Commit b3642743 authored by Tails developers's avatar Tails developers
Browse files

Add new tests mostly to try the new helpers.

We now also depend on the 'system_timer' ruby gem.
parent cd4059b5
require 'fileutils'
require 'date'
require 'system_timer'
Given /^a freshly started Tails$/ do
@vm.start
@screen.wait('TailsBootSplash.png', 30)
# Start the VM remote shell
@screen.type("\t autotest_never_use_this_option" +
Sikuli::KEY_RETURN)
@screen.wait('WelcometoTai-1.png', 500)
@screen.wait('TailsGreeter.png', 120)
end
Given /^the network traffic is sniffed$/ do
......@@ -11,15 +16,78 @@ Given /^the network traffic is sniffed$/ do
@sniffer.capture
end
When /^I log in a new session$/ do
@screen.click('Logln.png')
Given /^I log in to a new session$/ do
@screen.click('TailsGreeterLoginButton.png')
end
# Call `f` (ignoring any exceptions it may throw) repeatedly with one
# second breaks until it returns true, or until `t` seconds have
# passed when we throw Timeout:Error.
def try_for(t, f)
SystemTimer.timeout(t) do
loop do
begin
return if f.call
rescue Exception
# noop
end
sleep 1
end
end
end
Given /^I have a network connection$/ do
# Wait until the VM's remote shell is available, which implies
# that the network is up.
try_for(120, lambda{ @vm.execute('true').success? })
end
Given /^Tor has bootstrapped$/ do
# FIXME: A better approach would be to check this via the control
# port with: GETINFO status/circuit-established
cmd = 'grep -q "Bootstrapped 100%" /var/log/tor/log'
try_for(120, lambda{ @vm.execute(cmd, "root").success? })
end
Then /^I see "([^"]*)" after at most (\d+) seconds$/ do |image, time|
@screen.wait(image, time.to_i)
end
Then /^the network traffic should flow only through Tor$/ do
When /^I open a new tab in Iceweasel$/ do
@screen.type("t", Sikuli::KEY_CTRL)
end
When /^I open the address "([^"]*)" in Iceweasel$/ do |address|
@screen.type("l", Sikuli::KEY_CTRL)
@screen.type(address + Sikuli::KEY_RETURN)
end
Then /^all Internet traffic has only flowed through Tor$/ do
@sniffer.stop
puts "Got #{@sniffer.packets.count} packets"
# This command will grab all router IP addresses from the Tor
# consensus in the VM.
cmd = 'awk "/^r/ { print \$6 }" /var/lib/tor/cached-microdesc-consensus'
tor_relays = @vm.execute(cmd, "root").stdout.split("\n")
leaks = FirewallLeakCheck.new(@sniffer.pcap_file, tor_relays)
if !leaks.empty?
if !leaks.ipv4_tcp_leaks.empty?
puts "The following IPv4 TCP non-Tor Internet hosts were contacted:"
puts leaks.ipv4_tcp_leaks.join("\n")
puts
end
if !leaks.ipv4_nontcp_leaks.empty?
puts "The following IPv4 non-TCP Internet hosts were contacted:"
puts leaks.ipv4_nontcp_leaks.join("\n")
puts
end
if !leaks.ipv6_leaks.empty?
puts "The following IPv6 Internet hosts were contacted:"
puts leaks.ipv6_leaks.join("\n")
puts
end
pcap_copy = Dir.pwd + "/pcap_with_leaks-" + DateTime.now.to_s
FileUtils.cp(@sniffer.pcap_file, pcap_copy)
puts "Full network capture available at: #{pcap_copy}"
raise "There were network leaks!"
end
end
Feature: Iceweasel must be torified.
Feature: Iceweasel must be anonymous.
In order to be anonymous, the iceweasel web browser must connect through Tor.
Background:
Given a freshly started Tails
And the network traffic is sniffed
And I log in to a new session
And I have a network connection
And Tor has bootstrapped
And I see "IceweaselRunning.png" after at most 120 seconds
Scenario: See check.torproject green page on session startup
When I log in a new session
Then I should see "YourbrowserT.png"
And the network traffic should flow only through Tor
Scenario: Opening check.torproject.org in Iceweasel will show the green onion and the congratualtions message.
When I open the address "https://check.torproject.org" in Iceweasel
Then I see "IceweaselTorCheck.png" after at most 180 seconds
And all Internet traffic has only flowed through Tor
Scenario: Iceweasel should not have any plugins enabled
When I open the address "about:plugins" in Iceweasel
Then I see "IceweaselNoPlugins.png" after at most 60 seconds
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment