|
 |
cf6bdb |
From cca0af9f2260a34aa4c2e57a7a418ce2b4732e16 Mon Sep 17 00:00:00 2001
|
|
|
cf6bdb |
From: Watson Sato <wsato@redhat.com>
|
|
|
cf6bdb |
Date: Mon, 28 Sep 2020 12:40:16 +0200
|
|
|
cf6bdb |
Subject: [PATCH 1/2] Test resolving a Profile with platform
|
|
|
cf6bdb |
|
|
|
cf6bdb |
---
|
|
|
cf6bdb |
tests/API/XCCDF/unittests/CMakeLists.txt | 1 +
|
|
|
cf6bdb |
.../test_xccdf_resolve_profile_platform.sh | 31 +++++++++++++++++++
|
|
|
cf6bdb |
...t_xccdf_resolve_profile_platform.xccdf.xml | 13 ++++++++
|
|
|
cf6bdb |
3 files changed, 45 insertions(+)
|
|
|
cf6bdb |
create mode 100755 tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.sh
|
|
|
cf6bdb |
create mode 100644 tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.xccdf.xml
|
|
|
cf6bdb |
|
|
|
cf6bdb |
diff --git a/tests/API/XCCDF/unittests/CMakeLists.txt b/tests/API/XCCDF/unittests/CMakeLists.txt
|
|
|
cf6bdb |
index 05ddea219..153a1c321 100644
|
|
|
cf6bdb |
--- a/tests/API/XCCDF/unittests/CMakeLists.txt
|
|
|
cf6bdb |
+++ b/tests/API/XCCDF/unittests/CMakeLists.txt
|
|
|
cf6bdb |
@@ -62,6 +62,7 @@ add_oscap_test("test_default_selector.sh")
|
|
|
cf6bdb |
add_oscap_test("test_inherit_selector.sh")
|
|
|
cf6bdb |
add_oscap_test("test_xccdf_refine_value_bad.sh")
|
|
|
cf6bdb |
add_oscap_test("test_xccdf_resolve.sh")
|
|
|
cf6bdb |
+add_oscap_test("test_xccdf_resolve_profile_platform.sh")
|
|
|
cf6bdb |
add_oscap_test("test_xccdf_results_arf_no_oval.sh")
|
|
|
cf6bdb |
add_oscap_test("test_xccdf_sub_title.sh")
|
|
|
cf6bdb |
add_oscap_test("test_xccdf_test_system.sh")
|
|
|
cf6bdb |
diff --git a/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.sh b/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.sh
|
|
|
cf6bdb |
new file mode 100755
|
|
|
cf6bdb |
index 000000000..95f8ce4b4
|
|
|
cf6bdb |
--- /dev/null
|
|
|
cf6bdb |
+++ b/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.sh
|
|
|
cf6bdb |
@@ -0,0 +1,31 @@
|
|
|
cf6bdb |
+#!/usr/bin/env bash
|
|
|
cf6bdb |
+. $builddir/tests/test_common.sh
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+########################################################################
|
|
|
cf6bdb |
+### Test "oscap xccdf resolve" command on a Profile with platform
|
|
|
cf6bdb |
+########################################################################
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+set -e
|
|
|
cf6bdb |
+set -o pipefail
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+name=$(basename $0 .sh)
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+result=$(mktemp -t ${name}.res.XXXXXX)
|
|
|
cf6bdb |
+stderr=$(mktemp -t ${name}.out.XXXXXX)
|
|
|
cf6bdb |
+stdout=$(mktemp -t ${name}.out.XXXXXX)
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+echo "Stderr file = $stderr"
|
|
|
cf6bdb |
+echo "Result file = $result"
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+$OSCAP xccdf resolve --output $result $srcdir/${name}.xccdf.xml > $stdout
|
|
|
cf6bdb |
+$OSCAP xccdf validate $result >> $stdout
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+assert_exists 1 '//Benchmark[@resolved="1"]'
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+# Resolve Profile Platform
|
|
|
cf6bdb |
+assert_exists 2 '//Profile[@id="xccdf_resolve_profile_platform"]/select'
|
|
|
cf6bdb |
+assert_exists 1 '//Profile[@id="xccdf_resolve_profile_platform"]/platform[@idref="cpe:/a:open-scap:oscap"]'
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+[ -f $stderr ]; [ ! -s $stderr ]; rm $stderr
|
|
|
cf6bdb |
+rm $result
|
|
|
cf6bdb |
diff --git a/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.xccdf.xml b/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.xccdf.xml
|
|
|
cf6bdb |
new file mode 100644
|
|
|
cf6bdb |
index 000000000..f4773bef7
|
|
|
cf6bdb |
--- /dev/null
|
|
|
cf6bdb |
+++ b/tests/API/XCCDF/unittests/test_xccdf_resolve_profile_platform.xccdf.xml
|
|
|
cf6bdb |
@@ -0,0 +1,13 @@
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.2" id="xccdf_resolve_benchmark_1" resolved="false">
|
|
|
cf6bdb |
+ <status>incomplete</status>
|
|
|
cf6bdb |
+ <version>1.0</version>
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
+ <Profile id="xccdf_resolve_profile_platform">
|
|
|
cf6bdb |
+ <title>Profile with platform</title>
|
|
|
cf6bdb |
+ <platform idref="cpe:/a:open-scap:oscap"/>
|
|
|
cf6bdb |
+ <select idref="xccdf_test_rule_inherited" selected="true" />
|
|
|
cf6bdb |
+ <select idref="xccdf_test_rule_overridden" selected="true" />
|
|
|
cf6bdb |
+ </Profile>
|
|
|
cf6bdb |
+</Benchmark>
|
|
|
cf6bdb |
+
|
|
|
cf6bdb |
|
|
|
cf6bdb |
From 46b78146db6ba1fa57926068c4400d876423126b Mon Sep 17 00:00:00 2001
|
|
|
cf6bdb |
From: Watson Sato <wsato@redhat.com>
|
|
|
cf6bdb |
Date: Mon, 28 Sep 2020 13:03:46 +0200
|
|
|
cf6bdb |
Subject: [PATCH 2/2] Fix export of platform profile to DOM
|
|
|
cf6bdb |
|
|
|
cf6bdb |
The xccdf:platform should reference the ID of a CPE name or a CPE
|
|
|
cf6bdb |
applicability language expression.
|
|
|
cf6bdb |
---
|
|
|
cf6bdb |
src/XCCDF/profile.c | 3 ++-
|
|
|
cf6bdb |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
cf6bdb |
|
|
|
cf6bdb |
diff --git a/src/XCCDF/profile.c b/src/XCCDF/profile.c
|
|
|
cf6bdb |
index 776ef616a..b8a3f4749 100644
|
|
|
cf6bdb |
--- a/src/XCCDF/profile.c
|
|
|
cf6bdb |
+++ b/src/XCCDF/profile.c
|
|
|
cf6bdb |
@@ -319,7 +319,8 @@ void xccdf_profile_to_dom(struct xccdf_profile *profile, xmlNode *profile_node,
|
|
|
cf6bdb |
struct oscap_string_iterator *platforms = xccdf_profile_get_platforms(profile);
|
|
|
cf6bdb |
while (oscap_string_iterator_has_more(platforms)) {
|
|
|
cf6bdb |
const char *platform = oscap_string_iterator_next(platforms);
|
|
|
cf6bdb |
- xmlNewTextChild(profile_node, ns_xccdf, BAD_CAST "platform", BAD_CAST platform);
|
|
|
cf6bdb |
+ xmlNode *platform_node = xmlNewTextChild(profile_node, ns_xccdf, BAD_CAST "platform", NULL);
|
|
|
cf6bdb |
+ xmlNewProp(platform_node, BAD_CAST "idref", BAD_CAST platform);
|
|
|
cf6bdb |
}
|
|
|
cf6bdb |
oscap_string_iterator_free(platforms);
|
|
|
cf6bdb |
|