Commit 709c9c75 authored by anonym's avatar anonym
Browse files

Actually run a web server on the LAN.

It shouldn't be needed for the Tor Browser test since we check the
network traffic, but we'll need it when testing the Unsafe Browser, so
why not?
parent f88a99ce
......@@ -939,3 +939,54 @@ When /^I accept to import the key with Seahorse$/ do
next if @skip_steps_while_restoring_background
@screen.wait_and_click("TorBrowserOkButton.png", 10)
end
Given /^a web server is running on the LAN$/ do
next if @skip_steps_while_restoring_background
web_server_ip_addr = $vmnet.bridge_ip_addr
web_server_port = 8000
@web_server_url = "http://#{web_server_ip_addr}:#{web_server_port}"
web_server_hello_msg = "Welcome to the LAN web server!"
# I've tested ruby Thread:s, fork(), etc. but nothing works due to
# various strange limitations in the ruby interpreter. For instance,
# apparently concurrent IO has serious limits in the thread
# scheduler (e.g. sikuli's wait() would block WEBrick from reading
# from its socket), and fork():ing results in a lot of complex
# cucumber stuff (like our hooks!) ending up in the child process,
# breaking stuff in the parent process. After asking some supposed
# ruby pros, I've settled on the following.
code = <<-EOF
require "webrick"
STDOUT.reopen("/dev/null", "w")
STDERR.reopen("/dev/null", "w")
server = WEBrick::HTTPServer.new(:BindAddress => "#{web_server_ip_addr}",
:Port => #{web_server_port},
:DocumentRoot => "/dev/null")
server.mount_proc("/") do |req, res|
res.body = "#{web_server_hello_msg}"
end
server.start
EOF
# Run with `exec` since the above is opened in a shell, and we want
# to capture the ruby process to get its pid.
proc = IO.popen("exec ruby -e '#{code}'")
try_for(10, :msg => "It seems the LAN web server failed to start") do
Process.kill(0, proc.pid) == 1
end
add_after_scenario_hook(Process.method(:kill), ["TERM", proc.pid])
# It seems necessary to actually check that the LAN server is
# serving, possibly because it isn't doing so reliably when setting
# up. If e.g. the Unsafe Browser (which *should* be able to access
# the web server) tries to access it too early, Firefox seems to
# take some random amount of time to retry fetching. Curl gives a
# more consistent result, so let's rely on that instead. Note that
# this forces us to capture traffic *after* this step in case
# accessing this server matters, like when testing the Tor Browser..
try_for(30, :msg => "Something is wrong with the LAN web server") do
msg = @vm.execute_successfully("curl #{@web_server_url}",
LIVE_USER).stdout.chomp
assert_equal(web_server_hello_msg, msg)
end
end
When /^I open some LAN resource in the Tor Browser$/ do
When /^I open the LAN web server in the Tor Browser$/ do
next if @skip_steps_while_restoring_background
@lan_host = "192.168.0.1"
step "I open the address \"#{@lan_host}\" in the Tor Browser"
step "I open the address \"#{@lan_web_server_url}\" in the Tor Browser"
end
When /^no traffic has flowed to the LAN resource$/ do
When /^no traffic has flowed to the LAN web server$/ do
next if @skip_steps_while_restoring_background
leaks = FirewallLeakCheck.new(@sniffer.pcap_file, :ignore_lan => false)
STDERR.puts "#{leaks.ipv4_tcp_leaks}"
......
......@@ -16,12 +16,13 @@ Feature: Browsing the web using the Tor Browser
And I save the state so the background can be restored next scenario
Scenario: The Tor Browser cannot access the LAN
Given I capture all network traffic
Given a web server is running on the LAN
And I capture all network traffic
When I start the Tor Browser
And the Tor Browser has started and loaded the startup page
And I open some LAN resource in the Tor Browser
And I open the LAN web server in the Tor Browser
Then I see "TorBrowserUnableToConnect.png" after at most 20 seconds
And no traffic has flowed to the LAN resource
And no traffic has flowed to the LAN web server
Scenario: The Tor Browser directory is usable
Then the amnesiac Tor Browser directory exists
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment