Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-07-24 | Use posix egrep options, fixing issue #1166 | Zachary Lee Andrews | |
2021-03-04 | Check MemoryOverwriteRequest Control | Nicolai Søborg | |
2021-01-07 | Preparation for release 3.0.3 | Michael Boelen | |
2020-10-22 | Merge pull request #1044 from delscate/master | Michael Boelen | |
Fix wc and head cmd when using busybox | |||
2020-10-22 | Add translate function for all sections | Stéphane | |
+ add EN and FR up to date languages files | |||
2020-10-19 | Fix head cmd with busybox | Fabien Lehoussel | |
2020-10-02 | Resolved merge conflict | Michael Boelen | |
2020-10-02 | Updated log | Michael Boelen | |
2020-09-03 | Don't provide suggestion to install pseudo rng at this moment | Michael Boelen | |
2020-08-07 | Merge pull request #913 from topimiettinen/check-der-certs | Michael Boelen | |
[CRYP-7902] Check also certificates in DER format | |||
2020-06-21 | fix stderr output from cryptsetup status | Steve8291 | |
Redirected stderr to /dev/null to silence output of `cryptsetup status /swap.img` This was causing error output from my cron script. Otherwise, if the swap file is not encrypted then the following error will be printed: `Device swap.img not found` | |||
2020-04-25 | [CRYP-7902] Check also certificates in DER format | Topi Miettinen | |
Check also certificates in DER (*.cer, *.der) format. Add /etc/refind.d/keys to list of certificate paths. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-04-12 | Merge pull request #883 from topimiettinen/check-encrypted-swap-devices | Michael Boelen | |
Check if system uses encrypted swap devices | |||
2020-04-09 | Merge pull request #882 from topimiettinen/check-package-certificates | Michael Boelen | |
[CRYP-7902] Check also certificates provided by packages | |||
2020-04-08 | [CRYP-7902] Fixes issue #902 | Martin Churchill | |
[CRYP-7902] Checks for SSL_CERTIFICATE_PATHS_TO_IGNORE fails to ignore sub-directories #902 | |||
2020-04-02 | [CRYP-7902] Optionally check also certificates provided by packages | Topi Miettinen | |
The package maintainers are not immune to mistakes or they might not always provide timely updates, so let's check (optionally) more certificates even if they are delivered by packages. I found three expired certificates in my Debian/unstable system, thanks to changed Lynis. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-27 | Check if system uses encrypted swap devices | Topi Miettinen | |
Add test CRYP-7931 to check if the system uses any encrypted swap devices. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-23 | Removed incorrect process name from list, enable --full as it is required ↵ | Michael Boelen | |
for matching jitterentropy-rngd | |||
2020-03-23 | [CRYP-8005] added haveged, match against process name instead of full ↵ | Michael Boelen | |
command line, code cleanup | |||
2020-03-21 | Check for software pseudo random number generators | Topi Miettinen | |
Check for running audio-entropyd, havegd or jitterentropy-rngd. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
2020-03-20 | Updated date/year | Michael Boelen | |
2020-02-15 | [CRYP-8004] enhanced after pulling in initital test | Michael Boelen | |
2020-01-06 | Added CRYP-8004 | pyllyukko | |
2019-12-18 | Code style improvement: quote argument | Michael Boelen | |
2019-10-19 | fix for #781 - run lsblk without --paths | Kristian Schuster | |
2019-09-29 | crypto-test: suppress errors when devs are not accessible for cryptsetup | Kristian Schuster | |
2019-09-02 | [CRYP-7930] replaced incorrect PATH column with alternative | Michael Boelen | |
2019-08-29 | Added CRYP-8002 | Michael Boelen | |
2019-08-21 | Updated forensics variable | Michael Boelen | |
2019-08-21 | [CRYP-7930] extend test to use cryptsetup/lsblk or crypttab file | Michael Boelen | |
2019-08-21 | Merge pull request #731 from chr0mag/cryp-7930 | Michael Boelen | |
[CRYP-7930] Modify to use 'lsblk' and 'cryptsetup' | |||
2019-07-26 | Combined sort and uniq to sort -u | Michael Boelen | |
2019-07-18 | Add FOUND var to unset list | Julian Phillips | |
2019-07-18 | [CRYP-7930] Modify to use 'lsblk' and 'cryptsetup' | Julian Phillips | |
There are several challenges with the existing method of using /etc/crypttab: 1)encrypted rootfs partitions are not typically listed in this file (users are prompted for password in early boot instead) 2)the 'luks' option is the default option so it is possible for /etc/crypttab entries to never have this set explicitly and any block device configured as such will be missed currently 3)any device mounted manually, or using any other mechanism aside from /etc/crypttab will be missed This commit executes 'cryptsetup isLuks' on every block device in the system to determine whether it is a LUKS device. This handles all 3 cases mentioned above. Test case wording was also updated to reflect the fact that it only checks for LUKS entrypted block devices. So, plain dm-crypt and TrueCrypt/VeraCrypt block device encryption is not detected. Nor is any file system level encryption such as eCryptfs, EncFs, gocryptfs. | |||
2019-07-16 | Use -n instead of ! -z | Michael Boelen | |
2019-07-09 | [CRYP-7903] enhanced test to properly work | Michael Boelen | |
2019-07-09 | Added CRYP-7930 | Michael Boelen | |
2019-07-08 | Fix for incorrect subdirectory retrieval and adding enhancement to reduce ↵ | Michael Boelen | |
number of evaluations needed | |||
2019-07-08 | New profile option to ignore specified certificate directories | Michael Boelen | |
2019-01-31 | Changed year and preparing for new release | Michael Boelen | |
2018-03-05 | [CRYP-7902] - Do prevalidation for certificates before testing them | Michael Boelen | |
2018-01-11 | Changed year | Michael Boelen | |
2017-09-06 | [CRYP-7902] fix for bourne shell and rewrite | Michael Boelen | |
2017-08-29 | Support spaces in file names (#444) | Bruno Vernay | |
File names may contain spaces | |||
2017-08-18 | [CRYP-7902] add a test to filter out non-certificate files | Michael Boelen | |
2017-08-18 | [CRYP-7902] certificate validation changed | Michael Boelen | |
2017-07-18 | [CRYP-7902] prevent test from showing error on screen related to wrong ↵ | Michael Boelen | |
certificate file | |||
2017-05-31 | A250 2 (#398) | mslifcak | |
* fix missing ROOTDIR prefix * sort list of services before processing * sort list of certificates before processing * sort list of startup scripts before processing * spell check * remove possessive pronoun | |||
2017-05-23 | 250 fixes (#393) | mslifcak | |
* restore use of lshw * add ROOTDIR to restore lost PHP file ref * refactor certificate search to benefit older "find" command | |||
2017-03-14 | [CRYP-7902] Support for Plesk file names | Michael Boelen | |