├── .github └── workflows │ └── build.yaml ├── .gitignore ├── AppIcon.icns ├── AppIcon.ico ├── CMakeLists.txt ├── COPYING ├── README.md ├── banner.png ├── build-for-osx.sh ├── build └── .gitkeep ├── cmake ├── Copyright.txt ├── GNUInstallDirs.cmake └── MacOSXBundleInfo.plist.in ├── dialog.png ├── doc ├── user_manual.adoc └── user_manual │ ├── customizing_ssg_profile.png │ ├── default_content_opened.png │ ├── intro_screenshot.png │ ├── logo.png │ ├── opening_tailoring_file.png │ ├── save_as_rpm_dialog.png │ ├── scanning_remote_machine.png │ ├── ssg_integration.png │ ├── starting_scap_workbench.png │ ├── tailoring_dialog_opened.png │ ├── tailoring_set_value.png │ └── tailoring_undo_history.png ├── include ├── APIHelpers.h ├── Application.h ├── CommandLineArgsDialog.h ├── Config.h.in ├── DiagnosticsDialog.h ├── Exceptions.h ├── ForwardDecls.h ├── MainWindow.h ├── OscapCapabilities.h ├── OscapScannerBase.h ├── OscapScannerLocal.h ├── OscapScannerRemoteSsh.h ├── ProcessHelpers.h ├── RPMOpenHelper.h ├── RemediationRoleSaver.h ├── RemoteMachineComboBox.h ├── RemoteSsh.h ├── ResultViewer.h ├── RuleResultItem.h ├── RuleResultsTree.h ├── SSGIntegrationDialog.h ├── SaveAsRPMDialog.h ├── Scanner.h ├── ScanningSession.h ├── TailorProfileDialog.h ├── TailoringDockWidgets.h ├── TailoringUndoCommands.h ├── TailoringWindow.h └── Utils.h ├── man └── scap-workbench.8 ├── org.open_scap.scap_workbench.appdata.xml ├── org.open_scap.scap_workbench.desktop ├── osx-create-dmg.sh.in ├── osx-dmg-background.png ├── runwrapper.sh.in ├── scap-workbench-oscap.policy.in ├── scap-workbench-oscap.sh ├── scap-workbench-osx-ssh-askpass.sh ├── scap-workbench-pkexec-oscap.sh ├── scap-workbench-rpm-extract.sh ├── scap-workbench.wxs.in ├── share ├── pixmaps │ ├── scap-workbench.png │ └── scap-workbench.svg └── scap-workbench │ ├── benchmark.png │ ├── collapsed-arrow.png │ ├── edit-redo.png │ ├── edit-undo.png │ ├── expanded-arrow.png │ ├── group.png │ ├── profile.png │ ├── rule.png │ ├── ssg_logo.png │ ├── translations │ └── README │ └── value.png ├── src ├── APIHelpers.cpp ├── Application.cpp ├── CommandLineArgsDialog.cpp ├── DiagnosticsDialog.cpp ├── MainWindow.cpp ├── OscapCapabilities.cpp ├── OscapScannerBase.cpp ├── OscapScannerLocal.cpp ├── OscapScannerRemoteSsh.cpp ├── ProcessHelpers.cpp ├── RPMOpenHelper.cpp ├── RemediationRoleSaver.cpp ├── RemoteMachineComboBox.cpp ├── RemoteSsh.cpp ├── ResultViewer.cpp ├── RuleResultItem.cpp ├── RuleResultsTree.cpp ├── SSGIntegrationDialog.cpp ├── SaveAsRPMDialog.cpp ├── Scanner.cpp ├── ScanningSession.cpp ├── TailorProfileDialog.cpp ├── TailoringDockWidgets.cpp ├── TailoringUndoCommands.cpp ├── TailoringWindow.cpp ├── Utils.cpp └── main.cpp ├── ui ├── CommandLineArgsDialog.ui ├── DiagnosticsDialog.ui ├── MainWindow.ui ├── ProcessProgress.ui ├── ProfilePropertiesDockWidget.ui ├── RemoteMachineComboBox.ui ├── ResultViewer.ui ├── RuleResultItem.ui ├── RuleResultsTree.ui ├── SSGIntegrationDialog.ui ├── SaveAsRPMDialog.ui ├── TailorProfileDialog.ui ├── TailoringWindow.ui └── XCCDFItemPropertiesDockWidget.ui ├── win32-LICENSE.rtf └── win32-resource.rc.in /.github/workflows/build.yaml: -------------------------------------------------------------------------------- 1 | name: Gating 2 | on: 3 | push: 4 | branches: [ '*' ] 5 | pull_request: 6 | branches: [ main, v1-2 ] 7 | jobs: 8 | build-ubuntu: 9 | name: Build on Ubuntu Latest 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Install Deps 13 | uses: mstksg/get-package@v1 14 | with: 15 | apt-get: build-essential openssh-client libopenscap-dev libqt5xmlpatterns5-dev ssh-askpass asciidoc libpolkit-agent-1-0 16 | - name: Checkout 17 | uses: actions/checkout@v2 18 | - name: Build 19 | run: | 20 | mkdir -p build 21 | pushd build 22 | cmake .. 23 | make -j4 24 | popd 25 | 26 | build-fedora: 27 | name: Build on Fedora Latest (Container) 28 | runs-on: ubuntu-latest 29 | container: 30 | image: fedora:latest 31 | steps: 32 | - name: Install Deps 33 | run: dnf install -y cmake gcc-c++ openssh-clients util-linux openscap-devel qt5-qtbase-devel qt5-qtxmlpatterns-devel openssh-askpass asciidoc polkit-libs 34 | - name: Checkout 35 | uses: actions/checkout@v2 36 | - name: Build 37 | run: | 38 | mkdir -p build 39 | pushd build 40 | cmake .. 41 | make -j4 42 | popd 43 | 44 | # Disabled 45 | # build-macos: 46 | # name: Build on MacOS X Latest 47 | # runs-on: macos-latest 48 | # steps: 49 | # - uses: actions/checkout@v2 50 | # - name: Install Deps 51 | # run: | 52 | # brew install jq 53 | # brew install qt5 54 | # brew install asciidoc 55 | # brew install pkg-config 56 | # brew install doxygen 57 | # brew install opendbx 58 | # brew install popt 59 | # brew install swig 60 | # brew install upx 61 | # brew install libxmlsec1 62 | # npm install -g appdmg 63 | # echo "/usr/local/opt/qt/bin" >> $GITHUB_PATH 64 | # echo "Qt5_DIR=/usr/local/opt/qt5/lib/cmake/Qt5" >> $GITHUB_ENV 65 | # - name: Build OpenSCAP 66 | # run: | 67 | # git clone --depth 1 https://github.com/openscap/openscap.git 68 | # pushd openscap/build 69 | # cmake -DENABLE_PROBES=FALSE ../ 70 | # make -j4 71 | # make install 72 | # popd 73 | # Broken 74 | # - name: Build OSX Image 75 | # run: | 76 | # chmod +x ./build-for-osx.sh 77 | # ./build-for-osx.sh 78 | # REL_TAG=`curl -s "https://github.com/ComplianceAsCode/content/releases/latest" | grep -o 'tag/[v.0-9]*' | awk -F/ '{print $2}'` 79 | # REL_TAG_NUM=`echo ${REL_TAG} | cut -d"v" -f2` 80 | # DWN_LINK=https://github.com/ComplianceAsCode/content/releases/download/${REL_TAG}/scap-security-guide-${REL_TAG_NUM}.zip 81 | # if [ -z "${DWN_LINK}" ]; then echo 'Could not get the ZIP URL! It is empty!'; exit 1; fi 82 | # wget "${DWN_LINK}" -O ssg.zip 83 | # mkdir -p `pwd`/build-osx/scap-workbench.app/Contents/Resources/ssg/ && unzip ssg.zip && cp -a scap-security-guide-*/* `pwd`/build-osx/scap-workbench.app/Contents/Resources/ssg/ 84 | # cd build-osx && bash osx-create-dmg.sh 85 | # We don't do automatic releases, do we? 86 | # - name: Release 87 | # uses: softprops/action-gh-release@v1 88 | # if: startsWith(github.ref, 'refs/tags/') 89 | # with: 90 | # files: build-osx/scap-workbench-${{ steps.get_version.outputs.VERSION }}.dmg 91 | # env: 92 | # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 93 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Backups 2 | *~ 3 | 4 | # Build dir 5 | build/ 6 | 7 | .clang_complete 8 | CMakeLists.txt.user 9 | 10 | # auto-built user_manual.html 11 | doc/user_manual.html 12 | -------------------------------------------------------------------------------- /AppIcon.icns: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/AppIcon.icns -------------------------------------------------------------------------------- /AppIcon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/AppIcon.ico -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | SCAP Workbench 2 | ============== 3 | 4 | A GUI tool that provides scanning, tailoring and validation functionality for SCAP content 5 | 6 | About 7 | ----- 8 | 9 | SCAP Workbench is a GUI tool that provides scanning, tailoring 10 | and validation functionality for SCAP content. It uses openscap library 11 | to access SCAP functionalities. 12 | 13 | Homepage of the project is https://www.open-scap.org/tools/scap-workbench/ 14 | 15 | How to run it out of the box 16 | ---------------------------- 17 | 18 | 1) Make sure you have installed all prerequisites 19 | 20 | required dependencies: 21 | ```console 22 | # yum install cmake gcc-c++ openssh-clients util-linux openscap-devel qt5-qtbase-devel qt5-qtxmlpatterns-devel openssh-askpass 23 | ``` 24 | 25 | required dependencies (only for the git repo, not required for released tarballs): 26 | ```console 27 | # yum install asciidoc 28 | ``` 29 | 30 | optional dependencies: 31 | ```console 32 | # yum install polkit 33 | ``` 34 | 35 | On Ubuntu this is roughly equivalent to: 36 | 37 | ```console 38 | # apt install build-essential openssh-client libopenscap-dev libqt5xmlpatterns5-dev ssh-askpass 39 | # apt install asciidoc 40 | # apt install libpolkit-agent-1-0 41 | ``` 42 | 43 | 2) Build SCAP Workbench: 44 | ```console 45 | $ mkdir build; cd build 46 | $ cmake ../ 47 | $ make 48 | ``` 49 | To build against locally built OpenSCAP library export following variables: 50 | 51 | ```console 52 | $ export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/PATH/TO/DIR/WITH/.pcFILE/" 53 | $ export LIBRARY_PATH=/PATH/TO/DIR/WITH/openscap.soFILE/ 54 | ``` 55 | 56 | Additionally it is possible to use custom CMake definitions instead of exporting environment variables: 57 | 58 | ```console 59 | $ cmake -DOPENSCAP_LIBRARIES:PATH=/local/openscap.so/filepath/ \ 60 | -DOPENSCAP_INCLUDE_DIRS:PATH=/local/openscap/include/path \ 61 | -DOPENSCAP_VERSION:STRING="X.Y.Z" \ 62 | ../ 63 | $ make 64 | ``` 65 | 66 | 3) Install SCAP Workbench: (optional) 67 | 68 | (inside the build folder): 69 | ```console 70 | $ # may require superuser privileges if you didn't set different installation 71 | $ # prefix (CMAKE_INSTALL_PREFIX) 72 | $ make install 73 | ``` 74 | 75 | 4a) Run SCAP Workbench: (if it was installed) 76 | 77 | spawning open file dialog: 78 | ```console 79 | $ scap-workbench 80 | ``` 81 | 82 | with an XCCDF file to load: 83 | ```console 84 | $ scap-workbench /path/to/xccdf-file.xml 85 | ``` 86 | 87 | with a source datastream (SDS) to load: 88 | ```console 89 | $ scap-workbench /path/to/sds-file 90 | ``` 91 | 92 | 4b) Run SCAP Workbench: (straight from build dir, without installation) 93 | 94 | Note: If you have built SCAP-Workbench against locally built OpenSCAP library, then run one of the following commands: 95 | 96 | ```console 97 | $ ldconfig /PATH/TO/DIR/WITH/openscap.soFILE/ 98 | ``` 99 | or 100 | ```console 101 | $ export LD_LIBRARY_PATH=/PATH/TO/DIR/WITH/openscap.soFILE/ 102 | ``` 103 | 104 | and then: 105 | 106 | ```console 107 | $ cd build/ 108 | $ bash runwrapper.sh ./scap-workbench 109 | ``` 110 | 111 | What now? 112 | --------- 113 | 114 | You should have a built SCAP Workbench executable by now. Please refer to the user manual for documentation on how to use it. 115 | 116 | There are 3 ways to get the user manual: 117 | 118 | * Click `Help -> User Manual` in the application 119 | * Open `/usr/share/doc/scap-workbench/user_manual.html` (installed system-wide) or `doc/user_manual.html` (from the tarball) in your browser 120 | * Open or download [user manual from the website](https://static.open-scap.org/scap-workbench-1.1/) 121 | 122 | How to make a tarball 123 | --------------------- 124 | ```console 125 | $ mkdir build; cd build 126 | $ cmake ../ 127 | $ make package_source 128 | ``` 129 | -------------------------------------------------------------------------------- /banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/banner.png -------------------------------------------------------------------------------- /build-for-osx.sh: -------------------------------------------------------------------------------- 1 | set -ex 2 | 3 | mkdir -p build-osx/ 4 | pushd build-osx/ 5 | cmake -D SCAP_WORKBENCH_LOCAL_SCAN_ENABLED=false -D SCAP_AS_RPM_EXECUTABLE="" ../ 6 | make -j 4 7 | mkdir -p ./scap-workbench.app/Contents/Frameworks/ 8 | cp /usr/local/lib/libpcre.1.dylib ./scap-workbench.app/Contents/Frameworks/ 9 | cp /usr/local/lib/libopenscap*.dylib ./scap-workbench.app/Contents/Frameworks/ 10 | chmod 755 ./scap-workbench.app/Contents/Frameworks/*.dylib 11 | echo "Copy fresh extracted SSG zip into `pwd`/scap-workbench.app/Contents/Resources/ssg/" 12 | echo "so that SSG README.md is at `pwd`/scap-workbench.app/Contents/Resources/ssg/README.md" 13 | echo "Then change directory to `pwd` and run \"sh osx-create-dmg.sh\"" 14 | popd 15 | -------------------------------------------------------------------------------- /build/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/build/.gitkeep -------------------------------------------------------------------------------- /cmake/Copyright.txt: -------------------------------------------------------------------------------- 1 | CMake - Cross Platform Makefile Generator 2 | Copyright 2000-2016 Kitware, Inc. 3 | Copyright 2000-2011 Insight Software Consortium 4 | All rights reserved. 5 | 6 | Redistribution and use in source and binary forms, with or without 7 | modification, are permitted provided that the following conditions 8 | are met: 9 | 10 | * Redistributions of source code must retain the above copyright 11 | notice, this list of conditions and the following disclaimer. 12 | 13 | * Redistributions in binary form must reproduce the above copyright 14 | notice, this list of conditions and the following disclaimer in the 15 | documentation and/or other materials provided with the distribution. 16 | 17 | * Neither the names of Kitware, Inc., the Insight Software Consortium, 18 | nor the names of their contributors may be used to endorse or promote 19 | products derived from this software without specific prior written 20 | permission. 21 | 22 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 25 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 | HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 28 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | 34 | ------------------------------------------------------------------------------ 35 | 36 | The above copyright and license notice applies to distributions of 37 | CMake in source and binary form. Some source files contain additional 38 | notices of original copyright by their contributors; see each source 39 | for details. Third-party software packages supplied with CMake under 40 | compatible licenses provide their own copyright notices documented in 41 | corresponding subdirectories. 42 | 43 | ------------------------------------------------------------------------------ 44 | 45 | CMake was initially developed by Kitware with the following sponsorship: 46 | 47 | * National Library of Medicine at the National Institutes of Health 48 | as part of the Insight Segmentation and Registration Toolkit (ITK). 49 | 50 | * US National Labs (Los Alamos, Livermore, Sandia) ASC Parallel 51 | Visualization Initiative. 52 | 53 | * National Alliance for Medical Image Computing (NAMIC) is funded by the 54 | National Institutes of Health through the NIH Roadmap for Medical Research, 55 | Grant U54 EB005149. 56 | 57 | * Kitware, Inc. 58 | -------------------------------------------------------------------------------- /cmake/MacOSXBundleInfo.plist.in: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | English 7 | CFBundleExecutable 8 | scap-workbench 9 | CFBundleGetInfoString 10 | 11 | CFBundleIconFile 12 | ${MACOSX_BUNDLE_ICON_FILE} 13 | CFBundleIdentifier 14 | ${MACOSX_BUNDLE_GUI_IDENTIFIER} 15 | CFBundleInfoDictionaryVersion 16 | 6.0 17 | CFBundleLongVersionString 18 | ${MACOSX_BUNDLE_BUNDLE_VERSION} 19 | CFBundleName 20 | ${MACOSX_BUNDLE_BUNDLE_NAME} 21 | CFBundlePackageType 22 | APPL 23 | CFBundleShortVersionString 24 | ${MACOSX_BUNDLE_BUNDLE_VERSION} 25 | CFBundleSignature 26 | ???? 27 | CFBundleVersion 28 | ${MACOSX_BUNDLE_BUNDLE_VERSION} 29 | CSResourcesFileMapped 30 | 31 | LSRequiresCarbon 32 | 33 | NSHumanReadableCopyright 34 | ${MACOSX_BUNDLE_COPYRIGHT} 35 | NSPrincipalClass 36 | NSApplication 37 | 38 | 39 | -------------------------------------------------------------------------------- /dialog.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/dialog.png -------------------------------------------------------------------------------- /doc/user_manual/customizing_ssg_profile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/customizing_ssg_profile.png -------------------------------------------------------------------------------- /doc/user_manual/default_content_opened.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/default_content_opened.png -------------------------------------------------------------------------------- /doc/user_manual/intro_screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/intro_screenshot.png -------------------------------------------------------------------------------- /doc/user_manual/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/logo.png -------------------------------------------------------------------------------- /doc/user_manual/opening_tailoring_file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/opening_tailoring_file.png -------------------------------------------------------------------------------- /doc/user_manual/save_as_rpm_dialog.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/save_as_rpm_dialog.png -------------------------------------------------------------------------------- /doc/user_manual/scanning_remote_machine.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/scanning_remote_machine.png -------------------------------------------------------------------------------- /doc/user_manual/ssg_integration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/ssg_integration.png -------------------------------------------------------------------------------- /doc/user_manual/starting_scap_workbench.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/starting_scap_workbench.png -------------------------------------------------------------------------------- /doc/user_manual/tailoring_dialog_opened.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/tailoring_dialog_opened.png -------------------------------------------------------------------------------- /doc/user_manual/tailoring_set_value.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/tailoring_set_value.png -------------------------------------------------------------------------------- /doc/user_manual/tailoring_undo_history.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/doc/user_manual/tailoring_undo_history.png -------------------------------------------------------------------------------- /include/APIHelpers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_API_HELPERS_H_ 23 | #define SCAP_WORKBENCH_API_HELPERS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | 29 | extern "C" 30 | { 31 | #include 32 | #include 33 | } 34 | 35 | /** 36 | * Goes through the text iterator and returns preferred text depending on language 37 | * 38 | * This function frees the iterator itself, it can't be used after this function terminates. 39 | * 40 | * @exception nothrow This function is guaranteed to not throw any exceptions. 41 | */ 42 | QString oscapTextIteratorGetPreferred(struct oscap_text_iterator* it, const QString& lang = ""); 43 | 44 | /** 45 | * Get human readable title of the given XCCDF Item. The title is selected based on the given 46 | * preferred language and then the XCCDF Substitution is resolved in accordance with given 47 | * XCCDF policy. 48 | * 49 | * @exception nothrow This function is guaranteed to not throw any exceptions. 50 | */ 51 | QString oscapItemGetReadableTitle(struct xccdf_item* item, struct xccdf_policy* policy, const QString& lang = ""); 52 | 53 | /** 54 | * Get human readable description of the given XCCDF Item. The description is selected based 55 | * on the given preferred language and then the XCCDF Substitution is resolved in accordance 56 | * with given XCCDF policy. 57 | * 58 | * @exception nothrow This function is guaranteed to not throw any exceptions. 59 | */ 60 | QString oscapItemGetReadableDescription(struct xccdf_item* item, struct xccdf_policy* policy, const QString& lang = ""); 61 | 62 | /** 63 | * Returns QString containing utf8 contents of oscap_err_desc() 64 | * 65 | * @exception nothrow This function is guaranteed to not throw any exceptions. 66 | */ 67 | QString oscapErrDesc(); 68 | 69 | /** 70 | * Returns QString containing utf8 contents of oscap_err_get_full_error() 71 | * 72 | * @exception nothrow This function is guaranteed to not throw any exceptions. 73 | */ 74 | QString oscapErrGetFullError(); 75 | 76 | #endif 77 | -------------------------------------------------------------------------------- /include/Application.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "ForwardDecls.h" 23 | #include 24 | #include 25 | 26 | /** 27 | * @brief Central application 28 | * 29 | * Constructs the MainWindow. 30 | * Technically, this class is a singleton because of the qApp global pointer 31 | * and the QCoreApplication::instance() static method. 32 | * 33 | * This class is virtual solely because of the qApp() macro and the singleton 34 | * nature of QApplication. 35 | */ 36 | class Application : public QApplication 37 | { 38 | public: 39 | /** 40 | * Make *sure* argc will be valid during lifetime of this class, you are 41 | * passing a reference! Qt can alter argc when it parses the command line. 42 | * If argc is deleted by then this will cause an invalid write! 43 | */ 44 | Application(int& argc, char** argv); 45 | virtual ~Application(); 46 | 47 | private: 48 | /** 49 | * @brief Processes command line arguments and acts accordingly 50 | */ 51 | void processCLI(QStringList& args); 52 | 53 | /** 54 | * @brief Opens the SSG integration dialog to let user open SSG 55 | */ 56 | void openSSG(); 57 | 58 | /** 59 | * @brief Opens a file dialog, allowing user to open any content 60 | */ 61 | void browseForContent(); 62 | 63 | /// Needed for QObject::tr(..) to work properly, loaded on app startup 64 | QTranslator mTranslator; 65 | MainWindow* mMainWindow; 66 | }; 67 | -------------------------------------------------------------------------------- /include/CommandLineArgsDialog.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_COMMAND_LINE_ARGS_DIALOG_H_ 23 | #define SCAP_WORKBENCH_COMMAND_LINE_ARGS_DIALOG_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | 29 | #include "ui_CommandLineArgsDialog.h" 30 | 31 | class CommandLineArgsDialog : public QDialog 32 | { 33 | Q_OBJECT 34 | 35 | public: 36 | explicit CommandLineArgsDialog(QWidget* parent = 0); 37 | virtual ~CommandLineArgsDialog(); 38 | 39 | void setArgs(const QStringList& args); 40 | 41 | private slots: 42 | void copyToClipboard(); 43 | 44 | private: 45 | Ui_CommandLineArgsDialog mUI; 46 | }; 47 | 48 | #endif 49 | -------------------------------------------------------------------------------- /include/Config.h.in: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013-2015 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_CONFIG_H_ 23 | #define SCAP_WORKBENCH_CONFIG_H_ 24 | 25 | #define SCAP_WORKBENCH_VERSION_MAJOR @SCAP_WORKBENCH_VERSION_MAJOR@ 26 | #define SCAP_WORKBENCH_VERSION_MINOR @SCAP_WORKBENCH_VERSION_MINOR@ 27 | #define SCAP_WORKBENCH_VERSION_PATCH @SCAP_WORKBENCH_VERSION_PATCH@ 28 | #define SCAP_WORKBENCH_VERSION "@SCAP_WORKBENCH_VERSION@" 29 | 30 | #define SCAP_WORKBENCH_ICON "@CMAKE_INSTALL_FULL_DATADIR@/pixmaps/scap-workbench.png" 31 | #define SCAP_WORKBENCH_SHARE "@CMAKE_INSTALL_FULL_DATADIR@/scap-workbench" 32 | #define SCAP_WORKBENCH_DOC "@CMAKE_INSTALL_FULL_DOCDIR@" 33 | 34 | #define SCAP_WORKBENCH_SSG_DIRECTORY "@SCAP_WORKBENCH_SSG_DIRECTORY@" 35 | #define SCAP_WORKBENCH_SCAP_CONTENT_DIRECTORY "@SCAP_WORKBENCH_SCAP_CONTENT_DIRECTORY@" 36 | 37 | #cmakedefine SCAP_WORKBENCH_LOCAL_SCAN_ENABLED 38 | #define SCAP_WORKBENCH_PREFERRED_DATASTREAM_BASENAMES "@SCAP_WORKBENCH_PREFERRED_DATASTREAM_BASENAMES@" 39 | #define SCAP_WORKBENCH_LOCAL_OSCAP_PATH "oscap" 40 | #define SCAP_WORKBENCH_LOCAL_PKEXEC_OSCAP_PATH "@CMAKE_INSTALL_FULL_LIBEXECDIR@/scap-workbench-pkexec-oscap.sh" 41 | #define SCAP_WORKBENCH_LOCAL_RPM_EXTRACT_PATH "@CMAKE_INSTALL_FULL_LIBEXECDIR@/scap-workbench-rpm-extract.sh" 42 | #define SCAP_WORKBENCH_REMOTE_OSCAP_PATH "oscap" 43 | #cmakedefine SCAP_WORKBENCH_LOCAL_SSH_FOUND 44 | #define SCAP_WORKBENCH_LOCAL_SSH_PATH "@SSH_EXECUTABLE@" 45 | #cmakedefine SCAP_WORKBENCH_LOCAL_SETSID_FOUND 46 | #define SCAP_WORKBENCH_LOCAL_SETSID_PATH "@SETSID_EXECUTABLE@" 47 | #cmakedefine SCAP_WORKBENCH_LOCAL_SETSID_SUPPORTS_WAIT 48 | #cmakedefine SCAP_WORKBENCH_LOCAL_NICE_FOUND 49 | #define SCAP_WORKBENCH_LOCAL_NICE_PATH "@NICE_EXECUTABLE@" 50 | #define SCAP_WORKBENCH_LOCAL_OSCAP_NICENESS 10 51 | #cmakedefine SCAP_WORKBENCH_LOCAL_SCAP_AS_RPM_FOUND 52 | #define SCAP_WORKBENCH_LOCAL_SCAP_AS_RPM_PATH "@SCAP_AS_RPM_EXECUTABLE@" 53 | 54 | #define OPENSCAP_VERSION "@OPENSCAP_VERSION@" 55 | #define OPENSCAP_VERSION_MAJOR @OPENSCAP_VERSION_MAJOR@ 56 | #define OPENSCAP_VERSION_MINOR @OPENSCAP_VERSION_MINOR@ 57 | #define OPENSCAP_VERSION_PATCH @OPENSCAP_VERSION_PATCH@ 58 | 59 | #cmakedefine SCAP_WORKBENCH_USE_NATIVE_FILE_DIALOGS 60 | 61 | #endif 62 | -------------------------------------------------------------------------------- /include/DiagnosticsDialog.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_DIAGNOSTICS_DIALOG_H_ 23 | #define SCAP_WORKBENCH_DIAGNOSTICS_DIALOG_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | 29 | extern "C" 30 | { 31 | #include 32 | } 33 | 34 | #include "ui_DiagnosticsDialog.h" 35 | 36 | /** 37 | * @brief Messages are divided into categories. 38 | * 39 | * Info is not important and does not make the DiagnosticDialog pop up. 40 | * All the other categories cause the dialog to be shown. 41 | * 42 | * This enum is not used directly but only internally. You are advised 43 | * to use the {info,warning,exception,error}Message methods. 44 | */ 45 | enum MessageSeverity 46 | { 47 | MS_INFO, 48 | MS_WARNING, 49 | MS_EXCEPTION, 50 | MS_ERROR 51 | }; 52 | 53 | 54 | /** 55 | * @brief MessageFormat can be any subset of this flags 56 | */ 57 | enum MessageFormat 58 | { 59 | MF_STANDARD = 0x01, 60 | MF_PREFORMATTED = 0x02, // Preserve whitespaces to output 61 | MF_XML = 0x04, // Replace xml metacharacters with xml entities 62 | MF_PREFORMATTED_XML = MF_PREFORMATTED | MF_XML, 63 | }; 64 | 65 | 66 | /** 67 | * @brief Workbench displays errors and warnings, this dialog groups them 68 | * 69 | * This is a final class and is not supposed to be inherited. 70 | */ 71 | class DiagnosticsDialog : public QDialog 72 | { 73 | Q_OBJECT 74 | 75 | public: 76 | explicit DiagnosticsDialog(QWidget* parent = 0); 77 | virtual ~DiagnosticsDialog(); 78 | 79 | /** 80 | * @brief Clears all kept content 81 | */ 82 | void clear(); 83 | 84 | /** 85 | * @brief Blocks execution until user hides this dialog 86 | * 87 | * @param interval Polling interval in msec 88 | */ 89 | void waitUntilHidden(unsigned int interval = 100); 90 | 91 | public slots: 92 | /** 93 | * @brief Scanner triggers this to show a message about progress 94 | * 95 | * Example: Connecting to remote target..., Copying input file..., etc. 96 | * No action is required by the user upon receiving this message. 97 | * 98 | * The diagnostics dialog will not open when just these messages are 99 | * received. 100 | */ 101 | void infoMessage(const QString& message, MessageFormat format = MF_STANDARD); 102 | 103 | /** 104 | * @brief Scanner triggers this to show a warning message 105 | * 106 | * A warning message will open the diagnostics dialog if it isn't 107 | * being shown already. 108 | */ 109 | void warningMessage(const QString& message, MessageFormat format = MF_STANDARD); 110 | 111 | /** 112 | * @brief Scanner triggers this to show an error message 113 | * 114 | * An error message will open the diagnostics dialog if it isn't 115 | * being shown already. 116 | */ 117 | void errorMessage(const QString& message, MessageFormat format = MF_STANDARD); 118 | 119 | /** 120 | * @brief Report a caught exception. 121 | */ 122 | void exceptionMessage(const std::exception& e, const QString& context = "", MessageFormat format = MF_STANDARD); 123 | 124 | private: 125 | void pushMessage(MessageSeverity severity, const QString& fullMessage, MessageFormat format = MF_STANDARD); 126 | 127 | /** 128 | * @brief Pushes a single info message containing version info 129 | */ 130 | void dumpVersionInfo(); 131 | 132 | Ui_DiagnosticsDialog mUI; 133 | 134 | private slots: 135 | /** 136 | * @brief Copies plain text log to system clipboard, useful for bug reports 137 | */ 138 | void copyToClipboard(); 139 | 140 | /** 141 | * @brief Clears the diagnostics dialog 142 | */ 143 | void clearDialog(); 144 | }; 145 | 146 | 147 | /** 148 | * @brief Global pointer to the diagnostics dialog. 149 | * 150 | * As it is basically write-only, it doesn't share state, so it doesn't matter that it is global. 151 | * When the application is running, it is the same MainWindow::mDiagnosticsDialog, which should be considered the single point of truth. 152 | */ 153 | extern DiagnosticsDialog* globalDiagnosticsDialog; 154 | 155 | #endif 156 | -------------------------------------------------------------------------------- /include/Exceptions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_EXCEPTIONS_H_ 23 | #define SCAP_WORKBENCH_EXCEPTIONS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include 29 | 30 | #define SCAP_WORKBENCH_SIMPLE_EXCEPTION(NAME, PREFIX) \ 31 | class NAME : public std::runtime_error \ 32 | { \ 33 | public: \ 34 | NAME(const QString& msg): \ 35 | std::runtime_error(std::string(PREFIX) + std::string(msg.toUtf8().data())) \ 36 | {} \ 37 | \ 38 | virtual ~NAME() throw()\ 39 | {} \ 40 | }; 41 | 42 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(MainWindowException, 43 | "There was a problem with MainWindow!\n"); 44 | 45 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(RuleResultsTreeException, 46 | "There was a problem with RuleResultsTree!\n"); 47 | 48 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(ScanningSessionException, 49 | "There was a problem with ScanningSession!\n"); 50 | 51 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(SyncProcessException, 52 | "There was a problem with SyncProcess!\n"); 53 | 54 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(SshConnectionException, 55 | "There was a problem with SshConnection!\n"); 56 | 57 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(TailoringWindowException, 58 | "There was a problem with TailoringWindow!\n"); 59 | 60 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(OscapScannerRemoteSshException, 61 | "There was a problem with OscapScannerRemoteSsh!\n"); 62 | 63 | SCAP_WORKBENCH_SIMPLE_EXCEPTION(RPMOpenHelperException, 64 | "There was a problem with RPMOpenHelper!\n"); 65 | 66 | #endif 67 | -------------------------------------------------------------------------------- /include/ForwardDecls.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_FORWARD_DECLS_H_ 23 | #define SCAP_WORKBENCH_FORWARD_DECLS_H_ 24 | 25 | #include "Config.h" 26 | 27 | class Application; 28 | class CommandLineArgsDialog; 29 | class DiagnosticsDialog; 30 | class MainWindow; 31 | class OscapCapabilities; 32 | class OscapScannerBase; 33 | class OscapScannerLocal; 34 | class OscapScannerRemoteSsh; 35 | class ProfilePropertiesDockWidget; 36 | class ProfileTitleChangeUndoCommand; 37 | class ProfileDescriptionChangeUndoCommand; 38 | class RemoteMachineComboBox; 39 | class ResultViewer; 40 | class RPMOpenHelper; 41 | class RuleResultItem; 42 | class RuleResultsTree; 43 | class SaveAsRPMDialog; 44 | class ScanningSession; 45 | class Scanner; 46 | class SshConnection; 47 | class SshSyncProcess; 48 | class ScpSyncProcess; 49 | class SyncProcess; 50 | class SSGIntegrationDialog; 51 | class TailoringWindow; 52 | class TailorProfileDialog; 53 | class XCCDFItemPropertiesDockWidget; 54 | class XCCDFItemSelectUndoCommand; 55 | class XCCDFValueChangeUndoCommand; 56 | 57 | #endif 58 | -------------------------------------------------------------------------------- /include/OscapCapabilities.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_OSCAP_SCANNER_CAPABILITIES_H_ 23 | #define SCAP_WORKBENCH_OSCAP_SCANNER_CAPABILITIES_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | 29 | /** 30 | * @brief Figures out oscap capabilities based on version and compile flags 31 | */ 32 | class OscapCapabilities 33 | { 34 | public: 35 | OscapCapabilities(); 36 | 37 | /** 38 | * @brief Resets all stored capabilities to unknown or not supported 39 | * 40 | * @see OscapCapabilities::parse 41 | */ 42 | void clear(); 43 | 44 | /** 45 | * @brief Parses output of 'oscap --v' and interprets the results 46 | * 47 | * The results are stored in this class. All previously stored results 48 | * will be lost! 49 | * 50 | * @param mmv Verbatim output of 'oscap --v' to be processed 51 | */ 52 | void parse(const QString& mmv); 53 | 54 | /** 55 | * @brief Returns version of openscap that was detected 56 | */ 57 | const QString& getOpenSCAPVersion() const; 58 | 59 | /** 60 | * @brief Returns true if enough is supported for workbench to use the oscap 61 | * 62 | * This is a critical requirement, for very old oscap versions this will 63 | * return false and these versions just can't be used with the new 64 | * workbench! 65 | */ 66 | bool baselineSupport() const; 67 | 68 | /** 69 | * @brief Returns true if --progress flag is supported 70 | * 71 | * If the flag is not supported, we don't do any GUI progress reporting. 72 | */ 73 | bool progressReporting() const; 74 | 75 | /** 76 | * @brief Returns true of online remediation is supported 77 | * 78 | * Only returns true if --progress flag is supported and works correctly for online remediation 79 | * If the flag is not supported, we don't do any GUI progress reporting when remediating. 80 | */ 81 | bool onlineRemediation() const; 82 | 83 | /** 84 | * @brief Returns true if source datastreams are supported 85 | */ 86 | bool sourceDatastreams() const; 87 | 88 | /** 89 | * @brief Returns true if ARFs are supported as input 90 | */ 91 | bool ARFInput() const; 92 | 93 | /** 94 | * @brief Returns true if tailoring is supported to the full extent workbench requires 95 | * 96 | * This means that XCCDF 1.1 can take tailoring via the openscap extension and XCCDF 1.2 97 | * has proper tailoring including profile inheritance. 98 | */ 99 | bool tailoringSupport() const; 100 | 101 | const QString& XCCDFVersion() const; 102 | const QString& OVALVersion() const; 103 | const QString& CPEVersion() const; 104 | 105 | private: 106 | QString mVersion; 107 | 108 | bool mBaselineSupport; 109 | bool mProgressReporting; 110 | bool mOnlineRemediation; 111 | bool mSourceDataStreams; 112 | bool mARFInput; 113 | bool mTailoringSupport; 114 | bool mSCE; 115 | 116 | QString mXCCDFVersion; 117 | QString mOVALVersion; 118 | QString mCPEVersion; 119 | QString mSCEVersion; 120 | }; 121 | 122 | #endif 123 | -------------------------------------------------------------------------------- /include/OscapScannerBase.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_OSCAP_SCANNER_BASE_H_ 23 | #define SCAP_WORKBENCH_OSCAP_SCANNER_BASE_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include "Scanner.h" 28 | #include "OscapCapabilities.h" 29 | 30 | #include 31 | #include 32 | 33 | class OscapScannerBase : public Scanner 34 | { 35 | Q_OBJECT 36 | 37 | public: 38 | OscapScannerBase(); 39 | virtual ~OscapScannerBase(); 40 | 41 | virtual void cancel(); 42 | 43 | virtual void getResults(QByteArray& destination); 44 | virtual void getReport(QByteArray& destination); 45 | virtual void getARF(QByteArray& destination); 46 | 47 | protected: 48 | virtual void signalCompletion(bool canceled); 49 | 50 | bool checkPrerequisites(); 51 | QString surroundQuote(const QString& input)const; 52 | QStringList buildEvaluationArgs(const QString& inputFile, 53 | const QString& tailoringFile, 54 | const QString& resultFile, 55 | const QString& reportFile, 56 | const QString& arfFile, 57 | bool onlineRemediation, 58 | bool ignoreCapabilities = false) const; 59 | QStringList buildOfflineRemediationArgs(const QString& resultInputFile, 60 | const QString& resultFile, 61 | const QString& reportFile, 62 | const QString& arfFile, 63 | bool ignoreCapabilities = false) const; 64 | 65 | /// Last read rule id 66 | QString mLastRuleID; 67 | /// Last downloading file 68 | QString mLastDownloadingFile; 69 | 70 | enum ReadingState 71 | { 72 | RS_READING_PREFIX, 73 | RS_READING_RULE_RESULT, 74 | RS_READING_DOWNLOAD_FILE, 75 | RS_READING_DOWNLOAD_FILE_STATUS 76 | }; 77 | 78 | ReadingState mReadingState; 79 | 80 | enum MessageType 81 | { 82 | MSG_INFO, MSG_WARNING, MSG_ERROR, MSG_UNKNOWN 83 | }; 84 | 85 | virtual void filterStdErr(QString& errorText); 86 | void emitMessage(MessageType kind, QString& message); 87 | virtual void selectWarning(MessageType& kind, const QString& message); 88 | virtual void processWarning(QString& message); 89 | virtual void selectInfo(MessageType& kind, const QString& message); 90 | virtual void processInfo(QString& message); 91 | virtual void selectError(MessageType& kind, const QString& message); 92 | virtual void processError(QString& message); 93 | virtual void processUnknown(QString& message); 94 | 95 | /// We keep filling this buffer until we reach : or \n 96 | QString mReadBuffer; 97 | 98 | /** 99 | * @brief Tries to read something (at least one character) from stdout 100 | * 101 | * @note ReadChannel must be set properly before calling this method! 102 | * @returns false when there is nothing to be read, true otherwise 103 | * @see readStdOut 104 | */ 105 | bool tryToReadStdOutChar(QProcess& process); 106 | 107 | /** 108 | * @brief Reads as much as possible from stdout of given process 109 | */ 110 | void readStdOut(QProcess& process); 111 | void watchStdErr(QProcess& process); 112 | 113 | /** 114 | * @brief Converts OpenSCAP CLI messages to SCAP Workbench GUI messages. 115 | */ 116 | QString guiFriendlyMessage(const QString& cliMessage); 117 | 118 | bool mCancelRequested; 119 | 120 | OscapCapabilities mCapabilities; 121 | 122 | QByteArray mResults; 123 | QByteArray mReport; 124 | QByteArray mARF; 125 | }; 126 | 127 | #endif 128 | -------------------------------------------------------------------------------- /include/OscapScannerLocal.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_OSCAP_SCANNER_LOCAL_H_ 23 | #define SCAP_WORKBENCH_OSCAP_SCANNER_LOCAL_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include "OscapScannerBase.h" 27 | #include "Utils.h" 28 | 29 | 30 | class OscapScannerLocal : public OscapScannerBase 31 | { 32 | Q_OBJECT 33 | 34 | public: 35 | OscapScannerLocal(); 36 | virtual ~OscapScannerLocal(); 37 | 38 | virtual QStringList getCommandLineArgs() const; 39 | virtual void evaluate(); 40 | /** 41 | * @brief Return the executable name to execute and adjusts args if neccessary 42 | * (e.g. the executable is a launcher and s.a. 'nice' and the oscap itself 43 | * has to be added as an argument to it, i.e. prepended to args) 44 | * 45 | * @returns false when there is nothing to be read, true otherwise 46 | * @see readStdOut 47 | */ 48 | static QString getOscapProgramAndAdaptArgs(QStringList& args); 49 | 50 | private: 51 | static QString getPkexecOscapPath(); 52 | void fillInCapabilities(); 53 | 54 | void evaluateWithOfflineRemediation(); 55 | void evaluateWithOtherSettings(); 56 | static void setFilenameToTempFile(SpacelessQTemporaryFile& file); 57 | }; 58 | 59 | #endif 60 | -------------------------------------------------------------------------------- /include/OscapScannerRemoteSsh.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_OSCAP_SCANNER_REMOTE_SSH_H_ 23 | #define SCAP_WORKBENCH_OSCAP_SCANNER_REMOTE_SSH_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include "OscapScannerBase.h" 27 | #include "RemoteSsh.h" 28 | 29 | class OscapScannerRemoteSsh : public OscapScannerBase 30 | { 31 | Q_OBJECT 32 | 33 | public: 34 | static void splitTarget(const QString& in, QString& target, unsigned short& port, bool& userIsSudoer); 35 | 36 | OscapScannerRemoteSsh(); 37 | virtual ~OscapScannerRemoteSsh(); 38 | 39 | bool getUserIsSudoer() const; 40 | void setUserIsSudoer(bool userIsSudoer); 41 | virtual void setTarget(const QString& target); 42 | virtual void setSession(ScanningSession* session); 43 | 44 | virtual QStringList getCommandLineArgs() const; 45 | virtual void evaluate(); 46 | 47 | protected: 48 | 49 | virtual void selectError(MessageType& kind, const QString& message); 50 | virtual void processError(QString& message); 51 | 52 | private: 53 | void ensureConnected(); 54 | 55 | QString copyFileOver(const QString& localPath); 56 | QString copyInputFileOver(); 57 | 58 | QString createRemoteTemporaryFile(bool cancelOnFailure = true); 59 | QString createRemoteTemporaryDirectory(bool cancelOnFailure = true); 60 | 61 | QString readRemoteFile(const QString& path, const QString& desc); 62 | 63 | void removeRemoteFile(const QString& path, const QString& desc); 64 | void removeRemoteDirectory(const QString& path, const QString& desc); 65 | 66 | SshConnection mSshConnection; 67 | bool mUserIsSudoer; 68 | }; 69 | 70 | #endif 71 | -------------------------------------------------------------------------------- /include/ProcessHelpers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_PROCESS_HELPERS_H_ 23 | #define SCAP_WORKBENCH_PROCESS_HELPERS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include 27 | #include 28 | #include 29 | #include 30 | #include 31 | 32 | /// This class is never exposed, it is internal only 33 | class ProcessProgressDialog; 34 | 35 | /** 36 | * @brief Runs a process and pumps event queue of given thread 37 | */ 38 | class SyncProcess : public QObject 39 | { 40 | Q_OBJECT 41 | 42 | public: 43 | explicit SyncProcess(QObject* parent = 0); 44 | virtual ~SyncProcess(); 45 | 46 | /** 47 | * @brief Sets the main command (without arguments) 48 | * 49 | * This always needs to be called before the SyncProcess::run method is called. 50 | * Command is a strictly required property! 51 | */ 52 | void setCommand(const QString& command); 53 | 54 | /** 55 | * @brief Sets all passed arguments 56 | * 57 | * Default is empty. 58 | */ 59 | void setArguments(const QStringList& args); 60 | 61 | /** 62 | * @brief Sets the running environment 63 | * 64 | * Default is to inherit the system environment. 65 | */ 66 | void setEnvironment(const QProcessEnvironment& env); 67 | 68 | /** 69 | * @brief Sets the working directory 70 | * 71 | * Default is current working directory ("./") 72 | */ 73 | void setWorkingDirectory(const QString& dir); 74 | 75 | /** 76 | * @brief Sets external cancel request source (indirect) 77 | * 78 | * The only reason this exists is to accommodate the interface of OscapScannerBase. 79 | * We should move to the cancel() slot in the future. 80 | * @todo Get rid of this non-sense 81 | */ 82 | void setCancelRequestSource(bool* source); 83 | 84 | /** 85 | * @brief Runs the SyncProcess, blocks until the process exits 86 | * 87 | * @see SyncProcess::isRunning 88 | * @see SyncProcess::getExitCode 89 | */ 90 | void run(); 91 | 92 | /** 93 | * @brief Similar to SyncProcess::run, runs the process and shows a dialog of the progress 94 | * 95 | * This method has a limitation compared to SyncProcess::run in the fact that it does 96 | * not fill stdout and stderr outputs with the correct data. It's reading all output 97 | * and immediatelly showing it in the dialog, stdout and stderr will be empty after 98 | * this method finishes! 99 | */ 100 | QDialog* runWithDialog(QWidget* widgetParent, const QString& title, 101 | bool closeAfterFinished = false, bool modal = true); 102 | 103 | public slots: 104 | /** 105 | * @brief Requests cancellation 106 | * 107 | * Cancellation will not happen immediately! First SIGTERM is sent to the process. 108 | * If the process fails to respond and exit in 3 seconds SIGKILL is sent. 109 | */ 110 | void cancel(); 111 | 112 | public: 113 | bool isRunning() const; 114 | 115 | void setStdInFile(const QString& path); 116 | const QString& getStdInFile() const; 117 | 118 | int getExitCode() const; 119 | const QString& getStdOutContents() const; 120 | const QString& getStdErrContents() const; 121 | const QString& getDiagnosticInfo() const; 122 | 123 | protected: 124 | void startQProcess(QProcess& process); 125 | bool wasCancelRequested() const; 126 | 127 | virtual QString generateFullCommand() const; 128 | virtual QStringList generateFullArguments() const; 129 | virtual QProcessEnvironment generateFullEnvironment() const; 130 | virtual QString generateDescription() const; 131 | 132 | void readAllChannelsIntoDialog(QProcess& process, ProcessProgressDialog& dialog); 133 | 134 | QString mCommand; 135 | QStringList mArguments; 136 | QProcessEnvironment mEnvironment; 137 | QString mWorkingDirectory; 138 | 139 | /// How often do we poll for status, in msec 140 | unsigned int mPollInterval; 141 | /// How long will we wait for the process to exit after term is signaled, in msec 142 | unsigned int mTermLimit; 143 | 144 | bool mRunning; 145 | /// A crappy makeshift synchronization primitive. We should abolish this in the future. 146 | /// It works fine for now because we only change it from within the Qt event loop. 147 | bool* mCancelRequestSource; 148 | /// Was cancellation requested locally (cancel() slot) 149 | bool mLocalCancelRequested; 150 | 151 | QString mStdInFile; 152 | int mExitCode; 153 | QString mStdOutContents; 154 | QString mStdErrContents; 155 | QString mDiagnosticInfo; 156 | }; 157 | 158 | #endif 159 | -------------------------------------------------------------------------------- /include/RPMOpenHelper.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_RPM_OPEN_HELPER_H_ 23 | #define SCAP_WORKBENCH_RPM_OPEN_HELPER_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include "Utils.h" 27 | #include 28 | 29 | /** 30 | * @brief Creates local temporary directory with contents of given scap-workbench RPM 31 | * 32 | * The reason this class exists is because openscap API is quite limited when 33 | * it comes to input. It will only take file paths. 34 | * 35 | * Intended usage: 36 | * @code{.cpp} 37 | * // Assumes openscap 1.0 API. 38 | * struct xccdf_session* sess = 0; 39 | * { 40 | * RPMOpenHelper helper("some-packaged-scap-content-1.rpm"); 41 | * // helper automatically creates a temporary directory, extracts everything 42 | * // to it and stores the paths that can later be used 43 | * 44 | * sess = xccdf_session_new(helper.getInputPath()); 45 | * 46 | * if (helper.hasTailoring()) 47 | * xccdf_session_set_user_tailoring_file(sess, helper.getTailoringPath()); 48 | * 49 | * xccdf_session_load(sess); 50 | * } 51 | * 52 | * // At this point helper goes out of scope and the temporary directory is 53 | * // recursively deleted. However the session has been loaded and can still be used! 54 | * @endcode 55 | */ 56 | class RPMOpenHelper 57 | { 58 | public: 59 | explicit RPMOpenHelper(const QString& path); 60 | ~RPMOpenHelper(); 61 | 62 | const QString& getInputPath() const; 63 | bool hasTailoring() const; 64 | const QString& getTailoringPath() const; 65 | 66 | private: 67 | static QString getRPMExtractPath(); 68 | 69 | SpacelessQTemporaryDir mTempDir; 70 | 71 | QString mInputPath; 72 | QString mTailoringPath; 73 | }; 74 | 75 | #endif 76 | -------------------------------------------------------------------------------- /include/RemediationRoleSaver.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Matej Tyc 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_REMEDIATION_ROLE_SAVER_H_ 23 | #define SCAP_WORKBENCH_REMEDIATION_ROLE_SAVER_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include 29 | 30 | #include "OscapScannerLocal.h" 31 | #include "ScanningSession.h" 32 | 33 | 34 | /// Base for all remediation generators 35 | class RemediationSaverBase 36 | { 37 | public: 38 | RemediationSaverBase(QWidget* parentWindow, 39 | const QString& saveMessage, const QString& filetypeExtension, const QString& filetypeTemplate, const QString& fixType); 40 | void selectFilenameAndSaveRole(); 41 | 42 | protected: 43 | void saveFileError(const QString& filename, const QString& error_msg); 44 | void saveFileOK(const QString& filename); 45 | void removeFileWhenEmpty(const QString& filename); 46 | 47 | QWidget* mParentWindow; 48 | DiagnosticsDialog* mDiagnostics; 49 | 50 | const QString mSaveMessage; 51 | const QString mFiletypeExtension; 52 | const QString mFiletypeTemplate; 53 | const QString mTemplateString; 54 | 55 | 56 | private: 57 | virtual void saveToFile(const QString& filename) = 0; 58 | QString guessFilenameStem() const; 59 | }; 60 | 61 | 62 | /// Base for all profile-based remediation generators 63 | class ProfileBasedRemediationSaver : public RemediationSaverBase 64 | { 65 | public: 66 | ProfileBasedRemediationSaver(QWidget* parentWindow, ScanningSession* session, 67 | const QString& saveMessage, const QString& filetypeExtension, const QString& filetypeTemplate, const QString& fixType); 68 | 69 | private: 70 | virtual void saveToFile(const QString& filename); 71 | const ScanningSession* mScanningSession; 72 | }; 73 | 74 | 75 | class BashProfileRemediationSaver : public ProfileBasedRemediationSaver 76 | { 77 | public: 78 | BashProfileRemediationSaver(QWidget* parentWindow, ScanningSession* session); 79 | }; 80 | 81 | 82 | class AnsibleProfileRemediationSaver : public ProfileBasedRemediationSaver 83 | { 84 | public: 85 | AnsibleProfileRemediationSaver(QWidget* parentWindow, ScanningSession* session); 86 | }; 87 | 88 | 89 | class PuppetProfileRemediationSaver : public ProfileBasedRemediationSaver 90 | { 91 | public: 92 | PuppetProfileRemediationSaver(QWidget* parentWindow, ScanningSession* session); 93 | }; 94 | 95 | 96 | class ResultBasedLibraryRemediationSaver : public RemediationSaverBase 97 | { 98 | public: 99 | ResultBasedLibraryRemediationSaver(QWidget* parentWindow, const QByteArray& arfContents, const QString& tailoringFilePath, 100 | const QString& saveMessage, const QString& filetypeExtension, const QString& filetypeTemplate, const QString& fixType); 101 | 102 | private: 103 | virtual void saveToFile(const QString& filename); 104 | SpacelessQTemporaryFile mArfFile; 105 | QString tailoring; 106 | }; 107 | 108 | 109 | class BashResultRemediationSaver : public ResultBasedLibraryRemediationSaver 110 | { 111 | public: 112 | BashResultRemediationSaver(QWidget* parentWindow, const QByteArray& arfContents, const QString& tailoringFilePath); 113 | }; 114 | 115 | 116 | class AnsibleResultRemediationSaver : public ResultBasedLibraryRemediationSaver 117 | { 118 | public: 119 | AnsibleResultRemediationSaver(QWidget* parentWindow, const QByteArray& arfContents, const QString& tailoringFilePath); 120 | }; 121 | 122 | 123 | class PuppetResultRemediationSaver : public ResultBasedLibraryRemediationSaver 124 | { 125 | public: 126 | PuppetResultRemediationSaver(QWidget* parentWindow, const QByteArray& arfContents, const QString& tailoringFilePath); 127 | }; 128 | 129 | 130 | #endif // SCAP_WORKBENCH_REMEDIATION_ROLE_SAVER_H_ 131 | -------------------------------------------------------------------------------- /include/RemoteMachineComboBox.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_REMOTE_MACHINE_COMBOBOX_H_ 23 | #define SCAP_WORKBENCH_REMOTE_MACHINE_COMBOBOX_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include 29 | #include 30 | #include 31 | #include 32 | 33 | #include "ui_RemoteMachineComboBox.h" 34 | 35 | class RemoteMachineComboBox : public QWidget 36 | { 37 | Q_OBJECT 38 | 39 | public: 40 | explicit RemoteMachineComboBox(QWidget* parent = 0); 41 | virtual ~RemoteMachineComboBox(); 42 | 43 | QString getTarget() const; 44 | 45 | void setRecentMachineCount(unsigned int count); 46 | unsigned int getRecentMachineCount() const; 47 | bool userIsSudoer() const; 48 | 49 | public slots: 50 | void notifyTargetUsed(const QString& target, bool userIsSudoer); 51 | void clearHistory(); 52 | 53 | protected slots: 54 | void updateHostPort(int index); 55 | 56 | private: 57 | void syncFromQSettings(); 58 | void syncToQSettings(); 59 | 60 | void syncRecentMenu(); 61 | 62 | /// UI designed in Qt Designer 63 | Ui_RemoteMachineComboBox mUI; 64 | 65 | QSettings* mQSettings; 66 | 67 | QStringList mRecentTargets; 68 | QComboBox* mRecentComboBox; 69 | QCheckBox* mUserIsSudoer; 70 | }; 71 | 72 | #endif 73 | -------------------------------------------------------------------------------- /include/RemoteSsh.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_REMOTE_SSH_H_ 23 | #define SCAP_WORKBENCH_REMOTE_SSH_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include "ProcessHelpers.h" 27 | #include "Utils.h" 28 | #include 29 | 30 | class SshConnection : public QObject 31 | { 32 | Q_OBJECT 33 | 34 | public: 35 | explicit SshConnection(QObject* parent = 0); 36 | virtual ~SshConnection(); 37 | 38 | /** 39 | * @brief Sets ssh target in the form of username@hostname 40 | */ 41 | void setTarget(const QString& target); 42 | const QString& getTarget() const; 43 | 44 | void setPort(unsigned short port); 45 | unsigned short getPort() const; 46 | 47 | void setCancelRequestSource(bool* source); 48 | 49 | void connect(); 50 | void disconnect(); 51 | bool isConnected() const; 52 | 53 | const QString& _getControlSocket() const; 54 | const QProcessEnvironment& _getEnvironment() const; 55 | 56 | private: 57 | QString mTarget; 58 | unsigned short mPort; 59 | 60 | SpacelessQTemporaryDir* mSocketDir; 61 | QString mControlSocket; 62 | QProcessEnvironment mEnvironment; 63 | 64 | bool mConnected; 65 | 66 | bool* mCancelRequestSource; 67 | }; 68 | 69 | class SshSyncProcess : public SyncProcess 70 | { 71 | Q_OBJECT 72 | 73 | public: 74 | explicit SshSyncProcess(SshConnection& connection, QObject* parent = 0); 75 | virtual ~SshSyncProcess(); 76 | 77 | protected: 78 | virtual QString generateFullCommand() const; 79 | virtual QStringList generateFullArguments() const; 80 | virtual QProcessEnvironment generateFullEnvironment() const; 81 | virtual QString generateDescription() const; 82 | 83 | SshConnection& mSshConnection; 84 | }; 85 | 86 | #endif 87 | -------------------------------------------------------------------------------- /include/ResultViewer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_RESULT_VIEWER_H_ 23 | #define SCAP_WORKBENCH_RESULT_VIEWER_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include "Utils.h" 27 | 28 | #include 29 | #include 30 | #include 31 | #include 32 | 33 | extern "C" 34 | { 35 | #include 36 | } 37 | 38 | #include "ui_ResultViewer.h" 39 | 40 | /** 41 | * @brief Handles all result and report viewing/saving 42 | * 43 | * This is a final class and is not supposed to be inherited. 44 | */ 45 | class ResultViewer : public QWidget 46 | { 47 | Q_OBJECT 48 | 49 | public: 50 | explicit ResultViewer(QWidget* parent = 0); 51 | virtual ~ResultViewer(); 52 | 53 | /** 54 | * @brief Clears all kept content 55 | */ 56 | void clear(); 57 | 58 | /** 59 | * @brief Loads and keeps results and report in given scanner 60 | */ 61 | void loadContent(Scanner* scanner); 62 | 63 | /** 64 | * @brief Retrieve currently loaded ARF 65 | * 66 | * This can be used to perform offline remediation for example. 67 | */ 68 | const QByteArray& getARF() const; 69 | 70 | private slots: 71 | /// Pops up a save dialog for HTML report 72 | void saveReport(); 73 | /// Opens the HTML report using Qt desktop services 74 | void openReport(); 75 | /// Pops up a save dialog for XCCDF result file 76 | void saveResults(); 77 | /// Pops up a save dialog for ARF / result datastream 78 | void saveARF(); 79 | 80 | /// Pops up a save dialog for a bash remediation 81 | void generateBashRemediationRole(); 82 | /// Pops up a save dialog for an ansible remediation 83 | void generateAnsibleRemediationRole(); 84 | /// Pops up a save dialog for a puppet remediation 85 | void generatePuppetRemediationRole(); 86 | 87 | private: 88 | Ui_ResultViewer mUI; 89 | 90 | QAction* mSaveResultsAction; 91 | QAction* mSaveARFAction; 92 | QAction* mSaveReportAction; 93 | QMenu* mSaveMenu; 94 | 95 | QString mInputBaseName; 96 | 97 | QByteArray mResults; 98 | QByteArray mReport; 99 | /// If user requests to open the file via desktop services 100 | SpacelessQTemporaryFile* mReportFile; 101 | QByteArray mARF; 102 | 103 | QString tailoringFilePath; 104 | }; 105 | 106 | #endif 107 | -------------------------------------------------------------------------------- /include/RuleResultItem.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_RULE_RESULTS_ITEM_H_ 23 | #define SCAP_WORKBENCH_RULE_RESULTS_ITEM_H_ 24 | 25 | #include 26 | #include "ui_RuleResultItem.h" 27 | 28 | class RuleResultItem : public QWidget 29 | { 30 | Q_OBJECT 31 | 32 | public: 33 | explicit RuleResultItem(struct xccdf_rule* rule, struct xccdf_policy* policy, QWidget* parent = 0); 34 | virtual ~RuleResultItem(); 35 | 36 | void setRuleResult(const QString& result); 37 | bool hasRuleResult() const; 38 | 39 | void setRuleResultChecked(bool checked); 40 | 41 | bool isChecked(); 42 | 43 | signals: 44 | void ruleResultDescriptionToggled(bool checked); 45 | 46 | private slots: 47 | void showDescriptionToggled(bool checked); 48 | 49 | private: 50 | Ui_RuleResultItem mUi; 51 | QString mDescriptionHTML; 52 | }; 53 | 54 | #endif 55 | -------------------------------------------------------------------------------- /include/RuleResultsTree.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_RULE_RESULTS_TREE_H_ 23 | #define SCAP_WORKBENCH_RULE_RESULTS_TREE_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include 27 | 28 | #include "ui_RuleResultsTree.h" 29 | 30 | /** 31 | * @brief GUI element that shows both currently selected rules and their results 32 | * 33 | * At first glance it might seem odd that a single widget has these two responsibilities, 34 | * but from a UX standapoint it makes sense. It allows for useful features - users can 35 | * browse descriptions while scan is underway. The state of expanded/collapsed descriptions 36 | * is persisted even after scan finishes. 37 | */ 38 | class RuleResultsTree : public QWidget 39 | { 40 | Q_OBJECT 41 | 42 | public: 43 | explicit RuleResultsTree(QWidget* parent = 0); 44 | virtual ~RuleResultsTree(); 45 | 46 | /** 47 | * @brief Sets the state of the tree to be consistent with rules selected 48 | * 49 | * @param scanningSession Session from which we will determine which rules are selected 50 | */ 51 | void refreshSelectedRules(ScanningSession* scanningSession); 52 | 53 | /** 54 | * @brief How many rules does RuleResultTree think are selected? 55 | * 56 | * Current implementation returns the amount of top-level items in the tree widget. 57 | */ 58 | unsigned int getSelectedRulesCount(); 59 | 60 | /** 61 | * @brief If any results are recorded for any rules, this method purges them - sets them to "" 62 | */ 63 | void clearResults(); 64 | 65 | /** 66 | * @brief Do we have a record of a valid result for given ruleID 67 | * 68 | * Valid result means something other than empty. Even "fail" rules are valid results 69 | * in this context! 70 | */ 71 | bool hasRuleResult(const QString& ruleID) const; 72 | 73 | /** 74 | * @brief Records given result for given rule ID 75 | * 76 | * This is called from the MainWindow as results are gathered for more and more rules. 77 | * 78 | * @note 79 | * Passing "" as result clears the previous result, hasRuleResult(ruleID) will return 80 | * false after you inject "" result. 81 | * 82 | * @see RuleResultTree::clearResults 83 | */ 84 | void injectRuleResult(const QString& ruleID, const QString& result); 85 | 86 | /** 87 | * Reserved method to prepare RuleResultsTree for scanning. 88 | * 89 | * This may do something useful or fancy in the future. Right now it does nothing. 90 | */ 91 | void prepareForScanning(); 92 | 93 | /** 94 | * @brief Toggles expanded/collapsed state of RuleResults 95 | */ 96 | void toggleAllRuleResultDescription(bool checked); 97 | 98 | public slots: 99 | /** 100 | * @brief Checks if all RuleResults are expanded or collapsed 101 | * 102 | * If all RuleResults are expanded or collapsed allRuleResultsExpanded signal 103 | * is emitted. 104 | */ 105 | void checkRuleResultsExpanded(bool lastAction); 106 | 107 | signals: 108 | /** 109 | * @brief This is signaled when all RuleResults are either expanded or collapsed 110 | * 111 | * We signal this when a RuleResult has been expanded or collapse by user click 112 | * and as a result all RuleResults are now expanded or collapsed. 113 | */ 114 | void allRuleResultsExpanded(bool checked); 115 | 116 | private: 117 | void clearAllItems(); 118 | 119 | Ui_RuleResultsTree mUI; 120 | QVBoxLayout* mInternalLayout; 121 | 122 | typedef std::map RuleIdToWidgetItemMap; 123 | /// A map to get tree widget items for given rule IDs, refreshSelectedRules changes this 124 | RuleIdToWidgetItemMap mRuleIdToWidgetItemMap; 125 | }; 126 | 127 | #endif 128 | -------------------------------------------------------------------------------- /include/SSGIntegrationDialog.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_SSG_INTEGRATION_DIALOG_H_ 23 | #define SCAP_WORKBENCH_SSG_INTEGRATION_DIALOG_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | 29 | extern "C" 30 | { 31 | #include 32 | } 33 | 34 | #include "ui_SSGIntegrationDialog.h" 35 | 36 | class SSGIntegrationDialog : public QDialog 37 | { 38 | Q_OBJECT 39 | 40 | public: 41 | explicit SSGIntegrationDialog(QWidget* parent = 0); 42 | virtual ~SSGIntegrationDialog(); 43 | 44 | void setDismissLabel(const QString& label); 45 | 46 | const QString& getSelectedSSGFile() const; 47 | bool loadOtherContentSelected(); 48 | 49 | static bool isSSGAvailable(); 50 | 51 | private slots: 52 | void loadContent(); 53 | 54 | private: 55 | void scrapeSSGVariants(); 56 | 57 | Ui_SSGIntegrationDialog mUI; 58 | QString mSelectedSSGFile; 59 | bool loadOtherContent; 60 | }; 61 | 62 | #endif 63 | -------------------------------------------------------------------------------- /include/SaveAsRPMDialog.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_SAVE_AS_RPM_DIALOG_H_ 23 | #define SCAP_WORKBENCH_SAVE_AS_RPM_DIALOG_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include "ui_SaveAsRPMDialog.h" 29 | 30 | /** 31 | * @brief Provides options such as package name, version, summary, etc... when saving SCAP as RPM 32 | * 33 | * Internally this uses the scap-as-rpm script shipped in openscap. 34 | * 35 | * @note Please use the SaveAsRPMDialog::saveSession static method where possible. 36 | */ 37 | class SaveAsRPMDialog : public QDialog 38 | { 39 | Q_OBJECT 40 | 41 | private: 42 | explicit SaveAsRPMDialog(ScanningSession* session, MainWindow* parent); 43 | virtual ~SaveAsRPMDialog(); 44 | 45 | public: 46 | /** 47 | * @brief Provides a dialog to the user to save given session 48 | * 49 | * @param session Session to save 50 | * @param parent Parent main window 51 | */ 52 | static void saveSession(ScanningSession* session, MainWindow* parent); 53 | 54 | private slots: 55 | void slotFinished(int result); 56 | 57 | private: 58 | MainWindow* mMainWindow; 59 | Ui_SaveAsRPMDialog mUI; 60 | 61 | ScanningSession* mScanningSession; 62 | }; 63 | 64 | #endif 65 | -------------------------------------------------------------------------------- /include/TailorProfileDialog.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 - 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_TAILOR_PROFILE_DIALOG_H_ 23 | #define SCAP_WORKBENCH_TAILOR_PROFILE_DIALOG_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include 27 | #include 28 | 29 | #include "ui_TailorProfileDialog.h" 30 | 31 | class TailorProfileDialog : public QDialog 32 | { 33 | Q_OBJECT 34 | 35 | public: 36 | TailorProfileDialog(const QString& startId, bool xccdf12, QWidget* parent = 0); 37 | virtual ~TailorProfileDialog(); 38 | 39 | QString getProfileID() const; 40 | 41 | private slots: 42 | void onIdLineEditChanged(const QString& newText); 43 | 44 | private: 45 | /// UI designed in Qt Designer 46 | Ui_TailorProfileDialog mUI; 47 | QRegExp mRegexp; 48 | 49 | static const QString XCCDF11ProfileIDRegExp; 50 | static const QString XCCDF12ProfileIDRegExp; 51 | }; 52 | 53 | #endif 54 | -------------------------------------------------------------------------------- /include/TailoringDockWidgets.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_TAILORING_DOCK_WIDGETS_H_ 23 | #define SCAP_WORKBENCH_TAILORING_DOCK_WIDGETS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | #include 27 | 28 | extern "C" 29 | { 30 | #include 31 | #include 32 | } 33 | 34 | #include "ui_ProfilePropertiesDockWidget.h" 35 | #include "ui_XCCDFItemPropertiesDockWidget.h" 36 | 37 | /** 38 | * @brief Displays profile properties and allows editing of profile title 39 | */ 40 | class ProfilePropertiesDockWidget : public QDockWidget 41 | { 42 | Q_OBJECT 43 | 44 | public: 45 | explicit ProfilePropertiesDockWidget(TailoringWindow* window, QWidget* parent = 0); 46 | virtual ~ProfilePropertiesDockWidget(); 47 | 48 | /** 49 | * @brief Takes profile's current ID and title and sets both QLineEdit widgets accordingly 50 | */ 51 | void refresh(); 52 | 53 | protected slots: 54 | void profileTitleChanged(const QString& newTitle); 55 | void profileDescriptionChanged(); 56 | 57 | protected: 58 | /// Prevents a redo command being created when actions are undone or redone 59 | bool mRefreshInProgress; 60 | 61 | /// UI designed in Qt Designer 62 | Ui_ProfilePropertiesDockWidget mUI; 63 | 64 | /// Owner TailoringWindow that provides profile for editing/viewing 65 | TailoringWindow* mWindow; 66 | }; 67 | 68 | /** 69 | * @brief Provides reference about currently selected XCCDF item 70 | */ 71 | class XCCDFItemPropertiesDockWidget : public QDockWidget 72 | { 73 | Q_OBJECT 74 | 75 | public: 76 | explicit XCCDFItemPropertiesDockWidget(TailoringWindow* window, QWidget* parent = 0); 77 | virtual ~XCCDFItemPropertiesDockWidget(); 78 | 79 | /** 80 | * @brief Changes currently inspected XCCDF item 81 | * 82 | * @note This method automatically calls refresh to load new data 83 | */ 84 | void setXccdfItem(struct xccdf_item* item, struct xccdf_policy* policy); 85 | 86 | /** 87 | * @brief Loads properties from currently set XCCDF items and sets widgets accordingly 88 | */ 89 | void refresh(); 90 | 91 | protected slots: 92 | void valueChanged(const QString& newValue); 93 | void selectValue(const QUrl& url); 94 | void selectRule(const QUrl& url); 95 | 96 | protected: 97 | /// UI designed in Qt Designer 98 | Ui_XCCDFItemPropertiesDockWidget mUI; 99 | 100 | /// Currently inspected XCCDF item 101 | struct xccdf_item* mXccdfItem; 102 | struct xccdf_policy* mXccdfPolicy; 103 | 104 | bool mRefreshInProgress; 105 | 106 | /// Owner TailoringWindow that provides title and description for items 107 | TailoringWindow* mWindow; 108 | }; 109 | 110 | #endif 111 | -------------------------------------------------------------------------------- /include/TailoringUndoCommands.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_TAILORING_UNDO_COMMANDS_H_ 23 | #define SCAP_WORKBENCH_TAILORING_UNDO_COMMANDS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include 29 | 30 | extern "C" 31 | { 32 | #include 33 | #include 34 | } 35 | 36 | /** 37 | * @brief Stores info about one selection or deselection of an XCCDF item 38 | */ 39 | class XCCDFItemSelectUndoCommand : public QUndoCommand 40 | { 41 | public: 42 | XCCDFItemSelectUndoCommand(TailoringWindow* window, QTreeWidgetItem* item, bool newSelect); 43 | virtual ~XCCDFItemSelectUndoCommand(); 44 | 45 | virtual int id() const; 46 | 47 | virtual void redo(); 48 | virtual void undo(); 49 | 50 | private: 51 | void refreshText(); 52 | 53 | TailoringWindow* mWindow; 54 | 55 | QTreeWidgetItem* mTreeItem; 56 | /// selection state after this undo command is "redone" (applied) 57 | bool mNewSelect; 58 | }; 59 | 60 | /** 61 | * @brief Stores info about refinement of xccdf:Value's value 62 | */ 63 | class XCCDFValueChangeUndoCommand : public QUndoCommand 64 | { 65 | public: 66 | XCCDFValueChangeUndoCommand(TailoringWindow* window, struct xccdf_value* xccdfValue, const QString& newValue, const QString& oldValue); 67 | virtual ~XCCDFValueChangeUndoCommand(); 68 | 69 | virtual int id() const; 70 | 71 | virtual bool mergeWith(const QUndoCommand* other); 72 | 73 | virtual void redo(); 74 | virtual void undo(); 75 | 76 | private: 77 | void refreshText(); 78 | 79 | TailoringWindow* mWindow; 80 | 81 | struct xccdf_value* mXccdfValue; 82 | /// value after this undo command is "redone" (applied) 83 | QString mNewValue; 84 | /// value after this undo command is "undone" 85 | QString mOldValue; 86 | }; 87 | 88 | /** 89 | * @brief Stores XCCDF profile title change undo info 90 | */ 91 | class ProfileTitleChangeUndoCommand : public QUndoCommand 92 | { 93 | public: 94 | ProfileTitleChangeUndoCommand(TailoringWindow* window, const QString& oldTitle, const QString& newTitle); 95 | virtual ~ProfileTitleChangeUndoCommand(); 96 | 97 | virtual int id() const; 98 | 99 | virtual void redo(); 100 | virtual void undo(); 101 | 102 | virtual bool mergeWith(const QUndoCommand* other); 103 | 104 | private: 105 | void refreshText(); 106 | 107 | TailoringWindow* mWindow; 108 | 109 | QString mOldTitle; 110 | QString mNewTitle; 111 | }; 112 | 113 | /** 114 | * @brief Stores XCCDF profile description change undo info 115 | */ 116 | class ProfileDescriptionChangeUndoCommand : public QUndoCommand 117 | { 118 | public: 119 | ProfileDescriptionChangeUndoCommand(TailoringWindow* window, const QString& oldDesc, const QString& newDesc); 120 | virtual ~ProfileDescriptionChangeUndoCommand(); 121 | 122 | virtual int id() const; 123 | 124 | virtual void redo(); 125 | virtual void undo(); 126 | 127 | virtual bool mergeWith(const QUndoCommand* other); 128 | 129 | private: 130 | void refreshText(); 131 | 132 | TailoringWindow* mWindow; 133 | 134 | QString mOldDesc; 135 | QString mNewDesc; 136 | }; 137 | 138 | #endif 139 | -------------------------------------------------------------------------------- /include/Utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #ifndef SCAP_WORKBENCH_UTILS_H_ 23 | #define SCAP_WORKBENCH_UTILS_H_ 24 | 25 | #include "ForwardDecls.h" 26 | 27 | #include 28 | #include 29 | #include 30 | #include 31 | #include 32 | #include 33 | 34 | /** 35 | * @brief Retrieves QDir representing the share directory 36 | * 37 | * For installed scap-workbench the output's path usually looks like this: 38 | * "$INSTALL_PREFIX/share/scap-workbench", e.g.: /usr/share/scap-workbench 39 | * 40 | * If workbench has not been installed and is being run using the runwrapper.sh 41 | * script, the path will be different and will point to the data location 42 | * in the repository. 43 | * 44 | * Avoid using hardcoded paths in the codebase and always use paths relative 45 | * to the share path. 46 | * 47 | * @exception nothrow This function is guaranteed to not throw any exceptions. 48 | */ 49 | const QDir& getShareDirectory(); 50 | 51 | /** 52 | * @brief Retrieves QDir representing the doc directory 53 | * 54 | * For installed scap-workbench the output's path usually looks like this: 55 | * "$INSTALL_PREFIX/share/doc/scap-workbench", e.g.: /usr/share/doc/scap-workbench 56 | * 57 | * If workbench has not been installed and is being run using the runwrapper.sh 58 | * script, the path will be different and will point to the data location 59 | * in the repository. 60 | * 61 | * Avoid using hardcoded paths in the codebase and always use paths relative 62 | * to the doc path. 63 | * 64 | * @exception nothrow This function is guaranteed to not throw any exceptions. 65 | */ 66 | const QDir& getDocDirectory(); 67 | 68 | /** 69 | * @brief Retrieves QDir representing the SSG directory 70 | * 71 | * For installed scap-workbench the output's path usually looks like this: 72 | * "/$INSTALL_PREFIX/share/xml/scap/ssg", e.g.: /usr/share/xml/scap/ssg 73 | * 74 | * Avoid using hardcoded paths in the codebase and always use paths relative 75 | * to the doc path. 76 | * 77 | * @exception nothrow This function is guaranteed to not throw any exceptions. 78 | */ 79 | const QDir& getSSGDirectory(); 80 | 81 | /** 82 | * @brief Constructs a QIcon from image of given filename 83 | * 84 | * This function looks for the file in the icon folder in workbench's share path. 85 | * Using this function to get an icon is preferable to constructing it manually. 86 | * 87 | * @exception nothrow This function is guaranteed to not throw any exceptions. 88 | * @note This function will write a warning to stderr in case the icon cannot be loaded. 89 | */ 90 | QIcon getShareIcon(const QString& fileName); 91 | QPixmap getSharePixmap(const QString& fileName); 92 | 93 | /** 94 | * @brief Retrieves the global application icon 95 | * 96 | * @exception nothrow This function is guaranteed to not throw any exceptions. 97 | * @note This function will write a warning to stderr in case the icon cannot be loaded. 98 | */ 99 | const QIcon& getApplicationIcon(); 100 | 101 | /** 102 | * @brief Retrieves the QDir representing the directory with translations 103 | * 104 | * @exception nothrow This function is guaranteed to not throw any exceptions. 105 | */ 106 | const QDir& getShareTranslationDirectory(); 107 | 108 | /** 109 | * @brief Calls QDesktopServices::openUrl, shows a message box in case of failure 110 | * 111 | * @param url URL to open 112 | */ 113 | void openUrlGuarded(const QUrl& url); 114 | 115 | /** 116 | * @brief Retrieves path to setsid 117 | */ 118 | const QString& getSetSidPath(); 119 | 120 | class SpacelessQTemporaryFile: public QTemporaryFile { 121 | public: 122 | SpacelessQTemporaryFile (); 123 | }; 124 | 125 | class SpacelessQTemporaryDir: public QTemporaryDir { 126 | public: 127 | SpacelessQTemporaryDir (); 128 | }; 129 | 130 | #endif 131 | -------------------------------------------------------------------------------- /man/scap-workbench.8: -------------------------------------------------------------------------------- 1 | .TH scap-workbench "8" "October 2018" "Red Hat" "System Administration Utilities" 2 | 3 | .SH NAME 4 | scap\-workbench \- GUI tool for systems compliance evaluation 5 | 6 | .SH SYNOPSIS 7 | \fBscap\-workbench\fR [options] [\fIXCCDF_FILE\fR] 8 | 9 | .SH DESCRIPTION 10 | SCAP Workbench is GUI tool for security compliance checking. Compliance can be 11 | described with SCAP standards - XCCDF and OVAL. 12 | 13 | This tool enables users to: 14 | .RS 15 | * evaluate local and/or remote machines using SCAP content \fB(scanning)\fR 16 | * perform remediation on both local and remote machines \fB(remediation)\fR 17 | * adjust XCCDF scanning profiles \fB(tailoring)\fR 18 | * generate Bash scripts and Ansible playbooks 19 | 20 | .SH OPTIONS 21 | .TP 22 | \fB\-\-help 23 | Shows help. 24 | .TP 25 | \fB\-\-version\fR 26 | Displays version information. 27 | .TP 28 | \fB\-\-skip\-valid\fR 29 | If this option is provided openscap validation will not be performed. 30 | This is recommended only for advanced users and may cause OpenSCAP or SCAP Workbench 31 | to crash! 32 | .TP 33 | \fB\-\-tailoring TAILORING_FILE 34 | Opens the given tailoring (customization) file after the given XCCDF or SDS file is loaded. 35 | .TP 36 | \fBXCCDF_FILE\fR 37 | If this parameter is provided the scanner will immediately open given XCCDF or 38 | source datastream (SDS) file after it starts. 39 | 40 | .SH SCAP CONTENT 41 | SCAP content is provided by the OpenSCAP project in the \fBscap\-security\-guide\fR package. 42 | 43 | Other sources of SCAP content are: 44 | .TP 45 | \fBNational Vulnerability Database\fR - \fIhttp://web.nvd.nist.gov/view/ncp/repository\fR 46 | .TP 47 | \fBRed Hat content repository\fR - \fIhttp://www.redhat.com/security/data/oval/\fR 48 | 49 | .SH AUTHORS 50 | 51 | .nf 52 | Martin Preisler 53 | .fi 54 | 55 | .SH NOTES 56 | SCAP Workbench uses the OpenSCAP library, see \fIhttp://www.open-scap.org\fR 57 | 58 | .SH SEE ALSO 59 | oscap(8) 60 | -------------------------------------------------------------------------------- /org.open_scap.scap_workbench.appdata.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | org.open_scap.scap_workbench 4 | CC0-1.0 5 | GPL-3.0+ 6 | SCAP Workbench 7 | A GUI tool that serves as an SCAP scanner and provides tailoring functionality for SCAP content 8 | org.open_scap.scap_workbench.desktop 9 | 10 |

11 | The main goal of this application is to lower the initial barrier of using SCAP. 12 | Therefore, the scope of very narrow - SCAP Workbench only scans a single machine and only with XCCDF/SDS (no direct OVAL evaluation). 13 | The assumption is that this is enough for users who want to scan a few machines and users with huge amount of machines to scan will just use scap-workbench to test or hand-tune their content before deploying it with more advanced (and harder to use) tools like spacewalk. 14 |

15 |

Feature highlights:

16 |
    17 |
  • XCCDF 1.1 and 1.2 support
    • 18 |
  • Source Data Stream 1.2 support
    • 19 |
  • XCCDF 1.2 Tailoring file support
    • 20 |
  • Evaluation of local machine
    • 21 |
  • Evaluation of remote machine (using ssh)
    • 22 |
  • Limited tailoring support - selection and unselection
    • 23 |
  • Saving results as XCCDF 1.1 or 1.2 (depending on input) or ARF 1.1
    • 24 |
25 | 26 | 27 | 28 | https://github.com/OpenSCAP/scap-workbench/raw/v1-1/doc/user_manual/default_content_opened.png 29 | 30 | 31 | https://github.com/OpenSCAP/scap-workbench/raw/v1-1/doc/user_manual/intro_screenshot.png 32 | 33 | 34 | https://github.com/OpenSCAP/scap-workbench/raw/v1-1/doc/user_manual/tailoring_undo_history.png 35 | 36 | 37 | https://www.open-scap.org/tools/scap-workbench 38 | open-scap-list@redhat.com 39 | 40 | -------------------------------------------------------------------------------- /org.open_scap.scap_workbench.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Type=Application 4 | Name=SCAP Workbench 5 | GenericName=SCAP Scanner and Profile Editor 6 | Comment=GUI tool that allows scanning both local and remote computers using SCAP content of your choice 7 | TryExec=scap-workbench 8 | Exec=scap-workbench 9 | Icon=scap-workbench 10 | Categories=System;Security; 11 | Keywords=SCAP; 12 | -------------------------------------------------------------------------------- /osx-create-dmg.sh.in: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -ex 4 | 5 | # Original by Andy Maloney 6 | # http://asmaloney.com/2013/07/howto/packaging-a-mac-os-x-application-using-a-dmg/ 7 | # Changes specific to SCAP Workbench by Martin Preisler 8 | 9 | # set up your app name, version number, and background image file name 10 | APP_NAME="scap-workbench" 11 | VERSION="@SCAP_WORKBENCH_VERSION@" 12 | DMG_BACKGROUND_IMG="@CMAKE_SOURCE_DIR@/osx-dmg-background.png" 13 | 14 | # you should not need to change these 15 | APP_EXE="@CMAKE_BINARY_DIR@/${APP_NAME}.app/Contents/MacOS/${APP_NAME}" 16 | 17 | # make sure Qt frameworks are included 18 | macdeployqt @CMAKE_BINARY_DIR@/${APP_NAME}.app 19 | 20 | VOL_NAME="${APP_NAME}-${VERSION}" # volume name will be "SuperCoolApp-1.0.0" 21 | DMG_TMP="${VOL_NAME}-temp.dmg" 22 | DMG_FINAL="${VOL_NAME}.dmg" # final DMG name will be "SuperCoolApp-1.0.0.dmg" 23 | STAGING_DIR="@CMAKE_BINARY_DIR@/OSX-DMG-TEMP" # we copy all our stuff into this dir 24 | 25 | # Check the background image DPI and convert it if it isn't 72x72 26 | _BACKGROUND_IMAGE_DPI_H=`sips -g dpiHeight ${DMG_BACKGROUND_IMG} | grep -Eo '[0-9]+\.[0-9]+'` 27 | _BACKGROUND_IMAGE_DPI_W=`sips -g dpiWidth ${DMG_BACKGROUND_IMG} | grep -Eo '[0-9]+\.[0-9]+'` 28 | 29 | if [ $(echo " $_BACKGROUND_IMAGE_DPI_H != 72.0 " | bc) -eq 1 -o $(echo " $_BACKGROUND_IMAGE_DPI_W != 72.0 " | bc) -eq 1 ]; then 30 | echo "WARNING: The background image's DPI is not 72. This will result in distorted backgrounds on Mac OS X 10.7+." 31 | echo " I will convert it to 72 DPI for you." 32 | _DMG_BACKGROUND_TMP="${DMG_BACKGROUND_IMG%.*}"_dpifix."${DMG_BACKGROUND_IMG##*.}" 33 | sips -s dpiWidth 72 -s dpiHeight 72 ${DMG_BACKGROUND_IMG} --out ${_DMG_BACKGROUND_TMP} 34 | DMG_BACKGROUND_IMG="${_DMG_BACKGROUND_TMP}" 35 | fi 36 | 37 | # clear out any old data 38 | rm -rf "${STAGING_DIR}" "${DMG_TMP}" "${DMG_FINAL}" 39 | 40 | # copy over the stuff we want in the final disk image to our staging dir 41 | mkdir -p "${STAGING_DIR}" 42 | cp -rpf "${APP_NAME}.app" "${STAGING_DIR}" 43 | # ... cp anything else you want in the DMG - documentation, etc. 44 | 45 | pushd "${STAGING_DIR}" 46 | 47 | # strip the executable 48 | echo "Stripping ${APP_EXE}..." 49 | strip -u -r "${APP_EXE}" 50 | 51 | # compress the executable if we have upx in PATH 52 | # UPX: http://upx.sourceforge.net/ 53 | if hash upx 2>/dev/null; then 54 | echo "Compressing (UPX) ${APP_EXE}..." 55 | upx -9 "${APP_EXE}" 56 | fi 57 | 58 | # ... perform any other stripping/compressing of libs and executables 59 | 60 | popd 61 | 62 | #------------- Updated section to support creating a dmg in macOS 10.13+ -------------# 63 | # Changes made by Carlos Matos scapwb.json 73 | { 74 | "title": "SCAP Workbench", 75 | "background": "${DMG_BACKGROUND_IMG}", 76 | "format": "UDZO", 77 | "window": { "position": { "x": 300, "y": 300 } }, 78 | "contents": [ 79 | { "x": 360, "y": 225, "type": "link", "path": "/Applications" }, 80 | { "x": 160, "y": 225, "type": "file", "path": "${STAGING_DIR}/${APP_NAME}.app" } 81 | ] 82 | } 83 | EOF 84 | 85 | echo "Creating customized DMG image..." 86 | appdmg scapwb.json ${DMG_FINAL} 87 | 88 | echo 'Done.' 89 | 90 | exit 91 | -------------------------------------------------------------------------------- /osx-dmg-background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/osx-dmg-background.png -------------------------------------------------------------------------------- /runwrapper.sh.in: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2015 Red Hat Inc., Durham, North Carolina. 4 | # All Rights Reserved. 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | s="@CMAKE_SOURCE_DIR@" 20 | 21 | export SCAP_WORKBENCH_PKEXEC_OSCAP_PATH=$s/scap-workbench-pkexec-oscap.sh 22 | export SCAP_WORKBENCH_RPM_EXTRACT_PATH=$s/scap-workbench-rpm-extract.sh 23 | export SCAP_WORKBENCH_ICON=$s/share/pixmaps/scap-workbench.png 24 | export SCAP_WORKBENCH_SHARE=$s/share/scap-workbench 25 | export SCAP_WORKBENCH_DOC=$s/doc 26 | 27 | if [[ "`uname`" == "Darwin" ]]; then 28 | # MacOS X doesn't have ssh-askpass so we have to provide our own 29 | export SSH_ASKPASS=$s/scap-workbench-osx-ssh-askpass.sh 30 | fi 31 | 32 | exec "$@" 33 | -------------------------------------------------------------------------------- /scap-workbench-oscap.policy.in: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | Scan Local Machine 7 | Authentication is required to scan local machine with root privileges. Click "Cancel" to scan using your current permissions. 8 | 9 | auth_admin_keep 10 | auth_admin_keep 11 | auth_admin_keep 12 | 13 | @CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBEXECDIR@/scap-workbench-oscap.sh 14 | true 15 | 16 | 17 | -------------------------------------------------------------------------------- /scap-workbench-oscap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2014 Red Hat Inc., Durham, North Carolina. 4 | # All Rights Reserved. 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | set -u -o pipefail 20 | 21 | trap "" SIGHUP SIGINT 22 | 23 | # pkexec writes a message to stderr when user dismisses it, we always skip 1 line. 24 | # if user did not dismiss it we should print a dummy line to stderr so that nothing 25 | # valuable gets skipped 26 | echo "Dummy text" 1>&2 27 | 28 | wrapper_uid=$1 29 | shift 30 | wrapper_gid=$1 31 | shift 32 | 33 | real_uid=`id -u` 34 | real_gid=`id -g` 35 | 36 | TEMP_DIR=`mktemp -d` 37 | 38 | args=("$@") 39 | 40 | # We have to rewrite result targets to a priv temp dir. We will later 41 | # chown that dir to the target uid:gid and copy things where they belong 42 | # using permissions of that user ONLY! 43 | for i in $(seq 0 `expr $# - 1`); do 44 | let j=i+1 45 | 46 | case "${args[i]}" in 47 | ("--results") 48 | TARGET_RESULTS_XCCDF="${args[j]}" 49 | args[j]="$TEMP_DIR/results-xccdf.xml" 50 | ;; 51 | ("--results-arf") 52 | TARGET_RESULTS_ARF="${args[j]}" 53 | args[j]="$TEMP_DIR/results-arf.xml" 54 | ;; 55 | ("--report") 56 | TARGET_REPORT="${args[j]}" 57 | args[j]="$TEMP_DIR/report.html" 58 | ;; 59 | *) 60 | ;; 61 | esac 62 | done 63 | 64 | LOCAL_OSCAP="oscap" 65 | 66 | pushd "$TEMP_DIR" > /dev/null 67 | $LOCAL_OSCAP "${args[@]}" & 68 | PID=$! 69 | RET=1 70 | 71 | while kill -0 $PID 2> /dev/null; do 72 | # check if the stdin is still available but return in one second 73 | read -t 1 dummy 74 | ret=$? 75 | if [ 0 -lt $ret -a $ret -lt 128 ]; then 76 | # If read failed & it was not due to timeout --> parents are gone. 77 | kill -s SIGTERM $PID 2> /dev/null 78 | break 79 | fi 80 | done 81 | 82 | wait $PID 83 | RET=$? 84 | 85 | popd > /dev/null 86 | 87 | function chown_copy 88 | { 89 | local what="$1" 90 | local where="$2" 91 | 92 | [ ! -f "$what" ] || cp "$what" "$where" 93 | 94 | # chown only required if wrapper_{uid,gid} differs from real_{uid,gid} 95 | if [ $wrapper_uid -ne $real_uid ] || [ $wrapper_gid -ne $real_gid ]; then 96 | chown $wrapper_uid:$wrapper_gid "$where" 97 | fi 98 | } 99 | 100 | chown_copy "$TEMP_DIR/results-xccdf.xml" "$TARGET_RESULTS_XCCDF" 101 | chown_copy "$TEMP_DIR/results-arf.xml" "$TARGET_RESULTS_ARF" 102 | chown_copy "$TEMP_DIR/report.html" "$TARGET_REPORT" 103 | 104 | rm -r "$TEMP_DIR" 105 | 106 | exit $RET 107 | -------------------------------------------------------------------------------- /scap-workbench-osx-ssh-askpass.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Taken from git-cola. 4 | # 5 | # git-cola is a powerful Git GUI with a slick and intuitive user interface. 6 | # 7 | # Copyright (C) 2007-2015, David Aguilar and contributors 8 | # 9 | # This program is free software: you can redistribute it and/or modify 10 | # it under the terms of the GNU General Public License as published by 11 | # the Free Software Foundation, either version 2 of the License, or 12 | # (at your option) any later version. 13 | # 14 | # This program is distributed in the hope that it will be useful, 15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | # GNU General Public License for more details. 18 | # 19 | # You should have received a copy of the GNU General Public License 20 | # along with this program. If not, see . 21 | 22 | TITLE=${MACOS_ASKPASS_TITLE:-"SSH"} 23 | DIALOG="display dialog \"$@\" default answer \"\" with title \"$TITLE\"" 24 | DIALOG="$DIALOG with icon caution" 25 | 26 | yesno= 27 | if echo "$1" | grep "'yes'" 2>&1 >/dev/null || 28 | echo "$1" | grep "yes/no" 2>&1 >/dev/null 29 | then 30 | yesno=true 31 | fi 32 | 33 | if test -z "$yesno" 34 | then 35 | DIALOG="$DIALOG with hidden answer" 36 | fi 37 | 38 | result=$(osascript \ 39 | -e 'tell application "Finder"' \ 40 | -e "activate" \ 41 | -e "$DIALOG" \ 42 | -e 'end tell' 2>/dev/null) 43 | 44 | if test -z "$result" 45 | then 46 | exit 1 47 | fi 48 | 49 | # The beginning of the output can be either "text returned:" 50 | # or "button returned:", and is Mac OS X version-dependent. 51 | # Account for both output styles. 52 | printf '%s\n' "$result" | 53 | sed -e 's/^text returned://' -e 's/, button returned:.*$//' \ 54 | -e 's/^button returned:OK, text returned://' 55 | exit 0 56 | 57 | -------------------------------------------------------------------------------- /scap-workbench-pkexec-oscap.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2014 Red Hat Inc., Durham, North Carolina. 4 | # All Rights Reserved. 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | set -u -o pipefail 20 | 21 | uid=`id -u` 22 | gid=`id -g` 23 | 24 | PARENT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 25 | 26 | PKEXEC_PATH="pkexec" 27 | SCAP_WORKBENCH_OSCAP="$PARENT_DIR/scap-workbench-oscap.sh" 28 | 29 | # We run unprivileged if pkexec was not found. 30 | #which $PKEXEC_PATH > /dev/null || exit 1 # fail if pkexec was not found 31 | 32 | $PKEXEC_PATH --disable-internal-agent "$SCAP_WORKBENCH_OSCAP" $uid $gid "$@" 2> >(tail -n +2 1>&2) 33 | EC=$? 34 | 35 | # 126 is a special exit code of pkexec when user dismisses the auth dialog 36 | # 127 means auth can't be established or something in the script failed. We never know. 37 | # We will retry with 127 because pkexec returns 127 when no polkit auth agent is present. 38 | # This is common in niche desktop environments. 39 | if [ $EC -eq 126 ] || [ $EC -eq 127 ]; then 40 | # in case of dismissed dialog we run without super user rights 41 | "$SCAP_WORKBENCH_OSCAP" $uid $gid "$@" 2> >(tail -n +2 1>&2); 42 | exit $? 43 | fi 44 | 45 | exit $EC 46 | -------------------------------------------------------------------------------- /scap-workbench-rpm-extract.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2014 Red Hat Inc., Durham, North Carolina. 4 | # All Rights Reserved. 5 | # 6 | # This program is free software: you can redistribute it and/or modify 7 | # it under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation, either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This program is distributed in the hope that it will be useful, 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | # GNU General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU General Public License 17 | # along with this program. If not, see . 18 | 19 | set -u -o pipefail 20 | 21 | rpm2cpio "$1" | cpio -ivd 22 | exit $? 23 | -------------------------------------------------------------------------------- /share/pixmaps/scap-workbench.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/pixmaps/scap-workbench.png -------------------------------------------------------------------------------- /share/pixmaps/scap-workbench.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | image/svg+xml -------------------------------------------------------------------------------- /share/scap-workbench/benchmark.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/benchmark.png -------------------------------------------------------------------------------- /share/scap-workbench/collapsed-arrow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/collapsed-arrow.png -------------------------------------------------------------------------------- /share/scap-workbench/edit-redo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/edit-redo.png -------------------------------------------------------------------------------- /share/scap-workbench/edit-undo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/edit-undo.png -------------------------------------------------------------------------------- /share/scap-workbench/expanded-arrow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/expanded-arrow.png -------------------------------------------------------------------------------- /share/scap-workbench/group.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/group.png -------------------------------------------------------------------------------- /share/scap-workbench/profile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/profile.png -------------------------------------------------------------------------------- /share/scap-workbench/rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/rule.png -------------------------------------------------------------------------------- /share/scap-workbench/ssg_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/ssg_logo.png -------------------------------------------------------------------------------- /share/scap-workbench/translations/README: -------------------------------------------------------------------------------- 1 | Translations created using QtLinguist go into this folder. 2 | -------------------------------------------------------------------------------- /share/scap-workbench/value.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OpenSCAP/scap-workbench/10c1929e157ce2939b650428b17d3440dccc25ab/share/scap-workbench/value.png -------------------------------------------------------------------------------- /src/APIHelpers.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "APIHelpers.h" 23 | #include 24 | #include 25 | 26 | extern "C" 27 | { 28 | #include 29 | #include 30 | } 31 | 32 | QString oscapTextIteratorGetPreferred(struct oscap_text_iterator* it, const QString& lang) 33 | { 34 | oscap_text* preferred_s = oscap_textlist_get_preferred_text(it, lang.isEmpty() ? NULL : lang.toUtf8().constData()); 35 | oscap_text_iterator_free(it); 36 | const QString ret = QString::fromUtf8(oscap_text_get_text(preferred_s)); 37 | return ret; 38 | } 39 | 40 | QString oscapItemGetReadableTitle(struct xccdf_item* item, struct xccdf_policy* policy, const QString& lang) 41 | { 42 | struct oscap_text_iterator* title_it = xccdf_item_get_title(item); 43 | char* unresolved = oscap_textlist_get_preferred_plaintext(title_it, lang.isEmpty() ? NULL : lang.toUtf8().constData()); 44 | oscap_text_iterator_free(title_it); 45 | if (!unresolved) 46 | return ""; 47 | char* resolved = xccdf_policy_substitute(QString::fromUtf8(unresolved).toHtmlEscaped().toUtf8().constData(), policy); 48 | free(unresolved); 49 | const QString ret = QString::fromUtf8(resolved); 50 | free(resolved); 51 | return ret; 52 | } 53 | 54 | QString oscapItemGetReadableDescription(struct xccdf_item* item, struct xccdf_policy* policy, const QString& lang) 55 | { 56 | struct oscap_text_iterator* desc_it = xccdf_item_get_description(item); 57 | oscap_text* unresolved = oscap_textlist_get_preferred_text(desc_it, lang.isEmpty() ? NULL : lang.toUtf8().constData()); 58 | oscap_text_iterator_free(desc_it); 59 | if (!unresolved) 60 | return ""; 61 | char* resolved = xccdf_policy_substitute(oscap_text_get_text(unresolved), policy); 62 | const QString ret = QString::fromUtf8(resolved); 63 | free(resolved); 64 | return ret; 65 | } 66 | 67 | QString oscapErrDesc() 68 | { 69 | return QString::fromUtf8(oscap_err_desc()); 70 | } 71 | 72 | QString oscapErrGetFullError() 73 | { 74 | char* fullErrorCstr = oscap_err_get_full_error(); 75 | QString fullError = QString::fromUtf8(fullErrorCstr); 76 | free(fullErrorCstr); 77 | return fullError; 78 | } 79 | -------------------------------------------------------------------------------- /src/Application.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "Application.h" 23 | #include "MainWindow.h" 24 | #include "Utils.h" 25 | 26 | #include 27 | #include 28 | #include 29 | 30 | #include 31 | 32 | Application::Application(int& argc, char** argv): 33 | QApplication(argc, argv), 34 | mTranslator(), 35 | mMainWindow(0) 36 | { 37 | setOrganizationName("SCAP Workbench upstream"); 38 | // The org domain messes up the app title in the Gnome top bar. 39 | // Other QT apps s.a. Wireshark, QT Creator don't specify the domain. 40 | // setOrganizationDomain("open-scap.org"); 41 | 42 | setApplicationName("SCAP Workbench"); 43 | setApplicationDisplayName("SCAP Workbench"); 44 | setApplicationVersion(SCAP_WORKBENCH_VERSION); 45 | 46 | mMainWindow = new MainWindow(); 47 | 48 | #if (QT_VERSION >= QT_VERSION_CHECK(4, 8, 0)) 49 | mTranslator.load(QLocale(), "scap-workbench", "", getShareTranslationDirectory().absolutePath()); 50 | installTranslator(&mTranslator); 51 | #endif 52 | 53 | const QIcon& icon = getApplicationIcon(); 54 | setWindowIcon(icon); 55 | mMainWindow->setWindowIcon(icon); 56 | 57 | QObject::connect( 58 | this, SIGNAL(lastWindowClosed()), 59 | this, SLOT(quit()) 60 | ); 61 | 62 | QStringList args = arguments(); 63 | processCLI(args); 64 | 65 | // Showing the window before processing command line arguments causes crashes occasionally 66 | mMainWindow->show(); 67 | 68 | // Only open default content if no file to open was given. 69 | if (!mMainWindow->fileOpened()) 70 | openSSG(); 71 | 72 | } 73 | 74 | Application::~Application() 75 | { 76 | delete mMainWindow; 77 | } 78 | 79 | void Application::processCLI(QStringList& args) 80 | { 81 | QCommandLineParser parser; 82 | 83 | parser.addHelpOption(); 84 | parser.addVersionOption(); 85 | 86 | QCommandLineOption skipValid("skip-valid", "Skips OpenSCAP validation."); 87 | parser.addOption(skipValid); 88 | 89 | QCommandLineOption tailoring("tailoring", "Opens the given tailoring file after " 90 | "the given XCCDF or SDS file is loaded.", 91 | "ssg-tailoring.xml"); 92 | parser.addOption(tailoring); 93 | 94 | parser.addPositionalArgument("file", "A file to load; can be either an XCCDF or SDS file.", "[file]"); 95 | parser.process(args); 96 | 97 | if (parser.isSet(skipValid)) 98 | { 99 | mMainWindow->setSkipValid(true); 100 | } 101 | 102 | QStringList posArguments = parser.positionalArguments(); 103 | if (posArguments.isEmpty()) 104 | { 105 | if (parser.isSet(tailoring)) 106 | { 107 | std::cout << "Tailoring file was provided via --tailoring, but no SCAP " 108 | << "input was provided. Ignoring the tailoring file." 109 | << std::endl; 110 | } 111 | return; 112 | } 113 | 114 | mMainWindow->openFile(posArguments.first()); 115 | 116 | if (parser.isSet(tailoring)) 117 | mMainWindow->openTailoringFile(parser.value(tailoring)); 118 | 119 | // We ignore all other positional arguments suplied, if any 120 | } 121 | 122 | void Application::openSSG() 123 | { 124 | mMainWindow->openSSGDialog(QObject::tr("Close SCAP Workbench")); 125 | } 126 | 127 | void Application::browseForContent() 128 | { 129 | mMainWindow->openFileDialogAsync(); 130 | } 131 | -------------------------------------------------------------------------------- /src/CommandLineArgsDialog.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "CommandLineArgsDialog.h" 23 | 24 | #include 25 | #include 26 | #include 27 | 28 | CommandLineArgsDialog::CommandLineArgsDialog(QWidget* parent): 29 | QDialog(parent) 30 | { 31 | mUI.setupUi(this); 32 | 33 | QObject::connect( 34 | mUI.clipboardButton, SIGNAL(clicked()), 35 | this, SLOT(copyToClipboard()) 36 | ); 37 | 38 | QObject::connect( 39 | mUI.closeButton, SIGNAL(clicked()), 40 | this, SLOT(hide()) 41 | ); 42 | } 43 | 44 | CommandLineArgsDialog::~CommandLineArgsDialog() 45 | {} 46 | 47 | void CommandLineArgsDialog::setArgs(const QStringList& args) 48 | { 49 | mUI.args->setText(args.join(" ")); 50 | } 51 | 52 | void CommandLineArgsDialog::copyToClipboard() 53 | { 54 | const QString fullLog = mUI.args->toPlainText(); 55 | QClipboard* clipboard = QApplication::clipboard(); 56 | clipboard->setText(fullLog); 57 | } 58 | -------------------------------------------------------------------------------- /src/DiagnosticsDialog.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "DiagnosticsDialog.h" 23 | 24 | #include 25 | #include 26 | #include 27 | #include 28 | 29 | #include 30 | 31 | DiagnosticsDialog::DiagnosticsDialog(QWidget* parent): 32 | QDialog(parent) 33 | { 34 | mUI.setupUi(this); 35 | 36 | QObject::connect( 37 | mUI.clearDialog, SIGNAL(clicked()), 38 | this, SLOT(clearDialog()) 39 | ); 40 | 41 | QObject::connect( 42 | mUI.clipboardButton, SIGNAL(clicked()), 43 | this, SLOT(copyToClipboard()) 44 | ); 45 | 46 | QObject::connect( 47 | mUI.closeButton, SIGNAL(clicked()), 48 | this, SLOT(hide()) 49 | ); 50 | 51 | dumpVersionInfo(); 52 | } 53 | 54 | DiagnosticsDialog::~DiagnosticsDialog() 55 | {} 56 | 57 | void DiagnosticsDialog::clear() 58 | { 59 | mUI.messages->clear(); 60 | } 61 | 62 | void DiagnosticsDialog::waitUntilHidden(unsigned int interval) 63 | { 64 | while (isVisible()) 65 | { 66 | QAbstractEventDispatcher::instance(0)->processEvents(QEventLoop::AllEvents); 67 | QThread::usleep(interval * 1000); 68 | } 69 | } 70 | 71 | void DiagnosticsDialog::infoMessage(const QString& message, MessageFormat format) 72 | { 73 | pushMessage(MS_INFO, message, format); 74 | } 75 | 76 | void DiagnosticsDialog::warningMessage(const QString& message, MessageFormat format) 77 | { 78 | pushMessage(MS_WARNING, message, format); 79 | 80 | // warning message is important, make sure the diagnostics are shown 81 | show(); 82 | } 83 | 84 | void DiagnosticsDialog::errorMessage(const QString& message, MessageFormat format) 85 | { 86 | pushMessage(MS_ERROR, message, format); 87 | 88 | // error message is important, make sure the diagnostics are shown 89 | show(); 90 | } 91 | 92 | void DiagnosticsDialog::exceptionMessage(const std::exception& e, const QString& context, MessageFormat format) 93 | { 94 | pushMessage(MS_EXCEPTION, (context.isEmpty() ? "" : context + "\n\n" + QString::fromUtf8(e.what())), format); 95 | 96 | // error message is important, make sure the diagnostics are shown 97 | show(); 98 | } 99 | 100 | 101 | void DiagnosticsDialog::pushMessage(MessageSeverity severity, const QString& fullMessage, MessageFormat format) 102 | { 103 | char stime[11]; 104 | stime[10] = '\0'; 105 | 106 | time_t rawtime; 107 | struct tm* timeinfo; 108 | 109 | time(&rawtime); 110 | timeinfo = localtime(&rawtime); 111 | 112 | strftime(stime, 10, "%H:%M:%S", timeinfo); 113 | 114 | QString strSeverity = QObject::tr("unknown"); 115 | QString bgCol = "transparent"; 116 | switch (severity) 117 | { 118 | case MS_INFO: 119 | strSeverity = QObject::tr("info"); 120 | break; 121 | case MS_WARNING: 122 | strSeverity = QObject::tr("warning"); 123 | bgCol = "#ffff99"; 124 | break; 125 | case MS_EXCEPTION: 126 | strSeverity = QObject::tr("except"); 127 | bgCol = "#cc9933"; 128 | break; 129 | case MS_ERROR: 130 | strSeverity = QObject::tr("error"); 131 | bgCol = "#cc9933"; 132 | break; 133 | 134 | default: 135 | break; 136 | } 137 | 138 | strSeverity = strSeverity.leftJustified(8); 139 | 140 | std::cerr << stime << " | " << strSeverity.toUtf8().constData() << " | " << fullMessage.toUtf8().constData() << std::endl; 141 | 142 | QString outputMessage = fullMessage; 143 | if (format & MF_XML) 144 | { 145 | outputMessage = outputMessage.toHtmlEscaped(); 146 | } 147 | 148 | if (format & MF_PREFORMATTED) 149 | { 150 | outputMessage = QString("
%1
").arg(outputMessage); 151 | } 152 | 153 | mUI.messages->append( 154 | QString("
%1 
%3
%4
\n") 155 | .arg(stime, bgCol, strSeverity, outputMessage) 156 | ); 157 | } 158 | 159 | void DiagnosticsDialog::dumpVersionInfo() 160 | { 161 | // We display this in Help->About as well but let us dump it as info message 162 | // in case workbench crashes before user can work with the GUI. 163 | infoMessage(QString("SCAP Workbench %1, compiled with Qt %2, using OpenSCAP %3").arg(SCAP_WORKBENCH_VERSION, QT_VERSION_STR, oscap_get_version())); 164 | } 165 | 166 | void DiagnosticsDialog::copyToClipboard() 167 | { 168 | const QString fullLog = mUI.messages->toPlainText(); 169 | QClipboard* clipboard = QApplication::clipboard(); 170 | clipboard->setText(fullLog); 171 | } 172 | 173 | void DiagnosticsDialog::clearDialog() 174 | { 175 | mUI.messages->clear(); 176 | } 177 | 178 | DiagnosticsDialog* globalDiagnosticsDialog = NULL; 179 | -------------------------------------------------------------------------------- /src/OscapCapabilities.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "OscapCapabilities.h" 23 | 24 | #include 25 | #include 26 | #include 27 | 28 | OscapCapabilities::OscapCapabilities() 29 | { 30 | clear(); 31 | } 32 | 33 | void OscapCapabilities::clear() 34 | { 35 | mVersion = "Unknown"; 36 | 37 | mBaselineSupport = false; 38 | mProgressReporting = false; 39 | mOnlineRemediation = false; 40 | mSourceDataStreams = false; 41 | mARFInput = false; 42 | mTailoringSupport = false; 43 | mSCE = false; 44 | 45 | mXCCDFVersion = "Unknown"; 46 | mOVALVersion = "Unknown"; 47 | mCPEVersion = "Unknown"; 48 | mSCEVersion = "Unknown"; 49 | } 50 | 51 | static bool versionGreaterOrEqual(const QString& a, const QString& b) 52 | { 53 | const QStringList aSplit = a.split('.'); 54 | const QStringList bSplit = b.split('.'); 55 | 56 | // we only compare versions of the same number of components! 57 | assert(aSplit.size() == bSplit.size()); 58 | 59 | QStringList::size_type pos = 0; 60 | 61 | while (pos < aSplit.size() && pos < bSplit.size()) 62 | { 63 | const int aComponent = aSplit[pos].toInt(); 64 | const int bComponent = bSplit[pos].toInt(); 65 | 66 | if (aComponent < bComponent) 67 | return false; 68 | if (aComponent > bComponent) 69 | return true; 70 | 71 | // only if they both match do we continue 72 | 73 | ++pos; 74 | } 75 | 76 | // the versions are equal! 77 | return true; 78 | } 79 | 80 | void OscapCapabilities::parse(const QString& mmv) 81 | { 82 | clear(); 83 | 84 | const QStringList lines = mmv.split('\n'); 85 | 86 | if (lines.size() < 1) 87 | return; // TODO: Throw exception? 88 | 89 | #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) 90 | const QStringList firstLine = lines[0].split(' ', Qt::SkipEmptyParts); 91 | #else 92 | const QStringList firstLine = lines[0].split(' ', QString::SkipEmptyParts); 93 | #endif 94 | const QString& versionCandidate = firstLine.last(); 95 | 96 | if (!versionCandidate.contains(QRegExp("^([0-9]+\\.){2,}[0-9]+$"))) 97 | return; // TODO: Throw exception? 98 | 99 | mVersion = versionCandidate; 100 | 101 | // TODO: Pick a better version 102 | if (versionGreaterOrEqual(mVersion, "0.8.0")) 103 | mBaselineSupport = true; 104 | 105 | if (versionGreaterOrEqual(mVersion, "0.9.3")) 106 | mProgressReporting = true; 107 | 108 | if (versionGreaterOrEqual(mVersion, "0.9.5")) 109 | mOnlineRemediation = true; 110 | 111 | if (versionGreaterOrEqual(mVersion, "0.9.0")) 112 | mSourceDataStreams = true; 113 | 114 | if (versionGreaterOrEqual(mVersion, "0.9.12")) 115 | mTailoringSupport = true; 116 | 117 | /*if (versionGreaterThan(mVersion, "0.999.999")) 118 | mARFInput = true;*/ 119 | 120 | if (lines.size() < 4 || !lines[3].contains("Supported specifications")) 121 | return; // TODO: Throw exception? 122 | 123 | QStringList::size_type linePos = 4; 124 | while (linePos < lines.size()) 125 | { 126 | const QStringList versionLineSplit = lines[linePos].split(": "); 127 | 128 | if (versionLineSplit[0] == "XCCDF Version") 129 | mXCCDFVersion = versionLineSplit[1]; 130 | else if (versionLineSplit[0] == "OVAL Version") 131 | mOVALVersion = versionLineSplit[1]; 132 | else if (versionLineSplit[0] == "CPE Version") 133 | mCPEVersion = versionLineSplit[1]; 134 | else if (versionLineSplit[0] == "Script check engine") 135 | { 136 | mSCE = true; 137 | mSCEVersion = versionLineSplit[1]; 138 | } 139 | else 140 | { 141 | // TODO: Warn about unknown version 142 | } 143 | 144 | if (lines[linePos].isEmpty()) 145 | break; // End of the list 146 | 147 | ++linePos; 148 | } 149 | } 150 | 151 | const QString& OscapCapabilities::getOpenSCAPVersion() const 152 | { 153 | return mVersion; 154 | } 155 | 156 | bool OscapCapabilities::baselineSupport() const 157 | { 158 | return mBaselineSupport; 159 | } 160 | 161 | bool OscapCapabilities::progressReporting() const 162 | { 163 | return mProgressReporting; 164 | } 165 | 166 | bool OscapCapabilities::onlineRemediation() const 167 | { 168 | return mOnlineRemediation; 169 | } 170 | 171 | bool OscapCapabilities::sourceDatastreams() const 172 | { 173 | return mSourceDataStreams; 174 | } 175 | 176 | bool OscapCapabilities::ARFInput() const 177 | { 178 | return mARFInput; 179 | } 180 | 181 | bool OscapCapabilities::tailoringSupport() const 182 | { 183 | return mTailoringSupport; 184 | } 185 | 186 | const QString& OscapCapabilities::XCCDFVersion() const 187 | { 188 | return mXCCDFVersion; 189 | } 190 | 191 | const QString& OscapCapabilities::OVALVersion() const 192 | { 193 | return mOVALVersion; 194 | } 195 | 196 | const QString& OscapCapabilities::CPEVersion() const 197 | { 198 | return mCPEVersion; 199 | } 200 | -------------------------------------------------------------------------------- /src/RPMOpenHelper.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "RPMOpenHelper.h" 23 | #include "ProcessHelpers.h" 24 | #include "Exceptions.h" 25 | #include 26 | 27 | RPMOpenHelper::RPMOpenHelper(const QString& path) 28 | { 29 | mTempDir.setAutoRemove(true); 30 | 31 | SyncProcess proc; 32 | { 33 | const QFileInfo pathInfo(path); 34 | proc.setCommand(getRPMExtractPath()); 35 | proc.setArguments(QStringList(pathInfo.absoluteFilePath())); 36 | proc.setWorkingDirectory(mTempDir.path()); 37 | } 38 | 39 | proc.run(); 40 | 41 | const QDir tempDir(mTempDir.path()); 42 | 43 | if (proc.getExitCode() != 0) 44 | { 45 | mInputPath = ""; 46 | mTailoringPath = ""; 47 | 48 | throw RPMOpenHelperException(QString("Failed to extract given SCAP RPM, details follow:\n%1").arg(proc.getDiagnosticInfo())); 49 | } 50 | else 51 | { 52 | // Escape the escape to escape the escape! 53 | static QRegExp baselineRE("^\\.\\/usr\\/share\\/xml\\/scap\\/[^\\/]+\\/[^\\/]+$"); 54 | static QRegExp tailoringRE("^\\.\\/usr\\/share\\/xml\\/scap\\/[^\\/]+\\/tailoring-xccdf\\.xml+$"); 55 | static QRegExp inputRE("^\\.\\/usr\\/share\\/xml\\/scap\\/[^\\/]+\\/[^\\/]+\\-(xccdf|ds)\\.xml+$"); 56 | 57 | #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) 58 | QStringList lines = proc.getStdErrContents().split('\n', Qt::SkipEmptyParts); 59 | #else 60 | QStringList lines = proc.getStdErrContents().split('\n', QString::SkipEmptyParts); 61 | #endif 62 | for (QStringList::const_iterator it = lines.constBegin(); it != lines.constEnd(); ++it) 63 | { 64 | const QString& line = *it; 65 | 66 | // Skip cpio verbose info unrelated to file names 67 | if (!baselineRE.exactMatch(line)) 68 | continue; 69 | 70 | // Tailoring is a very precise match, only try inputRE if tailoring doesn't match. 71 | // This is required because "tailoring-xccdf.xml" will match both tailoringRE and inputRE! 72 | 73 | if (tailoringRE.exactMatch(line)) 74 | mTailoringPath = tempDir.absoluteFilePath(line); 75 | else if (inputRE.exactMatch(line)) 76 | mInputPath = tempDir.absoluteFilePath(line); 77 | } 78 | } 79 | } 80 | 81 | RPMOpenHelper::~RPMOpenHelper() 82 | { 83 | // temporary directory gets removed automatically 84 | } 85 | 86 | const QString& RPMOpenHelper::getInputPath() const 87 | { 88 | return mInputPath; 89 | } 90 | 91 | bool RPMOpenHelper::hasTailoring() const 92 | { 93 | return mTailoringPath.isEmpty(); 94 | } 95 | 96 | const QString& RPMOpenHelper::getTailoringPath() const 97 | { 98 | return mTailoringPath; 99 | } 100 | 101 | QString RPMOpenHelper::getRPMExtractPath() 102 | { 103 | const QByteArray path = qgetenv("SCAP_WORKBENCH_RPM_EXTRACT_PATH"); 104 | 105 | if (path.isEmpty()) 106 | return SCAP_WORKBENCH_LOCAL_RPM_EXTRACT_PATH; 107 | else 108 | return path; 109 | } 110 | -------------------------------------------------------------------------------- /src/RemoteMachineComboBox.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "RemoteMachineComboBox.h" 23 | #include "OscapScannerRemoteSsh.h" 24 | 25 | RemoteMachineComboBox::RemoteMachineComboBox(QWidget* parent): 26 | QWidget(parent) 27 | { 28 | mUI.setupUi(this); 29 | setFocusProxy(mUI.host); 30 | 31 | #if (QT_VERSION >= QT_VERSION_CHECK(4, 7, 0)) 32 | // placeholder text is only supported in Qt 4.7 onwards 33 | mUI.host->setPlaceholderText(QObject::tr("username@hostname [sudo]")); 34 | #endif 35 | 36 | mQSettings = new QSettings(this); 37 | 38 | mRecentComboBox = mUI.recentComboBox; 39 | QObject::connect( 40 | mRecentComboBox, SIGNAL(currentIndexChanged(int)), 41 | this, SLOT(updateHostPort(int)) 42 | ); 43 | 44 | mUserIsSudoer = mUI.userIsSudoer; 45 | 46 | setRecentMachineCount(5); 47 | syncFromQSettings(); 48 | 49 | } 50 | 51 | RemoteMachineComboBox::~RemoteMachineComboBox() 52 | { 53 | delete mQSettings; 54 | } 55 | 56 | bool RemoteMachineComboBox::userIsSudoer() const 57 | { 58 | return mUserIsSudoer->isChecked(); 59 | } 60 | 61 | QString RemoteMachineComboBox::getTarget() const 62 | { 63 | return QString("%1:%2").arg(mUI.host->text()).arg(mUI.port->value()); 64 | } 65 | 66 | void RemoteMachineComboBox::setRecentMachineCount(unsigned int count) 67 | { 68 | while (static_cast(mRecentTargets.size()) > count) 69 | mRecentTargets.removeLast(); 70 | 71 | while (static_cast(mRecentTargets.size()) < count) 72 | mRecentTargets.append(""); 73 | } 74 | 75 | unsigned int RemoteMachineComboBox::getRecentMachineCount() const 76 | { 77 | return mRecentTargets.size(); 78 | } 79 | 80 | void RemoteMachineComboBox::notifyTargetUsed(const QString& target, bool userIsSudoer) 81 | { 82 | QString host; 83 | unsigned short port; 84 | bool placeholder; 85 | OscapScannerRemoteSsh::splitTarget(target, host, port, placeholder); 86 | 87 | // skip invalid suggestions 88 | if (host.isEmpty() || port == 0) 89 | return; 90 | 91 | const unsigned int machineCount = getRecentMachineCount(); 92 | 93 | // this moves target to the beginning of the list if it was in the list already 94 | QString targetWithSudo = target + (userIsSudoer ? " sudo" : ""); 95 | mRecentTargets.prepend(targetWithSudo); 96 | mRecentTargets.removeDuplicates(); 97 | 98 | setRecentMachineCount(machineCount); 99 | 100 | syncToQSettings(); 101 | syncRecentMenu(); 102 | 103 | // we can be sure there is at least 2 itens in ComboBox, "Recent" and the last entered host 104 | mRecentComboBox->setCurrentIndex(1); 105 | } 106 | 107 | void RemoteMachineComboBox::clearHistory() 108 | { 109 | mUI.host->setText(""); 110 | mUI.port->setValue(22); 111 | mUI.userIsSudoer->setChecked(false); 112 | 113 | const unsigned int machineCount = getRecentMachineCount(); 114 | mRecentTargets.clear(); 115 | setRecentMachineCount(machineCount); 116 | 117 | syncToQSettings(); 118 | syncRecentMenu(); 119 | } 120 | 121 | void RemoteMachineComboBox::syncFromQSettings() 122 | { 123 | QVariant value = mQSettings->value("recent-remote-machines"); 124 | QStringList list = value.toStringList(); 125 | 126 | const unsigned int machineCount = getRecentMachineCount(); 127 | mRecentTargets = list; 128 | setRecentMachineCount(machineCount); 129 | syncRecentMenu(); 130 | } 131 | 132 | void RemoteMachineComboBox::syncToQSettings() 133 | { 134 | mQSettings->setValue("recent-remote-machines", QVariant(mRecentTargets)); 135 | } 136 | 137 | void RemoteMachineComboBox::syncRecentMenu() 138 | { 139 | mRecentComboBox->clear(); 140 | 141 | mRecentComboBox->addItem(QString("Recent")); 142 | 143 | bool empty = true; 144 | for (QStringList::iterator it = mRecentTargets.begin(); it != mRecentTargets.end(); ++it) 145 | { 146 | if (it->isEmpty()) 147 | continue; 148 | 149 | mRecentComboBox->addItem(*it, QVariant(*it)); 150 | 151 | empty = false; 152 | } 153 | 154 | if (!empty) 155 | { 156 | mRecentComboBox->insertSeparator(mRecentComboBox->count()); 157 | QString clear = QString("Clear History"); 158 | mRecentComboBox->addItem(clear, QVariant(clear)); 159 | } 160 | 161 | mRecentComboBox->setEnabled(!empty); 162 | } 163 | 164 | void RemoteMachineComboBox::updateHostPort(int index) 165 | { 166 | const QVariant data = mRecentComboBox->itemData(index); 167 | const QString& target = data.toString(); 168 | 169 | if (target.isEmpty()) 170 | { 171 | mUI.host->setText(""); 172 | mUI.port->setValue(22); 173 | mUI.userIsSudoer->setChecked(false); 174 | return; 175 | } 176 | 177 | if (!target.compare("Clear History")) 178 | { 179 | clearHistory(); 180 | return; 181 | } 182 | 183 | 184 | QString host; 185 | unsigned short port; 186 | bool userIsSudoer; 187 | 188 | OscapScannerRemoteSsh::splitTarget(target, host, port, userIsSudoer); 189 | 190 | mUI.host->setText(host); 191 | mUI.port->setValue(port); 192 | mUI.userIsSudoer->setChecked(userIsSudoer); 193 | } 194 | -------------------------------------------------------------------------------- /src/SSGIntegrationDialog.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "SSGIntegrationDialog.h" 23 | #include "Utils.h" 24 | 25 | #include 26 | 27 | SSGIntegrationDialog::SSGIntegrationDialog(QWidget* parent): 28 | QDialog(parent) 29 | { 30 | loadOtherContent = false; 31 | mUI.setupUi(this); 32 | mUI.ssgLogo->setPixmap(getSharePixmap("ssg_logo.png")); 33 | 34 | scrapeSSGVariants(); 35 | 36 | QObject::connect( 37 | mUI.dismissButton, SIGNAL(released()), 38 | this, SLOT(reject()) 39 | ); 40 | 41 | QObject::connect( 42 | mUI.loadButton, SIGNAL(released()), 43 | this, SLOT(loadContent()) 44 | ); 45 | } 46 | 47 | SSGIntegrationDialog::~SSGIntegrationDialog() 48 | {} 49 | 50 | void SSGIntegrationDialog::setDismissLabel(const QString& label) 51 | { 52 | mUI.dismissButton->setText(label); 53 | } 54 | 55 | const QString& SSGIntegrationDialog::getSelectedSSGFile() const 56 | { 57 | return mSelectedSSGFile; 58 | } 59 | 60 | bool SSGIntegrationDialog::loadOtherContentSelected() 61 | { 62 | return loadOtherContent; 63 | } 64 | 65 | bool SSGIntegrationDialog::isSSGAvailable() 66 | { 67 | return getSSGDirectory().exists(); 68 | } 69 | 70 | void SSGIntegrationDialog::loadContent() 71 | { 72 | QComboBox* cBox = mUI.contentComboBox; 73 | 74 | const QString variant = cBox->itemData(cBox->currentIndex()).toString(); 75 | 76 | if (variant.isEmpty()) 77 | return; 78 | 79 | if (!variant.compare("other-scap-content")) 80 | { 81 | loadOtherContent = true; 82 | } 83 | else 84 | { 85 | const QDir& dir(getSSGDirectory()); 86 | 87 | mSelectedSSGFile = dir.absoluteFilePath(QString("ssg-%1-ds.xml").arg(variant)); 88 | } 89 | accept(); 90 | } 91 | 92 | /* 93 | * Given the string list passed as the first argument, 94 | * either make sure that the passed value is the first item, 95 | * or don't do anything (if the value is not present in the string). 96 | * 97 | * Returns true if the priority item matched a list item, returns false otherwise. 98 | */ 99 | static bool put_value_as_first_item(QStringList& list, const QString& value) 100 | { 101 | const int value_index = list.indexOf(value); 102 | if (value_index == -1) 103 | { 104 | return false; 105 | } 106 | list.removeAt(value_index); 107 | list.push_front(value); 108 | return true; 109 | } 110 | 111 | static void ensure_good_string_list_ordering(QStringList& list, const QStringList& priority_items, int& matched_priority_items) 112 | { 113 | list.sort(); 114 | for (QStringList::const_reverse_iterator it = priority_items.rbegin(); 115 | it != priority_items.rend(); ++it) 116 | { 117 | if (put_value_as_first_item(list, * it)) 118 | { 119 | matched_priority_items++; 120 | } 121 | } 122 | } 123 | 124 | void SSGIntegrationDialog::scrapeSSGVariants() 125 | { 126 | const QDir& dir = getSSGDirectory(); 127 | QStringList variants = dir.entryList(QDir::Files | QDir::NoDotAndDotDot); 128 | QComboBox* cBox = mUI.contentComboBox; 129 | 130 | const QString first_items = QString(SCAP_WORKBENCH_PREFERRED_DATASTREAM_BASENAMES); 131 | const QStringList priority_products = first_items.split(","); 132 | int matched_priority_items = 0; 133 | ensure_good_string_list_ordering(variants, priority_products, matched_priority_items); 134 | for (QStringList::const_iterator it = variants.constBegin(); 135 | it != variants.constEnd(); ++it) 136 | { 137 | QString name = *it; 138 | 139 | if (!name.startsWith("ssg-") || !name.endsWith("-ds.xml") || name.length() < 12) 140 | continue; // TODO: Warn? 141 | 142 | name.remove(0, 4); // remove prefix "ssg-" 143 | name.chop(7); // remove suffix "-ds.xml" 144 | 145 | QString label = name; 146 | 147 | // Make the label nicer for known variants 148 | if (label.startsWith("rhel") || label.startsWith("ol")) 149 | { 150 | // use RHEL instead of rhel and OL instead of ol 151 | label = name.toUpper(); 152 | } 153 | else if (label.startsWith("centos")) // use CentOS instead of centos 154 | label.replace(0, 6, "CentOS"); 155 | 156 | else if (label.startsWith("jre")) // use JRE instead of jre 157 | label.replace(0, 3, "JRE"); 158 | 159 | else if (label.startsWith("sl")) // use SL instead of sl 160 | label.replace(0, 2, "SL"); 161 | 162 | else 163 | label[0] = label[0].toUpper(); // Capitalize first letter 164 | 165 | cBox->addItem(label, QVariant(name)); 166 | 167 | } 168 | if (matched_priority_items) 169 | { 170 | cBox->insertSeparator(matched_priority_items); 171 | } 172 | cBox->insertSeparator(cBox->count()); 173 | cBox->addItem(QString("Other SCAP Content"), QVariant(QString("other-scap-content"))); 174 | 175 | cBox->setCurrentIndex(0); 176 | } 177 | -------------------------------------------------------------------------------- /src/SaveAsRPMDialog.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "SaveAsRPMDialog.h" 23 | #include "MainWindow.h" 24 | #include "ScanningSession.h" 25 | #include "ProcessHelpers.h" 26 | 27 | #include 28 | #include 29 | #include 30 | 31 | SaveAsRPMDialog::SaveAsRPMDialog(ScanningSession* session, MainWindow* parent): 32 | QDialog(parent), 33 | mMainWindow(parent), 34 | 35 | mScanningSession(session) 36 | { 37 | mUI.setupUi(this); 38 | 39 | QObject::connect( 40 | this, SIGNAL(finished(int)), 41 | this, SLOT(slotFinished(int)) 42 | ); 43 | 44 | // See https://fedoraproject.org/wiki/Packaging:NamingGuidelines#CommonCharacterSet 45 | // Furthermore, we do not allow '.' to avoid confusion. 46 | mUI.packageName->setValidator(new QRegExpValidator(QRegExp("^[a-zA-Z0-9\\-_\\+]+$"), this)); 47 | 48 | const QFileInfo openedFile(mScanningSession->getOpenedFilePath()); 49 | mUI.packageName->setText(openedFile.baseName()); 50 | 51 | mUI.version->setValidator(new QRegExpValidator(QRegExp("^([0-9]+\\.)*[0-9]+$"), this)); 52 | 53 | show(); 54 | } 55 | 56 | SaveAsRPMDialog::~SaveAsRPMDialog() 57 | {} 58 | 59 | void SaveAsRPMDialog::saveSession(ScanningSession* session, MainWindow* parent) 60 | { 61 | QPointer dialog = new SaveAsRPMDialog(session, parent); 62 | dialog->exec(); 63 | delete dialog; 64 | } 65 | 66 | void SaveAsRPMDialog::slotFinished(int result) 67 | { 68 | if (result == QDialog::Rejected) 69 | return; 70 | 71 | const QString targetDir = QFileDialog::getExistingDirectory( 72 | this, QObject::tr("Select target directory"), 73 | mMainWindow->getDefaultSaveDirectory() 74 | ); 75 | 76 | if (targetDir.isEmpty()) 77 | return; // user canceled 78 | 79 | mMainWindow->notifySaveActionConfirmed(targetDir, true); 80 | 81 | QSet closure = mScanningSession->getOpenedFilesClosure(); 82 | // At this point, closure is a set which is implementation ordered. 83 | // (we have no control WRT the ordering) 84 | // We want to make the XCCDF/SDS/main file appear first because that's 85 | // what the 'save as RPM' script will use to deduce the package name 86 | closure.remove(mScanningSession->getOpenedFilePath()); 87 | QList closureOrdered; 88 | closureOrdered.append(mScanningSession->getOpenedFilePath()); 89 | #if (QT_VERSION >= QT_VERSION_CHECK(5, 14, 0)) 90 | closureOrdered.append(closure.values()); 91 | #else 92 | // support older versions where deprecation warning is not fatal 93 | closureOrdered.append(closure.toList()); 94 | #endif 95 | 96 | const QDir cwd = ScanningSession::getCommonAncestorDirectory(closure); 97 | 98 | SyncProcess scapAsRPM(this); 99 | scapAsRPM.setCommand(SCAP_WORKBENCH_LOCAL_SCAP_AS_RPM_PATH); 100 | scapAsRPM.setWorkingDirectory(cwd.absolutePath()); 101 | 102 | QStringList args; 103 | if (!mUI.packageName->text().isEmpty()) 104 | { 105 | args.append("--pkg-name"); 106 | args.append(mUI.packageName->text()); 107 | } 108 | if (!mUI.version->text().isEmpty()) 109 | { 110 | args.append("--pkg-version"); 111 | args.append(mUI.version->text()); 112 | } 113 | // release is a spinbox, it can't be empty 114 | args.append("--pkg-release"); args.append(mUI.release->text()); 115 | 116 | // summary may contain whitespaces, we need a string that has at least one non-whitespace char 117 | if (!mUI.summary->text().trimmed().isEmpty()) 118 | { 119 | args.append("--pkg-summary"); 120 | args.append(mUI.summary->text()); 121 | } 122 | if (!mUI.license->currentText().isEmpty()) 123 | { 124 | args.append("--pkg-license"); 125 | args.append(mUI.license->currentText()); 126 | } 127 | 128 | args.append("--rpm-destination"); args.append(targetDir); 129 | 130 | for (QList::const_iterator it = closureOrdered.begin(); it != closureOrdered.end(); ++it) 131 | { 132 | args.append(cwd.relativeFilePath(*it)); 133 | } 134 | 135 | SpacelessQTemporaryDir tailoringDir; 136 | 137 | // Tailoring file is a special case since it may be in memory only. 138 | // In case it is memory only we don't want it to cause our common ancestor dir to be / 139 | // We export it to a temporary directory and remove it after including it in the RPM 140 | if (mScanningSession->hasTailoring()) 141 | { 142 | QFileInfo tailoringFile(mScanningSession->getTailoringFilePath()); 143 | assert(tailoringFile.exists()); 144 | 145 | const QString tailoringFilePath = QString("%1/%2").arg(tailoringDir.path(), "tailoring-xccdf.xml"); 146 | 147 | ScanningSession::copyOrReplace(tailoringFile.absoluteFilePath(), 148 | tailoringFilePath); 149 | 150 | args.append(tailoringFilePath); 151 | } 152 | 153 | scapAsRPM.setArguments(args); 154 | 155 | QPointer dialog = scapAsRPM.runWithDialog(this, QObject::tr("Saving SCAP content as RPM...")); 156 | dialog->exec(); 157 | delete dialog; 158 | } 159 | -------------------------------------------------------------------------------- /src/Scanner.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "Scanner.h" 23 | #include 24 | 25 | Scanner::Scanner(): 26 | mScannerMode(SM_SCAN), 27 | mScanThread(0), 28 | mMainThread(0), 29 | mDryRun(false), 30 | mSkipValid(false), 31 | mFetchRemoteResources(false), 32 | mSession(0), 33 | mTarget("") 34 | {} 35 | 36 | Scanner::~Scanner() 37 | {} 38 | 39 | void Scanner::setScanThread(QThread* thread) 40 | { 41 | mScanThread = thread; 42 | } 43 | 44 | void Scanner::setMainThread(QThread* thread) 45 | { 46 | mMainThread = thread; 47 | } 48 | 49 | void Scanner::setDryRun(bool dryRun) 50 | { 51 | mDryRun = dryRun; 52 | } 53 | 54 | void Scanner::setSkipValid(bool skip) 55 | { 56 | mSkipValid = skip; 57 | } 58 | 59 | bool Scanner::getSkipValid() const 60 | { 61 | return mSkipValid; 62 | } 63 | 64 | void Scanner::setFetchRemoteResources(bool fetch) 65 | { 66 | mFetchRemoteResources = fetch; 67 | } 68 | 69 | bool Scanner::getFetchRemoteResources() const 70 | { 71 | return mFetchRemoteResources; 72 | } 73 | 74 | void Scanner::setSession(ScanningSession* session) 75 | { 76 | // TODO: assert that we are not running 77 | mSession = session; 78 | } 79 | 80 | ScanningSession* Scanner::getSession() const 81 | { 82 | return mSession; 83 | } 84 | 85 | void Scanner::setTarget(const QString& target) 86 | { 87 | // TODO: assert that we are not running 88 | mTarget = target; 89 | } 90 | 91 | const QString& Scanner::getTarget() const 92 | { 93 | return mTarget; 94 | } 95 | 96 | void Scanner::setScannerMode(ScannerMode mode) 97 | { 98 | // TODO: assert that we are not running 99 | mScannerMode = mode; 100 | } 101 | 102 | ScannerMode Scanner::getScannerMode() const 103 | { 104 | return mScannerMode; 105 | } 106 | 107 | void Scanner::setARFForRemediation(const QByteArray& results) 108 | { 109 | mARFForRemediation = results; 110 | } 111 | 112 | const QByteArray& Scanner::getARFForRemediation() const 113 | { 114 | return mARFForRemediation; 115 | } 116 | 117 | void Scanner::evaluateExceptionGuard() 118 | { 119 | try 120 | { 121 | evaluate(); 122 | } 123 | catch (const std::exception& e) 124 | { 125 | emit errorMessage( 126 | QObject::tr("Exception was thrown while evaluating! Details follow:\n%1").arg(QString::fromUtf8(e.what()))); 127 | signalCompletion(true); 128 | } 129 | } 130 | 131 | void Scanner::signalCompletion(bool cancel) 132 | { 133 | if (cancel) 134 | emit canceled(); 135 | else 136 | emit finished(); 137 | 138 | if (mMainThread) 139 | { 140 | moveToThread(mMainThread); 141 | } 142 | 143 | if (mScanThread) 144 | { 145 | mScanThread->quit(); 146 | mScanThread = 0; 147 | } 148 | } 149 | -------------------------------------------------------------------------------- /src/TailorProfileDialog.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013 - 2014 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "TailorProfileDialog.h" 23 | 24 | const QString TailorProfileDialog::XCCDF11ProfileIDRegExp("[a-zA-Z0-9\\-_.]+"); 25 | 26 | // Regex from XCCDF 1.2 official XSD "xccdf_[^_]+_profile_.+" 27 | // is unfortunately too permissive. 28 | // 29 | // The spec calls for xccdf_N_profile_S where N is reverse DNS-style address 30 | // and S is NCName. 31 | // 32 | // We are more strict than the spec but it keeps the regex simple and the 33 | // restrictions imposed aren't severe. 34 | 35 | const QString TailorProfileDialog::XCCDF12ProfileIDRegExp("xccdf_[a-zA-Z0-9\\-.]+_profile_[a-zA-Z0-9\\-_.]+"); 36 | 37 | TailorProfileDialog::TailorProfileDialog(const QString& startId, bool xccdf12, QWidget* parent): 38 | QDialog(parent), 39 | mRegexp(xccdf12 ? XCCDF12ProfileIDRegExp : XCCDF11ProfileIDRegExp) 40 | { 41 | mUI.setupUi(this); 42 | mUI.idLineEdit->setText(startId); 43 | onIdLineEditChanged(startId); 44 | 45 | mUI.xccdf11Warning->setVisible(!xccdf12); 46 | mUI.xccdf12Warning->setVisible(xccdf12); 47 | 48 | connect(mUI.idLineEdit, SIGNAL(textChanged(const QString&)), this, SLOT(onIdLineEditChanged(const QString&))); 49 | } 50 | 51 | TailorProfileDialog::~TailorProfileDialog() 52 | {} 53 | 54 | QString TailorProfileDialog::getProfileID() const 55 | { 56 | return mUI.idLineEdit->text(); 57 | } 58 | 59 | void TailorProfileDialog::onIdLineEditChanged(const QString& newText) 60 | { 61 | mUI.buttonBox->button(QDialogButtonBox::Ok)->setEnabled(mRegexp.exactMatch(newText)); 62 | } 63 | -------------------------------------------------------------------------------- /src/main.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013-2015 Red Hat Inc., Durham, North Carolina. 3 | * All Rights Reserved. 4 | * 5 | * This program is free software: you can redistribute it and/or modify 6 | * it under the terms of the GNU General Public License as published by 7 | * the Free Software Foundation, either version 3 of the License, or 8 | * (at your option) any later version. 9 | * 10 | * This program is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | * GNU General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU General Public License 16 | * along with this program. If not, see . 17 | * 18 | * Authors: 19 | * Martin Preisler 20 | */ 21 | 22 | #include "Application.h" 23 | #include 24 | 25 | #ifdef _WIN32 26 | #define WIN32_LEAN_AND_MEAN 27 | #include 28 | #endif 29 | 30 | int main(int argc, char** argv) 31 | { 32 | #ifdef _WIN32 33 | // Free the console window if it has been spawned. 34 | // Leaves everything intact if started from the command line. 35 | FreeConsole(); 36 | #endif 37 | 38 | Application app(argc, argv); 39 | return app.exec(); 40 | } 41 | -------------------------------------------------------------------------------- /ui/CommandLineArgsDialog.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | CommandLineArgsDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 896 10 | 331 11 | 12 | 13 | 14 | Command-line arguments for OpenSCAP evaluation 15 | 16 | 17 | 18 | 19 | 20 | 21 | monospace 22 | 23 | 24 | 25 | true 26 | 27 | 28 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> 29 | <html><head><meta name="qrichtext" content="1" /><style type="text/css"> 30 | p, li { white-space: pre-wrap; } 31 | </style></head><body style=" font-family:'monospace'; font-size:10pt; font-weight:400; font-style:normal;"> 32 | <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"><br /></p></body></html> 33 | 34 | 35 | false 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 0 44 | 0 45 | 46 | 47 | 48 | 49 | 0 50 | 51 | 52 | 53 | 54 | Qt::Horizontal 55 | 56 | 57 | 58 | 40 59 | 20 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | Copy to clipboard 68 | 69 | 70 | 71 | 72 | 73 | 74 | Qt::Vertical 75 | 76 | 77 | 78 | 79 | 80 | 81 | Close 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | -------------------------------------------------------------------------------- /ui/DiagnosticsDialog.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | DiagnosticsDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 896 10 | 331 11 | 12 | 13 | 14 | Diagnostics 15 | 16 | 17 | 18 | 19 | 20 | The messages are displayed in the order they were reported (top-down). 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | monospace 29 | 30 | 31 | 32 | true 33 | 34 | 35 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> 36 | <html><head><meta name="qrichtext" content="1" /><style type="text/css"> 37 | p, li { white-space: pre-wrap; } 38 | </style></head><body style=" font-family:'monospace'; font-size:11pt; font-weight:400; font-style:normal;"> 39 | <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-size:10pt;"><br /></p></body></html> 40 | 41 | 42 | false 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 0 51 | 0 52 | 53 | 54 | 55 | 56 | 0 57 | 58 | 59 | 60 | 61 | Clear Messages 62 | 63 | 64 | 65 | 66 | 67 | 68 | Qt::Horizontal 69 | 70 | 71 | 72 | 40 73 | 20 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | Copy to clipboard 82 | 83 | 84 | 85 | 86 | 87 | 88 | Qt::Vertical 89 | 90 | 91 | 92 | 93 | 94 | 95 | Close 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | -------------------------------------------------------------------------------- /ui/ProcessProgress.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | ProcessProgressDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 700 10 | 291 11 | 12 | 13 | 14 | Process Progress 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 0 24 | 25 | 26 | -1 27 | 28 | 29 | false 30 | 31 | 32 | 33 | 34 | 35 | 36 | Qt::Horizontal 37 | 38 | 39 | QDialogButtonBox::Cancel 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | buttonBox 49 | accepted() 50 | ProcessProgressDialog 51 | accept() 52 | 53 | 54 | 248 55 | 254 56 | 57 | 58 | 157 59 | 274 60 | 61 | 62 | 63 | 64 | buttonBox 65 | rejected() 66 | ProcessProgressDialog 67 | reject() 68 | 69 | 70 | 316 71 | 260 72 | 73 | 74 | 286 75 | 274 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /ui/ProfilePropertiesDockWidget.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | ProfilePropertiesDockWidget 4 | 5 | 6 | 7 | 0 8 | 0 9 | 400 10 | 335 11 | 12 | 13 | 14 | 15 | 400 16 | 193 17 | 18 | 19 | 20 | Profile Properties 21 | 22 | 23 | 24 | 25 | 0 26 | 27 | 28 | 0 29 | 30 | 31 | 0 32 | 33 | 34 | 0 35 | 36 | 37 | 38 | 39 | true 40 | 41 | 42 | 43 | 44 | 0 45 | 0 46 | 398 47 | 314 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 12 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | false 64 | 65 | 66 | false 67 | 68 | 69 | false 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 75 78 | true 79 | 80 | 81 | 82 | Description 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 75 91 | true 92 | 93 | 94 | 95 | Title 96 | 97 | 98 | Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter 99 | 100 | 101 | 5 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | true 110 | 111 | 112 | 113 | ID 114 | 115 | 116 | Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter 117 | 118 | 119 | 5 120 | 121 | 122 | 123 | 124 | 125 | 126 | true 127 | 128 | 129 | 130 | 12 131 | 132 | 133 | 134 | border: 1px solid #000; 135 | background: transparent; 136 | 137 | 138 | true 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | -------------------------------------------------------------------------------- /ui/RemoteMachineComboBox.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | RemoteMachineComboBox 4 | 5 | 6 | 7 | 0 8 | 0 9 | 609 10 | 42 11 | 12 | 13 | 14 | RemoteMachineComboBox 15 | 16 | 17 | 18 | 0 19 | 20 | 21 | 0 22 | 23 | 24 | 0 25 | 26 | 27 | 0 28 | 29 | 30 | 31 | 32 | 33 | 0 34 | 0 35 | 36 | 37 | 38 | 39 | 105 40 | 27 41 | 42 | 43 | 44 | 45 | 75 46 | true 47 | 48 | 49 | 50 | User and host 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 0 59 | 0 60 | 61 | 62 | 63 | 64 | 150 65 | 0 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 75 | true 76 | 77 | 78 | 79 | Port 80 | 81 | 82 | 83 | 84 | 85 | 86 | true 87 | 88 | 89 | 90 | 0 91 | 0 92 | 93 | 94 | 95 | QAbstractSpinBox::NoButtons 96 | 97 | 98 | 1 99 | 100 | 101 | 65535 102 | 103 | 104 | 22 105 | 106 | 107 | 108 | 109 | 110 | 111 | Check if the remote user doesn't have root privileges, but they can perform administrative tasks using paswordless sudo. 112 | 113 | 114 | user is sudoer 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 0 123 | 0 124 | 125 | 126 | 127 | 128 | 150 129 | 0 130 | 131 | 132 | 133 | 134 | 250 135 | 27 136 | 137 | 138 | 139 | List of recent hosts. 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | -------------------------------------------------------------------------------- /ui/ResultViewer.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | ResultViewer 4 | 5 | 6 | 7 | 0 8 | 0 9 | 392 10 | 31 11 | 12 | 13 | 14 | 15 | 0 16 | 17 | 18 | 19 | 20 | 21 | 0 22 | 0 23 | 24 | 25 | 26 | 27 | 0 28 | 29 | 30 | 31 | 32 | 33 | 13 34 | 35 | 36 | 37 | Saves results of this evaluation. (Ctrl+S) 38 | 39 | 40 | Save Results 41 | 42 | 43 | Ctrl+S 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 13 52 | 53 | 54 | 55 | Generate remediation that contains fix for every rule that failed in the scan. However, note that not every rule implements a fix. 56 | 57 | 58 | Generate remediation 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 13 67 | 68 | 69 | 70 | Opens the HTML report in the default browser of your desktop environment 71 | 72 | 73 | &Show Report 74 | 75 | 76 | 77 | 78 | openReportButton 79 | genRemediationButton 80 | saveButton 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | -------------------------------------------------------------------------------- /ui/RuleResultItem.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | RuleResultItem 4 | 5 | 6 | 7 | 0 8 | 0 9 | 802 10 | 94 11 | 12 | 13 | 14 | 15 | 0 16 | 0 17 | 18 | 19 | 20 | 21 | 2 22 | 23 | 24 | 25 | 26 | 27 | 0 28 | 0 29 | 30 | 31 | 32 | 33 | 0 34 | 35 | 36 | 0 37 | 38 | 39 | 40 | 41 | 42 | 0 43 | 0 44 | 45 | 46 | 47 | 48 | 20 49 | 0 50 | 51 | 52 | 53 | PointingHandCursor 54 | 55 | 56 | Qt::NoFocus 57 | 58 | 59 | Show/Hide description of this XCCDF rule 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 0 71 | 0 72 | 73 | 74 | 75 | PointingHandCursor 76 | 77 | 78 | Qt::NoFocus 79 | 80 | 81 | Qt::NoContextMenu 82 | 83 | 84 | text-align: left; border: 0; padding-left: 5px; 85 | 86 | 87 | Title 88 | 89 | 90 | true 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 0 99 | 0 100 | 101 | 102 | 103 | 104 | 150 105 | 0 106 | 107 | 108 | 109 | text-align: center; font-weight: bold; color: #ffffff; padding: 3px; 110 | 111 | 112 | 113 | 114 | 115 | Qt::AlignCenter 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | margin-left: 25px; border: 1px solid #ddd; color: #000000; 126 | 127 | 128 | 129 | 130 | 131 | Qt::RichText 132 | 133 | 134 | Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop 135 | 136 | 137 | true 138 | 139 | 140 | Qt::LinksAccessibleByMouse|Qt::TextSelectableByMouse 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | title 150 | clicked() 151 | showDescriptionCheckBox 152 | toggle() 153 | 154 | 155 | 52 156 | 10 157 | 158 | 159 | 8 160 | 15 161 | 162 | 163 | 164 | 165 | 166 | -------------------------------------------------------------------------------- /ui/RuleResultsTree.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | RuleResultsTree 4 | 5 | 6 | 7 | 0 8 | 0 9 | 640 10 | 480 11 | 12 | 13 | 14 | Form 15 | 16 | 17 | 18 | 0 19 | 20 | 21 | 0 22 | 23 | 24 | 25 | 26 | true 27 | 28 | 29 | Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop 30 | 31 | 32 | 33 | 34 | 0 35 | 0 36 | 636 37 | 476 38 | 39 | 40 | 41 | false 42 | 43 | 44 | background: white; color: #000000; 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | -------------------------------------------------------------------------------- /ui/SSGIntegrationDialog.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | SSGIntegrationDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 889 10 | 330 11 | 12 | 13 | 14 | 15 | 0 16 | 0 17 | 18 | 19 | 20 | 21 | 0 22 | 0 23 | 24 | 25 | 26 | Open SCAP Security Guide 27 | 28 | 29 | 30 | 31 | 32 | 12 33 | 34 | 35 | 36 | 37 | 38 | 0 39 | 0 40 | 41 | 42 | 43 | 44 | 45 | 46 | true 47 | 48 | 49 | Qt::AlignCenter 50 | 51 | 52 | true 53 | 54 | 55 | 56 | 57 | 58 | 59 | QLayout::SetMinimumSize 60 | 61 | 62 | 0 63 | 64 | 65 | 66 | 67 | 68 | 0 69 | 0 70 | 71 | 72 | 73 | <html><head/><body><p>SCAP Security Guide was found installed on this machine.</p><p>The content provided by SCAP Security Guide allows you to quickly scan your machine according to well stablished security baselines.</p><p>Also, these guides are a good starting point if you'd like to customize a policy or profile for your own needs.</p><p>Select one of the default guides to load, or select Other SCAP Content option to load your own content.</p></body></html> 74 | 75 | 76 | Qt::AutoText 77 | 78 | 79 | Qt::AlignJustify|Qt::AlignVCenter 80 | 81 | 82 | true 83 | 84 | 85 | 5 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 75 96 | true 97 | 98 | 99 | 100 | Select content to load: 101 | 102 | 103 | Qt::AutoText 104 | 105 | 106 | 107 | 108 | 109 | 110 | 15 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | Qt::Vertical 120 | 121 | 122 | QSizePolicy::MinimumExpanding 123 | 124 | 125 | 126 | 20 127 | 20 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | Qt::Horizontal 138 | 139 | 140 | 141 | 40 142 | 20 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | Dismiss 151 | 152 | 153 | 154 | 155 | 156 | 157 | Load Content 158 | 159 | 160 | true 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | -------------------------------------------------------------------------------- /ui/SaveAsRPMDialog.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | SaveAsRPMDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 632 10 | 183 11 | 12 | 13 | 14 | Save as RPM 15 | 16 | 17 | true 18 | 19 | 20 | 21 | 22 | 23 | 24 | QFormLayout::ExpandingFieldsGrow 25 | 26 | 27 | 28 | 29 | Package Name 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | Version 40 | 41 | 42 | 43 | 44 | 45 | 46 | 1 47 | 48 | 49 | 50 | 51 | 52 | 53 | Release 54 | 55 | 56 | 57 | 58 | 59 | 60 | 1 61 | 62 | 63 | 9999 64 | 65 | 66 | 67 | 68 | 69 | 70 | Summary 71 | 72 | 73 | 74 | 75 | 76 | 77 | License 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 0 89 | 0 90 | 91 | 92 | 93 | true 94 | 95 | 96 | 97 | Unspecified 98 | 99 | 100 | 101 | 102 | Public Domain 103 | 104 | 105 | 106 | 107 | GPLv2+ 108 | 109 | 110 | 111 | 112 | CC-BY-SA 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | Qt::Horizontal 124 | 125 | 126 | QDialogButtonBox::Cancel|QDialogButtonBox::Ok 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | buttonBox 136 | accepted() 137 | SaveAsRPMDialog 138 | accept() 139 | 140 | 141 | 248 142 | 254 143 | 144 | 145 | 157 146 | 274 147 | 148 | 149 | 150 | 151 | buttonBox 152 | rejected() 153 | SaveAsRPMDialog 154 | reject() 155 | 156 | 157 | 316 158 | 260 159 | 160 | 161 | 286 162 | 274 163 | 164 | 165 | 166 | 167 | 168 | -------------------------------------------------------------------------------- /ui/TailorProfileDialog.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | TailorProfileDialog 4 | 5 | 6 | 7 | 0 8 | 0 9 | 640 10 | 227 11 | 12 | 13 | 14 | 15 | 0 16 | 0 17 | 18 | 19 | 20 | Customize Profile 21 | 22 | 23 | 24 | QFormLayout::AllNonFixedFieldsGrow 25 | 26 | 27 | 28 | 29 | 30 | 0 31 | 0 32 | 33 | 34 | 35 | 36 | 37 | 38 | Qt::AlignCenter 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 0 47 | 0 48 | 49 | 50 | 51 | <html><head/><body><p>Choose the ID of your profile.</p><p><span style=" font-weight:600;">Warning</span>: Choose it wisely. It cannot be changed later and may be required if you choose to use command line tools or various integrations of OpenSCAP.</p></body></html> 52 | 53 | 54 | Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter 55 | 56 | 57 | true 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 0 66 | 0 67 | 68 | 69 | 70 | <html><head/><body><p>The ID has to have a format of &quot;xccdf_<span style=" font-weight:600;">{reverse DNS}</span>_profile_<span style=" font-weight:600;">{rest of the ID}</span>. <br/>For example &quot;xccdf_<span style=" font-weight:600;">org.mycorporation</span>_profile_<span style=" font-weight:600;">server</span>&quot;.</p></body></html> 71 | 72 | 73 | Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter 74 | 75 | 76 | true 77 | 78 | 79 | 80 | 81 | 82 | 83 | QLayout::SetDefaultConstraint 84 | 85 | 86 | 87 | 88 | 89 | 75 90 | true 91 | 92 | 93 | 94 | New Profile ID 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | dialogbuttonbox-buttons-have-icons: 0; 107 | 108 | 109 | Qt::Horizontal 110 | 111 | 112 | QDialogButtonBox::Cancel|QDialogButtonBox::Ok 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | buttonBox 122 | accepted() 123 | TailorProfileDialog 124 | accept() 125 | 126 | 127 | 248 128 | 254 129 | 130 | 131 | 157 132 | 274 133 | 134 | 135 | 136 | 137 | buttonBox 138 | rejected() 139 | TailorProfileDialog 140 | reject() 141 | 142 | 143 | 316 144 | 260 145 | 146 | 147 | 286 148 | 274 149 | 150 | 151 | 152 | 153 | 154 | -------------------------------------------------------------------------------- /ui/TailoringWindow.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | TailoringWindow 4 | 5 | 6 | Qt::ApplicationModal 7 | 8 | 9 | 10 | 0 11 | 0 12 | 1200 13 | 830 14 | 15 | 16 | 17 | Customizing '%1' 18 | 19 | 20 | 21 | 22 | 0 23 | 24 | 25 | 26 | 27 | Qt::ScrollBarAsNeeded 28 | 29 | 30 | false 31 | 32 | 33 | 34 | 22 35 | 22 36 | 37 | 38 | 39 | Qt::ElideNone 40 | 41 | 42 | true 43 | 44 | 45 | false 46 | 47 | 48 | 2 49 | 50 | 51 | false 52 | 53 | 54 | 150 55 | 56 | 57 | false 58 | 59 | 60 | 61 | Title 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | Closes this window, discards any changes and deletes the profile that was being customized. 78 | 79 | 80 | Delete profile 81 | 82 | 83 | 84 | 85 | 86 | 87 | Qt::Horizontal 88 | 89 | 90 | 91 | 40 92 | 20 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | Closes this window and discards all changes. 101 | 102 | 103 | Cancel 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 10 112 | 75 113 | true 114 | 115 | 116 | 117 | Confirms customization, returns to the main window. 118 | 119 | 120 | OK 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 0 133 | 0 134 | 1200 135 | 25 136 | 137 | 138 | 139 | 140 | 141 | Toolbar 142 | 143 | 144 | 145 | 32 146 | 32 147 | 148 | 149 | 150 | TopToolBarArea 151 | 152 | 153 | false 154 | 155 | 156 | 157 | 158 | 159 | 160 | -------------------------------------------------------------------------------- /win32-resource.rc.in: -------------------------------------------------------------------------------- 1 | 1 ICON "@CMAKE_SOURCE_DIR@/AppIcon.ico" 2 | 1 VERSIONINFO 3 | FILEVERSION @SCAP_WORKBENCH_VERSION_MAJOR@,@SCAP_WORKBENCH_VERSION_MINOR@,@SCAP_WORKBENCH_VERSION_PATCH@,0 4 | PRODUCTVERSION @SCAP_WORKBENCH_VERSION_MAJOR@,@SCAP_WORKBENCH_VERSION_MINOR@,@SCAP_WORKBENCH_VERSION_PATCH@,0 5 | BEGIN 6 | BLOCK "StringFileInfo" 7 | BEGIN 8 | BLOCK "040904E4" 9 | BEGIN 10 | VALUE "CompanyName", "OpenSCAP" 11 | VALUE "FileDescription", "SCAP Workbench" 12 | VALUE "FileVersion", "@SCAP_WORKBENCH_VERSION@" 13 | VALUE "InternalName", "scap-workbench" 14 | VALUE "LegalCopyright", "2013-2015 Red Hat, Inc." 15 | VALUE "OriginalFilename", "scap-workbench.exe" 16 | VALUE "ProductName", "SCAP Workbench" 17 | VALUE "ProductVersion", "@SCAP_WORKBENCH_VERSION@" 18 | END 19 | END 20 | 21 | BLOCK "VarFileInfo" 22 | BEGIN 23 | VALUE "Translation", 0x409, 1252 24 | END 25 | END 26 | --------------------------------------------------------------------------------