-
Notifications
You must be signed in to change notification settings - Fork 116
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Update PowerSTIG to include LegacyId to assist in determining Legacy Vuln Ids with the new DISA standard. (#789) * added support for legacyid in processed xml * updated change log * updated tests for legacy id * updated tests to reflect new base rule prop. * Update PowerSTIG to fix LegacyId Logic (#792) * updated legacyid logic * updated changelog * corrected changelog entry * Update PowerSTIG to successfully parse/apply Microsoft Windows 2012 and 2012 R2 MS STIG - Ver 3, Rel 1 (#793) * added support for Win2012R2 MS 3.1 * updated xccdf to have new line based on feedback * updated cert changes from Eric and regen 2012R2 MS * added support for 2012 DC 3.1 (#796) * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2019 STIG - Ver 2, Rel 1 (#794) * initial commit * updated 2019 * updated 2019 MS v2 Stig * updated to use correct convert flow * update changelog.md * fixed merge error * added newline to raw xccdf * added newline Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows Defender Antivirus STIG - Ver 2, Rel 1 (#795) * added support for defender v2 stig * added newline to raw xccdf * updated org settings * removed n-2 processed Co-authored-by: Brian Wilhite <bcwilhite@live.com> * Update PowerSTIG to successfully parse/apply Microsoft Windows 10 STIG - Ver 2, Rel 1 (#797) * initial commit * updated convert * updated disa copy paste error * Update PowerSTIG to successfully parse/apply Microsoft Windows Server 2016 STIG - Ver 2, Rel 1 (#798) * merged 4.7.0 and added 2016 split stig * added support for 2016 MS-DC v2r1 STIG * updated default org settings file * updated Get-StigRule to include legacyid support (#801) * Update PowerSTIG to Parse/Apply Google Chrome V2R1 (#803) * initial commit for Chrome * fixed parse error * fixed rule * added support for chrome * updated changelog * updated key, removed trailing " * removed tabs * updated resource * updated export function * updated * updated based on testing * Updated based on testing * updated tests * updated based on test failure * updated based on testing * updated based on testing * added registry policy file to schema * update based on feedback * updated based on feedback * Fixed 2018 V-205820 to be SecurityOptionRule (#805) * updated changelog and filehash for release Co-authored-by: Eric Jenkins <erjenkin@microsoft.com>
- Loading branch information
Showing
92 changed files
with
85,769 additions
and
78,648 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
configuration Chrome_config | ||
{ | ||
param | ||
( | ||
[Parameter()] | ||
[AllowNull()] | ||
[string] | ||
$TechnologyVersion, | ||
|
||
[Parameter()] | ||
[AllowNull()] | ||
[string] | ||
$TechnologyRole, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[version] | ||
$StigVersion, | ||
|
||
[Parameter()] | ||
[string[]] | ||
$SkipRule, | ||
|
||
[Parameter()] | ||
[string[]] | ||
$SkipRuleType, | ||
|
||
[Parameter()] | ||
[string[]] | ||
$SkipRuleSeverity, | ||
|
||
[Parameter()] | ||
[hashtable] | ||
$Exception, | ||
|
||
[Parameter()] | ||
[object] | ||
$OrgSettings, | ||
|
||
[Parameter()] | ||
[string[]] | ||
$ResourceParameters | ||
) | ||
|
||
Import-DscResource -ModuleName PowerStig | ||
|
||
Node localhost | ||
{ | ||
$psboundParams = $PSBoundParameters | ||
$psboundParams.Remove('TechnologyRole') | ||
$psboundParams.Remove('ConfigurationData') | ||
$psboundParams.Remove('TechnologyVersion') | ||
|
||
$resourceParamString = New-ResourceParameterString -ResourceParameters $ResourceParameters -PSBoundParams $psboundParams | ||
$resourceScriptBlockString = New-ResourceString -ResourceParameterString $resourceParamString -ResourceName Chrome | ||
& ([scriptblock]::Create($resourceScriptBlockString)) | ||
} | ||
} |
47 changes: 47 additions & 0 deletions
47
Tests/Integration/DSCResources/Chrome.integration.tests.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
using module .\helper.psm1 | ||
|
||
$script:DSCCompositeResourceName = ($MyInvocation.MyCommand.Name -split '\.')[0] | ||
. $PSScriptRoot\.tests.header.ps1 | ||
|
||
$configFile = Join-Path -Path $PSScriptRoot -ChildPath "$($script:DSCCompositeResourceName).config.ps1" | ||
. $configFile | ||
|
||
$script:DSCCompositeResourceNameUpdate = "Google-{0}" -f ($MyInvocation.MyCommand.Name -split '\.')[0] | ||
$stigList = Get-StigVersionTable -CompositeResourceName $script:DSCCompositeResourceNameUpdate | ||
$resourceInformation = $global:getDscResource | Where-Object -FilterScript {$PSItem.Name -eq $script:DSCCompositeResourceName} | ||
$resourceParameters = $resourceInformation.Properties.Name | ||
|
||
foreach ($stig in $stigList) | ||
{ | ||
$orgSettingsPath = $stig.Path.Replace('.xml', '.org.default.xml') | ||
$blankSkipRuleId = Get-BlankOrgSettingRuleId -OrgSettingPath $orgSettingsPath | ||
$powerstigXml = [xml](Get-Content -Path $stig.Path) | | ||
Remove-DscResourceEqualsNone | Remove-SkipRuleBlankOrgSetting -OrgSettingPath $orgSettingsPath | ||
|
||
$skipRule = Get-Random -InputObject $powerstigXml.RegistryRule.Rule.id | ||
$skipRuleType = $null | ||
$expectedSkipRuleTypeCount = 0 + $blankSkipRuleId.Count | ||
|
||
$skipRuleMultiple = Get-Random -InputObject $powerstigXml.RegistryRule.Rule.id -Count 2 | ||
$skipRuleTypeMultiple = $null | ||
$expectedSkipRuleTypeMultipleCount = 0 + $blankSkipRuleId.Count | ||
|
||
$singleSkipRuleSeverity = 'CAT_I' | ||
$multipleSkipRuleSeverity = 'CAT_I', 'CAT_II' | ||
$expectedSingleSkipRuleSeverity = Get-CategoryRule -PowerStigXml $powerstigXml -RuleCategory $singleSkipRuleSeverity | ||
$expectedSingleSkipRuleSeverityCount = ($expectedSingleSkipRuleSeverity | Measure-Object).Count + $blankSkipRuleId.Count | ||
$expectedMultipleSkipRuleSeverity = Get-CategoryRule -PowerStigXml $powerstigXml -RuleCategory $multipleSkipRuleSeverity | ||
$expectedMultipleSkipRuleSeverityCount = ($expectedMultipleSkipRuleSeverity | Measure-Object).Count + $blankSkipRuleId.Count | ||
|
||
$getRandomExceptionRuleParams = @{ | ||
RuleType = 'RegistryRule' | ||
PowerStigXml = $powerstigXml | ||
ParameterValue = 1234567 | ||
} | ||
$exception = Get-RandomExceptionRule @getRandomExceptionRuleParams -Count 1 | ||
$exceptionMultiple = Get-RandomExceptionRule @getRandomExceptionRuleParams -Count 2 | ||
$backCompatException = Get-RandomExceptionRule @getRandomExceptionRuleParams -Count 1 -BackwardCompatibility | ||
$backCompatExceptionMultiple = Get-RandomExceptionRule @getRandomExceptionRuleParams -Count 2 -BackwardCompatibility | ||
|
||
. "$PSScriptRoot\Common.integration.ps1" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.