Re: [Tails-dev] Switch to Privoxy?
hi, adrelanos wrote (02 Nov 2012 23:04:33 GMT) : Just a small test result. I saw the old thread where you weren't sure if the can only download max. 64 MB big files through polipo bug was actually fixed. I downloaded the whole 769 MB (tails iso) through polipo (Debian wheezy standard package) without any problems. Also verification worked. I believe the bug has been fixed upstream and/or in Wheezy. This bug is marked as fixed in Tails 0.10. Thank you for verifying. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Please review and merge feature/obfsproxy
Hi, anonym wrote (02 Nov 2012 20:26:34 GMT) : Basic (perhaps even experimental as it currently lacks documentation) support for obfsproxy has been added in the branch feature/obfsproxy. Please review and merge it into devel. We agreed at the Tails summit to not merge new features before their documentation is ready. For the record, this is what allows us to squeeze the delay before feature freeze + RC1 and RC2, because it's now dedicated to translation work, rather than (like we used to do) to doc writing + translations. About review: I've quickly done a (static) one, and asked some questions on the ticket page a few days ago. Not tested yet, though. Cheers! ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Progress report on the automated test suite
hi, anonym wrote (02 Nov 2012 16:42:31 GMT) : I'd like to start by saying that I think the work bertagaz did on the jruby + sikuli + cucumber combo is really great. He called it PoC, but after having worked on it for some time now I say it's definitely fit for the task at hand. Great! Next I'd like to announce that the automated test suite, in its current unfinished state, actually has found its very first Tails bug. [...] In other words, our firewall leaks link-local IPv6 broadcasts even though it should block everything IPv6 (right?). Ouch. WAN hat on: please report it (ticket + email) separately so that it does not get lost in the middle of this report on the automated test suite thread. For this reason, I'll refrain from replying here. This is promising (not that Tails has this particular bug, but that the test suite found it)! Clearly! The framework currently has the following test primitives and other interesting features so far: [...] Awesome. I'd like to present the last two with a bit more depth and hear your opinions, especially w.r.t. the fact that they alter Tails or cheat in the testing process, so I wonder how ethical they are in the context of test-driven development. Running arbitrary commands inside the guest VM == This is very valuable as it makes many tests that would be truly awkward to do with sikuli into something trivial. libvirt doesn't seem to have something like VirtualBox' `vboxmanage guestcontrol execute` (provided by the VirtualBox guest additions), so I implemented a simple remote shell (read: a backdoor (listening on port 1337 + firewall exception) so expect havoc on the Tails forum!) that starts on the guest when the boot parameter autotest_never_use_me is present on the kernel cmdline. autotest_never_use_me looks to me like (speaking to) autotest: never use me. What about backdoor_for_autotest? If it's not there, the script that implements the remote shell server is removed from the filesystem. Of course, it is still accessible from the read-only fs, but it will refuse to start if the boot parameter isn't present. My hope is that all these failsafes will make sense to all but our most conspiranoid users. :) Looks good. Saving/restoring VM snapshots = [...] For both features, to reply on the 'how ethical they are in the context of test-driven development' topic, I'd need a concrete example of how this would be used in practice. Cheers! -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Please review and merge feature/obfsproxy
anonym wrote (02 Nov 2012 20:26:34 GMT) : Ticket: https://tails.boum.org/todo/obfsproxy/ (WAN here) Please update the ticket tags to match the next things to do. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Tails 0.15 release schedule
intrigeri: FWIW, I'm trying to get this in 0.15 too: [...] My personal goals: * Even if the memwipe seems way better now, I'd like another shot on feature/hugetlb_mem_wipe as the user experience is better with a progress bar. I'll need help for the tests. * Empty chroot/local_packages and use our APT repository instead. * Upgrade at least HTTPS Everywhere and if possible NoScript. -- Ague pgpNiE8EERrhE.pgp Description: PGP signature ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Switch to Privoxy?
intrigeri: hi, adrelanos wrote (02 Nov 2012 23:04:33 GMT) : Just a small test result. I saw the old thread where you weren't sure if the can only download max. 64 MB big files through polipo bug was actually fixed. I downloaded the whole 769 MB (tails iso) through polipo (Debian wheezy standard package) without any problems. Also verification worked. I believe the bug has been fixed upstream and/or in Wheezy. This bug is marked as fixed in Tails 0.10. I know. Fixed by no longer using polipo for Iceweasel. The question if the bug was fixed in polipo was still open, perhaps I missed something. In case I've overseen that. Thank you for verifying. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Please test and merge feature-torbrowser APT suite
Hi, nothing new in Git on this front, so this is a pure APT merge request: $ reprepro ls iceweasel iceweasel | 10.0.9esr-1+tails1 | devel | i386, source iceweasel | 10.0.10esr-1+tails1 | experimental | i386, source iceweasel | 10.0.10esr-1+tails1 | feature-torbrowser | i386, source iceweasel | 10.0.9esr-1+tails1 | testing | i386, source Please test and merge the feature-torbrowser APT suite into testing and devel. Worked fine for me when I quickly tested it within Tails, and I'm using another binary build of that source package as my regular browser for a few days. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Progress report on the automated test suite
anonym: I'd like to start by saying that I think the work bertagaz did on the jruby + sikuli + cucumber combo is really great. He called it PoC, but after having worked on it for some time now I say it's definitely fit for the task at hand. Great. :) Next I'd like to announce that the automated test suite, in its current unfinished state, actually has found its very first Tails bug. Here's the cucumber output of when it was found: [...] And all Internet traffic has only flowed through Tor # cucumber/iceweasel/step_definitions/torified_browsing.rb:66 The following IPv6 hosts were contacted: ff02::1 Full network capture available at: [...censored...] There were network leaks! (RuntimeError) [...] In other words, our firewall leaks link-local IPv6 broadcasts even though it should block everything IPv6 (right?). This is promising (not that Tails has this particular bug, but that the test suite found it)! I did not run the code itself, but are you sure that these packets came from Tails and not from the host system? Saving/restoring VM snapshots = This is how I intend to use it for a given feature: Background: Given I restore the background snapshot if it exists [ ... real background steps ... ] And I save the background snapshot if it does not exist [ ... Scenarios ... ] Those lines feel like noise: they are an implementation detail and should not appear in the scenarios. Cucumber offer tags and hooks that should be usable to achieve something similar while keeping the scenarios as lean as possible. See: https://github.com/cucumber/cucumber/wiki/Hooks and http://stackoverflow.com/questions/9994797/cucumber-when-to-use-tags-hooks-vs-backgrounds An issue with restoring past state like this is that our Tor's circuit state may get out-of-sync with the circuit state of the relays they use. For instance, I ran 10 tests that restored to the same post-background state and all but the first two failed to fetch a web page. Then I ran 10 tests where I do the following after each snapshot restore: 1. Stop Tor. 2. Sync time from host to guest. 3. Start Tor. And then all 10 tests succeeded, so it seems resetting Tor like this is highly necessary. Indeed, as restoring from a snapshot is likely to break all existing TCP connections. Have you tried to see if a SIGHUP sent to Tor is sufficient? Side note: your `try_for` function is very unidiomatic Ruby. I suggest you have a look at the part about blocks on http://www.ruby-doc.org/docs/ProgrammingRuby/html/tut_containers.html, and the `yield` and `block_given?` methods. -- Ague pgp4LnUB9l9Af.pgp Description: PGP signature ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Please review and merge feature/remove-pdnsd
Hi, here's a candidate for 0.15. ticket: https://tails.boum.org/todo/replace_or_drop_pdnsd__63__/ branch: feature/remove-pdnsd ff295d8 Remove dangling symlink. fe074f8 Update design document to match pdnsd removal. 1eddaf3 Do not use pdnsd anymore. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Tails 0.14 release schedule
09/10/12 02:07, anonym wrote: Hi, Here is the release schedule for Tails 0.14, that was agreed on in the thread Next release: process, schedule and iceweasel backports: October 9th: 0.14 freeze + release of RC1. October 23th: ESR backport is (hopefully) available. October 25th: release of RC2. October 30th: release of 0.14. It has probably not been obvious, but in the end Tails 0.14 was planned to be released on the 6th of November. Unfortunately it'll have to be delayed until (earliest, but not much later than) the 8th of November due to some unexpected non-Tails related (read: personal) reasons. That is unless some other Tails developer steps up pretty much immediately and make the release happen. Cheers! ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev