void oval_definition_model_optimize_by_filter_propagation(struct oval_definition_model *model) { struct oval_object_iterator *obj_itr; struct oval_string_map *processed_obj_map; processed_obj_map = oval_string_map_new(); obj_itr = oval_definition_model_get_objects(model); while (oval_object_iterator_has_more(obj_itr)) { struct oval_object *obj; char *obj_id; struct oval_object_content_iterator *cont_itr; struct oval_object_content *cont; struct oval_setobject *set; struct oval_filter_iterator *filter_itr; obj = oval_object_iterator_next(obj_itr); obj_id = oval_object_get_id(obj); if (oval_string_map_get_value(processed_obj_map, obj_id) != NULL) continue; oval_string_map_put(processed_obj_map, obj_id, obj); cont_itr = oval_object_get_object_contents(obj); if (!oval_object_content_iterator_has_more(cont_itr)) { oval_object_content_iterator_free(cont_itr); continue; } cont = oval_object_content_iterator_next(cont_itr); oval_object_content_iterator_free(cont_itr); if (oval_object_content_get_type(cont) != OVAL_OBJECTCONTENT_SET) continue; set = oval_object_content_get_setobject(cont); if (oval_setobject_get_type(set) == OVAL_SET_AGGREGATE) { _fp_set_recurse(model, set, obj_id); continue; } filter_itr = oval_setobject_get_filters(set); if (!oval_filter_iterator_has_more(filter_itr)) { oval_filter_iterator_free(filter_itr); continue; } oval_filter_iterator_free(filter_itr); oval_set_propagate_filters(model, set, obj_id); } oval_object_iterator_free(obj_itr); oval_string_map_free(processed_obj_map, NULL); }
int app_collect_oval(const struct oscap_action *action) { struct oval_definition_model *def_model = NULL; struct oval_variable_model *var_model = NULL; struct oval_syschar_model *sys_model = NULL; struct oval_sysinfo *sysinfo = NULL; struct oval_probe_session *pb_sess = NULL; struct oval_generator *generator = NULL; int ret = OSCAP_ERROR; /* Turn on verbosity */ if (!oscap_set_verbose(action->verbosity_level, action->f_verbose_log, false)) { goto cleanup; } /* validate inputs */ if (action->validate) { if (!valid_inputs(action)) { goto cleanup; } } /* import definitions */ struct oscap_source *source = oscap_source_new_from_file(action->f_oval); def_model = oval_definition_model_import_source(source); oscap_source_free(source); if (def_model == NULL) { fprintf(stderr, "Failed to import the OVAL Definitions from '%s'.\n", action->f_oval); goto cleanup; } /* bind external variables */ if(action->f_variables) { struct oscap_source *var_source = oscap_source_new_from_file(action->f_variables); var_model = oval_variable_model_import_source(var_source); oscap_source_free(var_source); if (var_model == NULL) { fprintf(stderr, "Failed to import the OVAL Variables from '%s'.\n", action->f_variables); goto cleanup; } if (oval_definition_model_bind_variable_model(def_model, var_model)) { fprintf(stderr, "Failed to bind Variables to Definitions\n"); goto cleanup; } } /* create empty syschar model */ sys_model = oval_syschar_model_new(def_model); /* set product name */ generator = oval_syschar_model_get_generator(sys_model); oval_generator_set_product_name(generator, OSCAP_PRODUCTNAME); /* create probe session */ pb_sess = oval_probe_session_new(sys_model); /* query sysinfo */ ret = oval_probe_query_sysinfo(pb_sess, &sysinfo); if (ret != 0) { fprintf(stderr, "Failed to query sysinfo\n"); goto cleanup; } oval_syschar_model_set_sysinfo(sys_model, sysinfo); /* query objects */ struct oval_object *object; struct oval_syschar *syschar; oval_syschar_collection_flag_t sc_flg; if (action->id) { object = oval_definition_model_get_object(def_model, action->id); if (!object) { fprintf(stderr, "Object ID(%s) does not exist in '%s'.\n", action->id, action->f_oval); goto cleanup; } printf("Collected: \"%s\" : ", oval_object_get_id(object)); oval_probe_query_object(pb_sess, object, 0, &syschar); sc_flg = oval_syschar_get_flag(syschar); printf("%s\n", oval_syschar_collection_flag_get_text(sc_flg)); } else { struct oval_object_iterator *objects = oval_definition_model_get_objects(def_model); while (oval_object_iterator_has_more(objects)) { object = oval_object_iterator_next(objects); printf("Collected: \"%s\" : ", oval_object_get_id(object)); oval_probe_query_object(pb_sess, object, 0, &syschar); sc_flg = oval_syschar_get_flag(syschar); printf("%s\n", oval_syschar_collection_flag_get_text(sc_flg)); } oval_object_iterator_free(objects); } const char* full_validation = getenv("OSCAP_FULL_VALIDATION"); /* output */ if (action->f_syschar != NULL) { /* export OVAL System Characteristics */ oval_syschar_model_export(sys_model, action->f_syschar); /* validate OVAL System Characteristics */ if (action->validate && full_validation) { struct oscap_source *syschar_source = oscap_source_new_from_file(action->f_syschar); if (oscap_source_validate(syschar_source, reporter, (void *)action)) { oscap_source_free(syschar_source); goto cleanup; } fprintf(stdout, "OVAL System Characteristics are exported correctly.\n"); oscap_source_free(syschar_source); } } ret = OSCAP_OK; cleanup: if(oscap_err()) fprintf(stderr, "%s %s\n", OSCAP_ERR_MSG, oscap_err_desc()); if (sysinfo) oval_sysinfo_free(sysinfo); if (pb_sess) oval_probe_session_destroy(pb_sess); if (sys_model) oval_syschar_model_free(sys_model); if (def_model) oval_definition_model_free(def_model); return ret; }
xmlNode *oval_definition_model_to_dom(struct oval_definition_model *definition_model, xmlDocPtr doc, xmlNode * parent) { xmlNodePtr root_node = NULL; if (parent) { /* result file */ root_node = xmlNewTextChild(parent, NULL, BAD_CAST OVAL_ROOT_ELM_DEFINITIONS, NULL); } else { /* definitions file, we are the root */ root_node = xmlNewNode(NULL, BAD_CAST OVAL_ROOT_ELM_DEFINITIONS); xmlDocSetRootElement(doc, root_node); } xmlNewNsProp(root_node, lookup_xsi_ns(doc), BAD_CAST "schemaLocation", BAD_CAST definition_model->schema); xmlNs *ns_common = xmlNewNs(root_node, OVAL_COMMON_NAMESPACE, BAD_CAST "oval"); xmlNs *ns_unix = xmlNewNs(root_node, OVAL_DEFINITIONS_UNIX_NS, BAD_CAST "unix-def"); xmlNs *ns_ind = xmlNewNs(root_node, OVAL_DEFINITIONS_IND_NS, BAD_CAST "ind-def"); xmlNs *ns_lin = xmlNewNs(root_node, OVAL_DEFINITIONS_LIN_NS, BAD_CAST "lin-def"); xmlNs *ns_defntns = xmlNewNs(root_node, OVAL_DEFINITIONS_NAMESPACE, NULL); xmlSetNs(root_node, ns_common); xmlSetNs(root_node, ns_unix); xmlSetNs(root_node, ns_ind); xmlSetNs(root_node, ns_lin); xmlSetNs(root_node, ns_defntns); /* Always report the generator */ oval_generator_to_dom(definition_model->generator, doc, root_node); /* Report definitions */ struct oval_definition_iterator *definitions = oval_definition_model_get_definitions(definition_model); if (oval_definition_iterator_has_more(definitions)) { xmlNode *definitions_node = NULL; while(oval_definition_iterator_has_more(definitions)) { struct oval_definition *definition = oval_definition_iterator_next(definitions); if (definitions_node == NULL) { definitions_node = xmlNewTextChild(root_node, ns_defntns, BAD_CAST "definitions", NULL); } oval_definition_to_dom(definition, doc, definitions_node); } } oval_definition_iterator_free(definitions); /* Report tests */ struct oval_test_iterator *tests = oval_definition_model_get_tests(definition_model); if (oval_test_iterator_has_more(tests)) { xmlNode *tests_node = xmlNewTextChild(root_node, ns_defntns, BAD_CAST "tests", NULL); while (oval_test_iterator_has_more(tests)) { struct oval_test *test = oval_test_iterator_next(tests); oval_test_to_dom(test, doc, tests_node); } } oval_test_iterator_free(tests); /* Report objects */ struct oval_object_iterator *objects = oval_definition_model_get_objects(definition_model); if (oval_object_iterator_has_more(objects)) { xmlNode *objects_node = xmlNewTextChild(root_node, ns_defntns, BAD_CAST "objects", NULL); while(oval_object_iterator_has_more(objects)) { struct oval_object *object = oval_object_iterator_next(objects); if (oval_object_get_base_obj(object)) /* Skip internal objects */ continue; oval_object_to_dom(object, doc, objects_node); } } oval_object_iterator_free(objects); /* Report states */ struct oval_state_iterator *states = oval_definition_model_get_states(definition_model); if (oval_state_iterator_has_more(states)) { xmlNode *states_node = xmlNewTextChild(root_node, ns_defntns, BAD_CAST "states", NULL); while (oval_state_iterator_has_more(states)) { struct oval_state *state = oval_state_iterator_next(states); oval_state_to_dom(state, doc, states_node); } } oval_state_iterator_free(states); /* Report variables */ struct oval_variable_iterator *variables = oval_definition_model_get_variables(definition_model); if (oval_variable_iterator_has_more(variables)) { xmlNode *variables_node = xmlNewTextChild(root_node, ns_defntns, BAD_CAST "variables", NULL); while (oval_variable_iterator_has_more(variables)) { struct oval_variable *variable = oval_variable_iterator_next(variables); oval_variable_to_dom(variable, doc, variables_node); } } oval_variable_iterator_free(variables); return root_node; }
static SEXP_t *oval_set_to_sexp(struct oval_setobject *set) { SEXP_t *elm, *elm_name; SEXP_t *r0, *r1, *r2; elm_name = SEXP_list_new(r0 = SEXP_string_new("set", 3), /* operation */ r1 = SEXP_string_new(":operation", 10), r2 = SEXP_number_newu_32(oval_setobject_get_operation(set)), NULL); SEXP_free(r0); SEXP_free(r1); SEXP_free(r2); elm = SEXP_list_new(elm_name, NULL); SEXP_free(elm_name); switch (oval_setobject_get_type(set)) { case OVAL_SET_AGGREGATE:{ struct oval_setobject_iterator *sit; struct oval_setobject *subset; sit = oval_setobject_get_subsets(set); while (oval_setobject_iterator_has_more(sit)) { subset = oval_setobject_iterator_next(sit); SEXP_list_add(elm, r0 = oval_set_to_sexp(subset)); SEXP_free(r0); } oval_setobject_iterator_free(sit); } break; case OVAL_SET_COLLECTIVE:{ struct oval_object_iterator *oit; struct oval_filter_iterator *fit; struct oval_object *obj; SEXP_t *subelm; oit = oval_setobject_get_objects(set); while (oval_object_iterator_has_more(oit)) { obj = oval_object_iterator_next(oit); subelm = SEXP_list_new(r0 = SEXP_string_new("obj_ref", 7), r1 = SEXP_string_newf("%s", oval_object_get_id(obj)), NULL); SEXP_free(r0); SEXP_free(r1); SEXP_list_add(elm, subelm); SEXP_free(subelm); } oval_object_iterator_free(oit); fit = oval_setobject_get_filters(set); while (oval_filter_iterator_has_more(fit)) { struct oval_filter *fil; fil = oval_filter_iterator_next(fit); subelm = oval_filter_to_sexp(fil); SEXP_list_add(elm, subelm); SEXP_free(subelm); } oval_filter_iterator_free(fit); } break; default: abort(); } return (elm); }