Add STIG tests to the security menu

2016-12-01 10:41:48 +00:00 · 2016-12-01 10:41:48 +00:00 · 1a1e8826a6
parent 3ae78c3765
commit 1a1e8826a6
1 changed files with 32 additions and 24 deletions
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@ -756,19 +756,20 @@ function menu_security_settings {
    trap "rm -f $data" 0 1 2 5 15
    dialog --backtitle $"Freedombone Control Panel" \
           --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 19 76 19 \
-           1 $"Show ssh host public key" off \
-           2 $"Password storage" off \
-           3 $"Export passwords" off \
-           4 $"Regenerate ssh host keys" off \
-           5 $"Regenerate Diffie-Hellman keys" off \
-           6 $"Update cipersuite" off \
-           7 $"Create a new Let's Encrypt certificate" off \
-           8 $"Renew Let's Encrypt certificate" off \
-           9 $"Enable GPG based authentication (monkeysphere)" off \
-           10 $"Register a website with monkeysphere" off \
-           11 $"Allow ssh login with passwords" off \
-           12 $"Go Back/Exit" on 2> $data
+           --radiolist $"Choose an operation:" 20 76 20 \
+           1 $"Run STIG tests" off \
+           2 $"Show ssh host public key" off \
+           3 $"Password storage" off \
+           4 $"Export passwords" off \
+           5 $"Regenerate ssh host keys" off \
+           6 $"Regenerate Diffie-Hellman keys" off \
+           7 $"Update cipersuite" off \
+           8 $"Create a new Let's Encrypt certificate" off \
+           9 $"Renew Let's Encrypt certificate" off \
+           10 $"Enable GPG based authentication (monkeysphere)" off \
+           11 $"Register a website with monkeysphere" off \
+           12 $"Allow ssh login with passwords" off \
+           13 $"Go Back/Exit" on 2> $data
    sel=$?
    case $sel in
        1) exit 1;;
@ -791,46 +792,53 @@ function menu_security_settings {

    case $(cat $data) in
        1)
+            clear
+            echo $'Running STIG tests...'
+            echo ''
+            ${PROJECT_NAME}-tests --stig showall
+            exit 0
+            ;;
+        2)
            dialog --title $"SSH host public keys" \
                   --msgbox "\n$(get_ssh_server_key)" 12 60
            exit 0
            ;;
-        2)
+        3)
            store_passwords
            exit 0
            ;;
-        3)
+        4)
            export_passwords
            exit 0
            ;;
-        4)
+        5)
            regenerate_ssh_host_keys
            ;;
-        5)
+        6)
            regenerate_dh_keys
            ;;
-        6)
+        7)
            interactive_setup
            update_ciphersuite
            ;;
-        7)
+        8)
            create_letsencrypt
            ;;
-        8)
+        9)
            renew_letsencrypt
            ;;
-        9)
+        10)
            enable_monkeysphere
            ;;
-        10)
+        11)
            register_website
            ;;
-        11)
+        12)
            allow_ssh_passwords
            change_ssh_settings
            exit 0
            ;;
-        12)
+        13)
            exit 0
            ;;
    esac