static inline int oscap_validate_xml(struct oscap_source *source, const char *schemafile, xml_reporter reporter, void *arg)
{
int result = -1;
xmlSchemaParserCtxtPtr parser_ctxt = NULL;
xmlSchemaPtr schema = NULL;
xmlSchemaValidCtxtPtr ctxt = NULL;
xmlDocPtr doc = NULL;
struct ctxt context = { reporter, arg, (void*) oscap_source_readable_origin(source)};
if (schemafile == NULL) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "'schemafile' == NULL");
return -1;
}
char * schemapath = oscap_sprintf("%s%s%s", oscap_path_to_schemas(), "/", schemafile);
if (access(schemapath, R_OK)) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Schema file '%s' not found in path '%s' when trying to validate '%s'",
schemafile, oscap_path_to_schemas(), oscap_source_readable_origin(source));
goto cleanup;
}
parser_ctxt = xmlSchemaNewParserCtxt(schemapath);
if (parser_ctxt == NULL) {
oscap_seterr(OSCAP_EFAMILY_XML, "Could not create parser context for validation");
goto cleanup;
}
xmlSchemaSetParserStructuredErrors(parser_ctxt, oscap_xml_validity_handler, &context);
schema = xmlSchemaParse(parser_ctxt);
if (schema == NULL) {
oscap_seterr(OSCAP_EFAMILY_XML, "Could not parse XML schema");
goto cleanup;
}
ctxt = xmlSchemaNewValidCtxt(schema);
if (ctxt == NULL) {
oscap_seterr(OSCAP_EFAMILY_XML, "Could not create validation context");
goto cleanup;
}
xmlSchemaSetValidStructuredErrors(ctxt, oscap_xml_validity_handler, &context);
doc = oscap_source_get_xmlDoc(source);
if (!doc)
goto cleanup;
result = xmlSchemaValidateDoc(ctxt, doc);
/*
* xmlSchemaValidateFile() returns "-1" if document is not well formed
* thefore we ignore libxml internal errors here and map return code to
* either pass or fail.
*/
if (result != 0)
result = 1;
/* This would be nicer
* if (result == -1)
* oscap_setxmlerr(xmlGetLastError());
*/
cleanup:
if (ctxt)
xmlSchemaFreeValidCtxt(ctxt);
if (schema)
xmlSchemaFree(schema);
if (parser_ctxt)
xmlSchemaFreeParserCtxt(parser_ctxt);
oscap_free(schemapath);
return result;
}
static int print_versions(const struct oscap_action *action)
{
printf("OpenSCAP command line tool (oscap) %s\n" "Copyright 2009--2016 Red Hat Inc., Durham, North Carolina.\n\n",
oscap_get_version());
printf("==== Supported specifications ====\n");
printf("XCCDF Version: %s\n", xccdf_benchmark_supported());
printf("OVAL Version: %s\n", oval_definition_model_supported());
printf("CPE Version: %s\n", cpe_dict_model_supported());
printf("CVSS Version: %s\n", cvss_model_supported());
printf("CVE Version: %s\n", cve_model_supported());
printf("Asset Identification Version: %s\n", "1.1");
printf("Asset Reporting Format Version: %s\n", "1.1");
printf("\n");
printf("==== Capabilities added by auto-loaded plugins ====\n");
const char * const *known_plugins = check_engine_plugin_get_known_plugins();
bool known_plugin_found = false;
while (*known_plugins) {
struct check_engine_plugin_def *plugin = check_engine_plugin_load(*known_plugins);
if (plugin) {
printf("%s (from %s)\n", check_engine_plugin_get_capabilities(plugin), *known_plugins);
check_engine_plugin_unload(plugin);
known_plugin_found = true;
}
known_plugins++;
}
if (!known_plugin_found)
printf("No plugins have been auto-loaded...\n");
// We do not report failure when a known plugin doesn't load properly, that's because they
// are optional and we don't know if it's not there or if it just failed to load.
oscap_clearerr();
printf("\n");
printf("==== Paths ====\n");
printf("Schema files: %s\n", oscap_path_to_schemas());
printf("Default CPE files: %s\n", oscap_path_to_cpe());
#if defined(OVAL_PROBES_ENABLED)
printf("Probes: %s\n", oval_probe_ext_getdir());
#endif
printf("\n");
printf("==== Inbuilt CPE names ====\n");
char default_cpe_path[PATH_MAX];
snprintf(default_cpe_path, PATH_MAX, "%s/openscap-cpe-dict.xml", oscap_path_to_cpe());
struct oscap_source *source = oscap_source_new_from_file(default_cpe_path);
struct cpe_dict_model* cpe_dict = cpe_dict_model_import_source(source);
oscap_source_free(source);
if (cpe_dict != NULL) {
struct cpe_item_iterator* cpe_items = cpe_dict_model_get_items(cpe_dict);
while (cpe_item_iterator_has_more(cpe_items))
{
struct cpe_item* cpe_item = cpe_item_iterator_next(cpe_items);
struct oscap_text_iterator* titles = cpe_item_get_titles(cpe_item);
char* str_title = oscap_textlist_get_preferred_plaintext(titles, NULL);
oscap_text_iterator_free(titles);
struct cpe_name* name = cpe_item_get_name(cpe_item);
char * str_name = cpe_name_get_as_format(name, CPE_FORMAT_URI);
printf("%s - %s\n", str_title, str_name);
free(str_name);
free(str_title);
}
cpe_item_iterator_free(cpe_items);
cpe_dict_model_free(cpe_dict);
}
printf("\n");
#if defined(OVAL_PROBES_ENABLED)
printf("==== Supported OVAL objects and associated OpenSCAP probes ====\n");
printf("%-14s%-28s %-28s\n", "OVAL family", "OVAL object", "OpenSCAP probe");
printf("%-14s%-28s %-28s\n", "----------", "----------", "----------");
oval_probe_meta_list(stdout, OVAL_PROBEMETA_LIST_DYNAMIC | OVAL_PROBEMETA_LIST_OTYPE);
#endif
return OSCAP_OK;
}
