struct xccdf_fixtext *xccdf_fixtext_parse(xmlTextReaderPtr reader)
{
struct xccdf_fixtext *fix = xccdf_fixtext_new();
fix->fixref = xccdf_attribute_copy(reader, XCCDFA_FIXREF);
fix->text = oscap_text_new_parse(XCCDF_TEXT_HTMLSUB, reader);
fix->reboot = xccdf_attribute_get_bool(reader, XCCDFA_REBOOT);
fix->strategy = oscap_string_to_enum(XCCDF_STRATEGY_MAP, xccdf_attribute_get(reader, XCCDFA_STRATEGY));
fix->disruption = oscap_string_to_enum(XCCDF_LEVEL_MAP, xccdf_attribute_get(reader, XCCDFA_DISRUPTION));
fix->complexity = oscap_string_to_enum(XCCDF_LEVEL_MAP, xccdf_attribute_get(reader, XCCDFA_COMPLEXITY));
return fix;
}
struct xccdf_fix *xccdf_fix_parse(xmlTextReaderPtr reader)
{
struct xccdf_fix *fix = xccdf_fix_new();
fix->id = xccdf_attribute_copy(reader, XCCDFA_ID);
fix->system = xccdf_attribute_copy(reader, XCCDFA_SYSTEM);
fix->platform = xccdf_attribute_copy(reader, XCCDFA_PLATFORM);
fix->reboot = xccdf_attribute_get_bool(reader, XCCDFA_REBOOT);
fix->strategy = oscap_string_to_enum(XCCDF_STRATEGY_MAP, xccdf_attribute_get(reader, XCCDFA_STRATEGY));
fix->disruption = oscap_string_to_enum(XCCDF_LEVEL_MAP, xccdf_attribute_get(reader, XCCDFA_DISRUPTION));
fix->complexity = oscap_string_to_enum(XCCDF_LEVEL_MAP, xccdf_attribute_get(reader, XCCDFA_COMPLEXITY));
fix->content = oscap_get_xml(reader);
return fix;
}
static struct cpe_ext_deprecatedby *cpe_ext_deprecatedby_parse(xmlTextReaderPtr reader)
{
__attribute__nonnull__(reader);
if (xmlStrcmp(xmlTextReaderConstLocalName(reader), BAD_CAST TAG_CPE_EXT_DEPRECATEDBY_STR) != 0 ||
xmlTextReaderNodeType(reader) != 1) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Found '%s' node when expecting: '%s'!",
xmlTextReaderConstLocalName(reader), TAG_CPE_EXT_DEPRECATEDBY_STR);
}
const xmlChar* nsuri = xmlTextReaderConstNamespaceUri(reader);
if (nsuri && xmlStrcmp(nsuri, BAD_CAST XMLNS_CPE2D3_EXTENSION) != 0) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Found '%s' namespace when expecting: '%s'!",
nsuri, XMLNS_CPE2D3_EXTENSION);
return NULL;
}
struct cpe_ext_deprecatedby *deprecatedby = cpe_ext_deprecatedby_new();
deprecatedby->name = (char *) xmlTextReaderGetAttribute(reader, BAD_CAST ATTR_NAME_STR);
const char *type = (const char *) xmlTextReaderGetAttribute(reader, BAD_CAST ATTR_TYPE_STR);
if (type == NULL) {
oscap_seterr(OSCAP_EFAMILY_OSCAP, "Compulsory attribute '%s' missing at '%s' element.",
ATTR_TYPE_STR, TAG_CPE_EXT_DEPRECATEDBY_STR);
cpe_ext_deprecatedby_free(deprecatedby);
return NULL;
}
deprecatedby->type = oscap_string_to_enum(CPE_EXT_DEPRECATION_MAP, type);
return deprecatedby;
}
bool xccdf_attribute_get_bool(xmlTextReaderPtr reader, xccdf_attribute_t attr)
{
return oscap_string_to_enum(OSCAP_BOOL_MAP, xccdf_attribute_get(reader, attr));
}
struct xccdf_check *xccdf_check_parse(xmlTextReaderPtr reader)
{
xccdf_element_t el = xccdf_element_get(reader);
if (el != XCCDFE_CHECK && el != XCCDFE_COMPLEX_CHECK)
return NULL;
struct xccdf_check *check = xccdf_check_new();
check->id = xccdf_attribute_copy(reader, XCCDFA_ID);
check->system = xccdf_attribute_copy(reader, XCCDFA_SYSTEM);
check->selector = xccdf_attribute_copy(reader, XCCDFA_SELECTOR);
check->oper = oscap_string_to_enum(XCCDF_BOOLOP_MAP, xccdf_attribute_get(reader, XCCDFA_OPERATOR));
if (xccdf_attribute_has(reader, XCCDFA_MULTICHECK) && el != XCCDFE_COMPLEX_CHECK) {
check->flags.def_multicheck = true;
check->flags.multicheck = xccdf_attribute_get_bool(reader, XCCDFA_MULTICHECK);
}
check->flags.def_negate = xccdf_attribute_has(reader, XCCDFA_NEGATE);
check->flags.negate = xccdf_attribute_get_bool(reader, XCCDFA_NEGATE);
int depth = oscap_element_depth(reader) + 1;
while (oscap_to_start_element(reader, depth)) {
switch (xccdf_element_get(reader)) {
case XCCDFE_CHECK:
case XCCDFE_COMPLEX_CHECK:
if (check->oper == 0)
break;
oscap_list_add(check->children, xccdf_check_parse(reader));
break;
case XCCDFE_CHECK_CONTENT_REF:{
const char *href = xccdf_attribute_get(reader, XCCDFA_HREF);
if (href == NULL)
break;
struct xccdf_check_content_ref *ref = xccdf_check_content_ref_new();
ref->name = xccdf_attribute_copy(reader, XCCDFA_NAME);
ref->href = strdup(href);
oscap_list_add(check->content_refs, ref);
break;
}
case XCCDFE_CHECK_CONTENT:
if (check->content == NULL)
check->content = oscap_get_xml(reader);
break;
case XCCDFE_CHECK_IMPORT:{
const char *name = xccdf_attribute_get(reader, XCCDFA_IMPORT_NAME);
const char *xpath = xccdf_attribute_get(reader, XCCDFA_IMPORT_XPATH);
if (name == NULL) // @import-name is a required attribute
break;
struct xccdf_check_import *imp = xccdf_check_import_new();
imp->name = strdup(name);
if (xpath) // @import-xpath is just optional
imp->xpath = strdup(xpath);
imp->content = oscap_element_string_copy(reader);
oscap_list_add(check->imports, imp);
break;
}
case XCCDFE_CHECK_EXPORT:{
const char *name = xccdf_attribute_get(reader, XCCDFA_EXPORT_NAME);
if (name == NULL)
break;
struct xccdf_check_export *exp = xccdf_check_export_new();
exp->name = strdup(name);
exp->value = xccdf_attribute_copy(reader, XCCDFA_VALUE_ID);
oscap_list_add(check->exports, exp);
break;
}
default:
break;
}
xmlTextReaderRead(reader);
}
return check;
}
struct xccdf_item *xccdf_rule_parse(xmlTextReaderPtr reader, struct xccdf_item *parent)
{
XCCDF_ASSERT_ELEMENT(reader, XCCDFE_RULE);
struct xccdf_item *rule = xccdf_rule_new_internal(parent);
if (!xccdf_item_process_attributes(rule, reader)) {
xccdf_rule_free(rule);
return NULL;
}
if (xccdf_attribute_has(reader, XCCDFA_ROLE)) {
rule->sub.rule.role = oscap_string_to_enum(XCCDF_ROLE_MAP, xccdf_attribute_get(reader, XCCDFA_ROLE));
rule->item.defined_flags.role = true;
}
if (xccdf_attribute_has(reader, XCCDFA_SEVERITY)) {
rule->sub.rule.severity =
oscap_string_to_enum(XCCDF_LEVEL_MAP, xccdf_attribute_get(reader, XCCDFA_SEVERITY));
rule->item.defined_flags.severity = true;
}
int depth = oscap_element_depth(reader) + 1;
while (oscap_to_start_element(reader, depth)) {
switch (xccdf_element_get(reader)) {
case XCCDFE_REQUIRES:
case XCCDFE_CONFLICTS:
xccdf_item_parse_deps(reader, rule);
break;
case XCCDFE_PROFILE_NOTE:{
const char *tag = xccdf_attribute_get(reader, XCCDFA_TAG);
if (tag == NULL)
break;
struct xccdf_profile_note *note = xccdf_profile_note_new();
note->reftag = strdup(tag);
note->text = oscap_text_new_parse(XCCDF_TEXT_PROFNOTE, reader);
oscap_list_add(rule->sub.rule.profile_notes, note);
break;
}
case XCCDFE_COMPLEX_CHECK:
case XCCDFE_CHECK:{
struct xccdf_check *check = xccdf_check_parse(reader);
if (check == NULL)
break;
oscap_list_add(rule->sub.rule.checks, check);
break;
}
case XCCDFE_FIX:
oscap_list_add(rule->sub.rule.fixes, xccdf_fix_parse(reader));
break;
case XCCDFE_FIXTEXT:
oscap_list_add(rule->sub.rule.fixtexts, xccdf_fixtext_parse(reader));
break;
case XCCDFE_IDENT:
oscap_list_add(rule->sub.rule.idents, xccdf_ident_parse(reader));
break;
default:
if (!xccdf_item_process_element(rule, reader))
dW("Encountered an unknown element '%s' while parsing XCCDF group.",
xmlTextReaderConstLocalName(reader));
}
xmlTextReaderRead(reader);
}
return rule;
}
oscap_verbosity_levels oscap_verbosity_level_from_cstr(const char *level_name)
{
return oscap_string_to_enum(OSCAP_VERBOSITY_LEVELS, level_name);
}
static int filehash58_cb (const char *p, const char *f, const char *h, probe_ctx *ctx)
{
SEXP_t *itm;
char pbuf[PATH_MAX+1];
size_t plen, flen;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
strerror_r (errno, pbuf, PATH_MAX);
pbuf[PATH_MAX] = '\0';
itm = probe_item_create (OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
NULL);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't open \"%s\": errno=%d, %s.", pbuf, errno, strerror (errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t hash_dst[1025];
size_t hash_dstlen = sizeof hash_dst;
char hash_str[2051];
crapi_alg_t hash_type;
hash_type = oscap_string_to_enum(CRAPI_ALG_MAP, h);
hash_dstlen = oscap_string_to_enum(CRAPI_ALG_MAP_SIZE, h);
/*
* Compute hash value
*/
if (crapi_mdigest_fd (fd, 1, hash_type, hash_dst, &hash_dstlen) != 0) {
close (fd);
return (-1);
}
close (fd);
hash_str[0] = '\0';
mem2hex (hash_dst, hash_dstlen, hash_str, sizeof hash_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
"hash", OVAL_DATATYPE_STRING, hash_str,
NULL);
if (hash_dstlen == 0) {
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Unable to compute %s hash value of \"%s\".", h, pbuf);
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
}
}
probe_item_collect(ctx, itm);
return (0);
}
static oval_affected_family_t _odafamily(char *family)
{
return oscap_string_to_enum(OVAL_ODAFAMILY_MAP, family);
}
