int app_evaluate_oval(const struct oscap_action *action)
{
struct oval_session *session = NULL;
oval_result_t eval_result;
int ret = OSCAP_ERROR;
/* Turn on verbosity */
if (!oscap_set_verbose(action->verbosity_level, action->f_verbose_log, false)) {
goto cleanup;
}
/* create a new OVAL session */
if ((session = oval_session_new(action->f_oval)) == NULL) {
oscap_print_error();
return ret;
}
/* set validation level */
oval_session_set_validation(session, action->validate, getenv("OSCAP_FULL_VALIDATION"));
/* set source DS related IDs */
oval_session_set_datastream_id(session, action->f_datastream_id);
oval_session_set_component_id(session, action->f_oval_id);
/* set reporter function for XML validation of inputs and outputs */
oval_session_set_xml_reporter(session, reporter);
/* set OVAL Variables */
oval_session_set_variables(session, action->f_variables);
/* load all necesary OVAL Definitions and bind OVAL Variables if provided */
if ((oval_session_load(session)) != 0)
goto cleanup;
/* evaluation */
if (action->id) {
if ((oval_session_evaluate_id(session, action->probe_root, action->id, &eval_result)) != 0)
goto cleanup;
printf("Definition %s: %s\n", action->id, oval_result_get_text(eval_result));
}
else {
if ((oval_session_evaluate(session, action->probe_root, app_oval_callback, NULL)) != 0)
goto cleanup;
}
printf("Evaluation done.\n");
oval_session_set_directives(session, action->f_directives);
oval_session_set_results_export(session, action->f_results);
oval_session_set_report_export(session, action->f_report);
if (oval_session_export(session) != 0)
goto cleanup;
ret = OSCAP_OK;
cleanup:
oscap_print_error();
oval_session_free(session);
return ret;
}
static int app_oval_callback(const struct oval_result_definition * res_def, void *arg)
{
oval_result_t result = oval_result_definition_get_result(res_def);
printf("Definition %s: %s\n", oval_result_definition_get_id(res_def), oval_result_get_text(result));
return 0;
}
xmlNode *oval_result_test_to_dom(struct oval_result_test *rslt_test, xmlDocPtr doc, xmlNode * parent) {
__attribute__nonnull__(rslt_test);
xmlNs *ns_results = xmlSearchNsByHref(doc, parent, OVAL_RESULTS_NAMESPACE);
xmlNode *test_node = xmlNewTextChild(parent, ns_results, BAD_CAST "test", NULL);
struct oval_test *oval_test = oval_result_test_get_test(rslt_test);
char *test_id = oval_test_get_id(oval_test);
xmlNewProp(test_node, BAD_CAST "test_id", BAD_CAST test_id);
char version[10];
*version = '\0';
snprintf(version, sizeof(version), "%d", oval_test_get_version(oval_test));
xmlNewProp(test_node, BAD_CAST "version", BAD_CAST version);
oval_existence_t existence = oval_test_get_existence(oval_test);
if (existence != OVAL_AT_LEAST_ONE_EXISTS) {
xmlNewProp(test_node, BAD_CAST "check_existence", BAD_CAST oval_existence_get_text(existence));
}
oval_check_t check = oval_test_get_check(oval_test);
xmlNewProp(test_node, BAD_CAST "check", BAD_CAST oval_check_get_text(check));
int instance_val = oval_result_test_get_instance(rslt_test);
if (instance_val > 1) {
char instance[10];
*instance = '\0';
snprintf(instance, sizeof(instance), "%d", instance_val);
xmlNewProp(test_node, BAD_CAST "variable_instance", BAD_CAST instance);
}
oval_result_t result = oval_result_test_get_result(rslt_test);
xmlNewProp(test_node, BAD_CAST "result", BAD_CAST oval_result_get_text(result));
/* does not make sense to report these when test(definition) is not evaluated */
if( result != OVAL_RESULT_NOT_EVALUATED) {
struct oval_result_item_iterator *items = oval_result_test_get_items(rslt_test);
while (oval_result_item_iterator_has_more(items)) {
struct oval_result_item *item = oval_result_item_iterator_next(items);
oval_result_item_to_dom(item, doc, test_node);
}
oval_result_item_iterator_free(items);
struct oval_variable_binding_iterator *bindings = oval_result_test_get_bindings(rslt_test);
while (oval_variable_binding_iterator_has_more(bindings)) {
struct oval_variable_binding *binding = oval_variable_binding_iterator_next(bindings);
_oval_result_binding_to_dom(binding, doc, test_node);
}
oval_variable_binding_iterator_free(bindings);
}
return test_node;
}
xmlNode *oval_result_definition_to_dom
(struct oval_result_definition * definition, oval_result_directive_content_t content,
xmlDocPtr doc, xmlNode * parent) {
xmlNs *ns_results = xmlSearchNsByHref(doc, parent, OVAL_RESULTS_NAMESPACE);
xmlNode *definition_node = xmlNewTextChild(parent, ns_results, BAD_CAST "definition", NULL);
struct oval_definition *oval_definition = oval_result_definition_get_definition(definition);
char *definition_id = oval_definition_get_id(oval_definition);
xmlNewProp(definition_node, BAD_CAST "definition_id", BAD_CAST definition_id);
oval_result_t result = oval_result_definition_get_result(definition);
const char *result_att = oval_result_get_text(result);
xmlNewProp(definition_node, BAD_CAST "result", BAD_CAST result_att);
int version = oval_definition_get_version(oval_definition);
char version_att[10] = "";
snprintf(version_att, sizeof(version_att), "%d", version);
xmlNewProp(definition_node, BAD_CAST "version", BAD_CAST version_att);
int instance = oval_result_definition_get_instance(definition);
if (instance != 1 ||
oval_result_definition_get_variable_instance_hint(definition) != instance) {
char instance_att[10] = "";
snprintf(instance_att, sizeof(instance_att), "%d", instance);
xmlNewProp(definition_node, BAD_CAST "variable_instance", BAD_CAST instance_att);
}
struct oval_message_iterator *messages = oval_result_definition_get_messages(definition);
while (oval_message_iterator_has_more(messages)) {
oval_message_to_dom(oval_message_iterator_next(messages), doc, definition_node);
}
oval_message_iterator_free(messages);
if (content == OVAL_DIRECTIVE_CONTENT_FULL) {
struct oval_result_criteria_node *criteria = oval_result_definition_get_criteria(definition);
if (criteria) {
oval_result_criteria_node_to_dom(criteria, doc, definition_node);
}
}
return definition_node;
}
oval_result_t oval_result_test_eval(struct oval_result_test *rtest)
{
__attribute__nonnull__(rtest);
if (rtest->result == OVAL_RESULT_NOT_EVALUATED) {
if ((oval_independent_subtype_t)oval_test_get_subtype(oval_result_test_get_test(rtest)) != OVAL_INDEPENDENT_UNKNOWN ) {
struct oval_string_map *tmp_map = oval_string_map_new();
void *args[] = { rtest->system, rtest, tmp_map };
rtest->result = _oval_result_test_result(rtest, args);
oval_string_map_free(tmp_map, NULL);
if (!rtest->bindings_initialized) {
_oval_result_test_initialize_bindings(rtest);
}
}
else
rtest->result = OVAL_RESULT_UNKNOWN;
}
dI("\t%s => %s\n", oval_result_test_get_id(rtest), oval_result_get_text(rtest->result));
return rtest->result;
}
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state)
{
struct oval_state_content_iterator *state_contents_itr;
struct oresults ste_ores;
oval_operator_t operator;
oval_result_t result = OVAL_RESULT_ERROR;
ores_clear(&ste_ores);
state_contents_itr = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(state_contents_itr)) {
struct oval_state_content *content;
struct oval_entity *state_entity;
char *state_entity_name;
oval_operation_t state_entity_operation;
oval_check_t entity_check;
oval_existence_t check_existence;
oval_result_t ste_ent_res;
struct oval_sysent_iterator *item_entities_itr;
struct oresults ent_ores;
struct oval_status_counter counter;
bool found_matching_item;
if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content");
goto fail;
}
if ((state_entity = oval_state_content_get_entity(content)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity");
goto fail;
}
if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name");
goto fail;
}
if (oscap_streq(state_entity_name, "line") &&
oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) {
/* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text.
*
* textfilecontent_test and textfilecontent54_test share the same syschar
* (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable
* information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the
* 'text' ent has been added to textfilecontent_item, making it potentially usable. */
oval_schema_version_t over = oval_state_get_platform_schema_version(state);
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) {
/* The OVAL-5.3 does not have textfilecontent_item/text */
state_entity_name = "text";
}
}
entity_check = oval_state_content_get_ent_check(content);
check_existence = oval_state_content_get_check_existence(content);
state_entity_operation = oval_entity_get_operation(state_entity);
ores_clear(&ent_ores);
found_matching_item = false;
oval_status_counter_clear(&counter);
item_entities_itr = oval_sysitem_get_sysents(cur_sysitem);
while (oval_sysent_iterator_has_more(item_entities_itr)) {
struct oval_sysent *item_entity;
oval_result_t ent_val_res;
char *item_entity_name;
oval_syschar_status_t item_status;
item_entity = oval_sysent_iterator_next(item_entities_itr);
if (item_entity == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent");
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
item_status = oval_sysent_get_status(item_entity);
oval_status_counter_add_status(&counter, item_status);
item_entity_name = oval_sysent_get_name(item_entity);
if (strcmp(item_entity_name, state_entity_name))
continue;
found_matching_item = true;
/* copy mask attribute from state to item */
if (oval_entity_get_mask(state_entity))
oval_sysent_set_mask(item_entity,1);
ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity,
state_entity_operation, content);
if (ent_val_res == OVAL_RESULT_TRUE) {
dI("Entity '%s'='%s' of item '%s' matches corresponding entity in state '%s'.",
oval_sysent_get_name(item_entity),
oval_sysent_get_value(item_entity),
oval_sysitem_get_id(cur_sysitem), oval_state_get_id(state));
}
if (((signed) ent_val_res) == -1) {
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
ores_add_res(&ent_ores, ent_val_res);
}
oval_sysent_iterator_free(item_entities_itr);
if (!found_matching_item)
dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').",
state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem));
ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check);
ores_add_res(&ste_ores, ste_ent_res);
oval_result_t cres = oval_status_counter_get_result(&counter, check_existence);
ores_add_res(&ste_ores, cres);
}
oval_state_content_iterator_free(state_contents_itr);
operator = oval_state_get_operator(state);
result = ores_get_result_byopr(&ste_ores, operator);
dI("Item '%s' compared to state '%s' with result %s.",
oval_sysitem_get_id(cur_sysitem), oval_state_get_id(state),
oval_result_get_text(result));
return result;
fail:
oval_state_content_iterator_free(state_contents_itr);
return OVAL_RESULT_ERROR;
}
