"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "include/tests_crypto" between
lynis-3.0.1.tar.gz and lynis-3.0.2.tar.gz

About: Lynis is a security and system auditing tool.

tests_crypto  (lynis-3.0.1):tests_crypto  (lynis-3.0.2)
skipping to change at line 29 skipping to change at line 29
################################################################################ # ################################################################################ #
# #
# Cryptography # Cryptography
# #
################################################################################ # ################################################################################ #
# #
RNG_FOUND=0 RNG_FOUND=0
# #
################################################################################ # ################################################################################ #
# #
InsertSection "Cryptography" InsertSection "${SECTION_CRYPTOGRAPHY}"
# #
################################################################################ # ################################################################################ #
# #
# Test : CRYP-7902 # Test : CRYP-7902
# Description : check for expired SSL certificates # Description : check for expired SSL certificates
if [ -n "${OPENSSLBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi if [ -n "${OPENSSLBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no CRYP-7902 --preqs-met ${PREQS_MET} --weight L --network N O --category security --description "Check expire date of SSL certificates" Register --test-no CRYP-7902 --preqs-met ${PREQS_MET} --weight L --network N O --category security --description "Check expire date of SSL certificates"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
COUNT_EXPIRED=0 COUNT_EXPIRED=0
COUNT_TOTAL=0 COUNT_TOTAL=0
skipping to change at line 248 skipping to change at line 248
fi fi
# #
################################################################################ # ################################################################################ #
# #
# Test : CRYP-8004 # Test : CRYP-8004
# Description : Test for presence of hardware random number generators # Description : Test for presence of hardware random number generators
Register --test-no CRYP-8004 --os Linux --weight L --network NO --root-only NO --category security --description "Presence of hardware random number generat ors" Register --test-no CRYP-8004 --os Linux --weight L --network NO --root-only NO --category security --description "Presence of hardware random number generat ors"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: looking for ${ROOTDIR}sys/class/misc/hw_random/rng_curren t" LogText "Test: looking for ${ROOTDIR}sys/class/misc/hw_random/rng_curren t"
if [ -f "${ROOTDIR}sys/class/misc/hw_random/rng_current" ]; then if [ -f "${ROOTDIR}sys/class/misc/hw_random/rng_current" ]; then
DATA=$(${HEADBINARY} --lines=1 ${ROOTDIR}sys/class/misc/hw_random/rn g_current | ${TRBINARY} -d '[[:cntrl:]]') DATA=$(${HEADBINARY} -n 1 ${ROOTDIR}sys/class/misc/hw_random/rng_cur rent | ${TRBINARY} -d '[[:cntrl:]]')
if [ "${DATA}" != "none" ]; then if [ "${DATA}" != "none" ]; then
LogText "Result: positive match, found RNG: ${DATA}" LogText "Result: positive match, found RNG: ${DATA}"
if IsRunning "rngd"; then if IsRunning "rngd"; then
Display --indent 2 --text "- HW RNG & rngd" --result "${STAT US_YES}" --color GREEN Display --indent 2 --text "- HW RNG & rngd" --result "${STAT US_YES}" --color GREEN
LogText "Result: rngd is running" LogText "Result: rngd is running"
RNG_FOUND=1 RNG_FOUND=1
else else
Display --indent 2 --text "- HW RNG & rngd" --result "${STAT US_NO}" --color YELLOW Display --indent 2 --text "- HW RNG & rngd" --result "${STAT US_NO}" --color YELLOW
# TODO - enable suggestion when website has listing for this control # TODO - enable suggestion when website has listing for this control
# ReportSuggestion "${TEST_NO}" "Utilize hardware random num ber generation by running rngd" # ReportSuggestion "${TEST_NO}" "Utilize hardware random num ber generation by running rngd"
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)