Securedrop: Release SecureDrop 0.5

Created on 28 Nov 2017  路  24Comments  路  Source: freedomofpress/securedrop

This is a tracking issue for the upcoming release of SecureDrop 0.5 - tasks may get added or modified.

Feature freeze: EOD November 28th, 2017 in the Pacific Time Zone. After feature freeze, we begin a one-week testing and QA period.

Release: planned for December 5th, 2017.

_SecureDrop maintainers and testers:_ As you QA 0.5, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them to the 0.5 milestone for tracking.

Pre-release

  • [x] Send 0.5 pre-release notification to admins - @redshiftzero

Finish release candidate (0.5-rc1)

  • [x] Branch release/0.5 off develop - @redshiftzero
  • [x] Prepare 0.5-rc1 tag - @redshiftzero

At this point we did a merge of translations and moved immediately to 0.5-rc2.

Finish release candidate (0.5-rc2)

  • [x] Prepare 0.5-rc2 tag - @redshiftzero
  • [x] Build test debs - @conorsch
  • [x] Stand up test apt server with 0.5-rc2 packages - @conorsch

QA (0.5-rc2)

  • [x] Test upgrade from 0.4.4 works on prod w/ test repo debs - tested by several people including @redshiftzero
  • [ ] Test install (not upgrade) of 0.5 works on prod w/ test repo debs

Finish release candidate (0.5-rc3)

  • [x] Prepare 0.5-rc3 tag - @redshiftzero
  • [x] Build test debs - @conorsch
  • [x] Stand up test apt server with 0.5-rc3 packages - @conorsch

QA (0.5-rc3)

  • [x] Test upgrade from 0.4.4 works on prod w/ test repo debs - tested by multiple people including @redshiftzero
  • [ ] Test install (not upgrade) of 0.5 works on prod w/ test repo debs

We pushed up 0.4-rc4 and moved immediately to 0.5-rc5

Finish release candidate (0.5-rc5)

  • [x] Prepare 0.5-rc5 tag - @redshiftzero
  • [x] Build test debs - @conorsch
  • [x] Stand up test apt server with 0.5-rc5 packages - @conorsch

QA (0.5-rc5)

  • [ ] Test upgrade from 0.4.4 works on prod w/ test repo debs
  • [x] Test install (not upgrade) of 0.5 works on prod w/ test repo debs - @redshiftzero

Final release candidate (0.5-rc6)

  • [x] Update all screenshots in user guides - @redshiftzero
  • [x] Merge final documentation updates
  • [x] Final merge of translations - @dachary
  • [x] Push up new rc - @redshiftzero
  • [x] Build test debs - @conorsch
  • [x] Stand up test apt server with 0.5-rc2 packages - @conorsch

Pre Flight Checks (0.5-rc6)

  • [x] Test upgrade from 0.4.4 works on prod w/ test repo debs
  • [x] Test install (not upgrade) of 0.5 works on prod w/ test repo debs - @redshiftzero
  • [x] Test install (not upgrade) of 0.5 on hardware w/ test repo debs - @freddymartinez9

Release

  • [x] Build final Debian packages for 0.5
  • [x] Release 0.5
  • [x] Publish blog post about 0.5 Debian package release and instructions for admins

Post-release

  • [x] Merge release changes into master branch
  • [x] Merge release changes into development branch

All 24 comments

Now that 0.5 is branched, I volunteer to propose a daily merge back to develop, same as what we did for 0.4.3. What do you think ?

Sure I'm happy to review them

Today the changes are not significant enough to deserve a pull request: let's wait for something more substantial :-)

$ git --no-pager log --oneline origin/develop..origin/release/0.5
53aea326a SecureDrop 0.5-rc1

There are commits to merge back to develop from yesterday's action.

$ git --no-pager  log --oneline --cherry-mark --right-only origin/develop...origin/release/0.5
+ 19aeab4ad Merge pull request #2638 from freedomofpress/wip-dachary-0.5-remove-unecessary-gettext
+ 6d51601f8 Merge pull request #2635 from freedomofpress/lang-selection-pt_BR
+ 0e73e2b82 Revert "l18n: install gettext on app server"
+ a29db9d68 Fix #2631: Add Brazil flag to language selector for pt_BR locale
+ f99ce0004 SecureDrop 0.5-rc2
+ 63a36cf4e Merge pull request #2630 from freedomofpress/wip-dachary-0.5-i18n
+ 30ffc19a7 l10n: sync ar de_DE es_ES fr_FR nb_NO nl pt_BR translations
+ 53aea326a SecureDrop 0.5-rc1

Proposed at #2640

0.4.4->0.5 upgrade in prod VM testing

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login
  • [x] Test form validation on new user creation on journalist interface
  • Verify interface rendering and functionality in:

    • [~] Arabic - Filed a bunch of mostly minor style issues, one i10n issue

    • [ ] Norwegian - TODO

  • [x] Test non-en_US default locale - SSHed in, set DEFAULT_LOCALE to ar

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded
  • [x] OSSEC emails begin to flow after install
  • [x] OSSEC emails are decrypted to correct key and I am able to decrypt them
  • [x] OSSEC emails contain the string "Ossec server started"

Command Line User Generation

  • [x] Can successfully add admin user

Application Acceptance Testing - all done in ar locale

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

Today the changes are not significant enough to deserve a pull request: let's wait for something more substantial :-)

$ git --no-pager  log --oneline --cherry-mark --right-only origin/develop...origin/release/0.5
+ 1f368ca62 Merge pull request #2650 from freedomofpress/wip-dachary-0.5-wtf-gettext
+ cc00ae745 SecureDrop 0.5-rc3

Note that the isolated merge commit comes from the fact that the corresponding commit was (incorrectly) merged into develop before being merged into release/0.5. It was then merged into release/0.5 reason why there is a merge commit. Since both commit have the same patch-id, they are considered identical and are not shown by git-log.

Done with the development environment, not an actual installation

Application Acceptance Testing - all done in fr_FR locale

Source Interface

Landing page base cases
  • [ ] JS warning bar does not appear when using Security Slider high
  • [ ] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename (in french)
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 27kb text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Firefox _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] When the source deletes a reply it no longer shows
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

Done with the prod vm, not a physical installation

Application Acceptance Testing - all done in pt_BR locale

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename (in english)
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 27kb text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Firefox _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] When the source deletes a reply it no longer shows
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

Done with the prod vm, not a physical installation

Application Acceptance Testing - all done in nl locale

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename (in english)
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 27kb text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Firefox _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] When the source deletes a reply it no longer shows
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

Yesterday done with production VM.

QA checklist

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login
  • [x] Test form validation on new user creation on journalist interface
  • [x] Test non-en_US default locale

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded

Command Line User Generation

  • [x] Can successfully add admin user

Application Acceptance Testing

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low

x# First submission base cases

  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

I ran through a hardware upgrade from 0.4.4 to 0.5rc3 this morning following the upgrade instructions. Everything works as intended from the hardware perspective. I also ran through a ./securedrop-admin sdconfig and ./securedrop-admin install with a new language and it uses es_ES as the default with en_US as a secondary option

I chose de_DE as the preferred language in Tor, and then I can see some missing Unicode characters in the Journalist view, is it because I am on English locale in the Tails?
missing_something

@kushaldas: good question - is your Tor security slider set to high? The icons will be disabled if the security slider is set to high on the journalist interface. We encourage sources to set the slider to high, but not journalists at this time. If/when we do encourage journalists to set the slider to high we'll have to fix the rendering of these icons - until then this is expected behavior.

@redshiftzero That answers the question. Thank you for the explanation.

QA checklist

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login
  • [x] Test form validation on new user creation on journalist interface (related #2644)
  • Verify interface rendering and functionality in:

    • [x] Spanish

    • [ ] Norwegian

    • [ ] Arabic

    • [ ] French

    • [ ] German

    • [ ] Portuguese

    • [ ] Dutch

  • [x] Test non-en_US default locale

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded

Command Line User Generation

  • [x] Can successfully add admin user
  • [N/A] User with empty password cannot be created
  • [N/A] User with password < 12 characters cannot be created

Application Acceptance Testing

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

Now tested again with de_DE locale. I have created two CSS issue I found.

QA checklist

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login
  • [x] Test form validation on new user creation on journalist interface
  • Verify interface rendering and functionality in:

    • [ ] Spanish

    • [ ] Norwegian

    • [ ] Arabic

    • [ ] French

    • [x] German

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded

Command Line User Generation

  • [x] Can successfully add admin user

Application Acceptance Testing

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low

x# First submission base cases

  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

There are commits to merge back to develop from yesterday's action.

$ git --no-pager  log --oneline --cherry-mark --right-only origin/develop...origin/release/0.5
+ 48bc7f4d7 Merge pull request #2658 from freedomofpress/fix-button-stacking-sass
+ 9616a166d Merge pull request #2660 from freedomofpress/shrink-journalist-reply-box
+ a0081399e SecureDrop 0.5-rc4
+ 6fa8b2b0f Fix #2653: Set max width of journalist reply box to prevent overflowing
+ 1ccb41c88 Fix #2656: Ensure buttons with lots of text go to two lines gracefully
+ 5f064f536 Merge pull request #2629 from freedomofpress/wip-dachary-i18n-doc
+ 85e19096d docs: document language selection during install/upgrade
+ 595f4214a docs: explain how to rebuild the weblate full text index
+ cdddf95f2 docs: reminder to run --pages-layout before submitting translations
+ d3acd480e docs: also pull desktop translations from weblate
+ 1c941a73d docs: instructions on how to create new translations
+ b65e468d5 docs: remove extra :
+ c1095683d docs: use new translate make target to update all .po
+ 3fde9d578 Merge pull request #2648 from freedomofpress/fix-i10n-logout-src
+ 8febc7634 Update source interface unit tests for i10n fix for #2647
+ 8a372d12d Fix #2647: Make sure source interface logout preserves user locale
+ b77003d2a Merge pull request #2655 from freedomofpress/fix-swapped-string
+ 1f368ca62 Merge pull request #2650 from freedomofpress/wip-dachary-0.5-wtf-gettext
+ a112ed015 Fix swapped message/document string and numerical value
+ cc00ae745 SecureDrop 0.5-rc3

Proposed at #2661

No problems found in Norwegian

Application Acceptance Testing - Norwegian on 0.5-rc3

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
    paralyze unified jokester dropbox concrete contact sinless
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

There are commits to merge back to develop from yesterday's action.

$ git --no-pager  log --oneline --cherry-mark --right-only origin/develop...origin/release/0.5
+ 196c6562c Merge pull request #2664 from freedomofpress/add-screenshots-for-0.5
+ 8491de22d Merge pull request #2663 from freedomofpress/fix-rtl-time-box
+ 53cf380f2 SecureDrop 0.5-rc5
+ 9d2f01e20 Update screenshots in user guides for SecureDrop 0.5
+ ee83c7b0d Fix page layout admin HOTP test: Secret must be 40 chars
+ bfc617eec Remove unnecessary styling in logout message on source interface
+ 39ff015e0 Fix RTL rendering of time box on journalist interface

Proposed at #2666

There are commits to merge back to develop from yesterday's action.

$ git --no-pager  log --oneline --cherry-mark --right-only origin/develop...origin/release/0.5
+ 780784a49 Merge pull request #2659 from freedomofpress/docs-gpg-turducken
+ 0c857eead Merge pull request #2665 from freedomofpress/wip-dachary-0.5-clear-assets
+ 567b53ec7 app: remove generated assets after installation
+ 902a46975 Add note about airgap phishing
+ a8f57df05 Explain how to handle double encrypted documents
+ 463d19f4f Docs: Organize "Working with Documents" section in journalist guide

Proposed at #2669

Test install (not upgrade) of 0.5 works on prod w/ test repo debs I was able to run through this on a test hardware installation from scratch.

QA checklist 0.5rc3 to 0.5rc6 update

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login
  • [x] Test form validation on new user creation on journalist interface
  • Verify interface rendering and functionality in:

    • [ ] Spanish

    • [ ] Norwegian

    • [ ] Arabic

    • [ ] French

    • [x] German

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded

Command Line User Generation

  • [x] Can successfully add admin user

Application Acceptance Testing

Source Interface

Landing page base cases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low

x# First submission base cases

  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS

0.5rc6 is QA'ed on a fresh hardware install and passes all tests. Note: OSSEC was not tested.

QA checklist

0.5 Specific Testing

  • [x] Enable multiple languages via ./securedrop-admin sdconfig and install
  • [x] SMTP and SASL domain validation works (./securedrop-admin sdconfig)
  • [x] Verify after running ./securedrop-admin tailsconfig in Tails 3.3 that the desktop shortcuts are marked trusted
  • [x] Verify the trusted metadata on desktop shortcut persists after reboot
  • [x] Test form validation on source interface codename login (in the correct language, related to #2644 bug no longer applies)
  • [x] Test form validation on new user creation on journalist interface
  • Verify interface rendering and functionality in:

    • [x] Spanish

    • [ ] Norwegian

    • [ ] Arabic

    • [x] French

    • [ ] German

    • [ ] Portuguese

    • [ ] Dutch

  • [x] Test non-en_US default locale

Basic Server Testing

  • [x] I can access both the source and journalist interfaces
  • [x] I can SSH into both machines over Tor
  • [x] AppArmor is loaded on app
  • [x] AppArmor is loaded on mon
  • [x] Both servers are running grsec kernels
  • [x] iptables rules loaded

Command Line User Generation

  • [x] Can successfully add admin user
  • [N/A ] User with empty password cannot be created
  • [N/A] User with password < 12 characters cannot be created

Application Acceptance Testing

Source Interface

Landing page base xcases
  • [x] JS warning bar does not appear when using Security Slider high
  • [x] JS warning bar does appear when using Security Slider Low
First submission base cases
  • [x] On generate page, refreshing codename produces a new 7-word codename
  • [x] On submit page, empty submissions produce flashed message
  • [x] On submit page, short message submitted successfully
  • [x] On submit page, unicode submissions submitted successfully
  • [x] On submit page, 150 paragraph text submitted successfully
  • [x] On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser _quickly_ before the entire file is uploaded
  • [x] On submit page, file less than 500 MB submitted successfully
Returning source base cases
  • [x] Nonexistent codename cannot log in
  • [x] Empty codename cannot log in
  • [x] Legitimate codename can log in
  • [x] Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases
  • [x] Can log in with 2FA tokens
  • [x] incorrect password cannot log in
  • [x] invalid 2fa token cannot log in
  • [x] 2fa immediate reuse cannot log in
Index base cases
  • [x] Filter by codename works
  • [x] Starring and unstarring works
  • [x] Click select all selects all submissions
  • [x] Selecting all and clicking "Download all" works
Individual source page
  • [x] You can submit a reply and a flashed message and new row appears
  • [x] You cannot submit an empty reply
  • [x] Clicking "Delete collection" and the source and docs are deleted
  • [x] You can click on a document and successfully decrypt on SVS
    Add Comment

0.5 was released and deployed to all instances without issue. Closing!

Was this page helpful?
0 / 5 - 0 ratings