cve.h   cve.h 
skipping to change at line 78 skipping to change at line 78
* @struct cwe_entry * @struct cwe_entry
* Structure holding CWE data * Structure holding CWE data
*/ */
struct cwe_entry; struct cwe_entry;
/** /**
* @struct cve_reference * @struct cve_reference
* Structure holding CVE reference data * Structure holding CVE reference data
*/ */
struct cve_reference; struct cve_reference;
// fwd
struct cvss_impact;
/************************************************************/ /************************************************************/
/** /**
* @name Getters * @name Getters
* Return value is pointer to structure's member. Do not free unless you nu ll the pointer in the structure. * Return value is pointer to structure's member. Do not free unless you nu ll the pointer in the structure.
* Use remove function otherwise. * Use remove function otherwise.
* @{ * @{
* */ * */
/** /**
* Get en iterator to CVE entries * Get en iterator to CVE entries
skipping to change at line 218 skipping to change at line 221
* @param conf CVE configuration * @param conf CVE configuration
* @memberof cve_configuration * @memberof cve_configuration
*/ */
const struct cpe_testexpr *cve_configuration_get_expr(const struct cve_conf iguration *conf); const struct cpe_testexpr *cve_configuration_get_expr(const struct cve_conf iguration *conf);
/** /**
* Get CVSS structure from CVE. * Get CVSS structure from CVE.
* @param item CVE entry * @param item CVE entry
* @memberof cve_entry * @memberof cve_entry
*/ */
const struct cvss_entry *cve_entry_get_cvss(const struct cve_entry *item); const struct cvss_impact *cve_entry_get_cvss(const struct cve_entry *item);
/************************************************************/ /************************************************************/
/** @} End of Getters group */ /** @} End of Getters group */
/************************************************************/ /************************************************************/
/** /**
* @name Setters * @name Setters
* For lists use add functions. Parameters of set functions are duplicated in memory and need to * For lists use add functions. Parameters of set functions are duplicated in memory and need to
* be freed by caller. * be freed by caller.
* @{ * @{
 End of changes. 2 change blocks. 
1 lines changed or deleted 4 lines changed or added


 cvss.h   cvss.h 
/**
* @addtogroup CVSS
* @{
*
* @file cvss.h
* \brief Interface to Common Vulnerability Scoring System Version 2
*
*/
/* /*
* Copyright 2008-2009 Red Hat Inc., Durham, North Carolina. * Copyright 2008-2009 Red Hat Inc., Durham, North Carolina.
* All Rights Reserved. * All Rights Reserved.
* *
* This library is free software; you can redistribute it and/or * This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public * modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either * License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version. * version 2.1 of the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, * This library is distributed in the hope that it will be useful,
skipping to change at line 32 skipping to change at line 23
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software * License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US A * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US A
* *
* Authors: * Authors:
* Tomas Heinrich <theinric@redhat.com> * Tomas Heinrich <theinric@redhat.com>
* Peter Vrabec <pvrabec@redhat.com> * Peter Vrabec <pvrabec@redhat.com>
* Brandon Dixon <Brandon.Dixon@g2-inc.com> * Brandon Dixon <Brandon.Dixon@g2-inc.com>
* Lukas Kuklinek <lkuklinek@redhat.com>
*/
/**
* @addtogroup CVSS
* @{
*
* @file cvss.h
* \brief Interface to Common Vulnerability Scoring System Version 2
*
*/ */
#ifndef _CVSSCALC_H_ #ifndef _CVSSCALC_H_
#define _CVSSCALC_H_ #define _CVSSCALC_H_
#include <stdbool.h> #include <stdbool.h>
#include <time.h>
#include <stdio.h>
/** /// Get supported version of CVSS XML
* @struct cvss_entry const char *cvss_model_supported(void);
* Structure holding CVSS model
*/
struct cvss_entry;
/************************************************************/ /// CVSS score category
/** enum cvss_category {
* @name Getters CVSS_NONE = 0x0000,
* Return value is pointer to structure's member. Do not free unless you nu CVSS_BASE = 0x0100,
ll the pointer in the structure. CVSS_TEMPORAL = 0x0200,
* Use remove function otherwise. CVSS_ENVIRONMENTAL = 0x0300,
* @{ };
* */
/** /// CVSS access vector
* Get score from CVSS entry enum cvss_access_vector {
* @param entry CVSS entry CVSS_AV_NOT_SET,
* @memberof cvss_entry CVSS_AV_LOCAL,
* @return CVSS score CVSS_AV_ADJACENT_NETWORK,
*/ CVSS_AV_NETWORK,
const char* cvss_entry_get_score(const struct cvss_entry * entry); CVSS_AV_END_
/** };
* Get access vector from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS access vector
*/
const char* cvss_entry_get_AV(const struct cvss_entry * entry);
/**
* Get access complexity from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS access complexity
*/
const char* cvss_entry_get_AC(const struct cvss_entry * entry);
/**
* Get authentication from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS authentication
*/
const char* cvss_entry_get_authentication(const struct cvss_entry * entry);
/**
* Get confidentiality impact from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS conidentiality impact
*/
const char* cvss_entry_get_imp_confidentiality(const struct cvss_entry * en
try);
/**
* Get integrity impact from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS integrity impact
*/
const char* cvss_entry_get_imp_integrity(const struct cvss_entry * entry);
/**
* Get availability impact from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS availability impact
*/
const char* cvss_entry_get_imp_availability(const struct cvss_entry * entry
);
/**
* Get source from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS source
*/
const char* cvss_entry_get_source(const struct cvss_entry * entry);
/**
* Get generated date-time from CVSS entry
* @param entry CVSS entry
* @memberof cvss_entry
* @return CVSS generated date-time
*/
const char* cvss_entry_get_generated(const struct cvss_entry * entry);
/************************************************************/ /// CVSS access complexity
/** @} End of Getters group */ enum cvss_access_complexity {
CVSS_AC_NOT_SET,
CVSS_AC_HIGH,
CVSS_AC_MEDIUM,
CVSS_AC_LOW,
CVSS_AC_END_
};
/************************************************************/ /// CVSS Authentication
/** enum cvss_authentication {
* @name Setters CVSS_AU_NOT_SET,
* For lists use add functions. Parameters of set functions are duplicated CVSS_AU_MULTIPLE,
in memory and need to CVSS_AU_SINGLE,
* be freed by caller. CVSS_AU_NONE,
* @{ CVSS_AU_END_
*/ };
/** /// CVSS Confidentiality/Integrity/Availibility impact
* Set of CVSS entry enum cvss_cia_impact {
* @param entry CVSS entry CVSS_IMP_NOT_SET,
* @param new_ new of CVSS CVSS_IMP_NONE,
* @memberof cvss_entry CVSS_IMP_PARTIAL,
* @return true if set, false otherwise CVSS_IMP_COMPLETE,
*/ CVSS_IMP_END_
bool cvss_entry_set_score(struct cvss_entry *entry, const char *new_score); };
/**
* Set access vector of CVSS entry
* @param entry CVSS entry
* @param new_AV new access vector of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_AV(struct cvss_entry *entry, const char *new_AV);
/**
* Set access complexity of CVSS entry
* @param entry CVSS entry
* @param new_AC new access complexity of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_AC(struct cvss_entry *entry, const char *new_AC);
/**
* Set authentication of CVSS entry
* @param entry CVSS entry
* @param new_authentication new authentication of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_authentication(struct cvss_entry *entry, const char *ne
w_authentication);
/**
* Set confidentiality impact of CVSS entry
* @param entry CVSS entry
* @param new_item new impact of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_imp_confidentiality(struct cvss_entry *entry, const cha
r *new_item);
/**
* Set integrity impact of CVSS entry
* @param entry CVSS entry
* @param new_item new impact of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_imp_integrity(struct cvss_entry *entry, const char *new
_item);
/**
* Set availability impact of CVSS entry
* @param entry CVSS entry
* @param new_item new impact of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_imp_availability(struct cvss_entry *entry, const char *
new_item);
/**
* Set source of CVSS entry
* @param entry CVSS entry
* @param new_ new of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_source(struct cvss_entry *entry, const char *new_source
);
/**
* Set generated date-time of CVSS entry
* @param entry CVSS entry
* @param new_generated new generated date-time of CVSS
* @memberof cvss_entry
* @return true if set, false otherwise
*/
bool cvss_entry_set_generated(struct cvss_entry *entry, const char *new_gen
erated);
/************************************************************/ /// CVSS Exploitability
/** @} End of Setters group */ enum cvss_exploitability {
CVSS_E_NOT_DEFINED,
CVSS_E_UNPROVEN,
CVSS_E_PROOF_OF_CONCEPT,
CVSS_E_FUNCTIONAL,
CVSS_E_HIGH,
CVSS_E_END_
};
/** /// CVSS Remediation Level
* New CVSS entry enum cvss_remediation_level {
* @memberof cvss_entry CVSS_RL_NOT_DEFINED,
* @return new cvss_entry CVSS_RL_OFFICIAL_FIX,
*/ CVSS_RL_TEMPORARY_FIX,
struct cvss_entry * cvss_entry_new(void); CVSS_RL_WORKAROUND,
CVSS_RL_UNAVAILABLE,
CVSS_RL_END_
};
/** /// CVSS Report Confidence
* Clone CVSS entry enum cvss_report_confidence {
* @param old_entry CVSS entry CVSS_RC_NOT_DEFINED,
* @memberof cvss_entry CVSS_RC_UNCONFIRMED,
*/ CVSS_RC_UNCORROBORATED,
struct cvss_entry * cvss_entry_clone(struct cvss_entry * old_entry); CVSS_RC_CONFIRMED,
CVSS_RC_END_
};
/** /// CVSS Collateral Damage Potential
* Free CVSS entry enum cvss_collateral_damage_potential {
* @param entry CVSS entry CVSS_CDP_NOT_DEFINED,
* @memberof cvss_entry CVSS_CDP_NONE,
*/ CVSS_CDP_LOW,
void cvss_entry_free(struct cvss_entry * entry); CVSS_CDP_LOW_MEDIUM,
CVSS_CDP_MEDIUM_HIGH,
CVSS_CDP_HIGH,
CVSS_CDP_END_
};
//! Access Vector /// CVSS Target Distribution
/*! This metric reflects how the vulnerability is exploited. */ enum cvss_target_distribution {
typedef enum { CVSS_TD_NOT_DEFINED,
AV_LOCAL, /*!< requires local access */ CVSS_TD_NONE,
AV_ADJACENT_NETWORK, /*!< adjacent network accessible */ CVSS_TD_LOW,
AV_NETWORK /*!< network accessible */ CVSS_TD_MEDIUM,
} cvss_access_vector_t; CVSS_TD_HIGH,
CVSS_TD_END_
};
//! Access Complexity /// CVSS Confidentiality/Integrity/Availibility requirement
/*! This metric measures the complexity of the attack required to exploit t enum cvss_cia_requirement {
he CVSS_REQ_NOT_DEFINED,
* vulnerability once an attacker has gained access to the target system. CVSS_REQ_LOW,
*/ CVSS_REQ_MEDIUM,
typedef enum { CVSS_REQ_HIGH,
AC_HIGH, CVSS_REQ_END_
AC_MEDIUM, };
AC_LOW
} cvss_access_complexity_t;
//! Authentication /**
/*! This metric measures the complexity of the attack required to exploit * @struct cvss_impact
* the vulnerability once an attacker has gained access to the target syst * CVSS impact
em. *
* Contains a base metric and optionally temporal and/or environmental metr
ic.
*/ */
typedef enum { struct cvss_impact;
AU_NONE, /*!< requires multiple authentication instances
*/
AU_SINGLE_INSTANCE, /*!< requires single instance of authentication
*/
AU_MULTIPLE_INSTANCE /*!< requires no authentication */
} cvss_authentication_t;
//! Confidentiality Impact /**
/*! This metric measures the impact on confidentiality of a successfully * @struct cvss_metrics
* exploited vulnerability. * CVSS metrics
*
* base, temporal or environmental metrics
*/ */
typedef enum { struct cvss_metrics;
CI_NONE,
CI_PARTIAL,
CI_COMPLETE
} cvss_conf_impact_t;
//! Integrity Impact /// Round @a x to one decimal place as described in CVSS standard
/*! This metric measures the impact to integrity of a successfully exploite float cvss_round(float x);
d
* vulnerability.
*/
typedef enum {
II_NONE,
II_PARTIAL,
II_COMPLETE
} cvss_integ_impact_t;
//! Availability Impact /// @memberof cvss_impact
/*! This metric measures the impact to availability of a successfully struct cvss_impact *cvss_impact_new(void);
* exploited vulnerability. /// @memberof cvss_impact
struct cvss_impact *cvss_impact_new_from_vector(const char *cvss_vector);
/// @memberof cvss_impact
struct cvss_impact *cvss_impact_clone(const struct cvss_impact* impact);
/// @memberof cvss_impact
//struct cvss_impact *cvss_impact_new_parse(const char *filename);
/// @memberof cvss_impact
void cvss_impact_free(struct cvss_impact* impact);
/**
* Write out a human-readable textual description of CVSS impact contents.
* @param impact Impact to describe
* @param f file handle to write the description to
* @memberof cvss_impact
*/ */
typedef enum { void cvss_impact_describe(const struct cvss_impact *impact, FILE *f);
AI_NONE,
AI_PARTIAL,
AI_COMPLETE
} cvss_avail_impact_t;
//! Exploitability /// @memberof cvss_impact
/*! This metric measures the current state of exploit techniques or code struct cvss_metrics *cvss_impact_get_base_metrics(const struct cvss_impact*
* availability. impact);
*/ /// @memberof cvss_impact
typedef enum { struct cvss_metrics *cvss_impact_get_temporal_metrics(const struct cvss_imp
EX_UNPROVEN, act* impact);
EX_PROOF_OF_CONCEPT, /// @memberof cvss_impact
EX_FUNCTIONAL, struct cvss_metrics *cvss_impact_get_environmental_metrics(const struct cvs
EX_HIGH, s_impact* impact);
EX_NOT_DEFINED /// Set base, temporal, or environmental metrics (type is determined from t
} cvss_exploitability_t; he metrics itself)
/// @memberof cvss_impact
bool cvss_impact_set_metrics(struct cvss_impact* impact, struct cvss_metric
s *metrics);
/// @memberof cvss_impact
char *cvss_impact_to_vector(const struct cvss_impact* impact);
//! Remediation Level /**
/*! The remediation level of a vulnerability is an important factor for * @name Score calculators
* prioritization. * Functions to calculate CVSS score.
*
* Functions return special float value of NAN on failure.
*
* Particularly interesting are:
* - cvss_impact_base_score()
* - cvss_impact_temporal_score()
* - cvss_impact_environmental_score()
* @{
*/ */
typedef enum {
RL_OFFICIAL_FIX,
RL_TEMPORARY_FIX,
RL_WORKAROUND,
RL_UNAVAILABLE,
RL_NOT_DEFINED
} cvss_remediation_level_t;
//! Report Confidence /**
/*! This metric measures the degree of confidence in the existence * Calculate exploitability subscore of base score.
* of the vulnerability and the credibility of the known *
* technical details. * Requires base metrics to be set.
* @see cvss_impact_base_score()
* @see cvss_impact_adjusted_base_score()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_base_exploitability_subscore(const struct cvss_impact* im
RC_UNCONFIRMED, pact);
RC_UNCORROBORATED,
RC_CONFIRMED,
RC_NOT_DEFINED
} cvss_report_confidence_t;
//! Collateral Damage Potential /**
/*! This metric measures the potential for loss of life or physical assets * Calculate impact subscore of base score.
* through damage or theft of property or equipment. *
* Requires base metrics to be set.
* @see cvss_impact_base_adjusted_impact_subscore()
* @see cvss_impact_base_score()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_base_impact_subscore(const struct cvss_impact* impact);
CD_NONE,
CD_LOW,
CD_LOW_MEDIUM,
CD_MEDIUM_HIGH,
CD_HIGH,
CD_NOT_DEFINED
} cvss_collateral_damage_potential_t;
//! Target Distribution /**
/*! This metric measures the proportion of vulnerable systems. It is meant * Calculate base score.
* as an environment-specific indicator in order to approximate the percen *
tage * The base metric group captures the characteristics of a vulnerability th
* of systems that could be affected by the vulnerability. at
* are constant with time and across user environments.
*
* Requires base metrics to be set.
* @see cvss_impact_base_exploitability_subscore()
* @see cvss_impact_base_impact_subscore()
* @see cvss_impact_base_adjusted_impact_subscore()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_base_score(const struct cvss_impact* impact);
TD_NONE,
TD_LOW,
TD_MEDIUM,
TD_HIGH,
TD_NOT_DEFINED
} cvss_target_distribution_t;
//! Confidentiality Requirement /**
/*! This metric enable the analyst to customize the CVSS score depending on * Calculate temporal multiplier.
* the importance of the affected IT asset to a user’s organization, *
* measured in term of confidentiality. * Multiply base score by this number and round to one decimal place to get
* temporal score. This function is intended to get the multiplier itself.
* To calculate temporal score, use cvss_impact_temporal_score() or
* cvss_impact_adjusted_temporal_score() instead.
*
* Requires temporal metrics to be set.
* @see cvss_impact_temporal_score()
* @see cvss_impact_adjusted_temporal_score()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_temporal_multiplier(const struct cvss_impact* impact);
CR_LOW,
CR_MEDIUM,
CR_HIGH,
CR_NOT_DEFINED
} cvss_conf_req_t;
//! Integrity Requirement /**
/*! This metric enable the analyst to customize the CVSS score depending on * Calculate temporal score.
* the importance of the affected IT asset to a user’s organization, *
* measured in term of integrity. * Temporal metrics capture how the threat posed by a vulnerability may cha
nge over time.
*
* Requires base and temporal metrics to be set.
* @see cvss_impact_adjusted_temporal_score()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_temporal_score(const struct cvss_impact* impact);
IR_LOW,
IR_MEDIUM,
IR_HIGH,
IR_NOT_DEFINED
} cvss_integ_req_t;
//! Availabublity Requirement /**
/*! This metric enable the analyst to customize the CVSS score depending on * Calculate impact subscore of base score adjusted to particular environme
* the importance of the affected IT asset to a user’s organization, nt.
* measured in term of availability. *
* Requires base and environmental metrics to be set.
* @see cvss_impact_base_impact_subscore()
* @see cvss_impact_adjusted_base_score()
* @memberof cvss_impact
*/ */
typedef enum { float cvss_impact_base_adjusted_impact_subscore(const struct cvss_impact* i
AR_LOW, mpact);
AR_MEDIUM,
AR_HIGH,
AR_NOT_DEFINED
} cvss_avail_req_t;
/************************************************************/
/** /**
* @name Evaluators * Calculate base score adjusted to particular environment.
* @{ *
* */ * Requires base and environmental metrics to be set.
* @see cvss_impact_base_score()
/*! \fn cvss_base_score(cvss_access_vector_t ave, cvss_access_complexity_t * @memberof cvss_impact
ace, cvss_authentication_t aue,
* cvss_conf_impact_t cie, cvss_integ_impact_t
iie, cvss_avail_impact_t aie,
* double *base_score,
* double *impact_score,
* double *exploitability_score)
*/ */
int cvss_base_score(cvss_access_vector_t ave, cvss_access_complexity_t ace, float cvss_impact_adjusted_base_score(const struct cvss_impact* impact);
cvss_authentication_t aue,
cvss_conf_impact_t cie, cvss_integ_impact_t iie,
cvss_avail_impact_t aie,
double *base_score,
double *impact_score,
double *exploitability_score);
/*! \fn cvss_temp_score(cvss_exploitability_t exe, cvss_remediation_level /**
_t rle, * Calculate temporal score adjusted to particular environment.
* cvss_report_confidence_t rce, double ba *
se_score, * Requires base, temporal and environmental metrics to be set.
* double *temporal_score); * @see cvss_impact_temporal_score()
* @memberof cvss_impact
*/ */
int cvss_temp_score(cvss_exploitability_t exe, cvss_remediation_level_t float cvss_impact_adjusted_temporal_score(const struct cvss_impact* impact)
rle, ;
cvss_report_confidence_t rce, double base_s
core,
double *temporal_score);
/*! \fn cvss_env_score(cvss_collateral_damage_potential_t cde, cvss_target_ /**
distribution_t tde, * Calculate environmental score.
* cvss_conf_req_t cre, cvss_integ_r *
eq_t ire, * Different environments can have an immense bearing on the risk that a vu
* cvss_avail_req_t are, cvss_access_ lnerability poses to
vector_t ave, * an organization and its stakeholders. The CVSS environmental metric grou
* cvss_access_complexity_t ace, cvss_authent p captures the characteristics
ication_t aue, * of a vulnerability that are associated with a user’s IT environment.
* cvss_conf_impact_t cie, cvss_integ_i *
mpact_t iie, * Requires base, temporal and environmental metrics to be set.
* cvss_avail_impact_t aie, cvss_exploit * @see cvss_impact_adjusted_temporal_score()
ability_t exe, * @memberof cvss_impact
* cvss_remediation_level_t rle, cvss_report_
confidence_t rce);
* double *enviromental_score
*/ */
int cvss_env_score(cvss_collateral_damage_potential_t cde, cvss_target_dist float cvss_impact_environmental_score(const struct cvss_impact* impact);
ribution_t tde,
cvss_conf_req_t cre, cvss_integ_req_t /** @} */
ire,
cvss_avail_req_t are, cvss_access_vect /// @memberof cvss_metrics
or_t ave, struct cvss_metrics *cvss_metrics_new(enum cvss_category category);
cvss_access_complexity_t ace, cvss_authenticati /// @memberof cvss_metrics
on_t aue, struct cvss_metrics *cvss_metrics_clone(const struct cvss_metrics* metrics)
cvss_conf_impact_t cie, cvss_integ_impact ;
_t iie, /// @memberof cvss_metrics
cvss_avail_impact_t aie, cvss_exploitabili void cvss_metrics_free(struct cvss_metrics* metrics);
ty_t exe, /// @memberof cvss_metrics
cvss_remediation_level_t rle, cvss_report_confi enum cvss_category cvss_metrics_get_category(const struct cvss_metrics* met
dence_t rce, rics);
double *enviromental_score); /// @memberof cvss_metrics
const char *cvss_metrics_get_source(const struct cvss_metrics* metrics);
/// @memberof cvss_metrics
bool cvss_metrics_set_source(struct cvss_metrics* metrics, const char *new_
source);
/// @memberof cvss_metrics
const char *cvss_metrics_get_generated_on_datetime(const struct cvss_metric
s* metrics);
/// @memberof cvss_metrics
bool cvss_metrics_set_generated_on_datetime(struct cvss_metrics* metrics, c
onst char *new_datetime);
/// @memberof cvss_metrics
const char *cvss_metrics_get_upgraded_from_version(const struct cvss_metric
s* metrics);
/// @memberof cvss_metrics
bool cvss_metrics_set_upgraded_from_version(struct cvss_metrics* metrics, c
onst char *new_upgraded_from_version);
/// @memberof cvss_metrics
float cvss_metrics_get_score(const struct cvss_metrics* metrics);
/// @memberof cvss_metrics
bool cvss_metrics_set_score(struct cvss_metrics* metrics, float score);
/** /**
* Get Base score of CVSS entry * Validate CVSS metrics completeness
* @return 0 if everything done * @memberof cvss_metrics
*/ */
int cvss_base_score_struct(const struct cvss_entry * entry, bool cvss_metrics_is_valid(const struct cvss_metrics* metrics);
double *base_score,
double *impact_score,
double *exploitability_score);
/** /**
* Get supported version of CVSS XML * @name Vector values
* @return version of XML file format * Functions to get or set individual CVSS vector values.
* @memberof cvss_entry * Functions check for correct type of metrics (base/temporal/environmental
).
* Setters return false and getters undefined/default value when attempted
* to query wrong type of metrics.
* @todo Getters/setters for the "approximated" flag
* @{
*/ */
const char * cvss_model_supported(void);
/************************************************************/ /// @memberof cvss_metrics
/** @} End of Evaluators group */ enum cvss_access_vector cvss_metrics_get_access_vector(const struct cvss_me
trics* metrics);
/// @memberof cvss_metrics
enum cvss_access_complexity cvss_metrics_get_access_complexity(const struct
cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_authentication cvss_metrics_get_authentication(const struct cvss_
metrics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_impact cvss_metrics_get_confidentiality_impact(const struct c
vss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_impact cvss_metrics_get_integrity_impact(const struct cvss_me
trics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_impact cvss_metrics_get_availability_impact(const struct cvss
_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_exploitability cvss_metrics_get_exploitability(const struct cvss_
metrics* metrics);
/// @memberof cvss_metrics
enum cvss_remediation_level cvss_metrics_get_remediation_level(const struct
cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_report_confidence cvss_metrics_get_report_confidence(const struct
cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_collateral_damage_potential cvss_metrics_get_collateral_damage_po
tential(const struct cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_target_distribution cvss_metrics_get_target_distribution(const st
ruct cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_requirement cvss_metrics_get_confidentiality_requirement(cons
t struct cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_requirement cvss_metrics_get_integrity_requirement(const stru
ct cvss_metrics* metrics);
/// @memberof cvss_metrics
enum cvss_cia_requirement cvss_metrics_get_availability_requirement(const s
truct cvss_metrics* metrics);
/// @memberof cvss_metrics
bool cvss_metrics_set_access_vector(struct cvss_metrics* metrics, enum cvss
_access_vector);
/// @memberof cvss_metrics
bool cvss_metrics_set_access_complexity(struct cvss_metrics* metrics, enum
cvss_access_complexity);
/// @memberof cvss_metrics
bool cvss_metrics_set_authentication(struct cvss_metrics* metrics, enum cvs
s_authentication);
/// @memberof cvss_metrics
bool cvss_metrics_set_confidentiality_impact(struct cvss_metrics* metrics,
enum cvss_cia_impact);
/// @memberof cvss_metrics
bool cvss_metrics_set_integrity_impact(struct cvss_metrics* metrics, enum c
vss_cia_impact);
/// @memberof cvss_metrics
bool cvss_metrics_set_availability_impact(struct cvss_metrics* metrics, enu
m cvss_cia_impact);
/// @memberof cvss_metrics
bool cvss_metrics_set_exploitability(struct cvss_metrics* metrics, enum cvs
s_exploitability);
/// @memberof cvss_metrics
bool cvss_metrics_set_remediation_level(struct cvss_metrics* metrics, enum
cvss_remediation_level);
/// @memberof cvss_metrics
bool cvss_metrics_set_report_confidence(struct cvss_metrics* metrics, enum
cvss_report_confidence);
/// @memberof cvss_metrics
bool cvss_metrics_set_collateral_damage_potential(struct cvss_metrics* metr
ics, enum cvss_collateral_damage_potential);
/// @memberof cvss_metrics
bool cvss_metrics_set_target_distribution(struct cvss_metrics* metrics, enu
m cvss_target_distribution);
/// @memberof cvss_metrics
bool cvss_metrics_set_confidentiality_requirement(struct cvss_metrics* metr
ics, enum cvss_cia_requirement);
/// @memberof cvss_metrics
bool cvss_metrics_set_integrity_requirement(struct cvss_metrics* metrics, e
num cvss_cia_requirement);
/// @memberof cvss_metrics
bool cvss_metrics_set_availability_requirement(struct cvss_metrics* metrics
, enum cvss_cia_requirement);
/** @} */
/*@}*/ /*@}*/
#endif /* _CVSSCALC_H_ */ #endif // _CVSSCALC_H_
 End of changes. 50 change blocks. 
404 lines changed or deleted 385 lines changed or added


 oscap.h   oscap.h 
skipping to change at line 176 skipping to change at line 176
* @{ * @{
* XML schema based validation of XML representations of SCAP documents. * XML schema based validation of XML representations of SCAP documents.
*/ */
/// SCAP document type identifiers /// SCAP document type identifiers
typedef enum oscap_document_type { typedef enum oscap_document_type {
OSCAP_DOCUMENT_OVAL_DEFINITIONS = 1, ///< OVAL Definitions file OSCAP_DOCUMENT_OVAL_DEFINITIONS = 1, ///< OVAL Definitions file
OSCAP_DOCUMENT_OVAL_VARIABLES, ///< OVAL Variables OSCAP_DOCUMENT_OVAL_VARIABLES, ///< OVAL Variables
OSCAP_DOCUMENT_OVAL_SYSCHAR, ///< OVAL system characteristi cs file OSCAP_DOCUMENT_OVAL_SYSCHAR, ///< OVAL system characteristi cs file
OSCAP_DOCUMENT_OVAL_RESULTS, ///< OVAL results file OSCAP_DOCUMENT_OVAL_RESULTS, ///< OVAL results file
OSCAP_DOCUMENT_OVAL_DIRECTIVES, ///< OVAL directives file
OSCAP_DOCUMENT_XCCDF, ///< XCCDF benchmark file OSCAP_DOCUMENT_XCCDF, ///< XCCDF benchmark file
OSCAP_DOCUMENT_CPE_LANGUAGE, ///< CPE language file OSCAP_DOCUMENT_CPE_LANGUAGE, ///< CPE language file
OSCAP_DOCUMENT_CPE_DICTIONARY, ///< CPE dictionary file OSCAP_DOCUMENT_CPE_DICTIONARY, ///< CPE dictionary file
} oscap_document_type_t; } oscap_document_type_t;
/** /**
* Validate a SCAP document file against a XML schema. * Validate a SCAP document file against a XML schema.
* *
* Schemas are searched relative to path specified by the OSCAP_SCHEMA_PATH environment variable, * Schemas are searched relative to path specified by the OSCAP_SCHEMA_PATH environment variable,
* which contains a list of colon-separated paths. * which contains a list of colon-separated paths.
 End of changes. 1 change blocks. 
0 lines changed or deleted 1 lines changed or added


 oval_agent_api.h   oval_agent_api.h 
skipping to change at line 46 skipping to change at line 46
#ifndef OVAL_AGENT_API_H_ #ifndef OVAL_AGENT_API_H_
#define OVAL_AGENT_API_H_ #define OVAL_AGENT_API_H_
#include "oval_definitions.h" #include "oval_definitions.h"
#include "oval_system_characteristics.h" #include "oval_system_characteristics.h"
#include "oval_results.h" #include "oval_results.h"
#include "oval_variables.h" #include "oval_variables.h"
#include "oval_probe.h" #include "oval_probe.h"
#include "reporter.h" #include "reporter.h"
#ifdef ENABLE_XCCDF
#include "xccdf_policy.h"
#endif
struct oval_agent_session; struct oval_agent_session;
/** /**
* @var oval_agent_session_t * @var oval_agent_session_t
* Agent session consists of connection to system checking engine, * Agent session consists of connection to system checking engine,
* definition model, system characteristics model and results model. * definition model, system characteristics model and results model.
*/ */
typedef struct oval_agent_session oval_agent_session_t; typedef struct oval_agent_session oval_agent_session_t;
/** /**
* Create new session for OVAL agent from OVAL definition model * Create new session for OVAL agent from OVAL definition model
* @param model OVAL Definition model * @param model OVAL Definition model
* @param name Name of file that can be referenced from XCCDF Benchmark * @param name Name of file that can be referenced from XCCDF Benchmark
*/ */
oval_agent_session_t * oval_agent_new_session(struct oval_definition_model * model, const char * name); oval_agent_session_t * oval_agent_new_session(struct oval_definition_model * model, const char * name);
/** /**
* Probe the system and evaluate specified definition * Probe the system and evaluate specified definition
* @return 0 on success; -1 error; 1 warning
*/ */
int oval_agent_eval_definition(oval_agent_session_t *, const char *); int oval_agent_eval_definition(oval_agent_session_t *, const char *);
/** /**
* Get the OVAL result of a definition from an agent session * Get the OVAL result of a definition from an agent session
* @return 0 on success; -1 error
*/ */
oval_result_t oval_agent_get_definition_result(oval_agent_session_t *, cons t char *); int oval_agent_get_definition_result(oval_agent_session_t *, const char *, oval_result_t *);
/** /**
* Clean resuls that were generated in this agent session * Clean resuls that were generated in this agent session
*/ */
int oval_agent_reset_session(oval_agent_session_t * ag_sess); int oval_agent_reset_session(oval_agent_session_t * ag_sess);
/** /**
* Abort a running probe session * Abort a running probe session
*/ */
int oval_agent_abort_session(oval_agent_session_t *ag_sess); int oval_agent_abort_session(oval_agent_session_t *ag_sess);
/** /**
* Probe and evaluate all definitions from the content, call the callback f unctions upon single evaluation * Probe and evaluate all definitions from the content, call the callback f unctions upon single evaluation
* @return 0 on success; -1 error; 1 warning
*/ */
int oval_agent_eval_system(oval_agent_session_t * ag_sess, oscap_reporter c b, void *arg); int oval_agent_eval_system(oval_agent_session_t * ag_sess, oscap_reporter c b, void *arg);
/** /**
* Get a result model from agent session * Get a result model from agent session
*/ */
struct oval_results_model * oval_agent_get_results_model(oval_agent_session _t * ag_sess); struct oval_results_model * oval_agent_get_results_model(oval_agent_session _t * ag_sess);
/** /**
* Get a filename under which was created * Get a filename under which was created
*/ */
const char * oval_agent_get_filename(oval_agent_session_t * ag_sess); const char * oval_agent_get_filename(oval_agent_session_t * ag_sess);
/** /**
* Finish OVAL agent session * Finish OVAL agent session
*/ */
void oval_agent_destroy_session(oval_agent_session_t * ag_sess); void oval_agent_destroy_session(oval_agent_session_t * ag_sess);
#ifdef ENABLE_XCCDF
/************************************************************/
/**
* @name Evaluators
* @{
* */
/**
* @param policy XCCDF Policy that is being evaluated
* @param rule_id ID of XCCDF Rule
* @param id ID of OVAL definition
* @param it XCCDF Value Binding iterator with value bindings
* @param usr Void pointer to the user data structure
* @return XCCDF test result type of evaluated rule
*
*/
typedef xccdf_test_result_type_t (xccdf_policy_eval_rule_cb_t) (struct xccd
f_policy * policy, const char * rule_id,
const char * id, struct xccdf_value_binding_iterator * it, void * u
sr);
/**
* Internal OVAL Agent Callback that can be used to evaluate XCCDF content.
* \par Example
* Next example shows common use of this function in evaluation proccess of
XCCDF file.
* \par
* \code
* struct oval_definition_model * def_model = oval_definition_model_import
(oval_file);
* struct xccdf_benchmark * benchmark = xccdf_benchmark_import(file);
* struct xccdf_policy_model * policy_model = xccdf_policy_model_new(bench
mark);
* struct oval_agent_session * sess = oval_agent_new_session(def_model, "n
ame-of-file");
* ...
* xccdf_policy_model_register_engine_callback(policy_model, "http://oval.
mitre.org/XMLSchema/oval-definitions-5", oval_agent_eval_rule, (void *) ses
s);
* \endcode
*
*/
xccdf_test_result_type_t oval_agent_eval_rule (struct xccdf_policy * policy
, const char * rule_id,
const char * id, const char * href, struct xccdf_value_binding_iter
ator * it, void * usr);
/**
* Resolve variables from XCCDF Value Bindings and set their values to OVAL
Variables
* @param session OVAL Agent Session
* @param it XCCDF Value Bindng iterator
* @return 0 if resolving pass
* \par Example
* Example in oval_agent.c in function oval_agent_eval_rule
*/
int oval_agent_resolve_variables(struct oval_agent_session * session, struc
t xccdf_value_binding_iterator *it);
/**
* Function to register predefined oval callback for XCCDF evaluation procc
ess
* @param model XCCDF Policy Model
* @param sess oval_agent_session_t parameter for passing session data to c
allback
* @memberof xccdf_policy_model
* @return true if callback registered succesfully, false otherwise
*/
bool xccdf_policy_model_register_engine_oval(struct xccdf_policy_model * mo
del, struct oval_agent_session * sess);
/**
* Transform OVAL Sysinfo into XCCDF Test Result
* @param session OVAL Agent session
* @param ritem XCCDF Result
*/
void oval_agent_export_sysinfo_to_xccdf_result(struct oval_agent_session *
session, struct xccdf_result * ritem);
/************************************************************/
/** @} End of Evaluators group */
#endif
/** /**
* @) END OVALDEF * @) END OVALDEF
* @) END OVALAGENT * @) END OVALAGENT
*/ */
#endif /**OVAL_AGENT_API_H_ */ #endif /**OVAL_AGENT_API_H_ */
 End of changes. 6 change blocks. 
90 lines changed or deleted 4 lines changed or added


 oval_definitions.h   oval_definitions.h 
skipping to change at line 81 skipping to change at line 81
OVAL_OPERATOR_UNKNOWN = 0, OVAL_OPERATOR_UNKNOWN = 0,
OVAL_OPERATOR_AND = 1, OVAL_OPERATOR_AND = 1,
OVAL_OPERATOR_ONE = 2, OVAL_OPERATOR_ONE = 2,
OVAL_OPERATOR_OR = 3, OVAL_OPERATOR_OR = 3,
OVAL_OPERATOR_XOR = 4 OVAL_OPERATOR_XOR = 4
} oval_operator_t; } oval_operator_t;
/// Operations /// Operations
typedef enum { typedef enum {
OVAL_OPERATION_UNKNOWN = 0, OVAL_OPERATION_UNKNOWN = 0,
OVAL_OPERATION_EQUALS = 1, OVAL_OPERATION_BITWISE_AND,
OVAL_OPERATION_NOT_EQUAL = 2, OVAL_OPERATION_BITWISE_OR,
OVAL_OPERATION_CASE_INSENSITIVE_EQUALS = 3, OVAL_OPERATION_CASE_INSENSITIVE_EQUALS,
OVAL_OPERATION_CASE_INSENSITIVE_NOT_EQUAL = 4, OVAL_OPERATION_CASE_INSENSITIVE_NOT_EQUAL,
OVAL_OPERATION_GREATER_THAN = 5, OVAL_OPERATION_EQUALS,
OVAL_OPERATION_LESS_THAN = 6, OVAL_OPERATION_GREATER_THAN,
OVAL_OPERATION_GREATER_THAN_OR_EQUAL = 7, OVAL_OPERATION_GREATER_THAN_OR_EQUAL,
OVAL_OPERATION_LESS_THAN_OR_EQUAL = 8, OVAL_OPERATION_LESS_THAN,
OVAL_OPERATION_BITWISE_AND = 9, OVAL_OPERATION_LESS_THAN_OR_EQUAL,
OVAL_OPERATION_BITWISE_OR = 10, OVAL_OPERATION_NOT_EQUAL,
OVAL_OPERATION_PATTERN_MATCH = 11 OVAL_OPERATION_PATTERN_MATCH,
OVAL_OPERATION_SUBSET_OF,
OVAL_OPERATION_SUPERSET_OF,
} oval_operation_t; } oval_operation_t;
/// Definition classes
typedef enum {
/**Not valid*/ OVAL_CLASS_UNKNOWN = 0,
/**Valid*/ OVAL_CLASS_COMPLIANCE = 1,
/**Valid*/ OVAL_CLASS_INVENTORY = 2,
/**Valid*/ OVAL_CLASS_MISCELLANEOUS = 3,
/**Valid*/ OVAL_CLASS_PATCH = 4,
/**Valid*/ OVAL_CLASS_VULNERABILITY = 5,
} oval_definition_class_t;
/// Existence check enumeration /// Existence check enumeration
typedef enum { typedef enum {
OVAL_EXISTENCE_UNKNOWN = 0, OVAL_EXISTENCE_UNKNOWN = 0,
OVAL_ALL_EXIST = 1, OVAL_ALL_EXIST = 1,
OVAL_ANY_EXIST = 2, OVAL_ANY_EXIST = 2,
OVAL_AT_LEAST_ONE_EXISTS = 3, OVAL_AT_LEAST_ONE_EXISTS = 3,
OVAL_ONLY_ONE_EXISTS = 4, OVAL_ONLY_ONE_EXISTS = 4,
OVAL_NONE_EXIST = 5 OVAL_NONE_EXIST = 5
} oval_existence_t; } oval_existence_t;
skipping to change at line 153 skipping to change at line 145
/// Type of filter action /// Type of filter action
typedef enum { typedef enum {
OVAL_FILTER_ACTION_UNKNOWN = 0, OVAL_FILTER_ACTION_UNKNOWN = 0,
OVAL_FILTER_ACTION_EXCLUDE, OVAL_FILTER_ACTION_EXCLUDE,
OVAL_FILTER_ACTION_INCLUDE OVAL_FILTER_ACTION_INCLUDE
} oval_filter_action_t; } oval_filter_action_t;
/// Datatypes /// Datatypes
typedef enum { typedef enum {
OVAL_DATATYPE_UNKNOWN = 0, OVAL_DATATYPE_UNKNOWN = 0,
OVAL_DATATYPE_BINARY = 1, OVAL_DATATYPE_BINARY,
OVAL_DATATYPE_BOOLEAN = 2, OVAL_DATATYPE_BOOLEAN,
OVAL_DATATYPE_EVR_STRING = 3, OVAL_DATATYPE_EVR_STRING,
OVAL_DATATYPE_FILESET_REVISION = 4, OVAL_DATATYPE_FILESET_REVISION,
OVAL_DATATYPE_FLOAT = 5, OVAL_DATATYPE_FLOAT,
OVAL_DATATYPE_IOS_VERSION = 6, OVAL_DATATYPE_INTEGER,
OVAL_DATATYPE_VERSION = 7, OVAL_DATATYPE_IOS_VERSION,
OVAL_DATATYPE_INTEGER = 8, OVAL_DATATYPE_IPV4ADDR,
OVAL_DATATYPE_STRING = 9, OVAL_DATATYPE_IPV6ADDR,
OVAL_DATATYPE_RECORD = 10, OVAL_DATATYPE_RECORD,
OVAL_DATATYPE_SEXP = 11, OVAL_DATATYPE_SEXP,
OVAL_DATATYPE_STRING_M = 12 OVAL_DATATYPE_STRING,
OVAL_DATATYPE_STRING_M,
OVAL_DATATYPE_VERSION,
} oval_datatype_t; } oval_datatype_t;
/// Varref types /// Varref types
typedef enum { typedef enum {
OVAL_ENTITY_VARREF_UNKNOWN, OVAL_ENTITY_VARREF_UNKNOWN,
OVAL_ENTITY_VARREF_NONE, OVAL_ENTITY_VARREF_NONE,
OVAL_ENTITY_VARREF_ATTRIBUTE, OVAL_ENTITY_VARREF_ATTRIBUTE,
OVAL_ENTITY_VARREF_ELEMENT OVAL_ENTITY_VARREF_ELEMENT
} oval_entity_varref_type_t; } oval_entity_varref_type_t;
 End of changes. 3 change blocks. 
33 lines changed or deleted 27 lines changed or added


 oval_probe.h   oval_probe.h 
skipping to change at line 69 skipping to change at line 69
* Evaluate an object * Evaluate an object
* @param sess probe session * @param sess probe session
* @param object the object to evaluate * @param object the object to evaluate
*/ */
int oval_probe_query_object(oval_probe_session_t *psess, struct oval_object *object, int flags, struct oval_syschar **out_syschar) __attribute__ ((non null(1, 2))); int oval_probe_query_object(oval_probe_session_t *psess, struct oval_object *object, int flags, struct oval_syschar **out_syschar) __attribute__ ((non null(1, 2)));
/** /**
* Probe objects required for the evalatuation of the specified definition and update the system characteristics model associated with the session * Probe objects required for the evalatuation of the specified definition and update the system characteristics model associated with the session
* @param sess probe session * @param sess probe session
* @param id definition id * @param id definition id
* @return 0 on success * @return 0 on success; -1 on error; 1 warning
*/ */
int oval_probe_query_definition(oval_probe_session_t *sess, const char *id) __attribute__ ((nonnull(1, 2))); int oval_probe_query_definition(oval_probe_session_t *sess, const char *id) __attribute__ ((nonnull(1, 2)));
/** /**
* Query the specified variable and all its dependencies in order to comput e the vector of its values * Query the specified variable and all its dependencies in order to comput e the vector of its values
* @param sess probe session * @param sess probe session
* @param variable the variable to query * @param variable the variable to query
* @return 0 on success * @return 0 on success
*/ */
int oval_probe_query_variable(oval_probe_session_t *sess, struct oval_varia ble *variable); int oval_probe_query_variable(oval_probe_session_t *sess, struct oval_varia ble *variable);
#define OVAL_PROBEMETA_LIST_VERBOSE 0x00000001 /**< Be verbose when listing
supported probes */
#define OVAL_PROBEMETA_LIST_DYNAMIC 0x00000002 /**< Perform additional chec
ks when listing supported probes (i.e. list only existing external probes)
*/
void oval_probe_meta_list(FILE *output, int flags);
#endif /* OVAL_PROBE_H */ #endif /* OVAL_PROBE_H */
 End of changes. 2 change blocks. 
1 lines changed or deleted 9 lines changed or added


 oval_results.h   oval_results.h 
skipping to change at line 45 skipping to change at line 45
* *
* Authors: * Authors:
* "David Niemoller" <David.Niemoller@g2-inc.com> * "David Niemoller" <David.Niemoller@g2-inc.com>
*/ */
#ifndef OVAL_RESULTS_H_ #ifndef OVAL_RESULTS_H_
#define OVAL_RESULTS_H_ #define OVAL_RESULTS_H_
#include "oval_types.h" #include "oval_types.h"
#include "oval_system_characteristics.h" #include "oval_system_characteristics.h"
#include "oval_directives.h"
#include <stdbool.h> #include <stdbool.h>
/**
* @typedef oval_result_t
* Result values for the evaluation of an OVAL Definition or an OVAL Test
*/
typedef enum {
OVAL_RESULT_TRUE = 1, /**< Characteristics being evaluated match
the information represented in the system characteristic. */
OVAL_RESULT_FALSE = 2, /**< Characteristics being evaluated do not
match the information represented in the system characteristic. */
OVAL_RESULT_UNKNOWN = 4, /**< Characteristics being evaluated can no
t be found in the system characteristic. */
OVAL_RESULT_ERROR = 8, /**< Characteristics being evaluated exist i
n the system characteristic file but there was an error either collecting i
nformation or in performing anaylsis. */
OVAL_RESULT_NOT_EVALUATED = 16, /**< Choice was made not to evaluate
the given definition or test. */
OVAL_RESULT_NOT_APPLICABLE = 32 /**< Definition or test being evalua
ted is not valid on the given platform. */
} oval_result_t;
/**
* @typedef oval_result_directive_content_t
* Values for the directives controlling the expected content of the result
s file
*/
typedef enum {
OVAL_DIRECTIVE_CONTENT_UNKNOWN = 0, /**< Undefined value */
OVAL_DIRECTIVE_CONTENT_THIN = 1, /**< Only the minimal amount of
information will be provided. */
OVAL_DIRECTIVE_CONTENT_FULL = 2 /**< Very detailed information w
ill be provided allowing in-depth reports to be generated from the results.
*/
} oval_result_directive_content_t;
const char *oval_result_get_text(oval_result_t); const char *oval_result_get_text(oval_result_t);
/** /**
* @struct oval_results_model * @struct oval_results_model
* OVAL Results Model holds OVAL results structure instances. * OVAL Results Model holds OVAL results structure instances.
*/ */
struct oval_results_model; struct oval_results_model;
/** /**
* @struct oval_result_system * @struct oval_result_system
skipping to change at line 129 skipping to change at line 107
* @struct oval_result_criteria_node * @struct oval_result_criteria_node
*/ */
struct oval_result_criteria_node; struct oval_result_criteria_node;
/** /**
* @struct oval_result_criteria_node_iterator * @struct oval_result_criteria_node_iterator
* @see oval_result_criteria_node_get_subnodes * @see oval_result_criteria_node_get_subnodes
*/ */
struct oval_result_criteria_node_iterator; struct oval_result_criteria_node_iterator;
/** /**
* @struct oval_result_directives
* This structure holds instance of OVAL Result Directives for particular o
val_results_model.
* OVAL Result Directives describes what information has been included in t
he results file, therefore
* it's necessarry to setup this structure before exporting oval_results_mo
del. Usage example:
*
* @code
* struct oval_result_directives * res_direct = oval_result_directives_new(
res_model);
* oval_result_directives_set_reported(res_direct, OVAL_RESULT_TRUE | OVAL_
RESULT_FALSE , true);
* oval_result_directives_set_content(res_direct,OVAL_RESULT_FALSE | OVAL_R
ESULT_TRUE | OVAL_RESULT_ERROR , OVAL_DIRECTIVE_CONTENT_FULL);
* .....
* oval_result_directives_free(res_direct);
* @endcode
*
*
*/
struct oval_result_directives;
/**
* Create new oval_results_model. * Create new oval_results_model.
* The new model is bound to a specified oval_definition_model and variable bindings. * The new model is bound to a specified oval_definition_model and variable bindings.
* @param definition_model the specified oval_definition_model. * @param definition_model the specified oval_definition_model.
* @param syschar_model the array of specified oval_syschar_model(s) termin ated by NULL. * @param syschar_model the array of specified oval_syschar_model(s) termin ated by NULL.
* @memberof oval_results_model * @memberof oval_results_model
*/ */
struct oval_results_model *oval_results_model_new(struct oval_definition_mo del *definition_model, struct oval_results_model *oval_results_model_new(struct oval_definition_mo del *definition_model,
struct oval_syschar_model **); struct oval_syschar_model **);
/** /**
* Import the content from the file into an oval_result_model. * Import the content from the file into an oval_result_model.
* If imported content specifies a model entity that is already registered within the model its content is overwritten. * If imported content specifies a model entity that is already registered within the model its content is overwritten.
* @param model the oval_results_model * @param model the oval_results_model
* @param file filename * @param file filename
* @return -1 if an error occurred * @return -1 if an error occurred
* @memberof oval_results_model * @memberof oval_results_model
*/ */
struct oval_result_directives *oval_results_model_import(struct oval_result s_model *model, const char *file); int oval_results_model_import(struct oval_results_model *model, const char *file);
/** /**
* Copy an oval_results_model. * Copy an oval_results_model.
* @return A copy of the specified @ref oval_results_model. * @return A copy of the specified @ref oval_results_model.
* @memberof oval_results_model * @memberof oval_results_model
*/ */
struct oval_results_model *oval_results_model_clone(struct oval_results_mod el *); struct oval_results_model *oval_results_model_clone(struct oval_results_mod el *);
/** /**
* Free memory allocated to a specified oval results model. * Free memory allocated to a specified oval results model.
* @param the specified oval_results model * @param the specified oval_results model
* @memberof oval_results_model * @memberof oval_results_model
*/ */
void oval_results_model_free(struct oval_results_model *model); void oval_results_model_free(struct oval_results_model *model);
/** /**
* Export oval results into file. * Export oval results into file.
* @param model the oval_results_model * @param model the oval_results_model
* @param model the oval_directives_model
* @param file filename * @param file filename
* @memberof oval_results_model * @memberof oval_results_model
*/ */
int oval_results_model_export(struct oval_results_model *, struct oval_resu lt_directives *, const char *file); int oval_results_model_export(struct oval_results_model *, struct oval_dire ctives_model *, const char *file);
/** /**
* @name Setters * @name Setters
* @{ * @{
*/ */
void oval_results_model_set_generator(struct oval_results_model *model, str uct oval_generator *generator); void oval_results_model_set_generator(struct oval_results_model *model, str uct oval_generator *generator);
/** @} */ /** @} */
/** /**
* @name Getters * @name Getters
skipping to change at line 699 skipping to change at line 660
*/ */
void oval_result_criteria_node_iterator_free(struct oval_result_criteria_no de_iterator *); void oval_result_criteria_node_iterator_free(struct oval_result_criteria_no de_iterator *);
/** @} */ /** @} */
/** /**
* @name Evaluators * @name Evaluators
* @{ * @{
*/ */
/** @} */ /** @} */
/**
* Create new OVAL Results Directives instance. Directives are setup NOT to
report any type of result by default.
* @memberof oval_result_directives
*/
struct oval_result_directives *oval_result_directives_new(struct oval_resul
ts_model *);
/**
* @memberof oval_result_directives
*/
void oval_result_directives_free(struct oval_result_directives *);
/**
* @name Setters
* @{
*/
/**
* Set (or unset) result types that are intended to be reported. Functions
does not override previous settings.
* @memberof oval_result_directives
*/
void oval_result_directives_set_reported(struct oval_result_directives *, i
nt flag, bool val);
/**
* Configure the depth of infomation.
* @memberof oval_result_directives
*/
void oval_result_directives_set_content(struct oval_result_directives *, in
t flag, oval_result_directive_content_t);
/** @} */
/**
* @name Getters
* @{
*/
/**
* @memberof oval_result_directives
*/
bool oval_result_directives_get_reported(struct oval_result_directives *, o
val_result_t);
/**
* @memberof oval_result_directives
*/
oval_result_directive_content_t oval_result_directives_get_content(struct o
val_result_directives *, oval_result_t);
/** @} */
/**
* @name Evaluators
* @{
*/
/** @} */
/** @} */ /** @} */
/** /**
* @}END OVALRES * @}END OVALRES
* @}END OVAL * @}END OVAL
*/ */
#endif /* OVAL_RESULTS_H_ */ #endif /* OVAL_RESULTS_H_ */
 End of changes. 7 change blocks. 
113 lines changed or deleted 4 lines changed or added


 oval_types.h   oval_types.h 
skipping to change at line 179 skipping to change at line 179
OVAL_INDEPENDENT_FILE_HASH = OVAL_FAMILY_INDEPENDENT + 3, OVAL_INDEPENDENT_FILE_HASH = OVAL_FAMILY_INDEPENDENT + 3,
OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE = OVAL_FAMILY_INDEPENDENT + 4, OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE = OVAL_FAMILY_INDEPENDENT + 4,
OVAL_INDEPENDENT_SQL = OVAL_FAMILY_INDEPENDENT + 5, OVAL_INDEPENDENT_SQL = OVAL_FAMILY_INDEPENDENT + 5,
OVAL_INDEPENDENT_TEXT_FILE_CONTENT_54 = OVAL_FAMILY_INDEPENDENT + 6, OVAL_INDEPENDENT_TEXT_FILE_CONTENT_54 = OVAL_FAMILY_INDEPENDENT + 6,
OVAL_INDEPENDENT_TEXT_FILE_CONTENT = OVAL_FAMILY_INDEPENDENT + 7, OVAL_INDEPENDENT_TEXT_FILE_CONTENT = OVAL_FAMILY_INDEPENDENT + 7,
OVAL_INDEPENDENT_UNKNOWN = OVAL_FAMILY_INDEPENDENT + 8, OVAL_INDEPENDENT_UNKNOWN = OVAL_FAMILY_INDEPENDENT + 8,
OVAL_INDEPENDENT_VARIABLE = OVAL_FAMILY_INDEPENDENT + 9, OVAL_INDEPENDENT_VARIABLE = OVAL_FAMILY_INDEPENDENT + 9,
OVAL_INDEPENDENT_XML_FILE_CONTENT = OVAL_FAMILY_INDEPENDENT + 10, OVAL_INDEPENDENT_XML_FILE_CONTENT = OVAL_FAMILY_INDEPENDENT + 10,
OVAL_INDEPENDENT_LDAP57 = OVAL_FAMILY_INDEPENDENT + 11, OVAL_INDEPENDENT_LDAP57 = OVAL_FAMILY_INDEPENDENT + 11,
OVAL_INDEPENDENT_LDAP = OVAL_FAMILY_INDEPENDENT + 12, OVAL_INDEPENDENT_LDAP = OVAL_FAMILY_INDEPENDENT + 12,
OVAL_INDEPENDENT_SQL57 = OVAL_FAMILY_INDEPENDENT + 13 OVAL_INDEPENDENT_SQL57 = OVAL_FAMILY_INDEPENDENT + 13,
OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE58 = OVAL_FAMILY_INDEPENDENT +
14,
OVAL_INDEPENDENT_FILE_HASH58 = OVAL_FAMILY_INDEPENDENT + 15
} oval_independent_subtype_t; } oval_independent_subtype_t;
/// IOS subtypes /// IOS subtypes
typedef enum { typedef enum {
OVAL_IOS_GLOBAL = OVAL_FAMILY_IOS + 1, OVAL_IOS_GLOBAL = OVAL_FAMILY_IOS + 1,
OVAL_IOS_INTERFACE = OVAL_FAMILY_IOS + 2, OVAL_IOS_INTERFACE = OVAL_FAMILY_IOS + 2,
OVAL_IOS_LINE = OVAL_FAMILY_IOS + 3, OVAL_IOS_LINE = OVAL_FAMILY_IOS + 3,
OVAL_IOS_SNMP = OVAL_FAMILY_IOS + 4, OVAL_IOS_SNMP = OVAL_FAMILY_IOS + 4,
OVAL_IOS_TCLSH = OVAL_FAMILY_IOS + 5, OVAL_IOS_TCLSH = OVAL_FAMILY_IOS + 5,
OVAL_IOS_VERSION_55 = OVAL_FAMILY_IOS + 6 OVAL_IOS_VERSION_55 = OVAL_FAMILY_IOS + 6
skipping to change at line 302 skipping to change at line 304
OVAL_LOG_WARN = 17 OVAL_LOG_WARN = 17
} oval_xml_severity_t; } oval_xml_severity_t;
/** /**
* @} * @}
*/ */
/** /**
* @addtogroup OVAL * @addtogroup OVAL
* @{ * @{
* @addtogroup OVALRES
* Interface for Results model
* @{
*
* @typedef oval_result_t
* Result values for the evaluation of an OVAL Definition or an OVAL Test
*/
typedef enum {
OVAL_RESULT_TRUE = 1, /**< Characteristics being evaluated match
the information represented in the system characteristic. */
OVAL_RESULT_FALSE = 2, /**< Characteristics being evaluated do no
t match the information represented in the system characteristic. */
OVAL_RESULT_UNKNOWN = 4, /**< Characteristics being evaluated can n
ot be found in the system characteristic. */
OVAL_RESULT_ERROR = 8, /**< Characteristics being evaluated exist
in the system characteristic file but there was an error either collecting
information or in performing anaylsis. */
OVAL_RESULT_NOT_EVALUATED = 16, /**< Choice was made not to evaluat
e the given definition or test. */
OVAL_RESULT_NOT_APPLICABLE = 32 /**< Definition or test being evalu
ated is not valid on the given platform. */
} oval_result_t;
/** @} */
/** @} */
/**
* @addtogroup OVAL
* @{
* @addtogroup OVALVAR * @addtogroup OVALVAR
* Interface to Variable model * Interface to Variable model
* @{ * @{
* *
* @struct oval_variable_model * @struct oval_variable_model
* The OVAL variable model facilitates access to external variable value bi ndings used to to constrain the evaluation of OVAL objects. * The OVAL variable model facilitates access to external variable value bi ndings used to to constrain the evaluation of OVAL objects.
*/ */
struct oval_variable_model; struct oval_variable_model;
/** @} */ /** @} */
/** @} */ /** @} */
typedef enum {
/**Not valid*/ OVAL_CLASS_UNKNOWN = 0,
/**Valid*/ OVAL_CLASS_COMPLIANCE = 1,
/**Valid*/ OVAL_CLASS_INVENTORY = 2,
/**Valid*/ OVAL_CLASS_MISCELLANEOUS = 3,
/**Valid*/ OVAL_CLASS_PATCH = 4,
/**Valid*/ OVAL_CLASS_VULNERABILITY = 5,
} oval_definition_class_t;
#endif /* OVAL_TYPES_H_ */ #endif /* OVAL_TYPES_H_ */
 End of changes. 3 change blocks. 
1 lines changed or deleted 41 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/