foreman_scap_client 0.4.2 → 0.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 716a17a02e7db595c58b52c9e9b7a5cc5e6699b8
4
- data.tar.gz: 99a477a8685316f1869fdc33ff570de68a726ad2
2
+ SHA256:
3
+ metadata.gz: 613e57e5fe5d504abb771c1924649c18d3a01869e3d75fbf33c4d2078647dcaa
4
+ data.tar.gz: f5d061fd7061174a3ce2dd92348371a9cb672781b428950ccc7add94b1fa8b69
5
5
  SHA512:
6
- metadata.gz: c4e16a9d6ae3286c84fb78df7e0f0ffdcde51d5ae3cad33cb3e6c61723fdb4012d4ca5a083d1a8b6ab7fcf3e004464529953fa1682a2086d2e78fd0eae1a28e5
7
- data.tar.gz: cf277daeab91229474b34aa6a62ec6049c53b3eababb12716fde1ce665ab3450dc5e2d9826cf6e824fea2cd840fefefbf07b5ff231ef7d4a813f02a0270d14a6
6
+ metadata.gz: 6e7d76224ae9440cad7ba6592a0aee99909ec7be581e1da4bc9310b74161504127b9631148bd5371bc7616718eac76b64a6565c04250c0488ac24d2db5860104
7
+ data.tar.gz: 2c6a1f7531f5a996847718255dca2e3bf4d1d5b091242402e71748450e3971ead373031217b3ce9b96d84aa568018374aacf37943786943db4becf068150d922
@@ -2,6 +2,9 @@
2
2
  :server: 'foreman_proxy.example.com'
3
3
  :port: 8443
4
4
 
5
+ # Timeout for sending reports to proxy
6
+ :timeout: 60
7
+
5
8
  # Should --fetch-remote-resources be added to `oscap xccdf eval` command
6
9
  :fetch_remote_resources: true
7
10
 
@@ -15,6 +18,8 @@
15
18
  :host_certificate: '/var/lib/puppet/ssl/certs/client.example.com.pem'
16
19
  # this client private key, usually the same that puppet agent use
17
20
  :host_private_key: '/var/lib/puppet/ssl/private_keys/client.example.com.pem'
21
+ # optional cipher list if endpoints are hardened
22
+ :ciphers: ["AES256-SHA:AES128-SHA:DES-CBC3-SHA"]
18
23
 
19
24
  # policy (key is id as in Foreman)
20
25
  1:
@@ -45,6 +45,7 @@ module ForemanScapClient
45
45
 
46
46
  def scan
47
47
  puts "DEBUG: running: " + scan_command
48
+ puts "with ENV vars: #{scan_command_env_vars}" unless scan_command_env_vars.empty?
48
49
 
49
50
  if RUBY_VERSION.start_with? '1.8'
50
51
  legacy_run_scan
@@ -56,7 +57,7 @@ module ForemanScapClient
56
57
  def run_scan
57
58
  stdout_str, error_str, result = Open3.capture3(scan_command_env_vars, scan_command)
58
59
  if result.success? || result.exitstatus == 2
59
- puts error_str.split("\n").select { |item| item.start_with? 'WARNING:' }.join("\n")
60
+ puts error_str.split("\n").select { |item| item.start_with?('WARNING:') || item.start_with?('Downloading') }.join("\n")
60
61
  @report = results_path
61
62
  else
62
63
  puts 'Scan failed'
@@ -141,6 +142,7 @@ module ForemanScapClient
141
142
  uri = URI.parse(upload_uri)
142
143
  puts "Uploading results to #{uri}"
143
144
  https = generate_https_object(uri)
145
+ https.read_timeout = config[:timeout] if config[:timeout]
144
146
  request = Net::HTTP::Post.new uri.path
145
147
  request.body = File.read(results_bzip_path)
146
148
  request['Content-Type'] = 'text/xml'
@@ -169,6 +171,7 @@ module ForemanScapClient
169
171
  def generate_https_object(uri)
170
172
  https = Net::HTTP.new(uri.host, uri.port)
171
173
  https.use_ssl = true
174
+ https.ciphers = config[:ciphers] if config[:ciphers]
172
175
  https.verify_mode = OpenSSL::SSL::VERIFY_PEER
173
176
  https.ca_file = config[:ca_file]
174
177
  begin
@@ -1,3 +1,3 @@
1
1
  module ForemanScapClient
2
- VERSION = "0.4.2"
2
+ VERSION = "0.4.7"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_scap_client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
4
+ version: 0.4.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marek Hulan
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2019-02-12 00:00:00.000000000 Z
13
+ date: 2020-07-17 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: bundler
@@ -78,8 +78,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
78
78
  version: '0'
79
79
  requirements:
80
80
  - bzip2
81
- rubyforge_project:
82
- rubygems_version: 2.6.8
81
+ rubygems_version: 3.1.2
83
82
  signing_key:
84
83
  specification_version: 4
85
84
  summary: Client script that runs openscap scan and uploads the result to foreman proxy