[Openvas-commits] r1299 - in trunk/doc/website: . pix
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue Sep 9 11:17:48 CEST 2008
Author: mwiegand
Date: 2008-09-09 11:17:48 +0200 (Tue, 09 Sep 2008)
New Revision: 1299
Added:
trunk/doc/website/pix/ovaldi-results.png
trunk/doc/website/svndiff-ovaldi-rev138.patch
Modified:
trunk/doc/website/integrated-tools.htm4
Log:
Added documentation for OVAL support.
Modified: trunk/doc/website/integrated-tools.htm4
===================================================================
--- trunk/doc/website/integrated-tools.htm4 2008-09-09 07:45:45 UTC (rev 1298)
+++ trunk/doc/website/integrated-tools.htm4 2008-09-09 09:17:48 UTC (rev 1299)
@@ -93,3 +93,47 @@
Status (20080505): Works with OpenVAS, see hints
<a href="using-slad.html">how to use SLAD with OpenVAS</a>.
</p>
+
+<h3>OVAL</h3>
+
+<p>
+Homepage: <a href="http://oval.mitre.org/">OVAL website</a><br/>
+OVAL definitions interpreter: <a href="http://sourceforge.net/projects/ovaldi/">ovaldi</a>
+</p>
+
+<p>
+In order to extend the vulnerabilty coverage even further, the OpenVAS project
+is working on support for OVAL, the Open Vulnerability and Assesment Language.
+</p>
+
+<p>
+Status (20080909): Proof-of-concept support for OVAL definitions is included in
+OpenVAS. If you want to use OVAL definitions, the following steps are
+neccessary:
+</p>
+
+<ol>
+<li>Download ovaldi (preferably from the
+<a href="http://sourceforge.net/svn/?group_id=215469">ovaldi SVN repository</a>;
+revision 138 is recommend for best results with OpenVAS).</li>
+<li>Apply <a href="svndiff-ovaldi-rev138.patch">this patch</a> to the ovaldi
+source.</li>
+<li>Compile and install ovaldi.</li>
+<li>Copy the desired OVAL definitions into your OpenVAS plugin directory; make
+sure to change the file extension from .xml to .oval.</li>
+<li>Restart your OpenVAS server; clients connecting to this server will now see
+a new plugin family called "OVAL definitions" in the plugin selection
+section.</li>
+<li>If you are using OVAL definitions that check for installed versions of
+certain packages, be sure to enable the plugin "Determine OS and list of
+installed packages (with keyid) via SSH login" (located in the "Misc." family)
+and to provide login information for the remote machine.</li>
+</ol>
+
+<p>
+Be aware that support for OVAL definitions is still in an experimental stage and
+only a subset of all OVAL features is supported. Please report any bugs
+to the openvas-devel mailing list.
+</p>
+
+<img src="pix/ovaldi-results.png"/>
Added: trunk/doc/website/pix/ovaldi-results.png
===================================================================
(Binary files differ)
Property changes on: trunk/doc/website/pix/ovaldi-results.png
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/doc/website/svndiff-ovaldi-rev138.patch
===================================================================
--- trunk/doc/website/svndiff-ovaldi-rev138.patch 2008-09-09 07:45:45 UTC (rev 1298)
+++ trunk/doc/website/svndiff-ovaldi-rev138.patch 2008-09-09 09:17:48 UTC (rev 1299)
@@ -0,0 +1,443 @@
+Index: src/Test.h
+===================================================================
+--- src/Test.h (Revision 138)
++++ src/Test.h (Arbeitskopie)
+@@ -133,6 +133,11 @@
+ /** Set the stateId field's value. */
+ void SetStateId(string stateId);
+
++ /** Return the name field's value. */
++ string GetName();
++ /** Set the name field's value. */
++ void SetName(string name);
++
+ /** Return the written field's value. */
+ bool GetWritten();
+ /** Set the written field's value. */
+@@ -211,6 +216,7 @@
+ VariableValueVector testedVariables;
+ string objectId;
+ string stateId;
++ string name;
+
+ static TestMap processedTestsMap;
+ };
+Index: src/Test.cpp
+===================================================================
+--- src/Test.cpp (Revision 138)
++++ src/Test.cpp (Arbeitskopie)
+@@ -138,6 +138,28 @@
+ this->stateId = stateId;
+ }
+
++string Test::GetName() {
++ // -----------------------------------------------------------------------
++ // Abstract
++ //
++ // Return the name field's value
++ //
++ // -----------------------------------------------------------------------
++
++ return this->name;
++}
++
++void Test::SetName(string name) {
++ // -----------------------------------------------------------------------
++ // Abstract
++ //
++ // Set the name field's value
++ //
++ // -----------------------------------------------------------------------
++
++ this->name = name;
++}
++
+ OvalEnum::ResultEnumeration Test::GetResult() {
+
+ return this->result;
+@@ -269,6 +291,8 @@
+ // get id
+ string id = XmlCommon::GetAttributeByName(testElm, "id");
+
++ this->SetName(XmlCommon::GetElementName(testElm));
++
+ // get the attributes
+ this->SetId(XmlCommon::GetAttributeByName(testElm, "id"));
+ this->SetVersion(atoi(XmlCommon::GetAttributeByName(testElm, "version").c_str()));
+@@ -310,13 +334,88 @@
+ } else {
+ // get the collected object from the sc file
+ DOMElement* collectedObjElm = XmlCommon::FindElement(DocumentManager::GetSystemCharacterisitcsDocument(), "object", "id", this->GetObjectId());
++ OvalEnum::Flag collectedObjFlag = OvalEnum::FLAG_NOT_COLLECTED;
+
++
+ if(collectedObjElm == NULL) {
+- // this is an unknown result. the interpreter requires that all objects in a definition
+- // file have a corresponding collected object in the sc file to successfully evaluate.
+- Log::Info("Test::Analyze() - Test id: " + this->GetId() + " Unable to locate corresponding collected object in system characteristics file for object id: " + this->GetObjectId());
+- this->SetResult(OvalEnum::RESULT_UNKNOWN);
+-
++ // If there are no collected objects available, the interpreter will try to find corresponding
++ // items in the system_data section.
++ cout << endl << " Note: No collected objects found for test " << this->GetId() << ". Using experimental object search." << endl;
++
++ string componentName;
++
++ this->SetCheck(OvalEnum::CHECK_AT_LEAST_ONE);
++
++ // Get the component name from the first part of the test name
++ // NOTE: Due to the inconsistent OVAL definition, this won't work for inetlisteningserver(s)
++ string::size_type loc = this->name.find("_", 0);
++ if( loc != string::npos ) {
++ componentName = this->name.substr(0, loc);
++ }
++
++ // Find potential matching items in the system_data section
++ ElementVector* dataElems = XmlCommon::FindAllElements(DocumentManager::GetSystemCharacterisitcsDocument(), componentName + "_item");
++
++ if(dataElems->size() == 0) {
++ // No potential matching items found
++ collectedObjFlag = OvalEnum::FLAG_NOT_COLLECTED;
++ this->SetResult(OvalEnum::RESULT_UNKNOWN);
++ } else {
++ // Potential matching items found
++ ElementVector::iterator iterator;
++ bool matchFound = false;
++ for(iterator = dataElems->begin(); iterator != dataElems->end() && !matchFound; iterator++) {
++ DOMElement *systemDataObject = (*iterator);
++ DOMElement *testObject = XmlCommon::FindElement(DocumentManager::GetDefinitionDocument(), componentName + "_object", "id", this->GetObjectId());
++
++ DOMNodeList *testObjectChildren = testObject->getChildNodes();
++ DOMNodeList *systemDataObjectChildren = systemDataObject->getChildNodes();
++ bool sameChildren = true;
++ unsigned int testObjectChildIndex = 0;
++ while(testObjectChildIndex < testObjectChildren->getLength()) {
++ bool childFound = false;
++ DOMNode *tmpNode = testObjectChildren->item(testObjectChildIndex);
++
++ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
++ DOMElement *testObjectChild = (DOMElement*)tmpNode;
++
++ for(unsigned int systemDataObjectChildIndex = 0;
++ systemDataObjectChildIndex < systemDataObjectChildren->getLength() && !childFound;
++ systemDataObjectChildIndex++) {
++ DOMNode *tmpNode2 = systemDataObjectChildren->item(systemDataObjectChildIndex);
++
++ if (tmpNode2->getNodeType() == DOMNode::ELEMENT_NODE && !childFound) {
++ DOMElement *systemDataObjectChild = (DOMElement*)tmpNode2;
++
++ if(XmlCommon::GetElementName(testObjectChild).compare(XmlCommon::GetElementName(systemDataObjectChild)) == 0 &&
++ XmlCommon::GetDataNodeValue(testObjectChild).compare(XmlCommon::GetDataNodeValue(systemDataObjectChild)) == 0) {
++ childFound = true;
++ }
++ }
++ }
++ if(!childFound)
++ sameChildren = false;
++ }
++ testObjectChildIndex++;
++ }
++
++ if(sameChildren) {
++ TestedItem* testedItem = new TestedItem();
++ Item* item = NULL;
++ item = new Item();
++ item->Parse(systemDataObject);
++ // Item::Cache(item);
++ testedItem->SetItem(item);
++ this->AppendTestedItem(testedItem);
++ collectedObjFlag = OvalEnum::FLAG_COMPLETE;
++ matchFound = true;
++ } else {
++ collectedObjFlag = OvalEnum::FLAG_NOT_COLLECTED;
++ this->SetResult(OvalEnum::RESULT_UNKNOWN);
++ }
++ }
++
++ }
+ } else {
+
+ // Copy all variables in the collected object into VariableValues for the results file
+@@ -356,143 +455,134 @@
+
+ // check the flag on the collected object
+ string flagStr = XmlCommon::GetAttributeByName(collectedObjElm, "flag");
+- OvalEnum::Flag collectedObjFlag = OvalEnum::ToFlag(flagStr);
++ collectedObjFlag = OvalEnum::ToFlag(flagStr);
++ }
+
+- // determine how to proceed based on flag value
+- if(collectedObjFlag == OvalEnum::FLAG_ERROR) {
+- this->SetResult(OvalEnum::RESULT_ERROR);
++ // determine how to proceed based on flag value
++ if(collectedObjFlag == OvalEnum::FLAG_ERROR) {
++ this->SetResult(OvalEnum::RESULT_ERROR);
+
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
+- } else if(collectedObjFlag == OvalEnum::FLAG_NOT_APPLICABLE) {
+- this->SetResult(OvalEnum::RESULT_NOT_APPLICABLE);
+-
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
+- } else if(collectedObjFlag == OvalEnum::FLAG_NOT_COLLECTED) {
+- this->SetResult(OvalEnum::RESULT_UNKNOWN);
+-
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
+- } else if(collectedObjFlag == OvalEnum::FLAG_INCOMPLETE) {
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
++ }
++ } else if(collectedObjFlag == OvalEnum::FLAG_NOT_APPLICABLE) {
++ this->SetResult(OvalEnum::RESULT_NOT_APPLICABLE);
++
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
++ }
++ } else if(collectedObjFlag == OvalEnum::FLAG_NOT_COLLECTED) {
++ this->SetResult(OvalEnum::RESULT_UNKNOWN);
++
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
++ }
++ } else if(collectedObjFlag == OvalEnum::FLAG_INCOMPLETE) {
+
+- OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_UNKNOWN;
++ OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_UNKNOWN;
+
+- // get the count of items with a status of exists
+- int existsCount = 0;
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- OvalEnum::SCStatus itemStatus = (*iterator)->GetItem()->GetStatus();
+- if(itemStatus == OvalEnum::STATUS_EXISTS) {
+- existsCount++;
+- }
+- }
++ // get the count of items with a status of exists
++ int existsCount = 0;
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ OvalEnum::SCStatus itemStatus = (*iterator)->GetItem()->GetStatus();
++ if(itemStatus == OvalEnum::STATUS_EXISTS) {
++ existsCount++;
++ }
++ }
+
+- OvalEnum::ResultEnumeration existenceResult = OvalEnum::RESULT_UNKNOWN;
++ OvalEnum::ResultEnumeration existenceResult = OvalEnum::RESULT_UNKNOWN;
+
+- if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST && existsCount > 0) {
++ if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST && existsCount > 0) {
+
+- // if more than 0 then false
+- existenceResult = OvalEnum::RESULT_FALSE;
++ // if more than 0 then false
++ existenceResult = OvalEnum::RESULT_FALSE;
+
+- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ONLY_ONE_EXISTS && existsCount > 1) {
+-
+- // if more than 1 then false
+- existenceResult = OvalEnum::RESULT_FALSE;
++ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ONLY_ONE_EXISTS && existsCount > 1) {
++
++ // if more than 1 then false
++ existenceResult = OvalEnum::RESULT_FALSE;
+
+- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_AT_LEAST_ONE_EXISTS && existsCount > 0) {
++ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_AT_LEAST_ONE_EXISTS && existsCount > 0) {
+
+- // if more than 1 then false
+- existenceResult = OvalEnum::RESULT_TRUE;
++ // if more than 1 then false
++ existenceResult = OvalEnum::RESULT_TRUE;
+
+- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
++ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
+
+- // always true
+- existenceResult = OvalEnum::RESULT_TRUE;
++ // always true
++ existenceResult = OvalEnum::RESULT_TRUE;
+
+- }
++ }
+
+- if(existenceResult == OvalEnum::RESULT_TRUE) {
++ if(existenceResult == OvalEnum::RESULT_TRUE) {
+
+- // consider the check_state if true so far...
+- OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
++ // consider the check_state if true so far...
++ OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
+
+- if(stateResult == OvalEnum::RESULT_FALSE) {
+- overallResult = OvalEnum::RESULT_FALSE;
+- } if(stateResult == OvalEnum::RESULT_TRUE && this->GetCheck() == OvalEnum::CHECK_AT_LEAST_ONE) {
++ if(stateResult == OvalEnum::RESULT_FALSE) {
++ overallResult = OvalEnum::RESULT_FALSE;
++ } if(stateResult == OvalEnum::RESULT_TRUE && this->GetCheck() == OvalEnum::CHECK_AT_LEAST_ONE) {
+
+- overallResult = OvalEnum::RESULT_TRUE;
+- }
++ overallResult = OvalEnum::RESULT_TRUE;
++ }
+
+- } else {
+- overallResult = existenceResult;
++ } else {
++ overallResult = existenceResult;
+
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+ }
++ }
+
+- this->SetResult(overallResult);
++ this->SetResult(overallResult);
+
+- } else if(collectedObjFlag == OvalEnum::FLAG_DOES_NOT_EXIST) {
++ } else if(collectedObjFlag == OvalEnum::FLAG_DOES_NOT_EXIST) {
+
+- // if the check_existence is set to none_exist or
+- // any_exist the result is true
+- // otherwise the result is false
+- if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST) {
+- this->SetResult(OvalEnum::RESULT_TRUE);
+- // no need to look at state when check_existence is set to none_exist
++ // if the check_existence is set to none_exist or
++ // any_exist the result is true
++ // otherwise the result is false
++ if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST) {
++ this->SetResult(OvalEnum::RESULT_TRUE);
++ // no need to look at state when check_existence is set to none_exist
+
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
++ }
+
+- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
+- // need to look at state result if there is a state
+- if(this->GetStateId().compare("") != 0) {
+- OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
+- this->SetResult(stateResult);
+- } else {
+- this->SetResult(OvalEnum::RESULT_TRUE);
+- }
++ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
++ // need to look at state result if there is a state
++ if(this->GetStateId().compare("") != 0) {
++ OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
++ this->SetResult(stateResult);
+ } else {
+- this->SetResult(OvalEnum::RESULT_FALSE);
++ this->SetResult(OvalEnum::RESULT_TRUE);
+ }
++ } else {
++ this->SetResult(OvalEnum::RESULT_FALSE);
++ }
+
+- } else if(collectedObjFlag == OvalEnum::FLAG_COMPLETE) {
+-
+- OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_ERROR;
++ } else if(collectedObjFlag == OvalEnum::FLAG_COMPLETE) {
++
++ OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_ERROR;
+
+- // Evaluate the check existence attribute.
+- OvalEnum::ResultEnumeration existenceResult = this->EvaluateCheckExistence();
++ // Evaluate the check existence attribute.
++ OvalEnum::ResultEnumeration existenceResult = this->EvaluateCheckExistence();
+
+- // if the existence result is true evaluate the check_state attribute if there is a state
+- if(existenceResult == OvalEnum::RESULT_TRUE) {
+- if(this->GetStateId().compare("") != 0) {
+- overallResult = this->EvaluateCheckState();
+- } else {
+- overallResult = existenceResult;
+-
+- // since we did no look at the state set the tested item result to not evaluated
+- TestedItemVector::iterator iterator;
+- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+- }
+- }
+-
++ // if the existence result is true evaluate the check_state attribute if there is a state
++ if(existenceResult == OvalEnum::RESULT_TRUE) {
++ if(this->GetStateId().compare("") != 0) {
++ overallResult = this->EvaluateCheckState();
+ } else {
+ overallResult = existenceResult;
+
+@@ -503,13 +593,21 @@
+ }
+ }
+
+- this->SetResult(overallResult);
++ } else {
++ overallResult = existenceResult;
++
++ // since we did no look at the state set the tested item result to not evaluated
++ TestedItemVector::iterator iterator;
++ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
++ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
++ }
+ }
++ this->SetResult(overallResult);
+ }
++
+ }
+ this->SetAnalyzed(true);
+ }
+-
+ return this->GetResult();
+ }
+
+@@ -655,7 +753,7 @@
+ OvalEnum::ResultEnumeration Test::EvaluateCheckState() {
+
+ OvalEnum::ResultEnumeration stateResult = OvalEnum::RESULT_ERROR;
+-
++
+ // is there a state associated with this test?
+ if(this->GetStateId().compare("") == 0) {
+ // no state specified
+@@ -686,7 +784,6 @@
+ Log::Fatal("Unable to evaluate test " + this->GetId() + ". An error occured while processing the associated state " + this->GetStateId() + ". " + ex.GetErrorMessage());
+ }
+ }
+-
+ return stateResult;
+ }
+
More information about the Openvas-commits
mailing list