Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add test for in-tunnel IP leak via APR requests on Linux (MLLVD-CR-24-03) #7183

Merged
merged 3 commits into from
Nov 15, 2024
Merged

Add test for in-tunnel IP leak via APR requests on Linux (MLLVD-CR-24-03) #7183

merged 3 commits into from
Nov 15, 2024

Conversation

MarkusPettersson98
Copy link
Contributor

@MarkusPettersson98 MarkusPettersson98 commented Nov 15, 2024
edited by faern
Loading

This PR adds an end-to-end test to check that the app properly protects against leaking the private in-tunnel IP via ARP requests on Linux. This is a follow up to #7141.

I confirmed that the test works by first running the test without #7141 and see that the in-tunnel IP indeed can leak. Then I ran the test a second time with #7141 and observed no leaks.

Test runs

🔴 Without #7141: https://github.com/mullvad/mullvadvpn-app/actions/runs/11851540636/job/33028399991
✔️ With #7141: https://github.com/mullvad/mullvadvpn-app/actions/runs/11851490017/job/33028260661

Misc

This PR additionally moves all audit-related end-to-end tests to a newly created module called audits. This makes it easier to track which audit issues we automatically check for regressions.

This change is Reviewable

@linear Linear
Copy link

linear bot commented Nov 15, 2024

DES-1438 Add e2e tests for arp-ping leak

@MarkusPettersson98 MarkusPettersson98 force-pushed the add-e2e-tests-for-arp-ping-leak-des-1438 branch from ba7cedf to 919fcbb Compare November 15, 2024 08:09
dlon
dlon previously approved these changes Nov 15, 2024
View reviewed changes
Copy link
Member

@dlon dlon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 7 of 7 files at r1, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@MarkusPettersson98 MarkusPettersson98 force-pushed the add-e2e-tests-for-arp-ping-leak-des-1438 branch from 919fcbb to c655e51 Compare November 15, 2024 08:47
@MarkusPettersson98 MarkusPettersson98 force-pushed the add-e2e-tests-for-arp-ping-leak-des-1438 branch from c655e51 to 8bd6218 Compare November 15, 2024 08:58
dlon
dlon approved these changes Nov 15, 2024
View reviewed changes
Copy link
Member

@dlon dlon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 2 of 2 files at r2, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@MarkusPettersson98 MarkusPettersson98 merged commit 4d7fb81 into main Nov 15, 2024
49 checks passed
@MarkusPettersson98 MarkusPettersson98 deleted the add-e2e-tests-for-arp-ping-leak-des-1438 branch November 15, 2024 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlon dlon dlon approved these changes

@Serock3 Serock3 Awaiting requested review from Serock3

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarkusPettersson98 @dlon