inspec 1.40.0 → 1.41.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +30 -9
- data/docs/matchers.md +18 -0
- data/docs/plugin_kitchen_inspec.md +18 -24
- data/docs/profiles.md +39 -2
- data/docs/resources/aide_conf.md.erb +18 -28
- data/docs/resources/apache_conf.md.erb +19 -33
- data/docs/resources/apt.md.erb +22 -36
- data/docs/resources/audit_policy.md.erb +9 -24
- data/docs/resources/auditd.md.erb +9 -24
- data/docs/resources/auditd_conf.md.erb +20 -34
- data/docs/resources/auditd_rules.md.erb +8 -24
- data/docs/resources/bash.md.erb +4 -26
- data/docs/resources/bond.md.erb +25 -40
- data/docs/resources/bridge.md.erb +5 -25
- data/docs/resources/bsd_service.md.erb +5 -25
- data/docs/resources/command.md.erb +35 -50
- data/docs/resources/crontab.md.erb +9 -23
- data/docs/resources/csv.md.erb +12 -27
- data/docs/resources/dh_params.md +1 -0
- data/docs/resources/directory.md.erb +5 -25
- data/docs/resources/docker.md.erb +60 -57
- data/docs/resources/docker_container.md.erb +23 -19
- data/docs/resources/docker_image.md.erb +20 -16
- data/docs/resources/etc_fstab.md.erb +5 -2
- data/docs/resources/etc_group.md.erb +29 -45
- data/docs/resources/etc_hosts.md.erb +6 -0
- data/docs/resources/etc_hosts_allow.md.erb +6 -2
- data/docs/resources/etc_hosts_deny.md.erb +6 -2
- data/docs/resources/file.md.erb +198 -212
- data/docs/resources/firewalld.md.erb +7 -1
- data/docs/resources/gem.md.erb +21 -35
- data/docs/resources/group.md.erb +16 -30
- data/docs/resources/grub_conf.md.erb +9 -24
- data/docs/resources/host.md.erb +32 -49
- data/docs/resources/http.md.erb +38 -44
- data/docs/resources/iis_app.md.erb +25 -35
- data/docs/resources/iis_site.md.erb +26 -40
- data/docs/resources/inetd_conf.md.erb +27 -42
- data/docs/resources/ini.md.erb +9 -23
- data/docs/resources/interface.md.erb +5 -25
- data/docs/resources/iptables.md.erb +15 -29
- data/docs/resources/json.md.erb +12 -27
- data/docs/resources/kernel_module.md.erb +47 -61
- data/docs/resources/kernel_parameter.md.erb +15 -29
- data/docs/resources/key_rsa.md.erb +3 -0
- data/docs/resources/launchd_service.md.erb +5 -25
- data/docs/resources/limits_conf.md.erb +15 -29
- data/docs/resources/login_def.md.erb +15 -30
- data/docs/resources/mount.md.erb +18 -33
- data/docs/resources/mssql_session.md.erb +9 -12
- data/docs/resources/mysql_conf.md.erb +17 -32
- data/docs/resources/mysql_session.md.erb +15 -29
- data/docs/resources/nginx.md.erb +6 -0
- data/docs/resources/nginx_conf.md.erb +25 -20
- data/docs/resources/npm.md.erb +19 -35
- data/docs/resources/ntp_conf.md.erb +20 -37
- data/docs/resources/oneget.md.erb +15 -30
- data/docs/resources/oracledb_session.md.erb +9 -11
- data/docs/resources/os.md.erb +29 -43
- data/docs/resources/os_env.md.erb +29 -44
- data/docs/resources/package.md.erb +33 -42
- data/docs/resources/parse_config.md.erb +5 -25
- data/docs/resources/parse_config_file.md.erb +31 -43
- data/docs/resources/passwd.md.erb +24 -39
- data/docs/resources/pip.md.erb +20 -35
- data/docs/resources/port.md.erb +43 -57
- data/docs/resources/postgres_conf.md.erb +17 -31
- data/docs/resources/postgres_hba_conf.md.erb +26 -38
- data/docs/resources/postgres_ident_conf.md.erb +25 -37
- data/docs/resources/postgres_session.md.erb +15 -29
- data/docs/resources/powershell.md.erb +27 -42
- data/docs/resources/processes.md.erb +17 -33
- data/docs/resources/rabbitmq_config.md.erb +9 -24
- data/docs/resources/registry_key.md.erb +27 -42
- data/docs/resources/runit_service.md.erb +5 -25
- data/docs/resources/security_policy.md.erb +12 -27
- data/docs/resources/service.md.erb +27 -42
- data/docs/resources/shadow.md.erb +20 -35
- data/docs/resources/ssh_config.md.erb +19 -34
- data/docs/resources/sshd_config.md.erb +19 -34
- data/docs/resources/ssl.md.erb +39 -54
- data/docs/resources/sys_info.md.erb +12 -26
- data/docs/resources/systemd_service.md.erb +5 -25
- data/docs/resources/sysv_service.md.erb +5 -25
- data/docs/resources/upstart_service.md.erb +5 -25
- data/docs/resources/user.md.erb +29 -44
- data/docs/resources/users.md.erb +12 -26
- data/docs/resources/vbscript.md.erb +9 -24
- data/docs/resources/virtualization.md.erb +8 -23
- data/docs/resources/windows_feature.md.erb +15 -30
- data/docs/resources/windows_hotfix.md.erb +15 -9
- data/docs/resources/windows_task.md.erb +12 -26
- data/docs/resources/wmi.md.erb +9 -24
- data/docs/resources/x509_certificate.md.erb +4 -0
- data/docs/resources/xinetd_conf.md.erb +65 -80
- data/docs/resources/xml.md.erb +12 -26
- data/docs/resources/yaml.md.erb +12 -27
- data/docs/resources/yum.md.erb +37 -51
- data/docs/resources/zfs_dataset.md.erb +15 -26
- data/docs/resources/zfs_pool.md.erb +9 -20
- data/lib/inspec/backend.rb +8 -0
- data/lib/inspec/profile.rb +9 -1
- data/lib/inspec/shell.rb +13 -13
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +2 -0
- data/lib/resources/etc_hosts.rb +1 -1
- data/lib/resources/host.rb +4 -1
- data/lib/resources/http.rb +173 -23
- data/lib/resources/processes.rb +106 -20
- data/lib/resources/ssh_conf.rb +1 -1
- data/lib/resources/ssl.rb +4 -3
- data/lib/utils/object_traversal.rb +35 -10
- metadata +2 -2
data/lib/resources/ssh_conf.rb
CHANGED
data/lib/resources/ssl.rb
CHANGED
@@ -50,8 +50,6 @@ class SSL < Inspec.resource(1)
|
|
50
50
|
@host = inspec.backend.hostname
|
51
51
|
elsif inspec.backend.class.to_s == 'Train::Transports::Local::Connection'
|
52
52
|
@host = 'localhost'
|
53
|
-
else
|
54
|
-
raise 'Cannot determine host for SSL test. Please specify it or use a different target.'
|
55
53
|
end
|
56
54
|
end
|
57
55
|
@port = opts[:port] || 443
|
@@ -60,11 +58,14 @@ class SSL < Inspec.resource(1)
|
|
60
58
|
end
|
61
59
|
|
62
60
|
filter = FilterTable.create
|
61
|
+
filter.add(:enabled?) do |x|
|
62
|
+
raise 'Cannot determine host for SSL test. Please specify it or use a different target.' if x.resource.host.nil?
|
63
|
+
x.handshake.values.any? { |i| i['success'] }
|
64
|
+
end
|
63
65
|
filter.add_accessor(:where)
|
64
66
|
.add_accessor(:entries)
|
65
67
|
.add(:ciphers, field: 'cipher')
|
66
68
|
.add(:protocols, field: 'protocol')
|
67
|
-
.add(:enabled?) { |x| x.handshake.values.any? { |i| i['success'] } }
|
68
69
|
.add(:handshake) { |x|
|
69
70
|
groups = x.entries.group_by(&:protocol)
|
70
71
|
res = Parallel.map(groups, in_threads: 8) do |proto, e|
|
@@ -3,22 +3,47 @@
|
|
3
3
|
# author: Christoph Hartmann
|
4
4
|
module ObjectTraverser
|
5
5
|
def extract_value(keys, value)
|
6
|
+
return nil if value.nil?
|
7
|
+
|
6
8
|
key = keys.shift
|
7
|
-
return nil if key.nil?
|
9
|
+
return nil if key.nil?
|
8
10
|
|
9
|
-
if value
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
value = value[key.to_s].nil? ? nil : value[key.to_s]
|
17
|
-
end
|
11
|
+
# if the current value is not a Hash or Array, it is undefined
|
12
|
+
# behavior so value will be assigned nil by default.
|
13
|
+
value = if value.is_a?(Array)
|
14
|
+
extract_from_array(key, value)
|
15
|
+
elsif value.is_a?(Hash)
|
16
|
+
extract_from_hash(key, value)
|
17
|
+
end
|
18
18
|
|
19
19
|
# if there are no more keys, just return the value
|
20
20
|
return value if keys.first.nil?
|
21
21
|
# if there are more keys, extract more
|
22
22
|
extract_value(keys.clone, value)
|
23
23
|
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
# If the values to return from is an Array, allow returning by index.
|
28
|
+
# Otherwise, support methods on the Array itself.
|
29
|
+
def extract_from_array(key, value)
|
30
|
+
if key.is_a?(Fixnum)
|
31
|
+
value[key]
|
32
|
+
elsif value.respond_to?(key.to_sym)
|
33
|
+
value.send(key.to_sym)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# for Hashes, try to return the value by the key.
|
38
|
+
# We first try to find by the raw key before we stringify
|
39
|
+
# if the keys themselves are symbols, for example.
|
40
|
+
#
|
41
|
+
# This will return nil default if we can't find the key.
|
42
|
+
def extract_from_hash(key, value)
|
43
|
+
if value.key?(key)
|
44
|
+
value[key]
|
45
|
+
elsif value.key?(key.to_s)
|
46
|
+
value[key.to_s]
|
47
|
+
end
|
48
|
+
end
|
24
49
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.41.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-09
|
11
|
+
date: 2017-10-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train
|