unsafe_browser.rb 8.84 KB
Newer Older
1
When /^I see and accept the Unsafe Browser start verification$/ do
kytv's avatar
kytv committed
2
  @screen.wait('GnomeQuestionDialogIcon.png', 30)
3 4 5
  @screen.type(Sikuli::Key.ESC)
end

6
def supported_torbrowser_languages
7
  langs = Array.new
8
  exts = $vm.execute_successfully(
9
    "find /usr/local/share/tor-browser-extensions -maxdepth 1 -name 'langpack*.xpi' -printf \"%f\n\"").stdout
10 11 12 13 14

  # Some of the TBB languages are shipped with both a language and country code, e.g. es-ES.
  # We'll only keep track of the language code and let `guess_best_tor_browser_locale`
  # try to get by with our approximated locales.
  supported_langs = exts.scan(/langpack-([a-z]+).*/).flatten
15
  locales = $vm.execute_successfully(
kytv's avatar
kytv committed
16
    "find /usr/lib/locale -maxdepth 1 -name '*.utf8' -printf \"%f\n\"").stdout.split
17 18 19

  # Determine a valid locale for each language that we want to test.
  supported_langs.each do |lang|
kytv's avatar
kytv committed
20 21
    # If a language shipped by TBB is not a supported system locale (e.g. 'vi'),
    # 'find(nomatch)' will use the locale xx_XX for language 'xx'.
kytv's avatar
kytv committed
22
    nomatch = proc { "#{lang}_#{lang.upcase}.utf8" }
23
    langs << locales.find(nomatch) { |l| l.match(/^#{lang}/) }
24 25 26 27
  end
  return langs
end

28
Then /^I start the Unsafe Browser in the "([^"]+)" locale$/ do |loc|
29
  step "I run \"LANG=#{loc} LC_ALL=#{loc} sudo unsafe-browser\" in GNOME Terminal"
30
  step "I see and accept the Unsafe Browser start verification"
31 32
end

33
Then /^the Unsafe Browser works in all supported languages$/ do
34
  failed = Array.new
kytv's avatar
kytv committed
35
  supported_torbrowser_languages.each do |lang|
36
    step "I start the Unsafe Browser in the \"#{lang}\" locale"
37 38 39 40 41 42
    begin
      step "the Unsafe Browser has started"
    rescue RuntimeError
      failed << lang
      next
    end
43 44 45
    step "I close the Unsafe Browser"
    step "the Unsafe Browser chroot is torn down"
  end
46
  assert(failed.empty?, "Unsafe Browser failed to launch in the following locale(s): #{failed.join(', ')}")
47 48
end

49
Then /^I see the Unsafe Browser start notification and wait for it to close$/ do
50
  notification_helper('UnsafeBrowserStartNotification.png', 30)
51 52 53
  @screen.waitVanish("UnsafeBrowserStartNotification.png", 10)
end

54
Then /^the Unsafe Browser has started$/ do
55
  @screen.wait("UnsafeBrowserHomepage.png", 360)
56 57
end

58
Then /^the Unsafe Browser has no add-ons installed$/ do
59 60
  step "I open the address \"about:addons\" in the Unsafe Browser"
  step "I see \"UnsafeBrowserNoAddons.png\" after at most 30 seconds"
61 62
end

63 64 65 66 67 68 69 70 71 72
Then /^the Unsafe Browser has only Firefox's default bookmarks configured$/ do
  info = xul_application_info("Unsafe Browser")
  # "Show all bookmarks"
  @screen.type("o", Sikuli::KeyModifier.SHIFT + Sikuli::KeyModifier.CTRL)
  @screen.wait_and_click("UnsafeBrowserExportBookmarksButton.png", 20)
  @screen.wait_and_click("UnsafeBrowserExportBookmarksMenuEntry.png", 20)
  @screen.wait("UnsafeBrowserExportBookmarksSavePrompt.png", 20)
  path = "/home/#{info[:user]}/bookmarks"
  @screen.type(path + Sikuli::Key.ENTER)
  chroot_path = "#{info[:chroot]}/#{path}.json"
73 74
  try_for(10) { $vm.file_exist?(chroot_path) }
  dump = JSON.load($vm.file_content(chroot_path))
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110

  def check_bookmarks_helper(a)
    mozilla_uris_counter = 0
    places_uris_counter = 0
    a.each do |h|
      h.each_pair do |k, v|
        if k == "children"
          m, p = check_bookmarks_helper(v)
          mozilla_uris_counter += m
          places_uris_counter += p
        elsif k == "uri"
          uri = v
          if uri.match("^https://www\.mozilla\.org/")
            mozilla_uris_counter += 1
          elsif uri.match("^place:(sort|folder|type)=")
            places_uris_counter += 1
          else
            raise "Unexpected Unsafe Browser bookmark for '#{uri}'"
          end
        end
      end
    end
    return [mozilla_uris_counter, places_uris_counter]
  end

  mozilla_uris_counter, places_uris_counter =
    check_bookmarks_helper(dump["children"])
  assert_equal(5, mozilla_uris_counter,
               "Unexpected number (#{mozilla_uris_counter}) of mozilla " \
               "bookmarks")
  assert_equal(3, places_uris_counter,
               "Unexpected number (#{places_uris_counter}) of places " \
               "bookmarks")
  @screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT)
end

111 112 113 114 115 116 117 118 119
Then /^the Unsafe Browser has a red theme$/ do
  @screen.wait("UnsafeBrowserRedTheme.png", 10)
end

Then /^the Unsafe Browser shows a warning as its start page$/ do
  @screen.wait("UnsafeBrowserStartPage.png", 10)
end

When /^I start the Unsafe Browser$/ do
120
  step 'I start "UnsafeBrowser" via the GNOME "Internet" applications menu'
121 122 123 124
end

When /^I successfully start the Unsafe Browser$/ do
  step "I start the Unsafe Browser"
125
  step "I see and accept the Unsafe Browser start verification"
126
  step "I see the Unsafe Browser start notification and wait for it to close"
127
  step "the Unsafe Browser has started"
128 129 130 131 132 133
end

Then /^I see a warning about another instance already running$/ do
  @screen.wait('UnsafeBrowserWarnAlreadyRunning.png', 10)
end

Tails developers's avatar
Tails developers committed
134
When /^I close the Unsafe Browser$/ do
135
  @screen.type("q", Sikuli::KeyModifier.CTRL)
136 137
end

138
Then /^I see the Unsafe Browser stop notification$/ do
139
  notification_helper('UnsafeBrowserStopNotification.png', 20)
140 141 142
  @screen.waitVanish('UnsafeBrowserStopNotification.png', 10)
end

143 144 145 146
Then /^I can start the Unsafe Browser again$/ do
  step "I start the Unsafe Browser"
end

147 148 149
Then /^I cannot configure the Unsafe Browser to use any local proxies$/ do
  socks_proxy = 'c' # Alt+c for socks proxy
  no_proxy    = 'y' # Alt+y for no proxy
150 151
  proxies = [[no_proxy, nil, nil]]
  socksport_lines =
152
    $vm.execute_successfully('grep -w "^SocksPort" /etc/tor/torrc').stdout
153 154 155 156 157
  assert(socksport_lines.size >= 4, "We got fewer than four Tor SocksPorts")
  socksports = socksport_lines.scan(/^SocksPort\s([^:]+):(\d+)/)
  proxies += socksports.map { |host, port| [socks_proxy, host, port] }

  proxies.each do |proxy_type, proxy_host, proxy_port|
158 159
    @screen.hide_cursor

160
    # Open proxy settings and select manual proxy configuration
161 162
    @screen.click('UnsafeBrowserMenuButton.png')
    @screen.wait_and_click('UnsafeBrowserPreferencesButton.png', 10)
163 164 165 166 167
    @screen.wait_and_click('UnsafeBrowserAdvancedSettingsButton.png', 10)
    hit, _ = @screen.waitAny(['UnsafeBrowserNetworkTabAlreadySelected.png',
                              'UnsafeBrowserNetworkTab.png'], 10)
    @screen.click(hit) if hit == 'UnsafeBrowserNetworkTab.png'
    @screen.wait_and_click('UnsafeBrowserNetworkTabSettingsButton.png', 10)
168
    @screen.wait('UnsafeBrowserProxySettingsWindow.png', 10)
169
    @screen.type("m", Sikuli::KeyModifier.ALT)
170 171

    # Configure the proxy
172
    @screen.type(proxy_type, Sikuli::KeyModifier.ALT)  # Select correct proxy type
173
    @screen.type(proxy_host + Sikuli::Key.TAB + proxy_port) if proxy_type != no_proxy
174

Tails developers's avatar
Tails developers committed
175
    # Close settings
176
    @screen.type(Sikuli::Key.ENTER)
anonym's avatar
anonym committed
177
    @screen.waitVanish('UnsafeBrowserProxySettingsWindow.png', 10)
178 179 180 181 182 183 184 185 186 187

    # Test that the proxy settings work as they should
    step "I open the address \"https://check.torproject.org\" in the Unsafe Browser"
    if proxy_type == no_proxy
      @screen.wait('UnsafeBrowserTorCheckFail.png', 60)
    else
      @screen.wait('UnsafeBrowserProxyRefused.png', 60)
    end
  end
end
188

189 190 191
Then /^the Unsafe Browser has no proxy configured$/ do
  @screen.click('UnsafeBrowserMenuButton.png')
  @screen.wait_and_click('UnsafeBrowserPreferencesButton.png', 10)
192
  @screen.wait_and_click('UnsafeBrowserAdvancedSettingsButton.png', 10)
193
  @screen.wait_and_click('UnsafeBrowserNetworkTab.png', 10)
anonym's avatar
anonym committed
194
  @screen.wait_and_click('UnsafeBrowserNetworkTabSettingsButton.png', 10)
anonym's avatar
anonym committed
195
  @screen.wait('UnsafeBrowserProxySettingsWindow.png', 10)
196 197
  @screen.wait('UnsafeBrowserNoProxySelected.png', 10)
  @screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT)
198
  @screen.type("w", Sikuli::KeyModifier.CTRL)
199 200
end

201 202 203
Then /^the Unsafe Browser complains that no DNS server is configured$/ do
  @screen.wait("UnsafeBrowserDNSError.png", 30)
end
204 205 206

Then /^I configure the Unsafe Browser to check for updates more frequently$/ do
  prefs = '/usr/share/tails/unsafe-browser/prefs.js'
207 208 209
  $vm.file_append(prefs, 'pref("app.update.idletime", 1);')
  $vm.file_append(prefs, 'pref("app.update.promptWaitTime", 1);')
  $vm.file_append(prefs, 'pref("app.update.interval", 5);')
210
end
211 212 213

But /^checking for updates is disabled in the Unsafe Browser's configuration$/ do
  prefs = '/usr/share/tails/unsafe-browser/prefs.js'
214
  assert($vm.file_content(prefs).include?('pref("app.update.enabled", false)'))
215
end
216 217 218

Then /^the clearnet user has (|not )sent packets out to the Internet$/ do |sent|
  pkts = 0
219 220
  uid = $vm.execute_successfully("id -u clearnet").stdout.chomp.to_i
  iptables_output = $vm.execute_successfully("iptables -vnL").stdout.chomp
221 222
  output_chain = iptables_parse(iptables_output)["OUTPUT"]
  output_chain["rules"].each do |rule|
Tails developers's avatar
Tails developers committed
223
    if /owner UID match \b#{uid}\b/.match(rule["extra"])
224
      pkts += rule["pkts"]
225 226 227 228 229 230 231 232 233 234
    end
  end

  case sent
  when ''
    assert(pkts > 0, "Packets have not gone out to the internet.")
  when 'not'
    assert_equal(pkts, 0, "Packets have gone out to the internet.")
  end
end