Release SecureDrop 1.7.1

[zenmonkeykstop]

This is a tracking issue for the release of SecureDrop 1.7.1

String and feature freeze: N/A (no string changes)
String comment period: N/A (no string changes)
Translation period: N/A (no string changes)
Pre-release announcement: 2021-01-27
Translation freeze: N/A (no string changes)
Release date: 2021-01-27

Release manager: @zenmonkeykstop
Deputy release manager: @conorsch
Localization manager: N/A
Deputy localization manager: N/A

SecureDrop maintainers and testers: As you QA 1.7.1, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them with the 1.7.1 milestone for tracking (or ask a maintainer to do so).

QA Matrix for 1.7.1

Test Plan for 1.7.1

After each test, please update the QA matrix and post details for Basic Server Testing, Application Acceptance Testing and 1.7.1-specific testing below in comments to this ticket.

Final release

• Branch off release/1.7.1 from release/1.7.0 (as this is a point release with no RC)
• Ensure builder in release branch is updated and/or update builder image
• Push signed tag
• Build final Debian packages for 1.7.1 (and preserve build logs)
• Commit package build logs to https://github.com/freedomofpress/build-logs
• Upload Debian packages to apt QA server (including new tor packages)
• Pre-Flight: Test install and upgrade (both cron-apt on Xenial, and Ansible on Xenial) of 1.7.1 works w/ prod repo debs, test updater logic in Tails
• Flip apt QA server to prod status
• merge the release branch changes to main
• update docs repo and verify new docs build
• Prepare and distribute release messaging

Post release

• Create GitHub release object
• Merge changelog back to develop
• Update upgrade testing boxes
• Update roadmap wiki page

[rocodes]

Environment

• Install target: prod hardware NUC7i7DNHE
• Tails version: 4.14
• Test Scenario: 1.7.0 -> cron-apt upgrade
• SSH over Tor: yes
• Onion service version: v2+v3
• Release candidate:

Preparing the environment

In order to confirm resolution of the bug affecting configuration logic, you must first reproduce the error by editing the config.

1. Perform fresh install of 1.7.0 prod, create journalist account, confirm login.
2. SSH into app server, edit /var/www/securedrop/config.py and comment out the SESSION_EXPIRATION_MINUTES line.
3. Run sudo service apache2 restart
4. Observe 500s on both Source & Journalist interfaces. (Confirmed)

Now you're ready to proceed with the upgrade of application version, and evaluate the fix.

Performing the upgrade

We'll prepare the packages for 1.7.1 and post them on https://apt-qa.freedom.press/. In order to upgrade:

1. SSH into app server
2. Edit /etc/apt/security.list and change apt.freedom.press to apt-qa.freedom.press.
3. Run sudo cron-apt -i -s as described in Update guide for SecureDrop 1.7.1; bump docs version securedrop-docs#142
4. Confirm working Source & Journalist Interfaces. (Confimed) Proceed with functional review of webapp as normal, see below.

Command Line User Generation

• Can successfully add admin user and login (Note: CryptographyDeprecationWarning from /var/www/securedrop/secure_tempfile.py:10 about Python 3.5 when running the manage.py add-admin command)

Application Acceptance Testing

Source Interface

Landing page base cases

• JS warning bar does not appear when using Security Slider high
• JS warning bar does appear when using Security Slider Low

First submission base cases

• On generate page, refreshing codename produces a new 7-word codename
• On submit page, empty submissions produce flashed message
• On submit page, short message submitted successfully
• On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser quickly before the entire file is uploaded
• On submit page, file less than 500 MB submitted successfully

Returning source base cases

• Nonexistent codename cannot log in
• Empty codename cannot log in
• Legitimate codename can log in
• Returning user can view journalist replies - need to log into journalist interface to test

Journalist Interface

Login base cases

• Can log in with 2FA tokens
• incorrect password cannot log in
• invalid 2fa token cannot log in
• 2fa immediate reuse cannot log in
• Journalist account with HOTP can log in (TK)

Index base cases

• Filter by codename works but not available with Tor Security Slider at High
• Starring and unstarring works
• Click select all selects all submissions
• Selecting all and clicking "Download" works

Individual source page

• You can submit a reply and a flashed message and new row appears
• You cannot submit an empty reply
• Clicking "Delete Source And Submissions" and the source and docs are deleted
• You can click on a document and successfully decrypt using application private key

Basic Tails Testing

After updating to this release candidate and running securedrop-admin tailsconfig

• The Updater GUI appears on boot
• Updating occurs without issue (n/a)