From: Matt Keeler <mkeeler(a)tresys.com&gt; --- src/secstate/util.py | 15 +++++++++++++-- 1 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/secstate/util.py b/src/secstate/util.py index 6856212..32eb63a 100644 --- a/src/secstate/util.py +++ b/src/secstate/util.py @@ -450,7 +450,7 @@ def parse_puppet_fixes(benchmark, ignore_ids=[]): fixes = xccdf_get_fixes(benchmark, ignore_ids) all_puppet = {'classes' : set(), 'environment' : "", 'parameters' : {}} - line_reg = re.compile(r'\s*(class|environment|parameter)\s*:\s*((\S+)\s*:\s*(\S+)|\S+)\s*', re.IGNORECASE) + line_reg = re.compile(r'\s*(class|environment|parameter|array)\s*:\s*((\S+)\s*:\s*(\S+)|\S+)\s*', re.IGNORECASE) for fix in fixes: if oscap.xccdf_fix_get_system(fix) == 'urn:xccdf:fix:script:puppet': @@ -471,6 +471,10 @@ def parse_puppet_fixes(benchmark, ignore_ids=[]): #collision deteced - cant do this. raise SecstateException('Puppet Variable Collision') all_puppet['parameters'][mtch.group(3)] = mtch.group(4) + elif mtch.group(1).lower() == 'array': + if not all_puppet['parameters'].has_key(mtch.group(3)): + all_puppet['parameters'][mtch.group(3)] = set() + all_puppet['parameters'][mtch.group(3)].add(mtch.group(4)) else: #assume comment line pass @@ -489,6 +493,13 @@ def dict_to_external(puppet_dict): content.append('environment: %s' % environ) content.append('parameters:') for item in puppet_dict['parameters']: - content.append(' %s: "%s"' % (item, puppet_dict['parameters'][item])) + value = puppet_dict['parameters'][item] + if isinstance(value, str): + content.append(' %s: %s' % (item, puppet_dict['parameters'][item])) + elif isinstance(value, set): + content.append(' %s:' % item) + for set_item in value: + content.append(' - "%s"' % set_item) + return '\n'.join(content) -- 1.6.5.2