Commit 02beb054 authored by Cyril 'kibi' Brulebois's avatar Cyril 'kibi' Brulebois
Browse files

Merge branch 'web/release-4.9' (Closes: #17833)

Conflicts:
	wiki/src/contribute/how/documentation/release_notes/template.mdwn
parents 1738cc3e 66fd7dfe
# shellcheck shell=sh
# This shell library is meant to be used with `set -e` and `set -u`.
po_languages () {
......
......@@ -14,6 +14,10 @@ set -u
# Get LIVE_USERNAME
. /etc/live/config.d/username.conf
# Get LANG
. /etc/default/locale
export LANG
. /usr/bin/gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
......@@ -49,7 +53,7 @@ notify_panic_success() {
local nic_name
nic="${1}"
nic_name="${2}"
show_notification "`gettext \"Network card \\\${nic} disabled\"`" \
show_notification "`eval_gettext \"Network card \\\${nic} disabled\"`" \
"`eval_gettext \"MAC spoofing failed for network card \\\${nic_name} (\\\${nic}) so it is temporarily disabled.
You might prefer to restart Tails and disable MAC spoofing.\"`"
}
......@@ -139,7 +143,8 @@ done
# point we have to take some drastic measures in order to prevent
# potential leaks.
if [ -z "${OLD_MAC:-}" ] || [ -z "${NEW_MAC:-}" ] || \
[ "${OLD_MAC:-}" = "${NEW_MAC:-}" ]
[ "${OLD_MAC:-}" = "${NEW_MAC:-}" ] || \
grep -qs -w 'debug=test_mac_spoof_panic' /proc/cmdline
then
log "Failed to spoof MAC address of NIC ${NIC}. Going into panic mode."
if ! mac_spoof_panic "${NIC}"; then
......
......@@ -2,13 +2,13 @@
error ()
{
echo "error: ${@}" >&2
echo "error: ${*}" >&2
exit 1
}
warning ()
{
echo "warning: ${@}" >&2
echo "warning: ${*}" >&2
}
# import Cmdline_old()
......@@ -131,13 +131,13 @@ migrate_persistence_preset()
# We override live-boot's logging facilities to get more useful error messages
log_warning_msg ()
{
warning ${@}
warning "${@}"
}
# We override live-boot's panic() since it does a lot of crazy stuff
panic ()
{
error ${@}
error "${@}"
}
list_gpt_volumes ()
......@@ -567,7 +567,7 @@ main ()
list_gpt_volumes ${labels}
;;
activate|close)
if ! echo ${@} | grep -qe "[^[:space:]]"
if ! echo "${@}" | grep -qe "[^[:space:]]"
then
error "you must specify at least one volume"
fi
......@@ -582,4 +582,4 @@ main ()
esac
}
main ${@}
main "${@}"
From: intrigeri <intrigeri@boum.org>
Date: Sun, 16 Feb 2020 09:29:00 +0000
Subject: [PATCH] Add pref for whether to accept plaintext protocols during
autoconfiguration.
Author: anonym <anonym@riseup.net>
---
comm/mail/components/accountcreation/content/readFromXML.js | 10 ++++++++++
comm/mailnews/mailnews.js | 6 ++++++
2 files changed, 16 insertions(+)
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 780229f..6a9fef9 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -34,6 +34,8 @@ function readFromXML(clientConfigXML) {
}
var allow_oauth2 =
Services.prefs.getBoolPref("mailnews.auto_config.account_constraints.allow_oauth2");
+ var ssl_only =
+ Services.prefs.getBoolPref("mailnews.auto_config.sslOnly");
var exception;
if (
typeof clientConfigXML != "object" ||
@@ -115,6 +117,10 @@ function readFromXML(clientConfigXML) {
}
exception = null;
+ if (ssl_only && iO.socketType == 1) {
+ continue;
+ }
+
for (let iXauth of array_or_undef(iX.$authentication)) {
try {
iO.auth = sanitize.translate(iXauth, {
@@ -257,6 +263,10 @@ function readFromXML(clientConfigXML) {
}
exception = null;
+ if (ssl_only && oO.socketType == 1) {
+ continue;
+ }
+
for (let oXauth of array_or_undef(oX.$authentication)) {
try {
oO.auth = sanitize.translate(oXauth, {
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index 8f598b2..7dda1ad 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -969,6 +969,12 @@ pref("mailnews.auto_config.guess.sslOnly", false);
pref("mailnews.auto_config.guess.timeout", 10);
// Whether we allow fetched configurations using OAuth2.
pref("mailnews.auto_config.account_constraints.allow_oauth2", true);
+// Whether we allow fetched account configurations that employs
+// non-SSL/TLS protocols. With this option set, insecure
+// configurations are never presented to the user; with this option
+// unset, users picking an insecure configuration will get a warning
+// and have to opt-in.
+pref("mailnews.auto_config.sslOnly", false);
// Work around bug 1454325 by disabling mimetype mungling in XmlHttpRequest
pref("dom.xhr.standard_content_type_normalization", false);
......@@ -16,11 +16,9 @@ Original author: anonym <anonym@riseup.net>
comm/mailnews/mailnews.js | 2 +
3 files changed, 49 insertions(+), 30 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/emailWizard.js b/comm/mail/components/accountcreation/content/emailWizard.js
index 3780792..86bef64 100644
--- a/comm/mail/components/accountcreation/content/emailWizard.js
+++ b/comm/mail/components/accountcreation/content/emailWizard.js
@@ -1432,21 +1432,23 @@ EmailConfigWizard.prototype = {
@@ -1515,21 +1515,23 @@
}
this.fillPortDropdown(config.incoming.type);
......@@ -59,7 +57,7 @@ index 3780792..86bef64 100644
}
// outgoing server
@@ -1471,21 +1473,23 @@ EmailConfigWizard.prototype = {
@@ -1554,21 +1556,23 @@
this.adjustOutgoingPortToSSLAndProtocol(config);
}
......@@ -98,11 +96,9 @@ index 3780792..86bef64 100644
}
// populate fields even if existingServerKey, in case user changes back
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 8c7ecdd..780229f 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -32,6 +32,8 @@ function readFromXML(clientConfigXML) {
@@ -32,6 +32,8 @@
function array_or_undef(value) {
return value === undefined ? [] : value;
}
......@@ -111,7 +107,7 @@ index 8c7ecdd..780229f 100644
var exception;
if (
typeof clientConfigXML != "object" ||
@@ -126,6 +128,12 @@ function readFromXML(clientConfigXML) {
@@ -126,6 +128,12 @@
NTLM: Ci.nsMsgAuthMethod.NTLM,
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
......@@ -124,7 +120,7 @@ index 8c7ecdd..780229f 100644
break; // take first that we support
} catch (e) {
exception = e;
@@ -269,6 +277,11 @@ function readFromXML(clientConfigXML) {
@@ -269,6 +277,11 @@
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
......@@ -136,11 +132,9 @@ index 8c7ecdd..780229f 100644
break; // take first that we support
} catch (e) {
exception = e;
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index bde86d3..8f598b2 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -967,6 +967,8 @@ pref("mailnews.auto_config.guess.enabled", true);
@@ -967,6 +967,8 @@
pref("mailnews.auto_config.guess.sslOnly", false);
// The timeout (in seconds) for each guess
pref("mailnews.auto_config.guess.timeout", 10);
......
......@@ -13,11 +13,9 @@ https://www.mozilla.org/en-US/MPL/
comm/mailnews/mime/jsmime/jsmime.js | 42 +++++++++++++++++++++++++++++--------
2 files changed, 40 insertions(+), 9 deletions(-)
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index 7dda1ad..2673c8b 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -1029,3 +1029,10 @@ pref("mail.imap.qos", 0);
@@ -1029,3 +1029,10 @@
// PgpMime Addon
pref("mail.pgpmime.addon_url", "https://addons.mozilla.org/addon/enigmail/");
......@@ -28,11 +26,9 @@ index 7dda1ad..2673c8b 100644
+// local time zone. These measures are taken to make tracking
+// the user across accounts more difficult.
+pref("mail.mime.avoid_fingerprinting", false);
diff --git a/comm/mailnews/mime/jsmime/jsmime.js b/comm/mailnews/mime/jsmime/jsmime.js
index 75ee0c8..74183b8 100644
--- a/comm/mailnews/mime/jsmime/jsmime.js
+++ b/comm/mailnews/mime/jsmime/jsmime.js
@@ -3450,9 +3450,34 @@
@@ -3466,9 +3466,34 @@
throw new Error("Cannot encode an invalid date");
}
......@@ -68,7 +64,7 @@ index 75ee0c8..74183b8 100644
throw new Error("Date year is out of encodable range");
}
@@ -3460,7 +3485,6 @@
@@ -3476,7 +3501,6 @@
// the the 0-padding is done by hand. Note that the tzoffset we output is in
// the form ±hhmm, so we need to separate the offset (in minutes) into an hour
// and minute pair.
......@@ -76,7 +72,7 @@ index 75ee0c8..74183b8 100644
let tzOffHours = Math.abs(Math.trunc(tzOffset / 60));
let tzOffMinutes = Math.abs(tzOffset) % 60;
let tzOffsetStr =
@@ -3471,15 +3495,15 @@
@@ -3487,15 +3511,15 @@
// Convert the day-time figure into a single value to avoid unwanted line
// breaks in the middle.
let dayTime = [
......
......@@ -7,11 +7,9 @@ Subject: [PATCH] Bug 1370217 - Avoid spellchecking language disclosure in
comm/mail/components/compose/content/MsgComposeCommands.js | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/comm/mail/components/compose/content/MsgComposeCommands.js b/comm/mail/components/compose/content/MsgComposeCommands.js
index ba73704..170ca9c 100644
--- a/comm/mail/components/compose/content/MsgComposeCommands.js
+++ b/comm/mail/components/compose/content/MsgComposeCommands.js
@@ -2868,9 +2868,10 @@ function ComposeStartup(aParams) {
@@ -2868,9 +2868,10 @@
// Update the language in the composition fields, so we can save it
// to the draft next time.
if (gMsgCompose && gMsgCompose.compFields) {
......
......@@ -23,11 +23,9 @@ when disabled either.
.../content/exchangeAutoDiscover.js | 10 ---
2 files changed, 45 insertions(+), 46 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/emailWizard.js b/comm/mail/components/accountcreation/content/emailWizard.js
index 3780792641a..0b53b0a498d 100644
--- a/comm/mail/components/accountcreation/content/emailWizard.js
+++ b/comm/mail/components/accountcreation/content/emailWizard.js
@@ -677,44 +677,53 @@ EmailConfigWizard.prototype = {
@@ -757,46 +757,55 @@
);
call.setAbortable(fetch);
......@@ -66,7 +64,9 @@ index 3780792641a..0b53b0a498d 100644
- (e, allErrors) => {
- // Must call error callback in any case to stop the discover mode.
- let errorCallback = call.errorCallback();
- if (allErrors && allErrors.some(e => e.code == 401)) {
- if (e instanceof CancelledException) {
- errorCallback(e);
- } else if (allErrors && allErrors.some(e => e.code == 401)) {
- // Auth failed.
- // Ask user for username.
- this.onStartOver();
......@@ -95,7 +95,9 @@ index 3780792641a..0b53b0a498d 100644
+ (e, allErrors) => {
+ // Must call error callback in any case to stop the discover mode.
+ let errorCallback = call.errorCallback();
+ if (allErrors && allErrors.some(e => e.code == 401)) {
+ if (e instanceof CancelledException) {
+ errorCallback(e);
+ } else if (allErrors && allErrors.some(e => e.code == 401)) {
+ // Auth failed.
+ // Ask user for username.
+ this.onStartOver();
......@@ -117,11 +119,9 @@ index 3780792641a..0b53b0a498d 100644
} catch (e) {
// e.g. when entering an invalid domain like "c@c.-com"
this.showErrorMsg(e);
diff --git a/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js b/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
index f9d2a6e0d3e..efe9966a600 100644
--- a/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
+++ b/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
@@ -47,16 +47,6 @@ function fetchConfigFromExchange(
@@ -48,16 +48,6 @@
) {
assert(typeof successCallback == "function");
assert(typeof errorCallback == "function");
......@@ -138,6 +138,3 @@ index f9d2a6e0d3e..efe9966a600 100644
// <https://technet.microsoft.com/en-us/library/bb124251(v=exchg.160).aspx#Autodiscover%20services%20in%20Outlook>
// <https://docs.microsoft.com/en-us/previous-versions/office/developer/exchange-server-interoperability-guidance/hh352638(v%3Dexchg.140)>, search for "The Autodiscover service uses one of these four methods"
let url1 =
--
2.26.1
From: anonym <anonym@riseup.net>
Date: Wed, 27 Feb 2019 16:15:59 +0100
Subject: [PATCH] Make use of non-SSL Exchange AutoDiscover methods optional.
If an attacker does a MitM they can presumably modify the Exchange
server's HTTP response to redirect to an attacker controller Exchange
server instead. So let's provide protection against this via the
mailnews.auto_config.sslOnly pref.
---
.../accountcreation/content/exchangeAutoDiscover.js | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js b/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
index f9d2a6e..4c3e1ce 100644
--- a/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
+++ b/comm/mail/components/accountcreation/content/exchangeAutoDiscover.js
@@ -127,15 +127,17 @@ function fetchConfigFromExchange(
fetch.start();
call.setAbortable(fetch);
- call = priority.addCall();
- fetch3 = new FetchHTTP(
- url3,
- callArgs,
- call.successCallback(),
- call.errorCallback()
- );
- fetch3.start();
- call.setAbortable(fetch3);
+ if (!Services.prefs.getBoolPref("mailnews.auto_config.sslOnly")) {
+ call = priority.addCall();
+ fetch3 = new FetchHTTP(
+ url3,
+ callArgs,
+ call.successCallback(),
+ call.errorCallback()
+ );
+ fetch3.start();
+ call.setAbortable(fetch3);
+ }
// url3 is an HTTP URL that will redirect to the real one, usually a HTTPS
// URL of the hoster. XMLHttpRequest unfortunately loses the call
......@@ -6,11 +6,9 @@ Subject: [PATCH] Prefer fetched configurations using SSL over plaintext.
comm/mail/components/accountcreation/content/readFromXML.js | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 76b553b..8c7ecdd 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -100,7 +100,10 @@ function readFromXML(clientConfigXML) {
@@ -100,7 +100,10 @@
SSL: 2,
STARTTLS: 3,
});
......@@ -22,7 +20,7 @@ index 76b553b..8c7ecdd 100644
} catch (e) {
exception = e;
}
@@ -233,7 +236,10 @@ function readFromXML(clientConfigXML) {
@@ -233,7 +236,10 @@
SSL: 2,
STARTTLS: 3,
});
......
Prefer-fetched-configurations-using-SSL-over-plainte.patch
Make-use-of-non-SSL-Exchange-AutoDiscover-methods-op.patch
Add-pref-for-whether-we-accept-OAuth2-during-autocon.patch
Add-pref-for-whether-to-accept-plaintext-protocols-d.patch
Avoid-local-timestamp-disclosure-in-Date-header.patch
Avoid-spellchecking-language-disclosure-in-Content-Language-header.patch
Fix-buggy-pref-for-disabling-MS-Exchange-autoconfig-.patch
\ No newline at end of file
Fix-buggy-pref-for-disabling-MS-Exchange-autoconfig-.patch
http://torbrowser-archive.tails.boum.org/9.5.1-build2/
http://torbrowser-archive.tails.boum.org/9.5.3-build1/
ad91c18306534c520eb56a5984efec8c62c83f119f9d462c3aae1429f645bba3 tor-browser-linux64-9.5.1_en-US.tar.xz
718f46b1e8a8220f28c4624fba0435f70502e31dec1ce922d04898ea954755dc langpacks-tor-browser-linux64-9.5.1.tar.xz
648931503b886d687828df9730aa284b7c18303682cc82f06c9da4a734c81bcf tor-browser-linux64-9.5.3_en-US.tar.xz
537063d595009efee225a9dce43b1625f2dc055cc650eef5bfedff75ca154e22 langpacks-tor-browser-linux64-9.5.3.tar.xz
......@@ -50,7 +50,7 @@ Feature: configuration model
Scenario: merge empty file with default presets
Given the file is empty
When I merge the presets and the file
Then the list of configuration atoms should contain 12 elements
Then the list of configuration atoms should contain 13 elements
And there should be 1 enabled configuration line
Scenario: merge non-empty file with enabled-by-default preset in
......@@ -60,7 +60,7 @@ Feature: configuration model
/home/amnesia/.myapp source=myapp
"""
When I merge the presets and the file
Then the list of configuration atoms should contain 13 elements
Then the list of configuration atoms should contain 14 elements
And there should be 2 enabled configuration lines
Scenario: merge non-empty file with disabled-by-default preset in
......@@ -70,5 +70,5 @@ Feature: configuration model
/home/amnesia/.myapp source=myapp
"""
When I merge the presets and the file
Then the list of configuration atoms should contain 13 elements
Then the list of configuration atoms should contain 14 elements
And there should be 3 enabled configuration lines
......@@ -7,9 +7,9 @@ Feature: configure step
Given I have a Configuration object
And I have a Step::Configure object
Then I should have a defined Step::Configure object
And the list of displayed settings should contain 11 elements
And the list of configuration atoms should contain 12 elements
And the list box should have 22 children including separators
And the list of displayed settings should contain 12 elements
And the list of configuration atoms should contain 13 elements
And the list box should have 24 children including separators
And there should be 1 active setting
And there should be 1 setting with a configuration button
And every active setting's atoms should be enabled
......
......@@ -34,8 +34,8 @@ describe 'A configuration object' => sub {
it 'has a GnuPG atom' => sub {
is(scalar(grep { $_->destination eq '/home/amnesia/.gnupg' } $configuration->all_atoms), 1);
};
it 'has 12 atoms' => sub {
is(scalar($configuration->all_atoms), 12);
it 'has 13 atoms' => sub {
is(scalar($configuration->all_atoms), 13);
};
it 'has 1 enabled atom' => sub {
is(scalar($configuration->all_enabled_atoms), 1);
......@@ -59,8 +59,8 @@ EOF
config_file_path => $config_filename
);
};
it 'has 13 atoms' => sub {
is(scalar($configuration->all_atoms), 13);
it 'has 14 atoms' => sub {
is(scalar($configuration->all_atoms), 14);
};
it 'has 4 enabled atoms' => sub {
is(scalar($configuration->all_enabled_atoms), 4);
......
......@@ -17,8 +17,8 @@ describe 'A configuration presets object' => sub {
it 'can return all presets' => sub {
ok($presets->all);
};
it 'has 11 elements' => sub {
is(scalar($presets->all), 11);
it 'has 12 elements' => sub {
is(scalar($presets->all), 12);
};
it 'has a GnuPG preset' => sub {
is(scalar(grep { $_->{name} eq 'GnuPG' } $presets->all), 1);
......
tails (4.9) unstable; urgency=medium
* Security fixes
- Upgrade Tor Browser to 9.5.3-build1 (Closes: #17827).
- Upgrade Thunderbird to 1:68.10.0-1~deb10u1 (DSA-4718).
- Upgrade Linux to 5.7.0-1 at 5.7.6-1 (Closes: #17786).
- Upgrade Evolution Data Server to 3.30.5-1+deb10u1 (DSA-4725).
- Upgrade FFmpeg to 7:4.1.6-1~deb10u1 (DSA-4722).
- Upgrade ImageMagick to 8:6.9.10.23+dfsg-2.1+deb10u1 (DSA-4712).
- Upgrade NSS to 2:3.42.1-1+deb10u3 (DSA-4726).
- Upgrade OpenMPT to 2:3.42.1-1+deb10u3 (DSA-4729).
- Upgrade WebKitGTK to 2.28.3-2~deb10u1 (DSA-4724).
* Bugfixes
- Fix quoting issue triggering problems with some administration
passwords (Closes: #17792).
- Fix toram boot option by not starting the tails-shutdown-on-media-removal
service unit in that case (Closes: #17800).
- Fix keyboard setting handling in the greeter (Closes: #17794).
- Make sure log messages can be displayed by Plymouth, which has strict
limits, and improve parsing in tails-gdm-error-message (Closes: #17533).
- Upgrade firmware-linux and firmware-nonfree to 20200421-1.
* Minor improvements and updates
- Ensure MAC spoofing messages are translated (Closes: #17783).
- Improve failure handling for MAC spoofing (Closes: #17784).
- Trigger MAC spoofing "panic" mode when the debug=test_mac_spoof_panic boot
option is set.
- Upgrade VirtualBox guest modules to 6.1.12-dfsg-5.
* Build system
- Automate post-release GitLab updates, using gitlab-triage (Closes: #17589).
- Fix a lot of possible problems spotted by ShellCheck, thanks to Paul Wise.
- Stop installing custom firmware: firmware-realtek 20200421-1 includes it
(See: #17786, #17323).
- Update Thunderbird patches (Closes: #6156, #17808).
- Bump snapshot of the Debian archive to 2020071801 (Closes: #17786).
* Test suite
- Add shell-special chars to passwords (See: #17792).
- Always test the Unsafe Browser in Farsi.
- Fix support for symlinks (Closes: #17547).
- Update persistence-setup test suite for a new preset in Welcome Screen
settings.
- Drop Thunderbird POP3 test.
- Make the "the Tor Browser has started" step stricter.
- Improve error output when the Unsafe Browser fails to start in some locale.
-- Tails developers <tails@boum.org> Mon, 27 Jul 2020 09:03:10 +0200
tails (4.8) unstable; urgency=medium
* Major changes
......@@ -22,7 +72,7 @@ tails (4.8) unstable; urgency=medium
#17611, #17620).
- Upgrade gnutls28-based packages to 3.6.7-4+deb10u4 (DSA-4697).
- Upgrade intel-microcode to 3.20200609.2~deb10u1 (DSA-4701).
* Bugfixes
- Trigger emergency shutdown on resume when the boot device was
removed while suspended (Closes: #16787).
......
......@@ -32,8 +32,6 @@ Feature: Spoofing MAC addresses
And the 2nd network device has a spoofed MAC address configured
And no network device leaked the real MAC address
#10774
@fragile
Scenario: MAC address spoofing fails and macchanger returns false
Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
And I capture all network traffic
......@@ -42,11 +40,8 @@ Feature: Spoofing MAC addresses
When I log in to a new session
Then no network interfaces are enabled
And no network device leaked the real MAC address
# XXX: workaround for #11941
And I see the "Network card disabled" notification after at most 60 seconds
And I see the "Network card eth0 disabled" notification after at most 60 seconds
#10774
@fragile
Scenario: MAC address spoofing fails and macchanger returns true
Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
And I capture all network traffic
......@@ -55,11 +50,8 @@ Feature: Spoofing MAC addresses
When I log in to a new session
Then no network interfaces are enabled
And no network device leaked the real MAC address
# XXX: workaround for #11941
And I see the "Network card disabled" notification after at most 60 seconds
And I see the "Network card eth0 disabled" notification after at most 60 seconds
#10774
@fragile
Scenario: MAC address spoofing fails and the module is not removed
Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen
And I capture all network traffic
......