[ADD] HTTP/HTTPS_PROXY env vars setup

[FIX] Default report name in nessus
infobyte · Sep 7, 2020 · 8b2e5b4 · 8b2e5b4
1 parent 65104e8
commit 8b2e5b4
Show file tree

Hide file tree

Showing 8 changed files with 31 additions and 5 deletions.
diff --git a/CHANGELOG/1.3.1/1.proxy_setup.md b/CHANGELOG/1.3.1/1.proxy_setup.md
@@ -0,0 +1 @@
+Add proxy setup by HTTP_PROXY or HTTPS_PROXY environment variables
diff --git a/CHANGELOG/1.3.1/E01.fix_nessus.md b/CHANGELOG/1.3.1/E01.fix_nessus.md
@@ -0,0 +1 @@
+Fix default report name with the nessus executor
diff --git a/CHANGELOG/1.3.1/date.md b/CHANGELOG/1.3.1/date.md
@@ -0,0 +1 @@
+Sep 7th, 2020
diff --git a/CHANGELOG/1.3.1/faraday_version.md b/CHANGELOG/1.3.1/faraday_version.md
@@ -0,0 +1 @@
+[Faraday][faraday] versions: 3.12.0
diff --git a/RELEASE.md b/RELEASE.md
@@ -1,3 +1,9 @@
+1.3.1 [Sep 7th, 2020]:
+---
+ * Add proxy setup by HTTP_PROXY or HTTPS_PROXY environment variables
+ * Fix default report name with the nessus executor
+ * [Faraday][faraday] versions: 3.12.0
+
 1.3.0 [Sep 3rd, 2020]:
 ---
  * An Agent can post data to multiples workspaces

diff --git a/faraday_agent_dispatcher/cli/main.py b/faraday_agent_dispatcher/cli/main.py
@@ -57,7 +57,7 @@ async def main(config_file, logger):
 
     config_file = process_config_file(config_file, logger)
 
-    async with ClientSession(raise_for_status=True) as session:
+    async with ClientSession(raise_for_status=True, trust_env=True) as session:
         try:
             dispatcher = Dispatcher(session, config_file)
         except ValueError as ex:

diff --git a/faraday_agent_dispatcher/dispatcher.py b/faraday_agent_dispatcher/dispatcher.py
@@ -106,14 +106,22 @@ def __init__(self, session, config_path=None):
                 f"SSL cert does not exist in path {ssl_cert_path}"
             )
         self.api_kwargs: Dict[str, object] = {
-            "ssl": ssl.create_default_context(cafile=ssl_cert_path)
+            "ssl": ssl.create_default_context(cafile=ssl_cert_path) if
+            "HTTPS_PROXY" not in os.environ else False
         } \
             if self.api_ssl_enabled and ssl_cert_path \
             else {}
+        if "HTTPS_PROXY" in os.environ:
+            logger.info("HTTPS_PROXY is set; will not do SSL verify")
+            ws_ssl_context = ssl.create_default_context()
+            ws_ssl_context.check_hostname = False
+            ws_ssl_context.verify_mode = ssl.CERT_NONE
+        else:
+            ws_ssl_context = ssl.create_default_context(cafile=ssl_cert_path)
         self.ws_kwargs = {
-            "ssl": ssl.create_default_context(cafile=ssl_cert_path)
+            "ssl": ws_ssl_context
         } \
-            if self.ws_ssl_enabled and ssl_cert_path \
+            if self.ws_ssl_enabled \
             else {}
         self.execution_id = None
         self.executor_tasks: Dict[str, List[Task]] = {

diff --git a/faraday_agent_dispatcher/static/executors/official/nessus.py b/faraday_agent_dispatcher/static/executors/official/nessus.py
@@ -3,13 +3,18 @@
 import sys
 import time
 import requests
+import datetime
 
 from faraday_plugins.plugins.manager import PluginsManager
 
 MAX_TRIES = 3
 TIME_BETWEEN_TRIES = 5
 
 
+def get_report_name():
+    return f"{datetime.datetime.now().timestamp()}-faraday-agent"
+
+
 def nessus_login(url, user, password):
     payload = {'username': user, 'password': password}
     response = requests.post(url + '/session', payload, verify=False)
@@ -234,7 +239,10 @@ def get_x_api_token(url, token):
 
 
 def main():
-    NESSUS_SCAN_NAME = os.getenv("EXECUTOR_CONFIG_NESSUS_SCAN_NAME", 'my_scan')
+    NESSUS_SCAN_NAME = os.getenv(
+        "EXECUTOR_CONFIG_NESSUS_SCAN_NAME",
+        get_report_name()
+    )
     NESSUS_URL = os.getenv("EXECUTOR_CONFIG_NESSUS_URL")  # https://nessus:port
     NESSUS_USERNAME = os.getenv("NESSUS_USERNAME")
     NESSUS_PASSWORD = os.getenv("NESSUS_PASSWORD")
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Add proxy setup by HTTP_PROXY or HTTPS_PROXY environment variables
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Fix default report name with the nessus executor