Commit 41eeb97a authored by intrigeri's avatar intrigeri
Browse files

Merge branch 'stable' into devel

parents 375e9bbd 2f645d13
This diff is collapsed.
......@@ -93,3 +93,7 @@ pref("browser.newtabpage.introShown", true);
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
// Without setting this, the Download Management page will not update
// the progress being made.
pref("browser.download.panel.shown", true);
......@@ -41,13 +41,13 @@ wait_until_i2p_router_console_is_ready() {
notify_router_console_success() {
/usr/local/sbin/tails-notify-user \
"`gettext \"I2P's router console is ready\"`" \
"`gettext \"You can now access I2P's router console on http://127.0.0.1:7657.\"`"
"`gettext \"You can now access I2P's router console in the I2P Browser.\"`"
}
bootstrap_failure() {
/usr/local/sbin/tails-notify-user \
"`gettext \"I2P is not ready\"`" \
"`gettext \"Eepsite tunnel not built within six minutes. Check the router console at http://127.0.0.1:7657/logs or the logs in /var/log/i2p for more information. Reconnect to the network to try again.\"`"
"`gettext \"Eepsite tunnel not built within six minutes. Check the router console in the I2P Browser or the logs in /var/log/i2p for more information. Reconnect to the network to try again.\"`"
exit 1
}
......
......@@ -23,5 +23,9 @@ pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
// Without setting this, the Download Management page will not update
// the progress being made.
pref("browser.download.panel.shown", true);
// Never add 'www' or '.com' to hostnames in I2P Browser.
pref("browser.fixup.alternate.enabled", false);
http://torbrowser-archive.tails.boum.org/5.0.2/
http://torbrowser-archive.tails.boum.org/5.0.3/
675fd2c364c2fae7bcd10d5e814b63fb539674019053fc2e003f7c3fdc4c967a tor-browser-linux32-5.0.2_ar.tar.xz
7812523197fee6f1b10057d49f670df1d6a15a7a3eee52ebe47f7d6741e27567 tor-browser-linux32-5.0.2_de.tar.xz
e683f839c2e4b001403347200c786e8115e17a521936644455454b3e24023cb1 tor-browser-linux32-5.0.2_en-US.tar.xz
bad8efb9272b82e296fee1a400207b521be39a39229d5b69d7fc023ffb3d95c9 tor-browser-linux32-5.0.2_es-ES.tar.xz
9e9d67541b6a92edca0e304baba1859402e4c485a0d4f3601f3280167f0c4dd8 tor-browser-linux32-5.0.2_fa.tar.xz
7537dc1f14f2ac141d2f98d64d6138c6316ba6a3c3b6aaf3823393582af088a8 tor-browser-linux32-5.0.2_fr.tar.xz
ca8f95a0991af6381d1b14cbd65fa8dd86a04c722e7a4b361c489cef5f38e224 tor-browser-linux32-5.0.2_it.tar.xz
aff6ad9c2758a182d46425c287fd3a34f13c879cf58aa13d28b3b7867f36f7fd tor-browser-linux32-5.0.2_ko.tar.xz
0e86be84432a278f2fec7d24b5d796bada28860c1b9ca8bbd074e29db7b5699a tor-browser-linux32-5.0.2_nl.tar.xz
594b9280a9f9f72c6ddce2d9823e0a37dd6cb35ffbb24990b7c3e778f0eed707 tor-browser-linux32-5.0.2_pl.tar.xz
0efdd680b2ae3dc7703440e8d9c2f31d91f02dcf12441a8abb8fb01cf745b437 tor-browser-linux32-5.0.2_pt-PT.tar.xz
733b8005cd8d4d658e7aaffea523908ed081fe899b24fe8eb3a1771942235297 tor-browser-linux32-5.0.2_ru.tar.xz
db737ed3339a87142d6d5e2725038c9140017443d0c51e8562557e599adfaaac tor-browser-linux32-5.0.2_tr.tar.xz
f4a692f82ead892f61fa3e4da1b514fe9bbd390a154090d432060f750306f6ef tor-browser-linux32-5.0.2_vi.tar.xz
545037f2567e1c38530b87b588092c48bffd37f79dc735dd6c6cf646e8efce7b tor-browser-linux32-5.0.2_zh-CN.tar.xz
42169e9c727e10b3e376ba260a3a143a6309c7316ec667e69fa74d401d4d7c4c tor-browser-linux32-5.0.3_ar.tar.xz
b5f56d37ea5a93a8c5f45f85d610da23cb768e8ccd2f0562b0f65a00e0937379 tor-browser-linux32-5.0.3_de.tar.xz
0e94498cb83a07895bf8becf76d3c3b071d8cfadd50048971f701819f80a56aa tor-browser-linux32-5.0.3_en-US.tar.xz
e6382d5b2cbf8db45fb02388a85e953f236b486bf4146396d6521e9f5ed20a13 tor-browser-linux32-5.0.3_es-ES.tar.xz
5666669aaeb695045a9263775d108a9fbe04899d3ef70aa27906a58245d713f4 tor-browser-linux32-5.0.3_fa.tar.xz
e8d667bd356185ee1a4a51ad14f75a2a338ca49a2e56697a8f3f74f7bb8ac04c tor-browser-linux32-5.0.3_fr.tar.xz
1cc8f0488c2b2f851eb7d7a5412a7ade130e2a9db769b87f5889146673034d6d tor-browser-linux32-5.0.3_it.tar.xz
fccf7493864ef2eba80368f8c98e6463be2f97b36392a84c29609c8be174ecfa tor-browser-linux32-5.0.3_ko.tar.xz
dc577b97aeba0b095a2d49df23893bdfdf0f8b8f36207ab97d4e59103b67728b tor-browser-linux32-5.0.3_nl.tar.xz
a022dd5e3d0aebba1f4f67e327e292b72d042a102806943c9693adf0692f63f8 tor-browser-linux32-5.0.3_pl.tar.xz
34c278bfd818a8d29f36bfcebbd1a77276ef61918f107540ce5b9caf4712cd0f tor-browser-linux32-5.0.3_pt-PT.tar.xz
c1391ded41dc3c59adb6fb0286c5262b962ccb12a062c2300d1da5fdea103b46 tor-browser-linux32-5.0.3_ru.tar.xz
44bdcd53aaefc894f8556258b42fadc5fd10458db01f568734a47a9f6d070e5c tor-browser-linux32-5.0.3_tr.tar.xz
87e08f755d3551e9ef3086695d0a976e0ea9be0ff5c88833e5bedb057f64280e tor-browser-linux32-5.0.3_vi.tar.xz
f1d5a0084d06e838a5acfe4352995c40c54ac4488006acb014ab7cf81360f62e tor-browser-linux32-5.0.3_zh-CN.tar.xz
......@@ -32,3 +32,7 @@ pref("browser.newtabpage.introShown", true);
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
// Without setting this, the Download Management page will not update
// the progress being made.
pref("browser.download.panel.shown", true);
......@@ -4,11 +4,94 @@ tails (1.7) UNRELEASED; urgency=medium
-- intrigeri <intrigeri@debian.org> Sat, 08 Aug 2015 13:35:23 +0200
tails (1.6) UNRELEASED; urgency=medium
tails (1.6) unstable; urgency=medium
* Dummy changelog entry.
* Security fixes
- Upgrade Tor Browser to 5.0.3. (Closes: #10223)
- Upgrade bind9-based packages to 1:9.8.4.dfsg.P1-6+nmu2+deb7u7.
- Upgrade libldap-2.4-2 to 2.4.31-2+deb7u1.
- Upgrade libslp1 to 1.2.1-9+deb7u1.
* Bugfixes
- Fix a corner case for the MAC spoofing panic mode. If panic mode
failed to disable the specific device that couldn't be spoofed
(by unloading the module) we disable networking. Previously we
only stopped NetworkManager. The problem is that NM isn't even
started at this time, but will specifically be started when
we're done with MAC spoofing. Therefore, let's completely
disable NetworkManager so it cannot possibly be
started. (Closes: #10160)
- Avoid use of uninitialized value in restricted-network-detector.
If NetworkManager decides that a wireless connection has timed
out before "supplicant connection state" has occued, our idea of
the state is `undef`, so it cannot be used in a string
comparison. Hence, let's initialize the state to the empty
string instead of `undef`. Also fix the state
recording. Apparently NetworkManager can say a few different
things when it logs the device state transitions. (Closes:
#7689)
-- anonym <anonym@riseup.net> Fri, 28 Aug 2015 13:32:45 +0200
* Minor improvements
- Remove workaround for localizing search engine plugins. The
workaround has recently become unnecessary, possibly due to the
changes made for the seach bar after the Tor Browser was rebased
on Firefox 38esr. (Closes: #9146)
- Refer to the I2P Browser in the I2P notifications. Instead of
some obscure links that won't work in the Tor Browser, where
users likely will try them, and which I believe will open them
by default. (Closes: #10182)
- Upgrade I2P to 0.9.22. Also set the I2P apparmor profile to
enforce mode. (Closes: #9830)
* Test suite
- Test that udev-watchdog is monitoring the correct device when
booted from USB. (Closes: #9890)
- Remove unused 'gksu' step. This causes a false-positive to be
found for #5330. (Closes: #9877)
- Make --capture capture individual videos for failed scenarios
only, and --capture-all to capture videos for all scenarios.
(Closes: #10148)
- Use the more efficient x264 encoding when capturing videos using
the --capture* options. (Closes: #10001)
- Make --old-iso default to --iso if omitted. Using the same ISO
for the USB upgrade tests most often still does what we want,
e.g. test that the current version of Tails being tested has a
working Tails installer. Hence this seems like a reasonable
default. (Closes: #10147)
- Avoid nested FindFailed exceptions in waitAny()/findAny(), and
throw a new dedicated FindAnyFailed exception if these fail
instead. Rjb::throw doesn't block Ruby's execution until the
Java exception has been received by Ruby, so strange things can
happen and we must avoid it. (Closes: #9633)
- Fix the Download Management page in our browsers. Without the
browser.download.panel.shown pref set, the progress being made
will not update until after the browser has been restarted.
(Closes: #8159)
- Add a 'pretty_debug' (with an alias: 'debug') Cucumber formatter
that deals with debugging instead of printing it to STDERR via
the `--debug` option (which now has been removed). This gives us
the full flexibility of Cucumber's formatter system, e.g. one
easy-to-read formatter can print to the terminal, while we get
the full debug log printed to a file. (Closes: #9491)
- Import logging module in otr-bot.py. Our otr-bot.py does not use
logging but the jabberbot library makes logging calls, causing a
one-off message “No handlers could be found for logger
"jabberbot"” to be printed to the console. This commit
effectively prevents logging/outputting anything to the terminal
which is at a level lower than CRITICAL. (Closes: 9375)
- Force new Tor circuit and reload web site on browser
timeouts. (Closes: #10116)
- Focus Pidgin's buddy list before trying to access the tools
menu. (Closes: #10217)
- Optimize IRC test using waitAny. If connecting to IRC fails,
such as when OFTC is blocking Tor, waiting 60 seconds to connect
while a a Reconnect button is visible is sub-optimal. It would
be better to try forcing a new Tor circuit and clicking the
reconnect button. (Closes: #9653)
- Wait for (and focus if necessary) Pidgin's Certificate windows.
(Closes: #10222)
-- Tails developers <tails@boum.org> Sun, 20 Sep 2015 17:47:26 +0000
tails (1.5.1) unstable; urgency=medium
......
......@@ -639,9 +639,22 @@ When /^I open the address "([^"]*)" in the (.*)$/ do |address, browser|
next if @skip_steps_while_restoring_background
step "I open a new tab in the #{browser}"
info = xul_application_info(browser)
@screen.click(info[:address_bar_image])
sleep 0.5
@screen.type(address + Sikuli::Key.ENTER)
open_address = Proc.new do
@screen.click(info[:address_bar_image])
sleep 0.5
@screen.type(address + Sikuli::Key.ENTER)
end
open_address.call
if browser == "Tor Browser"
recovery_on_failure = Proc.new do
@screen.type(Sikuli::Key.ESC)
@screen.waitVanish('BrowserReloadButton.png', 3)
open_address.call
end
retry_tor(recovery_on_failure) do
@screen.wait('BrowserReloadButton.png', 120)
end
end
end
Then /^the (.*) has no plugins installed$/ do |browser|
......@@ -1061,10 +1074,7 @@ When /^I open a page on the LAN web server in the (.*)$/ do |browser|
end
def force_new_tor_circuit(with_vidalia=nil)
assert(!@new_circuit_tries.nil? && @new_circuit_tries >= 0,
'@new_circuit_tries was not initialized before it was used')
@new_circuit_tries += 1
debug_log("Forcing new Tor circuit... (attempt ##{@new_circuit_tries})")
debug_log("Forcing new Tor circuit...")
if with_vidalia
assert_equal('gnome', @theme, "Vidalia is not available in the #{@theme} theme.")
begin
......@@ -1147,6 +1157,5 @@ end
Then /^I force Tor to use a new circuit( in Vidalia)?$/ do |with_vidalia|
next if @skip_steps_while_restoring_background
@new_circuit_tries = 1 if @new_circuit_tries.nil?
force_new_tor_circuit(with_vidalia)
end
......@@ -18,19 +18,20 @@ EOF
return account
end
def wait_and_focus(img, time = 10, window)
begin
@screen.wait(img, time)
rescue FindFailed
@vm.focus_window(window)
@screen.wait(img, time)
end
end
def focus_pidgin_irc_conversation_window(account)
account = account.sub(/^irc\./, '')
@vm.focus_window(".*#{Regexp.escape(account)}$")
end
def close_pidgin_conversation_window(account)
focus_pidgin_irc_conversation_window(account)
@screen.type(Sikuli::Key.F4, Sikuli::KeyModifier.ALT)
if @screen.exists('PidginConfirmationIcon.png')
@screen.click('GnomeCloseButton.png')
end
end
When /^I create my XMPP account$/ do
next if @skip_steps_while_restoring_background
account = xmpp_account("Tails_account")
......@@ -296,9 +297,11 @@ end
Then /^Pidgin successfully connects to the "([^"]+)" account$/ do |account|
next if @skip_steps_while_restoring_background
expected_channel_entry = chan_image(account, default_chan(account), 'roster')
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
# Sometimes the OFTC welcome notice window pops up over the buddy list one...
reconnect_button = 'PidginReconnect.png'
recovery_on_failure = Proc.new do
@screen.wait_and_click(reconnect_button, 20)
end
retry_tor(recovery_on_failure) do
begin
@vm.focus_window('Buddy List')
rescue ExecutionFailedInVM
......@@ -307,17 +310,11 @@ Then /^Pidgin successfully connects to the "([^"]+)" account$/ do |account|
# conversation window. At worst, the test will still fail...
close_pidgin_conversation_window(account)
end
# FIXME This should be modified to use waitAny once #9633 is addressed
begin
@screen.wait(expected_channel_entry, 60)
break
rescue FindFailed
force_new_tor_circuit
@screen.wait_and_click('PidginReconnect.png', 20)
on_screen, _ = @screen.waitAny([expected_channel_entry, reconnect_button], 60)
unless on_screen == expected_channel_entry
raise "Connecting to account #{account} failed."
end
end
@screen.wait(expected_channel_entry, 10)
end
Then /^the "([^"]*)" account only responds to PING and VERSION CTCP requests$/ do |irc_server|
......@@ -385,6 +382,7 @@ def pidgin_add_certificate_from (cert_file)
# Here, we need a certificate that is not already in the NSS database
step "I copy \"/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt\" to \"#{cert_file}\" as user \"amnesia\""
@vm.focus_window('Buddy List')
@screen.wait_and_click('PidginToolsMenu.png', 10)
@screen.wait_and_click('PidginCertificatesMenuItem.png', 10)
@screen.wait('PidginCertificateManagerDialog.png', 10)
......@@ -406,18 +404,19 @@ end
Then /^I can add a certificate from the "([^"]+)" directory to Pidgin$/ do |cert_dir|
next if @skip_steps_while_restoring_background
pidgin_add_certificate_from("#{cert_dir}/test.crt")
@screen.wait('PidginCertificateAddHostnameDialog.png', 10)
wait_and_focus('PidginCertificateAddHostnameDialog.png', 10, 'Certificate Import')
@screen.type("XXX test XXX" + Sikuli::Key.ENTER)
@screen.wait('PidginCertificateTestItem.png', 10)
wait_and_focus('PidginCertificateTestItem.png', 10, 'Certificate Manager')
end
Then /^I cannot add a certificate from the "([^"]+)" directory to Pidgin$/ do |cert_dir|
next if @skip_steps_while_restoring_background
pidgin_add_certificate_from("#{cert_dir}/test.crt")
@screen.wait('PidginCertificateImportFailed.png', 10)
wait_and_focus('PidginCertificateImportFailed.png', 10, 'Import Error')
end
When /^I close Pidgin's certificate manager$/ do
wait_and_focus('PidginCertificateManagerDialog.png', 10, 'Certificate Manager')
@screen.type(Sikuli::Key.ESC)
# @screen.wait_and_click('PidginCertificateManagerClose.png', 10)
@screen.waitVanish('PidginCertificateManagerDialog.png', 10)
......
......@@ -12,7 +12,8 @@ def seahorse_wait_helper(img, time = 20)
@screen.wait(img, time)
rescue FindFailed => e
if @screen.exists('SeahorseKeyserverError.png')
raise OpenPGPKeyserverCommunicationError
raise OpenPGPKeyserverCommunicationError.new(
"Could not find 'SeahorseKeyserverError.png'")
else
# Seahorse has been known to segfault during tests
syslog = @vm.file_content('/var/log/syslog')
......@@ -50,18 +51,16 @@ When /^I fetch the "([^"]+)" OpenPGP key using the GnuPG CLI( without any signat
else
importopts = ''
end
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
begin
@gnupg_recv_key_res = @vm.execute_successfully(
retry_tor do
@gnupg_recv_key_res = @vm.execute_successfully(
"gpg --batch #{importopts} --recv-key '#{keyid}'",
LIVE_USER)
break
rescue ExecutionFailedInVM
force_new_tor_circuit
if @gnupg_recv_key_res.failure?
raise "Fetching keys with the GnuPG CLI failed with:\n" +
"#{@gnupg_recv_key_res.stdout}\n" +
"#{@gnupg_recv_key_res.stderr}"
end
end
assert(@new_circuit_tries < $config["MAX_NEW_TOR_CIRCUIT_RETRIES"], "Fetching keys with the GnuPG CLI did not succeed after retrying #{@new_circuit_tries} times")
end
When /^the GnuPG fetch is successful$/ do
......@@ -110,29 +109,26 @@ end
Then /^I synchronize keys in Seahorse$/ do
next if @skip_steps_while_restoring_background
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
begin
step 'process "seahorse" is running'
@screen.wait_and_click("SeahorseWindow.png", 10)
seahorse_menu_click_helper('SeahorseRemoteMenu.png', 'SeahorseRemoteMenuSync.png', 'seahorse')
seahorse_wait_helper('SeahorseSyncKeys.png')
@screen.type("s", Sikuli::KeyModifier.ALT) # Button: Sync
seahorse_wait_helper('SeahorseSynchronizing.png')
seahorse_wait_helper('SeahorseWindow.png', 5*60)
break
rescue OpenPGPKeyserverCommunicationError
force_new_tor_circuit
@screen.wait_and_click('GnomeCloseButton.png', 20)
if @screen.exists('SeahorseSynchronizing.png')
# Seahorse is likely to segfault if we end up here.
@screen.click('SeahorseSynchronizing.png')
@screen.type(Sikuli::Key.ESC)
end
seahorse_wait_helper('SeahorseWindow.png')
recovery_proc = Proc.new do
@screen.wait_and_click('GnomeCloseButton.png', 20)
if @screen.exists('SeahorseSynchronizing.png')
# Seahorse is likely to segfault if we end up here.
@screen.click('SeahorseSynchronizing.png')
@screen.type(Sikuli::Key.ESC)
end
seahorse_wait_helper('SeahorseWindow.png')
end
retry_tor(recovery_proc) do
step 'process "seahorse" is running'
@screen.wait_and_click("SeahorseWindow.png", 10)
seahorse_menu_click_helper('SeahorseRemoteMenu.png',
'SeahorseRemoteMenuSync.png',
'seahorse')
seahorse_wait_helper('SeahorseSyncKeys.png')
@screen.type("s", Sikuli::KeyModifier.ALT) # Button: Sync
seahorse_wait_helper('SeahorseSynchronizing.png')
seahorse_wait_helper('SeahorseWindow.png', 5*60)
end
assert(@new_circuit_tries < $config["MAX_NEW_TOR_CIRCUIT_RETRIES"], "Syncing keys in Seahorse did not succeed after retrying #{@new_circuit_tries} times")
end
When /^I fetch the "([^"]+)" OpenPGP key using Seahorse( via the Tails OpenPGP Applet)?$/ do |keyid, withgpgapplet|
......@@ -143,35 +139,33 @@ When /^I fetch the "([^"]+)" OpenPGP key using Seahorse( via the Tails OpenPGP A
step "I start Seahorse"
end
step "Seahorse has opened"
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
recovery_proc = Proc.new do
@screen.wait_and_click('GnomeCloseButton.png', 20)
@screen.type(Sikuli::Key.ESC)
@screen.type("w", Sikuli::KeyModifier.CTRL)
end
retry_tor(recovery_proc) do
@screen.wait_and_click("SeahorseWindow.png", 10)
seahorse_menu_click_helper('SeahorseRemoteMenu.png',
'SeahorseRemoteMenuFind.png',
'seahorse')
seahorse_wait_helper('SeahorseFindKeysWindow.png', 10)
# Seahorse doesn't seem to support searching for fingerprints
@screen.type(keyid + Sikuli::Key.ENTER)
begin
@screen.wait_and_click("SeahorseWindow.png", 10)
seahorse_menu_click_helper('SeahorseRemoteMenu.png', 'SeahorseRemoteMenuFind.png', 'seahorse')
seahorse_wait_helper('SeahorseFindKeysWindow.png', 10)
# Seahorse doesn't seem to support searching for fingerprints
@screen.type(keyid + Sikuli::Key.ENTER)
begin
seahorse_wait_helper('SeahorseFoundKeyResult.png', 5*60)
rescue FindFailed
# We may end up here if Seahorse appears to be "frozen".
# Sometimes--but not always--if we click another window
# the main Seahorse window will unfreeze, allowing us
# to continue normally.
@screen.click("SeahorseSearch.png")
end
@screen.click("SeahorseKeyResultWindow.png")
@screen.click("SeahorseFoundKeyResult.png")
@screen.click("SeahorseImport.png")
break
rescue OpenPGPKeyserverCommunicationError
force_new_tor_circuit
@screen.wait_and_click('GnomeCloseButton.png', 20)
@screen.type(Sikuli::Key.ESC)
@screen.type("w", Sikuli::KeyModifier.CTRL)
seahorse_wait_helper('SeahorseFoundKeyResult.png', 5*60)
rescue FindFailed
# We may end up here if Seahorse appears to be "frozen".
# Sometimes--but not always--if we click another window
# the main Seahorse window will unfreeze, allowing us
# to continue normally.
@screen.click("SeahorseSearch.png")
end
@screen.click("SeahorseKeyResultWindow.png")
@screen.click("SeahorseFoundKeyResult.png")
@screen.click("SeahorseImport.png")
end
assert(@new_circuit_tries < $config["MAX_NEW_TOR_CIRCUIT_RETRIES"], "Fetching keys in Seahorse did not succeed after retrying #{@new_circuit_tries} times")
end
Then /^Seahorse is configured to use the correct keyserver$/ do
......
class WhoisLookupFailure < StandardError
end
class WgetFailure < StandardError
end
When /^I query the whois directory service for "([^"]+)"$/ do |domain|
next if @skip_steps_while_restoring_background
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
begin
@vm_execute_res = @vm.execute("whois '#{domain}'", LIVE_USER)
if !@vm_execute_res.success? || @vm_execute_res.stdout['LIMIT EXCEEDED']
raise WhoisLookupFailure
end
break
rescue WhoisLookupFailure
if @vm_execute_res.stderr['Timeout'] || \
@vm_execute_res.stderr['Unable to resolve'] || \
@vm_execute_res.stdout['LIMIT EXCEEDED']
force_new_tor_circuit
end
retry_tor do
@vm_execute_res = @vm.execute("whois '#{domain}'", LIVE_USER)
if @vm_execute_res.failure?
raise "Looking up whois info for #{domain} failed with:\n" +
"#{@vm_execute_res.stdout}\n" +
"#{@vm_execute_res.stderr}"
end
end
assert(@new_circuit_tries < $config["MAX_NEW_TOR_CIRCUIT_RETRIES"],
"Looking up whois info for #{domain} did not succeed after retrying #{@new_circuit_tries} times.\n" +
"The output of the last command contains:\n" +
"#{@vm_execute_res.stdout}\n" + "#{@vm_execute_res.stderr}")
end
When /^I wget "([^"]+)" to stdout(?:| with the '([^']+)' options)$/ do |url, options|
next if @skip_steps_while_restoring_background
arguments = "-O - '#{url}'"
arguments = "#{options} #{arguments}" if options
@new_circuit_tries = 0
until @new_circuit_tries == $config["MAX_NEW_TOR_CIRCUIT_RETRIES"] do
begin
@vm_execute_res = @vm.execute("wget #{arguments}", LIVE_USER)
raise WgetFailure unless @vm_execute_res.success?
break
rescue WgetFailure
if @vm_execute_res.stderr['Timeout'] || @vm_execute_res.stderr['Unable to resolve']
force_new_tor_circuit
end
retry_tor do
@vm_execute_res = @vm.execute("wget #{arguments}", LIVE_USER)
if @vm_execute_res.failure?
raise "wget:ing #{url} with options #{options} failed with:\n" +
"#{@vm_execute_res.stdout}\n" +
"#{@vm_execute_res.stderr}"
end
end
assert(@new_circuit_tries < $config["MAX_NEW_TOR_CIRCUIT_RETRIES"],
"Fetching from #{url} with options #{options} did not succeed after retrying #{@new_circuit_tries} times.\n" +
"The output contains:\n" +
"#{@vm_execute_res.stdout}\n" +
"#{@vm_execute_res.stderr}")
end
Then /^the (wget|whois) command is successful$/ do |command|
......
......@@ -56,6 +56,10 @@ class VMCommand
return @returncode == 0
end
def failure?
return not(success?)
end
def to_s
"Return status: #{@returncode}\n" +
"STDOUT:\n" +
......
......@@ -66,6 +66,40 @@ rescue unique_timeout_exception => e
raise Timeout::Error.new(msg)
end
class TorFailure < StandardError
end
# This will retry the block up to MAX_NEW_TOR_CIRCUIT_RETRIES
# times. The block must raise an exception for a run to be considered
# as a failure. After a failure recovery_proc will be called (if
# given) and the intention with it is to bring us back to the state
# expected by the block, so it can be retried.
def retry_tor(recovery_proc = nil, &block)
max_retries = $config["MAX_NEW_TOR_CIRCUIT_RETRIES"]
retries = 1
loop do
begin
block.call
return
rescue Exception => e
if retries <= max_retries
if $config["DEBUG"]
STDERR.puts "Tor operation failed (Tor circuit try #{retries} of " +