From 52ababb8649067aca499bdb318a624cd1fe1ce70 Mon Sep 17 00:00:00 2001
From: cpangam <cpangam@splunk.com>
Date: Tue, 19 Apr 2022 10:49:40 -0700
Subject: [PATCH] AWS Inspector: Fixing SemGrep pipeline errors

---
 awsinspector_connector.py | 6 ++++--
 awsinspector_consts.py    | 1 +
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/awsinspector_connector.py b/awsinspector_connector.py
index 4ea0857..6d991be 100644
--- a/awsinspector_connector.py
+++ b/awsinspector_connector.py
@@ -631,12 +631,14 @@ def handle_action(self, param):
     argparser.add_argument('input_test_json', help='Input Test JSON file')
     argparser.add_argument('-u', '--username', help='username', required=False)
     argparser.add_argument('-p', '--password', help='password', required=False)
+    argparser.add_argument('-v', '--verify', action='store_true', help='verify', required=False, default=False)
 
     args = argparser.parse_args()
     session_id = None
 
     username = args.username
     password = args.password
+    verify = args.verify
 
     if (username is not None and password is None):
 
@@ -648,7 +650,7 @@ def handle_action(self, param):
         login_url = BaseConnector._get_phantom_base_url() + "login"
         try:
             print("Accessing the Login page")
-            response = requests.get(login_url, verify=False)
+            response = requests.get(login_url, verify=verify, timeout=AWSINSPECTOR_DEFAULT_TIMEOUT)
             csrftoken = response.cookies['csrftoken']
 
             data = dict()
@@ -661,7 +663,7 @@ def handle_action(self, param):
             headers['Referer'] = login_url
 
             print("Logging into Platform to get the session id")
-            r2 = requests.post(login_url, verify=False, data=data, headers=headers)
+            r2 = requests.post(login_url, verify=verify, data=data, headers=headers, timeout=AWSINSPECTOR_DEFAULT_TIMEOUT)
             session_id = r2.cookies['sessionid']
         except Exception as e:
             print("Unable to get session id from the platform. Error: {0}".format(str(e)))
diff --git a/awsinspector_consts.py b/awsinspector_consts.py
index 2711a48..acb8956 100644
--- a/awsinspector_consts.py
+++ b/awsinspector_consts.py
@@ -34,3 +34,4 @@
     }
 AWSINSPECTOR_BAD_ASSET_CONFIG_MSG = 'Please provide access keys or select assume role check box in asset configuration'
 AWSINSPECTOR_ROLE_CREDENTIALS_FAILURE_MSG = 'Failed to retrieve EC2 role credentials from instance'
+AWSINSPECTOR_DEFAULT_TIMEOUT = 30