/* this function will gather all the necessary ingredients and call 'evaluate_items' when it finds them */
static oval_result_t _oval_result_test_result(struct oval_result_test *rtest, void **args)
{
__attribute__nonnull__(rtest);
/* is the test already evaluated? */
if (rtest->result != OVAL_RESULT_NOT_EVALUATED) {
dI("Found result from previous evaluation: %d, returning without further processing.\n", rtest->result);
return (rtest->result);
}
/* get syschar of rtest */
struct oval_test *test = oval_result_test_get_test(rtest);
struct oval_object * object = oval_test_get_object(test);
char * object_id = oval_object_get_id(object);
struct oval_result_system *sys = oval_result_test_get_system(rtest);
struct oval_syschar_model *syschar_model = oval_result_system_get_syschar_model(sys);
struct oval_syschar * syschar = oval_syschar_model_get_syschar(syschar_model, object_id);
if (syschar == NULL) {
dW("No syschar for object: %s\n", object_id);
return OVAL_RESULT_UNKNOWN;
}
/* evaluate items */
oval_result_t result = _oval_result_test_evaluate_items(test, syschar, args);
return result;
}
int oval_probe_query_test(oval_probe_session_t *sess, struct oval_test *test)
{
struct oval_object *object;
struct oval_state_iterator *ste_itr;
const char *type, *test_id, *comment;
int ret;
type = oval_subtype_get_text(oval_test_get_subtype(test));
test_id = oval_test_get_id(test);
comment = oval_test_get_comment(test);
dI("Evaluating %s test '%s': %s.", type, test_id, comment);
object = oval_test_get_object(test);
if (object == NULL)
return 0;
/* probe object */
ret = oval_probe_query_object(sess, object, 0, NULL);
if (ret == -1)
return ret;
/* probe objects referenced like this: test->state->variable->object */
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *state = oval_state_iterator_next(ste_itr);
ret = oval_probe_query_var_ref(sess, state);
if (ret < 1) {
oval_state_iterator_free(ste_itr);
return ret;
}
}
oval_state_iterator_free(ste_itr);
return 0;
}
int oval_probe_query_test(oval_probe_session_t *sess, struct oval_test *test)
{
struct oval_object *object;
struct oval_state_iterator *ste_itr;
int ret;
oval_subtype_t test_subtype, object_subtype;
object = oval_test_get_object(test);
if (object == NULL)
return 0;
test_subtype = oval_test_get_subtype(test);
object_subtype = oval_object_get_subtype(object);
if (test_subtype != object_subtype) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "%s_test '%s' is not compatible with %s_object '%s'.",
oval_subtype_to_str(test_subtype), oval_test_get_id(test),
oval_subtype_to_str(object_subtype), oval_object_get_id(object));
return 0;
}
/* probe object */
ret = oval_probe_query_object(sess, object, 0, NULL);
if (ret == -1)
return ret;
/* probe objects referenced like this: test->state->variable->object */
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *state = oval_state_iterator_next(ste_itr);
ret = oval_probe_query_var_ref(sess, state);
if (ret < 1) {
oval_state_iterator_free(ste_itr);
return ret;
}
}
oval_state_iterator_free(ste_itr);
return 0;
}
static void _oval_result_test_initialize_bindings(struct oval_result_test *rslt_test)
{
__attribute__nonnull__(rslt_test);
struct oval_test *oval_test = oval_result_test_get_test(rslt_test);
struct oval_string_map *vm;
struct oval_state_iterator *ste_itr;
struct oval_iterator *var_itr;
vm = oval_string_map_new();
/* Gather bindings pertaining to the referenced states */
/* TODO: cache bindings collected for each state */
ste_itr = oval_test_get_states(oval_test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *ste;
ste = oval_state_iterator_next(ste_itr);
oval_ste_collect_var_refs(ste, vm);
}
oval_state_iterator_free(ste_itr);
var_itr = oval_string_map_values(vm);
while (oval_collection_iterator_has_more(var_itr)) {
struct oval_variable *var;
struct oval_value_iterator *val_itr;
struct oval_variable_binding *binding;
var = oval_collection_iterator_next(var_itr);
binding = oval_variable_binding_new(var, NULL);
val_itr = oval_variable_get_values(var);
while (oval_value_iterator_has_more(val_itr)) {
struct oval_value *val;
char *txt;
val = oval_value_iterator_next(val_itr);
txt = oval_value_get_text(val);
txt = oscap_strdup(txt);
oval_variable_binding_add_value(binding, txt);
}
oval_value_iterator_free(val_itr);
oval_result_test_add_binding(rslt_test, binding);
}
oval_collection_iterator_free(var_itr);
/* Gather bindings pertaining to the collected object */
struct oval_object *oval_object = oval_test_get_object(oval_test);
if (oval_object) {
char *object_id = oval_object_get_id(oval_object);
struct oval_result_system *sys = oval_result_test_get_system(rslt_test);
struct oval_syschar_model *syschar_model = oval_result_system_get_syschar_model(sys);
struct oval_syschar *syschar = oval_syschar_model_get_syschar(syschar_model, object_id);
/* no syschar if system characteristics was a subset of definitions */
if(syschar) {
struct oval_variable_binding_iterator *bindings = oval_syschar_get_variable_bindings(syschar);
while (oval_variable_binding_iterator_has_more(bindings)) {
struct oval_variable *var;
char *var_id;
struct oval_variable_binding *binding = oval_variable_binding_iterator_next(bindings);
var = oval_variable_binding_get_variable(binding);
var_id = oval_variable_get_id(var);
/* Don't add bindings that were already
* collected from states. Assumtion is made
* that object's own bindings don't contain
* duplicates.
*/
if (oval_string_map_get_value(vm, var_id) == NULL) {
struct oval_definition_model *definition_model = oval_syschar_model_get_definition_model(syschar_model);
struct oval_variable_binding *binding_copy = oval_variable_binding_clone(binding, definition_model);
oval_result_test_add_binding(rslt_test, binding_copy);
}
}
oval_variable_binding_iterator_free(bindings);
}
}
oval_string_map_free(vm, NULL);
rslt_test->bindings_initialized = true;
}
/**
* @returns 0 on success; -1 on error; 1 on warning
*/
static int oval_probe_query_criteria(oval_probe_session_t *sess, struct oval_criteria_node *cnode) {
int ret;
switch (oval_criteria_node_get_type(cnode)) {
/* Criterion node is the final node that has a reference to a test */
case OVAL_NODETYPE_CRITERION:{
/* There should be a test .. */
struct oval_test *test;
struct oval_object *object;
struct oval_state_iterator *ste_itr;
test = oval_criteria_node_get_test(cnode);
if (test == NULL)
return 0;
object = oval_test_get_object(test);
if (object == NULL)
return 0;
/* probe object */
ret = oval_probe_query_object(sess, object, 0, NULL);
if (ret == -1)
return ret;
/* probe objects referenced like this: test->state->variable->object */
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *state = oval_state_iterator_next(ste_itr);
struct oval_state_content_iterator *contents = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(contents)) {
struct oval_state_content *content = oval_state_content_iterator_next(contents);
struct oval_entity * entity = oval_state_content_get_entity(content);
if (oval_entity_get_varref_type(entity) == OVAL_ENTITY_VARREF_ATTRIBUTE) {
oval_syschar_collection_flag_t flag;
struct oval_variable *var = oval_entity_get_variable(entity);
ret = oval_probe_query_variable(sess, var);
if (ret == -1) {
oval_state_content_iterator_free(contents);
oval_state_iterator_free(ste_itr);
return ret;
}
flag = oval_variable_get_collection_flag(var);
switch (flag) {
case SYSCHAR_FLAG_COMPLETE:
case SYSCHAR_FLAG_INCOMPLETE:
break;
default:
oval_state_content_iterator_free(contents);
oval_state_iterator_free(ste_itr);
return 0;
}
}
}
oval_state_content_iterator_free(contents);
}
oval_state_iterator_free(ste_itr);
return 0;
}
break;
/* Criteria node is type of set that contains more criterias. Criteria node
* child can be also type of criteria, criterion or extended definition */
case OVAL_NODETYPE_CRITERIA:{
/* group of criterion nodes, get subnodes, continue recursive */
struct oval_criteria_node_iterator *cnode_it = oval_criteria_node_get_subnodes(cnode);
if (cnode_it == NULL)
return 0;
/* we have subnotes */
struct oval_criteria_node *node;
while (oval_criteria_node_iterator_has_more(cnode_it)) {
node = oval_criteria_node_iterator_next(cnode_it);
ret = oval_probe_query_criteria(sess, node);
if (ret != 0) {
oval_criteria_node_iterator_free(cnode_it);
return ret;
}
}
oval_criteria_node_iterator_free(cnode_it);
return 0;
}
break;
/* Extended definition contains reference to definition, we need criteria of this
* definition to be evaluated completely */
case OVAL_NODETYPE_EXTENDDEF:{
struct oval_definition *oval_def = oval_criteria_node_get_definition(cnode);
struct oval_criteria_node *node = oval_definition_get_criteria(oval_def);
if (node == NULL) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Could not find extended definition: %s.",
oval_definition_get_id(oval_def));
return -1;
}
return oval_probe_query_criteria(sess, node);
}
break;
case OVAL_NODETYPE_UNKNOWN:
break;
}
/* we shouldn't get here */
return -1;
}
xmlNode *oval_test_to_dom(struct oval_test *test, xmlDoc * doc, xmlNode * parent)
{
xmlNode * test_node=NULL;
/* skip unknown test */
oval_subtype_t subtype = oval_test_get_subtype(test);
if ( subtype == OVAL_SUBTYPE_UNKNOWN ) {
oscap_dlprintf(DBG_E, "Unknown Test %s.\n", oval_test_get_id(test));
return test_node;
}
/* get test name */
const char *subtype_text = oval_subtype_get_text(subtype);
char test_name[strlen(subtype_text) + 6];
sprintf(test_name, "%s_test", subtype_text);
/* get family URI */
oval_family_t family = oval_test_get_family(test);
const char *family_text = oval_family_get_text(family);
char family_uri[strlen((const char *)OVAL_DEFINITIONS_NAMESPACE) + strlen(family_text) + 2];
sprintf(family_uri,"%s#%s", OVAL_DEFINITIONS_NAMESPACE, family_text);
/* search namespace & create child */
xmlNs *ns_family = xmlSearchNsByHref(doc, parent, BAD_CAST family_uri);
test_node = xmlNewTextChild(parent, ns_family, BAD_CAST test_name, NULL);
char *id = oval_test_get_id(test);
xmlNewProp(test_node, BAD_CAST "id", BAD_CAST id);
char version[10];
*version = '\0';
snprintf(version, sizeof(version), "%d", oval_test_get_version(test));
xmlNewProp(test_node, BAD_CAST "version", BAD_CAST version);
oval_existence_t existence = oval_test_get_existence(test);
if (existence != OVAL_AT_LEAST_ONE_EXISTS)
xmlNewProp(test_node, BAD_CAST "check_existence", BAD_CAST oval_existence_get_text(existence));
oval_check_t check = oval_test_get_check(test);
xmlNewProp(test_node, BAD_CAST "check", BAD_CAST oval_check_get_text(check));
oval_operator_t ste_operator = oval_test_get_state_operator(test);
if (ste_operator != OVAL_OPERATOR_AND)
xmlNewProp(test_node, BAD_CAST "state_operator", BAD_CAST oval_operator_get_text(ste_operator));
char *comm = oval_test_get_comment(test);
xmlNewProp(test_node, BAD_CAST "comment", BAD_CAST comm);
bool deprecated = oval_test_get_deprecated(test);
if (deprecated)
xmlNewProp(test_node, BAD_CAST "deprecated", BAD_CAST "true");
struct oval_string_iterator *notes = oval_test_get_notes(test);
if (oval_string_iterator_has_more(notes)) {
xmlNs *ns_definitions = xmlSearchNsByHref(doc, parent, OVAL_DEFINITIONS_NAMESPACE);
xmlNode *notes_node = xmlNewTextChild(test_node, ns_definitions, BAD_CAST "notes", NULL);
while (oval_string_iterator_has_more(notes)) {
char *note = oval_string_iterator_next(notes);
xmlNewTextChild(notes_node, ns_definitions, BAD_CAST "note", BAD_CAST note);
}
}
oval_string_iterator_free(notes);
struct oval_object *object = oval_test_get_object(test);
if (object) {
xmlNode *object_node = xmlNewTextChild(test_node, ns_family, BAD_CAST "object", NULL);
xmlNewProp(object_node, BAD_CAST "object_ref", BAD_CAST oval_object_get_id(object));
}
struct oval_state_iterator *ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *state;
state = oval_state_iterator_next(ste_itr);
xmlNode *state_node = xmlNewTextChild(test_node, ns_family, BAD_CAST "state", NULL);
xmlNewProp(state_node, BAD_CAST "state_ref", BAD_CAST oval_state_get_id(state));
}
oval_state_iterator_free(ste_itr);
return test_node;
}