From 1a1e8826a6cca82d5dad434edf9d31ff22a9e1bc Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Thu, 1 Dec 2016 10:41:48 +0000
Subject: [PATCH] Add STIG tests to the security menu

---
 src/freedombone-sec | 56 ++++++++++++++++++++++++++-------------------
 1 file changed, 32 insertions(+), 24 deletions(-)

diff --git a/src/freedombone-sec b/src/freedombone-sec
index 1e813e89..f57036cb 100755
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@@ -756,19 +756,20 @@ function menu_security_settings {
     trap "rm -f $data" 0 1 2 5 15
     dialog --backtitle $"Freedombone Control Panel" \
            --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 19 76 19 \
-           1 $"Show ssh host public key" off \
-           2 $"Password storage" off \
-           3 $"Export passwords" off \
-           4 $"Regenerate ssh host keys" off \
-           5 $"Regenerate Diffie-Hellman keys" off \
-           6 $"Update cipersuite" off \
-           7 $"Create a new Let's Encrypt certificate" off \
-           8 $"Renew Let's Encrypt certificate" off \
-           9 $"Enable GPG based authentication (monkeysphere)" off \
-           10 $"Register a website with monkeysphere" off \
-           11 $"Allow ssh login with passwords" off \
-           12 $"Go Back/Exit" on 2> $data
+           --radiolist $"Choose an operation:" 20 76 20 \
+           1 $"Run STIG tests" off \
+           2 $"Show ssh host public key" off \
+           3 $"Password storage" off \
+           4 $"Export passwords" off \
+           5 $"Regenerate ssh host keys" off \
+           6 $"Regenerate Diffie-Hellman keys" off \
+           7 $"Update cipersuite" off \
+           8 $"Create a new Let's Encrypt certificate" off \
+           9 $"Renew Let's Encrypt certificate" off \
+           10 $"Enable GPG based authentication (monkeysphere)" off \
+           11 $"Register a website with monkeysphere" off \
+           12 $"Allow ssh login with passwords" off \
+           13 $"Go Back/Exit" on 2> $data
     sel=$?
     case $sel in
         1) exit 1;;
@@ -791,46 +792,53 @@ function menu_security_settings {
 
     case $(cat $data) in
         1)
+            clear
+            echo $'Running STIG tests...'
+            echo ''
+            ${PROJECT_NAME}-tests --stig showall
+            exit 0
+            ;;
+        2)
             dialog --title $"SSH host public keys" \
                    --msgbox "\n$(get_ssh_server_key)" 12 60
             exit 0
             ;;
-        2)
+        3)
             store_passwords
             exit 0
             ;;
-        3)
+        4)
             export_passwords
             exit 0
             ;;
-        4)
+        5)
             regenerate_ssh_host_keys
             ;;
-        5)
+        6)
             regenerate_dh_keys
             ;;
-        6)
+        7)
             interactive_setup
             update_ciphersuite
             ;;
-        7)
+        8)
             create_letsencrypt
             ;;
-        8)
+        9)
             renew_letsencrypt
             ;;
-        9)
+        10)
             enable_monkeysphere
             ;;
-        10)
+        11)
             register_website
             ;;
-        11)
+        12)
             allow_ssh_passwords
             change_ssh_settings
             exit 0
             ;;
-        12)
+        13)
             exit 0
             ;;
     esac