Actually run a web server on the LAN.

It shouldn't be needed for the Tor Browser test since we check the network traffic, but we'll need it when testing the Unsafe Browser, so why not?

Actually run a web server on the LAN.
It shouldn't be needed for the Tor Browser test since we check the network traffic, but we'll need it when testing the Unsafe Browser, so why not?
709c9c75 · anonym · f88a99ce · 709c9c75 · 709c9c75 · 709c9c75
Commit 709c9c75 authored Apr 08, 2015 by anonym
--- a/features/images/UnsafeBrowserHelloLANWebServer.png
+++ b/features/images/UnsafeBrowserHelloLANWebServer.png
--- a/features/step_definitions/common_steps.rb
+++ b/features/step_definitions/common_steps.rb
@@ -939,3 +939,54 @@ When /^I accept to import the key with Seahorse$/ do
  next if @skip_steps_while_restoring_background
  @screen.wait_and_click("TorBrowserOkButton.png", 10)
 end
+
+Given /^a web server is running on the LAN$/ do
+  next if @skip_steps_while_restoring_background
+  web_server_ip_addr = $vmnet.bridge_ip_addr
+  web_server_port = 8000
+  @web_server_url = "http://#{web_server_ip_addr}:#{web_server_port}"
+  web_server_hello_msg = "Welcome to the LAN web server!"
+
+  # I've tested ruby Thread:s, fork(), etc. but nothing works due to
+  # various strange limitations in the ruby interpreter. For instance,
+  # apparently concurrent IO has serious limits in the thread
+  # scheduler (e.g. sikuli's wait() would block WEBrick from reading
+  # from its socket), and fork():ing results in a lot of complex
+  # cucumber stuff (like our hooks!) ending up in the child process,
+  # breaking stuff in the parent process. After asking some supposed
+  # ruby pros, I've settled on the following.
+  code = <<-EOF
+  require "webrick"
+  STDOUT.reopen("/dev/null", "w")
+  STDERR.reopen("/dev/null", "w")
+  server = WEBrick::HTTPServer.new(:BindAddress => "#{web_server_ip_addr}",
+                                   :Port => #{web_server_port},
+                                   :DocumentRoot => "/dev/null")
+  server.mount_proc("/") do |req, res|
+    res.body = "#{web_server_hello_msg}"
+  end
+  server.start
+EOF
+  # Run with `exec` since the above is opened in a shell, and we want
+  # to capture the ruby process to get its pid.
+  proc = IO.popen("exec ruby -e '#{code}'")
+  try_for(10, :msg => "It seems the LAN web server failed to start") do
+    Process.kill(0, proc.pid) == 1
+  end
+
+  add_after_scenario_hook(Process.method(:kill), ["TERM", proc.pid])
+
+  # It seems necessary to actually check that the LAN server is
+  # serving, possibly because it isn't doing so reliably when setting
+  # up. If e.g. the Unsafe Browser (which *should* be able to access
+  # the web server) tries to access it too early, Firefox seems to
+  # take some random amount of time to retry fetching. Curl gives a
+  # more consistent result, so let's rely on that instead. Note that
+  # this forces us to capture traffic *after* this step in case
+  # accessing this server matters, like when testing the Tor Browser..
+  try_for(30, :msg => "Something is wrong with the LAN web server") do
+    msg = @vm.execute_successfully("curl #{@web_server_url}",
+                                   LIVE_USER).stdout.chomp
+    assert_equal(web_server_hello_msg, msg)
+  end
+end
--- a/features/step_definitions/torified_browsing.rb
+++ b/features/step_definitions/torified_browsing.rb
-When /^I open some LAN resource in the Tor Browser$/ do
+When /^I open the LAN web server in the Tor Browser$/ do
  next if @skip_steps_while_restoring_background
-  @lan_host = "192.168.0.1"
-  step "I open the address \"#{@lan_host}\" in the Tor Browser"
+  step "I open the address \"#{@lan_web_server_url}\" in the Tor Browser"
 end

-When /^no traffic has flowed to the LAN resource$/ do
+When /^no traffic has flowed to the LAN web server$/ do
  next if @skip_steps_while_restoring_background
  leaks = FirewallLeakCheck.new(@sniffer.pcap_file, :ignore_lan => false)
  STDERR.puts "#{leaks.ipv4_tcp_leaks}"

--- a/features/torified_browsing.feature
+++ b/features/torified_browsing.feature
@@ -16,12 +16,13 @@ Feature: Browsing the web using the Tor Browser
    And I save the state so the background can be restored next scenario

  Scenario: The Tor Browser cannot access the LAN
-    Given I capture all network traffic
+    Given a web server is running on the LAN
+    And I capture all network traffic
    When I start the Tor Browser
    And the Tor Browser has started and loaded the startup page
-    And I open some LAN resource in the Tor Browser
+    And I open the LAN web server in the Tor Browser
    Then I see "TorBrowserUnableToConnect.png" after at most 20 seconds
-    And no traffic has flowed to the LAN resource
+    And no traffic has flowed to the LAN web server

  Scenario: The Tor Browser directory is usable
    Then the amnesiac Tor Browser directory exists