Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V-73611: Current test code error prone #19

Closed
rx294 opened this issue Oct 23, 2019 · 1 comment · Fixed by #5
Closed

V-73611: Current test code error prone #19

rx294 opened this issue Oct 23, 2019 · 1 comment · Fixed by #5
Assignees
@kkola
Labels
enhancement New feature or request

Comments

@rx294
Copy link
Collaborator

rx294 commented Oct 23, 2019

V-73611: Current test code error prone because it relized on comparison to a null string...

suggested test code

 Get-ChildItem -Path Cert:\LocalMachine\ | ConvertTo-Json
.
.
.
    {
        "StoreHandle":  null,
        "Location":  2,
        "Name":  "My",
        "Certificates":  [

                         ],
        "PSPath":  "Microsoft.PowerShell.Security\\Certificate::My",
        "PSParentPath":  "",
        "PSChildName":  "My",
        "PSDrive":  {
                        "CurrentLocation":  "",
                        "Name":  "Cert",
                        "Provider":  "Microsoft.PowerShell.Security\\Certificate",
                        "Root":  "\\",
                        "Description":  "X509 Certificate Provider",
                        "MaximumSize":  null,
                        "Credential":  "System.Management.Automation.PSCredential",
                        "DisplayRoot":  null
                    },
        "PSProvider":  {
                           "ImplementingType":  "Microsoft.PowerShell.Commands.CertificateProvider",
                           "HelpFile":  "Microsoft.PowerShell.Security.dll-Help.xml",
                           "Name":  "Certificate",
                           "PSSnapIn":  null,
                           "ModuleName":  "Microsoft.PowerShell.Security",
                           "Module":  "Microsoft.PowerShell.Security",
                           "Description":  "",
                           "Capabilities":  16,
                           "Home":  "",
                           "Drives":  "Cert"
                       },
        "PSIsContainer":  true
    },
.
.
.
.
@rx294 rx294 added the enhancement New feature or request label Oct 23, 2019
kkola added a commit that referenced this issue Oct 24, 2019
@kkola
fix for issue #19
02108ba
@kkola
Copy link
Collaborator

kkola commented Oct 24, 2019

02108ba attempts to fix the issue, but I'm unsure of any other mechanism of checking for the right certificate other than comparing the output against empty string

@kkola kkola mentioned this issue Feb 10, 2020
Merged
aaronlippold added a commit that referenced this issue Feb 10, 2020
@kkola @rx294 @aaronlippold
control fixes for existing controls (#5)
7724823 
* first simple pass for the profile

* update 73615 to use Windows 2016 PS commands

* change attributes to inputs

* move attributes to inside the control code

* updates related to legal notice text and caption

* update 73221 to correct domain roles and AD check

* update 73259 to check for DC role

* update 73261 to account for DC role

* update 73387 with inputs for MaxConnIdleTime

* update LegalNoticeCaption input for 73649

* update 73607 check for DoD interoperabilty certs

* update 78127 language

* control updates to 73785 and 73803

* update 73783

* update 73775 to NOT a domain controller check

* check for AD only system in 73771

* check for 73775 for AD only flag

* read AD only flag for 73775

* check for AD in 73759

* update 73749 to use 'be_in'

* update 73733 to use 'be_in'

* update 73731 to use 'be_in'

* minor edits to 73379

* check for SMBv1 in 78123 and 78125

* add check for no accounts or groups to 73783

* Update Review.md

* Update Review.md

* Update Review.md

* address incorrect if statement issue #6

* fix incorrect NIST tag issue #7

* fix temporary account check. issue #8

* fixes issue #9

* Update Review.md

* Update Review.md

* Update Review.md

* fix for issue #11

* Update Review.md

* fix issue #12

* fix issue #13

* fix issue #13

* fix issue #17

* fix issue #18

* fix for issue #19

* fix issue #16: NIST tag duplication (#20)

* v-73607: minor edit; v-73223: account all systems

* update V-73231

* update V-73247

* update V-73391

* minor edit to v-73391

* update V-73391 to be more readable

* update V-73249

* update v-73249 and v-73251

* update V-73249 and V-73251

* remove commented lines from V-73251

* update V-73253

* remove comments

* update V-73255

* remove comments

* update V-73369

* update V-73381

* update V-73375

* fixes issue #22

* update V-73255 for readability

* control fixes so inspec v4.18 can run execute (#21)

* control fixes so inspec v4.18 can run execute

* update inspec.yml

* fixes for issue #14

* fixes for issue #15

* fix for issue #14

Co-authored-by: Rony Xavier <rx294@nyu.edu>
Co-authored-by: Aaron Lippold <lippold@gmail.com>
aaronlippold added a commit that referenced this issue Feb 10, 2020
@aaronlippold @kkola @rx294
Merge from Dev into master (#25)
18967b1 
* first simple pass for the profile

* update 73615 to use Windows 2016 PS commands

* change attributes to inputs

* move attributes to inside the control code

* updates related to legal notice text and caption

* update 73221 to correct domain roles and AD check

* update 73259 to check for DC role

* update 73261 to account for DC role

* update 73387 with inputs for MaxConnIdleTime

* update LegalNoticeCaption input for 73649

* update 73607 check for DoD interoperabilty certs

* update 78127 language

* control updates to 73785 and 73803

* update 73783

* update 73775 to NOT a domain controller check

* check for AD only system in 73771

* check for 73775 for AD only flag

* read AD only flag for 73775

* check for AD in 73759

* update 73749 to use 'be_in'

* update 73733 to use 'be_in'

* update 73731 to use 'be_in'

* minor edits to 73379

* check for SMBv1 in 78123 and 78125

* add check for no accounts or groups to 73783

* Update Review.md

* Update Review.md

* Update Review.md

* address incorrect if statement issue #6

* fix incorrect NIST tag issue #7

* fix temporary account check. issue #8

* fixes issue #9

* Update Review.md

* Update Review.md

* Update Review.md

* fix for issue #11

* Update Review.md

* fix issue #12

* fix issue #13

* fix issue #13

* fix issue #17

* fix issue #18

* fix for issue #19

* fix issue #16: NIST tag duplication (#20)

* v-73607: minor edit; v-73223: account all systems

* update V-73231

* update V-73247

* update V-73391

* minor edit to v-73391

* update V-73391 to be more readable

* update V-73249

* update v-73249 and v-73251

* update V-73249 and V-73251

* remove commented lines from V-73251

* update V-73253

* remove comments

* update V-73255

* remove comments

* update V-73369

* update V-73381

* update V-73375

* fixes issue #22

* update V-73255 for readability

* control fixes so inspec v4.18 can run execute (#21)

* control fixes so inspec v4.18 can run execute

* update inspec.yml

* fixes for issue #14

* fixes for issue #15

* fix for issue #14

* update check, fix tags to use new  desc format (#23)

Co-authored-by: Krishna Kola <kkola@digitalinfuzion.com>
Co-authored-by: Rony Xavier <rx294@nyu.edu>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkola kkola

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

control fixes for existing controls mitre/microsoft-windows-server-2016-stig-baseline
2 participants
@kkola @rx294