adamwill / rpms / openscap

Forked from rpms/openscap 3 years ago
Clone
Blob Blame History Raw
diff --git a/configure.ac b/configure.ac
index 91fba1390..bbc525454 100644
--- a/configure.ac
+++ b/configure.ac
@@ -311,6 +311,21 @@ AC_SUBST([PTHREAD_LIBS])
 PKG_CHECK_MODULES([curl], [libcurl >= 7.12.0],[],
                           AC_MSG_FAILURE([libcurl devel support is missing]))
 
+AC_MSG_CHECKING([whether libcurl supports CURLOPT_ACCEPT_ENCODING and CURLOPT_TRANSFER_ENCODING])
+AC_COMPILE_IFELSE(
+	[AC_LANG_PROGRAM(
+		[[#include <curl/curl.h>
+		#include <curl/easy.h>]],
+		[[CURL *curl; curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, ""); curl_easy_setopt(curl, CURLOPT_TRANSFER_ENCODING, 0);]])],
+	[AC_DEFINE([HAVE_CURL_WITH_COMPRESSION], 1, [libcurl is new enough to have support for data compression])
+	AC_MSG_RESULT([yes])]
+	curl_accepts_encoding=yes,
+	[AC_MSG_RESULT([no])
+	AC_MSG_NOTICE([libcurl doesnt support any compression with CURLOPT_ACCEPT_ENCODING])
+	curl_accepts_encoding=no]
+)
+AM_CONDITIONAL([CURLOPT_ACCEPT_ENCODING], [test "$curl_accepts_encoding" = yes])
+
 PKG_CHECK_MODULES([xml2], [libxml-2.0 >= 2.0],[],
 			  AC_MSG_FAILURE([libxml-2.0 devel support is missing]))
 
@@ -1576,6 +1591,7 @@ AC_CONFIG_FILES([Makefile
 		tests/nist/Makefile
 		tests/offline_mode/Makefile
 
+		tests/curl/Makefile
                  src/SCE/Makefile
                  tests/sce/Makefile])
 
diff --git a/src/common/oscap_acquire.c b/src/common/oscap_acquire.c
index 70dbbea7c..997e69117 100644
--- a/src/common/oscap_acquire.c
+++ b/src/common/oscap_acquire.c
@@ -39,6 +39,7 @@
 #include "common/oscap_buffer.h"
 #include "common/_error.h"
 #include "oscap_string.h"
+#include "debug_priv.h"
 
 #ifndef OSCAP_TEMP_DIR
 #define OSCAP_TEMP_DIR "/tmp"
@@ -142,6 +143,34 @@ oscap_acquire_url_to_filename(const char *url)
 	return filename;
 }
 
+static int _curl_trace(CURL *handle, curl_infotype type, char *data, size_t size, void *userp)
+{
+	const char *title;
+
+	switch (type) {
+	case CURLINFO_TEXT:
+		title = "== cURL info";
+		break;
+	case CURLINFO_HEADER_OUT:
+		title = "=> cURL header (out)";
+		break;
+	case CURLINFO_HEADER_IN:
+		title = "<= cURL header (in)";
+		break;
+	case CURLINFO_DATA_OUT:
+	case CURLINFO_SSL_DATA_OUT:
+	case CURLINFO_DATA_IN:
+	case CURLINFO_SSL_DATA_IN:
+	default:
+		return 0;
+		break;
+	}
+
+	dD("%s: %s", title, data);
+
+	return 0;
+}
+
 char* oscap_acquire_url_download(const char *url, size_t* memory_size)
 {
 	CURL *curl;
@@ -156,7 +185,13 @@ char* oscap_acquire_url_download(const char *url, size_t* memory_size)
 	curl_easy_setopt(curl, CURLOPT_URL, url);
 	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_to_memory_callback);
 	curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
+#ifdef HAVE_CURL_WITH_COMPRESSION
+	curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, "");
+	curl_easy_setopt(curl, CURLOPT_TRANSFER_ENCODING, true);
+#endif
 	curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, true);
+	curl_easy_setopt(curl, CURLOPT_VERBOSE, true);
+	curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, _curl_trace);
 
 	CURLcode res = curl_easy_perform(curl);
 	curl_easy_cleanup(curl);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index f15c45702..1d10cc7d7 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -22,6 +22,7 @@ SUBDIRS = \
 	bz2 \
 	codestyle \
 	CPE \
+	curl \
 	DS \
 	sources \
 	schemas \
diff --git a/tests/curl/Makefile.am b/tests/curl/Makefile.am
new file mode 100644
index 000000000..118c53ea1
--- /dev/null
+++ b/tests/curl/Makefile.am
@@ -0,0 +1,16 @@
+DISTCLEANFILES = *.log *.results oscap_debug.log.*
+CLEANFILES = *.log *.results oscap_debug.log.*
+
+TESTS_ENVIRONMENT = \
+		builddir=$(top_builddir) \
+		OSCAP_FULL_VALIDATION=1 \
+		$(top_builddir)/run
+
+TESTS =
+
+if CURLOPT_ACCEPT_ENCODING
+TESTS += test_curl_encoding.sh
+endif
+
+EXTRA_DIST =	test_curl_encoding.sh \
+		ds.xml
diff --git a/tests/curl/ds.xml b/tests/curl/ds.xml
new file mode 100644
index 000000000..f33cb475d
--- /dev/null
+++ b/tests/curl/ds.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ds:data-stream-collection xmlns:ds="http://scap.nist.gov/schema/scap/source/1.2" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:cat="urn:oasis:names:tc:entity:xmlns:xml:catalog" id="scap_org.open-scap_collection_from_xccdf_test_single_rule.xccdf.xml" schematron-version="1.3">
+<ds:data-stream id="scap_org.open-scap_datastream_from_xccdf_test_single_rule.xccdf.xml" scap-version="1.3" use-case="OTHER">
+  <ds:checklists>
+    <ds:component-ref id="scap_org.open-scap_cref_test_single_rule.xccdf.xml" xlink:href="#scap_org.open-scap_comp_test_single_rule.xccdf.xml">
+      <cat:catalog>
+        <cat:uri name="test_single_rule.oval.xml" uri="#scap_org.open-scap_cref_test_single_rule.oval.xml"/>
+        <cat:uri name="security-data-oval.xml.bz2" uri="#scap_org.open-scap_cref_security-data-oval.xml.bz2"/>
+      </cat:catalog>
+    </ds:component-ref>
+  </ds:checklists>
+  <ds:checks>
+    <ds:component-ref id="scap_org.open-scap_cref_test_single_rule.oval.xml" xlink:href="#scap_org.open-scap_comp_test_single_rule.oval.xml"/>
+<!--
+    <ds:component-ref id="scap_org.open-scap_cref_security-data-oval.xml.bz2" xlink:href="https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml"/>
+-->
+    <ds:component-ref id="scap_org.open-scap_cref_security-data-oval.xml.bz2" xlink:href="https://github.com/"/>
+  </ds:checks>
+</ds:data-stream>
+
+<ds:component id="scap_org.open-scap_comp_test_single_rule.oval.xml" timestamp="2017-06-09T07:07:38">
+<oval_definitions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd    http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd   http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd">
+  <generator>
+    <oval:schema_version>5.11</oval:schema_version>
+    <oval:timestamp>2009-01-12T10:41:00-05:00</oval:timestamp>
+  </generator>
+
+  <definitions>
+    <definition class="compliance" id="oval:test-pass:def:1" version="1">
+      <metadata>
+        <title>PASS</title>
+        <description>pass</description>
+      </metadata>
+      <criteria>
+        <criterion comment="PASS test" test_ref="oval:x:tst:1"/>
+      </criteria>
+    </definition>
+  </definitions>
+
+    <tests>
+    <variable_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:x:tst:1" check="all" comment="always pass" version="1">
+      <object object_ref="oval:x:obj:1"/>
+    </variable_test>
+    </tests>
+
+    <objects>
+    <variable_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:x:obj:1" version="1" comment="x">
+      <var_ref>oval:x:var:1</var_ref>
+    </variable_object>
+    </objects>
+
+    <variables>
+      <constant_variable id="oval:x:var:1" version="1" comment="x" datatype="int">
+        <value>100</value>
+      </constant_variable>
+    </variables>
+
+</oval_definitions>
+</ds:component>
+
+<ds:component id="scap_org.open-scap_comp_test_single_rule.xccdf.xml" timestamp="2017-06-09T09:15:45">
+<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="xccdf_com.example.www_benchmark_dummy" xml:lang="en-US">
+  <status>accepted</status>
+  <version>1.0</version>
+
+  <Profile id="xccdf_com.example.www_profile_test_remote_res">
+    <title>xccdf_test_profile</title>
+    <description>This profile is for testing.</description>
+    <select idref="xccdf_com.example.www_rule_test-pass" selected="true"/>
+    <select idref="xccdf_com.example.www_rule_test-remote_res" selected="true"/>
+  </Profile>
+
+  <Value id="xccdf_com.example.www_value_val1" type="number" operator="equals" interactive="0">
+    <title>test value</title>
+    <description>foo</description>
+    <value selector="bar_1">50</value>
+    <value selector="bar_2">100</value>
+  </Value>
+  <Rule selected="true" id="xccdf_com.example.www_rule_test-pass">
+    <title>This rule always pass</title>
+    <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+      <check-content-ref href="test_single_rule.oval.xml" name="oval:test-pass:def:1"/>
+    </check>
+  </Rule>
+  <Rule selected="true" id="xccdf_com.example.www_rule_test-remote_res">
+    <title>This rule checks remote resource</title>
+    <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" multi-check="true">
+      <check-content-ref href="security-data-oval.xml.bz2"/>
+    </check>
+  </Rule>
+  <Rule selected="true" id="xccdf_com.example.www_rule_test-pass2">
+    <title>This rule always pass</title>
+    <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+      <check-content-ref href="test_single_rule.oval.xml" name="oval:test-pass:def:1"/>
+    </check>
+  </Rule>
+</Benchmark>
+</ds:component>
+</ds:data-stream-collection>
diff --git a/tests/curl/test_curl_encoding.sh b/tests/curl/test_curl_encoding.sh
new file mode 100755
index 000000000..674abf691
--- /dev/null
+++ b/tests/curl/test_curl_encoding.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -e -o pipefail
+
+. $builddir/tests/test_common.sh
+
+function curl_accept_encoding {
+	local DF="${srcdir}/ds.xml"
+	local RF="results.xml"
+	local LOG="verbose.log"
+
+	$OSCAP xccdf eval --verbose=DEVEL --fetch-remote-resources --results $RF $DF 2>$LOG || echo "OK"
+
+	grep -P "Accept-Encoding.*gzip" $LOG
+
+	return 0
+}
+
+test_init
+
+test_run "cURL: Accept-Encoding" curl_accept_encoding
+
+test_exit