From 128a9a554b84f797a2efc4fa1a70233d22239d1fb80a7c455d4be5e2e24a3a67 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 14 Nov 2017 14:29:43 +0000 Subject: [PATCH 1/4] - openscap-productid-cvrf.patch: add a --productid selector for "oscap cvrf" as upstream does not detect the system yet. (might go away) OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=189 --- openscap-productid-cvrf.patch | 70 +++++++++++++++++++++++++++++++++++ openscap.changes | 7 ++++ openscap.spec | 2 + 3 files changed, 79 insertions(+) create mode 100644 openscap-productid-cvrf.patch diff --git a/openscap-productid-cvrf.patch b/openscap-productid-cvrf.patch new file mode 100644 index 0000000..5bf41f3 --- /dev/null +++ b/openscap-productid-cvrf.patch @@ -0,0 +1,70 @@ +diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf.c +--- openscap-1.2.16/utils/oscap-cvrf.c 2017-11-14 12:48:32.000000000 +0100 ++++ openscap-1.2.16.xx/utils/oscap-cvrf.c 2017-11-14 14:59:57.353065728 +0100 +@@ -60,6 +60,7 @@ + .help = "Options:\n" + " --index\r\t\t\t\t - Use index file to evaluate a directory of CVRF files.\n" + " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n", ++ " --productid\r\t\t\t\t - Product ID to use (currently not yet auto-detected).\n", + }; + + static struct oscap_module CVRF_EXPORT_MODULE = { +@@ -98,10 +99,18 @@ + // Temporary hardcoded CPE until CPE name can be found without input by CVRF functions + // themselves + const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; +- struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf); +- struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name); +- if (export_source == NULL) ++ struct oscap_source *import_source; ++ struct oscap_source *export_source; ++ ++ if (action->cvrf_action->f_productid) ++ os_name = action->cvrf_action->f_productid; ++ ++ import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf); ++ export_source = cvrf_model_get_results_source(import_source, os_name); ++ if (export_source == NULL) { ++ fprintf(stderr, "Could not find results for product %s\n", os_name); + return -1; ++ } + + if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) { + result = OSCAP_ERROR; +@@ -180,6 +189,7 @@ + CVRF_OPT_INDEX, + CVRF_OPT_RESULT_FILE, + CVRF_OPT_OUTPUT_FILE, ++ CVRF_OPT_PRODUCT_ID, + }; + + bool getopt_cvrf(int argc, char **argv, struct oscap_action *action) { +@@ -191,6 +201,7 @@ + {"index", 0, NULL, CVRF_OPT_INDEX}, + {"results", 1, NULL, CVRF_OPT_RESULT_FILE}, + {"output", 1, NULL, CVRF_OPT_OUTPUT_FILE}, ++ {"productid", 1, NULL, CVRF_OPT_PRODUCT_ID}, + {0, 0, 0, 0} + }; + +@@ -206,6 +217,9 @@ + case CVRF_OPT_OUTPUT_FILE: + cvrf_action->f_output = optarg; + break; ++ case CVRF_OPT_PRODUCT_ID: ++ cvrf_action->f_productid = optarg; ++ break; + default: + return oscap_module_usage(action->module, stderr, NULL); + } +diff -ru openscap-1.2.16/utils/oscap-tool.h openscap-1.2.16.xx/utils/oscap-tool.h +--- openscap-1.2.16/utils/oscap-tool.h 2017-11-14 12:48:32.000000000 +0100 ++++ openscap-1.2.16.xx/utils/oscap-tool.h 2017-11-14 14:58:35.981147877 +0100 +@@ -104,6 +104,7 @@ + char *f_cvrf; + char *f_results; + char *f_output; ++ char *f_productid; + }; + + struct oscap_action { diff --git a/openscap.changes b/openscap.changes index bdbda6b..7b2155d 100644 --- a/openscap.changes +++ b/openscap.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Nov 14 14:17:28 UTC 2017 - meissner@suse.com + +- openscap-productid-cvrf.patch: add a --productid selector + for "oscap cvrf" as upstream does not detect the system yet. + (might go away) + ------------------------------------------------------------------- Tue Nov 14 12:14:41 UTC 2017 - meissner@suse.com diff --git a/openscap.spec b/openscap.spec index 29c50eb..ac9008c 100644 --- a/openscap.spec +++ b/openscap.spec @@ -30,6 +30,7 @@ Source2: sysconfig.oscap-scan # Generated from http://gitorious.org/test-suite/scap Source3: scap-yast2sec-xccdf.xml Source4: scap-yast2sec-oval.xml +Patch0: openscap-productid-cvrf.patch Url: http://www.open-scap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: doxygen @@ -166,6 +167,7 @@ commonly used and require additional dependencies. %prep %setup -q +%patch0 -p1 %build From 99499cd1d3f8e4d691f1b0d672ab22488e58b4d81a9770d990be1c5972f9ffb6 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 14 Nov 2017 14:38:14 +0000 Subject: [PATCH 2/4] OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=190 --- openscap-productid-cvrf.patch | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/openscap-productid-cvrf.patch b/openscap-productid-cvrf.patch index 5bf41f3..73a07e9 100644 --- a/openscap-productid-cvrf.patch +++ b/openscap-productid-cvrf.patch @@ -1,15 +1,18 @@ -diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf.c ---- openscap-1.2.16/utils/oscap-cvrf.c 2017-11-14 12:48:32.000000000 +0100 -+++ openscap-1.2.16.xx/utils/oscap-cvrf.c 2017-11-14 14:59:57.353065728 +0100 -@@ -60,6 +60,7 @@ +Index: openscap-1.2.16/utils/oscap-cvrf.c +=================================================================== +--- openscap-1.2.16.orig/utils/oscap-cvrf.c ++++ openscap-1.2.16/utils/oscap-cvrf.c +@@ -59,7 +59,8 @@ static struct oscap_module CVRF_EVALUATE + .func = app_cvrf_evaluate, .help = "Options:\n" " --index\r\t\t\t\t - Use index file to evaluate a directory of CVRF files.\n" - " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n", +- " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n", ++ " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n" + " --productid\r\t\t\t\t - Product ID to use (currently not yet auto-detected).\n", }; static struct oscap_module CVRF_EXPORT_MODULE = { -@@ -98,10 +99,18 @@ +@@ -98,10 +99,18 @@ static int app_cvrf_evaluate(const struc // Temporary hardcoded CPE until CPE name can be found without input by CVRF functions // themselves const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; @@ -31,7 +34,7 @@ diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf. if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) { result = OSCAP_ERROR; -@@ -180,6 +189,7 @@ +@@ -180,6 +189,7 @@ enum cvrf_opt { CVRF_OPT_INDEX, CVRF_OPT_RESULT_FILE, CVRF_OPT_OUTPUT_FILE, @@ -39,7 +42,7 @@ diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf. }; bool getopt_cvrf(int argc, char **argv, struct oscap_action *action) { -@@ -191,6 +201,7 @@ +@@ -191,6 +201,7 @@ bool getopt_cvrf(int argc, char **argv, {"index", 0, NULL, CVRF_OPT_INDEX}, {"results", 1, NULL, CVRF_OPT_RESULT_FILE}, {"output", 1, NULL, CVRF_OPT_OUTPUT_FILE}, @@ -47,7 +50,7 @@ diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf. {0, 0, 0, 0} }; -@@ -206,6 +217,9 @@ +@@ -206,6 +217,9 @@ bool getopt_cvrf(int argc, char **argv, case CVRF_OPT_OUTPUT_FILE: cvrf_action->f_output = optarg; break; @@ -57,10 +60,11 @@ diff -ru openscap-1.2.16/utils/oscap-cvrf.c openscap-1.2.16.xx/utils/oscap-cvrf. default: return oscap_module_usage(action->module, stderr, NULL); } -diff -ru openscap-1.2.16/utils/oscap-tool.h openscap-1.2.16.xx/utils/oscap-tool.h ---- openscap-1.2.16/utils/oscap-tool.h 2017-11-14 12:48:32.000000000 +0100 -+++ openscap-1.2.16.xx/utils/oscap-tool.h 2017-11-14 14:58:35.981147877 +0100 -@@ -104,6 +104,7 @@ +Index: openscap-1.2.16/utils/oscap-tool.h +=================================================================== +--- openscap-1.2.16.orig/utils/oscap-tool.h ++++ openscap-1.2.16/utils/oscap-tool.h +@@ -104,6 +104,7 @@ struct cvrf_action { char *f_cvrf; char *f_results; char *f_output; From fd2df3e5a62261b0d7395079df0e5e2f2792b4da3fc2d5ac262f77c393189a2e Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 14 Nov 2017 15:02:28 +0000 Subject: [PATCH 3/4] OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=191 --- openscap-productid-cvrf.patch | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/openscap-productid-cvrf.patch b/openscap-productid-cvrf.patch index 73a07e9..02a07ab 100644 --- a/openscap-productid-cvrf.patch +++ b/openscap-productid-cvrf.patch @@ -12,13 +12,15 @@ Index: openscap-1.2.16/utils/oscap-cvrf.c }; static struct oscap_module CVRF_EXPORT_MODULE = { -@@ -98,10 +99,18 @@ static int app_cvrf_evaluate(const struc +@@ -97,11 +98,19 @@ static int app_cvrf_evaluate(const struc + int result = OSCAP_OK; // Temporary hardcoded CPE until CPE name can be found without input by CVRF functions // themselves - const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; +- const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; - struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf); - struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name); - if (export_source == NULL) ++ char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; + struct oscap_source *import_source; + struct oscap_source *export_source; + From 69d55966cfd3f30ce1f487149805549677ac800605bd9680fd80b96070cb5296 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 14 Nov 2017 15:21:10 +0000 Subject: [PATCH 4/4] OBS-URL: https://build.opensuse.org/package/show/security/openscap?expand=0&rev=192 --- openscap-productid-cvrf.patch | 76 ----------------------------------- openscap.spec | 2 - 2 files changed, 78 deletions(-) delete mode 100644 openscap-productid-cvrf.patch diff --git a/openscap-productid-cvrf.patch b/openscap-productid-cvrf.patch deleted file mode 100644 index 02a07ab..0000000 --- a/openscap-productid-cvrf.patch +++ /dev/null @@ -1,76 +0,0 @@ -Index: openscap-1.2.16/utils/oscap-cvrf.c -=================================================================== ---- openscap-1.2.16.orig/utils/oscap-cvrf.c -+++ openscap-1.2.16/utils/oscap-cvrf.c -@@ -59,7 +59,8 @@ static struct oscap_module CVRF_EVALUATE - .func = app_cvrf_evaluate, - .help = "Options:\n" - " --index\r\t\t\t\t - Use index file to evaluate a directory of CVRF files.\n" -- " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n", -+ " --results\r\t\t\t\t - Filename to which evaluation results will be saved.\n" -+ " --productid\r\t\t\t\t - Product ID to use (currently not yet auto-detected).\n", - }; - - static struct oscap_module CVRF_EXPORT_MODULE = { -@@ -97,11 +98,19 @@ static int app_cvrf_evaluate(const struc - int result = OSCAP_OK; - // Temporary hardcoded CPE until CPE name can be found without input by CVRF functions - // themselves -- const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; -- struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf); -- struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name); -- if (export_source == NULL) -+ char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)"; -+ struct oscap_source *import_source; -+ struct oscap_source *export_source; -+ -+ if (action->cvrf_action->f_productid) -+ os_name = action->cvrf_action->f_productid; -+ -+ import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf); -+ export_source = cvrf_model_get_results_source(import_source, os_name); -+ if (export_source == NULL) { -+ fprintf(stderr, "Could not find results for product %s\n", os_name); - return -1; -+ } - - if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) { - result = OSCAP_ERROR; -@@ -180,6 +189,7 @@ enum cvrf_opt { - CVRF_OPT_INDEX, - CVRF_OPT_RESULT_FILE, - CVRF_OPT_OUTPUT_FILE, -+ CVRF_OPT_PRODUCT_ID, - }; - - bool getopt_cvrf(int argc, char **argv, struct oscap_action *action) { -@@ -191,6 +201,7 @@ bool getopt_cvrf(int argc, char **argv, - {"index", 0, NULL, CVRF_OPT_INDEX}, - {"results", 1, NULL, CVRF_OPT_RESULT_FILE}, - {"output", 1, NULL, CVRF_OPT_OUTPUT_FILE}, -+ {"productid", 1, NULL, CVRF_OPT_PRODUCT_ID}, - {0, 0, 0, 0} - }; - -@@ -206,6 +217,9 @@ bool getopt_cvrf(int argc, char **argv, - case CVRF_OPT_OUTPUT_FILE: - cvrf_action->f_output = optarg; - break; -+ case CVRF_OPT_PRODUCT_ID: -+ cvrf_action->f_productid = optarg; -+ break; - default: - return oscap_module_usage(action->module, stderr, NULL); - } -Index: openscap-1.2.16/utils/oscap-tool.h -=================================================================== ---- openscap-1.2.16.orig/utils/oscap-tool.h -+++ openscap-1.2.16/utils/oscap-tool.h -@@ -104,6 +104,7 @@ struct cvrf_action { - char *f_cvrf; - char *f_results; - char *f_output; -+ char *f_productid; - }; - - struct oscap_action { diff --git a/openscap.spec b/openscap.spec index ac9008c..29c50eb 100644 --- a/openscap.spec +++ b/openscap.spec @@ -30,7 +30,6 @@ Source2: sysconfig.oscap-scan # Generated from http://gitorious.org/test-suite/scap Source3: scap-yast2sec-xccdf.xml Source4: scap-yast2sec-oval.xml -Patch0: openscap-productid-cvrf.patch Url: http://www.open-scap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: doxygen @@ -167,7 +166,6 @@ commonly used and require additional dependencies. %prep %setup -q -%patch0 -p1 %build