644 features/step_definitions/totem.rb delete mode 100644 features/step_definitions/unsafe_browser.rb delete mode 100644 features/step_definitions/untrusted_partitions.rb delete mode 100644 features/step_definitions/usb.rb (limited to 'features/step_definitions') diff --git a/features/step_definitions/apt.rb b/features/step_definitions/apt.rb deleted file mode 100644 index c69d2598..00000000 --- a/features/step_definitions/apt.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'uri' - -Given /^the only hosts in APT sources are "([^"]*)"$/ do |hosts_str| - hosts = hosts_str.split(',') - $vm.file_content("/etc/apt/sources.list /etc/apt/sources.list.d/*").chomp.each_line { |line| - next if ! line.start_with? "deb" - source_host = URI(line.split[1]).host - if !hosts.include?(source_host) - raise "Bad APT source '#{line}'" - end - } -end - -When /^I update APT using apt$/ do - Timeout::timeout(30*60) do - $vm.execute_successfully("echo #{@sudo_password} | " + - "sudo -S apt update", :user => LIVE_USER) - end -end - -Then /^I should be able to install a package using apt$/ do - package = "cowsay" - Timeout::timeout(120) do - $vm.execute_successfully("echo #{@sudo_password} | " + - "sudo -S apt install #{package}", - :user => LIVE_USER) - end - step "package \"#{package}\" is installed" -end - -When /^I update APT using Synaptic$/ do - @screen.click('SynapticReloadButton.png') - @screen.wait('SynapticReloadPrompt.png', 20) - @screen.waitVanish('SynapticReloadPrompt.png', 30*60) -end - -Then /^I should be able to install a package using Synaptic$/ do - package = "cowsay" - try_for(60) do - @screen.wait_and_click('SynapticSearchButton.png', 10) - @screen.wait_and_click('SynapticSearchWindow.png', 10) - end - @screen.type(package + Sikuli::Key.ENTER) - @screen.wait_and_double_click('SynapticCowsaySearchResult.png', 20) - @screen.wait_and_click('SynapticApplyButton.png', 10) - @screen.wait('SynapticApplyPrompt.png', 60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait('SynapticChangesAppliedPrompt.png', 240) - step "package \"#{package}\" is installed" -end - -When /^I start Synaptic$/ do - step 'I start "Synaptic" via the GNOME "System" applications menu' - deal_with_polkit_prompt('PolicyKitAuthPrompt.png', @sudo_password) - @screen.wait('SynapticReloadButton.png', 30) -end diff --git a/features/step_definitions/browser.rb b/features/step_definitions/browser.rb deleted file mode 100644 index 84ef1d35..00000000 --- a/features/step_definitions/browser.rb +++ /dev/null @@ -1,195 +0,0 @@ -Then /^I see the (Unsafe|I2P) Browser start notification and wait for it to close$/ do |browser_type| - robust_notification_wait("#{browser_type}BrowserStartNotification.png", 60) -end - -Then /^the (Unsafe|I2P) Browser has started$/ do |browser_type| - case browser_type - when 'Unsafe' - @screen.wait("UnsafeBrowserHomepage.png", 360) - when 'I2P' - step 'the I2P router console is displayed in I2P Browser' - end -end - -When /^I start the (Unsafe|I2P) Browser(?: through the GNOME menu)?$/ do |browser_type| - step "I start \"#{browser_type}Browser\" via the GNOME \"Internet\" applications menu" -end - -When /^I successfully start the (Unsafe|I2P) Browser$/ do |browser_type| - step "I start the #{browser_type} Browser" - step "I see and accept the Unsafe Browser start verification" unless browser_type == 'I2P' - step "I see the #{browser_type} Browser start notification and wait for it to close" - step "the #{browser_type} Browser has started" -end - -When /^I close the (?:Unsafe|I2P) Browser$/ do - @screen.type("q", Sikuli::KeyModifier.CTRL) -end - -Then /^I see the (Unsafe|I2P) Browser stop notification$/ do |browser_type| - robust_notification_wait("#{browser_type}BrowserStopNotification.png", 60) -end - -def xul_application_info(application) - binary = $vm.execute_successfully( - 'echo ${TBB_INSTALL}/firefox', :libs => 'tor-browser' - ).stdout.chomp - address_bar_image = "BrowserAddressBar.png" - unused_tbb_libs = ['libnssdbm3.so'] - case application - when "Tor Browser" - user = LIVE_USER - cmd_regex = "#{binary} .* -profile /home/#{user}/\.tor-browser/profile\.default" - chroot = "" - new_tab_button_image = "TorBrowserNewTabButton.png" - when "Unsafe Browser" - user = "clearnet" - cmd_regex = "#{binary} .* -profile /home/#{user}/\.unsafe-browser/profile\.default" - chroot = "/var/lib/unsafe-browser/chroot" - new_tab_button_image = "UnsafeBrowserNewTabButton.png" - when "I2P Browser" - user = "i2pbrowser" - cmd_regex = "#{binary} .* -profile /home/#{user}/\.i2p-browser/profile\.default" - chroot = "/var/lib/i2p-browser/chroot" - new_tab_button_image = "I2PBrowserNewTabButton.png" - when "Tor Launcher" - user = "tor-launcher" - # We do not enable AppArmor confinement for the Tor Launcher. - binary = "#{binary}-unconfined" - tor_launcher_install = $vm.execute_successfully( - 'echo ${TOR_LAUNCHER_INSTALL}', :libs => 'tor-browser' - ).stdout.chomp - cmd_regex = "#{binary}\s+-app #{tor_launcher_install}/application\.ini.*" - chroot = "" - new_tab_button_image = nil - address_bar_image = nil - # The standalone Tor Launcher uses fewer libs than the full - # browser. - unused_tbb_libs.concat(["libfreebl3.so", "libnssckbi.so", "libsoftokn3.so"]) - else - raise "Invalid browser or XUL application: #{application}" - end - return { - :user => user, - :cmd_regex => cmd_regex, - :chroot => chroot, - :new_tab_button_image => new_tab_button_image, - :address_bar_image => address_bar_image, - :unused_tbb_libs => unused_tbb_libs, - } -end - -When /^I open a new tab in the (.*)$/ do |browser| - info = xul_application_info(browser) - @screen.click(info[:new_tab_button_image]) - @screen.wait(info[:address_bar_image], 10) -end - -When /^I open the address "([^"]*)" in the (.*)$/ do |address, browser| - step "I open a new tab in the #{browser}" - info = xul_application_info(browser) - open_address = Proc.new do - @screen.click(info[:address_bar_image]) - # This static here since we have no reliable visual indicators - # that we can watch to know when typing is "safe". - sleep 5 - # The browser sometimes loses keypresses when suggestions are - # shown, which we work around by pasting the address from the - # clipboard, in one go. - $vm.set_clipboard(address) - @screen.type('v', Sikuli::KeyModifier.CTRL) - @screen.type(Sikuli::Key.ENTER) - end - open_address.call - if browser == "Tor Browser" - recovery_on_failure = Proc.new do - @screen.type(Sikuli::Key.ESC) - @screen.waitVanish('BrowserReloadButton.png', 3) - open_address.call - end - retry_tor(recovery_on_failure) do - @screen.wait('BrowserReloadButton.png', 120) - end - end -end - -Then /^the (.*) has no plugins installed$/ do |browser| - step "I open the address \"about:plugins\" in the #{browser}" - step "I see \"TorBrowserNoPlugins.png\" after at most 30 seconds" -end - -def xul_app_shared_lib_check(pid, chroot, expected_absent_tbb_libs = []) - absent_tbb_libs = [] - unwanted_native_libs = [] - tbb_libs = $vm.execute_successfully("ls -1 #{chroot}${TBB_INSTALL}/*.so", - :libs => 'tor-browser').stdout.split - firefox_pmap_info = $vm.execute("pmap --show-path #{pid}").stdout - for lib in tbb_libs do - lib_name = File.basename lib - if not /\W#{lib}$/.match firefox_pmap_info - absent_tbb_libs << lib_name - end - native_libs = $vm.execute_successfully( - "find /usr/lib /lib -name \"#{lib_name}\"" - ).stdout.split - for native_lib in native_libs do - if /\W#{native_lib}$"/.match firefox_pmap_info - unwanted_native_libs << lib_name - end - end - end - absent_tbb_libs -= expected_absent_tbb_libs - assert(absent_tbb_libs.empty? && unwanted_native_libs.empty?, - "The loaded shared libraries for the firefox process are not the " + - "way we expect them.\n" + - "Expected TBB libs that are absent: #{absent_tbb_libs}\n" + - "Native libs that we don't want: #{unwanted_native_libs}") -end - -Then /^the (.*) uses all expected TBB shared libraries$/ do |application| - info = xul_application_info(application) - pid = $vm.execute_successfully("pgrep --uid #{info[:user]} --full --exact '#{info[:cmd_regex]}'").stdout.chomp - assert(/\A\d+\z/.match(pid), "It seems like #{application} is not running") - xul_app_shared_lib_check(pid, info[:chroot], info[:unused_tbb_libs]) -end - -Then /^the (.*) chroot is torn down$/ do |browser| - info = xul_application_info(browser) - try_for(30, :msg => "The #{browser} chroot '#{info[:chroot]}' was " \ - "not removed") do - !$vm.execute("test -d '#{info[:chroot]}'").success? - end -end - -Then /^the (.*) runs as the expected user$/ do |browser| - info = xul_application_info(browser) - assert_vmcommand_success($vm.execute( - "pgrep --full --exact '#{info[:cmd_regex]}'"), - "The #{browser} is not running") - assert_vmcommand_success($vm.execute( - "pgrep --uid #{info[:user]} --full --exact '#{info[:cmd_regex]}'"), - "The #{browser} is not running as the #{info[:user]} user") -end - -When /^I download some file in the Tor Browser$/ do - @some_file = 'tails-signing.key' - some_url = "https://tails.boum.org/#{@some_file}" - step "I open the address \"#{some_url}\" in the Tor Browser" -end - -Then /^I get the browser download dialog$/ do - @screen.wait('BrowserDownloadDialog.png', 60) - @screen.wait('BrowserDownloadDialogSaveAsButton.png', 10) -end - -When /^I save the file to the default Tor Browser download directory$/ do - @screen.click('BrowserDownloadDialogSaveAsButton.png') - @screen.wait('BrowserDownloadFileToDialog.png', 10) - @screen.type(Sikuli::Key.ENTER) -end - -Then /^the file is saved to the default Tor Browser download directory$/ do - assert_not_nil(@some_file) - expected_path = "/home/#{LIVE_USER}/Tor Browser/#{@some_file}" - try_for(10) { $vm.file_exist?(expected_path) } -end diff --git a/features/step_definitions/build.rb b/features/step_definitions/build.rb deleted file mode 100644 index fd001ff4..00000000 --- a/features/step_definitions/build.rb +++ /dev/null @@ -1,115 +0,0 @@ -Given /^Tails ([[:alnum:].]+) has been released$/ do |version| - create_git unless git_exists? - - old_branch = current_branch - - fatal_system "git checkout --quiet stable" - old_entries = File.open('debian/changelog') { |f| f.read } - File.open('debian/changelog', 'w') do |changelog| - changelog.write(< Tue, 31 Jan 2012 15:12:57 +0100 - -#{old_entries} -END_OF_CHANGELOG - end - fatal_system "git commit --quiet debian/changelog -m 'Release #{version}'" - fatal_system "git tag '#{version}'" - - if old_branch != 'stable' - fatal_system "git checkout --quiet '#{old_branch}'" - fatal_system "git merge --quiet 'stable'" - end -end - -Given /^Tails ([[:alnum:].-]+) has been tagged$/ do |version| - fatal_system "git tag '#{version}'" -end - -Given /^Tails ([[:alnum:].]+) has not been released yet$/ do |version| - !File.exists? ".git/refs/tags/#{version}" -end - -Given /^the last version mentioned in debian\/changelog is ([[:alnum:]~.]+)$/ do |version| - last = `dpkg-parsechangelog | awk '/^Version: / { print $2 }'`.strip - raise StandardError.new('dpkg-parsechangelog failed.') if $? != 0 - - if last != version - fatal_system "debchange -v '#{version}' 'New upstream release'" - end -end - -Given %r{I am working on the ([[:alnum:]./_-]+) base branch$} do |branch| - create_git unless git_exists? - - if current_branch != branch - fatal_system "git checkout --quiet '#{branch}'" - end - - File.open('config/base_branch', 'w+') do |base_branch_file| - base_branch_file.write("#{branch}\n") - end -end - -Given %r{I am working on the ([[:alnum:]./_-]+) branch based on ([[:alnum:]./_-]+)$} do |branch, base| - create_git unless git_exists? - - if current_branch != branch - fatal_system "git checkout --quiet -b '#{branch}' '#{base}'" - end - - File.open('config/base_branch', 'w+') do |base_branch_file| - base_branch_file.write("#{base}\n") - end -end - -When /^I successfully run ([[:alnum:]-]+)$/ do |command| - @output = `#{File.expand_path("../../../auto/scripts/#{command}", __FILE__)}` - raise StandardError.new("#{command} failed. Exit code: #{$?}") if $? != 0 -end - -When /^I run ([[:alnum:]-]+)$/ do |command| - @output = `#{File.expand_path("../../../auto/scripts/#{command}", __FILE__)}` - @exit_code = $?.exitstatus -end - -Then /^I should see the ['"]?([[:alnum:].-]+)['"]? suite$/ do |suite| - @output.should have_suite(suite) -end - -Then /^I should see only the ['"]?([[:alnum:].-]+)['"]? suite$/ do |suite| - assert_equal(1, @output.lines.count) - @output.should have_suite(suite) -end - -Then /^I should not see the ['"]?([[:alnum:].-]+)['"]? suite$/ do |suite| - @output.should_not have_suite(suite) -end - -Given(/^the config\/APT_overlays\.d directory is empty$/) do - Dir.glob('config/APT_overlays.d/*').empty? \ - or raise "config/APT_overlays.d/ is not empty" -end - -Given(/^config\/APT_overlays\.d contains ['"]?([[:alnum:].-]+)['"]?$/) do |suite| - FileUtils.touch("config/APT_overlays.d/#{suite}") -end - -Then(/^it should fail$/) do - assert_not_equal(0, @exit_code) -end - -Given(/^the (config\/base_branch) file does not exist$/) do |file| - File.delete(file) -end - -Given(/^the (config\/APT_overlays\.d) directory does not exist$/) do |dir| - Dir.rmdir(dir) -end - -Given(/^the config\/base_branch file is empty$/) do - File.truncate('config/base_branch', 0) -end diff --git a/features/step_definitions/checks.rb b/features/step_definitions/checks.rb deleted file mode 100644 index 423b8390..00000000 --- a/features/step_definitions/checks.rb +++ /dev/null @@ -1,252 +0,0 @@ -def shipped_openpgp_keys - shipped_gpg_keys = $vm.execute_successfully('gpg --batch --with-colons --fingerprint --list-key', :user => LIVE_USER).stdout - openpgp_fingerprints = shipped_gpg_keys.scan(/^fpr:::::::::([A-Z0-9]+):$/).flatten - return openpgp_fingerprints -end - -Then /^the OpenPGP keys shipped with Tails will be valid for the next (\d+) months$/ do |months| - invalid = Array.new - shipped_openpgp_keys.each do |key| - begin - step "the shipped OpenPGP key #{key} will be valid for the next #{months} months" - rescue Test::Unit::AssertionFailedError - invalid << key - next - end - end - assert(invalid.empty?, "The following key(s) will not be valid in #{months} months: #{invalid.join(', ')}") -end - -Then /^the shipped (?:Debian repository key|OpenPGP key ([A-Z0-9]+)) will be valid for the next (\d+) months$/ do |fingerprint, max_months| - if fingerprint - cmd = 'gpg' - user = LIVE_USER - else - fingerprint = TAILS_DEBIAN_REPO_KEY - cmd = 'apt-key adv' - user = 'root' - end - shipped_sig_key_info = $vm.execute_successfully("#{cmd} --batch --list-key #{fingerprint}", :user => user).stdout - m = /\[expire[ds]: ([0-9-]*)\]/.match(shipped_sig_key_info) - if m - expiration_date = Date.parse(m[1]) - assert((expiration_date << max_months.to_i) > DateTime.now, - "The shipped key #{fingerprint} will not be valid #{max_months} months from now.") - end -end - -Then /^I double-click the Report an Error launcher on the desktop$/ do - @screen.wait_and_double_click('DesktopReportAnError.png', 30) -end - -Then /^the live user has been setup by live\-boot$/ do - assert($vm.execute("test -e /var/lib/live/config/user-setup").success?, - "live-boot failed its user-setup") - actual_username = $vm.execute(". /etc/live/config/username.conf; " + - "echo $LIVE_USERNAME").stdout.chomp - assert_equal(LIVE_USER, actual_username) -end - -Then /^the live user is a member of only its own group and "(.*?)"$/ do |groups| - expected_groups = groups.split(" ") << LIVE_USER - actual_groups = $vm.execute("groups #{LIVE_USER}").stdout.chomp.sub(/^#{LIVE_USER} : /, "").split(" ") - unexpected = actual_groups - expected_groups - missing = expected_groups - actual_groups - assert_equal(0, unexpected.size, - "live user in unexpected groups #{unexpected}") - assert_equal(0, missing.size, - "live user not in expected groups #{missing}") -end - -Then /^the live user owns its home dir and it has normal permissions$/ do - home = "/home/#{LIVE_USER}" - assert($vm.execute("test -d #{home}").success?, - "The live user's home doesn't exist or is not a directory") - owner = $vm.execute("stat -c %U:%G #{home}").stdout.chomp - perms = $vm.execute("stat -c %a #{home}").stdout.chomp - assert_equal("#{LIVE_USER}:#{LIVE_USER}", owner) - assert_equal("700", perms) -end - -Then /^no unexpected services are listening for network connections$/ do - netstat_cmd = $vm.execute("netstat -ltupn") - assert netstat_cmd.success? - for line in netstat_cmd.stdout.chomp.split("\n") do - splitted = line.split(/[[:blank:]]+/) - proto = splitted[0] - if proto == "tcp" - proc_index = 6 - elsif proto == "udp" - proc_index = 5 - else - next - end - laddr, lport = splitted[3].split(":") - proc = splitted[proc_index].split("/")[1] - # Services listening on loopback is not a threat - if /127(\.[[:digit:]]{1,3}){3}/.match(laddr).nil? - if SERVICES_EXPECTED_ON_ALL_IFACES.include? [proc, laddr, lport] or - SERVICES_EXPECTED_ON_ALL_IFACES.include? [proc, laddr, "*"] - puts "Service '#{proc}' is listening on #{laddr}:#{lport} " + - "but has an exception" - else - raise "Unexpected service '#{proc}' listening on #{laddr}:#{lport}" - end - end - end -end - -When /^Tails has booted a 64-bit kernel$/ do - assert($vm.execute("uname -r | grep -qs 'amd64$'").success?, - "Tails has not booted a 64-bit kernel.") -end - -Then /^there is no screenshot in the live user's Pictures directory$/ do - pictures_directory = "/home/#{LIVE_USER}/Pictures" - assert($vm.execute( - "find '#{pictures_directory}' -name 'Screenshot*.png' -maxdepth 1" - ).stdout.empty?, - "Existing screenshots were found in the live user's Pictures directory.") -end - -Then /^a screenshot is saved to the live user's Pictures directory$/ do - pictures_directory = "/home/#{LIVE_USER}/Pictures" - try_for(10, :msg=> "No screenshot was created in #{pictures_directory}") do - !$vm.execute( - "find '#{pictures_directory}' -name 'Screenshot*.png' -maxdepth 1" - ).stdout.empty? - end -end - -Then /^the VirtualBox guest modules are available$/ do - assert($vm.execute("modinfo vboxguest").success?, - "The vboxguest module is not available.") -end - -Given /^I setup a filesystem share containing a sample PDF$/ do - shared_pdf_dir_on_host = "#{$config["TMPDIR"]}/shared_pdf_dir" - @shared_pdf_dir_on_guest = "/tmp/shared_pdf_dir" - FileUtils.mkdir_p(shared_pdf_dir_on_host) - Dir.glob("#{MISC_FILES_DIR}/*.pdf") do |pdf_file| - FileUtils.cp(pdf_file, shared_pdf_dir_on_host) - end - add_after_scenario_hook { FileUtils.rm_r(shared_pdf_dir_on_host) } - $vm.add_share(shared_pdf_dir_on_host, @shared_pdf_dir_on_guest) -end - -Then /^the support documentation page opens in Tor Browser$/ do - @screen.wait("SupportDocumentation#{@language}.png", 120) -end - -Then /^MAT can clean some sample PDF file$/ do - for pdf_on_host in Dir.glob("#{MISC_FILES_DIR}/*.pdf") do - pdf_name = File.basename(pdf_on_host) - pdf_on_guest = "/home/#{LIVE_USER}/#{pdf_name}" - step "I copy \"#{@shared_pdf_dir_on_guest}/#{pdf_name}\" to \"#{pdf_on_guest}\" as user \"#{LIVE_USER}\"" - check_before = $vm.execute_successfully("mat --check '#{pdf_on_guest}'", - :user => LIVE_USER).stdout - assert(check_before.include?("#{pdf_on_guest} is not clean"), - "MAT failed to see that '#{pdf_on_host}' is dirty") - $vm.execute_successfully("mat '#{pdf_on_guest}'", :user => LIVE_USER) - check_after = $vm.execute_successfully("mat --check '#{pdf_on_guest}'", - :user => LIVE_USER).stdout - assert(check_after.include?("#{pdf_on_guest} is clean"), - "MAT failed to clean '#{pdf_on_host}'") - $vm.execute_successfully("rm '#{pdf_on_guest}'") - end -end - -Then /^AppArmor is enabled$/ do - assert($vm.execute("aa-status").success?, "AppArmor is not enabled") -end - -Then /^some AppArmor profiles are enforced$/ do - assert($vm.execute("aa-status --enforced").stdout.chomp.to_i > 0, - "No AppArmor profile is enforced") -end - -def get_seccomp_status(process) - assert($vm.has_process?(process), "Process #{process} not running.") - pid = $vm.pidof(process)[0] - status = $vm.file_content("/proc/#{pid}/status") - return status.match(/^Seccomp:\s+([0-9])/)[1].chomp.to_i -end - -def get_apparmor_status(pid) - apparmor_status = $vm.file_content("/proc/#{pid}/attr/current").chomp - if apparmor_status.include?(')') - # matches something like /usr/sbin/cupsd (enforce) - # and only returns what's in the parentheses - return apparmor_status.match(/[^\s]+\s+\((.+)\)$/)[1].chomp - else - return apparmor_status - end -end - -Then /^the running process "(.+)" is confined with AppArmor in (complain|enforce) mode$/ do |process, mode| - if process == 'i2p' - $vm.execute_successfully('service i2p status') - pid = $vm.file_content('/run/i2p/i2p.pid').chomp - else - assert($vm.has_process?(process), "Process #{process} not running.") - pid = $vm.pidof(process)[0] - end - assert_equal(mode, get_apparmor_status(pid)) -end - -Then /^the running process "(.+)" is confined with Seccomp in (filter|strict) mode$/ do |process,mode| - status = get_seccomp_status(process) - if mode == 'strict' - assert_equal(1, status, "#{process} not confined with Seccomp in strict mode") - elsif mode == 'filter' - assert_equal(2, status, "#{process} not confined with Seccomp in filter mode") - else - raise "Unsupported mode #{mode} passed" - end -end - -Then /^tails-debugging-info is not susceptible to symlink attacks$/ do - secret_file = '/secret' - secret_contents = 'T0P S3Cr1t -- 3yEs oN1y' - $vm.file_append(secret_file, secret_contents) - $vm.execute_successfully("chmod u=rw,go= #{secret_file}") - $vm.execute_successfully("chown root:root #{secret_file}") - script_path = '/usr/local/sbin/tails-debugging-info' - script_lines = $vm.file_content(script_path).split("\n") - script_lines.grep(/^debug_file\s+/).each do |line| - _, user, debug_file = line.split - # root can always mount symlink attacks - next if user == 'root' - # Remove quoting around the file - debug_file.gsub!(/["']/, '') - # Skip files that do not exist, or cannot be removed (e.g. the - # ones in /proc). - next if not($vm.execute("rm #{debug_file}").success?) - # Check what would happen *if* the amnesia user managed to replace - # the debugging file with a symlink to the secret. - $vm.execute_successfully("ln -s #{secret_file} #{debug_file}") - $vm.execute_successfully("chown --no-dereference #{LIVE_USER}:#{LIVE_USER} #{debug_file}") - if $vm.execute("sudo /usr/local/sbin/tails-debugging-info | " + - "grep '#{secret_contents}'", - :user => LIVE_USER).success? - raise "The secret was leaked by tails-debugging-info via '#{debug_file}'" - end - # Remove the secret so it cannot possibly interfere with the - # following iterations (even though it should not). - $vm.execute_successfully("echo > #{debug_file}") - end -end - -When /^I disable all networking in the Tails Greeter$/ do - begin - @screen.click('TailsGreeterDisableAllNetworking.png') - rescue FindFailed - @screen.type(Sikuli::Key.PAGE_DOWN) - @screen.click('TailsGreeterDisableAllNetworking.png') - end -end - -Then /^the Tor Status icon tells me that Tor is( not)? usable$/ do |not_usable| - picture = not_usable ? 'TorStatusNotUsable' : 'TorStatusUsable' - @screen.find("#{picture}.png") -end diff --git a/features/step_definitions/common_steps.rb b/features/step_definitions/common_steps.rb deleted file mode 100644 index bd03cebb..00000000 --- a/features/step_definitions/common_steps.rb +++ /dev/null @@ -1,1086 +0,0 @@ -require 'fileutils' - -def post_vm_start_hook - # Sometimes the first click is lost (presumably it's used to give - # focus to virt-viewer or similar) so we do that now rather than - # having an important click lost. The point we click should be - # somewhere where no clickable elements generally reside. - @screen.click_point(@screen.w, @screen.h/2) -end - -def activate_filesystem_shares - # XXX-9p: First of all, filesystem shares cannot be mounted while we - # do a snapshot save+restore, so unmounting+remounting them seems - # like a good idea. However, the 9p modules get into a broken state - # during the save+restore, so we also would like to unload+reload - # them, but loading of 9pnet_virtio fails after a restore with - # "probe of virtio2 failed with error -2" (in dmesg) which makes the - # shares unavailable. Hence we leave this code commented for now. - #for mod in ["9pnet_virtio", "9p"] do - # $vm.execute("modprobe #{mod}") - #end - - $vm.list_shares.each do |share| - $vm.execute("mkdir -p #{share}") - $vm.execute("mount -t 9p -o trans=virtio #{share} #{share}") - end -end - -def context_menu_helper(top, bottom, menu_item) - try_for(60) do - t = @screen.wait(top, 10) - b = @screen.wait(bottom, 10) - # In Sikuli, lower x == closer to the left, lower y == closer to the top - assert(t.y < b.y) - center = Sikuli::Location.new(((t.x + t.w) + b.x)/2, - ((t.y + t.h) + b.y)/2) - @screen.right_click(center) - @screen.hide_cursor - @screen.wait_and_click(menu_item, 10) - return - end -end - -def deactivate_filesystem_shares - $vm.list_shares.each do |share| - $vm.execute("umount #{share}") - end - - # XXX-9p: See XXX-9p above - #for mod in ["9p", "9pnet_virtio"] do - # $vm.execute("modprobe -r #{mod}") - #end -end - -# This helper requires that the notification image is the one shown in -# the notification applet's list, not the notification pop-up. -def robust_notification_wait(notification_image, time_to_wait) - error_msg = "Didn't not manage to open the notification applet" - wait_start = Time.now - try_for(time_to_wait, :delay => 0, :msg => error_msg) do - @screen.hide_cursor - @screen.click("GnomeNotificationApplet.png") - @screen.wait("GnomeNotificationAppletOpened.png", 10) - end - - error_msg = "Didn't not see notification '#{notification_image}'" - time_to_wait -= (Time.now - wait_start).ceil - try_for(time_to_wait, :delay => 0, :msg => error_msg) do - found = false - entries = @screen.findAll("GnomeNotificationEntry.png") - while(entries.hasNext) do - entry = entries.next - @screen.hide_cursor - @screen.click(entry) - close_entry = @screen.wait("GnomeNotificationEntryClose.png", 10) - if @screen.exists(notification_image) - found = true - @screen.click(close_entry) - break - else - @screen.click(entry) - end - end - found - end - - # Click anywhere to close the notification applet - @screen.hide_cursor - @screen.click("GnomeApplicationsMenu.png") - @screen.hide_cursor -end - -def post_snapshot_restore_hook - $vm.wait_until_remote_shell_is_up - post_vm_start_hook - - # XXX-9p: See XXX-9p above - #activate_filesystem_shares - - # debian-TODO: move to tor feature - # The guest's Tor's circuits' states are likely to get out of sync - # with the other relays, so we ensure that we have fresh circuits. - # Time jumps and incorrect clocks also confuses Tor in many ways. - #if $vm.has_network? - # if $vm.execute("systemctl --quiet is-active tor@default.service").success? - # $vm.execute("systemctl stop tor@default.service") - # $vm.execute("rm -f /var/log/tor/log") - # $vm.execute("systemctl --no-block restart tails-tor-has-bootstrapped.target") - # $vm.host_to_guest_time_sync - # $vm.spawn("restart-tor") - # wait_until_tor_is_working - # if $vm.file_content('/proc/cmdline').include?(' i2p') - # $vm.execute_successfully('/usr/local/sbin/tails-i2p stop') - # # we "killall tails-i2p" to prevent multiple - # # copies of the script from running - # $vm.execute_successfully('killall tails-i2p') - # $vm.spawn('/usr/local/sbin/tails-i2p start') - # end - # end - #else - # $vm.host_to_guest_time_sync - #end -end - -Given /^a computer$/ do - $vm.destroy_and_undefine if $vm - $vm = VM.new($virt, VM_XML_PATH, $vmnet, $vmstorage, DISPLAY) -end - -Given /^the computer has (\d+) ([[:alpha:]]+) of RAM$/ do |size, unit| - $vm.set_ram_size(size, unit) -end - -Given /^the computer is set to boot from the Tails DVD$/ do - $vm.set_cdrom_boot(TAILS_ISO) -end - -Given /^the computer is set to boot from (.+?) drive "(.+?)"$/ do |type, name| - $vm.set_disk_boot(name, type.downcase) -end - -Given /^I (temporarily )?create a (\d+) ([[:alpha:]]+) disk named "([^"]+)"$/ do |temporary, size, unit, name| - $vm.storage.create_new_disk(name, {:size => size, :unit => unit, - :type => "qcow2"}) - add_after_scenario_hook { $vm.storage.delete_volume(name) } if temporary -end - -Given /^I plug (.+) drive "([^"]+)"$/ do |bus, name| - $vm.plug_drive(name, bus.downcase) - if $vm.is_running? - step "drive \"#{name}\" is detected by Tails" - end -end - -Then /^drive "([^"]+)" is detected by Tails$/ do |name| - raise "Tails is not running" unless $vm.is_running? - try_for(10, :msg => "Drive '#{name}' is not detected by Tails") do - $vm.disk_detected?(name) - end -end - -Given /^the network is plugged$/ do - $vm.plug_network -end - -Given /^the network is unplugged$/ do - $vm.unplug_network -end - -Given /^the hardware clock is set to "([^"]*)"$/ do |time| - $vm.set_hardware_clock(DateTime.parse(time).to_time) -end - -Given /^I capture all network traffic$/ do - @sniffer = Sniffer.new("sniffer", $vmnet) - @sniffer.capture - add_after_scenario_hook do - @sniffer.stop - @sniffer.clear - end -end - -Given /^I set Tails to boot with options "([^"]*)"$/ do |options| - @boot_options = options -end - -When /^I start the computer$/ do - assert(!$vm.is_running?, - "Trying to start a VM that is already running") - $vm.start - post_vm_start_hook -end - -Given /^I start Tails( from DVD)?( with network unplugged)?( and I login)?$/ do |dvd_boot, network_unplugged, do_login| - step "the computer is set to boot from the Tails DVD" if dvd_boot - if network_unplugged.nil? - step "the network is plugged" - else - step "the network is unplugged" - end - step "I start the computer" - step "the computer boots Tails" - if do_login - step "I log in to a new session" - step "Tails seems to have booted normally" - if network_unplugged.nil? - step "Tor is ready" - step "all notifications have disappeared" - step "available upgrades have been checked" - else - step "all notifications have disappeared" - end - end -end - -Given /^I start Tails from (.+?) drive "(.+?)"(| with network unplugged)( and I login(| with(| read-only) persistence enabled))?$/ do |drive_type, drive_name, network_unplugged, do_login, persistence_on, persistence_ro| - step "the computer is set to boot from #{drive_type} drive \"#{drive_name}\"" - if network_unplugged.empty? - step "the network is plugged" - else - step "the network is unplugged" - end - step "I start the computer" - step "the computer boots Tails" - if do_login - if ! persistence_on.empty? - if persistence_ro.empty? - step "I enable persistence" - else - step "I enable read-only persistence" - end - end - step "I log in to a new session" - step "Tails seems to have booted normally" - if network_unplugged.empty? - step "Tor is ready" - step "all notifications have disappeared" - step "available upgrades have been checked" - else - step "all notifications have disappeared" - end - end -end - -When /^I power off the computer$/ do - assert($vm.is_running?, - "Trying to power off an already powered off VM") - $vm.power_off -end - -When /^I cold reboot the computer$/ do - step "I power off the computer" - step "I start the computer" -end - -When /^I destroy the computer$/ do - $vm.destroy_and_undefine -end - -Given /^the computer (re)?boots DebianInstaller(|\d+)$/ do |reboot,version| - - boot_timeout = 30 - # We need some extra time for memory wiping if rebooting - - @screen.wait("d-i8_bootsplash.png", boot_timeout) - @screen.type(Sikuli::Key.TAB) - - @screen.type(' preseed/early_command="echo ttyS0::askfirst:-/bin/sh>>/etc/inittab;kill -HUP 1"' + " blacklist=psmouse #{@boot_options}" + - Sikuli::Key.ENTER) - $vm.wait_until_remote_shell_is_up -end - -Given /^I select British English$/ do - @screen.wait("DebianInstallerSelectLangEnglish.png", 30) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerCountrySelection.png", 10) - @screen.type(Sikuli::Key.UP) - @screen.waitVanish("DebianInstallerCountrySelection.png", 10) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerSelectLangEnglishUK.png", 10) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I accept the hostname, using "([^"]*)" as the domain$/ do |domain| - @screen.wait("DebianInstallerHostnamePrompt.png", 5*60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerDomainPrompt.png", 10) - @screen.type(domain + Sikuli::Key.ENTER) - @screen.waitVanish("DebianInstallerDomainPrompt.png", 10) -end - -Given /^I set the root password to "([^"]*)"$/ do |rootpw| -# Root Password, twice - @screen.wait("DebianInstallerRootPassword.png", 30) - @screen.type(rootpw + Sikuli::Key.ENTER) - @screen.waitVanish("DebianInstallerRootPassword.png", 10) - @screen.type(rootpw + Sikuli::Key.ENTER) -end - -Given /^I set the password for "([^"]*)" to be "([^"]*)"$/ do |fullname,password| -# Username, and password twice - @screen.wait("DebianInstallerNameOfUser.png", 10) - @screen.type(fullname + Sikuli::Key.ENTER) - @screen.waitVanish("DebianInstallerNameOfUser.png", 10) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerUserPassword.png", 10) - @screen.type(password + Sikuli::Key.ENTER) - @screen.waitVanish("DebianInstallerUserPassword.png", 10) - @screen.type(password + Sikuli::Key.ENTER) -end - - #@screen.wait("DebianInstallerNoDiskFound.png", 60) - -Given /^I select full-disk, single-filesystem partitioning$/ do - @screen.wait("DebianInstallerPartitioningMethod.png", 60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerSelectDiskToPartition.png", 10) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("DebianInstallerPartitioningScheme.png", 10) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("d-i_FinishPartitioning.png", 10) - sleep(5) # FIXME -- why do we need this? It's weird that the wait is not enough - @screen.type(Sikuli::Key.ENTER) - # prompt about Writing Partitions to disk: - @screen.wait("d-i_No.png", 10) - @screen.type(Sikuli::Key.TAB) - @screen.wait("d-i_Yes.png", 10) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I note that the Base system is being installed$/ do - @screen.wait("DebianInstallerInstallingBaseSystem.png", 30) - @screen.waitVanish("DebianInstallerInstallingBaseSystem.png", 15 * 60) -end - -Given /^I accept the default mirror$/ do - @screen.wait("DebianInstallerMirrorCountry.png", 10 * 60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("d-i_ArchiveMirror.png", 5) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("d-i_HttpProxy.png", 5) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I neglect to scan more CDs$/ do - @screen.wait("d-i_ScanCD.png", 15 * 60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("d-i_UseNetMirror.png", 10) - @screen.wait("d-i_Yes.png", 10) - @screen.type(Sikuli::Key.TAB) - @screen.wait("d-i_No.png", 10) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I ignore Popcon$/ do - #@screen.wait("d-i_popcon.png", 10 * 60) - @screen.wait("d-i_No.png", 10 * 60) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^we reach the Tasksel prompt$/ do - @screen.wait("d-i_ChooseSoftware.png", 5 * 60) -end - -Given /^I hit ENTER$/ do - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I select the Desktop task$/ do - @screen.wait("d-i_ChooseSoftware.png", 10) - @screen.type(Sikuli::Key.SPACE) - @screen.type(Sikuli::Key.DOWN) - @screen.type(Sikuli::Key.SPACE) - @screen.wait("d-i_DesktopTask_Yes.png", 10) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I install GRUB$/ do - @screen.wait("d-i_InstallGRUB.png", 80 * 60) - #@screen.wait("Install the GRUB", 80 * 60) - @screen.type(Sikuli::Key.ENTER) - @screen.wait("d-i_GRUBEnterDev.png", 10 * 60) - @screen.type(Sikuli::Key.DOWN) - @screen.wait("d-i_GRUBdev.png", 10) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I allow reboot after the install is complete$/ do - @screen.wait("d-i_InstallComplete.png", 2 * 60) - @screen.type(Sikuli::Key.ENTER) -end - -Given /^I wait for the reboot$/ do - @screen.wait(bootsplash, 10 * 60) -end - -Given /^I make sure that we boot from disk$/ do - @screen.wait("d-i_GRUB_Debian.png", 5 * 60) -end - -Given /^I wait for a Login Prompt$/ do - @screen.wait("DebianLoginPromptVT.png", 2 * 60) -end - -def bootsplash - case @os_loader - when "UEFI" - 'TailsBootSplashUEFI.png' - else - 'd-i8_bootsplash.png' - end -end - -def bootsplash_tab_msg - case @os_loader - when "UEFI" - 'TailsBootSplashTabMsgUEFI.png' - else - #if reboot - # bootsplash = 'TailsBootSplashPostReset.png' - # bootsplash_tab_msg = 'TailsBootSplashTabMsgPostReset.png' - # boot_timeout = 120 - #else - #bootsplash = "DebianLive#{version}BootSplash.png" - bootsplash = "DebianLiveBootSplash.png" - bootsplash_tab_msg = "DebianLiveBootSplashTabMsg.png" - boot_timeout = 30 - #end - end -end - -Given /^the computer (re)?boots Tails$/ do |reboot| - - boot_timeout = 30 - # We need some extra time for memory wiping if rebooting - boot_timeout += 90 if reboot - - @screen.wait(bootsplash, boot_timeout) - @screen.wait(bootsplash_tab_msg, 10) - @screen.type(Sikuli::Key.TAB) - @screen.waitVanish(bootsplash_tab_msg, 1) - - @screen.type(" autotest_never_use_this_option blacklist=psmouse #{@boot_options}" + - Sikuli::Key.ENTER) - @screen.wait("DebianLive#{version}Greeter.png", 5*60) - @vm.wait_until_remote_shell_is_up - activate_filesystem_shares -end - -Given /^I log in to a new session(?: in )?(|German)$/ do |lang| - case lang - when 'German' - @language = "German" - @screen.wait_and_click('TailsGreeterLanguage.png', 10) - @screen.wait_and_click("TailsGreeterLanguage#{@language}.png", 10) - @screen.wait_and_click("TailsGreeterLoginButton#{@language}.png", 10) - when '' - @screen.wait_and_click('TailsGreeterLoginButton.png', 10) - else - raise "Unsupported language: #{lang}" - end -end - -Given /^I set sudo password "([^"]*)"$/ do |password| - @sudo_password = password - next if @skip_steps_while_restoring_background - #@screen.wait("TailsGreeterAdminPassword.png", 20) - @screen.type(@sudo_password) - @screen.type(Sikuli::Key.TAB) - @screen.type(@sudo_password) -end - -Given /^Tails Greeter has dealt with the sudo password$/ do - f1 = "/etc/sudoers.d/tails-greeter" - f2 = "#{f1}-no-password-lecture" - try_for(20) { - $vm.execute("test -e '#{f1}' -o -e '#{f2}'").success? - } -end - -Given /^the Tails desktop is ready$/ do - desktop_started_picture = "GnomeApplicationsMenu#{@language}.png" - # We wait for the Florence icon to be displayed to ensure reliable systray icon clicking. - @screen.wait("GnomeSystrayFlorence.png", 180) - @screen.wait(desktop_started_picture, 180) - # Disable screen blanking since we sometimes need to wait long - # enough for it to activate, which can mess with Sikuli wait():ing - # for some image. - $vm.execute_successfully( - 'gsettings set org.gnome.desktop.session idle-delay 0', - :user => LIVE_USER - ) -end - -Then /^Tails seems to have booted normally$/ do - step "the Tails desktop is ready" -end - -When /^I see the 'Tor is ready' notification$/ do - robust_notification_wait('TorIsReadyNotification.png', 300) -end - -Given /^Tor is ready$/ do - step "Tor has built a circuit" - step "the time has synced" - if $vm.execute('systemctl is-system-running').failure? - units_status = $vm.execute('systemctl').stdout - raise "At least one system service failed to start:\n#{units_status}" - end -end - -Given /^Tor has built a circuit$/ do - wait_until_tor_is_working -end - -Given /^the time has synced$/ do - ["/var/run/tordate/done", "/var/run/htpdate/success"].each do |file| - try_for(300) { $vm.execute("test -e #{file}").success? } - end -end - -Given /^available upgrades have been checked$/ do - try_for(300) { - $vm.execute("test -e '/var/run/tails-upgrader/checked_upgrades'").success? - } -end - -Given /^the Tor Browser has started$/ do - tor_browser_picture = "TorBrowserWindow.png" - @screen.wait(tor_browser_picture, 60) -end - -Given /^the Tor Browser (?:has started and )?load(?:ed|s) the (startup page|Tails roadmap)$/ do |page| - case page - when "startup page" - picture = "TorBrowserStartupPage.png" - when "Tails roadmap" - picture = "TorBrowserTailsRoadmap.png" - else - raise "Unsupported page: #{page}" - end - step "the Tor Browser has started" - @screen.wait(picture, 120) -end - -Given /^the Tor Browser has started in offline mode$/ do - @screen.wait("TorBrowserOffline.png", 60) -end - -Given /^I add a bookmark to eff.org in the Tor Browser$/ do - url = "https://www.eff.org" - step "I open the address \"#{url}\" in the Tor Browser" - @screen.wait("TorBrowserOffline.png", 5) - @screen.type("d", Sikuli::KeyModifier.CTRL) - @screen.wait("TorBrowserBookmarkPrompt.png", 10) - @screen.type(url + Sikuli::Key.ENTER) -end - -Given /^the Tor Browser has a bookmark to eff.org$/ do - @screen.type("b", Sikuli::KeyModifier.ALT) - @screen.wait("TorBrowserEFFBookmark.png", 10) -end - -Given /^all notifications have disappeared$/ do - next if not(@screen.exists("GnomeNotificationApplet.png")) - @screen.click("GnomeNotificationApplet.png") - @screen.wait("GnomeNotificationAppletOpened.png", 10) - begin - entries = @screen.findAll("GnomeNotificationEntry.png") - while(entries.hasNext) do - entry = entries.next - @screen.hide_cursor - @screen.click(entry) - @screen.wait_and_click("GnomeNotificationEntryClose.png", 10) - end - rescue FindFailed - # No notifications, so we're good to go. - end - @screen.hide_cursor - # Click anywhere to close the notification applet - @screen.click("GnomeApplicationsMenu.png") - @screen.hide_cursor -end - -Then /^I (do not )?see "([^"]*)" after at most (\d+) seconds$/ do |negation, image, time| - begin - @screen.wait(image, time.to_i) - raise "found '#{image}' while expecting not to" if negation - rescue FindFailed => e - raise e if not(negation) - end -end - -Then /^all Internet traffic has only flowed through Tor$/ do - leaks = FirewallLeakCheck.new(@sniffer.pcap_file, - :accepted_hosts => get_all_tor_nodes) - leaks.assert_no_leaks -end - -Given /^I enter the sudo password in the pkexec prompt$/ do - step "I enter the \"#{@sudo_password}\" password in the pkexec prompt" -end - -def deal_with_polkit_prompt (image, password) - @screen.wait(image, 60) - @screen.type(password) - @screen.type(Sikuli::Key.ENTER) - @screen.waitVanish(image, 10) -end - -Given /^I enter the "([^"]*)" password in the pkexec prompt$/ do |password| - deal_with_polkit_prompt('PolicyKitAuthPrompt.png', password) -end - -Given /^process "([^"]+)" is (not )?running$/ do |process, not_running| - if not_running - assert(!$vm.has_process?(process), "Process '#{process}' is running") - else - assert($vm.has_process?(process), "Process '#{process}' is not running") - end -end - -Given /^process "([^"]+)" is running within (\d+) seconds$/ do |process, time| - try_for(time.to_i, :msg => "Process '#{process}' is not running after " + - "waiting for #{time} seconds") do - $vm.has_process?(process) - end -end - -Given /^process "([^"]+)" has stopped running after at most (\d+) seconds$/ do |process, time| - try_for(time.to_i, :msg => "Process '#{process}' is still running after " + - "waiting for #{time} seconds") do - not $vm.has_process?(process) - end -end - -Given /^I kill the process "([^"]+)"$/ do |process| - $vm.execute("killall #{process}") - try_for(10, :msg => "Process '#{process}' could not be killed") { - !$vm.has_process?(process) - } -end - -Then /^Tails eventually shuts down$/ do - nr_gibs_of_ram = convert_from_bytes($vm.get_ram_size_in_bytes, 'GiB').ceil - timeout = nr_gibs_of_ram*5*60 - try_for(timeout, :msg => "VM is still running after #{timeout} seconds") do - ! $vm.is_running? - end -end - -Then /^Tails eventually restarts$/ do - nr_gibs_of_ram = convert_from_bytes($vm.get_ram_size_in_bytes, 'GiB').ceil - @screen.wait('TailsBootSplash.png', nr_gibs_of_ram*5*60) -end - -Given /^I shutdown Tails and wait for the computer to power off$/ do - $vm.spawn("poweroff") - step 'Tails eventually shuts down' -end - -When /^I request a shutdown using the emergency shutdown applet$/ do - @screen.hide_cursor - @screen.wait_and_click('TailsEmergencyShutdownButton.png', 10) - @screen.wait_and_click('TailsEmergencyShutdownHalt.png', 10) -end - -When /^I warm reboot the computer$/ do - $vm.spawn("reboot") -end - -When /^I request a reboot using the emergency shutdown applet$/ do - @screen.hide_cursor - @screen.wait_and_click('TailsEmergencyShutdownButton.png', 10) - @screen.wait_and_click('TailsEmergencyShutdownReboot.png', 10) -end - -Given /^package "([^"]+)" is installed$/ do |package| - assert($vm.execute("dpkg -s '#{package}' 2>/dev/null | grep -qs '^Status:.*installed$'").success?, - "Package '#{package}' is not installed") -end - -When /^I start the Tor Browser$/ do - step 'I start "TorBrowser" via the GNOME "Internet" applications menu' -end - -When /^I request a new identity using Torbutton$/ do - @screen.wait_and_click('TorButtonIcon.png', 30) - @screen.wait_and_click('TorButtonNewIdentity.png', 30) -end - -When /^I acknowledge Torbutton's New Identity confirmation prompt$/ do - @screen.wait('GnomeQuestionDialogIcon.png', 30) - step 'I type "y"' -end - -When /^I start the Tor Browser in offline mode$/ do - step "I start the Tor Browser" - @screen.wait_and_click("TorBrowserOfflinePrompt.png", 10) - @screen.click("TorBrowserOfflinePromptStart.png") -end - -Given /^I add a wired DHCP NetworkManager connection called "([^"]+)"$/ do |con_name| - con_content = <> /tmp/NM.#{con_name}") - end - con_file = "/etc/NetworkManager/system-connections/#{con_name}" - $vm.execute("install -m 0600 '/tmp/NM.#{con_name}' '#{con_file}'") - $vm.execute_successfully("nmcli connection load '#{con_file}'") - try_for(10) { - nm_con_list = $vm.execute("nmcli --terse --fields NAME connection show").stdout - nm_con_list.split("\n").include? "#{con_name}" - } -end - -Given /^I switch to the "([^"]+)" NetworkManager connection$/ do |con_name| - $vm.execute("nmcli connection up id #{con_name}") - try_for(60) do - $vm.execute("nmcli --terse --fields NAME,STATE connection show").stdout.chomp.split("\n").include?("#{con_name}:activated") - end -end - -When /^I start and focus GNOME Terminal$/ do - step 'I start "Terminal" via the GNOME "Utilities" applications menu' - @screen.wait('GnomeTerminalWindow.png', 20) -end - -When /^I run "([^"]+)" in GNOME Terminal$/ do |command| - if !$vm.has_process?("gnome-terminal-server") - step "I start and focus GNOME Terminal" - else - @screen.wait_and_click('GnomeTerminalWindow.png', 20) - end - @screen.type(command + Sikuli::Key.ENTER) -end - -When /^the file "([^"]+)" exists(?:| after at most (\d+) seconds)$/ do |file, timeout| - timeout = 0 if timeout.nil? - try_for( - timeout.to_i, - :msg => "The file #{file} does not exist after #{timeout} seconds" - ) { - $vm.file_exist?(file) - } -end - -When /^the file "([^"]+)" does not exist$/ do |file| - assert(! ($vm.file_exist?(file))) -end - -When /^the directory "([^"]+)" exists$/ do |directory| - assert($vm.directory_exist?(directory)) -end - -When /^the directory "([^"]+)" does not exist$/ do |directory| - assert(! ($vm.directory_exist?(directory))) -end - -When /^I copy "([^"]+)" to "([^"]+)" as user "([^"]+)"$/ do |source, destination, user| - c = $vm.execute("cp \"#{source}\" \"#{destination}\"", :user => LIVE_USER) - assert(c.success?, "Failed to copy file:\n#{c.stdout}\n#{c.stderr}") -end - -def is_persistent?(app) - conf = get_persistence_presets(true)["#{app}"] - c = $vm.execute("findmnt --noheadings --output SOURCE --target '#{conf}'") - # This check assumes that we haven't enabled read-only persistence. - c.success? and c.stdout.chomp != "aufs" -end - -Then /^persistence for "([^"]+)" is (|not )enabled$/ do |app, enabled| - case enabled - when '' - assert(is_persistent?(app), "Persistence should be enabled.") - when 'not ' - assert(!is_persistent?(app), "Persistence should not be enabled.") - end -end - -def gnome_app_menu_click_helper(click_me, verify_me = nil) - try_for(30) do - @screen.hide_cursor - # The sensitivity for submenus to open by just hovering past them - # is extremely high, and may result in the wrong one - # opening. Hence we better avoid hovering over undesired submenus - # entirely by "approaching" the menu strictly horizontally. - r = @screen.wait(click_me, 10) - @screen.hover_point(@screen.w, r.getY) - @screen.click(r) - @screen.wait(verify_me, 10) if verify_me - return - end -end - -Given /^I start "([^"]+)" via the GNOME "([^"]+)" applications menu$/ do |app, submenu| - menu_button = "GnomeApplicationsMenu.png" - sub_menu_entry = "GnomeApplications" + submenu + ".png" - application_entry = "GnomeApplications" + app + ".png" - try_for(120) do - begin - gnome_app_menu_click_helper(menu_button, sub_menu_entry) - gnome_app_menu_click_helper(sub_menu_entry, application_entry) - gnome_app_menu_click_helper(application_entry) - rescue Exception => e - # Close menu, if still open - @screen.type(Sikuli::Key.ESC) - raise e - end - true - end -end - -Given /^I start "([^"]+)" via the GNOME "([^"]+)"\/"([^"]+)" applications menu$/ do |app, submenu, subsubmenu| - menu_button = "GnomeApplicationsMenu.png" - sub_menu_entry = "GnomeApplications" + submenu + ".png" - sub_sub_menu_entry = "GnomeApplications" + subsubmenu + ".png" - application_entry = "GnomeApplications" + app + ".png" - try_for(120) do - begin - gnome_app_menu_click_helper(menu_button, sub_menu_entry) - gnome_app_menu_click_helper(sub_menu_entry, sub_sub_menu_entry) - gnome_app_menu_click_helper(sub_sub_menu_entry, application_entry) - gnome_app_menu_click_helper(application_entry) - rescue Exception => e - # Close menu, if still open - @screen.type(Sikuli::Key.ESC) - raise e - end - true - end -end - -When /^I type "([^"]+)"$/ do |string| - @screen.type(string) -end - -When /^I press the "([^"]+)" key$/ do |key| - begin - @screen.type(eval("Sikuli::Key.#{key}")) - rescue RuntimeError - raise "unsupported key #{key}" - end -end - -Then /^the (amnesiac|persistent) Tor Browser directory (exists|does not exist)$/ do |persistent_or_not, mode| - case persistent_or_not - when "amnesiac" - dir = "/home/#{LIVE_USER}/Tor Browser" - when "persistent" - dir = "/home/#{LIVE_USER}/Persistent/Tor Browser" - end - step "the directory \"#{dir}\" #{mode}" -end - -Then /^there is a GNOME bookmark for the (amnesiac|persistent) Tor Browser directory$/ do |persistent_or_not| - case persistent_or_not - when "amnesiac" - bookmark_image = 'TorBrowserAmnesicFilesBookmark.png' - when "persistent" - bookmark_image = 'TorBrowserPersistentFilesBookmark.png' - end - @screen.wait_and_click('GnomePlaces.png', 10) - @screen.wait(bookmark_image, 40) - @screen.type(Sikuli::Key.ESC) -end - -Then /^there is no GNOME bookmark for the persistent Tor Browser directory$/ do - try_for(65) do - @screen.wait_and_click('GnomePlaces.png', 10) - @screen.wait("GnomePlacesWithoutTorBrowserPersistent.png", 10) - @screen.type(Sikuli::Key.ESC) - end -end - -def pulseaudio_sink_inputs - pa_info = $vm.execute_successfully('pacmd info', :user => LIVE_USER).stdout - sink_inputs_line = pa_info.match(/^\d+ sink input\(s\) available\.$/)[0] - return sink_inputs_line.match(/^\d+/)[0].to_i -end - -When /^(no|\d+) application(?:s?) (?:is|are) playing audio(?:| after (\d+) seconds)$/ do |nb, wait_time| - nb = 0 if nb == "no" - sleep wait_time.to_i if ! wait_time.nil? - assert_equal(nb.to_i, pulseaudio_sink_inputs) -end - -When /^I double-click on the "Tails documentation" link on the Desktop$/ do - @screen.wait_and_double_click("DesktopTailsDocumentationIcon.png", 10) -end - -When /^I click the blocked video icon$/ do - @screen.wait_and_click("TorBrowserBlockedVideo.png", 30) -end - -When /^I accept to temporarily allow playing this video$/ do - @screen.wait_and_click("TorBrowserOkButton.png", 10) -end - -When /^I click the HTML5 play button$/ do - @screen.wait_and_click("TorBrowserHtml5PlayButton.png", 30) -end - -When /^I (can|cannot) save the current page as "([^"]+[.]html)" to the (.*) directory$/ do |should_work, output_file, output_dir| - should_work = should_work == 'can' ? true : false - @screen.type("s", Sikuli::KeyModifier.CTRL) - @screen.wait("TorBrowserSaveDialog.png", 10) - if output_dir == "persistent Tor Browser" - output_dir = "/home/#{LIVE_USER}/Persistent/Tor Browser" - @screen.wait_and_click("GtkTorBrowserPersistentBookmark.png", 10) - @screen.wait("GtkTorBrowserPersistentBookmarkSelected.png", 10) - # The output filename (without its extension) is already selected, - # let's use the keyboard shortcut to focus its field - @screen.type("n", Sikuli::KeyModifier.ALT) - @screen.wait("TorBrowserSaveOutputFileSelected.png", 10) - elsif output_dir == "default downloads" - output_dir = "/home/#{LIVE_USER}/Tor Browser" - else - @screen.type(output_dir + '/') - end - # Only the part of the filename before the .html extension can be easily replaced - # so we have to remove it before typing it into the arget filename entry widget. - @screen.type(output_file.sub(/[.]html$/, '')) - @screen.type(Sikuli::Key.ENTER) - if should_work - try_for(10, :msg => "The page was not saved to #{output_dir}/#{output_file}") { - $vm.file_exist?("#{output_dir}/#{output_file}") - } - else - @screen.wait("TorBrowserCannotSavePage.png", 10) - end -end - -When /^I can print the current page as "([^"]+[.]pdf)" to the (default downloads|persistent Tor Browser) directory$/ do |output_file, output_dir| - if output_dir == "persistent Tor Browser" - output_dir = "/home/#{LIVE_USER}/Persistent/Tor Browser" - else - output_dir = "/home/#{LIVE_USER}/Tor Browser" - end - @screen.type("p", Sikuli::KeyModifier.CTRL) - @screen.wait("TorBrowserPrintDialog.png", 20) - @screen.wait_and_click("BrowserPrintToFile.png", 10) - @screen.wait_and_double_click("TorBrowserPrintOutputFile.png", 10) - @screen.hide_cursor - @screen.wait("TorBrowserPrintOutputFileSelected.png", 10) - # Only the file's basename is selected by double-clicking, - # so we type only the desired file's basename to replace it - @screen.type(output_dir + '/' + output_file.sub(/[.]pdf$/, '') + Sikuli::Key.ENTER) - try_for(30, :msg => "The page was not printed to #{output_dir}/#{output_file}") { - $vm.file_exist?("#{output_dir}/#{output_file}") - } -end - -Given /^a web server is running on the LAN$/ do - web_server_ip_addr = $vmnet.bridge_ip_addr - web_server_port = 8000 - @web_server_url = "http://#{web_server_ip_addr}:#{web_server_port}" - web_server_hello_msg = "Welcome to the LAN web server!" - - # I've tested ruby Thread:s, fork(), etc. but nothing works due to - # various strange limitations in the ruby interpreter. For instance, - # apparently concurrent IO has serious limits in the thread - # scheduler (e.g. sikuli's wait() would block WEBrick from reading - # from its socket), and fork():ing results in a lot of complex - # cucumber stuff (like our hooks!) ending up in the child process, - # breaking stuff in the parent process. After asking some supposed - # ruby pros, I've settled on the following. - code = <<-EOF - require "webrick" - STDOUT.reopen("/dev/null", "w") - STDERR.reopen("/dev/null", "w") - server = WEBrick::HTTPServer.new(:BindAddress => "#{web_server_ip_addr}", - :Port => #{web_server_port}, - :DocumentRoot => "/dev/null") - server.mount_proc("/") do |req, res| - res.body = "#{web_server_hello_msg}" - end - server.start -EOF - proc = IO.popen(['ruby', '-e', code]) - try_for(10, :msg => "It seems the LAN web server failed to start") do - Process.kill(0, proc.pid) == 1 - end - - add_after_scenario_hook { Process.kill("TERM", proc.pid) } - - # It seems necessary to actually check that the LAN server is - # serving, possibly because it isn't doing so reliably when setting - # up. If e.g. the Unsafe Browser (which *should* be able to access - # the web server) tries to access it too early, Firefox seems to - # take some random amount of time to retry fetching. Curl gives a - # more consistent result, so let's rely on that instead. Note that - # this forces us to capture traffic *after* this step in case - # accessing this server matters, like when testing the Tor Browser.. - try_for(30, :msg => "Something is wrong with the LAN web server") do - msg = $vm.execute_successfully("curl #{@web_server_url}", - :user => LIVE_USER).stdout.chomp - web_server_hello_msg == msg - end -end - -When /^I open a page on the LAN web server in the (.*)$/ do |browser| - step "I open the address \"#{@web_server_url}\" in the #{browser}" -end - -Given /^I wait (?:between (\d+) and )?(\d+) seconds$/ do |min, max| - if min - time = rand(max.to_i - min.to_i + 1) + min.to_i - else - time = max.to_i - end - puts "Slept for #{time} seconds" - sleep(time) -end - -Given /^I (?:re)?start monitoring the AppArmor log of "([^"]+)"$/ do |profile| - # AppArmor log entries may be dropped if printk rate limiting is - # enabled. - $vm.execute_successfully('sysctl -w kernel.printk_ratelimit=0') - # We will only care about entries for this profile from this time - # and on. - guest_time = $vm.execute_successfully( - 'date +"%Y-%m-%d %H:%M:%S"').stdout.chomp - @apparmor_profile_monitoring_start ||= Hash.new - @apparmor_profile_monitoring_start[profile] = guest_time -end - -When /^AppArmor has (not )?denied "([^"]+)" from opening "([^"]+)"(?: after at most (\d+) seconds)?$/ do |anti_test, profile, file, time| - assert(@apparmor_profile_monitoring_start && - @apparmor_profile_monitoring_start[profile], - "It seems the profile '#{profile}' isn't being monitored by the " + - "'I monitor the AppArmor log of ...' step") - audit_line_regex = 'apparmor="DENIED" operation="open" profile="%s" name="%s"' % [profile, file] - block = Proc.new do - audit_log = $vm.execute( - "journalctl --full --no-pager " + - "--since='#{@apparmor_profile_monitoring_start[profile]}' " + - "SYSLOG_IDENTIFIER=kernel | grep -w '#{audit_line_regex}'" - ).stdout.chomp - assert(audit_log.empty? == (anti_test ? true : false)) - true - end - begin - if time - try_for(time.to_i) { block.call } - else - block.call - end - rescue Timeout::Error, Test::Unit::AssertionFailedError => e - raise e, "AppArmor has #{anti_test ? "" : "not "}denied the operation" - end -end - -Then /^I force Tor to use a new circuit$/ do - debug_log("Forcing new Tor circuit...") - $vm.execute_successfully('tor_control_send "signal NEWNYM"', :libs => 'tor') -end - -When /^I eject the boot medium$/ do - dev = boot_device - dev_type = device_info(dev)['ID_TYPE'] - case dev_type - when 'cd' - $vm.remove_cdrom - when 'disk' - boot_disk_name = $vm.disk_name(dev) - $vm.unplug_drive(boot_disk_name) - else - raise "Unsupported medium type '#{dev_type}' for boot device '#{dev}'" - end -end diff --git a/features/step_definitions/dhcp.rb b/features/step_definitions/dhcp.rb deleted file mode 100644 index ef4d9e15..00000000 --- a/features/step_definitions/dhcp.rb +++ /dev/null @@ -1,19 +0,0 @@ -Then /^the hostname should not have been leaked on the network$/ do - hostname = $vm.execute("hostname").stdout.chomp - packets = PacketFu::PcapFile.new.file_to_array(:filename => @sniffer.pcap_file) - packets.each do |p| - # if PacketFu::TCPPacket.can_parse?(p) - # ipv4_tcp_packets << PacketFu::TCPPacket.parse(p) - if PacketFu::IPPacket.can_parse?(p) - payload = PacketFu::IPPacket.parse(p).payload - elsif PacketFu::IPv6Packet.can_parse?(p) - payload = PacketFu::IPv6Packet.parse(p).payload - else - @sniffer.save_pcap_file - raise "Found something in the pcap file that either is non-IP, or cannot be parsed" - end - if payload.match(hostname) - raise "Hostname leak detected" - end - end -end diff --git a/features/step_definitions/electrum.rb b/features/step_definitions/electrum.rb deleted file mode 100644 index 447983d4..00000000 --- a/features/step_definitions/electrum.rb +++ /dev/null @@ -1,52 +0,0 @@ -Then /^I start Electrum through the GNOME menu$/ do - step "I start \"Electrum\" via the GNOME \"Internet\" applications menu" -end - -When /^a bitcoin wallet is (|not )present$/ do |existing| - wallet = "/home/#{LIVE_USER}/.electrum/wallets/default_wallet" - case existing - when "" - step "the file \"#{wallet}\" exists after at most 10 seconds" - when "not " - step "the file \"#{wallet}\" does not exist" - else - raise "Unknown value specified for #{existing}" - end -end - -When /^I create a new bitcoin wallet$/ do - @screen.wait("ElectrumNoWallet.png", 10) - @screen.wait_and_click("ElectrumNextButton.png", 10) - @screen.wait("ElectrumWalletGenerationSeed.png", 15) - @screen.wait_and_click("ElectrumWalletSeedTextbox.png", 15) - @screen.type('a', Sikuli::KeyModifier.CTRL) # select wallet seed - @screen.type('c', Sikuli::KeyModifier.CTRL) # copy seed to clipboard - seed = $vm.get_clipboard - @screen.wait_and_click("ElectrumNextButton.png", 15) - @screen.wait("ElectrumWalletSeedTextbox.png", 15) - @screen.type(seed) # Confirm seed - @screen.wait_and_click("ElectrumNextButton.png", 10) - @screen.wait_and_click("ElectrumEncryptWallet.png", 10) - @screen.type("asdf" + Sikuli::Key.TAB) # set password - @screen.type("asdf" + Sikuli::Key.TAB) # confirm password - @screen.type(Sikuli::Key.ENTER) - @screen.wait("ElectrumConnectServer.png", 20) - @screen.wait_and_click("ElectrumNextButton.png", 10) - @screen.wait("ElectrumPreferencesButton.png", 30) -end - -Then /^I see a warning that Electrum is not persistent$/ do - @screen.wait('GnomeQuestionDialogIcon.png', 30) -end - -Then /^I am prompted to create a new wallet$/ do - @screen.wait('ElectrumNoWallet.png', 60) -end - -Then /^I see the main Electrum client window$/ do - @screen.wait('ElectrumPreferencesButton.png', 20) -end - -Then /^Electrum successfully connects to the network$/ do - @screen.wait('ElectrumStatus.png', 180) -end diff --git a/features/step_definitions/encryption.rb b/features/step_definitions/encryption.rb deleted file mode 100644 index 9f7f1b96..00000000 --- a/features/step_definitions/encryption.rb +++ /dev/null @@ -1,133 +0,0 @@ -def seahorse_menu_click_helper(main, sub, verify = nil) - try_for(60) do - step "process \"#{verify}\" is running" if verify - @screen.hide_cursor - @screen.wait_and_click(main, 10) - @screen.wait_and_click(sub, 10) - return - end -end - -Given /^I generate an OpenPGP key named "([^"]+)" with password "([^"]+)"$/ do |name, pwd| - @passphrase = pwd - @key_name = name - gpg_key_recipie = <> /tmp/gpg_key_recipie", :user => LIVE_USER) - end - c = $vm.execute("gpg --batch --gen-key < /tmp/gpg_key_recipie", - :user => LIVE_USER) - assert(c.success?, "Failed to generate OpenPGP key:\n#{c.stderr}") -end - -When /^I type a message into gedit$/ do - step 'I start "Gedit" via the GNOME "Accessories" applications menu' - @screen.wait_and_click("GeditWindow.png", 20) - # We don't have a good visual indicator for when we can continue. Without the - # sleep we may start typing in the gedit window far too soon, causing - # keystrokes to go missing. - sleep 5 - @screen.type("ATTACK AT DAWN") -end - -def maybe_deal_with_pinentry - begin - @screen.wait_and_click("PinEntryPrompt.png", 10) - # Without this sleep here (and reliable visual indicators) we can sometimes - # miss keystrokes by typing too soon. This sleep prevents this problem from - # coming up. - sleep 5 - @screen.type(@passphrase + Sikuli::Key.ENTER) - rescue FindFailed - # The passphrase was cached or we wasn't prompted at all (e.g. when - # only encrypting to a public key) - end -end - -def gedit_copy_all_text - context_menu_helper('GeditWindow.png', 'GeditStatusBar.png', 'GeditSelectAll.png') - context_menu_helper('GeditWindow.png', 'GeditStatusBar.png', 'GeditCopy.png') -end - -def paste_into_a_new_tab - @screen.wait_and_click("GeditNewTab.png", 20) - context_menu_helper('GeditWindow.png', 'GeditStatusBar.png', 'GeditPaste.png') -end - -def encrypt_sign_helper - gedit_copy_all_text - seahorse_menu_click_helper('GpgAppletIconNormal.png', 'GpgAppletSignEncrypt.png') - @screen.wait_and_click("GpgAppletChooseKeyWindow.png", 30) - # We don't have a good visual indicator for when we can continue without - # keystrokes being lost. - sleep 5 - yield - maybe_deal_with_pinentry - paste_into_a_new_tab -end - -def decrypt_verify_helper(icon) - gedit_copy_all_text - seahorse_menu_click_helper(icon, 'GpgAppletDecryptVerify.png') - maybe_deal_with_pinentry - @screen.wait("GpgAppletResults.png", 20) - @screen.wait("GpgAppletResultsMsg.png", 20) -end - -When /^I encrypt the message using my OpenPGP key$/ do - encrypt_sign_helper do - @screen.type(@key_name + Sikuli::Key.ENTER + Sikuli::Key.ENTER) - end -end - -Then /^I can decrypt the encrypted message$/ do - decrypt_verify_helper("GpgAppletIconEncrypted.png") - @screen.wait("GpgAppletResultsEncrypted.png", 20) -end - -When /^I sign the message using my OpenPGP key$/ do - encrypt_sign_helper do - @screen.type(Sikuli::Key.TAB + Sikuli::Key.DOWN + Sikuli::Key.ENTER) - end -end - -Then /^I can verify the message's signature$/ do - decrypt_verify_helper("GpgAppletIconSigned.png") - @screen.wait("GpgAppletResultsSigned.png", 20) -end - -When /^I both encrypt and sign the message using my OpenPGP key$/ do - encrypt_sign_helper do - @screen.wait_and_click('GpgAppletEncryptionKey.png', 20) - @screen.type(Sikuli::Key.SPACE) - @screen.wait('GpgAppletKeySelected.png', 10) - @screen.type(Sikuli::Key.TAB + Sikuli::Key.DOWN + Sikuli::Key.ENTER) - @screen.type(Sikuli::Key.ENTER) - end -end - -Then /^I can decrypt and verify the encrypted message$/ do - decrypt_verify_helper("GpgAppletIconEncrypted.png") - @screen.wait("GpgAppletResultsEncrypted.png", 20) - @screen.wait("GpgAppletResultsSigned.png", 20) -end - -When /^I symmetrically encrypt the message with password "([^"]+)"$/ do |pwd| - @passphrase = pwd - gedit_copy_all_text - seahorse_menu_click_helper('GpgAppletIconNormal.png', 'GpgAppletEncryptPassphrase.png') - maybe_deal_with_pinentry # enter password - maybe_deal_with_pinentry # confirm password - paste_into_a_new_tab -end diff --git a/features/step_definitions/evince.rb b/features/step_definitions/evince.rb deleted file mode 100644 index 9411ac4d..00000000 --- a/features/step_definitions/evince.rb +++ /dev/null @@ -1,25 +0,0 @@ -When /^I(?:| try to) open "([^"]+)" with Evince$/ do |filename| - step "I run \"evince #{filename}\" in GNOME Terminal" -end - -Then /^I can print the current document to "([^"]+)"$/ do |output_file| - @screen.type("p", Sikuli::KeyModifier.CTRL) - @screen.wait("EvincePrintDialog.png", 10) - @screen.wait_and_click("EvincePrintToFile.png", 10) - @screen.wait_and_click("EvincePrintOutputFileButton.png", 10) - @screen.wait("EvincePrintFileDialog.png", 10) - # Only the file's basename is selected by double-clicking, - # so we type only the desired file's basename to replace it - $vm.set_clipboard(output_file.sub(/[.]pdf$/, '')) - @screen.type('v', Sikuli::KeyModifier.CTRL) - @screen.type(Sikuli::Key.ENTER) - @screen.wait_and_click("EvincePrintButton.png", 10) - try_for(10, :msg => "The document was not printed to #{output_file}") { - $vm.file_exist?(output_file) - } -end - -When /^I close Evince$/ do - @screen.type("w", Sikuli::KeyModifier.CTRL) - step 'process "evince" has stopped running after at most 20 seconds' -end diff --git a/features/step_definitions/firewall_leaks.rb b/features/step_definitions/firewall_leaks.rb deleted file mode 100644 index 942d00b8..00000000 --- a/features/step_definitions/firewall_leaks.rb +++ /dev/null @@ -1,56 +0,0 @@ -Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type| - leaks = FirewallLeakCheck.new(@sniffer.pcap_file, - :accepted_hosts => get_all_tor_nodes) - case type.downcase - when 'ipv4 tcp' - if leaks.ipv4_tcp_leaks.empty? - leaks.save_pcap_file - raise "Couldn't detect any IPv4 TCP leaks" - end - when 'ipv4 non-tcp' - if leaks.ipv4_nontcp_leaks.empty? - leaks.save_pcap_file - raise "Couldn't detect any IPv4 non-TCP leaks" - end - when 'ipv6' - if leaks.ipv6_leaks.empty? - leaks.save_pcap_file - raise "Couldn't detect any IPv6 leaks" - end - when 'non-ip' - if leaks.nonip_leaks.empty? - leaks.save_pcap_file - raise "Couldn't detect any non-IP leaks" - end - else - raise "Incorrect packet type '#{type}'" - end -end - -Given(/^I disable Tails' firewall$/) do - $vm.execute("/usr/local/lib/do_not_ever_run_me") - iptables = $vm.execute("iptables -L -n -v").stdout.chomp.split("\n") - for line in iptables do - if !line[/Chain (INPUT|OUTPUT|FORWARD) \(policy ACCEPT/] and - !line[/pkts[[:blank:]]+bytes[[:blank:]]+target/] and - !line.empty? - raise "The Tails firewall was not successfully disabled:\n#{iptables}" - end - end -end - -When(/^I do a TCP DNS lookup of "(.*?)"$/) do |host| - lookup = $vm.execute("host -T #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) - assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") -end - -When(/^I do a UDP DNS lookup of "(.*?)"$/) do |host| - lookup = $vm.execute("host #{host} #{SOME_DNS_SERVER}", :user => LIVE_USER) - assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}") -end - -When(/^I send some ICMP pings$/) do - # We ping an IP address to avoid a DNS lookup - ping = $vm.execute("ping -c 5 #{SOME_DNS_SERVER}") - assert(ping.success?, "Failed to ping #{SOME_DNS_SERVER}:\n#{ping.stderr}") -end diff --git a/features/step_definitions/git.rb b/features/step_definitions/git.rb deleted file mode 100644 index bf6f869d..00000000 --- a/features/step_definitions/git.rb +++ /dev/null @@ -1,6 +0,0 @@ -Then /^the Git repository "([\S]+)" has been cloned successfully$/ do |repo| - assert($vm.directory_exist?("/home/#{LIVE_USER}/#{repo}/.git")) - assert($vm.file_exist?("/home/#{LIVE_USER}/#{repo}/.git/config")) - $vm.execute_successfully("cd '/home/#{LIVE_USER}/#{repo}/' && git status", - :user => LIVE_USER) -end diff --git a/features/step_definitions/icedove.rb b/features/step_definitions/icedove.rb deleted file mode 100644 index d3672895..00000000 --- a/features/step_definitions/icedove.rb +++ /dev/null @@ -1,94 +0,0 @@ -Then /^Icedove has started$/ do - step 'process "icedove" is running within 30 seconds' - @screen.wait('IcedoveMainWindow.png', 60) -end - -When /^I have not configured an email account$/ do - icedove_prefs = $vm.file_content("/home/#{LIVE_USER}/.icedove/profile.default/prefs.js").chomp - assert(!icedove_prefs.include?('mail.accountmanager.accounts')) -end - -Then /^I am prompted to setup an email account$/ do - $vm.focus_window('Mail Account Setup') - @screen.wait('IcedoveMailAccountSetup.png', 30) -end - -Then /^IMAP is the default protocol$/ do - $vm.focus_window('Mail Account Setup') - @screen.wait('IcedoveProtocolIMAP.png', 10) -end - -Then /^I cancel setting up an email account$/ do - $vm.focus_window('Mail Account Setup') - @screen.type(Sikuli::Key.ESC) - @screen.waitVanish('IcedoveMailAccountSetup.png', 10) -end - -Then /^I open Icedove's Add-ons Manager$/ do - $vm.focus_window('Icedove') - @screen.wait_and_click('MozillaMenuButton.png', 10) - @screen.wait_and_click('IcedoveToolsMenuAddOns.png', 10) - @screen.wait('MozillaAddonsManagerExtensions.png', 30) -end - -Then /^I click the extensions tab$/ do - @screen.wait_and_click('MozillaAddonsManagerExtensions.png', 10) -end - -Then /^I see that Adblock is not installed in Icedove$/ do - if @screen.exists('MozillaExtensionsAdblockPlus.png') - raise 'Adblock should not be enabled within Icedove' - end -end - -When /^I go into Enigmail's preferences$/ do - $vm.focus_window('Icedove') - @screen.type("a", Sikuli::KeyModifier.ALT) - @screen.wait_and_click('IcedoveEnigmailPreferences.png', 10) - @screen.wait('IcedoveEnigmailPreferencesWindow.png', 10) - @screen.click('IcedoveEnigmailExpertSettingsButton.png') - @screen.wait('IcedoveEnigmailKeyserverTab.png', 10) -end - -When /^I click Enigmail's keyserver tab$/ do - @screen.wait_and_click('IcedoveEnigmailKeyserverTab.png', 10) -end - -Then /^I see that Enigmail is configured to use the correct keyserver$/ do - @screen.wait('IcedoveEnigmailKeyserver.png', 10) -end - -Then /^I click Enigmail's advanced tab$/ do - @screen.wait_and_click('IcedoveEnigmailAdvancedTab.png', 10) -end - -Then /^I see that Enigmail is configured to use the correct SOCKS proxy$/ do - @screen.click('IcedoveEnigmailAdvancedParameters.png') - @screen.type(Sikuli::Key.END) - @screen.wait('IcedoveEnigmailProxy.png', 10) -end - -Then /^I see that Torbirdy is configured to use Tor$/ do - @screen.wait('IcedoveTorbirdyEnabled.png', 10) -end - -When /^I open Torbirdy's preferences$/ do - step "I open Icedove's Add-ons Manager" - step 'I click the extensions tab' - @screen.wait_and_click('MozillaExtensionsTorbirdy.png', 10) - @screen.type(Sikuli::Key.TAB) # Select 'More' link - @screen.type(Sikuli::Key.TAB) # Select 'Preferences' button - @screen.type(Sikuli::Key.SPACE) # Press 'Preferences' button - @screen.wait('GnomeQuestionDialogIcon.png', 10) - @screen.type(Sikuli::Key.ENTER) -end - -When /^I test Torbirdy's proxy settings$/ do - @screen.wait('IcedoveTorbirdyPreferencesWindow.png', 10) - @screen.click('IcedoveTorbirdyTestProxySettingsButton.png') - @screen.wait('IcedoveTorbirdyCongratulationsTab.png', 180) -end - -Then /^Torbirdy's proxy test is successful$/ do - @screen.wait('IcedoveTorbirdyCongratulationsTab.png', 180) -end diff --git a/features/step_definitions/mac_spoofing.rb b/features/step_definitions/mac_spoofing.rb deleted file mode 100644 index a4aa8714..00000000 --- a/features/step_definitions/mac_spoofing.rb +++ /dev/null @@ -1,108 +0,0 @@ -def all_ethernet_nics - $vm.execute_successfully( - "get_all_ethernet_nics", :libs => 'hardware' - ).stdout.split -end - -When /^I disable MAC spoofing in Tails Greeter$/ do - @screen.wait_and_click("TailsGreeterMACSpoofing.png", 30) -end - -Then /^the network device has (its default|a spoofed) MAC address configured$/ do |mode| - is_spoofed = (mode == "a spoofed") - nic = "eth0" - assert_equal([nic], all_ethernet_nics, - "We only expected NIC #{nic} but these are present: " + - all_ethernet_nics.join(", ")) - nic_real_mac = $vm.real_mac - nic_current_mac = $vm.execute_successfully( - "get_current_mac_of_nic #{nic}", :libs => 'hardware' - ).stdout.chomp - if is_spoofed - if nic_real_mac == nic_current_mac - save_pcap_file - raise "The MAC address was expected to be spoofed but wasn't" - end - else - if nic_real_mac != nic_current_mac - save_pcap_file - raise "The MAC address is spoofed but was expected to not be" - end - end -end - -Then /^the real MAC address was (not )?leaked$/ do |mode| - is_leaking = mode.nil? - leaks = FirewallLeakCheck.new(@sniffer.pcap_file) - mac_leaks = leaks.mac_leaks - if is_leaking - if !mac_leaks.include?($vm.real_mac) - save_pcap_file - raise "The real MAC address was expected to leak but didn't. We " + - "observed the following MAC addresses: #{mac_leaks}" - end - else - if mac_leaks.include?($vm.real_mac) - save_pcap_file - raise "The real MAC address was leaked but was expected not to. We " + - "observed the following MAC addresses: #{mac_leaks}" - end - end -end - -Given /^macchanger will fail by not spoofing and always returns ([\S]+)$/ do |mode| - $vm.execute_successfully("mv /usr/bin/macchanger /usr/bin/macchanger.orig") - $vm.execute_successfully("ln -s /bin/#{mode} /usr/bin/macchanger") -end - -Given /^no network interface modules can be unloaded$/ do - # Note that the real /sbin/modprobe is a symlink to /bin/kmod, and - # for it to run in modprobe compatibility mode the name must be - # exactly "modprobe", so we just move it somewhere our of the path - # instead of renaming it ".real" or whatever we usuablly do when - # diverting executables for wrappers. - modprobe_divert = "/usr/local/lib/modprobe" - $vm.execute_successfully( - "dpkg-divert --add --rename --divert '#{modprobe_divert}' /sbin/modprobe" - ) - fake_modprobe_wrapper = < 0 in Ruby. - expected_nr_nics = expected_nr_nics.to_i - nr_nics = all_ethernet_nics.size - assert_equal(expected_nr_nics, nr_nics) -end - -Then /^the MAC spoofing panic mode disabled networking$/ do - nm_state = $vm.execute_successfully('systemctl show NetworkManager').stdout - nm_is_disabled = $vm.pidof('NetworkManager').empty? && - nm_state[/^LoadState=masked$/] && - nm_state[/^ActiveState=inactive$/] - assert(nm_is_disabled, "NetworkManager was not disabled") - all_ethernet_nics.each do |nic| - ["nic_ipv4_addr", "nic_ipv6_addr"].each do |function| - addr = $vm.execute_successfully( - "#{function} #{nic}", :libs => 'hardware' - ).stdout.chomp - assert_equal("", addr, "NIC #{nic} was assigned address #{addr}") - end - end -end diff --git a/features/step_definitions/pidgin.rb b/features/step_definitions/pidgin.rb deleted file mode 100644 index 3f5ed931..00000000 --- a/features/step_definitions/pidgin.rb +++ /dev/null @@ -1,467 +0,0 @@ -# Extracts the secrets for the XMMP account `account_name`. -def xmpp_account(account_name, required_options = []) - begin - account = $config["Pidgin"]["Accounts"]["XMPP"][account_name] - check_keys = ["username", "domain", "password"] + required_options - for key in check_keys do - assert(account.has_key?(key)) - assert_not_nil(account[key]) - assert(!account[key].empty?) - end - rescue NoMethodError, Test::Unit::AssertionFailedError - raise( -< LIVE_USER).stdout.chomp - @chat_room_jid = chat_room + "@" + conference_server - - @screen.click("PidginJoinChatButton.png") - # The following will both make sure that the we joined the chat, and - # that it is empty. We'll also deal with the *potential* "Create New - # Room" prompt that Pidgin shows for some server configurations. - images = ["PidginCreateNewRoomPrompt.png", - "PidginChat1UserInRoom.png"] - image_found, _ = @screen.waitAny(images, 30) - if image_found == "PidginCreateNewRoomPrompt.png" - @screen.click("PidginCreateNewRoomAcceptDefaultsButton.png") - end - $vm.focus_window(@chat_room_jid) - @screen.wait("PidginChat1UserInRoom.png", 10) -end - -# Since some servers save the scrollback, and sends it when joining, -# it's safer to clear it so we do not get false positives from old -# messages when looking for a particular response, or similar. -When /^I clear the multi-user chat's scrollback$/ do - $vm.focus_window(@chat_room_jid) - @screen.click("PidginConversationMenu.png") - @screen.wait_and_click("PidginConversationMenuClearScrollback.png", 10) -end - -Then /^I can see that my friend joined the multi-user chat$/ do - $vm.focus_window(@chat_room_jid) - @screen.wait("PidginChat2UsersInRoom.png", 60) -end - -def configured_pidgin_accounts - accounts = Hash.new - xml = REXML::Document.new($vm.file_content('$HOME/.purple/accounts.xml', - LIVE_USER)) - xml.elements.each("account/account") do |e| - account = e.elements["name"].text - account_name, network = account.split("@") - protocol = e.elements["protocol"].text - port = e.elements["settings/setting[@name='port']"].text - nickname = e.elements["settings/setting[@name='username']"].text - real_name = e.elements["settings/setting[@name='realname']"].text - accounts[network] = { - 'name' => account_name, - 'network' => network, - 'protocol' => protocol, - 'port' => port, - 'nickname' => nickname, - 'real_name' => real_name, - } - end - - return accounts -end - -def chan_image (account, channel, image) - images = { - 'irc.oftc.net' => { - '#tails' => { - 'roster' => 'PidginTailsChannelEntry', - 'conversation_tab' => 'PidginTailsConversationTab', - 'welcome' => 'PidginTailsChannelWelcome', - } - }, - 'I2P' => { - '#i2p' => { - 'roster' => 'PidginI2PChannelEntry', - 'conversation_tab' => 'PidginI2PConversationTab', - 'welcome' => 'PidginI2PChannelWelcome', - } - } - } - return images[account][channel][image] + ".png" -end - -def default_chan (account) - chans = { - 'irc.oftc.net' => '#tails', - 'I2P' => '#i2p', - } - return chans[account] -end - -def pidgin_otr_keys - return $vm.file_content('$HOME/.purple/otr.private_key', LIVE_USER) -end - -Given /^Pidgin has the expected accounts configured with random nicknames$/ do - expected = [ - ["irc.oftc.net", "prpl-irc", "6697"], - ["127.0.0.1", "prpl-irc", "6668"], - ] - configured_pidgin_accounts.values.each() do |account| - assert(account['nickname'] != "XXX_NICK_XXX", "Nickname was no randomised") - assert_equal(account['nickname'], account['real_name'], - "Nickname and real name are not identical: " + - account['nickname'] + " vs. " + account['real_name']) - assert_equal(account['name'], account['nickname'], - "Account name and nickname are not identical: " + - account['name'] + " vs. " + account['nickname']) - candidate = [account['network'], account['protocol'], account['port']] - assert(expected.include?(candidate), "Unexpected account: #{candidate}") - expected.delete(candidate) - end - assert(expected.empty?, "These Pidgin accounts are not configured: " + - "#{expected}") -end - -When /^I start Pidgin through the GNOME menu$/ do - step 'I start "Pidgin" via the GNOME "Internet" applications menu' -end - -When /^I open Pidgin's account manager window$/ do - @screen.wait_and_click('PidginMenuAccounts.png', 20) - @screen.wait_and_click('PidginMenuManageAccounts.png', 20) - step "I see Pidgin's account manager window" -end - -When /^I see Pidgin's account manager window$/ do - @screen.wait("PidginAccountWindow.png", 40) -end - -When /^I close Pidgin's account manager window$/ do - @screen.wait_and_click("PidginAccountManagerCloseButton.png", 10) -end - -When /^I (de)?activate the "([^"]+)" Pidgin account$/ do |deactivate, account| - @screen.click("PidginAccount_#{account}.png") - @screen.type(Sikuli::Key.LEFT + Sikuli::Key.SPACE) - if deactivate - @screen.waitVanish('PidginAccountEnabledCheckbox.png', 5) - else - # wait for the Pidgin to be connecting, otherwise sometimes the step - # that closes the account management dialog happens before the account - # is actually enabled - @screen.waitAny(['PidginConnecting.png', 'PidginAvailableStatus.png'], 5) - end -end - -def deactivate_and_activate_pidgin_account(account) - debug_log("Deactivating and reactivating Pidgin account #{account}") - step "I open Pidgin's account manager window" - step "I deactivate the \"#{account}\" Pidgin account" - step "I close Pidgin's account manager window" - step "I open Pidgin's account manager window" - step "I activate the \"#{account}\" Pidgin account" - step "I close Pidgin's account manager window" -end - - - -Then /^Pidgin successfully connects to the "([^"]+)" account$/ do |account| - expected_channel_entry = chan_image(account, default_chan(account), 'roster') - reconnect_button = 'PidginReconnect.png' - recovery_on_failure = Proc.new do - if @screen.exists('PidginReconnect.png') - @screen.click('PidginReconnect.png') - else - deactivate_and_activate_pidgin_account(account) - end - end - retrier_method = account == 'I2P' ? method(:retry_i2p) : method(:retry_tor) - retrier_method.call(recovery_on_failure) do - begin - $vm.focus_window('Buddy List') - rescue ExecutionFailedInVM - # Sometimes focusing the window with xdotool will fail with the - # conversation window right on top of it. We'll try to close the - # conversation window. At worst, the test will still fail... - close_pidgin_conversation_window(account) - end - on_screen, _ = @screen.waitAny([expected_channel_entry, reconnect_button], 60) - unless on_screen == expected_channel_entry - raise "Connecting to account #{account} failed." - end - end -end - -Then /^the "([^"]*)" account only responds to PING and VERSION CTCP requests$/ do |irc_server| - ctcp_cmds = [ - "CLIENTINFO", "DATE", "ERRMSG", "FINGER", "PING", "SOURCE", "TIME", - "USERINFO", "VERSION" - ] - expected_ctcp_replies = { - "PING" => /^\d+$/, - "VERSION" => /^Purple IRC$/ - } - spam_target = configured_pidgin_accounts[irc_server]["nickname"] - ctcp_check = CtcpChecker.new(irc_server, 6667, spam_target, ctcp_cmds, - expected_ctcp_replies) - ctcp_check.verify_ctcp_responses -end - -Then /^I can join the "([^"]+)" channel on "([^"]+)"$/ do |channel, account| - @screen.doubleClick( chan_image(account, channel, 'roster')) - @screen.hide_cursor - focus_pidgin_irc_conversation_window(account) - try_for(60) do - begin - @screen.wait_and_click(chan_image(account, channel, 'conversation_tab'), 5) - rescue FindFailed => e - # If the channel tab can't be found it could be because there were - # multiple connection attempts and the channel tab we want is off the - # screen. We'll try closing tabs until the one we want can be found. - @screen.type("w", Sikuli::KeyModifier.CTRL) - raise e - end - end - @screen.hide_cursor - @screen.wait( chan_image(account, channel, 'welcome'), 10) -end - -Then /^I take note of the configured Pidgin accounts$/ do - @persistent_pidgin_accounts = configured_pidgin_accounts -end - -Then /^I take note of the OTR key for Pidgin's "([^"]+)" account$/ do |account_name| - @persistent_pidgin_otr_keys = pidgin_otr_keys -end - -Then /^Pidgin has the expected persistent accounts configured$/ do - current_accounts = configured_pidgin_accounts - assert(current_accounts <=> @persistent_pidgin_accounts, - "Currently configured Pidgin accounts do not match the persistent ones:\n" + - "Current:\n#{current_accounts}\n" + - "Persistent:\n#{@persistent_pidgin_accounts}" - ) -end - -Then /^Pidgin has the expected persistent OTR keys$/ do - assert_equal(pidgin_otr_keys, @persistent_pidgin_otr_keys) -end - -def pidgin_add_certificate_from (cert_file) - # Here, we need a certificate that is not already in the NSS database - step "I copy \"/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt\" to \"#{cert_file}\" as user \"amnesia\"" - - $vm.focus_window('Buddy List') - @screen.wait_and_click('PidginToolsMenu.png', 10) - @screen.wait_and_click('PidginCertificatesMenuItem.png', 10) - @screen.wait('PidginCertificateManagerDialog.png', 10) - @screen.wait_and_click('PidginCertificateAddButton.png', 10) - begin - @screen.wait_and_click('GtkFileChooserDesktopButton.png', 10) - rescue FindFailed - # The first time we're run, the file chooser opens in the Recent - # view, so we have to browse a directory before we can use the - # "Type file name" button. But on subsequent runs, the file - # chooser is already in the Desktop directory, so we don't need to - # do anything. Hence, this noop exception handler. - end - @screen.wait_and_click('GtkFileTypeFileNameButton.png', 10) - @screen.type("l", Sikuli::KeyModifier.ALT) # "Location" field - @screen.type(cert_file + Sikuli::Key.ENTER) -end - -Then /^I can add a certificate from the "([^"]+)" directory to Pidgin$/ do |cert_dir| - pidgin_add_certificate_from("#{cert_dir}/test.crt") - wait_and_focus('PidginCertificateAddHostnameDialog.png', 10, 'Certificate Import') - @screen.type("XXX test XXX" + Sikuli::Key.ENTER) - wait_and_focus('PidginCertificateTestItem.png', 10, 'Certificate Manager') -end - -Then /^I cannot add a certificate from the "([^"]+)" directory to Pidgin$/ do |cert_dir| - pidgin_add_certificate_from("#{cert_dir}/test.crt") - wait_and_focus('PidginCertificateImportFailed.png', 10, 'Import Error') -end - -When /^I close Pidgin's certificate manager$/ do - wait_and_focus('PidginCertificateManagerDialog.png', 10, 'Certificate Manager') - @screen.type(Sikuli::Key.ESC) - # @screen.wait_and_click('PidginCertificateManagerClose.png', 10) - @screen.waitVanish('PidginCertificateManagerDialog.png', 10) -end - -When /^I close Pidgin's certificate import failure dialog$/ do - @screen.type(Sikuli::Key.ESC) - # @screen.wait_and_click('PidginCertificateManagerClose.png', 10) - @screen.waitVanish('PidginCertificateImportFailed.png', 10) -end - -When /^I see the Tails roadmap URL$/ do - try_for(60) do - begin - @screen.find('PidginTailsRoadmapUrl.png') - rescue FindFailed => e - @screen.type(Sikuli::Key.PAGE_UP) - raise e - end - end -end - -When /^I click on the Tails roadmap URL$/ do - @screen.click('PidginTailsRoadmapUrl.png') -end diff --git a/features/step_definitions/po.rb b/features/step_definitions/po.rb deleted file mode 100644 index c73bacef..00000000 --- a/features/step_definitions/po.rb +++ /dev/null @@ -1,8 +0,0 @@ -Given /^I am in the Git branch being tested$/ do - Dir.chdir(GIT_DIR) -end - -Then /^all the PO files should be correct$/ do - File.exists?('./submodules/jenkins-tools/slaves/check_po') - cmd_helper(['./submodules/jenkins-tools/slaves/check_po']) -end diff --git a/features/step_definitions/root_access_control.rb b/features/step_definitions/root_access_control.rb deleted file mode 100644 index ff1bdfcc..00000000 --- a/features/step_definitions/root_access_control.rb +++ /dev/null @@ -1,42 +0,0 @@ -Then /^I should be able to run administration commands as the live user$/ do - stdout = $vm.execute("echo #{@sudo_password} | sudo -S whoami", - :user => LIVE_USER).stdout - actual_user = stdout.sub(/^\[sudo\] password for #{LIVE_USER}: /, "").chomp - assert_equal("root", actual_user, "Could not use sudo") -end - -Then /^I should not be able to run administration commands as the live user with the "([^"]*)" password$/ do |password| - stderr = $vm.execute("echo #{password} | sudo -S whoami", - :user => LIVE_USER).stderr - sudo_failed = stderr.include?("The administration password is disabled") || stderr.include?("is not allowed to execute") - assert(sudo_failed, "The administration password is not disabled:" + stderr) -end - -When /^running a command as root with pkexec requires PolicyKit administrator privileges$/ do - action = 'org.freedesktop.policykit.exec' - action_details = $vm.execute("pkaction --verbose --action-id #{action}").stdout - assert(action_details[/\s+implicit any:\s+auth_admin$/], - "Expected 'auth_admin' for 'any':\n#{action_details}") - assert(action_details[/\s+implicit inactive:\s+auth_admin$/], - "Expected 'auth_admin' for 'inactive':\n#{action_details}") - assert(action_details[/\s+implicit active:\s+auth_admin$/], - "Expected 'auth_admin' for 'active':\n#{action_details}") -end - -Then /^I should be able to run a command as root with pkexec$/ do - step "I run \"pkexec touch /root/pkexec-test\" in GNOME Terminal" - step 'I enter the sudo password in the pkexec prompt' - try_for(10, :msg => 'The /root/pkexec-test file was not created.') { - $vm.execute('ls /root/pkexec-test').success? - } -end - -Then /^I should not be able to run a command as root with pkexec and the standard passwords$/ do - step "I run \"pkexec touch /root/pkexec-test\" in GNOME Terminal" - ['', 'live', 'amnesia'].each do |password| - step "I enter the \"#{password}\" password in the pkexec prompt" - @screen.wait('PolicyKitAuthFailure.png', 20) - end - @screen.type(Sikuli::Key.ESC) - @screen.wait('PolicyKitAuthCompleteFailure.png', 20) -end diff --git a/features/step_definitions/snapshots.rb b/features/step_definitions/snapshots.rb deleted file mode 100644 index 13e4a5b6..00000000 --- a/features/step_definitions/snapshots.rb +++ /dev/null @@ -1,257 +0,0 @@ -def checkpoints - { - 'boot-d-i-to-tasksel' => { - :description => "I have started Debian Installer and stopped at the Tasksel prompt", - #:parent_checkpoint => 'no-network-logged-in', - :steps => [ - 'I create a 8 GiB disk named "target"', - 'I plug ide drive "target"', - 'I start the computer', - 'the computer boots DebianInstaller', - 'I select British English', - 'I accept the hostname, using "example.com" as the domain', - 'I set the root password to "rootme"', - 'I set the password for "Philip Hands" to be "verysecret"', - 'I select full-disk, single-filesystem partitioning', - 'I note that the Base system is being installed', - 'I accept the default mirror', - 'I ignore Popcon', - 'we reach the Tasksel prompt', - ], - }, - - 'debian-minimal-install' => { - :description => "I have installed Minimal Debian", - :parent_checkpoint => 'boot-d-i-to-tasksel', - :steps => [ - 'I hit ENTER', - 'I install GRUB', - 'I allow reboot after the install is complete', - 'I wait for the reboot', - 'I power off the computer', - 'the computer is set to boot from ide drive "target"', - ], - }, - - 'debian-gnome-install' => { - :description => "I have installed Gnome Desktop Debian", - :parent_checkpoint => 'boot-d-i-to-tasksel', - :steps => [ - 'I select the Desktop task', - 'I install GRUB', - 'I allow reboot after the install is complete', - 'I wait for the reboot', - 'I power off the computer', - 'the computer is set to boot from ide drive "target"', - ], - }, - - 'tails-greeter' => { - :description => "I have started Tails from DVD without network and stopped at Tails Greeter's login screen", - :parent_checkpoint => nil, - :steps => [ - 'the network is unplugged', - 'I start the computer', - 'the computer boots Tails' - ], - }, - - 'no-network-logged-in' => { - :description => "I have started Tails from DVD without network and logged in", - :parent_checkpoint => "tails-greeter", - :steps => [ - 'I log in to a new session', - 'Tails Greeter has dealt with the sudo password', - 'the Tails desktop is ready', - ], - }, - - 'with-no-network-and-i2p' => { - :temporary => true, - :description => 'I have started Tails from DVD with I2P enabled and logged in', - :steps => [ - 'I set Tails to boot with options "i2p"', - 'the network is unplugged', - 'I start the computer', - 'the computer boots Tails', - 'I log in to a new session', - 'the Tails desktop is ready', - ], - }, - - 'with-network-and-i2p' => { - :temporary => true, - :description => 'I have started Tails from DVD with I2P enabled and logged in and the network is connected', - :parent_checkpoint => "with-no-network-and-i2p", - :steps => [ - 'the network is plugged', - 'Tor is ready', - 'I2P is running', - 'all notifications have disappeared', - 'available upgrades have been checked', - "I2P's reseeding completed", - ], - }, - - 'with-network-logged-in' => { - :description => "I have started Tails from DVD and logged in and the network is connected", - :parent_checkpoint => "no-network-logged-in", - :steps => [ - 'the network is plugged', - 'Tor is ready', - 'all notifications have disappeared', - 'available upgrades have been checked', - ], - }, - - 'no-network-bridge-mode' => { - :temporary => true, - :description => "I have started Tails from DVD without network and logged in with bridge mode enabled", - :parent_checkpoint => "tails-greeter", - :steps => [ - 'I enable more Tails Greeter options', - 'I enable the specific Tor configuration option', - 'I log in to a new session', - 'Tails Greeter has dealt with the sudo password', - 'the Tails desktop is ready', - 'all notifications have disappeared', - ], - }, - - 'no-network-logged-in-sudo-passwd' => { - :temporary => true, - :description => "I have started Tails from DVD without network and logged in with an administration password", - :parent_checkpoint => "tails-greeter", - :steps => [ - 'I enable more Tails Greeter options', - 'I set an administration password', - 'I log in to a new session', - 'Tails Greeter has dealt with the sudo password', - 'the Tails desktop is ready', - ], - }, - - 'with-network-logged-in-sudo-passwd' => { - :temporary => true, - :description => "I have started Tails from DVD and logged in with an administration password and the network is connected", - :parent_checkpoint => "no-network-logged-in-sudo-passwd", - :steps => [ - 'the network is plugged', - 'Tor is ready', - 'all notifications have disappeared', - 'available upgrades have been checked', - ], - }, - - 'usb-install-tails-greeter' => { - :description => "I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen", - :parent_checkpoint => 'no-network-logged-in', - :steps => [ - 'I create a 4 GiB disk named "__internal"', - 'I plug USB drive "__internal"', - 'I "Clone & Install" Tails to USB drive "__internal"', - 'the running Tails is installed on USB drive "__internal"', - 'there is no persistence partition on USB drive "__internal"', - 'I shutdown Tails and wait for the computer to power off', - 'I start Tails from USB drive "__internal" with network unplugged', - 'the boot device has safe access rights', - 'Tails is running from USB drive "__internal"', - 'there is no persistence partition on USB drive "__internal"', - 'process "udev-watchdog" is running', - 'udev-watchdog is monitoring the correct device', - ], - }, - - 'usb-install-logged-in' => { - :description => "I have started Tails without network from a USB drive without a persistent partition and logged in", - :parent_checkpoint => 'usb-install-tails-greeter', - :steps => [ - 'I log in to a new session', - 'the Tails desktop is ready', - ], - }, - - 'usb-install-with-persistence-tails-greeter' => { - :description => "I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen", - :parent_checkpoint => 'usb-install-logged-in', - :steps => [ - 'I create a persistent partition', - 'a Tails persistence partition exists on USB drive "__internal"', - 'I shutdown Tails and wait for the computer to power off', - 'I start Tails from USB drive "__internal" with network unplugged', - 'the boot device has safe access rights', - 'Tails is running from USB drive "__internal"', - 'process "udev-watchdog" is running', - 'udev-watchdog is monitoring the correct device', - ], - }, - - 'usb-install-with-persistence-logged-in' => { - :description => "I have started Tails without network from a USB drive with a persistent partition enabled and logged in", - :parent_checkpoint => 'usb-install-with-persistence-tails-greeter', - :steps => [ - 'I enable persistence', - 'I log in to a new session', - 'the Tails desktop is ready', - 'all persistence presets are enabled', - 'all persistent filesystems have safe access rights', - 'all persistence configuration files have safe access rights', - 'all persistent directories have safe access rights', - ], - }, - } -end - -def reach_checkpoint(name) - scenario_indent = " "*4 - step_indent = " "*6 - - step "a computer" - if VM.snapshot_exists?(name) - $vm.restore_snapshot(name) - post_snapshot_restore_hook - else - checkpoint = checkpoints[name] - checkpoint_description = checkpoint[:description] - parent_checkpoint = checkpoint[:parent_checkpoint] - steps = checkpoint[:steps] - if parent_checkpoint - if VM.snapshot_exists?(parent_checkpoint) - $vm.restore_snapshot(parent_checkpoint) - else - reach_checkpoint(parent_checkpoint) - end - post_snapshot_restore_hook - end - debug_log(scenario_indent + "Checkpoint: #{checkpoint_description}", - :color => :white) - step_action = "Given" - if parent_checkpoint - parent_description = checkpoints[parent_checkpoint][:description] - debug_log(step_indent + "#{step_action} #{parent_description}", - :color => :green) - step_action = "And" - end - steps.each do |s| - begin - step(s) - rescue Exception => e - debug_log(scenario_indent + - "Step failed while creating checkpoint: #{s}", - :color => :red) - raise e - end - debug_log(step_indent + "#{step_action} #{s}", :color => :green) - step_action = "And" - end - $vm.save_snapshot(name) - end -end - -# For each checkpoint we generate a step to reach it. -checkpoints.each do |name, desc| - step_regex = Regexp.new("^#{Regexp.escape(desc[:description])}$") - Given step_regex do - reach_checkpoint(name) - end -end diff --git a/features/step_definitions/ssh.rb b/features/step_definitions/ssh.rb deleted file mode 100644 index 038b2977..00000000 --- a/features/step_definitions/ssh.rb +++ /dev/null @@ -1,122 +0,0 @@ -require 'socket' - -def assert_not_ipaddr(s) - err_msg = "'#{s}' looks like a LAN IP address." - assert_raise(IPAddr::InvalidAddressError, err_msg) do - IPAddr.new(s) - end -end - -def read_and_validate_ssh_config srv_type - conf = $config[srv_type] - begin - required_settings = ["private_key", "public_key", "username", "hostname"] - required_settings.each do |key| - assert(conf.has_key?(key)) - assert_not_nil(conf[key]) - assert(!conf[key].empty?) - end - rescue NoMethodError - raise( - < LIVE_USER) - unless server_type == 'Git' || lan - read_and_validate_ssh_config server_type - secret_key = $config[server_type]["private_key"] - public_key = $config[server_type]["public_key"] - else - secret_key = $config["Unsafe_SSH_private_key"] - public_key = $config["Unsafe_SSH_public_key"] - end - - $vm.execute_successfully("echo '#{secret_key}' > '/home/#{LIVE_USER}/.ssh/id_rsa'", - :user => LIVE_USER) - $vm.execute_successfully("echo '#{public_key}' > '/home/#{LIVE_USER}/.ssh/id_rsa.pub'", - :user => LIVE_USER) - $vm.execute_successfully("chmod 0600 '/home/#{LIVE_USER}/.ssh/'id*", - :user => LIVE_USER) -end - -Given /^I (?:am prompted to )?verify the SSH fingerprint for the (?:Git|SSH) (?:repository|server)$/ do - @screen.wait("SSHFingerprint.png", 60) - @screen.type('yes' + Sikuli::Key.ENTER) -end - -def get_free_tcp_port - server = TCPServer.new('127.0.0.1', 0) - return server.addr[1] -ensure - server.close -end - -Given /^an SSH server is running on the LAN$/ do - @sshd_server_port = get_free_tcp_port - @sshd_server_host = $vmnet.bridge_ip_addr - sshd = SSHServer.new(@sshd_server_host, @sshd_server_port) - sshd.start - add_after_scenario_hook { sshd.stop } -end - -When /^I connect to an SSH server on the (Internet|LAN)$/ do |location| - - case location - when 'Internet' - read_and_validate_ssh_config "SSH" - when 'LAN' - @ssh_port = @sshd_server_port - @ssh_username = 'user' - @ssh_host = @sshd_server_host - end - - ssh_port_suffix = "-p #{@ssh_port}" if @ssh_port - - cmd = "ssh #{@ssh_username}@#{@ssh_host} #{ssh_port_suffix}" - - step 'process "ssh" is not running' - step "I run \"#{cmd}\" in GNOME Terminal" - step 'process "ssh" is running within 10 seconds' -end - -Then /^I have sucessfully logged into the SSH server$/ do - @screen.wait('SSHLoggedInPrompt.png', 60) -end - -Then /^I connect to an SFTP server on the Internet$/ do - read_and_validate_ssh_config "SFTP" - @sftp_port ||= 22 - @sftp_port = @sftp_port.to_s - step 'I start "Files" via the GNOME "Accessories" applications menu' - @screen.wait_and_click("GnomeFilesConnectToServer.png", 10) - @screen.wait("GnomeConnectToServerWindow.png", 10) - @screen.type("sftp://" + @sftp_username + "@" + @sftp_host + ":" + @sftp_port) - @screen.wait_and_click("GnomeConnectToServerConnectButton.png", 10) -end - -Then /^I verify the SSH fingerprint for the SFTP server$/ do - @screen.wait_and_click("GnomeSSHVerificationConfirm.png", 60) -end - -Then /^I successfully connect to the SFTP server$/ do - @screen.wait("GnomeSSHSuccess.png", 60) -end diff --git a/features/step_definitions/time_syncing.rb b/features/step_definitions/time_syncing.rb deleted file mode 100644 index 319fb521..00000000 --- a/features/step_definitions/time_syncing.rb +++ /dev/null @@ -1,86 +0,0 @@ -# In some steps below we allow some slack when verifying that the date -# was set appropriately because it may take time to send the `date` -# command over the remote shell and get the answer back, parsing and -# post-processing of the result, etc. -def max_time_drift - 10 -end - -When /^I set the system time to "([^"]+)"$/ do |time| - $vm.execute_successfully("date -s '#{time}'") - new_time = DateTime.parse($vm.execute_successfully("date").stdout).to_time - expected_time_lower_bound = DateTime.parse(time).to_time - expected_time_upper_bound = expected_time_lower_bound + max_time_drift - assert(expected_time_lower_bound <= new_time && - new_time <= expected_time_upper_bound, - "The guest's time was supposed to be set to " \ - "'#{expected_time_lower_bound}' but is '#{new_time}'") -end - -When /^I bump the (hardware clock's|system) time with "([^"]+)"$/ do |clock_type, timediff| - case clock_type - when "hardware clock's" - old_time = DateTime.parse($vm.execute_successfully("hwclock -r").stdout).to_time - $vm.execute_successfully("hwclock --set --date 'now #{timediff}'") - new_time = DateTime.parse($vm.execute_successfully("hwclock -r").stdout).to_time - when 'system' - old_time = DateTime.parse($vm.execute_successfully("date").stdout).to_time - $vm.execute_successfully("date -s 'now #{timediff}'") - new_time = DateTime.parse($vm.execute_successfully("date").stdout).to_time - end - expected_time_lower_bound = DateTime.parse( - cmd_helper(["date", "-d", "#{old_time} #{timediff}"])).to_time - expected_time_upper_bound = expected_time_lower_bound + max_time_drift - assert(expected_time_lower_bound <= new_time && - new_time <= expected_time_upper_bound, - "The #{clock_type} time was supposed to be bumped to " \ - "'#{expected_time_lower_bound}' but is '#{new_time}'") -end - -Then /^Tails clock is less than (\d+) minutes incorrect$/ do |max_diff_mins| - guest_time_str = $vm.execute("date --rfc-2822").stdout.chomp - guest_time = Time.rfc2822(guest_time_str) - host_time = Time.now - diff = (host_time - guest_time).abs - assert(diff < max_diff_mins.to_i*60, - "The guest's clock is off by #{diff} seconds (#{guest_time})") - puts "Time was #{diff} seconds off" -end - -Then /^the system clock is just past Tails' build date$/ do - system_time_str = $vm.execute_successfully('date').to_s - system_time = DateTime.parse(system_time_str).to_time - build_time_cmd = 'sed -n -e "1s/^.* - \([0-9]\+\)$/\1/p;q" ' + - '/etc/amnesia/version' - build_time_str = $vm.execute_successfully(build_time_cmd).to_s - build_time = DateTime.parse(build_time_str).to_time - diff = system_time - build_time # => in seconds - # Half an hour should be enough to boot Tails on any reasonable - # hardware and VM setup. - max_diff = 30*60 - assert(diff > 0, - "The system time (#{system_time}) is before the Tails " + - "build date (#{build_time})") - assert(diff <= max_diff, - "The system time (#{system_time}) is more than #{max_diff} seconds " + - "past the build date (#{build_time})") -end - -Then /^Tails' hardware clock is close to the host system's time$/ do - host_time = Time.now - hwclock_time_str = $vm.execute('hwclock -r').stdout.chomp - hwclock_time = DateTime.parse(hwclock_time_str).to_time - diff = (hwclock_time - host_time).abs - assert(diff <= max_time_drift) -end - -Then /^the hardware clock is still off by "([^"]+)"$/ do |timediff| - hwclock = DateTime.parse($vm.execute_successfully("hwclock -r").stdout.chomp).to_time - expected_time_lower_bound = DateTime.parse( - cmd_helper(["date", "-d", "now #{timediff}"])).to_time - max_time_drift - expected_time_upper_bound = expected_time_lower_bound + max_time_drift - assert(expected_time_lower_bound <= hwclock && - hwclock <= expected_time_upper_bound, - "The host's hwclock should be approximately " \ - "'#{expected_time_lower_bound}' but is actually '#{hwclock}'") -end diff --git a/features/step_definitions/tor.rb b/features/step_definitions/tor.rb deleted file mode 100644 index ac12fd4c..00000000 --- a/features/step_definitions/tor.rb +++ /dev/null @@ -1,402 +0,0 @@ -def iptables_chains_parse(iptables, table = "filter", &block) - assert(block_given?) - cmd = "#{iptables}-save -c -t #{table} | iptables-xml" - xml_str = $vm.execute_successfully(cmd).stdout - rexml = REXML::Document.new(xml_str) - rexml.get_elements('iptables-rules/table/chain').each do |element| - yield( - element.attribute('name').to_s, - element.attribute('policy').to_s, - element.get_elements('rule') - ) - end -end - -def ip4tables_chains(table = "filter", &block) - iptables_chains_parse('iptables', table, &block) -end - -def ip6tables_chains(table = "filter", &block) - iptables_chains_parse('ip6tables', table, &block) -end - -def iptables_rules_parse(iptables, chain, table) - iptables_chains_parse(iptables, table) do |name, _, rules| - return rules if name == chain - end - return nil -end - -def iptables_rules(chain, table = "filter") - iptables_rules_parse("iptables", chain, table) -end - -def ip6tables_rules(chain, table = "filter") - iptables_rules_parse("ip6tables", chain, table) -end - -def ip4tables_packet_counter_sum(filters = {}) - pkts = 0 - ip4tables_chains do |name, _, rules| - next if filters[:tables] && not(filters[:tables].include?(name)) - rules.each do |rule| - next if filters[:uid] && not(rule.elements["conditions/owner/uid-owner[text()=#{filters[:uid]}]"]) - pkts += rule.attribute('packet-count').to_s.to_i - end - end - return pkts -end - -def try_xml_element_text(element, xpath, default = nil) - node = element.elements[xpath] - (node.nil? or not(node.has_text?)) ? default : node.text -end - -Then /^the firewall's policy is to (.+) all IPv4 traffic$/ do |expected_policy| - expected_policy.upcase! - ip4tables_chains do |name, policy, _| - if ["INPUT", "FORWARD", "OUTPUT"].include?(name) - assert_equal(expected_policy, policy, - "Chain #{name} has unexpected policy #{policy}") - end - end -end - -Then /^the firewall is configured to only allow the (.+) users? to connect directly to the Internet over IPv4$/ do |users_str| - users = users_str.split(/, | and /) - expected_uids = Set.new - users.each do |user| - expected_uids << $vm.execute_successfully("id -u #{user}").stdout.to_i - end - allowed_output = iptables_rules("OUTPUT").find_all do |rule| - out_iface = rule.elements['conditions/match/o'] - is_maybe_accepted = rule.get_elements('actions/*').find do |action| - not(["DROP", "REJECT", "LOG"].include?(action.name)) - end - is_maybe_accepted && - ( - # nil => match all interfaces according to iptables-xml - out_iface.nil? || - ((out_iface.text == 'lo') == (out_iface.attribute('invert').to_s == '1')) - ) - end - uids = Set.new - allowed_output.each do |rule| - rule.elements.each('actions/*') do |action| - destination = try_xml_element_text(rule, "conditions/match/d") - if action.name == "ACCEPT" - # nil == 0.0.0.0/0 according to iptables-xml - assert(destination == '0.0.0.0/0' || destination.nil?, - "The following rule has an unexpected destination:\n" + - rule.to_s) - state_cond = try_xml_element_text(rule, "conditions/state/state") - next if state_cond == "RELATED,ESTABLISHED" - assert_not_nil(rule.elements['conditions/owner/uid-owner']) - rule.elements.each('conditions/owner/uid-owner') do |owner| - uid = owner.text.to_i - uids << uid - assert(expected_uids.include?(uid), - "The following rule allows uid #{uid} to access the " + - "network, but we only expect uids #{expected_uids.to_a} " + - "(#{users_str}) to have such access:\n#{rule.to_s}") - end - elsif action.name == "call" && action.elements[1].name == "lan" - lan_subnets = ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] - assert(lan_subnets.include?(destination), - "The following lan-targeted rule's destination is " + - "#{destination} which may not be a private subnet:\n" + - rule.to_s) - else - raise "Unexpected iptables OUTPUT chain rule:\n#{rule.to_s}" - end - end - end - uids_not_found = expected_uids - uids - assert(uids_not_found.empty?, - "Couldn't find rules allowing uids #{uids_not_found.to_a.to_s} " \ - "access to the network") -end - -Then /^the firewall's NAT rules only redirect traffic for Tor's TransPort and DNSPort$/ do - loopback_address = "127.0.0.1/32" - tor_onion_addr_space = "127.192.0.0/10" - tor_trans_port = "9040" - dns_port = "53" - tor_dns_port = "5353" - ip4tables_chains('nat') do |name, _, rules| - if name == "OUTPUT" - good_rules = rules.find_all do |rule| - redirect = rule.get_elements('actions/*').all? do |action| - action.name == "REDIRECT" - end - destination = try_xml_element_text(rule, "conditions/match/d") - redir_port = try_xml_element_text(rule, "actions/REDIRECT/to-ports") - redirected_to_trans_port = redir_port == tor_trans_port - udp_destination_port = try_xml_element_text(rule, "conditions/udp/dport") - dns_redirected_to_tor_dns_port = (udp_destination_port == dns_port) && - (redir_port == tor_dns_port) - redirect && - ( - (destination == tor_onion_addr_space && redirected_to_trans_port) || - (destination == loopback_address && dns_redirected_to_tor_dns_port) - ) - end - bad_rules = rules - good_rules - assert(bad_rules.empty?, - "The NAT table's OUTPUT chain contains some unexpected " + - "rules:\n#{bad_rules}") - else - assert(rules.empty?, - "The NAT table contains unexpected rules for the #{name} " + - "chain:\n#{rules}") - end - end -end - -Then /^the firewall is configured to block all external IPv6 traffic$/ do - ip6_loopback = '::1/128' - expected_policy = "DROP" - ip6tables_chains do |name, policy, rules| - assert_equal(expected_policy, policy, - "The IPv6 #{name} chain has policy #{policy} but we " \ - "expected #{expected_policy}") - good_rules = rules.find_all do |rule| - ["DROP", "REJECT", "LOG"].any? do |target| - rule.elements["actions/#{target}"] - end \ - || - ["s", "d"].all? do |x| - try_xml_element_text(rule, "conditions/match/#{x}") == ip6_loopback - end - end - bad_rules = rules - good_rules - assert(bad_rules.empty?, - "The IPv6 table's #{name} chain contains some unexpected rules:\n" + - (bad_rules.map { |r| r.to_s }).join("\n")) - end -end - -def firewall_has_dropped_packet_to?(proto, host, port) - regex = "^Dropped outbound packet: .* " - regex += "DST=#{Regexp.escape(host)} .* " - regex += "PROTO=#{Regexp.escape(proto)} " - regex += ".* DPT=#{port} " if port - $vm.execute("journalctl --dmesg --output=cat | grep -qP '#{regex}'").success? -end - -When /^I open an untorified (TCP|UDP|ICMP) connections to (\S*)(?: on port (\d+))? that is expected to fail$/ do |proto, host, port| - assert(!firewall_has_dropped_packet_to?(proto, host, port), - "A #{proto} packet to #{host}" + - (port.nil? ? "" : ":#{port}") + - " has already been dropped by the firewall") - @conn_proto = proto - @conn_host = host - @conn_port = port - case proto - when "TCP" - assert_not_nil(port) - cmd = "echo | netcat #{host} #{port}" - user = LIVE_USER - when "UDP" - assert_not_nil(port) - cmd = "echo | netcat -u #{host} #{port}" - user = LIVE_USER - when "ICMP" - cmd = "ping -c 5 #{host}" - user = 'root' - end - @conn_res = $vm.execute(cmd, :user => user) -end - -Then /^the untorified connection fails$/ do - case @conn_proto - when "TCP" - expected_in_stderr = "Connection refused" - conn_failed = !@conn_res.success? && - @conn_res.stderr.chomp.end_with?(expected_in_stderr) - when "UDP", "ICMP" - conn_failed = !@conn_res.success? - end - assert(conn_failed, - "The untorified #{@conn_proto} connection didn't fail as expected:\n" + - @conn_res.to_s) -end - -Then /^the untorified connection is logged as dropped by the firewall$/ do - assert(firewall_has_dropped_packet_to?(@conn_proto, @conn_host, @conn_port), - "No #{@conn_proto} packet to #{@conn_host}" + - (@conn_port.nil? ? "" : ":#{@conn_port}") + - " was dropped by the firewall") -end - -When /^the system DNS is(?: still)? using the local DNS resolver$/ do - resolvconf = $vm.file_content("/etc/resolv.conf") - bad_lines = resolvconf.split("\n").find_all do |line| - !line.start_with?("#") && !/^nameserver\s+127\.0\.0\.1$/.match(line) - end - assert_empty(bad_lines, - "The following bad lines were found in /etc/resolv.conf:\n" + - bad_lines.join("\n")) -end - -def stream_isolation_info(application) - case application - when "htpdate" - { - :grep_monitor_expr => '/curl\>', - :socksport => 9062 - } - when "tails-security-check", "tails-upgrade-frontend-wrapper" - # We only grep connections with ESTABLISHED state since `perl` - # is also used by monkeysphere's validation agent, which LISTENs - { - :grep_monitor_expr => '\.\+/perl\>', - :socksport => 9062 - } - when "Tor Browser" - { - :grep_monitor_expr => '/firefox\>', - :socksport => 9150 - } - when "Gobby" - { - :grep_monitor_expr => '/gobby\>', - :socksport => 9050 - } - when "SSH" - { - :grep_monitor_expr => '/\(connect-proxy\|ssh\)\>', - :socksport => 9050 - } - when "whois" - { - :grep_monitor_expr => '/whois\>', - :socksport => 9050 - } - else - raise "Unknown application '#{application}' for the stream isolation tests" - end -end - -When /^I monitor the network connections of (.*)$/ do |application| - @process_monitor_log = "/tmp/netstat.log" - info = stream_isolation_info(application) - $vm.spawn("while true; do " + - " netstat -taupen | grep \"#{info[:grep_monitor_expr]}\"; " + - " sleep 0.1; " + - "done > #{@process_monitor_log}") -end - -Then /^I see that (.+) is properly stream isolated$/ do |application| - expected_port = stream_isolation_info(application)[:socksport] - assert_not_nil(@process_monitor_log) - log_lines = $vm.file_content(@process_monitor_log).split("\n") - assert(log_lines.size > 0, - "Couldn't see any connection made by #{application} so " \ - "something is wrong") - log_lines.each do |line| - addr_port = line.split(/\s+/)[4] - assert_equal("127.0.0.1:#{expected_port}", addr_port, - "#{application} should use SocksPort #{expected_port} but " \ - "was seen connecting to #{addr_port}") - end -end - -And /^I re-run tails-security-check$/ do - $vm.execute_successfully("tails-security-check", :user => LIVE_USER) -end - -And /^I re-run htpdate$/ do - $vm.execute_successfully("service htpdate stop && " \ - "rm -f /var/run/htpdate/* && " \ - "systemctl --no-block start htpdate.service") - step "the time has synced" -end - -And /^I re-run tails-upgrade-frontend-wrapper$/ do - $vm.execute_successfully("tails-upgrade-frontend-wrapper", :user => LIVE_USER) -end - -When /^I connect Gobby to "([^"]+)"$/ do |host| - @screen.wait("GobbyWindow.png", 30) - @screen.wait("GobbyWelcomePrompt.png", 10) - @screen.click("GnomeCloseButton.png") - @screen.wait("GobbyWindow.png", 10) - # This indicates that Gobby has finished initializing itself - # (generating DH parameters, etc.) -- before, the UI is not responsive - # and our CTRL-t is lost. - @screen.wait("GobbyFailedToShareDocuments.png", 30) - @screen.type("t", Sikuli::KeyModifier.CTRL) - @screen.wait("GobbyConnectPrompt.png", 10) - @screen.type(host + Sikuli::Key.ENTER) - @screen.wait("GobbyConnectionComplete.png", 60) -end - -When /^the Tor Launcher autostarts$/ do - @screen.wait('TorLauncherWindow.png', 60) -end - -When /^I configure some (\w+) pluggable transports in Tor Launcher$/ do |bridge_type| - bridge_type.downcase! - bridge_type.capitalize! - begin - @bridges = $config["Tor"]["Transports"][bridge_type] - assert_not_nil(@bridges) - assert(!@bridges.empty?) - rescue NoMethodError, Test::Unit::AssertionFailedError - raise( -< @bridge_hosts) - leaks.assert_no_leaks -end - -Then /^the Tor binary is configured to use the expected Tor authorities$/ do - tor_auths = Set.new - tor_binary_orport_strings = $vm.execute_successfully( - "strings /usr/bin/tor | grep -E 'orport=[0-9]+'").stdout.chomp.split("\n") - tor_binary_orport_strings.each do |potential_auth_string| - auth_regex = /^\S+ orport=\d+( bridge)?( no-v2)?( v3ident=[A-Z0-9]{40})? ([0-9\.]+):\d+( [A-Z0-9]{4}){10}$/ - m = auth_regex.match(potential_auth_string) - if m - auth_ipv4_addr = m[4] - tor_auths << auth_ipv4_addr - end - end - expected_tor_auths = Set.new(TOR_AUTHORITIES) - assert_equal(expected_tor_auths, tor_auths, - "The Tor binary does not have the expected Tor authorities " + - "configured") -end diff --git a/features/step_definitions/torified_browsing.rb b/features/step_definitions/torified_browsing.rb deleted file mode 100644 index c8f3ff1d..00000000 --- a/features/step_definitions/torified_browsing.rb +++ /dev/null @@ -1,5 +0,0 @@ -When /^no traffic has flowed to the LAN$/ do - leaks = FirewallLeakCheck.new(@sniffer.pcap_file, :ignore_lan => false) - assert(not(leaks.ipv4_tcp_leaks.include?(@lan_host)), - "Traffic was sent to LAN host #{@lan_host}") -end diff --git a/features/step_definitions/torified_gnupg.rb b/features/step_definitions/torified_gnupg.rb deleted file mode 100644 index 4b4cc040..00000000 --- a/features/step_definitions/torified_gnupg.rb +++ /dev/null @@ -1,208 +0,0 @@ -class OpenPGPKeyserverCommunicationError < StandardError -end - -def count_gpg_signatures(key) - output = $vm.execute_successfully("gpg --batch --list-sigs #{key}", - :user => LIVE_USER).stdout - output.scan(/^sig/).count -end - -def check_for_seahorse_error - if @screen.exists('GnomeCloseButton.png') - raise OpenPGPKeyserverCommunicationError.new( - "Found GnomeCloseButton.png' on the screen" - ) - end -end - -def start_or_restart_seahorse - assert_not_nil(@withgpgapplet) - if @withgpgapplet - seahorse_menu_click_helper('GpgAppletIconNormal.png', 'GpgAppletManageKeys.png') - else - step 'I start "Seahorse" via the GNOME "Utilities" applications menu' - end - step 'Seahorse has opened' -end - -Then /^the key "([^"]+)" has (only|more than) (\d+) signatures$/ do |key, qualifier, num| - count = count_gpg_signatures(key) - case qualifier - when 'only' - assert_equal(count, num.to_i, "Expected #{num} signatures but instead found #{count}") - when 'more than' - assert(count > num.to_i, "Expected more than #{num} signatures but found #{count}") - else - raise "Unknown operator #{qualifier} passed" - end -end - -When /^the "([^"]+)" OpenPGP key is not in the live user's public keyring$/ do |keyid| - assert(!$vm.execute("gpg --batch --list-keys '#{keyid}'", - :user => LIVE_USER).success?, - "The '#{keyid}' key is in the live user's public keyring.") -end - -When /^I fetch the "([^"]+)" OpenPGP key using the GnuPG CLI( without any signatures)?$/ do |keyid, without| - # Make keyid an instance variable so we can reference it in the Seahorse - # keysyncing step. - @fetched_openpgp_keyid = keyid - if without - importopts = '--keyserver-options import-clean' - else - importopts = '' - end - retry_tor do - @gnupg_recv_key_res = $vm.execute_successfully( - "timeout 120 gpg --batch #{importopts} --recv-key '#{@fetched_openpgp_keyid}'", - :user => LIVE_USER) - if @gnupg_recv_key_res.failure? - raise "Fetching keys with the GnuPG CLI failed with:\n" + - "#{@gnupg_recv_key_res.stdout}\n" + - "#{@gnupg_recv_key_res.stderr}" - end - end -end - -When /^the GnuPG fetch is successful$/ do - assert(@gnupg_recv_key_res.success?, - "gpg keyserver fetch failed:\n#{@gnupg_recv_key_res.stderr}") -end - -When /^the Seahorse operation is successful$/ do - !@screen.exists('GnomeCloseButton.png') - $vm.has_process?('seahorse') -end - -When /^GnuPG uses the configured keyserver$/ do - assert(@gnupg_recv_key_res.stderr[CONFIGURED_KEYSERVER_HOSTNAME], - "GnuPG's stderr did not mention keyserver #{CONFIGURED_KEYSERVER_HOSTNAME}") -end - -When /^the "([^"]+)" key is in the live user's public keyring(?: after at most (\d) seconds)?$/ do |keyid, delay| - delay = 10 unless delay - try_for(delay.to_i, :msg => "The '#{keyid}' key is not in the live user's public keyring") { - $vm.execute("gpg --batch --list-keys '#{keyid}'", - :user => LIVE_USER).success? - } -end - -When /^I start Seahorse( via the Tails OpenPGP Applet)?$/ do |withgpgapplet| - @withgpgapplet = !!withgpgapplet - start_or_restart_seahorse -end - -Then /^Seahorse has opened$/ do - @screen.wait('SeahorseWindow.png', 20) -end - -Then /^I enable key synchronization in Seahorse$/ do - step 'process "seahorse" is running' - @screen.wait_and_click("SeahorseWindow.png", 10) - seahorse_menu_click_helper('GnomeEditMenu.png', 'SeahorseEditPreferences.png', 'seahorse') - @screen.wait('SeahorsePreferences.png', 20) - @screen.type("p", Sikuli::KeyModifier.ALT) # Option: "Publish keys to...". - @screen.type(Sikuli::Key.DOWN) # select HKP server - @screen.type("c", Sikuli::KeyModifier.ALT) # Button: "Close" -end - -Then /^I synchronize keys in Seahorse$/ do - recovery_proc = Proc.new do - # The versions of Seahorse in Wheezy and Jessie will abort with a - # segmentation fault whenever there's any sort of network error while - # syncing keys. This will usually happens after clicking away the error - # message. This does not appear to be a problem in Stretch. - # - # We'll kill the Seahorse process to avoid waiting for the inevitable - # segfault. We'll also make sure the process is still running (= hasn't - # yet segfaulted) before terminating it. - if @screen.exists('GnomeCloseButton.png') || !$vm.has_process?('seahorse') - step 'I kill the process "seahorse"' if $vm.has_process?('seahorse') - debug_log('Restarting Seahorse.') - start_or_restart_seahorse - end - end - - def change_of_status? - # Due to a lack of visual feedback in Seahorse we'll break out of the - # try_for loop below by returning "true" when there's something we can act - # upon. - if count_gpg_signatures(@fetched_openpgp_keyid) > 2 || \ - @screen.exists('GnomeCloseButton.png') || \ - !$vm.has_process?('seahorse') - true - end - end - - retry_tor(recovery_proc) do - @screen.wait_and_click("SeahorseWindow.png", 10) - seahorse_menu_click_helper('SeahorseRemoteMenu.png', - 'SeahorseRemoteMenuSync.png', - 'seahorse') - @screen.wait('SeahorseSyncKeys.png', 20) - @screen.type("s", Sikuli::KeyModifier.ALT) # Button: Sync - # There's no visual feedback of Seahorse in Tails/Jessie, except on error. - try_for(120) { - change_of_status? - } - check_for_seahorse_error - raise OpenPGPKeyserverCommunicationError.new( - 'Seahorse crashed with a segfault.') unless $vm.has_process?('seahorse') - end -end - -When /^I fetch the "([^"]+)" OpenPGP key using Seahorse( via the Tails OpenPGP Applet)?$/ do |keyid, withgpgapplet| - step "I start Seahorse#{withgpgapplet}" - - def change_of_status?(keyid) - # Due to a lack of visual feedback in Seahorse we'll break out of the - # try_for loop below by returning "true" when there's something we can act - # upon. - if $vm.execute_successfully( - "gpg --batch --list-keys '#{keyid}'", :user => LIVE_USER) || - @screen.exists('GnomeCloseButton.png') - true - end - end - - recovery_proc = Proc.new do - @screen.click('GnomeCloseButton.png') if @screen.exists('GnomeCloseButton.png') - @screen.type("w", Sikuli::KeyModifier.CTRL) - end - retry_tor(recovery_proc) do - @screen.wait_and_click("SeahorseWindow.png", 10) - seahorse_menu_click_helper('SeahorseRemoteMenu.png', - 'SeahorseRemoteMenuFind.png', - 'seahorse') - @screen.wait('SeahorseFindKeysWindow.png', 10) - # Seahorse doesn't seem to support searching for fingerprints - @screen.type(keyid + Sikuli::Key.ENTER) - begin - @screen.waitAny(['SeahorseFoundKeyResult.png', - 'GnomeCloseButton.png'], 120) - rescue FindAnyFailed - # We may end up here if Seahorse appears to be "frozen". - # Sometimes--but not always--if we click another window - # the main Seahorse window will unfreeze, allowing us - # to continue normally. - @screen.click("SeahorseSearch.png") - end - check_for_seahorse_error - @screen.click("SeahorseKeyResultWindow.png") - @screen.click("SeahorseFoundKeyResult.png") - @screen.click("SeahorseImport.png") - try_for(120) do - change_of_status?(keyid) - end - check_for_seahorse_error - end -end - -Then /^Seahorse is configured to use the correct keyserver$/ do - @gnome_keyservers = YAML.load($vm.execute_successfully('gsettings get org.gnome.crypto.pgp keyservers', - :user => LIVE_USER).stdout) - assert_equal(1, @gnome_keyservers.count, 'Seahorse should only have one keyserver configured.') - # Seahorse doesn't support hkps so that part of the domain is stripped out. - # We also insert hkp:// to the beginning of the domain. - assert_equal(CONFIGURED_KEYSERVER_HOSTNAME.sub('hkps.', 'hkp://'), @gnome_keyservers[0]) -end diff --git a/features/step_definitions/torified_misc.rb b/features/step_definitions/torified_misc.rb deleted file mode 100644 index 7112776a..00000000 --- a/features/step_definitions/torified_misc.rb +++ /dev/null @@ -1,41 +0,0 @@ -When /^I query the whois directory service for "([^"]+)"$/ do |domain| - retry_tor do - @vm_execute_res = $vm.execute("whois '#{domain}'", :user => LIVE_USER) - if @vm_execute_res.failure? || @vm_execute_res.stdout['LIMIT EXCEEDED'] - raise "Looking up whois info for #{domain} failed with:\n" + - "#{@vm_execute_res.stdout}\n" + - "#{@vm_execute_res.stderr}" - end - end -end - -When /^I wget "([^"]+)" to stdout(?:| with the '([^']+)' options)$/ do |url, options| - arguments = "-O - '#{url}'" - arguments = "#{options} #{arguments}" if options - retry_tor do - @vm_execute_res = $vm.execute("wget #{arguments}", :user => LIVE_USER) - if @vm_execute_res.failure? - raise "wget:ing #{url} with options #{options} failed with:\n" + - "#{@vm_execute_res.stdout}\n" + - "#{@vm_execute_res.stderr}" - end - end -end - -Then /^the (wget|whois) command is successful$/ do |command| - assert( - @vm_execute_res.success?, - "#{command} failed:\n" + - "#{@vm_execute_res.stdout}\n" + - "#{@vm_execute_res.stderr}" - ) -end - -Then /^the (wget|whois) standard output contains "([^"]+)"$/ do |command, text| - assert( - @vm_execute_res.stdout[text], - "The #{command} standard output does not contain #{text}:\n" + - "#{@vm_execute_res.stdout}\n" + - "#{@vm_execute_res.stderr}" - ) -end diff --git a/features/step_definitions/totem.rb b/features/step_definitions/totem.rb deleted file mode 100644 index 72698dde..00000000 --- a/features/step_definitions/totem.rb +++ /dev/null @@ -1,43 +0,0 @@ -Given /^I create sample videos$/ do - @shared_video_dir_on_host = "#{$config["TMPDIR"]}/shared_video_dir" - @shared_video_dir_on_guest = "/tmp/shared_video_dir" - FileUtils.mkdir_p(@shared_video_dir_on_host) - add_after_scenario_hook { FileUtils.rm_r(@shared_video_dir_on_host) } - fatal_system("avconv -loop 1 -t 30 -f image2 " + - "-i 'features/images/TailsBootSplash.png' " + - "-an -vcodec libx264 -y " + - '-filter:v "crop=in_w-mod(in_w\,2):in_h-mod(in_h\,2)" ' + - "'#{@shared_video_dir_on_host}/video.mp4' >/dev/null 2>&1") -end - -Given /^I setup a filesystem share containing sample videos$/ do - $vm.add_share(@shared_video_dir_on_host, @shared_video_dir_on_guest) -end - -Given /^I copy the sample videos to "([^"]+)" as user "([^"]+)"$/ do |destination, user| - for video_on_host in Dir.glob("#{@shared_video_dir_on_host}/*.mp4") do - video_name = File.basename(video_on_host) - src_on_guest = "#{@shared_video_dir_on_guest}/#{video_name}" - dst_on_guest = "#{destination}/#{video_name}" - step "I copy \"#{src_on_guest}\" to \"#{dst_on_guest}\" as user \"amnesia\"" - end -end - -When /^I(?:| try to) open "([^"]+)" with Totem$/ do |filename| - step "I run \"totem #{filename}\" in GNOME Terminal" -end - -When /^I close Totem$/ do - step 'I kill the process "totem"' -end - -Then /^I can watch a WebM video over HTTPs$/ do - test_url = 'https://webm.html5.org/test.webm' - recovery_on_failure = Proc.new do - step 'I close Totem' - end - retry_tor(recovery_on_failure) do - step "I open \"#{test_url}\" with Totem" - @screen.wait("SampleRemoteWebMVideoFrame.png", 120) - end -end diff --git a/features/step_definitions/unsafe_browser.rb b/features/step_definitions/unsafe_browser.rb deleted file mode 100644 index b8c04983..00000000 --- a/features/step_definitions/unsafe_browser.rb +++ /dev/null @@ -1,189 +0,0 @@ -When /^I see and accept the Unsafe Browser start verification$/ do - @screen.wait('GnomeQuestionDialogIcon.png', 30) - @screen.type(Sikuli::Key.ESC) -end - -def supported_torbrowser_languages - localization_descriptions = "#{Dir.pwd}/config/chroot_local-includes/usr/share/tails/browser-localization/descriptions" - File.read(localization_descriptions).split("\n").map do |line| - # The line will be of the form "xx:YY:..." or "xx-YY:YY:..." - first, second = line.sub('-', '_').split(':') - candidates = ["#{first}_#{second}.utf8", "#{first}.utf8", - "#{first}_#{second}", first] - when_not_found = Proc.new { raise "Could not find a locale for '#{line}'" } - candidates.find(when_not_found) do |candidate| - $vm.directory_exist?("/usr/lib/locale/#{candidate}") - end - end -end - -Then /^I start the Unsafe Browser in the "([^"]+)" locale$/ do |loc| - step "I run \"LANG=#{loc} LC_ALL=#{loc} sudo unsafe-browser\" in GNOME Terminal" - step "I see and accept the Unsafe Browser start verification" -end - -Then /^the Unsafe Browser works in all supported languages$/ do - failed = Array.new - supported_torbrowser_languages.each do |lang| - step "I start the Unsafe Browser in the \"#{lang}\" locale" - begin - step "the Unsafe Browser has started" - rescue RuntimeError - failed << lang - next - end - step "I close the Unsafe Browser" - step "the Unsafe Browser chroot is torn down" - end - assert(failed.empty?, "Unsafe Browser failed to launch in the following locale(s): #{failed.join(', ')}") -end - -Then /^the Unsafe Browser has no add-ons installed$/ do - step "I open the address \"about:addons\" in the Unsafe Browser" - step "I see \"UnsafeBrowserNoAddons.png\" after at most 30 seconds" -end - -Then /^the Unsafe Browser has only Firefox's default bookmarks configured$/ do - info = xul_application_info("Unsafe Browser") - # "Show all bookmarks" - @screen.type("o", Sikuli::KeyModifier.SHIFT + Sikuli::KeyModifier.CTRL) - @screen.wait_and_click("UnsafeBrowserExportBookmarksButton.png", 20) - @screen.wait_and_click("UnsafeBrowserExportBookmarksMenuEntry.png", 20) - @screen.wait("UnsafeBrowserExportBookmarksSavePrompt.png", 20) - path = "/home/#{info[:user]}/bookmarks" - @screen.type(path + Sikuli::Key.ENTER) - chroot_path = "#{info[:chroot]}/#{path}.json" - try_for(10) { $vm.file_exist?(chroot_path) } - dump = JSON.load($vm.file_content(chroot_path)) - - def check_bookmarks_helper(a) - mozilla_uris_counter = 0 - places_uris_counter = 0 - a.each do |h| - h.each_pair do |k, v| - if k == "children" - m, p = check_bookmarks_helper(v) - mozilla_uris_counter += m - places_uris_counter += p - elsif k == "uri" - uri = v - if uri.match("^https://www\.mozilla\.org/") - mozilla_uris_counter += 1 - elsif uri.match("^place:(sort|folder|type)=") - places_uris_counter += 1 - else - raise "Unexpected Unsafe Browser bookmark for '#{uri}'" - end - end - end - end - return [mozilla_uris_counter, places_uris_counter] - end - - mozilla_uris_counter, places_uris_counter = - check_bookmarks_helper(dump["children"]) - assert_equal(5, mozilla_uris_counter, - "Unexpected number (#{mozilla_uris_counter}) of mozilla " \ - "bookmarks") - assert_equal(3, places_uris_counter, - "Unexpected number (#{places_uris_counter}) of places " \ - "bookmarks") - @screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT) -end - -Then /^the Unsafe Browser has a red theme$/ do - @screen.wait("UnsafeBrowserRedTheme.png", 10) -end - -Then /^the Unsafe Browser shows a warning as its start page$/ do - @screen.wait("UnsafeBrowserStartPage.png", 10) -end - -Then /^I see a warning about another instance already running$/ do - @screen.wait('UnsafeBrowserWarnAlreadyRunning.png', 10) -end - -Then /^I can start the Unsafe Browser again$/ do - step "I start the Unsafe Browser" -end - -Then /^I cannot configure the Unsafe Browser to use any local proxies$/ do - socks_proxy = 'c' # Alt+c for socks proxy - no_proxy = 'y' # Alt+y for no proxy - proxies = [[no_proxy, nil, nil]] - socksport_lines = - $vm.execute_successfully('grep -w "^SocksPort" /etc/tor/torrc').stdout - assert(socksport_lines.size >= 4, "We got fewer than four Tor SocksPorts") - socksports = socksport_lines.scan(/^SocksPort\s([^:]+):(\d+)/) - proxies += socksports.map { |host, port| [socks_proxy, host, port] } - - proxies.each do |proxy_type, proxy_host, proxy_port| - @screen.hide_cursor - - # Open proxy settings and select manual proxy configuration - @screen.click('UnsafeBrowserMenuButton.png') - @screen.wait_and_click('UnsafeBrowserPreferencesButton.png', 10) - @screen.wait_and_click('UnsafeBrowserAdvancedSettingsButton.png', 10) - hit, _ = @screen.waitAny(['UnsafeBrowserNetworkTabAlreadySelected.png', - 'UnsafeBrowserNetworkTab.png'], 10) - @screen.click(hit) if hit == 'UnsafeBrowserNetworkTab.png' - @screen.wait_and_click('UnsafeBrowserNetworkTabSettingsButton.png', 10) - @screen.wait_and_click('UnsafeBrowserProxySettingsWindow.png', 10) - @screen.type("m", Sikuli::KeyModifier.ALT) - - # Configure the proxy - @screen.type(proxy_type, Sikuli::KeyModifier.ALT) # Select correct proxy type - @screen.type(proxy_host + Sikuli::Key.TAB + proxy_port) if proxy_type != no_proxy - - # Close settings - @screen.click('UnsafeBrowserProxySettingsOkButton.png') - @screen.waitVanish('UnsafeBrowserProxySettingsWindow.png', 10) - - # Test that the proxy settings work as they should - step "I open the address \"https://check.torproject.org\" in the Unsafe Browser" - if proxy_type == no_proxy - @screen.wait('UnsafeBrowserTorCheckFail.png', 60) - else - @screen.wait('UnsafeBrowserProxyRefused.png', 60) - end - end -end - -Then /^the Unsafe Browser has no proxy configured$/ do - @screen.click('UnsafeBrowserMenuButton.png') - @screen.wait_and_click('UnsafeBrowserPreferencesButton.png', 10) - @screen.wait_and_click('UnsafeBrowserAdvancedSettingsButton.png', 10) - @screen.wait_and_click('UnsafeBrowserNetworkTab.png', 10) - @screen.wait_and_click('UnsafeBrowserNetworkTabSettingsButton.png', 10) - @screen.wait('UnsafeBrowserProxySettingsWindow.png', 10) - @screen.wait('UnsafeBrowserNoProxySelected.png', 10) - @screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT) - @screen.type("w", Sikuli::KeyModifier.CTRL) -end - -Then /^the Unsafe Browser complains that no DNS server is configured$/ do - @screen.wait("UnsafeBrowserDNSError.png", 30) -end - -Then /^I configure the Unsafe Browser to check for updates more frequently$/ do - prefs = '/usr/share/tails/chroot-browsers/unsafe-browser/prefs.js' - $vm.file_append(prefs, 'pref("app.update.idletime", 1);') - $vm.file_append(prefs, 'pref("app.update.promptWaitTime", 1);') - $vm.file_append(prefs, 'pref("app.update.interval", 5);') -end - -But /^checking for updates is disabled in the Unsafe Browser's configuration$/ do - prefs = '/usr/share/tails/chroot-browsers/common/prefs.js' - assert($vm.file_content(prefs).include?('pref("app.update.enabled", false)')) -end - -Then /^the clearnet user has (|not )sent packets out to the Internet$/ do |sent| - uid = $vm.execute_successfully("id -u clearnet").stdout.chomp.to_i - pkts = ip4tables_packet_counter_sum(:tables => ['OUTPUT'], :uid => uid) - case sent - when '' - assert(pkts > 0, "Packets have not gone out to the internet.") - when 'not' - assert_equal(pkts, 0, "Packets have gone out to the internet.") - end -end diff --git a/features/step_definitions/untrusted_partitions.rb b/features/step_definitions/untrusted_partitions.rb deleted file mode 100644 index 43453b2f..00000000 --- a/features/step_definitions/untrusted_partitions.rb +++ /dev/null @@ -1,61 +0,0 @@ -Given /^I create an? ([[:alnum:]]+) swap partition on disk "([^"]+)"$/ do |parttype, name| - $vm.storage.disk_mkswap(name, parttype) -end - -Then /^an? "([^"]+)" partition was detected by Tails on drive "([^"]+)"$/ do |type, name| - part_info = $vm.execute_successfully( - "blkid '#{$vm.disk_dev(name)}'").stdout.strip - assert(part_info.split.grep(/^TYPE=\"#{Regexp.escape(type)}\"$/), - "No #{type} partition was detected by Tails on disk '#{name}'") -end - -Then /^Tails has no disk swap enabled$/ do - # Skip first line which contain column headers - swap_info = $vm.execute_successfully("tail -n+2 /proc/swaps").stdout - assert(swap_info.empty?, - "Disk swapping is enabled according to /proc/swaps:\n" + swap_info) - mem_info = $vm.execute_successfully("grep '^Swap' /proc/meminfo").stdout - assert(mem_info.match(/^SwapTotal:\s+0 kB$/), - "Disk swapping is enabled according to /proc/meminfo:\n" + - mem_info) -end - -Given /^I create an? ([[:alnum:]]+) partition( labeled "([^"]+)")? with an? ([[:alnum:]]+) filesystem( encrypted with password "([^"]+)")? on disk "([^"]+)"$/ do |parttype, has_label, label, fstype, is_encrypted, luks_password, name| - opts = {} - opts.merge!(:label => label) if has_label - opts.merge!(:luks_password => luks_password) if is_encrypted - $vm.storage.disk_mkpartfs(name, parttype, fstype, opts) -end - -Given /^I cat an ISO of the Tails image to disk "([^"]+)"$/ do |name| - src_disk = { - :path => TAILS_ISO, - :opts => { - :format => "raw", - :readonly => true - } - } - dest_disk = { - :path => $vm.storage.disk_path(name), - :opts => { - :format => $vm.storage.disk_format(name) - } - } - $vm.storage.guestfs_disk_helper(src_disk, dest_disk) do |g, src_disk_handle, dest_disk_handle| - g.copy_device_to_device(src_disk_handle, dest_disk_handle, {}) - end -end - -Then /^drive "([^"]+)" is not mounted$/ do |name| - dev = $vm.disk_dev(name) - assert(!$vm.execute("grep -qs '^#{dev}' /proc/mounts").success?, - "an untrusted partition from drive '#{name}' was automounted") -end - -Then /^Tails Greeter has( not)? detected a persistence partition$/ do |no_persistence| - expecting_persistence = no_persistence.nil? - @screen.find('TailsGreeter.png') - found_persistence = ! @screen.exists('TailsGreeterPersistence.png').nil? - assert_equal(expecting_persistence, found_persistence, - "Persistence is unexpectedly#{no_persistence} enabled") -end diff --git a/features/step_definitions/usb.rb b/features/step_definitions/usb.rb deleted file mode 100644 index 76f94d2f..00000000 --- a/features/step_definitions/usb.rb +++ /dev/null @@ -1,596 +0,0 @@ -# Returns a hash that for each preset the running Tails is aware of -# maps the source to the destination. -def get_persistence_presets(skip_links = false) - # Perl script that prints all persistence presets (one per line) on - # the form: : - script = <<-EOF - use strict; - use warnings FATAL => "all"; - use Tails::Persistence::Configuration::Presets; - foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { - say $preset->destination, ":", join(",", @{$preset->options}); - } -EOF - # VMCommand:s cannot handle newlines, and they're irrelevant in the - # above perl script any way - script.delete!("\n") - presets = $vm.execute_successfully("perl -E '#{script}'").stdout.chomp.split("\n") - assert presets.size >= 10, "Got #{presets.size} persistence presets, " + - "which is too few" - persistence_mapping = Hash.new - for line in presets - destination, options_str = line.split(":") - options = options_str.split(",") - is_link = options.include? "link" - next if is_link and skip_links - source_str = options.find { |option| /^source=/.match option } - # If no source is given as an option, live-boot's persistence - # feature defaults to the destination minus the initial "/". - if source_str.nil? - source = destination.partition("/").last - else - source = source_str.split("=")[1] - end - persistence_mapping[source] = destination - end - return persistence_mapping -end - -def persistent_dirs - get_persistence_presets -end - -def persistent_mounts - get_persistence_presets(true) -end - -def persistent_volumes_mountpoints - $vm.execute("ls -1 -d /live/persistence/*_unlocked/").stdout.chomp.split -end - -Given /^I clone USB drive "([^"]+)" to a new USB drive "([^"]+)"$/ do |from, to| - $vm.storage.clone_to_new_disk(from, to) -end - -Given /^I unplug USB drive "([^"]+)"$/ do |name| - $vm.unplug_drive(name) -end - -Given /^the computer is set to boot from the old Tails DVD$/ do - $vm.set_cdrom_boot(OLD_TAILS_ISO) -end - -Given /^the computer is set to boot in UEFI mode$/ do - $vm.set_os_loader('UEFI') - @os_loader = 'UEFI' -end - -class UpgradeNotSupported < StandardError -end - -def usb_install_helper(name) - @screen.wait('USBTailsLogo.png', 10) - if @screen.exists("USBCannotUpgrade.png") - raise UpgradeNotSupported - end - @screen.wait_and_click('USBCreateLiveUSB.png', 10) - @screen.wait('USBCreateLiveUSBConfirmWindow.png', 10) - @screen.wait_and_click('USBCreateLiveUSBConfirmYes.png', 10) - @screen.wait('USBInstallationComplete.png', 30*60) -end - -When /^I start Tails Installer$/ do - step 'I start "TailsInstaller" via the GNOME "Tails" applications menu' - @screen.wait('USBCloneAndInstall.png', 30) -end - -When /^I start Tails Installer in "([^"]+)" mode$/ do |mode| - step 'I start Tails Installer' - case mode - when 'Clone & Install' - @screen.wait_and_click('USBCloneAndInstall.png', 10) - when 'Clone & Upgrade' - @screen.wait_and_click('USBCloneAndUpgrade.png', 10) - when 'Upgrade from ISO' - @screen.wait_and_click('USBUpgradeFromISO.png', 10) - else - raise "Unsupported mode '#{mode}'" - end -end - -Then /^Tails Installer detects that a device is too small$/ do - @screen.wait('TailsInstallerTooSmallDevice.png', 10) -end - -When /^I "Clone & Install" Tails to USB drive "([^"]+)"$/ do |name| - step 'I start Tails Installer in "Clone & Install" mode' - usb_install_helper(name) -end - -When /^I "Clone & Upgrade" Tails to USB drive "([^"]+)"$/ do |name| - step 'I start Tails Installer in "Clone & Upgrade" mode' - usb_install_helper(name) -end - -When /^I try a "Clone & Upgrade" Tails to USB drive "([^"]+)"$/ do |name| - begin - step "I \"Clone & Upgrade\" Tails to USB drive \"#{name}\"" - rescue UpgradeNotSupported - # this is what we expect - else - raise "The USB installer should not succeed" - end -end - -When /^I try to "Upgrade from ISO" USB drive "([^"]+)"$/ do |name| - begin - step "I do a \"Upgrade from ISO\" on USB drive \"#{name}\"" - rescue UpgradeNotSupported - # this is what we expect - else - raise "The USB installer should not succeed" - end -end - -When /^I am suggested to do a "Clone & Install"$/ do - @screen.find("USBCannotUpgrade.png") -end - -When /^I am told that the destination device cannot be upgraded$/ do - @screen.find("USBCannotUpgrade.png") -end - -Given /^I setup a filesystem share containing the Tails ISO$/ do - shared_iso_dir_on_host = "#{$config["TMPDIR"]}/shared_iso_dir" - @shared_iso_dir_on_guest = "/tmp/shared_iso_dir" - FileUtils.mkdir_p(shared_iso_dir_on_host) - FileUtils.cp(TAILS_ISO, shared_iso_dir_on_host) - add_after_scenario_hook { FileUtils.rm_r(shared_iso_dir_on_host) } - $vm.add_share(shared_iso_dir_on_host, @shared_iso_dir_on_guest) -end - -When /^I do a "Upgrade from ISO" on USB drive "([^"]+)"$/ do |name| - step 'I start Tails Installer in "Upgrade from ISO" mode' - @screen.wait('USBUseLiveSystemISO.png', 10) - match = @screen.find('USBUseLiveSystemISO.png') - @screen.click(match.getCenter.offset(0, match.h*2)) - @screen.wait('USBSelectISO.png', 10) - @screen.wait_and_click('GnomeFileDiagHome.png', 10) - @screen.type("l", Sikuli::KeyModifier.CTRL) - @screen.wait('GnomeFileDiagTypeFilename.png', 10) - iso = "#{@shared_iso_dir_on_guest}/#{File.basename(TAILS_ISO)}" - @screen.type(iso) - @screen.wait_and_click('GnomeFileDiagOpenButton.png', 10) - usb_install_helper(name) -end - -Given /^I enable all persistence presets$/ do - @screen.wait('PersistenceWizardPresets.png', 20) - # Select the "Persistent" folder preset, which is checked by default. - @screen.type(Sikuli::Key.TAB) - # Check all non-default persistence presets, i.e. all *after* the - # "Persistent" folder, which are unchecked by default. - (persistent_dirs.size - 1).times do - @screen.type(Sikuli::Key.TAB + Sikuli::Key.SPACE) - end - @screen.wait_and_click('PersistenceWizardSave.png', 10) - @screen.wait('PersistenceWizardDone.png', 30) - @screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT) -end - -Given /^I create a persistent partition$/ do - step 'I start "ConfigurePersistentVolume" via the GNOME "Tails" applications menu' - @screen.wait('PersistenceWizardStart.png', 20) - @screen.type(@persistence_password + "\t" + @persistence_password + Sikuli::Key.ENTER) - @screen.wait('PersistenceWizardPresets.png', 300) - step "I enable all persistence presets" -end - -def check_disk_integrity(name, dev, scheme) - info = $vm.execute("udisksctl info --block-device '#{dev}'").stdout - info_split = info.split("\n org\.freedesktop\.UDisks2\.PartitionTable:\n") - dev_info = info_split[0] - part_table_info = info_split[1] - assert(part_table_info.match("^ Type: +#{scheme}$"), - "Unexpected partition scheme on USB drive '#{name}', '#{dev}'") -end - -def check_part_integrity(name, dev, usage, fs_type, part_label, part_type = nil) - info = $vm.execute("udisksctl info --block-device '#{dev}'").stdout - info_split = info.split("\n org\.freedesktop\.UDisks2\.Partition:\n") - dev_info = info_split[0] - part_info = info_split[1] - assert(dev_info.match("^ IdUsage: +#{usage}$"), - "Unexpected device field 'usage' on USB drive '#{name}', '#{dev}'") - assert(dev_info.match("^ IdType: +#{fs_type}$"), - "Unexpected device field 'IdType' on USB drive '#{name}', '#{dev}'") - assert(part_info.match("^ Name: +#{part_label}$"), - "Unexpected partition label on USB drive '#{name}', '#{dev}'") - if part_type - assert(part_info.match("^ Type: +#{part_type}$"), - "Unexpected partition type on USB drive '#{name}', '#{dev}'") - end -end - -def tails_is_installed_helper(name, tails_root, loader) - disk_dev = $vm.disk_dev(name) - part_dev = disk_dev + "1" - check_disk_integrity(name, disk_dev, "gpt") - check_part_integrity(name, part_dev, "filesystem", "vfat", "Tails", - # EFI System Partition - 'c12a7328-f81f-11d2-ba4b-00a0c93ec93b') - - target_root = "/mnt/new" - $vm.execute("mkdir -p #{target_root}") - $vm.execute("mount #{part_dev} #{target_root}") - - c = $vm.execute("diff -qr '#{tails_root}/live' '#{target_root}/live'") - assert(c.success?, - "USB drive '#{name}' has differences in /live:\n#{c.stdout}\n#{c.stderr}") - - syslinux_files = $vm.execute("ls -1 #{target_root}/syslinux").stdout.chomp.split - # We deal with these files separately - ignores = ["syslinux.cfg", "exithelp.cfg", "ldlinux.c32", "ldlinux.sys"] - for f in syslinux_files - ignores do - c = $vm.execute("diff -q '#{tails_root}/#{loader}/#{f}' " + - "'#{target_root}/syslinux/#{f}'") - assert(c.success?, "USB drive '#{name}' has differences in " + - "'/syslinux/#{f}'") - end - - # The main .cfg is named differently vs isolinux - c = $vm.execute("diff -q '#{tails_root}/#{loader}/#{loader}.cfg' " + - "'#{target_root}/syslinux/syslinux.cfg'") - assert(c.success?, "USB drive '#{name}' has differences in " + - "'/syslinux/syslinux.cfg'") - - $vm.execute("umount #{target_root}") - $vm.execute("sync") -end - -Then /^the running Tails is installed on USB drive "([^"]+)"$/ do |target_name| - loader = boot_device_type == "usb" ? "syslinux" : "isolinux" - tails_is_installed_helper(target_name, "/lib/live/mount/medium", loader) -end - -Then /^the ISO's Tails is installed on USB drive "([^"]+)"$/ do |target_name| - iso = "#{@shared_iso_dir_on_guest}/#{File.basename(TAILS_ISO)}" - iso_root = "/mnt/iso" - $vm.execute("mkdir -p #{iso_root}") - $vm.execute("mount -o loop #{iso} #{iso_root}") - tails_is_installed_helper(target_name, iso_root, "isolinux") - $vm.execute("umount #{iso_root}") -end - -Then /^there is no persistence partition on USB drive "([^"]+)"$/ do |name| - data_part_dev = $vm.disk_dev(name) + "2" - assert(!$vm.execute("test -b #{data_part_dev}").success?, - "USB drive #{name} has a partition '#{data_part_dev}'") -end - -Then /^a Tails persistence partition exists on USB drive "([^"]+)"$/ do |name| - dev = $vm.disk_dev(name) + "2" - check_part_integrity(name, dev, "crypto", "crypto_LUKS", "TailsData") - - # The LUKS container may already be opened, e.g. by udisks after - # we've run tails-persistence-setup. - c = $vm.execute("ls -1 /dev/mapper/") - if c.success? - for candidate in c.stdout.split("\n") - luks_info = $vm.execute("cryptsetup status #{candidate}") - if luks_info.success? and luks_info.stdout.match("^\s+device:\s+#{dev}$") - luks_dev = "/dev/mapper/#{candidate}" - break - end - end - end - if luks_dev.nil? - c = $vm.execute("echo #{@persistence_password} | " + - "cryptsetup luksOpen #{dev} #{name}") - assert(c.success?, "Couldn't open LUKS device '#{dev}' on drive '#{name}'") - luks_dev = "/dev/mapper/#{name}" - end - - # Adapting check_part_integrity() seems like a bad idea so here goes - info = $vm.execute("udisksctl info --block-device '#{luks_dev}'").stdout - assert info.match("^ CryptoBackingDevice: +'/[a-zA-Z0-9_/]+'$") - assert info.match("^ IdUsage: +filesystem$") - assert info.match("^ IdType: +ext[34]$") - assert info.match("^ IdLabel: +TailsData$") - - mount_dir = "/mnt/#{name}" - $vm.execute("mkdir -p #{mount_dir}") - c = $vm.execute("mount #{luks_dev} #{mount_dir}") - assert(c.success?, - "Couldn't mount opened LUKS device '#{dev}' on drive '#{name}'") - - $vm.execute("umount #{mount_dir}") - $vm.execute("sync") - $vm.execute("cryptsetup luksClose #{name}") -end - -Given /^I enable persistence$/ do - @screen.wait('TailsGreeterPersistence.png', 10) - @screen.type(Sikuli::Key.SPACE) - @screen.wait('TailsGreeterPersistencePassphrase.png', 10) - match = @screen.find('TailsGreeterPersistencePassphrase.png') - @screen.click(match.getCenter.offset(match.w*2, match.h/2)) - @screen.type(@persistence_password) -end - -def tails_persistence_enabled? - persistence_state_file = "/var/lib/live/config/tails.persistence" - return $vm.execute("test -e '#{persistence_state_file}'").success? && - $vm.execute(". '#{persistence_state_file}' && " + - 'test "$TAILS_PERSISTENCE_ENABLED" = true').success? -end - -Given /^all persistence presets(| from the old Tails version) are enabled$/ do |old_tails| - try_for(120, :msg => "Persistence is disabled") do - tails_persistence_enabled? - end - # Check that all persistent directories are mounted - if old_tails.empty? - expected_mounts = persistent_mounts - else - assert_not_nil($remembered_persistence_mounts) - expected_mounts = $remembered_persistence_mounts - end - mount = $vm.execute("mount").stdout.chomp - for _, dir in expected_mounts do - assert(mount.include?("on #{dir} "), - "Persistent directory '#{dir}' is not mounted") - end -end - -Given /^persistence is disabled$/ do - assert(!tails_persistence_enabled?, "Persistence is enabled") -end - -Given /^I enable read-only persistence$/ do - step "I enable persistence" - @screen.wait_and_click('TailsGreeterPersistenceReadOnly.png', 10) -end - -def boot_device - # Approach borrowed from - # config/chroot_local_includes/lib/live/config/998-permissions - boot_dev_id = $vm.execute("udevadm info --device-id-of-file=/lib/live/mount/medium").stdout.chomp - boot_dev = $vm.execute("readlink -f /dev/block/'#{boot_dev_id}'").stdout.chomp - return boot_dev -end - -def device_info(dev) - # Approach borrowed from - # config/chroot_local_includes/lib/live/config/998-permissions - info = $vm.execute("udevadm info --query=property --name='#{dev}'").stdout.chomp - info.split("\n").map { |e| e.split('=') } .to_h -end - -def boot_device_type - device_info(boot_device)['ID_BUS'] -end - -Then /^Tails is running from (.*) drive "([^"]+)"$/ do |bus, name| - bus = bus.downcase - case bus - when "ide" - expected_bus = "ata" - else - expected_bus = bus - end - assert_equal(expected_bus, boot_device_type) - actual_dev = boot_device - # The boot partition differs between a "normal" install using the - # USB installer and isohybrid installations - expected_dev_normal = $vm.disk_dev(name) + "1" - expected_dev_isohybrid = $vm.disk_dev(name) + "4" - assert(actual_dev == expected_dev_normal || - actual_dev == expected_dev_isohybrid, - "We are running from device #{actual_dev}, but for #{bus} drive " + - "'#{name}' we expected to run from either device " + - "#{expected_dev_normal} (when installed via the USB installer) " + - "or #{expected_dev_isohybrid} (when installed from an isohybrid)") -end - -Then /^the boot device has safe access rights$/ do - - super_boot_dev = boot_device.sub(/[[:digit:]]+$/, "") - devs = $vm.execute("ls -1 #{super_boot_dev}*").stdout.chomp.split - assert(devs.size > 0, "Could not determine boot device") - all_users = $vm.execute("cut -d':' -f1 /etc/passwd").stdout.chomp.split - all_users_with_groups = all_users.collect do |user| - groups = $vm.execute("groups #{user}").stdout.chomp.sub(/^#{user} : /, "").split(" ") - [user, groups] - end - for dev in devs do - dev_owner = $vm.execute("stat -c %U #{dev}").stdout.chomp - dev_group = $vm.execute("stat -c %G #{dev}").stdout.chomp - dev_perms = $vm.execute("stat -c %a #{dev}").stdout.chomp - assert_equal("root", dev_owner) - assert(dev_group == "disk" || dev_group == "root", - "Boot device '#{dev}' owned by group '#{dev_group}', expected " + - "'disk' or 'root'.") - assert_equal("660", dev_perms) - for user, groups in all_users_with_groups do - next if user == "root" - assert(!(groups.include?(dev_group)), - "Unprivileged user '#{user}' is in group '#{dev_group}' which " + - "owns boot device '#{dev}'") - end - end - - info = $vm.execute("udisksctl info --block-device '#{super_boot_dev}'").stdout - assert(info.match("^ HintSystem: +true$"), - "Boot device '#{super_boot_dev}' is not system internal for udisks") -end - -Then /^all persistent filesystems have safe access rights$/ do - persistent_volumes_mountpoints.each do |mountpoint| - fs_owner = $vm.execute("stat -c %U #{mountpoint}").stdout.chomp - fs_group = $vm.execute("stat -c %G #{mountpoint}").stdout.chomp - fs_perms = $vm.execute("stat -c %a #{mountpoint}").stdout.chomp - assert_equal("root", fs_owner) - assert_equal("root", fs_group) - assert_equal('775', fs_perms) - end -end - -Then /^all persistence configuration files have safe access rights$/ do - persistent_volumes_mountpoints.each do |mountpoint| - assert($vm.execute("test -e #{mountpoint}/persistence.conf").success?, - "#{mountpoint}/persistence.conf does not exist, while it should") - assert($vm.execute("test ! -e #{mountpoint}/live-persistence.conf").success?, - "#{mountpoint}/live-persistence.conf does exist, while it should not") - $vm.execute( - "ls -1 #{mountpoint}/persistence.conf #{mountpoint}/live-*.conf" - ).stdout.chomp.split.each do |f| - file_owner = $vm.execute("stat -c %U '#{f}'").stdout.chomp - file_group = $vm.execute("stat -c %G '#{f}'").stdout.chomp - file_perms = $vm.execute("stat -c %a '#{f}'").stdout.chomp - assert_equal("tails-persistence-setup", file_owner) - assert_equal("tails-persistence-setup", file_group) - assert_equal("600", file_perms) - end - end -end - -Then /^all persistent directories(| from the old Tails version) have safe access rights$/ do |old_tails| - if old_tails.empty? - expected_dirs = persistent_dirs - else - assert_not_nil($remembered_persistence_dirs) - expected_dirs = $remembered_persistence_dirs - end - persistent_volumes_mountpoints.each do |mountpoint| - expected_dirs.each do |src, dest| - full_src = "#{mountpoint}/#{src}" - assert_vmcommand_success $vm.execute("test -d #{full_src}") - dir_perms = $vm.execute_successfully("stat -c %a '#{full_src}'").stdout.chomp - dir_owner = $vm.execute_successfully("stat -c %U '#{full_src}'").stdout.chomp - if dest.start_with?("/home/#{LIVE_USER}") - expected_perms = "700" - expected_owner = LIVE_USER - else - expected_perms = "755" - expected_owner = "root" - end - assert_equal(expected_perms, dir_perms, - "Persistent source #{full_src} has permission " \ - "#{dir_perms}, expected #{expected_perms}") - assert_equal(expected_owner, dir_owner, - "Persistent source #{full_src} has owner " \ - "#{dir_owner}, expected #{expected_owner}") - end - end -end - -When /^I write some files expected to persist$/ do - persistent_mounts.each do |_, dir| - owner = $vm.execute("stat -c %U #{dir}").stdout.chomp - assert($vm.execute("touch #{dir}/XXX_persist", :user => owner).success?, - "Could not create file in persistent directory #{dir}") - end -end - -When /^I remove some files expected to persist$/ do - persistent_mounts.each do |_, dir| - owner = $vm.execute("stat -c %U #{dir}").stdout.chomp - assert($vm.execute("rm #{dir}/XXX_persist", :user => owner).success?, - "Could not remove file in persistent directory #{dir}") - end -end - -When /^I write some files not expected to persist$/ do - persistent_mounts.each do |_, dir| - owner = $vm.execute("stat -c %U #{dir}").stdout.chomp - assert($vm.execute("touch #{dir}/XXX_gone", :user => owner).success?, - "Could not create file in persistent directory #{dir}") - end -end - -When /^I take note of which persistence presets are available$/ do - $remembered_persistence_mounts = persistent_mounts - $remembered_persistence_dirs = persistent_dirs -end - -Then /^the expected persistent files(| created with the old Tails version) are present in the filesystem$/ do |old_tails| - if old_tails.empty? - expected_mounts = persistent_mounts - else - assert_not_nil($remembered_persistence_mounts) - expected_mounts = $remembered_persistence_mounts - end - expected_mounts.each do |_, dir| - assert($vm.execute("test -e #{dir}/XXX_persist").success?, - "Could not find expected file in persistent directory #{dir}") - assert(!$vm.execute("test -e #{dir}/XXX_gone").success?, - "Found file that should not have persisted in persistent directory #{dir}") - end -end - -Then /^only the expected files are present on the persistence partition on USB drive "([^"]+)"$/ do |name| - assert(!$vm.is_running?) - disk = { - :path => $vm.storage.disk_path(name), - :opts => { - :format => $vm.storage.disk_format(name), - :readonly => true - } - } - $vm.storage.guestfs_disk_helper(disk) do |g, disk_handle| - partitions = g.part_list(disk_handle).map do |part_desc| - disk_handle + part_desc["part_num"].to_s - end - partition = partitions.find do |part| - g.blkid(part)["PART_ENTRY_NAME"] == "TailsData" - end - assert_not_nil(partition, "Could not find the 'TailsData' partition " \ - "on disk '#{disk_handle}'") - luks_mapping = File.basename(partition) + "_unlocked" - g.luks_open(partition, @persistence_password, luks_mapping) - luks_dev = "/dev/mapper/#{luks_mapping}" - mount_point = "/" - g.mount(luks_dev, mount_point) - assert_not_nil($remembered_persistence_mounts) - $remembered_persistence_mounts.each do |dir, _| - # Guestfs::exists may have a bug; if the file exists, 1 is - # returned, but if it doesn't exist false is returned. It seems - # the translation of C types into Ruby types is glitchy. - assert(g.exists("/#{dir}/XXX_persist") == 1, - "Could not find expected file in persistent directory #{dir}") - assert(g.exists("/#{dir}/XXX_gone") != 1, - "Found file that should not have persisted in persistent directory #{dir}") - end - g.umount(mount_point) - g.luks_close(luks_dev) - end -end - -When /^I delete the persistent partition$/ do - step 'I start "DeletePersistentVolume" via the GNOME "Tails" applications menu' - @screen.wait("PersistenceWizardDeletionStart.png", 20) - @screen.type(" ") - @screen.wait("PersistenceWizardDone.png", 120) -end - -Then /^Tails has started in UEFI mode$/ do - assert($vm.execute("test -d /sys/firmware/efi").success?, - "/sys/firmware/efi does not exist") - end - -Given /^I create a ([[:alpha:]]+) label on disk "([^"]+)"$/ do |type, name| - $vm.storage.disk_mklabel(name, type) -end - -Then /^a suitable USB device is (?:still )?not found$/ do - @screen.wait("TailsInstallerNoQEMUHardDisk.png", 30) -end - -Then /^the "(?:[^"]+)" USB drive is selected$/ do - @screen.wait("TailsInstallerQEMUHardDisk.png", 30) -end - -Then /^no USB drive is selected$/ do - @screen.wait("TailsInstallerNoQEMUHardDisk.png", 30) -end -- cgit v1.2.3-70-g09d2