static SEXP_t *oval_probe_cmd_obj_eval(SEXP_t *sexp, void *arg) { char *id_str; struct oval_definition_model *defs; struct oval_object *obj; struct oval_syschar *res; oval_pext_t *pext = (oval_pext_t *) arg; SEXP_t *ret, *ret_code; int r; if (sexp == NULL || arg == NULL) { return NULL; } if (!SEXP_stringp(sexp)) { dE("Invalid argument: type=%s.", SEXP_strtype(sexp)); return (NULL); } id_str = SEXP_string_cstr(sexp); defs = oval_syschar_model_get_definition_model(*(pext->model)); obj = oval_definition_model_get_object(defs, id_str); ret = SEXP_list_new (sexp, NULL); dI("Get_object: %s.", id_str); if (obj == NULL) { dE("Can't find obj: id=%s.", id_str); free(id_str); SEXP_free(ret); return (NULL); } oscap_clearerr(); r = oval_probe_query_object(pext->sess_ptr, obj, OVAL_PDFLAG_NOREPLY|OVAL_PDFLAG_SLAVE, &res); if (r < 0) ret_code = SEXP_number_newu((unsigned int) SYSCHAR_FLAG_COMPLETE); else ret_code = SEXP_number_newu((unsigned int) oval_syschar_get_flag(res)); SEXP_list_add(ret, ret_code); SEXP_free(ret_code); if (oscap_err()) { dE("Failed: id: %s, err: %d, %s.", id_str, oscap_err_family(), oscap_err_desc()); oscap_clearerr(); free(id_str); SEXP_free(ret); return (NULL); } free(id_str); return (ret); }
static SEXP_t *oval_filter_to_sexp(struct oval_filter *filter) { SEXP_t *elm, *attr, *r0, *r1; oval_filter_action_t act; struct oval_state *ste; char *ste_id; act = oval_filter_get_filter_action(filter); ste = oval_filter_get_state(filter); ste_id = oval_state_get_id(ste); attr = probe_attr_creat("action", r0 = SEXP_number_newu(act), NULL); elm = probe_ent_creat1("filter", attr, r1 = SEXP_string_newf("%s", ste_id)); SEXP_vfree(attr, r0, r1, NULL); return (elm); }
static oval_result_t _probe_entste_cmp_record(SEXP_t *ent_ste, SEXP_t *ent_itm) { oval_result_t res; oval_operation_t op; oval_check_t ochk; SEXP_t *stmp, *ste_res, *ste_record_fields, *ste_rf, *itm_record_fields; int val_cnt; stmp = probe_ent_getattrval(ent_ste, "operation"); if (stmp == NULL) { op = OVAL_OPERATION_EQUALS; } else { op = SEXP_number_getu(stmp); SEXP_free(stmp); if (op != OVAL_OPERATION_EQUALS) return OVAL_RESULT_ERROR; } val_cnt = probe_ent_getvals(ent_ste, &ste_record_fields); if (val_cnt <= 0) { SEXP_free(ste_record_fields); return OVAL_RESULT_ERROR; } val_cnt = probe_ent_getvals(ent_itm, &itm_record_fields); if (val_cnt <= 0) { SEXP_free(ste_record_fields); SEXP_free(itm_record_fields); return OVAL_RESULT_ERROR; } ste_res = SEXP_list_new(NULL); SEXP_list_foreach(ste_rf, ste_record_fields) { SEXP_t *itm_rf, *itm_res; const char *sname; bool matched; sname = probe_ent_getname(ste_rf); itm_res = SEXP_list_new(NULL); matched = false; SEXP_list_foreach(itm_rf, itm_record_fields) { const char *iname; iname = probe_ent_getname(itm_rf); if (strcmp(sname, iname)) { oscap_free(iname); continue; } oscap_free(iname); matched = true; res = probe_entste_cmp(ste_rf, itm_rf); /* todo: _oval_result_to_sexp() */ stmp = SEXP_number_newu(res); SEXP_list_add(itm_res, stmp); SEXP_free(stmp); } oscap_free(sname); if (!matched) { stmp = SEXP_number_newu(OVAL_RESULT_ERROR); SEXP_list_add(itm_res, stmp); SEXP_free(stmp); } stmp = probe_ent_getattrval(ste_rf, "entity_check"); if (stmp == NULL) { ochk = OVAL_CHECK_ALL; } else { ochk = SEXP_number_getu(stmp); SEXP_free(stmp); } res = probe_ent_result_bychk(itm_res, ochk); SEXP_free(itm_res); stmp = SEXP_number_newu(res); SEXP_list_add(ste_res, stmp); SEXP_free(stmp); }
int oval_state_to_sexp(void *sess, struct oval_state *state, SEXP_t **out_sexp) { SEXP_t *ste, *ste_name, *ste_ent; SEXP_t *r0, *r1, *r2, *r3, *r4; char buffer[128]; size_t buflen; const char *subtype_name; struct oval_state_content_iterator *contents; subtype_name = oval_subtype_to_str(oval_state_get_subtype(state)); if (subtype_name == NULL) { dI("FAIL: unknown subtype: %d", oval_state_get_subtype(state)); return (-1); } buflen = snprintf(buffer, sizeof buffer, "%s_state", subtype_name); _A(buflen < sizeof buffer); ste_name = SEXP_list_new(r0 = SEXP_string_new(buffer, buflen), r1 = SEXP_string_new(":id", 3), r2 = SEXP_string_newf("%s", oval_state_get_id(state)), r3 = SEXP_string_new(":operator", 9), r4 = SEXP_number_newu(oval_state_get_operator(state)), NULL); ste = SEXP_list_new(ste_name, NULL); SEXP_vfree(r0, r1, r2, r3, r4, ste_name, NULL); contents = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(contents)) { oval_check_t ochk; oval_existence_t oext; oval_entity_varref_type_t vr_type; struct oval_entity *ent; struct oval_state_content *content = oval_state_content_iterator_next(contents); struct oval_record_field_iterator *rf_itr; ent = oval_state_content_get_entity(content); ste_ent = oval_entity_to_sexp(ent); if (ste_ent == NULL) { goto fail; } rf_itr = oval_state_content_get_record_fields(content); while (oval_record_field_iterator_has_more(rf_itr)) { struct oval_record_field *rf; SEXP_t *rf_sexp; rf = oval_record_field_iterator_next(rf_itr); rf_sexp = oval_record_field_STATE_to_sexp(rf); SEXP_list_add(ste_ent, rf_sexp); SEXP_free(rf_sexp); } oval_record_field_iterator_free(rf_itr); ochk = oval_state_content_get_var_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "var_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } ochk = oval_state_content_get_ent_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "entity_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } oext = oval_state_content_get_check_existence(content); if (oext != OVAL_EXISTENCE_UNKNOWN) { probe_ent_attr_add(ste_ent, "check_existence", r0 = SEXP_number_newu_32(oext)); SEXP_free(r0); } vr_type = oval_entity_get_varref_type(ent); if (vr_type == OVAL_ENTITY_VARREF_ATTRIBUTE || vr_type == OVAL_ENTITY_VARREF_ELEMENT) { SEXP_t *val_lst; struct oval_variable *var; oval_datatype_t dt; var = oval_entity_get_variable(ent); dt = oval_entity_get_datatype(ent); if (oval_varref_elm_to_sexp(sess, var, dt, &val_lst, NULL) != 0) goto fail; SEXP_list_add(ste_ent, val_lst); SEXP_free(val_lst); } SEXP_list_add(ste, ste_ent); SEXP_free(ste_ent); } oval_state_content_iterator_free(contents); *out_sexp = ste; return (0); fail: oval_state_content_iterator_free(contents); SEXP_vfree(ste, ste_ent, NULL); return (-1); }
int oval_object_to_sexp(void *sess, const char *typestr, struct oval_syschar *syschar, SEXP_t **out_sexp) { unsigned int ent_cnt, varref_cnt; int ret; SEXP_t *obj_sexp, *elm, *varrefs, *ent_lst, *lst, *stmp; SEXP_t *r0, *r1, *r2, *obj_attr, sm0, sm1; struct oval_object *object; struct oval_object_content_iterator *cit; struct oval_behavior_iterator *bit; struct oval_object_content *content; struct oval_entity *entity; char obj_name[128]; const char *obj_id; object = oval_syschar_get_object(syschar); /* * Object name & attributes (id) */ ret = snprintf(obj_name, sizeof obj_name, "%s_object", typestr); if (ret<0 || (unsigned int) ret > sizeof obj_name) { dE("obj_name length too short"); return -1; } // even though it returns const char* it has to be freed :-( char *obj_over = (char*)oval_schema_version_to_cstr(oval_object_get_platform_schema_version(object)); obj_id = oval_object_get_id(object); obj_attr = probe_attr_creat("id", SEXP_string_new_r(&sm0, obj_id, strlen(obj_id)), "oval_version", SEXP_string_new_r(&sm1, obj_over, strlen(obj_over)), NULL); free(obj_over); obj_sexp = probe_obj_new(obj_name, obj_attr); SEXP_free_r(&sm0); SEXP_free_r(&sm1); SEXP_free(obj_attr); /* * Object content */ ent_lst = SEXP_list_new(NULL); varrefs = NULL; ent_cnt = varref_cnt = 0; cit = oval_object_get_object_contents(object); while (oval_object_content_iterator_has_more(cit)) { oval_check_t ochk; oval_entity_varref_type_t vr_type; content = oval_object_content_iterator_next(cit); elm = NULL; lst = ent_lst; switch (oval_object_content_get_type(content)) { case OVAL_OBJECTCONTENT_ENTITY: entity = oval_object_content_get_entity(content); elm = oval_entity_to_sexp(entity); if (elm == NULL) break; ochk = oval_object_content_get_varCheck(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(elm, "var_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } ret = 0; vr_type = oval_entity_get_varref_type(entity); if (vr_type == OVAL_ENTITY_VARREF_ATTRIBUTE) { const char *var_id = oval_variable_get_id(oval_entity_get_variable(entity)); const char *field_name = oval_object_content_get_field_name(content); dI("Object '%s' references variable '%s' in '%s' field.", obj_id, var_id, field_name); ret = oval_varref_attr_to_sexp(sess, entity, syschar, &stmp); if (ret == 0) { if (varrefs == NULL) varrefs = SEXP_list_new(NULL); SEXP_list_add(varrefs, stmp); SEXP_free(stmp); // todo: don't add duplicates ++varref_cnt; lst = obj_sexp; ++ent_cnt; } } else if (vr_type == OVAL_ENTITY_VARREF_ELEMENT) { SEXP_t *val_lst; struct oval_variable *var; oval_datatype_t dt; var = oval_entity_get_variable(entity); dt = oval_entity_get_datatype(entity); ret = oval_varref_elm_to_sexp(sess, var, dt, &val_lst, syschar); if (ret == 0) { SEXP_list_add(elm, val_lst); SEXP_free(val_lst); } } if (ret != 0) { SEXP_t s_flag; SEXP_number_newi_32_r(&s_flag, SYSCHAR_FLAG_DOES_NOT_EXIST); probe_item_attr_add(obj_sexp, "skip_eval", &s_flag); SEXP_free_r(&s_flag); SEXP_free(elm); SEXP_free(ent_lst); if (varrefs != NULL) SEXP_free(varrefs); oval_object_content_iterator_free(cit); *out_sexp = obj_sexp; return (0); } break; case OVAL_OBJECTCONTENT_SET: elm = oval_set_to_sexp(oval_object_content_get_setobject(content)); break; case OVAL_OBJECTCONTENT_FILTER: { struct oval_filter *filter = oval_object_content_get_filter(content); struct oval_state *ste = oval_filter_get_state(filter); const char *ste_id = oval_state_get_id(ste); oval_filter_action_t action = oval_filter_get_filter_action(filter); const char *action_text = oval_filter_action_get_text(action); dI("Object '%s' has a filter that %ss items conforming to state '%s'.", obj_id, action_text, ste_id); elm = oval_filter_to_sexp(filter); } break; case OVAL_OBJECTCONTENT_UNKNOWN: break; } if (elm == NULL) { SEXP_free(obj_sexp); SEXP_free(ent_lst); if (varrefs != NULL) SEXP_free(varrefs); oval_object_content_iterator_free(cit); return -1; } SEXP_list_add(lst, elm); SEXP_free(elm); } if (varrefs != NULL) { // todo: SEXP_list_push() stmp = SEXP_list_new(r0 = SEXP_string_new("varrefs", 7), r1 = SEXP_number_newu(varref_cnt), r2 = SEXP_number_newu(ent_cnt), NULL); SEXP_vfree(r0, r1, r2, NULL); r0 = SEXP_list_join(stmp, varrefs); SEXP_list_add(obj_sexp, r0); SEXP_vfree(stmp, varrefs, r0, NULL); } stmp = SEXP_list_join(obj_sexp, ent_lst); SEXP_free(obj_sexp); SEXP_free(ent_lst); obj_sexp = stmp; oval_object_content_iterator_free(cit); /* * Object behaviors */ bit = oval_object_get_behaviors(object); if (oval_behavior_iterator_has_more(bit)) { elm = oval_behaviors_to_sexp(bit); SEXP_list_add(obj_sexp, elm); SEXP_free(elm); } oval_behavior_iterator_free(bit); *out_sexp = obj_sexp; return (0); }
static int oval_varref_attr_to_sexp(void *sess, struct oval_entity *entity, struct oval_syschar *syschar, SEXP_t **out_sexp) { unsigned int val_cnt = 0; SEXP_t *val_lst, *val_sexp, *varref, *id_sexp, *val_cnt_sexp; oval_datatype_t dt; struct oval_variable *var; struct oval_value_iterator *vit; struct oval_value *val; oval_syschar_collection_flag_t flag; char msg[100]; int ret = 0; var = oval_entity_get_variable(entity); if (oval_probe_query_variable(sess, var) != 0) { dE("Can't convert variable reference to SEXP."); return -1; } flag = oval_variable_get_collection_flag(var); switch (flag) { case SYSCHAR_FLAG_COMPLETE: case SYSCHAR_FLAG_INCOMPLETE: vit = oval_variable_get_values(var); if (oval_value_iterator_has_more(vit)) break; oval_value_iterator_free(vit); /* fall through */ case SYSCHAR_FLAG_DOES_NOT_EXIST: snprintf(msg, sizeof(msg), "Referenced variable has no values (%s).", oval_variable_get_id(var)); dI("%s", msg); ret = 1; break; default: snprintf(msg, sizeof(msg), "There was a problem processing referenced variable (%s).", oval_variable_get_id(var)); dW("%s", msg); ret = 1; } if (ret) { oval_syschar_add_new_message(syschar, msg, OVAL_MESSAGE_LEVEL_WARNING); oval_syschar_set_flag(syschar, SYSCHAR_FLAG_DOES_NOT_EXIST); return ret; } val_lst = SEXP_list_new(NULL); while (oval_value_iterator_has_more(vit)) { val = oval_value_iterator_next(vit); dt = oval_entity_get_datatype(entity); val_sexp = oval_value_to_sexp(val, dt); if (val_sexp == NULL) { oval_syschar_add_new_message(syschar, "Failed to convert variable value.", OVAL_MESSAGE_LEVEL_ERROR); oval_syschar_set_flag(syschar, SYSCHAR_FLAG_ERROR); SEXP_free(val_lst); oval_value_iterator_free(vit); return -1; } SEXP_list_add(val_lst, val_sexp); SEXP_free(val_sexp); ++val_cnt; } oval_value_iterator_free(vit); id_sexp = SEXP_string_newf("%s", oval_variable_get_id(var)); val_cnt_sexp = SEXP_number_newu(val_cnt); varref = SEXP_list_new(id_sexp, val_cnt_sexp, val_lst, NULL); SEXP_free(id_sexp); SEXP_free(val_cnt_sexp); SEXP_free(val_lst); *out_sexp = varref; return 0; }