Merge branch 'maint-1.2' into maint-1.3

jan-cerny · jan-cerny · commit f65f3a6d8da3 · 2019-05-28T08:16:08.000+02:00
Conflicts:
	ac_probes/configure.ac.tpl
	configure.ac
	schemas/Makefile.am
	schemas/common/xlink.xsd
	src/DS/sds_priv.h
	src/source/Makefile.am
	tests/API/probes/Makefile.am
	tests/DS/Makefile.am
	tests/DS/sds_detect_version/scap-1.3-ds.xml
	tests/DS/validate/Makefile.am
diff --git a/schemas/oval/5.11.2/oval-definitions-schema.xsd b/schemas/oval/5.11.2/oval-definitions-schema.xsd
@@ -1450,7 +1450,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntitySimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="binary"/>                                                
             </xsd:restriction>
@@ -1463,7 +1463,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntitySimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="boolean"/>                                                
             </xsd:restriction>
@@ -1476,7 +1476,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntitySimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="float"/>                                                
             </xsd:restriction>
@@ -1489,7 +1489,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntitySimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="int"/>                                
             </xsd:restriction>
@@ -1656,7 +1656,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="binary"/>                                
             </xsd:restriction>
@@ -1669,7 +1669,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="boolean"/>                                
             </xsd:restriction>
@@ -1682,7 +1682,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="float"/>                                                
             </xsd:restriction>
@@ -1695,7 +1695,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="int"/>                
             </xsd:restriction>
diff --git a/schemas/oval/5.11.2/oval-system-characteristics-schema.xsd b/schemas/oval/5.11.2/oval-system-characteristics-schema.xsd
@@ -493,7 +493,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-sc:EntityItemSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="binary"/>                                                
             </xsd:restriction>
@@ -506,7 +506,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-sc:EntityItemSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="boolean"/>                                                
             </xsd:restriction>
@@ -519,7 +519,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-sc:EntityItemSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="float"/>
             </xsd:restriction>
@@ -532,7 +532,7 @@
         <xsd:simpleContent>
             <xsd:restriction base="oval-sc:EntityItemSimpleBaseType">
                 <xsd:simpleType>
-                    <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+                    <xsd:restriction base="xsd:string"/>
                 </xsd:simpleType>
                 <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="int"/>
             </xsd:restriction>
diff --git a/src/source/oscap_source.c b/src/source/oscap_source.c
@@ -54,6 +54,7 @@
 #include "source/validate_priv.h"
 #include "XCCDF/elements.h"
 #include "XCCDF/public/xccdf_benchmark.h"
+#include "DS/sds_priv.h"
 
 typedef enum oscap_source_type {
 	OSCAP_SRC_FROM_USER_XML_FILE = 1,               ///< The source originated from XML file supplied by user
diff --git a/tests/API/probes/all.sh b/tests/API/probes/all.sh
@@ -7,7 +7,7 @@ test_init "test_api_probes.log"
 if [ -z ${CUSTOM_OSCAP+x} ] ; then
     test_run "fts test" $srcdir/fts.sh
     test_run "probe api smoke test" ./test_api_probes_smoke
-    test_run "fsdev is_local_fs unit test" ./test_fsdev_is_local_fs
+    test_run "fsdev is_local_fs unit test" ./test_fsdev_is_local_fs $srcdir/fake_mtab
 fi
 
 test_exit
diff --git a/tests/API/probes/fake_mtab b/tests/API/probes/fake_mtab
@@ -0,0 +1,7 @@
+/dev/mapper/fedora-root / ext4 rw,seclabel,relatime 0 0
+tmpfs /tmp tmpfs rw,seclabel,nosuid,nodev 0 0
+/etc/mount.map /nfs/test autofs rw,relatime,fd=17,pgrp=11111,timeout=5,minproto=5,maxproto=5,direct,pipe_ino=1246883 0 0
+192.168.122.231:/test /nfs/test nfs4 rw,relatime,vers=4.2,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.122.1,local_lock=none,addr=192.168.122.231 0 0
+/dev/mapper/fedora-home /home ext4 rw,seclabel,relatime 0 0
+proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
+//192.168.0.5/storage /media/movies cifs guest,uid=myuser,iocharset=utf8,file_mode=0777,dir_mode=0777,noperm 0 0
diff --git a/tests/API/probes/test_fsdev_is_local_fs.c b/tests/API/probes/test_fsdev_is_local_fs.c
@@ -29,13 +29,46 @@
 #include <mntent.h>
 #include "fsdev.h"
 
-int main(int argc, char *argv[])
+static int test_single_call()
 {
 	struct mntent ment;
 	ment.mnt_type = "autofs";
 	int ret = is_local_fs(&ment);
-	if (ret != 0) {
+	/* autofs entry is never considered local */
+	return (ret == 0);
+}
+
+static int test_multiple_calls(const char *fake_mtab)
+{
+	/*
+	 * fake mtab contains only 4 local filesystems:
+	 * /, /tmp, /home and /proc
+	 */
+	FILE *f = setmntent(fake_mtab, "r");
+	if (f == NULL) {
+		fprintf(stderr, "fake_mtab could not be open\n");
+		return 0;
+	}
+	struct mntent *ment;
+	unsigned int locals = 0;
+	while ((ment = getmntent(f)) != NULL) {
+		if (is_local_fs(ment)) {
+			locals++;
+		}
+	}
+	endmntent(f);
+	return (locals == 4);
+}
+
+int main(int argc, char *argv[])
+{
+	if (!test_single_call()) {
+		fprintf(stderr, "test_single_call has failed\n");
+		return 1;
+	}
+	if (!test_multiple_calls(argv[1])) {
+		fprintf(stderr, "test_multiple_calls has failed\n");
 		return 1;
 	}
 	return 0;
-}
+}
diff --git a/tests/DS/ds_continue_without_remote_resources/remote_content_1.2.ds.xml b/tests/DS/ds_continue_without_remote_resources/remote_content_1.2.ds.xml
@@ -43,6 +43,13 @@
       <var_ref>oval:x:var:1</var_ref>
     </variable_object>
     </objects>
+
+    <variables>
+      <constant_variable id="oval:x:var:1" version="1" comment="x" datatype="int">
+        <value>100</value>
+      </constant_variable>
+    </variables>
+
 </oval_definitions>
 </ds:component>
 
diff --git a/tests/DS/ds_continue_without_remote_resources/remote_content_1.3.ds.xml b/tests/DS/ds_continue_without_remote_resources/remote_content_1.3.ds.xml
@@ -45,6 +45,13 @@
       <var_ref>oval:x:var:1</var_ref>
     </variable_object>
     </objects>
+
+    <variables>
+      <constant_variable id="oval:x:var:1" version="1" comment="x" datatype="int">
+        <value>100</value>
+      </constant_variable>
+    </variables>
+
 </oval_definitions>
 </ds:component>
 
diff --git a/tests/DS/sds_detect_version/scap-1.3-ds.xml b/tests/DS/sds_detect_version/scap-1.3-ds.xml
@@ -10,7 +10,7 @@
       <ns4:generator>
         <ns6:product_name>combine_ovals.py from SCAP Security Guide</ns6:product_name>
         <ns6:product_version>ssg: [0, 1, 44], python: 3.7.3</ns6:product_version>
-        <ns6:schema_version>5.11</ns6:schema_version>
+        <ns6:schema_version>5.11.2</ns6:schema_version>
         <ns6:timestamp>2019-05-10T06:18:18</ns6:timestamp>
       </ns4:generator>
       <ns4:definitions>
diff --git a/tests/DS/test_ds_misc.sh b/tests/DS/test_ds_misc.sh
@@ -222,14 +222,15 @@ function test_ds_continue_without_remote_resources() {
 	local DS="${srcdir}/$1"
 	local PROFILE="$2"
 	local result=$(mktemp)
+	local oval_result="test_single_rule.oval.xml.result.xml"
 
-	$OSCAP xccdf eval --profile "$PROFILE" --results "$result" "$DS"
+	$OSCAP xccdf eval --oval-results --profile "$PROFILE" --results "$result" "$DS"
 
 	assert_exists 1 '//rule-result[@idref="xccdf_com.example.www_rule_test-pass"]/result[text()="pass"]'
 	assert_exists 1 '//rule-result[@idref="xccdf_com.example.www_rule_test-remote_res"]/result[text()="notchecked"]'
 	assert_exists 1 '//rule-result[@idref="xccdf_com.example.www_rule_test-pass2"]/result[text()="pass"]'
 
-	rm -f "$result"
+	rm -f "$result" "$oval_result"
 }
 
 
