int ds_sds_decompose_custom(const char* input_file, const char* id, const char* target_dir,
const char* container_name, const char* component_id, const char* target_filename)
{
struct oscap_source *ds_source = oscap_source_new_from_file(input_file);
struct ds_sds_session *session = ds_sds_session_new_from_source(ds_source);
if (session == NULL) {
oscap_source_free(ds_source);
return -1;
}
if (ds_sds_session_set_datastream_id(session, id)) {
ds_sds_session_free(session);
oscap_source_free(ds_source);
return -1;
}
if (ds_sds_session_set_target_dir(session, oscap_streq(target_dir, "") ? "." : target_dir)) {
ds_sds_session_free(session);
oscap_source_free(ds_source);
return -1;
}
if (ds_sds_session_register_component_with_dependencies(session, container_name, component_id, target_filename) != 0) {
ds_sds_session_free(session);
oscap_source_free(ds_source);
return -1;
}
int ret = ds_sds_session_dump_component_files(session);
ds_sds_session_free(session);
oscap_source_free(ds_source);
return ret;
}
xmlNodePtr ds_sds_lookup_datastream_in_collection(xmlDocPtr doc, const char *datastream_id)
{
xmlNodePtr root = xmlDocGetRootElement(doc);
xmlNodePtr datastream = NULL;
xmlNodePtr candidate_datastream = root->children;
for (; candidate_datastream != NULL; candidate_datastream = candidate_datastream->next)
{
if (candidate_datastream->type != XML_ELEMENT_NODE)
continue;
if (strcmp((const char*)(candidate_datastream->name), "data-stream") != 0)
continue;
// at this point it is sure to be a <data-stream> element
char* candidate_id = (char*)xmlGetProp(candidate_datastream, BAD_CAST "id");
if (datastream_id == NULL || oscap_streq(datastream_id, candidate_id)) {
datastream = candidate_datastream;
xmlFree(candidate_id);
break;
}
xmlFree(candidate_id);
}
return datastream;
}
// valtab lookup: either by key&value or by vector string or by key+XMLvalue (pass exactly one of key+val or vec_str or key+xmlval)
static const struct cvss_valtab_entry *cvss_valtab(enum cvss_key key, unsigned val, const char *vec_str, const char *xmlval)
{
const struct cvss_valtab_entry *entry;
for (entry = CVSS_VALTAB; entry->key != CVSS_KEY_NONE; ++entry)
if ((key == entry->key && (xmlval ? oscap_streq(entry->xml_str, xmlval) : val == entry->value)) || oscap_streq(vec_str, entry->vector_str))
break;
return entry;
}
// lookup keytab entry by key or by xml element name
static const struct cvss_keytab_entry *cvss_keytab(enum cvss_key key, const char *elname)
{
assert(key == CVSS_KEY_NONE || elname == NULL);
const struct cvss_keytab_entry *e;
for (e = CVSS_KEYTAB; e->key != CVSS_KEY_NONE; ++e)
if (e->key == key || oscap_streq(e->xml_str, elname))
break;
return e;
}
/*
* If environment variable specified by 'pathvar' is defined, returns value of this environment variable.
* If this environment variable is not defined, returns default path, provided by 'defpath' argument.
*/
static const char * oscap_path_to(const char *pathvar, const char *defpath) {
const char *path = NULL;
if (pathvar != NULL)
path = getenv(pathvar);
if (path == NULL || oscap_streq(path, "")) {
path = _get_default_path(defpath);
}
return path;
}
int ds_sds_session_set_datastream_id(struct ds_sds_session *session, const char *datastream_id)
{
if (session->datastream_id == NULL) {
session->datastream_id = datastream_id;
}
if (oscap_streq(session->datastream_id, datastream_id)) {
return 0;
} else {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Internal Error: Not implemented: Could not rewrite datastream_id in the session.");
return 1;
}
}
int ds_rds_session_set_target_dir(struct ds_rds_session *session, const char *target_dir)
{
if (session->target_dir == NULL) {
session->target_dir = target_dir;
}
if (oscap_streq(session->target_dir, target_dir)) {
return 0;
} else {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Internal Error: Not implemented: Could not reset DataStream target_session in session.");
return 1;
}
}
int
xccdf_version_cmp(const struct xccdf_version_info *actual, const char *desired)
{
/* Since the "unknown" value is strdup-ed during clone, we cannot just use common strcmp.
* We need to handle "unknown" version first.
*/
if (actual == NULL)
return -1;
if (oscap_streq(xccdf_version_info_get_version(actual), "unknown"))
return 1;
if (desired == NULL)
return 1;
if (oscap_streq(desired, "") || oscap_streq(desired, "unknown"))
return -1;
#ifdef __USE_GNU
return strverscmp(xccdf_version_info_get_version(actual), desired);
#else
return strcmp(xccdf_version_info_get_version(actual), desired);
#endif
}
struct cvss_metrics *cvss_metrics_new_from_xml(xmlTextReaderPtr reader)
{
assert(reader != NULL);
int depth = oscap_element_depth(reader);
enum cvss_category cat = CVSS_NONE;
const char *elname = (const char *) xmlTextReaderConstLocalName(reader);
if (oscap_streq(elname, "base_metrics")) cat = CVSS_BASE;
if (oscap_streq(elname, "temporal_metrics")) cat = CVSS_TEMPORAL;
if (oscap_streq(elname, "environmental_metrics")) cat = CVSS_ENVIRONMENTAL;
if (cat == CVSS_NONE) return NULL;
struct cvss_metrics *ret = cvss_metrics_new(cat);
ret->upgraded_from_version = (char*) xmlTextReaderGetAttribute(reader, BAD_CAST "upgraded-from-version");
xmlTextReaderRead(reader);
while (oscap_to_start_element(reader, depth + 1)) {
elname = (const char *) xmlTextReaderConstLocalName(reader);
if (oscap_streq(elname, "score")) ret->score = atof(oscap_element_string_get(reader));
else if (oscap_streq(elname, "source")) cvss_metrics_set_source(ret, oscap_element_string_get(reader));
else if (oscap_streq(elname, "generated-on-datetime")) cvss_metrics_set_generated_on_datetime(ret, oscap_element_string_get(reader));
else {
const struct cvss_valtab_entry *val = cvss_valtab(cvss_keytab(0, elname)->key, 0, NULL, oscap_element_string_get(reader));
if (CVSS_CATEGORY(val->key) == cat) ret->metrics.ANY[CVSS_KEY_IDX(val->key)] = val->value;
}
xmlTextReaderRead(reader);
}
return ret;
}
xmlNode *ds_rds_lookup_component(xmlDocPtr doc, const char *container_name, const char *component_name, const char *id)
{
xmlNodePtr container = ds_rds_lookup_container(doc, container_name);
xmlNodePtr component = NULL;
for (xmlNode *candidate = container->children; candidate != NULL; candidate = candidate->next) {
if (candidate->type != XML_ELEMENT_NODE)
continue;
if (!oscap_streq((const char*)(candidate->name), component_name))
continue;
char* candidate_id = (char*)xmlGetProp(candidate, BAD_CAST "id");
if (oscap_streq(candidate_id, id)) {
component = candidate;
xmlFree(candidate_id);
break;
}
xmlFree(candidate_id);
}
return component;
}
OSCAP_FOR(oscap_text, child, oscap_iterator_new(child_list)) {
if (oscap_text_get_overrides(child)) continue;
OSCAP_FOR(oscap_text, parent, oscap_iterator_new(parent_list)) {
if (oscap_streq(oscap_text_get_lang(child), oscap_text_get_lang(parent))) {
char *text = oscap_sprintf("%s%s", oscap_text_get_text(parent), oscap_text_get_text(child));
oscap_text_set_text(child, text);
free(text);
if (more) more(child, parent);
break;
}
}
oscap_text_iterator_free(parent_iter);
}
//typedef void (*oval_entity_consumer)(struct oval_entity_node*, void*);
int oval_entity_parse_tag(xmlTextReaderPtr reader,
struct oval_parser_context *context, oscap_consumer_func consumer, void *user)
{
__attribute__nonnull__(context);
struct oval_entity *entity = oval_entity_new(context->definition_model);
int return_code = 0;
oval_datatype_t datatype = oval_datatype_parse(reader, "datatype", OVAL_DATATYPE_STRING);
oval_operation_t operation = oval_operation_parse(reader, "operation", OVAL_OPERATION_EQUALS);
int mask = oval_parser_boolean_attribute(reader, "mask", 0);
char *nil_attr = (char *) xmlTextReaderGetAttributeNs(reader, BAD_CAST "nil", OSCAP_XMLNS_XSI);
int xsi_nil = oscap_streq(nil_attr, "true") != 0;
xmlFree(nil_attr);
oval_entity_type_t type = OVAL_ENTITY_TYPE_UNKNOWN;
//The value of the type field vs. the complexity of extracting type is arguable
char *varref = (char *)xmlTextReaderGetAttribute(reader, BAD_CAST "var_ref");
struct oval_value *value = NULL;
struct oval_variable *variable;
char *name = (char *)xmlTextReaderLocalName(reader);
oval_entity_varref_type_t varref_type;
if (strcmp(name, "var_ref") == 0) { //special case for <var_ref>
if (varref == NULL) {
struct oval_definition_model *model = context->definition_model;
varref_type = OVAL_ENTITY_VARREF_ELEMENT;
struct oval_consume_varref_context ctx = {.model = model, .variable = &variable, .value = &value};
return_code = oscap_parser_text_value(reader, &oval_consume_varref, &ctx);
} else {
varref_type = OVAL_ENTITY_VARREF_ATTRIBUTE;
struct oval_definition_model *model = context->definition_model;
oval_schema_version_t version = oval_definition_model_get_core_schema_version(model);
if (oval_schema_version_cmp(version, OVAL_SCHEMA_VERSION(5.6)) > 0) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "The var_ref attribute for the var_ref entity "
"of a variable_object is prohibited since OVAL 5.6. Use plain "
"var_ref instead.");
}
variable = oval_definition_model_get_variable(model, varref);
if (variable == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL,
"Could not found variable '%s' referenced by var_ref element.", varref);
return_code = 1;
} else {
oscap_free(varref);
varref = NULL;
value = NULL;
}
}
} else if (varref == NULL) {
struct oscap_source *ds_rds_session_select_report(struct ds_rds_session *session, const char *report_id)
{
if (report_id == NULL || !oscap_streq(session->report_id, report_id)) {
session->report_id = report_id;
if (rds_index_select_report(ds_rds_session_get_rds_idx(session), &(session->report_id)) != 0) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Failed to locate a report with ID matching '%s' ID.",
session->report_id == NULL ? "<any>" : session->report_id);
return NULL;
}
if (ds_rds_dump_arf_content(session, "reports", "report", session->report_id) != 0) {
return NULL;
}
}
return oscap_htable_get(session->component_sources, session->report_id);
}
struct oscap_reference *oscap_reference_new_parse(xmlTextReaderPtr reader)
{
assert(reader != NULL);
struct oscap_reference *ref = oscap_calloc(1, sizeof(struct oscap_reference));
int depth = oscap_element_depth(reader);
xmlNode* ref_node = xmlTextReaderExpand(reader);
ref->href = (char*) xmlGetProp(ref_node, BAD_CAST "href");
for (xmlNode* cur = ref_node->children; cur != NULL; cur = cur->next)
if (cur->type == XML_ELEMENT_NODE) { ref->is_dublincore = true; break; }
if (ref->is_dublincore) {
for (xmlNode* cur = ref_node->children; cur != NULL; cur = cur->next) {
if (cur->type != XML_ELEMENT_NODE
|| cur->ns == NULL
|| !oscap_streq((const char* ) cur->ns->href, (const char *) NS_DUBLINCORE))
continue;
DC_DOM_SCAN(title);
DC_DOM_SCAN(creator);
DC_DOM_SCAN(subject);
DC_DOM_SCAN(description);
DC_DOM_SCAN(publisher);
DC_DOM_SCAN(contributor);
DC_DOM_SCAN(date);
DC_DOM_SCAN(type);
DC_DOM_SCAN(format);
DC_DOM_SCAN(identifier);
DC_DOM_SCAN(source);
DC_DOM_SCAN(language);
DC_DOM_SCAN(relation);
DC_DOM_SCAN(coverage);
DC_DOM_SCAN(rights);
}
}
else {
ref->title = (char*) xmlNodeGetContent(ref_node);
}
if (!oscap_to_start_element(reader, depth))
dW("oscap_to_start_element returned `false'");
return ref;
}
int oscap_determine_document_type_reader(xmlTextReader *reader, oscap_document_type_t *doc_type)
{
const char* elm_name = NULL;
*doc_type = 0;
/* find root element */
while (xmlTextReaderRead(reader) == 1
&& xmlTextReaderNodeType(reader) != XML_READER_TYPE_ELEMENT);
/* identify document type */
elm_name = (const char *) xmlTextReaderConstLocalName(reader);
if (!elm_name) {
oscap_setxmlerr(xmlGetLastError());
return -1;
}
else if (!strcmp("oval_definitions", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OVAL_DEFINITIONS;
}
else if (!strcmp("oval_directives", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OVAL_DIRECTIVES;
}
else if (!strcmp("oval_results", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OVAL_RESULTS;
}
else if (!strcmp("oval_system_characteristics", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OVAL_SYSCHAR;
}
else if (!strcmp("oval_variables", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OVAL_VARIABLES;
}
else if (oscap_streq("Benchmark", elm_name) || oscap_streq("TestResult", elm_name)) {
*doc_type = OSCAP_DOCUMENT_XCCDF;
}
else if (!strcmp("Tailoring", elm_name)) {
*doc_type = OSCAP_DOCUMENT_XCCDF_TAILORING;
}
else if (!strcmp("cpe-list", elm_name)) {
*doc_type = OSCAP_DOCUMENT_CPE_DICTIONARY;
}
else if (!strcmp("platform-specification", elm_name)) {
*doc_type = OSCAP_DOCUMENT_CPE_LANGUAGE;
}
else if (!strcmp("nvd", elm_name)) {
*doc_type = OSCAP_DOCUMENT_CVE_FEED;
}
else if (!strcmp("data-stream-collection", elm_name)) {
*doc_type = OSCAP_DOCUMENT_SDS;
}
else if (!strcmp("asset-report-collection", elm_name)) {
*doc_type = OSCAP_DOCUMENT_ARF;
}
else if (!strcmp("sce_results", elm_name)) {
*doc_type = OSCAP_DOCUMENT_SCE_RESULT;
} else if (!strcmp("ocil", elm_name)) {
*doc_type = OSCAP_DOCUMENT_OCIL;
} else {
return -1;
}
dI("Identified document type: %s", elm_name);
return 0;
}
struct xccdf_tailoring *xccdf_tailoring_parse(xmlTextReaderPtr reader, struct xccdf_item *benchmark)
{
XCCDF_ASSERT_ELEMENT(reader, XCCDFE_TAILORING);
struct xccdf_tailoring *tailoring = xccdf_tailoring_new();
const char *id = xccdf_attribute_get(reader, XCCDFA_ID);
xccdf_tailoring_set_id(tailoring, id);
int depth = oscap_element_depth(reader) + 1;
// Read to the inside of Tailoring.
xmlTextReaderRead(reader);
while (oscap_to_start_element(reader, depth)) {
switch (xccdf_element_get(reader)) {
case XCCDFE_BENCHMARK_REF: {
oscap_free(tailoring->benchmark_ref);
tailoring->benchmark_ref = 0;
oscap_free(tailoring->benchmark_ref_version);
tailoring->benchmark_ref_version = 0;
const char *ref = xccdf_attribute_get(reader, XCCDFA_HREF);
if (ref)
tailoring->benchmark_ref = oscap_strdup(ref);
const char *ref_version = xccdf_attribute_get(reader, XCCDFA_VERSION);
if (ref_version)
tailoring->benchmark_ref_version = oscap_strdup(ref_version);
break;
}
case XCCDFE_STATUS: {
const char *date = xccdf_attribute_get(reader, XCCDFA_DATE);
char *str = oscap_element_string_copy(reader);
struct xccdf_status *status = xccdf_status_new_fill(str, date);
oscap_free(str);
oscap_list_add(tailoring->statuses, status);
break;
}
case XCCDFE_DC_STATUS:
oscap_list_add(tailoring->dc_statuses, oscap_reference_new_parse(reader));
break;
case XCCDFE_VERSION: {
xmlNode *ver = xmlTextReaderExpand(reader);
/* optional attributes */
tailoring->version_time = (char*) xmlGetProp(ver, BAD_CAST "time");
tailoring->version_update = (char*) xmlGetProp(ver, BAD_CAST "update");
/* content */
tailoring->version = (char *) xmlNodeGetContent(ver);
if (oscap_streq(tailoring->version, "")) {
oscap_free(tailoring->version);
tailoring->version = NULL;
}
break;
}
case XCCDFE_METADATA: {
char* xml = oscap_get_xml(reader);
oscap_list_add(tailoring->metadata, oscap_strdup(xml));
oscap_free(xml);
break;
}
case XCCDFE_PROFILE: {
struct xccdf_item *item = xccdf_profile_parse(reader, benchmark);
if (!xccdf_tailoring_add_profile(tailoring, XPROFILE(item))) {
dW("Failed to add profile to tailoring while parsing!");
}
break;
}
default:
dW("Encountered an unknown element '%s' while parsing XCCDF Tailoring element.",
xmlTextReaderConstLocalName(reader));
}
xmlTextReaderRead(reader);
}
return tailoring;
}
xmlNodePtr xccdf_tailoring_to_dom(struct xccdf_tailoring *tailoring, xmlDocPtr doc, xmlNodePtr parent, const struct xccdf_version_info *version_info)
{
xmlNs *ns_xccdf = xmlSearchNsByHref(doc, parent,
BAD_CAST xccdf_version_info_get_namespace_uri(version_info));
xmlNs *ns_tailoring = NULL;
xmlNode *tailoring_node = xmlNewNode(ns_xccdf, BAD_CAST "Tailoring");
const char *xccdf_version = xccdf_version_info_get_version(version_info);
#ifdef __USE_GNU
if (strverscmp(xccdf_version, "1.1") >= 0 && strverscmp(xccdf_version, "1.2") < 0) {
#else
if (strcmp(xccdf_version, "1.1") >= 0 && strcmp(xccdf_version, "1.2") < 0) {
#endif
// XCCDF 1.1 does not support Tailoring!
// However we will allow Tailoring export if it is done to an external
// file. The namespace will be our custom xccdf-1.1-tailoring extension
// namespace.
if (parent != NULL) {
oscap_seterr(OSCAP_EFAMILY_XML, "XCCDF 1.1 does not support embedded Tailoring elements!");
xmlFreeNode(tailoring_node);
return NULL;
}
ns_tailoring = xmlNewNs(tailoring_node,
BAD_CAST "http://open-scap.org/page/Xccdf-1.1-tailoring",
BAD_CAST "cdf-11-tailoring"
);
}
#ifdef __USE_GNU
else if (strverscmp(xccdf_version, "1.1") < 0) {
#else
else if (strcmp(xccdf_version, "1.1") < 0) {
#endif
oscap_seterr(OSCAP_EFAMILY_XML, "XCCDF Tailoring isn't supported in XCCDF version '%s',"
"nor does openscap have a custom extension for this scenario. "
"XCCDF Tailoring requires XCCDF 1.1 and higher, 1.2 is recommended.");
xmlFreeNode(tailoring_node);
return NULL;
}
if (!ns_xccdf) {
// In cases where tailoring ends up being the root node we have to create
// a namespace at the node itself.
ns_xccdf = xmlNewNs(tailoring_node,
BAD_CAST xccdf_version_info_get_namespace_uri(version_info),
BAD_CAST "xccdf");
}
if (!ns_tailoring)
ns_tailoring = ns_xccdf;
// We intentionally set the wrong namespace here since children of tailoring
// will reuse it and we want them to have the xccdf namespace, the namespace
// is set to the proper namespace before returning the tailoring.
xmlSetNs(tailoring_node, ns_xccdf);
if (parent)
xmlAddChild(parent, tailoring_node);
else
xmlDocSetRootElement(doc, tailoring_node);
if (tailoring->id) {
xmlNewProp(tailoring_node, BAD_CAST "id", BAD_CAST tailoring->id);
}
if (tailoring->benchmark_ref || tailoring->benchmark_ref_version) {
xmlNodePtr benchmark_ref_node = xmlNewChild(tailoring_node, ns_tailoring, BAD_CAST "benchmark", NULL);
if (tailoring->benchmark_ref)
xmlNewProp(benchmark_ref_node, BAD_CAST "href", BAD_CAST tailoring->benchmark_ref);
if (tailoring->benchmark_ref_version)
xmlNewProp(benchmark_ref_node, BAD_CAST "version", BAD_CAST tailoring->benchmark_ref_version);
}
struct xccdf_status_iterator *statuses = xccdf_tailoring_get_statuses(tailoring);
while (xccdf_status_iterator_has_more(statuses)) {
struct xccdf_status *status = xccdf_status_iterator_next(statuses);
xccdf_status_to_dom(status, doc, tailoring_node, version_info);
}
xccdf_status_iterator_free(statuses);
struct oscap_reference_iterator *dc_statuses = xccdf_tailoring_get_dc_statuses(tailoring);
while (oscap_reference_iterator_has_more(dc_statuses)) {
struct oscap_reference *ref = oscap_reference_iterator_next(dc_statuses);
oscap_reference_to_dom(ref, tailoring_node, doc, "dc-status");
}
oscap_reference_iterator_free(dc_statuses);
/* version and attributes */
const char *version = xccdf_tailoring_get_version(tailoring);
if (version) {
xmlNode* version_node = xmlNewTextChild(tailoring_node, ns_tailoring, BAD_CAST "version", BAD_CAST version);
const char *version_update = xccdf_tailoring_get_version_update(tailoring);
if (version_update)
xmlNewProp(version_node, BAD_CAST "update", BAD_CAST version_update);
const char *version_time = xccdf_tailoring_get_version_time(tailoring);
if (version_time)
xmlNewProp(version_node, BAD_CAST "time", BAD_CAST version_time);
}
struct oscap_string_iterator* metadata = xccdf_tailoring_get_metadata(tailoring);
while (oscap_string_iterator_has_more(metadata))
{
const char* meta = oscap_string_iterator_next(metadata);
oscap_xmlstr_to_dom(tailoring_node, "metadata", meta);
}
oscap_string_iterator_free(metadata);
struct xccdf_profile_iterator *profiles = xccdf_tailoring_get_profiles(tailoring);
while (xccdf_profile_iterator_has_more(profiles)) {
struct xccdf_profile *profile = xccdf_profile_iterator_next(profiles);
xccdf_item_to_dom(XITEM(profile), doc, tailoring_node);
}
xccdf_profile_iterator_free(profiles);
xmlSetNs(tailoring_node, ns_tailoring);
return tailoring_node;
}
int xccdf_tailoring_export(struct xccdf_tailoring *tailoring, const char *file, const struct xccdf_version_info *version_info)
{
__attribute__nonnull__(file);
LIBXML_TEST_VERSION;
xmlDocPtr doc = xmlNewDoc(BAD_CAST "1.0");
if (doc == NULL) {
oscap_setxmlerr(xmlGetLastError());
return -1;
}
xccdf_tailoring_to_dom(tailoring, doc, NULL, version_info);
return oscap_xml_save_filename(file, doc);
}
const char *xccdf_tailoring_get_id(const struct xccdf_tailoring *tailoring)
{
return tailoring->id;
}
const char *xccdf_tailoring_get_version(const struct xccdf_tailoring *tailoring)
{
return tailoring->version;
}
const char *xccdf_tailoring_get_version_update(const struct xccdf_tailoring *tailoring)
{
return tailoring->version_update;
}
const char *xccdf_tailoring_get_version_time(const struct xccdf_tailoring *tailoring)
{
return tailoring->version_time;
}
const char *xccdf_tailoring_get_benchmark_ref(const struct xccdf_tailoring *tailoring)
{
return tailoring->benchmark_ref;
}
const char *xccdf_tailoring_get_benchmark_ref_version(const struct xccdf_tailoring *tailoring)
{
return tailoring->benchmark_ref_version;
}
bool xccdf_tailoring_set_id(struct xccdf_tailoring *tailoring, const char* newval)
{
if (tailoring->id)
oscap_free(tailoring->id);
tailoring->id = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version)
oscap_free(tailoring->version);
tailoring->version = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version_update(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version_update)
oscap_free(tailoring->version_update);
tailoring->version_update = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version_time(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version_time)
oscap_free(tailoring->version_time);
tailoring->version_time = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_benchmark_ref(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->benchmark_ref)
oscap_free(tailoring->benchmark_ref);
tailoring->benchmark_ref = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_benchmark_ref_version(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->benchmark_ref_version)
oscap_free(tailoring->benchmark_ref_version);
tailoring->benchmark_ref_version = oscap_strdup(newval);
return true;
}
struct oscap_string_iterator *xccdf_tailoring_get_metadata(const struct xccdf_tailoring *tailoring)
{
return (struct oscap_string_iterator*) oscap_iterator_new(tailoring->metadata);
}
struct xccdf_profile_iterator *xccdf_tailoring_get_profiles(const struct xccdf_tailoring *tailoring)
{
return (struct xccdf_profile_iterator*) oscap_iterator_new(tailoring->profiles);
}
struct xccdf_status_iterator *xccdf_tailoring_get_statuses(const struct xccdf_tailoring *tailoring)
{
return (struct xccdf_status_iterator*) oscap_iterator_new(tailoring->statuses);
}
struct oscap_reference_iterator *xccdf_tailoring_get_dc_statuses(const struct xccdf_tailoring *tailoring)
{
return (struct oscap_reference_iterator*) oscap_iterator_new(tailoring->dc_statuses);
}
struct xccdf_profile *
xccdf_tailoring_get_profile_by_id(const struct xccdf_tailoring *tailoring, const char *profile_id)
{
struct xccdf_profile_iterator *profit = xccdf_tailoring_get_profiles(tailoring);
while (xccdf_profile_iterator_has_more(profit)) {
struct xccdf_profile *profile = xccdf_profile_iterator_next(profit);
if (profile == NULL) {
assert(profile != NULL);
continue;
}
if (oscap_streq(xccdf_profile_get_id(profile), profile_id)) {
xccdf_profile_iterator_free(profit);
return profile;
}
}
xccdf_profile_iterator_free(profit);
return NULL;
}
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state)
{
struct oval_state_content_iterator *state_contents_itr;
struct oresults ste_ores;
oval_operator_t operator;
oval_result_t result = OVAL_RESULT_ERROR;
ores_clear(&ste_ores);
state_contents_itr = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(state_contents_itr)) {
struct oval_state_content *content;
struct oval_entity *state_entity;
char *state_entity_name;
oval_operation_t state_entity_operation;
oval_check_t entity_check;
oval_existence_t check_existence;
oval_result_t ste_ent_res;
struct oval_sysent_iterator *item_entities_itr;
struct oresults ent_ores;
struct oval_status_counter counter;
bool found_matching_item;
if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content");
goto fail;
}
if ((state_entity = oval_state_content_get_entity(content)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity");
goto fail;
}
if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name");
goto fail;
}
if (oscap_streq(state_entity_name, "line") &&
oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) {
/* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text.
*
* textfilecontent_test and textfilecontent54_test share the same syschar
* (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable
* information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the
* 'text' ent has been added to textfilecontent_item, making it potentially usable. */
oval_schema_version_t over = oval_state_get_platform_schema_version(state);
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) {
/* The OVAL-5.3 does not have textfilecontent_item/text */
state_entity_name = "text";
}
}
entity_check = oval_state_content_get_ent_check(content);
check_existence = oval_state_content_get_check_existence(content);
state_entity_operation = oval_entity_get_operation(state_entity);
ores_clear(&ent_ores);
found_matching_item = false;
oval_status_counter_clear(&counter);
item_entities_itr = oval_sysitem_get_sysents(cur_sysitem);
while (oval_sysent_iterator_has_more(item_entities_itr)) {
struct oval_sysent *item_entity;
oval_result_t ent_val_res;
char *item_entity_name;
oval_syschar_status_t item_status;
item_entity = oval_sysent_iterator_next(item_entities_itr);
if (item_entity == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent");
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
item_status = oval_sysent_get_status(item_entity);
oval_status_counter_add_status(&counter, item_status);
item_entity_name = oval_sysent_get_name(item_entity);
if (strcmp(item_entity_name, state_entity_name))
continue;
found_matching_item = true;
/* copy mask attribute from state to item */
if (oval_entity_get_mask(state_entity))
oval_sysent_set_mask(item_entity,1);
ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity,
state_entity_operation, content);
if (((signed) ent_val_res) == -1) {
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
ores_add_res(&ent_ores, ent_val_res);
}
oval_sysent_iterator_free(item_entities_itr);
if (!found_matching_item)
dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').\n",
state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem));
ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check);
ores_add_res(&ste_ores, ste_ent_res);
oval_result_t cres = oval_status_counter_get_result(&counter, check_existence);
ores_add_res(&ste_ores, cres);
}
oval_state_content_iterator_free(state_contents_itr);
operator = oval_state_get_operator(state);
result = ores_get_result_byopr(&ste_ores, operator);
return result;
fail:
oval_state_content_iterator_free(state_contents_itr);
return OVAL_RESULT_ERROR;
}