17270625 textfilecontent54 probe fails to match patterns in file XScreensaver
17329762 file probe does not return has_extended_acl info
17329743 uname probe does not return processor type correctly
17382171 isainfo probe does not correct value for isainfo -n
--- a/components/openscap/Makefile Thu Nov 14 08:57:43 2013 -0800
+++ b/components/openscap/Makefile Mon Nov 18 14:56:47 2013 -0800
@@ -65,7 +65,7 @@
CONFIGURE_OPTIONS += --libexecdir=$(CONFIGURE_LIBDIR.$(BITS))
CONFIGURE_OPTIONS += am_cv_python_pythondir=$(PYTHON_VENDOR_PACKAGES)
CONFIGURE_OPTIONS += am_cv_python_pyexecdir=$(PYTHON_VENDOR_PACKAGES)
-CONFIGURE_OPTIONS += LIBS="-lsocket -lnsl -lldap_r -lscf -ldlpi"
+CONFIGURE_OPTIONS += LIBS="-lsocket -lnsl -lldap_r -lscf -ldlpi -lsec"
# common targets
build: $(BUILD_32)
--- a/components/openscap/patches/file.c.patch Thu Nov 14 08:57:43 2013 -0800
+++ b/components/openscap/patches/file.c.patch Mon Nov 18 14:56:47 2013 -0800
@@ -1,11 +1,22 @@
+Fixed issue with file probe not returning has_extended_acl on solaris.
This patch fixes the file probe from crashing on solaris when encountering file
types of door and port.
This patch has not been contributed upstream, but is planned to be done by
- 2013-Jul-12.
+2013-Jul-12.
---- openscap-0.9.7/src/OVAL/probes/unix/file.c.~1~ 2012-12-12 07:09:05.806498654 -0800
-+++ openscap-0.9.7/src/OVAL/probes/unix/file.c 2013-03-12 19:52:50.739765914 -0700
-@@ -84,6 +84,9 @@
+--- openscap-0.9.7/src/OVAL/probes/unix/file.c.~1~ 2013-04-23 06:21:51.447000001 -0700
++++ openscap-0.9.7/src/OVAL/probes/unix/file.c 2013-08-16 13:04:51.171523322 -0700
+@@ -77,6 +77,9 @@
+ #else
+ # error "Sorry, your OS isn't supported."
+ #endif
++#if defined(__SVR4) && defined(__sun)
++#include <sys/acl.h>
++#endif
+
+ oval_version_t over;
+
+@@ -84,6 +87,9 @@
static SEXP_t *gr_t_dir = NULL, *gr_t_lnk = NULL, *gr_t_blk = NULL;
static SEXP_t *gr_t_fifo = NULL, *gr_t_sock = NULL, *gr_t_char = NULL;
static SEXP_t gr_lastpath;
@@ -15,7 +26,7 @@
static SEXP_t *se_filetype (mode_t mode)
{
-@@ -95,6 +98,10 @@
+@@ -95,6 +101,10 @@
case S_IFIFO: return (gr_t_fifo);
case S_IFSOCK: return (gr_t_sock);
case S_IFCHR: return (gr_t_char);
@@ -26,7 +37,20 @@
default:
abort ();
}
-@@ -355,6 +362,10 @@
+@@ -286,8 +297,12 @@
+ se_acl = acl_extended_file(st_path) ? gr_true : gr_false;
+ }
+ #else
++#if defined(__SVR4) && defined(__sun)
++ se_acl = acl_trivial(st_path) ? gr_true : gr_false;
++#else
+ se_acl = NULL;
+ #endif
++#endif
+
+ item = probe_item_create(OVAL_UNIX_FILE, NULL,
+ "filepath", OVAL_DATATYPE_SEXP, se_filepath,
+@@ -355,6 +370,10 @@
#define STR_SOCKET "socket"
#define STR_CHARSPEC "character special"
#define STRLEN_PAIR(str) (str), strlen(str)
@@ -37,7 +61,7 @@
gr_t_reg = SEXP_string_new (STRLEN_PAIR(STR_REGULAR));
gr_t_dir = SEXP_string_new (STRLEN_PAIR(STR_DIRECTORY));
-@@ -363,6 +374,10 @@
+@@ -363,6 +382,10 @@
gr_t_fifo = SEXP_string_new (STRLEN_PAIR(STR_FIFO));
gr_t_sock = SEXP_string_new (STRLEN_PAIR(STR_SOCKET));
gr_t_char = SEXP_string_new (STRLEN_PAIR(STR_CHARSPEC));
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/isainfo.c.patch Mon Nov 18 14:56:47 2013 -0800
@@ -0,0 +1,24 @@
+--- openscap-0.9.7/src/OVAL/probes/unix/solaris/isainfo.c.~1~ 2013-04-23 06:21:51.478000001 -0700
++++ openscap-0.9.7/src/OVAL/probes/unix/solaris/isainfo.c 2013-09-10 11:06:13.488839049 -0700
+@@ -47,6 +47,7 @@
+ #include <arpa/inet.h>
+ #include <regex.h>
+ #include <sys/systeminfo.h>
++#include "../../../../common/debug_priv.h"
+
+ /* man sysinfo (2) recommends using 257 for this size */
+ #define MAX_STR_RESULT 257
+@@ -92,8 +93,12 @@
+ if (sysinfo(SI_ARCHITECTURE_K, result.kernel_isa, MAX_STR_RESULT) == -1) {
+ return err;
+ }
+-
++#if defined(__SVR4) && defined(__sun)
++ if ((sysinfo(SI_ARCHITECTURE_32, result.application_isa, MAX_STR_RESULT) == -1) &&
++ (sysinfo(SI_ARCHITECTURE_64, result.application_isa, MAX_STR_RESULT) == -1)) {
++#else
+ if (sysinfo(SI_ARCHITECTURE_NATIVE, result.application_isa, MAX_STR_RESULT) == -1) {
++#endif
+ return err;
+ }
+
--- a/components/openscap/patches/port097.patch Thu Nov 14 08:57:43 2013 -0800
+++ b/components/openscap/patches/port097.patch Mon Nov 18 14:56:47 2013 -0800
@@ -1,18 +1,8 @@
-This patch provides ports for oscap-info.c, isainfo.c, sce_engince.c,
+This patch provides ports for oscap-info.c, sce_engince.c,
xccdf_policy.c for solaris.
This patch has not been contributed upstream, but is planned to be done by
2013-Jul-12.
---- openscap-0.9.7/src/OVAL/probes/unix/solaris/isainfo.c.orig 2012-12-12 07:09:05.809498641 -0800
-+++ openscap-0.9.7/src/OVAL/probes/unix/solaris/isainfo.c 2012-12-28 11:57:46.931236023 -0800
-@@ -47,6 +47,7 @@
- #include <arpa/inet.h>
- #include <regex.h>
- #include <sys/systeminfo.h>
-+#include "../../../../common/debug_priv.h"
-
- /* man sysinfo (2) recommends using 257 for this size */
- #define MAX_STR_RESULT 257
--- openscap-0.9.7/utils/oscap-info.c.~1~ 2012-12-14 02:13:18.113881933 -0800
+++ openscap-0.9.7/utils/oscap-info.c 2013-01-16 09:55:13.348770490 -0800
@@ -34,7 +34,11 @@
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/textfilecontent54.c.patch Mon Nov 18 14:56:47 2013 -0800
@@ -0,0 +1,17 @@
+Fixed issue with textfilecontent54 not matching patterns in certain files on
+solaris.
+
+--- openscap-0.9.7/src/OVAL/probes/independent/textfilecontent54.c.~1~ 2013-04-23 06:21:51.427000001 -0700
++++ openscap-0.9.7/src/OVAL/probes/independent/textfilecontent54.c 2013-08-20 09:38:16.335266038 -0700
+@@ -72,7 +72,11 @@
+ for (i = 0; i < ovector_len; ++i)
+ ovector[i] = -1;
+
++#if defined(__SVR4) && defined(__sun)
++ rc = pcre_exec(re, NULL, str, strlen(str), *ofs, PCRE_NO_UTF8_CHECK, ovector, ovector_len);
++#else
+ rc = pcre_exec(re, NULL, str, strlen(str), *ofs, 0, ovector, ovector_len);
++#endif
+
+ if (rc < -1) {
+ return -1;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/uname.c.patch Mon Nov 18 14:56:47 2013 -0800
@@ -0,0 +1,41 @@
+--- openscap-0.9.7/src/OVAL/probes/unix/uname.c.~1~ 2013-04-23 06:21:51.480000001 -0700
++++ openscap-0.9.7/src/OVAL/probes/unix/uname.c 2013-08-27 10:06:34.813681695 -0700
+@@ -50,6 +50,9 @@
+ #endif
+ #include <string.h>
+ #include <sys/utsname.h>
++#if defined (__SVR4) && defined (__sun)
++#include <sys/systeminfo.h>
++#endif
+
+ #include "seap.h"
+ #include "probe-api.h"
+@@ -59,17 +62,28 @@
+ {
+ struct utsname buf;
+ SEXP_t *item;
++#if defined (__SVR4) && defined (__sun)
++ char procbuf[SYS_NMLN];
++#endif
+
+ // Collect the info
+ uname(&buf);
+
++#if defined (__SVR4) && defined (__sun)
++ if (sysinfo(SI_ARCHITECTURE, procbuf, sizeof(procbuf)) == -1)
++ return(PROBE_EFATAL);
++#endif
+ item = probe_item_create(OVAL_UNIX_UNAME, NULL,
+ "machine_class", OVAL_DATATYPE_STRING, buf.machine,
+ "node_name", OVAL_DATATYPE_STRING, buf.nodename,
+ "os_name", OVAL_DATATYPE_STRING, buf.sysname,
+ "os_release", OVAL_DATATYPE_STRING, buf.release,
+ "os_version", OVAL_DATATYPE_STRING, buf.version,
++#if defined (__SVR4) && defined (__sun)
++ "processor_type", OVAL_DATATYPE_STRING, procbuf,
++#else
+ "processor_type", OVAL_DATATYPE_STRING, buf.machine,
++#endif
+ NULL);
+
+ probe_item_collect(ctx, item);