Commit 83bde0f9 authored by anonym's avatar anonym
Browse files

Improve names of generated snapshot restoring steps.

Essentially I did:

    sed -i 's/Tails has booted/I have started Tails/' -- \
        features/*.feature features/step_definitions/snapshots.rb

(although there was a false positive that I had to restore)
parent b1e04440
......@@ -6,7 +6,7 @@ Feature: Installing packages through APT
and all Internet traffic should flow only through Tor.
Background:
Given Tails has booted from DVD and logged in with an administration password and the network is connected
Given I have started Tails from DVD and logged in with an administration password and the network is connected
Scenario: APT sources are configured correctly
Then the only hosts in APT sources are "ftp.us.debian.org,security.debian.org,backports.debian.org,deb.tails.boum.org,deb.torproject.org,mozilla.debian.net"
......
......@@ -2,35 +2,35 @@
Feature: Various checks
Scenario: AppArmor is enabled and has enforced profiles
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
Then AppArmor is enabled
And some AppArmor profiles are enforced
Scenario: GNOME Screenshot has a sane default save directory
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
Then GNOME Screenshot is configured to save files to the live user's home directory
Scenario: GNOME Screenshot takes a screenshot when the PRINTSCREEN key is pressed
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And there is no screenshot in the live user's home directory
When I press the "PRINTSCREEN" key
Then a screenshot is saved to the live user's home directory
Scenario: VirtualBox guest modules are available
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When Tails has booted a 64-bit kernel
Then the VirtualBox guest modules are available
Scenario: The shipped Tails OpenPGP keys are up-to-date
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
Then the OpenPGP keys shipped with Tails will be valid for the next 3 months
Scenario: The Tails Debian repository key is up-to-date
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
Then the shipped Debian repository key will be valid for the next 3 months
Scenario: The "Report an Error" launcher will open the support documentation
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And the network is plugged
And Tor is ready
And all notifications have disappeared
......@@ -38,13 +38,13 @@ Feature: Various checks
Then the support documentation page opens in Tor Browser
Scenario: The live user is setup correctly
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
Then the live user has been setup by live-boot
And the live user is a member of only its own group and "audio cdrom dialout floppy video plugdev netdev fuse scanner lp lpadmin vboxsf"
And the live user owns its home dir and it has normal permissions
Scenario: No initial network
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And I wait between 30 and 60 seconds
When the network is plugged
And Tor is ready
......@@ -53,29 +53,29 @@ Feature: Various checks
And process "vidalia" is running within 30 seconds
Scenario: The 'Tor is ready' notification is shown when Tor has bootstrapped
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And the network is plugged
When I see the 'Tor is ready' notification
Then Tor is ready
Scenario: The tor process should be confined with Seccomp
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And the network is plugged
And Tor is ready
Then the running process "tor" is confined with Seccomp in filter mode
Scenario: No unexpected network services
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When the network is plugged
And Tor is ready
Then no unexpected services are listening for network connections
Scenario: The emergency shutdown applet can shutdown Tails
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I request a shutdown using the emergency shutdown applet
Then Tails eventually shuts down
Scenario: The emergency shutdown applet can reboot Tails
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I request a reboot using the emergency shutdown applet
Then Tails eventually restarts
......@@ -6,7 +6,7 @@ Feature: Getting a DHCP lease without leaking too much information
and the hostname should not have been leaked on the network.
Background:
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And I capture all network traffic
And the network is plugged
And Tor is ready
......
......@@ -5,13 +5,13 @@ Feature: Electrum Bitcoin client
And all Internet traffic should flow only through Tor
Scenario: A warning will be displayed if Electrum is not persistent
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start Electrum through the GNOME menu
But persistence for "electrum" is not enabled
Then I see a warning that Electrum is not persistent
Scenario: Using a persistent Electrum configuration
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And the network is plugged
And Tor is ready
And available upgrades have been checked
......
......@@ -5,7 +5,7 @@ Feature: Encryption and verification using GnuPG
And decrypt and verify GnuPG blocks
Background:
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And I generate an OpenPGP key named "test" with password "asdf"
Scenario: Encryption and decryption using Tails OpenPGP Applet
......
......@@ -5,20 +5,20 @@ Feature: Using Evince
And AppArmor should prevent Evince from doing dangerous things
Scenario: I can view and print a PDF file stored in /usr/share
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I open "/usr/share/cups/data/default-testpage.pdf" with Evince
Then I see "CupsTestPage.png" after at most 10 seconds
And I can print the current document to "/home/amnesia/output.pdf"
Scenario: I can view and print a PDF file stored in non-persistent /home/amnesia
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia" as user "amnesia"
When I open "/home/amnesia/default-testpage.pdf" with Evince
Then I see "CupsTestPage.png" after at most 10 seconds
And I can print the current document to "/home/amnesia/output.pdf"
Scenario: I cannot view a PDF file stored in non-persistent /home/amnesia/.gnupg
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists
And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists
......@@ -41,7 +41,7 @@ Feature: Using Evince
And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
Scenario: I can view and print a PDF file stored in persistent /home/amnesia/Persistent but not /home/amnesia/.gnupg
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/Persistent" as user "amnesia"
Then the file "/home/amnesia/Persistent/default-testpage.pdf" exists
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
......@@ -53,7 +53,7 @@ Feature: Using Evince
And I can print the current document to "/home/amnesia/Persistent/output.pdf"
Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists
Given I start monitoring the AppArmor log of "/usr/bin/evince"
......
......@@ -5,7 +5,7 @@ Feature: Localization
And various Tails features should still work
Scenario: The Report an Error launcher will open the support documentation in supported non-English locales
Given Tails has booted from DVD without network and stopped at Tails Greeter's login screen
Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
And the network is plugged
And I log in to a new session in German
And Tails seems to have booted normally
......@@ -14,5 +14,5 @@ Feature: Localization
Then the support documentation page opens in Tor Browser
Scenario: The Unsafe Browser can be used in all languages supported in Tails
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
Then the Unsafe Browser works in all supported languages
......@@ -4,7 +4,7 @@ Feature: Tails persistence
I want to use Tails persistence feature
Scenario: Booting Tails from a USB drive with a disabled persistent partition
Given Tails has booted without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
When I log in to a new session
Then Tails seems to have booted normally
And Tails is running from USB drive "current"
......@@ -12,13 +12,13 @@ Feature: Tails persistence
But a Tails persistence partition exists on USB drive "current"
Scenario: Booting Tails from a USB drive with an enabled persistent partition
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And Tails is running from USB drive "current"
And all persistence presets are enabled
And all persistent directories have safe access rights
Scenario: Writing files first to a read/write-enabled persistent partition, and then to a read-only-enabled persistent partition
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I take note of which persistence presets are available
When I write some files expected to persist
And I shutdown Tails and wait for the computer to power off
......@@ -36,7 +36,7 @@ Feature: Tails persistence
Then only the expected files are present on the persistence partition on USB drive "current"
Scenario: Deleting a Tails persistent partition
Given Tails has booted without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen
And I log in to a new session
Then Tails is running from USB drive "current"
And the boot device has safe access rights
......
......@@ -9,7 +9,7 @@ Feature: Chatting anonymously using Pidgin
@check_tor_leaks
Scenario: Chatting with some friend over XMPP
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start Pidgin through the GNOME menu
Then I see Pidgin's account manager window
When I create my XMPP account
......@@ -22,7 +22,7 @@ Feature: Chatting anonymously using Pidgin
@check_tor_leaks
Scenario: Chatting with some friend over XMPP in a multi-user chat
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start Pidgin through the GNOME menu
Then I see Pidgin's account manager window
When I create my XMPP account
......@@ -37,7 +37,7 @@ Feature: Chatting anonymously using Pidgin
@check_tor_leaks
Scenario: Chatting with some friend over XMPP and with OTR
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start Pidgin through the GNOME menu
Then I see Pidgin's account manager window
When I create my XMPP account
......@@ -53,7 +53,7 @@ Feature: Chatting anonymously using Pidgin
@check_tor_leaks
Scenario: Connecting to the #tails IRC channel with the pre-configured account
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And Pidgin has the expected accounts configured with random nicknames
When I start Pidgin through the GNOME menu
Then I see Pidgin's account manager window
......@@ -69,14 +69,14 @@ Feature: Chatting anonymously using Pidgin
And the "irc.oftc.net" account only responds to PING and VERSION CTCP requests
Scenario: Adding a certificate to Pidgin
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And I start Pidgin through the GNOME menu
And I see Pidgin's account manager window
And I close Pidgin's account manager window
Then I can add a certificate from the "/home/amnesia" directory to Pidgin
Scenario: Failing to add a certificate to Pidgin
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start Pidgin through the GNOME menu
And I see Pidgin's account manager window
And I close Pidgin's account manager window
......@@ -90,7 +90,7 @@ Feature: Chatting anonymously using Pidgin
@check_tor_leaks
Scenario: Using a persistent Pidgin configuration
Given Tails has booted without network from a USB drive with a persistent partition enabled and logged in
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And Pidgin has the expected accounts configured with random nicknames
And the network is plugged
And Tor is ready
......
......@@ -7,22 +7,22 @@ Feature: Root access control enforcement
I should not be able to attain administration privileges at all.
Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges.
Given Tails has booted from DVD without network and logged in with an administration password
Given I have started Tails from DVD without network and logged in with an administration password
Then I should be able to run administration commands as the live user
Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges.
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And Tails Greeter has dealt with the sudo password
Then I should not be able to run administration commands as the live user with the "" password
And I should not be able to run administration commands as the live user with the "amnesia" password
And I should not be able to run administration commands as the live user with the "live" password
Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit
Given Tails has booted from DVD without network and logged in with an administration password
Given I have started Tails from DVD without network and logged in with an administration password
And running a command as root with pkexec requires PolicyKit administrator privileges
Then I should be able to run a command as root with pkexec
Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords.
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And running a command as root with pkexec requires PolicyKit administrator privileges
Then I should not be able to run a command as root with pkexec and the standard passwords
......@@ -5,7 +5,7 @@ Feature: Logging in via SSH
all Internet traffic should flow only through Tor
Background:
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
@check_tor_leaks
Scenario: Connecting to an SSH server on the Internet
......
def checkpoints
{
'tails-greeter' => {
:description => "Tails has booted from DVD without network and stopped at Tails Greeter's login screen",
:description => "I have started Tails from DVD without network and stopped at Tails Greeter's login screen",
:parent_checkpoint => nil,
:steps => [
'the network is unplugged',
......@@ -11,7 +11,7 @@ def checkpoints
},
'no-network-logged-in' => {
:description => "Tails has booted from DVD without network and logged in",
:description => "I have started Tails from DVD without network and logged in",
:parent_checkpoint => "tails-greeter",
:steps => [
'I log in to a new session',
......@@ -21,7 +21,7 @@ def checkpoints
},
'with-network-logged-in' => {
:description => "Tails has booted from DVD and logged in and the network is connected",
:description => "I have started Tails from DVD and logged in and the network is connected",
:parent_checkpoint => "no-network-logged-in",
:steps => [
'the network is plugged',
......@@ -33,7 +33,7 @@ def checkpoints
'no-network-bridge-mode' => {
:temporary => true,
:description => "Tails has booted from DVD without network and logged in with bridge mode enabled",
:description => "I have started Tails from DVD without network and logged in with bridge mode enabled",
:parent_checkpoint => "tails-greeter",
:steps => [
'I enable more Tails Greeter options',
......@@ -47,7 +47,7 @@ def checkpoints
'no-network-logged-in-sudo-passwd' => {
:temporary => true,
:description => "Tails has booted from DVD without network and logged in with an administration password",
:description => "I have started Tails from DVD without network and logged in with an administration password",
:parent_checkpoint => "tails-greeter",
:steps => [
'I enable more Tails Greeter options',
......@@ -60,7 +60,7 @@ def checkpoints
'with-network-logged-in-sudo-passwd' => {
:temporary => true,
:description => "Tails has booted from DVD and logged in with an administration password and the network is connected",
:description => "I have started Tails from DVD and logged in with an administration password and the network is connected",
:parent_checkpoint => "no-network-logged-in-sudo-passwd",
:steps => [
'the network is plugged',
......@@ -71,7 +71,7 @@ def checkpoints
},
'usb-install-tails-greeter' => {
:description => "Tails has booted without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen" ,
:description => "I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen" ,
:parent_checkpoint => 'no-network-logged-in',
:steps => [
'I create a 4 GiB disk named "current"',
......@@ -90,7 +90,7 @@ def checkpoints
},
'usb-install-with-persistence-tails-greeter' => {
:description => "Tails has booted without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen",
:description => "I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen",
:parent_checkpoint => 'usb-install-tails-greeter',
:steps => [
'I log in to a new session',
......@@ -107,7 +107,7 @@ def checkpoints
},
'usb-install-with-persistence-logged-in' => {
:description => "Tails has booted without network from a USB drive with a persistent partition enabled and logged in",
:description => "I have started Tails without network from a USB drive with a persistent partition enabled and logged in",
:parent_checkpoint => 'usb-install-with-persistence-tails-greeter',
:steps => [
'I enable persistence',
......
......@@ -5,13 +5,13 @@ Feature: Time syncing
And for that I need a reasonably accurate system clock
Scenario: Clock with host's time
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When the network is plugged
And Tor is ready
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock with host's time in bridge mode
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
When the network is plugged
And the Tor Launcher autostarts
And I configure some Bridge pluggable transports in Tor Launcher
......@@ -19,14 +19,14 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock is one day in the past
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I bump the system time with "-1 day"
And the network is plugged
And Tor is ready
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock is one day in the past in bridge mode
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
When I bump the system time with "-1 day"
And the network is plugged
And the Tor Launcher autostarts
......@@ -35,7 +35,7 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock is way in the past
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
# 13 weeks will span over two Tails release cycles.
When I bump the system time with "-13 weeks"
And the network is plugged
......@@ -43,7 +43,7 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock way in the past in bridge mode
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
When I bump the system time with "-6 weeks"
And the network is plugged
And the Tor Launcher autostarts
......@@ -52,14 +52,14 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock is one day in the future
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I bump the system time with "+1 day"
And the network is plugged
And Tor is ready
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock is one day in the future in bridge mode
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
When I bump the system time with "+1 day"
And the network is plugged
And the Tor Launcher autostarts
......@@ -68,14 +68,14 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock way in the future
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I set the system time to "01 Jan 2020 12:34:56"
And the network is plugged
And Tor is ready
Then Tails clock is less than 5 minutes incorrect
Scenario: Clock way in the future in bridge mode
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
When I set the system time to "01 Jan 2020 12:34:56"
And the network is plugged
And the Tor Launcher autostarts
......@@ -84,14 +84,14 @@ Feature: Time syncing
Then Tails clock is less than 5 minutes incorrect
Scenario: The system time is not synced to the hardware clock
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I bump the system time with "-15 days"
And I warm reboot the computer
And the computer reboots Tails
Then Tails' hardware clock is close to the host system's time
Scenario: Anti-test: Changes to the hardware clock are kept when rebooting
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
When I bump the hardware clock's time with "-15 days"
And I warm reboot the computer
And the computer reboots Tails
......
......@@ -5,7 +5,7 @@ Feature: Using Tails with Tor pluggable transports
And avoid connecting directly to the Tor Network
Background:
Given Tails has booted from DVD without network and logged in with bridge mode enabled
Given I have started Tails from DVD without network and logged in with bridge mode enabled
And I capture all network traffic
When the network is plugged
Then the Tor Launcher autostarts
......
......@@ -6,18 +6,18 @@ Feature: The Tor enforcement is effective
I want to ensure that the automated test suite detects firewall leaks reliably
Scenario: Tails' Tor binary is configured to use the expected Tor authorities
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
Then the Tor binary is configured to use the expected Tor authorities
Scenario: The firewall configuration is very restrictive
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
Then the firewall's policy is to drop all IPv4 traffic
And the firewall is configured to only allow the clearnet and debian-tor users to connect directly to the Internet over IPv4
And the firewall's NAT rules only redirect traffic for Tor's TransPort and DNSPort
And the firewall is configured to block all IPv6 traffic
Scenario: Anti test: Detecting IPv4 TCP leaks from the Unsafe Browser with the firewall leak detector
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And I capture all network traffic
When I successfully start the Unsafe Browser
And I open the address "https://check.torproject.org" in the Unsafe Browser
......@@ -25,21 +25,21 @@ Feature: The Tor enforcement is effective
Then the firewall leak detector has detected IPv4 TCP leaks
Scenario: Anti test: Detecting IPv4 TCP leaks of TCP DNS lookups with the firewall leak detector
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And I capture all network traffic
And I disable Tails' firewall
When I do a TCP DNS lookup of "torproject.org"
Then the firewall leak detector has detected IPv4 TCP leaks
Scenario: Anti test: Detecting IPv4 non-TCP leaks (UDP) of UDP DNS lookups with the firewall leak detector
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And I capture all network traffic
And I disable Tails' firewall
When I do a UDP DNS lookup of "torproject.org"
Then the firewall leak detector has detected IPv4 non-TCP leaks
Scenario: Anti test: Detecting IPv4 non-TCP (ICMP) leaks of ping with the firewall leak detector
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And I capture all network traffic
And I disable Tails' firewall
When I send some ICMP pings
......@@ -47,27 +47,27 @@ Feature: The Tor enforcement is effective
@check_tor_leaks
Scenario: The Tor enforcement is effective at blocking untorified TCP connection attempts
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I open an untorified TCP connections to 1.2.3.4 on port 42 that is expected to fail
Then the untorified connection fails
And the untorified connection is logged as dropped by the firewall
@check_tor_leaks
Scenario: The Tor enforcement is effective at blocking untorified UDP connection attempts
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I open an untorified UDP connections to 1.2.3.4 on port 42 that is expected to fail
Then the untorified connection fails
And the untorified connection is logged as dropped by the firewall
@check_tor_leaks
Scenario: The Tor enforcement is effective at blocking untorified ICMP connection attempts
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I open an untorified ICMP connections to 1.2.3.4 that is expected to fail
Then the untorified connection fails
And the untorified connection is logged as dropped by the firewall
Scenario: The system DNS is always set up to use Tor's DNSPort
Given Tails has booted from DVD without network and logged in
Given I have started Tails from DVD without network and logged in
And the system DNS is using the local DNS resolver
And the network is plugged
And Tor is ready
......
......@@ -4,7 +4,7 @@ Feature: Tor stream isolation is effective
I want my Torified sessions to be sensibly isolated from each other to prevent identity correlation
Background:
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
Scenario: tails-security-check is using the Tails-specific SocksPort
When I monitor the network connections of tails-security-check
......
......@@ -5,7 +5,7 @@ Feature: Browsing the web using the Tor Browser
all Internet traffic should flow only through Tor
Scenario: The Tor Browser cannot access the LAN
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
And a web server is running on the LAN
And I capture all network traffic
When I start the Tor Browser
......@@ -16,7 +16,7 @@ Feature: Browsing the web using the Tor Browser
@check_tor_leaks
Scenario: The Tor Browser directory is usable
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
Then the amnesiac Tor Browser directory exists
And there is a GNOME bookmark for the amnesiac Tor Browser directory
And the persistent Tor Browser directory does not exist
......@@ -27,7 +27,7 @@ Feature: Browsing the web using the Tor Browser
@check_tor_leaks
Scenario: Importing an OpenPGP key from a website
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start the Tor Browser
And the Tor Browser has started and loaded the startup page
And I open the address "https://tails.boum.org/tails-signing.key" in the Tor Browser
......@@ -37,7 +37,7 @@ Feature: Browsing the web using the Tor Browser
@check_tor_leaks
Scenario: Playing HTML5 audio
Given Tails has booted from DVD and logged in and the network is connected
Given I have started Tails from DVD and logged in and the network is connected
When I start the Tor Browser