def oscap_text_itr_get_text(itr):
"""
Helper function for getting a text from the oscap_text_iterator.
:param itr: oscap_text_iterator to get the text from
:type itr: oscap_text_iterator
:return: text gotten from the iterator
:rtype: str
"""
ret = ""
while OSCAP.oscap_text_iterator_has_more(itr):
text_item = OSCAP.oscap_text_iterator_next(itr)
ret += OSCAP.oscap_text_get_text(text_item)
return ret
def oscap_text_itr_get_text(itr):
"""
Helper function for getting a text from the oscap_text_iterator.
:param itr: oscap_text_iterator to get the text from
:type itr: oscap_text_iterator
:return: text gotten from the iterator
:rtype: str
"""
ret = ""
while OSCAP.oscap_text_iterator_has_more(itr):
text_item = OSCAP.oscap_text_iterator_next(itr)
ret += OSCAP.oscap_text_get_text(text_item)
return ret
def __init__(self, xccdf_file_path, tailoring_file_path=""):
"""
Constructor for the BenchmarkHandler class.
:param xccdf_file_path: path to a file with an XCCDF benchmark
:type xccdf_file_path: str
:param tailoring_file_path: path to a tailoring file
:type tailoring_file_path: str
"""
if not os.path.exists(xccdf_file_path):
msg = "Invalid file path: '%s'" % xccdf_file_path
raise BenchmarkHandlingError(msg)
session = OSCAP.xccdf_session_new(xccdf_file_path)
if not session:
msg = "'%s' is not a valid SCAP content file" % xccdf_file_path
raise BenchmarkHandlingError(msg)
if tailoring_file_path:
OSCAP.xccdf_session_set_user_tailoring_file(session,
tailoring_file_path)
if OSCAP.xccdf_session_load(session) != 0:
raise BenchmarkHandlingError(OSCAP.oscap_err_desc())
# get the benchmark object
policy_model = OSCAP.xccdf_session_get_policy_model(session)
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
default_policy = OSCAP.xccdf_policy_new(policy_model, None)
default_rules_count = OSCAP.xccdf_policy_get_selected_rules_count(default_policy)
# stores a list of profiles in the benchmark
self._profiles = []
if default_rules_count > 0:
self._profiles.append(
ProfileInfo(
"default", "Default",
"The implicit XCCDF profile. Usually, the default contains no rules."))
if not benchmark:
msg = "Not a valid benchmark file: '%s'" % xccdf_file_path
raise BenchmarkHandlingError(msg)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
if tailoring_file_path:
tailoring = OSCAP.xccdf_policy_model_get_tailoring(policy_model)
profile_itr = OSCAP.xccdf_tailoring_get_profiles(tailoring)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
OSCAP.xccdf_session_free(session)
def get_profiles(self, data_stream_id, checklist_id):
"""
Method to get a list of profiles defined in the checklist given by the
checklist_id that is defined in the data stream given by the
data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from
:type data_stream_id: str
:param checklist_id: ID of the checklist to get profiles from
:type checklist_id: str
:return: list of profiles found in the checklist
:rtype: list of ProfileInfo instances
"""
cache_id = "%s;%s" % (data_stream_id, checklist_id)
if cache_id in self._profiles_cache:
# found in cache, return the value
return self._profiles_cache[cache_id]
# not found in the cache, needs to be gathered
# set the data stream and component (checklist) for the session
OSCAP.xccdf_session_free(self._session)
self._session = OSCAP.xccdf_session_new(self._dsc_file_path)
if not self._session:
msg = "'%s' is not a valid SCAP content file" % self._dsc_file_path
raise DataStreamHandlingError(msg)
OSCAP.xccdf_session_set_datastream_id(self._session, data_stream_id)
OSCAP.xccdf_session_set_component_id(self._session, checklist_id)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
# get the benchmark (checklist)
policy_model = OSCAP.xccdf_session_get_policy_model(self._session)
default_policy = OSCAP.xccdf_policy_new(policy_model, None)
default_rules_count = OSCAP.xccdf_policy_get_selected_rules_count(default_policy)
# will hold items for the profiles for the speficied DS and checklist
profiles = []
if default_rules_count > 0:
profiles.append(ProfileInfo("default", "Default",
"The implicit XCCDF profile. Usually, the default contains no rules."))
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(
oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
# cache the result
self._profiles_cache[cache_id] = profiles
return profiles
def __del__(self):
"""Destructor for the DataStreamHandler class."""
if '_session' in locals():
# we should free the session
OSCAP.xccdf_session_free(self._session)
def __init__(self, dsc_file_path, tailoring_file_path=""):
"""
Constructor for the DataStreamHandler class.
:param dsc_file_path: path to a file with a data stream collection
:type dsc_file_path: str
:param tailoring_file_path: path to a tailoring file
:type tailoring_file_path: str
"""
# is used to speed up getting lists of profiles
self._profiles_cache = dict()
if not os.path.exists(dsc_file_path):
msg = "Invalid file path: '%s'" % dsc_file_path
raise DataStreamHandlingError(msg)
self._dsc_file_path = dsc_file_path
# create an XCCDF session for the file
self._session = OSCAP.xccdf_session_new(dsc_file_path)
if not self._session:
msg = "'%s' is not a valid SCAP content file" % dsc_file_path
raise DataStreamHandlingError(msg)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
if tailoring_file_path:
OSCAP.xccdf_session_set_user_tailoring_file(self._session,
tailoring_file_path)
if not OSCAP.xccdf_session_is_sds(self._session):
msg = "'%s' is not a data stream collection" % dsc_file_path
raise DataStreamHandlingError(msg)
# dictionary holding the items gathered from DSC processing
self._items = OrderedDict()
# create an sds index for the content
self._sds_idx = OSCAP.xccdf_session_get_sds_idx(self._session)
# iterate over streams and get checklists from each stream
streams_itr = OSCAP.ds_sds_index_get_streams(self._sds_idx)
while OSCAP.ds_stream_index_iterator_has_more(streams_itr):
stream_idx = OSCAP.ds_stream_index_iterator_next(streams_itr)
# will be used to store the checklists for streams
stream_id = OSCAP.ds_stream_index_get_id(stream_idx)
checklists = []
# iterate over checklists and append their ids to the list
chklist_itr = OSCAP.ds_stream_index_get_checklists(stream_idx)
while OSCAP.oscap_string_iterator_has_more(chklist_itr):
checklists.append(OSCAP.oscap_string_iterator_next(chklist_itr))
# store the list of checklist for the current stream
self._items[stream_id] = checklists
OSCAP.oscap_string_iterator_free(chklist_itr)
OSCAP.ds_stream_index_iterator_free(streams_itr)
def __init__(self, xccdf_file_path, tailoring_file_path=""):
"""
Constructor for the BenchmarkHandler class.
:param xccdf_file_path: path to a file with an XCCDF benchmark
:type xccdf_file_path: str
:param tailoring_file_path: path to a tailoring file
:type tailoring_file_path: str
"""
if not os.path.exists(xccdf_file_path):
msg = "Invalid file path: '%s'" % xccdf_file_path
raise BenchmarkHandlingError(msg)
session = OSCAP.xccdf_session_new(xccdf_file_path)
if not session:
msg = "'%s' is not a valid SCAP content file" % xccdf_file_path
raise BenchmarkHandlingError(msg)
if tailoring_file_path:
OSCAP.xccdf_session_set_user_tailoring_file(
session, tailoring_file_path)
if OSCAP.xccdf_session_load(session) != 0:
raise BenchmarkHandlingError(OSCAP.oscap_err_desc())
# get the benchmark object
policy_model = OSCAP.xccdf_session_get_policy_model(session)
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
default_policy = OSCAP.xccdf_policy_new(policy_model, None)
default_rules_count = OSCAP.xccdf_policy_get_selected_rules_count(
default_policy)
# stores a list of profiles in the benchmark
self._profiles = []
if default_rules_count > 0:
self._profiles.append(
ProfileInfo(
"default", "Default",
"The implicit XCCDF profile. Usually, the default contains no rules."
))
if not benchmark:
msg = "Not a valid benchmark file: '%s'" % xccdf_file_path
raise BenchmarkHandlingError(msg)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(
oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
if tailoring_file_path:
tailoring = OSCAP.xccdf_policy_model_get_tailoring(policy_model)
profile_itr = OSCAP.xccdf_tailoring_get_profiles(tailoring)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(
oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
self._profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
OSCAP.xccdf_session_free(session)
def get_profiles(self, data_stream_id, checklist_id):
"""
Method to get a list of profiles defined in the checklist given by the
checklist_id that is defined in the data stream given by the
data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from
:type data_stream_id: str
:param checklist_id: ID of the checklist to get profiles from
:type checklist_id: str
:return: list of profiles found in the checklist
:rtype: list of ProfileInfo instances
"""
cache_id = "%s;%s" % (data_stream_id, checklist_id)
if cache_id in self._profiles_cache:
# found in cache, return the value
return self._profiles_cache[cache_id]
# not found in the cache, needs to be gathered
# set the data stream and component (checklist) for the session
OSCAP.xccdf_session_free(self._session)
self._session = OSCAP.xccdf_session_new(self._dsc_file_path)
if not self._session:
msg = "'%s' is not a valid SCAP content file" % self._dsc_file_path
raise DataStreamHandlingError(msg)
OSCAP.xccdf_session_set_datastream_id(self._session, data_stream_id)
OSCAP.xccdf_session_set_component_id(self._session, checklist_id)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
# get the benchmark (checklist)
policy_model = OSCAP.xccdf_session_get_policy_model(self._session)
default_policy = OSCAP.xccdf_policy_new(policy_model, None)
default_rules_count = OSCAP.xccdf_policy_get_selected_rules_count(
default_policy)
# will hold items for the profiles for the speficied DS and checklist
profiles = []
if default_rules_count > 0:
profiles.append(
ProfileInfo(
"default", "Default",
"The implicit XCCDF profile. Usually, the default contains no rules."
))
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_title(profile))
desc = parse_HTML_from_content(
oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_description(profile)))
info = ProfileInfo(id_, title, desc)
profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
# cache the result
self._profiles_cache[cache_id] = profiles
return profiles
def __del__(self):
"""Destructor for the DataStreamHandler class."""
if '_session' in locals():
# we should free the session
OSCAP.xccdf_session_free(self._session)
def __init__(self, dsc_file_path, tailoring_file_path=""):
"""
Constructor for the DataStreamHandler class.
:param dsc_file_path: path to a file with a data stream collection
:type dsc_file_path: str
:param tailoring_file_path: path to a tailoring file
:type tailoring_file_path: str
"""
# is used to speed up getting lists of profiles
self._profiles_cache = dict()
if not os.path.exists(dsc_file_path):
msg = "Invalid file path: '%s'" % dsc_file_path
raise DataStreamHandlingError(msg)
self._dsc_file_path = dsc_file_path
# create an XCCDF session for the file
self._session = OSCAP.xccdf_session_new(dsc_file_path)
if not self._session:
msg = "'%s' is not a valid SCAP content file" % dsc_file_path
raise DataStreamHandlingError(msg)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
if tailoring_file_path:
OSCAP.xccdf_session_set_user_tailoring_file(
self._session, tailoring_file_path)
if not OSCAP.xccdf_session_is_sds(self._session):
msg = "'%s' is not a data stream collection" % dsc_file_path
raise DataStreamHandlingError(msg)
# dictionary holding the items gathered from DSC processing
self._items = OrderedDict()
# create an sds index for the content
self._sds_idx = OSCAP.xccdf_session_get_sds_idx(self._session)
# iterate over streams and get checklists from each stream
streams_itr = OSCAP.ds_sds_index_get_streams(self._sds_idx)
while OSCAP.ds_stream_index_iterator_has_more(streams_itr):
stream_idx = OSCAP.ds_stream_index_iterator_next(streams_itr)
# will be used to store the checklists for streams
stream_id = OSCAP.ds_stream_index_get_id(stream_idx)
checklists = []
# iterate over checklists and append their ids to the list
chklist_itr = OSCAP.ds_stream_index_get_checklists(stream_idx)
while OSCAP.oscap_string_iterator_has_more(chklist_itr):
checklists.append(
OSCAP.oscap_string_iterator_next(chklist_itr))
# store the list of checklist for the current stream
self._items[stream_id] = checklists
OSCAP.oscap_string_iterator_free(chklist_itr)
OSCAP.ds_stream_index_iterator_free(streams_itr)
def get_profiles(self, data_stream_id, checklist_id):
"""
Method to get a list of profiles defined in the checklist given by the
checklist_id that is defined in the data stream given by the
data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from
:type data_stream_id: str
:param checklist_id: ID of the checklist to get profiles from
:type checklist_id: str
:return: list of profiles found in the checklist
:rtype: list of ProfileInfo instances
"""
cache_id = "%s;%s" % (data_stream_id, checklist_id)
if cache_id in self._profiles_cache:
# found in cache, return the value
return self._profiles_cache[cache_id]
# not found in the cache, needs to be gathered
# set the data stream and component (checklist) for the session
OSCAP.xccdf_session_set_datastream_id(self._session, data_stream_id)
OSCAP.xccdf_session_set_component_id(self._session, checklist_id)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
# will hold items for the profiles for the speficied DS and checklist
profiles = [ProfileInfo("default", "Default", "The default profile")]
# get the benchmark (checklist)
policy_model = OSCAP.xccdf_session_get_policy_model(self._session)
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_title(profile))
desc = oscap_text_itr_get_text(
OSCAP.xccdf_profile_get_description(profile))
info = ProfileInfo(id_, title, desc)
profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
# cache the result
self._profiles_cache[cache_id] = profiles
return profiles
def get_profiles(self, data_stream_id, checklist_id):
"""
Method to get a list of profiles defined in the checklist given by the
checklist_id that is defined in the data stream given by the
data_stream_id.
:param data_stream_id: ID of the data stream to get checklists from
:type data_stream_id: str
:param checklist_id: ID of the checklist to get profiles from
:type checklist_id: str
:return: list of profiles found in the checklist
:rtype: list of ProfileInfo instances
"""
cache_id = "%s;%s" % (data_stream_id, checklist_id)
if cache_id in self._profiles_cache:
# found in cache, return the value
return self._profiles_cache[cache_id]
# not found in the cache, needs to be gathered
# set the data stream and component (checklist) for the session
OSCAP.xccdf_session_set_datastream_id(self._session, data_stream_id)
OSCAP.xccdf_session_set_component_id(self._session, checklist_id)
if OSCAP.xccdf_session_load(self._session) != 0:
raise DataStreamHandlingError(OSCAP.oscap_err_desc())
# will hold items for the profiles for the speficied DS and checklist
profiles = [ProfileInfo("default", "Default", "The default profile")]
# get the benchmark (checklist)
policy_model = OSCAP.xccdf_session_get_policy_model(self._session)
benchmark = OSCAP.xccdf_policy_model_get_benchmark(policy_model)
# iterate over the profiles in the benchmark and store them
profile_itr = OSCAP.xccdf_benchmark_get_profiles(benchmark)
while OSCAP.xccdf_profile_iterator_has_more(profile_itr):
profile = OSCAP.xccdf_profile_iterator_next(profile_itr)
id_ = OSCAP.xccdf_profile_get_id(profile)
title = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_title(profile))
desc = oscap_text_itr_get_text(OSCAP.xccdf_profile_get_description(profile))
info = ProfileInfo(id_, title, desc)
profiles.append(info)
OSCAP.xccdf_profile_iterator_free(profile_itr)
# cache the result
self._profiles_cache[cache_id] = profiles
return profiles