Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-10 07:04:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

Expose additional WinRM options for transport, basic auth, and SSPI (#3669)

Browse source 
Signed-off-by: Noel Georgi <git@frezbo.com>
This commit is contained in:
Noel Georgi 2018-12-20 22:27:53 +05:30 committed by Clinton Wolfe
parent e6311c4410
commit f1fbd518e5
4 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
inspec-core.gemspec
View file

@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
spec.required_ruby_version = '>= 2.3'
spec.add_dependency 'train-core', '~> 1.5', '>= 1.5.11'
spec.add_dependency 'train-core', '~> 1.5', '>= 1.6.3'
spec.add_dependency 'thor', '~> 0.20'
spec.add_dependency 'json', '>= 1.8', '< 3.0'
spec.add_dependency 'method_source', '~> 0.8'

2
inspec.gemspec
View file

@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
spec.required_ruby_version = '>= 2.3'
spec.add_dependency 'train', '~> 1.5', '>= 1.5.11'
spec.add_dependency 'train', '~> 1.5', '>= 1.6.3'
spec.add_dependency 'thor', '~> 0.20'
spec.add_dependency 'json', '>= 1.8', '< 3.0'
spec.add_dependency 'method_source', '~> 0.8'

6
lib/inspec/base_cli.rb
View file

@ -69,6 +69,12 @@ module Inspec
desc: 'Use SSL for transport layer encryption (WinRM).'
option :self_signed, type: :boolean,
desc: 'Allow remote scans with self-signed certificates (WinRM).'
option :winrm_transport, type: :string, default: 'negotiate',
desc: 'Specify which transport to use, defaults to negotiate (WinRM).'
option :winrm_disable_sspi, type: :boolean,
desc: 'Whether to use disable sspi authentication, defaults to false (WinRM).'
option :winrm_basic_auth, type: :boolean,
desc: 'Whether to use basic authentication, defaults to false (WinRM).'
option :json_config, type: :string,
desc: 'Read configuration from JSON file (`-` reads from stdin).'
option :proxy_command, type: :string,

8
test/functional/inspec_exec_test.rb
View file

@ -412,6 +412,14 @@ Test Summary: \e[38;5;41m2 successful\e[0m, 0 failures, 0 skipped\n"
end
end
describe 'when --winrm-transport is used' do
it 'raises an exception when an invalid transport is given' do
out = inspec('exec ' + example_profile + ' -t winrm://administrator@dummy --password dummy --winrm-transport kerberos')
out.exit_status.must_equal 1
out.stderr.must_include "Client error, can't connect to 'winrm' backend: Unsupported transport type: :kerberos\n"
end
end
describe 'with sensitive resources' do
it 'hides sensitive output' do
out = inspec('exec ' + sensitive_profile + ' --no-create-lockfile')