Update for proxy v2

Now that proxy v2 has landed (see
<freedomofpress/securedrop-client#1718>), we can:

* Remove the qubes.Filecopy RPC rule from sd-proxy to sd-client
  (it now goes over the securedrop.Proxy RPC)
* Remove the sd-proxy.yaml configuration (now read from QubesDB)
* Fix RPC test, as the securedrop-proxy now returns a non-zero
  exit code on malformed input.

Fixes #1026.

dom0/sd-proxy.sls

@@ -36,5 +36,4 @@ sd-proxy-config:
   qvm.features:
     - name: sd-proxy
     - set:
-        # TODO: sd-proxy: /home/user/.securedrop_proxy/sd-proxy.yaml
         - vm-config.SD_PROXY_ORIGIN: http://{{ d.hidserv.hostname }}

dom0/sd-workstation.top

@@ -50,7 +50,6 @@ base:
   sd-devices-dvm:
     - sd-mime-handling
   sd-proxy:
-    - sd-proxy-files
     - sd-mime-handling
 
   # "Placeholder" config to trigger TemplateVM boots,

files/31-securedrop-workstation.policy

@@ -39,7 +39,6 @@ qubes.ClipboardPaste    *           sd-app @tag:sd-receive-app-clipboard ask
 
 qubes.Filecopy          *           sd-log @default ask
 qubes.Filecopy          *           sd-log @tag:sd-receive-logs ask
-qubes.Filecopy          *           sd-proxy @tag:sd-client allow
 
 qubes.OpenInVM          *           @tag:sd-client @dispvm:sd-viewer allow
 qubes.OpenInVM          *           @tag:sd-client sd-devices allow

tests/test_proxy_vm.py

@@ -1,5 +1,3 @@
-import json
-import subprocess
 import unittest
 
 from base import SD_VM_Local_Test
@@ -21,46 +19,12 @@ def test_do_not_open_here(self):
     def test_sd_proxy_package_installed(self):
         self.assertTrue(self._package_is_installed("securedrop-proxy"))
 
-    def test_sd_proxy_yaml_config(self):
-        with open("config.json") as c:
-            config = json.load(c)
-            hostname = config["hidserv"]["hostname"]
-
-        # Config file moved to private volume during template consolidation
-        assert not self._fileExists("/etc/sd-proxy.yaml")
-
-        wanted_lines = [
-            "host: {}".format(hostname),
-            "scheme: http",
-            "port: 80",
-            "target_vm: sd-app",
-            "dev: False",
-        ]
-        for line in wanted_lines:
-            self.assertFileHasLine("/home/user/.securedrop_proxy/sd-proxy.yaml", line)
-
     def test_sd_proxy_config(self):
         self.assertEqual(
             f"http://{self.dom0_config['hidserv']['hostname']}",
             self._vm_config_read("SD_PROXY_ORIGIN"),
         )
 
-    def test_sd_proxy_writable_config_dir(self):
-        # Directory must be writable by normal user. If owned by root,
-        # sd-proxy can't write logs, and will fail, blocking client logins.
-        result = False
-        try:
-            self._run("test -w /home/user/.securedrop_proxy")
-            result = True
-        except subprocess.CalledProcessError:
-            pass
-        self.assertTrue(result)
-
-    def test_sd_proxy_rpc_spec(self):
-        wanted_lines = ["/usr/bin/sd-proxy /home/user/.securedrop_proxy/sd-proxy.yaml"]
-        for line in wanted_lines:
-            self.assertFileHasLine("/etc/qubes-rpc/securedrop.Proxy", line)
-
     def test_whonix_ws_repo_absent(self):
         """
         The sd-proxy VM was previously based on Whonix Workstation,

tests/test_qubes_rpc.py

@@ -5,6 +5,7 @@
 from qubesadmin import Qubes
 
 RETURNCODE_SUCCESS = 0
+RETURNCODE_ERROR = 1
 RETURNCODE_DENIED = 126
 
 
@@ -52,7 +53,9 @@ def test_sdlog_from_other_to_sdlog_denied(self):
 
     # securedrop.Proxy from sd-app to sd-proxy should be allowed
     def test_sdproxy_from_sdapp_to_sdproxy_allowed(self):
-        self.assertEqual(self._qrexec("sd-app", "sd-proxy", "securedrop.Proxy"), RETURNCODE_SUCCESS)
+        # proxy RPC returns an error due to malformed input, but it still goes through
+        # (i.e. not DENIED)
+        self.assertEqual(self._qrexec("sd-app", "sd-proxy", "securedrop.Proxy"), RETURNCODE_ERROR)
 
     # securedrop.Proxy from anything else to sd-proxy should be denied
     def test_sdproxy_from_other_to_sdproxy_denied(self):