RubyGems - foreman_scap_client - Versions diffs - 0.4.2 → 0.4.7 - Mend

foreman_scap_client 0.4.2 → 0.4.7

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 716a17a02e7db595c58b52c9e9b7a5cc5e6699b8
-  data.tar.gz: 99a477a8685316f1869fdc33ff570de68a726ad2
+SHA256:
+  metadata.gz: 613e57e5fe5d504abb771c1924649c18d3a01869e3d75fbf33c4d2078647dcaa
+  data.tar.gz: f5d061fd7061174a3ce2dd92348371a9cb672781b428950ccc7add94b1fa8b69
 SHA512:
-  metadata.gz: c4e16a9d6ae3286c84fb78df7e0f0ffdcde51d5ae3cad33cb3e6c61723fdb4012d4ca5a083d1a8b6ab7fcf3e004464529953fa1682a2086d2e78fd0eae1a28e5
-  data.tar.gz: cf277daeab91229474b34aa6a62ec6049c53b3eababb12716fde1ce665ab3450dc5e2d9826cf6e824fea2cd840fefefbf07b5ff231ef7d4a813f02a0270d14a6
+  metadata.gz: 6e7d76224ae9440cad7ba6592a0aee99909ec7be581e1da4bc9310b74161504127b9631148bd5371bc7616718eac76b64a6565c04250c0488ac24d2db5860104
+  data.tar.gz: 2c6a1f7531f5a996847718255dca2e3bf4d1d5b091242402e71748450e3971ead373031217b3ce9b96d84aa568018374aacf37943786943db4becf068150d922

@@ -2,6 +2,9 @@
 :server: 'foreman_proxy.example.com'
 :port: 8443
+# Timeout for sending reports to proxy
+:timeout: 60
 # Should --fetch-remote-resources be added to `oscap xccdf eval` command
 :fetch_remote_resources: true
@@ -15,6 +18,8 @@
 :host_certificate: '/var/lib/puppet/ssl/certs/client.example.com.pem'
 # this client private key, usually the same that puppet agent use
 :host_private_key: '/var/lib/puppet/ssl/private_keys/client.example.com.pem'
+# optional cipher list if endpoints are hardened
+:ciphers: ["AES256-SHA:AES128-SHA:DES-CBC3-SHA"]
 # policy (key is id as in Foreman)
 1:

@@ -45,6 +45,7 @@ module ForemanScapClient
     def scan
       puts "DEBUG: running: " + scan_command
+      puts "with ENV vars: #{scan_command_env_vars}" unless scan_command_env_vars.empty?
       if RUBY_VERSION.start_with? '1.8'
         legacy_run_scan
@@ -56,7 +57,7 @@ module ForemanScapClient
     def run_scan
       stdout_str, error_str, result = Open3.capture3(scan_command_env_vars, scan_command)
       if result.success? || result.exitstatus == 2
-        puts error_str.split("\n").select { |item| item.start_with? 'WARNING:' }.join("\n")
+        puts error_str.split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
         @report = results_path
       else
         puts 'Scan failed'
@@ -141,6 +142,7 @@ module ForemanScapClient
       uri = URI.parse(upload_uri)
       puts "Uploading results to #{uri}"
       https = generate_https_object(uri)
+      https.read_timeout = config[:timeout] if config[:timeout]
       request = Net::HTTP::Post.new uri.path
       request.body = File.read(results_bzip_path)
       request['Content-Type'] = 'text/xml'
@@ -169,6 +171,7 @@ module ForemanScapClient
     def generate_https_object(uri)
       https = Net::HTTP.new(uri.host, uri.port)
       https.use_ssl = true
+      https.ciphers = config[:ciphers] if config[:ciphers]
       https.verify_mode = OpenSSL::SSL::VERIFY_PEER
       https.ca_file = config[:ca_file]
       begin

@@ -1,3 +1,3 @@
 module ForemanScapClient
-  VERSION = "0.4.2"
+  VERSION = "0.4.7"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: foreman_scap_client
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.4.7
 platform: ruby
 authors:
 - Marek Hulan
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-02-12 00:00:00.000000000 Z
+date: 2020-07-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -78,8 +78,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements:
 - bzip2
-rubyforge_project:
-rubygems_version: 2.6.8
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: Client script that runs openscap scan and uploads the result to foreman proxy