tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-24 06:14:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17 from d4t4king/master

Browse Source 
Tweaked nginx protocol check so it actually works. Added insecure prototocols.
This commit is contained in:
Michael Boelen 2014-10-09 00:16:44 +02:00
commit 1586332342
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/functions
View File

@ -824,6 +824,7 @@
if [ "${VALUE}" = "on" ]; then NGINX_SSL_PREFER_SERVER_CIPHERS=1; fi if [ "${VALUE}" = "on" ]; then NGINX_SSL_PREFER_SERVER_CIPHERS=1; fi
;; ;;
ssl_protocols) ssl_protocols)
NGINX_SSL_PROTOCOLS=1
;; ;;
ssl_session_cache) ssl_session_cache)
;; ;;

6
include/tests_webservers
View File

@ -501,6 +501,12 @@
if [ ${NGINX_SSL_PROTOCOLS} -eq 1 ]; then if [ ${NGINX_SSL_PROTOCOLS} -eq 1 ]; then
Display --indent 8 --text "- Protocols configured" --result "YES" --color GREEN Display --indent 8 --text "- Protocols configured" --result "YES" --color GREEN
FIND=`${GREPBINARY} "ssl_protocols" ${NGINX_CONF_LOCATION} | ${GREPBINARY} "SSLv[12]"`
if [ "${FIND}" = "" ]; then
Display --indent 10 --text "- Insecure protocols found" --result "NO" --color GREEN
else
Display --indent 10 --text "- Insecure protocols found" --result "YES" --color RED
fi
else else
Display --indent 8 --text "- Protocols configured" --result "NO" --color RED Display --indent 8 --text "- Protocols configured" --result "NO" --color RED
NGINX_SSL_SUGGESTION=1 NGINX_SSL_SUGGESTION=1