8.6 KiB
8.6 KiB
Prop166 Test Matrix:
Divided into 2 sections. Basic tests confirm that the functionality works as-implemented. Extended tests ensure that features are not broken.
Very basic tests:
\1. Run the test scripts.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on port 8888.
2. Open a terminal.
3. Run the ./test-attack-is-working.sh script
4. Run the ./test-attack-is-broken.sh script
3. View attack.log and attack-broken.log files. Observe that attack.log indicates correlation, and attack-broken.log indicates no correlation.
Basic Tests:
\1. Confirm isolation works on both HTTP and HTTPS URL's within I2P.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on any port. Remember the port
2. Open a terminal.
3. Set an environment variable with your chosen port: `export http_port=port_number`
4. Set up the `http_proxy` environment variable: `export http_proxy=http://localhost:$http_port`
5. Set up the `https_proxy` environment variable: `export https_proxy=http://localhost:$http_port`
Continue in the shell.
+------------------------+-------------------------------------------------------------------+-----------+
| Using curl: | Desired Result: | Result: |
+------------------------+-------------------------------------------------------------------+-----------+
| curl http://idk.i2p/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | A b32 for it's unpublished destination should appear in the log. | |
+------------------------+-------------------------------------------------------------------+-----------+
| curl https://idk.i2p/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | A b32 for it's unpublished destination should appear in the log. | |
| | It should be the same as for http://idk.i2p above | |
+------------------------+-------------------------------------------------------------------+-----------+
|curl http://stats.i2p/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | A b32 for it's unpublished destination should appear in the log. | |
| | It should differ from the one for http*://idk.i2p above. | |
+------------------------+-------------------------------------------------------------------+-----------+
|curl https://stats.i2p/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | A b32 for it's unpublished destination should appear in the log. | |
| | It should be the same as for http://stats.i2p above | |
+------------------------+-------------------------------------------------------------------+-----------+
\2. Confirm outproxies and in-I2P traffic do not share a destination.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on any port. Remember the port
2. Open a terminal.
3. Set an environment variable with your chosen port: `export http_port=port_number`
4. Set up the `http_proxy` environment variable: `export http_proxy=http://localhost:$http_port`
5. Set up the `https_proxy` environment variable: `export https_proxy=http://localhost:$http_port`
Continue in the shell.
+------------------------+-------------------------------------------------------------------+-----------+
| Using curl: | Desired Result: | Result: |
+------------------------+-------------------------------------------------------------------+-----------+
| curl http://i2p.net/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | The log will report the use of the "null or outproxy client" | |
| | A b32 for it's unpublished destination should appear in the log. | |
| | It will differ from any b32 logged for any in-I2P URL. | |
+------------------------+-------------------------------------------------------------------+-----------+
| curl https://i2p.net/ | Observe the logs, a new proxy on a new port should be created. | As Desired|
| | A b32 for it's unpublished destination should appear in the log. | |
| | It should be the same as for http://i2p.net above | |
+------------------------+-------------------------------------------------------------------+-----------+
\3. Confirm isolation works in a normal web browser.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on any port. Remember the port
2. Open a terminal.
3. Set an environment variable with your chosen port: `export http_port=port_number`
4. Set up the `http_proxy` environment variable: `export http_proxy=http://localhost:$http_port`
5. Set up the `https_proxy` environment variable: `export https_proxy=http://localhost:$http_port`
6. Set up the `colluder_one` environment variable: `export colluder_one=http://`
7. Set up the `colluder_two` environment variable: `export colluder_two=http://`
8. Set up the `colluder_three` environment variable: `export colluder_three=http://`
Continue in the shell:
+---------------------------+-------------------------------------------------------------------+-----------+
| Using firefox: | Desired Result: | Result: |
+---------------------------+-------------------------------------------------------------------+-----------+
| /usr/bin/firefox \ | Colluder should report a unique destination, not present on any | As Desired|
| --profile=./tmp \ | other colluder. Should be consistent across refresh. | |
| "$colluder_one" | | |
+---------------------------+-------------------------------------------------------------------+-----------+
| /usr/bin/firefox \ | Colluder should report a unique destination, not present on any | As Desired|
| --profile=./tmp \ | other colluder. Should be consistent across refresh. | |
| "$colluder_two" | | |
+---------------------------+-------------------------------------------------------------------+-----------+
| /usr/bin/firefox \ | Colluder should report a unique destination, not present on any | As Desired|
| --profile=./tmp \ | other colluder. Should be consistent across refresh. | |
| "$colluder_three" | | |
+---------------------------+-------------------------------------------------------------------+-----------+
Extended Test:
\1. Confirm that blinded LeaseSets still work and that they isolate based on destination.
\3. Confirm isolation works in a normal web browser.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on any port. Remember the port
2. Open a terminal.
3. Set an environment variable with your chosen port: `export http_port=port_number`
4. Set up the `http_proxy` environment variable: `export http_proxy=http://localhost:$http_port`
5. Set up the `https_proxy` environment variable: `export https_proxy=http://localhost:$http_port`
6. Set up the `colluder_one` environment variable: `export colluder_one=http://`
7. Set up the `colluder_two` environment variable: `export colluder_two=http://`
8. Set up the `colluder_three` environment variable: `export colluder_three=http://`
\2. Confirm that encrypted LeaseSets still work and that they isolate based on destination.
Set up:
1. Configure an I2PTunnelHTTPBrowserClient(Tabbed HTTP Proxy) on any port. Remember the port
2. Open a terminal.
3. Set an environment variable with your chosen port: `export http_port=port_number`
4. Set up the `http_proxy` environment variable: `export http_proxy=http://localhost:$http_port`
5. Set up the `https_proxy` environment variable: `export https_proxy=http://localhost:$http_port`
6. Set up the `colluder_one` environment variable: `export colluder_one=http://`
7. Set up the `colluder_two` environment variable: `export colluder_two=http://`
8. Set up the `colluder_three` environment variable: `export colluder_three=http://`