Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add x-win:junction_test as a schema extension.
- Loading branch information
David Solin
authored and
David Solin
committed
Mar 9, 2016
1 parent
713816d
commit 78e73f6
Showing
11 changed files
with
254 additions
and
57 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,50 +1,50 @@ | ||
| # Copyright (C) 2015 jOVAL.org. All rights reserved. | ||
| # This software is licensed under the LGPL 3.0 license available at http://www.gnu.org/licenses/lgpl.txt | ||
|
|
||
| TOP=.. | ||
| include $(TOP)/common.mk | ||
|
|
||
| CLASSPATH="$(CLASSLIB)$(CLN)$(SCAP_LIB)$(CLN)$(GEN)" | ||
|
|
||
| include classes.mk | ||
| include schemas.mk | ||
|
|
||
| SCHEMA_FILES:=$(foreach schema, $(SCHEMAS), $(SCHEMADIR)/$(schema)) | ||
| CLASS_FILES:=$(foreach class, $(CLASSES), $(BUILD)/$(subst .,/,$(class)).class) | ||
| PACKAGES=$(sort $(basename $(CLASSES))) | ||
| PACKAGEDIRS=$(subst .,/,$(PACKAGES)) | ||
|
|
||
| all: $(SCAP_EXT_LIB) | ||
|
|
||
| $(SCAP_EXT_LIB): $(GEN) classes resources | ||
| $(JAR) cvf $@ -C $(BUILD)/ . | ||
|
|
||
| clean: | ||
| rm -f $(EPISODE) | ||
| rm -f $(SCAP_EXT_LIB) | ||
| rm -rf $(BUILD) | ||
| rm -rf $(GEN) | ||
|
|
||
| resources: | ||
| mkdir -p $(BUILD)/META-INF | ||
| sed 's/$(BROKEN)/$(FIXED)/' $(EPISODE) > $(BUILD)/META-INF/sun-jaxb.episode | ||
| mkdir -p $(BUILD)/scapx/schemas | ||
| cp $(CATALOG) $(BUILD)/scapx | ||
| cp $(RSRC)/registry.ini $(BUILD)/scapx | ||
| cp -R $(SCHEMADIR)/* $(BUILD)/scapx/schemas | ||
| rm $(BUILD)/scapx/schemas/bindings.xjb | ||
|
|
||
| classes: classdirs $(CLASS_FILES) | ||
|
|
||
| classdirs: $(foreach pkg, $(PACKAGEDIRS), $(BUILD)/$(pkg)/) | ||
|
|
||
| $(GEN): $(SCHEMA_FILES) | ||
| mkdir -p $@ | ||
| $(XJC) $(XJCFLAGS_EXT) $(SCHEMA_FILES) $(SCAP_LIB) -b $(BINDINGS) -d $(GEN) | ||
| find $(GEN) -name ObjectFactory.java | grep core | xargs rm | ||
|
|
||
| $(BUILD)/%.class: $(GEN)/%.java | ||
| $(JAVAC) $(JAVACFLAGS) -d $(BUILD) -classpath $(CLASSPATH) $< | ||
|
|
||
| $(BUILD)/%/: | ||
| mkdir -p $@ | ||
| # Copyright (C) 2016 JovalCM.com. All rights reserved. | ||
| # This software is licensed under the LGPL 3.0 license available at http://www.gnu.org/licenses/lgpl.txt | ||
|
|
||
| TOP=.. | ||
| include $(TOP)/common.mk | ||
|
|
||
| CLASSPATH="$(CLASSLIB)$(CLN)$(SCAP_LIB)$(CLN)$(GEN)" | ||
|
|
||
| include classes.mk | ||
| include schemas.mk | ||
|
|
||
| SCHEMA_FILES:=$(foreach schema, $(SCHEMAS), $(SCHEMADIR)/$(schema)) | ||
| CLASS_FILES:=$(foreach class, $(CLASSES), $(BUILD)/$(subst .,/,$(class)).class) | ||
| PACKAGES=$(sort $(basename $(CLASSES))) | ||
| PACKAGEDIRS=$(subst .,/,$(PACKAGES)) | ||
|
|
||
| all: $(SCAP_EXT_LIB) | ||
|
|
||
| $(SCAP_EXT_LIB): $(GEN) classes resources | ||
| $(JAR) cvf $@ -C $(BUILD)/ . | ||
|
|
||
| clean: | ||
| rm -f $(EPISODE) | ||
| rm -f $(SCAP_EXT_LIB) | ||
| rm -rf $(BUILD) | ||
| rm -rf $(GEN) | ||
|
|
||
| resources: | ||
| mkdir -p $(BUILD)/META-INF | ||
| sed 's/$(BROKEN)/$(FIXED)/' $(EPISODE) > $(BUILD)/META-INF/sun-jaxb.episode | ||
| mkdir -p $(BUILD)/scapx/schemas | ||
| cp $(CATALOG) $(BUILD)/scapx | ||
| cp $(RSRC)/registry.ini $(BUILD)/scapx | ||
| cp -R $(SCHEMADIR)/* $(BUILD)/scapx/schemas | ||
| rm $(BUILD)/scapx/schemas/bindings.xjb | ||
|
|
||
| classes: classdirs $(CLASS_FILES) | ||
|
|
||
| classdirs: $(foreach pkg, $(PACKAGEDIRS), $(BUILD)/$(pkg)/) | ||
|
|
||
| $(GEN): $(SCHEMA_FILES) | ||
| mkdir -p $@ | ||
| $(XJC) $(XJCFLAGS_EXT) $(SCHEMA_FILES) $(SCAP_LIB) -b $(BINDINGS) -d $(GEN) | ||
| find $(GEN) -name ObjectFactory.java | grep core | xargs rm | ||
|
|
||
| $(BUILD)/%.class: $(GEN)/%.java | ||
| $(JAVAC) $(JAVACFLAGS) -d $(BUILD) -classpath $(CLASSPATH) $< | ||
|
|
||
| $(BUILD)/%/: | ||
| mkdir -p $@ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,5 @@ | ||
| SCHEMAS=\ | ||
| x-linux-definitions-schema.xsd \ | ||
| x-linux-system-characteristics-schema.xsd | ||
| x-linux-system-characteristics-schema.xsd \ | ||
| x-windows-definitions-schema.xsd \ | ||
| x-windows-system-characteristics-schema.xsd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
116 changes: 116 additions & 0 deletions
116
scap-extensions/schemas/x-windows-definitions-schema.xsd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,116 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xmlns:x-win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-windows" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-windows" elementFormDefault="qualified" version="5.10.1"> | ||
| <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5"/> | ||
| <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5"/> | ||
| <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"/> | ||
| <xsd:annotation> | ||
| <xsd:documentation>The following is a description of the elements, types, and attributes that compose extensions to the standard Windows OVAL schema, found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here</xsd:documentation> | ||
| <xsd:documentation>This schema was originally developed by David Solin at JovalCM.com. The OVAL Schema is maintained and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation> | ||
| <xsd:appinfo> | ||
| <schema>X-Windows Definition</schema> | ||
| <version>5.11.1:1.0</version> | ||
| <date>3/7/2016 08:03:00 PM</date> | ||
| <terms_of_use>Copyright (c) 2016, JovalCM.com. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use> | ||
| <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/> | ||
| <sch:ns prefix="x-win-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-windows"/> | ||
| <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/> | ||
| </xsd:appinfo> | ||
| </xsd:annotation> | ||
| <!-- =============================================================================== --> | ||
| <!-- =============================== JUNCTION TEST =============================== --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:element name="junction_test" substitutionGroup="oval-def:test"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>The junction_test is used to obtain canonical path information for junctions (reparse points) on Windows filesystems.</xsd:documentation> | ||
| <xsd:appinfo> | ||
| <oval:element_mapping> | ||
| <oval:test>junction_test</oval:test> | ||
| <oval:object>junction_object</oval:object> | ||
| <oval:state>junction_state</oval:state> | ||
| <oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#x-windows">junction_item</oval:item> | ||
| </oval:element_mapping> | ||
| </xsd:appinfo> | ||
| <xsd:appinfo> | ||
| <sch:pattern id="win-def_junctiontst"> | ||
| <sch:rule context="x-win-def:junction_test/x-win-def:object"> | ||
| <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/x-win-def:junction_object/@id"><sch:value-of select="../@id"/> - the object child element of a junction_test must reference a junction_object</sch:assert> | ||
| </sch:rule> | ||
| <sch:rule context="x-win-def:junction_test/x-win-def:state"> | ||
| <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/x-win-def:junction_state/@id"><sch:value-of select="../@id"/> - the state child element of a junction_test must reference a junction_state</sch:assert> | ||
| </sch:rule> | ||
| </sch:pattern> | ||
| </xsd:appinfo> | ||
| </xsd:annotation> | ||
| <xsd:complexType> | ||
| <xsd:complexContent> | ||
| <xsd:extension base="oval-def:TestType"> | ||
| <xsd:sequence> | ||
| <xsd:element name="object" type="oval-def:ObjectRefType"/> | ||
| <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| </xsd:extension> | ||
| </xsd:complexContent> | ||
| </xsd:complexType> | ||
| </xsd:element> | ||
| <xsd:element name="junction_object" substitutionGroup="oval-def:object"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>The junction_object element is used by a junction_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation> | ||
| <xsd:documentation>A junction_object consists of a path entity that contains the path to a symbolic link file. The resulting item identifies the canonical path of the link target (followed to its final destination, if there are intermediate links), an error if the link target does not exist or is a circular link (e.g., a link to itself). If the directory located at path is not a junction, or if there is no directory located at the path, then any resulting item would itself have a status of does not exist.</xsd:documentation> | ||
| <xsd:appinfo> | ||
| <sch:pattern id="win-def_junction_object_verify_filter_state"> | ||
| <sch:rule context="x-win-def:junction_object//oval-def:filter"> | ||
| <sch:let name="parent_object" value="ancestor::x-win-def:junction_object"/> | ||
| <sch:let name="parent_object_id" value="$parent_object/@id"/> | ||
| <sch:let name="state_ref" value="."/> | ||
| <sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/> | ||
| <sch:let name="state_name" value="local-name($reffed_state)"/> | ||
| <sch:let name="state_namespace" value="namespace-uri($reffed_state)"/> | ||
| <sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/oval-definitions-5#x-windows') and ($state_name='junction_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert> | ||
| </sch:rule> | ||
| </sch:pattern> | ||
| </xsd:appinfo> | ||
| </xsd:annotation> | ||
| <xsd:complexType> | ||
| <xsd:complexContent> | ||
| <xsd:extension base="oval-def:ObjectType"> | ||
| <xsd:sequence> | ||
| <xsd:choice> | ||
| <xsd:element ref="oval-def:set"/> | ||
| <xsd:sequence> | ||
| <xsd:element name="path" type="oval-def:EntityObjectStringType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Specifies the path to the junction.</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| <xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| </xsd:choice> | ||
| </xsd:sequence> | ||
| </xsd:extension> | ||
| </xsd:complexContent> | ||
| </xsd:complexType> | ||
| </xsd:element> | ||
| <xsd:element name="junction_state" substitutionGroup="oval-def:state"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>The junction_state element defines a value used to evaluate the result of a specific junction_object item.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:complexType> | ||
| <xsd:complexContent> | ||
| <xsd:extension base="oval-def:StateType"> | ||
| <xsd:sequence> | ||
| <xsd:element name="path" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Specifies the path used to create the object.</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| <xsd:element name="canonical_path" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Specifies the canonical path for the target of a Windows junction specified by the path.</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| </xsd:sequence> | ||
| </xsd:extension> | ||
| </xsd:complexContent> | ||
| </xsd:complexType> | ||
| </xsd:element> | ||
| </xsd:schema> |
Oops, something went wrong.