From 7283328203de4efd6120464fa329fc24e9703eca Mon Sep 17 00:00:00 2001 From: Carlos Matos Date: Fri, 27 Oct 2023 12:42:02 -0400 Subject: [PATCH] Sechub code updates (#258) * fix(SecurityHub): AZ was being hardcoded in cft template * fix(SecurityHub): now works with IMDSv1 and 2 * fix(SecurityHub): minor updates for sechub integration * feat(SecurityHub): new installer based on code changes --- Security-Hub/VERSION | 2 +- .../security-hub-integration.yaml | 2 +- Security-Hub/credvault.py | 44 +- Security-Hub/install/install.sh | 4 +- .../install/sechub-2.0.39-install.run | 751 ++++++++++++++++++ .../install/sechub-2.0.latest-install.run | 82 +- Security-Hub/main.py | 4 +- 7 files changed, 841 insertions(+), 48 deletions(-) create mode 100755 Security-Hub/install/sechub-2.0.39-install.run diff --git a/Security-Hub/VERSION b/Security-Hub/VERSION index 2ff92571..686bbbe8 100644 --- a/Security-Hub/VERSION +++ b/Security-Hub/VERSION @@ -1 +1 @@ -2.0.38 +2.0.39 diff --git a/Security-Hub/cloudformation/security-hub-integration.yaml b/Security-Hub/cloudformation/security-hub-integration.yaml index a1717920..a3b238c1 100644 --- a/Security-Hub/cloudformation/security-hub-integration.yaml +++ b/Security-Hub/cloudformation/security-hub-integration.yaml @@ -52,7 +52,7 @@ Resources: SubnetA: Type: AWS::EC2::Subnet Properties: - AvailabilityZone: us-west-2a + AvailabilityZone: !Select [0, !GetAZs ''] VpcId: !Ref VPC CidrBlock: 10.0.0.0/24 MapPublicIpOnLaunch: true diff --git a/Security-Hub/credvault.py b/Security-Hub/credvault.py index c9d67ce0..644e6bd9 100644 --- a/Security-Hub/credvault.py +++ b/Security-Hub/credvault.py @@ -1,6 +1,7 @@ """Credential / configuration lookup handler.""" import urllib import json +import requests import boto3 @@ -9,10 +10,8 @@ class CredVault(): # pylint: disable=R0902 def __init__(self, logger): """Init the object and base parameters.""" - region_lookup = "http://169.254.169.254/latest/meta-data/placement/availability-zone" - with urllib.request.urlopen(region_lookup) as region_check: - self.region = region_check.read().decode()[:-1] self.logger = logger + self.region = self._get_region() self.falcon_client_id = None self.falcon_client_secret = None self.app_id = None @@ -22,6 +21,45 @@ def __init__(self, logger): self.confirm_provider = None self.ssl_verify = None + # We need to get the region depending on the version of IMDS + # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html + + def _get_region(self): + """ + Retrieve the region from IMDS. + This function will check the version of IMDS and retrieve the region. + """ + # Define the URLs and headers + token_url = "http://169.254.169.254/latest/api/token" + token_headers = {"X-aws-ec2-metadata-token-ttl-seconds": "21600"} + region_url = "http://169.254.169.254/latest/meta-data/placement/availability-zone" + + # Attempting a GET request for IMDSv1 + try: + with urllib.request.urlopen(region_url, timeout=5) as region_check: + region = region_check.read().decode()[:-1] + return region + except urllib.error.HTTPError: + self.logger.status_write("Failed to retrieve region with IMDSv1. Attempting IMDSv2.") + + # Try IMDSv2 + try: + token_response = requests.put(token_url, headers=token_headers, timeout=5) + token_response.raise_for_status() # Raise an exception for HTTP errors + token = token_response.text + # Using the token to access the region information + region_response = requests.get( + region_url, + headers={"X-aws-ec2-metadata-token": token}, + timeout=5 + ) + region_response.raise_for_status() # Raise an exception for HTTP errors + region = region_response.text[:-1] + return region + except requests.exceptions.RequestException as e: + self.logger.status_write("Failed to retrieve region with IMDSv2. Exiting.") + raise SystemExit(e) from e + def get_parameter(self, param_name): """ This function reads a secure parameter from AWS' SSM service. diff --git a/Security-Hub/install/install.sh b/Security-Hub/install/install.sh index b8481304..bea4d35e 100644 --- a/Security-Hub/install/install.sh +++ b/Security-Hub/install/install.sh @@ -7,7 +7,7 @@ then groupadd fig adduser -g fig fig echo "Installing pre-requisites" - yum -y install python3 + yum -y install python3 python3-pip sudo -u fig pip3 install --user crowdstrike-falconpy sudo -u fig pip3 install --user boto3 echo "Setting permissions" @@ -25,4 +25,4 @@ then echo "Installation complete" else echo "This script must be executed as root. Perhaps try sudo?" -fi \ No newline at end of file +fi diff --git a/Security-Hub/install/sechub-2.0.39-install.run b/Security-Hub/install/sechub-2.0.39-install.run new file mode 100755 index 00000000..f19ec13c --- /dev/null +++ b/Security-Hub/install/sechub-2.0.39-install.run @@ -0,0 +1,751 @@ +#!/bin/sh +# This script was generated using Makeself 2.5.0 +# The license covering this archive and its contents, if any, is wholly independent of the Makeself license (GPL) + +ORIG_UMASK=`umask` +if test "y" = n; then + umask 077 +fi + +CRCsum="1275904472" +MD5="f18f32ba175d65efdefc9eb8ab77f5c1" +SHA="0000000000000000000000000000000000000000000000000000000000000000" +SIGNATURE="" +TMPROOT=${TMPDIR:=/tmp} +USER_PWD="$PWD" +export USER_PWD +ARCHIVE_DIR=`dirname "$0"` +export ARCHIVE_DIR + +label="Falcon Integration Gateway 2.0" +script="sudo" +scriptargs="./install.sh" +cleanup_script="" +licensetxt="" +helpheader="" +targetdir="build" +filesizes="9092" +totalsize="9092" +keep="n" +nooverwrite="n" +quiet="n" +accept="n" +nodiskspace="n" +export_conf="n" +decrypt_cmd="" +skip="716" + +print_cmd_arg="" +if type printf > /dev/null; then + print_cmd="printf" +elif test -x /usr/ucb/echo; then + print_cmd="/usr/ucb/echo" +else + print_cmd="echo" +fi + +if test -d /usr/xpg4/bin; then + PATH=/usr/xpg4/bin:$PATH + export PATH +fi + +if test -d /usr/sfw/bin; then + PATH=$PATH:/usr/sfw/bin + export PATH +fi + +unset CDPATH + +MS_Printf() +{ + $print_cmd $print_cmd_arg "$1" +} + +MS_PrintLicense() +{ + PAGER=${PAGER:=more} + if test x"$licensetxt" != x; then + PAGER_PATH=`exec <&- 2>&-; which $PAGER || command -v $PAGER || type $PAGER` + if test -x "$PAGER_PATH"; then + echo "$licensetxt" | $PAGER + else + echo "$licensetxt" + fi + if test x"$accept" != xy; then + while true + do + MS_Printf "Please type y to accept, n otherwise: " + read yn + if test x"$yn" = xn; then + keep=n + eval $finish; exit 1 + break; + elif test x"$yn" = xy; then + break; + fi + done + fi + fi +} + +MS_diskspace() +{ + ( + df -k "$1" | tail -1 | awk '{ if ($4 ~ /%/) {print $3} else {print $4} }' + ) +} + +MS_dd() +{ + blocks=`expr $3 / 1024` + bytes=`expr $3 % 1024` + # Test for ibs, obs and conv feature + if dd if=/dev/zero of=/dev/null count=1 ibs=512 obs=512 conv=sync 2> /dev/null; then + dd if="$1" ibs=$2 skip=1 obs=1024 conv=sync 2> /dev/null | \ + { test $blocks -gt 0 && dd ibs=1024 obs=1024 count=$blocks ; \ + test $bytes -gt 0 && dd ibs=1 obs=1024 count=$bytes ; } 2> /dev/null + else + dd if="$1" bs=$2 skip=1 2> /dev/null + fi +} + +MS_dd_Progress() +{ + if test x"$noprogress" = xy; then + MS_dd "$@" + return $? + fi + file="$1" + offset=$2 + length=$3 + pos=0 + bsize=4194304 + while test $bsize -gt $length; do + bsize=`expr $bsize / 4` + done + blocks=`expr $length / $bsize` + bytes=`expr $length % $bsize` + ( + dd ibs=$offset skip=1 count=1 2>/dev/null + pos=`expr $pos \+ $bsize` + MS_Printf " 0%% " 1>&2 + if test $blocks -gt 0; then + while test $pos -le $length; do + dd bs=$bsize count=1 2>/dev/null + pcent=`expr $length / 100` + pcent=`expr $pos / $pcent` + if test $pcent -lt 100; then + MS_Printf "\b\b\b\b\b\b\b" 1>&2 + if test $pcent -lt 10; then + MS_Printf " $pcent%% " 1>&2 + else + MS_Printf " $pcent%% " 1>&2 + fi + fi + pos=`expr $pos \+ $bsize` + done + fi + if test $bytes -gt 0; then + dd bs=$bytes count=1 2>/dev/null + fi + MS_Printf "\b\b\b\b\b\b\b" 1>&2 + MS_Printf " 100%% " 1>&2 + ) < "$file" +} + +MS_Help() +{ + cat << EOH >&2 +Makeself version 2.5.0 + 1) Getting help or info about $0 : + $0 --help Print this message + $0 --info Print embedded info : title, default target directory, embedded script ... + $0 --lsm Print embedded lsm entry (or no LSM) + $0 --list Print the list of files in the archive + $0 --check Checks integrity of the archive + $0 --verify-sig key Verify signature agains a provided key id + + 2) Running $0 : + $0 [options] [--] [additional arguments to embedded script] + with following options (in that order) + --confirm Ask before running embedded script + --quiet Do not print anything except error messages + --accept Accept the license + --noexec Do not run embedded script (implies --noexec-cleanup) + --noexec-cleanup Do not run embedded cleanup script + --keep Do not erase target directory after running + the embedded script + --noprogress Do not show the progress during the decompression + --nox11 Do not spawn an xterm + --nochown Do not give the target folder to the current user + --chown Give the target folder to the current user recursively + --nodiskspace Do not check for available disk space + --target dir Extract directly to a target directory (absolute or relative) + This directory may undergo recursive chown (see --nochown). + --tar arg1 [arg2 ...] Access the contents of the archive through the tar command + --ssl-pass-src src Use the given src as the source of password to decrypt the data + using OpenSSL. See "PASS PHRASE ARGUMENTS" in man openssl. + Default is to prompt the user to enter decryption password + on the current terminal. + --cleanup-args args Arguments to the cleanup script. Wrap in quotes to provide + multiple arguments. + -- Following arguments will be passed to the embedded script${helpheader} +EOH +} + +MS_Verify_Sig() +{ + GPG_PATH=`exec <&- 2>&-; which gpg || command -v gpg || type gpg` + MKTEMP_PATH=`exec <&- 2>&-; which mktemp || command -v mktemp || type mktemp` + test -x "$GPG_PATH" || GPG_PATH=`exec <&- 2>&-; which gpg || command -v gpg || type gpg` + test -x "$MKTEMP_PATH" || MKTEMP_PATH=`exec <&- 2>&-; which mktemp || command -v mktemp || type mktemp` + offset=`head -n "$skip" "$1" | wc -c | sed "s/ //g"` + temp_sig=`mktemp -t XXXXX` + echo $SIGNATURE | base64 --decode > "$temp_sig" + gpg_output=`MS_dd "$1" $offset $totalsize | LC_ALL=C "$GPG_PATH" --verify "$temp_sig" - 2>&1` + gpg_res=$? + rm -f "$temp_sig" + if test $gpg_res -eq 0 && test `echo $gpg_output | grep -c Good` -eq 1; then + if test `echo $gpg_output | grep -c $sig_key` -eq 1; then + test x"$quiet" = xn && echo "GPG signature is good" >&2 + else + echo "GPG Signature key does not match" >&2 + exit 2 + fi + else + test x"$quiet" = xn && echo "GPG signature failed to verify" >&2 + exit 2 + fi +} + +MS_Check() +{ + OLD_PATH="$PATH" + PATH=${GUESS_MD5_PATH:-"$OLD_PATH:/bin:/usr/bin:/sbin:/opt/homebrew/ssl/bin:/opt/homebrew/bin:/opt/openssl/bin"} + MD5_ARG="" + MD5_PATH=`exec <&- 2>&-; which md5sum || command -v md5sum || type md5sum` + test -x "$MD5_PATH" || MD5_PATH=`exec <&- 2>&-; which md5 || command -v md5 || type md5` + test -x "$MD5_PATH" || MD5_PATH=`exec <&- 2>&-; which digest || command -v digest || type digest` + PATH="$OLD_PATH" + + SHA_PATH=`exec <&- 2>&-; which shasum || command -v shasum || type shasum` + test -x "$SHA_PATH" || SHA_PATH=`exec <&- 2>&-; which sha256sum || command -v sha256sum || type sha256sum` + + if test x"$quiet" = xn; then + MS_Printf "Verifying archive integrity..." + fi + offset=`head -n "$skip" "$1" | wc -c | sed "s/ //g"` + fsize=`cat "$1" | wc -c | sed "s/ //g"` + if test $totalsize -ne `expr $fsize - $offset`; then + echo " Unexpected archive size." >&2 + exit 2 + fi + verb=$2 + i=1 + for s in $filesizes + do + crc=`echo $CRCsum | cut -d" " -f$i` + if test -x "$SHA_PATH"; then + if test x"`basename $SHA_PATH`" = xshasum; then + SHA_ARG="-a 256" + fi + sha=`echo $SHA | cut -d" " -f$i` + if test x"$sha" = x0000000000000000000000000000000000000000000000000000000000000000; then + test x"$verb" = xy && echo " $1 does not contain an embedded SHA256 checksum." >&2 + else + shasum=`MS_dd_Progress "$1" $offset $s | eval "$SHA_PATH $SHA_ARG" | cut -b-64`; + if test x"$shasum" != x"$sha"; then + echo "Error in SHA256 checksums: $shasum is different from $sha" >&2 + exit 2 + elif test x"$quiet" = xn; then + MS_Printf " SHA256 checksums are OK." >&2 + fi + crc="0000000000"; + fi + fi + if test -x "$MD5_PATH"; then + if test x"`basename $MD5_PATH`" = xdigest; then + MD5_ARG="-a md5" + fi + md5=`echo $MD5 | cut -d" " -f$i` + if test x"$md5" = x00000000000000000000000000000000; then + test x"$verb" = xy && echo " $1 does not contain an embedded MD5 checksum." >&2 + else + md5sum=`MS_dd_Progress "$1" $offset $s | eval "$MD5_PATH $MD5_ARG" | cut -b-32`; + if test x"$md5sum" != x"$md5"; then + echo "Error in MD5 checksums: $md5sum is different from $md5" >&2 + exit 2 + elif test x"$quiet" = xn; then + MS_Printf " MD5 checksums are OK." >&2 + fi + crc="0000000000"; verb=n + fi + fi + if test x"$crc" = x0000000000; then + test x"$verb" = xy && echo " $1 does not contain a CRC checksum." >&2 + else + sum1=`MS_dd_Progress "$1" $offset $s | CMD_ENV=xpg4 cksum | awk '{print $1}'` + if test x"$sum1" != x"$crc"; then + echo "Error in checksums: $sum1 is different from $crc" >&2 + exit 2 + elif test x"$quiet" = xn; then + MS_Printf " CRC checksums are OK." >&2 + fi + fi + i=`expr $i + 1` + offset=`expr $offset + $s` + done + if test x"$quiet" = xn; then + echo " All good." + fi +} + +MS_Decompress() +{ + if test x"$decrypt_cmd" != x""; then + { eval "$decrypt_cmd" || echo " ... Decryption failed." >&2; } | eval "gzip -cd" + else + eval "gzip -cd" + fi + + if test $? -ne 0; then + echo " ... Decompression failed." >&2 + fi +} + +UnTAR() +{ + if test x"$quiet" = xn; then + tar $1vf - 2>&1 || { echo " ... Extraction failed." >&2; kill -15 $$; } + else + tar $1f - 2>&1 || { echo Extraction failed. >&2; kill -15 $$; } + fi +} + +MS_exec_cleanup() { + if test x"$cleanup" = xy && test x"$cleanup_script" != x""; then + cleanup=n + cd "$tmpdir" + eval "\"$cleanup_script\" $scriptargs $cleanupargs" + fi +} + +MS_cleanup() +{ + echo 'Signal caught, cleaning up' >&2 + MS_exec_cleanup + cd "$TMPROOT" + rm -rf "$tmpdir" + eval $finish; exit 15 +} + +finish=true +xterm_loop= +noprogress=n +nox11=n +copy=none +ownership=n +verbose=n +cleanup=y +cleanupargs= +sig_key= + +initargs="$@" + +while true +do + case "$1" in + -h | --help) + MS_Help + exit 0 + ;; + -q | --quiet) + quiet=y + noprogress=y + shift + ;; + --accept) + accept=y + shift + ;; + --info) + echo Identification: "$label" + echo Target directory: "$targetdir" + echo Uncompressed size: 36 KB + echo Compression: gzip + if test x"n" != x""; then + echo Encryption: n + fi + echo Date of packaging: Fri Oct 27 12:24:28 EDT 2023 + echo Built with Makeself version 2.5.0 + echo Build command was: "/opt/homebrew/bin/makeself \\ + \"--keep-umask\" \\ + \"../build\" \\ + \"sechub-2.0.39-install.run\" \\ + \"Falcon Integration Gateway 2.0\" \\ + \"sudo\" \\ + \"./install.sh\"" + if test x"$script" != x; then + echo Script run after extraction: + echo " " $script $scriptargs + fi + if test x"" = xcopy; then + echo "Archive will copy itself to a temporary location" + fi + if test x"n" = xy; then + echo "Root permissions required for extraction" + fi + if test x"n" = xy; then + echo "directory $targetdir is permanent" + else + echo "$targetdir will be removed after extraction" + fi + exit 0 + ;; + --dumpconf) + echo LABEL=\"$label\" + echo SCRIPT=\"$script\" + echo SCRIPTARGS=\"$scriptargs\" + echo CLEANUPSCRIPT=\"$cleanup_script\" + echo archdirname=\"build\" + echo KEEP=n + echo NOOVERWRITE=n + echo COMPRESS=gzip + echo filesizes=\"$filesizes\" + echo totalsize=\"$totalsize\" + echo CRCsum=\"$CRCsum\" + echo MD5sum=\"$MD5sum\" + echo SHAsum=\"$SHAsum\" + echo SKIP=\"$skip\" + exit 0 + ;; + --lsm) +cat << EOLSM +No LSM. +EOLSM + exit 0 + ;; + --list) + echo Target directory: $targetdir + offset=`head -n "$skip" "$0" | wc -c | sed "s/ //g"` + for s in $filesizes + do + MS_dd "$0" $offset $s | MS_Decompress | UnTAR t + offset=`expr $offset + $s` + done + exit 0 + ;; + --tar) + offset=`head -n "$skip" "$0" | wc -c | sed "s/ //g"` + arg1="$2" + shift 2 || { MS_Help; exit 1; } + for s in $filesizes + do + MS_dd "$0" $offset $s | MS_Decompress | tar "$arg1" - "$@" + offset=`expr $offset + $s` + done + exit 0 + ;; + --check) + MS_Check "$0" y + exit 0 + ;; + --verify-sig) + sig_key="$2" + shift 2 || { MS_Help; exit 1; } + MS_Verify_Sig "$0" + ;; + --confirm) + verbose=y + shift + ;; + --noexec) + script="" + cleanup_script="" + shift + ;; + --noexec-cleanup) + cleanup_script="" + shift + ;; + --keep) + keep=y + shift + ;; + --target) + keep=y + targetdir="${2:-.}" + shift 2 || { MS_Help; exit 1; } + ;; + --noprogress) + noprogress=y + shift + ;; + --nox11) + nox11=y + shift + ;; + --nochown) + ownership=n + shift + ;; + --chown) + ownership=y + shift + ;; + --nodiskspace) + nodiskspace=y + shift + ;; + --xwin) + if test "n" = n; then + finish="echo Press Return to close this window...; read junk" + fi + xterm_loop=1 + shift + ;; + --phase2) + copy=phase2 + shift + ;; + --ssl-pass-src) + if test x"n" != x"openssl"; then + echo "Invalid option --ssl-pass-src: $0 was not encrypted with OpenSSL!" >&2 + exit 1 + fi + decrypt_cmd="$decrypt_cmd -pass $2" + shift 2 || { MS_Help; exit 1; } + ;; + --cleanup-args) + cleanupargs="$2" + shift 2 || { MS_Help; exit 1; } + ;; + --) + shift + break ;; + -*) + echo Unrecognized flag : "$1" >&2 + MS_Help + exit 1 + ;; + *) + break ;; + esac +done + +if test x"$quiet" = xy -a x"$verbose" = xy; then + echo Cannot be verbose and quiet at the same time. >&2 + exit 1 +fi + +if test x"n" = xy -a `id -u` -ne 0; then + echo "Administrative privileges required for this archive (use su or sudo)" >&2 + exit 1 +fi + +if test x"$copy" \!= xphase2; then + MS_PrintLicense +fi + +case "$copy" in +copy) + tmpdir="$TMPROOT"/makeself.$RANDOM.`date +"%y%m%d%H%M%S"`.$$ + mkdir "$tmpdir" || { + echo "Could not create temporary directory $tmpdir" >&2 + exit 1 + } + SCRIPT_COPY="$tmpdir/makeself" + echo "Copying to a temporary location..." >&2 + cp "$0" "$SCRIPT_COPY" + chmod +x "$SCRIPT_COPY" + cd "$TMPROOT" + export USER_PWD="$tmpdir" + exec "$SCRIPT_COPY" --phase2 -- $initargs + ;; +phase2) + finish="$finish ; rm -rf `dirname $0`" + ;; +esac + +if test x"$nox11" = xn; then + if test -t 1; then # Do we have a terminal on stdout? + : + else + if test x"$DISPLAY" != x -a x"$xterm_loop" = x; then # No, but do we have X? + if xset q > /dev/null 2>&1; then # Check for valid DISPLAY variable + GUESS_XTERMS="xterm gnome-terminal rxvt dtterm eterm Eterm xfce4-terminal lxterminal kvt konsole aterm terminology" + for a in $GUESS_XTERMS; do + if type $a >/dev/null 2>&1; then + XTERM=$a + break + fi + done + chmod a+x $0 || echo Please add execution rights on $0 >&2 + if test `echo "$0" | cut -c1` = "/"; then # Spawn a terminal! + exec $XTERM -e "$0 --xwin $initargs" + else + exec $XTERM -e "./$0 --xwin $initargs" + fi + fi + fi + fi +fi + +if test x"$targetdir" = x.; then + tmpdir="." +else + if test x"$keep" = xy; then + if test x"$nooverwrite" = xy && test -d "$targetdir"; then + echo "Target directory $targetdir already exists, aborting." >&2 + exit 1 + fi + if test x"$quiet" = xn; then + echo "Creating directory $targetdir" >&2 + fi + tmpdir="$targetdir" + dashp="-p" + else + tmpdir="$TMPROOT/selfgz$$$RANDOM" + dashp="" + fi + mkdir $dashp "$tmpdir" || { + echo 'Cannot create target directory' $tmpdir >&2 + echo 'You should try option --target dir' >&2 + eval $finish + exit 1 + } +fi + +location="`pwd`" +if test x"$SETUP_NOCHECK" != x1; then + MS_Check "$0" +fi +offset=`head -n "$skip" "$0" | wc -c | sed "s/ //g"` + +if test x"$verbose" = xy; then + MS_Printf "About to extract 36 KB in $tmpdir ... Proceed ? [Y/n] " + read yn + if test x"$yn" = xn; then + eval $finish; exit 1 + fi +fi + +if test x"$quiet" = xn; then + # Decrypting with openssl will ask for password, + # the prompt needs to start on new line + if test x"n" = x"openssl"; then + echo "Decrypting and uncompressing $label..." + else + MS_Printf "Uncompressing $label" + fi +fi +res=3 +if test x"$keep" = xn; then + trap MS_cleanup 1 2 3 15 +fi + +if test x"$nodiskspace" = xn; then + leftspace=`MS_diskspace "$tmpdir"` + if test -n "$leftspace"; then + if test "$leftspace" -lt 36; then + echo + echo "Not enough space left in "`dirname $tmpdir`" ($leftspace KB) to decompress $0 (36 KB)" >&2 + echo "Use --nodiskspace option to skip this check and proceed anyway" >&2 + if test x"$keep" = xn; then + echo "Consider setting TMPDIR to a directory with more free space." + fi + eval $finish; exit 1 + fi + fi +fi + +for s in $filesizes +do + if MS_dd_Progress "$0" $offset $s | MS_Decompress | ( cd "$tmpdir"; umask $ORIG_UMASK ; UnTAR xp ) 1>/dev/null; then + if test x"$ownership" = xy; then + (cd "$tmpdir"; chown -R `id -u` .; chgrp -R `id -g` .) + fi + else + echo >&2 + echo "Unable to decompress $0" >&2 + eval $finish; exit 1 + fi + offset=`expr $offset + $s` +done +if test x"$quiet" = xn; then + echo +fi + +cd "$tmpdir" +res=0 +if test x"$script" != x; then + if test x"$export_conf" = x"y"; then + MS_BUNDLE="$0" + MS_LABEL="$label" + MS_SCRIPT="$script" + MS_SCRIPTARGS="$scriptargs" + MS_ARCHDIRNAME="$archdirname" + MS_KEEP="$KEEP" + MS_NOOVERWRITE="$NOOVERWRITE" + MS_COMPRESS="$COMPRESS" + MS_CLEANUP="$cleanup" + export MS_BUNDLE MS_LABEL MS_SCRIPT MS_SCRIPTARGS + export MS_ARCHDIRNAME MS_KEEP MS_NOOVERWRITE MS_COMPRESS + fi + + if test x"$verbose" = x"y"; then + MS_Printf "OK to execute: $script $scriptargs $* ? [Y/n] " + read yn + if test x"$yn" = x -o x"$yn" = xy -o x"$yn" = xY; then + eval "\"$script\" $scriptargs \"\$@\""; res=$?; + fi + else + eval "\"$script\" $scriptargs \"\$@\""; res=$? + fi + if test "$res" -ne 0; then + test x"$verbose" = xy && echo "The program '$script' returned an error code ($res)" >&2 + fi +fi + +MS_exec_cleanup + +if test x"$keep" = xn; then + cd "$TMPROOT" + rm -rf "$tmpdir" +fi +eval $finish; exit $res +<;e={۸WJʔN*JNr{>WEBT Ҏ~3\7G`0ӡ~k|`^w{<{b؉wġo퓄?ogg]:hܰyxԸ\B}f)܃%cN@4? ~}?OFg?<WA^&_޳&oߍw$^oՋ??x?˲xΒus&h_g0 %lhVY-,5"Yt`8{V[o~ gޏ{ uC@%rx:m w =zp7fډy$a]-h "ԗߦ7_s6:=(8^^녮;[Zdxx]:10dћPHsrω]8j8cٝϣpEY3iO'K{/]pc-2\v~ ,ZGp@?/ߔX]jnz+o@]8DHj]`0c˽=>$g8D2Qwt\:tfs+ )1c89{3L5]Mw lφ!b+Gb$h3G4Ӆڶdx}ݿ'Q:fo'Sl( +#?k1-h(/2(@֩IlSE=Q%YDG$ne\IoN-`A"OD[moOAH2\('0v;@>@Hu9nXLe$ hV JR# {_xކ߇E0H].Zcl!bq`'%(1lm|c}%7BiîfyD"ǂ&Sx.w!l:w[ 9,Ħ[9^9~V ]0 N)I.9v<0%a 8CrC)j³fYʜkݶ.2|0D^QR2|l)gTJbx @2Jra=HQ_J? v|˳A'ڂ, Us$^dl^?RgG-}Of{:R?Gc<gOL8Lq[|O.CP I^XW/^g oU?~KvբppRWK9|@x{ KbvѓfgtQ(C ~6ћy1:D6eC7? +Lс&ej;1Ba(~DOW}yk =ӭ5Yj=vwo".d(AB{ V.~ qPIov{EkN&Y.Cmbޭ=5PVuwfD 'PTwqRωtcÑ5,6Ԩܐ51#$]f$=gsE#!dh HFAZ-(^mAFV28*5o:-vӄzxFFKۈqA`h<5kll ں@Nt<'VIb\$(( +M{`w2Mr(.h嶩k꨼?Ft +7]eYI$GH +2,D:wtkS}Oxh xaB|x.p%fLf(İa`[QZ0AD2c8Ά1vDY~292˦y6KϟáNI$i1~jYuʐyC.ɯo5*K(G71-B/KӍJe-ĉ6<%6D]'sJi.hꎸo"gfՂe)o@0S3p+`i='z֠DUl@vS],t㓅h` iC*)!uuaQ*Q[2s?efW 斞E%t̺pV +#XJu rwfa"u  &e7QKU Uy[ZM?ɪУ%jN0a6 ˪h/L"҆#*h<pJ2Z4@`YRa 2PpYA6p MUkI*00BtRZVT0rp56!LG}eB̕x[XT}v] ;я#KZ#=/"%4z7lǖʏy܀t\T;? +<`l+.E8+o=FJxb [1<CeDUHa(5NwBtt4_EE#w{Qb<oaAUQ8(jduM X)2#!47.d(d& 4Bsd״7͎QP>C_%نڴ~ogzkRWYe[)(5^G +rӒl4}rTvtAoT(9 6u0 +r'򆺘g?9֬qhJ\ܩ$ѪꗘKO0܎dJ,RQ=&-8|Uy//c'qZ/\'MyP0$(rDtIr ޯۖOIaWf ۙ 8-m0UI*)&oU,~CK$nߪ|0?,ދrq@FGZ6^Gc >8̠1B5/PԶo)*,["e20?慫AaC%3fRc@i^vTVg:NjW:7X~mJ/+* +.ؕ@U}WGmn` b.) -'4R5hp^J0u ww e.!4mݺOV4I>]**ml*ckm3O|lQ7oJ\kk<hwIbX?f;nI֜r9Ǿ~a߽}wn~@,$jkw5c&1s=#^څ?9;X?4 %«;ܪu.T0Dk.)q}G.xŗUq;VE2䇚k?P0e~Id3g^p,{]>]TwUtog<ޮ'yPY{ _ SčR[Fה r/FG|{E}'uiJcPH0%c'qJi r4jPCjNh8.j&`31 +~妊)C+"u8{,"DK'ڲ`>q|о7q9 y^A6Qe"ҫ_FrHg+4fԪ+K)KٮQL-^O]WPבTdK:s* T)7& >iP3,CfT7w/fO($Y]W&1CK^{+foNט?qWumt>re%+twUU,VRztl0i2)؛bieey=JP hHYpC4nX\5ӋWMcM4ap >gPohQX:J )!WW;"FY.B+1(*WHrܩyA.@DS][.j@4^}oiSJ.V2wKݸ|P[zfM(g=vZ Z-/@epK n0) ?$TsJ(=p,Px z'ɘe{yyS'-MڅR҆Db^ѭ᤼n'Mzqf9$X^u-]wh ̽@ϲ=lJ|۠T"`&&R9tG-JU9Ѡ>TAmpP:Čv@]8!PMQe*醸YOC*^]K1YANpf}qgTTitՔ@Fg +ƻҼF>ۓApoI76Ga (a%|Y#x*Vc'KoHYy4ħʦTYx Ena<͍;jn:l`BAMY}W?hY֯wRW.ډUۈaJäFt~ˊVWdyae s\^;U M_U +ڥwk=oXVT @d$1-e5VChS1@MŹ2W$UU̳}Mx>HVܳ99 +Hx}[Y辢4/Ie>fj3jSh2ÎXi +W{ЈHSo?^D#GyqtTy}-C0++nq~ JP1lBƟ&-; which md5sum || command -v md5sum || type md5sum` test -x "$MD5_PATH" || MD5_PATH=`exec <&- 2>&-; which md5 || command -v md5 || type md5` @@ -376,12 +376,12 @@ do if test x"n" != x""; then echo Encryption: n fi - echo Date of packaging: Wed Jun 28 12:45:00 EDT 2023 + echo Date of packaging: Fri Oct 27 12:24:28 EDT 2023 echo Built with Makeself version 2.5.0 - echo Build command was: "/usr/local/bin/makeself \\ + echo Build command was: "/opt/homebrew/bin/makeself \\ \"--keep-umask\" \\ \"../build\" \\ - \"sechub-2.0.38-install.run\" \\ + \"sechub-2.0.39-install.run\" \\ \"Falcon Integration Gateway 2.0\" \\ \"sudo\" \\ \"./install.sh\"" @@ -714,34 +714,38 @@ if test x"$keep" = xn; then rm -rf "$tmpdir" fi eval $finish; exit $res -cd={㶑WtILWJZ"y(ؕH U$>d{l՗/+`0 ppt:Wޯ~ w@ __}O"b'Tܕ4ϷO>,_䳳.jFNawan<\zw/V݈{N_k4!Zc;lYAc/ْ{;h0 &%Հ‚zx|ΦS?%rށ677gs6w@6keְa$/;D>լuy(,8?4#"dBHaî'bz"[s룈ھux3b x:ƤyDA8(8Lq[|?"#74UMk3]$y\nlK<)*:j!b1#Ts@mfa26:zPsSYǣǃhxv9Y!&Wot|8|ixNޛdFAoA+ h\M$\7‘M+NđQG}rYw')mg~]oE#j(e ҥWQr|xW/:laqE-~0| -L ij8I3|/1Bmي ܐ }E0|XyQ Z7@(#bɳ!e/%$S` ~]d~0[yož:9dǑOat`҈Ywu`"?o+wW$Β݂Oz[$D\4NaX ]0" ԡv?L. - Hgņ]{ӡɭ<d+o '˜PhwqRω'`C:3p.4Ԩܐ51c$$]f<`r8 -a'?\$ʍ56a3h כ4_-젟CGYR.;kcPg`AbBxϒ4-aj83Fēl`hAW|G'˟@ .1rtd0fo -G acgx:<)?䄆9'>J0ÓÎ18.cjyfH;!._"dG@Bs=φ\hN:>G @`w\c`f P(Ivatmd_K'FULpK~Y"BM' -@DiR6ğ.̖L1-e2󆁷A@2^48.aN8r|҄|C@9O 0:)gGu ͋ u9\fĄ\jdML`n*2([ס,M\wK$»@sɌ=H;[etUEDtiXxMFh?97\ˑ#Zi%;$ s ㎻HaYOA[>[Q{z2T+*':Z騔099ڂu!wẔ<_\ ņg."gԒ]Y m DXU&` `UŐ'WRg!,ƌJ:kaƬL^"3mŚh,|ő.%KDDS!b2O!Y( J{۶ 9F -/UvT,m*!9UuB!Qw  +fO?W%}kH|?E^n3xoDD)P -V؎M R^ u|cWSɉ!ɽC(m*ٸY&9^t7җ{6;5k<^a[H|a)3-*iUf&i~r߻`#lrJJ~&LH=uX_5#,$x@!CK@52pAj jc( p8$)JD N $l康4C^j6"B\PO[=[zωUҩ;`7NpΣ@fruW(}: re5+2U岽]$mSQy<55QT K?XfkH;VVvO Qǰ람Je);U7W_*7un06(ܝdY  &W"h[T3 gG0g^>vq)=DcJ{[雬cZn̈́LʔbI>mOΖD GGUvmy*\)~ze/P6၀*O - K.7ib \SeMGLSxԲy,Wc”^o~HxW,@\Y'Eu_gz̰ -0?"$eک",BXB7`Fzl_; XOE[ -{R2RHȊAS,(eCV!`ty@-ch%2P,@Bbr,R4~`))Jӝ4x/Ft'w{4E!A[}vUasԣ9z=ʷYg]S6V'̤.3xH73CžY lӤfYM3욖o1*g9²%Y6PLom!] -~?Qs3#UƧU"E>>F}hu; *K sYeOKH6]h18mnʊMW:7X_'Cp*ķKE)!A0y",&r@{D¬K -h Tk ;^Jv&7 ex4mݺwoV4I](S.?ml*ckm3̨O4yQ7oJ\kk<@XCN1i }Ib7ClNͯc_W?:}5aߠkHcs@)X߉=6o9Wރa<ᵁ< SBKN)}xv*|_1 [Kî:0\Jq×Tԏ8tG,⯈a"*z kTysidu($L,f ײA޸Ew0 O2e/^b:IE6{vuIZ9цϓ4Iuk&,(a|P%P~hS٨G6$, BZELE#rM=n#c軵{i3Yt - -:}9qXMwW5\Um.NyZi`*5P⌽)VVף1;8֝Lс7?|Yk@㖎UooFԼj#o K׼nw.)Um%&`-9^$HdoOs㎡&䳚)PPS lGĿI`QU/e)F+]~j&*[ڃ]l'\P~ޑ!ML, PvrTOl''fq r|мe#<ͭ=٭`s$ﭒ&k1J!`TQ - (tƥ`uO9::6+~a 9t.:lԟty8QA֞RnEn}~Wb`A9e_( hphHV4PKUEgR9vd=l AFLN6vnRSkSĦ];`X#(\|3{SW:Ep#@l7Mhl2 OWX?6.K)CUrʧp?39b+'Dz_2H=]5~t*ƶAͬ[f!A-yCtU@#jop{ZHŅ%/ݙfrf -Pe|*13a̲LMYLQ^Si~1v7ASdt2[L$pUd:>X3`F,u.qrFzZ^y|Le֣=%[3ё%8wFTK1 Owl7q nhǮ[沪2(ui]?2"8hڝ\M UyIwdpRTd 3mJ> ?hYI֯wRW.ډUۈaJäFt~ˊVWdyae s\^;UKK?&K;`m##*{ąډʰJ@$'G%i -!zFC՟2j*Q bCbMkA_>_>_>^Ej \ No newline at end of file +<;e={۸WJʔN*JNr{>WEBT Ҏ~3\7G`0ӡ~k|`^w{<{b؉wġo퓄?ogg]:hܰyxԸ\B}f)܃%cN@4? ~}?OFg?<WA^&_޳&oߍw$^oՋ??x?˲xΒus&h_g0 %lhVY-,5"Yt`8{V[o~ gޏ{ uC@%rx:m w =zp7fډy$a]-h "ԗߦ7_s6:=(8^^녮;[Zdxx]:10dћPHsrω]8j8cٝϣpEY3iO'K{/]pc-2\v~ ,ZGp@?/ߔX]jnz+o@]8DHj]`0c˽=>$g8D2Qwt\:tfs+ )1c89{3L5]Mw lφ!b+Gb$h3G4Ӆڶdx}ݿ'Q:fo'Sl( +#?k1-h(/2(@֩IlSE=Q%YDG$ne\IoN-`A"OD[moOAH2\('0v;@>@Hu9nXLe$ hV JR# {_xކ߇E0H].Zcl!bq`'%(1lm|c}%7BiîfyD"ǂ&Sx.w!l:w[ 9,Ħ[9^9~V ]0 N)I.9v<0%a 8CrC)j³fYʜkݶ.2|0D^QR2|l)gTJbx @2Jra=HQ_J? v|˳A'ڂ, Us$^dl^?RgG-}Of{:R?Gc<gOL8Lq[|O.CP I^XW/^g oU?~KvբppRWK9|@x{ KbvѓfgtQ(C ~6ћy1:D6eC7? +Lс&ej;1Ba(~DOW}yk =ӭ5Yj=vwo".d(AB{ V.~ qPIov{EkN&Y.Cmbޭ=5PVuwfD 'PTwqRωtcÑ5,6Ԩܐ51#$]f$=gsE#!dh HFAZ-(^mAFV28*5o:-vӄzxFFKۈqA`h<5kll ں@Nt<'VIb\$(( +M{`w2Mr(.h嶩k꨼?Ft +7]eYI$GH +2,D:wtkS}Oxh xaB|x.p%fLf(İa`[QZ0AD2c8Ά1vDY~292˦y6KϟáNI$i1~jYuʐyC.ɯo5*K(G71-B/KӍJe-ĉ6<%6D]'sJi.hꎸo"gfՂe)o@0S3p+`i='z֠DUl@vS],t㓅h` iC*)!uuaQ*Q[2s?efW 斞E%t̺pV +#XJu rwfa"u  &e7QKU Uy[ZM?ɪУ%jN0a6 ˪h/L"҆#*h<pJ2Z4@`YRa 2PpYA6p MUkI*00BtRZVT0rp56!LG}eB̕x[XT}v] ;я#KZ#=/"%4z7lǖʏy܀t\T;? +<`l+.E8+o=FJxb [1<CeDUHa(5NwBtt4_EE#w{Qb<oaAUQ8(jduM X)2#!47.d(d& 4Bsd״7͎QP>C_%نڴ~ogzkRWYe[)(5^G +rӒl4}rTvtAoT(9 6u0 +r'򆺘g?9֬qhJ\ܩ$ѪꗘKO0܎dJ,RQ=&-8|Uy//c'qZ/\'MyP0$(rDtIr ޯۖOIaWf ۙ 8-m0UI*)&oU,~CK$nߪ|0?,ދrq@FGZ6^Gc >8̠1B5/PԶo)*,["e20?慫AaC%3fRc@i^vTVg:NjW:7X~mJ/+* +.ؕ@U}WGmn` b.) -'4R5hp^J0u ww e.!4mݺOV4I>]**ml*ckm3O|lQ7oJ\kk<hwIbX?f;nI֜r9Ǿ~a߽}wn~@,$jkw5c&1s=#^څ?9;X?4 %«;ܪu.T0Dk.)q}G.xŗUq;VE2䇚k?P0e~Id3g^p,{]>]TwUtog<ޮ'yPY{ _ SčR[Fה r/FG|{E}'uiJcPH0%c'qJi r4jPCjNh8.j&`31 +~妊)C+"u8{,"DK'ڲ`>q|о7q9 y^A6Qe"ҫ_FrHg+4fԪ+K)KٮQL-^O]WPבTdK:s* T)7& >iP3,CfT7w/fO($Y]W&1CK^{+foNט?qWumt>re%+twUU,VRztl0i2)؛bieey=JP hHYpC4nX\5ӋWMcM4ap >gPohQX:J )!WW;"FY.B+1(*WHrܩyA.@DS][.j@4^}oiSJ.V2wKݸ|P[zfM(g=vZ Z-/@epK n0) ?$TsJ(=p,Px z'ɘe{yyS'-MڅR҆Db^ѭ᤼n'Mzqf9$X^u-]wh ̽@ϲ=lJ|۠T"`&&R9tG-JU9Ѡ>TAmpP:Čv@]8!PMQe*醸YOC*^]K1YANpf}qgTTitՔ@Fg +ƻҼF>ۓApoI76Ga (a%|Y#x*Vc'KoHYy4ħʦTYx Ena<͍;jn:l`BAMY}W?hY֯wRW.ډUۈaJäFt~ˊVWdyae s\^;U M_U +ڥwk=oXVT @d$1-e5VChS1@MŹ2W$UU̳}Mx>HVܳ99 +Hx}[Y辢4/Ie>fj3jSh2ÎXi +W{ЈHSo?^D#GyqtTy}-C0++nq~ JP1lBƟ