Error loading proxy settings

[johnosn]

In misp42splunk/bin/misp_common.py, if a username containing the term "proxy" exists in another Splunk app incorrect proxy data may attempt to be loaded if it is returned by Splunk ahead of results for the misp42splunk app, or can fail if returns a NoneType. Consider checking the app_name for the credential attempting to be loaded and validate if it is associated with the app "misp42splunk".

Sample Code

    # get clear version of misp_key
    config_args['misp_key'] = None
    proxy_clear_password = None
    for credential in storage_passwords:
        cred_app_name = credential.access.get('app')
        if (app_name in cred_app_name) and (cred_app_name is not None):
            username = credential.content.get('username')
            if misp_instance in username:
                clear_credentials = credential.content.get('clear_password')
                if 'misp_key' in clear_credentials:
                    misp_instance_key = json.loads(clear_credentials)
                    config_args['misp_key'] = str(misp_instance_key['misp_key'])
            elif 'proxy' in username:
                clear_credentials = credential.content.get('clear_password')
                if 'proxy_password' in clear_credentials:
                    proxy_creds = json.loads(clear_credentials)
                    proxy_clear_password = str(proxy_creds['proxy_password'])

    if config_args['misp_key'] is None:
        raise Exception(
            "misp_key NOT found for instance {}".format(misp_instance)
        )
        return None

[remg427]

Hi, thanks for this. I have included your code in 4.0.1