char * xccdf_detect_version(const char* file)
{
const struct xccdf_version_info *ver_info;
char *doc_version;
xmlTextReaderPtr reader = xmlReaderForFile(file, NULL, 0);
if (!reader) {
oscap_seterr(OSCAP_EFAMILY_GLIBC, "Unable to open file: '%s'", file);
return NULL;
}
xmlTextReaderSetErrorHandler(reader, &libxml_error_handler, NULL);
while (xmlTextReaderRead(reader) == 1 && xmlTextReaderNodeType(reader) != XML_READER_TYPE_ELEMENT);
ver_info = xccdf_detect_version_parser(reader);
if(!ver_info) {
xmlFreeTextReader(reader);
return NULL;
}
doc_version = strdup(xccdf_version_info_get_version(ver_info));
xmlFreeTextReader(reader);
return doc_version;
}
char *xccdf_detect_version_priv(xmlTextReader *reader)
{
while (xmlTextReaderRead(reader) == 1 && xmlTextReaderNodeType(reader) != XML_READER_TYPE_ELEMENT);
const struct xccdf_version_info *ver_info = xccdf_detect_version_parser(reader);
if (ver_info == NULL) {
return NULL;
}
return oscap_strdup(xccdf_version_info_get_version(ver_info));
}
int
xccdf_version_cmp(const struct xccdf_version_info *actual, const char *desired)
{
/* Since the "unknown" value is strdup-ed during clone, we cannot just use common strcmp.
* We need to handle "unknown" version first.
*/
if (actual == NULL)
return -1;
if (oscap_streq(xccdf_version_info_get_version(actual), "unknown"))
return 1;
if (desired == NULL)
return 1;
if (oscap_streq(desired, "") || oscap_streq(desired, "unknown"))
return -1;
#ifdef __USE_GNU
return strverscmp(xccdf_version_info_get_version(actual), desired);
#else
return strcmp(xccdf_version_info_get_version(actual), desired);
#endif
}
xmlNodePtr xccdf_tailoring_to_dom(struct xccdf_tailoring *tailoring, xmlDocPtr doc, xmlNodePtr parent, const struct xccdf_version_info *version_info)
{
xmlNs *ns_xccdf = xmlSearchNsByHref(doc, parent,
BAD_CAST xccdf_version_info_get_namespace_uri(version_info));
xmlNs *ns_tailoring = NULL;
xmlNode *tailoring_node = xmlNewNode(ns_xccdf, BAD_CAST "Tailoring");
const char *xccdf_version = xccdf_version_info_get_version(version_info);
#ifdef __USE_GNU
if (strverscmp(xccdf_version, "1.1") >= 0 && strverscmp(xccdf_version, "1.2") < 0) {
#else
if (strcmp(xccdf_version, "1.1") >= 0 && strcmp(xccdf_version, "1.2") < 0) {
#endif
// XCCDF 1.1 does not support Tailoring!
// However we will allow Tailoring export if it is done to an external
// file. The namespace will be our custom xccdf-1.1-tailoring extension
// namespace.
if (parent != NULL) {
oscap_seterr(OSCAP_EFAMILY_XML, "XCCDF 1.1 does not support embedded Tailoring elements!");
xmlFreeNode(tailoring_node);
return NULL;
}
ns_tailoring = xmlNewNs(tailoring_node,
BAD_CAST "http://open-scap.org/page/Xccdf-1.1-tailoring",
BAD_CAST "cdf-11-tailoring"
);
}
#ifdef __USE_GNU
else if (strverscmp(xccdf_version, "1.1") < 0) {
#else
else if (strcmp(xccdf_version, "1.1") < 0) {
#endif
oscap_seterr(OSCAP_EFAMILY_XML, "XCCDF Tailoring isn't supported in XCCDF version '%s',"
"nor does openscap have a custom extension for this scenario. "
"XCCDF Tailoring requires XCCDF 1.1 and higher, 1.2 is recommended.");
xmlFreeNode(tailoring_node);
return NULL;
}
if (!ns_xccdf) {
// In cases where tailoring ends up being the root node we have to create
// a namespace at the node itself.
ns_xccdf = xmlNewNs(tailoring_node,
BAD_CAST xccdf_version_info_get_namespace_uri(version_info),
BAD_CAST "xccdf");
}
if (!ns_tailoring)
ns_tailoring = ns_xccdf;
// We intentionally set the wrong namespace here since children of tailoring
// will reuse it and we want them to have the xccdf namespace, the namespace
// is set to the proper namespace before returning the tailoring.
xmlSetNs(tailoring_node, ns_xccdf);
if (parent)
xmlAddChild(parent, tailoring_node);
else
xmlDocSetRootElement(doc, tailoring_node);
if (tailoring->id) {
xmlNewProp(tailoring_node, BAD_CAST "id", BAD_CAST tailoring->id);
}
if (tailoring->benchmark_ref || tailoring->benchmark_ref_version) {
xmlNodePtr benchmark_ref_node = xmlNewChild(tailoring_node, ns_tailoring, BAD_CAST "benchmark", NULL);
if (tailoring->benchmark_ref)
xmlNewProp(benchmark_ref_node, BAD_CAST "href", BAD_CAST tailoring->benchmark_ref);
if (tailoring->benchmark_ref_version)
xmlNewProp(benchmark_ref_node, BAD_CAST "version", BAD_CAST tailoring->benchmark_ref_version);
}
struct xccdf_status_iterator *statuses = xccdf_tailoring_get_statuses(tailoring);
while (xccdf_status_iterator_has_more(statuses)) {
struct xccdf_status *status = xccdf_status_iterator_next(statuses);
xccdf_status_to_dom(status, doc, tailoring_node, version_info);
}
xccdf_status_iterator_free(statuses);
struct oscap_reference_iterator *dc_statuses = xccdf_tailoring_get_dc_statuses(tailoring);
while (oscap_reference_iterator_has_more(dc_statuses)) {
struct oscap_reference *ref = oscap_reference_iterator_next(dc_statuses);
oscap_reference_to_dom(ref, tailoring_node, doc, "dc-status");
}
oscap_reference_iterator_free(dc_statuses);
/* version and attributes */
const char *version = xccdf_tailoring_get_version(tailoring);
if (version) {
xmlNode* version_node = xmlNewTextChild(tailoring_node, ns_tailoring, BAD_CAST "version", BAD_CAST version);
const char *version_update = xccdf_tailoring_get_version_update(tailoring);
if (version_update)
xmlNewProp(version_node, BAD_CAST "update", BAD_CAST version_update);
const char *version_time = xccdf_tailoring_get_version_time(tailoring);
if (version_time)
xmlNewProp(version_node, BAD_CAST "time", BAD_CAST version_time);
}
struct oscap_string_iterator* metadata = xccdf_tailoring_get_metadata(tailoring);
while (oscap_string_iterator_has_more(metadata))
{
const char* meta = oscap_string_iterator_next(metadata);
oscap_xmlstr_to_dom(tailoring_node, "metadata", meta);
}
oscap_string_iterator_free(metadata);
struct xccdf_profile_iterator *profiles = xccdf_tailoring_get_profiles(tailoring);
while (xccdf_profile_iterator_has_more(profiles)) {
struct xccdf_profile *profile = xccdf_profile_iterator_next(profiles);
xccdf_item_to_dom(XITEM(profile), doc, tailoring_node);
}
xccdf_profile_iterator_free(profiles);
xmlSetNs(tailoring_node, ns_tailoring);
return tailoring_node;
}
int xccdf_tailoring_export(struct xccdf_tailoring *tailoring, const char *file, const struct xccdf_version_info *version_info)
{
__attribute__nonnull__(file);
LIBXML_TEST_VERSION;
xmlDocPtr doc = xmlNewDoc(BAD_CAST "1.0");
if (doc == NULL) {
oscap_setxmlerr(xmlGetLastError());
return -1;
}
xccdf_tailoring_to_dom(tailoring, doc, NULL, version_info);
return oscap_xml_save_filename(file, doc);
}
const char *xccdf_tailoring_get_id(const struct xccdf_tailoring *tailoring)
{
return tailoring->id;
}
const char *xccdf_tailoring_get_version(const struct xccdf_tailoring *tailoring)
{
return tailoring->version;
}
const char *xccdf_tailoring_get_version_update(const struct xccdf_tailoring *tailoring)
{
return tailoring->version_update;
}
const char *xccdf_tailoring_get_version_time(const struct xccdf_tailoring *tailoring)
{
return tailoring->version_time;
}
const char *xccdf_tailoring_get_benchmark_ref(const struct xccdf_tailoring *tailoring)
{
return tailoring->benchmark_ref;
}
const char *xccdf_tailoring_get_benchmark_ref_version(const struct xccdf_tailoring *tailoring)
{
return tailoring->benchmark_ref_version;
}
bool xccdf_tailoring_set_id(struct xccdf_tailoring *tailoring, const char* newval)
{
if (tailoring->id)
oscap_free(tailoring->id);
tailoring->id = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version)
oscap_free(tailoring->version);
tailoring->version = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version_update(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version_update)
oscap_free(tailoring->version_update);
tailoring->version_update = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_version_time(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->version_time)
oscap_free(tailoring->version_time);
tailoring->version_time = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_benchmark_ref(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->benchmark_ref)
oscap_free(tailoring->benchmark_ref);
tailoring->benchmark_ref = oscap_strdup(newval);
return true;
}
bool xccdf_tailoring_set_benchmark_ref_version(struct xccdf_tailoring *tailoring, const char *newval)
{
if (tailoring->benchmark_ref_version)
oscap_free(tailoring->benchmark_ref_version);
tailoring->benchmark_ref_version = oscap_strdup(newval);
return true;
}
struct oscap_string_iterator *xccdf_tailoring_get_metadata(const struct xccdf_tailoring *tailoring)
{
return (struct oscap_string_iterator*) oscap_iterator_new(tailoring->metadata);
}
struct xccdf_profile_iterator *xccdf_tailoring_get_profiles(const struct xccdf_tailoring *tailoring)
{
return (struct xccdf_profile_iterator*) oscap_iterator_new(tailoring->profiles);
}
struct xccdf_status_iterator *xccdf_tailoring_get_statuses(const struct xccdf_tailoring *tailoring)
{
return (struct xccdf_status_iterator*) oscap_iterator_new(tailoring->statuses);
}
struct oscap_reference_iterator *xccdf_tailoring_get_dc_statuses(const struct xccdf_tailoring *tailoring)
{
return (struct oscap_reference_iterator*) oscap_iterator_new(tailoring->dc_statuses);
}
struct xccdf_profile *
xccdf_tailoring_get_profile_by_id(const struct xccdf_tailoring *tailoring, const char *profile_id)
{
struct xccdf_profile_iterator *profit = xccdf_tailoring_get_profiles(tailoring);
while (xccdf_profile_iterator_has_more(profit)) {
struct xccdf_profile *profile = xccdf_profile_iterator_next(profit);
if (profile == NULL) {
assert(profile != NULL);
continue;
}
if (oscap_streq(xccdf_profile_get_id(profile), profile_id)) {
xccdf_profile_iterator_free(profit);
return profile;
}
}
xccdf_profile_iterator_free(profit);
return NULL;
}