Open SCAP Library
Loading...
Searching...
No Matches
item.h
1/*
2 * Copyright 2009--2013 Red Hat Inc., Durham, North Carolina.
3 * All Rights Reserved.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * Authors:
20 * Lukas Kuklinek <lkuklinek@redhat.com>
21 */
22
23#ifndef XCCDF_ITEM_
24#define XCCDF_ITEM_
25
26#include <assert.h>
27
28#include "public/xccdf_benchmark.h"
29#include "elements.h"
30
31#include "common/reference_priv.h"
32#include "common/list.h"
33#include "common/util.h"
34#include "common/text_priv.h"
35
36
37struct xccdf_flags {
38 bool selected:1;
39 bool hidden:1;
40 bool resolved:1;
41 bool abstract:1;
42 bool prohibit_changes:1;
43 bool interactive:1;
44 bool multiple:1;
45};
46
47struct xccdf_defflags {
48 bool selected:1;
49 bool hidden:1;
50 bool resolved:1;
51 bool abstract:1;
52 bool prohibit_changes:1;
53 bool interactive:1;
54 bool multiple:1;
55 bool weight:1;
56 bool role:1;
57 bool severity:1;
58};
59
60struct xccdf_item;
61struct xccdf_check;
62
63struct xccdf_item_base {
64 char *id;
65 char *cluster_id;
66 float weight;
67
68 struct oscap_list *title;
69 struct oscap_list *description;
70 struct oscap_list *question;
71 struct oscap_list *rationale;
72 struct oscap_list *warnings;
73
74 char *version;
75 char *version_update;
76 char *version_time;
77
78 struct xccdf_item *parent;
79 char *extends;
80 struct oscap_list *statuses;
81 struct oscap_list *dc_statuses;
82 struct oscap_list *references;
83 struct oscap_list *platforms;
84 struct xccdf_flags flags;
85 struct xccdf_defflags defined_flags;
86
87 struct oscap_list *metadata;
88};
89
90struct xccdf_rule_item {
91 char *impact_metric;
92 xccdf_role_t role;
93 xccdf_level_t severity;
94
95 struct oscap_list *requires_;
96 struct oscap_list *conflicts;
97
98 struct oscap_list *profile_notes;
99 struct oscap_list *idents;
100 struct oscap_list *checks;
101 struct oscap_list *fixes;
102 struct oscap_list *fixtexts;
103};
104
105struct xccdf_group_item {
106 struct oscap_list *requires_;
107 struct oscap_list *conflicts;
108
109 struct oscap_list *values;
110 struct oscap_list *content;
111};
112
113/* This structure is used for multiple-count attributes for Item (0-n) */
114struct xccdf_value_instance {
115 char *selector;
116 xccdf_value_type_t type; /* Value::type */
117 char *value; /* Value::value */
118 char *defval; /* Value::default */
119 struct oscap_list *choices; /* Value::choices */
120 xccdf_numeric lower_bound;
121 xccdf_numeric upper_bound;
122 char *match;
123 struct {
124 bool value_given : 1;
125 bool defval_given : 1;
126 bool must_match_given : 1;
127 bool must_match : 1;
128 } flags;
129};
130
131struct xccdf_value_item {
132 xccdf_value_type_t type; /* Value::type */
133 xccdf_interface_hint_t interface_hint; /* Value::interfaceHint */
134 xccdf_operator_t oper; /* Value::operator */
135
136 struct oscap_list *instances;
137 struct oscap_list *sources; /* Value::source */
138};
139
140struct xccdf_result_item {
141 const struct xccdf_version_info *schema_version;
142
143 char *start_time;
144 char *end_time;
145 char *test_system;
146 char *benchmark_uri;
147 char *profile;
148
149 struct oscap_list *identities;
150 struct oscap_list *targets;
151 struct oscap_list *organizations;
152 struct oscap_list *remarks;
153 struct oscap_list *target_addresses;
154 struct oscap_list *target_facts;
155 struct oscap_list *target_id_refs;
156 struct oscap_list *applicable_platforms;
157 struct oscap_list *setvalues;
158 struct oscap_list *rule_results;
159 struct oscap_list *scores;
160};
161
162struct xccdf_profile_item {
163 char *note_tag;
164 struct oscap_list *selects;
165 struct oscap_list *setvalues;
166 struct oscap_list *refine_values;
167 struct oscap_list *refine_rules;
168 bool tailoring;
169};
170
171struct xccdf_tailoring {
172 // optional, only relevant when Tailoring is saved as a root element
173 char *id;
174
175 // The ref is "just informative" according to the spec, we never
176 // interpret it and just load and save it as a string.
177 char *benchmark_ref;
178 // Also just informative
179 char *benchmark_ref_version;
180
181 struct oscap_list *statuses;
182 struct oscap_list *dc_statuses;
183
184 char *version;
185 char *version_update;
186 char *version_time;
187
188 struct oscap_list *metadata;
189
190 struct oscap_list *profiles;
191};
192
193struct xccdf_benchmark_item {
194 const struct xccdf_version_info *schema_version;
195
196 struct oscap_htable *items_dict; /* Stores only xccdf:Item */
197 struct oscap_htable *profiles_dict; /* xccdf:Profile */
198 struct oscap_htable *results_dict; /* xccdf:TestResult */
199 struct oscap_htable *clusters_dict; /* xccdf:items by cluster-id */
200 struct oscap_list *notices;
201 struct oscap_list *plain_texts;
202
203 struct cpe_dict_model *cpe_list;
204 struct cpe_lang_model *cpe_lang_model;
205
206 char *style;
207 char *style_href;
208 char *lang;
209
210 struct oscap_list *front_matter;
211 struct oscap_list *rear_matter;
212
213 struct oscap_list *models;
214 struct oscap_list *profiles;
215 struct oscap_list *values;
216 struct oscap_list *content;
217 struct oscap_list *results;
218};
219
220struct xccdf_item {
221 xccdf_type_t type;
222 struct xccdf_item_base item;
223 union {
224 struct xccdf_profile_item profile;
225 struct xccdf_benchmark_item benchmark;
226 struct xccdf_rule_item rule;
227 struct xccdf_group_item group;
228 struct xccdf_value_item value;
229 struct xccdf_result_item result;
230 } sub;
231};
232
233struct xccdf_warning {
234 struct oscap_text *text;
235 xccdf_warning_category_t category;
236};
237
238struct xccdf_notice {
239 char *id;
240 struct oscap_text *text;
241};
242
243struct xccdf_status {
244 xccdf_status_type_t status;
245 time_t date;
246};
247
248struct xccdf_model {
249 char *system;
250 struct oscap_htable *params; // TODO: to list + accessors
251};
252
253struct xccdf_select {
254 char *item;
255 bool selected;
256 struct oscap_list *remarks;
257};
258
259struct xccdf_refine_rule {
260 char *item;
261 char *selector;
262 xccdf_role_t role;
263 xccdf_level_t severity;
264 xccdf_numeric weight;
265 struct oscap_list *remarks;
266};
267
268struct xccdf_refine_value {
269 char *item;
270 char *selector;
271 xccdf_operator_t oper;
272 struct oscap_list *remarks;
273};
274
275struct xccdf_setvalue {
276 char *item;
277 char *value;
278};
279
280struct xccdf_ident {
281 char *id;
282 char *system;
283};
284
285struct xccdf_check {
286 xccdf_bool_operator_t oper;
287 struct oscap_list *children;
288 char *id;
289 char *system;
290 char *selector;
291 char *content;
292 struct _xccdf_check_flags {
293 bool multicheck:1;
294 bool def_multicheck:1;
295 bool negate:1;
296 bool def_negate:1;
297 } flags;
298 struct oscap_list *imports;
299 struct oscap_list *exports;
300 struct oscap_list *content_refs;
301};
302
303struct xccdf_check_content_ref {
304 char *href;
305 char *name;
306};
307
308struct xccdf_check_import {
309 char *name;
310 char *xpath;
311 char *content;
312};
313
314struct xccdf_check_export {
315 char *name;
316 char *value;
317};
318
319struct xccdf_profile_note {
320 struct oscap_text *text;
321 char *reftag;
322};
323
324struct xccdf_fix {
325 bool reboot;
326 xccdf_strategy_t strategy;
327 xccdf_level_t disruption;
328 xccdf_level_t complexity;
329 char *id;
330 char *content;
331 char *system;
332 char *platform;
333};
334
335struct xccdf_fixtext {
336 struct oscap_text *text;
337 bool reboot;
338 xccdf_strategy_t strategy;
339 xccdf_level_t disruption;
340 xccdf_level_t complexity;
341 char *fixref;
342};
343
344struct xccdf_rule_result {
345 char *idref;
346 xccdf_role_t role;
347 char *time;
348 float weight;
349 xccdf_level_t severity;
350 xccdf_test_result_type_t result;
351 char *version;
352
353 struct oscap_list *overrides;
354 struct oscap_list *idents;
355 struct oscap_list *messages;
356 struct oscap_list *instances;
357 struct oscap_list *fixes;
358 struct oscap_list *checks;
359};
360
361struct xccdf_identity {
362 struct {
363 bool authenticated : 1;
364 bool privileged : 1;
365 } sub;
366 char *name;
367};
368
369struct xccdf_score {
370 xccdf_numeric maximum;
371 xccdf_numeric score;
372 char *system;
373};
374
375struct xccdf_override {
376 char *time;
377 char *authority;
378 xccdf_test_result_type_t old_result;
379 xccdf_test_result_type_t new_result;
380 struct oscap_text *remark;
381};
382
383struct xccdf_message {
384 xccdf_message_severity_t severity;
385 char *content;
386};
387
388struct xccdf_target_fact {
389 xccdf_value_type_t type;
390 char *name;
391 char *value;
392};
393
394struct xccdf_target_identifier {
395 bool any_element; // if false, this represents <target-id-ref>, else it's any element
396
397 xmlNodePtr element;
398
399 char *system;
400 char *href;
401 char *name;
402};
403
404struct xccdf_instance {
405 char *context;
406 char *parent_context;
407 char *content;
408};
409
410struct xccdf_plain_text {
411 char *id;
412 char *text;
413};
414
415extern const struct oscap_string_map XCCDF_LEVEL_MAP[];
416extern const struct oscap_string_map XCCDF_ROLE_MAP[];
417extern const struct oscap_string_map XCCDF_OPERATOR_MAP[];
418extern const struct oscap_string_map XCCDF_BOOLOP_MAP[];
419extern const struct oscap_string_map XCCDF_STRATEGY_MAP[];
420extern const struct oscap_string_map XCCDF_FACT_TYPE_MAP[];
421extern const struct oscap_string_map XCCDF_RESULT_MAP[];
422
423extern const struct oscap_text_traits XCCDF_TEXT_PLAIN;
424extern const struct oscap_text_traits XCCDF_TEXT_HTML;
425extern const struct oscap_text_traits XCCDF_TEXT_PLAINSUB;
426extern const struct oscap_text_traits XCCDF_TEXT_HTMLSUB;
427extern const struct oscap_text_traits XCCDF_TEXT_NOTICE;
428extern const struct oscap_text_traits XCCDF_TEXT_PROFNOTE;
429
430extern const size_t XCCDF_NUMERIC_SIZE;
431extern const char *XCCDF_NUMERIC_FORMAT;
432
433struct xccdf_item *xccdf_item_new(xccdf_type_t type, struct xccdf_item *parent);
434void xccdf_item_release(struct xccdf_item *item);
435void xccdf_item_print(struct xccdf_item *item, int depth);
436void xccdf_item_dump(struct xccdf_item *item, int depth);
437struct xccdf_item* xccdf_item_get_benchmark_internal(struct xccdf_item* item);
438bool xccdf_benchmark_parse(struct xccdf_item *benchmark, xmlTextReaderPtr reader);
439void xccdf_benchmark_dump(struct xccdf_benchmark *benchmark);
440int xccdf_benchmark_include_tailored_profiles(struct xccdf_benchmark *benchmark);
441struct oscap_htable_iterator *xccdf_benchmark_get_cluster_items(struct xccdf_benchmark *benchmark, const char *cluster_id);
442bool xccdf_benchmark_register_item(struct xccdf_benchmark *benchmark, struct xccdf_item *item);
443bool xccdf_benchmark_unregister_item(struct xccdf_item *item);
444bool xccdf_benchmark_rename_item(struct xccdf_item *item, const char *newid);
445char *xccdf_benchmark_gen_id(struct xccdf_benchmark *benchmark, xccdf_type_t type, const char *prefix);
446struct xccdf_result *xccdf_benchmark_get_result_by_id(struct xccdf_benchmark *benchmark, const char *testresult_id);
447struct xccdf_result *xccdf_benchmark_get_result_by_id_suffix(struct xccdf_benchmark *benchmark, const char *testresult_suffix);
448bool xccdf_add_item(struct oscap_list *list, struct xccdf_item *parent, struct xccdf_item *item, const char *prefix);
449
450struct xccdf_tailoring *xccdf_tailoring_parse(xmlTextReaderPtr reader, struct xccdf_item* benchmark);
451xmlNodePtr xccdf_tailoring_to_dom(struct xccdf_tailoring *tailoring, xmlDocPtr doc, xmlNodePtr parent, const struct xccdf_version_info *version_info);
452
453struct xccdf_item *xccdf_profile_new_internal(struct xccdf_item *bench);
454struct xccdf_item *xccdf_profile_parse(xmlTextReaderPtr reader, struct xccdf_item *bench);
455void xccdf_profile_dump(struct xccdf_item *prof, int depth);
456
457bool xccdf_item_process_attributes(struct xccdf_item *item, xmlTextReaderPtr reader);
458bool xccdf_item_process_element(struct xccdf_item *item, xmlTextReaderPtr reader);
459
460bool xccdf_content_parse(xmlTextReaderPtr reader, struct xccdf_item *parent);
461struct xccdf_item *xccdf_group_parse(xmlTextReaderPtr reader, struct xccdf_item *parent);
462struct xccdf_item *xccdf_group_new_internal(struct xccdf_item *parent);
463void xccdf_group_dump(struct xccdf_item *group, int depth);
464
465struct xccdf_item *xccdf_rule_new_internal(struct xccdf_item *parent);
466struct xccdf_item *xccdf_rule_parse(xmlTextReaderPtr reader, struct xccdf_item *parent);
467void xccdf_rule_dump(struct xccdf_item *rule, int depth);
468struct xccdf_check_iterator *xccdf_rule_get_checks_filtered(struct xccdf_item *rule, char *selector);
469struct xccdf_check_iterator *xccdf_rule_get_complex_checks(struct xccdf_item *rule);
470
471struct xccdf_item *xccdf_value_parse(xmlTextReaderPtr reader, struct xccdf_item *parent);
472struct xccdf_item *xccdf_value_new_internal(struct xccdf_item *parent, xccdf_value_type_t type);
473void xccdf_value_dump(struct xccdf_item *value, int depth);
474
475struct xccdf_notice *xccdf_notice_new_parse(xmlTextReaderPtr reader);
476void xccdf_notice_dump(struct xccdf_notice *notice, int depth);
477
478void xccdf_status_dump(struct xccdf_status *status, int depth);
479
480struct xccdf_model *xccdf_model_new_xml(xmlTextReaderPtr reader);
481
482void xccdf_cstring_dump(const char *data, int depth);
483void xccdf_result_dump(struct xccdf_result *res, int depth);
484struct xccdf_result *xccdf_result_new_parse(xmlTextReaderPtr reader);
485int xccdf_rule_result_set_time_current(struct xccdf_rule_result *item);
486int xccdf_result_set_start_time_current(struct xccdf_result *item);
487int xccdf_result_set_end_time_current(struct xccdf_result *item);
488const struct xccdf_version_info* xccdf_result_get_schema_version(const struct xccdf_result *item);
489bool xccdf_result_set_schema_version(struct xccdf_result *item, const struct xccdf_version_info* newval);
490
491
492struct xccdf_check *xccdf_check_parse(xmlTextReaderPtr reader);
493void xccdf_check_dump(struct xccdf_check *check, int depth);
494bool xccdf_check_inject_content_ref(struct xccdf_check *check, const struct xccdf_check_content_ref *content, const char *name);
495void xccdf_check_content_ref_dump(struct xccdf_check_content_ref *ref, int depth);
496struct xccdf_ident *xccdf_ident_parse(xmlTextReaderPtr reader);
497void xccdf_ident_dump(struct xccdf_ident *ident, int depth);
498struct xccdf_fix *xccdf_fix_parse(xmlTextReaderPtr reader);
499struct xccdf_fixtext *xccdf_fixtext_parse(xmlTextReaderPtr reader);
500
501struct xccdf_setvalue *xccdf_setvalue_new_parse(xmlTextReaderPtr reader);
502void xccdf_setvalue_dump(struct xccdf_setvalue *sv, int depth);
503
504struct xccdf_warning *xccdf_warning_new_parse(xmlTextReaderPtr reader);
505
506//private methods for cloning items
507//Will clone the item member of a xccdf_item object
508void xccdf_item_base_clone(struct xccdf_item_base *new_base, const struct xccdf_item_base *old_base);
509
510//clones the specific types of items
511void xccdf_profile_item_clone(struct xccdf_profile_item *clone, const struct xccdf_profile_item * item);
512struct xccdf_benchmark_item * xccdf_benchmark_item_clone(struct xccdf_item *clone, const struct xccdf_benchmark * bench);
513void xccdf_rule_item_clone(struct xccdf_rule_item *clone, const struct xccdf_rule_item * item);
514void xccdf_group_item_clone(struct xccdf_item *parent, const struct xccdf_group_item * item);
515void xccdf_value_item_clone(struct xccdf_value_item *clone, const struct xccdf_value_item * item);
516struct xccdf_value_instance * xccdf_value_instance_clone(const struct xccdf_value_instance * val);
517void xccdf_result_item_clone(struct xccdf_result_item *clone, const struct xccdf_result_item * item);
518struct xccdf_profile_note * xccdf_profile_note_clone(const struct xccdf_profile_note * note);
519void xccdf_reparent_list(struct oscap_list * item_list, struct xccdf_item * parent);
520void xccdf_reparent_item(struct xccdf_item * item, struct xccdf_item * parent);
521
522void xccdf_texts_to_dom(struct oscap_text_iterator *texts, xmlNode *parent, const char *elname);
523
524void xccdf_item_add_applicable_platform(struct xccdf_item *item, xmlTextReaderPtr reader);
525
526#include "unused.h"
527
528
529#endif
xccdf_interface_hint_t
xccdf_interface_hint_t
Interface hint.
Definition xccdf_benchmark.h:74
xccdf_message_severity_t
xccdf_message_severity_t
Severity of an xccdf_message.
Definition xccdf_benchmark.h:128
xccdf_type_t
xccdf_type_t
Type of an XCCDF object.
Definition xccdf_benchmark.h:57
xccdf_level_t
xccdf_level_t
XCCDF error, complexity, disruption, or severity level.
Definition xccdf_benchmark.h:118
xccdf_operator_t
xccdf_operator_t
Operator to be applied on an xccdf_value.
Definition xccdf_benchmark.h:101
xccdf_strategy_t
xccdf_strategy_t
Fix strategy type.
Definition xccdf_benchmark.h:157
xccdf_role_t
xccdf_role_t
XCCDF role.
Definition xccdf_benchmark.h:136
xccdf_warning_category_t
xccdf_warning_category_t
Category of xccdf_warning.
Definition xccdf_benchmark.h:143
xccdf_numeric
float xccdf_numeric
Type of a numerical content for a XCCDF value.
Definition xccdf_benchmark.h:198
xccdf_value_type_t
xccdf_value_type_t
Type of an xccdf_value.
Definition xccdf_benchmark.h:94
xccdf_test_result_type_t
xccdf_test_result_type_t
Test result.
Definition xccdf_benchmark.h:170
xccdf_status_type_t
xccdf_status_type_t
Status of an XCCDF item.
Definition xccdf_benchmark.h:84
xccdf_bool_operator_t
xccdf_bool_operator_t
Boolean operators for logical expressions.
Definition xccdf_benchmark.h:112
cpe_dict_model
Structure representing a CPE dictionary.
Definition cpedict_priv.h:139
cpe_lang_model
CPE platform specification.
Definition cpelang_priv.c:63
oscap_htable_iterator
Definition list.c:572
oscap_htable
Definition list.h:179
oscap_list
Definition list.h:53
oscap_string_map
Define mapping between symbolic constant and its string representation.
Definition util.h:296
oscap_text_iterator
Internationalized string iterator.
oscap_text_traits
oscap_text traits
Definition text_priv.h:38
oscap_text
Representation of internationalizable character strings.
Definition text_priv.h:46
xccdf_benchmark_item
Definition item.h:193
xccdf_benchmark
Top level XCCDF structure containing profiles, rules, values and results.
xccdf_check::_xccdf_check_flags
Definition item.h:292
xccdf_check_content_ref
XCCDF check content reference.
Definition item.h:303
xccdf_check_export
XCCDF check export.
Definition item.h:314
xccdf_check_import
XCCDF check import.
Definition item.h:308
xccdf_check_iterator
Check iterator.
xccdf_check
XCCDF simple or complex check.
Definition item.h:285
xccdf_defflags
Definition item.h:47
xccdf_fix
XCCDF automatic fix.
Definition item.h:324
xccdf_fixtext
XCCDF textual fix instructions.
Definition item.h:335
xccdf_flags
Definition item.h:37
xccdf_group_item
Definition item.h:105
xccdf_ident
XCCDF rule ident URI.
Definition item.h:280
xccdf_identity
XCCDF identity.
Definition item.h:361
xccdf_instance
XCCDF instance.
Definition item.h:404
xccdf_item_base
Definition item.h:63
xccdf_item
A base class for XCCDF items.
Definition item.h:220
xccdf_message
XCCDF message.
Definition item.h:383
xccdf_model
XCCDF scoring model.
Definition item.h:248
xccdf_notice
XCCDF benchmark legal notice.
Definition item.h:238
xccdf_override
XCCDF override.
Definition item.h:375
xccdf_plain_text
XCCDF target fact.
Definition item.h:410
xccdf_profile_item
Definition item.h:162
xccdf_profile_note
XCCDF note for given rule in context of given profile.
Definition item.h:319
xccdf_refine_rule
XCCDF refine rule option used in the profile.
Definition item.h:259
xccdf_refine_value
XCCDF refine value option used in the profile.
Definition item.h:268
xccdf_result_item
Definition item.h:140
xccdf_result
Actual results of running a XCCDF test or profile.
xccdf_rule_item
Definition item.h:90
xccdf_rule_result
XCCDF rule result.
Definition item.h:344
xccdf_score
XCCDF score.
Definition item.h:369
xccdf_select
XCCDF select option usen in the profile.
Definition item.h:253
xccdf_setvalue
XCCDF set value option used in the profile.
Definition item.h:275
xccdf_status
XCCDF item status.
Definition item.h:243
xccdf_tailoring
Stores content from xccdf:Tailoring element which can be loaded from a separate file.
Definition item.h:171
xccdf_target_fact
XCCDF target fact.
Definition item.h:388
xccdf_target_identifier
Can be either <target-id-ref> or some other element.
Definition item.h:394
xccdf_value_instance
Definition item.h:114
xccdf_value_item
Definition item.h:131
xccdf_version_info
Definition XCCDF/elements.c:42
xccdf_warning
XCCDF warning.
Definition item.h:233
xccdf_benchmark.h
Open-scap XCCDF library interface.
Generated by doxygen 1.10.0