diff --git a/CHANGELOG.md b/CHANGELOG.md index 3dd987c3..b8980092 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,12 @@ All notable changes to this project will be documented in this file. - Update to [Wazuh v4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460) +## [v4.5.3] + +### Added + +- Update to [Wazuh v4.5.3](https://github.com/wazuh/wazuh/blob/v4.5.3/CHANGELOG.md#v453) + ## [v4.5.2] ### Added diff --git a/README.md b/README.md index c1e3a038..e114bddf 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| | v4.6.0 | | | +| v4.5.3 | | | | v4.5.2 | | | | v4.5.1 | | | | v4.5.0 | | | diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index ce5ed083..d2d7b0aa 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -52,8 +52,7 @@ wazuh_winagent_config: auth_path: C:\Program Files\ossec-agent\agent-auth.exe # Adding quotes to auth_path_x86 since win_shell outputs error otherwise auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe - check_md5: True - md5: 3823a34bb108b9ad4e9fb43cb8f0b4e3 + check_sha512: True wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml index bcf6e1f0..f312253d 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml @@ -30,17 +30,29 @@ when: - not wazuh_package_downloaded.stat.exists +- name: Windows | Download SHA512 checksum file + win_get_url: + url: "{{ wazuh_winagent_sha512_url }}" + dest: "{{ wazuh_winagent_config.download_dir }}" + when: + - wazuh_winagent_config.check_sha512 + +- name: Extract checksum from SHA512 file + win_shell: Get-Content "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}.sha512" | ForEach-Object { $_.Split(' ')[0] } + register: extracted_checksum + when: + - wazuh_winagent_config.check_sha512 + - name: Windows | Verify the Wazuh Agent installer win_stat: path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}" get_checksum: true - checksum_algorithm: md5 + checksum_algorithm: sha512 register: wazuh_agent_status failed_when: - - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5 + - wazuh_agent_status.stat.checksum != extracted_checksum.stdout_lines[0] when: - - wazuh_winagent_config.check_md5 - + - wazuh_winagent_config.check_sha512 - name: Windows | Install Agent if not already installed win_package: @@ -95,3 +107,8 @@ win_file: path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}" state: absent + +- name: Windows | Delete downloaded checksum file + win_file: + path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}.sha512" + state: absent diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml index d8e761fb..5cd96e89 100644 --- a/roles/wazuh/vars/repo.yml +++ b/roles/wazuh/vars/repo.yml @@ -5,6 +5,7 @@ wazuh_repo: key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" +wazuh_winagent_sha512_url: "https://packages.wazuh.com/4.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" certs_gen_tool_version: 4.6 diff --git a/roles/wazuh/vars/repo_pre-release.yml b/roles/wazuh/vars/repo_pre-release.yml index e5aaec25..32c0341a 100644 --- a/roles/wazuh/vars/repo_pre-release.yml +++ b/roles/wazuh/vars/repo_pre-release.yml @@ -5,6 +5,7 @@ wazuh_repo: key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" +wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/pre-release/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" certs_gen_tool_version: 4.6