diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2017-02-15 15:14:54 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-02-15 15:14:54 +0300 |
commit | a817bf2f1b14eba1795641034e6d924ddd5b17f1 (patch) | |
tree | ee6e73a0ff1a1284cbca0be9dfd927da8d9ea4dc | |
parent | 0209c6ce906ac58ef48a8cd743f851338360ec35 (diff) |
[SSH-7408] allow filtering for multiple options and new SSH value for PermitRootLogin
-rw-r--r-- | include/tests_ssh | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/include/tests_ssh b/include/tests_ssh index 6823b962..b17997eb 100644 --- a/include/tests_ssh +++ b/include/tests_ssh @@ -118,7 +118,7 @@ LogLevel:VERBOSE,INFO,:=\ MaxAuthTries:1,3,6:<\ MaxSessions:2,4,8:<\ - PermitRootLogin:NO,WITHOUT-PASSWORD,YES:=\ + PermitRootLogin:NO,(PROHIBIT-PASSWORD|WITHOUT-PASSWORD),YES:=\ PermitUserEnvironment:NO,,YES:=\ PermitTunnel:NO,,YES:=\ Port:,,22:!\ @@ -162,7 +162,28 @@ elif [ "${FOUNDVALUE}" = "${WEAKVALUE}" ]; then RESULT="WEAK" else - RESULT="UNKNOWN" + if [ ! -z "${EXPECTEDSCOREDVALUE}" ]; then + LogText "Expected scored value has multiple values, testing if active value is in list (${EXPECTEDSCOREDVALUE})" + FIND=$(echo ${FOUNDVALUE} | ${GREPBINARY} -E "${EXPECTEDSCOREDVALUE}") + if [ $? -eq 0 ]; then + LogText "Result: found" + RESULT="GOOD" + else + LogText "Result: not found" + fi + fi + if [ ! -z "${MEDIUMSCOREDVALUE}" ]; then + LogText "Medium scored value has multiple values, testing if active value is in list (${MEDIUMSCOREDVALUE})" + FIND=$(echo ${FOUNDVALUE} | ${GREPBINARY} -E "${MEDIUMSCOREDVALUE}") + if [ $? -eq 0 ]; then + LogText "Result: found" + RESULT="MIDSCORED" + else + LogText "Result: not found" + fi + fi + # Set result to weak if we can't find any matches + if [ "${RESULT}" = "NONE" ]; then RESULT="WEAK"; fi fi elif [ "${TESTTYPE}" = "<" ]; then |