From 739efc22d2f37c8c59e37a9772c41b9d1a7fad11 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 30 Nov 2021 15:21:44 -0500
Subject: [PATCH 1/5] Fix airgap check logic

---
 setup/so-setup | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-setup b/setup/so-setup
index 1893d252b..159367793 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -318,7 +318,7 @@ if ! [[ -f $install_opt_file ]]; then
 	elif [[ $is_minion && $is_iso ]]; then
 		$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" [[ -f /etc/yum.repos.d/airgap_repo.repo ]] >> $setup_log 2>&1
 		airgap_check=$?
-		[[ $airgap_check ]] && is_airgap=true >> $setup_log 2>&1
+		[[ $airgap_check == 0 ]] && is_airgap=true >> $setup_log 2>&1
 	fi
 
 	reset_proxy

From 8d87fae6a87ada9e3c1b5edc7d0bcf7944efebec Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 30 Nov 2021 15:39:28 -0500
Subject: [PATCH 2/5] Remove airgap repo file if it shouldn't exist

---
 salt/repo/client/init.sls | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/salt/repo/client/init.sls b/salt/repo/client/init.sls
index f6fbdb6f3..a32287332 100644
--- a/salt/repo/client/init.sls
+++ b/salt/repo/client/init.sls
@@ -65,6 +65,10 @@ yumconf:
     - mode: 644
     - template: jinja
     - show_changes: False
+
+cleanairgap:
+  file.absent:
+    - name: /etc/yum.repos.d/airgap_repo.repo
 {% endif %}
 
 cleanyum:

From 168f860c871aea656cd4d0660559a3a90f77c9c1 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 30 Nov 2021 15:49:41 -0500
Subject: [PATCH 3/5] Add hotfix string to HOTFIX

---
 HOTFIX | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/HOTFIX b/HOTFIX
index 0f3ca3c28..8f9b6cfec 100644
--- a/HOTFIX
+++ b/HOTFIX
@@ -1 +1 @@
-WAZUH
+WAZUH AIRGAPFIX

From 63cb4866987d3340898176f100a5ad8ce75a231b Mon Sep 17 00:00:00 2001
From: Josh Patterson <josh.patterson@securityonionsolutions.com>
Date: Wed, 1 Dec 2021 10:16:04 -0500
Subject: [PATCH 4/5] remove redirect to /dev/null for compgen

---
 salt/common/tools/sbin/soup | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup
index 2244f2735..a4285347b 100755
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -599,7 +599,7 @@ up_to_2.3.80() {
 
 up_to_2.3.90() {
   for i in manager managersearch eval standalone; do
-    if compgen -G "/opt/so/saltstack/local/pillar/minions/*_$i.sls" > /dev/null; then
+    if compgen -G "/opt/so/saltstack/local/pillar/minions/*_$i.sls"; then
       echo "soc:" >> /opt/so/saltstack/local/pillar/minions/*_$i.sls
       sed -i "/^soc:/a \\  es_index_patterns: '*:so-*,*:endgame-*'" /opt/so/saltstack/local/pillar/minions/*_$i.sls
     fi

From 80c569317f64022b19878771df5c7857b1976972 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 1 Dec 2021 13:16:13 -0500
Subject: [PATCH 5/5] 2.3.90 hotfix airgap

---
 README.md                                   |   2 +-
 VERIFY_ISO.md                               |  22 ++++++++++----------
 sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig | Bin 0 -> 543 bytes
 3 files changed, 12 insertions(+), 12 deletions(-)
 create mode 100644 sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig

diff --git a/README.md b/README.md
index b07bae8ca..0732601d7 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 ## Security Onion 2.3.90-WAZUH
 
-Security Onion 2.3.90-WAZUH is here!
+Security Onion 2.3.90-AIRGAPFIX is here!
 
 ## Screenshots
 
diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index 502a44a9b..218a703d6 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.90-WAZUH ISO image built on 2021/11/23
+### 2.3.90-AIRGAPFIX ISO image built on 2021/12/01
 
 
 
 ### Download and Verify
 
-2.3.90-WAZUH ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.90-WAZUH.iso
+2.3.90-AIRGAPFIX ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.90-AIRGAPFIX.iso
 
-MD5: B7141C8627CDB45F4A8741B2ADE4A9F3  
-SHA1: 16087B385CA651659EC98F139AFDF90922430FB6  
-SHA256: 667AF11BBCFE3248AF59E45043703B55A543E059899AE387FF55EB8077304F04 
+MD5: A87EEF66FEB2ED6E20ABD4ADDA4899C6  
+SHA1: D1AD74D1481E9FF6F1A79D27DC569DA6749EC54B  
+SHA256: E4FC40340357B098E881F13BC4960AA8CB5F5AC73C05E077C993078ED7F46D59 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-WAZUH.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-WAZUH.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-WAZUH.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.90-AIRGAPFIX.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.90-WAZUH.iso.sig securityonion-2.3.90-WAZUH.iso
+gpg --verify securityonion-2.3.90-AIRGAPFIX.iso.sig securityonion-2.3.90-AIRGAPFIX.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Tue 23 Nov 2021 03:19:08 PM EST using RSA key ID FE507013
+gpg: Signature made Wed 01 Dec 2021 11:07:16 AM EST using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig b/sigs/securityonion-2.3.90-AIRGAPFIX.iso.sig
new file mode 100644
index 0000000000000000000000000000000000000000..05b411eac98ef770231fbc6fc61c45363d217b9f
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p;BGowNW72@re`V7LBIa1$5@5C26HXknWz2%^7b66Fy?
z)De4*9itt3EDo->l4*ZMmB)sVSmFsUJc7<7{0Uv~SkgV@h=HFq5?77L46@bd+dKQ=
z{raokbs{~6B)~&dyjOZ;#e)}@s@Ov4u2FLH10aB8B)$G&{yHY}M@*Smb`)DhB{PSz
zkTf$)I*JC}0t5O4iHo}n#0Zi_?c)BMieBV1lIge}M{Iy~2}l98eztXRAM?|(jfR;7
zh1fWr-VN%n^HOU4L}4>g-=vpTBb6g_sHvHxV_3)x`lD#BzfmoG9!G{iyXjqUs^1Ga
zfMHcN%_#7Yj3VFrG8?c32ekMS7!SaV0+@xa_J?Mpf3o33OckM@#oPk7pl!IxC74(-
zp~8fb=-X>?5t<r>8^sEF4LL+yDeHK?Yo2@4&c{2mtCz5MPz0rHF%>@pR;aU3uz_od
z%28rAiJ$<TFSv*TGYfctbL|~VkPP5%xP_?eL>kX2d=BF#nn<Er!P-;tL}%~41>GMf
zC?7=`36wR#?z8Jq4~mrAM3Frxx9*&(uAKJ&&2%&Jo{ccjq#}I#lPz`{RL|HRmh)vs
zZz8*F$NI_-<(AFl{0>#9`Da%t?fB(^pb7TU3{`V{=%n-MdO*%o(K(#~z`0l~dbW3%
h6c$QR(_M1|qSyccW==aREv++hDYm~70f7Va#7?UH{;B`~

literal 0
HcmV?d00001