openscap 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 074803ceb32fdfbe49ce4a347e166b33ae2737d7
-  data.tar.gz: 628f26e6b604746130063faf1eecec3aaba118c0
+  metadata.gz: 22bf07db627e929232b8e13998a9dcc1697c6499
+  data.tar.gz: 44893a70952b97513875e80270852f3bdd5e40b4
 SHA512:
-  metadata.gz: 6fdb0130e40eab32d48982683e0f01363936f8b5ad01d7be8ff7b41b86081529354ab7732f0dca12ea4c397547eb0deab5f080043c64176c534a651306568933
-  data.tar.gz: 4e90b1f1ea0fc9e905879125001357e06f1c8ff64c3684f437193193e44cafb3607d7719bed4a04a4730230631b188582808a9f1e1ca6003184d3ac48648fd17
+  metadata.gz: f9ae19a6ec32d41bd800a656457417d14e5360b5a9ba394258eb7d2d13ff95b7c32f4d9d793d3cce0ccefec580376a68840767f1855b8a8ff0ee2be1119babf5
+  data.tar.gz: 246fe898e061abca50b86328d1ed89a5a360cec810d3624f45d72890e10e5be710cc03356b5d3f4c35208dec973ac93ed50b1aba6f909a9a620bfb82757375c0

data/README.md

@@ -7,7 +7,8 @@ A FFI wrapper around the OpenSCAP library.
 
 Features/problems
 -------------
-Current version supports minimal set of functions needed to build own scanner.
+Current version supports minimal set of functions needed to build own scanner. This module
+is self documented by its test suite.
 
 Sample Scanner Implementation
 -------------

data/lib/openscap/ds/arf.rb

@@ -9,15 +9,24 @@
 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
 #
 
+require 'openscap/ds/sds'
 require 'openscap/source'
+require 'openscap/xccdf/testresult'
 require 'openscap/libc'
 
 module OpenSCAP
   module DS
     class Arf
-      def initialize(input_filename)
-        @source = OpenSCAP::Source.new(input_filename)
-        @session = OpenSCAP.ds_rds_session_new_from_source @source.raw
+      attr_reader :source
+
+      def initialize(param)
+        case param
+        when String, Hash
+          @source = OpenSCAP::Source.new(param)
+          @session = OpenSCAP.ds_rds_session_new_from_source @source.raw
+        else
+          raise OpenSCAP::OpenSCAPError, "Cannot initialize OpenSCAP::DS:Arf with '#{param}'"
+        end
         if @session.null?
           OpenSCAP.raise!
         end
@@ -29,6 +38,23 @@ module OpenSCAP
         @source.destroy()
       end
 
+      def test_result(id=nil)
+        source = OpenSCAP.ds_rds_session_select_report(@session, id)
+        OpenSCAP.raise!() if source.nil?
+        OpenSCAP::Xccdf::TestResult.new(source)
+      end
+
+      def test_result=(tr)
+        source = tr.source
+        OpenSCAP.raise! unless OpenSCAP.ds_rds_session_replace_report_with_source(@session, source.raw) == 0
+      end
+
+      def report_request(id=nil)
+        source_p = OpenSCAP.ds_rds_session_select_report_request(@session, id)
+	source = OpenSCAP::Source.new source_p
+        OpenSCAP::DS::Sds.new(source)
+      end
+
       def html
         html_p = OpenSCAP.ds_rds_session_get_html_report @session
         OpenSCAP.raise! if OpenSCAP.error?
@@ -42,5 +68,8 @@ module OpenSCAP
 
   attach_function :ds_rds_session_new_from_source, [:pointer], :pointer
   attach_function :ds_rds_session_free, [:pointer], :void
+  attach_function :ds_rds_session_select_report, [:pointer, :string], :pointer
+  attach_function :ds_rds_session_replace_report_with_source, [:pointer, :pointer], :int
+  attach_function :ds_rds_session_select_report_request, [:pointer, :string], :pointer
   attach_function :ds_rds_session_get_html_report, [:pointer], :pointer
 end

data/lib/openscap/ds/sds.rb

@@ -0,0 +1,58 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap/source'
+
+module OpenSCAP
+  module DS
+    class Sds
+      attr_reader :raw
+
+      def initialize(param)
+        @raw = case param
+        when OpenSCAP::Source
+          @raw = OpenSCAP.ds_sds_session_new_from_source param.raw
+        when Hash
+          @raw = OpenSCAP.ds_sds_session_new_from_source param[:source].raw
+        end
+        OpenSCAP.raise! if @raw.null?
+      end
+
+      def select_checklist(p={})
+        source_p = OpenSCAP.ds_sds_session_select_checklist(@raw, p[:datastream_id], p[:component_id], nil)
+        OpenSCAP::Source.new source_p
+      end
+
+      def select_checklist!(p={})
+        checklist = select_checklist(p)
+        OpenSCAP.raise! if checklist.nil? or checklist.raw.null?
+        return checklist
+      end
+
+      def html_guide(profile=nil)
+        html = OpenSCAP.ds_sds_session_get_html_guide(@raw, profile)
+        OpenSCAP.raise! if html.nil?
+        return html
+      end
+
+      def destroy
+        OpenSCAP.ds_sds_session_free(@raw)
+        @raw = nil
+      end
+    end
+  end
+
+  attach_function :ds_sds_session_new_from_source, [:pointer], :pointer
+  attach_function :ds_sds_session_free, [:pointer], :void
+  attach_function :ds_sds_session_select_checklist, [:pointer, :string, :string, :string], :pointer
+  attach_function :ds_sds_session_get_html_guide, [:pointer, :string], :string
+
+end

data/lib/openscap/openscap.rb

@@ -24,10 +24,12 @@ module OpenSCAP
     return err.null? ? nil : err.read_string()
   end
 
-  def self.raise!
+  def self.raise!(msg=nil)
     err = get_full_error
     if err.nil?
-      err = '(unknown error)'
+      err = msg.nil? ? '(unknown error)' : msg
+    else
+      err += "\n#{msg}"
     end
     raise OpenSCAPError, err
   end
@@ -36,6 +38,8 @@ module OpenSCAP
   attach_function :oscap_cleanup, [], :void
   attach_function :oscap_get_version, [], :string
 
+  attach_function :oscap_document_type_to_string, [:int], :string
+
   attach_function :oscap_err, [], :bool
   attach_function :oscap_err_get_full_error, [], :pointer
   private_class_method :oscap_err, :oscap_err_get_full_error

data/lib/openscap/source.rb

@@ -11,18 +11,42 @@
 
 module OpenSCAP
   class Source
-    def initialize(input_filename)
-      raise OpenSCAPError, "No filename specified!" unless input_filename
-      @s = OpenSCAP.oscap_source_new_from_file(input_filename)
-      if @s.null?
-        OpenSCAP.raise!
+    def initialize(param)
+      case param
+      when nil
+        raise OpenSCAPError, "No filename specified!"
+      when String
+        @s = OpenSCAP.oscap_source_new_from_file(param)
+      when Hash
+        @s = OpenSCAP.oscap_source_new_from_memory param[:content], param[:content].length, param[:path]
+      when FFI::Pointer
+        @s = param
+      else
+        raise OpenSCAP::OpenSCAPError, "Cannot initialize OpenSCAP::Source with '#{param}'"
       end
+      OpenSCAP.raise! if @s.null?
+    end
+
+    def type
+      OpenSCAP.oscap_document_type_to_string(OpenSCAP.oscap_source_get_scap_type(@s))
+    end
+
+    def validate!
+      e = FFI::MemoryPointer.new(:char, 4096)
+      if 0 != OpenSCAP.oscap_source_validate(@s, XmlReporterCallback, e)
+        OpenSCAP.raise! e.read_string
+      end
+
     end
 
     def raw
       @s
     end
 
+    def save(filepath=nil)
+      OpenSCAP.raise! unless OpenSCAP.oscap_source_save_as(raw, filepath) == 0
+    end
+
     def destroy
       OpenSCAP.oscap_source_free(@s)
       @s = nil
@@ -30,5 +54,21 @@ module OpenSCAP
   end
 
   attach_function :oscap_source_new_from_file, [:string], :pointer
+  attach_function :oscap_source_new_from_memory, [:string, :int, :string], :pointer
+  attach_function :oscap_source_get_scap_type, [:pointer], :int
   attach_function :oscap_source_free, [:pointer], :void
+  attach_function :oscap_source_save_as, [:pointer, :string], :int
+
+  callback :xml_reporter, [:string, :int, :string, :pointer], :int
+  attach_function :oscap_source_validate, [:pointer, :xml_reporter, :pointer], :int
+  XmlReporterCallback = Proc.new do |filename, line_number, error_message, e|
+    offset = e.get_string(0).length
+    msg = "#{filename}:#{line_number}: #{error_message}"
+    if msg.length + offset + 1 < e.size
+      e.put_string(offset, msg)
+      0
+    else
+      1
+    end
+  end
 end

data/lib/openscap/text.rb

@@ -0,0 +1,55 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+module OpenSCAP
+  class Text
+    attr_reader :raw
+
+    def initialize
+      @raw = OpenSCAP.oscap_text_new
+    end
+
+    def text=(str)
+      OpenSCAP.raise! unless OpenSCAP.oscap_text_set_text(raw, str)
+    end
+
+    def text
+      OpenSCAP.oscap_text_get_text(raw)
+    end
+
+    def destroy
+      OpenSCAP.oscap_text_free(raw)
+      raw = nil
+    end
+  end
+
+  class TextList
+    def initialize(oscap_text_iterator)
+      @raw = oscap_text_iterator
+    end
+
+    def plaintext(lang=nil)
+      OpenSCAP.oscap_textlist_get_preferred_plaintext @raw, lang
+    end
+
+    def destroy
+      OpenSCAP.oscap_text_iterator_free @raw
+    end
+  end
+
+  attach_function :oscap_text_new, [], :pointer
+  attach_function :oscap_text_set_text, [:pointer, :string], :bool
+  attach_function :oscap_text_get_text, [:pointer], :string
+  attach_function :oscap_text_free, [:pointer], :void
+
+  attach_function :oscap_textlist_get_preferred_plaintext, [:pointer, :string], :string
+  attach_function :oscap_text_iterator_free, [:pointer], :void
+end

data/lib/openscap/version.rb

@@ -10,5 +10,5 @@
 #
 
 module OpenSCAP
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/lib/openscap/{helper.rb → xccdf.rb}

@@ -9,10 +9,10 @@
 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
 #
 
-module OpenSCAP::Helper
-  def self.get_html_report_for_arf
-    # This is workaround function for the installation with
-    # old OpenSCAP without the oscap_source functionality
-    
+require 'openscap/openscap'
+
+module OpenSCAP
+  module Xccdf
+    NUMERIC = :float
   end
-end
+end

data/lib/openscap/xccdf/benchmark.rb

@@ -0,0 +1,62 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap/source'
+require 'openscap/xccdf/profile'
+
+module OpenSCAP
+  module Xccdf
+    class Benchmark
+      attr_reader :raw
+
+      def initialize(p)
+        case p
+        when OpenSCAP::Source
+          @raw = OpenSCAP.xccdf_benchmark_import_source p.raw
+        else
+          raise OpenSCAP::OpenSCAPError,
+            "Cannot initialize OpenSCAP::Xccdf::Benchmark with '#{p}'"
+        end
+        OpenSCAP.raise! if @raw.null?
+      end
+
+      def profiles
+        @profiles ||= profiles_init
+      end
+
+      def destroy
+        OpenSCAP.xccdf_benchmark_free @raw
+        @raw = nil
+      end
+
+      private
+      def profiles_init
+        profiles = {}
+        profit = OpenSCAP.xccdf_benchmark_get_profiles raw
+        while OpenSCAP.xccdf_profile_iterator_has_more profit
+          profile_p = OpenSCAP.xccdf_profile_iterator_next profit
+          profile = OpenSCAP::Xccdf::Profile.new profile_p
+          profiles[profile.id] = profile
+        end
+        OpenSCAP.xccdf_profile_iterator_free profit
+        profiles
+      end
+    end
+  end
+
+  attach_function :xccdf_benchmark_import_source, [:pointer], :pointer
+  attach_function :xccdf_benchmark_free, [:pointer], :void
+
+  attach_function :xccdf_benchmark_get_profiles, [:pointer], :pointer
+  attach_function :xccdf_profile_iterator_has_more, [:pointer], :bool
+  attach_function :xccdf_profile_iterator_next, [:pointer], :pointer
+  attach_function :xccdf_profile_iterator_free, [:pointer], :void
+end

data/lib/openscap/xccdf/profile.rb

@@ -0,0 +1,43 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap/text'
+
+module OpenSCAP
+  module Xccdf
+    class Profile
+      attr_reader :raw
+
+      def initialize(p)
+        case p
+        when FFI::Pointer
+          @raw = p
+        else
+          raise OpenSCAP::OpenSCAPError, "Cannot initialize OpenSCAP::Xccdf::Profile with #{p}"
+        end
+      end
+
+      def id
+        OpenSCAP.xccdf_profile_get_id raw
+      end
+
+      def title(prefered_lang=nil)
+        textlist = OpenSCAP::TextList.new(OpenSCAP.xccdf_profile_get_title(@raw))
+        title = textlist.plaintext(prefered_lang)
+        textlist.destroy
+        return title
+      end
+    end
+  end
+
+  attach_function :xccdf_profile_get_id, [:pointer], :string
+  attach_function :xccdf_profile_get_title, [:pointer], :pointer
+end

data/lib/openscap/xccdf/ruleresult.rb

@@ -0,0 +1,71 @@
+#
+# Copyright (c) 2014 Red Hat Inc.
+#
+# This software is licensed to you under the GNU General Public License,
+# version 2 (GPLv2). There is NO WARRANTY for this software, express or
+# implied, including the implied warranties of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
+# along with this software; if not, see
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+#
+
+require 'openscap/exceptions'
+require 'openscap/text'
+
+module OpenSCAP
+  module Xccdf
+    class RuleResult
+      def initialize(t)
+        case t
+        when FFI::Pointer
+          @rr = t
+        else
+          raise OpenSCAP::OpenSCAPError, "Cannot initialize TestResult with #{t}"
+        end
+      end
+
+      def id
+        OpenSCAP.xccdf_rule_result_get_idref @rr
+      end
+
+      def result
+        OpenSCAP.xccdf_test_result_type_get_text \
+            OpenSCAP.xccdf_rule_result_get_result(@rr)
+      end
+
+      def override!(param)
+        if OpenSCAP::XccdfResult[param[:new_result]] > OpenSCAP::XccdfResult[:fixed]
+          raise OpenSCAPError, "Could not recognize result type: '#{param[:new_result]}'"
+        end
+        t = OpenSCAP::Text.new
+        t.text = param[:raw_text]
+        if !OpenSCAP.xccdf_rule_result_override(@rr,
+              OpenSCAP::XccdfResult[param[:new_result]],
+              param[:time], param[:authority], t.raw)
+          OpenSCAP.raise!
+        end
+      end
+
+      def destroy
+        OpenSCAP.xccdf_rule_result_free @rr
+      end
+    end
+  end
+
+  attach_function :xccdf_rule_result_get_idref, [:pointer], :string
+  attach_function :xccdf_rule_result_free, [:pointer], :void
+  attach_function :xccdf_rule_result_get_result, [:pointer], :int
+  attach_function :xccdf_test_result_type_get_text, [:int], :string
+
+  XccdfResult = enum(:pass, 1,
+                     :fail,
+                     :error,
+                     :unknown,
+                     :notapplicable,
+                     :notchecked,
+                     :notselected,
+                     :informational,
+                     :fixed)
+  attach_function :xccdf_rule_result_override,
+    [:pointer, XccdfResult, :string, :string, :pointer], :bool
+end