From 4c54b1cfb05961bde8248e03d27cabeca967e211 Mon Sep 17 00:00:00 2001 From: Watson Sato Date: Mon, 17 Aug 2020 10:59:15 +0200 Subject: [PATCH] Remove SCAP-1.3 SCAPVAL workarounds These changes to the DS cause SRC-330 to fail in SCAPVAL-1.3.5. In SCAPVAL-1.3.5 was fixed and these false positive workarounds are not necessary anymore. --- tests/run_scapval.py | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/tests/run_scapval.py b/tests/run_scapval.py index e1dd806ca1..bc2655b9fd 100755 --- a/tests/run_scapval.py +++ b/tests/run_scapval.py @@ -46,35 +46,9 @@ def process_results(result_path): return ret_val -def workaround_datastream(datastream_path): - tree = ET.parse(datastream_path) - root = tree.getroot() - # group_id and user_id cannot be zero - # tracked at https://github.com/OVAL-Community/OVAL/issues/23 - for group_id_element in root.findall(".//{%s}group_id" % oval_unix_ns): - if group_id_element.text is not None: - group_id_element.text = "-1" - for user_id_element in root.findall(".//{%s}user_id" % oval_unix_ns): - if user_id_element.text is not None: - user_id_element.text = "-1" - # OCIL checks for security_patches_up_to_date is causing fail - # of SRC-377, when requirement is about OVAL checks. - rule_id = "xccdf_org.ssgproject.content_rule_security_patches_up_to_date" - for rule in root.findall(".//{%s}Rule[@id=\"%s\"]" % (xccdf_ns, rule_id)): - for check in rule.findall("{%s}check" % xccdf_ns): - system = check.get("system") - if system == "http://scap.nist.gov/schema/ocil/2": - rule.remove(check) - output_path = datastream_path + ".workaround.xml" - tree.write(output_path) - return output_path - - def test_datastream(datastream_path, scapval_path, scap_version): result_path = datastream_path + ".result.xml" report_path = datastream_path + ".report.html" - if scap_version == "1.3": - datastream_path = workaround_datastream(datastream_path) scapval_command = [ "java", "-Xmx1024m",