zenmonkeykstop
commented
2 years ago 2.3.0 QA -VM fresh install
Environment
- Install target: VM
- Tails version: 4.28
- Test Scenario: fresh
- SSH over Tor: no
- Release candidate: rc2
- General notes:
Basic Server Testing
- [ ] After installing the testinfra dependencies, all tests in
./securedrop-admin verifyare passing: FAIL: one NTP test flake- Install dependencies on Admin Workstation with
cd ~/Persistent/securedrop && ./securedrop-admin setup -t - Run tests with
./securedrop-admin verify(this will take a while) - Remove test dependencies:
rm -rf admin/.venv3/ && ./securedrop-admin setup
- Install dependencies on Admin Workstation with
- [x] QA Matrix checks pass (with exception above)
Command Line User Generation
- [x] Can successfully add admin user and login
Administration
- [x] I have backed up and successfully restored the app server following the backup documentation
- [ ] If doing upgrade testing, make a backup on 2.2.1 and restore this backup on this release candidate SKIPPED
- [x] "Send Test OSSEC Alert" button in the journalist triggers an OSSEC alert and an email is sent
- [ ] Can successfully add journalist account with HOTP authentication skipped
Application Acceptance Testing
Source Interface
Landing page base cases
- [x] JS warning bar does not appear when using Security Slider high
- [x] JS warning bar does appear when using Security Slider Low
First submission base cases
- [x] On generate page, refreshing page produces a new 7-word codename unintended consequence of tor2web fix - this now requires a rePOST
- [x] On submit page, empty submissions produce flashed message
- [x] On submit page, short message submitted successfully
- [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser quickly before the entire file is uploaded
- [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
- [x] Nonexistent codename cannot log in
- [x] Empty codename cannot log in
- [x] Legitimate codename can log in
- [x] Returning user can view journalist replies - need to log into journalist interface to test
Journalist Interface
Login base cases
- [x] Can log in with 2FA tokens
- [x] incorrect password cannot log in
- [x] invalid 2fa token cannot log in
- [x] 2fa immediate reuse cannot log in
- [ ] Journalist account with HOTP can log in not tested
Index base cases
- [x] Filter by codename works
- [x] Starring and unstarring works
- [x] Click select all selects all submissions
- [x] Selecting all and clicking "Download" works
Individual source page
- [x] You can submit a reply and a flashed message and new row appears
- [x] You cannot submit an empty reply
- [x] Clicking "Delete Source Account" and the source and docs are deleted
- [x] You can click on a document and successfully decrypt using application private key
Basic Tails Testing
After updating to this release candidate and running securedrop-admin tailsconfig
- [x] The Updater GUI appears on boot
- [x] Updating to 2.2.1 is successful
2.3.0 release-specific changes
Web application
-
[x] #6306 Add basic message filtering in the SI
-
minimum message length
-
in the JI, navigate to the Instance Config page via the Admin page
- [x] verify that the Submission Preferences section includes a "Prevent sources from sending initial messages shorter than the minimum required length" option, currently unchecked and with the length field set to 0.
-
check the "Prevent sources from sending initial messages shorter than..." checkbox but do not set a length. Click Update Submission Preferences
- [x] verify that the checkbox is unchecked and an error message is displayed asking you to set a length.
- check the "Prevent sources from sending initial messages shorter than..." checkbox and set a length of between 5 and 20 chars. Click Update Submission Preferences
- [x] verify that the checkbox is checked, the length you chose is set, and a success message is displayed.
-
Create a new source account on the SI, navigating through to the /lookup page
- [x] verify that a notice is displayed under the message textfield like "If you are only sending a message, it must be at least N characters long" where N is the length you chose above
- [x] Verify that if you try to submit too short a message, the submission fails with a flashed error like "Your first message must be at least N characters long"
- [x] Verify that a message N characters long can be submitted successfully
- [x] after a successful first submission, verify that the notice under the text field is no longer displayed and you can submit message shorter than N chars
- [x] in the JI, uncheck the "Prevent sources from sending initial messages shorter than..." checkbox,, click Update Submission Prefs and verify that the length is set to zero and a success message is displayed
- [x] Create a new source account in the SI and verify that no message length limit is mentioned or set
-
codename messages
-
in the JI, navigate to the Instance Config page via the Admin page
- [x] verify that the Submission Preferences section includes a "Prevent sources from submitting their codename as an initial message." option, currently unchecked. r
-
check the "Prevent sources from submitting their codename as an initial message" checkbox. Click Update Submission Preferences
- [x] verify that the checkbox is checked and a success message is displayed.
- Create a new source account on the SI, navigating through to the /lookup page
- [x] Enter the codename as a message and click Submit - verify that the message is not submitted and an error is flashed like "Please do not submit your codename.."
- [x] Enter anything else as a message and click Submit - verify that the message was submitted correctly
- [x] Enter your codename again and click Submit - verify that the message was submitted correctly.
- Create a new source account on the SI, navigating through to the /lookup page
- [x] attempt to submit its codename as a message, verify that the codename message is rejected
- [x] log out from the SI, then log in again as the same source, and attempt to submit the codename as a message. Verify message is accepted
-
-
[x] #6290 Improve Tor2Web detection and handling
- Find a tor2web proxy like onion.ly, onion.dog, etc. (just an extra suffix to add to the real onion address)
- JavaScript check:
- [x] Visit the SI over a tor2web proxy using a clearnet browser (FF, Chromium) with JavaScript enabled. Verify you are redirected to the /tor2web-warning endpoint.
- [x] Verify the warning contains the real onion address (no mangling by the proxy)
- [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript enabled. Verify you are redirected to the /tor2web-warning endpoint
- [x] Verify the warning contains the real onion address (no mangling by the proxy)
- [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript disabled. Verify you are not redirected to the /tor2web-warning endpoint
- Server-side check:
- [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript disabled. Click "Get started". Verify you are redirected to the /tor2web-warning endpoint.
- [x] Verify the warning contains the real onion address (no mangling by the proxy)
- No indexing:
- [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript disabled. Examine the HTML source and verify
<meta name="robots" content="noindex,nofollow">is in the head. - [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript disabled. Manually navigate to
/robots.txt. Verify that all indexing is disallowed.
- [x] Visit the SI over a tor2web proxy using Tor Browser with JavaScript disabled. Examine the HTML source and verify
-
[ ] #6336 Prevent viewport jumps when there's flashed messages
- Visit SI index with Tor Browser, JavaScript disabled
- Inspect the
htmlelement with the Web Developer Tools. Using the layout tab, make sure that the content size of the html element is 1000x540 (when no scrollbar is visible) - Add a new submission
- [ ] Verify browser does not scroll to Success! flashed message FAIL, it does, but that seems correct?
- [x] While Success! or other flashed message is visible, use tab to navigate site
- [x] Skip to notification becomes visible above the logo first, Skip to main content becomes visible second
-
#6320 Bring Tor Browser security level instructions up to date
- [x] Set Tor Browser to security level "Standard", visit SI
- [x] Click on the underlined "Security Level" link in the purple warning on the top of the page
- [x] Follow instructions, verify instructions match Tor Browser interface and terminology
-
#6237 Add "skip to main content" link to all pages
- Log into the Source Interface:
- [x] Observe that there is no "Skip to main content link" visible.
- [x] Tab through the page, with or without a screen-reader running.
- [x] Observe that the "Skip to main content link" appears when it receives focus.
- [x] Click the link and continue tabbing through the
maincontent. - Log into the Journalist Interface:
- [x] Observe that there is no "Skip to main content link" visible.
- [x] Tab through the page, with or without a screen-reader running.
- [x] Observe that the "Skip to main content link" appears when it receives focus.
- [x] Click the link and continue tabbing through the
maincontent.
-
#6302 Add honeypot to Source Interface to stop very basic spambots
- [x] Create a new source and submit a dummy message in the SI, observe that it works fine
- [x] Use the browser's inspector to disable the "display: none", write something in the antispam input field (named
text), and submit. You should get a 403 error screen.
-
#6301 Fix text overflow in Source Interface replies
- [x] From the JI, send a source a long reply that is one word, like 200 exclamation marks (e.g. !!!!...).
- [x] Log in as that source, observe that the long reply correctly wraps and stays inside the red box.
-
#6240 Add aria- annotations for WTForms validation errors
- [x] Log into JI as an administrator
- [x] Begin adding a user and enter invalid values for each field (too short username, and too long (100+ chars) first and last names)
- [x] Click "Add User"
- [x] When the form comes back with validation errors, view source and observe that each invalid field is marked
aria-invalidand has anaria-describedbyannotation pointing to its validation errors.
Preflight testing
Basic testing
- [ ] Install or upgrade occurs without error
- [ ] Source interface is available and version string indicates it is 2.3.0
- [ ] A message can be successfully submitted
Tails
- [ ] The updater GUI appears on boot
- [ ] The update successfully occurs to 2.3.0
- [ ] After reboot, updater GUI no longer appears
cfm
eaon
eloquence
This is a tracking issue for the release of SecureDrop 2.3.0
Scheduled as follows:
Feature / string freeze: 2022-03-10 Pre-release announcement: 2022-03-21 Release date: 2022-03-28 Release manager: @zenmonkeykstop Deputy release manager: @legoktm Communications manager: @creviera Deputy CM: @eloquence Localization manager: @cfm Deputy LM: @zenmonkeykstop
QA team: TBD
SecureDrop maintainers and testers: As you QA 2.3.0, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them with the 2.3.0 milestone for tracking (or ask a maintainer to do so).
Test debian packages will be posted on https://apt-test.freedom.press signed with the test key
QA Matrix for 2.3.0
Test Plan for 2.3.0
Localization management
High-level summary of these steps can be found here: https://docs.securedrop.org/en/stable/development/i18n.html#two-weeks-before-the-release-string-freeze Duplicating that content as checkboxes below, for visibility:
Release management
Prepare release candidate (2.3.0~rc1)
2.3.0~rc1on test apt serverPrepare release candidate (2.3.0~rc2)
2.3.0~rc2on test apt serverFinal release
releasebranch in the LFS repo)releasebranch in the LFS repo for the debs)mainin the LFS repo)mainand verify new docs build in securedrop-docs repoPost release
securedrop-docs(version information in Wagtail is updated automatically)develop