forked from ComplianceAsCode/content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
shared.xml
32 lines (29 loc) · 1.85 KB
/
shared.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
<def-group>
<definition class="compliance" id="sshd_disable_compression" version="1">
{{{ oval_metadata("SSH should either have compression disabled or set to delayed.") }}}
<criteria comment="SSH is configured correctly or is not installed"
operator="OR">
<criteria comment="sshd is not installed" operator="AND">
<extend_definition comment="sshd is not required or requirement is unset"
definition_ref="sshd_not_required_or_unset" />
<extend_definition comment="rpm package openssh-server removed"
definition_ref="package_openssh-server_removed" />
</criteria>
<criteria comment="sshd is installed and configured" operator="AND">
<extend_definition comment="sshd is required or requirement is unset"
definition_ref="sshd_required_or_unset" />
<extend_definition comment="rpm package openssh-server installed"
definition_ref="package_openssh-server_installed" />
<criterion comment="Check Compression in /etc/ssh/sshd_config"
test_ref="test_sshd_disable_compression" />
</criteria>
<extend_definition comment="OpenSSH version 7.4 or higher contains fix for authentication Compression exploit" definition_ref="sshd_version_equal_or_higher_than_74" />
</criteria>
</definition>
{{{ oval_line_in_file_test(path='/etc/ssh/sshd_config', parameter='Compression') }}}
{{{ oval_line_in_file_object(path='/etc/ssh/sshd_config', prefix_regex="^[ \\t]*", parameter='Compression', separator_regex='[ \\t]+') }}}
<ind:textfilecontent54_state id="state_sshd_disable_compression" version="1">
<ind:subexpression operation="equals" var_ref="var_sshd_disable_compression" />
</ind:textfilecontent54_state>
<external_variable comment="external variable for the desired value of Compression" datatype="string" id="var_sshd_disable_compression" version="1" />
</def-group>