[Oval-commits] r389 - in trunk/ovaldi: debian docs doxygen project/Win32/VC8 project/linux rpm src src/linux src/probes/independent src/probes/linux src/probes/unix src/probes/windows src/solaris src/windows xml
Pavel Vinogradov
blaze-guest at alioth.debian.org
Sat May 2 11:24:25 UTC 2009
Author: blaze-guest
Date: 2009-05-02 11:24:18 +0000 (Sat, 02 May 2009)
New Revision: 389
Added:
trunk/ovaldi/src/ArithmeticFunction.cpp
trunk/ovaldi/src/ArithmeticFunction.h
trunk/ovaldi/src/BeginFunction.cpp
trunk/ovaldi/src/BeginFunction.h
trunk/ovaldi/src/EndFunction.cpp
trunk/ovaldi/src/EndFunction.h
trunk/ovaldi/src/RegexCaptureFunction.cpp
trunk/ovaldi/src/RegexCaptureFunction.h
trunk/ovaldi/src/SplitFunction.cpp
trunk/ovaldi/src/SplitFunction.h
trunk/ovaldi/src/TimeDifferenceFunction.cpp
trunk/ovaldi/src/TimeDifferenceFunction.h
trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.cpp
trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.h
trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.cpp
trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.h
trunk/ovaldi/src/probes/windows/SidSidProbe.cpp
trunk/ovaldi/src/probes/windows/SidSidProbe.h
trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.cpp
trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.h
trunk/ovaldi/src/windows/WMIItem.h
trunk/ovaldi/src/windows/WMIUtil.cpp
trunk/ovaldi/src/windows/WMIUtil.h
trunk/ovaldi/xml/pixos-definitions-schema.xsd
trunk/ovaldi/xml/pixos-system-characteristics-schema.xsd
Modified:
trunk/ovaldi/debian/TODO.Debian
trunk/ovaldi/debian/changelog
trunk/ovaldi/debian/control
trunk/ovaldi/debian/copyright
trunk/ovaldi/debian/rules
trunk/ovaldi/docs/README.txt
trunk/ovaldi/docs/build.linux.txt
trunk/ovaldi/docs/version.txt
trunk/ovaldi/doxygen/doxygen.linux.config
trunk/ovaldi/doxygen/doxygen.solaris.config
trunk/ovaldi/doxygen/doxygen.windows.config
trunk/ovaldi/project/Win32/VC8/OVALInterpreter.vcproj
trunk/ovaldi/project/linux/Makefile
trunk/ovaldi/project/linux/ovaldi.sh
trunk/ovaldi/rpm/ovaldi.spec
trunk/ovaldi/src/AbsDataCollector.cpp
trunk/ovaldi/src/AbsEntity.cpp
trunk/ovaldi/src/AbsEntity.h
trunk/ovaldi/src/AbsFileFinder.cpp
trunk/ovaldi/src/AbsFunctionComponent.cpp
trunk/ovaldi/src/AbsFunctionComponent.h
trunk/ovaldi/src/AbsObject.cpp
trunk/ovaldi/src/Analyzer.cpp
trunk/ovaldi/src/Analyzer.h
trunk/ovaldi/src/Common.cpp
trunk/ovaldi/src/Common.h
trunk/ovaldi/src/ComponentFactory.cpp
trunk/ovaldi/src/ComponentFactory.h
trunk/ovaldi/src/ConcatFunction.cpp
trunk/ovaldi/src/DocumentManager.cpp
trunk/ovaldi/src/DocumentManager.h
trunk/ovaldi/src/EntityComparator.cpp
trunk/ovaldi/src/EntityComparator.h
trunk/ovaldi/src/ExternalVariable.cpp
trunk/ovaldi/src/ExternalVariable.h
trunk/ovaldi/src/Filter.cpp
trunk/ovaldi/src/FilterEntity.cpp
trunk/ovaldi/src/FilterEntity.h
trunk/ovaldi/src/LocalVariable.cpp
trunk/ovaldi/src/Log.h
trunk/ovaldi/src/Main.cpp
trunk/ovaldi/src/Main.h
trunk/ovaldi/src/Object.cpp
trunk/ovaldi/src/Object.h
trunk/ovaldi/src/ObjectEntity.cpp
trunk/ovaldi/src/ObjectEntity.h
trunk/ovaldi/src/ObjectReader.cpp
trunk/ovaldi/src/OvalEnum.cpp
trunk/ovaldi/src/OvalEnum.h
trunk/ovaldi/src/REGEX.cpp
trunk/ovaldi/src/StateEntity.cpp
trunk/ovaldi/src/StateEntity.h
trunk/ovaldi/src/SubstringFunction.cpp
trunk/ovaldi/src/Test.cpp
trunk/ovaldi/src/Test.h
trunk/ovaldi/src/Version.cpp
trunk/ovaldi/src/Version.h
trunk/ovaldi/src/XmlProcessor.cpp
trunk/ovaldi/src/XmlProcessor.h
trunk/ovaldi/src/XslCommon.cpp
trunk/ovaldi/src/linux/ProbeFactory.cpp
trunk/ovaldi/src/linux/SystemInfo.cpp
trunk/ovaldi/src/probes/independent/EnvironmentVariableProbe.cpp
trunk/ovaldi/src/probes/independent/FamilyProbe.cpp
trunk/ovaldi/src/probes/independent/FileHashProbe.cpp
trunk/ovaldi/src/probes/independent/FileMd5Probe.cpp
trunk/ovaldi/src/probes/independent/TextFileContentProbe.cpp
trunk/ovaldi/src/probes/independent/VariableProbe.cpp
trunk/ovaldi/src/probes/independent/XmlFileContentProbe.cpp
trunk/ovaldi/src/probes/linux/DPKGInfoProbe.cpp
trunk/ovaldi/src/probes/linux/InetListeningServersProbe.cpp
trunk/ovaldi/src/probes/linux/RPMInfoProbe.cpp
trunk/ovaldi/src/probes/linux/RPMInfoProbe.h
trunk/ovaldi/src/probes/unix/ProcessProbe.cpp
trunk/ovaldi/src/probes/windows/AccessTokenProbe.cpp
trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.cpp
trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.h
trunk/ovaldi/src/probes/windows/GroupProbe.cpp
trunk/ovaldi/src/probes/windows/GroupProbe.h
trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.cpp
trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.h
trunk/ovaldi/src/probes/windows/RegistryProbe.cpp
trunk/ovaldi/src/probes/windows/SidProbe.cpp
trunk/ovaldi/src/probes/windows/SidProbe.h
trunk/ovaldi/src/probes/windows/UserProbe.cpp
trunk/ovaldi/src/probes/windows/WMIProbe.cpp
trunk/ovaldi/src/solaris/ProbeFactory.cpp
trunk/ovaldi/src/solaris/SystemInfo.cpp
trunk/ovaldi/src/windows/FileFinder.cpp
trunk/ovaldi/src/windows/ProbeFactory.cpp
trunk/ovaldi/src/windows/ProbeFactory.h
trunk/ovaldi/src/windows/SystemInfo.cpp
trunk/ovaldi/src/windows/SystemInfo.h
trunk/ovaldi/src/windows/WindowsCommon.cpp
trunk/ovaldi/src/windows/WindowsCommon.h
trunk/ovaldi/xml/aix-definitions-schema.xsd
trunk/ovaldi/xml/aix-system-characteristics-schema.xsd
trunk/ovaldi/xml/apache-definitions-schema.xsd
trunk/ovaldi/xml/apache-system-characteristics-schema.xsd
trunk/ovaldi/xml/catos-definitions-schema.xsd
trunk/ovaldi/xml/catos-system-characteristics-schema.xsd
trunk/ovaldi/xml/esx-definitions-schema.xsd
trunk/ovaldi/xml/esx-system-characteristics-schema.xsd
trunk/ovaldi/xml/freebsd-definitions-schema.xsd
trunk/ovaldi/xml/freebsd-system-characteristics-schema.xsd
trunk/ovaldi/xml/hpux-definitions-schema.xsd
trunk/ovaldi/xml/hpux-system-characteristics-schema.xsd
trunk/ovaldi/xml/independent-definitions-schema.xsd
trunk/ovaldi/xml/independent-system-characteristics-schema.xsd
trunk/ovaldi/xml/ios-definitions-schema.xsd
trunk/ovaldi/xml/ios-system-characteristics-schema.xsd
trunk/ovaldi/xml/linux-definitions-schema.xsd
trunk/ovaldi/xml/linux-system-characteristics-schema.xsd
trunk/ovaldi/xml/macos-definitions-schema.xsd
trunk/ovaldi/xml/macos-system-characteristics-schema.xsd
trunk/ovaldi/xml/oval-common-schema.xsd
trunk/ovaldi/xml/oval-definitions-schema.xsd
trunk/ovaldi/xml/oval-definitions-schematron.xsl
trunk/ovaldi/xml/oval-results-schema.xsd
trunk/ovaldi/xml/oval-system-characteristics-schema.xsd
trunk/ovaldi/xml/oval-variables-schema.xsd
trunk/ovaldi/xml/solaris-definitions-schema.xsd
trunk/ovaldi/xml/solaris-system-characteristics-schema.xsd
trunk/ovaldi/xml/unix-definitions-schema.xsd
trunk/ovaldi/xml/unix-system-characteristics-schema.xsd
trunk/ovaldi/xml/windows-definitions-schema.xsd
trunk/ovaldi/xml/windows-system-characteristics-schema.xsd
Log:
Merge 5.5.4 version from upstream
Modified: trunk/ovaldi/debian/TODO.Debian
===================================================================
--- trunk/ovaldi/debian/TODO.Debian 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/debian/TODO.Debian 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,4 +1,4 @@
deb-package:
- - Cleanup unused and commented debhelper lines from debian/rules (by Jay Berkenbilt <qjb>)
+ + Cleanup unused and commented debhelper lines from debian/rules (by Jay Berkenbilt <qjb>)
- Use upstream *.bz2 tarball as original-source instead of repack it. (by Jay Berkenbilt <qjb>)
- Update dsa-examples for Lenny release
Modified: trunk/ovaldi/debian/changelog
===================================================================
--- trunk/ovaldi/debian/changelog 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/debian/changelog 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,3 +1,11 @@
+oval-interpreter (5.5.4-1) unstable; urgency=low
+
+ * New upstream release
+ * Upgrade to standards version 3.7.3 (no changes)
+ * Cleanup unused and commented debhelper lines from debian/rules
+
+ -- Pavel Vinogradov <Pavel.Vinogradov at nixdev.net> Sat, 02 May 2009 15:27:27 +0500
+
oval-interpreter (5.4.2-1) unstable; urgency=low
* New upstream release
Modified: trunk/ovaldi/debian/control
===================================================================
--- trunk/ovaldi/debian/control 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/debian/control 2009-05-02 11:24:18 UTC (rev 389)
@@ -2,7 +2,7 @@
Section: admin
Priority: optional
Maintainer: Pavel Vinogradov <Pavel.Vinogradov at nixdev.net>
-Standards-Version: 3.7.3
+Standards-Version: 3.8.1
Build-Depends: debhelper (>= 5), autotools-dev, quilt (>= 0.40), libpcre3-dev, libxerces-c2-dev, libxalan110-dev (>= 1.10-3.3), libapt-pkg-dev, libpopt-dev
Homepage: http://oval.mitre.org
Vcs-Svn: svn://svn.debian.org/svn/oval/trunk/ovaldi
Modified: trunk/ovaldi/debian/copyright
===================================================================
--- trunk/ovaldi/debian/copyright 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/debian/copyright 2009-05-02 11:24:18 UTC (rev 389)
@@ -5,7 +5,7 @@
Upstream Author: The MITRE Corporation
-Copyright: (c) 2002-2008 The MITRE Corporation
+Copyright: (c) 2002-2009 The MITRE Corporation
License:
@@ -32,6 +32,6 @@
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-The Debian packaging is (C) 2007-2008, Pavel Vinogradov
+The Debian packaging is (C) 2007-2009, Pavel Vinogradov
<Pavel.Vinogradov at nixdev.net> and is licensed under the GPL, see
`/usr/share/common-licenses/GPL'.
Modified: trunk/ovaldi/debian/rules
===================================================================
--- trunk/ovaldi/debian/rules 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/debian/rules 2009-05-02 11:24:18 UTC (rev 389)
@@ -74,23 +74,10 @@
dh_installchangelogs
dh_installdocs
dh_installexamples
-# dh_install
-# dh_installmenu
-# dh_installdebconf
-# dh_installlogrotate
-# dh_installemacsen
-# dh_installpam
-# dh_installmime
-# dh_python
-# dh_installinit
-# dh_installcron
-# dh_installinfo
dh_installman docs/ovaldi.1
dh_strip
dh_compress -X.xml
dh_fixperms
-# dh_perl
-# dh_makeshlibs
dh_installdeb
dh_shlibdeps
dh_gencontrol
Modified: trunk/ovaldi/docs/README.txt
===================================================================
--- trunk/ovaldi/docs/README.txt 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/docs/README.txt 2009-05-02 11:24:18 UTC (rev 389)
@@ -67,15 +67,15 @@
Install the RPM simply by running the following command:
- # rpm -ivh <Definition Interpreter RPM>
+ # rpm -ivh <OVAL Interpreter RPM>
The RPM places the following files on the system. To learn their
exact location after install, run: rpm -ql ovaldi.
Executables:
ovaldi.sh - Shell Script to simplify execution of the Definition
- Interpreter
- ovaldi - Definition Interpreter binary
+ Interpreter
+ ovaldi - OVAL Interpreter binary
Libraries:
libxerces-c.so.27.0 - Xerces XML library
@@ -99,11 +99,11 @@
results_to_html.xsl - A simple xsl that formats an oval-results document as html
The .so file for the Xerces library must be made accessible to
- the Definition Interpreter binary. The ovaldi RPM places a
+ the OVAL Interpreter binary. The ovaldi RPM places a
pre-compiled version in /usr/lib/ovaldi/ and appends this directory
to your /etc/ld.so.conf file.
- To run the Definition Interpreter, run:
+ To run the OVAL Interpreter, run:
# /usr/sbin/ovaldi.sh
@@ -118,10 +118,10 @@
C. Microsoft Windows Installation
The OVAL Interpreter can be installed and run on
- Microsoft Windows NT 2000/XP/Server 2003.
+ Microsoft Windows NT/2000/XP/Server 2003/Vista/Server 2008.
Install the Interpreter by running the installer
- executable - ovaldisetupX.X.exe
+ executable - ovaldi-X.X.X-setup.exe
The installer is a self-extracting zip archive that prompts
the user for an installation directory
@@ -194,14 +194,11 @@
http://oval.mitre.org/repository/download/index.html
Additionally it is recommended that you join the
- "OVAL-DATA-UPDATE" email list. This list provides subscribers with
- reports of new OVAL definitions, updates, and other detailed
- technical information regarding OVAL. This list is intended for
- heavy technical users of OVAL, such as tool and service developers,
- vulnerability database maintainers, or those who require timely
- notification of new definitions. Messages are sent when new OVAL
- data is available, which is approximately once per week. To
- subscribe to the list, go to the Free Newsletters page on the
+ "oval-discussion-list" email list. A lightly moderated public
+ forum for discussion realted to new and previously posted OVAL
+ Repository content, as well as the vulnerabilities and configuration
+ issues themselves that affect definition writing. To
+ subscribe to the list, go to the Forum Sign-Up page on the
OVAL Web Site.
http://oval.mitre.org/community/registration.html
@@ -251,7 +248,8 @@
evaluated. The file must comply with the evaluation-id schema.
Input Validation Options:
- -m = do not verify the oval-definitions file with an MD5 hash
+ -a dir name = path to the directory that contains the OVAL schema and other xml resources. DEFAULT="xml"
+ -m = do not verify the oval-definitions file with an MD5 hash
-n = perform Schematron validation of the oval-definitions file.
-c filename = path to xsl for oval-definitions Schematron validation.
DEFAULT="oval-definitions-schematron.xsl"
@@ -305,7 +303,10 @@
Definitions in the input document that are not in the list will be
assigned a 'Not Evaluated' evaluated.
- -m -- Run without requiring an MD5 checksum. Running the
+ -a -- Specifies the pathname of the directory that contains the OVAL
+ schema and other xml resources. DEFAULT="xml"
+
+ -m -- Run without requiring an MD5 checksum. Running the
Interpreter with this option DISABLES an important security
feature. In normal usage, a trusted checksum provided on the
command line is used to verify the integrity of the OVAL
@@ -546,23 +547,33 @@
detected. The version of the OVAL Interpreter can be found in a banner
at the top of any output.
+To report a problem with an OVAL Definition from the OVAL Repository,
+please send an email to the 'oval-discussion-list' with the id of the
+definition in question and a detailed description of the issue. To
+subscribe to the list, go to the Forum Sign-Up page on the
+OVAL Web Site and join the "OVAL Repository Forum".
+
+http://oval.mitre.org/community/registration.html
+
+
-- IX USEFUL LINKS --
OVAL Web site -- http://oval.mitre.org
-OVAL Interpreters -- http://oval.mitre.org/language/download/interpreter/index.html
+OVAL Interpreter SourceForge Site -- http://sourceforge.net/projects/ovaldi/
-Data Files -- http://oval.mitre.org/repository/download/index.html
+OVAL Repository -- http://oval.mitre.org/repository/index.html
Terms of Use -- http://oval.mitre.org/about/bsd_license.html
-CVE List -- http://cve.mitre.org
+CVE -- http://cve.mitre.org
-OVAL-Data-Updates e-Newsletter -- http://oval.mitre.org/news/newsletters.html
+CPE -- http://cce.mitre.org
+CCE -- http://cpe.mitre.org
----------------------------------------------------------
OVAL is sponsored by US-CERT at the U.S. Department of Homeland
Security. OVAL and the OVAL logo are trademarks of The MITRE
-Corporation. Copyright 2006, The MITRE Corporation (www.mitre.org).
+Corporation. Copyright 2008, The MITRE Corporation (www.mitre.org).
Modified: trunk/ovaldi/docs/build.linux.txt
===================================================================
--- trunk/ovaldi/docs/build.linux.txt 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/docs/build.linux.txt 2009-05-02 11:24:18 UTC (rev 389)
@@ -34,20 +34,22 @@
-- CONTENTS --
- I OVERVIEW
- A. Source Distribution
- B. Source Distribution Contents
- C. Supporting Libraries
- II BUILD INSTRUCTIONS
- A. PCRE Library
- B. Xerces Library
- C. Xalan Library
- D. Building the OVAL Interpreter
- III PCRE
- IV XERCES
- V XALAN
- VI REPORTING PROBLEMS
- VII USEFUL LINKS
+ I OVERVIEW
+ A. Source Distribution
+ B. Source Distribution Contents
+ C. Supporting Libraries
+ II BUILD INSTRUCTIONS
+ A. PCRE Library
+ B. Xerces Library
+ C. Xalan Library
+ D. RPM Libraries
+ E. APT Libraries
+ F. Building the OVAL Interpreter
+ III PCRE
+ IV XERCES
+ V XALAN
+ VI REPORTING PROBLEMS
+ VII USEFUL LINKS
-- I -- OVERVIEW --
@@ -129,8 +131,29 @@
/usr/lib/ovaldi to reduce the dependencies that an unsophisticated
user would need to resolve.
- D. Building the OVAL Interpreter
+ D. RPM
+ The Definition Interpreter can be compiled to utilize libraries provided by
+ the RPM Package Manager (RPM) in order to complete certain RPM-specific tasks.
+ Utilizing RPM libraries will allow the Definition Interpreter to execute RPM
+ Probes.
+
+ For more information about RPM please visit:
+ http://www.rpm.org
+
+ E. APT
+
+ The Definition Interpreter can be compiled to utilize libraries provided by
+ the Advanced Packaging Tool (APT) in order to complete certain APT-specific tasks.
+ Utilizing APT libraries will allow the Definition Interpreter to execute DPKG
+ Probes.
+
+ For more information about APT please visit:
+ http://en.wikipedia.org/wiki/Advanced_Packaging_Tool
+
+
+ F. Building the OVAL Interpreter
+
After installing the PCRE, Xerces, and Xalan libraries, change into the
directory:
@@ -193,6 +216,7 @@
The source code is also available at the above Web site.
+
-- VI -- REPORTING PROBLEMS --
To report a problem with OVAL Interpreter, please
Modified: trunk/ovaldi/docs/version.txt
===================================================================
--- trunk/ovaldi/docs/version.txt 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/docs/version.txt 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,14 +1,75 @@
-****************************************************
+*********************************************************************
- OVAL Interpreter
+OVAL Interpreter (ovaldi)
- Copyright (c) 2002-2008 - The MITRE Corporation
+Copyright (c) 2002-2008, The MITRE Corporation
+All rights reserved.
-****************************************************
+Redistribution and use in source and binary forms, with or without modification, are
+permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this list
+ of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice, this
+ list of conditions and the following disclaimer in the documentation and/or other
+ materials provided with the distribution.
+ * Neither the name of The MITRE Corporation nor the names of its contributors may be
+ used to endorse or promote products derived from this software without specific
+ prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+*********************************************************************
+
+This document contains a log of all changes made to the OVAL Interpreter (ovaldi) since version 5.0 was released.
+
---------------------------------------
---- Version 5.4 build 2 ---
+--- Version 5.5 build 4 ---
---------------------------------------
+* Added support for the new win-def:wuaupdatesearcher_test with the WUAUpdateSearcherProbe. Thanks for sample code contributions from Kevin Sitto of G2, Inc. (http://g2-inc.com/)
+* Added support for RedHat EL5.
+* Updated spec file to comply with RPM. Thanks to Steve Milner for the corrections.
+* Corrected incorrect file separator used in fileSeperatorStr on unix systems.
+
+---------------------------------------
+--- Version 5.5 build 3 ---
+---------------------------------------
+* Converted windows project to Visual Studio 2008 format. This conversion required one minor change to WindowsCommon.h to make it compile without warnings with the new SDK.
+* Corrected bug in WMIProbe.cpp. wmi_items were not properly being collected resulting incorrect wmi_test evaluations.
+* Added log message when an object is not supported for data collection.
+* Corrected bug that caused a deprecated message for the check='none exist' on a test to be incorrectly reported in the log file.
+* Added mapping of deprected var_check and entity_check 'none exist' value to 'none satisfy' value.
+* Corrected numerous coding issues related to misuse of sizeof. Thanks to Derek Abdine (derek_abdine at RAPID7.COM) for reporting these issues.
+* Corrected numerous coding issues related to throwing exceptions without freeing or deleting allocated memory. Thanks to Derek Abdine (derek_abdine at RAPID7.COM) for reporting these issues.
+* Added file existence check to all files that are specified on the command line.
+* Added a check to DocumentManager::GetExternalVariableDocument() before the external variable file is read to make sure it exists. If the check fails the error is logged with a message indicating that an external variable file is needed for proper evaluation of the current definitions.
+* Moved version to 5.5 and add the Version::GetSchemaVersion() method to simplify changing the schema version.
+* Added support for case insensitive equals and not equals. Thanks to Lumension Security (http://www.lumension.com)
+* Changed ExternalVariable::ComputeValue() to warn and not error out when the input datatype on a variable does not match the desired datatype in the definition document. Based on a suggestion by Lumension Security (http://www.lumension.com).
+* Added a command line flag '-a' to allow the user to specify the location of the OVAL schema files that will be utilized for schema validation. The default value is 'xml'. This 'xml' directory is also considered the home of the Schematron validation xsl and the results to html conversion xsl. This directory will now be a component of binary distributions. Thanks to Lumension Security (http://www.lumension.com)
+* Added support for driving evaluations off of an input system characteristics file that does not include the <collected_object/> section. This capability will allow other systems to generate system characteristics files without prior knowledge of a set of definitions. Thanks to Michael Wiegand of Intevation GmbH, Osnabrück (http://www.intevation.de/)
+* Corrected bug in LocalVariable::Parse(). I found a typo in the 'datatype' attribute name. This would have prevented the code from properly reading the datatype attribute's name.
+* Added support for the end function as it is defined in the oval-definitions-schema.
+* Added support for the begin function as it is defined in the oval-definitions-schema.
+* Added base code for supporting all other functions. This should make it easier to implement these functions at a later date.
+* Corrected formatting of reg_binary data. The code was inserting a space after each octet.
+* Added a workaround to support collecting password_complexity and reversible_encryption in the PasswordPolicyProbe. Thanks to Lumension Security (http://www.lumension.com)
+* Completed support for the FileEffectiveRights53Probe. The code was not properly expanding groups based on sids. Thanks to Lumension Security (http://www.lumension.com)
+* Added the SidSidProbe. Thanks to Lumension Security (http://www.lumension.com)
+* Added code for making requests to WMI for system characteristics when the proper API is not known. Thanks to Lumension Security (http://www.lumension.com)
+* Added the AuditEventPolicySubcategoriesProbe. Thanks to Lumension Security (http://www.lumension.com)
+
+---------------------------------------
+--- Version 5.4 build 2 ---
+---------------------------------------
* Updated unix ProcessProbe to match time format changes made for version 5.4
* Converted to support version 5.4 of OVAL
@@ -37,7 +98,7 @@
* Source code comments were cleaned up.
* Updated Windows FileProbe to use GetFileTime API for a, m, and c times. Code was previously using stat. The schema documentation said to use GetFileTime.
* Corrected bug in Windows RegistryProbe that was incorrectly appending a trailing space to binary registry values.
-* Corrected bug in windows/FileEffectiveRightsProbe::GetEffectiveRights. Access right were being read incorrectly.
+* Corrected bug in windows/FileEffectiveRightsProbe::GetEffectiveRights. Access rights were being read incorrectly.
* Corrected bug in caching of Items during evaluation. The cache of items was effectively not being used because the call to cache a new item was made before the item was parsed from the xml. The cache is based on an item's id. The id is not set until the item is parsed.
* Improved caching code used in Definition, Test, and State evaluate.
* Corrected bug in RegistryProbe::RetrieveInfo method. When processing a REG_MULTI_SZ value the last value was not being collected. Thanks to Ken Lassesen (ken.lassesen at lumension.com) for reporting the issue.
@@ -222,8 +283,4 @@
- family_object
* Supports definition analysis for all types of definitions.
-----------------------------------------------------------
-OVAL is sponsored by US-CERT at the U.S. Department of Homeland Security.
-OVAL and the OVAL logo are trademarks of The MITRE Corporation. Copyright 2002-2008, The MITRE Corporation (www.mitre.org).
-
Modified: trunk/ovaldi/doxygen/doxygen.linux.config
===================================================================
--- trunk/ovaldi/doxygen/doxygen.linux.config 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/doxygen/doxygen.linux.config 2009-05-02 11:24:18 UTC (rev 389)
@@ -31,7 +31,7 @@
# This could be handy for archiving the generated documentation or
# if some version control system is used.
-PROJECT_NUMBER = "5.3"
+PROJECT_NUMBER = "5.5"
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
# base path where the generated documentation will be put.
Modified: trunk/ovaldi/doxygen/doxygen.solaris.config
===================================================================
--- trunk/ovaldi/doxygen/doxygen.solaris.config 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/doxygen/doxygen.solaris.config 2009-05-02 11:24:18 UTC (rev 389)
@@ -31,7 +31,7 @@
# This could be handy for archiving the generated documentation or
# if some version control system is used.
-PROJECT_NUMBER = "5.3"
+PROJECT_NUMBER = "5.5"
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
# base path where the generated documentation will be put.
Modified: trunk/ovaldi/doxygen/doxygen.windows.config
===================================================================
--- trunk/ovaldi/doxygen/doxygen.windows.config 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/doxygen/doxygen.windows.config 2009-05-02 11:24:18 UTC (rev 389)
@@ -31,7 +31,7 @@
# This could be handy for archiving the generated documentation or
# if some version control system is used.
-PROJECT_NUMBER = 5.3
+PROJECT_NUMBER = "5.5"
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
# base path where the generated documentation will be put.
Modified: trunk/ovaldi/project/Win32/VC8/OVALInterpreter.vcproj
===================================================================
--- trunk/ovaldi/project/Win32/VC8/OVALInterpreter.vcproj 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/project/Win32/VC8/OVALInterpreter.vcproj 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,10 +1,11 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
- Version="8.00"
+ Version="9.00"
Name="OVALInterpreter"
ProjectGUID="{07DF4833-B0AB-4276-807F-5758BF0ED7A9}"
RootNamespace="OVALInterpreter"
+ TargetFrameworkVersion="131072"
>
<Platforms>
<Platform
@@ -76,14 +77,18 @@
/>
<Tool
Name="VCLinkerTool"
- AdditionalDependencies="Wbemuuid.lib pcre.lib xerces-c_2.lib Xalan-C_1.lib version.lib imagehlp.lib IPHlpAPI.lib Wldap32.lib Netapi32.lib WS2_32.lib User32.lib"
+ AdditionalDependencies="Wuguid.lib Wbemuuid.lib pcre.lib xerces-c_2.lib Xalan-C_1.lib version.lib imagehlp.lib IPHlpAPI.lib Wldap32.lib Netapi32.lib WS2_32.lib User32.lib"
OutputFile="Debug/ovaldiD.exe"
Version="2.0"
LinkIncremental="2"
AdditionalLibraryDirectories="..\..\..\build\Win32\Debug"
+ DelayLoadDLLs="Advapi32.dll"
GenerateDebugInformation="true"
ProgramDatabaseFile=".\Debug/ovaldiD.pdb"
SubSystem="1"
+ RandomizedBaseAddress="1"
+ DataExecutionPrevention="0"
+ SupportUnloadOfDelayLoadedDLL="true"
TargetMachine="1"
/>
<Tool
@@ -105,9 +110,6 @@
Name="VCAppVerifierTool"
/>
<Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
@@ -173,13 +175,17 @@
/>
<Tool
Name="VCLinkerTool"
- AdditionalDependencies="Wbemuuid.lib pcre.lib xerces-c_2.lib Xalan-C_1.lib version.lib imagehlp.lib IPHlpAPI.lib Wldap32.lib Netapi32.lib WS2_32.lib"
+ AdditionalDependencies="Wuguid.lib Wbemuuid.lib pcre.lib xerces-c_2.lib Xalan-C_1.lib version.lib imagehlp.lib IPHlpAPI.lib Wldap32.lib Netapi32.lib WS2_32.lib"
OutputFile="Release/ovaldi.exe"
Version="5.0"
LinkIncremental="1"
SuppressStartupBanner="true"
+ DelayLoadDLLs="Advapi32.dll"
ProgramDatabaseFile=".\Release/ovaldi.pdb"
SubSystem="1"
+ RandomizedBaseAddress="1"
+ DataExecutionPrevention="0"
+ SupportUnloadOfDelayLoadedDLL="true"
TargetMachine="1"
/>
<Tool
@@ -201,9 +207,6 @@
Name="VCAppVerifierTool"
/>
<Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
Name="VCPostBuildEventTool"
/>
</Configuration>
@@ -417,6 +420,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\AuditEventPolicySubcategoriesProbe.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\EnvironmentVariableProbe.cpp"
>
</File>
@@ -425,6 +432,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\FileEffectiveRights53Probe.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\windows\FileEffectiveRightsProbe.cpp"
>
</File>
@@ -465,6 +476,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\SidSidProbe.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\TextFileContentProbe.cpp"
>
</File>
@@ -481,6 +496,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\WUAUpdateSearcherProbe.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\XmlFileContentProbe.cpp"
>
</File>
@@ -688,6 +707,14 @@
>
</File>
<File
+ RelativePath="..\..\..\src\ArithmeticFunction.cpp"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\BeginFunction.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\ComponentFactory.cpp"
>
</File>
@@ -704,6 +731,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\EndFunction.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\EscapeRegexFunction.cpp"
>
</File>
@@ -732,14 +763,26 @@
>
</File>
<File
+ RelativePath="..\..\..\src\RegexCaptureFunction.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\RestrictionType.cpp"
>
</File>
<File
+ RelativePath="..\..\..\src\SplitFunction.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\SubstringFunction.cpp"
>
</File>
<File
+ RelativePath="..\..\..\src\TimeDifferenceFunction.cpp"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\VariableComponent.cpp"
>
</File>
@@ -775,6 +818,10 @@
RelativePath="..\..\..\src\windows\WindowsCommon.cpp"
>
</File>
+ <File
+ RelativePath="..\..\..\src\windows\WMIUtil.cpp"
+ >
+ </File>
</Filter>
</Filter>
<Filter
@@ -953,6 +1000,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\AuditEventPolicySubcategoriesProbe.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\EnvironmentVariableProbe.h"
>
</File>
@@ -961,6 +1012,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\FileEffectiveRights53Probe.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\windows\FileEffectiveRightsProbe.h"
>
</File>
@@ -1001,6 +1056,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\SidSidProbe.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\TextFileContentProbe.h"
>
</File>
@@ -1017,6 +1076,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\probes\windows\WUAUpdateSearcherProbe.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\probes\independent\XmlFileContentProbe.h"
>
</File>
@@ -1077,6 +1140,14 @@
>
</File>
<File
+ RelativePath="..\..\..\src\ArithmeticFunction.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\BeginFunction.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\ComponentFactory.h"
>
</File>
@@ -1093,6 +1164,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\EndFunction.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\EscapeRegexFunction.h"
>
</File>
@@ -1121,14 +1196,26 @@
>
</File>
<File
+ RelativePath="..\..\..\src\RegexCaptureFunction.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\RestrictionType.h"
>
</File>
<File
+ RelativePath="..\..\..\src\SplitFunction.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\SubstringFunction.h"
>
</File>
<File
+ RelativePath="..\..\..\src\TimeDifferenceFunction.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\VariableComponent.h"
>
</File>
@@ -1164,6 +1251,14 @@
RelativePath="..\..\..\src\windows\WindowsCommon.h"
>
</File>
+ <File
+ RelativePath="..\..\..\src\windows\WMIItem.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\windows\WMIUtil.h"
+ >
+ </File>
</Filter>
</Filter>
<Filter
Modified: trunk/ovaldi/project/linux/Makefile
===================================================================
--- trunk/ovaldi/project/linux/Makefile 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/project/linux/Makefile 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
#
-# $Id: Makefile 4579 2008-01-02 17:39:07Z bakerj $
#
#****************************************************************************************//
# Copyright (c) 2002-2008, The MITRE Corporation
@@ -41,17 +40,20 @@
INDEPENDENTPROBEDIR = ${SRCDIR}/probes/independent
CURRENTDIR = ../project/linux
-INCDIRS = -I/usr/include -I$(LINUXDIR) -I${SRCDIR} -I${UNIXPROBEDIR} -I${LINUXPROBEDIR} -I${INDEPENDENTPROBEDIR} -I/usr/include/pcre
+INCDIRS = -I/usr/local/include -I/usr/include -I$(LINUXDIR) -I${SRCDIR} -I${UNIXPROBEDIR} -I${LINUXPROBEDIR} -I${INDEPENDENTPROBEDIR}
EXECUTABLE = $(OUTDIR)/ovaldi
# The location of the c++ compiler.
-CXX = /usr/bin/g++
+ifeq (${CXX}, )
+ CXX=/usr/bin/g++
+endif
+
# General options that should be used by g++.
CPPFLAGS = -Wall -O
-LIBDIR = -L/usr/lib
+LIBDIR = -L/usr/local/lib -L/usr/lib
# What libraries do we need?
LIBS = -lxerces-c -lxalan-c -lpcre -lpopt
@@ -88,7 +90,9 @@
AbsState.obj \
AbsVariable.obj \
Analyzer.obj \
+ ArithmeticFunction.obj \
Behavior.obj \
+ BeginFunction.obj \
CollectedObject.obj \
CollectedSet.obj \
Common.obj \
@@ -100,6 +104,7 @@
Criterion.obj \
Definition.obj \
DocumentManager.obj \
+ EndFunction.obj \
EntityComparator.obj \
EscapeRegexFunction.obj \
Exception.obj \
@@ -124,14 +129,17 @@
PossibleRestrictionType.obj \
PossibleValueType.obj \
REGEX.obj \
+ RegexCaptureFunction.obj \
RestrictionType.obj \
Set.obj \
SetObject.obj \
+ SplitFunction.obj \
State.obj \
StateEntity.obj \
SubstringFunction.obj \
Test.obj \
TestedItem.obj \
+ TimeDifferenceFunction.obj \
VariableComponent.obj \
VariableFactory.obj \
VariableValue.obj \
@@ -176,6 +184,8 @@
$(BUILDDIR)/AbsState.obj \
$(BUILDDIR)/AbsVariable.obj \
$(BUILDDIR)/Analyzer.obj \
+ $(BUILDDIR)/ArithmeticFunction.obj \
+ $(BUILDDIR)/BeginFunction.obj \
$(BUILDDIR)/Behavior.obj \
$(BUILDDIR)/CollectedObject.obj \
$(BUILDDIR)/CollectedSet.obj \
@@ -188,6 +198,7 @@
$(BUILDDIR)/Criterion.obj \
$(BUILDDIR)/Definition.obj \
$(BUILDDIR)/DocumentManager.obj \
+ $(BUILDDIR)/EndFunction.obj \
$(BUILDDIR)/EntityComparator.obj \
$(BUILDDIR)/EscapeRegexFunction.obj \
$(BUILDDIR)/Exception.obj \
@@ -212,6 +223,7 @@
$(BUILDDIR)/PossibleRestrictionType.obj \
$(BUILDDIR)/PossibleValueType.obj \
$(BUILDDIR)/REGEX.obj \
+ $(BUILDDIR)/RegexCaptureFunction.obj \
$(BUILDDIR)/RestrictionType.obj \
$(BUILDDIR)/Set.obj \
$(BUILDDIR)/SetObject.obj \
@@ -230,12 +242,14 @@
$(BUILDDIR)/DataCollector.obj \
$(BUILDDIR)/ObjectCollector.obj \
$(BUILDDIR)/ProbeFactory.obj \
+ $(BUILDDIR)/SplitFunction.obj \
$(BUILDDIR)/SystemInfo.obj \
$(BUILDDIR)/FileProbe.obj \
$(BUILDDIR)/InetListeningServersProbe.obj \
$(BUILDDIR)/ProcessProbe.obj \
$(BUILDDIR)/UnameProbe.obj \
$(BUILDDIR)/TextFileContentProbe.obj \
+ $(BUILDDIR)/TimeDifferenceFunction.obj \
$(BUILDDIR)/XmlFileContentProbe.obj \
$(BUILDDIR)/EnvironmentVariableProbe.obj \
$(BUILDDIR)/FamilyProbe.obj \
Modified: trunk/ovaldi/project/linux/ovaldi.sh
===================================================================
--- trunk/ovaldi/project/linux/ovaldi.sh 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/project/linux/ovaldi.sh 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,6 +1,5 @@
#!/bin/bash
#
-# $Id: ovaldi.sh 4579 2008-01-02 17:39:07Z bakerj $
#
#****************************************************************************************#
# Copyright (c) 2002-2008, The MITRE Corporation
@@ -40,13 +39,6 @@
#
if [ $# == 1 ]; then
DEFS="$1"
- # Check to make sure schema files are in the same directory
- SCHEMADIR=`dirname "$DEFS"`
- if [ ! -f ${SCHEMADIR}/oval-common-schema.xsd ]; then
- echo "Error: Schema files must be located in the same directory as the"
- echo "definition file."
- exit 1
- fi
elif [ -f /usr/share/ovaldi/linux.definitions.xml ]; then
DEFS=/usr/share/ovaldi/linux.definitions.xml
else
Modified: trunk/ovaldi/rpm/ovaldi.spec
===================================================================
--- trunk/ovaldi/rpm/ovaldi.spec 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/rpm/ovaldi.spec 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
%define name ovaldi
-%define version 5.4.2
+%define version 5.5.4
%define release 1
Summary: The reference interpreter for the Open Vulnerability and Assessment Language
@@ -7,11 +7,11 @@
Version: %{version}
Release: %{release}
Source0: http://oval.mitre.org/DontDownload/oval/download/ovaldi-%{version}-src.tar.bz2
-Copyright: BSD
+License: BSD
Group: System/Configuration/Other
BuildRoot: %{_tmppath}/%{name}-buildroot
Prefix: %{_prefix}
-BuildArchitectures: i386
+BuildArch: i386
%description
The OVAL Interpreter is a freely available reference
@@ -29,7 +29,7 @@
a list of true/false results and their references (e.g., CVE names)
for all input OVAL definitions.
-MITRE offers the Interpreters, source code, schemas, and data files
+MITRE offers the Interpreter, source code, schemas, and data files
at no cost to further the OVAL effort and in hopes that individuals
and organizations will build and expand upon them. If you are
interested in contributing to the OVAL Interpreter please send an
@@ -41,7 +41,7 @@
%package libs
Summary: Libraries required to run the OVAL Interpreter.
-Group: System/Configuration/Other
+Group: Applications/System
%description libs
This package contains the Xerces and Xalan XML libraries needed to run
the OVAL Interpreter. These libraries are available from the Apache
@@ -49,8 +49,7 @@
%prep
[ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT
-%setup -n ovaldi-%{version}-src
-#%patch -p0
+%setup -q -n ovaldi-%{version}-src
%build
cd project/linux
@@ -59,7 +58,7 @@
%install
/bin/mkdir -p $RPM_BUILD_ROOT/usr/sbin
-/bin/mkdir -m 700 -p $RPM_BUILD_ROOT/usr/lib/ovaldi
+/bin/mkdir -m 700 -p $RPM_BUILD_ROOT%{_libdir}/ovaldi
/bin/mkdir -m 700 -p $RPM_BUILD_ROOT/usr/share/ovaldi
/bin/mkdir -m 700 -p $RPM_BUILD_ROOT/var/log/ovaldi
/bin/mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1
@@ -75,13 +74,17 @@
/bin/cp xml/*.xsd $RPM_BUILD_ROOT/usr/share/ovaldi
if grep "release 3" /etc/redhat-release &> /dev/null ; then
- /bin/cp project/linux/EL3/libxerces-c.so.27.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
- /bin/cp project/linux/EL3/libxalan-c.so.110.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
- /bin/cp project/linux/EL3/libxalanMsg.so.110.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
+ /bin/cp project/linux/EL3/libxerces-c.so.27.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL3/libxalan-c.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL3/libxalanMsg.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
elif grep "release 4" /etc/redhat-release &> /dev/null ; then
- /bin/cp project/linux/EL4/libxerces-c.so.27.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
- /bin/cp project/linux/EL4/libxalan-c.so.110.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
- /bin/cp project/linux/EL4/libxalanMsg.so.110.0 $RPM_BUILD_ROOT/usr/lib/ovaldi
+ /bin/cp project/linux/EL4/libxerces-c.so.27.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL4/libxalan-c.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL4/libxalanMsg.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+elif grep "release 5" /etc/redhat-release &> /dev/null ; then
+ /bin/cp project/linux/EL5/libxerces-c.so.27.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL5/libxalan-c.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
+ /bin/cp project/linux/EL5/libxalanMsg.so.110.0 $RPM_BUILD_ROOT%{_libdir}/ovaldi
else
echo "Unsupported Redhat version. Exiting."
exit 1
@@ -92,9 +95,9 @@
/bin/rm -fr $RPM_BUILD_ROOT/%{name}
%post libs
-# Add /usr/lib/ovaldi to the end of /etc/ld.so.conf if it's not yet present.
-if [ `/bin/egrep -c '^/usr/lib/ovaldi' /etc/ld.so.conf ` -lt 1 ] ; then
- /bin/echo "/usr/lib/ovaldi" >>/etc/ld.so.conf
+# Add %{_libdir}/ovaldi to the end of /etc/ld.so.conf if it's not yet present.
+if [ `/bin/egrep -c '^%{_libdir}/ovaldi' /etc/ld.so.conf ` -lt 1 ] ; then
+ /bin/echo "%{_libdir}/ovaldi" >>/etc/ld.so.conf
# /sbin/ldconfig
fi
/sbin/ldconfig
@@ -102,34 +105,34 @@
%preun libs
if [ $1 = 0 ]; then
#// Do stuff specific to uninstalls
- if [ -e /usr/lib/ovaldi/libxerces-c.so.27 ] ; then
- /bin/rm /usr/lib/ovaldi/libxerces-c.so.27
+ if [ -e %{_libdir}/ovaldi/libxerces-c.so.27 ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxerces-c.so.27
fi
- if [ -e /usr/lib/ovaldi/libxerces-c.so ] ; then
- /bin/rm /usr/lib/ovaldi/libxerces-c.so
+ if [ -e %{_libdir}/ovaldi/libxerces-c.so ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxerces-c.so
fi
- if [ -e /usr/lib/ovaldi/libxalan-c.so.110 ] ; then
- /bin/rm /usr/lib/ovaldi/libxalan-c.so.110
+ if [ -e %{_libdir}/ovaldi/libxalan-c.so.110 ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxalan-c.so.110
fi
- if [ -e /usr/lib/ovaldi/libxalan-c.so ] ; then
- /bin/rm /usr/lib/ovaldi/libxalan-c.so
+ if [ -e %{_libdir}/ovaldi/libxalan-c.so ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxalan-c.so
fi
- if [ -e /usr/lib/ovaldi/libxalanRMsg.so.110 ] ; then
- /bin/rm /usr/lib/ovaldi/libxalanMsg.so.110
+ if [ -e %{_libdir}/ovaldi/libxalanRMsg.so.110 ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxalanMsg.so.110
fi
- if [ -e /usr/lib/ovaldi/libxalanMsg.so ] ; then
- /bin/rm /usr/lib/ovaldi/libxalanMsg.so
+ if [ -e %{_libdir}/ovaldi/libxalanMsg.so ] ; then
+ /bin/rm %{_libdir}/ovaldi/libxalanMsg.so
fi
fi
%postun libs
if [ $1 = 0 ]; then
# // Do stuff specific to uninstalls
-if [ `/bin/egrep -c '^/usr/lib/ovaldi' /etc/ld.so.conf ` -gt 0 ] ; then
- /bin/egrep -v '^/usr/lib/ovaldi$' /etc/ld.so.conf >/usr/lib/etc.ld.so.conf.uninstalling-oval
- /bin/chown root:root /usr/lib/etc.ld.so.conf.uninstalling-oval
- /bin/chmod 644 /usr/lib/etc.ld.so.conf.uninstalling-oval
- /bin/mv /usr/lib/etc.ld.so.conf.uninstalling-oval /etc/ld.so.conf
+if [ `/bin/egrep -c '^%{_libdir}/ovaldi' /etc/ld.so.conf ` -gt 0 ] ; then
+ /bin/egrep -v '^%{_libdir}/ovaldi$' /etc/ld.so.conf >%{_libdir}/etc.ld.so.conf.uninstalling-oval
+ /bin/chown root:root %{_libdir}/etc.ld.so.conf.uninstalling-oval
+ /bin/chmod 644 %{_libdir}/etc.ld.so.conf.uninstalling-oval
+ /bin/mv %{_libdir}/etc.ld.so.conf.uninstalling-oval /etc/ld.so.conf
fi
/sbin/ldconfig
fi
@@ -151,11 +154,17 @@
/usr/share/ovaldi/*.xsd
%files libs
-/usr/lib/ovaldi/libxerces-c.so.27.0
-/usr/lib/ovaldi/libxalan-c.so.110.0
-/usr/lib/ovaldi/libxalanMsg.so.110.0
+%{_libdir}/ovaldi/libxerces-c.so.27.0
+%{_libdir}/ovaldi/libxalan-c.so.110.0
+%{_libdir}/ovaldi/libxalanMsg.so.110.0
%changelog
+* Fri Oct 10 2008 Bryan Worrell <bworrell at mitre.org> 5.5.4-1.0
+* Updated spec file as per instructions from Steve 'Ashcrow' Milner <me at stevemilner.org>
+
+* Thu Oct 02 2008 Jonathen Baker <bakerj at mitre.org> 5.5.0-1.0
+* Updated to 5.5 source.
+
* Thu Jun 28 2007 Jonathen Baker <bakerj at mitre.org> 5.3.0-1.0
* Updated to 5.3 source.
Modified: trunk/ovaldi/src/AbsDataCollector.cpp
===================================================================
--- trunk/ovaldi/src/AbsDataCollector.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsDataCollector.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -204,7 +204,7 @@
DOMElement *generatorElm = XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), scNode, "generator");
XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "oval:product_name", "OVAL Definition Interpreter");
XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "oval:product_version", Version::GetVersion() + " Build: " + Version::GetBuild());
- XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "oval:schema_version", "5.4");
+ XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "oval:schema_version", Version::GetSchemaVersion());
XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "oval:timestamp", Common::GetTimeStamp());
XmlCommon::AddChildElement(DocumentManager::GetSystemCharacterisitcsDocument(), generatorElm, "vendor", Version::GetVendor());
}
Modified: trunk/ovaldi/src/AbsEntity.cpp
===================================================================
--- trunk/ovaldi/src/AbsEntity.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsEntity.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: AbsEntity.cpp 4611 2008-01-08 13:52:45Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -55,174 +54,82 @@
// *************************************************************************************** //
string AbsEntity::GetName() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the name field's value
- //
- // -----------------------------------------------------------------------
return this->name;
}
void AbsEntity::SetName(string name) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the name field's value
- //
- // -----------------------------------------------------------------------
this->name = name;
}
string AbsEntity::GetValue() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the value field's value
- //
- // -----------------------------------------------------------------------
return this->value;
}
void AbsEntity::SetValue(string value) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the value field's value
- //
- // -----------------------------------------------------------------------
this->value = value;
}
OvalEnum::Datatype AbsEntity::GetDatatype() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the datatype field's value
- //
- // -----------------------------------------------------------------------
return this->datatype;
}
void AbsEntity::SetDatatype(OvalEnum::Datatype datatype) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the datatype field's value
- //
- // -----------------------------------------------------------------------
this->datatype = datatype;
}
bool AbsEntity::GetIsObjectEntity() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the isObjectEntity field's value
- //
- // -----------------------------------------------------------------------
return this->isObjectEntity;
}
void AbsEntity::SetIsObjectEntity(bool isObjectEntity) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the isObjectEntity field's value
- //
- // -----------------------------------------------------------------------
this->isObjectEntity = isObjectEntity;
}
OvalEnum::Check AbsEntity::GetVarCheck() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the varCheck field's value
- //
- // -----------------------------------------------------------------------
return this->varCheck;
}
void AbsEntity::SetVarCheck(OvalEnum::Check varCheck) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the varCheck field's value
- //
- // -----------------------------------------------------------------------
this->varCheck = varCheck;
}
bool AbsEntity::GetNil() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the nil field's value
- //
- // -----------------------------------------------------------------------
return this->nil;
}
void AbsEntity::SetNil(bool nil) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the nil field's value
- //
- // -----------------------------------------------------------------------
this->nil = nil;
}
OvalEnum::Operation AbsEntity::GetOperation() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the operation field's value
- // -----------------------------------------------------------------------
return this->operation;
}
void AbsEntity::SetOperation(OvalEnum::Operation operation) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the operation field's value
- // -----------------------------------------------------------------------
this->operation = operation;
}
AbsVariable* AbsEntity::GetVarRef() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the varRef field's value
- // -----------------------------------------------------------------------
return this->varRef;
}
void AbsEntity::SetVarRef(AbsVariable* varRef) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the varRef field's value
- // -----------------------------------------------------------------------
this->varRef = varRef;
}
Modified: trunk/ovaldi/src/AbsEntity.h
===================================================================
--- trunk/ovaldi/src/AbsEntity.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsEntity.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: AbsEntity.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -114,29 +113,44 @@
*/
VariableValueVector* GetVariableValues();
+ /** Return the name field's value. */
string GetName();
+ /** Set the name field's value. */
void SetName(string name);
+ /** Return the value field's value. */
string GetValue();
+ /** Set the value field's value. */
void SetValue(string value);
+ /** Return the datatype field's value. */
OvalEnum::Datatype GetDatatype();
+ /** Set the datatype field's value. */
void SetDatatype(OvalEnum::Datatype datatype);
+ /** Get the isObjectEntity field's value. */
bool GetIsObjectEntity();
+ /** Set the isObjectEntity field's value. */
void SetIsObjectEntity(bool isObjectAbsEntity);
/** Return true if the xsi:nil is set to true. */
bool GetNil();
+ /** Set the nil field's value. */
void SetNil(bool nil);
+ /** Return the operation field's value. */
OvalEnum::Operation GetOperation();
+ /** Set the operation field's value. */
void SetOperation(OvalEnum::Operation operation);
+ /** Return the varCheck field's value */
OvalEnum::Check GetVarCheck();
+ /** Set the varCheck field's value. */
void SetVarCheck(OvalEnum::Check check);
+ /** Return the varRef field's value */
AbsVariable* GetVarRef();
+ /** Set the varRef field's value. */
void SetVarRef(AbsVariable* varRef);
private:
Modified: trunk/ovaldi/src/AbsFileFinder.cpp
===================================================================
--- trunk/ovaldi/src/AbsFileFinder.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsFileFinder.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -168,7 +168,7 @@
return;
}
if(maxDepth < -1) {
- throw FileFinderException("Error invalid max_depth. max depth must be -1 or more. Found: " + maxDepth);
+ throw FileFinderException("Error invalid max_depth. max_depth must be -1 or more. Found: " + maxDepth);
}
// get child directories
@@ -199,7 +199,7 @@
return;
}
if(maxDepth < -1) {
- throw FileFinderException("Error invalid max_depth. max depth must be -1 or more. Found: " + maxDepth);
+ throw FileFinderException("Error invalid max_depth. max_depth must be -1 or more. Found: " + maxDepth);
}
// get parent directory by parsing the string to find the last file seperator
Modified: trunk/ovaldi/src/AbsFunctionComponent.cpp
===================================================================
--- trunk/ovaldi/src/AbsFunctionComponent.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsFunctionComponent.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: AbsFunctionComponent.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -35,56 +34,27 @@
// AbsFunctionComponent Class //
//****************************************************************************************//
AbsFunctionComponent::AbsFunctionComponent() : AbsComponent() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Create a complete AbsFunctionComponent object
- //
- // -----------------------------------------------------------------------
}
AbsFunctionComponent::~AbsFunctionComponent() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Do nothing for now
- //
- // -----------------------------------------------------------------------
+
}
// *************************************************************************************** //
// Public members //
// *************************************************************************************** //
AbsComponentVector* AbsFunctionComponent::GetComponents() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the components field's value
- //
- // -----------------------------------------------------------------------
return &this->components;
}
void AbsFunctionComponent::SetComponents(AbsComponentVector* components) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the components field's value
- //
- // -----------------------------------------------------------------------
this->components = (*components);
}
void AbsFunctionComponent::AppendComponent(AbsComponent* component) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the components field's value
- //
- // -----------------------------------------------------------------------
this->GetComponents()->push_back(component);
}
Modified: trunk/ovaldi/src/AbsFunctionComponent.h
===================================================================
--- trunk/ovaldi/src/AbsFunctionComponent.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsFunctionComponent.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -44,12 +44,17 @@
*/
class AbsFunctionComponent : public AbsComponent {
public:
+
+ /** Create a complete AbsFunctionComponent object. */
AbsFunctionComponent();
virtual ~AbsFunctionComponent();
+ /** Return the components field's value. */
AbsComponentVector* GetComponents();
+ /** Set the components field's value. */
void SetComponents(AbsComponentVector* components);
+ /** Appned the input componenet to the list of componenets. */
void AppendComponent(AbsComponent* component);
private:
Modified: trunk/ovaldi/src/AbsObject.cpp
===================================================================
--- trunk/ovaldi/src/AbsObject.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/AbsObject.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: AbsObject.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/Analyzer.cpp
===================================================================
--- trunk/ovaldi/src/Analyzer.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Analyzer.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -390,7 +390,7 @@
DOMElement *generatorElm = XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), ovalResultsElm, "generator");
XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "oval:product_name", "OVAL Definition Interpreter");
XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "oval:product_version", Version::GetVersion() + " Build: " + Version::GetBuild());
- XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "oval:schema_version", "5.4");
+ XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "oval:schema_version", Version::GetSchemaVersion());
XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "oval:timestamp", Common::GetTimeStamp());
XmlCommon::AddChildElement(DocumentManager::GetResultDocument(), generatorElm, "vendor", Version::GetVendor());
Modified: trunk/ovaldi/src/Analyzer.h
===================================================================
--- trunk/ovaldi/src/Analyzer.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Analyzer.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Analyzer.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Added: trunk/ovaldi/src/ArithmeticFunction.cpp
===================================================================
--- trunk/ovaldi/src/ArithmeticFunction.cpp (rev 0)
+++ trunk/ovaldi/src/ArithmeticFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,109 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "ArithmeticFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+ArithmeticFunction::ArithmeticFunction(OvalEnum::ArithmeticOperation op) : AbsFunctionComponent() {
+
+ this->SetArithmeticOperation(op);
+}
+
+ArithmeticFunction::~ArithmeticFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+OvalEnum::ArithmeticOperation ArithmeticFunction::GetArithmeticOperation() {
+ return this->arithmeticOperation;
+}
+
+void ArithmeticFunction::SetArithmeticOperation(OvalEnum::ArithmeticOperation opIn) {
+
+ this->arithmeticOperation = opIn;
+}
+
+ComponentValue* ArithmeticFunction::ComputeValue() {
+
+ // create and populate a result ComponentValue
+ ComponentValue* result = new ComponentValue();
+
+ throw Exception("Error: unsupported function");
+
+ return result;
+}
+
+void ArithmeticFunction::Parse(DOMElement* componentElm) {
+
+ // get the character attrs
+ string arithmeticOperation = XmlCommon::GetAttributeByName(componentElm, "arithmetic_operation");
+ this->SetArithmeticOperation(OvalEnum::ToArithmeticOperation(arithmeticOperation));
+
+ // Loop through all child elements
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* ArithmeticFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/ArithmeticFunction.h
===================================================================
--- trunk/ovaldi/src/ArithmeticFunction.h (rev 0)
+++ trunk/ovaldi/src/ArithmeticFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,74 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef ARITHMETICFUNCTION_H
+#define ARITHMETICFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a ArithmeticFunction component in a local_variable in the
+ oval definition schema.
+
+ The arithmetic function takes two or more integer or float components and performs a
+ basic mathmetical function on them. The result of this function in a single integer
+ or float. Note that if both an integer and float components are used then the result
+ is a float.
+*/
+class ArithmeticFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete ArithmeticFunction object. */
+ ArithmeticFunction(OvalEnum::ArithmeticOperation op = OvalEnum::ARITHMETIC_ADD);
+ ~ArithmeticFunction();
+
+ /** Parse the begin element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the arithmetic_operation field's value. */
+ OvalEnum::ArithmeticOperation GetArithmeticOperation();
+ /** Set the arithmetic_operation field's value. */
+ void SetArithmeticOperation(OvalEnum::ArithmeticOperation opIn);
+
+private:
+ OvalEnum::ArithmeticOperation arithmeticOperation;
+};
+
+#endif
Added: trunk/ovaldi/src/BeginFunction.cpp
===================================================================
--- trunk/ovaldi/src/BeginFunction.cpp (rev 0)
+++ trunk/ovaldi/src/BeginFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,143 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "BeginFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+BeginFunction::BeginFunction(string charIn) : AbsFunctionComponent() {
+
+ this->SetCharacter(charIn);
+}
+
+BeginFunction::~BeginFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+string BeginFunction::GetCharacter() {
+ return this->character;
+}
+
+void BeginFunction::SetCharacter(string charIn) {
+
+ this->character = charIn;
+}
+
+ComponentValue* BeginFunction::ComputeValue() {
+
+ StringVector* values = NULL;
+
+ AbsComponent* component = this->GetComponents()->at(0);
+
+ ComponentValue* componentValue = component->ComputeValue();
+
+ // create and populate a result ComponentValue
+ ComponentValue* result = new ComponentValue();
+ result->SetFlag(componentValue->GetFlag());
+ result->AppendMessages(componentValue->GetMessages());
+
+ if(componentValue->GetFlag() == OvalEnum::FLAG_COMPLETE) {
+ values = new StringVector();;
+
+ StringVector::iterator iterator;
+ for(iterator = componentValue->GetValues()->begin(); iterator != componentValue->GetValues()->end(); iterator++) {
+ string currentValue = (*iterator);
+ string newValue = "";
+
+ if(currentValue.length() > this->GetCharacter().length()) {
+ unsigned int charLength = this->GetCharacter().length();
+ string beginSubStr = currentValue.substr(0, charLength);
+ if(this->GetCharacter().compare(beginSubStr) != 0) {
+ newValue = this->GetCharacter().append(currentValue);
+ } else {
+ newValue = currentValue;
+ }
+
+ } else {
+ newValue = this->GetCharacter().append(currentValue);
+ }
+ values->push_back(newValue);
+ }
+ result->SetValues(values);
+ }
+
+ delete componentValue;
+
+ return result;
+}
+
+void BeginFunction::Parse(DOMElement* componentElm) {
+
+ // get the character attrs
+ string charAttr = XmlCommon::GetAttributeByName(componentElm, "character");
+ this->SetCharacter(charAttr);
+
+ // Loop through all child elements
+ // there should only ever be one
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* BeginFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/BeginFunction.h
===================================================================
--- trunk/ovaldi/src/BeginFunction.h (rev 0)
+++ trunk/ovaldi/src/BeginFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,73 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef BEGINFUNCTION_H
+#define BEGINFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a BeginFunction component in a local_variable in the oval definition schema.
+
+ The begin function takes a single string component and defines a character (or string) that the
+ component string should start with. The character attribute defines the specific character
+ (or string). The character (or string) is only added to the component string if the component
+ string doesn't already start with the specified character (or string).
+*/
+class BeginFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete BeginFunction object. */
+ BeginFunction(string charIn = "");
+ ~BeginFunction();
+
+ /** Parse the begin element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the character field's value. */
+ string GetCharacter();
+ /** Set the character field's value. */
+ void SetCharacter(string charIn);
+
+private:
+ string character;
+};
+
+#endif
Modified: trunk/ovaldi/src/Common.cpp
===================================================================
--- trunk/ovaldi/src/Common.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Common.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -64,37 +64,44 @@
return exists;
}
-// Initialize static variables.
-string Common::dataFile = "system-characteristics.xml";
-string Common::xmlfile = "definitions.xml";
-string Common::outputFilename = "results.xml";
-string Common::externalVariablesFile = "external-variables.xml";
-string Common::xmlfileMD5 = "";
-string Common::startTime = "";
+// constants
+const string Common::DEFINITION_ID = "oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*";
+const string Common::DEFINITION_ID_LIST = "oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*(,oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*)*";
-bool Common::noXsl = false;
-string Common::xslFile = "results_to_html.xsl";
-string Common::xslOutputFile = "results.html";
+#ifdef WIN32
+ char Common::fileSeperator = '\\';
+ string Common::fileSeperatorStr = "\\";
+#else
+ char Common::fileSeperator = '/';
+ string Common::fileSeperatorStr = "/";
+#endif
+// Initialize static variables.
+string Common::dataFile = "system-characteristics.xml";
+string Common::xmlfile = "definitions.xml";
+string Common::schemapath = "xml";
+string Common::outputFilename = "results.xml";
+string Common::externalVariablesFile = "external-variables.xml";
+string Common::xmlfileMD5 = "";
+string Common::startTime = "";
-bool Common::doDefinitionSchematron = false;
-string Common::definitionSchematronPath = "oval-definitions-schematron.xsl";
+bool Common::noXsl = false;
+string Common::xslFile = "results_to_html.xsl";
+string Common::xslOutputFile = "results.html";
-bool Common::generateMD5 = false;
-bool Common::useProvidedData = false;
-bool Common::verifyXMLfile = true;
-bool Common::limitEvaluationToDefinitionIds = false;
-string Common::definitionIds = "";
-string Common::definitionIdsFile = "";
+bool Common::doDefinitionSchematron = false;
+string Common::definitionSchematronPath = "oval-definitions-schematron.xsl";
+bool Common::generateMD5 = false;
+bool Common::useProvidedData = false;
+bool Common::verifyXMLfile = true;
-#ifdef WIN32
- char Common::fileSeperator = '\\';
-#else
- char Common::fileSeperator = '/';
-#endif
+bool Common::limitEvaluationToDefinitionIds = false;
+string Common::definitionIds = "";
+string Common::definitionIdsFile = "";
+
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Accessors ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
@@ -114,6 +121,11 @@
return xmlfile;
}
+string Common::GetSchemaPath()
+{
+ return schemapath;
+}
+
string Common::GetXMLfileMD5()
{
return xmlfileMD5;
@@ -141,7 +153,7 @@
string Common::GetXSLFilename()
{
- return Common::xslFile;
+ return Common::GetSchemaPath() + Common::fileSeperatorStr + Common::xslFile;
}
string Common::GetXSLOutputFilename()
{
@@ -168,30 +180,35 @@
}
string Common::GetDefinitionSchematronPath() {
- return Common::definitionSchematronPath;
+ return Common::GetSchemaPath() + Common::fileSeperatorStr + Common::definitionSchematronPath;
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mutators ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
-void Common::SetDataFile(string fileIn)
-{
+void Common::SetDataFile(string fileIn) {
dataFile = fileIn;
}
-void Common::SetGenerateMD5(bool genMD5In)
-{
+void Common::SetGenerateMD5(bool genMD5In) {
generateMD5 = genMD5In;
}
-void Common::SetXMLfile(string xmlfileIn)
-{
- xmlfile = xmlfileIn;
+void Common::SetXMLfile(string xmlfileIn) {
+ if(Common::FileExists(xmlfileIn.c_str())) {
+ xmlfile = xmlfileIn;
+ } else {
+ throw CommonException("The specified definition file does not exist! " + xmlfileIn);
+ }
}
-void Common::SetXMLfileMD5(string xmlfileMD5In)
+void Common::SetSchemaPath(string schemapathIn)
{
+ schemapath = schemapathIn;
+}
+
+void Common::SetXMLfileMD5(string xmlfileMD5In) {
xmlfileMD5 = xmlfileMD5In;
}
@@ -200,14 +217,17 @@
outputFilename = outputFilenameIn;
}
-void Common::SetUseProvidedData(bool useDataIn)
-{
+void Common::SetUseProvidedData(bool useDataIn) {
useProvidedData = useDataIn;
}
-void Common::SetExternalVariableFile(string varFilenameIn)
-{
- externalVariablesFile = varFilenameIn;
+void Common::SetExternalVariableFile(string varFilenameIn) {
+
+ if(Common::FileExists(varFilenameIn.c_str())) {
+ externalVariablesFile = varFilenameIn;
+ } else {
+ throw CommonException("The specified external variables file does not exist! " + varFilenameIn);
+ }
}
void Common::SetVerifyXMLfile(bool verifyXMLfileIn)
@@ -215,13 +235,16 @@
verifyXMLfile = verifyXMLfileIn;
}
-void Common::SetXSLFilename(string in)
-{
- Common::xslFile = in;
+void Common::SetXSLFilename(string in) {
+
+ if(Common::FileExists(in.c_str())) {
+ Common::xslFile = in;
+ } else {
+ throw CommonException("The specified results xsl file does not exist! " + in);
+ }
}
-void Common::SetXSLOutputFilename(string in)
-{
+void Common::SetXSLOutputFilename(string in) {
Common::xslOutputFile = in;
}
void Common::SetNoXsl(bool noXsl) {
@@ -233,7 +256,12 @@
}
void Common::SetDefinitionIdsFile(string definitionIdsFile) {
- Common::definitionIdsFile = definitionIdsFile;
+
+ if(Common::FileExists(definitionIdsFile.c_str())) {
+ Common::definitionIdsFile = definitionIdsFile;
+ } else {
+ throw CommonException("The specified definition ids file does not exist! " + definitionIdsFile);
+ }
}
void Common::SetLimitEvaluationToDefinitionIds(bool set) {
@@ -245,7 +273,12 @@
}
void Common::SetDefinitionSchematronPath(string definitionSchematronPath) {
- Common::definitionSchematronPath = definitionSchematronPath;
+
+ if(Common::FileExists(definitionSchematronPath.c_str())) {
+ Common::definitionSchematronPath = definitionSchematronPath;
+ } else {
+ throw CommonException("The specified definition schematron validation file does not exist! " + definitionSchematronPath);
+ }
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
@@ -303,16 +336,16 @@
// validate the format of the string
REGEX* regex = new REGEX();
- string pattern = "oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*(,oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*)*";
- if(!regex->IsMatch(pattern.c_str(), definitionIdsString.c_str())) {
+ if(!regex->IsMatch(Common::DEFINITION_ID_LIST.c_str(), definitionIdsString.c_str())) {
+ delete regex;
throw Exception("Error: Invalid parameter format. Expected a comma seperated list of definition ids. No spaces are allowed.");
}
// break the comma seperated string into definition ids.
StringVector* definitionIds = new StringVector();
- char delm = ',';
+ const char delm = ',';
- char* theString = (char*)malloc(sizeof(char*)*(definitionIdsString.length()));
+ char* theString = (char*)malloc(sizeof(char)*(definitionIdsString.length()+1));
theString = strcpy(theString, definitionIdsString.c_str());
char* token = strtok(theString, &delm);
@@ -320,6 +353,8 @@
if(theString != NULL) {
free(theString);
}
+ delete regex;
+ delete definitionIds;
throw Exception("Error parsing definition id list. A delimiter was found, but no definition ids were found. Input version string: \'" + definitionIdsString + "\'");
} else {
@@ -328,10 +363,12 @@
string tokenStr = token;
// make sure it is a valid dafinition id
-
- REGEX* regex = new REGEX();
- string pattern = "oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*(,oval:[A-Za-z0-9_\\-\\.]+:def:[1-9][0-9]*)*";
- if(!regex->IsMatch(pattern.c_str(), definitionIdsString.c_str())) {
+ if(!regex->IsMatch(Common::DEFINITION_ID.c_str(), definitionIdsString.c_str())) {
+ if(theString != NULL) {
+ free(theString);
+ }
+ delete definitionIds;
+ delete regex;
throw Exception("Error: Invalid parameter format. Expected a comma seperated list of definition ids. No spaces are allowed. Found invalid definition id");
}
@@ -346,6 +383,7 @@
if(theString != NULL) {
free(theString);
}
+ delete regex;
return definitionIds;
}
@@ -367,16 +405,7 @@
return strIn;
}
-string Common::SwitchChar(string fixedString, string oldChr, string newChr)
-{
- //------------------------------------------------------------------------------------//
- // ABSTRACT
- //
- // This function takes a string and searches for all oldChrs. If one is found,
- // it is replaced with a newChr. It is only intended to work with a single char
- // at a time. No multiple char strings allowed
- //
- //------------------------------------------------------------------------------------//
+string Common::SwitchChar(string fixedString, string oldChr, string newChr) {
if(oldChr.length() != 1 || newChr.length() != 1)
throw CommonException("Error: (SwitchChar) can only switch strings of length = 1.");
@@ -392,17 +421,7 @@
return fixedString;
}
-string Common::GetTimeStamp()
-{
- //------------------------------------------------------------------------------------//
- // ABSTRACT
- //
- // Retrieve the date/time. The final output will be in the format:
- //
- // yyyy-mm-ddThh:mm:ss 2006-08-16T14:21:38
- //
- //------------------------------------------------------------------------------------//
-
+string Common::GetTimeStamp() {
char tmpbuf[128];
time_t tmpTime;
@@ -422,40 +441,31 @@
return (tmpbuf);
}
-string Common::ToString(int num)
-{
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a the int as a string
- //
- // -----------------------------------------------------------------------
+bool Common::FileExists(const char * filename) {
+
+ if (FILE * file = fopen(filename, "r")) {
+ fclose(file);
+ return true;
+ }
+
+ return false;
+}
+
+string Common::ToString(int num) {
ostringstream result;
result << num;
return result.str();
}
-string Common::ToString(long num)
-{
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a the long as a string
- //
- // -----------------------------------------------------------------------
+
+string Common::ToString(long num) {
ostringstream result;
result << num;
return result.str();
}
-string Common::ToString(bool b)
-{
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a the bool as a string
- //
- // -----------------------------------------------------------------------
+
+string Common::ToString(bool b) {
if(b)
return "true";
@@ -463,35 +473,21 @@
return "false";
}
-string Common::ToString(char c)
-{
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a the char as a string
- //
- // -----------------------------------------------------------------------
-
+string Common::ToString(char c) {
+
string str;
str = c;
return str;
}
-string Common::ToString(unsigned long num)
-{
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a the unsigned long as a string
- //
- // -----------------------------------------------------------------------
+string Common::ToString(unsigned long num) {
+
ostringstream result;
result << num;
return result.str();
}
-
//****************************************************************************************//
// CommonException Class //
//****************************************************************************************//
Modified: trunk/ovaldi/src/Common.h
===================================================================
--- trunk/ovaldi/src/Common.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Common.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Common.h 4660 2008-01-17 22:27:18Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -104,6 +103,7 @@
static string GetDatafile();
static bool GetGenerateMD5();
static string GetXMLfile();
+ static string GetSchemaPath();
static string GetXMLfileMD5();
static string GetOutputFilename();
static bool GetUseProvidedData();
@@ -122,6 +122,7 @@
static void SetDataFile(string);
static void SetGenerateMD5(bool);
static void SetXMLfile(string);
+ static void SetSchemaPath(string);
static void SetXMLfileMD5(string);
static void SetOutputFilename(string);
static void SetUseProvidedData(bool);
@@ -143,16 +144,33 @@
static string PadString(string, unsigned int);
/** Pad the provided string with the specified char so that it is the desired length. */
static string PadStringWithChar(string, char, unsigned int);
+ /**
+ * This function takes a string and searches for all oldChrs. If one is found,
+ * it is replaced with a newChr. It is only intended to work with a single char
+ * at a time. No multiple char strings allowed
+ */
static string SwitchChar(string stringIn, string oldChr, string newChr);
+ /** Return true if the specified file exists. */
+ static bool FileExists(const char* filename);
+ /** Return the int as a string. */
static string ToString(int);
+ /** Return the long as a string. */
static string ToString(long);
+ /** Return the unsigned long as a string. */
static string ToString(unsigned long);
+ /** Return a the bool as a string. */
static string ToString(bool);
+ /** Return a the char as a string. */
static string ToString(char);
+ /**
+ * Retrieve the date/time. The final output will be in the format:
+ * yyyy-mm-ddThh:mm:ss 2006-08-16T14:21:38
+ */
static string GetTimeStamp();
static char fileSeperator;
+ static string fileSeperatorStr;
private:
static string dataFile;
@@ -160,6 +178,7 @@
static string startTime;
static string externalVariablesFile;
static string xmlfile;
+ static string schemapath;
static bool noXsl;
static string xslFile;
static string xslOutputFile;
@@ -172,6 +191,12 @@
static bool doDefinitionSchematron;
static string definitionSchematronPath;
static string definitionIdsFile;
+
+ /** format of a definition id. */
+ static const string DEFINITION_ID;
+
+ /** format required for a list of definitions ids */
+ static const string DEFINITION_ID_LIST;
};
/**
Modified: trunk/ovaldi/src/ComponentFactory.cpp
===================================================================
--- trunk/ovaldi/src/ComponentFactory.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ComponentFactory.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -41,28 +41,36 @@
string elmName = XmlCommon::GetElementName(componentElm);
if(elmName.compare("variable_component") == 0) {
absComponent = new VariableComponent();
- absComponent->Parse(componentElm);
} else if(elmName.compare("literal_component") == 0) {
absComponent = new LiteralComponent();
- absComponent->Parse(componentElm);
} else if(elmName.compare("object_component") == 0) {
absComponent = new ObjectComponent();
- absComponent->Parse(componentElm);
//
// functions
//
} else if(elmName.compare("substring") == 0) {
absComponent = new SubstringFunction();
- absComponent->Parse(componentElm);
} else if(elmName.compare("concat") == 0) {
absComponent = new ConcatFunction();
- absComponent->Parse(componentElm);
} else if(elmName.compare("escape_regex") == 0) {
absComponent = new EscapeRegexFunction();
- absComponent->Parse(componentElm);
- } else {
+ } else if(elmName.compare("begin") == 0) {
+ absComponent = new BeginFunction();
+ } else if(elmName.compare("end") == 0) {
+ absComponent = new EndFunction();
+ } else if(elmName.compare("split") == 0) {
+ absComponent = new SplitFunction();
+ } else if(elmName.compare("time_difference") == 0) {
+ absComponent = new TimeDifferenceFunction();
+ } else if(elmName.compare("regex_capture") == 0) {
+ absComponent = new RegexCaptureFunction();
+ } else if(elmName.compare("arithmetic") == 0) {
+ absComponent = new ArithmeticFunction();
+ } else {
throw Exception("Error: unsupported function: " + elmName);
}
+ absComponent->Parse(componentElm);
+
return absComponent;
}
Modified: trunk/ovaldi/src/ComponentFactory.h
===================================================================
--- trunk/ovaldi/src/ComponentFactory.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ComponentFactory.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -37,6 +37,12 @@
#include "SubstringFunction.h"
#include "ConcatFunction.h"
#include "EscapeRegexFunction.h"
+#include "BeginFunction.h"
+#include "EndFunction.h"
+#include "SplitFunction.h"
+#include "RegexCaptureFunction.h"
+#include "ArithmeticFunction.h"
+#include "TimeDifferenceFunction.h"
XERCES_CPP_NAMESPACE_USE
using namespace std;
Modified: trunk/ovaldi/src/ConcatFunction.cpp
===================================================================
--- trunk/ovaldi/src/ConcatFunction.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ConcatFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -143,8 +143,8 @@
for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
values->push_back((*varIterator));
}
- // BUG - These can ot currenrtly be deleted.
- // The code is no consistant here. In places a new vector is returned
+ // BUG - These can not currenrtly be deleted.
+ // The code is not consistant here. In places a new vector is returned
// in others a reference to a vector that is managed by other code is returned.
//delete tmp;
//tmp = NULL;
Modified: trunk/ovaldi/src/DocumentManager.cpp
===================================================================
--- trunk/ovaldi/src/DocumentManager.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/DocumentManager.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: DocumentManager.cpp 4600 2008-01-03 16:49:12Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -45,57 +44,35 @@
// Public members //
// *************************************************************************************** //
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* DocumentManager::GetDefinitionDocument() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // return the definition document
- //
- // -----------------------------------------------------------------------
-
return DocumentManager::definitionDoc;
}
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* DocumentManager::GetResultDocument() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // return the resultDoc document
- //
- // -----------------------------------------------------------------------
-
return DocumentManager::resultDoc;
}
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* DocumentManager::GetSystemCharacterisitcsDocument() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // return the systemCharacterisitcsDoc document
- //
- // -----------------------------------------------------------------------
-
return DocumentManager::systemCharacterisitcsDoc;
}
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* DocumentManager::GetExternalVariableDocument() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // return the externalVariableDoc document
- // If the document has not yet been parsed parse it
- //
- // -----------------------------------------------------------------------
if(DocumentManager::externalVariableDoc == NULL) {
- try {
- XmlProcessor *processor = XmlProcessor::Instance();
- DocumentManager::externalVariableDoc = processor->ParseFile(Common::GetExternalVariableFile());
- } catch (Exception ex) {
- Log::Debug("Error while parsing external variable file: " + Common::GetExternalVariableFile() + " " + ex.GetErrorMessage());
- throw ex;
- } catch (...) {
- Log::Debug("An unknown error occured while parsing external variable file: " + Common::GetExternalVariableFile());
- throw Exception("An unknown error occured while parsing external variable file: " + Common::GetExternalVariableFile());
+ string varFile = Common::GetExternalVariableFile();
+ if(Common::FileExists(varFile.c_str())) {
+ try {
+ XmlProcessor *processor = XmlProcessor::Instance();
+ DocumentManager::externalVariableDoc = processor->ParseFile(Common::GetExternalVariableFile());
+ } catch (Exception ex) {
+ Log::Debug("Error while parsing external variable file: " + Common::GetExternalVariableFile() + " " + ex.GetErrorMessage());
+ throw ex;
+ } catch (...) {
+ Log::Debug("An unknown error occured while parsing external variable file: " + Common::GetExternalVariableFile());
+ throw Exception("An unknown error occured while parsing external variable file: " + Common::GetExternalVariableFile());
+ }
+ } else {
+ Log::Debug("The external variable file does not exist! The definitions being evaluated rely on external variables for proper evaluation. Values for external variables must be specifed in an external variables file. " + varFile);
+ throw Exception("The external variable file does not exist! The definitions being evaluated rely on external variables for proper evaluation. Values for external variables must be specifed in an external variables file. " + varFile);
}
}
@@ -105,15 +82,21 @@
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* DocumentManager::GetEvaluationIdDocument() {
if(DocumentManager::evaluationIdDoc == NULL) {
- try {
- XmlProcessor *processor = XmlProcessor::Instance();
- DocumentManager::evaluationIdDoc = processor->ParseFile(Common::GetDefinitionIdsFile());
- } catch (Exception ex) {
- Log::Debug("Error while parsing evaluation id file: " + Common::GetDefinitionIdsFile() + " " + ex.GetErrorMessage());
- throw ex;
- } catch (...) {
- Log::Debug("An unknown error occured while parsing evaluation id file: " + Common::GetDefinitionIdsFile());
- throw Exception("An unknown error occured while parsing evaluation id file: " + Common::GetDefinitionIdsFile());
+ string idFile = Common::GetDefinitionIdsFile();
+ if(Common::FileExists(idFile.c_str())) {
+ try {
+ XmlProcessor *processor = XmlProcessor::Instance();
+ DocumentManager::evaluationIdDoc = processor->ParseFile(Common::GetDefinitionIdsFile());
+ } catch (Exception ex) {
+ Log::Debug("Error while parsing evaluation id file: " + Common::GetDefinitionIdsFile() + " " + ex.GetErrorMessage());
+ throw ex;
+ } catch (...) {
+ Log::Debug("An unknown error occured while parsing evaluation id file: " + Common::GetDefinitionIdsFile());
+ throw Exception("An unknown error occured while parsing evaluation id file: " + Common::GetDefinitionIdsFile());
+ }
+ } else {
+ Log::Debug("The evaluation id file does not exist! " + idFile);
+ throw Exception("The evaluation id file does not exist! " + idFile);
}
}
@@ -121,45 +104,17 @@
}
void DocumentManager::SetSystemCharacterisitcsDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* sc) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // set the systemCharacterisitcsDoc document
- //
- // -----------------------------------------------------------------------
-
DocumentManager::systemCharacterisitcsDoc = sc;
}
void DocumentManager::SetResultDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* r) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // set the resultDoc document
- //
- // -----------------------------------------------------------------------
-
DocumentManager::resultDoc = r;
}
void DocumentManager::SetDefinitionDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* d) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // set the definitionDoc document
- //
- // -----------------------------------------------------------------------
-
DocumentManager::definitionDoc = d;
}
void DocumentManager::SetExternalVariableDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* d) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // set the externalVariableDoc document
- //
- // -----------------------------------------------------------------------
-
DocumentManager::externalVariableDoc = d;
}
Modified: trunk/ovaldi/src/DocumentManager.h
===================================================================
--- trunk/ovaldi/src/DocumentManager.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/DocumentManager.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: DocumentManager.h 4602 2008-01-03 17:29:35Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -31,15 +30,6 @@
#ifndef DOCUMENTMANAGER_H
#define DOCUMENTMANAGER_H
-// required xerces includes
-//#include <xercesc/dom/DOM.hpp>
-//#include <xercesc/dom/DOMAttr.hpp>
-//#include <xercesc/dom/DOMDocument.hpp>
-//#include <xercesc/dom/DOMNodeList.hpp>
-//#include <xercesc/util/XMLString.hpp>
-//#include <xercesc/util/PlatformUtils.hpp>
-//#include <xercesc/parsers/AbstractDOMParser.hpp>
-
#include "XmlProcessor.h"
#include "Common.h"
@@ -53,9 +43,15 @@
*/
class DocumentManager {
public:
+ /** Return the definition document. */
static XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* GetDefinitionDocument();
+ /** Return the systemCharacterisitcsDoc document. */
static XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* GetSystemCharacterisitcsDocument();
+ /** Return the resultDoc document. */
static XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* GetResultDocument();
+ /** Return the externalVariableDoc document.
+ * If the document has not yet been parsed parse it.
+ */
static XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* GetExternalVariableDocument();
/** Get the evaluation id docuement.
@@ -64,9 +60,13 @@
*/
static XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* GetEvaluationIdDocument();
+ /** Set the definitionDoc document. */
static void SetDefinitionDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument*);
+ /** Set the systemCharacterisitcsDoc document. */
static void SetSystemCharacterisitcsDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument*);
+ /** Set the resultDoc document. */
static void SetResultDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument*);
+ /** Set the externalVariableDoc document. */
static void SetExternalVariableDocument(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument*);
private:
Added: trunk/ovaldi/src/EndFunction.cpp
===================================================================
--- trunk/ovaldi/src/EndFunction.cpp (rev 0)
+++ trunk/ovaldi/src/EndFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,143 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "EndFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+EndFunction::EndFunction(string charIn) : AbsFunctionComponent() {
+
+ this->SetCharacter(charIn);
+}
+
+EndFunction::~EndFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+string EndFunction::GetCharacter() {
+ return this->character;
+}
+
+void EndFunction::SetCharacter(string charIn) {
+
+ this->character = charIn;
+}
+
+ComponentValue* EndFunction::ComputeValue() {
+
+ StringVector* values = NULL;
+
+ AbsComponent* component = this->GetComponents()->at(0);
+
+ ComponentValue* componentValue = component->ComputeValue();
+
+ // create and populate a result ComponentValue
+ ComponentValue* result = new ComponentValue();
+ result->SetFlag(componentValue->GetFlag());
+ result->AppendMessages(componentValue->GetMessages());
+
+ if(componentValue->GetFlag() == OvalEnum::FLAG_COMPLETE) {
+ values = new StringVector();;
+
+ StringVector::iterator iterator;
+ for(iterator = componentValue->GetValues()->begin(); iterator != componentValue->GetValues()->end(); iterator++) {
+ string currentValue = (*iterator);
+ string newValue = "";
+
+ if(currentValue.length() > this->GetCharacter().length()) {
+ unsigned int charLength = this->GetCharacter().length();
+ string endSubStr = currentValue.substr(currentValue.length() - charLength, currentValue.length());
+ if(this->GetCharacter().compare(endSubStr) != 0) {
+ newValue = currentValue.append(this->GetCharacter());
+ } else {
+ newValue = currentValue;
+ }
+
+ } else {
+ newValue = currentValue.append(this->GetCharacter());
+ }
+ values->push_back(newValue);
+ }
+ result->SetValues(values);
+ }
+
+ delete componentValue;
+
+ return result;
+}
+
+void EndFunction::Parse(DOMElement* componentElm) {
+
+ // get the character attrs
+ string charAttr = XmlCommon::GetAttributeByName(componentElm, "character");
+ this->SetCharacter(charAttr);
+
+ // Loop through all child elements
+ // there should only ever be one
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* EndFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/EndFunction.h
===================================================================
--- trunk/ovaldi/src/EndFunction.h (rev 0)
+++ trunk/ovaldi/src/EndFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,73 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef ENDFUNCTION_H
+#define ENDFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a EndFunction component in a local_variable in the oval definition schema.
+
+ The end function takes a single string component and defines a character (or string) that the
+ component string should end with. The character attribute defines the specific character
+ (or string). The character (or string) is only added to the component string if the component
+ string doesn't already end with the specified character (or string).
+*/
+class EndFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete EndFunction object. */
+ EndFunction(string charIn = "");
+ ~EndFunction();
+
+ /** Parse the begin element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the character field's value. */
+ string GetCharacter();
+ /** Set the character field's value. */
+ void SetCharacter(string charIn);
+
+private:
+ string character;
+};
+
+#endif
Modified: trunk/ovaldi/src/EntityComparator.cpp
===================================================================
--- trunk/ovaldi/src/EntityComparator.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/EntityComparator.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -35,23 +35,36 @@
//****************************************************************************************//
OvalEnum::ResultEnumeration EntityComparator::CompareBinary(OvalEnum::Operation op, string defValue, string scValue) {
+ // Validate the inputs align with the notion of binary regex = "[0-9a-fA-F]"
+ REGEX myRegex;
+ if(!myRegex.IsMatch("[0-9a-fA-F]", defValue.c_str())) {
+ throw Exception("Error: Invalid binary value on definition entity. " + defValue);
+ }
+
+ if(!myRegex.IsMatch("[0-9a-fA-F]", scValue.c_str())) {
+ throw Exception("Error: Invalid binary value on system characteristics item entity. " + defValue);
+ }
+
+ string tmpdefValue = EntityComparator::ToUpper(defValue);
+ string tmpscValue = EntityComparator::ToUpper(scValue);
+
OvalEnum::ResultEnumeration result = OvalEnum::RESULT_ERROR;
if(op == OvalEnum::OPERATION_EQUALS) {
- if(defValue.compare(scValue) == 0) {
+ if(tmpdefValue.compare(tmpscValue) == 0) {
result = OvalEnum::RESULT_TRUE;
} else {
result = OvalEnum::RESULT_FALSE;
}
} else if(op == OvalEnum::OPERATION_NOT_EQUAL) {
- if(defValue.compare(scValue) != 0) {
+ if(tmpdefValue.compare(tmpscValue) != 0) {
result = OvalEnum::RESULT_TRUE;
} else {
result = OvalEnum::RESULT_FALSE;
}
} else {
throw Exception("Error: Invalid operaion. operation: " + OvalEnum::OperationToString(op));
- }
+ }
return result;
}
@@ -163,13 +176,6 @@
} else {
result = OvalEnum::RESULT_FALSE;
}
- //} else if(op == OvalEnum::OPERATION_PATTERN_MATCH) {
- // REGEX myRegex;
- // if(myRegex.IsMatch(defValue.c_str(), scValue.c_str())) {
- // result = OvalEnum::RESULT_TRUE;
- // } else {
- // result = OvalEnum::RESULT_FALSE;
- // }
} else {
throw Exception("Error: Invalid operaion. operation: " + OvalEnum::OperationToString(op));
}
@@ -347,8 +353,11 @@
OvalEnum::ResultEnumeration EntityComparator::CompareIosVersion(OvalEnum::Operation op, string defValue, string scValue) {
OvalEnum::ResultEnumeration result = OvalEnum::RESULT_ERROR;
-// TODO need to implement
- throw Exception("Error: not implemented:" + OvalEnum::OperationToString(op));
+
+ // TODO need to implement
+
+ throw Exception("Error: not implemented:" + OvalEnum::OperationToString(op));
+
return result;
}
OvalEnum::ResultEnumeration EntityComparator::CompareInteger(OvalEnum::Operation op, string defValue, string scValue) {
@@ -422,12 +431,34 @@
} else {
result = OvalEnum::RESULT_FALSE;
}
+ } else if(op == OvalEnum::OPERATION_CASE_INSENSITIVE_EQUALS) {
+
+ string upperDefValue = ToUpper(defValue);
+ string upperSCValue = ToUpper(defValue);
+
+ if(upperDefValue.compare(upperSCValue) == 0) {
+ result = OvalEnum::RESULT_TRUE;
+ } else {
+ result = OvalEnum::RESULT_FALSE;
+ }
+
} else if(op == OvalEnum::OPERATION_NOT_EQUAL) {
if(defValue.compare(scValue) != 0) {
result = OvalEnum::RESULT_TRUE;
} else {
result = OvalEnum::RESULT_FALSE;
}
+ } else if(op == OvalEnum::OPERATION_CASE_INSENSITIVE_NOT_EQUAL) {
+
+ string upperDefValue = ToUpper(defValue);
+ string upperSCValue = ToUpper(defValue);
+
+ if(upperDefValue.compare(upperSCValue) != 0) {
+ result = OvalEnum::RESULT_TRUE;
+ } else {
+ result = OvalEnum::RESULT_FALSE;
+ }
+
} else if(op == OvalEnum::OPERATION_PATTERN_MATCH) {
REGEX myRegex;
if(myRegex.IsMatch(defValue.c_str(), scValue.c_str())) {
@@ -437,11 +468,24 @@
}
} else {
throw Exception("Error: Invalid operaion. operation: " + OvalEnum::OperationToString(op));
- }
+ }
return result;
}
+string EntityComparator::ToUpper(string s) {
+
+ string upperString;
+ string::const_iterator iter;
+
+ for(iter = s.begin(); iter != s.end(); iter++)
+ {
+ upperString += ::toupper(*iter);
+ }
+
+ return upperString;
+}
+
OvalEnum::ResultEnumeration EntityComparator::CompareVersion(OvalEnum::Operation op, string defValue, string scValue) {
OvalEnum::ResultEnumeration result = OvalEnum::RESULT_ERROR;
@@ -577,7 +621,7 @@
} else {
char delm = versionStr.at(index);
- char* theString = (char*)malloc(sizeof(char*)*(versionStr.length()));
+ char* theString = (char*)malloc(sizeof(char)*(versionStr.length()+1));
theString = strcpy(theString, versionStr.c_str());
char* token = strtok(theString, &delm);
@@ -585,6 +629,7 @@
if(theString != NULL) {
free(theString);
}
+ delete tokens;
throw Exception("Error parsing version string. A delimiter was found, but no other components to the version were found. Input version string: \'" + versionStr + "\' delimiter detected: \'" + delm + "\'");
} else {
@@ -598,6 +643,7 @@
if(theString != NULL) {
free(theString);
}
+ delete tokens;
throw Exception("Error parsing version string. A component of the version string is not an integer. Input version string: \'" + versionStr + "\' delimiter detected: \'" + delm + "\' erroneous component: \'" + tokenStr + "\'");
}
Modified: trunk/ovaldi/src/EntityComparator.h
===================================================================
--- trunk/ovaldi/src/EntityComparator.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/EntityComparator.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -44,7 +44,9 @@
class EntityComparator {
public:
- /** Compare two binary values based on the specified operation */
+ /** Compare two binary values based on the specified operation
+ Binary values must match the following regex "[0-9a-fA-F]"
+ */
static OvalEnum::ResultEnumeration CompareBinary(OvalEnum::Operation op, string defValue, string scValue);
/** Compare two boolean values based on the specified operation.
@@ -57,7 +59,15 @@
*/
static OvalEnum::ResultEnumeration CompareEvrString(OvalEnum::Operation, string defValue, string scValue);
- /** Compare to floats based on the specified operation. */
+ /**
+ * Compare to floats based on the specified operation.
+ *
+ * TODO - need to align with W3C notion of a float.
+ * This datatype conforms to the W3C Recommendation for float data meaning it is patterned after the IEEE
+ * single-precision 32-bit floating point type. The format consists of a decimal followed, optionally,
+ * by the character 'E' or 'e', followed by an integer exponent. The special values positive and negative
+ * infinity and not-a-number have are represented by INF, -INF and NaN, respectively.
+ */
static OvalEnum::ResultEnumeration CompareFloat(OvalEnum::Operation op, string defValue, string scValue);
/** Compare to integers based on the specified operation.
@@ -102,6 +112,8 @@
static string GetEpochFromEVR(string evrStr);
static string GetVersionFromEVR(string evrStr);
static string GetReleaseFromEVR(string evrStr);
+
+ static string ToUpper(string s);
};
#endif
Modified: trunk/ovaldi/src/ExternalVariable.cpp
===================================================================
--- trunk/ovaldi/src/ExternalVariable.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ExternalVariable.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -36,12 +36,6 @@
//****************************************************************************************//
ExternalVariable::ExternalVariable(string id, string name, int version, OvalEnum::Datatype datatype, StringVector* msgs) : AbsVariable (id, name, version, datatype, msgs) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Create a complete ExternalVariable
- //
- // -----------------------------------------------------------------------
}
@@ -53,12 +47,6 @@
// Public members //
// *************************************************************************************** //
void ExternalVariable::Parse(DOMElement* externalVariableElm) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Parse the provided ExternalVariable element into a ExternalVariable
- //
- // -----------------------------------------------------------------------
this->SetId(XmlCommon::GetAttributeByName(externalVariableElm, "id"));
this->SetDatatype(OvalEnum::ToDatatype(XmlCommon::GetAttributeByName(externalVariableElm, "datatype")));
@@ -94,13 +82,7 @@
}
VariableValueVector* ExternalVariable::GetVariableValues() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // return the variable values used to compute this variable's value
- // in this case just an empty vector.
- // -----------------------------------------------------------------------
-
+
VariableValueVector* values = new VariableValueVector();
return values;
@@ -145,58 +127,50 @@
this->AppendMessage("Error unable to find external variable " + this->GetId() + " in external variable document.");
} else {
- // validate the datatype
+ // validate the datatype and warn if not matching
OvalEnum::Datatype externalDatatype = OvalEnum::ToDatatype(XmlCommon::GetAttributeByName(variableElm, "datatype"));
if(this->GetDatatype() != externalDatatype) {
-
- this->SetFlag(OvalEnum::FLAG_ERROR);
- this->AppendMessage("Error, the specified external variable (" + this->GetId() + ") in the supplied external variable document has the wrong datatype. The variable in the oval-definition document expected datatype=" + OvalEnum::DatatypeToString(this->GetDatatype()) + ". The external variable in the supplied variable document has datatype=" + OvalEnum::DatatypeToString(externalDatatype) + ".");
- return;
+ string warningMessage = "Warning, the specified external variable (" + this->GetId() + ") in the supplied external variable document has the wrong datatype. The variable in the oval-definition document expected datatype=" + OvalEnum::DatatypeToString(this->GetDatatype()) + ". The external variable in the supplied variable document has datatype=" + OvalEnum::DatatypeToString(externalDatatype) + ".";
+ this->AppendMessage(warningMessage);
+ Log::Info(warningMessage);
+ }
- } else {
- // get each value from the variable element in the external variables document.
- DOMNodeList *variableElmChildren = variableElm->getChildNodes();
- unsigned int index = 0;
- while(index < variableElmChildren->getLength()) {
- DOMNode *tmpNode = variableElmChildren->item(index);
- if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
- DOMElement *childElm = (DOMElement*)tmpNode;
- string elmName = XmlCommon::GetElementName(childElm);
-
- // parse each value element
- if(elmName.compare("value") == 0) {
- string externalValue = XmlCommon::GetDataNodeValue(childElm);
- // validate the value
- if(this->ValidateValue(this->GetDatatype(), externalValue)) {
+ // get each value from the variable element in the external variables document.
+ DOMNodeList *variableElmChildren = variableElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < variableElmChildren->getLength()) {
+ DOMNode *tmpNode = variableElmChildren->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+ string elmName = XmlCommon::GetElementName(childElm);
+
+ // parse each value element
+ if(elmName.compare("value") == 0) {
+ string externalValue = XmlCommon::GetDataNodeValue(childElm);
- // add the value to the set of values for this exteranl variable.
- VariableValue* varValue = new VariableValue(this->GetId(), externalValue);
- this->AppendVariableValue(varValue);
+ // validate the value
+ if(this->ValidateValue(this->GetDatatype(), externalValue)) {
- } else {
- this->SetFlag(OvalEnum::FLAG_ERROR);
- this->AppendMessage("Error a value ('" + externalValue + "') of external variable " + this->GetId() + " does not match the possible values for the variable.");
- return;
- }
+ // add the value to the set of values for this exteranl variable.
+ VariableValue* varValue = new VariableValue(this->GetId(), externalValue);
+ this->AppendVariableValue(varValue);
+
+ } else {
+ this->SetFlag(OvalEnum::FLAG_ERROR);
+ this->AppendMessage("Error a value ('" + externalValue + "') of external variable " + this->GetId() + " does not match the possible values for the variable.");
+ return;
}
}
- index ++;
}
- this->SetFlag(OvalEnum::FLAG_COMPLETE);
+ index ++;
}
+ this->SetFlag(OvalEnum::FLAG_COMPLETE);
+
}
}
bool ExternalVariable::ValidateValue(OvalEnum::Datatype datatype, string externalValue) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Ensure that the specified value matches the criteria
- // specified by the possible_value and possible_restriction elements
- // of this variable
- //
- // ----------------------------------------------------------------------
bool isValid = false;
Modified: trunk/ovaldi/src/ExternalVariable.h
===================================================================
--- trunk/ovaldi/src/ExternalVariable.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ExternalVariable.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -48,6 +48,7 @@
ExternalVariable(string id = "", string name = "external_variable", int version = 1, OvalEnum::Datatype datatype = OvalEnum::DATATYPE_STRING, StringVector* msgs = new StringVector());
~ExternalVariable();
+ /** Parse the provided ExternalVariable element into a ExternalVariable. */
void Parse(DOMElement* externalVariableElm);
/** Fetch the variable from the external-variables.xml file.
@@ -71,6 +72,7 @@
/** Append a PossibleRestrictionType to the set of PossibleRestrictionType objects for this ExternalVariable. */
void AppendPossibleRestrictionType(PossibleRestrictionType* pr);
+ /** Return the variable values used to compute this variable's value. In this case just an empty vector. */
VariableValueVector* GetVariableValues();
PossibleValueTypeVector possibleValueTypes;
Modified: trunk/ovaldi/src/Filter.cpp
===================================================================
--- trunk/ovaldi/src/Filter.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Filter.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Filter.cpp 4596 2008-01-03 16:44:54Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/FilterEntity.cpp
===================================================================
--- trunk/ovaldi/src/FilterEntity.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/FilterEntity.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: FilterEntity.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -126,11 +125,6 @@
}
void FilterEntity::Parse(DOMElement* FilterEntityElm) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Parse the provided FilterEntity element
- // -----------------------------------------------------------------------
this->SetName(XmlCommon::GetElementName(FilterEntityElm));
this->SetValue(XmlCommon::GetDataNodeValue(FilterEntityElm));
@@ -139,6 +133,20 @@
this->SetEntityCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(FilterEntityElm, "entity_check")));
this->SetVarCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(FilterEntityElm, "var_check")));
+ // to support version 5.3 it is best to just look for the deprected check = none exist
+ // and report it in the log
+ if(this->GetVarCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ this->SetVarCheck(OvalEnum::CHECK_NONE_SATISFY);
+ Log::Info("DEPRECATED var_check value: The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. The OVAL Interpreter has mapped this value to \'none satisfy\'");
+ }
+
+ // to support version 5.3 it is best to just look for the deprected check = none exist
+ // and report it in the log
+ if(this->GetEntityCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ this->SetEntityCheck(OvalEnum::CHECK_NONE_SATISFY);
+ Log::Info("DEPRECATED entity_check value: The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. The OVAL Interpreter has mapped this value to \'none satisfy\'");
+ }
+
// get the nill attribute
string nilAttr = XmlCommon::GetAttributeByName(FilterEntityElm, "nil");
if(nilAttr.compare("") == 0 || nilAttr.compare("false") == 0) {
Modified: trunk/ovaldi/src/FilterEntity.h
===================================================================
--- trunk/ovaldi/src/FilterEntity.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/FilterEntity.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: FilterEntity.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -55,6 +54,8 @@
~FilterEntity();
bool Equals(AbsEntity* entity);
+
+ /** Parses a FilterEntity element. */
void Parse(DOMElement* entitiyElm);
OvalEnum::Check GetEntityCheck();
Modified: trunk/ovaldi/src/LocalVariable.cpp
===================================================================
--- trunk/ovaldi/src/LocalVariable.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/LocalVariable.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: LocalVariable.cpp 4593 2008-01-03 16:39:57Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -86,7 +85,7 @@
void LocalVariable::Parse(DOMElement* localVariableElm) {
this->SetId(XmlCommon::GetAttributeByName(localVariableElm, "id"));
- this->SetDatatype(OvalEnum::ToDatatype(XmlCommon::GetAttributeByName(localVariableElm, "daatatype")));
+ this->SetDatatype(OvalEnum::ToDatatype(XmlCommon::GetAttributeByName(localVariableElm, "datatype")));
string versionStr = XmlCommon::GetAttributeByName(localVariableElm, "version");
int version;
if(versionStr.compare("") != 0) {
Modified: trunk/ovaldi/src/Log.h
===================================================================
--- trunk/ovaldi/src/Log.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Log.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Log.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/Main.cpp
===================================================================
--- trunk/ovaldi/src/Main.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Main.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -35,13 +35,6 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
int main(int argc, char* argv[]) {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // This is the starting point for this app.
- //
- //------------------------------------------------------------------------------------//
/////////////////////// DEBUG ///////////////////////////////////////
#ifdef _DEBUG
@@ -109,7 +102,7 @@
FILE* fpVerify = fopen(Common::GetXMLfile().c_str(), "rb");
if (fpVerify == NULL) {
- cerr << endl << "** ERROR: Could not open file.";
+ cerr << endl << "** ERROR: Could not open file. The specified definition file does not exist.";
exit(0);
}
@@ -166,7 +159,7 @@
string errorMessage = "";
errorMessage.append("\nERROR: Unable to open the '");
- errorMessage.append(Common::GetXMLfile());
+ errorMessage.append(Common::GetXMLfile());
errorMessage.append("' file to verify it. The program will terminate.\n");
cerr << errorMessage;
Log::Fatal(errorMessage);
@@ -453,13 +446,6 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Functions ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
void ProcessCommandLine(int argc, char* argv[]) {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Parse list of options passed from command line.
- //
- //------------------------------------------------------------------------------------//
// There must be at least two arguments. The program name and the xmlfile hash. (or
// the -m flag signifing no hash is required)
@@ -471,221 +457,250 @@
// which is why we stop when argc is less than or equal to 1) This signifies that we
// have run out of arguments to check.
- while (argc > 1) {
- // Make sure that the switch control starts with a dash.
+ try {
- if (argv[1][0] != '-') {
- if ((argc == 2) && (Common::GetVerifyXMLfile() == true)) {
- Common::SetXMLfileMD5(argv[1]);
- ++argv;
- --argc;
- continue;
- } else {
- Usage();
- exit(0);
- }
- }
+ while (argc > 1) {
+ // Make sure that the switch control starts with a dash.
- // Determine which option has been signalled. Perform necessary steps.
-
- switch (argv[1][1]) {
- // ********** save the data ********** //
- case 'd':
-
- if ((argc < 3) || (argv[2][0] == '-')) {
+ if (argv[1][0] != '-') {
+ if ((argc == 2) && (Common::GetVerifyXMLfile() == true)) {
+ Common::SetXMLfileMD5(argv[1]);
+ ++argv;
+ --argc;
+ continue;
+ } else {
Usage();
exit(0);
- } else {
- Common::SetDataFile(argv[2]);
- ++argv;
- --argc;
}
+ }
- break;
-
- // ********** available options ********** //
- case 'h':
+ // Determine which option has been signalled. Perform necessary steps.
- Usage();
- exit(0);
+ switch (argv[1][1]) {
+ // ********** save the data ********** //
+ case 'd':
- break;
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetDataFile(argv[2]);
+ ++argv;
+ --argc;
+ }
- // ********** use input data file ********** //
- case 'i':
+ break;
+
+ // ********** available options ********** //
+ case 'h':
- if ((argc < 3) || (argv[2][0] == '-')) {
Usage();
exit(0);
- } else {
- Common::SetDataFile(argv[2]);
- Common::SetUseProvidedData(true);
- ++argv;
- --argc;
- }
- break;
+ break;
- // ********** definition ids to evaluate ********** //
- case 'e':
+ // ********** use input data file ********** //
+ case 'i':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetDefinitionIdsString(argv[2]);
- Common::SetLimitEvaluationToDefinitionIds(true);
- ++argv;
- --argc;
- }
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetDataFile(argv[2]);
+ Common::SetUseProvidedData(true);
+ if(!Common::FileExists(argv[2])) {
+ string str = argv[2];
+ throw CommonException("The specified data file does not exist! " + str);
+ }
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ********** file containing definition ids to evaluate ********** //
- case 'f':
+ // ********** definition ids to evaluate ********** //
+ case 'e':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetDefinitionIdsFile(argv[2]);
- Common::SetLimitEvaluationToDefinitionIds(true);
- ++argv;
- --argc;
- }
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetDefinitionIdsString(argv[2]);
+ Common::SetLimitEvaluationToDefinitionIds(true);
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ******** do oval definition schematron validation ******** //
- case 'n':
+ // ********** file containing definition ids to evaluate ********** //
+ case 'f':
- Common::SetDoDefinitionSchematron(true);
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetDefinitionIdsFile(argv[2]);
+ Common::SetLimitEvaluationToDefinitionIds(true);
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ********** path to the oval definitions schematron xsl ********** //
- case 'c':
+ // ******** do oval definition schematron validation ******** //
+ case 'n':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetDefinitionSchematronPath(argv[2]);
Common::SetDoDefinitionSchematron(true);
- ++argv;
- --argc;
- }
- break;
+ break;
- // ******** don't compare xmlfile to MD5 hash ******** //
- case 'm':
+ // ********** path to the oval definitions schematron xsl ********** //
+ case 'c':
- Common::SetVerifyXMLfile(false);
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetDefinitionSchematronPath(argv[2]);
+ Common::SetDoDefinitionSchematron(true);
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ********** path to definitions.xml file ********** //
- case 'o':
+ // ******** don't compare xmlfile to MD5 hash ******** //
+ case 'm':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetXMLfile(argv[2]);
- ++argv;
- --argc;
- }
+ Common::SetVerifyXMLfile(false);
- break;
+ break;
- // ********** save results in XML file ********** //
- case 'r':
+ // ********** path to definitions.xml file ********** //
+ case 'o':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetOutputFilename(argv[2]);
- ++argv;
- --argc;
- }
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetXMLfile(argv[2]);
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ********** no xsl ********** //
- case 's':
+ // ********** save results in XML file ********** //
+ case 'r':
- Common::SetNoXsl(true);
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetOutputFilename(argv[2]);
+ ++argv;
+ --argc;
+ }
- break;
+ break;
- // ********** apply the specified xsl to the results XML file ********** //
- case 't':
+ // ********** no xsl ********** //
+ case 's':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetXSLFilename(argv[2]);
- ++argv;
- --argc;
- }
+ Common::SetNoXsl(true);
- break;
+ break;
- // ********** write specified xsl output to the specified file ********** //
- case 'x':
+ // ********** apply the specified xsl to the results XML file ********** //
+ case 't':
- if ((argc < 3) || (argv[2][0] == '-')) {
- Usage();
- exit(0);
- } else {
- Common::SetXSLOutputFilename(argv[2]);
- ++argv;
- --argc;
- }
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetXSLFilename(argv[2]);
+ ++argv;
+ --argc;
+ }
- break;
-
- // ********** verbose mode ********** //
- case 'p':
+ break;
- Log::SetLevel(Log::DEBUG);
- Log::SetToScreen(true);
+ // ********** write specified xsl output to the specified file ********** //
+ case 'x':
- break;
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetXSLOutputFilename(argv[2]);
+ ++argv;
+ --argc;
+ }
- // ********** location of external variable file ********** //
- case 'v':
+ break;
+
+ // ********** verbose mode ********** //
+ case 'p':
+ Log::SetLevel(Log::DEBUG);
+ Log::SetToScreen(true);
+
+ break;
+
+ // ********** location of external variable file ********** //
+ case 'v':
+
+ if ((argc < 3) || (argv[2][0] == '-')) {
+ Usage();
+ exit(0);
+ } else {
+ Common::SetExternalVariableFile(argv[2]);
+ ++argv;
+ --argc;
+ }
+
+ break;
+
+ // ********** path to directory containing OVAL schema ********** //
+ case 'a':
+
if ((argc < 3) || (argv[2][0] == '-')) {
Usage();
exit(0);
} else {
- Common::SetExternalVariableFile(argv[2]);
+ Common::SetSchemaPath(argv[2]);
++argv;
--argc;
}
break;
- // ********** MD5 Utility ********** //
- case 'z':
+ // ********** MD5 Utility ********** //
+ case 'z':
- Common::SetGenerateMD5(true);
+ Common::SetGenerateMD5(true);
- break;
+ break;
- // ********** Default ********** //
- default:
+ // ********** Default ********** //
+ default:
- Usage();
- exit(0);
+ Usage();
+ exit(0);
+ }
+
+ ++argv;
+ --argc;
}
- ++argv;
- --argc;
+ } catch(Exception ex) {
+
+ cout << "*** Input error: " << ex.GetErrorMessage() << "\n\n\n----------------------------------------------------" << endl;
+ Log::Fatal("*** Input error: " + ex.GetErrorMessage() + "\n\n\n----------------------------------------------------\n");
+
+ Usage();
+ exit(0);
}
////////////////////////////////////////////////////////////
@@ -701,13 +716,6 @@
}
void Usage() {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Prints out a list of option flags that can be used with this exe.
- //
- //------------------------------------------------------------------------------------//
cout << endl;
cout << "Command Line: ovaldi [options] MD5Hash" << endl;
@@ -726,10 +734,11 @@
cout << "Input Validation Options:" << endl;
cout << " -m = do not verify the oval-definitions file with an MD5 hash." << endl;
cout << " -n = perform Schematron validation of the oval-definitions file." << endl;
- cout << " -c <string> = path to xsl for oval-definitions Schematron validation. DEFAULT=\"oval-definitions-schematron.xsl\"" << endl;
+ cout << " -c <string> = path to xsl for oval-definitions Schematron validation. DEFAULT=\"xml\\oval-definitions-schematron.xsl\"" << endl;
cout << "\n";
cout << "Data Collection Options:" << endl;
+ cout << " -a <string> = path to the directory that contains the OVAL schema. DEFAULT=\"xml\"" << endl;
cout << " -i <string> = path to input System Characteristics file. Evaluation will be based on the contents of the file." << endl;
cout << "\n";
@@ -737,7 +746,7 @@
cout << " -d <string> = save data to the specified XML file. DEFAULT=\"system-characteristics.xml\"" << endl;
cout << " -r <string> = save results to the specified XML file. DEFAULT=\"oval-results.xml\"" << endl;
cout << " -s = do not apply a stylesheet to the results xml." << endl;
- cout << " -t <string> = apply the sepcified xsl to the results xml. DEFAULT=\"results_to_html.xsl\"" << endl;
+ cout << " -t <string> = apply the sepcified xsl to the results xml. DEFAULT=\"xml\\results_to_html.xsl\"" << endl;
cout << " -x <string> = output xsl transform results to the specified file. DEFAULT=\"results.html\"" << endl;
cout << "\n";
Modified: trunk/ovaldi/src/Main.h
===================================================================
--- trunk/ovaldi/src/Main.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Main.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Main.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -73,8 +72,17 @@
#define BUFFER_SIZE 4096
-// Local Function Definitions.
+/** The starting point for the application. */
+int main(int argc, char* argv[]);
+
+/**
+ * Processes the commandline arguments and enforces required arguments.
+ * There must be at least two arguments. The program name and the xmlfile hash. (or
+ * the -m flag signifing no hash is required)
+ */
void ProcessCommandLine(int argc, char* argv[]);
+
+/** Prints out a list of option flags that can be used with this exe. */
void Usage();
#endif
Modified: trunk/ovaldi/src/Object.cpp
===================================================================
--- trunk/ovaldi/src/Object.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Object.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Object.cpp 4601 2008-01-03 16:50:21Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -31,17 +30,14 @@
#include "Object.h"
+
+ObjectMap Object::objectCache;
+
//****************************************************************************************//
// Object Class //
//****************************************************************************************//
Object::Object(string id, string comment, string xmlns, string name, int version) : AbsObject (id, comment, xmlns, name, version) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Create a complete object
- //
- // -----------------------------------------------------------------------
this->type = "Object";
}
@@ -67,67 +63,31 @@
// Public members //
// *************************************************************************************** //
BehaviorVector* Object::GetBehaviors() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the behaviors field's value
- //
- // -----------------------------------------------------------------------
return &this->behaviors;
}
void Object::SetBehaviors(BehaviorVector* behaviors) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the behaviors field's value
- //
- // -----------------------------------------------------------------------
this->behaviors = (*behaviors);
}
AbsEntityVector* Object::GetElements() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the elements field's value
- //
- // -----------------------------------------------------------------------
return &this->elements;
}
void Object::SetElements(AbsEntityVector* elements) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Set the elements field's value
- //
- // -----------------------------------------------------------------------
this->elements = (*elements);
}
void Object::AppendElement(ObjectEntity* objectEntity) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Add an element to the end of the elements vector
- //
- // -----------------------------------------------------------------------
this->elements.push_back(objectEntity);
}
ObjectEntity* Object::GetElementByName(string elementName) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return the set of elements with the specified name
- //
- // -----------------------------------------------------------------------
ObjectEntity* matchingElm = NULL;
@@ -143,12 +103,6 @@
}
VariableValueVector* Object::GetVariableValues() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Return a vector of variable values that were used for this object.
- //
- // -----------------------------------------------------------------------
VariableValueVector* varValues = new VariableValueVector();
@@ -171,12 +125,6 @@
}
void Object::Parse(DOMElement* objectElm) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Parse the provided object element int an object
- //
- // -----------------------------------------------------------------------
this->SetName(XmlCommon::GetElementName(objectElm));
this->SetId(XmlCommon::GetAttributeByName(objectElm, "id"));
@@ -219,3 +167,145 @@
}
}
}
+
+bool Object::Analyze(Item* item) {
+ // -----------------------------------------------------------------------
+ // Abstract
+ //
+ // Analyze the specified Item return the Result value for the Item.
+ //
+ // 1 - create a vector of Item elements that match each element in the object.
+ // 2 - pass the vector to the AbsEntity analyze method
+ // 3 - build a vector of results for each element in the object.
+ // 4 - combine the results to a single value by doing a logical and of the result values
+ // -----------------------------------------------------------------------
+
+ OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_ERROR;
+
+ // Check the status of the Item
+ if(item->GetStatus() == OvalEnum::STATUS_ERROR) {
+ overallResult = OvalEnum::RESULT_ERROR;
+ } else if(item->GetStatus() == OvalEnum::STATUS_NOT_COLLECTED) {
+ overallResult = OvalEnum::RESULT_ERROR;
+ } else if(item->GetStatus() == OvalEnum::STATUS_DOES_NOT_EXIST) {
+ overallResult = OvalEnum::RESULT_FALSE;
+ } else {
+
+ // check data before analysis
+ if(this->GetElements()->size() == 0) {
+ overallResult = OvalEnum::RESULT_TRUE;
+ } else {
+
+ // vector of result values before they are combined
+ IntVector iResults;
+
+ // Loop through all elements in the object
+ AbsEntityVector::iterator iterator;
+ for(iterator = this->GetElements()->begin(); iterator != this->GetElements()->end() && overallResult == OvalEnum::RESULT_TRUE; iterator++) {
+ ObjectEntity* objectEntity = (ObjectEntity*)(*iterator);
+
+ // locate matching elements in the item
+ string objectElmName = objectEntity->GetName();
+ ItemEntityVector* scElements = item->GetElementsByName(objectElmName);
+
+ if(scElements->size() == 0) {
+
+ // no matching elements foudn so not a matching item.
+ iResults.push_back(OvalEnum::RESULT_FALSE);
+
+ } else if (scElements->size() == 1) {
+
+ // found one match now we need to analyze the element to see if it is a match based on datatype and operation.
+ ItemEntity* itemEntity = (ItemEntity*)scElements->at(0);
+ OvalEnum::ResultEnumeration elmResult = objectEntity->Analyze(itemEntity);
+ iResults.push_back(elmResult);
+
+ } else {
+
+ // an error if more than 1 match is found
+ iResults.push_back(OvalEnum::RESULT_ERROR);
+ string errMessage = "More than one match element was found for an object entity. Object Id: " + this->GetId();
+ errMessage.append(" Item Id: " + item->GetId());
+ Log::Fatal(errMessage);
+ }
+
+ scElements->clear();
+ delete scElements;
+ }
+
+ // compute the overall result
+ overallResult = OvalEnum::CombineResultsByOperator(&iResults, OvalEnum::OPERATOR_AND);
+ }
+ }
+
+ // want to convert the result to a boolean
+ bool isMatch = false;
+ if(overallResult == OvalEnum::RESULT_TRUE) {
+ isMatch = true;
+ } else if(overallResult == OvalEnum::RESULT_FALSE) {
+ isMatch = false;
+ } else {
+ throw AbsObjectException("Object::Analyze method unable to convert result value to a boolean. Found result: " + OvalEnum::ResultToString(overallResult));
+ }
+ return isMatch;
+}
+
+Object* Object::GetObjectById(string objectId) {
+
+ Object* object = NULL;
+
+ // Search the cache
+ object = Object::SearchCache(objectId);
+
+ // if not found try to parse it.
+ if(object == NULL) {
+
+ DOMElement* objectsElm = XmlCommon::FindElement(DocumentManager::GetDefinitionDocument(), "objects");
+ DOMElement* objectElm = XmlCommon::FindElementByAttribute(objectsElm, "id", objectId);
+
+ if(objectElm == NULL) {
+ throw Exception("Unable to find specified object in oval-definitions document. Object id: " + objectId);
+ }
+
+ object = new Object();
+ object->Parse(objectElm);
+ Object::Cache(object);
+ }
+
+ return object;
+}
+
+// *************************************************************************************** //
+// Private members //
+// *************************************************************************************** //
+
+Object* Object::SearchCache(string id) {
+
+ Object* cachedObject = NULL;
+
+ ObjectMap::iterator iterator;
+ iterator = Object::objectCache.find(id);
+ if(iterator != Object::objectCache.end()) {
+ cachedObject = iterator->second;
+ }
+
+ return cachedObject;
+}
+
+void Object::ClearCache() {
+
+ ObjectMap::iterator iterator;
+ for(iterator = Object::objectCache.begin(); iterator != Object::objectCache.end(); iterator++) {
+
+ Object* object = iterator->second;
+ delete object;
+ }
+
+ Object::objectCache.clear();
+}
+
+void Object::Cache(Object* object) {
+
+ Object::objectCache.insert(ObjectPair(object->GetId(), object));
+}
+
Modified: trunk/ovaldi/src/Object.h
===================================================================
--- trunk/ovaldi/src/Object.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Object.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Object.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -32,6 +31,8 @@
#ifndef OBJECT_H
#define OBJECT_H
+#include <map>
+
#include "AbsObject.h"
#include "ObjectEntity.h"
#include "Behavior.h"
@@ -40,31 +41,85 @@
using namespace std;
class ObjectEntity;
+class Object;
+/**
+ A pair for storing object ids and Object pointers together.
+ Stores only pointers to the objects.
+*/
+typedef pair <string, Object* > ObjectPair;
+
+/**
+ A map for storing ObjectPairs.
+ Stores only pointers to the objects.
+*/
+typedef map <string, Object* > ObjectMap;
+
/**
This class represents an Object in an oval definition file.
*/
class Object : public AbsObject {
public:
+ /** Create a complete object */
Object(string id = "", string comment = "", string xmlns = "", string name = "", int version = 1);
~Object();
+ /** Parse the provided object element into an object. */
void Parse(DOMElement* objectElm);
+
+ /** Return a vector of variable values that were used for this object. */
VariableValueVector* GetVariableValues();
+ /** Set the behaviors field's value. */
BehaviorVector* GetBehaviors();
+
+ /** Return the behaviors field's value. */
void SetBehaviors(BehaviorVector* behaviors);
+ /** Return the elements field's value. */
AbsEntityVector* GetElements();
+
+ /** Set the elements field's value. */
void SetElements(AbsEntityVector* elements);
+ /** Return the set of elements with the specified name. */
ObjectEntity* GetElementByName(string elementName);
+ /** Add an element to the end of the elements vector. */
void AppendElement(ObjectEntity* objectEntity);
+
+ /** Return TRUE if the input itme matches the criteria specified by this object. */
+ bool Analyze(Item* item);
+
+ /** Return an object for the specified object id.
+ First the cache of Objects is checked. If the object is
+ not found in the cache the object is looked up in the
+ oval-definitions document and parsed. Once parsed
+ the new Object is added to the cache.
+
+ If the Object is not found an exception is thrown.
+
+ NOTE: This method is not intended to be used during data collection.
+ */
+ static Object* GetObjectById(string objectId);
+ /** Delete all Objects in the cache. */
+ static void ClearCache();
+
private:
+
+ /** Cache the specified Object. */
+ static void Cache(Object* object);
+
+ /** Search the cache of Objects for the specifed Object.
+ @return Returns the object with the specified id or NULL if not found.
+ */
+ static Object* SearchCache(string id);
+
AbsEntityVector elements;
BehaviorVector behaviors;
+
+ static ObjectMap objectCache;
};
#endif
Modified: trunk/ovaldi/src/ObjectEntity.cpp
===================================================================
--- trunk/ovaldi/src/ObjectEntity.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ObjectEntity.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -100,11 +100,6 @@
}
void ObjectEntity::Parse(DOMElement* ObjectEntityElm) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Parse the provided ObjectEntity element
- // -----------------------------------------------------------------------
this->SetName(XmlCommon::GetElementName(ObjectEntityElm));
this->SetValue(XmlCommon::GetDataNodeValue(ObjectEntityElm));
@@ -112,6 +107,13 @@
this->SetDatatype(OvalEnum::ToDatatype(XmlCommon::GetAttributeByName(ObjectEntityElm, "datatype")));
this->SetVarCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(ObjectEntityElm, "var_check")));
+ // to support version 5.3 it is best to just look for the deprected check = none exist
+ // and report it in the log
+ if(this->GetVarCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ this->SetVarCheck(OvalEnum::CHECK_NONE_SATISFY);
+ Log::Info("DEPRECATED var_check value: The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. The OVAL Interpreter has mapped this value to \'none satisfy\'");
+ }
+
// get the nill attribute
string nilAttr = XmlCommon::GetAttributeByName(ObjectEntityElm, "xsi:nil");
if(nilAttr.compare("") == 0 || nilAttr.compare("false") == 0) {
Modified: trunk/ovaldi/src/ObjectEntity.h
===================================================================
--- trunk/ovaldi/src/ObjectEntity.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ObjectEntity.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: ObjectEntity.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -55,6 +54,8 @@
~ObjectEntity();
bool Equals(AbsEntity* entity);
+
+ /** Parses the xml representation of a ObjectEntity. */
void Parse(DOMElement* entitiyElm);
};
Modified: trunk/ovaldi/src/ObjectReader.cpp
===================================================================
--- trunk/ovaldi/src/ObjectReader.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/ObjectReader.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: ObjectReader.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -89,12 +88,15 @@
}
} else {
+ delete items;
throw Exception("Error: The flag attribute value must be \'complete\'. Found: " + OvalEnum::FlagToString(flag));
}
} else {
- throw Exception("Error: The specifeid object was not found in the provided System Characteristics file.");
+ delete items;
+ throw Exception("Error: The specified object was not found in the provided System Characteristics file.");
}
} else {
+ delete items;
throw Exception("Error: Unable to locate collected_object element in provided System Characteristics file.");
}
return items;
@@ -135,12 +137,15 @@
}
} else {
+ delete values;
throw Exception("Error: The flag attribute value must be \'complete\'. Found: " + OvalEnum::FlagToString(flag));
}
} else {
+ delete values;
throw Exception("Error: The specified object was not found in the provided System Characteristics document.");
}
} else {
+ delete values;
throw Exception("Error: Unable to locate collected_object element in provided System Characteristics document.");
}
return values;
Modified: trunk/ovaldi/src/OvalEnum.cpp
===================================================================
--- trunk/ovaldi/src/OvalEnum.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/OvalEnum.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: OvalEnum.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -36,6 +35,40 @@
// OvalEnum Class //
//****************************************************************************************//
+string OvalEnum::ArithmeticOperationToString(OvalEnum::ArithmeticOperation arithOp) {
+
+ string arithStr = "";
+
+ switch(arithOp) {
+ case (ARITHMETIC_ADD):
+ arithStr = "add";
+ break;
+ case (ARITHMETIC_MULTIPLY):
+ arithStr = "multiply";
+ break;
+ default:
+ throw Exception("OvalEnum::ArithmeticOperationToString - Error unsupported arithmetic operation value.");
+ break;
+ }
+
+ return arithStr;
+}
+
+OvalEnum::ArithmeticOperation OvalEnum::ToArithmeticOperation(string arithStr) {
+
+ OvalEnum::ArithmeticOperation arithOp;
+
+ if(arithStr.compare(OvalEnum::ArithmeticOperationToString(ARITHMETIC_ADD)) == 0) {
+ arithOp = ARITHMETIC_ADD;
+ } else if(arithStr.compare(OvalEnum::ArithmeticOperationToString(ARITHMETIC_MULTIPLY)) == 0) {
+ arithOp = ARITHMETIC_MULTIPLY;
+ } else {
+ throw Exception("OvalEnum::ToArithmeticOperation - Error unsupported arithmetic operation value: " + arithStr);
+ }
+
+ return arithOp;
+}
+
string OvalEnum::CheckToString(OvalEnum::Check check) {
string checkStr = "";
@@ -47,8 +80,7 @@
case (CHECK_AT_LEAST_ONE):
checkStr = "at least one";
break;
- case (CHECK_EXISTENCE_NONE_EXIST):
- Log::Info("DEPRECATED: the \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. One should use the other possible values in addition to the existence attributes instead of the \'none exist\' value here.");
+ case (CHECK_NONE_EXIST):
checkStr = "none exist";
break;
case (CHECK_NONE_SATISFY):
@@ -73,8 +105,8 @@
check = CHECK_ALL;
} else if(checkStr.compare(OvalEnum::CheckToString(CHECK_AT_LEAST_ONE)) == 0) {
check = CHECK_AT_LEAST_ONE;
- } else if(checkStr.compare(OvalEnum::CheckToString(CHECK_EXISTENCE_NONE_EXIST)) == 0) {
- check = CHECK_EXISTENCE_NONE_EXIST;
+ } else if(checkStr.compare(OvalEnum::CheckToString(CHECK_NONE_EXIST)) == 0) {
+ check = CHECK_NONE_EXIST;
} else if(checkStr.compare(OvalEnum::CheckToString(CHECK_NONE_SATISFY)) == 0) {
check = CHECK_NONE_SATISFY;
} else if(checkStr.compare(OvalEnum::CheckToString(CHECK_ONLY_ONE)) == 0) {
@@ -86,6 +118,55 @@
return check;
}
+string OvalEnum::DateTimeFormatToString(OvalEnum::DateTimeFormat dateTimeFormat) {
+
+ string dateTimeFormatStr = "";
+
+ switch(dateTimeFormat) {
+ case (DATETIME_YEAR_MONTH_DAY):
+ dateTimeFormatStr = "year_month_day";
+ break;
+ case (DATETIME_MONTH_DAY_YEAR):
+ dateTimeFormatStr = "month_day_year";
+ break;
+ case (DATETIME_DAY_MONTH_YEAR):
+ dateTimeFormatStr = "day_month_year";
+ break;
+ case (DATETIME_WIN_FILETIME):
+ dateTimeFormatStr = "win_filetime";
+ break;
+ case (DATETIME_SECONDS_SINCE_EPOCH):
+ dateTimeFormatStr = "seconds_since_epoch";
+ break;
+ default:
+ throw Exception("OvalEnum::DateTimeFormatToString - Error unsupported data time format value.");
+ break;
+ }
+
+ return dateTimeFormatStr;
+}
+
+OvalEnum::DateTimeFormat OvalEnum::ToDateTimeFormat(string dateTimeFormatStr) {
+
+ OvalEnum::DateTimeFormat dateTimeFormat;
+
+ if(dateTimeFormatStr.compare(OvalEnum::DateTimeFormatToString(DATETIME_YEAR_MONTH_DAY)) == 0 || dateTimeFormatStr.compare("") == 0) {
+ dateTimeFormat = DATETIME_YEAR_MONTH_DAY;
+ } else if(dateTimeFormatStr.compare(OvalEnum::DateTimeFormatToString(DATETIME_MONTH_DAY_YEAR)) == 0) {
+ dateTimeFormat = DATETIME_MONTH_DAY_YEAR;
+ } else if(dateTimeFormatStr.compare(OvalEnum::DateTimeFormatToString(DATETIME_DAY_MONTH_YEAR)) == 0) {
+ dateTimeFormat = DATETIME_DAY_MONTH_YEAR;
+ } else if(dateTimeFormatStr.compare(OvalEnum::DateTimeFormatToString(DATETIME_WIN_FILETIME)) == 0) {
+ dateTimeFormat = DATETIME_WIN_FILETIME;
+ } else if(dateTimeFormatStr.compare(OvalEnum::DateTimeFormatToString(DATETIME_SECONDS_SINCE_EPOCH)) == 0) {
+ dateTimeFormat = DATETIME_SECONDS_SINCE_EPOCH;
+ } else {
+ throw Exception("OvalEnum::ToDateTimeFormat - Error unsupported date time format value: " + dateTimeFormatStr);
+ }
+
+ return dateTimeFormat;
+}
+
string OvalEnum::ExistenceToString(OvalEnum::Existence existence) {
string existenceStr = "";
@@ -115,12 +196,6 @@
}
OvalEnum::Existence OvalEnum::ToExistence(string existenceStr) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Convert the string to a Existence
- //
- // -----------------------------------------------------------------------
OvalEnum::Existence existence;
@@ -467,6 +542,14 @@
case (OPERATION_PATTERN_MATCH):
operationStr = "pattern match";
break;
+ /* LS Start */
+ case (OPERATION_CASE_INSENSITIVE_EQUALS):
+ operationStr = "case insensitive equals";
+ break;
+ case (OPERATION_CASE_INSENSITIVE_NOT_EQUAL):
+ operationStr = "case insensitive not equal";
+ break;
+ /* LS End */
default:
throw Exception("OvalEnum::OperationToString - Error unsupported operation value.");
break;
@@ -501,6 +584,10 @@
operation = OPERATION_BITWISE_OR;
} else if(operationStr.compare(OvalEnum::OperationToString(OPERATION_PATTERN_MATCH)) == 0) {
operation = OPERATION_PATTERN_MATCH;
+ } else if(operationStr.compare(OvalEnum::OperationToString(OPERATION_CASE_INSENSITIVE_EQUALS)) == 0) {
+ operation = OPERATION_CASE_INSENSITIVE_EQUALS;
+ } else if(operationStr.compare(OvalEnum::OperationToString(OPERATION_CASE_INSENSITIVE_NOT_EQUAL)) == 0) {
+ operation = OPERATION_CASE_INSENSITIVE_NOT_EQUAL;
} else {
throw Exception("OvalEnum::ToOperation - Error unsupported operation value: " + operationStr);
}
Modified: trunk/ovaldi/src/OvalEnum.h
===================================================================
--- trunk/ovaldi/src/OvalEnum.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/OvalEnum.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -49,10 +49,16 @@
class OvalEnum {
public:
- /** An enum to define the acceptable check values. */
+ /** An enum to define the acceptable arithmetic operations. */
+ enum ArithmeticOperation {ARITHMETIC_ADD,
+ ARITHMETIC_MULTIPLY};
+ static string ArithmeticOperationToString(OvalEnum::ArithmeticOperation arithOp);
+ static OvalEnum::ArithmeticOperation ToArithmeticOperation(string arithStr);
+
+ /** An enum to define the acceptable check values. */
enum Check {CHECK_ALL,
CHECK_AT_LEAST_ONE,
- CHECK_EXISTENCE_NONE_EXIST, // DEPRECATED in version 5.3
+ CHECK_NONE_EXIST, // DEPRECATED in version 5.3
CHECK_NONE_SATISFY,
CHECK_ONLY_ONE};
static string CheckToString(OvalEnum::Check check);
@@ -65,6 +71,7 @@
EXISTENCE_NONE_EXIST,
EXISTENCE_ONLY_ONE_EXISTS};
static string ExistenceToString(OvalEnum::Existence existence);
+ /** Convert the string to an Existence. */
static OvalEnum::Existence ToExistence(string existenceStr);
/** An enum to define the acceptable data types. */
@@ -79,6 +86,15 @@
static string DatatypeToString(OvalEnum::Datatype datatype);
static OvalEnum::Datatype ToDatatype(string datatypeStr);
+ /** An enum to define the acceptable date time formats. */
+ enum DateTimeFormat {DATETIME_YEAR_MONTH_DAY,
+ DATETIME_MONTH_DAY_YEAR,
+ DATETIME_DAY_MONTH_YEAR,
+ DATETIME_WIN_FILETIME,
+ DATETIME_SECONDS_SINCE_EPOCH};
+ static string DateTimeFormatToString(OvalEnum::DateTimeFormat dateTimeFormat);
+ static OvalEnum::DateTimeFormat ToDateTimeFormat(string dateTimeFormatStr);
+
/** enumeration of possible CollectedObject Flag values. */
enum Flag {FLAG_ERROR,
FLAG_COMPLETE,
@@ -108,7 +124,9 @@
OPERATION_LESS_THAN_OR_EQUAL,
OPERATION_BITWISE_AND,
OPERATION_BITWISE_OR,
- OPERATION_PATTERN_MATCH};
+ OPERATION_PATTERN_MATCH,
+ OPERATION_CASE_INSENSITIVE_EQUALS,
+ OPERATION_CASE_INSENSITIVE_NOT_EQUAL };
static string OperationToString(OvalEnum::Operation operation);
static OvalEnum::Operation ToOperation(string operationStr);
Modified: trunk/ovaldi/src/REGEX.cpp
===================================================================
--- trunk/ovaldi/src/REGEX.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/REGEX.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -260,7 +260,7 @@
if(pattern.length() == 0)
return true;
- if(regexChar != -1)
+ if( regexChar != string::npos )
{
// Try removing a leading ^ if it is not followed by a regex char
if (regexChar == 0 && pattern.at(regexChar) == '^')
Added: trunk/ovaldi/src/RegexCaptureFunction.cpp
===================================================================
--- trunk/ovaldi/src/RegexCaptureFunction.cpp (rev 0)
+++ trunk/ovaldi/src/RegexCaptureFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,110 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "RegexCaptureFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+RegexCaptureFunction::RegexCaptureFunction(string pattern) : AbsFunctionComponent() {
+
+ this->SetPattern(pattern);
+}
+
+RegexCaptureFunction::~RegexCaptureFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+string RegexCaptureFunction::GetPattern() {
+ return this->pattern;
+}
+
+void RegexCaptureFunction::SetPattern(string pattern) {
+
+ this->pattern = pattern;
+}
+
+ComponentValue* RegexCaptureFunction::ComputeValue() {
+
+ // create and populate a result ComponentValue
+ ComponentValue* result = new ComponentValue();
+
+ throw Exception("Error: unsupported function");
+
+ return result;
+}
+
+void RegexCaptureFunction::Parse(DOMElement* componentElm) {
+
+ // get the start and length attrs
+ string pattern = XmlCommon::GetAttributeByName(componentElm, "pattern");
+ this->SetPattern(pattern);
+
+ // Loop through all child elements
+ // there should only ever be one
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* RegexCaptureFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/RegexCaptureFunction.h
===================================================================
--- trunk/ovaldi/src/RegexCaptureFunction.h (rev 0)
+++ trunk/ovaldi/src/RegexCaptureFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,73 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef REGEXCAPTUREFUNCTION_H
+#define REGEXCAPTUREFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a RegexCaptureFunction component in a local_variable in the oval definition schema.
+
+ The regex_capture function accepts one string component input and returns the first
+ match in each component value, as matched against the regex pattern specified in the
+ 'pattern' attribute.
+
+*/
+class RegexCaptureFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete RegexCaptureFunction object. */
+ RegexCaptureFunction(string pattern = "");
+ ~RegexCaptureFunction();
+
+ /** Parse the substring element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute the desired substring and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the pattern field's value. */
+ string GetPattern();
+ /** Set the pattern field's value. */
+ void SetPattern(string pattern);
+
+private:
+ string pattern;
+};
+
+#endif
Added: trunk/ovaldi/src/SplitFunction.cpp
===================================================================
--- trunk/ovaldi/src/SplitFunction.cpp (rev 0)
+++ trunk/ovaldi/src/SplitFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,110 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "SplitFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+SplitFunction::SplitFunction(string delimiter) : AbsFunctionComponent() {
+
+ this->SetDelimiter(delimiter);
+}
+
+SplitFunction::~SplitFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+string SplitFunction::GetDelimiter() {
+ return this->delimiter;
+}
+
+void SplitFunction::SetDelimiter(string delimiter) {
+
+ this->delimiter = delimiter;
+}
+
+ComponentValue* SplitFunction::ComputeValue() {
+
+ throw Exception("Error: unsupported function");
+
+ // TODO - needs to be implemented
+
+ ComponentValue* result = new ComponentValue();
+ return result;
+}
+
+void SplitFunction::Parse(DOMElement* componentElm) {
+
+ // get the delimiter attrs
+ string delimiter = XmlCommon::GetAttributeByName(componentElm, "delimiter");
+ this->SetDelimiter(delimiter);
+
+ // Loop through all child elements
+ // there should only ever be one
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* SplitFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/SplitFunction.h
===================================================================
--- trunk/ovaldi/src/SplitFunction.h (rev 0)
+++ trunk/ovaldi/src/SplitFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,75 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef SPLITFUNCTION_H
+#define SPLITFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a SplitFunction component in a local_variable in the oval definition schema.
+
+
+ The split function takes a single string component and turns it into multiple values based on a
+ delimiter string. For example assume a basic component element that returns the value "a-b-c-d"
+ with the delimiter set to "-". The local_variable element would be evaluated to have four values
+ "a", "b", "c", and "d". If the string component used by the split function returns multiple values,
+ then the split is performed multiple times.
+*/
+class SplitFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete SplitFunction object. */
+ SplitFunction(string delimiter = "");
+ ~SplitFunction();
+
+ /** Parse the substring element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute the desired substrings and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the delimiter field's value. */
+ string GetDelimiter();
+ /** Set the delimiter field's value. */
+ void SetDelimiter(string delimiter);
+
+private:
+ string delimiter;
+};
+
+#endif
Modified: trunk/ovaldi/src/StateEntity.cpp
===================================================================
--- trunk/ovaldi/src/StateEntity.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/StateEntity.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,6 +1,5 @@
//
-// $Id: StateEntity.cpp 4662 2008-01-23 12:51:18Z bakerj $
-//
+//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
// All rights reserved.
@@ -121,11 +120,6 @@
}
void StateEntity::Parse(DOMElement* stateEntityElm) {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Parse the provided StateEntity element
- // -----------------------------------------------------------------------
this->SetName(XmlCommon::GetElementName(stateEntityElm));
this->SetValue(XmlCommon::GetDataNodeValue(stateEntityElm));
@@ -134,6 +128,20 @@
this->SetEntityCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(stateEntityElm, "entity_check")));
this->SetVarCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(stateEntityElm, "var_check")));
+ // to support version 5.3 it is best to just look for the deprected check = none exist
+ // and report it in the log
+ if(this->GetVarCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ this->SetVarCheck(OvalEnum::CHECK_NONE_SATISFY);
+ Log::Info("DEPRECATED var_check value: The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. The OVAL Interpreter has mapped this value to \'none satisfy\'");
+ }
+
+ // to support version 5.3 it is best to just look for the deprected check = none exist
+ // and report it in the log
+ if(this->GetEntityCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ this->SetEntityCheck(OvalEnum::CHECK_NONE_SATISFY);
+ Log::Info("DEPRECATED entity_check value: The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. The OVAL Interpreter has mapped this value to \'none satisfy\'");
+ }
+
// get the nill attribute
string nilAttr = XmlCommon::GetAttributeByName(stateEntityElm, "nil");
if(nilAttr.compare("") == 0 || nilAttr.compare("false") == 0) {
Modified: trunk/ovaldi/src/StateEntity.h
===================================================================
--- trunk/ovaldi/src/StateEntity.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/StateEntity.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: StateEntity.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -54,6 +53,8 @@
~StateEntity();
bool Equals(AbsEntity* entity);
+
+ /** Parse the XML representation of a StateEntity. */
void Parse(DOMElement* entitiyElm);
OvalEnum::Check GetEntityCheck();
Modified: trunk/ovaldi/src/SubstringFunction.cpp
===================================================================
--- trunk/ovaldi/src/SubstringFunction.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/SubstringFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: SubstringFunction.cpp 4589 2008-01-03 16:29:12Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/Test.cpp
===================================================================
--- trunk/ovaldi/src/Test.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Test.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Test.cpp 4608 2008-01-04 18:03:02Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -128,7 +127,11 @@
this->objectId = objectId;
}
+Object* Test::GetReferencedObject() {
+ return Object::GetObjectById(this->GetObjectId());
+}
+
string Test::GetStateId() {
return this->stateId;
@@ -139,6 +142,16 @@
this->stateId = stateId;
}
+string Test::GetName() {
+
+ return this->name;
+}
+
+void Test::SetName(string name) {
+
+ this->name = name;
+}
+
OvalEnum::ResultEnumeration Test::GetResult() {
return this->result;
@@ -272,14 +285,15 @@
// get the attributes
this->SetId(XmlCommon::GetAttributeByName(testElm, "id"));
+ this->SetName(XmlCommon::GetElementName(testElm));
this->SetVersion(atoi(XmlCommon::GetAttributeByName(testElm, "version").c_str()));
this->SetCheckExistence(OvalEnum::ToExistence(XmlCommon::GetAttributeByName(testElm, "check_existence")));
this->SetCheck(OvalEnum::ToCheck(XmlCommon::GetAttributeByName(testElm, "check")));
// to support version 5.3 it is best to just look for the deprected check = none exist
// and replace it with the correct pair of check = any and check_existence = none_exist
- if(this->GetCheck() == OvalEnum::CHECK_EXISTENCE_NONE_EXIST) {
- Log::Info("Converting deprected check=\'none exist\' attribute value to check_existence=\'none_exist\' and check=\'none satisfy\'.");
+ if(this->GetCheck() == OvalEnum::CHECK_NONE_EXIST) {
+ Log::Info("Converting deprected check=\'none exist\' attribute value to check_existence=\'none_exist\' and check=\'none satisfy\'. The \'none exist\' CheckEnumeration value has been deprecated and will be removed with the next major version of the language. One should use the other possible values in addition to the existence attributes instead of the \'none exist\' value here.");
this->SetCheckExistence(OvalEnum::EXISTENCE_NONE_EXIST);
this->SetCheck(OvalEnum::CHECK_NONE_SATISFY);
}
@@ -311,13 +325,70 @@
} else {
// get the collected object from the sc file
DOMElement* collectedObjElm = XmlCommon::FindElement(DocumentManager::GetSystemCharacterisitcsDocument(), "object", "id", this->GetObjectId());
-
+ OvalEnum::Flag collectedObjFlag = OvalEnum::FLAG_NOT_COLLECTED;
+
if(collectedObjElm == NULL) {
- // this is an unknown result. the interpreter requires that all objects in a definition
- // file have a corresponding collected object in the sc file to successfully evaluate.
- Log::Info("Test::Analyze() - Test id: " + this->GetId() + " Unable to locate corresponding collected object in system characteristics file for object id: " + this->GetObjectId());
- this->SetResult(OvalEnum::RESULT_UNKNOWN);
+
+ // If there are no collected objects available, the interpreter will try to find corresponding
+ // items in the system_data section.
+ Log::Info(" Note: No collected objects found for test " + this->GetId() + ". Assuming that the input system characteristics file is complete. Searching system_data with in the input system characteristics.");
+
+ // Get the component name from the first part of the test name
+ // NOTE: Due to the inconsistent OVAL definition, this won't work for inetlisteningserver(s)
+ string componentName;
+ string::size_type loc = this->name.find("_", 0);
+ if( loc != string::npos ) {
+ componentName = this->name.substr(0, loc);
+ }
+
+ // Find potential matching items in the system_data section
+ ElementVector* dataElems = XmlCommon::FindAllElements(DocumentManager::GetSystemCharacterisitcsDocument(), componentName + "_item");
+ if(dataElems->size() == 0) {
+
+ // No potential matching items found
+ collectedObjFlag = OvalEnum::FLAG_NOT_COLLECTED;
+ this->SetResult(OvalEnum::RESULT_UNKNOWN);
+
+ } else {
+
+ /**
+ * Loop through all potentially matching items.
+ * Turn each potential match into an Item
+ * Than call the Analyze() method on the current Object.
+ * If the return is a TRUE result then the Item should be considered to be a match for the Object
+ * The loop here needs to identify ALL matches so it will loop through all possible matches all the time.
+ * If any matches are found it will be assumed that the collected Object flag shoudl be complete.
+ * If no matches are found it is assumed that no items on the system were found that matched the Object.
+ *
+ *
+ */
+
+ // get the object referenced by the test.
+ Object* referencedObject = this->GetReferencedObject();
+
+ ElementVector::iterator iterator;
+ for(iterator = dataElems->begin(); iterator != dataElems->end(); iterator++) {
+ DOMElement *itemElm = (*iterator);
+ string itemId = XmlCommon::GetAttributeByName(itemElm, "id");
+
+ // get the element as an item
+ Item* currentItem = Item::GetItemById(itemId);
+
+ if(referencedObject->Analyze(currentItem) == OvalEnum::RESULT_TRUE) {
+ TestedItem* testedItem = new TestedItem();
+ testedItem->SetItem(currentItem);
+ this->AppendTestedItem(testedItem);
+ }
+ }
+ }
+
+ if(this->GetTestedItems()->size() > 0) {
+ collectedObjFlag = OvalEnum::FLAG_COMPLETE;
+ } else {
+ collectedObjFlag = OvalEnum::FLAG_DOES_NOT_EXIST;
+ }
+
} else {
// Copy all variables in the collected object into VariableValues for the results file
@@ -343,14 +414,6 @@
Item* item = Item::GetItemById(itemId);
testedItem->SetItem(item);
- //Item* item = Item::SearchCache(atoi(itemId.c_str()));
- //if(item != NULL) {
- // testedItem->SetItem(item);
- //} else {
- // // get the item elm in the sc file
- // DOMElement* itemElm = XmlCommon::FindElementByAttribute(DocumentManager::GetSystemCharacterisitcsDocument()->getDocumentElement(), "id", itemId);
- // testedItem->ParseItem(itemElm);
- //}
this->AppendTestedItem(testedItem);
} else if(childName.compare("variable_value") == 0) {
@@ -365,156 +428,139 @@
// check the flag on the collected object
string flagStr = XmlCommon::GetAttributeByName(collectedObjElm, "flag");
- OvalEnum::Flag collectedObjFlag = OvalEnum::ToFlag(flagStr);
+ collectedObjFlag = OvalEnum::ToFlag(flagStr);
+ }
- // determine how to proceed based on flag value
- if(collectedObjFlag == OvalEnum::FLAG_ERROR) {
- this->SetResult(OvalEnum::RESULT_ERROR);
+ // determine how to proceed based on flag value
+ if(collectedObjFlag == OvalEnum::FLAG_ERROR) {
+ this->SetResult(OvalEnum::RESULT_ERROR);
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
- } else if(collectedObjFlag == OvalEnum::FLAG_NOT_APPLICABLE) {
- this->SetResult(OvalEnum::RESULT_NOT_APPLICABLE);
-
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
- } else if(collectedObjFlag == OvalEnum::FLAG_NOT_COLLECTED) {
- this->SetResult(OvalEnum::RESULT_UNKNOWN);
-
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
- } else if(collectedObjFlag == OvalEnum::FLAG_INCOMPLETE) {
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
- OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_UNKNOWN;
+ } else if(collectedObjFlag == OvalEnum::FLAG_NOT_APPLICABLE) {
+ this->SetResult(OvalEnum::RESULT_NOT_APPLICABLE);
+
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
- // get the count of items with a status of exists
- int existsCount = 0;
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- OvalEnum::SCStatus itemStatus = (*iterator)->GetItem()->GetStatus();
- if(itemStatus == OvalEnum::STATUS_EXISTS) {
- existsCount++;
- }
- }
+ } else if(collectedObjFlag == OvalEnum::FLAG_NOT_COLLECTED) {
+ this->SetResult(OvalEnum::RESULT_UNKNOWN);
+
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
- OvalEnum::ResultEnumeration existenceResult = OvalEnum::RESULT_UNKNOWN;
+ } else if(collectedObjFlag == OvalEnum::FLAG_INCOMPLETE) {
- if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST && existsCount > 0) {
+ OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_UNKNOWN;
- // if more than 0 then false
- existenceResult = OvalEnum::RESULT_FALSE;
+ // get the count of items with a status of exists
+ int existsCount = 0;
+ TestedItemVector::iterator iterator;
+ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+ OvalEnum::SCStatus itemStatus = (*iterator)->GetItem()->GetStatus();
+ if(itemStatus == OvalEnum::STATUS_EXISTS) {
+ existsCount++;
+ }
+ }
- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ONLY_ONE_EXISTS && existsCount > 1) {
-
- // if more than 1 then false
- existenceResult = OvalEnum::RESULT_FALSE;
+ OvalEnum::ResultEnumeration existenceResult = OvalEnum::RESULT_UNKNOWN;
- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_AT_LEAST_ONE_EXISTS && existsCount > 0) {
+ if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST && existsCount > 0) {
- // if more than 1 then false
- existenceResult = OvalEnum::RESULT_TRUE;
+ // if more than 0 then false
+ existenceResult = OvalEnum::RESULT_FALSE;
- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
+ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ONLY_ONE_EXISTS && existsCount > 1) {
+
+ // if more than 1 then false
+ existenceResult = OvalEnum::RESULT_FALSE;
- // always true
- existenceResult = OvalEnum::RESULT_TRUE;
+ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_AT_LEAST_ONE_EXISTS && existsCount > 0) {
- }
+ // if more than 1 then false
+ existenceResult = OvalEnum::RESULT_TRUE;
- if(existenceResult == OvalEnum::RESULT_TRUE) {
+ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
- // consider the check_state if true so far...
- OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
+ // always true
+ existenceResult = OvalEnum::RESULT_TRUE;
- if(stateResult == OvalEnum::RESULT_FALSE) {
- overallResult = OvalEnum::RESULT_FALSE;
- } if(stateResult == OvalEnum::RESULT_TRUE && this->GetCheck() == OvalEnum::CHECK_AT_LEAST_ONE) {
+ }
- overallResult = OvalEnum::RESULT_TRUE;
- }
+ if(existenceResult == OvalEnum::RESULT_TRUE) {
- } else {
- overallResult = existenceResult;
+ // consider the check_state if true so far...
+ OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
+ if(stateResult == OvalEnum::RESULT_FALSE) {
+ overallResult = OvalEnum::RESULT_FALSE;
+ } else if(stateResult == OvalEnum::RESULT_TRUE && this->GetCheck() == OvalEnum::CHECK_AT_LEAST_ONE) {
+
+ overallResult = OvalEnum::RESULT_TRUE;
}
- this->SetResult(overallResult);
+ } else {
+ overallResult = existenceResult;
- } else if(collectedObjFlag == OvalEnum::FLAG_DOES_NOT_EXIST) {
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
+ }
- // if the check_existence is set to none_exist or
- // any_exist the result is true
- // otherwise the result is false
- if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST) {
- this->SetResult(OvalEnum::RESULT_TRUE);
- // no need to look at state when check_existence is set to none_exist
+ this->SetResult(overallResult);
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
+ } else if(collectedObjFlag == OvalEnum::FLAG_DOES_NOT_EXIST) {
- } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
- // need to look at state result if there is a state
- if(this->GetStateId().compare("") != 0) {
- OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
- this->SetResult(stateResult);
- } else {
- this->SetResult(OvalEnum::RESULT_TRUE);
- }
+ // if the check_existence is set to none_exist or
+ // any_exist the result is true
+ // otherwise the result is false
+ if(this->GetCheckExistence() == OvalEnum::EXISTENCE_NONE_EXIST) {
+ this->SetResult(OvalEnum::RESULT_TRUE);
+ // no need to look at state when check_existence is set to none_exist
+
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
+
+ } else if(this->GetCheckExistence() == OvalEnum::EXISTENCE_ANY_EXIST) {
+ // need to look at state result if there is a state
+ if(this->GetStateId().compare("") != 0) {
+ OvalEnum::ResultEnumeration stateResult = this->EvaluateCheckState();
+ this->SetResult(stateResult);
} else {
- this->SetResult(OvalEnum::RESULT_FALSE);
+ this->SetResult(OvalEnum::RESULT_TRUE);
}
+ } else {
+ this->SetResult(OvalEnum::RESULT_FALSE);
+ }
- } else if(collectedObjFlag == OvalEnum::FLAG_COMPLETE) {
-
- OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_ERROR;
+ } else if(collectedObjFlag == OvalEnum::FLAG_COMPLETE) {
+
+ OvalEnum::ResultEnumeration overallResult = OvalEnum::RESULT_ERROR;
- // Evaluate the check existence attribute.
- OvalEnum::ResultEnumeration existenceResult = this->EvaluateCheckExistence();
+ // Evaluate the check existence attribute.
+ OvalEnum::ResultEnumeration existenceResult = this->EvaluateCheckExistence();
- // if the existence result is true evaluate the check_state attribute if there is a state
- if(existenceResult == OvalEnum::RESULT_TRUE) {
- if(this->GetStateId().compare("") != 0) {
- overallResult = this->EvaluateCheckState();
- } else {
- overallResult = existenceResult;
-
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
- }
-
+ // if the existence result is true evaluate the check_state attribute if there is a state
+ if(existenceResult == OvalEnum::RESULT_TRUE) {
+ if(this->GetStateId().compare("") != 0) {
+ overallResult = this->EvaluateCheckState();
} else {
overallResult = existenceResult;
- // since we did no look at the state set the tested item result to not evaluated
- TestedItemVector::iterator iterator;
- for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
- (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
- }
+ // since we did not look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
}
- this->SetResult(overallResult);
+ } else {
+ overallResult = existenceResult;
+
+ // since we did no look at the state set the tested item result to not evaluated
+ this->MarkTestedItemsNotEvaluated();
}
- }
+
+ this->SetResult(overallResult);
+
+ }
}
this->SetAnalyzed(true);
}
@@ -727,3 +773,11 @@
return test;
}
+
+void Test::MarkTestedItemsNotEvaluated() {
+
+ TestedItemVector::iterator iterator;
+ for(iterator = this->GetTestedItems()->begin(); iterator != this->GetTestedItems()->end(); iterator++) {
+ (*iterator)->SetResult(OvalEnum::RESULT_NOT_EVALUATED);
+ }
+}
Modified: trunk/ovaldi/src/Test.h
===================================================================
--- trunk/ovaldi/src/Test.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Test.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: Test.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -128,11 +127,19 @@
/** Set the objectId field's value. */
void SetObjectId(string objectId);
+ /** Return the object that is referenced by this test. */
+ Object* GetReferencedObject();
+
/** Return the stateId field's value. */
string GetStateId();
/** Set the stateId field's value. */
void SetStateId(string stateId);
+ /** Return the name field's value. */
+ string GetName();
+ /** Set the name field's value. */
+ void SetName(string name);
+
/** Return the written field's value. */
bool GetWritten();
/** Set the written field's value. */
@@ -168,6 +175,9 @@
/** Add the specified TestedVariable to the set of tested variables **/
void AppendTestedVariable(VariableValue* testedVariable);
+ /** mark all the tested items as not evaluated. **/
+ void MarkTestedItemsNotEvaluated();
+
/** Delete all items in the cache. **/
static void ClearCache();
/** Cache the specified Test. */
@@ -211,6 +221,7 @@
VariableValueVector testedVariables;
string objectId;
string stateId;
+ string name;
static TestMap processedTestsMap;
};
Added: trunk/ovaldi/src/TimeDifferenceFunction.cpp
===================================================================
--- trunk/ovaldi/src/TimeDifferenceFunction.cpp (rev 0)
+++ trunk/ovaldi/src/TimeDifferenceFunction.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,124 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "TimeDifferenceFunction.h"
+
+//****************************************************************************************//
+// Component Class //
+//****************************************************************************************//
+TimeDifferenceFunction::TimeDifferenceFunction(OvalEnum::DateTimeFormat format1, OvalEnum::DateTimeFormat format2) : AbsFunctionComponent() {
+
+ this->SetFormat1(format1);
+ this->SetFormat2(format2);
+}
+
+TimeDifferenceFunction::~TimeDifferenceFunction() {
+}
+
+// *************************************************************************************** //
+// Public members //
+// *************************************************************************************** //
+OvalEnum::DateTimeFormat TimeDifferenceFunction::GetFormat1() {
+ return this->format1;
+}
+
+void TimeDifferenceFunction::SetFormat1(OvalEnum::DateTimeFormat format1) {
+
+ this->format1 = format1;
+}
+
+OvalEnum::DateTimeFormat TimeDifferenceFunction::GetFormat2() {
+
+ return this->format2;
+}
+
+void TimeDifferenceFunction::SetFormat2(OvalEnum::DateTimeFormat format2) {
+
+ this->format2 = format2;
+}
+
+ComponentValue* TimeDifferenceFunction::ComputeValue() {
+
+
+ throw Exception("Error: unsupported function");
+
+ // create and populate a result ComponentValue
+ ComponentValue* result = new ComponentValue();
+
+
+ return result;
+}
+
+void TimeDifferenceFunction::Parse(DOMElement* componentElm) {
+
+ // get the start and length attrs
+ string format_1Str = XmlCommon::GetAttributeByName(componentElm, "format_1");
+ this->SetFormat1(OvalEnum::ToDateTimeFormat(format_1Str));
+ string format_2Str = XmlCommon::GetAttributeByName(componentElm, "format_2");
+ this->SetFormat2(OvalEnum::ToDateTimeFormat(format_2Str));
+
+ // Loop through all child elements
+ DOMNodeList *componentElms = componentElm->getChildNodes();
+ unsigned int index = 0;
+ while(index < componentElms->getLength()) {
+ DOMNode *tmpNode = componentElms->item(index);
+ if (tmpNode->getNodeType() == DOMNode::ELEMENT_NODE) {
+ DOMElement *childElm = (DOMElement*)tmpNode;
+
+ // Call the ComponentFactory
+ AbsComponent* absComponent = ComponentFactory::GetComponent(childElm);
+ // store the returned component
+ this->AppendComponent(absComponent);
+ }
+ index ++;
+ }
+}
+
+VariableValueVector* TimeDifferenceFunction::GetVariableValues() {
+
+ VariableValueVector* values = new VariableValueVector();
+ AbsComponentVector* components = this->GetComponents();
+ AbsComponentVector::iterator iterator;
+ for(iterator = components->begin(); iterator != components->end(); iterator++) {
+ AbsComponent* component = (AbsComponent*)(*iterator);
+ VariableValueVector* tmp = component->GetVariableValues();
+ VariableValueVector::iterator varIterator;
+ for(varIterator = tmp->begin(); varIterator != tmp->end(); varIterator++) {
+ values->push_back((*varIterator));
+ }
+ // BUG - These can not currenrtly be deleted.
+ // The code is no consistant here. In places a new vector is returned
+ // in others a reference to a vector that is managed by other code is returned.
+ //delete tmp;
+ //tmp = NULL;
+ }
+
+ return values;
+}
Added: trunk/ovaldi/src/TimeDifferenceFunction.h
===================================================================
--- trunk/ovaldi/src/TimeDifferenceFunction.h (rev 0)
+++ trunk/ovaldi/src/TimeDifferenceFunction.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,96 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef TIMEDIFFERENCEFUNCTION_H
+#define TIMEDIFFERENCEFUNCTION_H
+
+#include "AbsFunctionComponent.h"
+#include "ComponentFactory.h"
+
+XERCES_CPP_NAMESPACE_USE
+using namespace std;
+
+/**
+ This class represents a TimeDifferenceFunction component in a local_variable in the oval definition schema.
+
+ The time_difference function calculates the difference in seconds between date-time
+ values. If one component is specified, the values of that component are subtracted
+ from the current time (UTC). If two components are specified, the value of the second
+ component is subtracted from the value of the first component. If the component(s)
+ contain multiple values, the operation is performed multiple times and the result is
+ an array of time differences.
+
+ The date-time format of each component is determined by the two format attributes. The
+ format1 attribute applies to the first component, and the format2 attribute applies to
+ the second component. Valid values for the attributes are 'win_filetime', 'seconds_since_epoch',
+ 'day_month_year', 'year_month_day', and 'month_day_year'. Please see the DateTimeFormatEnumeration
+ for more information about each of these values. If an input value is not understood, the result
+ is an error. If only one input is specified, specify the format with the format2 attribute, as the
+ first input is considered to be the implied 'current time' input.
+
+ Note that the datatype associated with the components should be 'string' or 'int' depending
+ on which date time format is specified. The result of this function though is always an integer.
+
+*/
+class TimeDifferenceFunction : public AbsFunctionComponent {
+public:
+
+ /** Create a complete TimeDifferenceFunction object. */
+ TimeDifferenceFunction(OvalEnum::DateTimeFormat format1 = OvalEnum::DATETIME_YEAR_MONTH_DAY, OvalEnum::DateTimeFormat format2 = OvalEnum::DATETIME_YEAR_MONTH_DAY);
+ ~TimeDifferenceFunction();
+
+ /** Parse the substring element and its child component element. */
+ void Parse(DOMElement* componentElm);
+
+ /** Compute the desired substring and return the value. */
+ ComponentValue* ComputeValue();
+
+ /** Return the variable values used to compute this function's value. */
+ VariableValueVector* GetVariableValues();
+
+ /** Get the format1 field's value. */
+ OvalEnum::DateTimeFormat GetFormat1();
+ /** Set the format1 field's value. */
+ void SetFormat1(OvalEnum::DateTimeFormat format1);
+
+ /** Get the format2 field's value. */
+ OvalEnum::DateTimeFormat GetFormat2();
+ /** Set the format2 field's value. */
+ void SetFormat2(OvalEnum::DateTimeFormat format2);
+
+
+private:
+
+ OvalEnum::DateTimeFormat format1;
+ OvalEnum::DateTimeFormat format2;
+
+};
+
+#endif
Modified: trunk/ovaldi/src/Version.cpp
===================================================================
--- trunk/ovaldi/src/Version.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Version.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -37,9 +37,11 @@
#define MAJOR_VERSION "5"
#define MIN_COMPATIBLE_VERSION "5.0"
#define VENDOR "The MITRE Corporation"
-#define VERSION "5.4"
-#define BUILD 2
+#define VERSION "5.5"
+#define BUILD 4
+#define SCHEMA_VERSION "5.5"
+
string Version::GetMinumumCompatibleVersion() {
string version;
@@ -78,3 +80,11 @@
version.append(__TIME__);
return(version);
}
+
+string Version::GetSchemaVersion() {
+
+ string version;
+ version.append(VERSION);
+ return(version);
+}
+
Modified: trunk/ovaldi/src/Version.h
===================================================================
--- trunk/ovaldi/src/Version.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/Version.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -57,6 +57,9 @@
/** Return the minimum compatible version of this interpreter as a string. */
static string GetMinumumCompatibleVersion();
+
+ /** Return the schema version this interpreter writes documents against. */
+ static string GetSchemaVersion();
};
#endif
Modified: trunk/ovaldi/src/XmlProcessor.cpp
===================================================================
--- trunk/ovaldi/src/XmlProcessor.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/XmlProcessor.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: XmlProcessor.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -31,6 +30,41 @@
#include "XmlProcessor.h"
//****************************************************************************************//
+// DataDirResolver Class //
+//****************************************************************************************//
+
+DOMInputSource* DataDirResolver::resolveEntity (const XMLCh *const publicId, const XMLCh *const systemId, const XMLCh *const baseURI) {
+
+ string path = "";
+ size_t last;
+ string schemapath = Common::GetSchemaPath();
+
+ if(schemapath.empty()) {
+ schemapath = Common::fileSeperatorStr;
+ }
+
+ //remove double quotes
+ while((last = schemapath.find_last_of("\"")) != string::npos) {
+ schemapath.erase(last, 1);
+ }
+
+
+ if(schemapath[schemapath.length()-1] != Common::fileSeperator) {
+ schemapath = schemapath + Common::fileSeperatorStr;
+ }
+
+ string systemIDFilename = XmlCommon::ToString(systemId);
+ last = systemIDFilename.find_last_of("/\\");
+ path = schemapath + systemIDFilename.substr(last+1);
+
+ return new Wrapper4InputSource (new LocalFileInputSource (XMLString::transcode (path.c_str())));
+}
+
+//****************************************************************************************//
+// //
+//****************************************************************************************//
+
+//****************************************************************************************//
// XmlProcessor Class //
//****************************************************************************************//
XmlProcessor* XmlProcessor::instance = NULL;
@@ -90,6 +124,17 @@
parser->setFeature(XMLUni::fgXercesDOMHasPSVIInfo, true); // Enable storing of PSVI information in element and attribute nodes.
///////////////////////////////////////////////////////
+//****************************************************************************************//
+// The following code was added to handle air-gap operation //
+//****************************************************************************************//
+ /* Look for XML schemas in local directory instead of Internet */
+ DataDirResolver resolver;
+ parser->setEntityResolver (&resolver);
+//****************************************************************************************//
+// End of air-gap code //
+//****************************************************************************************//
+
+ ///////////////////////////////////////////////////////
// Add an Error Handler
///////////////////////////////////////////////////////
// Create a new DOMErrorHandler
@@ -232,12 +277,6 @@
}
XmlProcessorException::~XmlProcessorException() {
- // -----------------------------------------------------------------------
- // Abstract
- //
- // Do nothing for now
- //
- // -----------------------------------------------------------------------
}
Modified: trunk/ovaldi/src/XmlProcessor.h
===================================================================
--- trunk/ovaldi/src/XmlProcessor.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/XmlProcessor.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: XmlProcessor.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -61,6 +60,14 @@
#include <xercesc/parsers/XercesDOMParser.hpp>
#include <xercesc/util/XMLUni.hpp>
+// for entity resolver
+#include <xercesc/dom/DOMEntityResolver.hpp>
+#include <xercesc/dom/DOMInputSource.hpp>
+#include <xercesc/framework/LocalFileInputSource.hpp>
+#include <xercesc/framework/Wrapper4InputSource.hpp>
+
+#include <string>
+
#include "Common.h"
#include "XmlCommon.h"
#include "Exception.h"
@@ -68,6 +75,19 @@
XERCES_CPP_NAMESPACE_USE
using namespace std;
+
+/**
+ This class extends the default DOMEntityResolver and implments the resolve entity method
+ to support
+*/
+class DataDirResolver : public DOMEntityResolver {
+public:
+ /**
+ *
+ */
+ DOMInputSource *resolveEntity (const XMLCh *const publicId, const XMLCh *const systemId, const XMLCh *const baseURI);
+};
+
/**
This class uses xerces to parse, create and write XML documents.
The XmlProcessor is a singleton. To get and instance of this class call the static Instance method.
Modified: trunk/ovaldi/src/XslCommon.cpp
===================================================================
--- trunk/ovaldi/src/XslCommon.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/XslCommon.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -67,9 +67,11 @@
theResult = XalanTransformToData(xmlIn.c_str(),xslIn.c_str(), &theData, xalan);
string result = "";
- result.append(theData);
+ if(theData != NULL) {
+ result.append(theData);
- XalanFreeData(theData);
+ XalanFreeData(theData);
+ }
// 5. Shut down Xalan
XalanTerminate(false);
Modified: trunk/ovaldi/src/linux/ProbeFactory.cpp
===================================================================
--- trunk/ovaldi/src/linux/ProbeFactory.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/linux/ProbeFactory.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -85,6 +85,8 @@
} else if(objectName.compare("rpminfo_object") == 0) {
probe = RPMInfoProbe::Instance();
#endif
+ } else {
+ Log::Info(objectName + " is not currently supported.");
}
return probe;
Modified: trunk/ovaldi/src/linux/SystemInfo.cpp
===================================================================
--- trunk/ovaldi/src/linux/SystemInfo.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/linux/SystemInfo.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -178,19 +178,23 @@
// First make a call to gethostname()
string strHostName = "";
- char *chHostName = (char*)malloc(sizeof(char*)*MAXHOSTNAMELENGTH);
+ char *chHostName = (char*)malloc(sizeof(char)*(MAXHOSTNAMELENGTH + 1));
int res = 0;
res = gethostname(chHostName, MAXHOSTNAMELENGTH);
- if(res != 0)
+ if(res != 0) {
+ free(chHostName);
throw SystemInfoException("Error: Unable to determine the host name.");
+ }
strHostName = chHostName;
// Next get the fqdn with a call to gethostbyname
struct hostent *hostData = NULL;
hostData = gethostbyname((const char*)chHostName);
- if(hostData == NULL)
+ if(hostData == NULL) {
+ free(chHostName);
throw SystemInfoException("Error: Unable to get the fully qualified domain name.");
+ }
// Process the hostData structure
sysInfo->primary_host_name = hostData->h_name;
@@ -208,47 +212,7 @@
//------------------------------------------------------------------------------------//
IfDataVector interfaces;
- /*
- struct ifconf conf;
- struct sockaddr_in *s_in;
- struct sockaddr_in *hwAddr;
- int sock, count;
-
- // Open dummy socket
- if((sock = socket(PF_INET, SOCK_DGRAM, 0)) == -1) {
- throw SystemInfoException("Error: Unable to open socket.");
- }
-
- // Get the list of devices - only gets 20
- memset(&conf, 0, sizeof(conf));
- conf.ifc_len = sizeof(struct ifreq) * 20;
- conf.ifc_buf = (char*)malloc(conf.ifc_len);
-
- if(ioctl(sock, SIOCGIFCONF, &conf) == -1) {
- throw SystemInfoException("Error: Unable to get a device list.");
- }
-
- count = conf.ifc_len/sizeof(struct ifreq);
- for(int i = 0; i < count; i++) {
- IfData *tmpIfData = new IfData();
- s_in = (struct sockaddr_in*)&conf.ifc_req[i].ifr_addr;
- tmpIfData->ifName = conf.ifc_req[i].ifr_name;
- tmpIfData->ipAddress = inet_ntoa(s_in->sin_addr);
-
- hwAddr = (struct sockaddr_in*)&conf.ifc_req[i].ifr_hwaddr;
- tmpIfData->macAddress = inet_ntoa(hwAddr->sin_addr);
-
- tmpIfData->macAddress = " UNKNOWN ";
-
- interfaces.push_back(tmpIfData);
- }
-
- free(conf.ifc_buf);
-*/
-
- /* here is the test sample code i found on the net
- */
-
+
unsigned char *u;
int sockfd, size = 1;
struct ifreq *ifr;
@@ -315,7 +279,7 @@
u = (unsigned char *) &ifr->ifr_addr.sa_data;
- char *macStr = (char*)malloc(sizeof(char*)*128);
+ char *macStr = (char*)malloc(sizeof(char)*128);
memset(macStr, 0, 128);
if (u[0] + u[1] + u[2] + u[3] + u[4] + u[5]) {
//printf("HW Address: %2.2x.%2.2x.%2.2x.%2.2x.%2.2x.%2.2x\n", u[0], u[1], u[2], u[3], u[4], u[5]);
@@ -360,9 +324,6 @@
close(sockfd);
- /* end sample code from the net
- */
-
return interfaces;
}
Modified: trunk/ovaldi/src/probes/independent/EnvironmentVariableProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/EnvironmentVariableProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/EnvironmentVariableProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: EnvironmentVariableProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/probes/independent/FamilyProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/FamilyProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/FamilyProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: FamilyProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/probes/independent/FileHashProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/FileHashProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/FileHashProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: FileHashProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/probes/independent/FileMd5Probe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/FileMd5Probe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/FileMd5Probe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: FileMd5Probe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/probes/independent/TextFileContentProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/TextFileContentProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/TextFileContentProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: TextFileContentProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -58,7 +57,6 @@
ItemVector* TextFileContentProbe::CollectItems(Object* object) {
- ItemVector *collectedItems = new ItemVector();
// get the path and file name
ObjectEntity* path = object->GetElementByName("path");
@@ -72,6 +70,8 @@
throw ProbeException("Error: invalid operation specified on line. Found: " + OvalEnum::OperationToString(line->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
FileFinder fileFinder;
StringPairVector* filePaths = fileFinder.SearchFiles(path, fileName, object->GetBehaviors());
Modified: trunk/ovaldi/src/probes/independent/VariableProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/VariableProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/VariableProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -54,7 +54,6 @@
}
ItemVector* VariableProbe::CollectItems(Object *object) {
- ItemVector *collectedItems = new ItemVector();
// get the varRef from the provided object
ObjectEntity* varRef = object->GetElementByName("var_ref");
@@ -71,6 +70,8 @@
throw ProbeException("Error: invalid operation specified on var_ref. Found: " + OvalEnum::OperationToString(varRef->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
if(varRef->GetVarRef() == NULL) {
if(varRef->GetOperation() == OvalEnum::OPERATION_EQUALS) {
@@ -178,6 +179,7 @@
}
} else {
+ delete varIds;
throw ProbeException("Error: Variable probe is unable to locate any variables in the current oval-definitions-docuemnt.");
}
Modified: trunk/ovaldi/src/probes/independent/XmlFileContentProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/independent/XmlFileContentProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/independent/XmlFileContentProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: XmlFileContentProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -55,8 +54,6 @@
ItemVector* XmlFileContentProbe::CollectItems(Object* object) {
- ItemVector *collectedItems = new ItemVector();
-
// get the hive, key, and name from the provided object
ObjectEntity* path = object->GetElementByName("path");
ObjectEntity* fileName = object->GetElementByName("filename");
@@ -88,6 +85,9 @@
throw ProbeException("Error: invalid operation specified on xpath. Found: " + OvalEnum::OperationToString(xpath->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
+
FileFinder fileFinder;
StringPairVector* filePaths = fileFinder.SearchFiles(path, fileName, object->GetBehaviors());
Modified: trunk/ovaldi/src/probes/linux/DPKGInfoProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/linux/DPKGInfoProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/linux/DPKGInfoProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -59,7 +59,6 @@
//bad
ItemVector* DPKGInfoProbe::CollectItems(Object* object) {
- ItemVector *collectedItems = new ItemVector();
ObjectEntity* name = object->GetElementByName("name");
@@ -73,6 +72,8 @@
throw ProbeException("Error: invalid operation specified on name. Found: " + OvalEnum::OperationToString(name->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
StringVector* names = this->GetDPKGNames(name);
if(names->size() > 0) {
StringVector::iterator iterator;
@@ -212,14 +213,15 @@
string installed_dpkg_name;
string installed_dpkg_status;
- StringVector* names = new StringVector ();
FileFd Fd(this->StatusFile, FileFd::ReadOnly);
pkgTagFile Tags(&Fd);
if (_error->PendingError() == true)
throw ProbeException("Error: (DPKGInfoProbe) Could not read DPKG status file, which is necessary to read the packages status.");
-
+
+ StringVector* names = new StringVector();
+
pkgTagSection Section;
while (Tags.Step(Section) == true)
@@ -234,8 +236,10 @@
}
}
- if (_error->PendingError() == true)
+ if (_error->PendingError() == true) {
+ delete names;
throw ProbeException("Error: (DPKGInfoProbe) Error while walking DPKG database.");
+ }
return names;
}
Modified: trunk/ovaldi/src/probes/linux/InetListeningServersProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/linux/InetListeningServersProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/linux/InetListeningServersProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -65,14 +65,7 @@
ItemVector* InetListeningServersProbe::CollectItems(Object* object) {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- //------------------------------------------------------------------------------------//
- ItemVector *collectedItems = new ItemVector();
-
ObjectEntity* protocol = object->GetElementByName("protocol");
ObjectEntity* localAddress = object->GetElementByName("local_address");
ObjectEntity* localPort = object->GetElementByName("local_port");
@@ -108,6 +101,9 @@
throw ProbeException("Error: invalid data type specified on program_name. Found: " + OvalEnum::DatatypeToString(localPort->GetDatatype()));
}
+
+ ItemVector *collectedItems = new ItemVector();
+
// passed initial checks make call to netstat
if(this->netstatResult == NULL) {
this->ExecNetstat();
@@ -652,8 +648,6 @@
int fd1[2];
int fd2[2];
int pid = 0;
- //char *buf = NULL;
- //char *errbuf = NULL;
// Open communication pipes between processes
if (pipe(fd1) < 0 || pipe(fd2) < 0)
@@ -733,7 +727,7 @@
bool stdComplete = false;
// Allocate memory for buf
- buf = (char*)malloc(sizeof(char*)*1024);
+ buf = (char*)malloc(sizeof(char)*1024);
if(buf == NULL) {
// Wait for the child process to complete
Modified: trunk/ovaldi/src/probes/linux/RPMInfoProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/linux/RPMInfoProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/linux/RPMInfoProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: RPMInfoProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -58,8 +57,6 @@
ItemVector* RPMInfoProbe::CollectItems(Object* object) {
- ItemVector *collectedItems = new ItemVector();
-
ObjectEntity* name = object->GetElementByName("name");
// check datatypes - only allow string
@@ -72,6 +69,8 @@
throw ProbeException("Error: invalid operation specified on name. Found: " + OvalEnum::OperationToString(name->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
StringVector* names = this->GetRPMNames(name);
if(names->size() > 0) {
StringVector::iterator iterator;
@@ -207,8 +206,6 @@
//
// -----------------------------------------------------------------------
- StringVector* names = new StringVector();
-
/* Transaction sets are the modern way to read the RPM database. */
rpmts ts;
/* We use an iterator to walk the RPM database. */
@@ -231,6 +228,7 @@
throw ProbeException("Error: (RPMInfoProbe) Could not create an iterator to walk the RPM database.");
/* Look at each installed package matching this name. Generally, there is only one.*/
+ StringVector* names = new StringVector();
while ( (header = rpmdbNextIterator(iterator)) != NULL) {
/* Get the rpm_name value for comparision. */
installed_rpm_name = readHeaderString(header, RPMTAG_NAME);
@@ -514,13 +512,7 @@
}
string RPMInfoProbe::ParentGetSigKeyId(int readErrh, int readh, int pid) {
- //------------------------------------------------------------------------------------//
- // ABSTRACT
- //
- // Read readErrh and readh until there is no more data to be read. Wait for the
- // child process to complere. Return a the result string with the data.
- //
- //------------------------------------------------------------------------------------//
+
int bytes = 0;
int maxFDS = 0;
char *buf = NULL;
@@ -531,7 +523,7 @@
string text = "";
// Allocate memory for buf
- buf = (char*)malloc(sizeof(char*)*1024);
+ buf = (char*)malloc(sizeof(char)*1024);
if(buf == NULL) {
// Wait for the child process to complete
@@ -548,7 +540,7 @@
// Init the maxFDS value
if(readh >= readErrh) {
maxFDS = readh + 1;
- }else {
+ } else {
maxFDS = readErrh + 1;
}
@@ -569,25 +561,26 @@
memset(buf, '\0', 1024);
bytes = read(readErrh, buf, 1023);
errText.append(buf);
- if(bytes == 0)
- errComplete = true;
- }
+ if(bytes == 0)
+ errComplete = true;
+ }
if(FD_ISSET(readh, &readfds)) {
- // Read allsome std output from command.
- memset(buf, '\0', 1024);
- bytes = read(readh, buf, 1023);
- text.append(buf);
+ // Read allsome std output from command.
+ memset(buf, '\0', 1024);
+ bytes = read(readh, buf, 1023);
+ text.append(buf);
- if(bytes == 0)
- stdComplete = true;
- }
-
- }else {
- break;
+ if(bytes == 0)
+ stdComplete = true;
+ }
+ } else {
+ break;
}
}
+ free(buf);
+
// Wait for the child process to complete
if(waitpid (pid, NULL, 0) == -1) {
errText.append("Execution of rpm query in child process failed.");
Modified: trunk/ovaldi/src/probes/linux/RPMInfoProbe.h
===================================================================
--- trunk/ovaldi/src/probes/linux/RPMInfoProbe.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/linux/RPMInfoProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -101,6 +101,10 @@
*/
void GetRPMInfo(string name, ItemVector* items);
+ /**
+ Read readErrh and readh until there is no more data to be read. Wait for the
+ child process to complete. Return a the result string with the data.
+ */
string ParentGetSigKeyId(int readErrh, int readh, int pid);
void ChildGetSigKeyId(int writeErrh, int writeh, string rpmName);
string GetSigKeyId(string rpmName);
Modified: trunk/ovaldi/src/probes/unix/ProcessProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/unix/ProcessProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/unix/ProcessProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -55,8 +55,6 @@
ItemVector* ProcessProbe::CollectItems(Object* object) {
- ItemVector *collectedItems = new ItemVector();
-
ObjectEntity* command = object->GetElementByName("command");
// check datatypes - only allow string
@@ -69,6 +67,8 @@
throw ProbeException("Error: invalid operation specified on name. Found: " + OvalEnum::OperationToString(command->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
StringVector* commands = this->GetCommands(command);
if(commands->size() > 0) {
StringVector::iterator iterator;
@@ -238,6 +238,7 @@
// Retrieve the command line with arguments
status = RetrieveCommandLine(readProc->d_name, cmdline, &errMsg);
if(status < 0) {
+ closedir(proc);
throw ProbeException(errMsg);
// If the command line matches the input command line get the remaining
Modified: trunk/ovaldi/src/probes/windows/AccessTokenProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/AccessTokenProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/AccessTokenProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: AccessTokenProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -57,8 +56,6 @@
ItemVector* AccessTokenProbe::CollectItems(Object *object) {
- ItemVector *collectedItems = new ItemVector();
-
// get the security_principle from the provided object
ObjectEntity* securityPrinciple = object->GetElementByName("security_principle");
@@ -71,6 +68,8 @@
if(securityPrinciple->GetOperation() != OvalEnum::OPERATION_EQUALS && securityPrinciple->GetOperation() != OvalEnum::OPERATION_PATTERN_MATCH && securityPrinciple->GetOperation() != OvalEnum::OPERATION_NOT_EQUAL) {
throw ProbeException("Error: invalid operation specified on security_principle. Found: securityPrinciple " + OvalEnum::OperationToString(securityPrinciple->GetOperation()));
}
+
+ ItemVector *collectedItems = new ItemVector();
// support behaviors - init with defaults.
bool includeGroupBehavior = true;
@@ -89,7 +88,7 @@
resolveGroupBehavior = true;
}
} else {
- Log::Info("Unsupported behavior found when collecting " + object->GetId() + " behavior: " + behavior->GetName());
+ Log::Info("Unsupported behavior found when collecting " + object->GetId() + " Found behavior: " + behavior->GetName() + " = " + behavior->GetValue());
}
}
}
Added: trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.cpp (rev 0)
+++ trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,367 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "AuditEventPolicySubcategoriesProbe.h"
+
+typedef pair<GUID, string> GuidString;
+vector<GuidString> _guidItemElementNameVector;
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AuditEventPolicyProbe Class ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+AuditEventPolicySubcategoriesProbe* AuditEventPolicySubcategoriesProbe::instance = NULL;
+
+AuditEventPolicySubcategoriesProbe::AuditEventPolicySubcategoriesProbe() {
+ Init();
+}
+
+AuditEventPolicySubcategoriesProbe::~AuditEventPolicySubcategoriesProbe() {
+
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+void AuditEventPolicySubcategoriesProbe::DeleteInstance() {
+ if(instance != NULL) {
+ delete instance;
+ instance = NULL;
+ }
+}
+
+AbsProbe* AuditEventPolicySubcategoriesProbe::Instance() {
+
+ // Use lazy initialization
+ if(instance == NULL)
+ instance = new AuditEventPolicySubcategoriesProbe();
+
+ return instance;
+}
+
+//TODO: Split this into at least 2 methods
+ItemVector* AuditEventPolicySubcategoriesProbe::CollectItems(Object *object) {
+
+ ItemVector *collectedItems = NULL;
+ Item* item = NULL;
+ LSA_OBJECT_ATTRIBUTES ObjectAttributes;
+ NTSTATUS ntsResult;
+ LSA_HANDLE lsahPolicyHandle;
+ GUID *pAuditSubCategoryGuids = NULL;
+ AUDIT_POLICY_INFORMATION *pAuditPolicies = NULL;
+ PPOLICY_AUDIT_EVENTS_INFO pPAEInfo = NULL;
+
+ try {
+
+ // Object attributes are reserved, so initialize to zeroes.
+ ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - About to call LsaOpenPolicy()");
+
+ // Get a handle to the Policy object.
+ ntsResult = LsaOpenPolicy(
+ NULL, // Name of the target system. NULL opens localhost
+ &ObjectAttributes, // Object attributes.
+ POLICY_VIEW_AUDIT_INFORMATION , // Desired access permissions. POLICY_ALL_ACCESS
+ &lsahPolicyHandle // Receives the policy handle.
+ );
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - After call to LsaOpenPolicy()");
+
+ if (ntsResult != ERROR_SUCCESS) {
+ DWORD errorCode = LsaNtStatusToWinError(ntsResult);
+ if(errorCode == ERROR_MR_MID_NOT_FOUND) {
+ throw ProbeException("Error obtaining audit event policy information - (win32) " + LsaNtStatusToWinError(ntsResult));
+ } else {
+ throw ProbeException("Error obtaining audit event policy information - (win32) " + WindowsCommon::GetErrorMessage(errorCode));
+ }
+ }
+
+ ntsResult = ERROR_SUCCESS;
+ PWCHAR name = NULL;
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - About to call LsaQueryInformationPolicy()");
+
+ ntsResult = LsaQueryInformationPolicy(
+ lsahPolicyHandle, // Open handle to a Policy object.
+ PolicyAuditEventsInformation, // The information to get.
+ (PVOID *)&pPAEInfo // Storage for the information.
+ );
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - After call to LsaQueryInformationPolicy()");
+
+ if (ntsResult == ERROR_SUCCESS) {
+
+ item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ collectedItems = new ItemVector();
+ collectedItems->push_back(item);
+
+ ULONG current = 0;
+
+ // if auditing is turned on loop through the auditing options
+ if(pPAEInfo->AuditingMode) {
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - pPAEInfo->AuditingMode is true");
+
+ // Cycle through event categories,
+ // in each category collect the subcategory setting and stuff into the item
+ ULONG policyAuditEventType = 0;
+ while(policyAuditEventType < pPAEInfo->MaximumAuditEventCount) {
+ GUID auditCategoryId;
+ ULONG subCategoryCount = 0;
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - Before call to AuditLookupCategoryGuidFromCategoryId()");
+ if(AuditLookupCategoryGuidFromCategoryId((POLICY_AUDIT_EVENT_TYPE)policyAuditEventType, &auditCategoryId) == FALSE) {
+ throw ProbeException("Error retrieving category GUID. ErrorCode:" + GetLastError());
+ }
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - Before call to AuditLookupCategoryGuidFromCategoryId()");
+ if(AuditEnumerateSubCategories(&auditCategoryId, FALSE, &pAuditSubCategoryGuids, &subCategoryCount) == FALSE) {
+ throw ProbeException("Error enumerating audit event policy subcategories. Error Code:" + GetLastError());
+ }
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - Before call to AuditQuerySystemPolicy()");
+ if(AuditQuerySystemPolicy(pAuditSubCategoryGuids, subCategoryCount, &pAuditPolicies) == FALSE) {
+ throw ProbeException("Error retrieving policy information for audit event policy subcategories. Error Code:" + GetLastError());
+ }
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - Before subcategories loop. Count=" + subCategoryCount);
+
+ // Probe each subcategory in the category
+ for(ULONG subcategoryIndex = 0; subcategoryIndex < subCategoryCount; subcategoryIndex++) {
+ AUDIT_POLICY_INFORMATION currentPolicy = pAuditPolicies[subcategoryIndex];
+
+ string itemEntityName = GetItemEntityNameFromGuid(currentPolicy.AuditSubCategoryGuid);
+
+ if(itemEntityName != "") {
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - itemEntityName=" + itemEntityName);
+ ItemEntity *pItemEntity = new ItemEntity(itemEntityName, "", OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_ERROR);
+ item->AppendElement(pItemEntity);
+
+ ReadAuditOptions(item, pItemEntity, currentPolicy.AuditingInformation);
+ } else {
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - GUID not found. Skipping.");
+ }
+ }
+
+ policyAuditEventType++;
+ }
+ } else {
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems() - pPAEInfo->AuditingMode is false");
+
+ // auditing is off so set all items to no auditing
+ for(vector<GuidString>::iterator it = _guidItemElementNameVector.begin(); it != _guidItemElementNameVector.end(); ++it) {
+ item->AppendElement(new ItemEntity(it->second, "AUDIT_NONE", OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ }
+ }
+ } else {
+
+ DWORD errorCode = LsaNtStatusToWinError(ntsResult);
+ if(errorCode == ERROR_MR_MID_NOT_FOUND) {
+ throw ProbeException("Error obtaining audit event policy information - (win32) " + LsaNtStatusToWinError(ntsResult));
+ } else {
+ throw ProbeException("Error obtaining audit event policy information - (win32) " + WindowsCommon::GetErrorMessage(errorCode));
+ }
+ }
+ } catch(...) {
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe: Exception in CollectItems()");
+
+ if(pPAEInfo != NULL) {
+ LsaFreeMemory(pPAEInfo);
+ }
+
+ ntsResult = LsaClose(lsahPolicyHandle);
+
+ if(pAuditSubCategoryGuids != NULL) {
+ AuditFree(pAuditSubCategoryGuids);
+ }
+
+ if(pAuditPolicies != NULL) {
+ AuditFree(pAuditPolicies);
+ }
+
+ throw;
+ }
+
+ // Cleanup - This is a duplicate of the catch block. Would be nice to come up with a consolidated pattern.
+ if(pPAEInfo != NULL) {
+ LsaFreeMemory(pPAEInfo);
+ }
+
+ ntsResult = LsaClose(lsahPolicyHandle);
+
+ if(pAuditSubCategoryGuids != NULL) {
+ AuditFree(pAuditSubCategoryGuids);
+ }
+
+ if(pAuditPolicies != NULL) {
+ AuditFree(pAuditPolicies);
+ }
+
+ Log::Debug("AuditEventPolicySubcategoriesProbe::CollectItems - about to return");
+ return collectedItems;
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Private Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+Item* AuditEventPolicySubcategoriesProbe::CreateItem() {
+
+ Item* item = new Item(0,
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows",
+ "win-sc",
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows windows-system-characteristics-schema.xsd",
+ OvalEnum::STATUS_ERROR,
+ "auditeventpolicysubcategories_item");
+
+ return item;
+}
+
+void AuditEventPolicySubcategoriesProbe::ReadAuditOptions(Item* item, ItemEntity* itemEntity, ULONG auditPolicy) {
+
+ if(auditPolicy & POLICY_AUDIT_EVENT_NONE) {
+ itemEntity->SetValue("AUDIT_NONE");
+ itemEntity->SetStatus(OvalEnum::STATUS_EXISTS);
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - None / Status Exists");
+ } else if(auditPolicy & POLICY_AUDIT_EVENT_FAILURE && auditPolicy & POLICY_AUDIT_EVENT_SUCCESS) {
+ itemEntity->SetValue("AUDIT_SUCCESS_FAILURE");
+ itemEntity->SetStatus(OvalEnum::STATUS_EXISTS);
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - Success Failure / Status Exists");
+ } else if(auditPolicy & POLICY_AUDIT_EVENT_FAILURE) {
+ itemEntity->SetValue("AUDIT_FAILURE");
+ itemEntity->SetStatus(OvalEnum::STATUS_EXISTS);
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - Failure / Status Exists");
+ } else if(auditPolicy & POLICY_AUDIT_EVENT_SUCCESS) {
+ itemEntity->SetValue("AUDIT_SUCCESS");
+ itemEntity->SetStatus(OvalEnum::STATUS_EXISTS);
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - Success / Status Exists");
+ } else if (auditPolicy == POLICY_AUDIT_EVENT_UNCHANGED){
+
+ //
+ // Originally I thought that I should not get here.
+ // These are my original notes on this:
+ // For some reason we seem to hit this condition
+ // when looking at the permissions for AuditCategoryDetailedTracking
+ // As documented at the link below i would not expect to get this value
+ // after doing a query. The value should only be used when doing a set.
+ // Reference url:
+ // http://msdn2.microsoft.com/en-us/library/ms721901.aspx
+
+ // I have now looked into this a bit more. This appears to be the value
+ // we get when the the auditing option is not set in the gui. I verified
+ // this through testing. I have not been able to verify it through the
+ // Microsoft API documentation. For now i think it is safe to assume that
+ // this value can be treated as AUDIT_NONE.
+ //
+
+ itemEntity->SetValue("AUDIT_NONE");
+ itemEntity->SetStatus(OvalEnum::STATUS_EXISTS);
+
+ } else {
+ // should never get here
+ Log::Debug("Unexpected POLICY_AUDIT_EVENT_TYPE found.");
+ item->AppendMessage(new OvalMessage(itemEntity->GetName() + " policy - Unexpected POLICY_AUDIT_EVENT_TYPE found.", OvalEnum::LEVEL_WARNING));
+ itemEntity->SetStatus(OvalEnum::STATUS_ERROR);
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - Unexpected Event / Status Exists");
+ }
+}
+
+void AuditEventPolicySubcategoriesProbe::Init() {
+ Log::Debug("AuditEventPolicySubcategoriesProbe::ReadAuditOptions() - Enter");
+
+ InsertIntoGuidItemEntityNameMapping(Audit_System_SecurityStateChange, "security_state_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountLogon_CredentialValidation, "credential_validation");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountLogon_Kerberos, "kerberos_ticket_events"); //?
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountLogon_Others, "other_account_logon_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_ApplicationGroup, "application_group_management");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_ComputerAccount, "computer_account_management");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_DistributionGroup, "distribution_group_management");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_Others, "other_account_management_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_SecurityGroup, "security_group_management");
+ InsertIntoGuidItemEntityNameMapping(Audit_AccountManagement_UserAccount, "user_account_management");
+ InsertIntoGuidItemEntityNameMapping(Audit_DetailedTracking_DpapiActivity, "dpapi_activity");
+ InsertIntoGuidItemEntityNameMapping(Audit_DetailedTracking_ProcessCreation, "process_creation");
+ InsertIntoGuidItemEntityNameMapping(Audit_DetailedTracking_ProcessTermination, "process_termination");
+ InsertIntoGuidItemEntityNameMapping(Audit_DetailedTracking_RpcCall, "rpc_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_DSAccess_DSAccess, "directory_service_access");
+ InsertIntoGuidItemEntityNameMapping(Audit_DsAccess_AdAuditChanges, "directory_service_changes");
+ InsertIntoGuidItemEntityNameMapping(Audit_Ds_Replication, "directory_service_replication");
+ InsertIntoGuidItemEntityNameMapping(Audit_Ds_DetailedReplication, "detailed_directory_service_replication");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_AccountLockout, "account_lockout");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_IPSecMainMode, "ipsec_main_mode");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_IPSecQuickMode,"ipsec_quick_mode");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_Logoff, "logoff");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_Logon, "logon");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_Others, "other_logon_logoff_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_SpecialLogon, "special_logon");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_ApplicationGenerated, "application_generated");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_CertificationServices, "certification_services");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Share, "file_share");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_FileSystem, "file_system");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_FirewallConnection, "filtering_platform_connection");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_FirewallPacketDrops, "filtering_platform_packet_drop");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Handle, "handle_manipulation");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Kernel, "kernel_object");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Other, "other_object_access_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Registry, "registry");
+ InsertIntoGuidItemEntityNameMapping(Audit_ObjectAccess_Sam, "sam");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_AuditPolicy, "audit_policy_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_AuthenticationPolicy, "authentication_policy_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_AuthorizationPolicy, "authorization_policy_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_MpsscvRulePolicy, "mpssvc_rule_level_policy_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_Others, "other_policy_change_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_PrivilegeUse_NonSensitive, "non_sensitive_privlege_use");
+ InsertIntoGuidItemEntityNameMapping(Audit_PrivilegeUse_Others, "other_privlege_use_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_PrivilegeUse_Sensitive, "sensitive_privilege_use");
+ InsertIntoGuidItemEntityNameMapping(Audit_System_IPSecDriverEvents, "ipsec_driver");
+ InsertIntoGuidItemEntityNameMapping(Audit_System_Others, "other_system_events");
+ InsertIntoGuidItemEntityNameMapping(Audit_System_SecuritySubsystemExtension, "security_system_extension");
+ InsertIntoGuidItemEntityNameMapping(Audit_System_Integrity, "system_integrity");
+ InsertIntoGuidItemEntityNameMapping(Audit_PolicyChange_WfpIPSecPolicy, "filtering_platform_policy_change");
+ InsertIntoGuidItemEntityNameMapping(Audit_Logon_IPSecUserMode, "ipsec_extended_mode");
+}
+
+void AuditEventPolicySubcategoriesProbe::InsertIntoGuidItemEntityNameMapping(GUID guid, string itemEntityName) {
+ GuidString guidItemEntityName(guid, itemEntityName);
+
+ _guidItemElementNameVector.push_back(guidItemEntityName);
+}
+
+
+string AuditEventPolicySubcategoriesProbe::GetItemEntityNameFromGuid(GUID guid) {
+ for(vector<GuidString>::iterator it = _guidItemElementNameVector.begin(); it != _guidItemElementNameVector.end(); ++it) {
+ if(it->first == guid) {
+ return it->second;
+ }
+ }
+
+ return "";
+}
Added: trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.h (rev 0)
+++ trunk/ovaldi/src/probes/windows/AuditEventPolicySubcategoriesProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,80 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+#ifndef AUDITEVENTPOLICYSUBCATEGORIESPROBE_H
+#define AUDITEVENTPOLICYSUBCATEGORIESPROBE_H
+
+#pragma warning(disable:4786)
+
+#include <initguid.h>
+
+#include "AbsProbe.h"
+#include "WindowsCommon.h"
+
+using namespace std;
+
+/**
+ This class is responsible for collecting information for windows auditeventpolicysubcategories_object.
+*/
+class AuditEventPolicySubcategoriesProbe : public AbsProbe {
+public:
+ ~AuditEventPolicySubcategoriesProbe();
+
+ /** Run the AuditEventPolicyProbe */
+ ItemVector* CollectItems(Object* object);
+
+ /** Return a new Item created for storing audit event policy information. */
+ Item* CreateItem();
+
+ /** Ensure that the AuditEventPolicyProbe is a singleton. */
+ static AbsProbe* Instance();
+
+ static void DeleteInstance();
+
+private:
+
+ AuditEventPolicySubcategoriesProbe();
+
+ /** Read the Audit options and set the value of the ItemEntity.
+ LSA Policy defines a mask for the valid event auditing options.
+ The POLICY_AUDIT_EVENT_MASK mask evaluates to TRUE if it is set
+ equal to any of the preceding event auditing options.
+ */
+ void ReadAuditOptions(Item* item, ItemEntity* itemElm, ULONG auditPolicy);
+
+ static AuditEventPolicySubcategoriesProbe *instance;
+
+ void Init();
+
+ void InsertIntoGuidItemEntityNameMapping(GUID guid, string itemEntityName);
+
+ string GetItemEntityNameFromGuid(GUID guid);
+};
+
+#endif
Added: trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.cpp (rev 0)
+++ trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,551 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "FileEffectiveRights53Probe.h"
+
+
+//****************************************************************************************//
+// FileEffectiveRights53Probe Class //
+//****************************************************************************************//
+FileEffectiveRights53Probe* FileEffectiveRights53Probe::instance = NULL;
+
+FileEffectiveRights53Probe::FileEffectiveRights53Probe() {
+
+}
+
+FileEffectiveRights53Probe::~FileEffectiveRights53Probe() {
+
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+AbsProbe* FileEffectiveRights53Probe::Instance() {
+
+ // Use lazy initialization
+ if(instance == NULL)
+ instance = new FileEffectiveRights53Probe();
+
+ return instance;
+}
+
+ItemVector* FileEffectiveRights53Probe::CollectItems(Object* object) {
+ // -----------------------------------------------------------------------
+ //
+ // ABSTRACT
+ //
+ // Get all the files on the system that match the pattern reusing the FileFinder.
+ // This probe operates a bit differently than the others. After locating matching
+ // files as the other file related probes do the trustee name is handled as follows:
+ //
+ // if not using Variables
+ // - if operation == equals
+ // - call GetEffectiveRights method
+ //
+ // - operation == not equal || operation == pattern match
+ // - Get all SIDS on the system.
+ // - Get the set of matching SIDS
+ //
+ // - if using variables
+ // - Get all SIDS on the system.
+ // - Get the set of matching SIDS
+ // - call GetEffectiveRights method
+ //
+ // -----------------------------------------------------------------------
+
+ // get the path and file name
+ ObjectEntity* path = object->GetElementByName("path");
+ ObjectEntity* fileName = object->GetElementByName("filename");
+ ObjectEntity* trusteeSID = object->GetElementByName("trustee_sid");
+
+ // check trustee datatypes - only allow string
+ if(trusteeSID->GetDatatype() != OvalEnum::DATATYPE_STRING) {
+ throw ProbeException("Error: invalid data type specified on trustee_name. Found: " + OvalEnum::DatatypeToString(trusteeSID->GetDatatype()));
+ }
+
+ // check trustee operation - only allow equals, not equals and pattern match
+ if(trusteeSID->GetOperation() != OvalEnum::OPERATION_EQUALS
+ && trusteeSID->GetOperation() != OvalEnum::OPERATION_PATTERN_MATCH
+ && trusteeSID->GetOperation() != OvalEnum::OPERATION_NOT_EQUAL) {
+ throw ProbeException("Error: invalid operation specified on trustee_sid. Found: " + OvalEnum::OperationToString(trusteeSID->GetOperation()));
+ }
+
+ ItemVector *collectedItems = new ItemVector();
+
+ // support behaviors - init with defaults.
+ bool includeGroupBehavior = true;
+ bool resolveGroupBehavior = false;
+ if(object->GetBehaviors()->size() != 0) {
+ BehaviorVector* behaviors = object->GetBehaviors();
+ BehaviorVector::iterator iterator;
+ for(iterator = behaviors->begin(); iterator != behaviors->end(); iterator++) {
+ Behavior* behavior = (*iterator);
+ if(behavior->GetName().compare("include_group") == 0) {
+ if(behavior->GetValue().compare("false") == 0) {
+ includeGroupBehavior = false;
+ }
+ } else if(behavior->GetName().compare("resolve_group") == 0) {
+ if(behavior->GetValue().compare("true") == 0) {
+ resolveGroupBehavior = true;
+ }
+ } else if(behavior->GetName().compare("max_depth") == 0 || behavior->GetName().compare("recurse_direction") == 0) {
+ // skip these they are supported in the file finder class.
+
+ } else {
+ Log::Info("Unsupported behavior found when collecting " + object->GetId() + " Found behavior: " + behavior->GetName() + " = " + behavior->GetValue());
+ }
+ }
+ }
+
+ FileFinder fileFinder;
+ StringPairVector* filePaths = fileFinder.SearchFiles(path, fileName, object->GetBehaviors());
+
+ if(filePaths->size() > 0) {
+ // Loop through all file paths
+ StringPairVector::iterator iterator;
+ for(iterator = filePaths->begin(); iterator != filePaths->end(); iterator++) {
+
+ StringPair* fp = (*iterator);
+
+ if(fp->second.compare("") == 0) {
+
+ Item* item = NULL;
+
+ // check if the code should report that the filename does not exist.
+ StringVector fileNames;
+ if(fileFinder.ReportFileNameDoesNotExist(fp->first, fileName, &fileNames)) {
+ StringVector::iterator iterator;
+ for(iterator = fileNames.begin(); iterator != fileNames.end(); iterator++) {
+
+ item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_DOES_NOT_EXIST);
+ item->AppendElement(new ItemEntity("path", fp->first, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("filename", (*iterator), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_DOES_NOT_EXIST));
+ collectedItems->push_back(item);
+ }
+
+ } else {
+
+ item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ item->AppendElement(new ItemEntity("path", fp->first, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ collectedItems->push_back(item);
+
+ }
+
+ } else {
+
+ try {
+
+ //
+ // The file exists so lets get the sids to then examine effective rights
+ //
+ StringSet* trusteeSIDs = this->GetTrusteeSIDs(fp->first, fp->second, trusteeSID, resolveGroupBehavior, includeGroupBehavior);
+ if(!trusteeSIDs->empty()) {
+ StringSet::iterator iterator;
+ for(iterator = trusteeSIDs->begin(); iterator != trusteeSIDs->end(); iterator++) {
+ try {
+ Item* item = this->GetEffectiveRights(fp->first, fp->second, (*iterator));
+ if(item != NULL) {
+ collectedItems->push_back(item);
+ }
+ } catch (ProbeException ex) {
+ Log::Debug(ex.GetErrorMessage());
+ } catch (Exception ex) {
+ Log::Debug("Unknown error while getting effective rights for file. Path: " + fp->first + " Name: " + fp->second + " " + ex.GetErrorMessage());
+ }
+ }
+ delete trusteeSIDs;
+
+ } else {
+
+ StringVector* trusteeSIDs = new StringVector();
+ if(this->ReportTrusteeSIDDoesNotExist(trusteeSID, trusteeSIDs)) {
+
+ StringVector::iterator iterator;
+ for(iterator = trusteeSIDs->begin(); iterator != trusteeSIDs->end(); iterator++) {
+
+ Item* item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_DOES_NOT_EXIST);
+ item->AppendElement(new ItemEntity("path", fp->first, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("filename", fp->second, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_sid", (*iterator), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_DOES_NOT_EXIST));
+ collectedItems->push_back(item);
+ }
+ }
+ }
+
+ } catch (ProbeException ex) {
+ Log::Debug(ex.GetErrorMessage());
+ } catch (...) {
+ Log::Debug("Unknown error.");
+ }
+ }
+
+ delete fp;
+ }
+
+ } else {
+ // if no filepaths check if the code should report that the path does not exist
+ StringVector paths;
+ if(fileFinder.ReportPathDoesNotExist(path, &paths)) {
+
+ Item* item = NULL;
+ StringVector::iterator iterator;
+ for(iterator = paths.begin(); iterator != paths.end(); iterator++) {
+
+ item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_DOES_NOT_EXIST);
+ item->AppendElement(new ItemEntity("path", (*iterator), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_DOES_NOT_EXIST));
+ collectedItems->push_back(item);
+ }
+ }
+ }
+ delete filePaths;
+
+ return collectedItems;
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Private Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+Item* FileEffectiveRights53Probe::CreateItem() {
+
+ Item* item = new Item(0,
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows",
+ "win-sc",
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows windows-system-characteristics-schema.xsd",
+ OvalEnum::STATUS_ERROR,
+ "fileeffectiverights_item");
+
+ return item;
+}
+
+StringSet* FileEffectiveRights53Probe::GetTrusteeSIDs(string path, string fileName, ObjectEntity* trusteeSID, bool resolveGroupBehavior, bool includeGroupBehavior) {
+
+ StringSet* trusteeSIDs = new StringSet();
+
+ // load the set of all Trustee SIDs
+ StringVector* allTrusteeSIDs = WindowsCommon::GetAllTrusteeSIDs();
+
+ // does this trusteeSID use variables?
+ if(trusteeSID->GetVarRef() == NULL) {
+
+ // proceed based on operation
+ if(trusteeSID->GetOperation() == OvalEnum::OPERATION_EQUALS) {
+
+ // check that the trustee SID exists
+ if(this->TrusteeSIDExists(trusteeSID->GetValue(), allTrusteeSIDs)) {
+ trusteeSIDs->insert(trusteeSID->GetValue());
+ }
+
+ } else if(trusteeSID->GetOperation() == OvalEnum::OPERATION_NOT_EQUAL) {
+ this->GetMatchingTrusteeSIDs(trusteeSID->GetValue(), allTrusteeSIDs, trusteeSIDs, false);
+ } else if(trusteeSID->GetOperation() == OvalEnum::OPERATION_PATTERN_MATCH) {
+ this->GetMatchingTrusteeSIDs(trusteeSID->GetValue(), allTrusteeSIDs, trusteeSIDs, true);
+ }
+
+ } else {
+
+ // loop through all trustee SIDs on the system
+ // only keep those that match operation and value and var check
+ StringVector::iterator it;
+ ItemEntity* tmp = this->CreateItemEntity(trusteeSID);
+ for(it = allTrusteeSIDs->begin(); it != allTrusteeSIDs->end(); it++) {
+ tmp->SetValue((*it));
+ if(trusteeSID->Analyze(tmp) == OvalEnum::RESULT_TRUE) {
+ trusteeSIDs->insert((*it));
+ }
+ }
+ }
+
+ // using common code to get these do not delete they are cached.
+ //delete allTrusteeSIDs;
+
+ // apply the behaviors
+ StringSet* trusteeSIDSet = new StringSet();
+ if(!trusteeSIDs->empty()) {
+
+ StringVector::iterator iterator;
+ StringSet::iterator it;
+ string domainStr = "";
+ string sidStr = "";
+ bool isGroup;
+
+ for(it = trusteeSIDs->begin(); it != trusteeSIDs->end(); it++) {
+ // is this a group
+ isGroup = WindowsCommon::IsGroupSID((*it));
+
+ if(isGroup && resolveGroupBehavior) {
+
+ if(includeGroupBehavior) {
+ trusteeSIDSet->insert((*it));
+ }
+
+ // get the group members and add them to the set
+ StringVector* groupMembers = new StringVector();
+ WindowsCommon::ExpandGroupBySID((*it), groupMembers);
+ for(iterator = groupMembers->begin(); iterator != groupMembers->end(); iterator++) {
+ trusteeSIDSet->insert((*iterator));
+ }
+ delete groupMembers;
+
+ } else {
+ trusteeSIDSet->insert((*it));
+ }
+ }
+ }
+
+ return trusteeSIDSet;
+}
+
+void FileEffectiveRights53Probe::GetMatchingTrusteeSIDs(string trusteeSIDPattern, StringVector* allTrusteeSIDs, StringSet* trusteeSIDs, bool isRegex) {
+
+ StringVector::iterator iterator;
+ for(iterator = allTrusteeSIDs->begin(); iterator != allTrusteeSIDs->end(); iterator++) {
+ if(this->IsMatch(trusteeSIDPattern, (*iterator), isRegex)) {
+ trusteeSIDs->insert((*iterator));
+ }
+ }
+}
+
+bool FileEffectiveRights53Probe::TrusteeSIDExists(string trusteeSID, StringVector* trusteeSIDs) {
+
+ bool exists = false;
+
+ StringVector::iterator iterator;
+ for(iterator = trusteeSIDs->begin(); iterator != trusteeSIDs->end(); iterator++) {
+ if(trusteeSID.compare((*iterator)) == 0) {
+ exists = true;
+ }
+ }
+
+ return exists;
+}
+
+Item* FileEffectiveRights53Probe::GetEffectiveRights(string path, string fileName, string trusteeSID) {
+ // -----------------------------------------------------------------------
+ //
+ // ABSTRACT
+ //
+ // Return a populated item for the specified trustees on the specified file.
+ //
+ // - Call GetNamedSecurityInfo to get a DACL Security Descriptor for the file
+ // http://msdn2.microsoft.com/en-us/library/aa446645.aspx
+ // - Use provided trustee name and call LsaLookupNames to get the sid
+ // http://msdn2.microsoft.com/en-us/library/ms721797.aspx
+ // - Then call GetEffectiveRightsFromAcl with the dacl and the sid found in the earlier calls
+ // http://msdn2.microsoft.com/en-us/library/aa446637.aspx
+ // -----------------------------------------------------------------------
+
+
+ Item* item = NULL;
+
+ // build the path
+ string filePath = path;
+ if(fileName.compare("") != 0) {
+ // Verify that the path that was passed into this function ends with a slash. If
+ // it doesn't, then add one.
+ if (path[path.length()-1] != Common::fileSeperator)
+ filePath.append(1, Common::fileSeperator);
+
+ filePath.append(fileName);
+ }
+
+ string baseErrMsg = "Error unable to get effective rights for trustee: " + trusteeSID + " from dacl for file: " + filePath;
+
+ DWORD res;
+ PACL pdacl;
+ PSECURITY_DESCRIPTOR pSD;
+
+ res = GetNamedSecurityInfo(const_cast<char*>(filePath.c_str()), // object name
+ SE_FILE_OBJECT, // object type
+ DACL_SECURITY_INFORMATION | // information type
+ PROTECTED_DACL_SECURITY_INFORMATION |
+ UNPROTECTED_DACL_SECURITY_INFORMATION,
+ NULL, // owner SID
+ NULL, // primary group SID
+ &pdacl, // DACL
+ NULL, // SACL
+ &pSD); // Security Descriptor
+
+ if (res != ERROR_SUCCESS) {
+ if (res == ERROR_FILE_NOT_FOUND) {
+ // should never get here.
+ // before calling this function the file should already have been checked for existence.
+ throw ProbeException( baseErrMsg + " Unable locate the specified file.");
+ } else {
+ throw ProbeException(baseErrMsg + " Unable to retrieve a copy of the security descriptor. System error message: " + WindowsCommon::GetErrorMessage(res));
+ }
+ }
+
+ // Check to see if a valid security descriptor was returned.
+ if ((IsValidSecurityDescriptor(pSD) == 0) || (IsValidAcl(pdacl) == 0)) {
+ LocalFree(pSD);
+ throw ProbeException(baseErrMsg + " Invalid data returned from call to GetNamedSecurityInfo().");
+
+ //item->SetStatus(OvalEnum::STATUS_ERROR);
+ //item->AppendMessage(new OvalMessage(baseErrMsg + " Invalid data returned from call to GetNamedSecurityInfo().", OvalEnum::LEVEL_ERROR));
+ //Log::Debug(baseErrMsg + " Invalid data returned from call to GetNamedSecurityInfo().");
+ //return item;
+ }
+
+ // the file exists so we can create the new item now.
+ item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ item->AppendElement(new ItemEntity("path", path, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("filename", fileName, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_sid", trusteeSID, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+
+
+ // Get the sid for the trustee name
+ PSID pSid = WindowsCommon::GetSIDForTrusteeSID(trusteeSID);
+
+ // check the sid
+ if(!IsValidSid(pSid)) {
+ LocalFree(pSD);
+ throw ProbeException(baseErrMsg + " Invalid sid found.");
+
+ //item->SetStatus(OvalEnum::STATUS_ERROR);
+ //item->AppendMessage(new OvalMessage(baseErrMsg + " Invalid sid found.", OvalEnum::LEVEL_ERROR));
+ //Log::Debug(baseErrMsg + " Invalid sid found.");
+ //return item;
+ }
+
+ // build the trustee structure
+ TRUSTEE trustee = {0};
+ BuildTrusteeWithSid(&trustee, pSid);
+
+ // get the rights
+ PACCESS_MASK accessRights = NULL;
+ accessRights = reinterpret_cast<PACCESS_MASK>(::LocalAlloc(LPTR, sizeof(PACCESS_MASK) + sizeof(ACCESS_MASK)));
+ if(accessRights == NULL) {
+ throw ProbeException(baseErrMsg + " Out of memory! Unable to allocate memory for access rights.");
+
+ //item->SetStatus(OvalEnum::STATUS_ERROR);
+ //item->AppendMessage(new OvalMessage(baseErrMsg + " Out of memory! Unable to allocate memory for access rights.", OvalEnum::LEVEL_ERROR));
+ //Log::Debug(baseErrMsg + " Out of memory! Unable to allocate memory for access rights.");
+ //return item;
+ }
+
+ res = GetEffectiveRightsFromAcl(pdacl,
+ &trustee,
+ accessRights);
+ if (res != ERROR_SUCCESS) {
+
+ string errMsg = WindowsCommon::GetErrorMessage(res);
+
+ LocalFree(pSD);
+ LocalFree(accessRights);
+
+ //item->SetStatus(OvalEnum::STATUS_ERROR);
+ //item->AppendMessage(new OvalMessage(baseErrMsg + " System error message: " + errMsg, OvalEnum::LEVEL_ERROR));
+ //Log::Debug(baseErrMsg + " System error message: " + errMsg);
+ //return item;
+
+ throw ProbeException(baseErrMsg + " System error message: " + errMsg);
+ }
+
+ // Convert access mask to binary.
+ // http://msdn2.microsoft.com/en-us/library/aa374896.aspx
+ char mask[33];
+ ZeroMemory(&mask, 33);
+
+ for (int j = 0; j < 32; j++) {
+ if ((*accessRights) & (1 << j))
+ mask[j] = '1';
+ else
+ mask[j] = '0';
+ }
+
+ // need to seperatly determine if the generic bit should be set.
+ // the access mask that is returned never has the generic bits set.
+ // Those bits can be determined by rolling up the object specific access bits
+ if((*accessRights) & FILE_GENERIC_READ)
+ mask[31] = '1';
+ if((*accessRights) & FILE_GENERIC_WRITE)
+ mask[30] = '1';
+ if((*accessRights) & FILE_GENERIC_EXECUTE)
+ mask[29] = '1';
+ if((*accessRights) & FILE_ALL_ACCESS)
+ mask[28] = '1';
+
+ // read values in the access_mask
+ item->AppendElement(new ItemEntity("standard_delete", Common::ToString(mask[16]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("standard_read_control", Common::ToString(mask[17]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("standard_write_dac", Common::ToString(mask[18]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("standard_write_owner", Common::ToString(mask[19]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("standard_synchronize", Common::ToString(mask[20]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("access_system_security", Common::ToString(mask[24]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("generic_read", Common::ToString(mask[31]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("generic_write", Common::ToString(mask[30]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("generic_execute", Common::ToString(mask[29]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("generic_all", Common::ToString(mask[28]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_read_data", Common::ToString(mask[0]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_write_data", Common::ToString(mask[1]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_append_data", Common::ToString(mask[2]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_read_ea", Common::ToString(mask[3]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_write_ea", Common::ToString(mask[4]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_execute", Common::ToString(mask[5]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_delete_child", Common::ToString(mask[6]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_read_attributes", Common::ToString(mask[7]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("file_write_attributes", Common::ToString(mask[8]), OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+
+ LocalFree(pSD);
+ LocalFree(accessRights);
+
+ return item;
+}
+
+bool FileEffectiveRights53Probe::ReportTrusteeSIDDoesNotExist(ObjectEntity *trusteeSID, StringVector* trusteeSIDs) {
+
+ bool result = false;
+
+ if(trusteeSID->GetOperation() == OvalEnum::OPERATION_EQUALS && !trusteeSID->GetNil()) {
+
+ if(trusteeSID->GetVarRef() == NULL) {
+ if(!this->TrusteeSIDExists(trusteeSID->GetValue(), WindowsCommon::GetAllTrusteeSIDs())) {
+ trusteeSIDs->push_back(trusteeSID->GetValue());
+ result = true;
+ }
+ } else {
+
+ VariableValueVector::iterator iterator;
+ for(iterator = trusteeSID->GetVarRef()->GetValues()->begin(); iterator != trusteeSID->GetVarRef()->GetValues()->end(); iterator++) {
+ if(this->TrusteeSIDExists((*iterator)->GetValue(), WindowsCommon::GetAllTrusteeSIDs())) {
+ trusteeSIDs->push_back((*iterator)->GetValue());
+ result = true;
+ }
+ }
+ }
+ }
+
+ return result;
+}
Added: trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.h (rev 0)
+++ trunk/ovaldi/src/probes/windows/FileEffectiveRights53Probe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,100 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef FILEEFFECTIVRIGHTS53PROBE_H
+#define FILEEFFECTIVRIGHTS53PROBE_H
+
+#pragma warning(disable:4786)
+
+#include "FileFinder.h"
+#include "AbsProbe.h"
+#include "WindowsCommon.h"
+
+#include <aclapi.h>
+#include <windows.h>
+
+using namespace std;
+
+
+/**
+ This class is responsible for collecting file information for windows fileeffictiverights_objects.
+*/
+class FileEffectiveRights53Probe : public AbsProbe {
+
+public:
+ ~FileEffectiveRights53Probe();
+
+ ItemVector* CollectItems(Object* object);
+
+ /** Return a new Item created for storing file information */
+ Item* CreateItem();
+
+ /** Ensure that the FileEffectiveRights53Probe is a singleton. */
+ static AbsProbe* Instance();
+
+private:
+ FileEffectiveRights53Probe();
+
+ static FileEffectiveRights53Probe* instance;
+
+ /** Get the effective rights for a trustee SID for the specified file. */
+ Item* GetEffectiveRights(string path, string fileName, string trusteeSID);
+
+ /** Identify all trustee SIDs for the specified trusteeSID ObjectEntity. */
+ StringSet* GetTrusteeSIDs(string path, string fileName, ObjectEntity* trusteeSID, bool resolveGroupBehavior, bool includeGroupBehavior);
+
+ /** Search all trustee SIDs on the the specifed file and return the set of SIDs the match the specified criteria. */
+ void GetMatchingTrusteeSIDs(string trusteeSIDPattern, StringVector* allTrusteeSIDs, StringSet* trusteeSIDs, bool isRegex = true);
+
+ /** Return true if the specfied trustee SID exists in the set of trustee SIDs */
+ bool TrusteeSIDExists(string trusteeSID, StringVector* trusteeSIDs);
+
+ /** Get the account name, domain, and sid string for the specified SID. */
+ //void GetTrusteeInfoForSid(PSID psid, string* trusteeName, string* trusteeDomain, string* trusteeSid);
+
+ // 8/28/2006
+ //PSID GetSIDForTrusteeName(string trusteeName);
+
+ Item* GetEffectiveRightsForSID(string path, string fileName, PSID psid);
+
+ /** Return true if the calling probe should report that the trustee SID does not exist.
+ If a trustee SID's operator is set to OPERATOR_EQUALS and the trustee SID does not exist
+ the caller should report that the trustee SID was not found. When getting the value of the
+ trustee SID to check existence need to look for either a simple element value or a variable
+ with one or more values. If the return value is true the trusteeSIDs StringVector* paremeter
+ contains the set of trustee SIDs to report as not existing. Otherwise the the trusteeSIDs
+ paramter is NULL. The caller is responsible for making sure that any memory allocated for the
+ trusteeSIDs parameter is cleaned up. The trusteeSIDs paramter should be input as NULL when the
+ function is called.
+ */
+ bool ReportTrusteeSIDDoesNotExist(ObjectEntity* trusteeSID, StringVector* trusteeSIDs);
+};
+
+#endif
Modified: trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -80,8 +80,6 @@
//
// -----------------------------------------------------------------------
- ItemVector *collectedItems = new ItemVector();
-
// get the path and file name
ObjectEntity* path = object->GetElementByName("path");
ObjectEntity* fileName = object->GetElementByName("filename");
@@ -99,6 +97,8 @@
throw ProbeException("Error: invalid operation specified on trustee_name. Found: " + OvalEnum::OperationToString(trusteeName->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
// support behaviors - init with defaults.
bool includeGroupBehavior = true;
bool resolveGroupBehavior = false;
@@ -107,12 +107,19 @@
BehaviorVector::iterator iterator;
for(iterator = behaviors->begin(); iterator != behaviors->end(); iterator++) {
Behavior* behavior = (*iterator);
- if(behavior->GetName().compare("include_group") == 0 && behavior->GetValue().compare("false") == 0) {
- includeGroupBehavior = false;
- } else if(behavior->GetName().compare("resolve_group") == 0 && behavior->GetValue().compare("true") == 0) {
- resolveGroupBehavior = true;
+ if(behavior->GetName().compare("include_group") == 0) {
+ if(behavior->GetValue().compare("false") == 0) {
+ includeGroupBehavior = false;
+ }
+ } else if(behavior->GetName().compare("resolve_group") == 0) {
+ if(behavior->GetValue().compare("true") == 0) {
+ resolveGroupBehavior = true;
+ }
+ } else if(behavior->GetName().compare("max_depth") == 0 || behavior->GetName().compare("recurse_direction") == 0) {
+ // skip these they are supported in the file finder class.
+
} else {
- Log::Info("Unsupported behavior found when collecting " + object->GetId());
+ Log::Info("Unsupported behavior found when collecting " + object->GetId() + " Found behavior: " + behavior->GetName() + " = " + behavior->GetValue());
}
}
}
@@ -179,7 +186,7 @@
} else {
- StringVector* trusteeNames = NULL;
+ StringVector* trusteeNames = new StringVector();
if(this->ReportTrusteeNameDoesNotExist(trusteeName, trusteeNames)) {
StringVector::iterator iterator;
@@ -320,15 +327,6 @@
}
void FileEffectiveRightsProbe::GetMatchingTrusteeNames(string trusteeNamePattern, StringVector* allTrusteeNames, StringSet* trusteeNames, bool isRegex) {
- // -----------------------------------------------------------------------
- //
- // ABSTRACT
- //
- // Select all Trustees for the specified file that match the specified
- // trusteeNamePattern. matching is done via regex or != depending on the
- // isRegex boolean flag. All matches are added to the trusteeNames vector.
- // -----------------------------------------------------------------------
-
StringVector::iterator iterator;
for(iterator = allTrusteeNames->begin(); iterator != allTrusteeNames->end(); iterator++) {
if(this->IsMatch(trusteeNamePattern, (*iterator), isRegex)) {
@@ -448,6 +446,9 @@
PACCESS_MASK accessRights = NULL;
accessRights = reinterpret_cast<PACCESS_MASK>(::LocalAlloc(LPTR, sizeof(PACCESS_MASK) + sizeof(ACCESS_MASK)));
if(accessRights == NULL) {
+
+ LocalFree(pSD);
+
throw ProbeException(baseErrMsg + " Out of memory! Unable to allocate memory for access rights.");
//item->SetStatus(OvalEnum::STATUS_ERROR);
@@ -532,14 +533,12 @@
if(trusteeName->GetOperation() == OvalEnum::OPERATION_EQUALS && !trusteeName->GetNil()) {
if(trusteeName->GetVarRef() == NULL) {
- if(this->TrusteeNameExists(trusteeName->GetValue(), WindowsCommon::GetAllTrusteeNames())) {
- trusteeNames = new StringVector();
+ if(!this->TrusteeNameExists(trusteeName->GetValue(), WindowsCommon::GetAllTrusteeNames())) {
trusteeNames->push_back(trusteeName->GetValue());
result = true;
}
} else {
- trusteeNames = new StringVector();
VariableValueVector::iterator iterator;
for(iterator = trusteeName->GetVarRef()->GetValues()->begin(); iterator != trusteeName->GetVarRef()->GetValues()->end(); iterator++) {
if(this->TrusteeNameExists((*iterator)->GetValue(), WindowsCommon::GetAllTrusteeNames())) {
Modified: trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/FileEffectiveRightsProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -71,7 +71,11 @@
/** Identify all trustee names for the specified trusteeName ObjectEntity. */
StringSet* GetTrusteeNames(string path, string fileName, ObjectEntity* trusteeName, bool resolveGroupBehavior, bool includeGroupBehavior);
- /** Search all trustee names on the the specifed file and return the set of names the match the specifeid criteria. */
+ /**
+ Select all Trustees that match the specified trusteeNamePattern.
+ Matching is done via regex or != depending on the isRegex boolean
+ flag. All matches are added to the trusteeNames vector.
+ */
void GetMatchingTrusteeNames(string trusteeNamePattern, StringVector* allTrusteeNames, StringSet* trusteeNames, bool isRegex = true);
/** Return ture if the specfied trustee name exists in the set of trustee names */
Modified: trunk/ovaldi/src/probes/windows/GroupProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/GroupProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/GroupProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: GroupProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -56,8 +55,6 @@
}
ItemVector* GroupProbe::CollectItems(Object *object) {
-
- ItemVector *collectedItems = new ItemVector();
// get the trustee_name from the provided object
ObjectEntity* group = object->GetElementByName("group");
@@ -77,6 +74,8 @@
throw ProbeException("Error group_objects do not support behaviors.");
}
+ ItemVector *collectedItems = new ItemVector();
+
// get the group data
if(group->GetVarRef() == NULL) {
if(group->GetOperation() == OvalEnum::OPERATION_EQUALS) {
Modified: trunk/ovaldi/src/probes/windows/GroupProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/GroupProbe.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/GroupProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: GroupProbe.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Modified: trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -28,6 +28,8 @@
//
//****************************************************************************************//
#include "PasswordPolicyProbe.h"
+#include "WMIItem.h"
+#include "WMIUtil.h"
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PasswordPolicyProbe Class ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
@@ -91,10 +93,18 @@
item->AppendElement(new ItemEntity("min_passwd_age", minPasswordAge, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
item->AppendElement(new ItemEntity("min_passwd_len", minPasswordLen, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
item->AppendElement(new ItemEntity("password_hist_len", passwordHistoryLen, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
- item->AppendElement(new ItemEntity("password_complexity", "", OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_NOT_COLLECTED));
- item->AppendElement(new ItemEntity("reversible_encryption", "", OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_NOT_COLLECTED));
- item->AppendMessage(new OvalMessage("At this time it is not clear how to obtain password_complexity or reversible_encryption."));
+ std::string passwordComplexity;
+ std::string reversibleEncryption;
+
+ /**
+ This is a workaround until we know the proper API to call to retrieve this information.
+ */
+ ArePasswordComplexityReverseEncryptionSet(passwordComplexity, reversibleEncryption);
+
+ item->AppendElement(new ItemEntity("password_complexity", passwordComplexity, OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("reversible_encryption", reversibleEncryption, OvalEnum::DATATYPE_BOOLEAN, false, OvalEnum::STATUS_EXISTS));
+
// Free the allocated memory.
NetApiBufferFree(pBuf);
}
@@ -114,6 +124,23 @@
return collectedItems;
}
+void PasswordPolicyProbe::ArePasswordComplexityReverseEncryptionSet(std::string &passwordComplexity, std::string &reversibleEncryption) {
+
+ vector<WMIItem> wmiItems = WMIUtil::GetPropertyValues("root\\rsop\\computer", "Select * from RSOP_SecuritySettingBoolean", "Setting");
+
+ // When passwordComplexity and reversibleEncryption haven't been explicitly set they default to (true, false)
+ passwordComplexity = "1";
+ reversibleEncryption = "0";
+
+ for(unsigned int i = 0; i < wmiItems.size(); i++) {
+ if(wmiItems[i].KeyName == "PasswordComplexity") {
+ passwordComplexity = wmiItems[i].PropertyValue;
+ } else if (wmiItems[i].KeyName == "ClearTextPassword") {
+ reversibleEncryption = wmiItems[i].PropertyValue;
+ }
+ }
+}
+
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Private Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
Modified: trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/PasswordPolicyProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -57,8 +57,17 @@
private:
PasswordPolicyProbe();
+
+ /**
+ Checks to see if password_complaexity and reversible_encryption are set.
- static PasswordPolicyProbe *instance;
+ NOTE: This is a workaround until we find the correct API call to retrieve this data.
+ This sould not be considered the correct way to retrieve this data.
+
+ */
+ void ArePasswordComplexityReverseEncryptionSet(std::string &passwordComplexity, std::string &reversibleEncryption);
+
+ static PasswordPolicyProbe *instance;
};
#endif
Modified: trunk/ovaldi/src/probes/windows/RegistryProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/RegistryProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/RegistryProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -68,9 +67,6 @@
// not found. If not in verbose mode only keys that have a matching name
// are printed.
-
- ItemVector *collectedItems = new ItemVector();
-
// get the hive, key, and name from the provided object
ObjectEntity* hive = object->GetElementByName("hive");
ObjectEntity* key = object->GetElementByName("key");
@@ -103,6 +99,8 @@
throw ProbeException("Error: (RegistryProbe) Behaviors are not supported.");
}
+ ItemVector *collectedItems = new ItemVector();
+
// get all the hives
ItemEntityVector* hives = this->GetHives(hive);
ItemEntityVector::iterator hiveIt;
@@ -233,6 +231,7 @@
/////////////////////////////////////////////////////////////////
HKEY rootKey = GetRootKey(hiveIn);
if(rootKey == NULL) {
+ free(lpName);
errorMessage.append("(RegistryProbe) The registry hive '");
errorMessage.append(hiveIn);
errorMessage.append("' does not exist.");
@@ -293,6 +292,8 @@
}
}
}
+
+ free(lpName);
RegCloseKey(hkey);
}
@@ -313,7 +314,7 @@
/////////////////////////////////////////////////////////////////
HKEY rootKey = GetRootKey(hiveIn);
if(rootKey == NULL) {
-
+ free(lpName);
errorMessage.append("(RegistryProbe) The registry hive '");
errorMessage.append(hiveIn);
errorMessage.append("' does not exist.");
@@ -374,10 +375,13 @@
pcreMsg.append(ex.GetErrorMessage());
Log::Debug(pcreMsg);
} else {
+ free(lpName);
throw;
}
}
}
+
+ free(lpName);
RegCloseKey(hkey);
}
@@ -621,9 +625,9 @@
value.append(binaryBuf);
// add a space only if not at the end of the string
- if(x < (valuelenIn - 1)) {
+ /*if(x < (valuelenIn - 1)) {
value.append(" ");
- }
+ }*/
}
item->AppendElement(new ItemEntity("value", value, OvalEnum::DATATYPE_BINARY, false, OvalEnum::STATUS_EXISTS));
@@ -1035,6 +1039,8 @@
exists = false;
} else if (res != ERROR_SUCCESS) {
+
+ free(value);
string systemErrMsg = WindowsCommon::GetErrorMessage(res);
char errorCodeBuffer[20];
Modified: trunk/ovaldi/src/probes/windows/SidProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/SidProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/SidProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: SidProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -117,8 +116,6 @@
// http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netlocalgroupgetmembers.asp
//
// -----------------------------------------------------------------------
-
- ItemVector *collectedItems = new ItemVector();
// get the trustee_name from the provided object
ObjectEntity* trusteeName = object->GetElementByName("trustee_name");
@@ -133,22 +130,28 @@
throw ProbeException("Error: invalid operation specified on trustee_name. Found: " + OvalEnum::OperationToString(trusteeName->GetOperation()));
}
+ ItemVector *collectedItems = new ItemVector();
+
// support behaviors - init with defaults.
bool includeGroupBehavior = true;
bool resolveGroupBehavior = false;
if(object->GetBehaviors()->size() != 0) {
BehaviorVector* behaviors = object->GetBehaviors();
BehaviorVector::iterator iterator;
- for(iterator = behaviors->begin(); iterator != behaviors->end(); iterator++) {
+ for(iterator = behaviors->begin(); iterator != behaviors->end(); iterator++) {
Behavior* behavior = (*iterator);
- if(behavior->GetName().compare("include_group") == 0 && behavior->GetValue().compare("false") == 0) {
- includeGroupBehavior = false;
- } else if(behavior->GetName().compare("resolve_group") == 0 && behavior->GetValue().compare("true") == 0) {
- resolveGroupBehavior = true;
- } else {
- Log::Info("Unsupported behavior found when collecting " + object->GetId());
- }
- }
+ if(behavior->GetName().compare("include_group") == 0) {
+ if(behavior->GetValue().compare("false") == 0) {
+ includeGroupBehavior = false;
+ }
+ } else if(behavior->GetName().compare("resolve_group") == 0) {
+ if(behavior->GetValue().compare("true") == 0) {
+ resolveGroupBehavior = true;
+ }
+ } else {
+ Log::Info("Unsupported behavior found when collecting " + object->GetId() + " Found behavior: " + behavior->GetName() + " = " + behavior->GetValue());
+ }
+ }
}
// get the SID data
Modified: trunk/ovaldi/src/probes/windows/SidProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/SidProbe.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/SidProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: SidProbe.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
Added: trunk/ovaldi/src/probes/windows/SidSidProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/SidSidProbe.cpp (rev 0)
+++ trunk/ovaldi/src/probes/windows/SidSidProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,276 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "SidSidProbe.h"
+
+//****************************************************************************************//
+// SidSidProbe Class //
+//****************************************************************************************//
+SidSidProbe* SidSidProbe::instance = NULL;
+
+SidSidProbe::SidSidProbe() : AbsProbe() {
+
+}
+
+SidSidProbe::~SidSidProbe() {
+
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+AbsProbe* SidSidProbe::Instance() {
+
+ // Use lazy initialization
+ if(instance == NULL)
+ instance = new SidSidProbe();
+
+ return instance;
+}
+
+ItemVector* SidSidProbe::CollectItems(Object *object) {
+ // -----------------------------------------------------------------------
+ //
+ // ABSTRACT
+ //
+ // Run the sid_sid probe. Return a vector of Items that match
+ //
+ // if not using variables
+ // if operation == equals
+ // - call LookupAccountName and return collected item
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/lookupaccountname.asp
+ //
+ // if operation == not equals || operation == pattern match
+ // - get all sids see note below...
+ // - determine set of sids that match the specified criteria
+ // - for each match call LookupAccountName and return collected item
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/lookupaccountname.asp
+ //
+ // Behaviors:
+ // The following behaviors are supported when collecting sid objects:
+ // - include_group: should be paired with the "resolve_group" behavior.
+ // When true, include the group in the set of sids. When false, do not
+ // include the group in the set of sids.
+ //
+ // - resolve_group: when true, if the trustee name specifies a group
+ // then return all users in the group. When false just return sid
+ // for the group.
+ //
+ //
+ //
+ // NOTE:
+ // I have not yet found a way to get all the SIDs on a system. To handle this
+ // for now I am getting all the sids of the local users, local groups, and
+ // global groups. Then expanding all the groups found above to get all of their
+ // members. Additionally I look up all well known trustee names by their sid string
+ // to ensure all well know sids are captured. For now this will have to suffice as
+ // the set of all SIDs on a system.
+ //
+ // NOTE:
+ // Trustee name is expected to be a fully qualified name like:
+ // domain_name\user_name
+ // or a well known account name like:
+ // Administrators, or SYSTEM, or Administrator, or Users
+ //
+ // TODO:
+ // Ensure that a given account is only looked up once
+ //
+ // Get All Local users with:
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netuserenum.asp
+ //
+ // Get all global groups with:
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netgroupenum.asp
+ // Get global group members with:
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netgroupgetusers.asp
+ //
+ // Get all local groups with:
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netlocalgroupenum.asp
+ // Get local group members with:
+ // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netmgmt/netmgmt/netlocalgroupgetmembers.asp
+ //
+ // -----------------------------------------------------------------------
+
+ ItemVector *collectedItems = new ItemVector();
+
+ // get the trustee_sid from the provided object
+ ObjectEntity* trusteeSid = object->GetElementByName("trustee_sid");
+
+ // check datatypes - only allow string
+ if(trusteeSid->GetDatatype() != OvalEnum::DATATYPE_STRING) {
+ throw ProbeException("Error: invalid data type specified on trustee_sid. Found: " + OvalEnum::DatatypeToString(trusteeSid->GetDatatype()));
+ }
+
+ // check operation - only allow equals, not equals and pattern match
+ if(trusteeSid->GetOperation() != OvalEnum::OPERATION_EQUALS && trusteeSid->GetOperation() != OvalEnum::OPERATION_PATTERN_MATCH && trusteeSid->GetOperation() != OvalEnum::OPERATION_NOT_EQUAL) {
+ throw ProbeException("Error: invalid operation specified on trustee_sid. Found: " + OvalEnum::OperationToString(trusteeSid->GetOperation()));
+ }
+
+ // support behaviors - init with defaults.
+ bool includeGroupBehavior = true;
+ bool resolveGroupBehavior = false;
+ if(object->GetBehaviors()->size() != 0) {
+ BehaviorVector* behaviors = object->GetBehaviors();
+ BehaviorVector::iterator iterator;
+ for(iterator = behaviors->begin(); iterator != behaviors->end(); iterator++) {
+ Behavior* behavior = (*iterator);
+ if(behavior->GetName().compare("include_group") == 0) {
+ if(behavior->GetValue().compare("false") == 0) {
+ includeGroupBehavior = false;
+ }
+ } else if(behavior->GetName().compare("resolve_group") == 0) {
+ if(behavior->GetValue().compare("true") == 0) {
+ resolveGroupBehavior = true;
+ }
+ } else {
+ Log::Info("Unsupported behavior found when collecting " + object->GetId() + " Found behavior: " + behavior->GetName() + " = " + behavior->GetValue());
+ }
+ }
+ }
+
+ // get the SID data
+ if(trusteeSid->GetVarRef() == NULL) {
+ if(trusteeSid->GetOperation() == OvalEnum::OPERATION_EQUALS) {
+ this->GetAccountInformation(trusteeSid->GetValue(), resolveGroupBehavior, includeGroupBehavior, collectedItems);
+ } else {
+
+ bool isRegex = false;
+ if(trusteeSid->GetOperation() == OvalEnum::OPERATION_PATTERN_MATCH)
+ isRegex = true;
+
+ // Get all trustee_sids on the system...
+ StringVector* allTrusteeSids = WindowsCommon::GetAllTrusteeSIDs();
+
+ // Get the set of trustee names that match the ItemEntity.
+ StringVector::iterator iterator;
+ for(iterator = allTrusteeSids->begin(); iterator != allTrusteeSids->end(); iterator++) {
+ string curr = (*iterator);
+ if(this->IsMatch(trusteeSid->GetValue(), (*iterator), isRegex)) {
+ this->GetAccountInformation((*iterator), resolveGroupBehavior, includeGroupBehavior, collectedItems);
+ }
+ }
+ }
+
+ } else {
+ // Get all trustee_sids on the system...
+ StringVector* allTrusteeSids = WindowsCommon::GetAllTrusteeSIDs();
+
+ // loop through all trustee sids on the system
+ // only keep those that match operation and value and var check
+ StringVector::iterator it;
+ ItemEntity* tmp = this->CreateItemEntity(trusteeSid);
+ for(it = allTrusteeSids->begin(); it != allTrusteeSids->end(); it++) {
+ tmp->SetValue((*it));
+ if(trusteeSid->Analyze(tmp) == OvalEnum::RESULT_TRUE) {
+ this->GetAccountInformation((*it), resolveGroupBehavior, includeGroupBehavior, collectedItems);
+ }
+ }
+ }
+
+ return collectedItems;
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Private Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+Item* SidSidProbe::CreateItem() {
+
+ Item* item = new Item(0,
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows",
+ "win-sc",
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows windows-system-characteristics-schema.xsd",
+ OvalEnum::STATUS_ERROR,
+ "sid_item");
+
+ return item;
+}
+
+bool SidSidProbe::GetAccountInformation(string sidStr, bool resolveGroupBehavior, bool includeGroupBehavior, ItemVector* items) {
+
+ bool isComplete = true;
+
+ // lookup the trustee name
+ try {
+ string accountNameStr = "";
+ string domainStr = "";
+ bool isGroup = WindowsCommon::LookUpTrusteeSid(sidStr, &accountNameStr, &domainStr);
+
+ // if a group
+ // handle behaviors
+ if(isGroup && resolveGroupBehavior) {
+
+ if(includeGroupBehavior) {
+ Item* item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ item->AppendElement(new ItemEntity("trustee_name", accountNameStr, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_sid", sidStr, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_domain", domainStr, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ items->push_back(item);
+ }
+
+ // Get all the accounts in the group
+ StringVector* groupMemberSids = new StringVector();
+ WindowsCommon::ExpandGroupBySID(sidStr, groupMemberSids);
+ StringVector::iterator iterator;
+ for(iterator = groupMemberSids->begin(); iterator != groupMemberSids->end(); iterator++) {
+ // make recursive call...
+ try {
+ isComplete = this->GetAccountInformation((*iterator), resolveGroupBehavior, includeGroupBehavior, items);
+ } catch (Exception ex) {
+ isComplete = false;
+ Log::Debug(ex.GetErrorMessage());
+ }
+ }
+ delete groupMemberSids;
+
+ } else {
+ Item* item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ item->AppendElement(new ItemEntity("trustee_name", accountNameStr, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_sid", sidStr, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ item->AppendElement(new ItemEntity("trustee_domain", domainStr, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ items->push_back(item);
+ }
+
+ } catch(ProbeException ex) {
+ // only way to have a notice level exception thrown here
+ // is for the account to not be found. In that case return an
+ // item with a status of does not exist.
+ if(ex.GetSeverity() == ERROR_NOTICE) {
+ Item* item = this->CreateItem();
+ item->SetStatus(OvalEnum::STATUS_DOES_NOT_EXIST);
+ item->AppendElement(new ItemEntity("trustee_sid", sidStr, OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_DOES_NOT_EXIST));
+ items->push_back(item);
+ } else {
+ throw ex;
+ }
+ }
+
+ return isComplete;
+}
Added: trunk/ovaldi/src/probes/windows/SidSidProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/SidSidProbe.h (rev 0)
+++ trunk/ovaldi/src/probes/windows/SidSidProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,77 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+#ifndef SIDSIDPROBE_H
+#define SIDSIDPROBE_H
+
+#pragma warning(disable:4786)
+
+#include "AbsProbe.h"
+#include "WindowsCommon.h"
+
+using namespace std;
+
+
+/**
+ This class is responsible for collecting information for windows sid_sid_objects.
+*/
+class SidSidProbe : public AbsProbe {
+public:
+ ~SidSidProbe();
+
+ ItemVector* CollectItems(Object* object);
+ /** Return a new Item created for storing sid information. */
+ Item* CreateItem();
+
+ /** Ensure that the SidProbe is a singleton. */
+ static AbsProbe* Instance();
+
+private:
+ SidSidProbe();
+
+ static SidSidProbe* instance;
+
+ /** Get account information for the specified account name.
+ Support behaviors. Resulting Items are pushed on to the
+ items vector.
+ Return false if the set of items in not complete.
+
+ TODO: how can I set the colleced object flag correctly?
+ */
+ bool GetAccountInformation(string accountName, bool resolveGroupBehavior, bool includeGroupBehavior, ItemVector* items);
+
+ /** Look up the specified trustee name.
+ Get the domain and the SID string.
+ Return true if the account is a group.
+ */
+ bool LookUpTrusteeName(string* accountNameStr, string* sidStr, string* domainStr);
+
+};
+
+#endif
Modified: trunk/ovaldi/src/probes/windows/UserProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/UserProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/UserProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: UserProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -57,8 +56,6 @@
}
ItemVector* UserProbe::CollectItems(Object *object) {
-
- ItemVector *collectedItems = new ItemVector();
// get the trustee_name from the provided object
ObjectEntity* user = object->GetElementByName("user");
@@ -79,6 +76,8 @@
throw ProbeException("Error user_objects do not support behaviors.");
}
+ ItemVector *collectedItems = new ItemVector();
+
// get the user data
if(user->GetVarRef() == NULL) {
if(user->GetOperation() == OvalEnum::OPERATION_EQUALS) {
Modified: trunk/ovaldi/src/probes/windows/WMIProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/WMIProbe.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/probes/windows/WMIProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: WMIProbe.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -59,8 +58,6 @@
ItemVector* WMIProbe::CollectItems(Object* object) {
- ItemVector* collectedItems = new ItemVector();
-
// get the namespace and wql query
ObjectEntity* wmi_namespace = object->GetElementByName("namespace");
ObjectEntity* wmi_wql = object->GetElementByName("wql");
@@ -81,6 +78,8 @@
throw ProbeException("Error: invalid operation specified on wql. Found: " + OvalEnum::OperationToString(wmi_wql->GetOperation()));
}
+ ItemVector* collectedItems = new ItemVector();
+
// get all the namespaces
ItemEntityVector* namespaces = this->GetNamespaces(wmi_namespace);
ItemEntityVector::iterator namespaceIt;
@@ -234,46 +233,32 @@
throw ProbeException("(WMIProbe) Wmi query failed. ('" + wmi_wql->GetValue() + "')", ERROR_FATAL);
}
- HRESULT enumhRes = WBEM_S_NO_ERROR;
IWbemClassObject *pclsObj[1];
ULONG uReturn = 0;
+ HRESULT enumhRes = pEnumerator->Next(WBEM_INFINITE, 1, pclsObj, &uReturn);
// iterate through each instance returned
- while (enumhRes == WBEM_S_NO_ERROR) {
-
- enumhRes = pEnumerator->Next(WBEM_INFINITE, 1, pclsObj, &uReturn);
-
+ do {
// We have finished looping through the enumeration. If no results
// were returned, ie pEnumerator is empty, then we will break out of the
// while loop. Must create an item . This will cause the wmi
// probe to return an empty item vector which will mean the collected
// object in the sc file will have a does not exist flag.
- if((uReturn == 0) || (enumhRes == WBEM_S_FALSE)) {
-
+ if(item == NULL){
item = this->CreateItem();
item->AppendElement(new ItemEntity("namespace", wmi_namespace->GetValue(), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
item->AppendElement(new ItemEntity("wql", wmi_wql->GetValue(), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
item->SetStatus(OvalEnum::STATUS_EXISTS);
- item->AppendElement(new ItemEntity("result", "", OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_DOES_NOT_EXIST));
+ }
+ if((uReturn == 0) || (enumhRes == WBEM_S_FALSE)) {
+ item->AppendElement(new ItemEntity("result", "", OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_DOES_NOT_EXIST));
break;
-
} else {
// We have a result. Create an ItemEntity for it and add it to the
// item.
- // If the item hasn't been created, create it. This peice of code
- // allows the while loop to break out without having created an
- // item for the case where the enumeration was empty.
-
- if (item == NULL) {
- item = this->CreateItem();
- item->AppendElement(new ItemEntity("namespace", wmi_namespace->GetValue(), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
- item->AppendElement(new ItemEntity("wql", wmi_wql->GetValue(), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
- item->SetStatus(OvalEnum::STATUS_EXISTS);
- }
-
if ((enumhRes == WBEM_E_INVALID_PARAMETER) ||
(enumhRes == WBEM_E_OUT_OF_MEMORY) ||
(enumhRes == WBEM_E_UNEXPECTED) ||
@@ -327,6 +312,7 @@
wcstombs(szChar, vtProp.bstrVal, size);
strFieldValue = szChar;
item->AppendElement(new ItemEntity("result", strFieldValue, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ delete szChar;
} else {
item->AppendElement(new ItemEntity("result", strFieldValue, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_ERROR));
}
@@ -393,6 +379,7 @@
for (ULONG n=0; n<uReturn; n++) pclsObj[n]->Release();
}
}
+ while ( ( enumhRes = pEnumerator->Next(WBEM_INFINITE, 1, pclsObj, &uReturn) ) == WBEM_S_NO_ERROR );
} catch (ProbeException ex) {
// Make sure we clean up if there is an error, otherwise we will get an COM
// security error when we try to run the wmi probe again.
Added: trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.cpp
===================================================================
--- trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.cpp (rev 0)
+++ trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,397 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "WUAUpdateSearcherProbe.h"
+
+//****************************************************************************************//
+// WUAUpdateSearcherProbe Class //
+//****************************************************************************************//
+
+WUAUpdateSearcherProbe* WUAUpdateSearcherProbe::instance = NULL;
+
+WUAUpdateSearcherProbe::WUAUpdateSearcherProbe() {
+
+}
+
+WUAUpdateSearcherProbe::~WUAUpdateSearcherProbe() {
+
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+AbsProbe* WUAUpdateSearcherProbe::Instance() {
+
+ // Use lazy initialization
+ if(instance == NULL)
+ instance = new WUAUpdateSearcherProbe();
+
+ return instance;
+}
+
+void WUAUpdateSearcherProbe::DeleteInstance() {
+ if(instance != NULL) {
+ delete instance;
+ instance = NULL;
+ }
+}
+
+ItemVector* WUAUpdateSearcherProbe::CollectItems(Object* object) {
+
+ // get the search_criteria
+ /**
+ The search_criteria entity specifies a search criteria to use when
+ generating a search result. The string used for the search criteria
+ entity must match the custom search language for Search method of the
+ IUpdateSearcher interface. The string consists of criteria that are
+ evaluated to determine which updates to return. The Search method performs
+ a synchronous search for updates by using the current configured search
+ options. For more information about possible search criteria, please see
+ the Search method of the IUpdateSearcher interface.
+ */
+ ObjectEntity* search_criteria = object->GetElementByName("search_criteria");
+
+ // check datatype and operation
+ if(search_criteria->GetDatatype() != OvalEnum::DATATYPE_STRING) {
+ throw ProbeException("Error: invalid data type specified on search_criteria. Found: " + OvalEnum::DatatypeToString(search_criteria->GetDatatype()));
+ }
+
+ if(search_criteria->GetOperation() != OvalEnum::OPERATION_EQUALS ) {
+ throw ProbeException("Error: invalid operation specified on search_criteria. Found: " + OvalEnum::OperationToString(search_criteria->GetOperation()));
+ }
+
+ ItemVector* collectedItems = new ItemVector();
+
+ // get all the search_criteria
+ ItemEntityVector* searchCriteriaItems = this->GetSearchCriteria(search_criteria);
+ ItemEntityVector::iterator searchCriteriaIt;
+ for(searchCriteriaIt=searchCriteriaItems->begin(); searchCriteriaIt!=searchCriteriaItems->end(); searchCriteriaIt++) {
+
+ // run the queries and push the results on to the
+ // collectedItems return vector.
+ Item* item = this->DoWUASearch((*searchCriteriaIt));
+ if(item != NULL) {
+ collectedItems->push_back(item);
+ }
+ }
+ delete searchCriteriaItems;
+
+ return collectedItems;
+}
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Private Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+
+Item* WUAUpdateSearcherProbe::CreateItem() {
+
+ Item* item = new Item(0,
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows",
+ "win-sc",
+ "http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows windows-system-characteristics-schema.xsd",
+ OvalEnum::STATUS_ERROR,
+ "wuaupdatesearcher_item");
+
+ return item;
+}
+
+ItemEntityVector* WUAUpdateSearcherProbe::GetSearchCriteria(ObjectEntity* search_criteria) {
+
+ ItemEntityVector* searchCriteriaItems = new ItemEntityVector();
+
+ // does this search_criteria use variables?
+ if(search_criteria->GetVarRef() == NULL) {
+
+ ItemEntity* tmp = this->CreateItemEntity(search_criteria);
+ tmp->SetValue(search_criteria->GetValue());
+ searchCriteriaItems->push_back(tmp);
+
+ } else {
+
+ // retrieve all the variable values that match the supplied var_ref.
+ VariableValueVector* vars = search_criteria->GetVariableValues();
+
+ // loop through all values
+ VariableValueVector::iterator iterator;
+ for(iterator = vars->begin(); iterator != vars->end(); iterator++) {
+
+ ItemEntity* tmp = this->CreateItemEntity(search_criteria);
+ tmp->SetValue((*iterator)->GetValue());
+ searchCriteriaItems->push_back(tmp);
+ }
+ }
+
+ return searchCriteriaItems;
+}
+
+void WUAUpdateSearcherProbe::ShutdownWUASearcher() {
+
+ if(NULL != pISearchResult) {
+ pISearchResult->Release();
+ pISearchResult = NULL;
+ }
+
+ if(NULL != pIUpdateCollection) {
+ pIUpdateCollection->Release();
+ pIUpdateCollection = NULL;
+ }
+
+ if(NULL != pIUpdateSession) {
+ pIUpdateSession->Release();
+ pIUpdateSession = NULL;
+ }
+
+ if(NULL != pIUpdateServiceManager) {
+ pIUpdateServiceManager->Release();
+ pIUpdateServiceManager = NULL;
+ }
+
+ if(NULL != pIUSearcher) {
+ pIUSearcher->Release();
+ pIUSearcher = NULL;
+ }
+
+ CoUninitialize();
+}
+
+Item* WUAUpdateSearcherProbe::DoWUASearch(ItemEntity* search_criteria) {
+
+ Item* item = NULL;
+
+ this->InitWUASearcher();
+
+ try {
+
+ HRESULT hres;
+
+ // do the search call.
+ BSTR searchString = _bstr_t(search_criteria->GetValue().c_str());
+ hres = pIUSearcher->Search(searchString, &pISearchResult);
+ if(FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) An error occured when attempting to Search for updates. " + errorMessage, ERROR_FATAL);
+ }
+
+
+ //
+ // passed connection initialization and search call so create the item
+ //
+ item = this->CreateItem();
+ item->AppendElement(new ItemEntity("search_criteria", search_criteria->GetValue(), OvalEnum::DATATYPE_STRING, true, OvalEnum::STATUS_EXISTS));
+
+
+ // examine the result code on the pISearchResult
+ OperationResultCode resultCode;
+ pISearchResult->get_ResultCode(&resultCode);
+ if(resultCode == orcSucceededWithErrors) {
+
+ string errorMessage = "The search operation is complete, but one or more errors occurred during the operation. The results might be incomplete.";
+ item->AppendMessage(new OvalMessage(errorMessage, OvalEnum::LEVEL_WARNING));
+
+ } else if(resultCode != orcSucceeded) {
+ string errorMessage;
+
+ if(resultCode == orcFailed) {
+ errorMessage = "The search operation failed to complete.";
+ } else {
+ errorMessage = "An error occured during the search operation.";
+ }
+
+ throw ProbeException("(WUAUpdateSearcherProbe) Update search error. " + errorMessage, ERROR_FATAL);
+ }
+
+ // get the updates that were found.
+ hres = pISearchResult->get_Updates(&pIUpdateCollection);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to . " + errorMessage, ERROR_FATAL);
+ }
+
+ // Check to see if any updates were found
+ long resultCount = 0;
+ hres = pIUpdateCollection->get_Count(&resultCount);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to get a coutn of search results. " + errorMessage, ERROR_FATAL);
+ }
+
+ if(resultCount == 0) {
+
+ item->SetStatus(OvalEnum::STATUS_DOES_NOT_EXIST);
+
+ } else {
+
+ // get the enum to the set of updates
+ LPUNKNOWN pIUnknown = NULL;
+ hres = pIUpdateCollection->get__NewEnum(&pIUnknown);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to get an enumerator to the search results. " + errorMessage, ERROR_FATAL);
+ }
+
+ // cast the enumerator of the search results
+ IEnumVARIANT *pIEnumVARIANT;
+ hres = pIUnknown->QueryInterface(IID_IEnumVARIANT,(void**)&pIEnumVARIANT);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to cast the enumerator of the search results. " + errorMessage, ERROR_FATAL);
+ }
+
+ // examine all the searh results
+ ULONG celtFetched = 0;
+ HRESULT nextHRES = S_OK;
+ VARIANT variant;
+ while(S_OK == nextHRES) {
+
+ nextHRES = pIEnumVARIANT->Next(1, &variant, &celtFetched);
+
+ if((0==celtFetched) || (S_FALSE==nextHRES)) {
+
+ // No more results to process so break
+ break;
+
+ } else {
+
+ // We have a result. Create an ItemEntity for it and add it to the item.
+ IDispatch *pDisp = NULL;
+ IUpdate* pUpdate;
+
+ pDisp = V_DISPATCH(&variant);
+ pDisp->QueryInterface(IID_IUpdate, (void**)&pUpdate);
+ pDisp->Release();
+
+ IUpdateIdentity * pIUpdateIdentity;
+ pUpdate->get_Identity(&pIUpdateIdentity);
+ BSTR updateID;
+ pIUpdateIdentity->get_UpdateID(&updateID);
+ std::string buffer = _bstr_t(updateID);
+
+ item->SetStatus(OvalEnum::STATUS_EXISTS);
+ item->AppendElement(new ItemEntity("update_id", buffer, OvalEnum::DATATYPE_STRING, false, OvalEnum::STATUS_EXISTS));
+ }
+ }
+ }
+
+ } catch (ProbeException ex) {
+
+ if(item != NULL)
+ delete item;
+
+ this->ShutdownWUASearcher();
+
+ // re-throw the error so it can be caught higher up.
+ throw ex;
+
+ } catch (...) {
+
+ if(item != NULL)
+ delete item;
+
+ this->ShutdownWUASearcher();
+
+ // re-throw the error so it can be caught higher up.
+ throw ProbeException("(WUAUpdateSearcherProbe) An unknown error occured while searching for updates.");
+ }
+
+ this->ShutdownWUASearcher();
+
+ return item;
+}
+
+void WUAUpdateSearcherProbe::InitWUASearcher() {
+
+ HRESULT hres;
+
+ try {
+
+ // establish COM connection
+ hres = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to initialize COM library. " + errorMessage, ERROR_FATAL);
+ }
+
+ // set security of COM connection to the default
+ hres = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to initialize COM security. " + errorMessage, ERROR_FATAL);
+ }
+
+ // create the Update Session
+ hres = CoCreateInstance(CLSID_UpdateSession, NULL, CLSCTX_INPROC_SERVER, IID_IUpdateSession, (LPVOID *)&pIUpdateSession);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to create IUpdateSession object. " + errorMessage, ERROR_FATAL);
+ }
+
+ // create the update service manager IUpdateServiceManager
+ hres = CoCreateInstance(CLSID_UpdateServiceManager, NULL, CLSCTX_INPROC_SERVER, IID_IUpdateServiceManager, (LPVOID *)&pIUpdateServiceManager);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to create IUpdateServiceManager object. " + errorMessage, ERROR_FATAL);
+ }
+
+ // create an update searcher
+ hres = pIUpdateSession->CreateUpdateSearcher(&pIUSearcher);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to create the IUpdateSearcher object. " + errorMessage, ERROR_FATAL);
+ }
+
+ // include potentially superceeded updates. We want to make sure we are searching ALL updates
+ hres = pIUSearcher->put_IncludePotentiallySupersededUpdates(VARIANT_TRUE);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to set search scope to include potentially superseded updates. " + errorMessage, ERROR_FATAL);
+ }
+
+ // use the systems default server for searching for updates
+ hres = pIUSearcher->put_ServerSelection(ssDefault);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw ProbeException("(WUAUpdateSearcherProbe) Failed to set the server to search for updates. " + errorMessage, ERROR_FATAL);
+ }
+
+ } catch (ProbeException ex) {
+
+ this->ShutdownWUASearcher();
+
+ // re-throw the error so it can be caught higher up.
+ throw ex;
+
+ } catch (...) {
+
+ this->ShutdownWUASearcher();
+
+ // re-throw the error so it can be caught higher up.
+ throw ProbeException("An unknown error occured while executing a windows update search.");
+ }
+}
Added: trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.h
===================================================================
--- trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.h (rev 0)
+++ trunk/ovaldi/src/probes/windows/WUAUpdateSearcherProbe.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,117 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#ifndef WUAUPDATESEARCHERPROBE_H
+#define WUAUPDATESEARCHERPROBE_H
+
+#pragma warning(disable:4786)
+
+#include "AbsProbe.h"
+#include "WindowsCommon.h"
+
+
+#undef __DOMDocument_FWD_DEFINED__
+#include <comdef.h>
+#include <Dsgetdc.h>
+#include <Lm.h>
+#include <windows.h>
+#include <Wuapi.h>
+
+using namespace std;
+
+/**
+ This class is responsible for collecting information for windows wuaupdatesearcher_object.
+
+ The wuaupdatesearcher_object element is used by a wuaupdatesearcher_test to
+ define the specific search criteria to be evaluated.
+
+ NOTICE: This interpreter only searches the default update service for the
+ system. This is likely update.micorsoft.com.
+*/
+class WUAUpdateSearcherProbe : public AbsProbe {
+
+public:
+ ~WUAUpdateSearcherProbe();
+
+ /** Run the probe. */
+ ItemVector* CollectItems(Object* object);
+
+ /** Return a new Item created for storing wuaupdatesearcher information */
+ Item* CreateItem();
+
+ /** Ensure that the WUAUpdateSearcherProbe is a singleton. */
+ static AbsProbe* Instance();
+
+ /** Delete the Singlton instance of the probe. */
+ static void DeleteInstance();
+
+private:
+ WUAUpdateSearcherProbe();
+
+ static WUAUpdateSearcherProbe* instance;
+
+ /** Get the set of all search criteria string for the specified ObjectEntity. */
+ ItemEntityVector* GetSearchCriteria(ObjectEntity* search_criteria);
+
+ /**
+ Do the search and return an Item with the results.
+
+ Sets the update_id entity on the returned item. The update_id specifies
+ a string that represents a revision-independent identifier of an update.
+ This information is part of the IUpdateIdentity interface that is part
+ of the result of the IUpdateSearcher interface's Search method. Note
+ that multiple update identifiers can be associated with a give search
+ criteria and thus multiple entities can exist for this item.
+ */
+ Item* DoWUASearch(ItemEntity* search_criteria);
+
+ /**
+ Initializes the WUA Searcher.
+ Creates a COM connection and gets an update searcher.
+ */
+ void InitWUASearcher();
+
+ /**
+ Shutdown the update searcher and clean up all the allocated resources.
+ Closes COM interface.
+ */
+ void ShutdownWUASearcher();
+
+
+ // Variables
+ IUpdateSession* pIUpdateSession;
+ IUpdateServiceManager* pIUpdateServiceManager;
+ IUpdateSearcher* pIUSearcher;
+
+ IUpdateCollection* pIUpdateCollection;
+ ISearchResult* pISearchResult;
+};
+
+#endif
Modified: trunk/ovaldi/src/solaris/ProbeFactory.cpp
===================================================================
--- trunk/ovaldi/src/solaris/ProbeFactory.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/solaris/ProbeFactory.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -104,6 +104,8 @@
// SOLARIS PORT NOTICE: get an instance of the probe for this object
} else if(objectName.compare("patch_object") == 0) {
// SOLARIS PORT NOTICE: get an instance of the probe for this object
+ } else {
+ Log::Info(objectName + " is not currently supported.");
}
return probe;
Modified: trunk/ovaldi/src/solaris/SystemInfo.cpp
===================================================================
--- trunk/ovaldi/src/solaris/SystemInfo.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/solaris/SystemInfo.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -184,20 +184,26 @@
// First make a call to gethostname()
string strHostName = "";
- char *chHostName = (char*)malloc(sizeof(char*)*MAXHOSTNAMELENGTH);
+ char *chHostName = (char*)malloc(sizeof(char)*(MAXHOSTNAMELENGTH + 1));
int res = 0;
res = gethostname(chHostName, MAXHOSTNAMELENGTH);
- if(res != 0)
+ if(res != 0) {
+ free(chHostName);
throw SystemInfoException("Error: Unable to determine the host name.");
+ }
strHostName = chHostName;
// Next get the fqdn with a call to gethostbyname
struct hostent *hostData = NULL;
hostData = gethostbyname((const char*)chHostName);
- if(hostData == NULL)
+ if(hostData == NULL) {
+ free(chHostName);
throw SystemInfoException("Error: Unable to get the fully qualified domain name.");
+ }
+ free(chHostName);
+
// Process the hostData structure
sysInfo->primary_host_name = hostData->h_name;
}
@@ -231,6 +237,7 @@
conf.ifc_buf = (char*)malloc(conf.ifc_len);
if(ioctl(sock, SIOCGIFCONF, &conf) == -1) {
+ free(conf.ifc_buf);
throw SystemInfoException("Error: Unable to get a device list.");
}
@@ -277,6 +284,7 @@
}
ifc.ifc_len = IFRSIZE;
if (ioctl(sockfd, SIOCGIFCONF, &ifc)) {
+ free(ifc.ifc_req);
throw SystemInfoException("Error: ioctl SIOCFIFCONF.");
}
} while (IFRSIZE <= ifc.ifc_len);
@@ -321,7 +329,7 @@
u = (unsigned char *) &ifr->ifr_addr.sa_data;
- char *macStr = (char*)malloc(sizeof(char*)*128);
+ char *macStr = (char*)malloc(sizeof(char)*128);
memset(macStr, 0, 128);
if (u[0] + u[1] + u[2] + u[3] + u[4] + u[5]) {
//printf("HW Address: %2.2x.%2.2x.%2.2x.%2.2x.%2.2x.%2.2x\n", u[0], u[1], u[2], u[3], u[4], u[5]);
Modified: trunk/ovaldi/src/windows/FileFinder.cpp
===================================================================
--- trunk/ovaldi/src/windows/FileFinder.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/FileFinder.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -118,6 +118,7 @@
pcreMsg.append(ex.GetErrorMessage());
Log::Debug(pcreMsg);
} else {
+ delete drives;
throw;
}
}
@@ -157,6 +158,9 @@
lpBuffer); // drive strings buffer
} else if(dwResult == 0) {
+ delete drives;
+ delete [] (lpBuffer);
+
// Error check GetLastError
char strErrorCode[33];
_itoa(GetLastError(), strErrorCode, 10);
@@ -166,6 +170,9 @@
throw FileFinderException(errMsg);
} else {
+ delete drives;
+ delete [] (lpBuffer);
+
// Unknown Error
errMsg.append("Error: Unable to enumerate the drives on the system. (Unknown error)\n");
throw FileFinderException(errMsg);
@@ -173,6 +180,8 @@
if(dwResult == 0) {
+ delete drives;
+ delete [] (lpBuffer);
// Error check GetLastError
char strErrorCode[33];
@@ -199,6 +208,8 @@
}
}
+ delete [] (lpBuffer);
+
return drives;
}
@@ -560,6 +571,8 @@
hFind = FindFirstFile(findDir.c_str(), &FindFileData);
if (hFind == INVALID_HANDLE_VALUE) {
+ delete childDirs;
+
string errorMessage = "";
errorMessage.append("Error: Unable to get a valid handle in GetChildDirectories(). Directory: ");
errorMessage.append(path);
@@ -587,6 +600,8 @@
// Close the handle to the file search object.
if(!FindClose(hFind)) {
+ delete childDirs;
+
string errorMessage = "";
errorMessage.append("Error: Unable to close search handle while trying to get child directories. Parent directory: ");
errorMessage.append(path);
@@ -601,6 +616,8 @@
} catch(...) {
+ delete childDirs;
+
string errorMessage = "";
errorMessage.append("Error: An unspecified error was encountered while trying to get child directories. Parent Directory: ");
errorMessage.append(path);
Modified: trunk/ovaldi/src/windows/ProbeFactory.cpp
===================================================================
--- trunk/ovaldi/src/windows/ProbeFactory.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/ProbeFactory.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: ProbeFactory.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -57,15 +56,23 @@
probe = AuditEventPolicyProbe::Instance();
} else if(objectName.compare("sid_object") == 0) {
probe = SidProbe::Instance();
+ } else if(objectName.compare("sid_sid_object") == 0) {
+ probe = SidSidProbe::Instance();
+ } else if(objectName.compare("fileeffectiverights53_object") == 0) {
+ probe = FileEffectiveRights53Probe::Instance();
} else if(objectName.compare("fileeffectiverights_object") == 0) {
Log::Info("Version 5.3 of OVAL deprecated the fileeffectiverights_object");
probe = FileEffectiveRightsProbe::Instance();
- } else if(objectName.compare("accesstoken_object") == 0) {
+ } else if(objectName.compare("accesstoken_object") == 0) {
probe = AccessTokenProbe::Instance();
} else if(objectName.compare("group_object") == 0) {
probe = GroupProbe::Instance();
} else if(objectName.compare("user_object") == 0) {
probe = UserProbe::Instance();
+ } else if(objectName.compare("auditeventpolicysubcategories_object") == 0) {
+ probe = AuditEventPolicySubcategoriesProbe::Instance();
+ } else if(objectName.compare("wuaupdatesearcher_object") == 0) {
+ probe = WUAUpdateSearcherProbe::Instance();
// independent schema objects
} else if(objectName.compare("family_object") == 0) {
@@ -82,7 +89,9 @@
probe = FileHashProbe::Instance();
} else if(objectName.compare("filemd5_object") == 0) {
probe = FileMd5Probe::Instance();
- }
+ } else {
+ Log::Info(objectName + " is not currently supported.");
+ }
return probe;
}
@@ -139,10 +148,19 @@
probe = UserProbe::Instance();
delete probe;
+ probe = FileEffectiveRights53Probe::Instance();
+ delete probe;
+
probe = FileEffectiveRightsProbe::Instance();
delete probe;
probe = TextFileContentProbe::Instance();
delete probe;
+
+ probe = SidSidProbe::Instance();
+ delete probe;
+
+ WUAUpdateSearcherProbe::DeleteInstance();
+
+ AuditEventPolicySubcategoriesProbe::DeleteInstance();
}
-
Modified: trunk/ovaldi/src/windows/ProbeFactory.h
===================================================================
--- trunk/ovaldi/src/windows/ProbeFactory.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/ProbeFactory.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: ProbeFactory.h 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -58,10 +57,14 @@
#include "LockoutPolicyProbe.h"
#include "AuditEventPolicyProbe.h"
#include "SidProbe.h"
+#include "SidSidProbe.h"
#include "FileEffectiveRightsProbe.h"
+#include "FileEffectiveRights53Probe.h"
#include "AccessTokenProbe.h"
#include "GroupProbe.h"
#include "UserProbe.h"
+#include "AuditEventPolicySubcategoriesProbe.h"
+#include "WUAUpdateSearcherProbe.h"
using namespace std;
Modified: trunk/ovaldi/src/windows/SystemInfo.cpp
===================================================================
--- trunk/ovaldi/src/windows/SystemInfo.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/SystemInfo.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,4 @@
//
-// $Id: SystemInfo.cpp 4579 2008-01-02 17:39:07Z bakerj $
//
//****************************************************************************************//
// Copyright (c) 2002-2008, The MITRE Corporation
@@ -36,12 +35,6 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
SystemInfo::SystemInfo() {
- // -----------------------------------------------------------------------
- // ABSTRACT
- //
- // Initialize data memebres
- //
- // -----------------------------------------------------------------------
os_name = "";
os_version = "";
@@ -51,12 +44,6 @@
}
SystemInfo::~SystemInfo() {
- // -----------------------------------------------------------------------
- // ABSTRACT
- //
- // Delete all objects in the interfaces vector.
- //
- // -----------------------------------------------------------------------
IfData *tmp = NULL;
while(interfaces.size() !=0) {
@@ -72,14 +59,7 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
-void SystemInfo::Write(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *scDoc)
-{
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Write the system_info node to the sc file.
- //------------------------------------------------------------------------------------//
+void SystemInfo::Write(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *scDoc) {
// Find the system_info node
DOMElement* sysInfoNode = XmlCommon::FindElement(scDoc, "system_info");
@@ -131,15 +111,7 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Public Members ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
-SystemInfo* SystemInfoCollector::CollectSystemInfo()
-{
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Run the system info collector. Return a SystemInfo object.
- //
- //------------------------------------------------------------------------------------//
+SystemInfo* SystemInfoCollector::CollectSystemInfo() {
SystemInfo *sysInfo = new SystemInfo();
SystemInfoCollector::GetOSInfo(sysInfo);
@@ -153,14 +125,6 @@
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
void SystemInfoCollector::GetOSInfo(SystemInfo *sysInfo) {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Get the OS name and version, the architecture, and the primary host name
- // for the system.
- //
- //------------------------------------------------------------------------------------/
//////////////////////////////////////////////////////////
//////////////// Get Archtecture //////////////////////
@@ -207,8 +171,9 @@
}
}
- // Allocate memory for that version number string
- char *verNum = (char*)malloc(sizeof(char*)*16);
+ // Allocate memory for the version number string
+ const int verNumSize = 16;
+ char *verNum = (char*)malloc(sizeof(char)*verNumSize);
if(verNum == NULL) {
throw SystemInfoException("Error: Unable to allocate memeory while gathering Operating System information.");
}
@@ -283,11 +248,11 @@
// Get Version number
_itoa(osvi.dwMajorVersion, verNum, 10);
sysInfo->os_version = verNum;
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa(osvi.dwMinorVersion, verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa(osvi.dwBuildNumber, verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
@@ -330,7 +295,7 @@
// Get Version number
_itoa(osvi.dwMajorVersion, verNum, 10);
sysInfo->os_version = verNum;
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa(osvi.dwMinorVersion, verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
@@ -393,11 +358,11 @@
// Get Version number
_itoa(osvi.dwMajorVersion, verNum, 10);
sysInfo->os_version = verNum;
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa(osvi.dwMinorVersion, verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa((osvi.dwBuildNumber & 0xFFFF), verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
@@ -411,11 +376,11 @@
// Get Version number
_itoa(osvi.dwMajorVersion, verNum, 10);
sysInfo->os_version = verNum;
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa(osvi.dwMinorVersion, verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
- ZeroMemory(verNum, sizeof(verNum));
+ ZeroMemory(verNum, verNumSize);
_itoa((osvi.dwBuildNumber & 0xFFFF), verNum, 10);
sysInfo->os_version.append(".");
sysInfo->os_version.append(verNum);
@@ -457,8 +422,8 @@
// First get the host name
char *host_name;
- int size = 256;
- host_name = (char*)malloc(sizeof(char*)*size);
+ const int size = 256;
+ host_name = (char*)malloc(sizeof(char)*size);
if(host_name == NULL) {
sysInfo->primary_host_name = "unknown";
throw SystemInfoException("Error: Unable to allocate memeory while gathering Operating System information.");
@@ -487,15 +452,6 @@
}
IfDataVector SystemInfoCollector::GetInterfaces() {
- //------------------------------------------------------------------------------------//
- //
- // ABSTRACT
- //
- // Create a vector of IfData object that will represent all the available
- // interfaces on the system.
- //
- // Must get interface_name, ip_address, and mac_address for each interface
- //------------------------------------------------------------------------------------//
IfDataVector interfaces;
@@ -597,10 +553,11 @@
// Here I am using the description value as the name
char *descStr = (char*)malloc(pMibIfRow->dwDescrLen+1);
- ZeroMemory(descStr, sizeof(descStr));
if(descStr == NULL) {
+ free(pIPAddrTable);
throw SystemInfoException("Error: Unable to allocate memeory while gathering interface information.");
}
+ ZeroMemory(descStr, sizeof(pMibIfRow->dwDescrLen+1));
for (unsigned int j=0;j<pMibIfRow->dwDescrLen;j++) {
descStr[j] = (char)pMibIfRow->bDescr[j];
//sprintf(&descStr[j],"%s",pMibIfRow->bDescr[j]);
@@ -610,11 +567,12 @@
// Format MAC Address
- char *macStr = (char*)malloc(sizeof(char*)*30);
- ZeroMemory(macStr, sizeof(macStr));
+ char *macStr = (char*)malloc(sizeof(char)*30);
if(macStr == NULL) {
+ free(pIPAddrTable);
throw SystemInfoException("Error: Unable to allocate memeory while gathering interface information.");
}
+ ZeroMemory(macStr, 30);
for (unsigned int i=0;i<pMibIfRow->dwPhysAddrLen;i++) {
sprintf(&macStr[i*3],"%02X-",pMibIfRow->bPhysAddr[i]);
}
@@ -645,7 +603,7 @@
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
-//~~~~~~~~~~~~~~~~~~~~~~~~ Class SystemInfoException ~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~ Class SystemInfoException ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
SystemInfoException::SystemInfoException(string errMsgIn, int severity, Exception* ex) : Exception(errMsgIn, severity, ex) {
// Set the error message and then set the severity to ERROR_FATAL. This is done with
Modified: trunk/ovaldi/src/windows/SystemInfo.h
===================================================================
--- trunk/ovaldi/src/windows/SystemInfo.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/SystemInfo.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -95,8 +95,12 @@
class SystemInfo {
public:
+ /** Initialize data memebers. */
SystemInfo();
+ /** Delete all objects in the interfaces vector. */
~SystemInfo();
+
+ /** Write the system_info node to the sc file. */
void Write(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *scDoc);
string os_name;
@@ -111,10 +115,17 @@
*/
class SystemInfoCollector {
public:
+ /** Run the system info collector. Return a SystemInfo object. */
static SystemInfo* CollectSystemInfo();
private:
+ /** Get the OS name and version, the architecture, and the primary host name for the system. */
static void GetOSInfo(SystemInfo*);
+
+ /** Create a vector of IfData object that will represent all the available
+ * interfaces on the system.
+ * Must get interface_name, ip_address, and mac_address for each interface
+ */
static IfDataVector GetInterfaces();
};
Added: trunk/ovaldi/src/windows/WMIItem.h
===================================================================
--- trunk/ovaldi/src/windows/WMIItem.h (rev 0)
+++ trunk/ovaldi/src/windows/WMIItem.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,45 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+
+#ifndef WMIITEM_H
+#define WMIITEM_H
+
+#include <string>
+
+struct WMIItem {
+
+public:
+ std::string KeyName;
+ std::string PropertyName;
+ std::string PropertyValue;
+};
+
+#endif
Added: trunk/ovaldi/src/windows/WMIUtil.cpp
===================================================================
--- trunk/ovaldi/src/windows/WMIUtil.cpp (rev 0)
+++ trunk/ovaldi/src/windows/WMIUtil.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,231 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+#include "WMIUtil.h"
+
+static IEnumWbemClassObject* pEnumerator = NULL;
+static IWbemLocator *pLoc = NULL;
+static IWbemServices *pSvc = NULL;
+
+void WMIUtil::Open(std::string wmi_namespace) {
+
+ HRESULT hres;
+
+ // establish COM connection
+ hres = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw Exception("(WMIUtil) Failed to initialize COM library. " + errorMessage, ERROR_FATAL);
+ }
+
+ // set security of COM connection to the default
+ hres = CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw Exception("(WMIUtil) Failed to initialize COM security. " + errorMessage, ERROR_FATAL);
+ }
+
+ // find the WMI Locator
+ hres = CoCreateInstance(CLSID_WbemLocator, NULL, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (LPVOID *) &pLoc);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw Exception("(WMIUtil) Failed to create IWbemLocator object. " + errorMessage, ERROR_FATAL);
+ }
+
+ // Connect to the specified namespace with the current user.
+ hres = pLoc->ConnectServer(_bstr_t(wmi_namespace.c_str()), NULL, NULL, 0, NULL, 0, 0, &pSvc);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw Exception("(WMIUtil) Unable to connect to the '" + wmi_namespace + "' namespace. " + errorMessage, ERROR_FATAL);
+ }
+
+ // At this point we are connected to WMI. Now set the security levels
+ // of the WMI connection.
+ hres = CoSetProxyBlanket(pSvc, RPC_C_AUTHN_WINNT, RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_CALL, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE);
+ if (FAILED(hres)) {
+ string errorMessage = _com_error(hres).ErrorMessage();
+ throw Exception("(WMIUtil) Unable to set the WMI proxy blanket. " + errorMessage, ERROR_FATAL);
+ }
+}
+
+// Input: map of key/property names
+// Returns: map of key/property names with value tacked onto end of property name after semicolon
+std::vector<WMIItem> WMIUtil::GetPropertyValues(std::string wmi_namespace, std::string wmi_query, std::string propertyName) {
+
+ IWbemClassObject *pclsObj[1];
+ pclsObj[0] = NULL;
+ std::vector<WMIItem> results;
+
+ try {
+ ULONG uReturn = 0;
+ HRESULT hres;
+ HRESULT enumhRes;
+
+ Open(wmi_namespace);
+
+ // Run the query. The results will be stored in pEnumerator.
+ hres = pSvc->ExecQuery(_bstr_t(L"WQL"), _bstr_t(wmi_query.c_str()), WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, NULL, &pEnumerator);
+ if (FAILED(hres)) {
+ throw Exception("(WMIUtil) Wmi query failed. ('" + wmi_query + "')", ERROR_FATAL);
+ }
+
+ while (((enumhRes = pEnumerator->Next(WBEM_INFINITE, 1, pclsObj, &uReturn)) == WBEM_S_NO_ERROR) && (uReturn > 0)) {
+ WMIItem wmiItem;
+ VARIANT keyname;
+
+ // Get the keyname and determine if this is an object we should be concerned with.
+ HRESULT result = pclsObj[0]->Get(bstr_t("KeyName"), 0, &keyname, NULL, NULL);
+
+ if(SUCCEEDED(result)) {
+ wmiItem.KeyName = GetStringFromVariant(keyname);
+
+ VariantClear(&keyname);
+
+ VARIANT propertyValue;
+
+ // Now get the property
+ HRESULT result = pclsObj[0]->Get(bstr_t(propertyName.c_str()), 0, &propertyValue, NULL, NULL);
+
+ if(SUCCEEDED(result)) {
+ wmiItem.PropertyName = propertyName;
+ wmiItem.PropertyValue = GetStringFromVariant(propertyValue);
+
+ VariantClear(&propertyValue);
+
+ results.push_back(wmiItem);
+ } else {
+ // Ignore the fact can't retrieve the propertyname - TODO: OK?
+ }
+ } else {
+ // Ignore the fact this object doesn't have a keyname property - TODO: OK?
+ }
+
+ pclsObj[0]->Release();
+ pclsObj[0] = NULL;
+ }
+
+ } catch(...) {
+ if(pclsObj[0] != NULL) {
+ pclsObj[0]->Release();
+ pclsObj[0] = NULL;
+ }
+
+ Close();
+
+ throw;
+ }
+
+ if(pclsObj[0] != NULL) {
+ pclsObj[0]->Release();
+ pclsObj[0] = NULL;
+ }
+
+ Close();
+
+ return results;
+}
+
+void WMIUtil::Close() {
+
+ if(pEnumerator != NULL) {
+ pEnumerator->Release();
+ }
+
+ if(pLoc != NULL) {
+ pLoc->Release();
+ }
+
+ if(pSvc != NULL) {
+ pSvc->Release();
+ }
+
+ CoUninitialize();
+}
+
+std::string WMIUtil::GetStringFromVariant(VARIANT value) {
+
+ std::string stringValue = "";
+
+ if ((V_VT(&value) == VT_BSTR)) {
+ char* szChar = NULL;
+ size_t size = 0;
+ if((size = wcstombs(0, value.bstrVal, 0)) != -1)
+ {
+ szChar = new char[size + 1];
+ szChar[size] = NULL;
+ wcstombs(szChar, value.bstrVal, size);
+ stringValue = szChar;
+
+ delete(szChar);
+ } else {
+ // TODO ERROR
+ }
+ } else if ((V_VT(&value) == VT_UINT)) {
+ char valBuf[20];
+ unsigned int intValue = V_INT(&value);
+ stringValue = _itoa_s(intValue, valBuf, 10);
+ } else if ((V_VT(&value) == VT_BOOL)) {
+ BOOL boolValue = V_BOOL(&value);
+ if(boolValue == FALSE) {
+ stringValue = "0";
+ } else {
+ stringValue = "1";
+ }
+ } else if ((V_VT(&value) == VT_DATE)) {
+ //TODO
+ } else if ((V_VT(&value) == VT_DECIMAL)) {
+ //TODO
+ } else if ((V_VT(&value) == VT_FILETIME)) {
+ //TODO
+ } else if ((V_VT(&value) == VT_INT)) {
+ char valBuf[20];
+ int intValue = V_INT(&value);
+ stringValue = _itoa_s(intValue, valBuf, 10);
+ } else if ((V_VT(&value) == VT_I1)) {
+ char charValue = V_I1(&value);
+ stringValue += charValue;
+ } else if ((V_VT(&value) == VT_I2)) {
+ char valBuf[20];
+ int intValue = V_I2(&value);
+ stringValue = _itoa_s(intValue, valBuf, 10);
+ } else if ((V_VT(&value) == VT_I4)) {
+ char valBuf[20];
+ long longValue = V_I4(&value);
+ stringValue = _ltoa(longValue, valBuf, 10);
+ } else if ((V_VT(&value) == VT_I8)) {
+ // TODO
+ } else if ((V_VT(&value) == VT_NULL)) {
+ // TODO
+ } else {
+ // TODO Unsupported data type
+ }
+
+ return stringValue;
+}
Added: trunk/ovaldi/src/windows/WMIUtil.h
===================================================================
--- trunk/ovaldi/src/windows/WMIUtil.h (rev 0)
+++ trunk/ovaldi/src/windows/WMIUtil.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,69 @@
+//
+//
+//****************************************************************************************//
+// Copyright (c) 2002-2008, The MITRE Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// * Redistributions of source code must retain the above copyright notice, this list
+// of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this
+// list of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+// * Neither the name of The MITRE Corporation nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+// OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+// SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+// OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+// TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+//****************************************************************************************//
+
+
+#ifndef WMIUTIL_H
+#define WMIUTIL_H
+
+#undef __DOMDocument_FWD_DEFINED__
+#include <comdef.h>
+#include <Dsgetdc.h>
+#include <Lm.h>
+#include <Wbemidl.h>
+#include <windows.h>
+
+#include <string>
+#include <vector>
+#include <map>
+
+#include "Exception.h"
+#include "WMIItem.h"
+
+using namespace std;
+
+/**
+ This class is responsible for collecting information from WMI.
+
+ This class is intended to be used when no other API based solution is available.
+*/
+class WMIUtil {
+
+public:
+ ~WMIUtil();
+
+ static std::vector<WMIItem> GetPropertyValues(std::string wmi_namespace, std::string wmi_query, std::string propertyName);
+
+private:
+ static void Open(std::string wmi_namespace);
+ static std::string GetStringFromVariant(VARIANT value);
+ static void Close();
+};
+
+#endif
Modified: trunk/ovaldi/src/windows/WindowsCommon.cpp
===================================================================
--- trunk/ovaldi/src/windows/WindowsCommon.cpp 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/WindowsCommon.cpp 2009-05-02 11:24:18 UTC (rev 389)
@@ -31,7 +31,9 @@
#include "WindowsCommon.h"
StringVector* WindowsCommon::allTrusteeNames = NULL;
+StringVector* WindowsCommon::allTrusteeSIDs = NULL;
StringVector* WindowsCommon::wellKnownTrusteeNames = NULL;
+const int NAME_BUFFER_SIZE = 255;
bool WindowsCommon::DisableAllPrivileges() {
@@ -314,6 +316,124 @@
return groupExists;
}
+
+bool WindowsCommon::ExpandGroupBySID(string groupSidStr, StringVector* memberSids) {
+
+ char groupNameBuffer[NAME_BUFFER_SIZE];
+ char domainNameBuffer[NAME_BUFFER_SIZE];
+ SID_NAME_USE sidType;
+ PSID pGroupSid;
+ bool retVal = false;
+ BYTE *pLocalMemberBuffer = NULL;
+
+ try {
+ if(ConvertStringSidToSid(groupSidStr.c_str(), &pGroupSid) == 0) {
+ throw Exception("Error encountered converting group string SID in WindowsCommon::ExpandGroupBySID");
+ } else {
+ DWORD dwGroupNameBufferSize = NAME_BUFFER_SIZE;
+ DWORD dwDomainNameBufferSize = NAME_BUFFER_SIZE;
+
+ if(LookupAccountSid(NULL, pGroupSid, groupNameBuffer, &dwGroupNameBufferSize, domainNameBuffer, &dwDomainNameBufferSize, &sidType) != 0) {
+ DWORD dwEntriesRead = 0;
+ DWORD dwTotalEntries = 0;
+
+ wchar_t wideGroupNameBuffer[NAME_BUFFER_SIZE];
+
+ memset(wideGroupNameBuffer, 0, NAME_BUFFER_SIZE * 2);
+ mbstowcs(wideGroupNameBuffer, groupNameBuffer, dwGroupNameBufferSize);
+
+ NET_API_STATUS apiStatus = NetLocalGroupGetMembers(NULL, wideGroupNameBuffer, 0, &pLocalMemberBuffer, MAX_PREFERRED_LENGTH, &dwEntriesRead, &dwTotalEntries, NULL);
+
+ if(apiStatus == NERR_Success) {
+ LOCALGROUP_MEMBERS_INFO_0 *pLocalGroupMembers = (LOCALGROUP_MEMBERS_INFO_0 *)pLocalMemberBuffer;
+
+ for(DWORD i = 0; i < dwTotalEntries; i++) {
+ char *recvString = NULL;
+
+ if(ConvertSidToStringSid(pLocalGroupMembers[i].lgrmi0_sid, &recvString) != 0) {
+ std::string s = recvString;
+ memberSids->push_back(s);
+ LocalFree(recvString);
+ } else {
+ throw Exception("Error encountered converting group string SID in WindowsCommon::ExpandGroupBySID");
+ break;
+ }
+ }
+
+ retVal = true;
+ } else {
+ // If we try to get members for a non group let it go.
+ }
+ } else {
+ throw Exception("Error in call to LookupAccountSid for " + groupSidStr + " in WindowsCommon::ExpandGroupBySID");
+ }
+ }
+
+ } catch(...) {
+ if(pGroupSid != NULL) {
+ LocalFree(pGroupSid);
+ }
+
+ if(pLocalMemberBuffer != NULL) {
+ NetApiBufferFree(pLocalMemberBuffer);
+ }
+
+ throw;
+ }
+
+ if(pGroupSid != NULL) {
+ LocalFree(pGroupSid);
+ }
+
+ if(pLocalMemberBuffer != NULL) {
+ NetApiBufferFree(pLocalMemberBuffer);
+ }
+
+ return true;
+}
+
+bool WindowsCommon::IsGroupSID(string SID) {
+
+ PSID pSID;
+ DWORD nameBufferSize = NAME_BUFFER_SIZE;
+ DWORD domainNameBufferSize = NAME_BUFFER_SIZE;
+ DWORD sidSize = NAME_BUFFER_SIZE;
+ char nameBuffer[NAME_BUFFER_SIZE];
+ char domainNameBuffer[NAME_BUFFER_SIZE];
+ SID_NAME_USE sidType;
+ bool isAccountGroup = false;
+
+ try {
+
+ if(ConvertStringSidToSid(SID.c_str(), &pSID) == 0) {
+ throw Exception("Error encountered converting group string SID");
+ }
+
+ if(!IsValidSid(pSID)) {
+ throw Exception("Invalid SID found in WindowsCommon::IsGroupSID()");
+ }
+
+ if(LookupAccountSid(NULL, pSID, nameBuffer, &nameBufferSize, domainNameBuffer, &domainNameBufferSize, &sidType) != 0) {
+ isAccountGroup = IsAccountGroup(sidType, string(nameBuffer));
+ } else {
+ throw Exception("Error looking up SID. Error: " + GetLastError());
+ }
+
+ } catch(...) {
+ if(pSID != NULL) {
+ LocalFree(pSID);
+ }
+
+ throw;
+ }
+
+ if(pSID != NULL) {
+ LocalFree(pSID);
+ }
+
+ return isAccountGroup;
+}
+
StringVector* WindowsCommon::GetAllGroups() {
StringVector* groups = WindowsCommon::GetAllLocalGroups();
@@ -365,7 +485,7 @@
string userName = WindowsCommon::GetFormattedTrusteeName(pSid);
members->push_back(userName);
} catch (Exception ex) {
- Log::Info("Unable to get all group memebrs." + ex.GetErrorMessage());
+ Log::Info("Unable to get all group members." + ex.GetErrorMessage());
}
}
@@ -427,7 +547,7 @@
// Loop through each user.
for (unsigned int i=0; i<entriesread; i++) {
- ZeroMemory(tmpUserName, 21);
+ ZeroMemory(tmpUserName, sizeof(tmpUserName));
_snprintf(tmpUserName, sizeof(tmpUserName) - 1, "%S", userInfo[i].grui0_name);
tmpUserName[sizeof(tmpUserName)-1] = '\0';
@@ -529,6 +649,26 @@
return WindowsCommon::allTrusteeNames;
}
+StringVector* WindowsCommon::GetAllTrusteeSIDs() {
+
+ if(WindowsCommon::allTrusteeSIDs == NULL) {
+
+ StringVector* trusteeNames = WindowsCommon::GetAllTrusteeNames();
+ WindowsCommon::allTrusteeSIDs = new StringVector();
+ StringVector::iterator iterator;
+ for(iterator = trusteeNames->begin(); iterator != trusteeNames->end(); iterator++) {
+
+ PSID pSid = WindowsCommon::GetSIDForTrusteeName((*iterator));
+ LPTSTR sidString;
+ WindowsCommon::GetTextualSid(pSid, &sidString);
+ string sidStr = sidString;
+ WindowsCommon::allTrusteeSIDs->push_back(sidStr);
+ }
+ }
+
+ return WindowsCommon::allTrusteeSIDs;
+}
+
void WindowsCommon::GetWellKnownTrusteeNames() {
if(WindowsCommon::wellKnownTrusteeNames == NULL) {
@@ -630,7 +770,7 @@
// Loop through each group.
for (unsigned int i=0; i<recordsEnumerated; i++) {
- ZeroMemory(tmpGroupName, 257);
+ ZeroMemory(tmpGroupName, sizeof(tmpGroupName));
_snprintf(tmpGroupName, sizeof(tmpGroupName) - 1, "%S", localGroupInfo[i].lgrpi0_name);
tmpGroupName[sizeof(tmpGroupName)-1] = '\0';
@@ -645,10 +785,13 @@
nts = LsaClose(polHandle);
if(nas == ERROR_ACCESS_DENIED) {
+ delete allGroups;
throw Exception("Error unable to enumerate local groups. The user does not have access to the requested information.");
} else if(nas == NERR_InvalidComputer) {
+ delete allGroups;
throw Exception("Error unable to enumerate local groups. The computer name is invalid.");
} else {
+ delete allGroups;
throw Exception("Error unable to enumerate local groups. " + WindowsCommon::GetErrorMessage(GetLastError()));
}
@@ -709,7 +852,7 @@
// Loop through each group.
for (unsigned int i=0; i<recordsEnumerated; i++) {
- ZeroMemory(tmpGroupName, 257);
+ ZeroMemory(tmpGroupName, sizeof(tmpGroupName));
_snprintf(tmpGroupName, sizeof(tmpGroupName) - 1, "%S", globalGroupInfo[i].grpi0_name);
tmpGroupName[sizeof(tmpGroupName)-1] = '\0';
@@ -724,10 +867,13 @@
nts = LsaClose(polHandle);
if(nas == ERROR_ACCESS_DENIED) {
+ delete allGroups;
throw Exception("Error unable to enumerate global groups. The user does not have access to the requested information.");
} else if(nas == NERR_InvalidComputer) {
+ delete allGroups;
throw Exception("Error unable to enumerate global groups. The computer name is invalid.");
} else {
+ delete allGroups;
throw Exception("Error unable to enumerate global groups. " + WindowsCommon::GetErrorMessage(GetLastError()));
}
}
@@ -793,7 +939,7 @@
// Loop through each user.
for (unsigned int i=0; i<recordsEnumerated; i++) {
- ZeroMemory(tmpUserName, 21);
+ ZeroMemory(tmpUserName, sizeof(tmpUserName));
_snprintf(tmpUserName, sizeof(tmpUserName) - 1, "%S", userInfo[i].usri0_name);
tmpUserName[sizeof(tmpUserName)-1] = '\0';
@@ -867,6 +1013,7 @@
domain_name_size++;
domain_name = (LPTSTR)realloc(domain_name, domain_name_size * sizeof(TCHAR));
if (domain_name == NULL) {
+ free(trustee_name);
throw Exception("Could not allocate space. Cannot get domain_name for.");
}
@@ -885,6 +1032,8 @@
WindowsCommon::GetTextualSid(pSid, &sidString);
string sidStr = sidString;
free(sidString);
+ free(trustee_name);
+ free(domain_name);
// all occurances of this that i have seen are for the domain admins sid and the domain user's sid
// I should be able to ignore these.
throw Exception("Unable to look up account name for sid: " + sidStr + ". " + WindowsCommon::GetErrorMessage(GetLastError()));
@@ -947,6 +1096,41 @@
return psid;
}
+PSID WindowsCommon::GetSIDForTrusteeSID(string trusteeSID) {
+
+ DWORD sidSize = 128;
+ BOOL retVal = FALSE;
+ PSID psid;
+
+ try {
+ // Call LookupAccountName to get the SID.
+ retVal = ConvertStringSidToSid(const_cast<char*>(trusteeSID.c_str()), // sid string
+ &psid); // security identifier
+
+ if(retVal == FALSE) {
+
+ LocalFree(psid);
+
+ DWORD errCode = GetLastError();
+ string errMsg = WindowsCommon::GetErrorMessage(errCode);
+
+ if(errCode == ERROR_INVALID_PARAMETER) {
+ throw Exception("Invalid parameter specified for call to ConvertStringSidToSid()");
+ } else if(errCode == ERROR_INVALID_SID) {
+ throw Exception("Invalid sid specified for call to ConvertStringSidToSid()");
+ } else {
+ throw Exception("Error looking up SID for sid string. " + errMsg);
+ }
+ }
+
+ } catch(...) {
+
+ Log::Debug("Error looking up sid for account: " + trusteeSID + ". " + WindowsCommon::GetErrorMessage(GetLastError()));
+ }
+
+ return psid;
+}
+
bool WindowsCommon::LookUpTrusteeName(string* accountNameStr, string* sidStr, string* domainStr) {
PSID psid = NULL;
@@ -966,6 +1150,7 @@
domain = (LPTSTR)realloc(domain, domainSize);
if (domain == NULL) {
+ free(psid);
retVal = FALSE;
break;
}
@@ -1028,6 +1213,100 @@
return isGroup;
}
+bool WindowsCommon::IsAccountGroup(SID_NAME_USE sidType, string accountName) {
+
+ if ((sidType == SidTypeGroup) || (sidType == SidTypeWellKnownGroup) || (sidType == SidTypeAlias)) {
+ return (accountName.compare("SYSTEM") != 0); // special case...
+ }
+
+ return false;
+}
+
+bool WindowsCommon::LookUpTrusteeSid(string sidStr, string* pAccountNameStr, string* pDomainStr) {
+
+ PSID pSid = NULL;
+ LPTSTR pDomain = NULL;
+ LPTSTR pAccountName = NULL;
+ DWORD accountNameSize = 128;
+ DWORD domainSize = 128;
+ SID_NAME_USE sid_type;
+ BOOL retVal = FALSE;
+
+ do {
+ // Initial memory allocations for the ACCOUNT and DOMAIN.
+ pAccountName = (LPTSTR)realloc(pAccountName, accountNameSize);
+ if (pAccountName == NULL) {
+ retVal = FALSE;
+ break;
+ }
+
+ pDomain = (LPTSTR)realloc(pDomain, domainSize);
+ if (pDomain == NULL) {
+ retVal = FALSE;
+ break;
+ }
+
+ if(pSid == NULL) {
+ if(ConvertStringSidToSid(sidStr.c_str(), &pSid) == 0) {
+ throw Exception("Error encountered converting group string SID in WindowsCommon::ExpandGroupBySID");
+ }
+ }
+
+ // Call LookupAccountSid to get the account name and domain.
+ retVal = LookupAccountSid(NULL, // system name
+ pSid, // security identifier
+ pAccountName, // account name
+ &accountNameSize, // security identifier
+ pDomain, // domain name
+ &domainSize, // size of domain name
+ &sid_type); // SID-type indicator
+
+ } while (GetLastError() == ERROR_INSUFFICIENT_BUFFER);
+
+ LocalFree(pSid);
+ if(retVal == TRUE) {
+ (*pAccountNameStr) = pAccountName;
+ (*pDomainStr) = pDomain;
+ free(pAccountName);
+ free(pDomain);
+ } else {
+ if(pAccountName != NULL){
+ free(pAccountName);
+ }
+
+ if(pDomain != NULL){
+ free(pDomain);
+ }
+
+ DWORD error = GetLastError();
+ if(error == ERROR_TRUSTED_RELATIONSHIP_FAILURE) {
+ throw Exception("Unable to locate account: " + sidStr + ". " + WindowsCommon::GetErrorMessage(error), ERROR_NOTICE);
+ } else {
+ throw Exception("Error failed to look up account: " + sidStr + ". " + WindowsCommon::GetErrorMessage(error));
+ }
+ }
+
+ // make sure account names are consistantly formated
+ if(sid_type == SidTypeUser) {
+ // make sure all user accounts are prefixed by their domain or the local system name.
+ if((*pAccountNameStr).find("\\") == string::npos && (*pDomainStr).compare("") != 0)
+ (*pAccountNameStr) = (*pDomainStr) + "\\" + (*pAccountNameStr);
+
+ } else if(sid_type == SidTypeDomain) {
+ // do not prepend the domain if it is a domain...
+
+ } else {
+ // make sure all local group accounts are prefixed by their domain
+ // do not prefix if domain is "BUILTIN" "NT AUTHORITY"
+ if((*pDomainStr).compare("BUILTIN") != 0 && (*pDomainStr).compare("NT AUTHORITY") != 0) {
+ if((*pAccountNameStr).find("\\") == string::npos && (*pDomainStr).compare("") != 0)
+ (*pAccountNameStr) = (*pDomainStr) + "\\" + (*pAccountNameStr);
+ }
+ }
+
+ return IsAccountGroup(sid_type, *pAccountNameStr);
+}
+
string WindowsCommon::LookUpLocalSystemName() {
string systemName = "";
@@ -1038,6 +1317,7 @@
// Get and display the name of the computer.
if(!GetComputerName( buff, &buffSize )) {
+ free(buff);
DWORD error = GetLastError();
throw Exception("Error failed to get local computer name. " + WindowsCommon::GetErrorMessage(error));
} else {
Modified: trunk/ovaldi/src/windows/WindowsCommon.h
===================================================================
--- trunk/ovaldi/src/windows/WindowsCommon.h 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/src/windows/WindowsCommon.h 2009-05-02 11:24:18 UTC (rev 389)
@@ -43,7 +43,9 @@
#include <lm.h>
#include <Ntsecapi.h>
#include <windows.h>
+#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x0501
+#endif
#include <Sddl.h>
using namespace std;
@@ -84,19 +86,42 @@
*/
static StringVector* GetAllTrusteeNames();
+ /** Get all the Trustee SIDs on the system.
+ This method simply calls the WindowsCommon::GetAllTrusteeNames() method
+ and converts each returned name to a sid string. THe resulting set of sids is
+ returned as a StringVector.
+ */
+ static StringVector* GetAllTrusteeSIDs();
+
/** Get the trustee name for the specified sid formatted for oval useage. */
static string GetFormattedTrusteeName(PSID pSid);
/** Get the SID for the specified trustee name.
TrusteeName should be a fully qualified account name.
For more info see:
- http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/lookupaccountname.asp
+ http://msdn.microsoft.com/en-us/library/aa379159.aspx
*/
static PSID GetSIDForTrusteeName(string trusteeName);
+ /** Get the SID for the specified trustee sid string.
+ TrusteeSID is a complete sid string formated as the
+ For more info see:
+ http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/lookupaccountname.asp
+ */
+ static PSID GetSIDForTrusteeSID(string trusteeSID);
+
/** Get the domain and sid string for the specifeid trustee name. Return true if the trustee is a group. */
static bool LookUpTrusteeName(string* accountNameStr, string* sidStr, string* domainStr);
+ /** Get the account and domain string for the specified trustee sid. Return true if the trustee is a group. */
+ static bool LookUpTrusteeSid(string sidStr, string* pAccountNameStr, string* pDomainStr);
+
+ /** Return true if the SID corresponds to a group. */
+ static bool IsGroupSID(string sid);
+
+ /** Return true if the group exists add all the group member's SIDs to the memberSIDs parameter. */
+ static bool ExpandGroupBySID(string groupSID, StringVector* memberSIDs);
+
/** Return the set of all local and global groups on the local system. */
static StringVector* GetAllGroups();
@@ -132,10 +157,13 @@
static void GetWellKnownTrusteeNames();
/** Look up the local system name. */
- static string WindowsCommon::LookUpLocalSystemName();
+ static string LookUpLocalSystemName();
static StringVector* allTrusteeNames;
+ static StringVector* allTrusteeSIDs;
static StringVector* wellKnownTrusteeNames;
+
+ static inline bool IsAccountGroup(SID_NAME_USE sidType, string accountName);
};
#endif
Modified: trunk/ovaldi/xml/aix-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/aix-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/aix-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,15 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:aix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:aix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the AIX specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>AIX Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:33 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:51 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the AIX portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="aix-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
@@ -21,6 +20,16 @@
<xsd:element name="fileset_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The fileset test is used to check information associated with different filesets installed on the system. The information used by this test is modeled after the /usr/bin/lslpp -l command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an inetd_object and the optional state element specifies the information to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="filesettst">
+ <sch:rule context="aix-def:fileset_test/aix-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:fileset_object/@id"><sch:value-of select="../@id"/> - the object child element of a fileset_test must reference a fileset_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="aix-def:fileset_test/aix-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:fileset_state/@id"><sch:value-of select="../@id"/> - the state child element of a fileset_test must reference a fileset_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -84,7 +93,7 @@
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
- <xsd:element name="level" type="oval-def:EntityStateVersionType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="level" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Maintenance level (also known as version in Solaris or Linux) of a fileset. For example, "5.3.0.10" is the level for 'bos.txt.tfs' fileset in one AIX machine.</xsd:documentation>
<xsd:appinfo>
@@ -131,6 +140,16 @@
<xsd:element name="fix_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The fix test is used to check information associated with different fixes installed on the system. The information being tested is based off the /usr/sbin/instfix -iavk command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an fix_object and the optional state element specifies the information to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="fixtst">
+ <sch:rule context="aix-def:fix_test/aix-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:fix_object/@id"><sch:value-of select="../@id"/> - the object child element of a fix_test must reference a fix_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="aix-def:fix_test/aix-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:fix_state/@id"><sch:value-of select="../@id"/> - the state child element of a fix_test must reference a fix_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -241,6 +260,16 @@
<xsd:element name="oslevel_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The oslevel test reveals information about the release and maintenance level of AIX operating system. This information can be retrieved by the /usr/bin/oslevel -r command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an oslevel_object and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="osleveltst">
+ <sch:rule context="aix-def:oslevel_test/aix-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:oslevel_object/@id"><sch:value-of select="../@id"/> - the object child element of a oslevel_test must reference a oslevel_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="aix-def:oslevel_test/aix-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:oslevel_state/@id"><sch:value-of select="../@id"/> - the state child element of a oslevel_test must reference a oslevel_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -271,7 +300,7 @@
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
- <xsd:element name="maintenance_level" type="oval-def:EntityStateVersionType" minOccurs="1" maxOccurs="1">
+ <xsd:element name="maintenance_level" type="oval-def:EntityStateStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the maintenance level (system version) of current AIX operating system.</xsd:documentation>
<xsd:appinfo>
Modified: trunk/ovaldi/xml/aix-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/aix-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/aix-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:aix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#aix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#aix" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:aix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#aix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#aix" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the AIX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>AIX System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:38 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:54 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the AIX portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="aix-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#aix"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -37,7 +37,7 @@
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
- <xsd:element name="level" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="level" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Maintenance level (also known as version in Solaris or Linux) of the fileset. For example, "5.3.0.10" is the level for 'bos.txt.tfs' fileset in one AIX machine.</xsd:documentation>
<xsd:appinfo>
@@ -153,7 +153,7 @@
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
- <xsd:element name="maintenance_level" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="maintenance_level" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the maintenance level (system version) of current AIX operating system.</xsd:documentation>
<xsd:appinfo>
@@ -177,9 +177,8 @@
<xsd:annotation>
<xsd:documentation>The EntityStateFilesetStateType complex type defines the different values that are valid for the state entity of a fileset state. The empty string is also allowed as a valid value to support an empty element that is found when a variable reference is used within the state entity.</xsd:documentation>
</xsd:annotation>
- <xsd:documentation>The EntityStateFilesetStateType defines the different values that are valid for the state entity of a fileset item. The empty string is also allowed as a valid value to support empty emlements associated with error conditions.</xsd:documentation>
<xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityItemStringType">
+ <xsd:restriction base="oval-sc:EntityItemStringType">
<xsd:enumeration value="APPLIED">
<xsd:annotation>
<xsd:documentation>The specified fileset is installed on the system. The APPLIED state means that the fileset can be rejected with the installp command and the previous level of the fileset restored. This state is only valid for Version 4 fileset updates and 3.2 migrated filesets.</xsd:documentation>
@@ -225,11 +224,11 @@
</xsd:simpleContent>
</xsd:complexType>
<xsd:complexType name="EntityItemFixInstallationStatusType">
- <xsd:annotation>>
+ <xsd:annotation>
<xsd:documentation>The EntityStateFixInstallationStatusType defines the different values that are valid for the installation_status entity of a fix_state item. The empty string is also allowed as a valid value to support empty emlements associated with error conditions.</xsd:documentation>
</xsd:annotation>
<xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityItemStringType">
+ <xsd:restriction base="oval-sc:EntityItemStringType">
<xsd:enumeration value="ALL_INSTALLED">
<xsd:annotation>
<xsd:documentation>All filesets for XXXXXXX were found</xsd:documentation>
Modified: trunk/ovaldi/xml/apache-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/apache-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/apache-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:apache-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:apache-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,10 +7,9 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Apache Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:38 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:54 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Apache portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="apache-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/apache-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/apache-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/apache-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:apache-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:apache-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Apache specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Apache System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:38 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:55 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Apache portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="apache-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/catos-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/catos-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/catos-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,22 +1,117 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:catos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:catos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Cisco CatOS specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here</xsd:documentation>
- <xsd:documentation>This schema was originally developed by Yuzheng Zhou at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+ <xsd:documentation>This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>CatOS Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:38 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:55 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Cisco CatOS portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="catos-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
- <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- ================================= LINE TEST ================================= -->
+ <!-- =============================================================================== -->
+ <xsd:element name="line_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The line_test is used to check the properties of specific output lines from a SHOW command, such as show running-config. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a line_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslinetst">
+ <sch:rule context="catos-def:line_test/catos-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/catos-def:line_object/@id"><sch:value-of select="../@id"/> - the object child element of a line_test must reference a line_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="catos-def:line_test/catos-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:line_state/@id"><sch:value-of select="../@id"/> - the state child element of a line_test must reference a line_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="line_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The line_object element is used by a line_test to define the object to be evaluated. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
+ <xsd:documentation>A line_object consists of a show_subcommand entity that is the name of a SHOW sub-command to be tested.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType">
+ <xsd:sequence>
+ <xsd:choice minOccurs="1" maxOccurs="1">
+ <xsd:element ref="oval-def:set"/>
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-def:EntityObjectStringType" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of a SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslineobjshow_subcommand">
+ <sch:rule context="catos-def:line_object/catos-def:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="line_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The line_state element defines the different information that can be used to evaluate the result of a specific SHOW sub-command. This includes the name of ths sub-command and the corresponding config line. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslinesteshow_subcommand">
+ <sch:rule context="catos-def:line_state/catos-def:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="config_line" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslinesteconfig_line">
+ <sch:rule context="catos-def:line_state/catos-def:config_line">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
<!-- ============================= MODULE TEST ================================ -->
<!-- =============================================================================== -->
<xsd:element name="module_test" substitutionGroup="oval-def:test">
@@ -29,7 +124,7 @@
<sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/catos-def:module_object/@id"><sch:value-of select="../@id"/> - the object child element of a module_test must reference a module_object</sch:assert>
</sch:rule>
<sch:rule context="catos-def:module_test/catos-def:state">
- <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:module_number/@id"><sch:value-of select="../@id"/> - the state child element of a module_test must reference a module_state</sch:assert>
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:module_state/@id"><sch:value-of select="../@id"/> - the state child element of a module_test must reference a module_state</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -210,12 +305,91 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
- <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- ============================= VERSION TEST (55) ============================= -->
+ <!-- =============================================================================== -->
+ <xsd:element name="version55_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The version55_test is used to check the version of the Cisco CatOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:documentation>The required information of version55_test can be got via a SHOW VERSION command. The separated version55_test enables an evaluation based on OVAL without having interactive command access to the device.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version55_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The version55_object element is used by a version55_test to define the different version information associated with a Cisco CatOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version5_object which is basically an empty object element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version55_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The version55_state element defines the version information held within a Cisco CatOS software release. The swtich_series element specifies the Catalyst switch series. The image_name element specifies the name of the CatOS image. The catos_release element specifies the software version information of the module.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="swtich_series" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The switch_series entity defines a target Catalyst switch series to check for. Each version of CatOS traditionally has target a specific Catalyst series of switches.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catosver55stedevice_series">
+ <sch:rule context="catos-def:version55_state/catos-def:swtich_series">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the swtich_series entity of a version55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="image_name" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The image_name entity defines a name of a CatOS image to check for.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catosver55steimage_name">
+ <sch:rule context="catos-def:version55_state/catos-def:image_name">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the image_name entity of a version55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="catos_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The catos_release entity defines a release version of CatOS to check for.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catosver55stecatos_release">
+ <sch:rule context="catos-def:version55_state/catos-def:catos_release">
+ <sch:assert test="@datatype='version'"><sch:value-of select="../@id"/> - datatype attribute for the catos_release entity of a version55_state should be 'version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
<!-- ================================ VERSION TEST =============================== -->
<!-- =============================================================================== -->
<xsd:element name="version_test" substitutionGroup="oval-def:test">
<xsd:annotation>
- <xsd:documentation>The version test is used to check the version of the Cisco CatOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:documentation>This test has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_test.</xsd:documentation>
+ <xsd:documentation>The version test is used to check the version of the Cisco CatOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
<xsd:documentation>The required information of version_test can be got via a SHOW VERSION command. The separated version_test enables an evaluation based on OVAL without having interactive command access to the device.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
@@ -231,7 +405,8 @@
</xsd:element>
<xsd:element name="version_object" substitutionGroup="oval-def:object">
<xsd:annotation>
- <xsd:documentation>The version_object element is used by a version test to define the different version information associated with a Cisco CatOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.</xsd:documentation>
+ <xsd:documentation>This object has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_object.</xsd:documentation>
+ <xsd:documentation>The version_object element is used by a version test to define the different version information associated with a Cisco CatOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -241,7 +416,8 @@
</xsd:element>
<xsd:element name="version_state" substitutionGroup="oval-def:state">
<xsd:annotation>
- <xsd:documentation>The version_state element defines the version information held within a Cisco CatOS software release. The swtich_series element specifies the Catalyst switch series. The image_name element specifies the name of the CatOS image. The catos_major_release, catos_individual_release and catos_version_id elements specify the software version information of the module. For instance, if the CatOS version is 8.5(4c)GLX, then catos_major_release is 8.5GLX, catos_individual_release is 4 and catos_version_id is c.</xsd:documentation>
+ <xsd:documentation>This state has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_state.</xsd:documentation>
+ <xsd:documentation>The version_state element defines the version information held within a Cisco CatOS software release. The swtich_series element specifies the Catalyst switch series. The image_name element specifies the name of the CatOS image. The catos_major_release, catos_individual_release and catos_version_id elements specify the software version information of the module. For instance, if the CatOS version is 8.5(4c)GLX, then catos_major_release is 8.5GLX, catos_individual_release is 4 and catos_version_id is c.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
Modified: trunk/ovaldi/xml/catos-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/catos-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/catos-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,20 +1,60 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:catos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:catos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Cisco CatOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>This schema was originally developed by Yuzheng Zhou at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>CatOS System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:39 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:55 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Cisco CatOS portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="catos-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
- <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- ============================ CATOS LINE ITEM ================================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="line_item" substitutionGroup="oval-sc:item">
+ <xsd:annotation>
+ <xsd:documentation>Stores the properties of specific lines in the catos config file.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-sc:ItemType">
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslineitemshow_subcommand">
+ <sch:rule context="catos-sc:line_item/catos-sc:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="config_line" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="catoslineitemconfig_line">
+ <sch:rule context="catos-sc:line_item/catos-sc:config_line">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
<!-- ======================== CATOS MODULE ITEM ================================= -->
<!-- =============================================================================== -->
<xsd:element name="module_item" substitutionGroup="oval-sc:item">
@@ -163,7 +203,7 @@
<xsd:sequence>
<xsd:element name="switch_series" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation/>
+ <xsd:documentation>The switch_series entity specifies the target Catalyst switch series for the given version of CatOS.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="versionitemswitch_series">
<sch:rule context="catos-sc:version_item/catos-sc:switch_series">
@@ -175,7 +215,7 @@
</xsd:element>
<xsd:element name="image_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation/>
+ <xsd:documentation>The image_name entity specifies the name of the CatOS image.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="versionitemimage_name">
<sch:rule context="catos-sc:version_item/catos-sc:image_name">
@@ -185,10 +225,22 @@
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
- <xsd:element name="catos_major_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="catos_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The catos_release entity specifies the release version of CatOS.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="versionitemcatos_release">
+ <sch:rule context="catos-sc:version_item/catos-sc:catos_release">
+ <sch:assert test="@datatype='version'">item <sch:value-of select="../@id"/> - datatype attribute for the catos_release entity of a version_item should be 'version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="catos_major_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation/>
- <xsd:appinfo>
+ <xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:appinfo>
<sch:pattern id="versionitemcatos_major_release">
<sch:rule context="catos-sc:version_item/catos-sc:catos_major_release">
<sch:assert test="@datatype='version'">item <sch:value-of select="../@id"/> - datatype attribute for the catos_major_release entity of a version_item should be 'version'</sch:assert>
@@ -199,8 +251,8 @@
</xsd:element>
<xsd:element name="catos_individual_release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation/>
- <xsd:appinfo>
+ <xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:appinfo>
<sch:pattern id="versionitemcatos_individual_release">
<sch:rule context="catos-sc:version_item/catos-sc:catos_individual_release">
<sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the catos_individual_release entity of a version_item should be 'int'</sch:assert>
@@ -211,8 +263,8 @@
</xsd:element>
<xsd:element name="catos_version_id" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation/>
- <xsd:appinfo>
+ <xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:appinfo>
<sch:pattern id="versionitemcatos_version_id">
<sch:rule context="catos-sc:version_item/catos-sc:catos_version_id">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the catos_version_id entity of a version_item should be 'string'</sch:assert>
Modified: trunk/ovaldi/xml/esx-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/esx-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/esx-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:esx-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:esx-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,10 +7,9 @@
<xsd:documentation>This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>VMware ESX server Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:39 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:55 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the VMware ESX server portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="esx-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/esx-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/esx-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/esx-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:esx-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:esx-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the VMware ESX server specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>VMware ESX server System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:39 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:56 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the VMware ESX server portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="esx-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/freebsd-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/freebsd-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/freebsd-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,15 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:freebsd-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:freebsd-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the FreeBSD specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>FreeBSD Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:39 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:56 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the FreeBSD portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="freebsd-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/freebsd-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/freebsd-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/freebsd-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:freebsd-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:freebsd-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the FreeBSD specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>FreeBSD System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:39 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:56 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the FreeBSD portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="freebsd-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/hpux-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/hpux-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/hpux-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,10 +7,9 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>HP-UX Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:40 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:56 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Red Hat portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="hpux-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/hpux-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/hpux-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/hpux-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:hpux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#hpux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#hpux" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:hpux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#hpux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#hpux" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the HP-UX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>HP-UX System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:40 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:56 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the HP-UX portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="hpux-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#hpux"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -82,7 +82,7 @@
<xsd:documentation>HP-UX patch names begin with 'PH'</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="patchitemswtype">
- <sch:rule context="hpux-def:patch_state/hpux-def:swtype">
+ <sch:rule context="hpux-sc:patch_item/hpux-sc:swtype">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the swtype entity of a patch_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
Modified: trunk/ovaldi/xml/independent-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/independent-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/independent-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,10 +7,9 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Independent Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:40 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:57 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Independent portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="ind-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
@@ -529,6 +528,7 @@
<sch:pattern id="sqlobjdengine">
<sch:rule context="ind-def:sql_object/ind-def:engine">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the engine entity of an sql_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the engine entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -541,6 +541,7 @@
<sch:pattern id="sqlobjversion">
<sch:rule context="ind-def:sql_object/ind-def:version">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the version entity of an sql_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the version entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -553,6 +554,7 @@
<sch:pattern id="sqlobjconnection_string">
<sch:rule context="ind-def:sql_object/ind-def:connection_string">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the connection_string entity of an sql_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the connection_string entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -565,6 +567,7 @@
<sch:pattern id="sqlobjsql">
<sch:rule context="ind-def:sql_object/ind-def:sql">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the sql entity of a sql_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the sql entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -728,7 +731,7 @@
</xsd:element>
<xsd:element name="instance" type="oval-def:EntityObjectIntType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The instance entity calls out a specific match of the pattern. Note that the main purpose of this entity is too provide uniqueness for different textfilecontent_items that results from multiple matches of a given pattern against the same file. Most likely this entity will be defined as greater than 1 which would result in the object representing the set of all matches of the pattern.</xsd:documentation>
+ <xsd:documentation>The instance entity calls out a specific match of the pattern. The first match is given an instance value of 1, the second match is given and instance value of 2, and so on. Note that the main purpose of this entity is to provide uniqueness for different textfilecontent_items that results from multiple matches of a given pattern against the same file. Most likely this entity will be defined as greater than or equal to 1 which would result in the object representing the set of all matches of the pattern.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="txt54objinstance">
<sch:rule context="ind-def:textfilecontent54_object/ind-def:instance">
@@ -1169,6 +1172,7 @@
<sch:pattern id="xmlobjxpath">
<sch:rule context="ind-def:xmlfilecontent_object/ind-def:xpath">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the xpath entity of a xmlfilecontent_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the xpath entity of a xmlfilecontent_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
Modified: trunk/ovaldi/xml/independent-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/independent-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/independent-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ind-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ind-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>This document outlines the items of the OVAL System Characteristics XML schema that are independent of any specific family or platform. Each iten is an extention of a basic System Characteristics item defined in the core System Characteristics XML schema.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Independent System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:41 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:57 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Independent portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="ind-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#independent"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -324,7 +324,7 @@
</xsd:element>
<xsd:element name="instance" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The instance entity calls out which match of the pattern is being represented by this item. The main purpose of this entity is too provide uniqueness for different textfilecontent_items that results from multiple matches of a given pattern against the same file.</xsd:documentation>
+ <xsd:documentation>The instance entity calls out which match of the pattern is being represented by this item. The first match is given an instance value of 1, the second match is given and instance value of 2, and so on. The main purpose of this entity is too provide uniqueness for different textfilecontent_items that results from multiple matches of a given pattern against the same file.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="txtiteminstance">
<sch:rule context="ind-sc:textfilecontent_item/ind-sc:instance">
Modified: trunk/ovaldi/xml/ios-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/ios-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/ios-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ios-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ios-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,11 +7,10 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>IOS Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:41 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:57 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Cisco IOS portion of an OVAL Definitions file</sch:title>
- <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
+ <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="ios-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
@@ -237,7 +236,7 @@
<xsd:annotation>
<xsd:documentation>The line test is used to check the properties of specific output lines from a SHOW command, such as show running-config. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a line_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="linetst">
+ <sch:pattern id="ioslinetst">
<sch:rule context="ios-def:line_test/ios-def:object">
<sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:line_object/@id"><sch:value-of select="../@id"/> - the object child element of a line_test must reference a line_object</sch:assert>
</sch:rule>
@@ -274,7 +273,7 @@
<xsd:annotation>
<xsd:documentation>The name of a SHOW sub-command.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="lineobjshow_subcommand">
+ <sch:pattern id="ioslineobjshow_subcommand">
<sch:rule context="ios-def:line_object/ios-def:show_subcommand">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'</sch:assert>
</sch:rule>
@@ -301,7 +300,7 @@
<xsd:annotation>
<xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="linesteshow_subcommand">
+ <sch:pattern id="ioslinesteshow_subcommand">
<sch:rule context="ios-def:line_state/ios-def:show_subcommand">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'</sch:assert>
</sch:rule>
@@ -313,7 +312,7 @@
<xsd:annotation>
<xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="linesteconfig_line">
+ <sch:pattern id="ioslinesteconfig_line">
<sch:rule context="ios-def:line_state/ios-def:config_line">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_state should be 'string'</sch:assert>
</sch:rule>
@@ -465,18 +464,18 @@
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
- <!-- ================================ VERSION TEST =============================== -->
+ <!-- ============================= VERSION TEST (55) ============================= -->
<!-- =============================================================================== -->
- <xsd:element name="version_test" substitutionGroup="oval-def:test">
+ <xsd:element name="version55_test" substitutionGroup="oval-def:test">
<xsd:annotation>
- <xsd:documentation>The version test is used to check the version of the IOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:documentation>The version55_test is used to check the version of the IOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="iosvertst">
- <sch:rule context="ios-def:version_test/ios-def:object">
- <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version_object/@id"><sch:value-of select="../@id"/> - the object child element of a version_test must reference a version_object</sch:assert>
+ <sch:pattern id="iosver55tst">
+ <sch:rule context="ios-def:version55_test/ios-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version55_object/@id"><sch:value-of select="../@id"/> - the object child element of a version55_test must reference a version_object</sch:assert>
</sch:rule>
- <sch:rule context="ios-def:version_test/ios-def:state">
- <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version_state/@id"><sch:value-of select="../@id"/> - the state child element of a version_test must reference a version_state</sch:assert>
+ <sch:rule context="ios-def:version55_test/ios-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version55_state/@id"><sch:value-of select="../@id"/> - the state child element of a version55_test must reference a version_state</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -492,9 +491,9 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
- <xsd:element name="version_object" substitutionGroup="oval-def:object">
+ <xsd:element name="version55_object" substitutionGroup="oval-def:object">
<xsd:annotation>
- <xsd:documentation>The version_object element is used by a version test to define the different version information associated with an IOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.</xsd:documentation>
+ <xsd:documentation>The version55_object element is used by a version55_test to define the different version information associated with an IOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version55_object which is basically an empty object element.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -502,73 +501,224 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
- <xsd:element name="version_state" substitutionGroup="oval-def:state">
+ <xsd:element name="version55_state" substitutionGroup="oval-def:state">
<xsd:annotation>
- <xsd:documentation>The version_state element defines the version information held within a Cisco IOS Train. A Cisco IOS train is a vehicle for delivering releases that evolve from a common code base.</xsd:documentation>
+ <xsd:documentation>The version55_state element defines the version information held within a Cisco IOS Train. A Cisco IOS train is a vehicle for delivering releases that evolve from a common code base.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
- <xsd:element name="major_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The major_release is a combination of train and rebuild information and is used by Cisco advisories to identify major releases.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="iosverstemajor_release">
- <sch:rule context="ios-def:version_state/ios-def:major_release">
- <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the major_release entity of a version_state should be 'string'</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="train_number" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The train number is the dotted version that starts a version string. For example the version string 12.2(3)T has a train number of 12.2.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="iosverstetrain_number">
- <sch:rule context="ios-def:version_state/ios-def:train_number">
- <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the train_number entity of a version_state should be 'string'</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="train_identifier" type="ios-def:EntityStateTrainIdentifierType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The train identifier is the type of Train. For example the version string 12.2(3)T has a train identifier of T. Please see the EntityStateVersionTrainIdentifierType for more information about the different train identifiers.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="iosverstetrain_identifier">
- <sch:rule context="ios-def:version_state/ios-def:train_identifier">
- <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the train_identifier entity of a version_state should be 'string'</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="version_string" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The version is the raw string output of a 'show version' command.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="iosversteversion_string">
- <sch:rule context="ios-def:version_state/ios-def:version_string">
- <sch:assert test="not(@datatype) or @datatype='ios_version'"><sch:value-of select="../@id"/> - datatype attribute for the version_string entity of a version_state should be 'ios_version'</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- </xsd:element>
+ <xsd:element name="major_version" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The major_version entity is used to check the major version piece of the version string. The value is an integer and in the example 12.4(9)T0a the major version is '12'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55stemajorversion">
+ <sch:rule context="ios-def:version55_state/ios-def:major_version">
+ <sch:assert test="@datatype='int'"><sch:value-of select="../@id"/> - datatype attribute for the major_version entity of a version55_state should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="minor_version" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The minor_version entity is used to check the minor version piece of the version string. The value is an integer and in the example 12.4(9)T0a the minor version is '4'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55steminorversion">
+ <sch:rule context="ios-def:version55_state/ios-def:minor_version">
+ <sch:assert test="@datatype='int'"><sch:value-of select="../@id"/> - datatype attribute for the minor_version entity of a version55_state should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="release" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The release entity is used to check the release piece of the version string. The value is an integer and in the example 12.4(9)T0a the release is '9'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55sterelease">
+ <sch:rule context="ios-def:version55_state/ios-def:release">
+ <sch:assert test="@datatype='int'"><sch:value-of select="../@id"/> - datatype attribute for the release entity of a version55_state should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="train_identifier" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The train_identifier entity is used to check the type of train represented in the version string. The value is a string and in the example 12.4(9)T0a the train identifier is 'T'. The following explaination from Wikipedia should help explain the different train identifiers. Cisco IOS releases are split into several "trains", each containing a different set of features. Trains more or less map onto distinct markets or groups of customers that Cisco is targeting. The 'mainline' train is designed to be the most stable release the company can offer, and its feature set never expands during its lifetime. Updates are released only to address bugs in the product. The previous technology train becomes the source for the current mainline train--for example, the 12.1T train becomes the basis for the 12.2 mainline. Therefore, to determine the features available in a particular mainline release, look at the previous T train release. The 'T' (Technology) train, gets new features and bug fixes throughout its life, and is therefore less stable than the mainline. (In releases prior to Cisco IOS Release 12.0, the P train served as the Technology train.) The 'S' (Service Provider) train, runs only on the company's core router products and is heavily customized for Service Provider customers. The 'E' (Enterprise) train, is customized for implementation in enterprise environments. The 'B' (broadband) train, support internet based broadband features. The 'XA', 'Xb' ... (special functionality) train, needs to be documented. There are other trains from time to time, designed for specific needs -- for example, the 12.0AA train contained new code required for Cisco's AS5800 product.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55stetrain_identifier">
+ <sch:rule context="ios-def:version_state/ios-def:train_identifier">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the train_identifier entity of a version_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="rebuild" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The rebuild entity is used to check the rebuild piece of the version string. The value is an integer and in the example 12.4(9)T0a the rebuild is '0'. Often a rebuild is compiled to fix a single specific problem or vulnerability for a given IOS version. For example, 12.1(8)E14 is a Rebuild, the 14 denoting the 14th rebuild of 12.1(8)E. Rebuilds are produced to either quickly repair a defect, or to satisfy customers who do not want to upgrade to a later major revision because they may be running critical infrastructure on their devices, and hence prefer to minimise change and risk.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55sterebuild">
+ <sch:rule context="ios-def:version55_state/ios-def:rebuild">
+ <sch:assert test="@datatype='int'"><sch:value-of select="../@id"/> - datatype attribute for the rebuild entity of a version55_state should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="subrebuild" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The subrebuild entity is used to check the subrebuild piece of the version string. The value is a string and in the example 12.4(9)T0a the subrebuild is 'a'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55stesubrebuild">
+ <sch:rule context="ios-def:version55_state/ios-def:subrebuild">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the subrebuild entity of a version55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="mainline_rebuild" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The mainline_rebuild entity is used to check the mainline rebuild piece of the version string. The mainline rebuild is just a regular rebuild release against the mainline operating system release (e.g. the branch of development that would typically be called "the trunk" that isn't associated with a train). Since there is no train identifier to stick the rebuild release after, they stick a alphabetic character inside the parens holding the maintenance release number. For example, 12.4(5b) is the second rebuild of the 12.4(5) maintenance release.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55stemainlinerebuild">
+ <sch:rule context="ios-def:version55_state/ios-def:mainline_rebuild">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the mainline_rebuild entity of a version55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="version_string" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The version_string entity is used to check the raw string output of a 'show version' command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosver55steversionstring">
+ <sch:rule context="ios-def:version55_state/ios-def:version_string">
+ <sch:assert test="not(@datatype) or @datatype='ios_version'"><sch:value-of select="../@id"/> - datatype attribute for the version_string entity of a version55_state should be 'ios_version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ================================ VERSION TEST =============================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="version_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>This test has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_test.</xsd:documentation>
+ <xsd:documentation>The version test is used to check the version of the IOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosvertst">
+ <sch:rule context="ios-def:version_test/ios-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version_object/@id"><sch:value-of select="../@id"/> - the object child element of a version_test must reference a version_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="ios-def:version_test/ios-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version_state/@id"><sch:value-of select="../@id"/> - the state child element of a version_test must reference a version_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>This object has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_object.</xsd:documentation>
+ <xsd:documentation>The version_object element is used by a version test to define the different version information associated with an IOS system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>This state has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer version55_state.</xsd:documentation>
+ <xsd:documentation>The version_state element defines the version information held within a Cisco IOS Train. A Cisco IOS train is a vehicle for delivering releases that evolve from a common code base.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="major_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The major_release is a combination of train and rebuild information and is used by Cisco advisories to identify major releases.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosverstemajor_release">
+ <sch:rule context="ios-def:version_state/ios-def:major_release">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the major_release entity of a version_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="train_number" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The train number is the dotted version that starts a version string. For example the version string 12.2(3)T has a train number of 12.2.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosverstetrain_number">
+ <sch:rule context="ios-def:version_state/ios-def:train_number">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the train_number entity of a version_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="train_identifier" type="ios-def:EntityStateTrainIdentifierType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The train identifier is the type of Train. For example the version string 12.2(3)T has a train identifier of T. Please see the EntityStateVersionTrainIdentifierType for more information about the different train identifiers.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosverstetrain_identifier">
+ <sch:rule context="ios-def:version_state/ios-def:train_identifier">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the train_identifier entity of a version_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="version_string" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The version is the raw string output of a 'show version' command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversteversion_string">
+ <sch:rule context="ios-def:version_state/ios-def:version_string">
+ <sch:assert test="not(@datatype) or @datatype='ios_version'"><sch:value-of select="../@id"/> - datatype attribute for the version_string entity of a version_state should be 'ios_version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
- <!-- =============================================================================== -->
<xsd:complexType name="EntityStateTrainIdentifierType">
<xsd:annotation>
- <xsd:documentation>The EntityStateTrainIdentifierType complex type restricts a string value to a specific set of values. These values describe the possible types of trains in a Cisco IOS release. The empty string is also allowed to support empty emlement associated with variable references.</xsd:documentation>
+ <xsd:documentation>Note that this enumeration is used by the deprecated version_test and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:documentation>The EntityStateTrainIdentifierType complex type restricts a string value to a specific set of values. These values describe the possible types of trains in a Cisco IOS release. The empty string is also allowed to support empty emlement associated with variable references.</xsd:documentation>
</xsd:annotation>
<xsd:simpleContent>
<xsd:restriction base="oval-def:EntityStateStringType">
Modified: trunk/ovaldi/xml/ios-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/ios-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/ios-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ios-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#ios" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#ios" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ios-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#ios" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#ios" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the IOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>IOS System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:42 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:57 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Cisco IOS portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="ios-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#ios"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -133,7 +133,7 @@
<xsd:annotation>
<xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="lineitemshow_subcommand">
+ <sch:pattern id="ioslineitemshow_subcommand">
<sch:rule context="ios-sc:line_item/ios-sc:show_subcommand">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_item should be 'string'</sch:assert>
</sch:rule>
@@ -145,7 +145,7 @@
<xsd:annotation>
<xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
<xsd:appinfo>
- <sch:pattern id="lineitemconfig_line">
+ <sch:pattern id="ioslineitemconfig_line">
<sch:rule context="ios-sc:line_item/ios-sc:config_line">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_item should be 'string'</sch:assert>
</sch:rule>
@@ -231,7 +231,7 @@
<!-- =============================================================================== -->
<xsd:element name="version_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
- <xsd:documentation>The version item holds information about the version of the IOS operating system. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
+ <xsd:documentation>The version_item holds information about the version of the IOS operating system. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -239,7 +239,8 @@
<xsd:sequence>
<xsd:element name="major_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The major_release is a combination of train and rebuild information and is used by Cisco advisories to identify major releases.</xsd:documentation>
+ <xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:documentation>The major_release is a combination of train and rebuild information and is used by Cisco advisories to identify major releases.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="iosversionitemmajor_release">
<sch:rule context="ios-sc:version_item/ios-sc:major_release">
@@ -251,7 +252,8 @@
</xsd:element>
<xsd:element name="train_number" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The train number is the dotted version that starts a version string. For example the version string 12.2(3)T has a train number of 12.2.</xsd:documentation>
+ <xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
+ <xsd:documentation>The train number is the dotted version that starts a version string. For example the version string 12.2(3)T has a train number of 12.2.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="iosversionitemtrain_number">
<sch:rule context="ios-sc:version_item/ios-sc:train_number">
@@ -261,10 +263,47 @@
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
- <xsd:element name="train_identifier" type="ios-sc:EntityItemTrainIdentifierType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="major_version" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The major_version entity specifies the major version piece of the version string. The value is an integer and in the example 12.4(9)T0a the major version is '12'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemmajorversion">
+ <sch:rule context="ios-sc:version_item/ios-sc:major_version">
+ <sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the major_version entity of a version_item should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="minor_version" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The minor_version entity specifies the minor version piece of the version string. The value is an integer and in the example 12.4(9)T0a the minor version is '4'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemminorversion">
+ <sch:rule context="ios-sc:version_item/ios-sc:minor_version">
+ <sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the minor_version entity of a version_item should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The release entity specifies the release piece of the version string. The value is an integer and in the example 12.4(9)T0a the release is '9'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemrelease">
+ <sch:rule context="ios-sc:version_item/ios-sc:release">
+ <sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the release entity of a version_item should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="train_identifier" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The train identifier is the type of Train. For example the version string 12.2(3)T has a train identifier of T. Please see the EntityItemTrainIdentifierType for more information about the different train identifiers.</xsd:documentation>
- <xsd:appinfo>
+ <xsd:documentation>The train_identifier entity specifies the type of train represented in the version string. The value is a string and in the example 12.4(9)T0a the train identifier is 'T'. The following explaination from Wikipedia should help explain the different train identifiers. Cisco IOS releases are split into several "trains", each containing a different set of features. Trains more or less map onto distinct markets or groups of customers that Cisco is targeting. The 'mainline' train is designed to be the most stable release the company can offer, and its feature set never expands during its lifetime. Updates are released only to address bugs in the product. The previous technology train becomes the source for the current mainline train--for example, the 12.1T train becomes the basis for the 12.2 mainline. Therefore, to determine the features available in a particular mainline release, look at the previous T train release. The 'T' (Technology) train, gets new features and bug fixes throughout its life, and is therefore less stable than the mainline. (In releases prior to Cisco IOS Release 12.0, the P train served as the Technology train.) The 'S' (Service Provider) train, runs only on the company's core router products and is heavily customized for Service Provider customers. The 'E' (Enterprise) train, is customized for implementation in enterprise environments. The 'B' (broadband) train, support internet based broadband features. The 'XA', 'Xb' ... (special functionality) train, needs to be documented. There are other trains from time to time, designed for specific needs -- for example, the 12.0AA train contained new code required for Cisco's AS5800 product.</xsd:documentation>
+ <xsd:appinfo>
<sch:pattern id="iosversionitemtrain_identifier">
<sch:rule context="ios-sc:version_item/ios-sc:train_identifier">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the train_identifier entity of a version_item should be 'string'</sch:assert>
@@ -273,7 +312,43 @@
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
- <xsd:element name="version_string" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:element name="rebuild" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The rebuild entity specifies the rebuild piece of the version string The value is an integer and in the example 12.4(9)T0a the rebuild is '0'. Often a rebuild is compiled to fix a single specific problem or vulnerability for a given IOS version. For example, 12.1(8)E14 is a Rebuild, the 14 denoting the 14th rebuild of 12.1(8)E. Rebuilds are produced to either quickly repair a defect, or to satisfy customers who do not want to upgrade to a later major revision because they may be running critical infrastructure on their devices, and hence prefer to minimise change and risk.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemrebuild">
+ <sch:rule context="ios-sc:version_item/ios-sc:rebuild">
+ <sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the rebuild entity of a version_item should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="subrebuild" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The subrebuild entity specifies the subrebuild piece of the version string. The value is a string and in the example 12.4(9)T0a the subrebuild is 'a'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemsubrebuild">
+ <sch:rule context="ios-sc:version_item/ios-sc:subrebuild">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the subrebuild entity of a version_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="mainline_rebuild" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The mainline_rebuild entity specifies the mainline rebuild piece of the version string. The mainline rebuild is just a regular rebuild release against the mainline operating system release (e.g. the branch of development that would typically be called "the trunk" that isn't associated with a train). Since there is no train identifier to stick the rebuild release after, they stick a alphabetic character inside the parens holding the maintenance release number. For example, 12.4(5b) is the second rebuild of the 12.4(5) maintenance release.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="iosversionitemmainlinerebuild">
+ <sch:rule context="ios-sc:version_item/ios-sc:mainline_rebuild">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the mainline_rebuild entity of a version_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="version_string" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The version entity holds the raw string output of a 'show version' command.</xsd:documentation>
<xsd:appinfo>
@@ -293,19 +368,4 @@
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
- <xsd:complexType name="EntityItemTrainIdentifierType">
- <xsd:annotation>
- <xsd:documentation>The EntityTrainIdentifierType restricts a string value to a specific set of values that describe the different types of trains in a Cisco IOS release. The empty string is also allowed to support empty emlement associated with error conditions.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemStringType">
- <xsd:enumeration value="mainline"/>
- <xsd:enumeration value="T"/>
- <xsd:enumeration value="S"/>
- <xsd:enumeration value="E"/>
- <xsd:enumeration value="B"/>
- <xsd:enumeration value=""/>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
</xsd:schema>
Modified: trunk/ovaldi/xml/linux-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/linux-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/linux-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,15 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Linux specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Linux Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:42 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:57 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Linux portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="linux-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/linux-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/linux-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/linux-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:linux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:linux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Linux specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Linux System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:42 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:58 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Linux portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="linux-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/macos-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/macos-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/macos-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:macos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:macos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the MacOS specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
@@ -7,10 +7,9 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>MacOS Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:43 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:58 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the MacOS portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="macos-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
@@ -476,6 +475,7 @@
<sch:pattern id="pwpobjuserpass">
<sch:rule context="macos-def:pwpolicy_object/macos-def:userpass">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the userpass entity of a pwpolicy_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the userpass entity of a pwpolicy_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
Modified: trunk/ovaldi/xml/macos-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/macos-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/macos-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:macos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#macos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#macos" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:macos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#macos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#macos" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the MacOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
@@ -7,12 +7,12 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>MacOS System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:43 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:58 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the MacOS portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="macos-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#macos"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/oval-common-schema.xsd
===================================================================
--- trunk/ovaldi/xml/oval-common-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-common-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,13 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-common-5" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-common-5" elementFormDefault="qualified" version="5.5">
<xsd:annotation>
<xsd:documentation>The following is a description of the common types that are shared across the different schemas within Open Vulnerability and Assessment Language (OVAL). Each type is described in detail and should provide the information necessary to understand what each represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these type is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Core Common</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:43 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:58 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval" uri="http://oval.mitre.org/XMLSchema/oval-common-5"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -151,18 +152,18 @@
<xsd:restriction base="xsd:string">
<xsd:enumeration value="binary">
<xsd:annotation>
- <xsd:documentation>The binary datatype is used to represent data that is in raw (non-printable) form. Values should be hex strings. Expected operations within OVAL for binary values are 'equals' and 'not equal'.</xsd:documentation>
- </xsd:annotation>
+ <xsd:documentation>The binary datatype is used to represent hex-encoded data that is in raw (non-printable) form. This datatype conforms to the W3C Recommendation for binary data meaning that each binary octet is encoded as a character tuple, consisting of two hexadecimal digits {[0-9a-fA-F]} representing the octet code. Expected operations within OVAL for binary values are 'equals' and 'not equal'.</xsd:documentation>
+ </xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="boolean">
<xsd:annotation>
- <xsd:documentation>The boolean datatype represents standard boolean data, either true or false. Expected operations within OVAL for boolean values are 'equals' and 'not equal'.</xsd:documentation>
+ <xsd:documentation>The boolean datatype represents standard boolean data, either true or false. This datatype conforms to the W3C Recommendation for boolean data meaning that the following literals are legal values: {true, false, 1, 0}. Expected operations within OVAL for boolean values are 'equals' and 'not equal'.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="evr_string">
<xsd:annotation>
<xsd:documentation>The evr_string datatype represents the epoch, version, and release fields as a single version string. It has the form "EPOCH:VERSION-RELEASE". Comparisons involving this datatype should follow the algorithm of librpm's rpmvercmp() function. Expected operations within OVAL for evr_string values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
- </xsd:annotation>
+ </xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="fileset_revision">
<xsd:annotation>
@@ -171,7 +172,7 @@
</xsd:enumeration>
<xsd:enumeration value="float">
<xsd:annotation>
- <xsd:documentation>The float datatype describes standard float data. Expected operations within OVAL for float values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+ <xsd:documentation>The float datatype describes standard float data. This datatype conforms to the W3C Recommendation for float data meaning it is patterned after the IEEE single-precision 32-bit floating point type. The format consists of a decimal followed, optionally, by the character 'E' or 'e', followed by an integer exponent. The special values positive and negative infinity and not-a-number have are represented by INF, -INF and NaN, respectively. Expected operations within OVAL for float values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="ios_version">
@@ -181,17 +182,17 @@
</xsd:enumeration>
<xsd:enumeration value="int">
<xsd:annotation>
- <xsd:documentation>The int datatype describes standard integer data. Note that this is based off the built-in xsd integer datatype with an infinite range. Expected operations within OVAL for int values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', 'bitwise and', and 'bitwise or'.</xsd:documentation>
+ <xsd:documentation>The int datatype describes standard integer data. This datatype conforms to the W3C Recommendation for integer data which follows the standard mathematical concept of the integer numbers. (no decimal point and infinite range) Expected operations within OVAL for int values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', 'bitwise and', and 'bitwise or'.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="string">
<xsd:annotation>
- <xsd:documentation>The string datatype describes standard string data. Expected operations within OVAL for string values are 'equals', 'not equal', 'case insensitive equals', 'case insensitive not equal', 'pattern match'.</xsd:documentation>
+ <xsd:documentation>The string datatype describes standard string data. This datatype conforms to the W3C Recommendation for string data. Expected operations within OVAL for string values are 'equals', 'not equal', 'case insensitive equals', 'case insensitive not equal', 'pattern match'.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="version">
<xsd:annotation>
- <xsd:documentation>The version datatype represents a value that is a hierarchical list of non-negative integers separated by a single character delimiter. Expected operations within OVAL for version values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+ <xsd:documentation>The version datatype represents a value that is a hierarchical list of non-negative integers separated by a single character delimiter. Note that any non-number character can be used as a delimiter and that different characters can be used within the same version string. So '#.#-#' is the same as '#.#.#' or '#c#c#'. Expected operations within OVAL for version values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
<xsd:documentation>For example '#.#.#' or '#-#-#-#' where the numbers to the left are more significant than the numbers to the right. When performing an 'equals' operation on a version datatype, you should first check the left most number for equality. If that fails, then the values are not equal. If it succeeds, then check the second left most number for equality. Continue checking the numbers from left to right until the last number has been checked. If, after testing all the previous numbers, the last number is equal then the two versions are equal. When performing other operations, such as 'less than', 'less than or equal', 'greater than, or 'greater than or equal', similar logic as above is used. Start with the left most number and move from left to right. For each number, check if it is less than the number you are testing against. If it is, then the version in question is less than the version you are testing against. If the number is equal, then move to check the next number to the right. For example, to test if 5.7.23 is less than or equal to 5.8.0 you first compare 5 to 5. They are equal so you move on to compare 7 to 8. 7 is less than 8 so the entire test succeeds and 5.7.23 is 'less than or equal' to 5.8.0. The difference between the 'less than' and 'less than or equal' operations is how the last number is handled. If the last number is reached, the check should use the given operation (either 'less than' and 'less than or equal') to test the number. For example, to test if 4.23.6 is greater than 4.23.6 you first compare 4 to 4. They are equal so you move on to compare 23 to 23. They are equal so you move on to compare 6 to 6. This is the last number in the version and since 6 is not greater than 6, the entire test fails and 4.23.6 is not greater than 4.23.6.</xsd:documentation>
<xsd:documentation>Version strings with a different number of components shall be padded with zeros to make them the same size. For example, if the version strings '1.2.3' and '6.7.8.9' are being compared, then the short one should be padded to become '1.2.3.0'.</xsd:documentation>
</xsd:annotation>
@@ -202,10 +203,10 @@
<xsd:annotation>
<xsd:documentation>The ExistenceEnumeration simple type defines acceptable existence values, which are used to determine a result based on the existence of individual components. The main use for this is for a test regarding the existence of objects on the system.</xsd:documentation>
<xsd:appinfo>
- <evaluation_documentation>Below are some tables that outline how each ExistenceEnumeration value effects evaluation. The far left column identifies the ExistenceEnumeration value in question. The middle column specifies the different combinations of individual item status flags that the attribute may bind together. (EX=exists, DE=does not exist, ER=error, NC=not collected) For example, a 1+ under EX means that one or more individual item flags are set to exists, while a 0 under NC means that zero individual item flags are set to not collected. The last column specifies what the final result would be according to each combination of individual item flags. Note that if the individual test is negated, then a true result is false and a false result is true, all other results stay as is.</evaluation_documentation>
+ <evaluation_documentation>Below are some tables that outline how each ExistenceEnumeration value effects evaluation of a given test. Note that this is related to the existance of an object(s) and not the object(s) compliance with a state. The left column identifies the ExistenceEnumeration value in question. The middle column specifies the different combinations of individual item status values that have been found in the system characteristics file related to the given object. (EX=exists, DE=does not exist, ER=error, NC=not collected) For example, a 1+ under EX means that one or more individual item status attributes are set to exists, while a 0 under NC means that zero individual item status attributes are set to not collected. The last column specifies what the result of the existence piece would be according to each combination of individual item status values.</evaluation_documentation>
<evaluation_chart xml:space="preserve">
- || item status value count ||
- attr value || || final result is
+ || item status value count ||
+ attr value || || existence piece is
|| EX | DE | ER | NC ||
---------------||---------------------------||------------------
|| 1+ | 0 | 0 | 0 || True
@@ -218,8 +219,8 @@
---------------||---------------------------||------------------
</evaluation_chart>
<evaluation_chart xml:space="preserve">
- || item status value count ||
- attr value || || final result is
+ || item status value count ||
+ attr value || || existence piece is
|| EX | DE | ER | NC ||
---------------||---------------------------||------------------
|| 0+ | 0+ | 0 | 0+ || True
@@ -232,8 +233,8 @@
---------------||---------------------------||------------------
</evaluation_chart>
<evaluation_chart xml:space="preserve">
- || item status value count ||
- attr value || || final result is
+ || item status value count ||
+ attr value || || existence piece is
|| EX | DE | ER | NC ||
---------------||---------------------------||------------------
|| 1+ | 0+ | 0+ | 0+ || True
@@ -245,8 +246,8 @@
---------------||---------------------------||------------------
</evaluation_chart>
<evaluation_chart xml:space="preserve">
- || item status value count ||
- attr value || || final result is
+ || item status value count ||
+ attr value || || existence piece is
|| EX | DE | ER | NC ||
---------------||---------------------------||------------------
|| 0 | 0+ | 0 | 0 || True
@@ -258,8 +259,8 @@
---------------||---------------------------||------------------
</evaluation_chart>
<evaluation_chart xml:space="preserve">
- || item status value count ||
- attr value || || final result is
+ || item status value count ||
+ attr value || || existence piece is
|| EX | DE | ER | NC ||
---------------||---------------------------||------------------
|| 1 | 0+ | 0 | 0 || True
@@ -303,12 +304,15 @@
</xsd:simpleType>
<xsd:simpleType name="FamilyEnumeration">
<xsd:annotation>
- <xsd:documentation>The FamilyEnumeration simple type is a listing of families that OVAL supports at this time.</xsd:documentation>
+ <xsd:documentation>The FamilyEnumeration simple type is a listing of families that OVAL supports at this time. Since new family values can only be added with new version of the schema, the value of 'undefined' is to be used when the desired family is not available. Note that use of the undefined family value does not target all families, rather it means that some family other than one of the defined values is targeted.</xsd:documentation>
</xsd:annotation>
<xsd:restriction base="xsd:string">
- <xsd:enumeration value="ios"/>
+ <xsd:enumeration value="catos"/>
+ <xsd:enumeration value="ios"/>
<xsd:enumeration value="macos"/>
- <xsd:enumeration value="unix"/>
+ <xsd:enumeration value="pixos"/>
+ <xsd:enumeration value="undefined"/>
+ <xsd:enumeration value="unix"/>
<xsd:enumeration value="windows"/>
</xsd:restriction>
</xsd:simpleType>
Modified: trunk/ovaldi/xml/oval-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/oval-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,702 +1,917 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" elementFormDefault="qualified" version="5.4">
- <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:annotation>
- <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Definitions. Some of the objects defined here are extended and enhanced by individual component schemas, which are described in separate documents. Each of the elements, types, and attributes that make up the Core Definition Schema are described in detail and should provide the information necessary to understand what each represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
- <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
- <xsd:appinfo>
- <schema>Core Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:43 AM</date>
- <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>Schematron validation of the Core portion of an OVAL Definitions file</sch:title>
- <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
- </xsd:appinfo>
- </xsd:annotation>
- <!-- =============================================================================== -->
- <!-- =============================================================================== -->
- <!-- =============================================================================== -->
- <xsd:element name="oval_definitions">
- <xsd:annotation>
- <xsd:documentation>The oval_definitions element is the root of an OVAL Definition Document. Its purpose is to bind together the major sections of a document - generator, definitions, tests, objects, states, and variables - which are the children of the root element.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="empty_def_doc">
- <sch:rule context="oval-def:oval_definitions">
- <sch:assert test="oval-def:definitions or oval-def:tests or oval-def:objects or oval-def:states or oval-def:variables">A valid OVAL Definition document must contain at least one definitions, tests, objects, states, or variables element. The optional definitions, tests, objects, states, and variables sections define the specific characteristics that should be evaluated on a system to determine the truth values of the OVAL Definition Document. To be valid though, at least one definitions, tests, objects, states, or variables element must be present.</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="generator" type="oval:GeneratorType" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The required generator section provides information about when the definition file was compiled and under what version.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="definitions" type="oval-def:DefinitionsType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional definitions section contains 1 or more definitions.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="tests" type="oval-def:TestsType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional tests section contains 1 or more tests.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="objects" type="oval-def:ObjectsType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional objects section contains 1 or more objects.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="states" type="oval-def:StatesType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional states section contains 1 or more states.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="variables" type="oval-def:VariablesType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional variables section contains 1 or more variables.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:key name="definitionKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual definition elements.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-def:definitions/oval-def:definition"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:key name="testKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual test elements.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-def:tests/*"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:key name="objectKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual object elements.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-def:objects/*"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:key name="stateKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual state elements.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-def:states/*"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:key name="variableKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual variable elements.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-def:variables/*"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:keyref name="extendKeyRef" refer="oval-def:definitionKey">
- <xsd:annotation>
- <xsd:documentation>Requires each definition reference to refer to a valid definition id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//*"/>
- <xsd:field xpath="@definition_ref"/>
- </xsd:keyref>
- <xsd:keyref name="testKeyRef" refer="oval-def:testKey">
- <xsd:annotation>
- <xsd:documentation>Requires each test reference to refer to a valid test id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//*"/>
- <xsd:field xpath="@test_ref"/>
- </xsd:keyref>
- <xsd:keyref name="objectKeyRef" refer="oval-def:objectKey">
- <xsd:annotation>
- <xsd:documentation>Requires each object reference to refer to a valid object id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//*"/>
- <xsd:field xpath="@object_ref"/>
- </xsd:keyref>
- <xsd:keyref name="stateKeyRef" refer="oval-def:stateKey">
- <xsd:annotation>
- <xsd:documentation>Requires each state reference to refer to a valid state id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//*"/>
- <xsd:field xpath="@state_ref"/>
- </xsd:keyref>
- <xsd:keyref name="variableKeyRef" refer="oval-def:variableKey">
- <xsd:annotation>
- <xsd:documentation>Requires each variable reference to refer to a valid variable id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//*"/>
- <xsd:field xpath="@var_ref"/>
- </xsd:keyref>
- <xsd:keyref name="object_referenceKeyRef" refer="oval-def:objectKey">
- <xsd:annotation>
- <xsd:documentation>Require each object reference in a set element to refer to a valid object id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//oval-def:object_reference"/>
- <xsd:field xpath="."/>
- </xsd:keyref>
- <xsd:keyref name="filterKeyRef" refer="oval-def:stateKey">
- <xsd:annotation>
- <xsd:documentation>Require each filter in a set element to refer to a valid state id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath=".//oval-def:filter"/>
- <xsd:field xpath="."/>
- </xsd:keyref>
- </xsd:element>
- <!-- =============================================================================== -->
- <!-- ================================= GENERATOR ================================= -->
- <!-- =============================================================================== -->
- <!--
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" elementFormDefault="qualified" version="5.5">
+ <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:annotation>
+ <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Definitions. Some of the objects defined here are extended and enhanced by individual component schemas, which are described in separate documents. Each of the elements, types, and attributes that make up the Core Definition Schema are described in detail and should provide the information necessary to understand what each represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
+ <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+ <xsd:appinfo>
+ <schema>Core Definition</schema>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:58 AM</date>
+ <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="oval_definitions">
+ <xsd:annotation>
+ <xsd:documentation>The oval_definitions element is the root of an OVAL Definition Document. Its purpose is to bind together the major sections of a document - generator, definitions, tests, objects, states, and variables - which are the children of the root element.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="empty_def_doc">
+ <sch:rule context="oval-def:oval_definitions">
+ <sch:assert test="oval-def:definitions or oval-def:tests or oval-def:objects or oval-def:states or oval-def:variables">A valid OVAL Definition document must contain at least one definitions, tests, objects, states, or variables element. The optional definitions, tests, objects, states, and variables sections define the specific characteristics that should be evaluated on a system to determine the truth values of the OVAL Definition Document. To be valid though, at least one definitions, tests, objects, states, or variables element must be present.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="generator" type="oval:GeneratorType" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required generator section provides information about when the definition file was compiled and under what version.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="definitions" type="oval-def:DefinitionsType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional definitions section contains 1 or more definitions.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="tests" type="oval-def:TestsType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional tests section contains 1 or more tests.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="objects" type="oval-def:ObjectsType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional objects section contains 1 or more objects.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="states" type="oval-def:StatesType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional states section contains 1 or more states.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="variables" type="oval-def:VariablesType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional variables section contains 1 or more variables.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:key name="definitionKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual definition elements.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-def:definitions/oval-def:definition"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:key name="testKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual test elements.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-def:tests/*"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:key name="objectKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual object elements.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-def:objects/*"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:key name="stateKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual state elements.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-def:states/*"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:key name="variableKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual variable elements.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-def:variables/*"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:keyref name="extendKeyRef" refer="oval-def:definitionKey">
+ <xsd:annotation>
+ <xsd:documentation>Requires each definition reference to refer to a valid definition id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//*"/>
+ <xsd:field xpath="@definition_ref"/>
+ </xsd:keyref>
+ <xsd:keyref name="testKeyRef" refer="oval-def:testKey">
+ <xsd:annotation>
+ <xsd:documentation>Requires each test reference to refer to a valid test id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//*"/>
+ <xsd:field xpath="@test_ref"/>
+ </xsd:keyref>
+ <xsd:keyref name="objectKeyRef" refer="oval-def:objectKey">
+ <xsd:annotation>
+ <xsd:documentation>Requires each object reference to refer to a valid object id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//*"/>
+ <xsd:field xpath="@object_ref"/>
+ </xsd:keyref>
+ <xsd:keyref name="stateKeyRef" refer="oval-def:stateKey">
+ <xsd:annotation>
+ <xsd:documentation>Requires each state reference to refer to a valid state id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//*"/>
+ <xsd:field xpath="@state_ref"/>
+ </xsd:keyref>
+ <xsd:keyref name="variableKeyRef" refer="oval-def:variableKey">
+ <xsd:annotation>
+ <xsd:documentation>Requires each variable reference to refer to a valid variable id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//*"/>
+ <xsd:field xpath="@var_ref"/>
+ </xsd:keyref>
+ <xsd:keyref name="object_referenceKeyRef" refer="oval-def:objectKey">
+ <xsd:annotation>
+ <xsd:documentation>Require each object reference in a set element to refer to a valid object id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//oval-def:object_reference"/>
+ <xsd:field xpath="."/>
+ </xsd:keyref>
+ <xsd:keyref name="filterKeyRef" refer="oval-def:stateKey">
+ <xsd:annotation>
+ <xsd:documentation>Require each filter in a set element to refer to a valid state id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath=".//oval-def:filter"/>
+ <xsd:field xpath="."/>
+ </xsd:keyref>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ================================= GENERATOR ================================= -->
+ <!-- =============================================================================== -->
+ <!--
The GeneratorType is defined by the oval common schema. Please refer to
that documentation for a description of the complex type.
-->
- <!-- =============================================================================== -->
- <!-- ================================ DEFINITIONS ================================ -->
- <!-- =============================================================================== -->
- <xsd:complexType name="DefinitionsType">
- <xsd:annotation>
- <xsd:documentation>The DefinitionsType complex type is a container for one or more definition elements. Each definition element describes a single OVAL Definition. Please refer to the description of the DefinitionType for more information about an individual definition.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="definition" type="oval-def:DefinitionType" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="DefinitionType">
- <xsd:annotation>
- <xsd:documentation>The DefinitionType defines a single OVAL Definition. A definition is the key structure in OVAL. It is analogous to the logical sentence or proposition: if a computer's state matches the configuration parameters laid out in the criteria, then that computer exhibits the state described. The DefinitionType contains a section for various metadata related elements that describe the definition. This includes a description, version, affected system types, and reference information. The notes section of a definition should be used to hold information that might be helpful to someone examining the technical aspects of the definition. For example, why certain tests have been included in the criteria, or maybe a link to where further information can be found. The DefinitionType also (unless the definition is deprecated) contains a criteria child element that joins individual tests together with a logical operator to specify the specific computer state being described.</xsd:documentation>
- <xsd:documentation>The required id attribute is the OVAL-ID of the Definition. The form of an OVAL-ID must follow the specific format described by the definitionidPattern. The required version attribute holds the current version of the definition. Versions are integers, starting at 1 and incrementing every time a definition is modified. The required class attribute indicates the specific class to which the definition belongs. The class gives a hint to a user so they can know what the definition writer is trying to say. See the definition of classEnumeration for more information about the different valid classes. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="required_criteria">
- <sch:rule context="/oval-def:oval_definitions/oval-def:definitions/oval-def:definition[@deprecated='false' or not(@deprecated)]">
- <sch:assert test="oval-def:criteria">A valid OVAL Definition document must contain a criteria unless the definition is a deprecated definition.</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="metadata" type="oval-def:MetadataType" minOccurs="1" maxOccurs="1"/>
- <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="criteria" type="oval-def:CriteriaType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:DefinitionIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="class" type="oval-def:ClassEnumeration" use="required"/>
- <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="MetadataType">
- <xsd:annotation>
- <xsd:documentation>The MetadataType complex type contains all the metadata available to an OVAL Definition. This metadata is for informational purposes only and is not part of the criteria used to evaluate machine state. The required title child element holds a short string that is used to quickly identify the definition to a human user. The affected metadata item contains information about the system(s) for which the definition has been written. Remember that this is just metadata and not part of the criteria. Please refer to the AffectedType description for more information. The required description element contains a textual description of the configuration state being addressed by the OVAL Definition. In the case of a definition from the vulnerability class, the reference is usually the Common Vulnerability and Exposures (CVE) Identifier, and this description field corresponds with the CVE description.</xsd:documentation>
- <xsd:documentation>Additional metadata is also allowed although it is not part of the official OVAL Schema. Individual organizations can place metadata items that they feel are important and these will be skipped during the validation. All OVAL really cares about is that the stated metadata items are there.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="title" type="xsd:string" minOccurs="1" maxOccurs="1"/>
- <xsd:element name="affected" type="oval-def:AffectedType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="reference" type="oval-def:ReferenceType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="description" type="xsd:string" minOccurs="1" maxOccurs="1"/>
- <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
- <!-- For the next major release of OVAL, the xsd:any tag above will be modified to
+ <!-- =============================================================================== -->
+ <!-- ================================ DEFINITIONS ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="DefinitionsType">
+ <xsd:annotation>
+ <xsd:documentation>The DefinitionsType complex type is a container for one or more definition elements. Each definition element describes a single OVAL Definition. Please refer to the description of the DefinitionType for more information about an individual definition.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="definition" type="oval-def:DefinitionType" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="DefinitionType">
+ <xsd:annotation>
+ <xsd:documentation>The DefinitionType defines a single OVAL Definition. A definition is the key structure in OVAL. It is analogous to the logical sentence or proposition: if a computer's state matches the configuration parameters laid out in the criteria, then that computer exhibits the state described. The DefinitionType contains a section for various metadata related elements that describe the definition. This includes a description, version, affected system types, and reference information. The notes section of a definition should be used to hold information that might be helpful to someone examining the technical aspects of the definition. For example, why certain tests have been included in the criteria, or maybe a link to where further information can be found. The DefinitionType also (unless the definition is deprecated) contains a criteria child element that joins individual tests together with a logical operator to specify the specific computer state being described.</xsd:documentation>
+ <xsd:documentation>The required id attribute is the OVAL-ID of the Definition. The form of an OVAL-ID must follow the specific format described by the definitionidPattern. The required version attribute holds the current version of the definition. Versions are integers, starting at 1 and incrementing every time a definition is modified. The required class attribute indicates the specific class to which the definition belongs. The class gives a hint to a user so they can know what the definition writer is trying to say. See the definition of classEnumeration for more information about the different valid classes. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="required_criteria">
+ <sch:rule context="/oval-def:oval_definitions/oval-def:definitions/oval-def:definition[@deprecated='false' or not(@deprecated)]">
+ <sch:assert test="oval-def:criteria">A valid OVAL Definition document must contain a criteria unless the definition is a deprecated definition.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="metadata" type="oval-def:MetadataType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="criteria" type="oval-def:CriteriaType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:DefinitionIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="class" type="oval-def:ClassEnumeration" use="required"/>
+ <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="MetadataType">
+ <xsd:annotation>
+ <xsd:documentation>The MetadataType complex type contains all the metadata available to an OVAL Definition. This metadata is for informational purposes only and is not part of the criteria used to evaluate machine state. The required title child element holds a short string that is used to quickly identify the definition to a human user. The affected metadata item contains information about the system(s) for which the definition has been written. Remember that this is just metadata and not part of the criteria. Please refer to the AffectedType description for more information. The required description element contains a textual description of the configuration state being addressed by the OVAL Definition. In the case of a definition from the vulnerability class, the reference is usually the Common Vulnerability and Exposures (CVE) Identifier, and this description field corresponds with the CVE description.</xsd:documentation>
+ <xsd:documentation>Additional metadata is also allowed although it is not part of the official OVAL Schema. Individual organizations can place metadata items that they feel are important and these will be skipped during the validation. All OVAL really cares about is that the stated metadata items are there.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="title" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="affected" type="oval-def:AffectedType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="reference" type="oval-def:ReferenceType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="description" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
+ <!-- For the next major release of OVAL, the xsd:any tag above will be modified to
only allow elements from namespaces other than the default namespace. This
fixes a bug in the current schema where the affected or reference element can
appear after the description element and still produce a vailid document.
<xsd:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="skip"/>
-->
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="AffectedType">
- <xsd:annotation>
- <xsd:documentation>Each OVAL Definition is written to evaluate a certain type of system(s). The family, platform(s), and product(s) of this target are described by the AffectedType whose main purpose is to provide hints for tools using OVAL Definitions. For instance, to help a reporting tool only use Windows definitions, or to preselect only Red Hat definitions to be evaluated. Note, the inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section.</xsd:documentation>
- <xsd:documentation>The AffectedType complex type details the specific system, application, subsystem, library, etc. for which a definition has been written. If a definition is not tied to a specific product, then this element should not be included. The absence of the platform or product element can be thought of as definition applying to all platforms or products. The inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section. To increase the utility of this element, care should be taken when assigning and using strings for product names. The schema places no restrictions on the values that can be assigned, potentially leading to many different representations of the same value. For example 'Internet Explorer' and 'IE'. The current convention is to fully spell out all terms, and avoid the use of abbreviations at all costs.</xsd:documentation>
- <xsd:documentation>Please note that the AffectedType will change in future versions of OVAL in order to support the Common Platform Enumeration (CPE).</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="platform" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="product" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
- </xsd:sequence>
- <xsd:attribute name="family" type="oval:FamilyEnumeration" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ReferenceType">
- <xsd:annotation>
- <xsd:documentation>The ReferenceType complex type links the OVAL Definition to a definitive external reference. For example, CVE Identifiers for vulnerabilities. The intended purpose for this reference is to link the definition to a variety of other sources that address the same issue being specified by the OVAL Definition.</xsd:documentation>
- <xsd:documentation>The required source attribute specifies where the reference is coming from. In other words, it identifies the reference repository being used. The required ref_id attribute is the external id of the reference. The optional ref_url attribute is the URL to the reference.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="source" type="xsd:string" use="required"/>
- <xsd:attribute name="ref_id" type="xsd:string" use="required"/>
- <xsd:attribute name="ref_url" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="NotesType">
- <xsd:annotation>
- <xsd:documentation>The NotesType complex type is a container for one or more note child elements. Each note contains some information about the definition or tests that it references. A note may record an unresolved question about the definition or test or present the reason as to why a particular approach was taken.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="note" type="xsd:string" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="CriteriaType">
- <xsd:annotation>
- <xsd:documentation>The CriteriaType complex type describes the high level container for all the tests and represents the meat of the definition. Each criteria can contain other criteria elements in a recursive structure allowing complex logical trees to be constructed. Each referenced test is represented by a criterion element. Please refer to the description of the CriterionType for more information about and individual criterion element. The optional extend_definition element allows existing definitions to be included in the criteria. Refer to the description of the ExtendDefinitionType for more information.</xsd:documentation>
- <xsd:documentation>The required operator attribute provides the logical operator that binds the different statements inside a criteria together. The optional negate attribute signifies that the result of the criteria as a whole should be negated during analysis. For example, consider a criteria that evaluates to TRUE if a certain software is installed. By negating this test, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the criteria.</xsd:documentation>
- </xsd:annotation>
- <xsd:choice minOccurs="1" maxOccurs="unbounded">
- <xsd:element name="criteria" type="oval-def:CriteriaType"/>
- <xsd:element name="criterion" type="oval-def:CriterionType"/>
- <xsd:element name="extend_definition" type="oval-def:ExtendDefinitionType"/>
- </xsd:choice>
- <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
- <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="CriterionType">
- <xsd:annotation>
- <xsd:documentation>The CriterionType complex type identifies a specific test to be included in the definition's criteria.</xsd:documentation>
- <xsd:documentation>The required test_ref attribute is the actual id of the test being referenced. The optional negate attribute signifies that the result of an individual test should be negated during analysis. For example, consider a test that evaluates to TRUE if a specific patch is installed. By negating this test, it now evaluates to TRUE if the patch is NOT installed. The optional comment attribute provides a short description of the specified test and should mirror the comment attribute of the actual test.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="test_ref" type="oval:TestIDPattern" use="required"/>
- <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
- </xsd:complexType>
- <xsd:complexType name="ExtendDefinitionType">
- <xsd:annotation>
- <xsd:documentation>The ExtendDefinitionType complex type allows existing definitions to be extended by another definition. This works by evaluating the extended definition and then using the result within the logical context of the extending definition.</xsd:documentation>
- <xsd:documentation>The required definition_ref attribute is the actual id of the definition being extended. The optional negate attribute signifies that the result of an extended definition should be negated during analysis. For example, consider a definition that evaluates TRUE if a certain software is installed. By negating the definition, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the specified definition and should mirror the title metadata of the extended definition.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="definition_ref" type="oval:DefinitionIDPattern" use="required"/>
- <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- =================================== TESTS =================================== -->
- <!-- =============================================================================== -->
- <xsd:complexType name="TestsType">
- <xsd:annotation>
- <xsd:documentation>The TestsType complex type is a container for one or more test child elements. Each test element describes a single OVAL Test. Please refer to the description of the TestType for more information about an individual test.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="oval-def:test" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="test" type="oval-def:TestType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The test element is an abstract element that is meant to be extended (via substitution groups) by the individual tests found in the component schemas. An OVAL Test is used to compare an object(s) against a defined state. An actual test element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual tests to inherit the optional notes child element, and the id and comment attributes from the base TestType. Please refer to the description of the TestType complex type for more information.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="TestType">
- <xsd:annotation>
- <xsd:documentation>The base type of every test includes an optional notes element and five attributes. The notes section of a test should be used to hold information that might be helpful to someone examining the technical aspects of the test. For example, why certain values have been used by the test, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
- <xsd:documentation>The required id attribute uniquely identifies each test, and must conform to the format specified by the testidPattern simple type. The required version attribute holds the current version of the test. Versions are integers, starting at 1 and incrementing every time a test is modified. The optional check_existence attribute determines how many items in the specified set must exists for the test to evaluate to true. For example, if a value of 'all_exist' is given, every item defined by the OVAL Object must exist on the system for the test to evaluate to true. If the OVAL Object uses a variable reference, then every value of that variable must exist. Note that a pattern match defines a set of matching objects found on a system. So when check_existence = 'all_exist' and a regex matches anything on a system the test will evaluate to true. (since all matching objects on the system were found on the system) When check_existence = 'all_exist' and a regex does not match anything on a system the test will evaluate to false. The required check attribute determines how many of the existing objects must satisfy the state requirements. (For example: Should the test check that all files match a specified version or that at least one file matches the specified version?) The valid check values are explained in the description of the CheckEnumeration simple type. Note that if the test does not contain any references to OVAL States, then the check attribute has no meaning and can be ignored during evaluation. Also note that both the 'check' and 'check_existence' attributes must be satisfied during evaluation for the test to return true. For example, if the check_existence fails then there is no need to evaluate the check since the test will have a result of false no matter what. The required comment attribute provides a short description of the test. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="test_type">
- <sch:rule context="/oval-def:oval_definitions/oval-def:tests/*[@check_existence='none_exist']">
- <sch:assert test="not(*[name()='state'])"><sch:value-of select="@id"/> - No state should be referenced when check_existence has a value of 'none_exist'.</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:TestIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="check_existence" type="oval:ExistenceEnumeration" use="optional" default="at_least_one_exists"/>
- <xsd:attribute name="check" type="oval:CheckEnumeration" use="required"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
- <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:complexType name="ObjectRefType">
- <xsd:annotation>
- <xsd:documentation>The ObjectRefType complex type defines an object reference to be used by OVAL Tests that are defined in the component schemas. The required object_ref attribute specifies the id of the OVAL Object being referenced.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="StateRefType">
- <xsd:annotation>
- <xsd:documentation>The StateRefType complex type defines a state reference to be used by OVAL Tests that are defined in the component schemas. The required state_ref attribute specifies the id of the OVAL State being referenced.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="state_ref" type="oval:StateIDPattern" use="required"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ================================== OBJECTS ================================== -->
- <!-- =============================================================================== -->
- <xsd:complexType name="ObjectsType">
- <xsd:annotation>
- <xsd:documentation>The ObjectsType complex type is a container for one or more object child elements. Each object element provides details that define a set of matching objects to be used by an OVAL Test. Please refer to the description of the object element for more information about an individual object.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="oval-def:object" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="object" type="oval-def:ObjectType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The object element is an abstract element that is meant to be extended (via substitution groups) by the objects found in the component schemas. An actual object element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual objects to inherit any common elements and attributes from the base ObjectType. The optional notes child element, and the id and comment attributes from the base testType. A description of the notes element can be found under the definitions section. Please refer to the description of the ObjectType complex type for more information.</xsd:documentation>
- <xsd:documentation>An OVAL Object describes a set of items to look for on a system. A simple object will usually result in a single file, process, etc being identified. But through the use pattern matches, sets, and variables, multiple matching objects can be identified. Therefore an OVAL Object can identify a set of many individual items on a system. This set of items defined by the OVAL Object can then be used by an OVAL Test and compared against an OVAL State.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="ObjectType">
- <xsd:annotation>
- <xsd:documentation>The base type of every object includes an optional notes element. The notes element of an object should be used to hold information that might be helpful to someone examining the technical aspects of the object. For example, why certain values have been used, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
- <xsd:documentation>The required id attribute uniquely identifies each object, and must conform to the format specified by the objectidPattern simple type. The required version attribute holds the current version of the object element. Versions are integers, starting at 1 and incrementing every time an object is modified. The optional comment attribute provides a short description of the object. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:ObjectIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
- <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:element name="set">
- <xsd:annotation>
- <xsd:documentation>The set element enables complex objects to be described. It is a recursive element in that each set element can contain additional set elements as children. Each set element defines characteristics that produce a matching set of objects. The possible characteristics are an object reference and a collection of filters. The object_reference refers to an existing OVAL Object. The filter element provides a reference to an existing OVAL State. A filter is used to eliminate certain objects from the set. Each filter is applied to each OVAL Object before the set_operator is applied. For example, if an object_reference points to an OVAL Object that is every file in a certain directory, a filter might be set up to limit the object set to only those files with a size less than 10 KB. If multiple filters are provided, then each filter is used separately against the defined object set. In other words, if an object matches any of the supplied filters, then it is thrown out of the set.</xsd:documentation>
- <xsd:documentation>The required set_operator attribute defines how different child sets are combined to form the overall set of objects. For example, does one take the union of different sets or the intersection? For a description of the valid values please refer to the SetOperatorEnumeration simple type.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="setobjref">
- <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:object_reference">
- <sch:assert test="name(./../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
- </sch:rule>
- <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:object_reference">
- <sch:assert test="name(./../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
- </sch:rule>
- <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:set/oval-def:object_reference">
- <sch:assert test="name(./../../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="AffectedType">
+ <xsd:annotation>
+ <xsd:documentation>Each OVAL Definition is written to evaluate a certain type of system(s). The family, platform(s), and product(s) of this target are described by the AffectedType whose main purpose is to provide hints for tools using OVAL Definitions. For instance, to help a reporting tool only use Windows definitions, or to preselect only Red Hat definitions to be evaluated. Note, the inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section.</xsd:documentation>
+ <xsd:documentation>The AffectedType complex type details the specific system, application, subsystem, library, etc. for which a definition has been written. If a definition is not tied to a specific product, then this element should not be included. The absence of the platform or product element can be thought of as definition applying to all platforms or products. The inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section. To increase the utility of this element, care should be taken when assigning and using strings for product names. The schema places no restrictions on the values that can be assigned, potentially leading to many different representations of the same value. For example 'Internet Explorer' and 'IE'. The current convention is to fully spell out all terms, and avoid the use of abbreviations at all costs.</xsd:documentation>
+ <xsd:documentation>Please note that the AffectedType will change in future versions of OVAL in order to support the Common Platform Enumeration (CPE).</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="platform" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="product" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="family" type="oval:FamilyEnumeration" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ReferenceType">
+ <xsd:annotation>
+ <xsd:documentation>The ReferenceType complex type links the OVAL Definition to a definitive external reference. For example, CVE Identifiers for vulnerabilities. The intended purpose for this reference is to link the definition to a variety of other sources that address the same issue being specified by the OVAL Definition.</xsd:documentation>
+ <xsd:documentation>The required source attribute specifies where the reference is coming from. In other words, it identifies the reference repository being used. The required ref_id attribute is the external id of the reference. The optional ref_url attribute is the URL to the reference.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="source" type="xsd:string" use="required"/>
+ <xsd:attribute name="ref_id" type="xsd:string" use="required"/>
+ <xsd:attribute name="ref_url" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="NotesType">
+ <xsd:annotation>
+ <xsd:documentation>The NotesType complex type is a container for one or more note child elements. Each note contains some information about the definition or tests that it references. A note may record an unresolved question about the definition or test or present the reason as to why a particular approach was taken.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="note" type="xsd:string" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CriteriaType">
+ <xsd:annotation>
+ <xsd:documentation>The CriteriaType complex type describes the high level container for all the tests and represents the meat of the definition. Each criteria can contain other criteria elements in a recursive structure allowing complex logical trees to be constructed. Each referenced test is represented by a criterion element. Please refer to the description of the CriterionType for more information about and individual criterion element. The optional extend_definition element allows existing definitions to be included in the criteria. Refer to the description of the ExtendDefinitionType for more information.</xsd:documentation>
+ <xsd:documentation>The required operator attribute provides the logical operator that binds the different statements inside a criteria together. The optional negate attribute signifies that the result of the criteria as a whole should be negated during analysis. For example, consider a criteria that evaluates to TRUE if a certain software is installed. By negating this test, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the criteria.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:choice minOccurs="1" maxOccurs="unbounded">
+ <xsd:element name="criteria" type="oval-def:CriteriaType"/>
+ <xsd:element name="criterion" type="oval-def:CriterionType"/>
+ <xsd:element name="extend_definition" type="oval-def:ExtendDefinitionType"/>
+ </xsd:choice>
+ <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
+ <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="CriterionType">
+ <xsd:annotation>
+ <xsd:documentation>The CriterionType complex type identifies a specific test to be included in the definition's criteria.</xsd:documentation>
+ <xsd:documentation>The required test_ref attribute is the actual id of the test being referenced. The optional negate attribute signifies that the result of an individual test should be negated during analysis. For example, consider a test that evaluates to TRUE if a specific patch is installed. By negating this test, it now evaluates to TRUE if the patch is NOT installed. The optional comment attribute provides a short description of the specified test and should mirror the comment attribute of the actual test.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="test_ref" type="oval:TestIDPattern" use="required"/>
+ <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="ExtendDefinitionType">
+ <xsd:annotation>
+ <xsd:documentation>The ExtendDefinitionType complex type allows existing definitions to be extended by another definition. This works by evaluating the extended definition and then using the result within the logical context of the extending definition.</xsd:documentation>
+ <xsd:documentation>The required definition_ref attribute is the actual id of the definition being extended. The optional negate attribute signifies that the result of an extended definition should be negated during analysis. For example, consider a definition that evaluates TRUE if a certain software is installed. By negating the definition, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the specified definition and should mirror the title metadata of the extended definition.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="definition_ref" type="oval:DefinitionIDPattern" use="required"/>
+ <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- =================================== TESTS =================================== -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="TestsType">
+ <xsd:annotation>
+ <xsd:documentation>The TestsType complex type is a container for one or more test child elements. Each test element describes a single OVAL Test. Please refer to the description of the TestType for more information about an individual test.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="oval-def:test" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="test" type="oval-def:TestType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The test element is an abstract element that is meant to be extended (via substitution groups) by the individual tests found in the component schemas. An OVAL Test is used to compare an object(s) against a defined state. An actual test element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual tests to inherit the optional notes child element, and the id and comment attributes from the base TestType. Please refer to the description of the TestType complex type for more information.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="TestType">
+ <xsd:annotation>
+ <xsd:documentation>The base type of every test includes an optional notes element and five attributes. The notes section of a test should be used to hold information that might be helpful to someone examining the technical aspects of the test. For example, why certain values have been used by the test, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
+ <xsd:documentation>The required id attribute uniquely identifies each test, and must conform to the format specified by the testidPattern simple type. The required version attribute holds the current version of the test. Versions are integers, starting at 1 and incrementing every time a test is modified. The optional check_existence attribute determines how many items in the specified set must exists for the test to evaluate to true. For example, if a value of 'all_exist' is given, every item defined by the OVAL Object must exist on the system for the test to evaluate to true. If the OVAL Object uses a variable reference, then every value of that variable must exist. Note that a pattern match defines a set of matching objects found on a system. So when check_existence = 'all_exist' and a regex matches anything on a system the test will evaluate to true. (since all matching objects on the system were found on the system) When check_existence = 'all_exist' and a regex does not match anything on a system the test will evaluate to false. Note that you only need to evaluate the state condition if the existance check returns true. The required check attribute determines how many of the existing objects must satisfy the state requirements. (For example: Should the test check that all files match a specified version or that at least one file matches the specified version?) The valid check values are explained in the description of the CheckEnumeration simple type. Note that if the test does not contain any references to OVAL States, then the check attribute has no meaning and can be ignored during evaluation. Also note that both the 'check' and 'check_existence' attributes must be satisfied during evaluation for the test to return true. For example, if the check_existence fails then there is no need to evaluate the check since the test will have a result of false no matter what. The required comment attribute provides a short description of the test. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="test_type">
+ <sch:rule context="/oval-def:oval_definitions/oval-def:tests/*[@check_existence='none_exist']">
+ <sch:assert test="not(*[name()='state'])"><sch:value-of select="@id"/> - No state should be referenced when check_existence has a value of 'none_exist'.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:TestIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="check_existence" type="oval:ExistenceEnumeration" use="optional" default="at_least_one_exists"/>
+ <xsd:attribute name="check" type="oval:CheckEnumeration" use="required"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
+ <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="ObjectRefType">
+ <xsd:annotation>
+ <xsd:documentation>The ObjectRefType complex type defines an object reference to be used by OVAL Tests that are defined in the component schemas. The required object_ref attribute specifies the id of the OVAL Object being referenced.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="StateRefType">
+ <xsd:annotation>
+ <xsd:documentation>The StateRefType complex type defines a state reference to be used by OVAL Tests that are defined in the component schemas. The required state_ref attribute specifies the id of the OVAL State being referenced.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="state_ref" type="oval:StateIDPattern" use="required"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ================================== OBJECTS ================================== -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="ObjectsType">
+ <xsd:annotation>
+ <xsd:documentation>The ObjectsType complex type is a container for one or more object child elements. Each object element provides details that define a set of matching objects to be used by an OVAL Test. Please refer to the description of the object element for more information about an individual object.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="oval-def:object" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="object" type="oval-def:ObjectType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The object element is an abstract element that is meant to be extended (via substitution groups) by the objects found in the component schemas. An actual object element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual objects to inherit any common elements and attributes from the base ObjectType. The optional notes child element, and the id and comment attributes from the base testType. A description of the notes element can be found under the definitions section. Please refer to the description of the ObjectType complex type for more information.</xsd:documentation>
+ <xsd:documentation>An OVAL Object describes a set of items to look for on a system. A simple object will usually result in a single file, process, etc being identified. But through the use pattern matches, sets, and variables, multiple matching objects can be identified. Therefore an OVAL Object can identify a set of many individual items on a system. This set of items defined by the OVAL Object can then be used by an OVAL Test and compared against an OVAL State.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ObjectType">
+ <xsd:annotation>
+ <xsd:documentation>The base type of every object includes an optional notes element. The notes element of an object should be used to hold information that might be helpful to someone examining the technical aspects of the object. For example, why certain values have been used, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
+ <xsd:documentation>The required id attribute uniquely identifies each object, and must conform to the format specified by the objectidPattern simple type. The required version attribute holds the current version of the object element. Versions are integers, starting at 1 and incrementing every time an object is modified. The optional comment attribute provides a short description of the object. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:ObjectIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+ <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:element name="set">
+ <xsd:annotation>
+ <xsd:documentation>The set element enables complex objects to be described. It is a recursive element in that each set element can contain additional set elements as children. Each set element defines characteristics that produce a matching set of objects. The possible characteristics are an object reference and a collection of filters. The object_reference refers to an existing OVAL Object. The filter element provides a reference to an existing OVAL State. A filter is used to eliminate certain objects from the set. Each filter is applied to each OVAL Object before the set_operator is applied. For example, if an object_reference points to an OVAL Object that is every file in a certain directory, a filter might be set up to limit the object set to only those files with a size less than 10 KB. If multiple filters are provided, then each filter is used separately against the defined object set. In other words, if an object matches any of the supplied filters, then it is thrown out of the set.</xsd:documentation>
+ <xsd:documentation>The required set_operator attribute defines how different child sets are combined to form the overall set of objects. For example, does one take the union of different sets or the intersection? For a description of the valid values please refer to the SetOperatorEnumeration simple type.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="setobjref">
+ <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:object_reference">
+ <sch:assert test="name(./../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+ </sch:rule>
+ <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:object_reference">
+ <sch:assert test="name(./../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+ </sch:rule>
+ <sch:rule context="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:set/oval-def:object_reference">
+ <sch:assert test="name(./../../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:sequence>
+ <xsd:element ref="oval-def:set" minOccurs="1" maxOccurs="2"/>
+ </xsd:sequence>
+ <xsd:sequence>
+ <xsd:element name="object_reference" type="oval:ObjectIDPattern" minOccurs="1" maxOccurs="2"/>
+ <xsd:element name="filter" type="oval:StateIDPattern" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:choice>
+ <xsd:attribute name="set_operator" type="oval-def:SetOperatorEnumeration" use="optional" default="UNION"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ================================== STATES =================================== -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="StatesType">
+ <xsd:annotation>
+ <xsd:documentation>The StatesType complex type is a container for one or more state child elements. Each state provides details about specific characteristics that can be used during an evaluation of an object. Please refer to the description of the state element for more information about an individual state.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="oval-def:state" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="state" type="oval-def:StateType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The state element is an abstract element that is meant to be extended (via substitution groups) by the states found in the component schemas. An actual state element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual states to inherit the optional notes child element, and the id and operator attributes from the base StateType. Please refer to the description of the StateType complex type for more information.</xsd:documentation>
+ <xsd:documentation>An OVAL State is a collection of one or more characteristics pertaining to a specific object type. The OVAL State is used by an OVAL Test to determine if a set of items identified on a system meet certain characteristics.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="StateType">
+ <xsd:annotation>
+ <xsd:documentation>The base type of every state includes an optional notes element and two attributes. The notes section of a state should be used to hold information that might be helpful to someone examining the technical aspects of the state. For example, why certain values have been used by the state, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
+ <xsd:documentation>The required id attribute uniquely identifies each state, and must conform to the format specified by the stateidPattern simple type. The required version attribute holds the current version of the state. Versions are integers, starting at 1 and incrementing every time a state is modified. The required operator attribute provides the logical operator that binds the different characteristics inside a state together. The optional comment attribute provides a short description of the state. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+ <xsd:documentation>When evaluating a particular state against an object, one should evaluate each individual entity separately. The individual results are then combined by the operator to produce an overall result. This process holds true even when there are multiple instances of the same entity. Evaluate each instance separately, taking the entity check attribute into account, and then combine everything using the operator.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:StateIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+ <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ================================= VARIABLES ================================= -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="VariablesType">
+ <xsd:annotation>
+ <xsd:documentation>The VariablesType complex type is a container for one or more variable child elements. Each variable element is a way to define one or more values to be obtained at the time a definition is evaluated.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="oval-def:variable" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="variable" type="oval-def:VariableType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The variable element is an abstract element that is meant to be extended (via substitution groups) by the different types of variables. An actual variable element is not valid. The different variable types describe different sources for obtaining a value(s) for the variable. There are currently three types of variables; local, external, and constant. Please refer to the description of each one for more specific information. The value(s) of a variable is treated as if it were inserted where referenced. One of the main benefits of variables is that they allow tests to evaluate user-defined policy. For example, an OVAL Test might check to see if a password is at least a certain number of characters long, but this number depends upon the individual policy of the user. To solve this, the test for password length can be written to refer to a variable element that defines the length.</xsd:documentation>
+ <xsd:documentation>If a variable defines an array of values, any entity that references the variable will evaluate to true depending on the value of the var_check attribute. For example, if an entity 'size' with an operation of 'less than' references a variable that returns five different integers, and the var_check attribute has a value of 'all', then the 'size' entity returns true only if the actual size is less than each of the five integers defined by the variable. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="VariableType">
+ <xsd:annotation>
+ <xsd:documentation>The VariableType complex type defines attributes associated with each OVAL Variable. The required id attribute uniquely identifies each variable, and must conform to the format specified by the varidPattern simple type. The required version attribute holds the current version of the variable. Versions are integers, starting at 1 and incrementing every time a variable is modified. The required datatype attribute specifies the type of value being defined. The set of values identified by a variable must comply with the specified datatype. The required comment attribute provides a short description of the variable. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:VariableIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="required"/>
+ <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
+ <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:element name="external_variable" substitutionGroup="oval-def:variable">
+ <xsd:annotation>
+ <xsd:documentation>The external_variable element extends the VariableType and defines a variable with some external source. The actual value(s) for the variable is not provided within the OVAL file, but rather it is retrieved during the evaluation of the OVAL Definition from an external source. An unbounded set of possible-value and possible_restriction child elements can be specified that together specify the list of all possible values that an external source is allowed to supply for the external variable. In other words, the value assigned by an external source must match one of the possible_value or possible_restriction elements specified. Each possible_value element contains a single value that could be assigned to the given external_variable while each possible_restriction element outlines a range of possible values. Note that it is not necessary to declare a variable's possible values, but the option is available if desired. If no possible child elements are specified, then the valid values are only bound to the specified datatype of the external variable. Please refer to the description of the PossibleValueType and PossibleRestrictionType complex types for more information.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:VariableType">
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="possible_value" type="oval-def:PossibleValueType"/>
+ <xsd:element name="possible_restriction" type="oval-def:PossibleRestrictionType"/>
+ </xsd:choice>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="PossibleValueType">
+ <xsd:annotation>
+ <xsd:documentation>The PossibleValueType complex type is used to outline a single expected value of an external variable. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
+ <xsd:appinfo> </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="hint" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PossibleRestrictionType">
+ <xsd:annotation>
+ <xsd:documentation>The PossibleRestrictionType complex type outlines a range of possible expected value of an external variable. Each possible_restriction element contains an unbounded list of child restriction elements that each specify a range that an actual value may fall in. For example, a restriction element my specify that a value must be less than 10. When multiple restriction elements are present, a valid possible value would have to meet every restriction. One can think of the possible_value and possible_restriction elements as an OR'd list of possible values, and the restriction elements as an AND'd list of value descriptions. Please refer to the description of the RestrictionType complex type for more information. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
+ <xsd:appinfo> </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:choice>
+ <xsd:element name="restriction" type="oval-def:RestrictionType" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:choice>
+ <xsd:attribute name="hint" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="RestrictionType">
+ <xsd:annotation>
+ <xsd:documentation>The RestrictionType complex type outlines a restriction that is placed on expected values for an external variable. For example, a possible value may be restricted to a integer less than 10. Please refer to the operationEnumeration simple type for a description of the valid operations. The required hint attribute gives a short description of what the value means or reporesents.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="operation" type="oval:OperationEnumeration" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:element name="constant_variable" substitutionGroup="oval-def:variable">
+ <xsd:annotation>
+ <xsd:documentation>The constant_variable element extends the VariableType and defines a variable with a constant value(s). Each constant_variable defines either a single value or an array of values to be used throughout the evaluation of the OVAL Definition File in which it has been defined. Constant variables can not be over-ridden by an external source. The actual value of a constant variable is defined by the required value child element. An array of values can be specified by including multiple instances of the value element. Please refer to the description of the ValueType complex type for more information.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:VariableType">
<xsd:sequence>
- <xsd:element ref="oval-def:set" minOccurs="1" maxOccurs="2"/>
+ <xsd:element name="value" type="oval-def:ValueType" minOccurs="1" maxOccurs="unbounded"/>
</xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="ValueType">
+ <xsd:annotation>
+ <xsd:documentation>The ValueType complex type holds the actual value of the variable when dealing with a constant variable. This value should be used by all tests that reference this variable. The value can not be over-ridden by an external source.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="value">
+ <sch:rule context="oval-def:constant_variable/oval-def:value">
+ <sch:assert test=".!=''">The value element of the constant_variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType"/>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:element name="local_variable" substitutionGroup="oval-def:variable">
+ <xsd:annotation>
+ <xsd:documentation>The local_variable element extends the VariableType and defines a variable with some local source. The actual value(s) for the variable is not provided in the OVAL Definition document but rather it is retrieved during the evaluation of the OVAL Definition. Each local variable is defined by either a single component or a complex function, meaning that a value can be as simple as a literal string or as complex as multiple registry keys concatenated together. Note that if an individual component is used and it returns multiple values, then there will be multiple values associated with the local_variable. For example, if an object_component is used and it references a file object that identifies a set of 5 files, then the local variable would represent these 5 values. Please refer to the description of the ComponentGroup for more information.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:VariableType">
<xsd:sequence>
- <xsd:element name="object_reference" type="oval:ObjectIDPattern" minOccurs="1" maxOccurs="2"/>
- <xsd:element name="filter" type="oval:StateIDPattern" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:group ref="oval-def:ComponentGroup" minOccurs="1" maxOccurs="1"/>
</xsd:sequence>
- </xsd:choice>
- <xsd:attribute name="set_operator" type="oval-def:SetOperatorEnumeration" use="optional" default="UNION"/>
- </xsd:complexType>
- </xsd:element>
- <!-- =============================================================================== -->
- <!-- ================================== STATES =================================== -->
- <!-- =============================================================================== -->
- <xsd:complexType name="StatesType">
- <xsd:annotation>
- <xsd:documentation>The StatesType complex type is a container for one or more state child elements. Each state provides details about specific characteristics that can be used during an evaluation of an object. Please refer to the description of the state element for more information about an individual state.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="oval-def:state" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="state" type="oval-def:StateType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The state element is an abstract element that is meant to be extended (via substitution groups) by the states found in the component schemas. An actual state element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual states to inherit the optional notes child element, and the id and operator attributes from the base StateType. Please refer to the description of the StateType complex type for more information.</xsd:documentation>
- <xsd:documentation>An OVAL State is a collection of one or more characteristics pertaining to a specific object type. The OVAL State is used by an OVAL Test to determine if a set of items identified on a system meet certain characteristics.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="StateType">
- <xsd:annotation>
- <xsd:documentation>The base type of every state includes an optional notes element and two attributes. The notes section of a state should be used to hold information that might be helpful to someone examining the technical aspects of the state. For example, why certain values have been used by the state, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
- <xsd:documentation>The required id attribute uniquely identifies each state, and must conform to the format specified by the stateidPattern simple type. The required version attribute holds the current version of the state. Versions are integers, starting at 1 and incrementing every time a state is modified. The required operator attribute provides the logical operator that binds the different characteristics inside a state together. The optional comment attribute provides a short description of the state. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
- <xsd:documentation>When evaluating a particular state against an object, one should evaluate each individual entity separately. The individual results are then combined by the operator to produce an overall result. This process holds true even when there are multiple instances of the same entity. Evaluate each instance separately, taking the entity check attribute into account, and then combine everything using the operator.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
- <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:StateIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
- <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ================================= VARIABLES ================================= -->
- <!-- =============================================================================== -->
- <xsd:complexType name="VariablesType">
- <xsd:annotation>
- <xsd:documentation>The VariablesType complex type is a container for one or more variable child elements. Each variable element is a way to define one or more values to be obtained at the time a definition is evaluated.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="oval-def:variable" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="variable" type="oval-def:VariableType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The variable element is an abstract element that is meant to be extended (via substitution groups) by the different types of variables. An actual variable element is not valid. The different variable types describe different sources for obtaining a value(s) for the variable. There are currently three types of variables; local, external, and constant. Please refer to the description of each one for more specific information. The value(s) of a variable is treated as if it were inserted where referenced. One of the main benefits of variables is that they allow tests to evaluate user-defined policy. For example, an OVAL Test might check to see if a password is at least a certain number of characters long, but this number depends upon the individual policy of the user. To solve this, the test for password length can be written to refer to a variable element that defines the length.</xsd:documentation>
- <xsd:documentation>If a variable defines an array of values, any entity that references the variable will evaluate to true depending on the value of the var_check attribute. For example, if an entity 'size' with an operation of 'less than' references a variable that returns five different integers, and the var_check attribute has a value of 'all', then the 'size' entity returns true only if the actual size is less than each of the five integers defined by the variable. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="VariableType">
- <xsd:annotation>
- <xsd:documentation>The VariableType complex type defines attributes associated with each OVAL Variable. The required id attribute uniquely identifies each variable, and must conform to the format specified by the varidPattern simple type. The required version attribute holds the current version of the variable. Versions are integers, starting at 1 and incrementing every time a variable is modified. The required datatype attribute specifies the type of value being defined. The set of values identified by a variable must comply with the specified datatype. The required comment attribute provides a short description of the variable. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:VariableIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="required"/>
- <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
- <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
- </xsd:complexType>
- <xsd:element name="external_variable" substitutionGroup="oval-def:variable">
- <xsd:annotation>
- <xsd:documentation>The external_variable element extends the VariableType and defines a variable with some external source. The actual value(s) for the variable is not provided within the OVAL file, but rather it is retrieved during the evaluation of the OVAL Definition from an external source. An unbounded set of possible-value and possible_restriction child elements can be specified that together specify the list of all possible values that an external source is allowed to supply for the external variable. In other words, the value assigned by an external source must match one of the possible_value or possible_restriction elements specified. Each possible_value element contains a single value that could be assigned to the given external_variable while each possible_restriction element outlines a range of possible values. Note that it is not necessary to declare a variable's possible values, but the option is available if desired. If no possible child elements are specified, then the valid values are only bound to the specified datatype of the external variable. Please refer to the description of the PossibleValueType and PossibleRestrictionType complex types for more information.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="oval-def:VariableType">
- <xsd:choice minOccurs="0" maxOccurs="unbounded">
- <xsd:element name="possible_value" type="oval-def:PossibleValueType"/>
- <xsd:element name="possible_restriction" type="oval-def:PossibleRestrictionType"/>
- </xsd:choice>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="PossibleValueType">
- <xsd:annotation>
- <xsd:documentation>The PossibleValueType complex type is used to outline a single expected value of an external variable. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
- <xsd:appinfo> </xsd:appinfo>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType">
- <xsd:attribute name="hint" type="xsd:string" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="PossibleRestrictionType">
- <xsd:annotation>
- <xsd:documentation>The PossibleRestrictionType complex type outlines a range of possible expected value of an external variable. Each possible_restriction element contains an unbounded list of child restriction elements that each specify a range that an actual value may fall in. For example, a restriction element my specify that a value must be less than 10. When multiple restriction elements are present, a valid possible value would have to meet every restriction. One can think of the possible_value and possible_restriction elements as an OR'd list of possible values, and the restriction elements as an AND'd list of value descriptions. Please refer to the description of the RestrictionType complex type for more information. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
- <xsd:appinfo> </xsd:appinfo>
- </xsd:annotation>
- <xsd:choice>
- <xsd:element name="restriction" type="oval-def:RestrictionType" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:choice>
- <xsd:attribute name="hint" type="xsd:string" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="RestrictionType">
- <xsd:annotation>
- <xsd:documentation>The RestrictionType complex type outlines a restriction that is placed on expected values for an external variable. For example, a possible value may be restricted to a integer less than 10. Please refer to the operationEnumeration simple type for a description of the valid operations. The required hint attribute gives a short description of what the value means or reporesents.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType">
- <xsd:attribute name="operation" type="oval:OperationEnumeration" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:element name="constant_variable" substitutionGroup="oval-def:variable">
- <xsd:annotation>
- <xsd:documentation>The constant_variable element extends the VariableType and defines a variable with a constant value(s). Each constant_variable defines either a single value or an array of values to be used throughout the evaluation of the OVAL Definition File in which it has been defined. Constant variables can not be over-ridden by an external source. The actual value of a constant variable is defined by the required value child element. An array of values can be specified by including multiple instances of the value element. Please refer to the description of the ValueType complex type for more information.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="oval-def:VariableType">
- <xsd:sequence>
- <xsd:element name="value" type="oval-def:ValueType" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:complexType name="ValueType">
- <xsd:annotation>
- <xsd:documentation>The ValueType complex type holds the actual value of the variable when dealing with a constant variable. This value should be used by all tests that reference this variable. The value can not be over-ridden by an external source.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="value">
- <sch:rule context="oval-def:constant_variable/oval-def:value">
- <sch:assert test=".!=''">The value element of the constant_variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
- </sch:rule>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:group name="ComponentGroup">
+ <xsd:annotation>
+ <xsd:documentation>Any value that is pulled directly off the local system is defined by the basic component element. For example, the name of a user or the value of a registry key. Please refer to the definition of the ObjectComponentType for more information. A value can also be obtained from another variable. The variable element identifies a variable id to pull a value(s) from. Please refer to the definition of the VariableComponentType for more information. Literal values can also be specified.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:choice>
+ <xsd:element name="object_component" type="oval-def:ObjectComponentType"/>
+ <xsd:element name="variable_component" type="oval-def:VariableComponentType"/>
+ <xsd:element name="literal_component" type="oval-def:LiteralComponentType"/>
+ <xsd:group ref="oval-def:FunctionGroup"/>
+ </xsd:choice>
+ </xsd:group>
+ <xsd:complexType name="LiteralComponentType">
+ <xsd:annotation>
+ <xsd:documentation>The LiteralComponentType complex type defines a literal value to be used as a component. The otpional datatype attribute defines the type of data expected. The default datatype is 'string'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="literal_component">
+ <sch:rule context="oval-def:literal_component">
+ <sch:assert test=".!=''">The literal_component of variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
+ </sch:rule>
+ <!--
+ <sch:rule context="oval-def:literal_component/*/*[not(@datatype)]">
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='binary']">
+ <sch:assert test="matches(., '^[0-9a-fA-F]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='boolean']">
+ <sch:assert test="matches(., '^true$|^false$|^1$|^0$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='evr_string']">
+ <sch:assert test="matches(., '^[^:\-]*:[^:\-]*-[^:\-]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='fileset_revision']">
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='float']">
+ <sch:assert test="matches(., '^[+\-]?[0-9]+([\.][0-9]+)?([eE][+\-]?[0-9]+)?$|^NaN$|^INF$|^\-INF$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='ios_version']">
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='int']">
+ <sch:assert test="matches(., '^[+\-]?[0-9]+$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='string']">
+ </sch:rule>
+ <sch:rule context="oval-def:literal_component[@datatype='version']">
+ </sch:rule>
+ -->
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="ObjectComponentType">
+ <xsd:annotation>
+ <xsd:documentation>The ObjectComponentType complex type defines a specific value on the local system to obtain. The required object_ref attribute provides a reference to an existing OVAL Object declaration. This reference defines the object to examine and eventually pull the value from. The required item_field defines which piece of data to retrieve from the object referenced by the object_ref. For example, if the object_ref references a file_object, the item_field may define the version entity as the piece of information to use as the value of the variable. The types of data to retrieve can be found in the OVAL System Characteristics file under the item associated with the object referenced by object_ref.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="item_field">
+ <sch:rule context="oval-def:object_component">
+ <sch:assert test="@item_field!=''">The item_field attribute of an object_component of variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
+ <xsd:attribute name="item_field" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VariableComponentType">
+ <xsd:annotation>
+ <xsd:documentation>The VariableComponentType complex type defines a specific value obtained by looking at the value of another OVAL Variable. The required var_ref attribute provides a reference to the variable. One must make sure that the variable reference does not point to the parent variable that uses this component to avoid a race condition.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="required"/>
+ </xsd:complexType>
+ <xsd:group name="FunctionGroup">
+ <xsd:annotation>
+ <xsd:documentation>Complex functions have been defined that help determine how to manipulated specific values. These functions can be nested together to form complex statements. Each function is designed to work on a specific type of data. If the data being worked on is not of the correct type, a cast should be attempted before throwing an error. For example, if a concat function includes a registry component that returns an integer, then the integer should be cast as a string in order to work with the concat function. Note that if the operation being applied to the variable by the calling entity is "pattern match", then all the functions are performed before the regular expression is evaluated. In short, the variable would produce a value as normal and then any pattern match operation would be performed. Please refer to the description of a specific function for more details about it.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:choice>
+ <xsd:element name="arithmetic" type="oval-def:ArithmeticFunctionType"/>
+ <xsd:element name="begin" type="oval-def:BeginFunctionType"/>
+ <xsd:element name="concat" type="oval-def:ConcatFunctionType"/>
+ <xsd:element name="end" type="oval-def:EndFunctionType"/>
+ <xsd:element name="escape_regex" type="oval-def:EscapeRegexFunctionType"/>
+ <xsd:element name="split" type="oval-def:SplitFunctionType"/>
+ <xsd:element name="substring" type="oval-def:SubstringFunctionType"/>
+ <xsd:element name="time_difference" type="oval-def:TimeDifferenceFunctionType"/>
+ <xsd:element name="regex_capture" type="oval-def:RegexCaptureFunctionType"/>
+ </xsd:choice>
+ </xsd:group>
+ <xsd:complexType name="ArithmeticFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The arithmetic function takes two or more integer or float components and performs a basic mathmetical function on them. The result of this function in a single integer or float. Note that if both an integer and float components are used then the result is a float.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="arithmeticfunctionrules">
+ <sch:rule context="oval-def:arithmetic/oval-def:literal_component">
+ <sch:assert test="@datatype='float' or @datatype='int'">A literal_component used by an arithmetic function must have a datatype of float or int.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:arithmetic/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype='float' or //oval-def:variables/*[@id=$var_ref]/@datatype='int'">The variable referenced by the arithmetic function must have a datatype of int.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="2" maxOccurs="unbounded">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="arithmetic_operation" type="oval-def:ArithmeticEnumeration" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="BeginFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The begin function takes a single string component and defines a character (or string) that the component string should start with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string doesn't already start with the specified character (or string).</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="beginfunctionrules">
+ <sch:rule context="oval-def:begin/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the begin function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:begin/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the begin function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="character" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConcatFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The concat function takes two or more components and concatenates them together to form a single string. The first component makes up the begining of the resulting string and any following components are added to the end it. If one of the components returns multiple values then the concat function would be performed multiple times and the end result would be an array of values for the local variable. For example assume a local variable has two sub-components: a basic component element returns the values "abc" and "def", and a literal component element that has a value of "xyz". The local_variable element would be evaluated to have two values, "abcxyz" and "defxyz". If one of the components does not exist, then the result of the concat operation should be does not exist.</xsd:documentation>
+ <xsd:appinfo>
+ <evaluation_documentation>Below is a chart that specifies how to classify the flag status of a variable using the concat function during evaluation when multiple components are supplied. Both the object and variable component are indirectly associated with collected objects in a system characteristics file. These objects could have been completely collected from the system, or there might have been some type of error that led to the object not being collected, or maybe only a part of the object set was collected. This flag status is important as OVAL Objects or OVAL State that are working with a variable (through the var_ref attribute on an entity) can use this information to report more accurate results. For example, an OVAL Test with a check attribute of 'at least one' that specifies an object with a variable reference, might be able to produce a valid result based on an incomplete object set as long as one of the objects in the set is true.</evaluation_documentation>
+ <evaluation_chart> || num of components with flag || || || resulting flag is || E | C | I | DNE | NC | NA || ------||-----------------------------------||------------------ || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ || Error || 0 | 1+ | 0 | 0 | 0 | 0 || Complete || 0 | 0+ | 1+ | 0 | 0 | 0 || Incomplete || 0 | 0+ | 0+ | 1+ | 0 | 0 || Does Not Exist || 0 | 0+ | 0+ | 0+ | 1+ | 0 || Not Collected || 0 | 0+ | 0+ | 0+ | 0+ | 1+ || Not Applicable ------||-----------------------------------||------------------</evaluation_chart>
+ <sch:pattern id="concatfunctionrules">
+ <sch:rule context="oval-def:concat/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the concat function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:concat/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the concat function must have a datatype of string.</sch:assert>
+ </sch:rule>
</sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType"/>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:element name="local_variable" substitutionGroup="oval-def:variable">
- <xsd:annotation>
- <xsd:documentation>The local_variable element extends the VariableType and defines a variable with some local source. The actual value(s) for the variable is not provided in the OVAL Definition document but rather it is retrieved during the evaluation of the OVAL Definition. A value can be as simple as a literal string or as complex as multiple registry keys concatenated together. Each local variable is defined by either a single component or a complex function. Please refer to the description of the ComponentGroup for more information.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:complexContent>
- <xsd:extension base="oval-def:VariableType">
- <xsd:sequence>
- <xsd:group ref="oval-def:ComponentGroup" minOccurs="1" maxOccurs="1"/>
- </xsd:sequence>
- </xsd:extension>
- </xsd:complexContent>
- </xsd:complexType>
- </xsd:element>
- <xsd:group name="ComponentGroup">
- <xsd:annotation>
- <xsd:documentation>Any value that is pulled directly off the local system is defined by the basic component element. For example, the name of a user or the value of a registry key. Please refer to the definition of the ObjectComponentType for more information. A value can also be obtained from another variable. The variable element identifies a variable id to pull a value(s) from. Please refer to the definition of the VariableComponentType for more information. Literal values can also be specified.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="literal_component">
- <sch:rule context="oval-def:literal_component">
- <sch:assert test=".!=''">The literal_component of variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:choice>
- <xsd:element name="object_component" type="oval-def:ObjectComponentType"/>
- <xsd:element name="variable_component" type="oval-def:VariableComponentType"/>
- <xsd:element name="literal_component" type="xsd:anySimpleType"/>
- <xsd:group ref="oval-def:FunctionGroup"/>
- </xsd:choice>
- </xsd:group>
- <xsd:complexType name="ObjectComponentType">
- <xsd:annotation>
- <xsd:documentation>The ObjectComponentType complex type defines a specific value on the local system to obtain. The required obj_id provides a reference to an existing OVAL Object declaration. This object defines the object to examine and eventually pull the value from. The required item_field defines which piece of data to retrieve from the object referenced by the obj_id. For example, if the obj_id references a file, the item_field may define the version as the piece of information to use as the value of the variable. The data to retrieve can be found in the OVAL System Characteristics file under the items associated with the object referenced by obj_id.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="item_field">
- <sch:rule context="oval-def:object_component">
- <sch:assert test="@item_field!=''">The item_field attribute of an object_component of variable <sch:value-of select="../../@id"/> can not be empty.</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
- <xsd:attribute name="item_field" type="xsd:string" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VariableComponentType">
- <xsd:annotation>
- <xsd:documentation>The VariableComponentType complex type defines a specific value obtained by looking at the value of another OVAL Variable. The required var_ref attribute provides a reference to the variable. One must make sure that the variable reference does not point to the parent variable that uses this component to avoid a race condition.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="required"/>
- </xsd:complexType>
- <xsd:group name="FunctionGroup">
- <xsd:annotation>
- <xsd:documentation>Complex functions have been defined that help determine how to manipulated specific values. These functions can be nested together to form complex statements. Each function is designed to work on a specific type of data. If the data being worked on is not of the correct type, a cast should be attempted before throwing an error. For example, if a concat function includes a registry component that returns an integer, then the integer should be cast as a string in order to work with the concat function. Note that if the operation being applied to the variable by the calling entity is "pattern match", then all the functions are performed before the regular expression is evaluated. In short, the variable would produce a value as normal and then any pattern match operation would be performed. Please refer to the description of a specific function for more details about it.</xsd:documentation>
- </xsd:annotation>
- <xsd:choice>
- <xsd:element name="begin" type="oval-def:BeginFunctionType"/>
- <xsd:element name="concat" type="oval-def:ConcatFunctionType"/>
- <xsd:element name="end" type="oval-def:EndFunctionType"/>
- <xsd:element name="escape_regex" type="oval-def:EscapeRegexFunctionType"/>
- <xsd:element name="split" type="oval-def:SplitFunctionType"/>
- <xsd:element name="substring" type="oval-def:SubstringFunctionType"/>
- </xsd:choice>
- </xsd:group>
- <xsd:complexType name="BeginFunctionType">
- <xsd:annotation>
- <xsd:documentation>The begin function takes a single string component and defines a character (or string) that the component string should start with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string doesn't already start with the specified character (or string).</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence minOccurs="1" maxOccurs="1">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- <xsd:attribute name="character" type="xsd:string" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="ConcatFunctionType">
- <xsd:annotation>
- <xsd:documentation>The concat function takes two or more components and concatenates them together to form a single string. The first component makes up the begining of the resulting string and any following components are added to the end it. If one of the components returns multiple values then the concat function would be performed multiple times and the end result would be an array of values for the local variable. For example assume a local variable has two sub-components: a basic component element returns the values "abc" and "def", and a literal component element that has a value of "xyz". The local_variable element would be evaluated to have two values, "abcxyz" and "defxyz". If one of the components does not exist, then the result of the concat operation should be does not exist.</xsd:documentation>
- <xsd:appinfo>
- <evaluation_documentation>Below is a chart that specifies how to classify the flag status of a variable using the concat function during evaluation when multiple components are supplied. Both the object and variable component are indirectly associated with collected objects in a system characteristics file. These objects could have been completely collected from the system, or there might have been some type of error that led to the object not being collected, or maybe only a part of the object set was collected. This flag status is important as OVAL Objects or OVAL State that are working with a variable (through the var_ref attribute on an entity) can use this information to report more accurate results. For example, an OVAL Test with a check attribute of 'at least one' that specifies an object with a variable reference, might be able to produce a valid result based on an incomplete object set as long as one of the objects in the set is true.</evaluation_documentation>
- <evaluation_chart> || num of components with flag || || || resulting flag is || E | C | I | DNE | NC | NA || ------||-----------------------------------||------------------ || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ || Error || 0 | 1+ | 0 | 0 | 0 | 0 || Complete || 0 | 0+ | 1+ | 0 | 0 | 0 || Incomplete || 0 | 0+ | 0+ | 1+ | 0 | 0 || Does Not Exist || 0 | 0+ | 0+ | 0+ | 1+ | 0 || Not Collected || 0 | 0+ | 0+ | 0+ | 0+ | 1+ || Not Applicable ------||-----------------------------------||------------------</evaluation_chart>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:sequence minOccurs="2" maxOccurs="unbounded">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="EndFunctionType">
- <xsd:annotation>
- <xsd:documentation>The end function takes a single string component and defines a character (or string) that the component string should end with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string doesn't already end with the specified character (or string).</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence minOccurs="1" maxOccurs="1">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- <xsd:attribute name="character" type="xsd:string" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="EscapeRegexFunctionType">
- <xsd:annotation>
- <xsd:documentation>The escape regex function takes a single string component and escapes all the regular expression characters. The purpose for this is that many times, a component used in pattern match needs to be treated a literal string and not regular expression. For example assume a basic component element that pulls a file path out of the Windows registry. This path is a string that might contain regular expression characters but these characters are not intended to be such, so they need to be escaped. This function allows a definition writer to mark which components are in regular expression format and which aren't.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence minOccurs="1" maxOccurs="1">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="SplitFunctionType">
- <xsd:annotation>
- <xsd:documentation>The split function takes a single string component and turns it into multiple values based on a delimiter string. For example assume a basic component element that returns the value "a-b-c-d" with the delimiter set to "-". The local_variable element would be evaluated to have four values "a", "b", "c", and "d". If the string component used by the split function returns multiple values, then the split is performed multiple times.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence minOccurs="1" maxOccurs="1">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- <xsd:attribute name="delimiter" type="xsd:string" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="SubstringFunctionType">
- <xsd:annotation>
- <xsd:documentation>The substring function takes a single string component and produces a single value that contains a portion of the original string. The substring_start attribute defines the starting position in the original string. Note, to include the first character of the string, the start position would be 1. Also note that a value less than one also means starting at the first character of the string. The substring_length attribute defines how many character after and including the starting character to include. Note that a substring_length value greater than the actual length of the string or a negative value means to include all the characters after the starting character. For example assume a basic component element that returns the value "abcdefg" with a substring_start value of 3 and a substring_length value of 2. The local_variable element would be evaluate to have a single value of "cd". If the string component used by the substring function returns multiple values, then the substring operation is performed multiple times and results in multiple values for the component.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence minOccurs="1" maxOccurs="1">
- <xsd:group ref="oval-def:ComponentGroup"/>
- </xsd:sequence>
- <xsd:attribute name="substring_start" type="xsd:int" use="required"/>
- <xsd:attribute name="substring_length" type="xsd:int" use="required"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ================================= SIGNATURE ================================= -->
- <!-- =============================================================================== -->
- <!--
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="2" maxOccurs="unbounded">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="EndFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The end function takes a single string component and defines a character (or string) that the component string should end with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string doesn't already end with the specified character (or string).</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="endfunctionrules">
+ <sch:rule context="oval-def:end/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the end function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:end/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the end function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="character" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="EscapeRegexFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The escape regex function takes a single string component and escapes all the regular expression characters. The purpose for this is that many times, a component used in pattern match needs to be treated a literal string and not regular expression. For example assume a basic component element that pulls a file path out of the Windows registry. This path is a string that might contain regular expression characters but these characters are not intended to be such, so they need to be escaped. This function allows a definition writer to mark which components are in regular expression format and which aren't.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="escaperegexfunctionrules">
+ <sch:rule context="oval-def:escape_regex/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the escape_regex function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:escape_regex/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the escape_regex function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SplitFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The split function takes a single string component and turns it into multiple values based on a delimiter string. For example assume a basic component element that returns the value "a-b-c-d" with the delimiter set to "-". The local_variable element would be evaluated to have four values "a", "b", "c", and "d". If the string component used by the split function returns multiple values, then the split is performed multiple times.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="splitfunctionrules">
+ <sch:rule context="oval-def:split/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the split function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:split/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the split function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="delimiter" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="SubstringFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The substring function takes a single string component and produces a single value that contains a portion of the original string. The substring_start attribute defines the starting position in the original string. Note, to include the first character of the string, the start position would be 1. Also note that a value less than one also means starting at the first character of the string. The substring_length attribute defines how many character after and including the starting character to include. Note that a substring_length value greater than the actual length of the string or a negative value means to include all the characters after the starting character. For example assume a basic component element that returns the value "abcdefg" with a substring_start value of 3 and a substring_length value of 2. The local_variable element would be evaluate to have a single value of "cd". If the string component used by the substring function returns multiple values, then the substring operation is performed multiple times and results in multiple values for the component.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="substringfunctionrules">
+ <sch:rule context="oval-def:substring/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the substring function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:substring/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the substring function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="substring_start" type="xsd:int" use="required"/>
+ <xsd:attribute name="substring_length" type="xsd:int" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TimeDifferenceFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The time_difference function calculates the difference in seconds between date-time values. If one component is specified, the values of that component are subtracted from the current time (UTC). If two components are specified, the value of the second component is subtracted from the value of the first component. If the component(s) contain multiple values, the operation is performed multiple times and the result is an array of time differences.</xsd:documentation>
+ <xsd:documentation>The date-time format of each component is determined by the two format attributes. The format1 attribute applies to the first component, and the format2 attribute applies to the second component. Valid values for the attributes are 'win_filetime', 'seconds_since_epoch', 'day_month_year', 'year_month_day', and 'month_day_year'. Please see the DateTimeFormatEnumeration for more information about each of these values. If an input value is not understood, the result is an error. If only one input is specified, specify the format with the format2 attribute, as the first input is considered to be the implied 'current time' input.</xsd:documentation>
+ <xsd:documentation>Note that the datatype associated with the components should be 'string' or 'int' depending on which date time format is specified. The result of this function though is always an integer.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="timedifferencefunctionrules">
+ <sch:rule context="oval-def:time_difference/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string' or @datatype='int'">A literal_component used by the time_difference function must have a datatype of string or int.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:time_difference/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype='string' or //oval-def:variables/*[@id=$var_ref]/@datatype='int'">The variable referenced by the time_difference function must have a datatype of string or int.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="2">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="format_1" type="oval-def:DateTimeFormatEnumeration" use="optional" default="year_month_day"/>
+ <xsd:attribute name="format_2" type="oval-def:DateTimeFormatEnumeration" use="optional" default="year_month_day"/>
+ </xsd:complexType>
+ <xsd:complexType name="RegexCaptureFunctionType">
+ <xsd:annotation>
+ <xsd:documentation>The regex_capture function accepts one string component input and returns the first match in each component value, as matched against the regex pattern specified in the 'pattern' attribute.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="regexcapturefunctionrules">
+ <sch:rule context="oval-def:regex_capture/oval-def:literal_component">
+ <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the regex_capture function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:regex_capture/oval-def:variable_component">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the regex_capture function must have a datatype of string.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence minOccurs="1" maxOccurs="1">
+ <xsd:group ref="oval-def:ComponentGroup"/>
+ </xsd:sequence>
+ <xsd:attribute name="pattern" type="xsd:string"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ================================= SIGNATURE ================================= -->
+ <!-- =============================================================================== -->
+ <!--
The signature element is defined by the xmldsig schema. Please refer to that
documentation for a description of the valid elements and types. More
information about the official W3C Recommendation regarding XML digital
signatures can be found at http://www.w3.org/TR/xmldsig-core/.
-->
- <!-- =============================================================================== -->
- <!-- =============================== ENUMERATIONS ================================ -->
- <!-- =============================================================================== -->
- <xsd:simpleType name="ClassEnumeration">
- <xsd:annotation>
- <xsd:documentation>The ClassEnumeration simple type defines the different classes of definitions. Each class defines a certain intent regarding how an OVAL Definition is written and what that definition is describing. The specified class gives a hint about the definition so a user can know what the definition writer is trying to say. Note that the class does not make a statement about whether a true result is good or bad as this depends on the use of an OVAL Definition. These classes are also used to group definitions by the type of system state they are describing. For example, this allows users to find all the vulnerability (or patch, or inventory, etc) definitions.</xsd:documentation>
- </xsd:annotation>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="compliance">
- <xsd:annotation>
- <xsd:documentation>A compliance definition describes the state of a machine as it complies with a specific policy. The intention is that a definition of this class will return true when the system is found to be compliant with the stated policy. Another way of thinking about this is that a compliance definition is stating "the system is compliant if ...".</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="inventory">
- <xsd:annotation>
- <xsd:documentation>An inventory definition describes whether a specific piece of software is installed on the system. The intention is that a definition of this class will return true when the specified software is found on the system. Another way of thinking about this is that an inventory definition is stating "the software is installed if ...".</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="miscellaneous">
- <xsd:annotation>
- <xsd:documentation>The 'miscellaneous' class is used to identify definitions that do not fall into any of the other defined classes.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="patch">
- <xsd:annotation>
- <xsd:documentation>A patch definition details the machine state of whether a patch executable should be installed. The intention is that a definition of this class will return true when the specified patch is missing from the system. Another way of thinking about this is that a patch definition is stating "the patch should be installed if ...". Note that word SHOULD is intended to mean more than just CAN the patch executable be installed. In other words, if a more recent patch is already installed then the specified patch might not need to be installed.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="vulnerability">
- <xsd:annotation>
- <xsd:documentation>A vulnerability definition describes the conditions under which a machine is vulnerable. The intention is that a definition of this class will return true when the system is found to be vulnerable with the stated issue. Another way of thinking about this is that a vulnerability definition is stating "the system is vulnerable if ...".</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="SetOperatorEnumeration">
- <xsd:annotation>
- <xsd:documentation>The SetOperatorEnumeration simple type defines acceptable set operations. Set operations are used to take multiple different sets of objects within OVAL and merge them into a single set. The different operators that guide this merge are defined below. For each operator, if only a single object has been supplied, then the resulting set is simply that complete object.</xsd:documentation>
- <xsd:appinfo>
- <evaluation_documentation>Below are some tables that outline how different flags are combined with a given set_operator to return a new flag. These tables are needed when computing the flag for collected objects that represent object sets in an OVAL Definition. The top row identifies the flag associated with the first set or object reference. The left column identifies the flag associated with the second set or object reference. The matrix inside the table represent the resulting flag when the given set_operator is applied. (E=error, C=complete, I=incomplete, DNE=does not exist, NC=not collected, NA=not applicable)</evaluation_documentation>
- <evaluation_chart xml:space="preserve">
+ <!-- =============================================================================== -->
+ <!-- =============================== ENUMERATIONS ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:simpleType name="ArithmeticEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The ArithmeticEnumeration simple type defines basic arithmetic operations. Currently add and multiply are defined.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="add"/>
+ <xsd:enumeration value="multiply"/>
+ <!--
+ NOTE - we need to add a required position attribute to the components before we
+ can have a subtract or divide function. This will have to wait for the next
+ major release
+
+ <xsd:enumeration value="divide"/>
+ <xsd:enumeration value="subtract"/>
+ -->
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="ClassEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The ClassEnumeration simple type defines the different classes of definitions. Each class defines a certain intent regarding how an OVAL Definition is written and what that definition is describing. The specified class gives a hint about the definition so a user can know what the definition writer is trying to say. Note that the class does not make a statement about whether a true result is good or bad as this depends on the use of an OVAL Definition. These classes are also used to group definitions by the type of system state they are describing. For example, this allows users to find all the vulnerability (or patch, or inventory, etc) definitions.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="compliance">
+ <xsd:annotation>
+ <xsd:documentation>A compliance definition describes the state of a machine as it complies with a specific policy. The intention is that a definition of this class will return true when the system is found to be compliant with the stated policy. Another way of thinking about this is that a compliance definition is stating "the system is compliant if ...".</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="inventory">
+ <xsd:annotation>
+ <xsd:documentation>An inventory definition describes whether a specific piece of software is installed on the system. The intention is that a definition of this class will return true when the specified software is found on the system. Another way of thinking about this is that an inventory definition is stating "the software is installed if ...".</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="miscellaneous">
+ <xsd:annotation>
+ <xsd:documentation>The 'miscellaneous' class is used to identify definitions that do not fall into any of the other defined classes.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="patch">
+ <xsd:annotation>
+ <xsd:documentation>A patch definition details the machine state of whether a patch executable should be installed. The intention is that a definition of this class will return true when the specified patch is missing from the system. Another way of thinking about this is that a patch definition is stating "the patch should be installed if ...". Note that word SHOULD is intended to mean more than just CAN the patch executable be installed. In other words, if a more recent patch is already installed then the specified patch might not need to be installed.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="vulnerability">
+ <xsd:annotation>
+ <xsd:documentation>A vulnerability definition describes the conditions under which a machine is vulnerable. The intention is that a definition of this class will return true when the system is found to be vulnerable with the stated issue. Another way of thinking about this is that a vulnerability definition is stating "the system is vulnerable if ...".</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="DateTimeFormatEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The DateTimeFormatEnumeration simple type defines the different date-time formats that are understood by OVAL. Note that in some cases there are a few different possabilities within a given format. Each of these possabilities is unique though and can be distinguished from each other. The different formats are used to clarify the higher level structure of the date-time string being used.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="year_month_day">
+ <xsd:annotation>
+ <xsd:documentation>The year_month_day value specifies date-time strings that follow the formats: 'yyyymmdd', 'yyyymmddThhmmss', 'yyyy/mm/dd hh:mm:ss', 'yyyy/mm/dd', 'yyyy-mm-dd hh:mm:ss', or 'yyyy-mm-dd'</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="month_day_year">
+ <xsd:annotation>
+ <xsd:documentation>The month_day_year value specifies date-time strings that follow the formats: 'mm/dd/yyyy hh:mm:ss', 'mm/dd/yyyy', 'mm-dd-yyyy hh:mm:ss', 'mm-dd-yyyy', 'NameOfMonth, dd yyyy hh:mm:ss' or 'NameOfMonth, dd yyyy', 'AbreviatedNameOfMonth, dd yyyy hh:mm:ss', or 'AbreviatedNameOfMonth, dd yyyy'</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="day_month_year">
+ <xsd:annotation>
+ <xsd:documentation>The day_month_year value specifies date-time strings that follow the formats: 'dd/mm/yyyy hh:mm:ss', 'dd/mm/yyyy', 'dd-mm-yyyy hh:mm:ss', or 'dd-mm-yyyy'</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="win_filetime">
+ <xsd:annotation>
+ <xsd:documentation>The win_filetime value specifies date-time strings that follow the windows file time format.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="seconds_since_epoch">
+ <xsd:annotation>
+ <xsd:documentation>The seconds_since_epoch value specifies date-time values that represent the time in seconds since the UNIX epoch. The Unix epoch is the time 00:00:00 UTC on January 1, 1970.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="SetOperatorEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The SetOperatorEnumeration simple type defines acceptable set operations. Set operations are used to take multiple different sets of objects within OVAL and merge them into a single set. The different operators that guide this merge are defined below. For each operator, if only a single object has been supplied, then the resulting set is simply that complete object.</xsd:documentation>
+ <xsd:appinfo>
+ <evaluation_documentation>Below are some tables that outline how different flags are combined with a given set_operator to return a new flag. These tables are needed when computing the flag for collected objects that represent object sets in an OVAL Definition. The top row identifies the flag associated with the first set or object reference. The left column identifies the flag associated with the second set or object reference. The matrix inside the table represent the resulting flag when the given set_operator is applied. (E=error, C=complete, I=incomplete, DNE=does not exist, NC=not collected, NA=not applicable)</evaluation_documentation>
+ <evaluation_chart xml:space="preserve">
|| ||
set_operator is || obj 1 flag ||
union || ||
@@ -710,7 +925,7 @@
NA || E | C | I | DNE | NC | NA ||
-----------------||-----------------------------------||
</evaluation_chart>
- <evaluation_chart xml:space="preserve">
+ <evaluation_chart xml:space="preserve">
|| ||
set_operator is || obj 1 flag ||
intersection || ||
@@ -724,7 +939,7 @@
NA || E | C | I | DNE | NC | NA ||
-----------------||-----------------------------------||
</evaluation_chart>
- <evaluation_chart xml:space="preserve">
+ <evaluation_chart xml:space="preserve">
|| ||
set_operator is || obj 1 flag ||
complement || ||
@@ -738,214 +953,263 @@
NA || E | E | E | E | E | E ||
-----------------||-----------------------------------||
</evaluation_chart>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="COMPLEMENT">
- <xsd:annotation>
- <xsd:documentation>The complement operator is defined in OVAL as a relative complement. The resulting set contains everything that belongs to the first declared set that is not part of the second declared set. If A and B are sets (with A being the first declared set), then the relative complement is the set of elements in A, but not in B.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="INTERSECTION">
- <xsd:annotation>
- <xsd:documentation>The intersection of two sets in OVAL results in a set that contains everything that belongs both sets in the collection, but nothing else. If A and B are sets, then the intersection of A and B contains all the elements of A that also belong to B, but no other elements.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="UNION">
- <xsd:annotation>
- <xsd:documentation>The union of two sets in OVAL results in a set that contains everything that belongs to either of the original sets. If A and B are sets, then the union of A and B contains all the elements of A and all elements of B, with the duplicates removed.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- </xsd:restriction>
- </xsd:simpleType>
- <!-- =============================================================================== -->
- <!-- =============================== ENTITY TYPES ================================ -->
- <!-- =============================================================================== -->
- <xsd:complexType name="EntityBaseType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The EntityBaseType complex type is an abstract type that defines the default attributes associated with every entity. Entities can be found in both OVAL Objects and OVAL States and represent the individual properties associated with items found on a system. An example of a single entity would be the path of a file. Another example would be the version of the file.</xsd:documentation>
- <xsd:documentation>The optional datatype attribute specifies how the given operation should be applied to the data. (the default datatype is 'string') An example is with the statement 'is 123 less than 98'. If the data is treated as integers the answer is no, but if the data is treated as strings, then the answer is yes. Specifying a datatype details how the less than operation should be performed. Another way of thinking of things is that the datatype attribute specifies how the data should be cast before performing the operation. In the previous example, if the datatype is set to int, then '123' and '98' should be cast as integers. If a cast can not be made, (trying to cast 'abc' to an integer) then an error should be thrown. Another example is applying the 'equal' operation to '1.0.0.0' and '1.0'. With datatype 'string' they are not equal, with datatype 'version' they are.</xsd:documentation>
- <xsd:documentation>The optional operation determines how the individual entities should be evaluated. (the default operator is 'equals') Both of these attributes are optional in order to keep the XML clean and readable. The default values are used most of the time and putting datatype="string" and operator="equals" for each element would muddy up the XML.</xsd:documentation>
- <xsd:documentation>The optional mask attribute can be used in situations where information is need for evaluation, but this information should not be disclosed in the results file. (maybe due to sensitivity concerns) If the mask attribute is set to 'true', then the value of this field, along with the operation used, should not appear in the results file. Note that this value would appear in the copy of the system characteristics contained in the results file. In this case the results file should make use of the corresponding mask attribute in the system characteristics schema should be set to true and the value should be ommitted. In addition to the value being omitted from the copy of the system characteristics file, the copy of the definition file should also omit the value and operation used for testing.</xsd:documentation>
- <xsd:documentation>The optional var_ref attribute refers the value of the entity to a variable element. When supplied, the value(s) associated with the OVAL Variable should be used as the value(s) of the entity. If there is an error computing the value of the variable, then that error should be passed up to the entity referencing it. If the variable being referenced does not have a value (for example, if the variable pertains to the size of a file, but the file does not exist) then one of two results are possible. If the entity is part of an object declaration, then the object is considered to not exist. If the entity is part of a state declaration, then the state comparison should result in an error.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="entityrules">
- <sch:rule context="oval-def:objects/*/*|oval-def:states/*/*">
- <sch:let name="var_ref" value="@var_ref"/>
- <sch:assert test="((not(@datatype) and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match')) or (@datatype='binary' and (not(@operation) or @operation='equals' or @operation='not equal')) or (@datatype='boolean' and (not(@operation) or @operation='equals' or @operation='not equal')) or (@datatype='evr_string' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='fileset_revision' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='float' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='ios_version' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='int' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='bitwise and' or @operation='bitwise or')) or (@datatype='string' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match')) or (@datatype='version' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')))"><sch:value-of select="../@id"/> - the supplied operation attribute for the <sch:value-of select="name()"/> entity is not valid given a datatype of '<sch:value-of select="@datatype"/>'</sch:assert>
- <sch:assert test="not(@var_ref) or .=''"><sch:value-of select="../@id"/> - a var-ref has been supplied for the <sch:value-of select="name()"/> entity so no value should be provided</sch:assert>
- <sch:assert test="if (@var_ref) then (if (@datatype) then (@datatype=/oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype) else ('string' = /oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype)) else (1=1)"><sch:value-of select="$var_ref"/> - inconsistent datatype between the variable and an associated var_ref</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType">
- <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string"/>
- <xsd:attribute name="operation" type="oval:OperationEnumeration" use="optional" default="equals"/>
- <xsd:attribute name="mask" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="optional"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectBaseType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The EntityObjectBaseType complex type is an abstract type that extends the EntityBaseType and is used by the entities within an OVAL Objects.</xsd:documentation>
- <xsd:documentation>If the entity uses a var_ref and the associated variable defines more than one values, the optional var_check attribute defines how the data collection should proceed. For example, if an object entity 'filename' with an operation of 'does not equal' references a variable that returns five different values, and the var_check attribute has a value of 'all', then an actual file on the system matches only if the actual filename does not equal any of the variable values. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="oval-def:EntityBaseType">
- <xsd:attribute name="var_check" type="oval:CheckEnumeration" use="optional" default="all"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectAnyType">
- <xsd:annotation>
- <xsd:documentation>The EntityObjectAnyType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes any simple data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="oval-def:EntityObjectBaseType"/>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectBinaryType">
- <xsd:annotation>
- <xsd:documentation>The EntityBinaryType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityObjectBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectBoolType">
- <xsd:annotation>
- <xsd:documentation>The EntityBoolType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityObjectBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectFloatType">
- <xsd:annotation>
- <xsd:documentation>The EntityObjectFloatType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityObjectBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectIntType">
- <xsd:annotation>
- <xsd:documentation>The EntityIntType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityObjectBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityObjectStringType">
- <xsd:annotation>
- <xsd:documentation>The EntityStringType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple string data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityObjectBaseType">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateBaseType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The EntityStateBaseType complex type is an abstract type that extends the EntityBaseType and is used by the entities withing an OVAL State.</xsd:documentation>
- <xsd:documentation>The optional entity_check attribute specifies how to handle entities with multiple instances in the system characteristics file. For example, if an OVAL Object has multiple values associated with it and the OVAL State defines the value entity as 'less than 3', the entity_check attribute determines if all values must be less than 3, or at least one value must be less than 3, etc.</xsd:documentation>
- <xsd:documentation>If the state entity uses a var_ref and the associated variable defines more than one value, the optional var_check attribute defines how the evaluation should proceed. For example, if an entity 'size' with an operation of 'less than' references a variable that returns five different integers, and the var_check attribute has a value of 'all', then the 'size' entity returns true only if the actual size is less than each of the five integers defined by the variable. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="oval-def:EntityBaseType">
- <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
- <xsd:attribute name="var_check" type="oval:CheckEnumeration" use="optional" default="all"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateAnyType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateAnyType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes any simple data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="oval-def:EntityStateBaseType"/>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateBinaryType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateBinaryType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityStateBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateBoolType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateBoolType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityStateBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateFloatType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateFloatType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityStateBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateIntType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateIntType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityStateBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityStateStringType">
- <xsd:annotation>
- <xsd:documentation>The EntityStateStringType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple string data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-def:EntityStateBaseType">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="COMPLEMENT">
+ <xsd:annotation>
+ <xsd:documentation>The complement operator is defined in OVAL as a relative complement. The resulting set contains everything that belongs to the first declared set that is not part of the second declared set. If A and B are sets (with A being the first declared set), then the relative complement is the set of elements in A, but not in B.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="INTERSECTION">
+ <xsd:annotation>
+ <xsd:documentation>The intersection of two sets in OVAL results in a set that contains everything that belongs both sets in the collection, but nothing else. If A and B are sets, then the intersection of A and B contains all the elements of A that also belong to B, but no other elements.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="UNION">
+ <xsd:annotation>
+ <xsd:documentation>The union of two sets in OVAL results in a set that contains everything that belongs to either of the original sets. If A and B are sets, then the union of A and B contains all the elements of A and all elements of B, with the duplicates removed.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!-- =============================================================================== -->
+ <!-- =============================== ENTITY TYPES ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="EntityBaseType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The EntityBaseType complex type is an abstract type that defines the default attributes associated with every entity. Entities can be found in both OVAL Objects and OVAL States and represent the individual properties associated with items found on a system. An example of a single entity would be the path of a file. Another example would be the version of the file.</xsd:documentation>
+ <xsd:documentation>The optional datatype attribute specifies how the given operation should be applied to the data. Since we are dealing with XML everything is technically passed as string, but often the entity value is meant to represent some other datatype and this affects that way an operation is performed. An example is with the statement 'is 123 less than 98'. If the data is treated as integers the answer is no, but if the data is treated as strings, then the answer is yes. Specifying a datatype details how the less than operation should be performed. Another way of thinking of things is that the datatype attribute specifies how the data should be cast before performing the operation. (note that the default datatype is 'string') In the previous example, if the datatype is set to int, then '123' and '98' should be cast as integers. Another example is applying the 'equal' operation to '1.0.0.0' and '1.0'. With datatype 'string' they are not equal, with datatype 'version' they are. Note that there are certain cases where a cast from one datatype to another is not possible. If a cast can not be made, (trying to cast 'abc' to an integer) then an error should be thrown. For example, if the datatype is set to 'integer' and the value of the entity is empty. There is no way to cast the empty string (or NULL) to an integer, and in cases like this an error should be reported.</xsd:documentation>
+ <xsd:documentation>The optional operation determines how the individual entities should be evaluated. (the default operator is 'equals') Both of these attributes are optional in order to keep the XML clean and readable. The default values are used most of the time and putting datatype="string" and operator="equals" for each element would muddy up the XML.</xsd:documentation>
+ <xsd:documentation>The optional mask attribute can be used in situations where information is need for evaluation, but this information should not be disclosed in the results file. (maybe due to sensitivity concerns) If the mask attribute is set to 'true', then the value of this field, along with the operation used, should not appear in the results file. Note that this value would appear in the copy of the system characteristics contained in the results file. In this case the results file should make use of the corresponding mask attribute in the system characteristics schema should be set to true and the value should be omitted. In addition to the value being omitted from the copy of the system characteristics file, the copy of the definition file should also omit the value and operation used for testing.</xsd:documentation>
+ <xsd:documentation>The optional var_ref attribute refers the value of the entity to a variable element. When supplied, the value(s) associated with the OVAL Variable should be used as the value(s) of the entity. If there is an error computing the value of the variable, then that error should be passed up to the entity referencing it. If the variable being referenced does not have a value (for example, if the variable pertains to the size of a file, but the file does not exist) then one of two results are possible. If the entity is part of an object declaration, then the object is considered to not exist. If the entity is part of a state declaration, then the state comparison should result in an error.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="definition_entity_rules">
+ <sch:rule context="oval-def:objects/*/*[@var_ref]|oval-def:states/*/*[@var_ref]">
+ <sch:let name="var_ref" value="@var_ref"/>
+ <sch:assert test=".=''"><sch:value-of select="../@id"/> - a var-ref has been supplied for the <sch:value-of select="name()"/> entity so no value should be provided</sch:assert>
+ <sch:assert test="( (not(@datatype)) and ('string' = //oval-def:variables/*[@id=$var_ref]/@datatype) ) or (@datatype = //oval-def:variables/*[@id=$var_ref]/@datatype)"><sch:value-of select="$var_ref"/> - inconsistent datatype between the variable and an associated var_ref</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[not(@datatype)]|oval-def:states/*/*[not(@datatype)]">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given the lack of a declared datatype (hence a default datatype of string).</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='binary']|oval-def:states/*/*[@datatype='binary']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>
+ <!--<sch:assert test="matches(., '^[0-9a-fA-F]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>-->
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='boolean']|oval-def:states/*/*[@datatype='boolean']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>
+ <!--<sch:assert test="matches(., '^true$|^false$|^1$|^0$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>-->
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='evr_string']|oval-def:states/*/*[@datatype='evr_string']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>
+ <!--<sch:assert test="matches(., '^[^:\-]*:[^:\-]*-[^:\-]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>-->
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='fileset_revision']|oval-def:states/*/*[@datatype='fileset_revision']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of fileset_revision.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='float']|oval-def:states/*/*[@datatype='float']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>
+ <!--<sch:assert test="matches(., '^[+\-]?[0-9]+([\.][0-9]+)?([eE][+\-]?[0-9]+)?$|^NaN$|^INF$|^\-INF$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>-->
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='ios_version']|oval-def:states/*/*[@datatype='ios_version']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of ios_version.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='int']|oval-def:states/*/*[@datatype='int']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='bitwise and' or @operation='bitwise or'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>
+ <!--<sch:assert test="matches(., '^[+\-]?[0-9]+$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>-->
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='string']|oval-def:states/*/*[@datatype='string']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of string.</sch:assert>
+ </sch:rule>
+ <sch:rule context="oval-def:objects/*/*[@datatype='version']|oval-def:states/*/*[@datatype='version']">
+ <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of version.</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string"/>
+ <xsd:attribute name="operation" type="oval:OperationEnumeration" use="optional" default="equals"/>
+ <xsd:attribute name="mask" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectBaseType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The EntityObjectBaseType complex type is an abstract type that extends the EntityBaseType and is used by the entities within an OVAL Objects.</xsd:documentation>
+ <xsd:documentation>If the entity uses a var_ref and the associated variable defines more than one values, the optional var_check attribute defines how the data collection should proceed. For example, if an object entity 'filename' with an operation of 'does not equal' references a variable that returns five different values, and the var_check attribute has a value of 'all', then an actual file on the system matches only if the actual filename does not equal any of the variable values. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="entityobjectbaserules">
+ <sch:rule context="oval-def:objects/*/*[@var_ref]">
+ <sch:assert test="@var_check"><sch:value-of select="../@id"/> - a var-ref has been supplied for the <sch:value-of select="name()"/> entity so a var_check should also be provided</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="oval-def:EntityBaseType">
+ <xsd:attribute name="var_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectAnyType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityObjectAnyType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes any simple data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="oval-def:EntityObjectBaseType"/>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectBinaryType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityBinaryType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityObjectBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectBoolType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityBoolType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityObjectBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectFloatType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityObjectFloatType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityObjectBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectIntType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityIntType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityObjectBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityObjectStringType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStringType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntityObjectBaseType. This specific type describes simple string data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityObjectBaseType">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateBaseType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateBaseType complex type is an abstract type that extends the EntityBaseType and is used by the entities withing an OVAL State.</xsd:documentation>
+ <xsd:documentation>The optional entity_check attribute specifies how to handle entities with multiple instances in the system characteristics file. For example, if an OVAL Object has multiple values associated with it and the OVAL State defines the value entity as 'less than 3', the entity_check attribute determines if all values must be less than 3, or at least one value must be less than 3, etc.</xsd:documentation>
+ <xsd:documentation>If the state entity uses a var_ref and the associated variable defines more than one value, the optional var_check attribute defines how the evaluation should proceed. For example, if an entity 'size' with an operation of 'less than' references a variable that returns five different integers, and the var_check attribute has a value of 'all', then the 'size' entity returns true only if the actual size is less than each of the five integers defined by the variable. If a variable does not return any value, then an error should be thrown during OVAL analysis.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="entitystatebaserules">
+ <sch:rule context="oval-def:states/*/*[@var_ref]">
+ <!--<sch:assert test="if (@var_ref) then (@var_check) else (1=1)"><sch:value-of select="../@id"/> - a var-ref has been supplied for the <sch:value-of select="name()"/> entity so a var_check should also be provided</sch:assert>-->
+ <sch:assert test="@var_check"><sch:value-of select="../@id"/> - a var-ref has been supplied for the <sch:value-of select="name()"/> entity so a var_check should also be provided</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="oval-def:EntityBaseType">
+ <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+ <xsd:attribute name="var_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateAnyType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateAnyType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes any simple data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="oval-def:EntityStateBaseType"/>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateBinaryType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateBinaryType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityStateBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateBoolType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateBoolType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityStateBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateFloatType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateFloatType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityStateBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateIntType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateIntType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityStateBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityStateStringType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityStateStringType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateBaseType. This specific type describes simple string data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-def:EntityStateBaseType">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
</xsd:schema>
Modified: trunk/ovaldi/xml/oval-definitions-schematron.xsl
===================================================================
--- trunk/ovaldi/xml/oval-definitions-schematron.xsl 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-definitions-schematron.xsl 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,41 +1,41 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<xsl:stylesheet xmlns:xsd="http://www.w3.org/2001/XMLSchema"
- xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:sch="http://www.ascc.net/xml/schematron"
- xmlns:iso="http://purl.oclc.org/dsdl/schematron"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
- xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
- xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"
- xmlns:aix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix"
- xmlns:apache-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"
- xmlns:catos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos"
- xmlns:esx-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx"
- xmlns:freebsd-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"
- xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"
- xmlns:ios-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios"
- xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"
- xmlns:macos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos"
- xmlns:sol-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"
- xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"
- xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"
- version="2.0">
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:sch="http://www.ascc.net/xml/schematron"
+ xmlns:iso="http://purl.oclc.org/dsdl/schematron"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
+ xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
+ xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"
+ xmlns:aix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#aix"
+ xmlns:apache-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"
+ xmlns:catos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#catos"
+ xmlns:esx-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx"
+ xmlns:freebsd-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"
+ xmlns:hpux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux"
+ xmlns:ios-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#ios"
+ xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"
+ xmlns:macos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#macos"
+ xmlns:pix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#pix"
+ xmlns:sol-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"
+ xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"
+ xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" version="1.0">
-<!--PHASES-->
+ <!--PHASES-->
-<!--PROLOG-->
+ <!--PROLOG-->
-<!--KEYS-->
+ <!--KEYS-->
-<!--DEFAULT RULES-->
+ <!--DEFAULT RULES-->
-<!--MODE: SCHEMATRON-FULL-PATH-->
-<xsl:template match="*|@*" mode="schematron-get-full-path">
+ <!--MODE: SCHEMATRON-FULL-PATH-->
+
+ <xsl:template match="*|@*" mode="schematron-get-full-path">
<xsl:apply-templates select="parent::*" mode="schematron-get-full-path"/>
<xsl:text>/</xsl:text>
<xsl:choose>
@@ -50,8 +50,7 @@
<xsl:text>']</xsl:text>
</xsl:otherwise>
</xsl:choose>
- <xsl:variable name="preceding"
- select="count(preceding-sibling::*[local-name()=local-name(current()) and namespace-uri() = namespace-uri(current())])"/>
+ <xsl:variable name="preceding" select="count(preceding-sibling::*[local-name()=local-name(current()) and namespace-uri() = namespace-uri(current())])"/>
<xsl:text>[</xsl:text>
<xsl:value-of select="1+ $preceding"/>
<xsl:text>]</xsl:text>
@@ -60,7 +59,8 @@
<xsl:apply-templates select="parent::*" mode="schematron-get-full-path"/>@*[local-name()='schema' and namespace-uri()='http://purl.oclc.org/dsdl/schematron']</xsl:template>
<!--MODE: GENERATE-ID-FROM-PATH -->
-<xsl:template match="/" mode="generate-id-from-path"/>
+
+ <xsl:template match="/" mode="generate-id-from-path"/>
<xsl:template match="text()" mode="generate-id-from-path">
<xsl:apply-templates select="parent::*" mode="generate-id-from-path"/>
<xsl:value-of select="concat('.text-', 1+count(preceding-sibling::text()), '-')"/>
@@ -89,11 +89,12 @@
</xsl:otherwise>
</xsl:choose>
</xsl:template>
- <!--Strip characters--><xsl:template match="text()" priority="-1"/>
+ <!--Strip characters-->
+ <xsl:template match="text()" priority="-1"/>
<!--SCHEMA METADATA-->
-<xsl:template match="/">
- <xsl:apply-templates select="/" mode="M17"/>
+
+ <xsl:template match="/">
<xsl:apply-templates select="/" mode="M18"/>
<xsl:apply-templates select="/" mode="M19"/>
<xsl:apply-templates select="/" mode="M20"/>
@@ -988,147 +989,168 @@
<xsl:apply-templates select="/" mode="M909"/>
<xsl:apply-templates select="/" mode="M910"/>
<xsl:apply-templates select="/" mode="M911"/>
+ <xsl:apply-templates select="/" mode="M912"/>
+ <xsl:apply-templates select="/" mode="M913"/>
+ <xsl:apply-templates select="/" mode="M914"/>
+ <xsl:apply-templates select="/" mode="M915"/>
+ <xsl:apply-templates select="/" mode="M916"/>
+ <xsl:apply-templates select="/" mode="M917"/>
+ <xsl:apply-templates select="/" mode="M918"/>
+ <xsl:apply-templates select="/" mode="M919"/>
+ <xsl:apply-templates select="/" mode="M920"/>
+ <xsl:apply-templates select="/" mode="M921"/>
+ <xsl:apply-templates select="/" mode="M922"/>
+ <xsl:apply-templates select="/" mode="M923"/>
+ <xsl:apply-templates select="/" mode="M924"/>
+ <xsl:apply-templates select="/" mode="M925"/>
+ <xsl:apply-templates select="/" mode="M926"/>
+ <xsl:apply-templates select="/" mode="M927"/>
+ <xsl:apply-templates select="/" mode="M928"/>
+ <xsl:apply-templates select="/" mode="M929"/>
+ <xsl:apply-templates select="/" mode="M930"/>
+ <xsl:apply-templates select="/" mode="M931"/>
+ <xsl:apply-templates select="/" mode="M932"/>
+ <xsl:apply-templates select="/" mode="M933"/>
+ <xsl:apply-templates select="/" mode="M934"/>
+ <xsl:apply-templates select="/" mode="M935"/>
+ <xsl:apply-templates select="/" mode="M936"/>
+ <xsl:apply-templates select="/" mode="M937"/>
+ <xsl:apply-templates select="/" mode="M938"/>
+ <xsl:apply-templates select="/" mode="M939"/>
+ <xsl:apply-templates select="/" mode="M940"/>
+ <xsl:apply-templates select="/" mode="M941"/>
+ <xsl:apply-templates select="/" mode="M942"/>
+ <xsl:apply-templates select="/" mode="M943"/>
+ <xsl:apply-templates select="/" mode="M944"/>
+ <xsl:apply-templates select="/" mode="M945"/>
+ <xsl:apply-templates select="/" mode="M946"/>
+ <xsl:apply-templates select="/" mode="M947"/>
+ <xsl:apply-templates select="/" mode="M948"/>
+ <xsl:apply-templates select="/" mode="M949"/>
+ <xsl:apply-templates select="/" mode="M950"/>
+ <xsl:apply-templates select="/" mode="M951"/>
</xsl:template>
<!--SCHEMATRON PATTERNS-->
-<!--PATTERN empty_def_doc-->
+ <!--PATTERN empty_def_doc-->
- <!--RULE -->
-<xsl:template match="oval-def:oval_definitions" priority="4000" mode="M17">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:oval_definitions" priority="4000" mode="M18">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="oval-def:definitions or oval-def:tests or oval-def:objects or oval-def:states or oval-def:variables"/>
<xsl:otherwise>A valid OVAL Definition document must contain at least one definitions, tests, objects, states, or variables element. The optional definitions, tests, objects, states, and variables sections define the specific characteristics that should be evaluated on a system to determine the truth values of the OVAL Definition Document. To be valid though, at least one definitions, tests, objects, states, or variables element must be present.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M17"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M18"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M17"/>
- <xsl:template match="@*|node()" priority="-2" mode="M17">
- <xsl:apply-templates select="@*|node()" mode="M17"/>
+ <xsl:template match="text()" priority="-1" mode="M18"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M18">
+ <xsl:apply-templates select="@*|node()" mode="M18"/>
</xsl:template>
<!--PATTERN required_criteria-->
- <!--RULE -->
-<xsl:template match="/oval-def:oval_definitions/oval-def:definitions/oval-def:definition[@deprecated='false' or not(@deprecated)]"
- priority="4000"
- mode="M18">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="/oval-def:oval_definitions/oval-def:definitions/oval-def:definition[@deprecated='false' or not(@deprecated)]" priority="4000" mode="M19">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="oval-def:criteria"/>
<xsl:otherwise>A valid OVAL Definition document must contain a criteria unless the definition is a deprecated definition.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M18"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M19"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M18"/>
- <xsl:template match="@*|node()" priority="-2" mode="M18">
- <xsl:apply-templates select="@*|node()" mode="M18"/>
+ <xsl:template match="text()" priority="-1" mode="M19"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M19">
+ <xsl:apply-templates select="@*|node()" mode="M19"/>
</xsl:template>
<!--PATTERN test_type-->
- <!--RULE -->
-<xsl:template match="/oval-def:oval_definitions/oval-def:tests/*[@check_existence='none_exist']"
- priority="4000"
- mode="M19">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="/oval-def:oval_definitions/oval-def:tests/*[@check_existence='none_exist']" priority="4000" mode="M20">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(*[name()='state'])"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="@id"/>
<xsl:text/> - No state should be referenced when check_existence has a value of 'none_exist'.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M19"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M20"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M19"/>
- <xsl:template match="@*|node()" priority="-2" mode="M19">
- <xsl:apply-templates select="@*|node()" mode="M19"/>
+ <xsl:template match="text()" priority="-1" mode="M20"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M20">
+ <xsl:apply-templates select="@*|node()" mode="M20"/>
</xsl:template>
<!--PATTERN setobjref-->
- <!--RULE -->
-<xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:object_reference"
- priority="4000"
- mode="M20">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:object_reference" priority="4000" mode="M21">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="name(./../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../../@id"/>
<xsl:text/> - Each object referenced by the set must be of the same type as parent object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M20"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M21"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:object_reference"
- priority="3999"
- mode="M20">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:object_reference" priority="3999" mode="M21">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="name(./../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../../../@id"/>
<xsl:text/> - Each object referenced by the set must be of the same type as parent object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M20"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M21"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:set/oval-def:object_reference"
- priority="3998"
- mode="M20">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="/oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:set/oval-def:object_reference" priority="3998" mode="M21">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="name(./../../../..) = name(/oval-def:oval_definitions/oval-def:objects/*[@id=current()])"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../../../../@id"/>
<xsl:text/> - Each object referenced by the set must be of the same type as parent object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M20"/>
- </xsl:template>
- <xsl:template match="text()" priority="-1" mode="M20"/>
- <xsl:template match="@*|node()" priority="-2" mode="M20">
- <xsl:apply-templates select="@*|node()" mode="M20"/>
- </xsl:template>
-
- <!--PATTERN value-->
-
-
- <!--RULE -->
-<xsl:template match="oval-def:constant_variable/oval-def:value" priority="4000" mode="M21">
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test=".!=''"/>
- <xsl:otherwise>The value element of the constant_variable <xsl:text/>
- <xsl:value-of select="../../@id"/>
- <xsl:text/> can not be empty.<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M21"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M21"/>
@@ -1136,16 +1158,18 @@
<xsl:apply-templates select="@*|node()" mode="M21"/>
</xsl:template>
- <!--PATTERN literal_component-->
+ <!--PATTERN value-->
- <!--RULE -->
-<xsl:template match="oval-def:literal_component" priority="4000" mode="M22">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:constant_variable/oval-def:value" priority="4000" mode="M22">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test=".!=''"/>
- <xsl:otherwise>The literal_component of variable <xsl:text/>
+ <xsl:otherwise>The value element of the constant_variable <xsl:text/>
<xsl:value-of select="../../@id"/>
<xsl:text/> can not be empty.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
@@ -1157,16 +1181,18 @@
<xsl:apply-templates select="@*|node()" mode="M22"/>
</xsl:template>
- <!--PATTERN item_field-->
+ <!--PATTERN literal_component-->
- <!--RULE -->
-<xsl:template match="oval-def:object_component" priority="4000" mode="M23">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@item_field!=''"/>
- <xsl:otherwise>The item_field attribute of an object_component of variable <xsl:text/>
+ <xsl:template match="oval-def:literal_component" priority="4000" mode="M23">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test=".!=''"/>
+ <xsl:otherwise>The literal_component of variable <xsl:text/>
<xsl:value-of select="../../@id"/>
<xsl:text/> can not be empty.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
@@ -1178,46 +1204,20 @@
<xsl:apply-templates select="@*|node()" mode="M23"/>
</xsl:template>
- <!--PATTERN entityrules-->
+ <!--PATTERN item_field-->
- <!--RULE -->
-<xsl:template match="oval-def:objects/*/*|oval-def:states/*/*" priority="4000" mode="M24">
- <xsl:variable name="var_ref" select="@var_ref"/>
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="((not(@datatype) and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match')) or (@datatype='binary' and (not(@operation) or @operation='equals' or @operation='not equal')) or (@datatype='boolean' and (not(@operation) or @operation='equals' or @operation='not equal')) or (@datatype='evr_string' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='fileset_revision' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='float' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='ios_version' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')) or (@datatype='int' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='bitwise and' or @operation='bitwise or')) or (@datatype='string' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match')) or (@datatype='version' and (not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal')))"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the supplied operation attribute for the <xsl:text/>
- <xsl:value-of select="name()"/>
- <xsl:text/> entity is not valid given a datatype of '<xsl:text/>
- <xsl:value-of select="@datatype"/>
- <xsl:text/>'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="oval-def:object_component" priority="4000" mode="M24">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@var_ref) or .=''"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - a var-ref has been supplied for the <xsl:text/>
- <xsl:value-of select="name()"/>
- <xsl:text/> entity so no value should be provided<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (@var_ref) then (if (@datatype) then (@datatype=/oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype) else ('string' = /oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype)) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="$var_ref"/>
- <xsl:text/> - inconsistent datatype between the variable and an associated var_ref<xsl:value-of select="string('
')"/>
+ <xsl:choose>
+ <xsl:when test="@item_field!=''"/>
+ <xsl:otherwise>The item_field attribute of an object_component of variable <xsl:text/>
+ <xsl:value-of select="../../@id"/>
+ <xsl:text/> can not be empty.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M24"/>
@@ -1227,34 +1227,33 @@
<xsl:apply-templates select="@*|node()" mode="M24"/>
</xsl:template>
- <!--PATTERN famtst-->
+ <!--PATTERN arithmeticfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:family_test/ind-def:object" priority="4000" mode="M25">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:family_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a family_test must reference a family_object<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:arithmetic/oval-def:literal_component" priority="4000" mode="M25">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='float' or @datatype='int'"/>
+ <xsl:otherwise>A literal_component used by an arithmetic function must have a datatype of float or int.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M25"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:family_test/ind-def:state" priority="3999" mode="M25">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:family_state/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a family_test must reference a family_state<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:arithmetic/oval-def:variable_component" priority="3999" mode="M25">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype='float' or //oval-def:variables/*[@id=$var_ref]/@datatype='int'"/>
+ <xsl:otherwise>The variable referenced by the arithmetic function must have a datatype of int.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M25"/>
@@ -1264,56 +1263,69 @@
<xsl:apply-templates select="@*|node()" mode="M25"/>
</xsl:template>
- <!--PATTERN famstefamily-->
+ <!--PATTERN beginfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:family_state/ind-def:family" priority="4000" mode="M26">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:begin/oval-def:literal_component" priority="4000" mode="M26">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the family entity of a family_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:otherwise>A literal_component used by the begin function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M26"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:begin/oval-def:variable_component" priority="3999" mode="M26">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the begin function must have a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M26"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M26"/>
<xsl:template match="@*|node()" priority="-2" mode="M26">
<xsl:apply-templates select="@*|node()" mode="M26"/>
</xsl:template>
- <!--PATTERN md5tst-->
+ <!--PATTERN concatfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_test/ind-def:object" priority="4000" mode="M27">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:filemd5_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a filemd5_test must reference a filemd5_object<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:concat/oval-def:literal_component" priority="4000" mode="M27">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>A literal_component used by the concat function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M27"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_test/ind-def:state" priority="3999" mode="M27">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:filemd5_state/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a filemd5_test must reference a filemd5_state<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:concat/oval-def:variable_component" priority="3999" mode="M27">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the concat function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M27"/>
@@ -1323,144 +1335,213 @@
<xsl:apply-templates select="@*|node()" mode="M27"/>
</xsl:template>
- <!--PATTERN md5objpath-->
+ <!--PATTERN endfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_object/ind-def:path" priority="4000" mode="M28">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:end/oval-def:literal_component" priority="4000" mode="M28">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a filemd5_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:otherwise>A literal_component used by the end function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M28"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:end/oval-def:variable_component" priority="3999" mode="M28">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the end function must have a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M28"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M28"/>
<xsl:template match="@*|node()" priority="-2" mode="M28">
<xsl:apply-templates select="@*|node()" mode="M28"/>
</xsl:template>
- <!--PATTERN md5objfilename-->
+ <!--PATTERN escaperegexfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_object/ind-def:filename" priority="4000" mode="M29">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:escape_regex/oval-def:literal_component" priority="4000" mode="M29">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a filemd5_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:otherwise>A literal_component used by the escape_regex function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M29"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:escape_regex/oval-def:variable_component" priority="3999" mode="M29">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the escape_regex function must have a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M29"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M29"/>
<xsl:template match="@*|node()" priority="-2" mode="M29">
<xsl:apply-templates select="@*|node()" mode="M29"/>
</xsl:template>
- <!--PATTERN md5stepath-->
+ <!--PATTERN splitfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_state/ind-def:path" priority="4000" mode="M30">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:split/oval-def:literal_component" priority="4000" mode="M30">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:otherwise>A literal_component used by the split function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M30"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:split/oval-def:variable_component" priority="3999" mode="M30">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the split function must have a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M30"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M30"/>
<xsl:template match="@*|node()" priority="-2" mode="M30">
<xsl:apply-templates select="@*|node()" mode="M30"/>
</xsl:template>
- <!--PATTERN md5stefilename-->
+ <!--PATTERN substringfunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_state/ind-def:filename" priority="4000" mode="M31">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="oval-def:substring/oval-def:literal_component" priority="4000" mode="M31">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:otherwise>A literal_component used by the substring function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M31"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:substring/oval-def:variable_component" priority="3999" mode="M31">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the substring function must have a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M31"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M31"/>
<xsl:template match="@*|node()" priority="-2" mode="M31">
<xsl:apply-templates select="@*|node()" mode="M31"/>
</xsl:template>
- <!--PATTERN md5stemd5-->
+ <!--PATTERN timedifferencefunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filemd5_state/ind-def:md5" priority="4000" mode="M32">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the md5 entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:time_difference/oval-def:literal_component" priority="4000" mode="M32">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string' or @datatype='int'"/>
+ <xsl:otherwise>A literal_component used by the time_difference function must have a datatype of string or int.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M32"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:time_difference/oval-def:variable_component" priority="3999" mode="M32">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype='string' or //oval-def:variables/*[@id=$var_ref]/@datatype='int'"/>
+ <xsl:otherwise>The variable referenced by the time_difference function must have a datatype of string or int.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M32"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M32"/>
<xsl:template match="@*|node()" priority="-2" mode="M32">
<xsl:apply-templates select="@*|node()" mode="M32"/>
</xsl:template>
- <!--PATTERN hashtst-->
+ <!--PATTERN regexcapturefunctionrules-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_test/ind-def:object" priority="4000" mode="M33">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:filehash_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a filehash_test must reference a filesha1_object<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:regex_capture/oval-def:literal_component" priority="4000" mode="M33">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>A literal_component used by the regex_capture function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M33"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:filehash_test/ind-def:state" priority="3999" mode="M33">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:filehash_state/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a filehash_test must reference a filesha1_state<xsl:value-of select="string('
')"/>
+ <xsl:template match="oval-def:regex_capture/oval-def:variable_component" priority="3999" mode="M33">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="//oval-def:variables/*[@id=$var_ref]/@datatype = 'string'"/>
+ <xsl:otherwise>The variable referenced by the regex_capture function must have a datatype of string.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M33"/>
@@ -1470,41 +1551,271 @@
<xsl:apply-templates select="@*|node()" mode="M33"/>
</xsl:template>
- <!--PATTERN hashobjpath-->
+ <!--PATTERN definition_entity_rules-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_object/ind-def:path" priority="4000" mode="M34">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="oval-def:objects/*/*[@var_ref]|oval-def:states/*/*[@var_ref]" priority="4000" mode="M34">
+ <xsl:variable name="var_ref" select="@var_ref"/>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test=".=''"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a filehash_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - a var-ref has been supplied for the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity so no value should be provided<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="( (not(@datatype)) and ('string' = //oval-def:variables/*[@id=$var_ref]/@datatype) ) or (@datatype = //oval-def:variables/*[@id=$var_ref]/@datatype)"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="$var_ref"/>
+ <xsl:text/> - inconsistent datatype between the variable and an associated var_ref<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[not(@datatype)]|oval-def:states/*/*[not(@datatype)]" priority="3999" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given the lack of a declared datatype (hence a default datatype of string).<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='binary']|oval-def:states/*/*[@datatype='binary']" priority="3998" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of binary.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='boolean']|oval-def:states/*/*[@datatype='boolean']" priority="3997" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of boolean.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='evr_string']|oval-def:states/*/*[@datatype='evr_string']" priority="3996" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of evr_string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='fileset_revision']|oval-def:states/*/*[@datatype='fileset_revision']" priority="3995" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of fileset_revision.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='float']|oval-def:states/*/*[@datatype='float']" priority="3994" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of float.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='ios_version']|oval-def:states/*/*[@datatype='ios_version']" priority="3993" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of ios_version.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='int']|oval-def:states/*/*[@datatype='int']" priority="3992" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='bitwise and' or @operation='bitwise or'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of int.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='string']|oval-def:states/*/*[@datatype='string']" priority="3991" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of string.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="oval-def:objects/*/*[@datatype='version']|oval-def:states/*/*[@datatype='version']" priority="3990" mode="M34">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The use of '<xsl:text/>
+ <xsl:value-of select="@operation"/>
+ <xsl:text/>' for the operation attribute of the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity is not valid given a datatype of version.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M34"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M34"/>
<xsl:template match="@*|node()" priority="-2" mode="M34">
<xsl:apply-templates select="@*|node()" mode="M34"/>
</xsl:template>
- <!--PATTERN hashobjfilename-->
+ <!--PATTERN entityobjectbaserules-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_object/ind-def:filename" priority="4000" mode="M35">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="oval-def:objects/*/*[@var_ref]" priority="4000" mode="M35">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@var_check"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a filehash_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - a var-ref has been supplied for the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity so a var_check should also be provided<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M35"/>
@@ -1514,19 +1825,23 @@
<xsl:apply-templates select="@*|node()" mode="M35"/>
</xsl:template>
- <!--PATTERN hashstepath-->
+ <!--PATTERN entitystatebaserules-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_state/ind-def:path" priority="4000" mode="M36">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="oval-def:states/*/*[@var_ref]" priority="4000" mode="M36">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@var_check"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - a var-ref has been supplied for the <xsl:text/>
+ <xsl:value-of select="name()"/>
+ <xsl:text/> entity so a var_check should also be provided<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M36"/>
@@ -1536,41 +1851,62 @@
<xsl:apply-templates select="@*|node()" mode="M36"/>
</xsl:template>
- <!--PATTERN hashstefilename-->
+ <!--PATTERN famtst-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_state/ind-def:filename" priority="4000" mode="M37">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:family_test/ind-def:object" priority="4000" mode="M37">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:family_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a family_test must reference a family_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M37"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:family_test/ind-def:state" priority="3999" mode="M37">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:family_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a family_test must reference a family_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M37"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M37"/>
<xsl:template match="@*|node()" priority="-2" mode="M37">
<xsl:apply-templates select="@*|node()" mode="M37"/>
</xsl:template>
- <!--PATTERN hashstemd5-->
+ <!--PATTERN famstefamily-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_state/ind-def:md5" priority="4000" mode="M38">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:family_state/ind-def:family" priority="4000" mode="M38">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the md5 entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the family entity of a family_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M38"/>
@@ -1580,58 +1916,62 @@
<xsl:apply-templates select="@*|node()" mode="M38"/>
</xsl:template>
- <!--PATTERN hashstesha1-->
+ <!--PATTERN md5tst-->
- <!--RULE -->
-<xsl:template match="ind-def:filehash_state/ind-def:sha1" priority="4000" mode="M39">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:filemd5_test/ind-def:object" priority="4000" mode="M39">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:filemd5_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sha1 entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a filemd5_test must reference a filemd5_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M39"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M39"/>
- <xsl:template match="@*|node()" priority="-2" mode="M39">
- <xsl:apply-templates select="@*|node()" mode="M39"/>
- </xsl:template>
- <!--PATTERN envtst-->
+ <!--RULE -->
+ <xsl:template match="ind-def:filemd5_test/ind-def:state" priority="3999" mode="M39">
- <!--RULE -->
-<xsl:template match="ind-def:environmentvariable_test/ind-def:object" priority="4000"
- mode="M40">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:environmentvariable_object/@id"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:filemd5_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an environmentvariable_test must reference a environmentvariable_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a filemd5_test must reference a filemd5_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M40"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M39"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M39"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M39">
+ <xsl:apply-templates select="@*|node()" mode="M39"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:environmentvariable_test/ind-def:state" priority="3999"
- mode="M40">
+ <!--PATTERN md5objpath-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:environmentvariable_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:filemd5_object/ind-def:path" priority="4000" mode="M40">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an environmentvariable_test must reference a environmentvariable_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a filemd5_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M40"/>
@@ -1641,20 +1981,21 @@
<xsl:apply-templates select="@*|node()" mode="M40"/>
</xsl:template>
- <!--PATTERN envobjname-->
+ <!--PATTERN md5objfilename-->
- <!--RULE -->
-<xsl:template match="ind-def:environmentvariable_object/ind-def:name" priority="4000"
- mode="M41">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filemd5_object/ind-def:filename" priority="4000" mode="M41">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an environmentvariable_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a filemd5_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M41"/>
@@ -1664,20 +2005,21 @@
<xsl:apply-templates select="@*|node()" mode="M41"/>
</xsl:template>
- <!--PATTERN envstename-->
+ <!--PATTERN md5stepath-->
- <!--RULE -->
-<xsl:template match="ind-def:environmentvariable_state/ind-def:name" priority="4000"
- mode="M42">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filemd5_state/ind-def:path" priority="4000" mode="M42">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an environmentvariable_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M42"/>
@@ -1687,20 +2029,21 @@
<xsl:apply-templates select="@*|node()" mode="M42"/>
</xsl:template>
- <!--PATTERN envstevalue-->
+ <!--PATTERN md5stefilename-->
- <!--RULE -->
-<xsl:template match="ind-def:environmentvariable_state/ind-def:value" priority="4000"
- mode="M43">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="ind-def:filemd5_state/ind-def:filename" priority="4000" mode="M43">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M43"/>
@@ -1710,56 +2053,62 @@
<xsl:apply-templates select="@*|node()" mode="M43"/>
</xsl:template>
- <!--PATTERN sqltst-->
+ <!--PATTERN md5stemd5-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_test/ind-def:object" priority="4000" mode="M44">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:sql_object/@id"/>
+ <xsl:template match="ind-def:filemd5_state/ind-def:md5" priority="4000" mode="M44">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a sql_test must reference a sql_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the md5 entity of a filemd5_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M44"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M44"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M44">
+ <xsl:apply-templates select="@*|node()" mode="M44"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:sql_test/ind-def:state" priority="3999" mode="M44">
+ <!--PATTERN hashtst-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:sql_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:filehash_test/ind-def:object" priority="4000" mode="M45">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:filehash_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a sql_test must reference a sql_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a filehash_test must reference a filesha1_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M44"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M45"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M44"/>
- <xsl:template match="@*|node()" priority="-2" mode="M44">
- <xsl:apply-templates select="@*|node()" mode="M44"/>
- </xsl:template>
- <!--PATTERN sqlobjdengine-->
+ <!--RULE -->
+ <xsl:template match="ind-def:filehash_test/ind-def:state" priority="3999" mode="M45">
- <!--RULE -->
-<xsl:template match="ind-def:sql_object/ind-def:engine" priority="4000" mode="M45">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:filehash_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the engine entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a filehash_test must reference a filesha1_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M45"/>
@@ -1769,19 +2118,21 @@
<xsl:apply-templates select="@*|node()" mode="M45"/>
</xsl:template>
- <!--PATTERN sqlobjversion-->
+ <!--PATTERN hashobjpath-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_object/ind-def:version" priority="4000" mode="M46">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_object/ind-def:path" priority="4000" mode="M46">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a filehash_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M46"/>
@@ -1791,19 +2142,21 @@
<xsl:apply-templates select="@*|node()" mode="M46"/>
</xsl:template>
- <!--PATTERN sqlobjconnection_string-->
+ <!--PATTERN hashobjfilename-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_object/ind-def:connection_string" priority="4000" mode="M47">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_object/ind-def:filename" priority="4000" mode="M47">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the connection_string entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a filehash_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M47"/>
@@ -1813,19 +2166,21 @@
<xsl:apply-templates select="@*|node()" mode="M47"/>
</xsl:template>
- <!--PATTERN sqlobjsql-->
+ <!--PATTERN hashstepath-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_object/ind-def:sql" priority="4000" mode="M48">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_state/ind-def:path" priority="4000" mode="M48">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sql entity of a sql_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M48"/>
@@ -1835,19 +2190,21 @@
<xsl:apply-templates select="@*|node()" mode="M48"/>
</xsl:template>
- <!--PATTERN sqlsteengine-->
+ <!--PATTERN hashstefilename-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_state/ind-def:engine" priority="4000" mode="M49">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_state/ind-def:filename" priority="4000" mode="M49">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the engine entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M49"/>
@@ -1857,19 +2214,21 @@
<xsl:apply-templates select="@*|node()" mode="M49"/>
</xsl:template>
- <!--PATTERN sqlsteversion-->
+ <!--PATTERN hashstemd5-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_state/ind-def:version" priority="4000" mode="M50">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_state/ind-def:md5" priority="4000" mode="M50">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the md5 entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M50"/>
@@ -1879,19 +2238,21 @@
<xsl:apply-templates select="@*|node()" mode="M50"/>
</xsl:template>
- <!--PATTERN sqlsteconnection_string-->
+ <!--PATTERN hashstesha1-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_state/ind-def:connection_string" priority="4000" mode="M51">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:filehash_state/ind-def:sha1" priority="4000" mode="M51">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the connection_string entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sha1 entity of a filehash_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M51"/>
@@ -1901,41 +2262,62 @@
<xsl:apply-templates select="@*|node()" mode="M51"/>
</xsl:template>
- <!--PATTERN sqlstesql-->
+ <!--PATTERN envtst-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_state/ind-def:sql" priority="4000" mode="M52">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:environmentvariable_test/ind-def:object" priority="4000" mode="M52">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:environmentvariable_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sql entity of a sql_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an environmentvariable_test must reference a environmentvariable_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M52"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:environmentvariable_test/ind-def:state" priority="3999" mode="M52">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:environmentvariable_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an environmentvariable_test must reference a environmentvariable_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M52"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M52"/>
<xsl:template match="@*|node()" priority="-2" mode="M52">
<xsl:apply-templates select="@*|node()" mode="M52"/>
</xsl:template>
- <!--PATTERN sqlsteresult-->
+ <!--PATTERN envobjname-->
- <!--RULE -->
-<xsl:template match="ind-def:sql_state/ind-def:result" priority="4000" mode="M53">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="ind-def:environmentvariable_object/ind-def:name" priority="4000" mode="M53">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an environmentvariable_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M53"/>
@@ -1945,35 +2327,21 @@
<xsl:apply-templates select="@*|node()" mode="M53"/>
</xsl:template>
- <!--PATTERN txt54tst-->
+ <!--PATTERN envstename-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_test/ind-def:object" priority="4000"
- mode="M54">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:textfilecontent54_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a textfilecontent54_test must reference a textfilecontent54_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M54"/>
- </xsl:template>
+ <xsl:template match="ind-def:environmentvariable_state/ind-def:name" priority="4000" mode="M54">
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_test/ind-def:state" priority="3999" mode="M54">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:textfilecontent54_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a textfilecontent54_test must reference a textfilecontent54_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an environmentvariable_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M54"/>
@@ -1983,20 +2351,21 @@
<xsl:apply-templates select="@*|node()" mode="M54"/>
</xsl:template>
- <!--PATTERN txt54objpath-->
+ <!--PATTERN envstevalue-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_object/ind-def:path" priority="4000"
- mode="M55">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:environmentvariable_state/ind-def:value" priority="4000" mode="M55">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M55"/>
@@ -2006,45 +2375,75 @@
<xsl:apply-templates select="@*|node()" mode="M55"/>
</xsl:template>
- <!--PATTERN txt54objfilename-->
+ <!--PATTERN sqltst-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_object/ind-def:filename" priority="4000"
- mode="M56">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:sql_test/ind-def:object" priority="4000" mode="M56">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:sql_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a sql_test must reference a sql_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M56"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:sql_test/ind-def:state" priority="3999" mode="M56">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:sql_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a sql_test must reference a sql_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M56"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M56"/>
<xsl:template match="@*|node()" priority="-2" mode="M56">
<xsl:apply-templates select="@*|node()" mode="M56"/>
</xsl:template>
- <!--PATTERN txt54objpattern-->
+ <!--PATTERN sqlobjdengine-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_object/ind-def:pattern" priority="4000"
- mode="M57">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:sql_object/ind-def:engine" priority="4000" mode="M57">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pattern entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the engine entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the engine entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M57"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M57"/>
@@ -2052,22 +2451,34 @@
<xsl:apply-templates select="@*|node()" mode="M57"/>
</xsl:template>
- <!--PATTERN txt54objinstance-->
+ <!--PATTERN sqlobjversion-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_object/ind-def:instance" priority="4000"
- mode="M58">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="ind-def:sql_object/ind-def:version" priority="4000" mode="M58">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the instance entity of a textfilecontent54_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the version entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M58"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M58"/>
@@ -2075,21 +2486,34 @@
<xsl:apply-templates select="@*|node()" mode="M58"/>
</xsl:template>
- <!--PATTERN txt54stepath-->
+ <!--PATTERN sqlobjconnection_string-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_state/ind-def:path" priority="4000" mode="M59">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:sql_object/ind-def:connection_string" priority="4000" mode="M59">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the connection_string entity of an sql_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the connection_string entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M59"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M59"/>
@@ -2097,22 +2521,34 @@
<xsl:apply-templates select="@*|node()" mode="M59"/>
</xsl:template>
- <!--PATTERN txt54stefilename-->
+ <!--PATTERN sqlobjsql-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_state/ind-def:filename" priority="4000"
- mode="M60">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:sql_object/ind-def:sql" priority="4000" mode="M60">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a textfilecontent54_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sql entity of a sql_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the sql entity of an sql_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M60"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M60"/>
@@ -2120,20 +2556,21 @@
<xsl:apply-templates select="@*|node()" mode="M60"/>
</xsl:template>
- <!--PATTERN txt54stepattern-->
+ <!--PATTERN sqlsteengine-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_state/ind-def:pattern" priority="4000"
- mode="M61">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:sql_state/ind-def:engine" priority="4000" mode="M61">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pattern entity of a textfilecontent54_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the engine entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M61"/>
@@ -2143,20 +2580,21 @@
<xsl:apply-templates select="@*|node()" mode="M61"/>
</xsl:template>
- <!--PATTERN txt54steinstance-->
+ <!--PATTERN sqlsteversion-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_state/ind-def:instance" priority="4000"
- mode="M62">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="ind-def:sql_state/ind-def:version" priority="4000" mode="M62">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the instance entity of a textfilecontent54_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M62"/>
@@ -2166,20 +2604,21 @@
<xsl:apply-templates select="@*|node()" mode="M62"/>
</xsl:template>
- <!--PATTERN txt54stesubexpression-->
+ <!--PATTERN sqlsteconnection_string-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent54_state/ind-def:subexpression" priority="4000"
- mode="M63">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="ind-def:sql_state/ind-def:connection_string" priority="4000" mode="M63">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the connection_string entity of an sql_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M63"/>
@@ -2189,34 +2628,21 @@
<xsl:apply-templates select="@*|node()" mode="M63"/>
</xsl:template>
- <!--PATTERN txttst-->
+ <!--PATTERN sqlstesql-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_test/ind-def:object" priority="4000" mode="M64">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:textfilecontent_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a textfilecontent_test must reference a textfilecontent_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M64"/>
- </xsl:template>
+ <xsl:template match="ind-def:sql_state/ind-def:sql" priority="4000" mode="M64">
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_test/ind-def:state" priority="3999" mode="M64">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:textfilecontent_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a textfilecontent_test must reference a textfilecontent_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sql entity of a sql_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M64"/>
@@ -2226,19 +2652,21 @@
<xsl:apply-templates select="@*|node()" mode="M64"/>
</xsl:template>
- <!--PATTERN txtobjpath-->
+ <!--PATTERN sqlsteresult-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_object/ind-def:path" priority="4000" mode="M65">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:sql_state/ind-def:result" priority="4000" mode="M65">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M65"/>
@@ -2248,42 +2676,62 @@
<xsl:apply-templates select="@*|node()" mode="M65"/>
</xsl:template>
- <!--PATTERN txtobjfilename-->
+ <!--PATTERN txt54tst-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_object/ind-def:filename" priority="4000"
- mode="M66">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:textfilecontent54_test/ind-def:object" priority="4000" mode="M66">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:textfilecontent54_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a textfilecontent54_test must reference a textfilecontent54_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M66"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:textfilecontent54_test/ind-def:state" priority="3999" mode="M66">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:textfilecontent54_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a textfilecontent54_test must reference a textfilecontent54_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M66"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M66"/>
<xsl:template match="@*|node()" priority="-2" mode="M66">
<xsl:apply-templates select="@*|node()" mode="M66"/>
</xsl:template>
- <!--PATTERN txtobjline-->
+ <!--PATTERN txt54objpath-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_object/ind-def:line" priority="4000" mode="M67">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent54_object/ind-def:path" priority="4000" mode="M67">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the line entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M67"/>
@@ -2293,19 +2741,21 @@
<xsl:apply-templates select="@*|node()" mode="M67"/>
</xsl:template>
- <!--PATTERN txtstepath-->
+ <!--PATTERN txt54objfilename-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_state/ind-def:path" priority="4000" mode="M68">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent54_object/ind-def:filename" priority="4000" mode="M68">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M68"/>
@@ -2315,20 +2765,21 @@
<xsl:apply-templates select="@*|node()" mode="M68"/>
</xsl:template>
- <!--PATTERN txtstefilename-->
+ <!--PATTERN txt54objpattern-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_state/ind-def:filename" priority="4000"
- mode="M69">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent54_object/ind-def:pattern" priority="4000" mode="M69">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pattern entity of a textfilecontent54_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M69"/>
@@ -2338,19 +2789,21 @@
<xsl:apply-templates select="@*|node()" mode="M69"/>
</xsl:template>
- <!--PATTERN txtsteline-->
+ <!--PATTERN txt54objinstance-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_state/ind-def:line" priority="4000" mode="M70">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:textfilecontent54_object/ind-def:instance" priority="4000" mode="M70">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the line entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the instance entity of a textfilecontent54_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M70"/>
@@ -2360,20 +2813,21 @@
<xsl:apply-templates select="@*|node()" mode="M70"/>
</xsl:template>
- <!--PATTERN txtstesubexpression-->
+ <!--PATTERN txt54stepath-->
- <!--RULE -->
-<xsl:template match="ind-def:textfilecontent_state/ind-def:subexpression" priority="4000"
- mode="M71">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="ind-def:textfilecontent54_state/ind-def:path" priority="4000" mode="M71">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M71"/>
@@ -2383,34 +2837,21 @@
<xsl:apply-templates select="@*|node()" mode="M71"/>
</xsl:template>
- <!--PATTERN vattst-->
+ <!--PATTERN txt54stefilename-->
- <!--RULE -->
-<xsl:template match="ind-def:variable_test/ind-def:object" priority="4000" mode="M72">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:variable_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a variable_test must reference a variable_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M72"/>
- </xsl:template>
+ <xsl:template match="ind-def:textfilecontent54_state/ind-def:filename" priority="4000" mode="M72">
- <!--RULE -->
-<xsl:template match="ind-def:variable_test/ind-def:state" priority="3999" mode="M72">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:variable_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a variable_test must reference a variable_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a textfilecontent54_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M72"/>
@@ -2420,19 +2861,21 @@
<xsl:apply-templates select="@*|node()" mode="M72"/>
</xsl:template>
- <!--PATTERN varobjvar_ref-->
+ <!--PATTERN txt54stepattern-->
- <!--RULE -->
-<xsl:template match="ind-def:variable_object/ind-def:var_ref" priority="4000" mode="M73">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent54_state/ind-def:pattern" priority="4000" mode="M73">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the var_ref entity of a variable_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pattern entity of a textfilecontent54_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M73"/>
@@ -2442,19 +2885,21 @@
<xsl:apply-templates select="@*|node()" mode="M73"/>
</xsl:template>
- <!--PATTERN varstevar_ref-->
+ <!--PATTERN txt54steinstance-->
- <!--RULE -->
-<xsl:template match="ind-def:variable_state/ind-def:var_ref" priority="4000" mode="M74">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:textfilecontent54_state/ind-def:instance" priority="4000" mode="M74">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the var_ref entity of a variable_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the instance entity of a textfilecontent54_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M74"/>
@@ -2464,17 +2909,19 @@
<xsl:apply-templates select="@*|node()" mode="M74"/>
</xsl:template>
- <!--PATTERN varstevalue-->
+ <!--PATTERN txt54stesubexpression-->
- <!--RULE -->
-<xsl:template match="ind-def:variable_state/ind-def:value" priority="4000" mode="M75">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent54_state/ind-def:subexpression" priority="4000" mode="M75">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
<xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
@@ -2486,34 +2933,38 @@
<xsl:apply-templates select="@*|node()" mode="M75"/>
</xsl:template>
- <!--PATTERN xmltst-->
+ <!--PATTERN txttst-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_test/ind-def:object" priority="4000" mode="M76">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:xmlfilecontent_object/@id"/>
+ <xsl:template match="ind-def:textfilecontent_test/ind-def:object" priority="4000" mode="M76">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:textfilecontent_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a xmlfilecontent_test must reference a xmlfilecontent_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a textfilecontent_test must reference a textfilecontent_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M76"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_test/ind-def:state" priority="3999" mode="M76">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:xmlfilecontent_state/@id"/>
+ <xsl:template match="ind-def:textfilecontent_test/ind-def:state" priority="3999" mode="M76">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:textfilecontent_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a xmlfilecontent_test must reference a xmlfilecontent_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a textfilecontent_test must reference a textfilecontent_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M76"/>
@@ -2523,19 +2974,21 @@
<xsl:apply-templates select="@*|node()" mode="M76"/>
</xsl:template>
- <!--PATTERN xmlobjpath-->
+ <!--PATTERN txtobjpath-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_object/ind-def:path" priority="4000" mode="M77">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_object/ind-def:path" priority="4000" mode="M77">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M77"/>
@@ -2545,20 +2998,21 @@
<xsl:apply-templates select="@*|node()" mode="M77"/>
</xsl:template>
- <!--PATTERN xmlobjfilename-->
+ <!--PATTERN txtobjfilename-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_object/ind-def:filename" priority="4000"
- mode="M78">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_object/ind-def:filename" priority="4000" mode="M78">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M78"/>
@@ -2568,19 +3022,21 @@
<xsl:apply-templates select="@*|node()" mode="M78"/>
</xsl:template>
- <!--PATTERN xmlobjxpath-->
+ <!--PATTERN txtobjline-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_object/ind-def:xpath" priority="4000" mode="M79">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_object/ind-def:line" priority="4000" mode="M79">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the xpath entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the line entity of a textfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M79"/>
@@ -2590,19 +3046,21 @@
<xsl:apply-templates select="@*|node()" mode="M79"/>
</xsl:template>
- <!--PATTERN xmlstepath-->
+ <!--PATTERN txtstepath-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_state/ind-def:path" priority="4000" mode="M80">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_state/ind-def:path" priority="4000" mode="M80">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M80"/>
@@ -2612,20 +3070,21 @@
<xsl:apply-templates select="@*|node()" mode="M80"/>
</xsl:template>
- <!--PATTERN xmlstefilename-->
+ <!--PATTERN txtstefilename-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_state/ind-def:filename" priority="4000"
- mode="M81">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_state/ind-def:filename" priority="4000" mode="M81">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M81"/>
@@ -2635,19 +3094,21 @@
<xsl:apply-templates select="@*|node()" mode="M81"/>
</xsl:template>
- <!--PATTERN xmlstexpath-->
+ <!--PATTERN txtsteline-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_state/ind-def:xpath" priority="4000" mode="M82">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:textfilecontent_state/ind-def:line" priority="4000" mode="M82">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the xpath entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the line entity of a textfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M82"/>
@@ -2657,20 +3118,21 @@
<xsl:apply-templates select="@*|node()" mode="M82"/>
</xsl:template>
- <!--PATTERN xmlstevalue_of-->
+ <!--PATTERN txtstesubexpression-->
- <!--RULE -->
-<xsl:template match="ind-def:xmlfilecontent_state/ind-def:value_of" priority="4000"
- mode="M83">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:textfilecontent_state/ind-def:subexpression" priority="4000" mode="M83">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the value_of entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M83"/>
@@ -2680,41 +3142,62 @@
<xsl:apply-templates select="@*|node()" mode="M83"/>
</xsl:template>
- <!--PATTERN filesetobjflstinst-->
+ <!--PATTERN vattst-->
- <!--RULE -->
-<xsl:template match="aix-def:fileset_object/aix-def:flstinst" priority="4000" mode="M84">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:variable_test/ind-def:object" priority="4000" mode="M84">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:variable_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the flstinst entity of a fileset_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a variable_test must reference a variable_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M84"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:variable_test/ind-def:state" priority="3999" mode="M84">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:variable_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a variable_test must reference a variable_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M84"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M84"/>
<xsl:template match="@*|node()" priority="-2" mode="M84">
<xsl:apply-templates select="@*|node()" mode="M84"/>
</xsl:template>
- <!--PATTERN filesetsteflstinst-->
+ <!--PATTERN varobjvar_ref-->
- <!--RULE -->
-<xsl:template match="aix-def:fileset_state/aix-def:flstinst" priority="4000" mode="M85">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:variable_object/ind-def:var_ref" priority="4000" mode="M85">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the flstinst entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the var_ref entity of a variable_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M85"/>
@@ -2724,19 +3207,21 @@
<xsl:apply-templates select="@*|node()" mode="M85"/>
</xsl:template>
- <!--PATTERN filesetstelevel-->
+ <!--PATTERN varstevar_ref-->
- <!--RULE -->
-<xsl:template match="aix-def:fileset_state/aix-def:level" priority="4000" mode="M86">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="ind-def:variable_state/ind-def:var_ref" priority="4000" mode="M86">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the level entity of a fileset_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the var_ref entity of a variable_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M86"/>
@@ -2746,19 +3231,21 @@
<xsl:apply-templates select="@*|node()" mode="M86"/>
</xsl:template>
- <!--PATTERN filesetstestate-->
+ <!--PATTERN varstevalue-->
- <!--RULE -->
-<xsl:template match="aix-def:fileset_state/aix-def:state" priority="4000" mode="M87">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:variable_state/ind-def:value" priority="4000" mode="M87">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the state entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M87"/>
@@ -2768,41 +3255,62 @@
<xsl:apply-templates select="@*|node()" mode="M87"/>
</xsl:template>
- <!--PATTERN filesetstedescription-->
+ <!--PATTERN xmltst-->
- <!--RULE -->
-<xsl:template match="aix-def:fileset_state/aix-def:description" priority="4000" mode="M88">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ind-def:xmlfilecontent_test/ind-def:object" priority="4000" mode="M88">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ind-def:xmlfilecontent_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the description entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a xmlfilecontent_test must reference a xmlfilecontent_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M88"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ind-def:xmlfilecontent_test/ind-def:state" priority="3999" mode="M88">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ind-def:xmlfilecontent_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a xmlfilecontent_test must reference a xmlfilecontent_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M88"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M88"/>
<xsl:template match="@*|node()" priority="-2" mode="M88">
<xsl:apply-templates select="@*|node()" mode="M88"/>
</xsl:template>
- <!--PATTERN fixobjapar_number-->
+ <!--PATTERN xmlobjpath-->
- <!--RULE -->
-<xsl:template match="aix-def:fix_object/aix-def:apar_number" priority="4000" mode="M89">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:xmlfilecontent_object/ind-def:path" priority="4000" mode="M89">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the apar_number entity of a fix_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M89"/>
@@ -2812,19 +3320,21 @@
<xsl:apply-templates select="@*|node()" mode="M89"/>
</xsl:template>
- <!--PATTERN fixsteapar_number-->
+ <!--PATTERN xmlobjfilename-->
- <!--RULE -->
-<xsl:template match="aix-def:fix_state/aix-def:apar_number" priority="4000" mode="M90">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:xmlfilecontent_object/ind-def:filename" priority="4000" mode="M90">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the apar_number entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M90"/>
@@ -2834,21 +3344,34 @@
<xsl:apply-templates select="@*|node()" mode="M90"/>
</xsl:template>
- <!--PATTERN fixsteabstract-->
+ <!--PATTERN xmlobjxpath-->
- <!--RULE -->
-<xsl:template match="aix-def:fix_state/aix-def:abstract" priority="4000" mode="M91">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:xmlfilecontent_object/ind-def:xpath" priority="4000" mode="M91">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the abstract entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the xpath entity of a xmlfilecontent_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the xpath entity of a xmlfilecontent_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M91"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M91"/>
@@ -2856,19 +3379,21 @@
<xsl:apply-templates select="@*|node()" mode="M91"/>
</xsl:template>
- <!--PATTERN fixstesymptom-->
+ <!--PATTERN xmlstepath-->
- <!--RULE -->
-<xsl:template match="aix-def:fix_state/aix-def:symptom" priority="4000" mode="M92">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:xmlfilecontent_state/ind-def:path" priority="4000" mode="M92">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the symptom entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M92"/>
@@ -2878,20 +3403,21 @@
<xsl:apply-templates select="@*|node()" mode="M92"/>
</xsl:template>
- <!--PATTERN fixsteinstallation_status-->
+ <!--PATTERN xmlstefilename-->
- <!--RULE -->
-<xsl:template match="aix-def:fix_state/aix-def:installation_status" priority="4000"
- mode="M93">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ind-def:xmlfilecontent_state/ind-def:filename" priority="4000" mode="M93">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the installation_status entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M93"/>
@@ -2901,20 +3427,21 @@
<xsl:apply-templates select="@*|node()" mode="M93"/>
</xsl:template>
- <!--PATTERN oslevelstemaintenance_level-->
+ <!--PATTERN xmlstexpath-->
- <!--RULE -->
-<xsl:template match="aix-def:oslevel_state/aix-def:maintenance_level" priority="4000"
- mode="M94">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="ind-def:xmlfilecontent_state/ind-def:xpath" priority="4000" mode="M94">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the maintenance_level entity of an oslevel_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the xpath entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M94"/>
@@ -2924,56 +3451,62 @@
<xsl:apply-templates select="@*|node()" mode="M94"/>
</xsl:template>
- <!--PATTERN httpdtst-->
+ <!--PATTERN xmlstevalue_of-->
- <!--RULE -->
-<xsl:template match="apache-def:httpd_test/apache-def:object" priority="4000" mode="M95">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/apache-def:httpd_object/@id"/>
+ <xsl:template match="ind-def:xmlfilecontent_state/ind-def:value_of" priority="4000" mode="M95">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a httpd_test must reference a httpd_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the value_of entity of a xmlfilecontent_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M95"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M95"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M95">
+ <xsl:apply-templates select="@*|node()" mode="M95"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="apache-def:httpd_test/apache-def:state" priority="3999" mode="M95">
+ <!--PATTERN filesettst-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/apache-def:httpd_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="aix-def:fileset_test/aix-def:object" priority="4000" mode="M96">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:fileset_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a httpd_test must reference a httpd_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fileset_test must reference a fileset_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M95"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M96"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M95"/>
- <xsl:template match="@*|node()" priority="-2" mode="M95">
- <xsl:apply-templates select="@*|node()" mode="M95"/>
- </xsl:template>
- <!--PATTERN httpdstepath-->
+ <!--RULE -->
+ <xsl:template match="aix-def:fileset_test/aix-def:state" priority="3999" mode="M96">
- <!--RULE -->
-<xsl:template match="apache-def:httpd_state/apache-def:path" priority="4000" mode="M96">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:fileset_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a httpd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fileset_test must reference a fileset_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M96"/>
@@ -2983,20 +3516,21 @@
<xsl:apply-templates select="@*|node()" mode="M96"/>
</xsl:template>
- <!--PATTERN httpdstebinaryname-->
+ <!--PATTERN filesetobjflstinst-->
- <!--RULE -->
-<xsl:template match="apache-def:httpd_state/apache-def:binary_name" priority="4000"
- mode="M97">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="aix-def:fileset_object/aix-def:flstinst" priority="4000" mode="M97">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the binary_name entity of a httpd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the flstinst entity of a fileset_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M97"/>
@@ -3006,19 +3540,21 @@
<xsl:apply-templates select="@*|node()" mode="M97"/>
</xsl:template>
- <!--PATTERN httpdsteversion-->
+ <!--PATTERN filesetsteflstinst-->
- <!--RULE -->
-<xsl:template match="apache-def:httpd_state/apache-def:version" priority="4000" mode="M98">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="aix-def:fileset_state/aix-def:flstinst" priority="4000" mode="M98">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a httpd_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the flstinst entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M98"/>
@@ -3028,34 +3564,21 @@
<xsl:apply-templates select="@*|node()" mode="M98"/>
</xsl:template>
- <!--PATTERN apachevertst-->
+ <!--PATTERN filesetstelevel-->
- <!--RULE -->
-<xsl:template match="apache-def:version_test/apache-def:object" priority="4000" mode="M99">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/apache-def:version_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a version_test must reference a version_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M99"/>
- </xsl:template>
+ <xsl:template match="aix-def:fileset_state/aix-def:level" priority="4000" mode="M99">
- <!--RULE -->
-<xsl:template match="apache-def:version_test/apache-def:state" priority="3999" mode="M99">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/apache-def:version_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a version_test must reference a version_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the level entity of a fileset_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M99"/>
@@ -3065,19 +3588,21 @@
<xsl:apply-templates select="@*|node()" mode="M99"/>
</xsl:template>
- <!--PATTERN apcheversteversion-->
+ <!--PATTERN filesetstestate-->
- <!--RULE -->
-<xsl:template match="apache-def:version_state/apache-def:version" priority="4000" mode="M100">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='version'"/>
+ <xsl:template match="aix-def:fileset_state/aix-def:state" priority="4000" mode="M100">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of an version_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the state entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M100"/>
@@ -3087,34 +3612,21 @@
<xsl:apply-templates select="@*|node()" mode="M100"/>
</xsl:template>
- <!--PATTERN catosmoduletst-->
+ <!--PATTERN filesetstedescription-->
- <!--RULE -->
-<xsl:template match="catos-def:module_test/catos-def:object" priority="4000" mode="M101">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/catos-def:module_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a module_test must reference a module_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M101"/>
- </xsl:template>
+ <xsl:template match="aix-def:fileset_state/aix-def:description" priority="4000" mode="M101">
- <!--RULE -->
-<xsl:template match="catos-def:module_test/catos-def:state" priority="3999" mode="M101">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:module_number/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a module_test must reference a module_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the description entity of a fileset_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M101"/>
@@ -3124,30 +3636,38 @@
<xsl:apply-templates select="@*|node()" mode="M101"/>
</xsl:template>
- <!--PATTERN moduleobjmodule_number-->
+ <!--PATTERN fixtst-->
- <!--RULE -->
-<xsl:template match="catos-def:module_object/catos-def:module_number" priority="4000"
- mode="M102">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="aix-def:fix_test/aix-def:object" priority="4000" mode="M102">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:fix_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the module_number entity of a module_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fix_test must reference a fix_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M102"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <!--RULE -->
+
+ <xsl:template match="aix-def:fix_test/aix-def:state" priority="3999" mode="M102">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:fix_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the module_number entity of a module_object should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fix_test must reference a fix_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M102"/>
@@ -3157,20 +3677,21 @@
<xsl:apply-templates select="@*|node()" mode="M102"/>
</xsl:template>
- <!--PATTERN catosmodulestemodule_number-->
+ <!--PATTERN fixobjapar_number-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:module_number" priority="4000"
- mode="M103">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="aix-def:fix_object/aix-def:apar_number" priority="4000" mode="M103">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the module_number entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the apar_number entity of a fix_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M103"/>
@@ -3180,19 +3701,21 @@
<xsl:apply-templates select="@*|node()" mode="M103"/>
</xsl:template>
- <!--PATTERN catosmodulestetype-->
+ <!--PATTERN fixsteapar_number-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:type" priority="4000" mode="M104">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="aix-def:fix_state/aix-def:apar_number" priority="4000" mode="M104">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the apar_number entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M104"/>
@@ -3202,19 +3725,21 @@
<xsl:apply-templates select="@*|node()" mode="M104"/>
</xsl:template>
- <!--PATTERN catosmodulestemodel-->
+ <!--PATTERN fixsteabstract-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:model" priority="4000" mode="M105">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="aix-def:fix_state/aix-def:abstract" priority="4000" mode="M105">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the model entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the abstract entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M105"/>
@@ -3224,20 +3749,21 @@
<xsl:apply-templates select="@*|node()" mode="M105"/>
</xsl:template>
- <!--PATTERN catosmodulestesoftware_major_release-->
+ <!--PATTERN fixstesymptom-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:software_major_release" priority="4000"
- mode="M106">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="aix-def:fix_state/aix-def:symptom" priority="4000" mode="M106">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the software_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the symptom entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M106"/>
@@ -3247,21 +3773,21 @@
<xsl:apply-templates select="@*|node()" mode="M106"/>
</xsl:template>
- <!--PATTERN catosmodulestesoftware_individual_release-->
+ <!--PATTERN fixsteinstallation_status-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:software_individual_release"
- priority="4000"
- mode="M107">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="aix-def:fix_state/aix-def:installation_status" priority="4000" mode="M107">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the software_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the installation_status entity of a fix_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M107"/>
@@ -3271,43 +3797,62 @@
<xsl:apply-templates select="@*|node()" mode="M107"/>
</xsl:template>
- <!--PATTERN catosmodulestesoftware_version_id-->
+ <!--PATTERN osleveltst-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:software_version_id" priority="4000"
- mode="M108">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="aix-def:oslevel_test/aix-def:object" priority="4000" mode="M108">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/aix-def:oslevel_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the software_version_id entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a oslevel_test must reference a oslevel_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M108"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="aix-def:oslevel_test/aix-def:state" priority="3999" mode="M108">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/aix-def:oslevel_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a oslevel_test must reference a oslevel_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M108"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M108"/>
<xsl:template match="@*|node()" priority="-2" mode="M108">
<xsl:apply-templates select="@*|node()" mode="M108"/>
</xsl:template>
- <!--PATTERN catosmodulestehardware_major_release-->
+ <!--PATTERN oslevelstemaintenance_level-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:hardware_major_release" priority="4000"
- mode="M109">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="aix-def:oslevel_state/aix-def:maintenance_level" priority="4000" mode="M109">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hardware_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the maintenance_level entity of an oslevel_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M109"/>
@@ -3317,44 +3862,62 @@
<xsl:apply-templates select="@*|node()" mode="M109"/>
</xsl:template>
- <!--PATTERN catosmodulestehardware_individual_release-->
+ <!--PATTERN httpdtst-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:hardware_individual_release"
- priority="4000"
- mode="M110">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="apache-def:httpd_test/apache-def:object" priority="4000" mode="M110">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/apache-def:httpd_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hardware_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a httpd_test must reference a httpd_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M110"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="apache-def:httpd_test/apache-def:state" priority="3999" mode="M110">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/apache-def:httpd_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a httpd_test must reference a httpd_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M110"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M110"/>
<xsl:template match="@*|node()" priority="-2" mode="M110">
<xsl:apply-templates select="@*|node()" mode="M110"/>
</xsl:template>
- <!--PATTERN catosmodulestefirmware_major_release-->
+ <!--PATTERN httpdstepath-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:firmware_major_release" priority="4000"
- mode="M111">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="apache-def:httpd_state/apache-def:path" priority="4000" mode="M111">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the firmware_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a httpd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M111"/>
@@ -3364,21 +3927,21 @@
<xsl:apply-templates select="@*|node()" mode="M111"/>
</xsl:template>
- <!--PATTERN catosmodulestefirmware_individual_release-->
+ <!--PATTERN httpdstebinaryname-->
- <!--RULE -->
-<xsl:template match="catos-def:module_state/catos-def:firmware_individual_release"
- priority="4000"
- mode="M112">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="apache-def:httpd_state/apache-def:binary_name" priority="4000" mode="M112">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the firmware_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the binary_name entity of a httpd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M112"/>
@@ -3388,20 +3951,21 @@
<xsl:apply-templates select="@*|node()" mode="M112"/>
</xsl:template>
- <!--PATTERN catosverstedevice_series-->
+ <!--PATTERN httpdsteversion-->
- <!--RULE -->
-<xsl:template match="catos-def:version_state/catos-def:swtich_series" priority="4000"
- mode="M113">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="apache-def:httpd_state/apache-def:version" priority="4000" mode="M113">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swtich_series entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a httpd_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M113"/>
@@ -3411,43 +3975,62 @@
<xsl:apply-templates select="@*|node()" mode="M113"/>
</xsl:template>
- <!--PATTERN catosversteimage_name-->
+ <!--PATTERN apachevertst-->
- <!--RULE -->
-<xsl:template match="catos-def:version_state/catos-def:image_name" priority="4000"
- mode="M114">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="apache-def:version_test/apache-def:object" priority="4000" mode="M114">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/apache-def:version_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the image_name entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a version_test must reference a version_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M114"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="apache-def:version_test/apache-def:state" priority="3999" mode="M114">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/apache-def:version_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a version_test must reference a version_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M114"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M114"/>
<xsl:template match="@*|node()" priority="-2" mode="M114">
<xsl:apply-templates select="@*|node()" mode="M114"/>
</xsl:template>
- <!--PATTERN catosverstecatos_major_release-->
+ <!--PATTERN apcheversteversion-->
- <!--RULE -->
-<xsl:template match="catos-def:version_state/catos-def:catos_major_release" priority="4000"
- mode="M115">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="apache-def:version_state/apache-def:version" priority="4000" mode="M115">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the catos_major_release entity of a version_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of an version_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M115"/>
@@ -3457,44 +4040,62 @@
<xsl:apply-templates select="@*|node()" mode="M115"/>
</xsl:template>
- <!--PATTERN catosverstecatos_individual_release-->
+ <!--PATTERN catoslinetst-->
- <!--RULE -->
-<xsl:template match="catos-def:version_state/catos-def:catos_individual_release"
- priority="4000"
- mode="M116">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="catos-def:line_test/catos-def:object" priority="4000" mode="M116">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/catos-def:line_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the catos_individual_release entity of a version_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a line_test must reference a line_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M116"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="catos-def:line_test/catos-def:state" priority="3999" mode="M116">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:line_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a line_test must reference a line_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M116"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M116"/>
<xsl:template match="@*|node()" priority="-2" mode="M116">
<xsl:apply-templates select="@*|node()" mode="M116"/>
</xsl:template>
- <!--PATTERN catosverstecatos_version_id-->
+ <!--PATTERN catoslineobjshow_subcommand-->
- <!--RULE -->
-<xsl:template match="catos-def:version_state/catos-def:catos_version_id" priority="4000"
- mode="M117">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:line_object/catos-def:show_subcommand" priority="4000" mode="M117">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the catos_version_id entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M117"/>
@@ -3504,19 +4105,21 @@
<xsl:apply-templates select="@*|node()" mode="M117"/>
</xsl:template>
- <!--PATTERN esxpatchobjpatch_number-->
+ <!--PATTERN catoslinesteshow_subcommand-->
- <!--RULE -->
-<xsl:template match="esx-def:patch_object/esx-def:patch_number" priority="4000" mode="M118">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="catos-def:line_state/catos-def:show_subcommand" priority="4000" mode="M118">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_number entity of a patch_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M118"/>
@@ -3526,19 +4129,21 @@
<xsl:apply-templates select="@*|node()" mode="M118"/>
</xsl:template>
- <!--PATTERN esxpatchstepatch_number-->
+ <!--PATTERN catoslinesteconfig_line-->
- <!--RULE -->
-<xsl:template match="esx-def:patch_state/esx-def:patch_number" priority="4000" mode="M119">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="catos-def:line_state/catos-def:config_line" priority="4000" mode="M119">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_number entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the config_line entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M119"/>
@@ -3548,43 +4153,75 @@
<xsl:apply-templates select="@*|node()" mode="M119"/>
</xsl:template>
- <!--PATTERN esxpatchstestatus-->
+ <!--PATTERN catosmoduletst-->
- <!--RULE -->
-<xsl:template match="esx-def:patch_state/esx-def:status" priority="4000" mode="M120">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="catos-def:module_test/catos-def:object" priority="4000" mode="M120">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/catos-def:module_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the status entity of a patch_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a module_test must reference a module_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M120"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="catos-def:module_test/catos-def:state" priority="3999" mode="M120">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/catos-def:module_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a module_test must reference a module_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M120"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M120"/>
<xsl:template match="@*|node()" priority="-2" mode="M120">
<xsl:apply-templates select="@*|node()" mode="M120"/>
</xsl:template>
- <!--PATTERN versionsterelease-->
+ <!--PATTERN moduleobjmodule_number-->
- <!--RULE -->
-<xsl:template match="esx-def:version_state/esx-def:release" priority="4000" mode="M121">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="catos-def:module_object/catos-def:module_number" priority="4000" mode="M121">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the release entity of an version_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the module_number entity of a module_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the module_number entity of a module_object should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M121"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M121"/>
@@ -3592,19 +4229,21 @@
<xsl:apply-templates select="@*|node()" mode="M121"/>
</xsl:template>
- <!--PATTERN versionstebuild-->
+ <!--PATTERN catosmodulestemodule_number-->
- <!--RULE -->
-<xsl:template match="esx-def:version_state/esx-def:build" priority="4000" mode="M122">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:module_state/catos-def:module_number" priority="4000" mode="M122">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the build entity of an version_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the module_number entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M122"/>
@@ -3614,35 +4253,21 @@
<xsl:apply-templates select="@*|node()" mode="M122"/>
</xsl:template>
- <!--PATTERN portinfotst-->
+ <!--PATTERN catosmodulestetype-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_test/freebsd-def:object" priority="4000"
- mode="M123">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/freebsd-def:portinfo_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a portinfo_test must reference an portinfo_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M123"/>
- </xsl:template>
+ <xsl:template match="catos-def:module_state/catos-def:type" priority="4000" mode="M123">
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_test/freebsd-def:state" priority="3999" mode="M123">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/freebsd-def:portinfo_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a portinfo_test must reference an portinfo_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M123"/>
@@ -3652,20 +4277,21 @@
<xsl:apply-templates select="@*|node()" mode="M123"/>
</xsl:template>
- <!--PATTERN portinfoobjpkginst-->
+ <!--PATTERN catosmodulestemodel-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_object/freebsd-def:pkginst" priority="4000"
- mode="M124">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:module_state/catos-def:model" priority="4000" mode="M124">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pkginst entity of a portinfo_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the model entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M124"/>
@@ -3675,20 +4301,21 @@
<xsl:apply-templates select="@*|node()" mode="M124"/>
</xsl:template>
- <!--PATTERN portinfostepkginst-->
+ <!--PATTERN catosmodulestesoftware_major_release-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:pkginst" priority="4000"
- mode="M125">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:software_major_release" priority="4000" mode="M125">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pkginst entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the software_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M125"/>
@@ -3698,19 +4325,21 @@
<xsl:apply-templates select="@*|node()" mode="M125"/>
</xsl:template>
- <!--PATTERN portinfostename-->
+ <!--PATTERN catosmodulestesoftware_individual_release-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:name" priority="4000" mode="M126">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:software_individual_release" priority="4000" mode="M126">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the software_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M126"/>
@@ -3720,20 +4349,21 @@
<xsl:apply-templates select="@*|node()" mode="M126"/>
</xsl:template>
- <!--PATTERN portinfostecategory-->
+ <!--PATTERN catosmodulestesoftware_version_id-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:category" priority="4000"
- mode="M127">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:module_state/catos-def:software_version_id" priority="4000" mode="M127">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the category entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the software_version_id entity of a module_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M127"/>
@@ -3743,20 +4373,21 @@
<xsl:apply-templates select="@*|node()" mode="M127"/>
</xsl:template>
- <!--PATTERN portinfosteversion-->
+ <!--PATTERN catosmodulestehardware_major_release-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:version" priority="4000"
- mode="M128">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:hardware_major_release" priority="4000" mode="M128">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hardware_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M128"/>
@@ -3766,20 +4397,21 @@
<xsl:apply-templates select="@*|node()" mode="M128"/>
</xsl:template>
- <!--PATTERN portinfostevendor-->
+ <!--PATTERN catosmodulestehardware_individual_release-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:vendor" priority="4000"
- mode="M129">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:hardware_individual_release" priority="4000" mode="M129">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the vendor entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hardware_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M129"/>
@@ -3789,20 +4421,21 @@
<xsl:apply-templates select="@*|node()" mode="M129"/>
</xsl:template>
- <!--PATTERN portinfostedescription-->
+ <!--PATTERN catosmodulestefirmware_major_release-->
- <!--RULE -->
-<xsl:template match="freebsd-def:portinfo_state/freebsd-def:description" priority="4000"
- mode="M130">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:firmware_major_release" priority="4000" mode="M130">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the description entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the firmware_major_release entity of a module_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M130"/>
@@ -3812,20 +4445,21 @@
<xsl:apply-templates select="@*|node()" mode="M130"/>
</xsl:template>
- <!--PATTERN gcobjparameter_name-->
+ <!--PATTERN catosmodulestefirmware_individual_release-->
- <!--RULE -->
-<xsl:template match="hpux-def:getconf_object/hpux-def:parameter_name" priority="4000"
- mode="M131">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:module_state/catos-def:firmware_individual_release" priority="4000" mode="M131">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the parameter_name entity of a getconf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the firmware_individual_release entity of a module_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M131"/>
@@ -3835,19 +4469,21 @@
<xsl:apply-templates select="@*|node()" mode="M131"/>
</xsl:template>
- <!--PATTERN gcobjpathname-->
+ <!--PATTERN catosver55stedevice_series-->
- <!--RULE -->
-<xsl:template match="hpux-def:getconf_object/hpux-def:pathname" priority="4000" mode="M132">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:version55_state/catos-def:swtich_series" priority="4000" mode="M132">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pathname entity of a getconf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swtich_series entity of a version55_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M132"/>
@@ -3857,20 +4493,21 @@
<xsl:apply-templates select="@*|node()" mode="M132"/>
</xsl:template>
- <!--PATTERN gcsteparameter_name-->
+ <!--PATTERN catosver55steimage_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:getconf_state/hpux-def:parameter_name" priority="4000"
- mode="M133">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:version55_state/catos-def:image_name" priority="4000" mode="M133">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the parameter_name entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the image_name entity of a version55_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M133"/>
@@ -3880,19 +4517,21 @@
<xsl:apply-templates select="@*|node()" mode="M133"/>
</xsl:template>
- <!--PATTERN gcstepathname-->
+ <!--PATTERN catosver55stecatos_release-->
- <!--RULE -->
-<xsl:template match="hpux-def:getconf_state/hpux-def:pathname" priority="4000" mode="M134">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:version55_state/catos-def:catos_release" priority="4000" mode="M134">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pathname entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the catos_release entity of a version55_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M134"/>
@@ -3902,19 +4541,21 @@
<xsl:apply-templates select="@*|node()" mode="M134"/>
</xsl:template>
- <!--PATTERN gcsteoutput-->
+ <!--PATTERN catosverstedevice_series-->
- <!--RULE -->
-<xsl:template match="hpux-def:getconf_state/hpux-def:output" priority="4000" mode="M135">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:version_state/catos-def:swtich_series" priority="4000" mode="M135">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the output entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swtich_series entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M135"/>
@@ -3924,19 +4565,21 @@
<xsl:apply-templates select="@*|node()" mode="M135"/>
</xsl:template>
- <!--PATTERN patch53objswtype-->
+ <!--PATTERN catosversteimage_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch53_object/hpux-def:swtype" priority="4000" mode="M136">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:version_state/catos-def:image_name" priority="4000" mode="M136">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swtype entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the image_name entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M136"/>
@@ -3946,19 +4589,21 @@
<xsl:apply-templates select="@*|node()" mode="M136"/>
</xsl:template>
- <!--PATTERN patch53objarea_patched-->
+ <!--PATTERN catosverstecatos_major_release-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_object/hpux-def:area_patched" priority="4000" mode="M137">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:version_state/catos-def:catos_major_release" priority="4000" mode="M137">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the area_patched entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the catos_major_release entity of a version_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M137"/>
@@ -3968,19 +4613,21 @@
<xsl:apply-templates select="@*|node()" mode="M137"/>
</xsl:template>
- <!--PATTERN patch53objpatch_base-->
+ <!--PATTERN catosverstecatos_individual_release-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_object/hpux-def:patch_base" priority="4000" mode="M138">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="catos-def:version_state/catos-def:catos_individual_release" priority="4000" mode="M138">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_base entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the catos_individual_release entity of a version_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M138"/>
@@ -3990,19 +4637,21 @@
<xsl:apply-templates select="@*|node()" mode="M138"/>
</xsl:template>
- <!--PATTERN patch53steswtype-->
+ <!--PATTERN catosverstecatos_version_id-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch53_state/hpux-def:swtype" priority="4000" mode="M139">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="catos-def:version_state/catos-def:catos_version_id" priority="4000" mode="M139">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swtype entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the catos_version_id entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M139"/>
@@ -4012,20 +4661,21 @@
<xsl:apply-templates select="@*|node()" mode="M139"/>
</xsl:template>
- <!--PATTERN patch53stearea_patched-->
+ <!--PATTERN esxpatchobjpatch_number-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch53_state/hpux-def:area_patched" priority="4000"
- mode="M140">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="esx-def:patch_object/esx-def:patch_number" priority="4000" mode="M140">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the area_patched entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_number entity of a patch_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M140"/>
@@ -4035,19 +4685,21 @@
<xsl:apply-templates select="@*|node()" mode="M140"/>
</xsl:template>
- <!--PATTERN patch53stepatch_base-->
+ <!--PATTERN esxpatchstepatch_number-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch53_state/hpux-def:patch_base" priority="4000" mode="M141">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="esx-def:patch_state/esx-def:patch_number" priority="4000" mode="M141">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_base entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_number entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M141"/>
@@ -4057,19 +4709,21 @@
<xsl:apply-templates select="@*|node()" mode="M141"/>
</xsl:template>
- <!--PATTERN patchobjpatch_name-->
+ <!--PATTERN esxpatchstestatus-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_object/hpux-def:patch_name" priority="4000" mode="M142">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="esx-def:patch_state/esx-def:status" priority="4000" mode="M142">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_name entity of a patch_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the status entity of a patch_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M142"/>
@@ -4079,19 +4733,21 @@
<xsl:apply-templates select="@*|node()" mode="M142"/>
</xsl:template>
- <!--PATTERN patchstepatch_name-->
+ <!--PATTERN versionsterelease-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_state/hpux-def:patch_name" priority="4000" mode="M143">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="esx-def:version_state/esx-def:release" priority="4000" mode="M143">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_name entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the release entity of an version_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M143"/>
@@ -4101,19 +4757,21 @@
<xsl:apply-templates select="@*|node()" mode="M143"/>
</xsl:template>
- <!--PATTERN patchsteswtype-->
+ <!--PATTERN versionstebuild-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_state/hpux-def:swtype" priority="4000" mode="M144">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="esx-def:version_state/esx-def:build" priority="4000" mode="M144">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swtype entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the build entity of an version_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M144"/>
@@ -4123,41 +4781,62 @@
<xsl:apply-templates select="@*|node()" mode="M144"/>
</xsl:template>
- <!--PATTERN patchstearea_patched-->
+ <!--PATTERN portinfotst-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_state/hpux-def:area_patched" priority="4000" mode="M145">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="freebsd-def:portinfo_test/freebsd-def:object" priority="4000" mode="M145">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/freebsd-def:portinfo_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the area_patched entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a portinfo_test must reference an portinfo_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M145"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="freebsd-def:portinfo_test/freebsd-def:state" priority="3999" mode="M145">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/freebsd-def:portinfo_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a portinfo_test must reference an portinfo_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M145"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M145"/>
<xsl:template match="@*|node()" priority="-2" mode="M145">
<xsl:apply-templates select="@*|node()" mode="M145"/>
</xsl:template>
- <!--PATTERN patchstepatch_base-->
+ <!--PATTERN portinfoobjpkginst-->
- <!--RULE -->
-<xsl:template match="hpux-def:patch_state/hpux-def:patch_base" priority="4000" mode="M146">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_object/freebsd-def:pkginst" priority="4000" mode="M146">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the patch_base entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pkginst entity of a portinfo_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M146"/>
@@ -4167,19 +4846,21 @@
<xsl:apply-templates select="@*|node()" mode="M146"/>
</xsl:template>
- <!--PATTERN swlistobjswlist-->
+ <!--PATTERN portinfostepkginst-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_object/hpux-def:swlist" priority="4000" mode="M147">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:pkginst" priority="4000" mode="M147">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swlist entity of a swlist_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pkginst entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M147"/>
@@ -4189,19 +4870,21 @@
<xsl:apply-templates select="@*|node()" mode="M147"/>
</xsl:template>
- <!--PATTERN swliststeswlist-->
+ <!--PATTERN portinfostename-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:swlist" priority="4000" mode="M148">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:name" priority="4000" mode="M148">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the swlist entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M148"/>
@@ -4211,19 +4894,21 @@
<xsl:apply-templates select="@*|node()" mode="M148"/>
</xsl:template>
- <!--PATTERN swliststebundle-->
+ <!--PATTERN portinfostecategory-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:bundle" priority="4000" mode="M149">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:category" priority="4000" mode="M149">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the bundle entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the category entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M149"/>
@@ -4233,19 +4918,21 @@
<xsl:apply-templates select="@*|node()" mode="M149"/>
</xsl:template>
- <!--PATTERN swliststefileset-->
+ <!--PATTERN portinfosteversion-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:fileset" priority="4000" mode="M150">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:version" priority="4000" mode="M150">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the fileset entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M150"/>
@@ -4255,19 +4942,21 @@
<xsl:apply-templates select="@*|node()" mode="M150"/>
</xsl:template>
- <!--PATTERN swliststeversion-->
+ <!--PATTERN portinfostevendor-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:version" priority="4000" mode="M151">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='fileset_revision'"/>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:vendor" priority="4000" mode="M151">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a swlist_state should be 'fileset_revision'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the vendor entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M151"/>
@@ -4277,19 +4966,21 @@
<xsl:apply-templates select="@*|node()" mode="M151"/>
</xsl:template>
- <!--PATTERN swliststetitle-->
+ <!--PATTERN portinfostedescription-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:title" priority="4000" mode="M152">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="freebsd-def:portinfo_state/freebsd-def:description" priority="4000" mode="M152">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the title entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the description entity of a portinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M152"/>
@@ -4299,19 +4990,21 @@
<xsl:apply-templates select="@*|node()" mode="M152"/>
</xsl:template>
- <!--PATTERN swliststevendor-->
+ <!--PATTERN gcobjparameter_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:swlist_state/hpux-def:vendor" priority="4000" mode="M153">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:getconf_object/hpux-def:parameter_name" priority="4000" mode="M153">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the vendor entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the parameter_name entity of a getconf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M153"/>
@@ -4321,19 +5014,21 @@
<xsl:apply-templates select="@*|node()" mode="M153"/>
</xsl:template>
- <!--PATTERN trustobjusername-->
+ <!--PATTERN gcobjpathname-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_object/hpux-def:username" priority="4000" mode="M154">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:getconf_object/hpux-def:pathname" priority="4000" mode="M154">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a trusted_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pathname entity of a getconf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M154"/>
@@ -4343,19 +5038,21 @@
<xsl:apply-templates select="@*|node()" mode="M154"/>
</xsl:template>
- <!--PATTERN truststeusername-->
+ <!--PATTERN gcsteparameter_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:username" priority="4000" mode="M155">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:getconf_state/hpux-def:parameter_name" priority="4000" mode="M155">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the parameter_name entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M155"/>
@@ -4365,19 +5062,21 @@
<xsl:apply-templates select="@*|node()" mode="M155"/>
</xsl:template>
- <!--PATTERN truststeuid-->
+ <!--PATTERN gcstepathname-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:uid" priority="4000" mode="M156">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:getconf_state/hpux-def:pathname" priority="4000" mode="M156">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the uid entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pathname entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M156"/>
@@ -4387,19 +5086,21 @@
<xsl:apply-templates select="@*|node()" mode="M156"/>
</xsl:template>
- <!--PATTERN truststepassword-->
+ <!--PATTERN gcsteoutput-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:password" priority="4000" mode="M157">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:getconf_state/hpux-def:output" priority="4000" mode="M157">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the output entity of a getconf_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M157"/>
@@ -4409,20 +5110,21 @@
<xsl:apply-templates select="@*|node()" mode="M157"/>
</xsl:template>
- <!--PATTERN truststeaccount_owner-->
+ <!--PATTERN patch53objswtype-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:account_owner" priority="4000"
- mode="M158">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch53_object/hpux-def:swtype" priority="4000" mode="M158">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the account_owner entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swtype entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M158"/>
@@ -4432,19 +5134,21 @@
<xsl:apply-templates select="@*|node()" mode="M158"/>
</xsl:template>
- <!--PATTERN truststeboot_auth-->
+ <!--PATTERN patch53objarea_patched-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:boot_auth" priority="4000" mode="M159">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_object/hpux-def:area_patched" priority="4000" mode="M159">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the boot_auth entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the area_patched entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M159"/>
@@ -4454,19 +5158,21 @@
<xsl:apply-templates select="@*|node()" mode="M159"/>
</xsl:template>
- <!--PATTERN truststeaudit_id-->
+ <!--PATTERN patch53objpatch_base-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:audit_id" priority="4000" mode="M160">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_object/hpux-def:patch_base" priority="4000" mode="M160">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the audit_id entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_base entity of a patch53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M160"/>
@@ -4476,19 +5182,21 @@
<xsl:apply-templates select="@*|node()" mode="M160"/>
</xsl:template>
- <!--PATTERN truststeaudit_flag-->
+ <!--PATTERN patch53steswtype-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:audit_flag" priority="4000" mode="M161">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch53_state/hpux-def:swtype" priority="4000" mode="M161">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the audit_flag entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swtype entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M161"/>
@@ -4498,20 +5206,21 @@
<xsl:apply-templates select="@*|node()" mode="M161"/>
</xsl:template>
- <!--PATTERN truststepw_change_min-->
+ <!--PATTERN patch53stearea_patched-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_min" priority="4000"
- mode="M162">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch53_state/hpux-def:area_patched" priority="4000" mode="M162">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_change_min entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the area_patched entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M162"/>
@@ -4521,19 +5230,21 @@
<xsl:apply-templates select="@*|node()" mode="M162"/>
</xsl:template>
- <!--PATTERN truststepw_max_size-->
+ <!--PATTERN patch53stepatch_base-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_max_size" priority="4000" mode="M163">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch53_state/hpux-def:patch_base" priority="4000" mode="M163">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_max_size entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_base entity of a patch53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M163"/>
@@ -4543,20 +5254,21 @@
<xsl:apply-templates select="@*|node()" mode="M163"/>
</xsl:template>
- <!--PATTERN truststepw_expiration-->
+ <!--PATTERN patchobjpatch_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_expiration" priority="4000"
- mode="M164">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_object/hpux-def:patch_name" priority="4000" mode="M164">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_expiration entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_name entity of a patch_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M164"/>
@@ -4566,19 +5278,21 @@
<xsl:apply-templates select="@*|node()" mode="M164"/>
</xsl:template>
- <!--PATTERN truststepw_life-->
+ <!--PATTERN patchstepatch_name-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_life" priority="4000" mode="M165">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_state/hpux-def:patch_name" priority="4000" mode="M165">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_life entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_name entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M165"/>
@@ -4588,19 +5302,21 @@
<xsl:apply-templates select="@*|node()" mode="M165"/>
</xsl:template>
- <!--PATTERN truststepw_change_s-->
+ <!--PATTERN patchsteswtype-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_s" priority="4000" mode="M166">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_state/hpux-def:swtype" priority="4000" mode="M166">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_change_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swtype entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M166"/>
@@ -4610,19 +5326,21 @@
<xsl:apply-templates select="@*|node()" mode="M166"/>
</xsl:template>
- <!--PATTERN truststepw_change_u-->
+ <!--PATTERN patchstearea_patched-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_u" priority="4000" mode="M167">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_state/hpux-def:area_patched" priority="4000" mode="M167">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_change_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the area_patched entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M167"/>
@@ -4632,19 +5350,21 @@
<xsl:apply-templates select="@*|node()" mode="M167"/>
</xsl:template>
- <!--PATTERN truststeacct_expire-->
+ <!--PATTERN patchstepatch_base-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:acct_expire" priority="4000" mode="M168">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:patch_state/hpux-def:patch_base" priority="4000" mode="M168">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the acct_expire entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the patch_base entity of a patch_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M168"/>
@@ -4654,19 +5374,21 @@
<xsl:apply-templates select="@*|node()" mode="M168"/>
</xsl:template>
- <!--PATTERN truststemax_llogin-->
+ <!--PATTERN swlistobjswlist-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:max_llogin" priority="4000" mode="M169">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_object/hpux-def:swlist" priority="4000" mode="M169">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the max_llogin entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swlist entity of a swlist_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M169"/>
@@ -4676,19 +5398,21 @@
<xsl:apply-templates select="@*|node()" mode="M169"/>
</xsl:template>
- <!--PATTERN truststeexp_warning-->
+ <!--PATTERN swliststeswlist-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:exp_warning" priority="4000" mode="M170">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:swlist" priority="4000" mode="M170">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exp_warning entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the swlist entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M170"/>
@@ -4698,19 +5422,21 @@
<xsl:apply-templates select="@*|node()" mode="M170"/>
</xsl:template>
- <!--PATTERN truststeusr_chg_pw-->
+ <!--PATTERN swliststebundle-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:usr_chg_pw" priority="4000" mode="M171">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:bundle" priority="4000" mode="M171">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the usr_chg_pw entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the bundle entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M171"/>
@@ -4720,19 +5446,21 @@
<xsl:apply-templates select="@*|node()" mode="M171"/>
</xsl:template>
- <!--PATTERN truststegen_pw-->
+ <!--PATTERN swliststefileset-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:gen_pw" priority="4000" mode="M172">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:fileset" priority="4000" mode="M172">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gen_pw entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the fileset entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M172"/>
@@ -4742,19 +5470,21 @@
<xsl:apply-templates select="@*|node()" mode="M172"/>
</xsl:template>
- <!--PATTERN truststepw_restrict-->
+ <!--PATTERN swliststeversion-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_restrict" priority="4000" mode="M173">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:version" priority="4000" mode="M173">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='fileset_revision'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_restrict entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a swlist_state should be 'fileset_revision'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M173"/>
@@ -4764,19 +5494,21 @@
<xsl:apply-templates select="@*|node()" mode="M173"/>
</xsl:template>
- <!--PATTERN truststepw_null-->
+ <!--PATTERN swliststetitle-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_null" priority="4000" mode="M174">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:title" priority="4000" mode="M174">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_null entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the title entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M174"/>
@@ -4786,19 +5518,21 @@
<xsl:apply-templates select="@*|node()" mode="M174"/>
</xsl:template>
- <!--PATTERN truststepw_gen_char-->
+ <!--PATTERN swliststevendor-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_gen_char" priority="4000" mode="M175">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:swlist_state/hpux-def:vendor" priority="4000" mode="M175">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_gen_char entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the vendor entity of a swlist_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M175"/>
@@ -4808,19 +5542,21 @@
<xsl:apply-templates select="@*|node()" mode="M175"/>
</xsl:template>
- <!--PATTERN truststepw_gen_let-->
+ <!--PATTERN trustobjusername-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_gen_let" priority="4000" mode="M176">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_object/hpux-def:username" priority="4000" mode="M176">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_gen_let entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a trusted_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M176"/>
@@ -4830,19 +5566,21 @@
<xsl:apply-templates select="@*|node()" mode="M176"/>
</xsl:template>
- <!--PATTERN truststelogin_time-->
+ <!--PATTERN truststeusername-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:login_time" priority="4000" mode="M177">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:username" priority="4000" mode="M177">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_time entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M177"/>
@@ -4852,19 +5590,21 @@
<xsl:apply-templates select="@*|node()" mode="M177"/>
</xsl:template>
- <!--PATTERN truststepw_changer-->
+ <!--PATTERN truststeuid-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:pw_changer" priority="4000" mode="M178">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:uid" priority="4000" mode="M178">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pw_changer entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the uid entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M178"/>
@@ -4874,20 +5614,21 @@
<xsl:apply-templates select="@*|node()" mode="M178"/>
</xsl:template>
- <!--PATTERN truststelogin_time_s-->
+ <!--PATTERN truststepassword-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:login_time_s" priority="4000"
- mode="M179">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:password" priority="4000" mode="M179">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_time_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M179"/>
@@ -4897,20 +5638,21 @@
<xsl:apply-templates select="@*|node()" mode="M179"/>
</xsl:template>
- <!--PATTERN truststelogin_time_u-->
+ <!--PATTERN truststeaccount_owner-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:login_time_u" priority="4000"
- mode="M180">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:account_owner" priority="4000" mode="M180">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_time_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the account_owner entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M180"/>
@@ -4920,19 +5662,21 @@
<xsl:apply-templates select="@*|node()" mode="M180"/>
</xsl:template>
- <!--PATTERN truststelogin_tty_s-->
+ <!--PATTERN truststeboot_auth-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:login_tty_s" priority="4000" mode="M181">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:boot_auth" priority="4000" mode="M181">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_tty_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the boot_auth entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M181"/>
@@ -4942,19 +5686,21 @@
<xsl:apply-templates select="@*|node()" mode="M181"/>
</xsl:template>
- <!--PATTERN truststelogin_tty_u-->
+ <!--PATTERN truststeaudit_id-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:login_tty_u" priority="4000" mode="M182">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:audit_id" priority="4000" mode="M182">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_tty_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the audit_id entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M182"/>
@@ -4964,20 +5710,21 @@
<xsl:apply-templates select="@*|node()" mode="M182"/>
</xsl:template>
- <!--PATTERN truststenum_u_logins-->
+ <!--PATTERN truststeaudit_flag-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:num_u_logins" priority="4000"
- mode="M183">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:audit_flag" priority="4000" mode="M183">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the num_u_logins entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the audit_flag entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M183"/>
@@ -4987,20 +5734,21 @@
<xsl:apply-templates select="@*|node()" mode="M183"/>
</xsl:template>
- <!--PATTERN truststemax_u_logins-->
+ <!--PATTERN truststepw_change_min-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:max_u_logins" priority="4000"
- mode="M184">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_min" priority="4000" mode="M184">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the max_u_logins entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_change_min entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M184"/>
@@ -5010,19 +5758,21 @@
<xsl:apply-templates select="@*|node()" mode="M184"/>
</xsl:template>
- <!--PATTERN truststelock_flag-->
+ <!--PATTERN truststepw_max_size-->
- <!--RULE -->
-<xsl:template match="hpux-def:trusted_state/hpux-def:lock_flag" priority="4000" mode="M185">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_max_size" priority="4000" mode="M185">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the lock_flag entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_max_size entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M185"/>
@@ -5032,34 +5782,21 @@
<xsl:apply-templates select="@*|node()" mode="M185"/>
</xsl:template>
- <!--PATTERN globaltst-->
+ <!--PATTERN truststepw_expiration-->
- <!--RULE -->
-<xsl:template match="ios-def:global_test/ios-def:object" priority="4000" mode="M186">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:global_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a global_test must reference a global_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M186"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_expiration" priority="4000" mode="M186">
- <!--RULE -->
-<xsl:template match="ios-def:global_test/ios-def:state" priority="3999" mode="M186">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:global_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a global_test must reference a global_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_expiration entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M186"/>
@@ -5069,20 +5806,21 @@
<xsl:apply-templates select="@*|node()" mode="M186"/>
</xsl:template>
- <!--PATTERN globalobjglobal_command-->
+ <!--PATTERN truststepw_life-->
- <!--RULE -->
-<xsl:template match="ios-def:global_object/ios-def:global_command" priority="4000"
- mode="M187">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_life" priority="4000" mode="M187">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the global_command entity of a global_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_life entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M187"/>
@@ -5092,19 +5830,21 @@
<xsl:apply-templates select="@*|node()" mode="M187"/>
</xsl:template>
- <!--PATTERN globalsteglobal_command-->
+ <!--PATTERN truststepw_change_s-->
- <!--RULE -->
-<xsl:template match="ios-def:global_state/ios-def:global_command" priority="4000" mode="M188">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_s" priority="4000" mode="M188">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the global_command entity of a global_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_change_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M188"/>
@@ -5114,34 +5854,21 @@
<xsl:apply-templates select="@*|node()" mode="M188"/>
</xsl:template>
- <!--PATTERN iosinterfacetst-->
+ <!--PATTERN truststepw_change_u-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_test/ios-def:object" priority="4000" mode="M189">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:interface_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an interface_test must reference an interface_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M189"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_change_u" priority="4000" mode="M189">
- <!--RULE -->
-<xsl:template match="ios-def:interface_test/ios-def:state" priority="3999" mode="M189">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:interface_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an interface_test must reference an interface_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_change_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M189"/>
@@ -5151,19 +5878,21 @@
<xsl:apply-templates select="@*|node()" mode="M189"/>
</xsl:template>
- <!--PATTERN iosinterfaceobjname-->
+ <!--PATTERN truststeacct_expire-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_object/ios-def:name" priority="4000" mode="M190">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:acct_expire" priority="4000" mode="M190">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an interface_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the acct_expire entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M190"/>
@@ -5173,19 +5902,21 @@
<xsl:apply-templates select="@*|node()" mode="M190"/>
</xsl:template>
- <!--PATTERN iosinterfacestename-->
+ <!--PATTERN truststemax_llogin-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_state/ios-def:name" priority="4000" mode="M191">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:max_llogin" priority="4000" mode="M191">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the max_llogin entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M191"/>
@@ -5195,21 +5926,21 @@
<xsl:apply-templates select="@*|node()" mode="M191"/>
</xsl:template>
- <!--PATTERN iosinterfacesteip_directed_broadcast_command-->
+ <!--PATTERN truststeexp_warning-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_state/ios-def:ip_directed_broadcast_command"
- priority="4000"
- mode="M192">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:exp_warning" priority="4000" mode="M192">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ip_directed_broadcast_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exp_warning entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M192"/>
@@ -5219,21 +5950,21 @@
<xsl:apply-templates select="@*|node()" mode="M192"/>
</xsl:template>
- <!--PATTERN iosinterfacesteno_ip_directed_broadcast_command-->
+ <!--PATTERN truststeusr_chg_pw-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_state/ios-def:no_ip_directed_broadcast_command"
- priority="4000"
- mode="M193">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:usr_chg_pw" priority="4000" mode="M193">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the no_ip_directed_broadcast_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the usr_chg_pw entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M193"/>
@@ -5243,20 +5974,21 @@
<xsl:apply-templates select="@*|node()" mode="M193"/>
</xsl:template>
- <!--PATTERN iosinterfacesteproxy_arp_command-->
+ <!--PATTERN truststegen_pw-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_state/ios-def:proxy_arp_command" priority="4000"
- mode="M194">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:gen_pw" priority="4000" mode="M194">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the proxy_arp_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gen_pw entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M194"/>
@@ -5266,20 +5998,21 @@
<xsl:apply-templates select="@*|node()" mode="M194"/>
</xsl:template>
- <!--PATTERN iosinterfacesteshutdown_command-->
+ <!--PATTERN truststepw_restrict-->
- <!--RULE -->
-<xsl:template match="ios-def:interface_state/ios-def:shutdown_command" priority="4000"
- mode="M195">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_restrict" priority="4000" mode="M195">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the shutdown_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_restrict entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M195"/>
@@ -5289,34 +6022,21 @@
<xsl:apply-templates select="@*|node()" mode="M195"/>
</xsl:template>
- <!--PATTERN linetst-->
+ <!--PATTERN truststepw_null-->
- <!--RULE -->
-<xsl:template match="ios-def:line_test/ios-def:object" priority="4000" mode="M196">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:line_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a line_test must reference a line_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M196"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_null" priority="4000" mode="M196">
- <!--RULE -->
-<xsl:template match="ios-def:line_test/ios-def:state" priority="3999" mode="M196">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:line_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a line_test must reference a line_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_null entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M196"/>
@@ -5326,19 +6046,21 @@
<xsl:apply-templates select="@*|node()" mode="M196"/>
</xsl:template>
- <!--PATTERN lineobjshow_subcommand-->
+ <!--PATTERN truststepw_gen_char-->
- <!--RULE -->
-<xsl:template match="ios-def:line_object/ios-def:show_subcommand" priority="4000" mode="M197">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_gen_char" priority="4000" mode="M197">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_gen_char entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M197"/>
@@ -5348,19 +6070,21 @@
<xsl:apply-templates select="@*|node()" mode="M197"/>
</xsl:template>
- <!--PATTERN linesteshow_subcommand-->
+ <!--PATTERN truststepw_gen_let-->
- <!--RULE -->
-<xsl:template match="ios-def:line_state/ios-def:show_subcommand" priority="4000" mode="M198">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_gen_let" priority="4000" mode="M198">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_gen_let entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M198"/>
@@ -5370,19 +6094,21 @@
<xsl:apply-templates select="@*|node()" mode="M198"/>
</xsl:template>
- <!--PATTERN linesteconfig_line-->
+ <!--PATTERN truststelogin_time-->
- <!--RULE -->
-<xsl:template match="ios-def:line_state/ios-def:config_line" priority="4000" mode="M199">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:login_time" priority="4000" mode="M199">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the config_line entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_time entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M199"/>
@@ -5392,34 +6118,21 @@
<xsl:apply-templates select="@*|node()" mode="M199"/>
</xsl:template>
- <!--PATTERN snmptst-->
+ <!--PATTERN truststepw_changer-->
- <!--RULE -->
-<xsl:template match="ios-def:snmp_test/ios-def:object" priority="4000" mode="M200">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:snmp_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a snmp_test must reference a snmp_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M200"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:pw_changer" priority="4000" mode="M200">
- <!--RULE -->
-<xsl:template match="ios-def:snmp_test/ios-def:state" priority="3999" mode="M200">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:snmp_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a snmp_test must reference a snmp_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pw_changer entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M200"/>
@@ -5429,19 +6142,21 @@
<xsl:apply-templates select="@*|node()" mode="M200"/>
</xsl:template>
- <!--PATTERN snmpsteaccess_list-->
+ <!--PATTERN truststelogin_time_s-->
- <!--RULE -->
-<xsl:template match="ios-def:snmp_state/ios-def:access_list" priority="4000" mode="M201">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:login_time_s" priority="4000" mode="M201">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_list entity of a snmp_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_time_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M201"/>
@@ -5451,19 +6166,21 @@
<xsl:apply-templates select="@*|node()" mode="M201"/>
</xsl:template>
- <!--PATTERN snmpstecommunity_name-->
+ <!--PATTERN truststelogin_time_u-->
- <!--RULE -->
-<xsl:template match="ios-def:snmp_state/ios-def:community_name" priority="4000" mode="M202">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:login_time_u" priority="4000" mode="M202">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the community_name entity of a snmp_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_time_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M202"/>
@@ -5473,34 +6190,21 @@
<xsl:apply-templates select="@*|node()" mode="M202"/>
</xsl:template>
- <!--PATTERN tclshtst-->
+ <!--PATTERN truststelogin_tty_s-->
- <!--RULE -->
-<xsl:template match="ios-def:tclsh_test/ios-def:object" priority="4000" mode="M203">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:tclsh_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a tclsh_test must reference a tclsh_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M203"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:login_tty_s" priority="4000" mode="M203">
- <!--RULE -->
-<xsl:template match="ios-def:tclsh_test/ios-def:state" priority="3999" mode="M203">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:tclsh_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a tclsh_test must reference a tclsh_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_tty_s entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M203"/>
@@ -5510,19 +6214,21 @@
<xsl:apply-templates select="@*|node()" mode="M203"/>
</xsl:template>
- <!--PATTERN tclshsteavailable-->
+ <!--PATTERN truststelogin_tty_u-->
- <!--RULE -->
-<xsl:template match="ios-def:tclsh_state/ios-def:available" priority="4000" mode="M204">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='boolean'"/>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:login_tty_u" priority="4000" mode="M204">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the available entity of a tclsh_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_tty_u entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M204"/>
@@ -5532,34 +6238,21 @@
<xsl:apply-templates select="@*|node()" mode="M204"/>
</xsl:template>
- <!--PATTERN iosvertst-->
+ <!--PATTERN truststenum_u_logins-->
- <!--RULE -->
-<xsl:template match="ios-def:version_test/ios-def:object" priority="4000" mode="M205">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a version_test must reference a version_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M205"/>
- </xsl:template>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:num_u_logins" priority="4000" mode="M205">
- <!--RULE -->
-<xsl:template match="ios-def:version_test/ios-def:state" priority="3999" mode="M205">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a version_test must reference a version_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the num_u_logins entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M205"/>
@@ -5569,19 +6262,21 @@
<xsl:apply-templates select="@*|node()" mode="M205"/>
</xsl:template>
- <!--PATTERN iosverstemajor_release-->
+ <!--PATTERN truststemax_u_logins-->
- <!--RULE -->
-<xsl:template match="ios-def:version_state/ios-def:major_release" priority="4000" mode="M206">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:max_u_logins" priority="4000" mode="M206">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the major_release entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the max_u_logins entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M206"/>
@@ -5591,19 +6286,21 @@
<xsl:apply-templates select="@*|node()" mode="M206"/>
</xsl:template>
- <!--PATTERN iosverstetrain_number-->
+ <!--PATTERN truststelock_flag-->
- <!--RULE -->
-<xsl:template match="ios-def:version_state/ios-def:train_number" priority="4000" mode="M207">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="hpux-def:trusted_state/hpux-def:lock_flag" priority="4000" mode="M207">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the train_number entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the lock_flag entity of a trusted_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M207"/>
@@ -5613,43 +6310,62 @@
<xsl:apply-templates select="@*|node()" mode="M207"/>
</xsl:template>
- <!--PATTERN iosverstetrain_identifier-->
+ <!--PATTERN globaltst-->
- <!--RULE -->
-<xsl:template match="ios-def:version_state/ios-def:train_identifier" priority="4000"
- mode="M208">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:global_test/ios-def:object" priority="4000" mode="M208">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:global_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the train_identifier entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a global_test must reference a global_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M208"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="ios-def:global_test/ios-def:state" priority="3999" mode="M208">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:global_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a global_test must reference a global_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M208"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M208"/>
<xsl:template match="@*|node()" priority="-2" mode="M208">
<xsl:apply-templates select="@*|node()" mode="M208"/>
</xsl:template>
- <!--PATTERN iosversteversion_string-->
+ <!--PATTERN globalobjglobal_command-->
- <!--RULE -->
-<xsl:template match="ios-def:version_state/ios-def:version_string" priority="4000"
- mode="M209">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='ios_version'"/>
+ <xsl:template match="ios-def:global_object/ios-def:global_command" priority="4000" mode="M209">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version_string entity of a version_state should be 'ios_version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the global_command entity of a global_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M209"/>
@@ -5659,31 +6375,23 @@
<xsl:apply-templates select="@*|node()" mode="M209"/>
</xsl:template>
- <!--PATTERN dpkgobjname-->
+ <!--PATTERN globalsteglobal_command-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_object/linux-def:name" priority="4000" mode="M210">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:global_state/ios-def:global_command" priority="4000" mode="M210">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a dpkginfo_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the global_command entity of a global_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a dpkginfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M210"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M210"/>
@@ -5691,29 +6399,38 @@
<xsl:apply-templates select="@*|node()" mode="M210"/>
</xsl:template>
- <!--PATTERN dpkgstename-->
+ <!--PATTERN iosinterfacetst-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:name" priority="4000" mode="M211">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:interface_test/ios-def:object" priority="4000" mode="M211">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:interface_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an interface_test must reference an interface_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M211"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:interface_test/ios-def:state" priority="3999" mode="M211">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:interface_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a dpkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of an interface_test must reference an interface_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M211"/>
@@ -5723,31 +6440,23 @@
<xsl:apply-templates select="@*|node()" mode="M211"/>
</xsl:template>
- <!--PATTERN dpkgstearch-->
+ <!--PATTERN iosinterfaceobjname-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:arch" priority="4000" mode="M212">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:interface_object/ios-def:name" priority="4000" mode="M212">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the arch entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an interface_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the arch entity of a dpkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M212"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M212"/>
@@ -5755,31 +6464,23 @@
<xsl:apply-templates select="@*|node()" mode="M212"/>
</xsl:template>
- <!--PATTERN dpkgsteepoch-->
+ <!--PATTERN iosinterfacestename-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:epoch" priority="4000" mode="M213">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:interface_state/ios-def:name" priority="4000" mode="M213">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the epoch entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the epoch entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M213"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M213"/>
@@ -5787,31 +6488,23 @@
<xsl:apply-templates select="@*|node()" mode="M213"/>
</xsl:template>
- <!--PATTERN dpkgsterelease-->
+ <!--PATTERN iosinterfacesteip_directed_broadcast_command-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:release" priority="4000" mode="M214">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:interface_state/ios-def:ip_directed_broadcast_command" priority="4000" mode="M214">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the release entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ip_directed_broadcast_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the release entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M214"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M214"/>
@@ -5819,31 +6512,23 @@
<xsl:apply-templates select="@*|node()" mode="M214"/>
</xsl:template>
- <!--PATTERN dpkgsteversion-->
+ <!--PATTERN iosinterfacesteno_ip_directed_broadcast_command-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:version" priority="4000" mode="M215">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:interface_state/ios-def:no_ip_directed_broadcast_command" priority="4000" mode="M215">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the no_ip_directed_broadcast_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the version entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M215"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M215"/>
@@ -5851,29 +6536,21 @@
<xsl:apply-templates select="@*|node()" mode="M215"/>
</xsl:template>
- <!--PATTERN dpkgsteevr-->
+ <!--PATTERN iosinterfacesteproxy_arp_command-->
- <!--RULE -->
-<xsl:template match="linux-def:dpkginfo_state/linux-def:evr" priority="4000" mode="M216">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='evr_string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the evr entity of a dpkginfo_state should be 'evr_string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:interface_state/ios-def:proxy_arp_command" priority="4000" mode="M216">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the evr entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the proxy_arp_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M216"/>
@@ -5883,33 +6560,23 @@
<xsl:apply-templates select="@*|node()" mode="M216"/>
</xsl:template>
- <!--PATTERN ilsobjprotocol-->
+ <!--PATTERN iosinterfacesteshutdown_command-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_object/linux-def:protocol"
- priority="4000"
- mode="M217">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:interface_state/ios-def:shutdown_command" priority="4000" mode="M217">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the shutdown_command entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the protocol entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M217"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M217"/>
@@ -5917,31 +6584,38 @@
<xsl:apply-templates select="@*|node()" mode="M217"/>
</xsl:template>
- <!--PATTERN ilsobjlocal_address-->
+ <!--PATTERN ioslinetst-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_object/linux-def:local_address"
- priority="4000"
- mode="M218">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:line_test/ios-def:object" priority="4000" mode="M218">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:line_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a line_test must reference a line_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M218"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:line_test/ios-def:state" priority="3999" mode="M218">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:line_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the local_address entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a line_test must reference a line_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M218"/>
@@ -5951,33 +6625,23 @@
<xsl:apply-templates select="@*|node()" mode="M218"/>
</xsl:template>
- <!--PATTERN ilsobjlocal_port-->
+ <!--PATTERN ioslineobjshow_subcommand-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_object/linux-def:local_port"
- priority="4000"
- mode="M219">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:line_object/ios-def:show_subcommand" priority="4000" mode="M219">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the local_port entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M219"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M219"/>
@@ -5985,32 +6649,23 @@
<xsl:apply-templates select="@*|node()" mode="M219"/>
</xsl:template>
- <!--PATTERN ilssteprotocol-->
+ <!--PATTERN ioslinesteshow_subcommand-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:protocol" priority="4000"
- mode="M220">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:line_state/ios-def:show_subcommand" priority="4000" mode="M220">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the protocol entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M220"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M220"/>
@@ -6018,33 +6673,23 @@
<xsl:apply-templates select="@*|node()" mode="M220"/>
</xsl:template>
- <!--PATTERN ilsstelocal_address-->
+ <!--PATTERN ioslinesteconfig_line-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_address"
- priority="4000"
- mode="M221">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:line_state/ios-def:config_line" priority="4000" mode="M221">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the config_line entity of a line_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the local_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M221"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M221"/>
@@ -6052,31 +6697,38 @@
<xsl:apply-templates select="@*|node()" mode="M221"/>
</xsl:template>
- <!--PATTERN ilsstelocal_port-->
+ <!--PATTERN snmptst-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_port"
- priority="4000"
- mode="M222">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:snmp_test/ios-def:object" priority="4000" mode="M222">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:snmp_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a snmp_test must reference a snmp_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M222"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:snmp_test/ios-def:state" priority="3999" mode="M222">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:snmp_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the local_port entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a snmp_test must reference a snmp_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M222"/>
@@ -6086,33 +6738,23 @@
<xsl:apply-templates select="@*|node()" mode="M222"/>
</xsl:template>
- <!--PATTERN ilsstelocal_full_address-->
+ <!--PATTERN snmpsteaccess_list-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_full_address"
- priority="4000"
- mode="M223">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:snmp_state/ios-def:access_list" priority="4000" mode="M223">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_list entity of a snmp_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the local_full_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M223"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M223"/>
@@ -6120,33 +6762,23 @@
<xsl:apply-templates select="@*|node()" mode="M223"/>
</xsl:template>
- <!--PATTERN ilssteprogram_name-->
+ <!--PATTERN snmpstecommunity_name-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:program_name"
- priority="4000"
- mode="M224">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:snmp_state/ios-def:community_name" priority="4000" mode="M224">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the community_name entity of a snmp_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the program_name entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M224"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M224"/>
@@ -6154,31 +6786,38 @@
<xsl:apply-templates select="@*|node()" mode="M224"/>
</xsl:template>
- <!--PATTERN ilssteforeign_address-->
+ <!--PATTERN tclshtst-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_address"
- priority="4000"
- mode="M225">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:tclsh_test/ios-def:object" priority="4000" mode="M225">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:tclsh_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the foreign_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a tclsh_test must reference a tclsh_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M225"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:tclsh_test/ios-def:state" priority="3999" mode="M225">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:tclsh_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the foreign_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a tclsh_test must reference a tclsh_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M225"/>
@@ -6188,31 +6827,21 @@
<xsl:apply-templates select="@*|node()" mode="M225"/>
</xsl:template>
- <!--PATTERN ilssteforeign_port-->
+ <!--PATTERN tclshsteavailable-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_port"
- priority="4000"
- mode="M226">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the foreign_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:tclsh_state/ios-def:available" priority="4000" mode="M226">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the foreign_port entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the available entity of a tclsh_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M226"/>
@@ -6222,31 +6851,38 @@
<xsl:apply-templates select="@*|node()" mode="M226"/>
</xsl:template>
- <!--PATTERN ilssteforeign_full_address-->
+ <!--PATTERN iosver55tst-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_full_address"
- priority="4000"
- mode="M227">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="ios-def:version55_test/ios-def:object" priority="4000" mode="M227">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version55_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a version55_test must reference a version_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M227"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:version55_test/ios-def:state" priority="3999" mode="M227">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version55_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a version55_test must reference a version_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M227"/>
@@ -6256,30 +6892,21 @@
<xsl:apply-templates select="@*|node()" mode="M227"/>
</xsl:template>
- <!--PATTERN ilsstepid-->
+ <!--PATTERN iosver55stemajorversion-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:pid" priority="4000"
- mode="M228">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pid entity of an inetlisteningservers_state should be 'int'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:major_version" priority="4000" mode="M228">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the pid entity of an inetlisteningservers_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the major_version entity of a version55_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M228"/>
@@ -6289,30 +6916,21 @@
<xsl:apply-templates select="@*|node()" mode="M228"/>
</xsl:template>
- <!--PATTERN ilssteuser_id-->
+ <!--PATTERN iosver55steminorversion-->
- <!--RULE -->
-<xsl:template match="linux-def:inetlisteningservers_state/linux-def:user_id" priority="4000"
- mode="M229">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_id entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:minor_version" priority="4000" mode="M229">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the user_id entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the minor_version entity of a version55_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M229"/>
@@ -6322,29 +6940,21 @@
<xsl:apply-templates select="@*|node()" mode="M229"/>
</xsl:template>
- <!--PATTERN rpmobjname-->
+ <!--PATTERN iosver55sterelease-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_object/linux-def:name" priority="4000" mode="M230">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a rpminfo_object should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:release" priority="4000" mode="M230">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a rpminfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the release entity of a version55_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M230"/>
@@ -6354,31 +6964,23 @@
<xsl:apply-templates select="@*|node()" mode="M230"/>
</xsl:template>
- <!--PATTERN rpmstename-->
+ <!--PATTERN iosver55stetrain_identifier-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:name" priority="4000" mode="M231">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:version_state/ios-def:train_identifier" priority="4000" mode="M231">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the train_identifier entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M231"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M231"/>
@@ -6386,29 +6988,21 @@
<xsl:apply-templates select="@*|node()" mode="M231"/>
</xsl:template>
- <!--PATTERN rpmstearch-->
+ <!--PATTERN iosver55sterebuild-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:arch" priority="4000" mode="M232">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the arch entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:rebuild" priority="4000" mode="M232">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the arch entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the rebuild entity of a version55_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M232"/>
@@ -6418,31 +7012,23 @@
<xsl:apply-templates select="@*|node()" mode="M232"/>
</xsl:template>
- <!--PATTERN rpmsteepoch-->
+ <!--PATTERN iosver55stesubrebuild-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:epoch" priority="4000" mode="M233">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:subrebuild" priority="4000" mode="M233">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the epoch entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the subrebuild entity of a version55_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the epoch entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M233"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M233"/>
@@ -6450,29 +7036,21 @@
<xsl:apply-templates select="@*|node()" mode="M233"/>
</xsl:template>
- <!--PATTERN rpmsterelease-->
+ <!--PATTERN iosver55stemainlinerebuild-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:release" priority="4000" mode="M234">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string' or @datatype='version'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the release entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:mainline_rebuild" priority="4000" mode="M234">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the release entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the mainline_rebuild entity of a version55_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M234"/>
@@ -6482,29 +7060,21 @@
<xsl:apply-templates select="@*|node()" mode="M234"/>
</xsl:template>
- <!--PATTERN rpmsteversion-->
+ <!--PATTERN iosver55steversionstring-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:version" priority="4000" mode="M235">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string' or @datatype='version'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version55_state/ios-def:version_string" priority="4000" mode="M235">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='ios_version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the version entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version_string entity of a version55_state should be 'ios_version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M235"/>
@@ -6514,29 +7084,38 @@
<xsl:apply-templates select="@*|node()" mode="M235"/>
</xsl:template>
- <!--PATTERN rpmsteevr-->
+ <!--PATTERN iosvertst-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:evr" priority="4000" mode="M236">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='evr_string'"/>
+ <xsl:template match="ios-def:version_test/ios-def:object" priority="4000" mode="M236">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/ios-def:version_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the evr entity of a rpminfo_state should be 'evr_string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a version_test must reference a version_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M236"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <!--RULE -->
+
+ <xsl:template match="ios-def:version_test/ios-def:state" priority="3999" mode="M236">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/ios-def:version_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the evr entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a version_test must reference a version_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M236"/>
@@ -6546,32 +7125,23 @@
<xsl:apply-templates select="@*|node()" mode="M236"/>
</xsl:template>
- <!--PATTERN rpmstesignaturekeyid-->
+ <!--PATTERN iosverstemajor_release-->
- <!--RULE -->
-<xsl:template match="linux-def:rpminfo_state/linux-def:signature_keyid" priority="4000"
- mode="M237">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:version_state/ios-def:major_release" priority="4000" mode="M237">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the signature_keyid entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the major_release entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the signature_keyid entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M237"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M237"/>
@@ -6579,32 +7149,23 @@
<xsl:apply-templates select="@*|node()" mode="M237"/>
</xsl:template>
- <!--PATTERN spkginfoobjname-->
+ <!--PATTERN iosverstetrain_number-->
- <!--RULE -->
-<xsl:template match="linux-def:slackwarepkginfo_object/linux-def:name" priority="4000"
- mode="M238">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:version_state/ios-def:train_number" priority="4000" mode="M238">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a slackwarepkginfo_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the train_number entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a slackwarepkginfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M238"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M238"/>
@@ -6612,32 +7173,23 @@
<xsl:apply-templates select="@*|node()" mode="M238"/>
</xsl:template>
- <!--PATTERN spkginfostename-->
+ <!--PATTERN iosverstetrain_identifier-->
- <!--RULE -->
-<xsl:template match="linux-def:slackwarepkginfo_state/linux-def:name" priority="4000"
- mode="M239">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="ios-def:version_state/ios-def:train_identifier" priority="4000" mode="M239">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the train_identifier entity of a version_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the name entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M239"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M239"/>
@@ -6645,30 +7197,21 @@
<xsl:apply-templates select="@*|node()" mode="M239"/>
</xsl:template>
- <!--PATTERN spkginfosteversion-->
+ <!--PATTERN iosversteversion_string-->
- <!--RULE -->
-<xsl:template match="linux-def:slackwarepkginfo_state/linux-def:version" priority="4000"
- mode="M240">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="ios-def:version_state/ios-def:version_string" priority="4000" mode="M240">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='ios_version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the version entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version_string entity of a version_state should be 'ios_version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M240"/>
@@ -6678,30 +7221,32 @@
<xsl:apply-templates select="@*|node()" mode="M240"/>
</xsl:template>
- <!--PATTERN spkginfostearch-->
+ <!--PATTERN dpkgobjname-->
- <!--RULE -->
-<xsl:template match="linux-def:slackwarepkginfo_state/linux-def:architecture" priority="4000"
- mode="M241">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:dpkginfo_object/linux-def:name" priority="4000" mode="M241">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the architecture entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a dpkginfo_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <!--ASSERT -->
-<xsl:choose>
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the architecture entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - operation attribute for the name entity of a dpkginfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M241"/>
@@ -6711,30 +7256,32 @@
<xsl:apply-templates select="@*|node()" mode="M241"/>
</xsl:template>
- <!--PATTERN spkginfosterevision-->
+ <!--PATTERN dpkgstename-->
- <!--RULE -->
-<xsl:template match="linux-def:slackwarepkginfo_state/linux-def:revision" priority="4000"
- mode="M242">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:name" priority="4000" mode="M242">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the revision entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <!--ASSERT -->
-<xsl:choose>
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - operation attribute for the revision entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - operation attribute for the name entity of a dpkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M242"/>
@@ -6744,22 +7291,34 @@
<xsl:apply-templates select="@*|node()" mode="M242"/>
</xsl:template>
- <!--PATTERN accountobjusername-->
+ <!--PATTERN dpkgstearch-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_object/macos-def:username" priority="4000"
- mode="M243">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:arch" priority="4000" mode="M243">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of an accountinfo_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the arch entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the arch entity of a dpkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M243"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M243"/>
@@ -6767,22 +7326,34 @@
<xsl:apply-templates select="@*|node()" mode="M243"/>
</xsl:template>
- <!--PATTERN accountsteusername-->
+ <!--PATTERN dpkgsteepoch-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:username" priority="4000"
- mode="M244">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:epoch" priority="4000" mode="M244">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the epoch entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the epoch entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M244"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M244"/>
@@ -6790,22 +7361,34 @@
<xsl:apply-templates select="@*|node()" mode="M244"/>
</xsl:template>
- <!--PATTERN accountstepassword-->
+ <!--PATTERN dpkgsterelease-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:password" priority="4000"
- mode="M245">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:release" priority="4000" mode="M245">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the release entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the release entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M245"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M245"/>
@@ -6813,21 +7396,34 @@
<xsl:apply-templates select="@*|node()" mode="M245"/>
</xsl:template>
- <!--PATTERN accountsteuid-->
+ <!--PATTERN dpkgsteversion-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:uid" priority="4000" mode="M246">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:version" priority="4000" mode="M246">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the uid entity of an accountinfo_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a dpkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the version entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M246"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M246"/>
@@ -6835,21 +7431,34 @@
<xsl:apply-templates select="@*|node()" mode="M246"/>
</xsl:template>
- <!--PATTERN accountstegid-->
+ <!--PATTERN dpkgsteevr-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:gid" priority="4000" mode="M247">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="linux-def:dpkginfo_state/linux-def:evr" priority="4000" mode="M247">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='evr_string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gid entity of an accountinfo_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the evr entity of a dpkginfo_state should be 'evr_string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or 'pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the evr entity of a dpkginfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M247"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M247"/>
@@ -6857,22 +7466,34 @@
<xsl:apply-templates select="@*|node()" mode="M247"/>
</xsl:template>
- <!--PATTERN accountsterealname-->
+ <!--PATTERN ilsobjprotocol-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:realname" priority="4000"
- mode="M248">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_object/linux-def:protocol" priority="4000" mode="M248">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the realname entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the protocol entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M248"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M248"/>
@@ -6880,22 +7501,34 @@
<xsl:apply-templates select="@*|node()" mode="M248"/>
</xsl:template>
- <!--PATTERN accountstehome_dir-->
+ <!--PATTERN ilsobjlocal_address-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:home_dir" priority="4000"
- mode="M249">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_object/linux-def:local_address" priority="4000" mode="M249">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the home_dir entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the local_address entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M249"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M249"/>
@@ -6903,22 +7536,34 @@
<xsl:apply-templates select="@*|node()" mode="M249"/>
</xsl:template>
- <!--PATTERN accountstelogin_shell-->
+ <!--PATTERN ilsobjlocal_port-->
- <!--RULE -->
-<xsl:template match="macos-def:accountinfo_state/macos-def:login_shell" priority="4000"
- mode="M250">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_object/linux-def:local_port" priority="4000" mode="M250">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_shell entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the local_port entity of an inetlisteningservers_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M250"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M250"/>
@@ -6926,23 +7571,34 @@
<xsl:apply-templates select="@*|node()" mode="M250"/>
</xsl:template>
- <!--PATTERN macosilsobjprogram_name-->
+ <!--PATTERN ilssteprotocol-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_object/macos-def:program_name"
- priority="4000"
- mode="M251">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:protocol" priority="4000" mode="M251">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the protocol entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M251"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M251"/>
@@ -6950,23 +7606,34 @@
<xsl:apply-templates select="@*|node()" mode="M251"/>
</xsl:template>
- <!--PATTERN macosilssteprogram_name-->
+ <!--PATTERN ilsstelocal_address-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:program_name"
- priority="4000"
- mode="M252">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_address" priority="4000" mode="M252">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the local_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M252"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M252"/>
@@ -6974,23 +7641,34 @@
<xsl:apply-templates select="@*|node()" mode="M252"/>
</xsl:template>
- <!--PATTERN macosilsstelocal_address-->
+ <!--PATTERN ilsstelocal_port-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_address"
- priority="4000"
- mode="M253">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_port" priority="4000" mode="M253">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the local_port entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M253"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M253"/>
@@ -6998,23 +7676,34 @@
<xsl:apply-templates select="@*|node()" mode="M253"/>
</xsl:template>
- <!--PATTERN macosilsstelocal_full_address-->
+ <!--PATTERN ilsstelocal_full_address-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_full_address"
- priority="4000"
- mode="M254">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:local_full_address" priority="4000" mode="M254">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
<xsl:text/> - datatype attribute for the local_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the local_full_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M254"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M254"/>
@@ -7022,23 +7711,34 @@
<xsl:apply-templates select="@*|node()" mode="M254"/>
</xsl:template>
- <!--PATTERN macosilsstelocal_port-->
+ <!--PATTERN ilssteprogram_name-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_port"
- priority="4000"
- mode="M255">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:program_name" priority="4000" mode="M255">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the program_name entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M255"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M255"/>
@@ -7046,23 +7746,34 @@
<xsl:apply-templates select="@*|node()" mode="M255"/>
</xsl:template>
- <!--PATTERN macosilssteforeign_address-->
+ <!--PATTERN ilssteforeign_address-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_address"
- priority="4000"
- mode="M256">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_address" priority="4000" mode="M256">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
<xsl:text/> - datatype attribute for the foreign_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the foreign_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M256"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M256"/>
@@ -7070,23 +7781,34 @@
<xsl:apply-templates select="@*|node()" mode="M256"/>
</xsl:template>
- <!--PATTERN macosilssteforeign_full_address-->
+ <!--PATTERN ilssteforeign_port-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_full_address"
- priority="4000"
- mode="M257">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_port" priority="4000" mode="M257">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the foreign_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the foreign_port entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M257"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M257"/>
@@ -7094,23 +7816,34 @@
<xsl:apply-templates select="@*|node()" mode="M257"/>
</xsl:template>
- <!--PATTERN macosilssteforeign_port-->
+ <!--PATTERN ilssteforeign_full_address-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_port"
- priority="4000"
- mode="M258">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:foreign_full_address" priority="4000" mode="M258">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the foreign_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M258"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M258"/>
@@ -7118,22 +7851,34 @@
<xsl:apply-templates select="@*|node()" mode="M258"/>
</xsl:template>
- <!--PATTERN macosilsstepid-->
+ <!--PATTERN ilsstepid-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:pid" priority="4000"
- mode="M259">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:pid" priority="4000" mode="M259">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
<xsl:text/> - datatype attribute for the pid entity of an inetlisteningservers_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the pid entity of an inetlisteningservers_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', or 'less than or equal'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M259"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M259"/>
@@ -7141,22 +7886,34 @@
<xsl:apply-templates select="@*|node()" mode="M259"/>
</xsl:template>
- <!--PATTERN macosilssteprotocol-->
+ <!--PATTERN ilssteuser_id-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:protocol" priority="4000"
- mode="M260">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:inetlisteningservers_state/linux-def:user_id" priority="4000" mode="M260">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_id entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the user_id entity of an inetlisteningservers_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M260"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M260"/>
@@ -7164,22 +7921,34 @@
<xsl:apply-templates select="@*|node()" mode="M260"/>
</xsl:template>
- <!--PATTERN macosilssteuser_id-->
+ <!--PATTERN rpmobjname-->
- <!--RULE -->
-<xsl:template match="macos-def:inetlisteningservers_state/macos-def:user_id" priority="4000"
- mode="M261">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:rpminfo_object/linux-def:name" priority="4000" mode="M261">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_id entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a rpminfo_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the name entity of a rpminfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M261"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M261"/>
@@ -7187,21 +7956,34 @@
<xsl:apply-templates select="@*|node()" mode="M261"/>
</xsl:template>
- <!--PATTERN nvramobjnvram_var-->
+ <!--PATTERN rpmstename-->
- <!--RULE -->
-<xsl:template match="macos-def:nvram_object/macos-def:nvram_var" priority="4000" mode="M262">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:name" priority="4000" mode="M262">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the nvram_var entity of a nvram_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the name entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M262"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M262"/>
@@ -7209,21 +7991,34 @@
<xsl:apply-templates select="@*|node()" mode="M262"/>
</xsl:template>
- <!--PATTERN nvramstenvram_var-->
+ <!--PATTERN rpmstearch-->
- <!--RULE -->
-<xsl:template match="macos-def:nvram_state/macos-def:nvram_var" priority="4000" mode="M263">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:arch" priority="4000" mode="M263">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the nvram_var entity of a nvram_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the arch entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the arch entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M263"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M263"/>
@@ -7231,21 +8026,34 @@
<xsl:apply-templates select="@*|node()" mode="M263"/>
</xsl:template>
- <!--PATTERN nvramstenvram_value-->
+ <!--PATTERN rpmsteepoch-->
- <!--RULE -->
-<xsl:template match="macos-def:nvram_state/macos-def:nvram_value" priority="4000" mode="M264">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:epoch" priority="4000" mode="M264">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the nvram_value entity of a nvram_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the epoch entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the epoch entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M264"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M264"/>
@@ -7253,22 +8061,34 @@
<xsl:apply-templates select="@*|node()" mode="M264"/>
</xsl:template>
- <!--PATTERN pwpobjusername-->
+ <!--PATTERN rpmsterelease-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_object/macos-def:username" priority="4000"
- mode="M265">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:release" priority="4000" mode="M265">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string' or @datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the release entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the release entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M265"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M265"/>
@@ -7276,22 +8096,34 @@
<xsl:apply-templates select="@*|node()" mode="M265"/>
</xsl:template>
- <!--PATTERN pwpobjuserpass-->
+ <!--PATTERN rpmsteversion-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_object/macos-def:userpass" priority="4000"
- mode="M266">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:version" priority="4000" mode="M266">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string' or @datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the userpass entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the version entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M266"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M266"/>
@@ -7299,22 +8131,34 @@
<xsl:apply-templates select="@*|node()" mode="M266"/>
</xsl:template>
- <!--PATTERN pwpobjdirectory_node-->
+ <!--PATTERN rpmsteevr-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_object/macos-def:directory_node" priority="4000"
- mode="M267">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:evr" priority="4000" mode="M267">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='evr_string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_node entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the evr entity of a rpminfo_state should be 'evr_string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the evr entity of a rpminfo_state should be 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M267"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M267"/>
@@ -7322,21 +8166,34 @@
<xsl:apply-templates select="@*|node()" mode="M267"/>
</xsl:template>
- <!--PATTERN pwpsteusername-->
+ <!--PATTERN rpmstesignaturekeyid-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:username" priority="4000" mode="M268">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:rpminfo_state/linux-def:signature_keyid" priority="4000" mode="M268">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the signature_keyid entity of a rpminfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the signature_keyid entity of a rpminfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M268"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M268"/>
@@ -7344,21 +8201,34 @@
<xsl:apply-templates select="@*|node()" mode="M268"/>
</xsl:template>
- <!--PATTERN pwpsteuserpass-->
+ <!--PATTERN spkginfoobjname-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:userpass" priority="4000" mode="M269">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:slackwarepkginfo_object/linux-def:name" priority="4000" mode="M269">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the userpass entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a slackwarepkginfo_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the name entity of a slackwarepkginfo_object should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M269"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M269"/>
@@ -7366,22 +8236,34 @@
<xsl:apply-templates select="@*|node()" mode="M269"/>
</xsl:template>
- <!--PATTERN pwpstedirectory_node-->
+ <!--PATTERN spkginfostename-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:directory_node" priority="4000"
- mode="M270">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="linux-def:slackwarepkginfo_state/linux-def:name" priority="4000" mode="M270">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_node entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the name entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M270"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M270"/>
@@ -7389,21 +8271,34 @@
<xsl:apply-templates select="@*|node()" mode="M270"/>
</xsl:template>
- <!--PATTERN pwpstemaxChars-->
+ <!--PATTERN spkginfosteversion-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:maxChars" priority="4000" mode="M271">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="linux-def:slackwarepkginfo_state/linux-def:version" priority="4000" mode="M271">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the maxChars entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the version entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M271"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M271"/>
@@ -7411,23 +8306,34 @@
<xsl:apply-templates select="@*|node()" mode="M271"/>
</xsl:template>
- <!--PATTERN pwpstemaxFailedLoginAttempts-->
+ <!--PATTERN spkginfostearch-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:maxFailedLoginAttempts"
- priority="4000"
- mode="M272">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="linux-def:slackwarepkginfo_state/linux-def:architecture" priority="4000" mode="M272">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the maxFailedLoginAttempts entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the architecture entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the architecture entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M272"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M272"/>
@@ -7435,21 +8341,34 @@
<xsl:apply-templates select="@*|node()" mode="M272"/>
</xsl:template>
- <!--PATTERN pwpsteminChars-->
+ <!--PATTERN spkginfosterevision-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:minChars" priority="4000" mode="M273">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="linux-def:slackwarepkginfo_state/linux-def:revision" priority="4000" mode="M273">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the minChars entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the revision entity of a slackwarepkginfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='pattern match'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the revision entity of a slackwarepkginfo_state should be 'equals', 'not equal', or 'pattern match'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M273"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M273"/>
@@ -7457,20 +8376,21 @@
<xsl:apply-templates select="@*|node()" mode="M273"/>
</xsl:template>
- <!--PATTERN pwpstepasswordCannotBeName-->
+ <!--PATTERN accountobjusername-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:passwordCannotBeName" priority="4000"
- mode="M274">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='boolean'"/>
+ <xsl:template match="macos-def:accountinfo_object/macos-def:username" priority="4000" mode="M274">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the passwordCannotBeName entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of an accountinfo_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M274"/>
@@ -7480,20 +8400,21 @@
<xsl:apply-templates select="@*|node()" mode="M274"/>
</xsl:template>
- <!--PATTERN pwpsterequiresAlpha-->
+ <!--PATTERN accountsteusername-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:requiresAlpha" priority="4000"
- mode="M275">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='boolean'"/>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:username" priority="4000" mode="M275">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the requiresAlpha entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M275"/>
@@ -7503,20 +8424,21 @@
<xsl:apply-templates select="@*|node()" mode="M275"/>
</xsl:template>
- <!--PATTERN pwpsterequiresNumeric-->
+ <!--PATTERN accountstepassword-->
- <!--RULE -->
-<xsl:template match="macos-def:pwpolicy_state/macos-def:requiresNumeric" priority="4000"
- mode="M276">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='boolean'"/>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:password" priority="4000" mode="M276">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the requiresNumeric entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M276"/>
@@ -7526,34 +8448,21 @@
<xsl:apply-templates select="@*|node()" mode="M276"/>
</xsl:template>
- <!--PATTERN isainfotst-->
+ <!--PATTERN accountsteuid-->
- <!--RULE -->
-<xsl:template match="sol-def:isainfo_test/sol-def:object" priority="4000" mode="M277">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:smf_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an isainfo_test must reference an isainfo_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M277"/>
- </xsl:template>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:uid" priority="4000" mode="M277">
- <!--RULE -->
-<xsl:template match="sol-def:isainfo_test/sol-def:state" priority="3999" mode="M277">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:smf_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an isainfo_test must reference an isainfo_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the uid entity of an accountinfo_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M277"/>
@@ -7563,19 +8472,21 @@
<xsl:apply-templates select="@*|node()" mode="M277"/>
</xsl:template>
- <!--PATTERN isastebits-->
+ <!--PATTERN accountstegid-->
- <!--RULE -->
-<xsl:template match="sol-def:isainfo_state/sol-def:bits" priority="4000" mode="M278">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:gid" priority="4000" mode="M278">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the bits entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gid entity of an accountinfo_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M278"/>
@@ -7585,19 +8496,21 @@
<xsl:apply-templates select="@*|node()" mode="M278"/>
</xsl:template>
- <!--PATTERN isastekernel_isa-->
+ <!--PATTERN accountsterealname-->
- <!--RULE -->
-<xsl:template match="sol-def:isainfo_state/sol-def:kernel_isa" priority="4000" mode="M279">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:realname" priority="4000" mode="M279">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the kernel_isa entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the realname entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M279"/>
@@ -7607,20 +8520,21 @@
<xsl:apply-templates select="@*|node()" mode="M279"/>
</xsl:template>
- <!--PATTERN isasteapplication_isa-->
+ <!--PATTERN accountstehome_dir-->
- <!--RULE -->
-<xsl:template match="sol-def:isainfo_state/sol-def:application_isa" priority="4000"
- mode="M280">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:home_dir" priority="4000" mode="M280">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the application_isa entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the home_dir entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M280"/>
@@ -7630,34 +8544,21 @@
<xsl:apply-templates select="@*|node()" mode="M280"/>
</xsl:template>
- <!--PATTERN packagetst-->
+ <!--PATTERN accountstelogin_shell-->
- <!--RULE -->
-<xsl:template match="sol-def:package_test/sol-def:object" priority="4000" mode="M281">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:package_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a package_test must reference a package_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M281"/>
- </xsl:template>
+ <xsl:template match="macos-def:accountinfo_state/macos-def:login_shell" priority="4000" mode="M281">
- <!--RULE -->
-<xsl:template match="sol-def:package_test/sol-def:state" priority="3999" mode="M281">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:package_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a package_test must reference a package_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_shell entity of an accountinfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M281"/>
@@ -7667,19 +8568,21 @@
<xsl:apply-templates select="@*|node()" mode="M281"/>
</xsl:template>
- <!--PATTERN packageobjpkginst-->
+ <!--PATTERN macosilsobjprogram_name-->
- <!--RULE -->
-<xsl:template match="sol-def:package_object/sol-def:pkginst" priority="4000" mode="M282">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_object/macos-def:program_name" priority="4000" mode="M282">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pkginst entity of a package_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M282"/>
@@ -7689,19 +8592,21 @@
<xsl:apply-templates select="@*|node()" mode="M282"/>
</xsl:template>
- <!--PATTERN packagestepkginst-->
+ <!--PATTERN macosilssteprogram_name-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:pkginst" priority="4000" mode="M283">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:program_name" priority="4000" mode="M283">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pkginst entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the program_name entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M283"/>
@@ -7711,19 +8616,21 @@
<xsl:apply-templates select="@*|node()" mode="M283"/>
</xsl:template>
- <!--PATTERN packagestename-->
+ <!--PATTERN macosilsstelocal_address-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:name" priority="4000" mode="M284">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_address" priority="4000" mode="M284">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M284"/>
@@ -7733,19 +8640,21 @@
<xsl:apply-templates select="@*|node()" mode="M284"/>
</xsl:template>
- <!--PATTERN packagestecategory-->
+ <!--PATTERN macosilsstelocal_full_address-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:category" priority="4000" mode="M285">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_full_address" priority="4000" mode="M285">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the category entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M285"/>
@@ -7755,19 +8664,21 @@
<xsl:apply-templates select="@*|node()" mode="M285"/>
</xsl:template>
- <!--PATTERN packagesteversion-->
+ <!--PATTERN macosilsstelocal_port-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:version" priority="4000" mode="M286">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:local_port" priority="4000" mode="M286">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M286"/>
@@ -7777,19 +8688,21 @@
<xsl:apply-templates select="@*|node()" mode="M286"/>
</xsl:template>
- <!--PATTERN packagestevendor-->
+ <!--PATTERN macosilssteforeign_address-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:vendor" priority="4000" mode="M287">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_address" priority="4000" mode="M287">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the vendor entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the foreign_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M287"/>
@@ -7799,19 +8712,21 @@
<xsl:apply-templates select="@*|node()" mode="M287"/>
</xsl:template>
- <!--PATTERN packagestedescription-->
+ <!--PATTERN macosilssteforeign_full_address-->
- <!--RULE -->
-<xsl:template match="sol-def:package_state/sol-def:description" priority="4000" mode="M288">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_full_address" priority="4000" mode="M288">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the description entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the foreign_full_address entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M288"/>
@@ -7821,34 +8736,21 @@
<xsl:apply-templates select="@*|node()" mode="M288"/>
</xsl:template>
- <!--PATTERN patch54tst-->
+ <!--PATTERN macosilssteforeign_port-->
- <!--RULE -->
-<xsl:template match="sol-def:patch54_test/sol-def:object" priority="4000" mode="M289">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:patch54_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a patch54_test must reference a patch54_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M289"/>
- </xsl:template>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:foreign_port" priority="4000" mode="M289">
- <!--RULE -->
-<xsl:template match="sol-def:patch54_test/sol-def:state" priority="3999" mode="M289">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:patch_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a patch54_test must reference a patch_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the foreign_port entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M289"/>
@@ -7858,34 +8760,21 @@
<xsl:apply-templates select="@*|node()" mode="M289"/>
</xsl:template>
- <!--PATTERN patchtst-->
+ <!--PATTERN macosilsstepid-->
- <!--RULE -->
-<xsl:template match="sol-def:patch_test/sol-def:object" priority="4000" mode="M290">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:patch_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a patch_test must reference a patch_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M290"/>
- </xsl:template>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:pid" priority="4000" mode="M290">
- <!--RULE -->
-<xsl:template match="sol-def:patch_test/sol-def:state" priority="3999" mode="M290">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:patch_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a patch_test must reference a patch_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pid entity of an inetlisteningservers_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M290"/>
@@ -7895,19 +8784,21 @@
<xsl:apply-templates select="@*|node()" mode="M290"/>
</xsl:template>
- <!--PATTERN patch54objbase-->
+ <!--PATTERN macosilssteprotocol-->
- <!--RULE -->
-<xsl:template match="sol-def:patch54_object/sol-def:base" priority="4000" mode="M291">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:protocol" priority="4000" mode="M291">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the base entity of a patch54_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M291"/>
@@ -7917,19 +8808,21 @@
<xsl:apply-templates select="@*|node()" mode="M291"/>
</xsl:template>
- <!--PATTERN patch54objversion-->
+ <!--PATTERN macosilssteuser_id-->
- <!--RULE -->
-<xsl:template match="sol-def:patch54_object/sol-def:version" priority="4000" mode="M292">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="macos-def:inetlisteningservers_state/macos-def:user_id" priority="4000" mode="M292">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a patch54_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_id entity of an inetlisteningservers_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M292"/>
@@ -7939,19 +8832,21 @@
<xsl:apply-templates select="@*|node()" mode="M292"/>
</xsl:template>
- <!--PATTERN patchobjbase-->
+ <!--PATTERN nvramobjnvram_var-->
- <!--RULE -->
-<xsl:template match="sol-def:patch_object/sol-def:base" priority="4000" mode="M293">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="macos-def:nvram_object/macos-def:nvram_var" priority="4000" mode="M293">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the base entity of a patch_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the nvram_var entity of a nvram_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M293"/>
@@ -7961,19 +8856,21 @@
<xsl:apply-templates select="@*|node()" mode="M293"/>
</xsl:template>
- <!--PATTERN patchstebase-->
+ <!--PATTERN nvramstenvram_var-->
- <!--RULE -->
-<xsl:template match="sol-def:patch_state/sol-def:base" priority="4000" mode="M294">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="macos-def:nvram_state/macos-def:nvram_var" priority="4000" mode="M294">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the base entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the nvram_var entity of a nvram_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M294"/>
@@ -7983,19 +8880,21 @@
<xsl:apply-templates select="@*|node()" mode="M294"/>
</xsl:template>
- <!--PATTERN patchsteversion-->
+ <!--PATTERN nvramstenvram_value-->
- <!--RULE -->
-<xsl:template match="sol-def:patch_state/sol-def:version" priority="4000" mode="M295">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="macos-def:nvram_state/macos-def:nvram_value" priority="4000" mode="M295">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the nvram_value entity of a nvram_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M295"/>
@@ -8005,34 +8904,21 @@
<xsl:apply-templates select="@*|node()" mode="M295"/>
</xsl:template>
- <!--PATTERN smftst-->
+ <!--PATTERN pwpobjusername-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_test/sol-def:object" priority="4000" mode="M296">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:smf_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a smf_test must reference a smf_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M296"/>
- </xsl:template>
+ <xsl:template match="macos-def:pwpolicy_object/macos-def:username" priority="4000" mode="M296">
- <!--RULE -->
-<xsl:template match="sol-def:smf_test/sol-def:state" priority="3999" mode="M296">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:smf_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a smf_test must reference a smf_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M296"/>
@@ -8042,21 +8928,34 @@
<xsl:apply-templates select="@*|node()" mode="M296"/>
</xsl:template>
- <!--PATTERN fmriobjbase-->
+ <!--PATTERN pwpobjuserpass-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_object/sol-def:fmri" priority="4000" mode="M297">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:pwpolicy_object/macos-def:userpass" priority="4000" mode="M297">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the fmri entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the userpass entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the userpass entity of a pwpolicy_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M297"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M297"/>
@@ -8064,19 +8963,21 @@
<xsl:apply-templates select="@*|node()" mode="M297"/>
</xsl:template>
- <!--PATTERN fmristebase-->
+ <!--PATTERN pwpobjdirectory_node-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:fmri" priority="4000" mode="M298">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:pwpolicy_object/macos-def:directory_node" priority="4000" mode="M298">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the fmri entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_node entity of a pwpolicy_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M298"/>
@@ -8086,19 +8987,21 @@
<xsl:apply-templates select="@*|node()" mode="M298"/>
</xsl:template>
- <!--PATTERN srvnamestebase-->
+ <!--PATTERN pwpsteusername-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:service_name" priority="4000" mode="M299">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:username" priority="4000" mode="M299">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M299"/>
@@ -8108,19 +9011,21 @@
<xsl:apply-templates select="@*|node()" mode="M299"/>
</xsl:template>
- <!--PATTERN srvstatestebase-->
+ <!--PATTERN pwpsteuserpass-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:service_state" priority="4000" mode="M300">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:userpass" priority="4000" mode="M300">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_state entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the userpass entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M300"/>
@@ -8130,19 +9035,21 @@
<xsl:apply-templates select="@*|node()" mode="M300"/>
</xsl:template>
- <!--PATTERN protocolstebase-->
+ <!--PATTERN pwpstedirectory_node-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:protocol" priority="4000" mode="M301">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:directory_node" priority="4000" mode="M301">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_node entity of a pwpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M301"/>
@@ -8152,19 +9059,21 @@
<xsl:apply-templates select="@*|node()" mode="M301"/>
</xsl:template>
- <!--PATTERN srvexestebase-->
+ <!--PATTERN pwpstemaxChars-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:server_executable" priority="4000" mode="M302">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:maxChars" priority="4000" mode="M302">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server_executable entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the maxChars entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M302"/>
@@ -8174,19 +9083,21 @@
<xsl:apply-templates select="@*|node()" mode="M302"/>
</xsl:template>
- <!--PATTERN srvargsstebase-->
+ <!--PATTERN pwpstemaxFailedLoginAttempts-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:server_arguements" priority="4000" mode="M303">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:maxFailedLoginAttempts" priority="4000" mode="M303">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server_arguements entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the maxFailedLoginAttempts entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M303"/>
@@ -8196,19 +9107,21 @@
<xsl:apply-templates select="@*|node()" mode="M303"/>
</xsl:template>
- <!--PATTERN execasuserstebase-->
+ <!--PATTERN pwpsteminChars-->
- <!--RULE -->
-<xsl:template match="sol-def:smf_state/sol-def:exec_as_user" priority="4000" mode="M304">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:minChars" priority="4000" mode="M304">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exec_as_user entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the minChars entity of a pwpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M304"/>
@@ -8218,19 +9131,21 @@
<xsl:apply-templates select="@*|node()" mode="M304"/>
</xsl:template>
- <!--PATTERN unixfileobjpath-->
+ <!--PATTERN pwpstepasswordCannotBeName-->
- <!--RULE -->
-<xsl:template match="unix-def:file_object/unix-def:path" priority="4000" mode="M305">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:passwordCannotBeName" priority="4000" mode="M305">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the passwordCannotBeName entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M305"/>
@@ -8240,19 +9155,21 @@
<xsl:apply-templates select="@*|node()" mode="M305"/>
</xsl:template>
- <!--PATTERN unixfileobjfilename-->
+ <!--PATTERN pwpsterequiresAlpha-->
- <!--RULE -->
-<xsl:template match="unix-def:file_object/unix-def:filename" priority="4000" mode="M306">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:requiresAlpha" priority="4000" mode="M306">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the requiresAlpha entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M306"/>
@@ -8262,19 +9179,21 @@
<xsl:apply-templates select="@*|node()" mode="M306"/>
</xsl:template>
- <!--PATTERN unixfilestepath-->
+ <!--PATTERN pwpsterequiresNumeric-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:path" priority="4000" mode="M307">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="macos-def:pwpolicy_state/macos-def:requiresNumeric" priority="4000" mode="M307">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the requiresNumeric entity of a pwpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M307"/>
@@ -8284,41 +9203,62 @@
<xsl:apply-templates select="@*|node()" mode="M307"/>
</xsl:template>
- <!--PATTERN unixfilestefilename-->
+ <!--PATTERN isainfotst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:filename" priority="4000" mode="M308">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="sol-def:isainfo_test/sol-def:object" priority="4000" mode="M308">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:isainfo_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an isainfo_test must reference an isainfo_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M308"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="sol-def:isainfo_test/sol-def:state" priority="3999" mode="M308">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:isainfo_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an isainfo_test must reference an isainfo_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M308"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M308"/>
<xsl:template match="@*|node()" priority="-2" mode="M308">
<xsl:apply-templates select="@*|node()" mode="M308"/>
</xsl:template>
- <!--PATTERN unixfilestetype-->
+ <!--PATTERN isastebits-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:type" priority="4000" mode="M309">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:isainfo_state/sol-def:bits" priority="4000" mode="M309">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the bits entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M309"/>
@@ -8328,19 +9268,21 @@
<xsl:apply-templates select="@*|node()" mode="M309"/>
</xsl:template>
- <!--PATTERN unixfilestegroup_id-->
+ <!--PATTERN isastekernel_isa-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:group_id" priority="4000" mode="M310">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:isainfo_state/sol-def:kernel_isa" priority="4000" mode="M310">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group_id entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the kernel_isa entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M310"/>
@@ -8350,19 +9292,21 @@
<xsl:apply-templates select="@*|node()" mode="M310"/>
</xsl:template>
- <!--PATTERN unixfilesteuser_id-->
+ <!--PATTERN isasteapplication_isa-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:user_id" priority="4000" mode="M311">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:isainfo_state/sol-def:application_isa" priority="4000" mode="M311">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_id entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the application_isa entity of an isainfo_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M311"/>
@@ -8372,41 +9316,62 @@
<xsl:apply-templates select="@*|node()" mode="M311"/>
</xsl:template>
- <!--PATTERN unixfilestea_time-->
+ <!--PATTERN packagetst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:a_time" priority="4000" mode="M312">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="sol-def:package_test/sol-def:object" priority="4000" mode="M312">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:package_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the a_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a package_test must reference a package_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M312"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="sol-def:package_test/sol-def:state" priority="3999" mode="M312">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:package_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a package_test must reference a package_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M312"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M312"/>
<xsl:template match="@*|node()" priority="-2" mode="M312">
<xsl:apply-templates select="@*|node()" mode="M312"/>
</xsl:template>
- <!--PATTERN unixfilestec_time-->
+ <!--PATTERN packageobjpkginst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:c_time" priority="4000" mode="M313">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:package_object/sol-def:pkginst" priority="4000" mode="M313">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the c_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pkginst entity of a package_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M313"/>
@@ -8416,19 +9381,21 @@
<xsl:apply-templates select="@*|node()" mode="M313"/>
</xsl:template>
- <!--PATTERN unixfilestem_time-->
+ <!--PATTERN packagestepkginst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:m_time" priority="4000" mode="M314">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:package_state/sol-def:pkginst" priority="4000" mode="M314">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the m_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pkginst entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M314"/>
@@ -8438,19 +9405,21 @@
<xsl:apply-templates select="@*|node()" mode="M314"/>
</xsl:template>
- <!--PATTERN unixfilestesize-->
+ <!--PATTERN packagestename-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:size" priority="4000" mode="M315">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="sol-def:package_state/sol-def:name" priority="4000" mode="M315">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the size entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M315"/>
@@ -8460,19 +9429,21 @@
<xsl:apply-templates select="@*|node()" mode="M315"/>
</xsl:template>
- <!--PATTERN unixfilestesuid-->
+ <!--PATTERN packagestecategory-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:suid" priority="4000" mode="M316">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:package_state/sol-def:category" priority="4000" mode="M316">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the suid entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the category entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M316"/>
@@ -8482,19 +9453,21 @@
<xsl:apply-templates select="@*|node()" mode="M316"/>
</xsl:template>
- <!--PATTERN unixfilestesgid-->
+ <!--PATTERN packagesteversion-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:sgid" priority="4000" mode="M317">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:package_state/sol-def:version" priority="4000" mode="M317">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sgid entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M317"/>
@@ -8504,19 +9477,21 @@
<xsl:apply-templates select="@*|node()" mode="M317"/>
</xsl:template>
- <!--PATTERN unixfilestesticky-->
+ <!--PATTERN packagestevendor-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:sticky" priority="4000" mode="M318">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:package_state/sol-def:vendor" priority="4000" mode="M318">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sticky entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the vendor entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M318"/>
@@ -8526,19 +9501,21 @@
<xsl:apply-templates select="@*|node()" mode="M318"/>
</xsl:template>
- <!--PATTERN unixfilesteuread-->
+ <!--PATTERN packagestedescription-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:uread" priority="4000" mode="M319">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:package_state/sol-def:description" priority="4000" mode="M319">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the uread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the description entity of a package_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M319"/>
@@ -8548,63 +9525,103 @@
<xsl:apply-templates select="@*|node()" mode="M319"/>
</xsl:template>
- <!--PATTERN unixfilesteuwrite-->
+ <!--PATTERN patch54tst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:uwrite" priority="4000" mode="M320">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch54_test/sol-def:object" priority="4000" mode="M320">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:patch54_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the uwrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a patch54_test must reference a patch54_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M320"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="sol-def:patch54_test/sol-def:state" priority="3999" mode="M320">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:patch_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a patch54_test must reference a patch_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M320"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M320"/>
<xsl:template match="@*|node()" priority="-2" mode="M320">
<xsl:apply-templates select="@*|node()" mode="M320"/>
</xsl:template>
- <!--PATTERN unixfilesteuexec-->
+ <!--PATTERN patchtst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:uexec" priority="4000" mode="M321">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch_test/sol-def:object" priority="4000" mode="M321">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:patch_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the uexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a patch_test must reference a patch_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M321"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="sol-def:patch_test/sol-def:state" priority="3999" mode="M321">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:patch_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a patch_test must reference a patch_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M321"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M321"/>
<xsl:template match="@*|node()" priority="-2" mode="M321">
<xsl:apply-templates select="@*|node()" mode="M321"/>
</xsl:template>
- <!--PATTERN unixfilestegread-->
+ <!--PATTERN patch54objbase-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:gread" priority="4000" mode="M322">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch54_object/sol-def:base" priority="4000" mode="M322">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the base entity of a patch54_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M322"/>
@@ -8614,19 +9631,21 @@
<xsl:apply-templates select="@*|node()" mode="M322"/>
</xsl:template>
- <!--PATTERN unixfilestegwrite-->
+ <!--PATTERN patch54objversion-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:gwrite" priority="4000" mode="M323">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch54_object/sol-def:version" priority="4000" mode="M323">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gwrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a patch54_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M323"/>
@@ -8636,19 +9655,21 @@
<xsl:apply-templates select="@*|node()" mode="M323"/>
</xsl:template>
- <!--PATTERN unixfilestegexec-->
+ <!--PATTERN patchobjbase-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:gexec" priority="4000" mode="M324">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch_object/sol-def:base" priority="4000" mode="M324">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the base entity of a patch_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M324"/>
@@ -8658,19 +9679,21 @@
<xsl:apply-templates select="@*|node()" mode="M324"/>
</xsl:template>
- <!--PATTERN unixfilesteoread-->
+ <!--PATTERN patchstebase-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:oread" priority="4000" mode="M325">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch_state/sol-def:base" priority="4000" mode="M325">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the oread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the base entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M325"/>
@@ -8680,19 +9703,21 @@
<xsl:apply-templates select="@*|node()" mode="M325"/>
</xsl:template>
- <!--PATTERN unixfilesteowrite-->
+ <!--PATTERN patchsteversion-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:owrite" priority="4000" mode="M326">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:patch_state/sol-def:version" priority="4000" mode="M326">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the owrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a patch_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M326"/>
@@ -8702,41 +9727,62 @@
<xsl:apply-templates select="@*|node()" mode="M326"/>
</xsl:template>
- <!--PATTERN unixfilesteoexec-->
+ <!--PATTERN smftst-->
- <!--RULE -->
-<xsl:template match="unix-def:file_state/unix-def:oexec" priority="4000" mode="M327">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="sol-def:smf_test/sol-def:object" priority="4000" mode="M327">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:smf_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the oexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a smf_test must reference a smf_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M327"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="sol-def:smf_test/sol-def:state" priority="3999" mode="M327">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:smf_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a smf_test must reference a smf_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M327"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M327"/>
<xsl:template match="@*|node()" priority="-2" mode="M327">
<xsl:apply-templates select="@*|node()" mode="M327"/>
</xsl:template>
- <!--PATTERN inetdobjprotocol-->
+ <!--PATTERN fmriobjbase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_object/unix-def:protocol" priority="4000" mode="M328">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_object/sol-def:fmri" priority="4000" mode="M328">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an inetd_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the fmri entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M328"/>
@@ -8746,19 +9792,21 @@
<xsl:apply-templates select="@*|node()" mode="M328"/>
</xsl:template>
- <!--PATTERN inetdobjservice_name-->
+ <!--PATTERN fmristebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_object/unix-def:service_name" priority="4000" mode="M329">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:fmri" priority="4000" mode="M329">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of an inetd_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the fmri entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M329"/>
@@ -8768,19 +9816,21 @@
<xsl:apply-templates select="@*|node()" mode="M329"/>
</xsl:template>
- <!--PATTERN inetdsteprotocol-->
+ <!--PATTERN srvnamestebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:protocol" priority="4000" mode="M330">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:service_name" priority="4000" mode="M330">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M330"/>
@@ -8790,19 +9840,21 @@
<xsl:apply-templates select="@*|node()" mode="M330"/>
</xsl:template>
- <!--PATTERN inetdsteservice_name-->
+ <!--PATTERN srvstatestebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:service_name" priority="4000" mode="M331">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:service_state" priority="4000" mode="M331">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_state entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M331"/>
@@ -8812,20 +9864,21 @@
<xsl:apply-templates select="@*|node()" mode="M331"/>
</xsl:template>
- <!--PATTERN inetdsteserver_program-->
+ <!--PATTERN protocolstebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:server_program" priority="4000"
- mode="M332">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:protocol" priority="4000" mode="M332">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server_program entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M332"/>
@@ -8835,20 +9888,21 @@
<xsl:apply-templates select="@*|node()" mode="M332"/>
</xsl:template>
- <!--PATTERN inetdsteserver_arguments-->
+ <!--PATTERN srvexestebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:server_arguments" priority="4000"
- mode="M333">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:server_executable" priority="4000" mode="M333">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server_arguments entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server_executable entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M333"/>
@@ -8858,19 +9912,21 @@
<xsl:apply-templates select="@*|node()" mode="M333"/>
</xsl:template>
- <!--PATTERN inetdsteendpoint_type-->
+ <!--PATTERN srvargsstebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:endpoint_type" priority="4000" mode="M334">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:server_arguements" priority="4000" mode="M334">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the endpoint_type entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server_arguements entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M334"/>
@@ -8880,19 +9936,21 @@
<xsl:apply-templates select="@*|node()" mode="M334"/>
</xsl:template>
- <!--PATTERN inetdsteexec_as_user-->
+ <!--PATTERN execasuserstebase-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:exec_as_user" priority="4000" mode="M335">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="sol-def:smf_state/sol-def:exec_as_user" priority="4000" mode="M335">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exec_as_user entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exec_as_user entity of a smf_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M335"/>
@@ -8902,19 +9960,21 @@
<xsl:apply-templates select="@*|node()" mode="M335"/>
</xsl:template>
- <!--PATTERN inetdstewait_status-->
+ <!--PATTERN unixfileobjpath-->
- <!--RULE -->
-<xsl:template match="unix-def:inetd_state/unix-def:wait_status" priority="4000" mode="M336">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_object/unix-def:path" priority="4000" mode="M336">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the wait_status entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M336"/>
@@ -8924,19 +9984,21 @@
<xsl:apply-templates select="@*|node()" mode="M336"/>
</xsl:template>
- <!--PATTERN unixinterfaceobjname-->
+ <!--PATTERN unixfileobjfilename-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_object/unix-def:name" priority="4000" mode="M337">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_object/unix-def:filename" priority="4000" mode="M337">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an interface_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M337"/>
@@ -8946,19 +10008,21 @@
<xsl:apply-templates select="@*|node()" mode="M337"/>
</xsl:template>
- <!--PATTERN unixinterfacestename-->
+ <!--PATTERN unixfilestepath-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:name" priority="4000" mode="M338">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:path" priority="4000" mode="M338">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M338"/>
@@ -8968,20 +10032,21 @@
<xsl:apply-templates select="@*|node()" mode="M338"/>
</xsl:template>
- <!--PATTERN unixinterfacestehardware_addr-->
+ <!--PATTERN unixfilestefilename-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:hardware_addr" priority="4000"
- mode="M339">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:filename" priority="4000" mode="M339">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hardware_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M339"/>
@@ -8991,19 +10056,21 @@
<xsl:apply-templates select="@*|node()" mode="M339"/>
</xsl:template>
- <!--PATTERN unixinterfacesteinet_addr-->
+ <!--PATTERN unixfilestetype-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:inet_addr" priority="4000" mode="M340">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:type" priority="4000" mode="M340">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the inet_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M340"/>
@@ -9013,20 +10080,21 @@
<xsl:apply-templates select="@*|node()" mode="M340"/>
</xsl:template>
- <!--PATTERN unixinterfacestebroadcast_addr-->
+ <!--PATTERN unixfilestegroup_id-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:broadcast_addr" priority="4000"
- mode="M341">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:group_id" priority="4000" mode="M341">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the broadcast_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group_id entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M341"/>
@@ -9036,19 +10104,21 @@
<xsl:apply-templates select="@*|node()" mode="M341"/>
</xsl:template>
- <!--PATTERN unixinterfacestenetmask-->
+ <!--PATTERN unixfilesteuser_id-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:netmask" priority="4000" mode="M342">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:user_id" priority="4000" mode="M342">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the netmask entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_id entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M342"/>
@@ -9058,19 +10128,21 @@
<xsl:apply-templates select="@*|node()" mode="M342"/>
</xsl:template>
- <!--PATTERN unixinterfacesteflag-->
+ <!--PATTERN unixfilestea_time-->
- <!--RULE -->
-<xsl:template match="unix-def:interface_state/unix-def:flag" priority="4000" mode="M343">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:a_time" priority="4000" mode="M343">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for a flag entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the a_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M343"/>
@@ -9080,19 +10152,21 @@
<xsl:apply-templates select="@*|node()" mode="M343"/>
</xsl:template>
- <!--PATTERN passwordobjusername-->
+ <!--PATTERN unixfilestec_time-->
- <!--RULE -->
-<xsl:template match="unix-def:password_object/unix-def:username" priority="4000" mode="M344">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:c_time" priority="4000" mode="M344">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a password_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the c_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M344"/>
@@ -9102,19 +10176,21 @@
<xsl:apply-templates select="@*|node()" mode="M344"/>
</xsl:template>
- <!--PATTERN passwordsteusername-->
+ <!--PATTERN unixfilestem_time-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:username" priority="4000" mode="M345">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_state/unix-def:m_time" priority="4000" mode="M345">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the m_time entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M345"/>
@@ -9124,19 +10200,21 @@
<xsl:apply-templates select="@*|node()" mode="M345"/>
</xsl:template>
- <!--PATTERN passwordstepassword-->
+ <!--PATTERN unixfilestesize-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:password" priority="4000" mode="M346">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:size" priority="4000" mode="M346">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the size entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M346"/>
@@ -9146,19 +10224,21 @@
<xsl:apply-templates select="@*|node()" mode="M346"/>
</xsl:template>
- <!--PATTERN passwordsteuser_id-->
+ <!--PATTERN unixfilestesuid-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:user_id" priority="4000" mode="M347">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:suid" priority="4000" mode="M347">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_id entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the suid entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M347"/>
@@ -9168,19 +10248,21 @@
<xsl:apply-templates select="@*|node()" mode="M347"/>
</xsl:template>
- <!--PATTERN passwordstegroup_id-->
+ <!--PATTERN unixfilestesgid-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:group_id" priority="4000" mode="M348">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:sgid" priority="4000" mode="M348">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group_id entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sgid entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M348"/>
@@ -9190,19 +10272,21 @@
<xsl:apply-templates select="@*|node()" mode="M348"/>
</xsl:template>
- <!--PATTERN passwordstegcos-->
+ <!--PATTERN unixfilestesticky-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:gcos" priority="4000" mode="M349">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:sticky" priority="4000" mode="M349">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the gcos entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sticky entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M349"/>
@@ -9212,19 +10296,21 @@
<xsl:apply-templates select="@*|node()" mode="M349"/>
</xsl:template>
- <!--PATTERN passwordstehome_dir-->
+ <!--PATTERN unixfilesteuread-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:home_dir" priority="4000" mode="M350">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:uread" priority="4000" mode="M350">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the home_dir entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the uread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M350"/>
@@ -9234,19 +10320,21 @@
<xsl:apply-templates select="@*|node()" mode="M350"/>
</xsl:template>
- <!--PATTERN passwordstelogin_shell-->
+ <!--PATTERN unixfilesteuwrite-->
- <!--RULE -->
-<xsl:template match="unix-def:package_state/unix-def:login_shell" priority="4000" mode="M351">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:uwrite" priority="4000" mode="M351">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the login_shell entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the uwrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M351"/>
@@ -9256,19 +10344,21 @@
<xsl:apply-templates select="@*|node()" mode="M351"/>
</xsl:template>
- <!--PATTERN unixprocessobjcommand-->
+ <!--PATTERN unixfilesteuexec-->
- <!--RULE -->
-<xsl:template match="unix-def:process_object/unix-def:command" priority="4000" mode="M352">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:uexec" priority="4000" mode="M352">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the command entity of a process_object be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the uexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M352"/>
@@ -9278,19 +10368,21 @@
<xsl:apply-templates select="@*|node()" mode="M352"/>
</xsl:template>
- <!--PATTERN unixprocessstecommand-->
+ <!--PATTERN unixfilestegread-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:command" priority="4000" mode="M353">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:gread" priority="4000" mode="M353">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the command entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M353"/>
@@ -9300,19 +10392,21 @@
<xsl:apply-templates select="@*|node()" mode="M353"/>
</xsl:template>
- <!--PATTERN unixprocesssteexec_time-->
+ <!--PATTERN unixfilestegwrite-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:exec_time" priority="4000" mode="M354">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:gwrite" priority="4000" mode="M354">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exec_time entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gwrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M354"/>
@@ -9322,19 +10416,21 @@
<xsl:apply-templates select="@*|node()" mode="M354"/>
</xsl:template>
- <!--PATTERN unixprocessstepid-->
+ <!--PATTERN unixfilestegexec-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:pid" priority="4000" mode="M355">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="unix-def:file_state/unix-def:gexec" priority="4000" mode="M355">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pid entity of a process_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M355"/>
@@ -9344,19 +10440,21 @@
<xsl:apply-templates select="@*|node()" mode="M355"/>
</xsl:template>
- <!--PATTERN unixprocesssteppid-->
+ <!--PATTERN unixfilesteoread-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:ppid" priority="4000" mode="M356">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='int'"/>
+ <xsl:template match="unix-def:file_state/unix-def:oread" priority="4000" mode="M356">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ppid entity of a process_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the oread entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M356"/>
@@ -9366,19 +10464,21 @@
<xsl:apply-templates select="@*|node()" mode="M356"/>
</xsl:template>
- <!--PATTERN unixprocessstepriority-->
+ <!--PATTERN unixfilesteowrite-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:priority" priority="4000" mode="M357">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:owrite" priority="4000" mode="M357">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the priority entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the owrite entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M357"/>
@@ -9388,20 +10488,21 @@
<xsl:apply-templates select="@*|node()" mode="M357"/>
</xsl:template>
- <!--PATTERN unixprocessstescheduling_class-->
+ <!--PATTERN unixfilesteoexec-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:scheduling_class" priority="4000"
- mode="M358">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:file_state/unix-def:oexec" priority="4000" mode="M358">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the scheduling_class entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the oexec entity of a file_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M358"/>
@@ -9411,19 +10512,21 @@
<xsl:apply-templates select="@*|node()" mode="M358"/>
</xsl:template>
- <!--PATTERN unixprocessstestart_time-->
+ <!--PATTERN inetdobjprotocol-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:start_time" priority="4000" mode="M359">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_object/unix-def:protocol" priority="4000" mode="M359">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the start_time entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an inetd_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M359"/>
@@ -9433,19 +10536,21 @@
<xsl:apply-templates select="@*|node()" mode="M359"/>
</xsl:template>
- <!--PATTERN unixprocessstetty-->
+ <!--PATTERN inetdobjservice_name-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:tty" priority="4000" mode="M360">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_object/unix-def:service_name" priority="4000" mode="M360">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the tty entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of an inetd_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M360"/>
@@ -9455,19 +10560,21 @@
<xsl:apply-templates select="@*|node()" mode="M360"/>
</xsl:template>
- <!--PATTERN unixprocesssteuser_id-->
+ <!--PATTERN inetdsteprotocol-->
- <!--RULE -->
-<xsl:template match="unix-def:process_state/unix-def:user_id" priority="4000" mode="M361">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_state/unix-def:protocol" priority="4000" mode="M361">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_id entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M361"/>
@@ -9477,20 +10584,21 @@
<xsl:apply-templates select="@*|node()" mode="M361"/>
</xsl:template>
- <!--PATTERN unixrlobjservice_name-->
+ <!--PATTERN inetdsteservice_name-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_object/unix-def:service_name" priority="4000"
- mode="M362">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_state/unix-def:service_name" priority="4000" mode="M362">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of a runlevel_object be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M362"/>
@@ -9500,19 +10608,21 @@
<xsl:apply-templates select="@*|node()" mode="M362"/>
</xsl:template>
- <!--PATTERN unixrlobjrunlevel-->
+ <!--PATTERN inetdsteserver_program-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_object/unix-def:runlevel" priority="4000" mode="M363">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_state/unix-def:server_program" priority="4000" mode="M363">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the runlevel entity of a runlevel_object be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server_program entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M363"/>
@@ -9522,20 +10632,21 @@
<xsl:apply-templates select="@*|node()" mode="M363"/>
</xsl:template>
- <!--PATTERN unixrlsteservice_name-->
+ <!--PATTERN inetdsteserver_arguments-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_state/unix-def:service_name" priority="4000"
- mode="M364">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_state/unix-def:server_arguments" priority="4000" mode="M364">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of a runlevel_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server_arguments entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M364"/>
@@ -9545,19 +10656,21 @@
<xsl:apply-templates select="@*|node()" mode="M364"/>
</xsl:template>
- <!--PATTERN unixrlsterunlevel-->
+ <!--PATTERN inetdsteendpoint_type-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_state/unix-def:runlevel" priority="4000" mode="M365">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:inetd_state/unix-def:endpoint_type" priority="4000" mode="M365">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the runlevel entity of a runlevel_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the endpoint_type entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M365"/>
@@ -9567,19 +10680,21 @@
<xsl:apply-templates select="@*|node()" mode="M365"/>
</xsl:template>
- <!--PATTERN unixrlstestart-->
+ <!--PATTERN inetdsteexec_as_user-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_state/unix-def:start" priority="4000" mode="M366">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:inetd_state/unix-def:exec_as_user" priority="4000" mode="M366">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the start entity of a runlevel_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exec_as_user entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M366"/>
@@ -9589,19 +10704,21 @@
<xsl:apply-templates select="@*|node()" mode="M366"/>
</xsl:template>
- <!--PATTERN unixrlstekill-->
+ <!--PATTERN inetdstewait_status-->
- <!--RULE -->
-<xsl:template match="unix-def:runlevel_state/unix-def:kill" priority="4000" mode="M367">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:inetd_state/unix-def:wait_status" priority="4000" mode="M367">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the kill entity of a runlevel_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the wait_status entity of an inetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M367"/>
@@ -9611,19 +10728,21 @@
<xsl:apply-templates select="@*|node()" mode="M367"/>
</xsl:template>
- <!--PATTERN sccsobjpath-->
+ <!--PATTERN unixinterfaceobjname-->
- <!--RULE -->
-<xsl:template match="unix-def:file_object/unix-def:path" priority="4000" mode="M368">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_object/unix-def:name" priority="4000" mode="M368">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a sccs_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an interface_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M368"/>
@@ -9633,19 +10752,21 @@
<xsl:apply-templates select="@*|node()" mode="M368"/>
</xsl:template>
- <!--PATTERN sccsobjfilename-->
+ <!--PATTERN unixinterfacestename-->
- <!--RULE -->
-<xsl:template match="unix-def:file_object/unix-def:filename" priority="4000" mode="M369">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:name" priority="4000" mode="M369">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a sccs_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M369"/>
@@ -9655,19 +10776,21 @@
<xsl:apply-templates select="@*|node()" mode="M369"/>
</xsl:template>
- <!--PATTERN sccsstepath-->
+ <!--PATTERN unixinterfacestehardware_addr-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:path" priority="4000" mode="M370">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:hardware_addr" priority="4000" mode="M370">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hardware_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M370"/>
@@ -9677,19 +10800,21 @@
<xsl:apply-templates select="@*|node()" mode="M370"/>
</xsl:template>
- <!--PATTERN sccsstefilename-->
+ <!--PATTERN unixinterfacesteinet_addr-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:filename" priority="4000" mode="M371">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:inet_addr" priority="4000" mode="M371">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the inet_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M371"/>
@@ -9699,19 +10824,21 @@
<xsl:apply-templates select="@*|node()" mode="M371"/>
</xsl:template>
- <!--PATTERN sccsstemodule_name-->
+ <!--PATTERN unixinterfacestebroadcast_addr-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:module_name" priority="4000" mode="M372">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:broadcast_addr" priority="4000" mode="M372">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the module_name entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the broadcast_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M372"/>
@@ -9721,19 +10848,21 @@
<xsl:apply-templates select="@*|node()" mode="M372"/>
</xsl:template>
- <!--PATTERN sccsstemodule_type-->
+ <!--PATTERN unixinterfacestenetmask-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:module_type" priority="4000" mode="M373">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:netmask" priority="4000" mode="M373">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the module_type entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the netmask entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M373"/>
@@ -9743,19 +10872,21 @@
<xsl:apply-templates select="@*|node()" mode="M373"/>
</xsl:template>
- <!--PATTERN sccssterelease-->
+ <!--PATTERN unixinterfacesteflag-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:release" priority="4000" mode="M374">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:interface_state/unix-def:flag" priority="4000" mode="M374">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the release entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for a flag entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M374"/>
@@ -9765,19 +10896,21 @@
<xsl:apply-templates select="@*|node()" mode="M374"/>
</xsl:template>
- <!--PATTERN sccsstelevel-->
+ <!--PATTERN passwordobjusername-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:level" priority="4000" mode="M375">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:password_object/unix-def:username" priority="4000" mode="M375">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the level entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a password_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M375"/>
@@ -9787,19 +10920,21 @@
<xsl:apply-templates select="@*|node()" mode="M375"/>
</xsl:template>
- <!--PATTERN sccsstebranch-->
+ <!--PATTERN passwordsteusername-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:branch" priority="4000" mode="M376">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:username" priority="4000" mode="M376">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the branch entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M376"/>
@@ -9809,19 +10944,21 @@
<xsl:apply-templates select="@*|node()" mode="M376"/>
</xsl:template>
- <!--PATTERN sccsstesequence-->
+ <!--PATTERN passwordstepassword-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:sequence" priority="4000" mode="M377">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:password" priority="4000" mode="M377">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sequence entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M377"/>
@@ -9831,19 +10968,21 @@
<xsl:apply-templates select="@*|node()" mode="M377"/>
</xsl:template>
- <!--PATTERN sccsstewhat_string-->
+ <!--PATTERN passwordsteuser_id-->
- <!--RULE -->
-<xsl:template match="unix-def:sccs_state/unix-def:what_string" priority="4000" mode="M378">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:user_id" priority="4000" mode="M378">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the what_string entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_id entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M378"/>
@@ -9853,19 +10992,21 @@
<xsl:apply-templates select="@*|node()" mode="M378"/>
</xsl:template>
- <!--PATTERN shadowobjusername-->
+ <!--PATTERN passwordstegroup_id-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_object/unix-def:username" priority="4000" mode="M379">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:group_id" priority="4000" mode="M379">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a shadow_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group_id entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M379"/>
@@ -9875,19 +11016,21 @@
<xsl:apply-templates select="@*|node()" mode="M379"/>
</xsl:template>
- <!--PATTERN shadowsteusername-->
+ <!--PATTERN passwordstegcos-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:username" priority="4000" mode="M380">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:gcos" priority="4000" mode="M380">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the username entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the gcos entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M380"/>
@@ -9897,19 +11040,21 @@
<xsl:apply-templates select="@*|node()" mode="M380"/>
</xsl:template>
- <!--PATTERN shadowstepassword-->
+ <!--PATTERN passwordstehome_dir-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:password" priority="4000" mode="M381">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:home_dir" priority="4000" mode="M381">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the home_dir entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M381"/>
@@ -9919,19 +11064,21 @@
<xsl:apply-templates select="@*|node()" mode="M381"/>
</xsl:template>
- <!--PATTERN shadowstechg_lst-->
+ <!--PATTERN passwordstelogin_shell-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:chg_lst" priority="4000" mode="M382">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:package_state/unix-def:login_shell" priority="4000" mode="M382">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the chg_lst entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the login_shell entity of a password_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M382"/>
@@ -9941,19 +11088,21 @@
<xsl:apply-templates select="@*|node()" mode="M382"/>
</xsl:template>
- <!--PATTERN shadowstechg_allow-->
+ <!--PATTERN unixprocessobjcommand-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:chg_allow" priority="4000" mode="M383">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_object/unix-def:command" priority="4000" mode="M383">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the chg_allow entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the command entity of a process_object be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M383"/>
@@ -9963,19 +11112,21 @@
<xsl:apply-templates select="@*|node()" mode="M383"/>
</xsl:template>
- <!--PATTERN shadowstechg_req-->
+ <!--PATTERN unixprocessstecommand-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:chg_req" priority="4000" mode="M384">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:command" priority="4000" mode="M384">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the chg_req entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the command entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M384"/>
@@ -9985,19 +11136,21 @@
<xsl:apply-templates select="@*|node()" mode="M384"/>
</xsl:template>
- <!--PATTERN shadowsteexp_warn-->
+ <!--PATTERN unixprocesssteexec_time-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:exp_warn" priority="4000" mode="M385">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:exec_time" priority="4000" mode="M385">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exp_warn entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exec_time entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M385"/>
@@ -10007,19 +11160,21 @@
<xsl:apply-templates select="@*|node()" mode="M385"/>
</xsl:template>
- <!--PATTERN shadowsteexp_inact-->
+ <!--PATTERN unixprocessstepid-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:exp_inact" priority="4000" mode="M386">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:process_state/unix-def:pid" priority="4000" mode="M386">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exp_inact entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pid entity of a process_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M386"/>
@@ -10029,19 +11184,21 @@
<xsl:apply-templates select="@*|node()" mode="M386"/>
</xsl:template>
- <!--PATTERN shadowsteexp_date-->
+ <!--PATTERN unixprocesssteppid-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:exp_date" priority="4000" mode="M387">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:process_state/unix-def:ppid" priority="4000" mode="M387">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the exp_date entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ppid entity of a process_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M387"/>
@@ -10051,19 +11208,21 @@
<xsl:apply-templates select="@*|node()" mode="M387"/>
</xsl:template>
- <!--PATTERN shadowsteflag-->
+ <!--PATTERN unixprocessstepriority-->
- <!--RULE -->
-<xsl:template match="unix-def:shadow_state/unix-def:flag" priority="4000" mode="M388">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:priority" priority="4000" mode="M388">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the flag entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the priority entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M388"/>
@@ -10073,19 +11232,21 @@
<xsl:apply-templates select="@*|node()" mode="M388"/>
</xsl:template>
- <!--PATTERN unamestemachine_class-->
+ <!--PATTERN unixprocessstescheduling_class-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:machine_class" priority="4000" mode="M389">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:scheduling_class" priority="4000" mode="M389">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the machine_class entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the scheduling_class entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M389"/>
@@ -10095,19 +11256,21 @@
<xsl:apply-templates select="@*|node()" mode="M389"/>
</xsl:template>
- <!--PATTERN unamestenode_name-->
+ <!--PATTERN unixprocessstestart_time-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:node_name" priority="4000" mode="M390">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:start_time" priority="4000" mode="M390">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the node_name entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the start_time entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M390"/>
@@ -10117,19 +11280,21 @@
<xsl:apply-templates select="@*|node()" mode="M390"/>
</xsl:template>
- <!--PATTERN unamesteos_name-->
+ <!--PATTERN unixprocessstetty-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:os_name" priority="4000" mode="M391">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:tty" priority="4000" mode="M391">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the os_name entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the tty entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M391"/>
@@ -10139,19 +11304,21 @@
<xsl:apply-templates select="@*|node()" mode="M391"/>
</xsl:template>
- <!--PATTERN unamesteos_release-->
+ <!--PATTERN unixprocesssteuser_id-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:os_release" priority="4000" mode="M392">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:process_state/unix-def:user_id" priority="4000" mode="M392">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the os_release entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_id entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M392"/>
@@ -10161,19 +11328,21 @@
<xsl:apply-templates select="@*|node()" mode="M392"/>
</xsl:template>
- <!--PATTERN unamesteos_version-->
+ <!--PATTERN unixrlobjservice_name-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:os_version" priority="4000" mode="M393">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:runlevel_object/unix-def:service_name" priority="4000" mode="M393">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the os_version entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of a runlevel_object be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M393"/>
@@ -10183,20 +11352,21 @@
<xsl:apply-templates select="@*|node()" mode="M393"/>
</xsl:template>
- <!--PATTERN unamesteprocessor_type-->
+ <!--PATTERN unixrlobjrunlevel-->
- <!--RULE -->
-<xsl:template match="unix-def:uname_state/unix-def:processor_type" priority="4000"
- mode="M394">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:runlevel_object/unix-def:runlevel" priority="4000" mode="M394">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the processor_type entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the runlevel entity of a runlevel_object be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M394"/>
@@ -10206,19 +11376,21 @@
<xsl:apply-templates select="@*|node()" mode="M394"/>
</xsl:template>
- <!--PATTERN xinetdobjprotocol-->
+ <!--PATTERN unixrlsteservice_name-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_object/unix-def:protocol" priority="4000" mode="M395">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:runlevel_state/unix-def:service_name" priority="4000" mode="M395">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an xinetd_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of a runlevel_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M395"/>
@@ -10228,20 +11400,21 @@
<xsl:apply-templates select="@*|node()" mode="M395"/>
</xsl:template>
- <!--PATTERN xinetdobjservice_name-->
+ <!--PATTERN unixrlsterunlevel-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_object/unix-def:service_name" priority="4000"
- mode="M396">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:runlevel_state/unix-def:runlevel" priority="4000" mode="M396">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of an xinetd_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the runlevel entity of a runlevel_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M396"/>
@@ -10251,19 +11424,21 @@
<xsl:apply-templates select="@*|node()" mode="M396"/>
</xsl:template>
- <!--PATTERN xinetdsteprotocol-->
+ <!--PATTERN unixrlstestart-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:protocol" priority="4000" mode="M397">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:runlevel_state/unix-def:start" priority="4000" mode="M397">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the start entity of a runlevel_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M397"/>
@@ -10273,19 +11448,21 @@
<xsl:apply-templates select="@*|node()" mode="M397"/>
</xsl:template>
- <!--PATTERN xinetdsteservice_name-->
+ <!--PATTERN unixrlstekill-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:service_name" priority="4000" mode="M398">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="unix-def:runlevel_state/unix-def:kill" priority="4000" mode="M398">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the service_name entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the kill entity of a runlevel_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M398"/>
@@ -10295,19 +11472,21 @@
<xsl:apply-templates select="@*|node()" mode="M398"/>
</xsl:template>
- <!--PATTERN xinetdsteflags-->
+ <!--PATTERN sccsobjpath-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:flags" priority="4000" mode="M399">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_object/unix-def:path" priority="4000" mode="M399">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the flags entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a sccs_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M399"/>
@@ -10317,19 +11496,21 @@
<xsl:apply-templates select="@*|node()" mode="M399"/>
</xsl:template>
- <!--PATTERN xinetdstenoaccess-->
+ <!--PATTERN sccsobjfilename-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:no_access" priority="4000" mode="M400">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:file_object/unix-def:filename" priority="4000" mode="M400">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the no_access entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a sccs_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M400"/>
@@ -10339,19 +11520,21 @@
<xsl:apply-templates select="@*|node()" mode="M400"/>
</xsl:template>
- <!--PATTERN xinetdsteonlyfrom-->
+ <!--PATTERN sccsstepath-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:only_from" priority="4000" mode="M401">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:path" priority="4000" mode="M401">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the only_from entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M401"/>
@@ -10361,19 +11544,21 @@
<xsl:apply-templates select="@*|node()" mode="M401"/>
</xsl:template>
- <!--PATTERN xinetdsteport-->
+ <!--PATTERN sccsstefilename-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:port" priority="4000" mode="M402">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:filename" priority="4000" mode="M402">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the port entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M402"/>
@@ -10383,19 +11568,21 @@
<xsl:apply-templates select="@*|node()" mode="M402"/>
</xsl:template>
- <!--PATTERN xinetdsteserver-->
+ <!--PATTERN sccsstemodule_name-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:server" priority="4000" mode="M403">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:module_name" priority="4000" mode="M403">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the module_name entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M403"/>
@@ -10405,20 +11592,21 @@
<xsl:apply-templates select="@*|node()" mode="M403"/>
</xsl:template>
- <!--PATTERN xinetdsteserverarguments-->
+ <!--PATTERN sccsstemodule_type-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:server_arguments" priority="4000"
- mode="M404">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:module_type" priority="4000" mode="M404">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the server_arguments entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the module_type entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M404"/>
@@ -10428,19 +11616,21 @@
<xsl:apply-templates select="@*|node()" mode="M404"/>
</xsl:template>
- <!--PATTERN xinetdstesockettype-->
+ <!--PATTERN sccssterelease-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:socket_type" priority="4000" mode="M405">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:release" priority="4000" mode="M405">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the socket_type entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the release entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M405"/>
@@ -10450,19 +11640,21 @@
<xsl:apply-templates select="@*|node()" mode="M405"/>
</xsl:template>
- <!--PATTERN xinetdstetype-->
+ <!--PATTERN sccsstelevel-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:type" priority="4000" mode="M406">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:level" priority="4000" mode="M406">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the level entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M406"/>
@@ -10472,19 +11664,21 @@
<xsl:apply-templates select="@*|node()" mode="M406"/>
</xsl:template>
- <!--PATTERN xinetdsteuser-->
+ <!--PATTERN sccsstebranch-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:user" priority="4000" mode="M407">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:sccs_state/unix-def:branch" priority="4000" mode="M407">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the branch entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M407"/>
@@ -10494,19 +11688,21 @@
<xsl:apply-templates select="@*|node()" mode="M407"/>
</xsl:template>
- <!--PATTERN xinetdstewait-->
+ <!--PATTERN sccsstesequence-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:wait" priority="4000" mode="M408">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:sccs_state/unix-def:sequence" priority="4000" mode="M408">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the wait entity of an xinetd_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sequence entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M408"/>
@@ -10516,19 +11712,21 @@
<xsl:apply-templates select="@*|node()" mode="M408"/>
</xsl:template>
- <!--PATTERN xinetdstedisabled-->
+ <!--PATTERN sccsstewhat_string-->
- <!--RULE -->
-<xsl:template match="unix-def:xinetd_state/unix-def:disabled" priority="4000" mode="M409">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:sccs_state/unix-def:what_string" priority="4000" mode="M409">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the disabled entity of an xinetd_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the what_string entity of a sccs_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M409"/>
@@ -10538,21 +11736,21 @@
<xsl:apply-templates select="@*|node()" mode="M409"/>
</xsl:template>
- <!--PATTERN affected_platform-->
+ <!--PATTERN shadowobjusername-->
- <!--RULE -->
-<xsl:template match="oval-def:affected[@family='windows']" priority="4000" mode="M410">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(oval-def:platform) or oval-def:platform='Microsoft Windows 95' or oval-def:platform='Microsoft Windows 98' or oval-def:platform='Microsoft Windows ME' or oval-def:platform='Microsoft Windows NT' or oval-def:platform='Microsoft Windows 2000' or oval-def:platform='Microsoft Windows XP' or oval-def:platform='Microsoft Windows Server 2003' or oval-def:platform='Microsoft Windows Vista' or oval-def:platform='Microsoft Windows Server 2008'"/>
+ <xsl:template match="unix-def:shadow_object/unix-def:username" priority="4000" mode="M410">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../../@id"/>
- <xsl:text/> - the value "<xsl:text/>
- <xsl:value-of select="oval-def:platform"/>
- <xsl:text/>" found in platform element as part of the affected element is not a valid windows platform.<xsl:value-of select="string('
')"/>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the username entity of a shadow_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M410"/>
@@ -10562,34 +11760,21 @@
<xsl:apply-templates select="@*|node()" mode="M410"/>
</xsl:template>
- <!--PATTERN attst-->
+ <!--PATTERN shadowsteusername-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_test/win-def:object" priority="4000" mode="M411">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:accesstoken_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an accesstoken_test must reference an accesstoken_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M411"/>
- </xsl:template>
+ <xsl:template match="unix-def:shadow_state/unix-def:username" priority="4000" mode="M411">
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_test/win-def:state" priority="3999" mode="M411">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:accesstoken_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an accesstoken_test must reference an accesstoken_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the username entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M411"/>
@@ -10599,20 +11784,21 @@
<xsl:apply-templates select="@*|node()" mode="M411"/>
</xsl:template>
- <!--PATTERN atobjsecurity_principle-->
+ <!--PATTERN shadowstepassword-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_object/win-def:security_principle" priority="4000"
- mode="M412">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:shadow_state/unix-def:password" priority="4000" mode="M412">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the security_principle entity of an accesstoken_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M412"/>
@@ -10622,20 +11808,21 @@
<xsl:apply-templates select="@*|node()" mode="M412"/>
</xsl:template>
- <!--PATTERN atstesecurity_principle-->
+ <!--PATTERN shadowstechg_lst-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:security_principle" priority="4000"
- mode="M413">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:shadow_state/unix-def:chg_lst" priority="4000" mode="M413">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the security_principle entity of an accesstoken_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the chg_lst entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M413"/>
@@ -10645,21 +11832,21 @@
<xsl:apply-templates select="@*|node()" mode="M413"/>
</xsl:template>
- <!--PATTERN atsteseassignprimarytokenprivilege-->
+ <!--PATTERN shadowstechg_allow-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seassignprimarytokenprivilege"
- priority="4000"
- mode="M414">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:chg_allow" priority="4000" mode="M414">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seassignprimarytokenprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the chg_allow entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M414"/>
@@ -10669,20 +11856,21 @@
<xsl:apply-templates select="@*|node()" mode="M414"/>
</xsl:template>
- <!--PATTERN atsteseauditprivilege-->
+ <!--PATTERN shadowstechg_req-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seauditprivilege" priority="4000"
- mode="M415">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:chg_req" priority="4000" mode="M415">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seauditprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the chg_req entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M415"/>
@@ -10692,20 +11880,21 @@
<xsl:apply-templates select="@*|node()" mode="M415"/>
</xsl:template>
- <!--PATTERN atstesebackupprivilege-->
+ <!--PATTERN shadowsteexp_warn-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sebackupprivilege" priority="4000"
- mode="M416">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:exp_warn" priority="4000" mode="M416">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sebackupprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exp_warn entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M416"/>
@@ -10715,21 +11904,21 @@
<xsl:apply-templates select="@*|node()" mode="M416"/>
</xsl:template>
- <!--PATTERN atstesechangenotifyprivilege-->
+ <!--PATTERN shadowsteexp_inact-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sechangenotifyprivilege"
- priority="4000"
- mode="M417">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:exp_inact" priority="4000" mode="M417">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sechangenotifyprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exp_inact entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M417"/>
@@ -10739,21 +11928,21 @@
<xsl:apply-templates select="@*|node()" mode="M417"/>
</xsl:template>
- <!--PATTERN atstesecreateglobalprivilege-->
+ <!--PATTERN shadowsteexp_date-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:secreateglobalprivilege"
- priority="4000"
- mode="M418">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:exp_date" priority="4000" mode="M418">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secreateglobalprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the exp_date entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M418"/>
@@ -10763,21 +11952,21 @@
<xsl:apply-templates select="@*|node()" mode="M418"/>
</xsl:template>
- <!--PATTERN atstesecreatepagefileprivilege-->
+ <!--PATTERN shadowsteflag-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:secreatepagefileprivilege"
- priority="4000"
- mode="M419">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:shadow_state/unix-def:flag" priority="4000" mode="M419">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secreatepagefileprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the flag entity of a shadow_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M419"/>
@@ -10787,21 +11976,21 @@
<xsl:apply-templates select="@*|node()" mode="M419"/>
</xsl:template>
- <!--PATTERN atstesecreatepermanentprivilege-->
+ <!--PATTERN unamestemachine_class-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:secreatepermanentprivilege"
- priority="4000"
- mode="M420">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:machine_class" priority="4000" mode="M420">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secreatepermanentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the machine_class entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M420"/>
@@ -10811,21 +12000,21 @@
<xsl:apply-templates select="@*|node()" mode="M420"/>
</xsl:template>
- <!--PATTERN atstesecreatesymboliclinkprivilege-->
+ <!--PATTERN unamestenode_name-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:secreatesymboliclinkprivilege"
- priority="4000"
- mode="M421">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:node_name" priority="4000" mode="M421">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secreatesymboliclinkprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the node_name entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M421"/>
@@ -10835,21 +12024,21 @@
<xsl:apply-templates select="@*|node()" mode="M421"/>
</xsl:template>
- <!--PATTERN atstesecreatetokenprivilege-->
+ <!--PATTERN unamesteos_name-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:secreatetokenprivilege"
- priority="4000"
- mode="M422">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:os_name" priority="4000" mode="M422">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secreatetokenprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the os_name entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M422"/>
@@ -10859,20 +12048,21 @@
<xsl:apply-templates select="@*|node()" mode="M422"/>
</xsl:template>
- <!--PATTERN atstesedebugprivilege-->
+ <!--PATTERN unamesteos_release-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedebugprivilege" priority="4000"
- mode="M423">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:os_release" priority="4000" mode="M423">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedebugprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the os_release entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M423"/>
@@ -10882,21 +12072,21 @@
<xsl:apply-templates select="@*|node()" mode="M423"/>
</xsl:template>
- <!--PATTERN atsteseenabledelegationprivilege-->
+ <!--PATTERN unamesteos_version-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seenabledelegationprivilege"
- priority="4000"
- mode="M424">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:os_version" priority="4000" mode="M424">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seenabledelegationprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the os_version entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M424"/>
@@ -10906,21 +12096,21 @@
<xsl:apply-templates select="@*|node()" mode="M424"/>
</xsl:template>
- <!--PATTERN atsteseimpersonateprivilege-->
+ <!--PATTERN unamesteprocessor_type-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seimpersonateprivilege"
- priority="4000"
- mode="M425">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:uname_state/unix-def:processor_type" priority="4000" mode="M425">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seimpersonateprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the processor_type entity of a uname_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M425"/>
@@ -10930,21 +12120,21 @@
<xsl:apply-templates select="@*|node()" mode="M425"/>
</xsl:template>
- <!--PATTERN atsteseincreasebasepriorityprivilege-->
+ <!--PATTERN xinetdobjprotocol-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seincreasebasepriorityprivilege"
- priority="4000"
- mode="M426">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_object/unix-def:protocol" priority="4000" mode="M426">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seincreasebasepriorityprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an xinetd_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M426"/>
@@ -10954,21 +12144,21 @@
<xsl:apply-templates select="@*|node()" mode="M426"/>
</xsl:template>
- <!--PATTERN atsteseincreasequotaprivilege-->
+ <!--PATTERN xinetdobjservice_name-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seincreasequotaprivilege"
- priority="4000"
- mode="M427">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_object/unix-def:service_name" priority="4000" mode="M427">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seincreasequotaprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of an xinetd_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M427"/>
@@ -10978,21 +12168,21 @@
<xsl:apply-templates select="@*|node()" mode="M427"/>
</xsl:template>
- <!--PATTERN atsteseincreaseworkingsetprivilege-->
+ <!--PATTERN xinetdsteprotocol-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seincreaseworkingsetprivilege"
- priority="4000"
- mode="M428">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:protocol" priority="4000" mode="M428">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seincreaseworkingsetprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M428"/>
@@ -11002,20 +12192,21 @@
<xsl:apply-templates select="@*|node()" mode="M428"/>
</xsl:template>
- <!--PATTERN atsteseloaddriverprivilege-->
+ <!--PATTERN xinetdsteservice_name-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seloaddriverprivilege" priority="4000"
- mode="M429">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:service_name" priority="4000" mode="M429">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seloaddriverprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the service_name entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M429"/>
@@ -11025,20 +12216,21 @@
<xsl:apply-templates select="@*|node()" mode="M429"/>
</xsl:template>
- <!--PATTERN atsteselockmemoryprivilege-->
+ <!--PATTERN xinetdsteflags-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:selockmemoryprivilege" priority="4000"
- mode="M430">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:flags" priority="4000" mode="M430">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the selockmemoryprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the flags entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M430"/>
@@ -11048,21 +12240,21 @@
<xsl:apply-templates select="@*|node()" mode="M430"/>
</xsl:template>
- <!--PATTERN atstesemachineaccountprivilege-->
+ <!--PATTERN xinetdstenoaccess-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:semachineaccountprivilege"
- priority="4000"
- mode="M431">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:no_access" priority="4000" mode="M431">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the semachineaccountprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the no_access entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M431"/>
@@ -11072,21 +12264,21 @@
<xsl:apply-templates select="@*|node()" mode="M431"/>
</xsl:template>
- <!--PATTERN atstesemanagevolumeprivilege-->
+ <!--PATTERN xinetdsteonlyfrom-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:semanagevolumeprivilege"
- priority="4000"
- mode="M432">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:only_from" priority="4000" mode="M432">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the semanagevolumeprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the only_from entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M432"/>
@@ -11096,21 +12288,21 @@
<xsl:apply-templates select="@*|node()" mode="M432"/>
</xsl:template>
- <!--PATTERN atsteseprofilesingleprocessprivilege-->
+ <!--PATTERN xinetdsteport-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seprofilesingleprocessprivilege"
- priority="4000"
- mode="M433">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:port" priority="4000" mode="M433">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seprofilesingleprocessprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the port entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M433"/>
@@ -11120,20 +12312,21 @@
<xsl:apply-templates select="@*|node()" mode="M433"/>
</xsl:template>
- <!--PATTERN atsteserelabelprivilege-->
+ <!--PATTERN xinetdsteserver-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:serelabelprivilege" priority="4000"
- mode="M434">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:server" priority="4000" mode="M434">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the serelabelprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M434"/>
@@ -11143,21 +12336,21 @@
<xsl:apply-templates select="@*|node()" mode="M434"/>
</xsl:template>
- <!--PATTERN atsteseremoteshutdownprivilege-->
+ <!--PATTERN xinetdsteserverarguments-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seremoteshutdownprivilege"
- priority="4000"
- mode="M435">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:server_arguments" priority="4000" mode="M435">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seremoteshutdownprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the server_arguments entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M435"/>
@@ -11167,20 +12360,21 @@
<xsl:apply-templates select="@*|node()" mode="M435"/>
</xsl:template>
- <!--PATTERN atsteserestoreprivilege-->
+ <!--PATTERN xinetdstesockettype-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:serestoreprivilege" priority="4000"
- mode="M436">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:socket_type" priority="4000" mode="M436">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the serestoreprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the socket_type entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M436"/>
@@ -11190,20 +12384,21 @@
<xsl:apply-templates select="@*|node()" mode="M436"/>
</xsl:template>
- <!--PATTERN atstesesecurityprivilege-->
+ <!--PATTERN xinetdstetype-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sesecurityprivilege" priority="4000"
- mode="M437">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:type" priority="4000" mode="M437">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sesecurityprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M437"/>
@@ -11213,20 +12408,21 @@
<xsl:apply-templates select="@*|node()" mode="M437"/>
</xsl:template>
- <!--PATTERN atsteseshutdownprivilege-->
+ <!--PATTERN xinetdsteuser-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seshutdownprivilege" priority="4000"
- mode="M438">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="unix-def:xinetd_state/unix-def:user" priority="4000" mode="M438">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seshutdownprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user entity of an xinetd_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M438"/>
@@ -11236,20 +12432,21 @@
<xsl:apply-templates select="@*|node()" mode="M438"/>
</xsl:template>
- <!--PATTERN atstesesyncagentprivilege-->
+ <!--PATTERN xinetdstewait-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sesyncagentprivilege" priority="4000"
- mode="M439">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:xinetd_state/unix-def:wait" priority="4000" mode="M439">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sesyncagentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the wait entity of an xinetd_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M439"/>
@@ -11259,21 +12456,21 @@
<xsl:apply-templates select="@*|node()" mode="M439"/>
</xsl:template>
- <!--PATTERN atstesesystemenvironmentprivilege-->
+ <!--PATTERN xinetdstedisabled-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sesystemenvironmentprivilege"
- priority="4000"
- mode="M440">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="unix-def:xinetd_state/unix-def:disabled" priority="4000" mode="M440">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sesystemenvironmentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the disabled entity of an xinetd_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M440"/>
@@ -11283,21 +12480,23 @@
<xsl:apply-templates select="@*|node()" mode="M440"/>
</xsl:template>
- <!--PATTERN atstesesystemprofileprivilege-->
+ <!--PATTERN affected_platform-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sesystemprofileprivilege"
- priority="4000"
- mode="M441">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="oval-def:affected[@family='windows']" priority="4000" mode="M441">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(oval-def:platform) or oval-def:platform='Microsoft Windows 95' or oval-def:platform='Microsoft Windows 98' or oval-def:platform='Microsoft Windows ME' or oval-def:platform='Microsoft Windows NT' or oval-def:platform='Microsoft Windows 2000' or oval-def:platform='Microsoft Windows XP' or oval-def:platform='Microsoft Windows Server 2003' or oval-def:platform='Microsoft Windows Vista' or oval-def:platform='Microsoft Windows Server 2008'"/>
<xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sesystemprofileprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/>
+ <xsl:value-of select="../../@id"/>
+ <xsl:text/> - the value "<xsl:text/>
+ <xsl:value-of select="oval-def:platform"/>
+ <xsl:text/>" found in platform element as part of the affected element is not a valid windows platform.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M441"/>
@@ -11307,44 +12506,62 @@
<xsl:apply-templates select="@*|node()" mode="M441"/>
</xsl:template>
- <!--PATTERN atstesesystemtimeprivilege-->
+ <!--PATTERN attst-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sesystemtimeprivilege" priority="4000"
- mode="M442">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:accesstoken_test/win-def:object" priority="4000" mode="M442">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:accesstoken_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sesystemtimeprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an accesstoken_test must reference an accesstoken_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M442"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:accesstoken_test/win-def:state" priority="3999" mode="M442">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:accesstoken_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an accesstoken_test must reference an accesstoken_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M442"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M442"/>
<xsl:template match="@*|node()" priority="-2" mode="M442">
<xsl:apply-templates select="@*|node()" mode="M442"/>
</xsl:template>
- <!--PATTERN atstesetakeownershipprivilege-->
+ <!--PATTERN atobjsecurity_principle-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:setakeownershipprivilege"
- priority="4000"
- mode="M443">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:accesstoken_object/win-def:security_principle" priority="4000" mode="M443">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the setakeownershipprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the security_principle entity of an accesstoken_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M443"/>
@@ -11354,20 +12571,21 @@
<xsl:apply-templates select="@*|node()" mode="M443"/>
</xsl:template>
- <!--PATTERN atstesetcbprivilege-->
+ <!--PATTERN atstesecurity_principle-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:setcbprivilege" priority="4000"
- mode="M444">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:security_principle" priority="4000" mode="M444">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the setcbprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the security_principle entity of an accesstoken_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M444"/>
@@ -11377,20 +12595,21 @@
<xsl:apply-templates select="@*|node()" mode="M444"/>
</xsl:template>
- <!--PATTERN atstesetimezoneprivilege-->
+ <!--PATTERN atsteseassignprimarytokenprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:setimezoneprivilege" priority="4000"
- mode="M445">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seassignprimarytokenprivilege" priority="4000" mode="M445">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the setimezoneprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seassignprimarytokenprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M445"/>
@@ -11400,20 +12619,21 @@
<xsl:apply-templates select="@*|node()" mode="M445"/>
</xsl:template>
- <!--PATTERN atsteseundockprivilege-->
+ <!--PATTERN atsteseauditprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seundockprivilege" priority="4000"
- mode="M446">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seauditprivilege" priority="4000" mode="M446">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seundockprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seauditprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M446"/>
@@ -11423,21 +12643,21 @@
<xsl:apply-templates select="@*|node()" mode="M446"/>
</xsl:template>
- <!--PATTERN atsteseunsolicitedinputprivilege-->
+ <!--PATTERN atstesebackupprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seunsolicitedinputprivilege"
- priority="4000"
- mode="M447">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:sebackupprivilege" priority="4000" mode="M447">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seunsolicitedinputprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sebackupprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M447"/>
@@ -11447,20 +12667,21 @@
<xsl:apply-templates select="@*|node()" mode="M447"/>
</xsl:template>
- <!--PATTERN atstesebatchlogonright-->
+ <!--PATTERN atstesechangenotifyprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sebatchlogonright" priority="4000"
- mode="M448">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:sechangenotifyprivilege" priority="4000" mode="M448">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sebatchlogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sechangenotifyprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M448"/>
@@ -11470,21 +12691,21 @@
<xsl:apply-templates select="@*|node()" mode="M448"/>
</xsl:template>
- <!--PATTERN atsteseinteractivelogonright-->
+ <!--PATTERN atstesecreateglobalprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seinteractivelogonright"
- priority="4000"
- mode="M449">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:secreateglobalprivilege" priority="4000" mode="M449">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secreateglobalprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M449"/>
@@ -11494,20 +12715,21 @@
<xsl:apply-templates select="@*|node()" mode="M449"/>
</xsl:template>
- <!--PATTERN atstesenetworklogonright-->
+ <!--PATTERN atstesecreatepagefileprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:senetworklogonright" priority="4000"
- mode="M450">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:secreatepagefileprivilege" priority="4000" mode="M450">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the senetworklogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secreatepagefileprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M450"/>
@@ -11517,21 +12739,21 @@
<xsl:apply-templates select="@*|node()" mode="M450"/>
</xsl:template>
- <!--PATTERN atsteseremoteinteractivelogonright-->
+ <!--PATTERN atstesecreatepermanentprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seremoteinteractivelogonright"
- priority="4000"
- mode="M451">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:secreatepermanentprivilege" priority="4000" mode="M451">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seremoteinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secreatepermanentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M451"/>
@@ -11541,20 +12763,21 @@
<xsl:apply-templates select="@*|node()" mode="M451"/>
</xsl:template>
- <!--PATTERN atsteseservicelogonright-->
+ <!--PATTERN atstesecreatesymboliclinkprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:seservicelogonright" priority="4000"
- mode="M452">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:secreatesymboliclinkprivilege" priority="4000" mode="M452">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the seservicelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secreatesymboliclinkprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M452"/>
@@ -11564,20 +12787,21 @@
<xsl:apply-templates select="@*|node()" mode="M452"/>
</xsl:template>
- <!--PATTERN atstesedenybatchLogonright-->
+ <!--PATTERN atstesecreatetokenprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedenybatchLogonright" priority="4000"
- mode="M453">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:secreatetokenprivilege" priority="4000" mode="M453">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedenybatchLogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secreatetokenprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M453"/>
@@ -11587,21 +12811,21 @@
<xsl:apply-templates select="@*|node()" mode="M453"/>
</xsl:template>
- <!--PATTERN atstesedenyinteractivelogonright-->
+ <!--PATTERN atstesedebugprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedenyinteractivelogonright"
- priority="4000"
- mode="M454">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedebugprivilege" priority="4000" mode="M454">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedenyinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedebugprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M454"/>
@@ -11611,21 +12835,21 @@
<xsl:apply-templates select="@*|node()" mode="M454"/>
</xsl:template>
- <!--PATTERN atstesedenynetworklogonright-->
+ <!--PATTERN atsteseenabledelegationprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedenynetworklogonright"
- priority="4000"
- mode="M455">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seenabledelegationprivilege" priority="4000" mode="M455">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedenynetworklogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seenabledelegationprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M455"/>
@@ -11635,21 +12859,21 @@
<xsl:apply-templates select="@*|node()" mode="M455"/>
</xsl:template>
- <!--PATTERN atstesedenyremoteInteractivelogonright-->
+ <!--PATTERN atsteseimpersonateprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedenyremoteInteractivelogonright"
- priority="4000"
- mode="M456">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seimpersonateprivilege" priority="4000" mode="M456">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedenyremoteInteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seimpersonateprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M456"/>
@@ -11659,21 +12883,21 @@
<xsl:apply-templates select="@*|node()" mode="M456"/>
</xsl:template>
- <!--PATTERN atstesedenyservicelogonright-->
+ <!--PATTERN atsteseincreasebasepriorityprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:accesstoken_state/win-def:sedenyservicelogonright"
- priority="4000"
- mode="M457">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seincreasebasepriorityprivilege" priority="4000" mode="M457">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sedenyservicelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seincreasebasepriorityprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M457"/>
@@ -11683,34 +12907,21 @@
<xsl:apply-templates select="@*|node()" mode="M457"/>
</xsl:template>
- <!--PATTERN adtst-->
+ <!--PATTERN atsteseincreasequotaprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_test/win-def:object" priority="4000" mode="M458">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:activedirectory_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an activedirectory_test must reference an activedirectory_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M458"/>
- </xsl:template>
+ <xsl:template match="win-def:accesstoken_state/win-def:seincreasequotaprivilege" priority="4000" mode="M458">
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_test/win-def:state" priority="3999" mode="M458">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:activedirectory_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an activedirectory_test must reference an activedirectory_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seincreasequotaprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M458"/>
@@ -11720,20 +12931,21 @@
<xsl:apply-templates select="@*|node()" mode="M458"/>
</xsl:template>
- <!--PATTERN adobjnaming_context-->
+ <!--PATTERN atsteseincreaseworkingsetprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_object/win-def:naming_context" priority="4000"
- mode="M459">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seincreaseworkingsetprivilege" priority="4000" mode="M459">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the naming_context entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seincreaseworkingsetprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M459"/>
@@ -11743,30 +12955,21 @@
<xsl:apply-templates select="@*|node()" mode="M459"/>
</xsl:template>
- <!--PATTERN adobjrelative_dn-->
+ <!--PATTERN atsteseloaddriverprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_object/win-def:relative_dn" priority="4000"
- mode="M460">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the relative_dn entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
+ <xsl:template match="win-def:accesstoken_state/win-def:seloaddriverprivilege" priority="4000" mode="M460">
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@xsi:nil='true') or ../win-def:attribute/@xsi:nil='true'"/>
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - attribute entity must be nil when relative_dn is nil<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seloaddriverprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M460"/>
@@ -11776,20 +12979,21 @@
<xsl:apply-templates select="@*|node()" mode="M460"/>
</xsl:template>
- <!--PATTERN adobjattribute-->
+ <!--PATTERN atsteselockmemoryprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_object/win-def:attribute" priority="4000"
- mode="M461">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:selockmemoryprivilege" priority="4000" mode="M461">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the attribute entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the selockmemoryprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M461"/>
@@ -11799,20 +13003,21 @@
<xsl:apply-templates select="@*|node()" mode="M461"/>
</xsl:template>
- <!--PATTERN adstenaming_context-->
+ <!--PATTERN atstesemachineaccountprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:naming_context" priority="4000"
- mode="M462">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:semachineaccountprivilege" priority="4000" mode="M462">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the naming_context entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the semachineaccountprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M462"/>
@@ -11822,20 +13027,21 @@
<xsl:apply-templates select="@*|node()" mode="M462"/>
</xsl:template>
- <!--PATTERN adsterelative_dn-->
+ <!--PATTERN atstesemanagevolumeprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:relative_dn" priority="4000"
- mode="M463">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:semanagevolumeprivilege" priority="4000" mode="M463">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the relative_dn entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the semanagevolumeprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M463"/>
@@ -11845,20 +13051,21 @@
<xsl:apply-templates select="@*|node()" mode="M463"/>
</xsl:template>
- <!--PATTERN adsteattribute-->
+ <!--PATTERN atsteseprofilesingleprocessprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:attribute" priority="4000"
- mode="M464">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seprofilesingleprocessprivilege" priority="4000" mode="M464">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the attribute entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seprofilesingleprocessprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M464"/>
@@ -11868,20 +13075,21 @@
<xsl:apply-templates select="@*|node()" mode="M464"/>
</xsl:template>
- <!--PATTERN adsteobject_class-->
+ <!--PATTERN atsteserelabelprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:object_class" priority="4000"
- mode="M465">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:serelabelprivilege" priority="4000" mode="M465">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the object_class entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the serelabelprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M465"/>
@@ -11891,20 +13099,21 @@
<xsl:apply-templates select="@*|node()" mode="M465"/>
</xsl:template>
- <!--PATTERN adsteadstype-->
+ <!--PATTERN atsteseremoteshutdownprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:adstype" priority="4000"
- mode="M466">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seremoteshutdownprivilege" priority="4000" mode="M466">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the adstype entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seremoteshutdownprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M466"/>
@@ -11914,19 +13123,21 @@
<xsl:apply-templates select="@*|node()" mode="M466"/>
</xsl:template>
- <!--PATTERN adstevalue-->
+ <!--PATTERN atsteserestoreprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:activedirectory_state/win-def:value" priority="4000" mode="M467">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:serestoreprivilege" priority="4000" mode="M467">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the serestoreprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M467"/>
@@ -11936,35 +13147,21 @@
<xsl:apply-templates select="@*|node()" mode="M467"/>
</xsl:template>
- <!--PATTERN aeptst-->
+ <!--PATTERN atstesesecurityprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_test/win-def:object" priority="4000"
- mode="M468">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:auditeventpolicy_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an auditeventpolicy_test must reference an auditeventpolicy_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M468"/>
- </xsl:template>
+ <xsl:template match="win-def:accesstoken_state/win-def:sesecurityprivilege" priority="4000" mode="M468">
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_test/win-def:state" priority="3999" mode="M468">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:auditeventpolicy_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an auditeventpolicy_test must reference an auditeventpolicy_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sesecurityprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M468"/>
@@ -11974,20 +13171,21 @@
<xsl:apply-templates select="@*|node()" mode="M468"/>
</xsl:template>
- <!--PATTERN aepsteaccount_logon-->
+ <!--PATTERN atsteseshutdownprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:account_logon" priority="4000"
- mode="M469">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seshutdownprivilege" priority="4000" mode="M469">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the account_logon entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seshutdownprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M469"/>
@@ -11997,21 +13195,21 @@
<xsl:apply-templates select="@*|node()" mode="M469"/>
</xsl:template>
- <!--PATTERN aepsteaccount_management-->
+ <!--PATTERN atstesesyncagentprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:account_management"
- priority="4000"
- mode="M470">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sesyncagentprivilege" priority="4000" mode="M470">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the account_management entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sesyncagentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M470"/>
@@ -12021,21 +13219,21 @@
<xsl:apply-templates select="@*|node()" mode="M470"/>
</xsl:template>
- <!--PATTERN aepstedetailed_tracking-->
+ <!--PATTERN atstesesystemenvironmentprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:detailed_tracking"
- priority="4000"
- mode="M471">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sesystemenvironmentprivilege" priority="4000" mode="M471">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the detailed_tracking entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sesystemenvironmentprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M471"/>
@@ -12045,21 +13243,21 @@
<xsl:apply-templates select="@*|node()" mode="M471"/>
</xsl:template>
- <!--PATTERN aepstedirectory_service_access-->
+ <!--PATTERN atstesesystemprofileprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:directory_service_access"
- priority="4000"
- mode="M472">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sesystemprofileprivilege" priority="4000" mode="M472">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_service_access entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sesystemprofileprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M472"/>
@@ -12069,20 +13267,21 @@
<xsl:apply-templates select="@*|node()" mode="M472"/>
</xsl:template>
- <!--PATTERN aepstelogon-->
+ <!--PATTERN atstesesystemtimeprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:logon" priority="4000"
- mode="M473">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sesystemtimeprivilege" priority="4000" mode="M473">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the logon entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sesystemtimeprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M473"/>
@@ -12092,20 +13291,21 @@
<xsl:apply-templates select="@*|node()" mode="M473"/>
</xsl:template>
- <!--PATTERN aepsteobject_access-->
+ <!--PATTERN atstesetakeownershipprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:object_access" priority="4000"
- mode="M474">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:setakeownershipprivilege" priority="4000" mode="M474">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the object_access entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the setakeownershipprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M474"/>
@@ -12115,20 +13315,21 @@
<xsl:apply-templates select="@*|node()" mode="M474"/>
</xsl:template>
- <!--PATTERN aepstepolicy_change-->
+ <!--PATTERN atstesetcbprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:policy_change" priority="4000"
- mode="M475">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:setcbprivilege" priority="4000" mode="M475">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the policy_change entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the setcbprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M475"/>
@@ -12138,20 +13339,21 @@
<xsl:apply-templates select="@*|node()" mode="M475"/>
</xsl:template>
- <!--PATTERN aepsteprivilege_use-->
+ <!--PATTERN atstesetimezoneprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:privilege_use" priority="4000"
- mode="M476">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:setimezoneprivilege" priority="4000" mode="M476">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the privilege_use entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the setimezoneprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M476"/>
@@ -12161,20 +13363,21 @@
<xsl:apply-templates select="@*|node()" mode="M476"/>
</xsl:template>
- <!--PATTERN aepstesystem-->
+ <!--PATTERN atsteseundockprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicy_state/win-def:system" priority="4000"
- mode="M477">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seundockprivilege" priority="4000" mode="M477">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the system entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seundockprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M477"/>
@@ -12184,38 +13387,21 @@
<xsl:apply-templates select="@*|node()" mode="M477"/>
</xsl:template>
- <!--PATTERN aepstst-->
+ <!--PATTERN atsteseunsolicitedinputprivilege-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_test/win-def:object"
- priority="4000"
- mode="M478">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:auditeventpolicysubcategories_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an auditeventpolicysubcategories_test must reference an auditeventpolicysubcategories_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M478"/>
- </xsl:template>
+ <xsl:template match="win-def:accesstoken_state/win-def:seunsolicitedinputprivilege" priority="4000" mode="M478">
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_test/win-def:state"
- priority="3999"
- mode="M478">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:auditeventpolicysubcategories_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an auditeventpolicysubcategories_test must reference an auditeventpolicysubcategories_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seunsolicitedinputprivilege entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M478"/>
@@ -12225,21 +13411,21 @@
<xsl:apply-templates select="@*|node()" mode="M478"/>
</xsl:template>
- <!--PATTERN aepsstecredentialvalidation-->
+ <!--PATTERN atstesebatchlogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:credential_validation"
- priority="4000"
- mode="M479">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sebatchlogonright" priority="4000" mode="M479">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the credential_validation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sebatchlogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M479"/>
@@ -12249,21 +13435,21 @@
<xsl:apply-templates select="@*|node()" mode="M479"/>
</xsl:template>
- <!--PATTERN aepsstekerberosticketevents-->
+ <!--PATTERN atsteseinteractivelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:kerberos_ticket_events"
- priority="4000"
- mode="M480">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seinteractivelogonright" priority="4000" mode="M480">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the kerberos_ticket_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M480"/>
@@ -12273,21 +13459,21 @@
<xsl:apply-templates select="@*|node()" mode="M480"/>
</xsl:template>
- <!--PATTERN aepssteotheraccountlogonevents-->
+ <!--PATTERN atstesenetworklogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_account_logon_events"
- priority="4000"
- mode="M481">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:senetworklogonright" priority="4000" mode="M481">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_account_logon_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the senetworklogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M481"/>
@@ -12297,21 +13483,21 @@
<xsl:apply-templates select="@*|node()" mode="M481"/>
</xsl:template>
- <!--PATTERN aepssteapplicationgroupmanagement-->
+ <!--PATTERN atsteseremoteinteractivelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:application_group_management"
- priority="4000"
- mode="M482">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seremoteinteractivelogonright" priority="4000" mode="M482">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the application_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seremoteinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M482"/>
@@ -12321,21 +13507,21 @@
<xsl:apply-templates select="@*|node()" mode="M482"/>
</xsl:template>
- <!--PATTERN aepsstecomputeraccountmanagement-->
+ <!--PATTERN atsteseservicelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:computer_account_management"
- priority="4000"
- mode="M483">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:seservicelogonright" priority="4000" mode="M483">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the computer_account_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the seservicelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M483"/>
@@ -12345,21 +13531,21 @@
<xsl:apply-templates select="@*|node()" mode="M483"/>
</xsl:template>
- <!--PATTERN aepsstedistributiongroupmanagement-->
+ <!--PATTERN atstesedenybatchLogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:distribution_group_management"
- priority="4000"
- mode="M484">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedenybatchLogonright" priority="4000" mode="M484">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the distribution_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedenybatchLogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M484"/>
@@ -12369,21 +13555,21 @@
<xsl:apply-templates select="@*|node()" mode="M484"/>
</xsl:template>
- <!--PATTERN aepssteotheraccountmanagementevents-->
+ <!--PATTERN atstesedenyinteractivelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_account_management_events"
- priority="4000"
- mode="M485">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedenyinteractivelogonright" priority="4000" mode="M485">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_account_management_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedenyinteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M485"/>
@@ -12393,21 +13579,21 @@
<xsl:apply-templates select="@*|node()" mode="M485"/>
</xsl:template>
- <!--PATTERN aepsstesecuritygroupmanagement-->
+ <!--PATTERN atstesedenynetworklogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_group_management"
- priority="4000"
- mode="M486">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedenynetworklogonright" priority="4000" mode="M486">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the security_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedenynetworklogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M486"/>
@@ -12417,21 +13603,21 @@
<xsl:apply-templates select="@*|node()" mode="M486"/>
</xsl:template>
- <!--PATTERN aepssteuseraccountmanagement-->
+ <!--PATTERN atstesedenyremoteInteractivelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:user_account_management"
- priority="4000"
- mode="M487">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedenyremoteInteractivelogonright" priority="4000" mode="M487">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_account_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedenyremoteInteractivelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M487"/>
@@ -12441,21 +13627,21 @@
<xsl:apply-templates select="@*|node()" mode="M487"/>
</xsl:template>
- <!--PATTERN aepsstedpapiactivity-->
+ <!--PATTERN atstesedenyservicelogonright-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:dpapi_activity"
- priority="4000"
- mode="M488">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:accesstoken_state/win-def:sedenyservicelogonright" priority="4000" mode="M488">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the dpapi_activity entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sedenyservicelogonright entity of an accesstoken_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M488"/>
@@ -12465,45 +13651,62 @@
<xsl:apply-templates select="@*|node()" mode="M488"/>
</xsl:template>
- <!--PATTERN aepssteprocesscreation-->
+ <!--PATTERN adtst-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:process_creation"
- priority="4000"
- mode="M489">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:activedirectory_test/win-def:object" priority="4000" mode="M489">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:activedirectory_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the process_creation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an activedirectory_test must reference an activedirectory_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M489"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:activedirectory_test/win-def:state" priority="3999" mode="M489">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:activedirectory_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an activedirectory_test must reference an activedirectory_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M489"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M489"/>
<xsl:template match="@*|node()" priority="-2" mode="M489">
<xsl:apply-templates select="@*|node()" mode="M489"/>
</xsl:template>
- <!--PATTERN aepssteprocesstermination-->
+ <!--PATTERN adobjnaming_context-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:process_termination"
- priority="4000"
- mode="M490">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_object/win-def:naming_context" priority="4000" mode="M490">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the process_termination entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the naming_context entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M490"/>
@@ -12513,23 +13716,34 @@
<xsl:apply-templates select="@*|node()" mode="M490"/>
</xsl:template>
- <!--PATTERN aepssterpcevents-->
+ <!--PATTERN adobjrelative_dn-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:rpc_events"
- priority="4000"
- mode="M491">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_object/win-def:relative_dn" priority="4000" mode="M491">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the rpc_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the relative_dn entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@xsi:nil='true') or ../win-def:attribute/@xsi:nil='true'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - attribute entity must be nil when relative_dn is nil<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M491"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M491"/>
@@ -12537,21 +13751,21 @@
<xsl:apply-templates select="@*|node()" mode="M491"/>
</xsl:template>
- <!--PATTERN aepsstedirectoryserviceaccess-->
+ <!--PATTERN adobjattribute-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_access"
- priority="4000"
- mode="M492">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_object/win-def:attribute" priority="4000" mode="M492">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_service_access entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the attribute entity of an activedirectory_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M492"/>
@@ -12561,21 +13775,21 @@
<xsl:apply-templates select="@*|node()" mode="M492"/>
</xsl:template>
- <!--PATTERN aepsstedirectoryservicechanges-->
+ <!--PATTERN adstenaming_context-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_changes"
- priority="4000"
- mode="M493">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_state/win-def:naming_context" priority="4000" mode="M493">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_service_changes entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the naming_context entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M493"/>
@@ -12585,21 +13799,21 @@
<xsl:apply-templates select="@*|node()" mode="M493"/>
</xsl:template>
- <!--PATTERN aepsstedirectoryservicereplication-->
+ <!--PATTERN adsterelative_dn-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_replication"
- priority="4000"
- mode="M494">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_state/win-def:relative_dn" priority="4000" mode="M494">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the directory_service_replication entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the relative_dn entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M494"/>
@@ -12609,21 +13823,21 @@
<xsl:apply-templates select="@*|node()" mode="M494"/>
</xsl:template>
- <!--PATTERN aepsstedetaileddirectoryservicereplication-->
+ <!--PATTERN adsteattribute-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:detailed_directory_service_replication"
- priority="4000"
- mode="M495">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_state/win-def:attribute" priority="4000" mode="M495">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the detailed_directory_service_replication entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the attribute entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M495"/>
@@ -12633,21 +13847,21 @@
<xsl:apply-templates select="@*|node()" mode="M495"/>
</xsl:template>
- <!--PATTERN aepssteaccountlockout-->
+ <!--PATTERN adsteobject_class-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:account_lockout"
- priority="4000"
- mode="M496">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_state/win-def:object_class" priority="4000" mode="M496">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the account_lockout entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the object_class entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M496"/>
@@ -12657,21 +13871,21 @@
<xsl:apply-templates select="@*|node()" mode="M496"/>
</xsl:template>
- <!--PATTERN aepssteipsecextendedmode-->
+ <!--PATTERN adsteadstype-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_extended_mode"
- priority="4000"
- mode="M497">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:activedirectory_state/win-def:adstype" priority="4000" mode="M497">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ipsec_extended_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the adstype entity of an activedirectory_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M497"/>
@@ -12681,21 +13895,21 @@
<xsl:apply-templates select="@*|node()" mode="M497"/>
</xsl:template>
- <!--PATTERN aepssteipsecmainmode-->
+ <!--PATTERN adstevalue-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_main_mode"
- priority="4000"
- mode="M498">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:activedirectory_state/win-def:value" priority="4000" mode="M498">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ipsec_main_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M498"/>
@@ -12705,45 +13919,62 @@
<xsl:apply-templates select="@*|node()" mode="M498"/>
</xsl:template>
- <!--PATTERN aepssteipsec_quick_mode-->
+ <!--PATTERN aeptst-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_quick_mode"
- priority="4000"
- mode="M499">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:auditeventpolicy_test/win-def:object" priority="4000" mode="M499">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:auditeventpolicy_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ipsec_quick_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an auditeventpolicy_test must reference an auditeventpolicy_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M499"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:auditeventpolicy_test/win-def:state" priority="3999" mode="M499">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:auditeventpolicy_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an auditeventpolicy_test must reference an auditeventpolicy_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M499"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M499"/>
<xsl:template match="@*|node()" priority="-2" mode="M499">
<xsl:apply-templates select="@*|node()" mode="M499"/>
</xsl:template>
- <!--PATTERN aepsstelogoff-->
+ <!--PATTERN aepsteaccount_logon-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:logoff"
- priority="4000"
- mode="M500">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:account_logon" priority="4000" mode="M500">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the logoff entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the account_logon entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M500"/>
@@ -12753,21 +13984,21 @@
<xsl:apply-templates select="@*|node()" mode="M500"/>
</xsl:template>
- <!--PATTERN aepsstelogon-->
+ <!--PATTERN aepsteaccount_management-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:logon"
- priority="4000"
- mode="M501">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:account_management" priority="4000" mode="M501">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the logon entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the account_management entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M501"/>
@@ -12777,21 +14008,21 @@
<xsl:apply-templates select="@*|node()" mode="M501"/>
</xsl:template>
- <!--PATTERN aepssteotherlogonlogoffevents-->
+ <!--PATTERN aepstedetailed_tracking-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_logon_logoff_events"
- priority="4000"
- mode="M502">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:detailed_tracking" priority="4000" mode="M502">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_logon_logoff_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the detailed_tracking entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M502"/>
@@ -12801,21 +14032,21 @@
<xsl:apply-templates select="@*|node()" mode="M502"/>
</xsl:template>
- <!--PATTERN aepsstespeciallogon-->
+ <!--PATTERN aepstedirectory_service_access-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:special_logon"
- priority="4000"
- mode="M503">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:directory_service_access" priority="4000" mode="M503">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the special_logon entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_service_access entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M503"/>
@@ -12825,21 +14056,21 @@
<xsl:apply-templates select="@*|node()" mode="M503"/>
</xsl:template>
- <!--PATTERN aepssteapplicationgenerated-->
+ <!--PATTERN aepstelogon-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:application_generated"
- priority="4000"
- mode="M504">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:logon" priority="4000" mode="M504">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the application_generated entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the logon entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M504"/>
@@ -12849,21 +14080,21 @@
<xsl:apply-templates select="@*|node()" mode="M504"/>
</xsl:template>
- <!--PATTERN aepsstecertificationservices-->
+ <!--PATTERN aepsteobject_access-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:certification_services"
- priority="4000"
- mode="M505">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:object_access" priority="4000" mode="M505">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the certification_services entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the object_access entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M505"/>
@@ -12873,21 +14104,21 @@
<xsl:apply-templates select="@*|node()" mode="M505"/>
</xsl:template>
- <!--PATTERN aepsstefileshare-->
+ <!--PATTERN aepstepolicy_change-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:file_share"
- priority="4000"
- mode="M506">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:policy_change" priority="4000" mode="M506">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_share entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the policy_change entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M506"/>
@@ -12897,21 +14128,21 @@
<xsl:apply-templates select="@*|node()" mode="M506"/>
</xsl:template>
- <!--PATTERN aepsstefilesystem-->
+ <!--PATTERN aepsteprivilege_use-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:file_system"
- priority="4000"
- mode="M507">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:privilege_use" priority="4000" mode="M507">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_system entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the privilege_use entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M507"/>
@@ -12921,21 +14152,21 @@
<xsl:apply-templates select="@*|node()" mode="M507"/>
</xsl:template>
- <!--PATTERN aepsstefilteringplatformconnection-->
+ <!--PATTERN aepstesystem-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_connection"
- priority="4000"
- mode="M508">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicy_state/win-def:system" priority="4000" mode="M508">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filtering_platform_connection entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the system entity of an auditeventpolicy_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M508"/>
@@ -12945,45 +14176,62 @@
<xsl:apply-templates select="@*|node()" mode="M508"/>
</xsl:template>
- <!--PATTERN aepsstefilteringplatformpacketdrop-->
+ <!--PATTERN aepstst-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_packet_drop"
- priority="4000"
- mode="M509">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_test/win-def:object" priority="4000" mode="M509">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:auditeventpolicysubcategories_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filtering_platform_packet_drop entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an auditeventpolicysubcategories_test must reference an auditeventpolicysubcategories_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M509"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:auditeventpolicysubcategories_test/win-def:state" priority="3999" mode="M509">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:auditeventpolicysubcategories_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of an auditeventpolicysubcategories_test must reference an auditeventpolicysubcategories_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M509"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M509"/>
<xsl:template match="@*|node()" priority="-2" mode="M509">
<xsl:apply-templates select="@*|node()" mode="M509"/>
</xsl:template>
- <!--PATTERN aepsstehandlemanipulation-->
+ <!--PATTERN aepsstecredentialvalidation-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:handle_manipulation"
- priority="4000"
- mode="M510">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:credential_validation" priority="4000" mode="M510">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the handle_manipulation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the credential_validation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M510"/>
@@ -12993,21 +14241,21 @@
<xsl:apply-templates select="@*|node()" mode="M510"/>
</xsl:template>
- <!--PATTERN aepsstekernelobject-->
+ <!--PATTERN aepsstekerberosticketevents-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:kernel_object"
- priority="4000"
- mode="M511">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:kerberos_ticket_events" priority="4000" mode="M511">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the kernel_object entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the kerberos_ticket_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M511"/>
@@ -13017,21 +14265,21 @@
<xsl:apply-templates select="@*|node()" mode="M511"/>
</xsl:template>
- <!--PATTERN aepssteotherobjectaccessevents-->
+ <!--PATTERN aepssteotheraccountlogonevents-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_object_access_events"
- priority="4000"
- mode="M512">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_account_logon_events" priority="4000" mode="M512">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_object_access_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_account_logon_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M512"/>
@@ -13041,21 +14289,21 @@
<xsl:apply-templates select="@*|node()" mode="M512"/>
</xsl:template>
- <!--PATTERN aepssteregistry-->
+ <!--PATTERN aepssteapplicationgroupmanagement-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:registry"
- priority="4000"
- mode="M513">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:application_group_management" priority="4000" mode="M513">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the registry entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the application_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M513"/>
@@ -13065,20 +14313,21 @@
<xsl:apply-templates select="@*|node()" mode="M513"/>
</xsl:template>
- <!--PATTERN aepsstesam-->
+ <!--PATTERN aepsstecomputeraccountmanagement-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:sam" priority="4000"
- mode="M514">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:computer_account_management" priority="4000" mode="M514">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sam entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the computer_account_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M514"/>
@@ -13088,21 +14337,21 @@
<xsl:apply-templates select="@*|node()" mode="M514"/>
</xsl:template>
- <!--PATTERN aepssteauditpolicychange-->
+ <!--PATTERN aepsstedistributiongroupmanagement-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:audit_policy_change"
- priority="4000"
- mode="M515">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:distribution_group_management" priority="4000" mode="M515">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the audit_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the distribution_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M515"/>
@@ -13112,21 +14361,21 @@
<xsl:apply-templates select="@*|node()" mode="M515"/>
</xsl:template>
- <!--PATTERN aepssteauthenticationpolicychange-->
+ <!--PATTERN aepssteotheraccountmanagementevents-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:authentication_policy_change"
- priority="4000"
- mode="M516">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_account_management_events" priority="4000" mode="M516">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the authentication_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_account_management_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M516"/>
@@ -13136,21 +14385,21 @@
<xsl:apply-templates select="@*|node()" mode="M516"/>
</xsl:template>
- <!--PATTERN aepssteauthorizationpolicychange-->
+ <!--PATTERN aepsstesecuritygroupmanagement-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:authorization_policy_change"
- priority="4000"
- mode="M517">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_group_management" priority="4000" mode="M517">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the authorization_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the security_group_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M517"/>
@@ -13160,21 +14409,21 @@
<xsl:apply-templates select="@*|node()" mode="M517"/>
</xsl:template>
- <!--PATTERN aepsstefilteringplatformpolicychange-->
+ <!--PATTERN aepssteuseraccountmanagement-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_policy_change"
- priority="4000"
- mode="M518">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:user_account_management" priority="4000" mode="M518">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filtering_platform_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_account_management entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M518"/>
@@ -13184,21 +14433,21 @@
<xsl:apply-templates select="@*|node()" mode="M518"/>
</xsl:template>
- <!--PATTERN aepsstempssvcrulelevelpolicychange-->
+ <!--PATTERN aepsstedpapiactivity-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:mpssvc_rule_level_policy_change"
- priority="4000"
- mode="M519">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:dpapi_activity" priority="4000" mode="M519">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the mpssvc_rule_level_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the dpapi_activity entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M519"/>
@@ -13208,21 +14457,21 @@
<xsl:apply-templates select="@*|node()" mode="M519"/>
</xsl:template>
- <!--PATTERN aepssteotherpolicychangeevents-->
+ <!--PATTERN aepssteprocesscreation-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_policy_change_events"
- priority="4000"
- mode="M520">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:process_creation" priority="4000" mode="M520">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_policy_change_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the process_creation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M520"/>
@@ -13232,21 +14481,21 @@
<xsl:apply-templates select="@*|node()" mode="M520"/>
</xsl:template>
- <!--PATTERN aepsstenonsensitiveprivilegeuse-->
+ <!--PATTERN aepssteprocesstermination-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:non_sensitive_privilege_use"
- priority="4000"
- mode="M521">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:process_termination" priority="4000" mode="M521">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the non_sensitive_privilege_use entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the process_termination entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M521"/>
@@ -13256,21 +14505,21 @@
<xsl:apply-templates select="@*|node()" mode="M521"/>
</xsl:template>
- <!--PATTERN aepssteotherprivilegeuseevents-->
+ <!--PATTERN aepssterpcevents-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_privilege_use_events"
- priority="4000"
- mode="M522">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:rpc_events" priority="4000" mode="M522">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_privilege_use_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the rpc_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M522"/>
@@ -13280,21 +14529,21 @@
<xsl:apply-templates select="@*|node()" mode="M522"/>
</xsl:template>
- <!--PATTERN aepsstesensitive_privilege_use-->
+ <!--PATTERN aepsstedirectoryserviceaccess-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:sensitive_privilege_use"
- priority="4000"
- mode="M523">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_access" priority="4000" mode="M523">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the sensitive_privilege_use entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_service_access entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M523"/>
@@ -13304,21 +14553,21 @@
<xsl:apply-templates select="@*|node()" mode="M523"/>
</xsl:template>
- <!--PATTERN aepssteipsecdriver-->
+ <!--PATTERN aepsstedirectoryservicechanges-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_driver"
- priority="4000"
- mode="M524">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_changes" priority="4000" mode="M524">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ipsec_driver entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_service_changes entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M524"/>
@@ -13328,21 +14577,21 @@
<xsl:apply-templates select="@*|node()" mode="M524"/>
</xsl:template>
- <!--PATTERN aepssteothersystemevents-->
+ <!--PATTERN aepsstedirectoryservicereplication-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_system_events"
- priority="4000"
- mode="M525">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:directory_service_replication" priority="4000" mode="M525">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the other_system_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the directory_service_replication entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M525"/>
@@ -13352,21 +14601,21 @@
<xsl:apply-templates select="@*|node()" mode="M525"/>
</xsl:template>
- <!--PATTERN aepsstesecuritystatechange-->
+ <!--PATTERN aepsstedetaileddirectoryservicereplication-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_state_change"
- priority="4000"
- mode="M526">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:detailed_directory_service_replication" priority="4000" mode="M526">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the security_state_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the detailed_directory_service_replication entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M526"/>
@@ -13376,21 +14625,21 @@
<xsl:apply-templates select="@*|node()" mode="M526"/>
</xsl:template>
- <!--PATTERN aepsstesecuritysystemextension-->
+ <!--PATTERN aepssteaccountlockout-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_system_extension"
- priority="4000"
- mode="M527">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:account_lockout" priority="4000" mode="M527">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the security_system_extension entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the account_lockout entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M527"/>
@@ -13400,21 +14649,21 @@
<xsl:apply-templates select="@*|node()" mode="M527"/>
</xsl:template>
- <!--PATTERN aepsstesystemintegrity-->
+ <!--PATTERN aepssteipsecextendedmode-->
- <!--RULE -->
-<xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:system_integrity"
- priority="4000"
- mode="M528">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_extended_mode" priority="4000" mode="M528">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the system_integrity entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ipsec_extended_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M528"/>
@@ -13424,34 +14673,21 @@
<xsl:apply-templates select="@*|node()" mode="M528"/>
</xsl:template>
- <!--PATTERN filetst-->
+ <!--PATTERN aepssteipsecmainmode-->
- <!--RULE -->
-<xsl:template match="win-def:file_test/win-def:object" priority="4000" mode="M529">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:file_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a file_test must reference a file_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M529"/>
- </xsl:template>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_main_mode" priority="4000" mode="M529">
- <!--RULE -->
-<xsl:template match="win-def:file_test/win-def:state" priority="3999" mode="M529">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:file_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a file_test must reference a file_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ipsec_main_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M529"/>
@@ -13461,19 +14697,21 @@
<xsl:apply-templates select="@*|node()" mode="M529"/>
</xsl:template>
- <!--PATTERN fileobjpath-->
+ <!--PATTERN aepssteipsec_quick_mode-->
- <!--RULE -->
-<xsl:template match="win-def:file_object/win-def:path" priority="4000" mode="M530">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_quick_mode" priority="4000" mode="M530">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ipsec_quick_mode entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M530"/>
@@ -13483,31 +14721,23 @@
<xsl:apply-templates select="@*|node()" mode="M530"/>
</xsl:template>
- <!--PATTERN fileobjfilename-->
+ <!--PATTERN aepsstelogoff-->
- <!--RULE -->
-<xsl:template match="win-def:file_object/win-def:filename" priority="4000" mode="M531">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:logoff" priority="4000" mode="M531">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the logoff entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M531"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M531"/>
@@ -13515,19 +14745,21 @@
<xsl:apply-templates select="@*|node()" mode="M531"/>
</xsl:template>
- <!--PATTERN filestepath-->
+ <!--PATTERN aepsstelogon-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:path" priority="4000" mode="M532">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:logon" priority="4000" mode="M532">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the logon entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M532"/>
@@ -13537,31 +14769,23 @@
<xsl:apply-templates select="@*|node()" mode="M532"/>
</xsl:template>
- <!--PATTERN filestefilename-->
+ <!--PATTERN aepssteotherlogonlogoffevents-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:filename" priority="4000" mode="M533">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_logon_logoff_events" priority="4000" mode="M533">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_logon_logoff_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M533"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M533"/>
@@ -13569,19 +14793,21 @@
<xsl:apply-templates select="@*|node()" mode="M533"/>
</xsl:template>
- <!--PATTERN filesteowner-->
+ <!--PATTERN aepsstespeciallogon-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:owner" priority="4000" mode="M534">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:special_logon" priority="4000" mode="M534">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the owner entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the special_logon entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M534"/>
@@ -13591,19 +14817,21 @@
<xsl:apply-templates select="@*|node()" mode="M534"/>
</xsl:template>
- <!--PATTERN filestesize-->
+ <!--PATTERN aepssteapplicationgenerated-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:size" priority="4000" mode="M535">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:application_generated" priority="4000" mode="M535">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the size entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the application_generated entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M535"/>
@@ -13613,19 +14841,21 @@
<xsl:apply-templates select="@*|node()" mode="M535"/>
</xsl:template>
- <!--PATTERN filestea_time-->
+ <!--PATTERN aepsstecertificationservices-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:a_time" priority="4000" mode="M536">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:certification_services" priority="4000" mode="M536">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the a_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the certification_services entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M536"/>
@@ -13635,19 +14865,21 @@
<xsl:apply-templates select="@*|node()" mode="M536"/>
</xsl:template>
- <!--PATTERN filestec_time-->
+ <!--PATTERN aepsstefileshare-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:c_time" priority="4000" mode="M537">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:file_share" priority="4000" mode="M537">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the c_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_share entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M537"/>
@@ -13657,19 +14889,21 @@
<xsl:apply-templates select="@*|node()" mode="M537"/>
</xsl:template>
- <!--PATTERN filestem_time-->
+ <!--PATTERN aepsstefilesystem-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:m_time" priority="4000" mode="M538">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:file_system" priority="4000" mode="M538">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the m_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_system entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M538"/>
@@ -13679,19 +14913,21 @@
<xsl:apply-templates select="@*|node()" mode="M538"/>
</xsl:template>
- <!--PATTERN filestems_checksum-->
+ <!--PATTERN aepsstefilteringplatformconnection-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:ms_checksum" priority="4000" mode="M539">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_connection" priority="4000" mode="M539">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ms_checksum entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filtering_platform_connection entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M539"/>
@@ -13701,19 +14937,21 @@
<xsl:apply-templates select="@*|node()" mode="M539"/>
</xsl:template>
- <!--PATTERN filesteversion-->
+ <!--PATTERN aepsstefilteringplatformpacketdrop-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:version" priority="4000" mode="M540">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_packet_drop" priority="4000" mode="M540">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the version entity of a file_state should be 'version'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filtering_platform_packet_drop entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M540"/>
@@ -13723,19 +14961,21 @@
<xsl:apply-templates select="@*|node()" mode="M540"/>
</xsl:template>
- <!--PATTERN filestetype-->
+ <!--PATTERN aepsstehandlemanipulation-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:type" priority="4000" mode="M541">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:handle_manipulation" priority="4000" mode="M541">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the handle_manipulation entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M541"/>
@@ -13745,20 +14985,21 @@
<xsl:apply-templates select="@*|node()" mode="M541"/>
</xsl:template>
- <!--PATTERN filestedevelopment_class-->
+ <!--PATTERN aepsstekernelobject-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:development_class" priority="4000"
- mode="M542">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:kernel_object" priority="4000" mode="M542">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the development_class entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the kernel_object entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M542"/>
@@ -13768,19 +15009,21 @@
<xsl:apply-templates select="@*|node()" mode="M542"/>
</xsl:template>
- <!--PATTERN filestecompany-->
+ <!--PATTERN aepssteotherobjectaccessevents-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:company" priority="4000" mode="M543">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_object_access_events" priority="4000" mode="M543">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the company entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_object_access_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M543"/>
@@ -13790,19 +15033,21 @@
<xsl:apply-templates select="@*|node()" mode="M543"/>
</xsl:template>
- <!--PATTERN filesteinternalname-->
+ <!--PATTERN aepssteregistry-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:internal_name" priority="4000" mode="M544">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:registry" priority="4000" mode="M544">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the internal_name entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the registry entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M544"/>
@@ -13812,19 +15057,21 @@
<xsl:apply-templates select="@*|node()" mode="M544"/>
</xsl:template>
- <!--PATTERN filestelanguage-->
+ <!--PATTERN aepsstesam-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:language" priority="4000" mode="M545">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:sam" priority="4000" mode="M545">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the language entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sam entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M545"/>
@@ -13834,20 +15081,21 @@
<xsl:apply-templates select="@*|node()" mode="M545"/>
</xsl:template>
- <!--PATTERN filesteoriginalfilename-->
+ <!--PATTERN aepssteauditpolicychange-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:original_filename" priority="4000"
- mode="M546">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:audit_policy_change" priority="4000" mode="M546">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the original_filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the audit_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M546"/>
@@ -13857,19 +15105,21 @@
<xsl:apply-templates select="@*|node()" mode="M546"/>
</xsl:template>
- <!--PATTERN filesteproductname-->
+ <!--PATTERN aepssteauthenticationpolicychange-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:product_name" priority="4000" mode="M547">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:authentication_policy_change" priority="4000" mode="M547">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the product_name entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the authentication_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M547"/>
@@ -13879,19 +15129,21 @@
<xsl:apply-templates select="@*|node()" mode="M547"/>
</xsl:template>
- <!--PATTERN filesteproductversion-->
+ <!--PATTERN aepssteauthorizationpolicychange-->
- <!--RULE -->
-<xsl:template match="win-def:file_state/win-def:product_version" priority="4000" mode="M548">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='version'"/>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:authorization_policy_change" priority="4000" mode="M548">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the product_version entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the authorization_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M548"/>
@@ -13901,36 +15153,21 @@
<xsl:apply-templates select="@*|node()" mode="M548"/>
</xsl:template>
- <!--PATTERN fap53tst-->
+ <!--PATTERN aepsstefilteringplatformpolicychange-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_test/win-def:object" priority="4000"
- mode="M549">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileauditedpermissions53_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a fileauditedpermissions53_test must reference a fileauditedpermissions53_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M549"/>
- </xsl:template>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:filtering_platform_policy_change" priority="4000" mode="M549">
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_test/win-def:state" priority="3999"
- mode="M549">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileauditedpermissions53_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a fileauditedpermissions53_test must reference a fileauditedpermissions53_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filtering_platform_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M549"/>
@@ -13940,20 +15177,21 @@
<xsl:apply-templates select="@*|node()" mode="M549"/>
</xsl:template>
- <!--PATTERN fap53objpath-->
+ <!--PATTERN aepsstempssvcrulelevelpolicychange-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_object/win-def:path" priority="4000"
- mode="M550">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:mpssvc_rule_level_policy_change" priority="4000" mode="M550">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the mpssvc_rule_level_policy_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M550"/>
@@ -13963,33 +15201,23 @@
<xsl:apply-templates select="@*|node()" mode="M550"/>
</xsl:template>
- <!--PATTERN fap53objfilename-->
+ <!--PATTERN aepssteotherpolicychangeevents-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_object/win-def:filename"
- priority="4000"
- mode="M551">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_policy_change_events" priority="4000" mode="M551">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_policy_change_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M551"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M551"/>
@@ -13997,21 +15225,21 @@
<xsl:apply-templates select="@*|node()" mode="M551"/>
</xsl:template>
- <!--PATTERN fap53objtrustee_sid-->
+ <!--PATTERN aepsstenonsensitiveprivilegeuse-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_object/win-def:trustee_sid"
- priority="4000"
- mode="M552">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:non_sensitive_privilege_use" priority="4000" mode="M552">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the non_sensitive_privilege_use entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M552"/>
@@ -14021,20 +15249,21 @@
<xsl:apply-templates select="@*|node()" mode="M552"/>
</xsl:template>
- <!--PATTERN fap53stepath-->
+ <!--PATTERN aepssteotherprivilegeuseevents-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:path" priority="4000"
- mode="M553">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_privilege_use_events" priority="4000" mode="M553">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_privilege_use_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M553"/>
@@ -14044,32 +15273,23 @@
<xsl:apply-templates select="@*|node()" mode="M553"/>
</xsl:template>
- <!--PATTERN fap53stefilename-->
+ <!--PATTERN aepsstesensitive_privilege_use-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:filename" priority="4000"
- mode="M554">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:sensitive_privilege_use" priority="4000" mode="M554">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the sensitive_privilege_use entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M554"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M554"/>
@@ -14077,21 +15297,21 @@
<xsl:apply-templates select="@*|node()" mode="M554"/>
</xsl:template>
- <!--PATTERN fap53stetrustee_sid-->
+ <!--PATTERN aepssteipsecdriver-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:trustee_sid"
- priority="4000"
- mode="M555">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:ipsec_driver" priority="4000" mode="M555">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ipsec_driver entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M555"/>
@@ -14101,21 +15321,21 @@
<xsl:apply-templates select="@*|node()" mode="M555"/>
</xsl:template>
- <!--PATTERN fap53stestandard_delete-->
+ <!--PATTERN aepssteothersystemevents-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_delete"
- priority="4000"
- mode="M556">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:other_system_events" priority="4000" mode="M556">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the other_system_events entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M556"/>
@@ -14125,21 +15345,21 @@
<xsl:apply-templates select="@*|node()" mode="M556"/>
</xsl:template>
- <!--PATTERN fap53stestandard_read_control-->
+ <!--PATTERN aepsstesecuritystatechange-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_read_control"
- priority="4000"
- mode="M557">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_state_change" priority="4000" mode="M557">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the security_state_change entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M557"/>
@@ -14149,21 +15369,21 @@
<xsl:apply-templates select="@*|node()" mode="M557"/>
</xsl:template>
- <!--PATTERN fap53stestandard_write_dac-->
+ <!--PATTERN aepsstesecuritysystemextension-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_write_dac"
- priority="4000"
- mode="M558">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:security_system_extension" priority="4000" mode="M558">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the security_system_extension entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M558"/>
@@ -14173,21 +15393,21 @@
<xsl:apply-templates select="@*|node()" mode="M558"/>
</xsl:template>
- <!--PATTERN fap53stestandard_write_owner-->
+ <!--PATTERN aepsstesystemintegrity-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_write_owner"
- priority="4000"
- mode="M559">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:auditeventpolicysubcategories_state/win-def:system_integrity" priority="4000" mode="M559">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the system_integrity entity of an auditeventpolicysubcategories_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M559"/>
@@ -14197,45 +15417,62 @@
<xsl:apply-templates select="@*|node()" mode="M559"/>
</xsl:template>
- <!--PATTERN fap53stestandard_synchronize-->
+ <!--PATTERN filetst-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_synchronize"
- priority="4000"
- mode="M560">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_test/win-def:object" priority="4000" mode="M560">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:file_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a file_test must reference a file_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M560"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:file_test/win-def:state" priority="3999" mode="M560">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:file_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a file_test must reference a file_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M560"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M560"/>
<xsl:template match="@*|node()" priority="-2" mode="M560">
<xsl:apply-templates select="@*|node()" mode="M560"/>
</xsl:template>
- <!--PATTERN fap53steaccess_system_security-->
+ <!--PATTERN fileobjpath-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:access_system_security"
- priority="4000"
- mode="M561">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_object/win-def:path" priority="4000" mode="M561">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M561"/>
@@ -14245,23 +15482,34 @@
<xsl:apply-templates select="@*|node()" mode="M561"/>
</xsl:template>
- <!--PATTERN fap53stegeneric_read-->
+ <!--PATTERN fileobjfilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_read"
- priority="4000"
- mode="M562">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_object/win-def:filename" priority="4000" mode="M562">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a file_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M562"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M562"/>
@@ -14269,21 +15517,21 @@
<xsl:apply-templates select="@*|node()" mode="M562"/>
</xsl:template>
- <!--PATTERN fap53stegeneric_write-->
+ <!--PATTERN filestepath-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_write"
- priority="4000"
- mode="M563">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:path" priority="4000" mode="M563">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M563"/>
@@ -14293,23 +15541,34 @@
<xsl:apply-templates select="@*|node()" mode="M563"/>
</xsl:template>
- <!--PATTERN fap53stegeneric_execute-->
+ <!--PATTERN filestefilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_execute"
- priority="4000"
- mode="M564">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:filename" priority="4000" mode="M564">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M564"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M564"/>
@@ -14317,21 +15576,21 @@
<xsl:apply-templates select="@*|node()" mode="M564"/>
</xsl:template>
- <!--PATTERN fap53stegeneric_all-->
+ <!--PATTERN filesteowner-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_all"
- priority="4000"
- mode="M565">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:owner" priority="4000" mode="M565">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the owner entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M565"/>
@@ -14341,21 +15600,21 @@
<xsl:apply-templates select="@*|node()" mode="M565"/>
</xsl:template>
- <!--PATTERN fap53stefile_read_data-->
+ <!--PATTERN filestesize-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_data"
- priority="4000"
- mode="M566">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:size" priority="4000" mode="M566">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the size entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M566"/>
@@ -14365,21 +15624,21 @@
<xsl:apply-templates select="@*|node()" mode="M566"/>
</xsl:template>
- <!--PATTERN fap53stefile_write_data-->
+ <!--PATTERN filestea_time-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_data"
- priority="4000"
- mode="M567">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:a_time" priority="4000" mode="M567">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the a_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M567"/>
@@ -14389,21 +15648,21 @@
<xsl:apply-templates select="@*|node()" mode="M567"/>
</xsl:template>
- <!--PATTERN fap53stefile_append_data-->
+ <!--PATTERN filestec_time-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_append_data"
- priority="4000"
- mode="M568">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:c_time" priority="4000" mode="M568">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_append_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the c_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M568"/>
@@ -14413,21 +15672,21 @@
<xsl:apply-templates select="@*|node()" mode="M568"/>
</xsl:template>
- <!--PATTERN fap53stefile_read_ea-->
+ <!--PATTERN filestem_time-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_ea"
- priority="4000"
- mode="M569">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:m_time" priority="4000" mode="M569">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_ea entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the m_time entity of a file_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M569"/>
@@ -14437,21 +15696,21 @@
<xsl:apply-templates select="@*|node()" mode="M569"/>
</xsl:template>
- <!--PATTERN fap53stefile_write_ea-->
+ <!--PATTERN filestems_checksum-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_ea"
- priority="4000"
- mode="M570">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:ms_checksum" priority="4000" mode="M570">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_ea entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ms_checksum entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M570"/>
@@ -14461,21 +15720,21 @@
<xsl:apply-templates select="@*|node()" mode="M570"/>
</xsl:template>
- <!--PATTERN fap53stefile_execute-->
+ <!--PATTERN filesteversion-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_execute"
- priority="4000"
- mode="M571">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:version" priority="4000" mode="M571">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_execute entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the version entity of a file_state should be 'version'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M571"/>
@@ -14485,21 +15744,21 @@
<xsl:apply-templates select="@*|node()" mode="M571"/>
</xsl:template>
- <!--PATTERN fap53stefile_delete_child-->
+ <!--PATTERN filestetype-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_delete_child"
- priority="4000"
- mode="M572">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:type" priority="4000" mode="M572">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_delete_child entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M572"/>
@@ -14509,21 +15768,21 @@
<xsl:apply-templates select="@*|node()" mode="M572"/>
</xsl:template>
- <!--PATTERN fap53stefile_read_attributes-->
+ <!--PATTERN filestedevelopment_class-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_attributes"
- priority="4000"
- mode="M573">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:development_class" priority="4000" mode="M573">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the development_class entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M573"/>
@@ -14533,21 +15792,21 @@
<xsl:apply-templates select="@*|node()" mode="M573"/>
</xsl:template>
- <!--PATTERN fap53stefile_write_attributes-->
+ <!--PATTERN filestecompany-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_attributes"
- priority="4000"
- mode="M574">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:company" priority="4000" mode="M574">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the company entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M574"/>
@@ -14557,36 +15816,21 @@
<xsl:apply-templates select="@*|node()" mode="M574"/>
</xsl:template>
- <!--PATTERN faptst-->
+ <!--PATTERN filesteinternalname-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_test/win-def:object" priority="4000"
- mode="M575">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileauditedpermissions_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a fileauditedpermissions_test must reference a fileauditedpermissions_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M575"/>
- </xsl:template>
+ <xsl:template match="win-def:file_state/win-def:internal_name" priority="4000" mode="M575">
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_test/win-def:state" priority="3999"
- mode="M575">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileauditedpermissions_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a fileauditedpermissions_test must reference a fileauditedpermissions_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the internal_name entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M575"/>
@@ -14596,20 +15840,21 @@
<xsl:apply-templates select="@*|node()" mode="M575"/>
</xsl:template>
- <!--PATTERN fapobjpath-->
+ <!--PATTERN filestelanguage-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_object/win-def:path" priority="4000"
- mode="M576">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:language" priority="4000" mode="M576">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the language entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M576"/>
@@ -14619,32 +15864,23 @@
<xsl:apply-templates select="@*|node()" mode="M576"/>
</xsl:template>
- <!--PATTERN fapobjfilename-->
+ <!--PATTERN filesteoriginalfilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_object/win-def:filename" priority="4000"
- mode="M577">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:original_filename" priority="4000" mode="M577">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the original_filename entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M577"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M577"/>
@@ -14652,21 +15888,21 @@
<xsl:apply-templates select="@*|node()" mode="M577"/>
</xsl:template>
- <!--PATTERN fapobjtrustee_name-->
+ <!--PATTERN filesteproductname-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_object/win-def:trustee_name"
- priority="4000"
- mode="M578">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:file_state/win-def:product_name" priority="4000" mode="M578">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the product_name entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M578"/>
@@ -14676,20 +15912,21 @@
<xsl:apply-templates select="@*|node()" mode="M578"/>
</xsl:template>
- <!--PATTERN fapstepath-->
+ <!--PATTERN filesteproductversion-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:path" priority="4000"
- mode="M579">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:file_state/win-def:product_version" priority="4000" mode="M579">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='version'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the product_version entity of a file_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M579"/>
@@ -14699,30 +15936,38 @@
<xsl:apply-templates select="@*|node()" mode="M579"/>
</xsl:template>
- <!--PATTERN fapstefilename-->
+ <!--PATTERN fap53tst-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:filename" priority="4000"
- mode="M580">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileauditedpermissions53_test/win-def:object" priority="4000" mode="M580">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileauditedpermissions53_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fileauditedpermissions53_test must reference a fileauditedpermissions53_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M580"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
+ <!--RULE -->
+
+ <xsl:template match="win-def:fileauditedpermissions53_test/win-def:state" priority="3999" mode="M580">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileauditedpermissions53_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fileauditedpermissions53_test must reference a fileauditedpermissions53_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M580"/>
@@ -14732,21 +15977,21 @@
<xsl:apply-templates select="@*|node()" mode="M580"/>
</xsl:template>
- <!--PATTERN fapstetrustee_name-->
+ <!--PATTERN fap53objpath-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:trustee_name"
- priority="4000"
- mode="M581">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_object/win-def:path" priority="4000" mode="M581">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M581"/>
@@ -14756,23 +16001,34 @@
<xsl:apply-templates select="@*|node()" mode="M581"/>
</xsl:template>
- <!--PATTERN fapstestandard_delete-->
+ <!--PATTERN fap53objfilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_delete"
- priority="4000"
- mode="M582">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_object/win-def:filename" priority="4000" mode="M582">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M582"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M582"/>
@@ -14780,21 +16036,21 @@
<xsl:apply-templates select="@*|node()" mode="M582"/>
</xsl:template>
- <!--PATTERN fapstestandard_read_control-->
+ <!--PATTERN fap53objtrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_read_control"
- priority="4000"
- mode="M583">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_object/win-def:trustee_sid" priority="4000" mode="M583">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a fileauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M583"/>
@@ -14804,21 +16060,21 @@
<xsl:apply-templates select="@*|node()" mode="M583"/>
</xsl:template>
- <!--PATTERN fapstestandard_write_dac-->
+ <!--PATTERN fap53stepath-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_write_dac"
- priority="4000"
- mode="M584">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:path" priority="4000" mode="M584">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M584"/>
@@ -14828,23 +16084,34 @@
<xsl:apply-templates select="@*|node()" mode="M584"/>
</xsl:template>
- <!--PATTERN fapstestandard_write_owner-->
+ <!--PATTERN fap53stefilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_write_owner"
- priority="4000"
- mode="M585">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:filename" priority="4000" mode="M585">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M585"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M585"/>
@@ -14852,21 +16119,21 @@
<xsl:apply-templates select="@*|node()" mode="M585"/>
</xsl:template>
- <!--PATTERN fapstestandard_synchronize-->
+ <!--PATTERN fap53stetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_synchronize"
- priority="4000"
- mode="M586">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:trustee_sid" priority="4000" mode="M586">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M586"/>
@@ -14876,21 +16143,21 @@
<xsl:apply-templates select="@*|node()" mode="M586"/>
</xsl:template>
- <!--PATTERN fapsteaccess_system_security-->
+ <!--PATTERN fap53stestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:access_system_security"
- priority="4000"
- mode="M587">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_delete" priority="4000" mode="M587">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M587"/>
@@ -14900,21 +16167,21 @@
<xsl:apply-templates select="@*|node()" mode="M587"/>
</xsl:template>
- <!--PATTERN fapstegeneric_read-->
+ <!--PATTERN fap53stestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_read"
- priority="4000"
- mode="M588">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_read_control" priority="4000" mode="M588">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M588"/>
@@ -14924,21 +16191,21 @@
<xsl:apply-templates select="@*|node()" mode="M588"/>
</xsl:template>
- <!--PATTERN fapstegeneric_write-->
+ <!--PATTERN fap53stestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_write"
- priority="4000"
- mode="M589">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_write_dac" priority="4000" mode="M589">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M589"/>
@@ -14948,21 +16215,21 @@
<xsl:apply-templates select="@*|node()" mode="M589"/>
</xsl:template>
- <!--PATTERN fapstegeneric_execute-->
+ <!--PATTERN fap53stestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_execute"
- priority="4000"
- mode="M590">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_write_owner" priority="4000" mode="M590">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M590"/>
@@ -14972,21 +16239,21 @@
<xsl:apply-templates select="@*|node()" mode="M590"/>
</xsl:template>
- <!--PATTERN fapstegeneric_all-->
+ <!--PATTERN fap53stestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_all"
- priority="4000"
- mode="M591">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:standard_synchronize" priority="4000" mode="M591">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M591"/>
@@ -14996,21 +16263,21 @@
<xsl:apply-templates select="@*|node()" mode="M591"/>
</xsl:template>
- <!--PATTERN fapstefile_read_data-->
+ <!--PATTERN fap53steaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_data"
- priority="4000"
- mode="M592">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:access_system_security" priority="4000" mode="M592">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M592"/>
@@ -15020,21 +16287,21 @@
<xsl:apply-templates select="@*|node()" mode="M592"/>
</xsl:template>
- <!--PATTERN fapstefile_write_data-->
+ <!--PATTERN fap53stegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_data"
- priority="4000"
- mode="M593">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_read" priority="4000" mode="M593">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M593"/>
@@ -15044,21 +16311,21 @@
<xsl:apply-templates select="@*|node()" mode="M593"/>
</xsl:template>
- <!--PATTERN fapstefile_append_data-->
+ <!--PATTERN fap53stegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_append_data"
- priority="4000"
- mode="M594">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_write" priority="4000" mode="M594">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_append_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M594"/>
@@ -15068,21 +16335,21 @@
<xsl:apply-templates select="@*|node()" mode="M594"/>
</xsl:template>
- <!--PATTERN fapstefile_read_ea-->
+ <!--PATTERN fap53stegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_ea"
- priority="4000"
- mode="M595">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_execute" priority="4000" mode="M595">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_ea entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M595"/>
@@ -15092,21 +16359,21 @@
<xsl:apply-templates select="@*|node()" mode="M595"/>
</xsl:template>
- <!--PATTERN fapstefile_write_ea-->
+ <!--PATTERN fap53stegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_ea"
- priority="4000"
- mode="M596">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:generic_all" priority="4000" mode="M596">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_ea entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M596"/>
@@ -15116,21 +16383,21 @@
<xsl:apply-templates select="@*|node()" mode="M596"/>
</xsl:template>
- <!--PATTERN fapstefile_execute-->
+ <!--PATTERN fap53stefile_read_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_execute"
- priority="4000"
- mode="M597">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_data" priority="4000" mode="M597">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_execute entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M597"/>
@@ -15140,21 +16407,21 @@
<xsl:apply-templates select="@*|node()" mode="M597"/>
</xsl:template>
- <!--PATTERN fapstefile_delete_child-->
+ <!--PATTERN fap53stefile_write_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_delete_child"
- priority="4000"
- mode="M598">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_data" priority="4000" mode="M598">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_delete_child entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M598"/>
@@ -15164,21 +16431,21 @@
<xsl:apply-templates select="@*|node()" mode="M598"/>
</xsl:template>
- <!--PATTERN fapstefile_read_attributes-->
+ <!--PATTERN fap53stefile_append_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_attributes"
- priority="4000"
- mode="M599">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_append_data" priority="4000" mode="M599">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_append_data entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M599"/>
@@ -15188,21 +16455,21 @@
<xsl:apply-templates select="@*|node()" mode="M599"/>
</xsl:template>
- <!--PATTERN fapstefile_write_attributes-->
+ <!--PATTERN fap53stefile_read_ea-->
- <!--RULE -->
-<xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_attributes"
- priority="4000"
- mode="M600">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_ea" priority="4000" mode="M600">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_ea entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M600"/>
@@ -15212,36 +16479,21 @@
<xsl:apply-templates select="@*|node()" mode="M600"/>
</xsl:template>
- <!--PATTERN fer53tst-->
+ <!--PATTERN fap53stefile_write_ea-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_test/win-def:object" priority="4000"
- mode="M601">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileeffectiverights53_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a fileeffectiverights53_test must reference a fileeffectiverights53_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M601"/>
- </xsl:template>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_ea" priority="4000" mode="M601">
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_test/win-def:state" priority="3999"
- mode="M601">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileeffectiverights53_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a fileeffectiverights53_test must reference a fileeffectiverights53_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_ea entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M601"/>
@@ -15251,20 +16503,21 @@
<xsl:apply-templates select="@*|node()" mode="M601"/>
</xsl:template>
- <!--PATTERN fer53objpath-->
+ <!--PATTERN fap53stefile_execute-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_object/win-def:path" priority="4000"
- mode="M602">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_execute" priority="4000" mode="M602">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_execute entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M602"/>
@@ -15274,32 +16527,23 @@
<xsl:apply-templates select="@*|node()" mode="M602"/>
</xsl:template>
- <!--PATTERN fer53objfilename-->
+ <!--PATTERN fap53stefile_delete_child-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_object/win-def:filename" priority="4000"
- mode="M603">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_delete_child" priority="4000" mode="M603">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_delete_child entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M603"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M603"/>
@@ -15307,21 +16551,21 @@
<xsl:apply-templates select="@*|node()" mode="M603"/>
</xsl:template>
- <!--PATTERN fer53objtrustee_sid-->
+ <!--PATTERN fap53stefile_read_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_object/win-def:trustee_sid"
- priority="4000"
- mode="M604">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_read_attributes" priority="4000" mode="M604">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M604"/>
@@ -15331,20 +16575,21 @@
<xsl:apply-templates select="@*|node()" mode="M604"/>
</xsl:template>
- <!--PATTERN fer53stepath-->
+ <!--PATTERN fap53stefile_write_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:path" priority="4000"
- mode="M605">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions53_state/win-def:file_write_attributes" priority="4000" mode="M605">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M605"/>
@@ -15354,30 +16599,38 @@
<xsl:apply-templates select="@*|node()" mode="M605"/>
</xsl:template>
- <!--PATTERN fer53stefilename-->
+ <!--PATTERN faptst-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:filename" priority="4000"
- mode="M606">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileauditedpermissions_test/win-def:object" priority="4000" mode="M606">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileauditedpermissions_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fileauditedpermissions_test must reference a fileauditedpermissions_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M606"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
+ <!--RULE -->
+
+ <xsl:template match="win-def:fileauditedpermissions_test/win-def:state" priority="3999" mode="M606">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileauditedpermissions_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fileauditedpermissions_test must reference a fileauditedpermissions_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M606"/>
@@ -15387,20 +16640,21 @@
<xsl:apply-templates select="@*|node()" mode="M606"/>
</xsl:template>
- <!--PATTERN fer53stetrustee_sid-->
+ <!--PATTERN fapobjpath-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:trustee_sid" priority="4000"
- mode="M607">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions_object/win-def:path" priority="4000" mode="M607">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M607"/>
@@ -15410,23 +16664,34 @@
<xsl:apply-templates select="@*|node()" mode="M607"/>
</xsl:template>
- <!--PATTERN fer53stestandard_delete-->
+ <!--PATTERN fapobjfilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_delete"
- priority="4000"
- mode="M608">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_object/win-def:filename" priority="4000" mode="M608">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M608"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M608"/>
@@ -15434,21 +16699,21 @@
<xsl:apply-templates select="@*|node()" mode="M608"/>
</xsl:template>
- <!--PATTERN fer53stestandard_read_control-->
+ <!--PATTERN fapobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_read_control"
- priority="4000"
- mode="M609">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_object/win-def:trustee_name" priority="4000" mode="M609">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M609"/>
@@ -15458,21 +16723,21 @@
<xsl:apply-templates select="@*|node()" mode="M609"/>
</xsl:template>
- <!--PATTERN fer53stestandard_write_dac-->
+ <!--PATTERN fapstepath-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_write_dac"
- priority="4000"
- mode="M610">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:path" priority="4000" mode="M610">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M610"/>
@@ -15482,23 +16747,34 @@
<xsl:apply-templates select="@*|node()" mode="M610"/>
</xsl:template>
- <!--PATTERN fer53stestandard_write_owner-->
+ <!--PATTERN fapstefilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_write_owner"
- priority="4000"
- mode="M611">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:filename" priority="4000" mode="M611">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M611"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M611"/>
@@ -15506,21 +16782,21 @@
<xsl:apply-templates select="@*|node()" mode="M611"/>
</xsl:template>
- <!--PATTERN fer53stestandard_synchronize-->
+ <!--PATTERN fapstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_synchronize"
- priority="4000"
- mode="M612">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:trustee_name" priority="4000" mode="M612">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M612"/>
@@ -15530,21 +16806,21 @@
<xsl:apply-templates select="@*|node()" mode="M612"/>
</xsl:template>
- <!--PATTERN fer53steaccess_system_security-->
+ <!--PATTERN fapstestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:access_system_security"
- priority="4000"
- mode="M613">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_delete" priority="4000" mode="M613">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M613"/>
@@ -15554,21 +16830,21 @@
<xsl:apply-templates select="@*|node()" mode="M613"/>
</xsl:template>
- <!--PATTERN fer53stegeneric_read-->
+ <!--PATTERN fapstestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_read"
- priority="4000"
- mode="M614">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_read_control" priority="4000" mode="M614">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M614"/>
@@ -15578,21 +16854,21 @@
<xsl:apply-templates select="@*|node()" mode="M614"/>
</xsl:template>
- <!--PATTERN fer53stegeneric_write-->
+ <!--PATTERN fapstestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_write"
- priority="4000"
- mode="M615">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_write_dac" priority="4000" mode="M615">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M615"/>
@@ -15602,21 +16878,21 @@
<xsl:apply-templates select="@*|node()" mode="M615"/>
</xsl:template>
- <!--PATTERN fer53stegeneric_execute-->
+ <!--PATTERN fapstestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_execute"
- priority="4000"
- mode="M616">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_write_owner" priority="4000" mode="M616">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M616"/>
@@ -15626,20 +16902,21 @@
<xsl:apply-templates select="@*|node()" mode="M616"/>
</xsl:template>
- <!--PATTERN fer53stegeneric_all-->
+ <!--PATTERN fapstestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_all" priority="4000"
- mode="M617">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:standard_synchronize" priority="4000" mode="M617">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M617"/>
@@ -15649,21 +16926,21 @@
<xsl:apply-templates select="@*|node()" mode="M617"/>
</xsl:template>
- <!--PATTERN fer53stefile_read_data-->
+ <!--PATTERN fapsteaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_data"
- priority="4000"
- mode="M618">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:access_system_security" priority="4000" mode="M618">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M618"/>
@@ -15673,21 +16950,21 @@
<xsl:apply-templates select="@*|node()" mode="M618"/>
</xsl:template>
- <!--PATTERN fer53stefile_write_data-->
+ <!--PATTERN fapstegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_data"
- priority="4000"
- mode="M619">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_read" priority="4000" mode="M619">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M619"/>
@@ -15697,21 +16974,21 @@
<xsl:apply-templates select="@*|node()" mode="M619"/>
</xsl:template>
- <!--PATTERN fer53stefile_append_data-->
+ <!--PATTERN fapstegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_append_data"
- priority="4000"
- mode="M620">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_write" priority="4000" mode="M620">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_append_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M620"/>
@@ -15721,21 +16998,21 @@
<xsl:apply-templates select="@*|node()" mode="M620"/>
</xsl:template>
- <!--PATTERN fer53stefile_read_ea-->
+ <!--PATTERN fapstegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_ea"
- priority="4000"
- mode="M621">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_execute" priority="4000" mode="M621">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_ea entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M621"/>
@@ -15745,21 +17022,21 @@
<xsl:apply-templates select="@*|node()" mode="M621"/>
</xsl:template>
- <!--PATTERN fer53stefile_write_ea-->
+ <!--PATTERN fapstegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_ea"
- priority="4000"
- mode="M622">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:generic_all" priority="4000" mode="M622">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_ea entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M622"/>
@@ -15769,21 +17046,21 @@
<xsl:apply-templates select="@*|node()" mode="M622"/>
</xsl:template>
- <!--PATTERN fer53stefile_execute-->
+ <!--PATTERN fapstefile_read_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_execute"
- priority="4000"
- mode="M623">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_data" priority="4000" mode="M623">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_execute entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M623"/>
@@ -15793,21 +17070,21 @@
<xsl:apply-templates select="@*|node()" mode="M623"/>
</xsl:template>
- <!--PATTERN fer53stefile_delete_child-->
+ <!--PATTERN fapstefile_write_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_delete_child"
- priority="4000"
- mode="M624">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_data" priority="4000" mode="M624">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_delete_child entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M624"/>
@@ -15817,21 +17094,21 @@
<xsl:apply-templates select="@*|node()" mode="M624"/>
</xsl:template>
- <!--PATTERN fer53stefile_read_attributes-->
+ <!--PATTERN fapstefile_append_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_attributes"
- priority="4000"
- mode="M625">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_append_data" priority="4000" mode="M625">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_append_data entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M625"/>
@@ -15841,21 +17118,21 @@
<xsl:apply-templates select="@*|node()" mode="M625"/>
</xsl:template>
- <!--PATTERN fer53stefile_write_attributes-->
+ <!--PATTERN fapstefile_read_ea-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_attributes"
- priority="4000"
- mode="M626">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_ea" priority="4000" mode="M626">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_ea entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M626"/>
@@ -15865,36 +17142,21 @@
<xsl:apply-templates select="@*|node()" mode="M626"/>
</xsl:template>
- <!--PATTERN fertst-->
+ <!--PATTERN fapstefile_write_ea-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_test/win-def:object" priority="4000"
- mode="M627">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileeffectiverights_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a fileeffectiverights_test must reference a fileeffectiverights_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M627"/>
- </xsl:template>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_ea" priority="4000" mode="M627">
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_test/win-def:state" priority="3999"
- mode="M627">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileeffectiverights_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a fileeffectiverights_test must reference a fileeffectiverights_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_ea entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M627"/>
@@ -15904,20 +17166,21 @@
<xsl:apply-templates select="@*|node()" mode="M627"/>
</xsl:template>
- <!--PATTERN fefobjpath-->
+ <!--PATTERN fapstefile_execute-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_object/win-def:path" priority="4000"
- mode="M628">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_execute" priority="4000" mode="M628">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_execute entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M628"/>
@@ -15927,32 +17190,23 @@
<xsl:apply-templates select="@*|node()" mode="M628"/>
</xsl:template>
- <!--PATTERN fefobjfilename-->
+ <!--PATTERN fapstefile_delete_child-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_object/win-def:filename" priority="4000"
- mode="M629">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_delete_child" priority="4000" mode="M629">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_delete_child entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M629"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M629"/>
@@ -15960,20 +17214,21 @@
<xsl:apply-templates select="@*|node()" mode="M629"/>
</xsl:template>
- <!--PATTERN fefobjtrustee_name-->
+ <!--PATTERN fapstefile_read_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_object/win-def:trustee_name" priority="4000"
- mode="M630">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_read_attributes" priority="4000" mode="M630">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M630"/>
@@ -15983,20 +17238,21 @@
<xsl:apply-templates select="@*|node()" mode="M630"/>
</xsl:template>
- <!--PATTERN ferstepath-->
+ <!--PATTERN fapstefile_write_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:path" priority="4000"
- mode="M631">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileauditedpermissions_state/win-def:file_write_attributes" priority="4000" mode="M631">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M631"/>
@@ -16006,30 +17262,38 @@
<xsl:apply-templates select="@*|node()" mode="M631"/>
</xsl:template>
- <!--PATTERN ferstefilename-->
+ <!--PATTERN fer53tst-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:filename" priority="4000"
- mode="M632">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights53_test/win-def:object" priority="4000" mode="M632">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileeffectiverights53_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fileeffectiverights53_test must reference a fileeffectiverights53_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M632"/>
+ </xsl:template>
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"/>
+ <!--RULE -->
+
+ <xsl:template match="win-def:fileeffectiverights53_test/win-def:state" priority="3999" mode="M632">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileeffectiverights53_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fileeffectiverights53_test must reference a fileeffectiverights53_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M632"/>
@@ -16039,20 +17303,21 @@
<xsl:apply-templates select="@*|node()" mode="M632"/>
</xsl:template>
- <!--PATTERN ferstetrustee_name-->
+ <!--PATTERN fer53objpath-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:trustee_name" priority="4000"
- mode="M633">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_object/win-def:path" priority="4000" mode="M633">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M633"/>
@@ -16062,23 +17327,34 @@
<xsl:apply-templates select="@*|node()" mode="M633"/>
</xsl:template>
- <!--PATTERN ferstestandard_delete-->
+ <!--PATTERN fer53objfilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:standard_delete"
- priority="4000"
- mode="M634">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileeffectiverights53_object/win-def:filename" priority="4000" mode="M634">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M634"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M634"/>
@@ -16086,21 +17362,21 @@
<xsl:apply-templates select="@*|node()" mode="M634"/>
</xsl:template>
- <!--PATTERN ferstestandard_read_control-->
+ <!--PATTERN fer53objtrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:standard_read_control"
- priority="4000"
- mode="M635">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileeffectiverights53_object/win-def:trustee_sid" priority="4000" mode="M635">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a fileeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M635"/>
@@ -16110,21 +17386,21 @@
<xsl:apply-templates select="@*|node()" mode="M635"/>
</xsl:template>
- <!--PATTERN ferstestandard_write_dac-->
+ <!--PATTERN fer53stepath-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:standard_write_dac"
- priority="4000"
- mode="M636">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:path" priority="4000" mode="M636">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M636"/>
@@ -16134,23 +17410,34 @@
<xsl:apply-templates select="@*|node()" mode="M636"/>
</xsl:template>
- <!--PATTERN ferstestandard_write_owner-->
+ <!--PATTERN fer53stefilename-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:standard_write_owner"
- priority="4000"
- mode="M637">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:filename" priority="4000" mode="M637">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M637"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M637"/>
@@ -16158,21 +17445,21 @@
<xsl:apply-templates select="@*|node()" mode="M637"/>
</xsl:template>
- <!--PATTERN ferstestandard_synchronize-->
+ <!--PATTERN fer53stetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:standard_synchronize"
- priority="4000"
- mode="M638">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:trustee_sid" priority="4000" mode="M638">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a fileeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M638"/>
@@ -16182,21 +17469,21 @@
<xsl:apply-templates select="@*|node()" mode="M638"/>
</xsl:template>
- <!--PATTERN fersteaccess_system_security-->
+ <!--PATTERN fer53stestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:access_system_security"
- priority="4000"
- mode="M639">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_delete" priority="4000" mode="M639">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M639"/>
@@ -16206,20 +17493,21 @@
<xsl:apply-templates select="@*|node()" mode="M639"/>
</xsl:template>
- <!--PATTERN ferstegeneric_read-->
+ <!--PATTERN fer53stestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:generic_read" priority="4000"
- mode="M640">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_read_control" priority="4000" mode="M640">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M640"/>
@@ -16229,20 +17517,21 @@
<xsl:apply-templates select="@*|node()" mode="M640"/>
</xsl:template>
- <!--PATTERN ferstegeneric_write-->
+ <!--PATTERN fer53stestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:generic_write" priority="4000"
- mode="M641">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_write_dac" priority="4000" mode="M641">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M641"/>
@@ -16252,21 +17541,21 @@
<xsl:apply-templates select="@*|node()" mode="M641"/>
</xsl:template>
- <!--PATTERN ferstegeneric_execute-->
+ <!--PATTERN fer53stestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:generic_execute"
- priority="4000"
- mode="M642">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_write_owner" priority="4000" mode="M642">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M642"/>
@@ -16276,20 +17565,21 @@
<xsl:apply-templates select="@*|node()" mode="M642"/>
</xsl:template>
- <!--PATTERN ferstegeneric_all-->
+ <!--PATTERN fer53stestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:generic_all" priority="4000"
- mode="M643">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:standard_synchronize" priority="4000" mode="M643">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M643"/>
@@ -16299,21 +17589,21 @@
<xsl:apply-templates select="@*|node()" mode="M643"/>
</xsl:template>
- <!--PATTERN ferstefile_read_data-->
+ <!--PATTERN fer53steaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_data"
- priority="4000"
- mode="M644">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:access_system_security" priority="4000" mode="M644">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M644"/>
@@ -16323,21 +17613,21 @@
<xsl:apply-templates select="@*|node()" mode="M644"/>
</xsl:template>
- <!--PATTERN ferstefile_write_data-->
+ <!--PATTERN fer53stegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_data"
- priority="4000"
- mode="M645">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_read" priority="4000" mode="M645">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M645"/>
@@ -16347,21 +17637,21 @@
<xsl:apply-templates select="@*|node()" mode="M645"/>
</xsl:template>
- <!--PATTERN ferstefile_append_data-->
+ <!--PATTERN fer53stegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_append_data"
- priority="4000"
- mode="M646">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_write" priority="4000" mode="M646">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_append_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M646"/>
@@ -16371,20 +17661,21 @@
<xsl:apply-templates select="@*|node()" mode="M646"/>
</xsl:template>
- <!--PATTERN ferstefile_read_ea-->
+ <!--PATTERN fer53stegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_ea" priority="4000"
- mode="M647">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_execute" priority="4000" mode="M647">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_ea entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M647"/>
@@ -16394,20 +17685,21 @@
<xsl:apply-templates select="@*|node()" mode="M647"/>
</xsl:template>
- <!--PATTERN ferstefile_write_ea-->
+ <!--PATTERN fer53stegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_ea" priority="4000"
- mode="M648">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:generic_all" priority="4000" mode="M648">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_ea entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M648"/>
@@ -16417,20 +17709,21 @@
<xsl:apply-templates select="@*|node()" mode="M648"/>
</xsl:template>
- <!--PATTERN ferstefile_execute-->
+ <!--PATTERN fer53stefile_read_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_execute" priority="4000"
- mode="M649">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_data" priority="4000" mode="M649">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_execute entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M649"/>
@@ -16440,21 +17733,21 @@
<xsl:apply-templates select="@*|node()" mode="M649"/>
</xsl:template>
- <!--PATTERN ferstefile_delete_child-->
+ <!--PATTERN fer53stefile_write_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_delete_child"
- priority="4000"
- mode="M650">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_data" priority="4000" mode="M650">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_delete_child entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M650"/>
@@ -16464,21 +17757,21 @@
<xsl:apply-templates select="@*|node()" mode="M650"/>
</xsl:template>
- <!--PATTERN ferstefile_read_attributes-->
+ <!--PATTERN fer53stefile_append_data-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_attributes"
- priority="4000"
- mode="M651">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_append_data" priority="4000" mode="M651">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_append_data entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M651"/>
@@ -16488,21 +17781,21 @@
<xsl:apply-templates select="@*|node()" mode="M651"/>
</xsl:template>
- <!--PATTERN ferstefile_write_attributes-->
+ <!--PATTERN fer53stefile_read_ea-->
- <!--RULE -->
-<xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_attributes"
- priority="4000"
- mode="M652">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_ea" priority="4000" mode="M652">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_ea entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M652"/>
@@ -16512,34 +17805,21 @@
<xsl:apply-templates select="@*|node()" mode="M652"/>
</xsl:template>
- <!--PATTERN grouptst-->
+ <!--PATTERN fer53stefile_write_ea-->
- <!--RULE -->
-<xsl:template match="win-def:group_test/win-def:object" priority="4000" mode="M653">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:group_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a group_test must reference a group_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M653"/>
- </xsl:template>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_ea" priority="4000" mode="M653">
- <!--RULE -->
-<xsl:template match="win-def:group_test/win-def:state" priority="3999" mode="M653">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:group_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a group_test must reference a group_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_ea entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M653"/>
@@ -16549,19 +17829,21 @@
<xsl:apply-templates select="@*|node()" mode="M653"/>
</xsl:template>
- <!--PATTERN groupobjgroup-->
+ <!--PATTERN fer53stefile_execute-->
- <!--RULE -->
-<xsl:template match="win-def:group_object/win-def:group" priority="4000" mode="M654">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_execute" priority="4000" mode="M654">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group entity of a group_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_execute entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M654"/>
@@ -16571,19 +17853,21 @@
<xsl:apply-templates select="@*|node()" mode="M654"/>
</xsl:template>
- <!--PATTERN groupstegroup-->
+ <!--PATTERN fer53stefile_delete_child-->
- <!--RULE -->
-<xsl:template match="win-def:group_state/win-def:group" priority="4000" mode="M655">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_delete_child" priority="4000" mode="M655">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group entity of a group_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_delete_child entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M655"/>
@@ -16593,19 +17877,21 @@
<xsl:apply-templates select="@*|node()" mode="M655"/>
</xsl:template>
- <!--PATTERN groupsteuser-->
+ <!--PATTERN fer53stefile_read_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:group_state/win-def:user" priority="4000" mode="M656">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_read_attributes" priority="4000" mode="M656">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user entity of a group_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M656"/>
@@ -16615,56 +17901,62 @@
<xsl:apply-templates select="@*|node()" mode="M656"/>
</xsl:template>
- <!--PATTERN groupsidtst-->
+ <!--PATTERN fer53stefile_write_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:group_sid_test/win-def:object" priority="4000" mode="M657">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:group_sid_object/@id"/>
+ <xsl:template match="win-def:fileeffectiverights53_state/win-def:file_write_attributes" priority="4000" mode="M657">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a group_sid_test must reference a group_sid_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M657"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M657"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M657">
+ <xsl:apply-templates select="@*|node()" mode="M657"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="win-def:group_sid_test/win-def:state" priority="3999" mode="M657">
+ <!--PATTERN fertst-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:group_sid_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:fileeffectiverights_test/win-def:object" priority="4000" mode="M658">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:fileeffectiverights_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a group_sid_test must reference a group_sid_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a fileeffectiverights_test must reference a fileeffectiverights_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M657"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M658"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M657"/>
- <xsl:template match="@*|node()" priority="-2" mode="M657">
- <xsl:apply-templates select="@*|node()" mode="M657"/>
- </xsl:template>
- <!--PATTERN groupsidobjgroup-->
+ <!--RULE -->
+ <xsl:template match="win-def:fileeffectiverights_test/win-def:state" priority="3999" mode="M658">
- <!--RULE -->
-<xsl:template match="win-def:group_sid_object/win-def:group_sid" priority="4000" mode="M658">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:fileeffectiverights_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group_sid entity of a group_sid_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a fileeffectiverights_test must reference a fileeffectiverights_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M658"/>
@@ -16674,19 +17966,21 @@
<xsl:apply-templates select="@*|node()" mode="M658"/>
</xsl:template>
- <!--PATTERN groupsidstegroup-->
+ <!--PATTERN fefobjpath-->
- <!--RULE -->
-<xsl:template match="win-def:group_sid_state/win-def:group_sid" priority="4000" mode="M659">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights_object/win-def:path" priority="4000" mode="M659">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group_sid entity of a group_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M659"/>
@@ -16696,21 +17990,34 @@
<xsl:apply-templates select="@*|node()" mode="M659"/>
</xsl:template>
- <!--PATTERN groupsidsteuser-->
+ <!--PATTERN fefobjfilename-->
- <!--RULE -->
-<xsl:template match="win-def:group_sid_state/win-def:user_sid" priority="4000" mode="M660">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights_object/win-def:filename" priority="4000" mode="M660">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_sid entity of a group_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M660"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M660"/>
@@ -16718,34 +18025,21 @@
<xsl:apply-templates select="@*|node()" mode="M660"/>
</xsl:template>
- <!--PATTERN wininterfacetst-->
+ <!--PATTERN fefobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:interface_test/win-def:object" priority="4000" mode="M661">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:interface_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of an interface_test must reference an interface_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M661"/>
- </xsl:template>
+ <xsl:template match="win-def:fileeffectiverights_object/win-def:trustee_name" priority="4000" mode="M661">
- <!--RULE -->
-<xsl:template match="win-def:interface_test/win-def:state" priority="3999" mode="M661">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:interface_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of an interface_test must reference an interface_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a fileeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M661"/>
@@ -16755,19 +18049,21 @@
<xsl:apply-templates select="@*|node()" mode="M661"/>
</xsl:template>
- <!--PATTERN wininterfaceobjname-->
+ <!--PATTERN ferstepath-->
- <!--RULE -->
-<xsl:template match="win-def:interface_object/win-def:name" priority="4000" mode="M662">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:path" priority="4000" mode="M662">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a interface_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the path entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M662"/>
@@ -16777,21 +18073,34 @@
<xsl:apply-templates select="@*|node()" mode="M662"/>
</xsl:template>
- <!--PATTERN wininterfacestename-->
+ <!--PATTERN ferstefilename-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:name" priority="4000" mode="M663">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:filename" priority="4000" mode="M663">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the filename entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - filename entity can not contain the characters / \ : * ? > | <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M663"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M663"/>
@@ -16799,19 +18108,21 @@
<xsl:apply-templates select="@*|node()" mode="M663"/>
</xsl:template>
- <!--PATTERN wininterfacesteindex-->
+ <!--PATTERN ferstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:index" priority="4000" mode="M664">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:trustee_name" priority="4000" mode="M664">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the index entity of an interface_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a fileeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M664"/>
@@ -16821,19 +18132,21 @@
<xsl:apply-templates select="@*|node()" mode="M664"/>
</xsl:template>
- <!--PATTERN wininterfacestetype-->
+ <!--PATTERN ferstestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:type" priority="4000" mode="M665">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:standard_delete" priority="4000" mode="M665">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M665"/>
@@ -16843,20 +18156,21 @@
<xsl:apply-templates select="@*|node()" mode="M665"/>
</xsl:template>
- <!--PATTERN wininterfacestehardware_addr-->
+ <!--PATTERN ferstestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:hardware_addr" priority="4000"
- mode="M666">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:standard_read_control" priority="4000" mode="M666">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hardware_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M666"/>
@@ -16866,19 +18180,21 @@
<xsl:apply-templates select="@*|node()" mode="M666"/>
</xsl:template>
- <!--PATTERN wininterfacesteinet_addr-->
+ <!--PATTERN ferstestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:inet_addr" priority="4000" mode="M667">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:standard_write_dac" priority="4000" mode="M667">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the inet_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M667"/>
@@ -16888,20 +18204,21 @@
<xsl:apply-templates select="@*|node()" mode="M667"/>
</xsl:template>
- <!--PATTERN wininterfacestebroadcast_addr-->
+ <!--PATTERN ferstestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:broadcast_addr" priority="4000"
- mode="M668">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:standard_write_owner" priority="4000" mode="M668">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the broadcast_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M668"/>
@@ -16911,19 +18228,21 @@
<xsl:apply-templates select="@*|node()" mode="M668"/>
</xsl:template>
- <!--PATTERN wininterfacestenetmask-->
+ <!--PATTERN ferstestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:netmask" priority="4000" mode="M669">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:standard_synchronize" priority="4000" mode="M669">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the netmask entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M669"/>
@@ -16933,19 +18252,21 @@
<xsl:apply-templates select="@*|node()" mode="M669"/>
</xsl:template>
- <!--PATTERN wininterfacesteaddr_type-->
+ <!--PATTERN fersteaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:interface_state/win-def:addr_type" priority="4000" mode="M670">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:access_system_security" priority="4000" mode="M670">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the addr_type entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M670"/>
@@ -16955,34 +18276,21 @@
<xsl:apply-templates select="@*|node()" mode="M670"/>
</xsl:template>
- <!--PATTERN lptst-->
+ <!--PATTERN ferstegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_test/win-def:object" priority="4000" mode="M671">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:lockoutpolicy_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a lockoutpolicy_test must reference a lockoutpolicy_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M671"/>
- </xsl:template>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:generic_read" priority="4000" mode="M671">
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_test/win-def:state" priority="3999" mode="M671">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:lockoutpolicy_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a lockoutpolicy_test must reference a lockoutpolicy_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M671"/>
@@ -16992,20 +18300,21 @@
<xsl:apply-templates select="@*|node()" mode="M671"/>
</xsl:template>
- <!--PATTERN lpsteforce_logoff-->
+ <!--PATTERN ferstegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_state/win-def:force_logoff" priority="4000"
- mode="M672">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:generic_write" priority="4000" mode="M672">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the force_logoff entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M672"/>
@@ -17015,20 +18324,21 @@
<xsl:apply-templates select="@*|node()" mode="M672"/>
</xsl:template>
- <!--PATTERN lpstelockout_duration-->
+ <!--PATTERN ferstegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_duration" priority="4000"
- mode="M673">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:generic_execute" priority="4000" mode="M673">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the lockout_duration entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M673"/>
@@ -17038,21 +18348,21 @@
<xsl:apply-templates select="@*|node()" mode="M673"/>
</xsl:template>
- <!--PATTERN lpstelockout_observation_window-->
+ <!--PATTERN ferstegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_observation_window"
- priority="4000"
- mode="M674">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:generic_all" priority="4000" mode="M674">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the lockout_observation_window entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M674"/>
@@ -17062,20 +18372,21 @@
<xsl:apply-templates select="@*|node()" mode="M674"/>
</xsl:template>
- <!--PATTERN lpstelockout_threshold-->
+ <!--PATTERN ferstefile_read_data-->
- <!--RULE -->
-<xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_threshold" priority="4000"
- mode="M675">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_data" priority="4000" mode="M675">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the lockout_threshold entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M675"/>
@@ -17085,34 +18396,21 @@
<xsl:apply-templates select="@*|node()" mode="M675"/>
</xsl:template>
- <!--PATTERN metabasetst-->
+ <!--PATTERN ferstefile_write_data-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_test/win-def:object" priority="4000" mode="M676">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:metabase_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a metabase_test must reference a metabase_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M676"/>
- </xsl:template>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_data" priority="4000" mode="M676">
- <!--RULE -->
-<xsl:template match="win-def:metabase_test/win-def:state" priority="3999" mode="M676">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:metabase_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a metabase_test must reference a metabase_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M676"/>
@@ -17122,19 +18420,21 @@
<xsl:apply-templates select="@*|node()" mode="M676"/>
</xsl:template>
- <!--PATTERN metabaseobjkey-->
+ <!--PATTERN ferstefile_append_data-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_object/win-def:key" priority="4000" mode="M677">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_append_data" priority="4000" mode="M677">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a metabase_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_append_data entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M677"/>
@@ -17144,19 +18444,21 @@
<xsl:apply-templates select="@*|node()" mode="M677"/>
</xsl:template>
- <!--PATTERN metabaseobjid-->
+ <!--PATTERN ferstefile_read_ea-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_object/win-def:id" priority="4000" mode="M678">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_ea" priority="4000" mode="M678">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the id entity of a metabase_object should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_ea entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M678"/>
@@ -17166,19 +18468,21 @@
<xsl:apply-templates select="@*|node()" mode="M678"/>
</xsl:template>
- <!--PATTERN metabasestekey-->
+ <!--PATTERN ferstefile_write_ea-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:key" priority="4000" mode="M679">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_ea" priority="4000" mode="M679">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_ea entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M679"/>
@@ -17188,19 +18492,21 @@
<xsl:apply-templates select="@*|node()" mode="M679"/>
</xsl:template>
- <!--PATTERN metabasesteid-->
+ <!--PATTERN ferstefile_execute-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:id" priority="4000" mode="M680">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_execute" priority="4000" mode="M680">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the id entity of a metabase_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_execute entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M680"/>
@@ -17210,19 +18516,21 @@
<xsl:apply-templates select="@*|node()" mode="M680"/>
</xsl:template>
- <!--PATTERN metabasestename-->
+ <!--PATTERN ferstefile_delete_child-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:name" priority="4000" mode="M681">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_delete_child" priority="4000" mode="M681">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_delete_child entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M681"/>
@@ -17232,19 +18540,21 @@
<xsl:apply-templates select="@*|node()" mode="M681"/>
</xsl:template>
- <!--PATTERN metabasesteuser_type-->
+ <!--PATTERN ferstefile_read_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:user_type" priority="4000" mode="M682">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_read_attributes" priority="4000" mode="M682">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_type entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_read_attributes entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M682"/>
@@ -17254,19 +18564,21 @@
<xsl:apply-templates select="@*|node()" mode="M682"/>
</xsl:template>
- <!--PATTERN metabasestedata_type-->
+ <!--PATTERN ferstefile_write_attributes-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:data_type" priority="4000" mode="M683">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:fileeffectiverights_state/win-def:file_write_attributes" priority="4000" mode="M683">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the data_type entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the file_write_attributes entity of a fileeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M683"/>
@@ -17276,56 +18588,62 @@
<xsl:apply-templates select="@*|node()" mode="M683"/>
</xsl:template>
- <!--PATTERN metabasestedata-->
+ <!--PATTERN grouptst-->
- <!--RULE -->
-<xsl:template match="win-def:metabase_state/win-def:data" priority="4000" mode="M684">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="win-def:group_test/win-def:object" priority="4000" mode="M684">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:group_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a group_test must reference a group_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M684"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M684"/>
- <xsl:template match="@*|node()" priority="-2" mode="M684">
- <xsl:apply-templates select="@*|node()" mode="M684"/>
- </xsl:template>
- <!--PATTERN pptst-->
+ <!--RULE -->
+ <xsl:template match="win-def:group_test/win-def:state" priority="3999" mode="M684">
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_test/win-def:object" priority="4000" mode="M685">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:passwordpolicy_object/@id"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:group_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a passwordpolicy_test must reference a passwordpolicy_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a group_test must reference a group_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M685"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M684"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M684"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M684">
+ <xsl:apply-templates select="@*|node()" mode="M684"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_test/win-def:state" priority="3999" mode="M685">
+ <!--PATTERN groupobjgroup-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:passwordpolicy_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:group_object/win-def:group" priority="4000" mode="M685">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a passwordpolicy_test must reference a passwordpolicy_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group entity of a group_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M685"/>
@@ -17335,20 +18653,21 @@
<xsl:apply-templates select="@*|node()" mode="M685"/>
</xsl:template>
- <!--PATTERN ppstemax_passwd_age-->
+ <!--PATTERN groupstegroup-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:max_passwd_age" priority="4000"
- mode="M686">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:group_state/win-def:group" priority="4000" mode="M686">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the max_passwd_age entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group entity of a group_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M686"/>
@@ -17358,20 +18677,21 @@
<xsl:apply-templates select="@*|node()" mode="M686"/>
</xsl:template>
- <!--PATTERN ppstemin_passwd_age-->
+ <!--PATTERN groupsteuser-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:min_passwd_age" priority="4000"
- mode="M687">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:group_state/win-def:user" priority="4000" mode="M687">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the min_passwd_age entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user entity of a group_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M687"/>
@@ -17381,43 +18701,62 @@
<xsl:apply-templates select="@*|node()" mode="M687"/>
</xsl:template>
- <!--PATTERN ppstemin_passwd_len-->
+ <!--PATTERN groupsidtst-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:min_passwd_len" priority="4000"
- mode="M688">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:group_sid_test/win-def:object" priority="4000" mode="M688">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:group_sid_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the min_passwd_len entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a group_sid_test must reference a group_sid_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M688"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:group_sid_test/win-def:state" priority="3999" mode="M688">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:group_sid_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a group_sid_test must reference a group_sid_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M688"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M688"/>
<xsl:template match="@*|node()" priority="-2" mode="M688">
<xsl:apply-templates select="@*|node()" mode="M688"/>
</xsl:template>
- <!--PATTERN ppstepassword_hist_len-->
+ <!--PATTERN groupsidobjgroup-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:password_hist_len" priority="4000"
- mode="M689">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:group_sid_object/win-def:group_sid" priority="4000" mode="M689">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password_hist_len entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group_sid entity of a group_sid_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M689"/>
@@ -17427,21 +18766,21 @@
<xsl:apply-templates select="@*|node()" mode="M689"/>
</xsl:template>
- <!--PATTERN ppstepassword_complexity-->
+ <!--PATTERN groupsidstegroup-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:password_complexity"
- priority="4000"
- mode="M690">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:group_sid_state/win-def:group_sid" priority="4000" mode="M690">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the password_complexity entity of an passwordpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group_sid entity of a group_sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M690"/>
@@ -17451,21 +18790,21 @@
<xsl:apply-templates select="@*|node()" mode="M690"/>
</xsl:template>
- <!--PATTERN ppstereversible_encryption-->
+ <!--PATTERN groupsidsteuser-->
- <!--RULE -->
-<xsl:template match="win-def:passwordpolicy_state/win-def:reversible_encryption"
- priority="4000"
- mode="M691">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:group_sid_state/win-def:user_sid" priority="4000" mode="M691">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the reversible_encryption entity of an passwordpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_sid entity of a group_sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M691"/>
@@ -17475,34 +18814,38 @@
<xsl:apply-templates select="@*|node()" mode="M691"/>
</xsl:template>
- <!--PATTERN winporttst-->
+ <!--PATTERN wininterfacetst-->
- <!--RULE -->
-<xsl:template match="win-def:port_test/win-def:object" priority="4000" mode="M692">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:port_object/@id"/>
+ <xsl:template match="win-def:interface_test/win-def:object" priority="4000" mode="M692">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:interface_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a port_test must reference a port_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of an interface_test must reference an interface_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M692"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="win-def:port_test/win-def:state" priority="3999" mode="M692">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:port_state/@id"/>
+ <xsl:template match="win-def:interface_test/win-def:state" priority="3999" mode="M692">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:interface_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a port_test must reference a port_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of an interface_test must reference an interface_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M692"/>
@@ -17512,19 +18855,21 @@
<xsl:apply-templates select="@*|node()" mode="M692"/>
</xsl:template>
- <!--PATTERN winportobjlocal_address-->
+ <!--PATTERN wininterfaceobjname-->
- <!--RULE -->
-<xsl:template match="win-def:port_object/win-def:local_address" priority="4000" mode="M693">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:interface_object/win-def:name" priority="4000" mode="M693">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_address entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a interface_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M693"/>
@@ -17534,19 +18879,21 @@
<xsl:apply-templates select="@*|node()" mode="M693"/>
</xsl:template>
- <!--PATTERN winportobjlocal_port-->
+ <!--PATTERN wininterfacestename-->
- <!--RULE -->
-<xsl:template match="win-def:port_object/win-def:local_port" priority="4000" mode="M694">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:interface_state/win-def:name" priority="4000" mode="M694">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_port entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M694"/>
@@ -17556,19 +18903,21 @@
<xsl:apply-templates select="@*|node()" mode="M694"/>
</xsl:template>
- <!--PATTERN winportobjprotocol-->
+ <!--PATTERN wininterfacesteindex-->
- <!--RULE -->
-<xsl:template match="win-def:port_object/win-def:protocol" priority="4000" mode="M695">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:interface_state/win-def:index" priority="4000" mode="M695">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the index entity of an interface_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M695"/>
@@ -17578,19 +18927,21 @@
<xsl:apply-templates select="@*|node()" mode="M695"/>
</xsl:template>
- <!--PATTERN winportstelocal_address-->
+ <!--PATTERN wininterfacestetype-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:local_address" priority="4000" mode="M696">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:interface_state/win-def:type" priority="4000" mode="M696">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_address entity of a port_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M696"/>
@@ -17600,19 +18951,21 @@
<xsl:apply-templates select="@*|node()" mode="M696"/>
</xsl:template>
- <!--PATTERN winportstelocal_port-->
+ <!--PATTERN wininterfacestehardware_addr-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:local_port" priority="4000" mode="M697">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:interface_state/win-def:hardware_addr" priority="4000" mode="M697">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_port entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hardware_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M697"/>
@@ -17622,19 +18975,21 @@
<xsl:apply-templates select="@*|node()" mode="M697"/>
</xsl:template>
- <!--PATTERN winportsteprotocol-->
+ <!--PATTERN wininterfacesteinet_addr-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:protocol" priority="4000" mode="M698">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:interface_state/win-def:inet_addr" priority="4000" mode="M698">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the protocol entity of a port_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the inet_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M698"/>
@@ -17644,19 +18999,21 @@
<xsl:apply-templates select="@*|node()" mode="M698"/>
</xsl:template>
- <!--PATTERN winportstepid-->
+ <!--PATTERN wininterfacestebroadcast_addr-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:pid" priority="4000" mode="M699">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:interface_state/win-def:broadcast_addr" priority="4000" mode="M699">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the broadcast_addr entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M699"/>
@@ -17666,36 +19023,21 @@
<xsl:apply-templates select="@*|node()" mode="M699"/>
</xsl:template>
- <!--PATTERN pertst-->
+ <!--PATTERN wininterfacestenetmask-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_test/win-def:object" priority="4000"
- mode="M700">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:printereffectiverights_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a printereffectiverights_test must reference a printereffectiverights_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M700"/>
- </xsl:template>
+ <xsl:template match="win-def:interface_state/win-def:netmask" priority="4000" mode="M700">
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_test/win-def:state" priority="3999"
- mode="M700">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:printereffectiverights_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a printereffectiverights_test must reference a printereffectiverights_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the netmask entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M700"/>
@@ -17705,21 +19047,21 @@
<xsl:apply-templates select="@*|node()" mode="M700"/>
</xsl:template>
- <!--PATTERN perobjprinter_name-->
+ <!--PATTERN wininterfacesteaddr_type-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_object/win-def:printer_name"
- priority="4000"
- mode="M701">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:interface_state/win-def:addr_type" priority="4000" mode="M701">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the kprinter_nameey entity of a printereffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the addr_type entity of an interface_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M701"/>
@@ -17729,45 +19071,62 @@
<xsl:apply-templates select="@*|node()" mode="M701"/>
</xsl:template>
- <!--PATTERN perobjtrustee_sid-->
+ <!--PATTERN lptst-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_object/win-def:trustee_sid"
- priority="4000"
- mode="M702">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:lockoutpolicy_test/win-def:object" priority="4000" mode="M702">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:lockoutpolicy_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a printereffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a lockoutpolicy_test must reference a lockoutpolicy_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M702"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:lockoutpolicy_test/win-def:state" priority="3999" mode="M702">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:lockoutpolicy_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a lockoutpolicy_test must reference a lockoutpolicy_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M702"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M702"/>
<xsl:template match="@*|node()" priority="-2" mode="M702">
<xsl:apply-templates select="@*|node()" mode="M702"/>
</xsl:template>
- <!--PATTERN rersteprinter_name-->
+ <!--PATTERN lpsteforce_logoff-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:printer_name"
- priority="4000"
- mode="M703">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:lockoutpolicy_state/win-def:force_logoff" priority="4000" mode="M703">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the printer_name entity of a printereffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the force_logoff entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M703"/>
@@ -17777,21 +19136,21 @@
<xsl:apply-templates select="@*|node()" mode="M703"/>
</xsl:template>
- <!--PATTERN perstetrustee_sid-->
+ <!--PATTERN lpstelockout_duration-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:trustee_sid"
- priority="4000"
- mode="M704">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_duration" priority="4000" mode="M704">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a printereffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the lockout_duration entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M704"/>
@@ -17801,21 +19160,21 @@
<xsl:apply-templates select="@*|node()" mode="M704"/>
</xsl:template>
- <!--PATTERN perstestandard_delete-->
+ <!--PATTERN lpstelockout_observation_window-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:standard_delete"
- priority="4000"
- mode="M705">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_observation_window" priority="4000" mode="M705">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the lockout_observation_window entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M705"/>
@@ -17825,21 +19184,21 @@
<xsl:apply-templates select="@*|node()" mode="M705"/>
</xsl:template>
- <!--PATTERN perstestandard_read_control-->
+ <!--PATTERN lpstelockout_threshold-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:standard_read_control"
- priority="4000"
- mode="M706">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:lockoutpolicy_state/win-def:lockout_threshold" priority="4000" mode="M706">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the lockout_threshold entity of a lockoutpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M706"/>
@@ -17849,45 +19208,62 @@
<xsl:apply-templates select="@*|node()" mode="M706"/>
</xsl:template>
- <!--PATTERN perstestandard_write_dac-->
+ <!--PATTERN metabasetst-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:standard_write_dac"
- priority="4000"
- mode="M707">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_test/win-def:object" priority="4000" mode="M707">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:metabase_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a metabase_test must reference a metabase_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M707"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:metabase_test/win-def:state" priority="3999" mode="M707">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:metabase_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a metabase_test must reference a metabase_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M707"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M707"/>
<xsl:template match="@*|node()" priority="-2" mode="M707">
<xsl:apply-templates select="@*|node()" mode="M707"/>
</xsl:template>
- <!--PATTERN perstestandard_write_owner-->
+ <!--PATTERN metabaseobjkey-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:standard_write_owner"
- priority="4000"
- mode="M708">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_object/win-def:key" priority="4000" mode="M708">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a metabase_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M708"/>
@@ -17897,21 +19273,21 @@
<xsl:apply-templates select="@*|node()" mode="M708"/>
</xsl:template>
- <!--PATTERN perstestandard_synchronize-->
+ <!--PATTERN metabaseobjid-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:standard_synchronize"
- priority="4000"
- mode="M709">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_object/win-def:id" priority="4000" mode="M709">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the id entity of a metabase_object should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M709"/>
@@ -17921,21 +19297,21 @@
<xsl:apply-templates select="@*|node()" mode="M709"/>
</xsl:template>
- <!--PATTERN persteaccess_system_security-->
+ <!--PATTERN metabasestekey-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:access_system_security"
- priority="4000"
- mode="M710">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:key" priority="4000" mode="M710">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M710"/>
@@ -17945,21 +19321,21 @@
<xsl:apply-templates select="@*|node()" mode="M710"/>
</xsl:template>
- <!--PATTERN perstegeneric_read-->
+ <!--PATTERN metabasesteid-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:generic_read"
- priority="4000"
- mode="M711">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:id" priority="4000" mode="M711">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the id entity of a metabase_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M711"/>
@@ -17969,21 +19345,21 @@
<xsl:apply-templates select="@*|node()" mode="M711"/>
</xsl:template>
- <!--PATTERN perstegeneric_write-->
+ <!--PATTERN metabasestename-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:generic_write"
- priority="4000"
- mode="M712">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:name" priority="4000" mode="M712">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M712"/>
@@ -17993,21 +19369,21 @@
<xsl:apply-templates select="@*|node()" mode="M712"/>
</xsl:template>
- <!--PATTERN perstegeneric_execute-->
+ <!--PATTERN metabasesteuser_type-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:generic_execute"
- priority="4000"
- mode="M713">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:user_type" priority="4000" mode="M713">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user_type entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M713"/>
@@ -18017,21 +19393,21 @@
<xsl:apply-templates select="@*|node()" mode="M713"/>
</xsl:template>
- <!--PATTERN perstegeneric_all-->
+ <!--PATTERN metabasestedata_type-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:generic_all"
- priority="4000"
- mode="M714">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:data_type" priority="4000" mode="M714">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the data_type entity of a metabase_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M714"/>
@@ -18041,21 +19417,21 @@
<xsl:apply-templates select="@*|node()" mode="M714"/>
</xsl:template>
- <!--PATTERN persteprinter_access_administer-->
+ <!--PATTERN metabasestedata-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:printer_access_administer"
- priority="4000"
- mode="M715">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:metabase_state/win-def:data" priority="4000" mode="M715">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the printer_access_administer entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M715"/>
@@ -18065,45 +19441,62 @@
<xsl:apply-templates select="@*|node()" mode="M715"/>
</xsl:template>
- <!--PATTERN persteprinter_access_use-->
+ <!--PATTERN pptst-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:printer_access_use"
- priority="4000"
- mode="M716">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:passwordpolicy_test/win-def:object" priority="4000" mode="M716">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:passwordpolicy_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the printer_access_use entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a passwordpolicy_test must reference a passwordpolicy_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M716"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:passwordpolicy_test/win-def:state" priority="3999" mode="M716">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:passwordpolicy_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a passwordpolicy_test must reference a passwordpolicy_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M716"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M716"/>
<xsl:template match="@*|node()" priority="-2" mode="M716">
<xsl:apply-templates select="@*|node()" mode="M716"/>
</xsl:template>
- <!--PATTERN perstejob_access_administer-->
+ <!--PATTERN ppstemax_passwd_age-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:job_access_administer"
- priority="4000"
- mode="M717">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:max_passwd_age" priority="4000" mode="M717">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the job_access_administer entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the max_passwd_age entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M717"/>
@@ -18113,21 +19506,21 @@
<xsl:apply-templates select="@*|node()" mode="M717"/>
</xsl:template>
- <!--PATTERN perstejob_access_read-->
+ <!--PATTERN ppstemin_passwd_age-->
- <!--RULE -->
-<xsl:template match="win-def:printereffectiverights_state/win-def:job_access_read"
- priority="4000"
- mode="M718">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:min_passwd_age" priority="4000" mode="M718">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the job_access_read entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the min_passwd_age entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M718"/>
@@ -18137,34 +19530,21 @@
<xsl:apply-templates select="@*|node()" mode="M718"/>
</xsl:template>
- <!--PATTERN processtst-->
+ <!--PATTERN ppstemin_passwd_len-->
- <!--RULE -->
-<xsl:template match="win-def:process_test/win-def:object" priority="4000" mode="M719">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:process_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a process_test must reference a process_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M719"/>
- </xsl:template>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:min_passwd_len" priority="4000" mode="M719">
- <!--RULE -->
-<xsl:template match="win-def:process_test/win-def:state" priority="3999" mode="M719">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:process_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a process_test must reference a process_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the min_passwd_len entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M719"/>
@@ -18174,19 +19554,21 @@
<xsl:apply-templates select="@*|node()" mode="M719"/>
</xsl:template>
- <!--PATTERN processobjcommand_line-->
+ <!--PATTERN ppstepassword_hist_len-->
- <!--RULE -->
-<xsl:template match="win-def:process_object/win-def:command_line" priority="4000" mode="M720">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:password_hist_len" priority="4000" mode="M720">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the command_line entity of a process_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password_hist_len entity of a passwordpolicy_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M720"/>
@@ -18196,19 +19578,21 @@
<xsl:apply-templates select="@*|node()" mode="M720"/>
</xsl:template>
- <!--PATTERN processstecommand_line-->
+ <!--PATTERN ppstepassword_complexity-->
- <!--RULE -->
-<xsl:template match="win-def:process_state/win-def:command_line" priority="4000" mode="M721">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:password_complexity" priority="4000" mode="M721">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the command_line entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the password_complexity entity of an passwordpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M721"/>
@@ -18218,19 +19602,21 @@
<xsl:apply-templates select="@*|node()" mode="M721"/>
</xsl:template>
- <!--PATTERN processstepid-->
+ <!--PATTERN ppstereversible_encryption-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:pid" priority="4000" mode="M722">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:passwordpolicy_state/win-def:reversible_encryption" priority="4000" mode="M722">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the pid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the reversible_encryption entity of an passwordpolicy_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M722"/>
@@ -18240,41 +19626,62 @@
<xsl:apply-templates select="@*|node()" mode="M722"/>
</xsl:template>
- <!--PATTERN processsteppid-->
+ <!--PATTERN winporttst-->
- <!--RULE -->
-<xsl:template match="win-def:port_state/win-def:ppid" priority="4000" mode="M723">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:port_test/win-def:object" priority="4000" mode="M723">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:port_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the ppid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a port_test must reference a port_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M723"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:port_test/win-def:state" priority="3999" mode="M723">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:port_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a port_test must reference a port_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M723"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M723"/>
<xsl:template match="@*|node()" priority="-2" mode="M723">
<xsl:apply-templates select="@*|node()" mode="M723"/>
</xsl:template>
- <!--PATTERN processstepriority-->
+ <!--PATTERN winportobjlocal_address-->
- <!--RULE -->
-<xsl:template match="win-def:process_state/win-def:priority" priority="4000" mode="M724">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:port_object/win-def:local_address" priority="4000" mode="M724">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the priority entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_address entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M724"/>
@@ -18284,19 +19691,21 @@
<xsl:apply-templates select="@*|node()" mode="M724"/>
</xsl:template>
- <!--PATTERN processsteimage_path-->
+ <!--PATTERN winportobjlocal_port-->
- <!--RULE -->
-<xsl:template match="win-def:process_state/win-def:image_path" priority="4000" mode="M725">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:port_object/win-def:local_port" priority="4000" mode="M725">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the image_path entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_port entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M725"/>
@@ -18306,19 +19715,21 @@
<xsl:apply-templates select="@*|node()" mode="M725"/>
</xsl:template>
- <!--PATTERN processstecurrent_dir-->
+ <!--PATTERN winportobjprotocol-->
- <!--RULE -->
-<xsl:template match="win-def:process_state/win-def:current_dir" priority="4000" mode="M726">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:port_object/win-def:protocol" priority="4000" mode="M726">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the current_dir entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of a port_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M726"/>
@@ -18328,34 +19739,21 @@
<xsl:apply-templates select="@*|node()" mode="M726"/>
</xsl:template>
- <!--PATTERN regtst-->
+ <!--PATTERN winportstelocal_address-->
- <!--RULE -->
-<xsl:template match="win-def:registry_test/win-def:object" priority="4000" mode="M727">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:registry_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a registry_test must reference a registry_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M727"/>
- </xsl:template>
+ <xsl:template match="win-def:port_state/win-def:local_address" priority="4000" mode="M727">
- <!--RULE -->
-<xsl:template match="win-def:registry_test/win-def:state" priority="3999" mode="M727">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:registry_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a registry_test must reference a registry_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_address entity of a port_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M727"/>
@@ -18365,19 +19763,21 @@
<xsl:apply-templates select="@*|node()" mode="M727"/>
</xsl:template>
- <!--PATTERN regobjhive-->
+ <!--PATTERN winportstelocal_port-->
- <!--RULE -->
-<xsl:template match="win-def:registry_object/win-def:hive" priority="4000" mode="M728">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:port_state/win-def:local_port" priority="4000" mode="M728">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_port entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M728"/>
@@ -18387,31 +19787,23 @@
<xsl:apply-templates select="@*|node()" mode="M728"/>
</xsl:template>
- <!--PATTERN regobjkey-->
+ <!--PATTERN winportsteprotocol-->
- <!--RULE -->
-<xsl:template match="win-def:registry_object/win-def:key" priority="4000" mode="M729">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:port_state/win-def:protocol" priority="4000" mode="M729">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the protocol entity of a port_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
-
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@xsi:nil='true') or ../win-def:name/@xsi:nil='true'"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - name entity must be nil when key is nil<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M729"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M729"/>
@@ -18419,19 +19811,21 @@
<xsl:apply-templates select="@*|node()" mode="M729"/>
</xsl:template>
- <!--PATTERN regobjname-->
+ <!--PATTERN winportstepid-->
- <!--RULE -->
-<xsl:template match="win-def:registry_object/win-def:name" priority="4000" mode="M730">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:port_state/win-def:pid" priority="4000" mode="M730">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M730"/>
@@ -18441,41 +19835,62 @@
<xsl:apply-templates select="@*|node()" mode="M730"/>
</xsl:template>
- <!--PATTERN regstehive-->
+ <!--PATTERN pertst-->
- <!--RULE -->
-<xsl:template match="win-def:registry_state/win-def:hive" priority="4000" mode="M731">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_test/win-def:object" priority="4000" mode="M731">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:printereffectiverights_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a printereffectiverights_test must reference a printereffectiverights_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M731"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:printereffectiverights_test/win-def:state" priority="3999" mode="M731">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:printereffectiverights_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a printereffectiverights_test must reference a printereffectiverights_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M731"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M731"/>
<xsl:template match="@*|node()" priority="-2" mode="M731">
<xsl:apply-templates select="@*|node()" mode="M731"/>
</xsl:template>
- <!--PATTERN regstekey-->
+ <!--PATTERN perobjprinter_name-->
- <!--RULE -->
-<xsl:template match="win-def:registry_state/win-def:key" priority="4000" mode="M732">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:printereffectiverights_object/win-def:printer_name" priority="4000" mode="M732">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the kprinter_nameey entity of a printereffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M732"/>
@@ -18485,19 +19900,21 @@
<xsl:apply-templates select="@*|node()" mode="M732"/>
</xsl:template>
- <!--PATTERN regstename-->
+ <!--PATTERN perobjtrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:registry_state/win-def:name" priority="4000" mode="M733">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:printereffectiverights_object/win-def:trustee_sid" priority="4000" mode="M733">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a printereffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M733"/>
@@ -18507,19 +19924,21 @@
<xsl:apply-templates select="@*|node()" mode="M733"/>
</xsl:template>
- <!--PATTERN regstetype-->
+ <!--PATTERN rersteprinter_name-->
- <!--RULE -->
-<xsl:template match="win-def:registry_state/win-def:type" priority="4000" mode="M734">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:printer_name" priority="4000" mode="M734">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the type entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the printer_name entity of a printereffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M734"/>
@@ -18529,19 +19948,21 @@
<xsl:apply-templates select="@*|node()" mode="M734"/>
</xsl:template>
- <!--PATTERN regstevalue-->
+ <!--PATTERN perstetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:registry_state/win-def:value" priority="4000" mode="M735">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:trustee_sid" priority="4000" mode="M735">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a printereffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M735"/>
@@ -18551,36 +19972,21 @@
<xsl:apply-templates select="@*|node()" mode="M735"/>
</xsl:template>
- <!--PATTERN rap53tst-->
+ <!--PATTERN perstestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_test/win-def:object" priority="4000"
- mode="M736">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyauditedpermissions53_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a regkeyauditedpermissions53_test must reference a regkeyauditedpermissions53_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M736"/>
- </xsl:template>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:standard_delete" priority="4000" mode="M736">
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_test/win-def:state" priority="3999"
- mode="M736">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyauditedpermissions53_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a regkeyauditedpermissions53_test must reference a regkeyauditedpermissions53_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M736"/>
@@ -18590,20 +19996,21 @@
<xsl:apply-templates select="@*|node()" mode="M736"/>
</xsl:template>
- <!--PATTERN rap53objhive-->
+ <!--PATTERN perstestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:hive" priority="4000"
- mode="M737">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:standard_read_control" priority="4000" mode="M737">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M737"/>
@@ -18613,20 +20020,21 @@
<xsl:apply-templates select="@*|node()" mode="M737"/>
</xsl:template>
- <!--PATTERN rap53objkey-->
+ <!--PATTERN perstestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:key" priority="4000"
- mode="M738">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:standard_write_dac" priority="4000" mode="M738">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M738"/>
@@ -18636,21 +20044,21 @@
<xsl:apply-templates select="@*|node()" mode="M738"/>
</xsl:template>
- <!--PATTERN rap53objtrustee_sid-->
+ <!--PATTERN perstestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:trustee_sid"
- priority="4000"
- mode="M739">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:standard_write_owner" priority="4000" mode="M739">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M739"/>
@@ -18660,20 +20068,21 @@
<xsl:apply-templates select="@*|node()" mode="M739"/>
</xsl:template>
- <!--PATTERN rap53stehive-->
+ <!--PATTERN perstestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:hive" priority="4000"
- mode="M740">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:standard_synchronize" priority="4000" mode="M740">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M740"/>
@@ -18683,20 +20092,21 @@
<xsl:apply-templates select="@*|node()" mode="M740"/>
</xsl:template>
- <!--PATTERN rap53stekey-->
+ <!--PATTERN persteaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key" priority="4000"
- mode="M741">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:access_system_security" priority="4000" mode="M741">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M741"/>
@@ -18706,21 +20116,21 @@
<xsl:apply-templates select="@*|node()" mode="M741"/>
</xsl:template>
- <!--PATTERN rap53stetrustee_sid-->
+ <!--PATTERN perstegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:trustee_sid"
- priority="4000"
- mode="M742">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:generic_read" priority="4000" mode="M742">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M742"/>
@@ -18730,21 +20140,21 @@
<xsl:apply-templates select="@*|node()" mode="M742"/>
</xsl:template>
- <!--PATTERN rap53stestandard_delete-->
+ <!--PATTERN perstegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_delete"
- priority="4000"
- mode="M743">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:generic_write" priority="4000" mode="M743">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M743"/>
@@ -18754,21 +20164,21 @@
<xsl:apply-templates select="@*|node()" mode="M743"/>
</xsl:template>
- <!--PATTERN rap53stestandard_read_control-->
+ <!--PATTERN perstegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_read_control"
- priority="4000"
- mode="M744">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:generic_execute" priority="4000" mode="M744">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M744"/>
@@ -18778,21 +20188,21 @@
<xsl:apply-templates select="@*|node()" mode="M744"/>
</xsl:template>
- <!--PATTERN rap53stestandard_write_dac-->
+ <!--PATTERN perstegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_write_dac"
- priority="4000"
- mode="M745">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:generic_all" priority="4000" mode="M745">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M745"/>
@@ -18802,21 +20212,21 @@
<xsl:apply-templates select="@*|node()" mode="M745"/>
</xsl:template>
- <!--PATTERN rap53stestandard_write_owner-->
+ <!--PATTERN persteprinter_access_administer-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_write_owner"
- priority="4000"
- mode="M746">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:printer_access_administer" priority="4000" mode="M746">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the printer_access_administer entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M746"/>
@@ -18826,21 +20236,21 @@
<xsl:apply-templates select="@*|node()" mode="M746"/>
</xsl:template>
- <!--PATTERN rap53stestandard_synchronize-->
+ <!--PATTERN persteprinter_access_use-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_synchronize"
- priority="4000"
- mode="M747">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:printer_access_use" priority="4000" mode="M747">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the printer_access_use entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M747"/>
@@ -18850,21 +20260,21 @@
<xsl:apply-templates select="@*|node()" mode="M747"/>
</xsl:template>
- <!--PATTERN rap53steaccess_system_security-->
+ <!--PATTERN perstejob_access_administer-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:access_system_security"
- priority="4000"
- mode="M748">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:job_access_administer" priority="4000" mode="M748">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the job_access_administer entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M748"/>
@@ -18874,21 +20284,21 @@
<xsl:apply-templates select="@*|node()" mode="M748"/>
</xsl:template>
- <!--PATTERN rap53stegeneric_read-->
+ <!--PATTERN perstejob_access_read-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_read"
- priority="4000"
- mode="M749">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:printereffectiverights_state/win-def:job_access_read" priority="4000" mode="M749">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the job_access_read entity of a printereffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M749"/>
@@ -18898,45 +20308,62 @@
<xsl:apply-templates select="@*|node()" mode="M749"/>
</xsl:template>
- <!--PATTERN rap53stegeneric_write-->
+ <!--PATTERN processtst-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_write"
- priority="4000"
- mode="M750">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:process_test/win-def:object" priority="4000" mode="M750">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:process_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a process_test must reference a process_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M750"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:process_test/win-def:state" priority="3999" mode="M750">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:process_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a process_test must reference a process_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M750"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M750"/>
<xsl:template match="@*|node()" priority="-2" mode="M750">
<xsl:apply-templates select="@*|node()" mode="M750"/>
</xsl:template>
- <!--PATTERN rap53stegeneric_execute-->
+ <!--PATTERN processobjcommand_line-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_execute"
- priority="4000"
- mode="M751">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:process_object/win-def:command_line" priority="4000" mode="M751">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the command_line entity of a process_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M751"/>
@@ -18946,21 +20373,21 @@
<xsl:apply-templates select="@*|node()" mode="M751"/>
</xsl:template>
- <!--PATTERN rap53stegeneric_all-->
+ <!--PATTERN processstecommand_line-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_all"
- priority="4000"
- mode="M752">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:process_state/win-def:command_line" priority="4000" mode="M752">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the command_line entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M752"/>
@@ -18970,21 +20397,21 @@
<xsl:apply-templates select="@*|node()" mode="M752"/>
</xsl:template>
- <!--PATTERN rap53stekey_query_value-->
+ <!--PATTERN processstepid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_query_value"
- priority="4000"
- mode="M753">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:port_state/win-def:pid" priority="4000" mode="M753">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the pid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M753"/>
@@ -18994,21 +20421,21 @@
<xsl:apply-templates select="@*|node()" mode="M753"/>
</xsl:template>
- <!--PATTERN rap53stekey_set_value-->
+ <!--PATTERN processsteppid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_set_value"
- priority="4000"
- mode="M754">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:port_state/win-def:ppid" priority="4000" mode="M754">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the ppid entity of a port_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M754"/>
@@ -19018,21 +20445,21 @@
<xsl:apply-templates select="@*|node()" mode="M754"/>
</xsl:template>
- <!--PATTERN rap53stekey_create_sub_key-->
+ <!--PATTERN processstepriority-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_create_sub_key"
- priority="4000"
- mode="M755">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:process_state/win-def:priority" priority="4000" mode="M755">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the priority entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M755"/>
@@ -19042,21 +20469,21 @@
<xsl:apply-templates select="@*|node()" mode="M755"/>
</xsl:template>
- <!--PATTERN rap53stekey_enumerate_sub_keys-->
+ <!--PATTERN processsteimage_path-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_enumerate_sub_keys"
- priority="4000"
- mode="M756">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:process_state/win-def:image_path" priority="4000" mode="M756">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the image_path entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M756"/>
@@ -19066,21 +20493,21 @@
<xsl:apply-templates select="@*|node()" mode="M756"/>
</xsl:template>
- <!--PATTERN rap53stekey_notify-->
+ <!--PATTERN processstecurrent_dir-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_notify"
- priority="4000"
- mode="M757">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:process_state/win-def:current_dir" priority="4000" mode="M757">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_notify entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the current_dir entity of a process_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M757"/>
@@ -19090,45 +20517,62 @@
<xsl:apply-templates select="@*|node()" mode="M757"/>
</xsl:template>
- <!--PATTERN rap53stekey_create_link-->
+ <!--PATTERN regtst-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_create_link"
- priority="4000"
- mode="M758">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:registry_test/win-def:object" priority="4000" mode="M758">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:registry_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a registry_test must reference a registry_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M758"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:registry_test/win-def:state" priority="3999" mode="M758">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:registry_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a registry_test must reference a registry_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M758"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M758"/>
<xsl:template match="@*|node()" priority="-2" mode="M758">
<xsl:apply-templates select="@*|node()" mode="M758"/>
</xsl:template>
- <!--PATTERN rap53stekey_wow64_64key-->
+ <!--PATTERN regobjhive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_64key"
- priority="4000"
- mode="M759">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_object/win-def:hive" priority="4000" mode="M759">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M759"/>
@@ -19138,23 +20582,34 @@
<xsl:apply-templates select="@*|node()" mode="M759"/>
</xsl:template>
- <!--PATTERN rap53stekey_wow64_32key-->
+ <!--PATTERN regobjkey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_32key"
- priority="4000"
- mode="M760">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_object/win-def:key" priority="4000" mode="M760">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@xsi:nil='true') or ../win-def:name/@xsi:nil='true'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - name entity must be nil when key is nil<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M760"/>
</xsl:template>
<xsl:template match="text()" priority="-1" mode="M760"/>
@@ -19162,21 +20617,21 @@
<xsl:apply-templates select="@*|node()" mode="M760"/>
</xsl:template>
- <!--PATTERN rap53stekey_wow64_res-->
+ <!--PATTERN regobjname-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_res"
- priority="4000"
- mode="M761">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_object/win-def:name" priority="4000" mode="M761">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a registry_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M761"/>
@@ -19186,36 +20641,21 @@
<xsl:apply-templates select="@*|node()" mode="M761"/>
</xsl:template>
- <!--PATTERN raptst-->
+ <!--PATTERN regstehive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_test/win-def:object" priority="4000"
- mode="M762">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyauditedpermissions_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a regkeyauditedpermissions_test must reference a regkeyauditedpermissions_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M762"/>
- </xsl:template>
+ <xsl:template match="win-def:registry_state/win-def:hive" priority="4000" mode="M762">
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_test/win-def:state" priority="3999"
- mode="M762">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyauditedpermissions_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a regkeyauditedpermissions_test must reference a regkeyauditedpermissions_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M762"/>
@@ -19225,20 +20665,21 @@
<xsl:apply-templates select="@*|node()" mode="M762"/>
</xsl:template>
- <!--PATTERN rapobjhive-->
+ <!--PATTERN regstekey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_object/win-def:hive" priority="4000"
- mode="M763">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_state/win-def:key" priority="4000" mode="M763">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M763"/>
@@ -19248,20 +20689,21 @@
<xsl:apply-templates select="@*|node()" mode="M763"/>
</xsl:template>
- <!--PATTERN rapobjkey-->
+ <!--PATTERN regstename-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_object/win-def:key" priority="4000"
- mode="M764">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_state/win-def:name" priority="4000" mode="M764">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the name entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M764"/>
@@ -19271,21 +20713,21 @@
<xsl:apply-templates select="@*|node()" mode="M764"/>
</xsl:template>
- <!--PATTERN rapobjtrustee_name-->
+ <!--PATTERN regstetype-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_object/win-def:trustee_name"
- priority="4000"
- mode="M765">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:registry_state/win-def:type" priority="4000" mode="M765">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the type entity of a registry_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M765"/>
@@ -19295,20 +20737,21 @@
<xsl:apply-templates select="@*|node()" mode="M765"/>
</xsl:template>
- <!--PATTERN rapstehive-->
+ <!--PATTERN regstevalue-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:hive" priority="4000"
- mode="M766">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:registry_state/win-def:value" priority="4000" mode="M766">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M766"/>
@@ -19318,44 +20761,62 @@
<xsl:apply-templates select="@*|node()" mode="M766"/>
</xsl:template>
- <!--PATTERN rapstekey-->
+ <!--PATTERN rap53tst-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key" priority="4000"
- mode="M767">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions53_test/win-def:object" priority="4000" mode="M767">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyauditedpermissions53_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a regkeyauditedpermissions53_test must reference a regkeyauditedpermissions53_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M767"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:regkeyauditedpermissions53_test/win-def:state" priority="3999" mode="M767">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyauditedpermissions53_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a regkeyauditedpermissions53_test must reference a regkeyauditedpermissions53_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M767"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M767"/>
<xsl:template match="@*|node()" priority="-2" mode="M767">
<xsl:apply-templates select="@*|node()" mode="M767"/>
</xsl:template>
- <!--PATTERN rapstetrustee_name-->
+ <!--PATTERN rap53objhive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:trustee_name"
- priority="4000"
- mode="M768">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:hive" priority="4000" mode="M768">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M768"/>
@@ -19365,21 +20826,21 @@
<xsl:apply-templates select="@*|node()" mode="M768"/>
</xsl:template>
- <!--PATTERN rapstestandard_delete-->
+ <!--PATTERN rap53objkey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_delete"
- priority="4000"
- mode="M769">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:key" priority="4000" mode="M769">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M769"/>
@@ -19389,21 +20850,21 @@
<xsl:apply-templates select="@*|node()" mode="M769"/>
</xsl:template>
- <!--PATTERN rapstestandard_read_control-->
+ <!--PATTERN rap53objtrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_read_control"
- priority="4000"
- mode="M770">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_object/win-def:trustee_sid" priority="4000" mode="M770">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyauditedpermissions53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M770"/>
@@ -19413,21 +20874,21 @@
<xsl:apply-templates select="@*|node()" mode="M770"/>
</xsl:template>
- <!--PATTERN rapstestandard_write_dac-->
+ <!--PATTERN rap53stehive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_write_dac"
- priority="4000"
- mode="M771">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:hive" priority="4000" mode="M771">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M771"/>
@@ -19437,21 +20898,21 @@
<xsl:apply-templates select="@*|node()" mode="M771"/>
</xsl:template>
- <!--PATTERN rapstestandard_write_owner-->
+ <!--PATTERN rap53stekey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_write_owner"
- priority="4000"
- mode="M772">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key" priority="4000" mode="M772">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M772"/>
@@ -19461,21 +20922,21 @@
<xsl:apply-templates select="@*|node()" mode="M772"/>
</xsl:template>
- <!--PATTERN rapstestandard_synchronize-->
+ <!--PATTERN rap53stetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_synchronize"
- priority="4000"
- mode="M773">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:trustee_sid" priority="4000" mode="M773">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M773"/>
@@ -19485,21 +20946,21 @@
<xsl:apply-templates select="@*|node()" mode="M773"/>
</xsl:template>
- <!--PATTERN rapsteaccess_system_security-->
+ <!--PATTERN rap53stestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:access_system_security"
- priority="4000"
- mode="M774">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_delete" priority="4000" mode="M774">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M774"/>
@@ -19509,21 +20970,21 @@
<xsl:apply-templates select="@*|node()" mode="M774"/>
</xsl:template>
- <!--PATTERN rapstegeneric_read-->
+ <!--PATTERN rap53stestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_read"
- priority="4000"
- mode="M775">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_read_control" priority="4000" mode="M775">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M775"/>
@@ -19533,21 +20994,21 @@
<xsl:apply-templates select="@*|node()" mode="M775"/>
</xsl:template>
- <!--PATTERN rapstegeneric_write-->
+ <!--PATTERN rap53stestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_write"
- priority="4000"
- mode="M776">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_write_dac" priority="4000" mode="M776">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M776"/>
@@ -19557,21 +21018,21 @@
<xsl:apply-templates select="@*|node()" mode="M776"/>
</xsl:template>
- <!--PATTERN rapstegeneric_execute-->
+ <!--PATTERN rap53stestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_execute"
- priority="4000"
- mode="M777">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_write_owner" priority="4000" mode="M777">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M777"/>
@@ -19581,21 +21042,21 @@
<xsl:apply-templates select="@*|node()" mode="M777"/>
</xsl:template>
- <!--PATTERN rapstegeneric_all-->
+ <!--PATTERN rap53stestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_all"
- priority="4000"
- mode="M778">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:standard_synchronize" priority="4000" mode="M778">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M778"/>
@@ -19605,21 +21066,21 @@
<xsl:apply-templates select="@*|node()" mode="M778"/>
</xsl:template>
- <!--PATTERN rapstekey_query_value-->
+ <!--PATTERN rap53steaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_query_value"
- priority="4000"
- mode="M779">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:access_system_security" priority="4000" mode="M779">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M779"/>
@@ -19629,21 +21090,21 @@
<xsl:apply-templates select="@*|node()" mode="M779"/>
</xsl:template>
- <!--PATTERN rapstekey_set_value-->
+ <!--PATTERN rap53stegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_set_value"
- priority="4000"
- mode="M780">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_read" priority="4000" mode="M780">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M780"/>
@@ -19653,21 +21114,21 @@
<xsl:apply-templates select="@*|node()" mode="M780"/>
</xsl:template>
- <!--PATTERN rapstekey_create_sub_key-->
+ <!--PATTERN rap53stegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_create_sub_key"
- priority="4000"
- mode="M781">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_write" priority="4000" mode="M781">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M781"/>
@@ -19677,21 +21138,21 @@
<xsl:apply-templates select="@*|node()" mode="M781"/>
</xsl:template>
- <!--PATTERN rapstekey_enumerate_sub_keys-->
+ <!--PATTERN rap53stegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_enumerate_sub_keys"
- priority="4000"
- mode="M782">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_execute" priority="4000" mode="M782">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M782"/>
@@ -19701,21 +21162,21 @@
<xsl:apply-templates select="@*|node()" mode="M782"/>
</xsl:template>
- <!--PATTERN rapstekey_notify-->
+ <!--PATTERN rap53stegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_notify"
- priority="4000"
- mode="M783">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:generic_all" priority="4000" mode="M783">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_notify entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M783"/>
@@ -19725,21 +21186,21 @@
<xsl:apply-templates select="@*|node()" mode="M783"/>
</xsl:template>
- <!--PATTERN rapstekey_create_link-->
+ <!--PATTERN rap53stekey_query_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_create_link"
- priority="4000"
- mode="M784">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_query_value" priority="4000" mode="M784">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M784"/>
@@ -19749,21 +21210,21 @@
<xsl:apply-templates select="@*|node()" mode="M784"/>
</xsl:template>
- <!--PATTERN rapstekey_wow64_64key-->
+ <!--PATTERN rap53stekey_set_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_64key"
- priority="4000"
- mode="M785">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_set_value" priority="4000" mode="M785">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M785"/>
@@ -19773,21 +21234,21 @@
<xsl:apply-templates select="@*|node()" mode="M785"/>
</xsl:template>
- <!--PATTERN rapstekey_wow64_32key-->
+ <!--PATTERN rap53stekey_create_sub_key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_32key"
- priority="4000"
- mode="M786">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_create_sub_key" priority="4000" mode="M786">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M786"/>
@@ -19797,21 +21258,21 @@
<xsl:apply-templates select="@*|node()" mode="M786"/>
</xsl:template>
- <!--PATTERN rapstekey_wow64_res-->
+ <!--PATTERN rap53stekey_enumerate_sub_keys-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_res"
- priority="4000"
- mode="M787">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_enumerate_sub_keys" priority="4000" mode="M787">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M787"/>
@@ -19821,36 +21282,21 @@
<xsl:apply-templates select="@*|node()" mode="M787"/>
</xsl:template>
- <!--PATTERN rer53tst-->
+ <!--PATTERN rap53stekey_notify-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_test/win-def:object" priority="4000"
- mode="M788">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyeffectiverights53_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M788"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_notify" priority="4000" mode="M788">
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_test/win-def:state" priority="3999"
- mode="M788">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyeffectiverights53_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_notify entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M788"/>
@@ -19860,20 +21306,21 @@
<xsl:apply-templates select="@*|node()" mode="M788"/>
</xsl:template>
- <!--PATTERN rer53objhive-->
+ <!--PATTERN rap53stekey_create_link-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_object/win-def:hive" priority="4000"
- mode="M789">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_create_link" priority="4000" mode="M789">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M789"/>
@@ -19883,20 +21330,21 @@
<xsl:apply-templates select="@*|node()" mode="M789"/>
</xsl:template>
- <!--PATTERN rer53objkey-->
+ <!--PATTERN rap53stekey_wow64_64key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_object/win-def:key" priority="4000"
- mode="M790">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_64key" priority="4000" mode="M790">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M790"/>
@@ -19906,21 +21354,21 @@
<xsl:apply-templates select="@*|node()" mode="M790"/>
</xsl:template>
- <!--PATTERN rer53objtrustee_sid-->
+ <!--PATTERN rap53stekey_wow64_32key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_object/win-def:trustee_sid"
- priority="4000"
- mode="M791">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_32key" priority="4000" mode="M791">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M791"/>
@@ -19930,20 +21378,21 @@
<xsl:apply-templates select="@*|node()" mode="M791"/>
</xsl:template>
- <!--PATTERN rer53stehive-->
+ <!--PATTERN rap53stekey_wow64_res-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:hive" priority="4000"
- mode="M792">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions53_state/win-def:key_wow64_res" priority="4000" mode="M792">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyauditedpermissions53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M792"/>
@@ -19953,44 +21402,62 @@
<xsl:apply-templates select="@*|node()" mode="M792"/>
</xsl:template>
- <!--PATTERN rer53stekey-->
+ <!--PATTERN raptst-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key" priority="4000"
- mode="M793">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_test/win-def:object" priority="4000" mode="M793">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyauditedpermissions_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a regkeyauditedpermissions_test must reference a regkeyauditedpermissions_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M793"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:regkeyauditedpermissions_test/win-def:state" priority="3999" mode="M793">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyauditedpermissions_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a regkeyauditedpermissions_test must reference a regkeyauditedpermissions_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M793"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M793"/>
<xsl:template match="@*|node()" priority="-2" mode="M793">
<xsl:apply-templates select="@*|node()" mode="M793"/>
</xsl:template>
- <!--PATTERN rer53stetrustee_sid-->
+ <!--PATTERN rapobjhive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:trustee_sid"
- priority="4000"
- mode="M794">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions_object/win-def:hive" priority="4000" mode="M794">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M794"/>
@@ -20000,21 +21467,21 @@
<xsl:apply-templates select="@*|node()" mode="M794"/>
</xsl:template>
- <!--PATTERN rer53stestandard_delete-->
+ <!--PATTERN rapobjkey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_delete"
- priority="4000"
- mode="M795">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_object/win-def:key" priority="4000" mode="M795">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M795"/>
@@ -20024,21 +21491,21 @@
<xsl:apply-templates select="@*|node()" mode="M795"/>
</xsl:template>
- <!--PATTERN rer53stestandard_read_control-->
+ <!--PATTERN rapobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_read_control"
- priority="4000"
- mode="M796">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_object/win-def:trustee_name" priority="4000" mode="M796">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M796"/>
@@ -20048,21 +21515,21 @@
<xsl:apply-templates select="@*|node()" mode="M796"/>
</xsl:template>
- <!--PATTERN rer53stestandard_write_dac-->
+ <!--PATTERN rapstehive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_write_dac"
- priority="4000"
- mode="M797">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:hive" priority="4000" mode="M797">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M797"/>
@@ -20072,21 +21539,21 @@
<xsl:apply-templates select="@*|node()" mode="M797"/>
</xsl:template>
- <!--PATTERN rer53stestandard_write_owner-->
+ <!--PATTERN rapstekey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_write_owner"
- priority="4000"
- mode="M798">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key" priority="4000" mode="M798">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M798"/>
@@ -20096,21 +21563,21 @@
<xsl:apply-templates select="@*|node()" mode="M798"/>
</xsl:template>
- <!--PATTERN rer53stestandard_synchronize-->
+ <!--PATTERN rapstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_synchronize"
- priority="4000"
- mode="M799">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:trustee_name" priority="4000" mode="M799">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M799"/>
@@ -20120,21 +21587,21 @@
<xsl:apply-templates select="@*|node()" mode="M799"/>
</xsl:template>
- <!--PATTERN rer53steaccess_system_security-->
+ <!--PATTERN rapstestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:access_system_security"
- priority="4000"
- mode="M800">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_delete" priority="4000" mode="M800">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M800"/>
@@ -20144,21 +21611,21 @@
<xsl:apply-templates select="@*|node()" mode="M800"/>
</xsl:template>
- <!--PATTERN rer53stegeneric_read-->
+ <!--PATTERN rapstestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_read"
- priority="4000"
- mode="M801">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_read_control" priority="4000" mode="M801">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M801"/>
@@ -20168,21 +21635,21 @@
<xsl:apply-templates select="@*|node()" mode="M801"/>
</xsl:template>
- <!--PATTERN rer53stegeneric_write-->
+ <!--PATTERN rapstestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_write"
- priority="4000"
- mode="M802">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_write_dac" priority="4000" mode="M802">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M802"/>
@@ -20192,21 +21659,21 @@
<xsl:apply-templates select="@*|node()" mode="M802"/>
</xsl:template>
- <!--PATTERN rer53stegeneric_execute-->
+ <!--PATTERN rapstestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_execute"
- priority="4000"
- mode="M803">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_write_owner" priority="4000" mode="M803">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M803"/>
@@ -20216,21 +21683,21 @@
<xsl:apply-templates select="@*|node()" mode="M803"/>
</xsl:template>
- <!--PATTERN rer53stegeneric_all-->
+ <!--PATTERN rapstestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_all"
- priority="4000"
- mode="M804">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:standard_synchronize" priority="4000" mode="M804">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M804"/>
@@ -20240,21 +21707,21 @@
<xsl:apply-templates select="@*|node()" mode="M804"/>
</xsl:template>
- <!--PATTERN rer53stekey_query_value-->
+ <!--PATTERN rapsteaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_query_value"
- priority="4000"
- mode="M805">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:access_system_security" priority="4000" mode="M805">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M805"/>
@@ -20264,21 +21731,21 @@
<xsl:apply-templates select="@*|node()" mode="M805"/>
</xsl:template>
- <!--PATTERN rer53stekey_set_value-->
+ <!--PATTERN rapstegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_set_value"
- priority="4000"
- mode="M806">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_read" priority="4000" mode="M806">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M806"/>
@@ -20288,21 +21755,21 @@
<xsl:apply-templates select="@*|node()" mode="M806"/>
</xsl:template>
- <!--PATTERN rer53stekey_create_sub_key-->
+ <!--PATTERN rapstegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_create_sub_key"
- priority="4000"
- mode="M807">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_write" priority="4000" mode="M807">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M807"/>
@@ -20312,21 +21779,21 @@
<xsl:apply-templates select="@*|node()" mode="M807"/>
</xsl:template>
- <!--PATTERN rer53stekey_enumerate_sub_keys-->
+ <!--PATTERN rapstegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_enumerate_sub_keys"
- priority="4000"
- mode="M808">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_execute" priority="4000" mode="M808">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M808"/>
@@ -20336,21 +21803,21 @@
<xsl:apply-templates select="@*|node()" mode="M808"/>
</xsl:template>
- <!--PATTERN rer53stekey_notify-->
+ <!--PATTERN rapstegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_notify"
- priority="4000"
- mode="M809">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:generic_all" priority="4000" mode="M809">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_notify entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M809"/>
@@ -20360,21 +21827,21 @@
<xsl:apply-templates select="@*|node()" mode="M809"/>
</xsl:template>
- <!--PATTERN rer53stekey_create_link-->
+ <!--PATTERN rapstekey_query_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_create_link"
- priority="4000"
- mode="M810">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_query_value" priority="4000" mode="M810">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M810"/>
@@ -20384,21 +21851,21 @@
<xsl:apply-templates select="@*|node()" mode="M810"/>
</xsl:template>
- <!--PATTERN rer53stekey_wow64_64key-->
+ <!--PATTERN rapstekey_set_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_64key"
- priority="4000"
- mode="M811">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_set_value" priority="4000" mode="M811">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M811"/>
@@ -20408,21 +21875,21 @@
<xsl:apply-templates select="@*|node()" mode="M811"/>
</xsl:template>
- <!--PATTERN rer53stekey_wow64_32key-->
+ <!--PATTERN rapstekey_create_sub_key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_32key"
- priority="4000"
- mode="M812">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_create_sub_key" priority="4000" mode="M812">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M812"/>
@@ -20432,21 +21899,21 @@
<xsl:apply-templates select="@*|node()" mode="M812"/>
</xsl:template>
- <!--PATTERN rer53stekey_wow64_res-->
+ <!--PATTERN rapstekey_enumerate_sub_keys-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_res"
- priority="4000"
- mode="M813">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_enumerate_sub_keys" priority="4000" mode="M813">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M813"/>
@@ -20456,36 +21923,21 @@
<xsl:apply-templates select="@*|node()" mode="M813"/>
</xsl:template>
- <!--PATTERN rertst-->
+ <!--PATTERN rapstekey_notify-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_test/win-def:object" priority="4000"
- mode="M814">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyeffectiverights_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a regkeyeffectiverights_test must reference a regkeyeffectiverights_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M814"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_notify" priority="4000" mode="M814">
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_test/win-def:state" priority="3999"
- mode="M814">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyeffectiverights_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a regkeyeffectiverights_test must reference a regkeyeffectiverights_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_notify entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M814"/>
@@ -20495,20 +21947,21 @@
<xsl:apply-templates select="@*|node()" mode="M814"/>
</xsl:template>
- <!--PATTERN rerobjhive-->
+ <!--PATTERN rapstekey_create_link-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_object/win-def:hive" priority="4000"
- mode="M815">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_create_link" priority="4000" mode="M815">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M815"/>
@@ -20518,20 +21971,21 @@
<xsl:apply-templates select="@*|node()" mode="M815"/>
</xsl:template>
- <!--PATTERN rerobjkey-->
+ <!--PATTERN rapstekey_wow64_64key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_object/win-def:key" priority="4000"
- mode="M816">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_64key" priority="4000" mode="M816">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M816"/>
@@ -20541,21 +21995,21 @@
<xsl:apply-templates select="@*|node()" mode="M816"/>
</xsl:template>
- <!--PATTERN rerobjtrustee_name-->
+ <!--PATTERN rapstekey_wow64_32key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_object/win-def:trustee_name"
- priority="4000"
- mode="M817">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_32key" priority="4000" mode="M817">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M817"/>
@@ -20565,20 +22019,21 @@
<xsl:apply-templates select="@*|node()" mode="M817"/>
</xsl:template>
- <!--PATTERN rerstehive-->
+ <!--PATTERN rapstekey_wow64_res-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:hive" priority="4000"
- mode="M818">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyauditedpermissions_state/win-def:key_wow64_res" priority="4000" mode="M818">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyauditedpermissions_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M818"/>
@@ -20588,44 +22043,62 @@
<xsl:apply-templates select="@*|node()" mode="M818"/>
</xsl:template>
- <!--PATTERN rerstekey-->
+ <!--PATTERN rer53tst-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key" priority="4000"
- mode="M819">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_test/win-def:object" priority="4000" mode="M819">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyeffectiverights53_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M819"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:regkeyeffectiverights53_test/win-def:state" priority="3999" mode="M819">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyeffectiverights53_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M819"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M819"/>
<xsl:template match="@*|node()" priority="-2" mode="M819">
<xsl:apply-templates select="@*|node()" mode="M819"/>
</xsl:template>
- <!--PATTERN rerstetrustee_name-->
+ <!--PATTERN rer53objhive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:trustee_name"
- priority="4000"
- mode="M820">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_object/win-def:hive" priority="4000" mode="M820">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M820"/>
@@ -20635,21 +22108,21 @@
<xsl:apply-templates select="@*|node()" mode="M820"/>
</xsl:template>
- <!--PATTERN rerstestandard_delete-->
+ <!--PATTERN rer53objkey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_delete"
- priority="4000"
- mode="M821">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_object/win-def:key" priority="4000" mode="M821">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M821"/>
@@ -20659,21 +22132,21 @@
<xsl:apply-templates select="@*|node()" mode="M821"/>
</xsl:template>
- <!--PATTERN rerstestandard_read_control-->
+ <!--PATTERN rer53objtrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_read_control"
- priority="4000"
- mode="M822">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_object/win-def:trustee_sid" priority="4000" mode="M822">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyeffectiverights53_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M822"/>
@@ -20683,21 +22156,21 @@
<xsl:apply-templates select="@*|node()" mode="M822"/>
</xsl:template>
- <!--PATTERN rerstestandard_write_dac-->
+ <!--PATTERN rer53stehive-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_write_dac"
- priority="4000"
- mode="M823">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:hive" priority="4000" mode="M823">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M823"/>
@@ -20707,21 +22180,21 @@
<xsl:apply-templates select="@*|node()" mode="M823"/>
</xsl:template>
- <!--PATTERN rerstestandard_write_owner-->
+ <!--PATTERN rer53stekey-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_write_owner"
- priority="4000"
- mode="M824">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key" priority="4000" mode="M824">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M824"/>
@@ -20731,21 +22204,21 @@
<xsl:apply-templates select="@*|node()" mode="M824"/>
</xsl:template>
- <!--PATTERN rerstestandard_synchronize-->
+ <!--PATTERN rer53stetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_synchronize"
- priority="4000"
- mode="M825">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:trustee_sid" priority="4000" mode="M825">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a regkeyeffectiverights53_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M825"/>
@@ -20755,21 +22228,21 @@
<xsl:apply-templates select="@*|node()" mode="M825"/>
</xsl:template>
- <!--PATTERN rersteaccess_system_security-->
+ <!--PATTERN rer53stestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:access_system_security"
- priority="4000"
- mode="M826">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_delete" priority="4000" mode="M826">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M826"/>
@@ -20779,21 +22252,21 @@
<xsl:apply-templates select="@*|node()" mode="M826"/>
</xsl:template>
- <!--PATTERN rerstegeneric_read-->
+ <!--PATTERN rer53stestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_read"
- priority="4000"
- mode="M827">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_read_control" priority="4000" mode="M827">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_read entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M827"/>
@@ -20803,21 +22276,21 @@
<xsl:apply-templates select="@*|node()" mode="M827"/>
</xsl:template>
- <!--PATTERN rerstegeneric_write-->
+ <!--PATTERN rer53stestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_write"
- priority="4000"
- mode="M828">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_write_dac" priority="4000" mode="M828">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_write entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M828"/>
@@ -20827,21 +22300,21 @@
<xsl:apply-templates select="@*|node()" mode="M828"/>
</xsl:template>
- <!--PATTERN rerstegeneric_execute-->
+ <!--PATTERN rer53stestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_execute"
- priority="4000"
- mode="M829">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_write_owner" priority="4000" mode="M829">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M829"/>
@@ -20851,20 +22324,21 @@
<xsl:apply-templates select="@*|node()" mode="M829"/>
</xsl:template>
- <!--PATTERN rerstegeneric_all-->
+ <!--PATTERN rer53stestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_all" priority="4000"
- mode="M830">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:standard_synchronize" priority="4000" mode="M830">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the generic_all entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M830"/>
@@ -20874,21 +22348,21 @@
<xsl:apply-templates select="@*|node()" mode="M830"/>
</xsl:template>
- <!--PATTERN rerstekey_query_value-->
+ <!--PATTERN rer53steaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_query_value"
- priority="4000"
- mode="M831">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:access_system_security" priority="4000" mode="M831">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M831"/>
@@ -20898,21 +22372,21 @@
<xsl:apply-templates select="@*|node()" mode="M831"/>
</xsl:template>
- <!--PATTERN rerstekey_set_value-->
+ <!--PATTERN rer53stegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_set_value"
- priority="4000"
- mode="M832">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_read" priority="4000" mode="M832">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M832"/>
@@ -20922,21 +22396,21 @@
<xsl:apply-templates select="@*|node()" mode="M832"/>
</xsl:template>
- <!--PATTERN rerstekey_create_sub_key-->
+ <!--PATTERN rer53stegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_create_sub_key"
- priority="4000"
- mode="M833">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_write" priority="4000" mode="M833">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M833"/>
@@ -20946,21 +22420,21 @@
<xsl:apply-templates select="@*|node()" mode="M833"/>
</xsl:template>
- <!--PATTERN rerstekey_enumerate_sub_keys-->
+ <!--PATTERN rer53stegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_enumerate_sub_keys"
- priority="4000"
- mode="M834">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_execute" priority="4000" mode="M834">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M834"/>
@@ -20970,20 +22444,21 @@
<xsl:apply-templates select="@*|node()" mode="M834"/>
</xsl:template>
- <!--PATTERN rerstekey_notify-->
+ <!--PATTERN rer53stegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_notify" priority="4000"
- mode="M835">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:generic_all" priority="4000" mode="M835">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_notify entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M835"/>
@@ -20993,21 +22468,21 @@
<xsl:apply-templates select="@*|node()" mode="M835"/>
</xsl:template>
- <!--PATTERN rerstekey_create_link-->
+ <!--PATTERN rer53stekey_query_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_create_link"
- priority="4000"
- mode="M836">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_query_value" priority="4000" mode="M836">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M836"/>
@@ -21017,21 +22492,21 @@
<xsl:apply-templates select="@*|node()" mode="M836"/>
</xsl:template>
- <!--PATTERN rerstekey_wow64_64key-->
+ <!--PATTERN rer53stekey_set_value-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_64key"
- priority="4000"
- mode="M837">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_set_value" priority="4000" mode="M837">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M837"/>
@@ -21041,21 +22516,21 @@
<xsl:apply-templates select="@*|node()" mode="M837"/>
</xsl:template>
- <!--PATTERN rerstekey_wow64_32key-->
+ <!--PATTERN rer53stekey_create_sub_key-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_32key"
- priority="4000"
- mode="M838">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_create_sub_key" priority="4000" mode="M838">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M838"/>
@@ -21065,21 +22540,21 @@
<xsl:apply-templates select="@*|node()" mode="M838"/>
</xsl:template>
- <!--PATTERN rerstekey_wow64_res-->
+ <!--PATTERN rer53stekey_enumerate_sub_keys-->
- <!--RULE -->
-<xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_res"
- priority="4000"
- mode="M839">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_enumerate_sub_keys" priority="4000" mode="M839">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M839"/>
@@ -21089,34 +22564,21 @@
<xsl:apply-templates select="@*|node()" mode="M839"/>
</xsl:template>
- <!--PATTERN srtst-->
+ <!--PATTERN rer53stekey_notify-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_test/win-def:object" priority="4000" mode="M840">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sharedresource_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a sharedresource_test must reference a sharedresource_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M840"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_notify" priority="4000" mode="M840">
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_test/win-def:state" priority="3999" mode="M840">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sharedresource_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a sharedresource_test must reference a sharedresource_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_notify entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M840"/>
@@ -21126,20 +22588,21 @@
<xsl:apply-templates select="@*|node()" mode="M840"/>
</xsl:template>
- <!--PATTERN srobjnetname-->
+ <!--PATTERN rer53stekey_create_link-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_object/win-def:netname" priority="4000"
- mode="M841">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_create_link" priority="4000" mode="M841">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the netname entity of a sharedresource_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M841"/>
@@ -21149,20 +22612,21 @@
<xsl:apply-templates select="@*|node()" mode="M841"/>
</xsl:template>
- <!--PATTERN srstenetname-->
+ <!--PATTERN rer53stekey_wow64_64key-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:netname" priority="4000"
- mode="M842">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_64key" priority="4000" mode="M842">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the netname entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M842"/>
@@ -21172,20 +22636,21 @@
<xsl:apply-templates select="@*|node()" mode="M842"/>
</xsl:template>
- <!--PATTERN srsteshared_type-->
+ <!--PATTERN rer53stekey_wow64_32key-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:shared_type" priority="4000"
- mode="M843">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_32key" priority="4000" mode="M843">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the shared_type entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M843"/>
@@ -21195,20 +22660,21 @@
<xsl:apply-templates select="@*|node()" mode="M843"/>
</xsl:template>
- <!--PATTERN srstemax_uses-->
+ <!--PATTERN rer53stekey_wow64_res-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:max_uses" priority="4000"
- mode="M844">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:regkeyeffectiverights53_state/win-def:key_wow64_res" priority="4000" mode="M844">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the max_uses entity of a sharedresource_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyeffectiverights53_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M844"/>
@@ -21218,43 +22684,62 @@
<xsl:apply-templates select="@*|node()" mode="M844"/>
</xsl:template>
- <!--PATTERN srstecurrent_uses-->
+ <!--PATTERN rertst-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:current_uses" priority="4000"
- mode="M845">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_test/win-def:object" priority="4000" mode="M845">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyeffectiverights_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the current_uses entity of a sharedresource_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a regkeyeffectiverights_test must reference a regkeyeffectiverights_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M845"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:regkeyeffectiverights_test/win-def:state" priority="3999" mode="M845">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyeffectiverights_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a regkeyeffectiverights_test must reference a regkeyeffectiverights_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M845"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M845"/>
<xsl:template match="@*|node()" priority="-2" mode="M845">
<xsl:apply-templates select="@*|node()" mode="M845"/>
</xsl:template>
- <!--PATTERN srstelocal_path-->
+ <!--PATTERN rerobjhive-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:local_path" priority="4000"
- mode="M846">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights_object/win-def:hive" priority="4000" mode="M846">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the local_path entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M846"/>
@@ -21264,21 +22749,21 @@
<xsl:apply-templates select="@*|node()" mode="M846"/>
</xsl:template>
- <!--PATTERN srsteaccess_read_permission-->
+ <!--PATTERN rerobjkey-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_read_permission"
- priority="4000"
- mode="M847">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_object/win-def:key" priority="4000" mode="M847">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_read_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M847"/>
@@ -21288,21 +22773,21 @@
<xsl:apply-templates select="@*|node()" mode="M847"/>
</xsl:template>
- <!--PATTERN srsteaccess_write_permission-->
+ <!--PATTERN rerobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_write_permission"
- priority="4000"
- mode="M848">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_object/win-def:trustee_name" priority="4000" mode="M848">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_write_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M848"/>
@@ -21312,21 +22797,21 @@
<xsl:apply-templates select="@*|node()" mode="M848"/>
</xsl:template>
- <!--PATTERN srsteaccess_create_permission-->
+ <!--PATTERN rerstehive-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_create_permission"
- priority="4000"
- mode="M849">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:hive" priority="4000" mode="M849">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_create_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the hive entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M849"/>
@@ -21336,21 +22821,21 @@
<xsl:apply-templates select="@*|node()" mode="M849"/>
</xsl:template>
- <!--PATTERN srsteaccess_exec_permission-->
+ <!--PATTERN rerstekey-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_exec_permission"
- priority="4000"
- mode="M850">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key" priority="4000" mode="M850">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_exec_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M850"/>
@@ -21360,21 +22845,21 @@
<xsl:apply-templates select="@*|node()" mode="M850"/>
</xsl:template>
- <!--PATTERN srsteaccess_delete_permission-->
+ <!--PATTERN rerstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_delete_permission"
- priority="4000"
- mode="M851">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:trustee_name" priority="4000" mode="M851">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_delete_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M851"/>
@@ -21384,21 +22869,21 @@
<xsl:apply-templates select="@*|node()" mode="M851"/>
</xsl:template>
- <!--PATTERN srsteaccess_atrib_permission-->
+ <!--PATTERN rerstestandard_delete-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_atrib_permission"
- priority="4000"
- mode="M852">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_delete" priority="4000" mode="M852">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_atrib_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_delete entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M852"/>
@@ -21408,21 +22893,21 @@
<xsl:apply-templates select="@*|node()" mode="M852"/>
</xsl:template>
- <!--PATTERN srsteaccess_perm_permission-->
+ <!--PATTERN rerstestandard_read_control-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_perm_permission"
- priority="4000"
- mode="M853">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_read_control" priority="4000" mode="M853">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_perm_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_read_control entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M853"/>
@@ -21432,21 +22917,21 @@
<xsl:apply-templates select="@*|node()" mode="M853"/>
</xsl:template>
- <!--PATTERN srsteaccess_all_permission-->
+ <!--PATTERN rerstestandard_write_dac-->
- <!--RULE -->
-<xsl:template match="win-def:sharedresource_state/win-def:access_all_permission"
- priority="4000"
- mode="M854">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='bool'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_write_dac" priority="4000" mode="M854">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the access_all_permission entity of a sharedresource_state should be 'bool'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_dac entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M854"/>
@@ -21456,34 +22941,21 @@
<xsl:apply-templates select="@*|node()" mode="M854"/>
</xsl:template>
- <!--PATTERN sidtst-->
+ <!--PATTERN rerstestandard_write_owner-->
- <!--RULE -->
-<xsl:template match="win-def:sid_test/win-def:object" priority="4000" mode="M855">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sid_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a sid_test must reference a sid_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M855"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_write_owner" priority="4000" mode="M855">
- <!--RULE -->
-<xsl:template match="win-def:sid_test/win-def:state" priority="3999" mode="M855">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sid_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a sid_test must reference a sid_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_write_owner entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M855"/>
@@ -21493,19 +22965,21 @@
<xsl:apply-templates select="@*|node()" mode="M855"/>
</xsl:template>
- <!--PATTERN sidobjtrustee_name-->
+ <!--PATTERN rerstestandard_synchronize-->
- <!--RULE -->
-<xsl:template match="win-def:sid_object/win-def:trustee_name" priority="4000" mode="M856">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:standard_synchronize" priority="4000" mode="M856">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a sid_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the standard_synchronize entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M856"/>
@@ -21515,19 +22989,21 @@
<xsl:apply-templates select="@*|node()" mode="M856"/>
</xsl:template>
- <!--PATTERN sidstetrustee_name-->
+ <!--PATTERN rersteaccess_system_security-->
- <!--RULE -->
-<xsl:template match="win-def:sid_state/win-def:trustee_name" priority="4000" mode="M857">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:access_system_security" priority="4000" mode="M857">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_system_security entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M857"/>
@@ -21537,19 +23013,21 @@
<xsl:apply-templates select="@*|node()" mode="M857"/>
</xsl:template>
- <!--PATTERN sidstetrustee_sid-->
+ <!--PATTERN rerstegeneric_read-->
- <!--RULE -->
-<xsl:template match="win-def:sid_state/win-def:trustee_sid" priority="4000" mode="M858">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_read" priority="4000" mode="M858">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_read entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M858"/>
@@ -21559,19 +23037,21 @@
<xsl:apply-templates select="@*|node()" mode="M858"/>
</xsl:template>
- <!--PATTERN sidstetrustee_domain-->
+ <!--PATTERN rerstegeneric_write-->
- <!--RULE -->
-<xsl:template match="win-def:sid_state/win-def:trustee_domain" priority="4000" mode="M859">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_write" priority="4000" mode="M859">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_domain entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_write entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M859"/>
@@ -21581,34 +23061,21 @@
<xsl:apply-templates select="@*|node()" mode="M859"/>
</xsl:template>
- <!--PATTERN sidsidtst-->
+ <!--PATTERN rerstegeneric_execute-->
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_test/win-def:object" priority="4000" mode="M860">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sid_sid_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a sid_sid_test must reference a sid_sid_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M860"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_execute" priority="4000" mode="M860">
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_test/win-def:state" priority="3999" mode="M860">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sid_sid_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a sid_sid_test must reference a sid_sid_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_execute entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M860"/>
@@ -21618,19 +23085,21 @@
<xsl:apply-templates select="@*|node()" mode="M860"/>
</xsl:template>
- <!--PATTERN sidsidobjtrustee_name-->
+ <!--PATTERN rerstegeneric_all-->
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_object/win-def:trustee_sid" priority="4000" mode="M861">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:generic_all" priority="4000" mode="M861">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_sid_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the generic_all entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M861"/>
@@ -21640,19 +23109,21 @@
<xsl:apply-templates select="@*|node()" mode="M861"/>
</xsl:template>
- <!--PATTERN sidsidstetrustee_sid-->
+ <!--PATTERN rerstekey_query_value-->
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_state/win-def:trustee_sid" priority="4000" mode="M862">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_query_value" priority="4000" mode="M862">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_query_value entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M862"/>
@@ -21662,19 +23133,21 @@
<xsl:apply-templates select="@*|node()" mode="M862"/>
</xsl:template>
- <!--PATTERN sidsidstetrustee_name-->
+ <!--PATTERN rerstekey_set_value-->
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_state/win-def:trustee_name" priority="4000" mode="M863">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_set_value" priority="4000" mode="M863">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_name entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_set_value entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M863"/>
@@ -21684,20 +23157,21 @@
<xsl:apply-templates select="@*|node()" mode="M863"/>
</xsl:template>
- <!--PATTERN sidsidstetrustee_domain-->
+ <!--PATTERN rerstekey_create_sub_key-->
- <!--RULE -->
-<xsl:template match="win-def:sid_sid_state/win-def:trustee_domain" priority="4000"
- mode="M864">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_create_sub_key" priority="4000" mode="M864">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the trustee_domain entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_sub_key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M864"/>
@@ -21707,34 +23181,21 @@
<xsl:apply-templates select="@*|node()" mode="M864"/>
</xsl:template>
- <!--PATTERN uactst-->
+ <!--PATTERN rerstekey_enumerate_sub_keys-->
- <!--RULE -->
-<xsl:template match="win-def:uac_test/win-def:object" priority="4000" mode="M865">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:uac_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a uac_test must reference a uac_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M865"/>
- </xsl:template>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_enumerate_sub_keys" priority="4000" mode="M865">
- <!--RULE -->
-<xsl:template match="win-def:uac_test/win-def:state" priority="3999" mode="M865">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:uac_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a uac_test must reference a uac_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_enumerate_sub_keys entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M865"/>
@@ -21744,20 +23205,21 @@
<xsl:apply-templates select="@*|node()" mode="M865"/>
</xsl:template>
- <!--PATTERN uacsteadminapprovalmode-->
+ <!--PATTERN rerstekey_notify-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:admin_approval_mode" priority="4000"
- mode="M866">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_notify" priority="4000" mode="M866">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the admin_approval_mode entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_notify entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M866"/>
@@ -21767,20 +23229,21 @@
<xsl:apply-templates select="@*|node()" mode="M866"/>
</xsl:template>
- <!--PATTERN uacstebehaviorelevationadmin-->
+ <!--PATTERN rerstekey_create_link-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:elevation_prompt_admin" priority="4000"
- mode="M867">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_create_link" priority="4000" mode="M867">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the elevation_prompt_admin entity of a uac_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_create_link entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M867"/>
@@ -21790,20 +23253,21 @@
<xsl:apply-templates select="@*|node()" mode="M867"/>
</xsl:template>
- <!--PATTERN uacsteelevationpromptstandard-->
+ <!--PATTERN rerstekey_wow64_64key-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:elevation_prompt_standard" priority="4000"
- mode="M868">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_64key" priority="4000" mode="M868">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the elevation_prompt_standard entity of a uac_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_64key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M868"/>
@@ -21813,20 +23277,21 @@
<xsl:apply-templates select="@*|node()" mode="M868"/>
</xsl:template>
- <!--PATTERN uacstedetectinstallations-->
+ <!--PATTERN rerstekey_wow64_32key-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:detect_installations" priority="4000"
- mode="M869">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_32key" priority="4000" mode="M869">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the detect_installations entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_32key entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M869"/>
@@ -21836,20 +23301,21 @@
<xsl:apply-templates select="@*|node()" mode="M869"/>
</xsl:template>
- <!--PATTERN uacsteelevatesignedexecutables-->
+ <!--PATTERN rerstekey_wow64_res-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:elevate_signed_executables" priority="4000"
- mode="M870">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:regkeyeffectiverights_state/win-def:key_wow64_res" priority="4000" mode="M870">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the elevate_signed_executables entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the key_wow64_res entity of a regkeyeffectiverights_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M870"/>
@@ -21859,41 +23325,62 @@
<xsl:apply-templates select="@*|node()" mode="M870"/>
</xsl:template>
- <!--PATTERN uacsteelevateuiaccess-->
+ <!--PATTERN srtst-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:elevate_uiaccess" priority="4000" mode="M871">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sharedresource_test/win-def:object" priority="4000" mode="M871">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sharedresource_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the elevate_uiaccess entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a sharedresource_test must reference a sharedresource_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M871"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:sharedresource_test/win-def:state" priority="3999" mode="M871">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sharedresource_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a sharedresource_test must reference a sharedresource_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M871"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M871"/>
<xsl:template match="@*|node()" priority="-2" mode="M871">
<xsl:apply-templates select="@*|node()" mode="M871"/>
</xsl:template>
- <!--PATTERN uacsterunadminsaam-->
+ <!--PATTERN srobjnetname-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:run_admins_aam" priority="4000" mode="M872">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sharedresource_object/win-def:netname" priority="4000" mode="M872">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the run_admins_aam entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the netname entity of a sharedresource_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M872"/>
@@ -21903,19 +23390,21 @@
<xsl:apply-templates select="@*|node()" mode="M872"/>
</xsl:template>
- <!--PATTERN uacstesecuredesktop-->
+ <!--PATTERN srstenetname-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:secure_desktop" priority="4000" mode="M873">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:netname" priority="4000" mode="M873">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the secure_desktop entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the netname entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M873"/>
@@ -21925,20 +23414,21 @@
<xsl:apply-templates select="@*|node()" mode="M873"/>
</xsl:template>
- <!--PATTERN uacstevirtualizewritefailures-->
+ <!--PATTERN srsteshared_type-->
- <!--RULE -->
-<xsl:template match="win-def:uac_state/win-def:virtualize_write_failures" priority="4000"
- mode="M874">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:shared_type" priority="4000" mode="M874">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the virtualize_write_failures entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the shared_type entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M874"/>
@@ -21948,34 +23438,21 @@
<xsl:apply-templates select="@*|node()" mode="M874"/>
</xsl:template>
- <!--PATTERN usertst-->
+ <!--PATTERN srstemax_uses-->
- <!--RULE -->
-<xsl:template match="win-def:user_test/win-def:object" priority="4000" mode="M875">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a user_test must reference a user_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M875"/>
- </xsl:template>
+ <xsl:template match="win-def:sharedresource_state/win-def:max_uses" priority="4000" mode="M875">
- <!--RULE -->
-<xsl:template match="win-def:user_test/win-def:state" priority="3999" mode="M875">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a user_test must reference a user_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the max_uses entity of a sharedresource_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M875"/>
@@ -21985,19 +23462,21 @@
<xsl:apply-templates select="@*|node()" mode="M875"/>
</xsl:template>
- <!--PATTERN userobjuser-->
+ <!--PATTERN srstecurrent_uses-->
- <!--RULE -->
-<xsl:template match="win-def:user_object/win-def:user" priority="4000" mode="M876">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:current_uses" priority="4000" mode="M876">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user entity of a user_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the current_uses entity of a sharedresource_state should be 'int'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M876"/>
@@ -22007,19 +23486,21 @@
<xsl:apply-templates select="@*|node()" mode="M876"/>
</xsl:template>
- <!--PATTERN usersteuser-->
+ <!--PATTERN srstelocal_path-->
- <!--RULE -->
-<xsl:template match="win-def:user_state/win-def:user" priority="4000" mode="M877">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sharedresource_state/win-def:local_path" priority="4000" mode="M877">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user entity of a user_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the local_path entity of a sharedresource_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M877"/>
@@ -22029,19 +23510,21 @@
<xsl:apply-templates select="@*|node()" mode="M877"/>
</xsl:template>
- <!--PATTERN usersteenabled-->
+ <!--PATTERN srsteaccess_read_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_state/win-def:enabled" priority="4000" mode="M878">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_read_permission" priority="4000" mode="M878">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the enabled entity of a user_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_read_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M878"/>
@@ -22051,19 +23534,21 @@
<xsl:apply-templates select="@*|node()" mode="M878"/>
</xsl:template>
- <!--PATTERN userstegroup-->
+ <!--PATTERN srsteaccess_write_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_state/win-def:group" priority="4000" mode="M879">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_write_permission" priority="4000" mode="M879">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group entity of a user_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_write_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M879"/>
@@ -22073,34 +23558,21 @@
<xsl:apply-templates select="@*|node()" mode="M879"/>
</xsl:template>
- <!--PATTERN usersidtst-->
+ <!--PATTERN srsteaccess_create_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_sid_test/win-def:object" priority="4000" mode="M880">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_sid_object/@id"/>
- <xsl:otherwise>
- <xsl:text/>
- <xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a user_sid_test must reference a user_sid_object<xsl:value-of select="string('
')"/>
- </xsl:otherwise>
- </xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M880"/>
- </xsl:template>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_create_permission" priority="4000" mode="M880">
- <!--RULE -->
-<xsl:template match="win-def:user_sid_test/win-def:state" priority="3999" mode="M880">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_sid_state/@id"/>
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a user_sid_test must reference a user_sid_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_create_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M880"/>
@@ -22110,19 +23582,21 @@
<xsl:apply-templates select="@*|node()" mode="M880"/>
</xsl:template>
- <!--PATTERN usersidobjuser-->
+ <!--PATTERN srsteaccess_exec_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_sid_object/win-def:user_sid" priority="4000" mode="M881">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_exec_permission" priority="4000" mode="M881">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_sid entity of a user_sid_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_exec_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M881"/>
@@ -22132,19 +23606,21 @@
<xsl:apply-templates select="@*|node()" mode="M881"/>
</xsl:template>
- <!--PATTERN usersidsteuser-->
+ <!--PATTERN srsteaccess_delete_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_sid_state/win-def:user_sid" priority="4000" mode="M882">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_delete_permission" priority="4000" mode="M882">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the user_sid entity of a user_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_delete_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M882"/>
@@ -22154,19 +23630,21 @@
<xsl:apply-templates select="@*|node()" mode="M882"/>
</xsl:template>
- <!--PATTERN usersidsteenabled-->
+ <!--PATTERN srsteaccess_atrib_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_sid_state/win-def:enabled" priority="4000" mode="M883">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_atrib_permission" priority="4000" mode="M883">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the enabled entity of a user_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_atrib_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M883"/>
@@ -22176,19 +23654,21 @@
<xsl:apply-templates select="@*|node()" mode="M883"/>
</xsl:template>
- <!--PATTERN usersidstegroup-->
+ <!--PATTERN srsteaccess_perm_permission-->
- <!--RULE -->
-<xsl:template match="win-def:user_sid_state/win-def:group_sid" priority="4000" mode="M884">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_perm_permission" priority="4000" mode="M884">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the group_sid entity of a user_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_perm_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M884"/>
@@ -22198,56 +23678,62 @@
<xsl:apply-templates select="@*|node()" mode="M884"/>
</xsl:template>
- <!--PATTERN volumetst-->
+ <!--PATTERN srsteaccess_all_permission-->
- <!--RULE -->
-<xsl:template match="win-def:volume_test/win-def:object" priority="4000" mode="M885">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:volume_object/@id"/>
+ <xsl:template match="win-def:sharedresource_state/win-def:access_all_permission" priority="4000" mode="M885">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a volume_test must reference a volume_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the access_all_permission entity of a sharedresource_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M885"/>
</xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M885"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M885">
+ <xsl:apply-templates select="@*|node()" mode="M885"/>
+ </xsl:template>
- <!--RULE -->
-<xsl:template match="win-def:volume_test/win-def:state" priority="3999" mode="M885">
+ <!--PATTERN sidtst-->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:volume_state/@id"/>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:sid_test/win-def:object" priority="4000" mode="M886">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sid_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a volume_test must reference a volume_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a sid_test must reference a sid_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
- <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M885"/>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M886"/>
</xsl:template>
- <xsl:template match="text()" priority="-1" mode="M885"/>
- <xsl:template match="@*|node()" priority="-2" mode="M885">
- <xsl:apply-templates select="@*|node()" mode="M885"/>
- </xsl:template>
- <!--PATTERN volobjrootpath-->
+ <!--RULE -->
+ <xsl:template match="win-def:sid_test/win-def:state" priority="3999" mode="M886">
- <!--RULE -->
-<xsl:template match="win-def:volume_object/win-def:rootpath" priority="4000" mode="M886">
+ <!--ASSERT -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sid_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the rootpath entity of a volume_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a sid_test must reference a sid_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M886"/>
@@ -22257,19 +23743,21 @@
<xsl:apply-templates select="@*|node()" mode="M886"/>
</xsl:template>
- <!--PATTERN volumesterootpath-->
+ <!--PATTERN sidobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:rootpath" priority="4000" mode="M887">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sid_object/win-def:trustee_name" priority="4000" mode="M887">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the rootpath entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a sid_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M887"/>
@@ -22279,19 +23767,21 @@
<xsl:apply-templates select="@*|node()" mode="M887"/>
</xsl:template>
- <!--PATTERN volumestefile_system-->
+ <!--PATTERN sidstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_system" priority="4000" mode="M888">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sid_state/win-def:trustee_name" priority="4000" mode="M888">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_system entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M888"/>
@@ -22301,19 +23791,21 @@
<xsl:apply-templates select="@*|node()" mode="M888"/>
</xsl:template>
- <!--PATTERN volumestename-->
+ <!--PATTERN sidstetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:name" priority="4000" mode="M889">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:sid_state/win-def:trustee_sid" priority="4000" mode="M889">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the name entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M889"/>
@@ -22323,21 +23815,21 @@
<xsl:apply-templates select="@*|node()" mode="M889"/>
</xsl:template>
- <!--PATTERN volstevolume_max_component_length-->
+ <!--PATTERN sidstetrustee_domain-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:volume_max_component_length"
- priority="4000"
- mode="M890">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:sid_state/win-def:trustee_domain" priority="4000" mode="M890">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the volume_max_component_length entity of a volume_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_domain entity of a sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M890"/>
@@ -22347,42 +23839,62 @@
<xsl:apply-templates select="@*|node()" mode="M890"/>
</xsl:template>
- <!--PATTERN volsteserial_number-->
+ <!--PATTERN sidsidtst-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:serial_number" priority="4000" mode="M891">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='int'"/>
+ <xsl:template match="win-def:sid_sid_test/win-def:object" priority="4000" mode="M891">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:sid_sid_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the serial_number entity of a volume_state should be 'int'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a sid_sid_test must reference a sid_sid_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M891"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:sid_sid_test/win-def:state" priority="3999" mode="M891">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:sid_sid_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a sid_sid_test must reference a sid_sid_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M891"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M891"/>
<xsl:template match="@*|node()" priority="-2" mode="M891">
<xsl:apply-templates select="@*|node()" mode="M891"/>
</xsl:template>
- <!--PATTERN volstefile_case_sensitive_search-->
+ <!--PATTERN sidsidobjtrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_case_sensitive_search" priority="4000"
- mode="M892">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sid_sid_object/win-def:trustee_sid" priority="4000" mode="M892">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_case_sensitive_search entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_sid_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M892"/>
@@ -22392,20 +23904,21 @@
<xsl:apply-templates select="@*|node()" mode="M892"/>
</xsl:template>
- <!--PATTERN volstefile_case_preserved_names-->
+ <!--PATTERN sidsidstetrustee_sid-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_case_preserved_names" priority="4000"
- mode="M893">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sid_sid_state/win-def:trustee_sid" priority="4000" mode="M893">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_case_preserved_names entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_sid entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M893"/>
@@ -22415,20 +23928,21 @@
<xsl:apply-templates select="@*|node()" mode="M893"/>
</xsl:template>
- <!--PATTERN volstefile_unicode_on_disk-->
+ <!--PATTERN sidsidstetrustee_name-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_unicode_on_disk" priority="4000"
- mode="M894">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sid_sid_state/win-def:trustee_name" priority="4000" mode="M894">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_unicode_on_disk entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_name entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M894"/>
@@ -22438,20 +23952,21 @@
<xsl:apply-templates select="@*|node()" mode="M894"/>
</xsl:template>
- <!--PATTERN volstefile_persistent_acls-->
+ <!--PATTERN sidsidstetrustee_domain-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_persistent_acls" priority="4000"
- mode="M895">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:sid_sid_state/win-def:trustee_domain" priority="4000" mode="M895">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_persistent_acls entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the trustee_domain entity of a sid_sid_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M895"/>
@@ -22461,43 +23976,62 @@
<xsl:apply-templates select="@*|node()" mode="M895"/>
</xsl:template>
- <!--PATTERN volstefile_file_compression-->
+ <!--PATTERN uactst-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_file_compression" priority="4000"
- mode="M896">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:uac_test/win-def:object" priority="4000" mode="M896">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:uac_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_file_compression entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a uac_test must reference a uac_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M896"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:uac_test/win-def:state" priority="3999" mode="M896">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:uac_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a uac_test must reference a uac_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M896"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M896"/>
<xsl:template match="@*|node()" priority="-2" mode="M896">
<xsl:apply-templates select="@*|node()" mode="M896"/>
</xsl:template>
- <!--PATTERN volstefile_volume_quotas-->
+ <!--PATTERN uacsteadminapprovalmode-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_volume_quotas" priority="4000"
- mode="M897">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:admin_approval_mode" priority="4000" mode="M897">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_volume_quotas entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the admin_approval_mode entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M897"/>
@@ -22507,20 +24041,21 @@
<xsl:apply-templates select="@*|node()" mode="M897"/>
</xsl:template>
- <!--PATTERN volstefile_supports_sparse_files-->
+ <!--PATTERN uacstebehaviorelevationadmin-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_supports_sparse_files" priority="4000"
- mode="M898">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:uac_state/win-def:elevation_prompt_admin" priority="4000" mode="M898">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_supports_sparse_files entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the elevation_prompt_admin entity of a uac_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M898"/>
@@ -22530,21 +24065,21 @@
<xsl:apply-templates select="@*|node()" mode="M898"/>
</xsl:template>
- <!--PATTERN volstefile_supports_reparse_points-->
+ <!--PATTERN uacsteelevationpromptstandard-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_supports_reparse_points"
- priority="4000"
- mode="M899">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@datatype='boolean'"/>
+ <xsl:template match="win-def:uac_state/win-def:elevation_prompt_standard" priority="4000" mode="M899">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_supports_reparse_points entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the elevation_prompt_standard entity of a uac_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M899"/>
@@ -22554,21 +24089,21 @@
<xsl:apply-templates select="@*|node()" mode="M899"/>
</xsl:template>
- <!--PATTERN volstefile_supports_remote_storage-->
+ <!--PATTERN uacstedetectinstallations-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_supports_remote_storage"
- priority="4000"
- mode="M900">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:detect_installations" priority="4000" mode="M900">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_supports_remote_storage entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the detect_installations entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M900"/>
@@ -22578,20 +24113,21 @@
<xsl:apply-templates select="@*|node()" mode="M900"/>
</xsl:template>
- <!--PATTERN volstefile_volume_is_compressed-->
+ <!--PATTERN uacsteelevatesignedexecutables-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_volume_is_compressed" priority="4000"
- mode="M901">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:elevate_signed_executables" priority="4000" mode="M901">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_volume_is_compressed entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the elevate_signed_executables entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M901"/>
@@ -22601,20 +24137,21 @@
<xsl:apply-templates select="@*|node()" mode="M901"/>
</xsl:template>
- <!--PATTERN volstefile_supports_object_ids-->
+ <!--PATTERN uacsteelevateuiaccess-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_supports_object_ids" priority="4000"
- mode="M902">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:elevate_uiaccess" priority="4000" mode="M902">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_supports_object_ids entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the elevate_uiaccess entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M902"/>
@@ -22624,20 +24161,21 @@
<xsl:apply-templates select="@*|node()" mode="M902"/>
</xsl:template>
- <!--PATTERN volstefile_supports_encryption-->
+ <!--PATTERN uacsterunadminsaam-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_supports_encryption" priority="4000"
- mode="M903">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:run_admins_aam" priority="4000" mode="M903">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_supports_encryption entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the run_admins_aam entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M903"/>
@@ -22647,20 +24185,21 @@
<xsl:apply-templates select="@*|node()" mode="M903"/>
</xsl:template>
- <!--PATTERN volstefile_named_streams-->
+ <!--PATTERN uacstesecuredesktop-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_named_streams" priority="4000"
- mode="M904">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:secure_desktop" priority="4000" mode="M904">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_named_streams entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the secure_desktop entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M904"/>
@@ -22670,20 +24209,21 @@
<xsl:apply-templates select="@*|node()" mode="M904"/>
</xsl:template>
- <!--PATTERN volstefile_read_only_volume-->
+ <!--PATTERN uacstevirtualizewritefailures-->
- <!--RULE -->
-<xsl:template match="win-def:volume_state/win-def:file_read_only_volume" priority="4000"
- mode="M905">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:uac_state/win-def:virtualize_write_failures" priority="4000" mode="M905">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the file_read_only_volume entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the virtualize_write_failures entity of a uac_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M905"/>
@@ -22693,34 +24233,38 @@
<xsl:apply-templates select="@*|node()" mode="M905"/>
</xsl:template>
- <!--PATTERN wmitst-->
+ <!--PATTERN usertst-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_test/win-def:object" priority="4000" mode="M906">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:wmi_object/@id"/>
+ <xsl:template match="win-def:user_test/win-def:object" priority="4000" mode="M906">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the object child element of a wmi_test must reference a wmi_object<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a user_test must reference a user_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M906"/>
</xsl:template>
- <!--RULE -->
-<xsl:template match="win-def:wmi_test/win-def:state" priority="3999" mode="M906">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:wmi_state/@id"/>
+ <xsl:template match="win-def:user_test/win-def:state" priority="3999" mode="M906">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_state/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - the state child element of a wmi_test must reference a wmi_state<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the state child element of a user_test must reference a user_state<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M906"/>
@@ -22730,19 +24274,21 @@
<xsl:apply-templates select="@*|node()" mode="M906"/>
</xsl:template>
- <!--PATTERN wmiobjnamespace-->
+ <!--PATTERN userobjuser-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_object/win-def:namespace" priority="4000" mode="M907">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:user_object/win-def:user" priority="4000" mode="M907">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the namespace entity of a wmi_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user entity of a user_object should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M907"/>
@@ -22752,19 +24298,21 @@
<xsl:apply-templates select="@*|node()" mode="M907"/>
</xsl:template>
- <!--PATTERN wmiobjwql-->
+ <!--PATTERN usersteuser-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_object/win-def:wql" priority="4000" mode="M908">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:user_state/win-def:user" priority="4000" mode="M908">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the wql entity of a wmi_object should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the user entity of a user_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M908"/>
@@ -22774,19 +24322,21 @@
<xsl:apply-templates select="@*|node()" mode="M908"/>
</xsl:template>
- <!--PATTERN wmistenamespace-->
+ <!--PATTERN usersteenabled-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_state/win-def:namespace" priority="4000" mode="M909">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:template match="win-def:user_state/win-def:enabled" priority="4000" mode="M909">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the namespace entity of a wmi_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the enabled entity of a user_state should be 'boolean'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M909"/>
@@ -22796,19 +24346,21 @@
<xsl:apply-templates select="@*|node()" mode="M909"/>
</xsl:template>
- <!--PATTERN wmistewql-->
+ <!--PATTERN userstegroup-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_state/win-def:wql" priority="4000" mode="M910">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
+ <xsl:template match="win-def:user_state/win-def:group" priority="4000" mode="M910">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
<xsl:when test="not(@datatype) or @datatype='string'"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - datatype attribute for the wql entity of a wmi_state should be 'string'<xsl:value-of select="string('
')"/>
+ <xsl:text/> - datatype attribute for the group entity of a user_state should be 'string'<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M910"/>
@@ -22818,25 +24370,1105 @@
<xsl:apply-templates select="@*|node()" mode="M910"/>
</xsl:template>
- <!--PATTERN wmisteresult-->
+ <!--PATTERN usersid55tst-->
- <!--RULE -->
-<xsl:template match="win-def:wmi_state/win-def:result" priority="4000" mode="M911">
+ <!--RULE -->
- <!--ASSERT -->
-<xsl:choose>
- <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:template match="win-def:user_sid55_test/win-def:object" priority="4000" mode="M911">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_sid55_object/@id"/>
<xsl:otherwise>
- <xsl:text/>
+ <xsl:text/>
<xsl:value-of select="../@id"/>
- <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ <xsl:text/> - the object child element of a user_sid55_test must reference a user_sid55_object<xsl:value-of select="string('
')"/>
</xsl:otherwise>
</xsl:choose>
<xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M911"/>
</xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid55_test/win-def:state" priority="3999" mode="M911">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_sid55_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a user_sid55_test must reference a user_sid55_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M911"/>
+ </xsl:template>
<xsl:template match="text()" priority="-1" mode="M911"/>
<xsl:template match="@*|node()" priority="-2" mode="M911">
<xsl:apply-templates select="@*|node()" mode="M911"/>
</xsl:template>
-</xsl:stylesheet>
\ No newline at end of file
+
+ <!--PATTERN usersid55objuser-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid55_object/win-def:user_sid" priority="4000" mode="M912">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the user_sid entity of a user_sid55_object should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M912"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M912"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M912">
+ <xsl:apply-templates select="@*|node()" mode="M912"/>
+ </xsl:template>
+
+ <!--PATTERN usersid55steuser-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid55_state/win-def:user_sid" priority="4000" mode="M913">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the user_sid entity of a user_sid55_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M913"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M913"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M913">
+ <xsl:apply-templates select="@*|node()" mode="M913"/>
+ </xsl:template>
+
+ <!--PATTERN usersid55steenabled-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid55_state/win-def:enabled" priority="4000" mode="M914">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the enabled entity of a user_sid55_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M914"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M914"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M914">
+ <xsl:apply-templates select="@*|node()" mode="M914"/>
+ </xsl:template>
+
+ <!--PATTERN usersid55stegroup-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_55state/win-def:group_sid" priority="4000" mode="M915">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the group_sid entity of a user_sid55_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M915"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M915"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M915">
+ <xsl:apply-templates select="@*|node()" mode="M915"/>
+ </xsl:template>
+
+ <!--PATTERN usersidtst-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_test/win-def:object" priority="4000" mode="M916">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_sid_object/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the object child element of a user_sid_test must reference a user_sid_object<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M916"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_test/win-def:state" priority="3999" mode="M916">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_sid_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a user_sid_test must reference a user_sid_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M916"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M916"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M916">
+ <xsl:apply-templates select="@*|node()" mode="M916"/>
+ </xsl:template>
+
+ <!--PATTERN usersidobjuser-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_object/win-def:user_sid" priority="4000" mode="M917">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the user_sid entity of a user_sid_object should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M917"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M917"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M917">
+ <xsl:apply-templates select="@*|node()" mode="M917"/>
+ </xsl:template>
+
+ <!--PATTERN usersidsteuser-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_state/win-def:user_sid" priority="4000" mode="M918">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the user_sid entity of a user_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M918"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M918"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M918">
+ <xsl:apply-templates select="@*|node()" mode="M918"/>
+ </xsl:template>
+
+ <!--PATTERN usersidsteenabled-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_state/win-def:enabled" priority="4000" mode="M919">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the enabled entity of a user_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M919"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M919"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M919">
+ <xsl:apply-templates select="@*|node()" mode="M919"/>
+ </xsl:template>
+
+ <!--PATTERN usersidstegroup-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:user_sid_state/win-def:group_sid" priority="4000" mode="M920">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the group_sid entity of a user_sid_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M920"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M920"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M920">
+ <xsl:apply-templates select="@*|node()" mode="M920"/>
+ </xsl:template>
+
+ <!--PATTERN volumetst-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_test/win-def:object" priority="4000" mode="M921">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:volume_object/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the object child element of a volume_test must reference a volume_object<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M921"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_test/win-def:state" priority="3999" mode="M921">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:volume_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a volume_test must reference a volume_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M921"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M921"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M921">
+ <xsl:apply-templates select="@*|node()" mode="M921"/>
+ </xsl:template>
+
+ <!--PATTERN volobjrootpath-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_object/win-def:rootpath" priority="4000" mode="M922">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the rootpath entity of a volume_object should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M922"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M922"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M922">
+ <xsl:apply-templates select="@*|node()" mode="M922"/>
+ </xsl:template>
+
+ <!--PATTERN volumesterootpath-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:rootpath" priority="4000" mode="M923">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the rootpath entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M923"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M923"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M923">
+ <xsl:apply-templates select="@*|node()" mode="M923"/>
+ </xsl:template>
+
+ <!--PATTERN volumestefile_system-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_system" priority="4000" mode="M924">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_system entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M924"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M924"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M924">
+ <xsl:apply-templates select="@*|node()" mode="M924"/>
+ </xsl:template>
+
+ <!--PATTERN volumestename-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:name" priority="4000" mode="M925">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the name entity of a volume_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M925"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M925"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M925">
+ <xsl:apply-templates select="@*|node()" mode="M925"/>
+ </xsl:template>
+
+ <!--PATTERN volstevolume_max_component_length-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:volume_max_component_length" priority="4000" mode="M926">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the volume_max_component_length entity of a volume_state should be 'int'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M926"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M926"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M926">
+ <xsl:apply-templates select="@*|node()" mode="M926"/>
+ </xsl:template>
+
+ <!--PATTERN volsteserial_number-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:serial_number" priority="4000" mode="M927">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='int'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the serial_number entity of a volume_state should be 'int'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M927"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M927"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M927">
+ <xsl:apply-templates select="@*|node()" mode="M927"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_case_sensitive_search-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_case_sensitive_search" priority="4000" mode="M928">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_case_sensitive_search entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M928"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M928"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M928">
+ <xsl:apply-templates select="@*|node()" mode="M928"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_case_preserved_names-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_case_preserved_names" priority="4000" mode="M929">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_case_preserved_names entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M929"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M929"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M929">
+ <xsl:apply-templates select="@*|node()" mode="M929"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_unicode_on_disk-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_unicode_on_disk" priority="4000" mode="M930">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_unicode_on_disk entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M930"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M930"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M930">
+ <xsl:apply-templates select="@*|node()" mode="M930"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_persistent_acls-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_persistent_acls" priority="4000" mode="M931">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_persistent_acls entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M931"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M931"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M931">
+ <xsl:apply-templates select="@*|node()" mode="M931"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_file_compression-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_file_compression" priority="4000" mode="M932">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_file_compression entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M932"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M932"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M932">
+ <xsl:apply-templates select="@*|node()" mode="M932"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_volume_quotas-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_volume_quotas" priority="4000" mode="M933">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_volume_quotas entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M933"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M933"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M933">
+ <xsl:apply-templates select="@*|node()" mode="M933"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_supports_sparse_files-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_supports_sparse_files" priority="4000" mode="M934">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_supports_sparse_files entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M934"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M934"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M934">
+ <xsl:apply-templates select="@*|node()" mode="M934"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_supports_reparse_points-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_supports_reparse_points" priority="4000" mode="M935">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_supports_reparse_points entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M935"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M935"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M935">
+ <xsl:apply-templates select="@*|node()" mode="M935"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_supports_remote_storage-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_supports_remote_storage" priority="4000" mode="M936">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_supports_remote_storage entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M936"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M936"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M936">
+ <xsl:apply-templates select="@*|node()" mode="M936"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_volume_is_compressed-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_volume_is_compressed" priority="4000" mode="M937">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_volume_is_compressed entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M937"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M937"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M937">
+ <xsl:apply-templates select="@*|node()" mode="M937"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_supports_object_ids-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_supports_object_ids" priority="4000" mode="M938">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_supports_object_ids entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M938"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M938"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M938">
+ <xsl:apply-templates select="@*|node()" mode="M938"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_supports_encryption-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_supports_encryption" priority="4000" mode="M939">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_supports_encryption entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M939"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M939"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M939">
+ <xsl:apply-templates select="@*|node()" mode="M939"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_named_streams-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_named_streams" priority="4000" mode="M940">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_named_streams entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M940"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M940"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M940">
+ <xsl:apply-templates select="@*|node()" mode="M940"/>
+ </xsl:template>
+
+ <!--PATTERN volstefile_read_only_volume-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:volume_state/win-def:file_read_only_volume" priority="4000" mode="M941">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@datatype='boolean'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the file_read_only_volume entity of a volume_state should be 'boolean'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M941"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M941"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M941">
+ <xsl:apply-templates select="@*|node()" mode="M941"/>
+ </xsl:template>
+
+ <!--PATTERN wmitst-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_test/win-def:object" priority="4000" mode="M942">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:wmi_object/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the object child element of a wmi_test must reference a wmi_object<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M942"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_test/win-def:state" priority="3999" mode="M942">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:wmi_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a wmi_test must reference a wmi_state<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M942"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M942"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M942">
+ <xsl:apply-templates select="@*|node()" mode="M942"/>
+ </xsl:template>
+
+ <!--PATTERN wmiobjnamespace-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_object/win-def:namespace" priority="4000" mode="M943">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the namespace entity of a wmi_object should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the namespace entity of a wmi_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M943"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M943"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M943">
+ <xsl:apply-templates select="@*|node()" mode="M943"/>
+ </xsl:template>
+
+ <!--PATTERN wmiobjwql-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_object/win-def:wql" priority="4000" mode="M944">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the wql entity of a wmi_object should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the wql entity of a wmi_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M944"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M944"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M944">
+ <xsl:apply-templates select="@*|node()" mode="M944"/>
+ </xsl:template>
+
+ <!--PATTERN wmistenamespace-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_state/win-def:namespace" priority="4000" mode="M945">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the namespace entity of a wmi_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M945"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M945"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M945">
+ <xsl:apply-templates select="@*|node()" mode="M945"/>
+ </xsl:template>
+
+ <!--PATTERN wmistewql-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_state/win-def:wql" priority="4000" mode="M946">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the wql entity of a wmi_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M946"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M946"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M946">
+ <xsl:apply-templates select="@*|node()" mode="M946"/>
+ </xsl:template>
+
+ <!--PATTERN wmisteresult-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wmi_state/win-def:result" priority="4000" mode="M947">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="(@datatype='int' and (floor(.) = number(.))) or not(@datatype='int') or not(node())"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - The datatype has been set to 'int' but the value is not an integer.<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M947"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M947"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M947">
+ <xsl:apply-templates select="@*|node()" mode="M947"/>
+ </xsl:template>
+
+ <!--PATTERN wuaupdatesearchertst-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wuaupdatesearcher_test/win-def:object" priority="4000" mode="M948">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:wuasearch_object/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the object child element of a wuaupdatesearcher_test must reference a wuaupdatesearcher_object <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M948"/>
+ </xsl:template>
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wuaupdatesearcher_test/win-def:state" priority="3999" mode="M948">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:wuasearch_state/@id"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - the state child element of a wuaupdatesearcher_test must reference a wuaupdatesearcher_state <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M948"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M948"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M948">
+ <xsl:apply-templates select="@*|node()" mode="M948"/>
+ </xsl:template>
+
+ <!--PATTERN wuaupdatesearcherobjsearchcriteria-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wuaupdatesearcher_object/win-def:search_criteria" priority="4000" mode="M949">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the search_criteria entity of a wuaupdatesearcher_object should be 'string' <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@operation) or @operation='equals'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - operation attribute for the search_criteria entity of a wuaupdatesearcher_object should be 'equals' <xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M949"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M949"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M949">
+ <xsl:apply-templates select="@*|node()" mode="M949"/>
+ </xsl:template>
+
+ <!--PATTERN wuaupdatesearcherstesearchcriteria-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wuaupdatesearcher_state/win-def:search_criteria" priority="4000" mode="M950">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the search_criteria entity of a wuaupdatesearcher_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M950"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M950"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M950">
+ <xsl:apply-templates select="@*|node()" mode="M950"/>
+ </xsl:template>
+
+ <!--PATTERN wuaupdatesearchersteupdateid-->
+
+
+ <!--RULE -->
+
+ <xsl:template match="win-def:wuaupdatesearcher_state/win-def:update_id" priority="4000" mode="M951">
+
+ <!--ASSERT -->
+
+ <xsl:choose>
+ <xsl:when test="not(@datatype) or @datatype='string'"/>
+ <xsl:otherwise>
+ <xsl:text/>
+ <xsl:value-of select="../@id"/>
+ <xsl:text/> - datatype attribute for the update_id entity of a wuaupdatesearcher_state should be 'string'<xsl:value-of select="string('
')"/>
+ </xsl:otherwise>
+ </xsl:choose>
+ <xsl:apply-templates select="@*|*|comment()|processing-instruction()" mode="M951"/>
+ </xsl:template>
+ <xsl:template match="text()" priority="-1" mode="M951"/>
+ <xsl:template match="@*|node()" priority="-2" mode="M951">
+ <xsl:apply-templates select="@*|node()" mode="M951"/>
+ </xsl:template>
+</xsl:stylesheet>
Modified: trunk/ovaldi/xml/oval-results-schema.xsd
===================================================================
--- trunk/ovaldi/xml/oval-results-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-results-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-res="http://oval.mitre.org/XMLSchema/oval-results-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-results-5" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-res="http://oval.mitre.org/XMLSchema/oval-results-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-results-5" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
@@ -9,10 +9,9 @@
<xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Core Results</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:44 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:59 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Core portion of an OVAL Results file</sch:title>
<sch:ns prefix="oval-res" uri="http://oval.mitre.org/XMLSchema/oval-results-5"/>
</xsd:appinfo>
</xsd:annotation>
Modified: trunk/ovaldi/xml/oval-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/oval-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,404 +1,424 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" elementFormDefault="qualified" version="5.4">
- <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <xsd:annotation>
- <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) System Characteristics. The Core System Characteristics Schema defines all operating system independent objects. These objects are extended and enhanced by individual family schemas, which are described in separate documents. Each of the elements, types, and attributes that make up the Core System Characteristics Schema are described in detail and should provide the information necessary to understand what each object represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
- <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
- <xsd:appinfo>
- <schema>Core System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:44 AM</date>
- <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Core portion of an OVAL System Characteristics file</sch:title>
- <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
- </xsd:appinfo>
- </xsd:annotation>
- <!-- =============================================================================== -->
- <!-- =============================================================================== -->
- <!-- =============================================================================== -->
- <xsd:element name="oval_system_characteristics">
- <xsd:annotation>
- <xsd:documentation>The system_characteristics element is the root of an OVAL System Characteristics Document, and must occur exactly once. Its purpose is to bind together the four major sections of a system characteristics file - generator, system_info, collected_objects, and system_data - which are the children of the oval_system_characteristics element.</xsd:documentation>
- </xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element name="generator" type="oval:GeneratorType" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The generator section must be present and provides information about when the system characteristics file was compiled and under what version.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="system_info" type="oval-sc:SystemInfoType" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The required system_info element is used to record information about the system being described.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="collected_objects" type="oval-sc:CollectedObjectsType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional collected_objects section is used to associated the ids of the OVAL Objects collected with the system characteristics items that have been defined. The collected_objects section provides a listing of all the objects used to generate this system characteristics file.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="system_data" type="oval-sc:SystemDataType" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional system_data section defines the specific characteristics that have been collected from the system.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:key name="objectKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the individual object ids used in the collected object section.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-sc:collected_objects/oval-sc:object"/>
- <xsd:field xpath="@id"/>
- <xsd:field xpath="@version"/>
- <xsd:field xpath="@variable_instance"/>
- </xsd:key>
- <xsd:key name="itemKey">
- <xsd:annotation>
- <xsd:documentation>Enforce uniqueness amongst the individual item ids.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-sc:system_data/*"/>
- <xsd:field xpath="@id"/>
- </xsd:key>
- <xsd:keyref name="itemKeyRef" refer="oval-sc:itemKey">
- <xsd:annotation>
- <xsd:documentation>Require that each item reference refers to a valid item id.</xsd:documentation>
- </xsd:annotation>
- <xsd:selector xpath="oval-sc:collected_objects/oval-sc:object/oval-sc:reference"/>
- <xsd:field xpath="@item_ref"/>
- </xsd:keyref>
- </xsd:element>
- <!-- =============================================================================== -->
- <!-- ================================= GENERATOR ================================= -->
- <!-- =============================================================================== -->
- <!--
- The GeneratorType is defined by the oval shared schema. Please refer to
- that documentation for a description of the complex type.
- -->
- <!-- =============================================================================== -->
- <!-- ================================ SYSTEM INFO ================================ -->
- <!-- =============================================================================== -->
- <xsd:complexType name="SystemInfoType">
- <xsd:annotation>
- <xsd:documentation>The SystemInfoType complex type specifies general information about the system that data was collected from, including information that can be used to identify the system. See the description of the InterfacesType complex type for more information. Note that the high level interfaces is required due to the inclusion of the xsd:any tag that follows it. The interfaces tag can be empty if no single interface is present.</xsd:documentation>
- <xsd:documentation>Additional system information is also allowed although it is not part of the official OVAL Schema. Individual organizations can place system information that they feel is important and these will be skipped during the validation. All OVAL really cares about is that the required system information items are there.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="os_name" type="xsd:string" minOccurs="1" maxOccurs="1">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" elementFormDefault="qualified" version="5.5">
+ <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:annotation>
+ <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) System Characteristics. The Core System Characteristics Schema defines all operating system independent objects. These objects are extended and enhanced by individual family schemas, which are described in separate documents. Each of the elements, types, and attributes that make up the Core System Characteristics Schema are described in detail and should provide the information necessary to understand what each object represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
+ <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+ <xsd:appinfo>
+ <schema>Core System Characteristics</schema>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:59 AM</date>
+ <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="oval_system_characteristics">
+ <xsd:annotation>
+ <xsd:documentation>The system_characteristics element is the root of an OVAL System Characteristics Document, and must occur exactly once. Its purpose is to bind together the four major sections of a system characteristics file - generator, system_info, collected_objects, and system_data - which are the children of the oval_system_characteristics element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="generator" type="oval:GeneratorType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The required os_name elements describes the operating system of the machine the data was collected on.</xsd:documentation>
+ <xsd:documentation>The generator section must be present and provides information about when the system characteristics file was compiled and under what version.</xsd:documentation>
</xsd:annotation>
- </xsd:element>
- <xsd:element name="os_version" type="xsd:string" minOccurs="1" maxOccurs="1">
+ </xsd:element>
+ <xsd:element name="system_info" type="oval-sc:SystemInfoType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The required os_version elements describe the operating system version of the machine the data was collected on.</xsd:documentation>
+ <xsd:documentation>The required system_info element is used to record information about the system being described.</xsd:documentation>
</xsd:annotation>
- </xsd:element>
- <xsd:element name="architecture" type="xsd:string" minOccurs="1" maxOccurs="1">
+ </xsd:element>
+ <xsd:element name="collected_objects" type="oval-sc:CollectedObjectsType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The required architecture element describes the hardware architecture type of the system data was collected on.</xsd:documentation>
+ <xsd:documentation>The optional collected_objects section is used to associated the ids of the OVAL Objects collected with the system characteristics items that have been defined. The collected_objects section provides a listing of all the objects used to generate this system characteristics file.</xsd:documentation>
</xsd:annotation>
- </xsd:element>
- <xsd:element name="primary_host_name" type="xsd:string" minOccurs="1" maxOccurs="1">
+ </xsd:element>
+ <xsd:element name="system_data" type="oval-sc:SystemDataType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The required primary_host_name element is the primary host name of the machine the data was collected on.</xsd:documentation>
+ <xsd:documentation>The optional system_data section defines the specific characteristics that have been collected from the system.</xsd:documentation>
</xsd:annotation>
- </xsd:element>
- <xsd:element name="interfaces" type="oval-sc:InterfacesType" minOccurs="1" maxOccurs="1">
+ </xsd:element>
+ <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
<xsd:annotation>
- <xsd:documentation>The required interfaces element outlines the network interfaces that exist on the system.</xsd:documentation>
+ <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
</xsd:annotation>
- </xsd:element>
- <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InterfacesType">
- <xsd:annotation>
- <xsd:documentation>The InterfacesType complex type is a container for zero or more interface elements. Each interface element is used to describe an existing network interface on the system.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="interface" type="oval-sc:InterfaceType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>Please refer to the description of the InterfaceType for more information.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="InterfaceType">
- <xsd:annotation>
- <xsd:documentation>The InterfaceType complex type is used to describe an existing network interface on the system. This information can help identify a specific system on a given network.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="interface_name" type="xsd:string" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The required interface_name element is the name of the interface</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="ip_address" type="xsd:string" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The reqired ip_address element holds the ip address for the interface.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="mac_address" type="xsd:string" minOccurs="1" maxOccurs="1">
- <xsd:annotation>
- <xsd:documentation>The required mac_address element holds teh mac address for the interface.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ============================= COLLECTED OBJECTS ============================= -->
- <!-- =============================================================================== -->
- <xsd:complexType name="CollectedObjectsType">
- <xsd:annotation>
- <xsd:documentation>The CollectedObjectsType complex type states all the objects that have been collected by the system characteristics file. The details of each object are defined by the global OVAL object that is identified by the id.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="object" type="oval-sc:ObjectType" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:complexType name="ObjectType">
- <xsd:annotation>
- <xsd:documentation>The ObjectType complex type provides a reference between items collected and a related global OVAL Object.</xsd:documentation>
- <xsd:documentation>If an OVAL Object does not exist on the system, then an object element is still provided but with the flag attribute set to 'does not exist' and with no reference child elements. This shows that the object was looked for but not found on the system. If no object element is written in this case, users of the system characteristics file will not know whether the object was not found or no attempt was made to collect it.</xsd:documentation>
- <xsd:documentation>The required id attribute is the id of the global OVAL Object. The required version attribute is the specific version of the global OVAL Object that was used by the data collection engine. The version is necessary so that analysis using a system characteristics file knows exactly what was collected. The optional variable_instance identifier is a unique id that differentiates every unique instance of an object. Languages that include OVAL might reference the same definition multiple times. Each time a different set of values is supplied for the variables, resulting in multiple instances of an object to be defined by the OVAL System Characteristics file. (definitions that do not use variables can only have one unique instance) The inclusion of a unique instance identifier will allow the OVAL results file to report the correct item associated with an object for each combination of supplied values. The optional comment attribute provides a short description of the object. The required flag attribute holds information regarding the success of the data collection. For example, if there was an error looking for items that match the object specification, then the flag would be 'error'. Please refer to the description of FlagEnumeration for details about the different flag values.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="message" type="oval:MessageType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>The optional message element holds an error message or some other string that the data collection engine wishes to pass along.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="variable_value" type="oval-sc:VariableValueType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>The optional variable_value elements define the actual value(s) used during data collection of any variable referenced by the object (as well as any object referenced via a set element). An OVAL Object that includes a variable maybe have a different set of matching items depending on the value given assigned to the variable. A tool that is given an OVAL System Characteristics file in order to analyze an OVAL Definition needs to be able to determine the exact instance of an object to use based on the variable values supplied. If a variable represents an array of values, then multiple variable_value elements would exist with the same variable_id attribute. </xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:element name="reference" type="oval-sc:ReferenceType" minOccurs="0" maxOccurs="unbounded">
- <xsd:annotation>
- <xsd:documentation>the optional reference element links the collected item found by the data collection engine and the global OVAL Object. A global OVAL Object my have multiple matching items on a system. For example a global file object that is a pattern match might match 10 different files on a specific system. In this case, there would be 10 reference elements, one for each of the files found on the system.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:ObjectIDPattern" use="required"/>
- <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
- <xsd:attribute name="variable_instance" type="xsd:integer" use="optional" default="1"/>
- <xsd:attribute name="comment" type="xsd:string" use="optional"/>
- <xsd:attribute name="flag" type="oval-sc:FlagEnumeration" use="required"/>
- </xsd:complexType>
- <xsd:complexType name="VariableValueType">
- <xsd:annotation>
- <xsd:documentation>The VariableValueType complex type holds the value to a variable used during the collection of an object. The required variable_id attribute is the unique id of the variable being identified.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType">
- <xsd:attribute name="variable_id" type="oval:VariableIDPattern" use="required"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="ReferenceType">
- <xsd:annotation>
- <xsd:documentation>The ReferenceType complex type specifies an item in the system characteristics file. This reference is used to link global OVAL Objects to specific items.</xsd:documentation>
- </xsd:annotation>
- <xsd:attribute name="item_ref" type="oval:ItemIDPattern" use="required"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ================================ SYSTEM DATA ================================ -->
- <!-- =============================================================================== -->
- <xsd:complexType name="SystemDataType">
- <xsd:annotation>
- <xsd:documentation>The SystemDataType complex type is a container for one or more item elements. Each item defines a specific piece of data on the system.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element ref="oval-sc:item" minOccurs="1" maxOccurs="unbounded"/>
- </xsd:sequence>
- </xsd:complexType>
- <xsd:element name="item" type="oval-sc:ItemType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The abstract item element holds information about a specific item on a system. An item might be a file, a rpm, a process, etc. This element is extended by the different component schemas through substitution groups. Each item represents a unique instance of an object as specified by an OVAL Object. For example, a single file or a single user. Each item my be referenced by more than one object in the collected object section. Please refer to the description of ItemType for more details about the information stored in items.</xsd:documentation>
- </xsd:annotation>
- </xsd:element>
- <xsd:complexType name="ItemType">
- <xsd:annotation>
- <xsd:documentation>The ItemType complex type specifies an optional message element that is used to pass things like error messages during data collection to a tool that will utilize the information. The required id attribute is an unique (to the file) identifier that allows the specific item to be referenced. The optional object_ref attribute allows the item to be linked to an object declaration used to identify the item being collected. The required status attribute holds information regarding the success of the data collection. For example, if an item exists on the system then the status would reflect this with a value of 'exists'. If there was an error collecting a any information about an item that is known to exist, then the status would be 'error'. An error specific to a particular entity should be addressed at the entity level and not the item level. Note that an item should not have a status of 'does not exist' as there simply would be no item element in the system characteristics file for this case. If part of the object declaration does not exist on the system (say a path exists but the filename does not), then no item should be written for this object and the object element in the collected_object section should have a flag value of 'does not exist'.</xsd:documentation>
- </xsd:annotation>
- <xsd:sequence>
- <xsd:element name="message" type="oval:MessageType" minOccurs="0" maxOccurs="1"/>
- </xsd:sequence>
- <xsd:attribute name="id" type="oval:ItemIDPattern" use="required"/>
- <xsd:attribute name="status" type="oval-sc:StatusEnumeration" use="optional" default="exists"/>
- </xsd:complexType>
- <!-- =============================================================================== -->
- <!-- ================================= SIGNATURE ================================= -->
- <!-- =============================================================================== -->
- <!--
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:key name="objectKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the individual object ids used in the collected object section.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-sc:collected_objects/oval-sc:object"/>
+ <xsd:field xpath="@id"/>
+ <xsd:field xpath="@version"/>
+ <xsd:field xpath="@variable_instance"/>
+ </xsd:key>
+ <xsd:key name="itemKey">
+ <xsd:annotation>
+ <xsd:documentation>Enforce uniqueness amongst the individual item ids.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-sc:system_data/*"/>
+ <xsd:field xpath="@id"/>
+ </xsd:key>
+ <xsd:keyref name="itemKeyRef" refer="oval-sc:itemKey">
+ <xsd:annotation>
+ <xsd:documentation>Require that each item reference refers to a valid item id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:selector xpath="oval-sc:collected_objects/oval-sc:object/oval-sc:reference"/>
+ <xsd:field xpath="@item_ref"/>
+ </xsd:keyref>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ================================= GENERATOR ================================= -->
+ <!-- =============================================================================== -->
+ <!--
+ The GeneratorType is defined by the oval shared schema. Please refer to
+ that documentation for a description of the complex type.
+ -->
+ <!-- =============================================================================== -->
+ <!-- ================================ SYSTEM INFO ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="SystemInfoType">
+ <xsd:annotation>
+ <xsd:documentation>The SystemInfoType complex type specifies general information about the system that data was collected from, including information that can be used to identify the system. See the description of the InterfacesType complex type for more information. Note that the high level interfaces is required due to the inclusion of the xsd:any tag that follows it. The interfaces tag can be empty if no single interface is present.</xsd:documentation>
+ <xsd:documentation>Additional system information is also allowed although it is not part of the official OVAL Schema. Individual organizations can place system information that they feel is important and these will be skipped during the validation. All OVAL really cares about is that the required system information items are there.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="os_name" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required os_name elements describes the operating system of the machine the data was collected on.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="os_version" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required os_version elements describe the operating system version of the machine the data was collected on.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="architecture" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required architecture element describes the hardware architecture type of the system data was collected on.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="primary_host_name" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required primary_host_name element is the primary host name of the machine the data was collected on.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="interfaces" type="oval-sc:InterfacesType" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required interfaces element outlines the network interfaces that exist on the system.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="skip"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InterfacesType">
+ <xsd:annotation>
+ <xsd:documentation>The InterfacesType complex type is a container for zero or more interface elements. Each interface element is used to describe an existing network interface on the system.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="interface" type="oval-sc:InterfaceType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Please refer to the description of the InterfaceType for more information.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InterfaceType">
+ <xsd:annotation>
+ <xsd:documentation>The InterfaceType complex type is used to describe an existing network interface on the system. This information can help identify a specific system on a given network.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="interface_name" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required interface_name element is the name of the interface</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ip_address" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The reqired ip_address element holds the ip address for the interface.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="mac_address" type="xsd:string" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The required mac_address element holds teh mac address for the interface.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ============================= COLLECTED OBJECTS ============================= -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="CollectedObjectsType">
+ <xsd:annotation>
+ <xsd:documentation>The CollectedObjectsType complex type states all the objects that have been collected by the system characteristics file. The details of each object are defined by the global OVAL object that is identified by the id.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-sc:ObjectType" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ObjectType">
+ <xsd:annotation>
+ <xsd:documentation>The ObjectType complex type provides a reference between items collected and a related global OVAL Object.</xsd:documentation>
+ <xsd:documentation>If an OVAL Object does not exist on the system, then an object element is still provided but with the flag attribute set to 'does not exist' and with no reference child elements. This shows that the object was looked for but not found on the system. If no object element is written in this case, users of the system characteristics file will not know whether the object was not found or no attempt was made to collect it.</xsd:documentation>
+ <xsd:documentation>The required id attribute is the id of the global OVAL Object. The required version attribute is the specific version of the global OVAL Object that was used by the data collection engine. The version is necessary so that analysis using a system characteristics file knows exactly what was collected. The optional variable_instance identifier is a unique id that differentiates every unique instance of an object. Languages that include OVAL might reference the same definition multiple times. Each time a different set of values is supplied for the variables, resulting in multiple instances of an object to be defined by the OVAL System Characteristics file. (definitions that do not use variables can only have one unique instance) The inclusion of a unique instance identifier will allow the OVAL results file to report the correct item associated with an object for each combination of supplied values. The optional comment attribute provides a short description of the object. The required flag attribute holds information regarding the success of the data collection. For example, if there was an error looking for items that match the object specification, then the flag would be 'error'. Please refer to the description of FlagEnumeration for details about the different flag values.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="message" type="oval:MessageType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>The optional message element holds an error message or some other string that the data collection engine wishes to pass along.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="variable_value" type="oval-sc:VariableValueType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>The optional variable_value elements define the actual value(s) used during data collection of any variable referenced by the object (as well as any object referenced via a set element). An OVAL Object that includes a variable maybe have a different set of matching items depending on the value given assigned to the variable. A tool that is given an OVAL System Characteristics file in order to analyze an OVAL Definition needs to be able to determine the exact instance of an object to use based on the variable values supplied. If a variable represents an array of values, then multiple variable_value elements would exist with the same variable_id attribute. </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="reference" type="oval-sc:ReferenceType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>the optional reference element links the collected item found by the data collection engine and the global OVAL Object. A global OVAL Object my have multiple matching items on a system. For example a global file object that is a pattern match might match 10 different files on a specific system. In this case, there would be 10 reference elements, one for each of the files found on the system.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:ObjectIDPattern" use="required"/>
+ <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+ <xsd:attribute name="variable_instance" type="xsd:integer" use="optional" default="1"/>
+ <xsd:attribute name="comment" type="xsd:string" use="optional"/>
+ <xsd:attribute name="flag" type="oval-sc:FlagEnumeration" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VariableValueType">
+ <xsd:annotation>
+ <xsd:documentation>The VariableValueType complex type holds the value to a variable used during the collection of an object. The required variable_id attribute is the unique id of the variable being identified.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="variable_id" type="oval:VariableIDPattern" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferenceType">
+ <xsd:annotation>
+ <xsd:documentation>The ReferenceType complex type specifies an item in the system characteristics file. This reference is used to link global OVAL Objects to specific items.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="item_ref" type="oval:ItemIDPattern" use="required"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ================================ SYSTEM DATA ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="SystemDataType">
+ <xsd:annotation>
+ <xsd:documentation>The SystemDataType complex type is a container for one or more item elements. Each item defines a specific piece of data on the system.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="oval-sc:item" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="item" type="oval-sc:ItemType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The abstract item element holds information about a specific item on a system. An item might be a file, a rpm, a process, etc. This element is extended by the different component schemas through substitution groups. Each item represents a unique instance of an object as specified by an OVAL Object. For example, a single file or a single user. Each item my be referenced by more than one object in the collected object section. Please refer to the description of ItemType for more details about the information stored in items.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ItemType">
+ <xsd:annotation>
+ <xsd:documentation>The ItemType complex type specifies an optional message element that is used to pass things like error messages during data collection to a tool that will utilize the information. The required id attribute is an unique (to the file) identifier that allows the specific item to be referenced. The required status attribute holds information regarding the success of the data collection. For example, if an item exists on the system then the status would reflect this with a value of 'exists'. If there was an error collecting any information about an item that is known to exist, then the status would be 'error'. An error specific to a particular entity should be addressed at the entity level and not the item level. Note that an item should not have a status of 'does not exist' as there simply would be no item element in the system characteristics file for this case. If part of the object declaration does not exist on the system (say a path exists but the filename does not), then no item should be written for this object and the object element in the collected_object section should have a flag value of 'does not exist'.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="message" type="oval:MessageType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="oval:ItemIDPattern" use="required"/>
+ <xsd:attribute name="status" type="oval-sc:StatusEnumeration" use="optional" default="exists"/>
+ </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- ================================= SIGNATURE ================================= -->
+ <!-- =============================================================================== -->
+ <!--
The signature element is defined by the xmldsig schema. Please refer to that
documentation for a description of the valid elements and types. More
information about the official W3C Recommendation regarding XML digital
signatures can be found at http://www.w3.org/TR/xmldsig-core/.
-->
- <!-- =============================================================================== -->
- <!-- =============================== ENUMERATIONS ================================ -->
- <!-- =============================================================================== -->
- <xsd:simpleType name="FlagEnumeration">
- <xsd:annotation>
- <xsd:documentation>The FlagEnumeration simple type defines the valid flags associated with a collected object. These flags are meant to provide information about how the specified object was handled by the data collector. In order to evaluate an OVAL Definition, information about the defined objects need to be available. The flags help detail the success of trying to collect information related to these objects.</xsd:documentation>
- </xsd:annotation>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="error">
- <xsd:annotation>
- <xsd:documentation>A flag of 'error' says that there was an error trying to identify objects on the system that match the specified object declaration. This flag is not meant to be used when there was an error retrieving a specific attribute, but rather when it could not be determined if an instance of the object exists or not. Any error in retrieving specific attributes should be represented by setting the status of that specific attribute to 'error'.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="complete">
- <xsd:annotation>
- <xsd:documentation>Every matching item on the system has been identified and is represented in the system characteristics file. It can be assumed that no additional matching items exist on the system.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="incomplete">
- <xsd:annotation>
- <xsd:documentation>An instance of the specified object exists on the system, but only some of the matching items have been identified and are represented in the system characteristics file. It is unknown if additional matching items also exist. Note that with a flag of incomplete, each item that has been identified matches the object declaration, but additional items might also exist on the system.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="does not exist">
- <xsd:annotation>
- <xsd:documentation>A flag of 'does not exist' means that the underlying structure is installed on the system but no matching item was found. For example, the Windows metabase is installed but the specified metabase_object could not be found. In this example, if the metabase itself was not installed, then the flag would have been 'not applicable'.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="not collected">
- <xsd:annotation>
- <xsd:documentation>An attempt to collect information on items matching the object was not made. An object with this flag will produce an 'unknown' result during analysis since it is unknown if a matching items exists on the system or not. This is different from an 'error' flag since with an 'error' flag an attempt to collect information was made. With the 'not collected' flag, no attempt was made.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="not applicable">
- <xsd:annotation>
- <xsd:documentation>The specified object is not applicable to the system being characterized. This could be because the data repository is not installed or that the object structure is for a different flavor of systems. An example would be trying to collect objects related to a Red Hat system off a Windows system. Another example would be trying to collect an rpminfo object on a Linux system if the rpm packaging system is not installed. If the rpm packaging system is installed and the specified rpminfo object could not be found, then the flag would be 'does not exist'.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- </xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="StatusEnumeration">
- <xsd:annotation>
- <xsd:documentation>The StatusEnumeration simple type defines the valid status messages associated with collection of specific information associated with an item.</xsd:documentation>
- </xsd:annotation>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="error">
- <xsd:annotation>
- <xsd:documentation>A status of 'error' says that there was an error collecting information associated with an item as a whole or a specific entity.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="exists">
- <xsd:annotation>
- <xsd:documentation>A status of 'exists' says that the item or specific piece of information exists on the system and has been collected.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="does not exist">
- <xsd:annotation>
- <xsd:documentation>A status of 'does not exist' says that the item or specific piece of information does not exist and therefore has not been collected. This status assumes that an attempt was made to collect the information, but the information just doesn't exist. This can happen when a certain entity is only pertinent to particular instances, or when xsi:nil is used to refer to a higher level object.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- <xsd:enumeration value="not collected">
- <xsd:annotation>
- <xsd:documentation>A status of 'not collected' says that no attempt was made to collect the item or specific piece of information so it is unknown what the value is and if it even exists.</xsd:documentation>
- </xsd:annotation>
- </xsd:enumeration>
- </xsd:restriction>
- </xsd:simpleType>
- <!-- =============================================================================== -->
- <!-- =============================== ENTITY TYPES ================================ -->
- <!-- =============================================================================== -->
- <xsd:complexType name="EntityItemBaseType" abstract="true">
- <xsd:annotation>
- <xsd:documentation>The EntityItemBaseType complex type is an abstract type that defines the default attributes associated with every entity. The optional datatype determines the type of data expected. (the default datatype is 'string') Note that the datatype attribute simply defines the type of data as found on the system, it is not used during evaluation. An OVAL Definition defines how the data should be interpreted during analysis. If the definition states a datatype that is different than what the system characteristics presents, then a type cast must be made. The optional mask attribute is used to identify values that have been hidden for sensitivity concerns. This is used by the result file which uses the system characateristic schema to format the information found on a specific system. If the original definition set the mask attribute of an entity to 'true', then value obtained from the system should not be presented in the results file. A system characteristics file that is not held within a results file should not use the mask attribute. The optional status attribute holds information regarding the success of the data collection. For example, if there was an error collecting a particular piece of data, then the status would be 'error'.</xsd:documentation>
- <xsd:appinfo>
- <sch:pattern id="entitystatus">
- <sch:rule context="oval-sc:system_data/*/*">
- <sch:assert test="not(@status) or @status='exists' or .=''">item <sch:value-of select="../@id"/> - a value for the <sch:value-of select="name()"/> entity should only be supplied if the status attribute is 'exists'</sch:assert>
- <sch:assert test="not(@mask) or @mask='false' or .=''">item <sch:value-of select="../@id"/> - a value for the <sch:value-of select="name()"/> entity should only be supplied if the mask attribute is 'false'</sch:assert>
- </sch:rule>
- </sch:pattern>
- </xsd:appinfo>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="xsd:anySimpleType">
- <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string"/>
- <xsd:attribute name="mask" type="xsd:boolean" use="optional" default="false"/>
- <xsd:attribute name="status" type="oval-sc:StatusEnumeration" use="optional" default="exists"/>
- </xsd:extension>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemAnyType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemAnyType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes any simple data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:extension base="oval-sc:EntityItemBaseType"/>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemBinaryType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemBinaryType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple binary data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemBoolType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemBoolType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple boolean data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemFloatType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemFloatType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple float data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemIntType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemIntType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple integer data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemBaseType">
- <xsd:simpleType>
- <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
- <xsd:complexType name="EntityItemStringType">
- <xsd:annotation>
- <xsd:documentation>The EntityItemStringType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple string data.</xsd:documentation>
- </xsd:annotation>
- <xsd:simpleContent>
- <xsd:restriction base="oval-sc:EntityItemBaseType">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string"/>
- </xsd:simpleType>
- </xsd:restriction>
- </xsd:simpleContent>
- </xsd:complexType>
+ <!-- =============================================================================== -->
+ <!-- =============================== ENUMERATIONS ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:simpleType name="FlagEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The FlagEnumeration simple type defines the valid flags associated with a collected object. These flags are meant to provide information about how the specified object was handled by the data collector. In order to evaluate an OVAL Definition, information about the defined objects need to be available. The flags help detail the success of trying to collect information related to these objects.</xsd:documentation>
+ <xsd:appinfo>
+ <evaluation_documentation>Below is a table that outlines how each FlagEnumeration value effects evaluation of a given test. Note that this is related to the existance of an object(s) and not the object(s) compliance with a state. The far left column identifies the ExistenceEnumeration value in question. The middle left column specifies the different combinations of individual item status values that have been found in the system characteristics file related to the given object. (EX=exists, DE=does not exist, ER=error, NC=not collected) For example, a 1+ under EX means that one or more individual item status attributes are set to exists, while a 0 under NC means that zero individual item status attributes are set to not collected. The middle right column. The last column specifies what the result of the existence piece would be according to each combination of individual item status values.</evaluation_documentation>
+ <evaluation_chart xml:space="preserve">
+ ||
+ flag value || test result is
+ ||
+-----------------||----------------------------
+ error || error
+ complete || (test result depends on
+ incomplete || check_existence and
+ does not exist || check attributes)
+ not collected || unknown
+ not applicable || not applicable
+-----------------||-----------------------------
+ </evaluation_chart>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="error">
+ <xsd:annotation>
+ <xsd:documentation>A flag of 'error' says that there was an error trying to identify objects on the system that match the specified object declaration. This flag is not meant to be used when there was an error retrieving a specific attribute, but rather when it could not be determined if an instance of the object exists or not. Any error in retrieving specific attributes should be represented by setting the status of that specific attribute to 'error'.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="complete">
+ <xsd:annotation>
+ <xsd:documentation>Every matching item on the system has been identified and is represented in the system characteristics file. It can be assumed that no additional matching items exist on the system.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="incomplete">
+ <xsd:annotation>
+ <xsd:documentation>An instance of the specified object exists on the system, but only some of the matching items have been identified and are represented in the system characteristics file. It is unknown if additional matching items also exist. Note that with a flag of incomplete, each item that has been identified matches the object declaration, but additional items might also exist on the system.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="does not exist">
+ <xsd:annotation>
+ <xsd:documentation>A flag of 'does not exist' means that the underlying structure is installed on the system but no matching item was found. For example, the Windows metabase is installed but the specified metabase_object could not be found. In this example, if the metabase itself was not installed, then the flag would have been 'not applicable'.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="not collected">
+ <xsd:annotation>
+ <xsd:documentation>An attempt to collect information on items matching the object was not made. An object with this flag will produce an 'unknown' result during analysis since it is unknown if a matching items exists on the system or not. This is different from an 'error' flag since with an 'error' flag an attempt to collect information was made. With the 'not collected' flag, no attempt was made.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="not applicable">
+ <xsd:annotation>
+ <xsd:documentation>The specified object is not applicable to the system being characterized. This could be because the data repository is not installed or that the object structure is for a different flavor of systems. An example would be trying to collect objects related to a Red Hat system off a Windows system. Another example would be trying to collect an rpminfo object on a Linux system if the rpm packaging system is not installed. If the rpm packaging system is installed and the specified rpminfo object could not be found, then the flag would be 'does not exist'.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="StatusEnumeration">
+ <xsd:annotation>
+ <xsd:documentation>The StatusEnumeration simple type defines the valid status messages associated with collection of specific information associated with an item.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="error">
+ <xsd:annotation>
+ <xsd:documentation>A status of 'error' says that there was an error collecting information associated with an item as a whole or a specific entity.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="exists">
+ <xsd:annotation>
+ <xsd:documentation>A status of 'exists' says that the item or specific piece of information exists on the system and has been collected.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="does not exist">
+ <xsd:annotation>
+ <xsd:documentation>A status of 'does not exist' says that the item or specific piece of information does not exist and therefore has not been collected. This status assumes that an attempt was made to collect the information, but the information just doesn't exist. This can happen when a certain entity is only pertinent to particular instances, or when xsi:nil is used to refer to a higher level object.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="not collected">
+ <xsd:annotation>
+ <xsd:documentation>A status of 'not collected' says that no attempt was made to collect the item or specific piece of information so it is unknown what the value is and if it even exists.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!-- =============================================================================== -->
+ <!-- =============================== ENTITY TYPES ================================ -->
+ <!-- =============================================================================== -->
+ <xsd:complexType name="EntityItemBaseType" abstract="true">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemBaseType complex type is an abstract type that defines the default attributes associated with every entity. The optional datatype determines the type of data expected. (the default datatype is 'string') Note that the datatype attribute simply defines the type of data as found on the system, it is not used during evaluation. An OVAL Definition defines how the data should be interpreted during analysis. If the definition states a datatype that is different than what the system characteristics presents, then a type cast must be made. The optional mask attribute is used to identify values that have been hidden for sensitivity concerns. This is used by the result file which uses the system characateristic schema to format the information found on a specific system. If the original definition set the mask attribute of an entity to 'true', then value obtained from the system should not be presented in the results file. A system characteristics file that is not held within a results file should not use the mask attribute. The optional status attribute holds information regarding the success of the data collection. For example, if there was an error collecting a particular piece of data, then the status would be 'error'.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="sc_entity_rules">
+ <sch:rule context="oval-sc:system_data/*/*">
+ <sch:assert test="not(@status) or @status='exists' or .=''">item <sch:value-of select="../@id"/> - a value for the <sch:value-of select="name()"/> entity should only be supplied if the status attribute is 'exists'</sch:assert>
+ <sch:assert test="not(@mask) or @mask='false' or .=''">item <sch:value-of select="../@id"/> - a value for the <sch:value-of select="name()"/> entity should only be supplied if the mask attribute is 'false'</sch:assert>
+ <!--<sch:assert test="if (@datatype='binary') then (matches(., '^[0-9a-fA-F]*$')) else (1=1)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>-->
+ <!--<sch:assert test="if (@datatype='boolean') then (matches(., '^true$|^false$|^1$|^0$')) else (1=1)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>-->
+ <!--<sch:assert test="if (@datatype='evr_string') then (matches(., '^[^:\-]*:[^:\-]*-[^:\-]*$')) else (1=1)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>-->
+ <!--<sch:assert test="if (@datatype='float') then (matches(., '^[+\-]?[0-9]+([\.][0-9]+)?([eE][+\-]?[0-9]+)?$|^NaN$|^INF$|^\-INF$')) else (1=1)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>-->
+ <!--<sch:assert test="if (@datatype='int') then (matches(., '^[+\-]?[0-9]+$')) else (1=1)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>-->
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anySimpleType">
+ <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string"/>
+ <xsd:attribute name="mask" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="status" type="oval-sc:StatusEnumeration" use="optional" default="exists"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemAnyType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemAnyType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes any simple data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:extension base="oval-sc:EntityItemBaseType"/>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemBinaryType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemBinaryType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple binary data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-sc:EntityItemBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemBoolType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemBoolType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple boolean data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-sc:EntityItemBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemFloatType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemFloatType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple float data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-sc:EntityItemBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemIntType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemIntType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple integer data. The empty string is also allowed for cases where there was an error in the data collection of an entity and a status needs to be reported.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-sc:EntityItemBaseType">
+ <xsd:simpleType>
+ <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="EntityItemStringType">
+ <xsd:annotation>
+ <xsd:documentation>The EntityItemStringType type is extended by the entities of an individual item. This type provides uniformity to each entity by including the attributes found in the EntityItemBaseType. This specific type describes simple string data.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleContent>
+ <xsd:restriction base="oval-sc:EntityItemBaseType">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ </xsd:restriction>
+ </xsd:simpleContent>
+ </xsd:complexType>
</xsd:schema>
Modified: trunk/ovaldi/xml/oval-variables-schema.xsd
===================================================================
--- trunk/ovaldi/xml/oval-variables-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/oval-variables-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-var="http://oval.mitre.org/XMLSchema/oval-variables-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://oval.mitre.org/XMLSchema/oval-variables-5" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-var="http://oval.mitre.org/XMLSchema/oval-variables-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-variables-5" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
<xsd:annotation>
@@ -8,9 +8,10 @@
<xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Core Variable</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:45 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:59 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval-var" uri="http://oval.mitre.org/XMLSchema/oval-system-variables-5"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Added: trunk/ovaldi/xml/pixos-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/pixos-definitions-schema.xsd (rev 0)
+++ trunk/ovaldi/xml/pixos-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,213 @@
+<?xml version="1.0"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:pixos-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#pixos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#pixos" elementFormDefault="qualified" version="5.5">
+ <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
+ <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
+ <xsd:annotation>
+ <xsd:documentation>The following is a description of the elements, types, and attributes that compose the PIX specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
+ <xsd:documentation>This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+ <xsd:appinfo>
+ <schema>PixOS Definition</schema>
+ <version>5.5</version>
+ <date>9/26/2008 7:30:59 AM</date>
+ <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
+ <sch:ns prefix="pixos-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#pixos"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <!-- =============================================================================== -->
+ <!-- ================================= LINE TEST ================================= -->
+ <!-- =============================================================================== -->
+ <xsd:element name="line_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The line_test is used to check the properties of specific output lines from a SHOW command, such as SHOW RUNNING-CONFIG. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a line_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixlinetst">
+ <sch:rule context="pixos-def:line_test/pixos-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/pixos-def:line_object/@id"><sch:value-of select="../@id"/> - the object child element of a line_test must reference a line_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="pixos-def:line_test/pixos-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/pixos-def:line_state/@id"><sch:value-of select="../@id"/> - the state child element of a line_test must reference a line_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="line_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The line_object element is used by a line_test to define the object to be evaluated. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
+ <xsd:documentation>A line object consists of a show_subcommand entity that is the name of a SHOW sub-command to be tested.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType">
+ <xsd:sequence>
+ <xsd:choice minOccurs="1" maxOccurs="1">
+ <xsd:element ref="oval-def:set"/>
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-def:EntityObjectStringType" minOccurs="1" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of a SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixlineobjshow_subcommand">
+ <sch:rule context="pixos-def:line_object/pixos-def:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_object should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="line_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The line_state element defines the different information that can be used to evaluate the result of a specific SHOW sub-command. This includes the name of ths sub-command and the corresponding config line. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixlinesteshow_subcommand">
+ <sch:rule context="pixos-def:line_state/pixos-def:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="config_line" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixlinesteconfig_line">
+ <sch:rule context="pixos-def:line_state/pixos-def:config_line">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ================================ VERSION TEST =============================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="version_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The version test is used to check the version of the PIX operating system. It is based off of the SHOW VERSION command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixvertst">
+ <sch:rule context="pixos-def:version_test/pixos-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/pixos-def:version_object/@id"><sch:value-of select="../@id"/> - the object child element of a version_test must reference a version_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="pixos-def:version_test/pixos-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/pixos-def:version_state/@id"><sch:value-of select="../@id"/> - the state child element of a version_test must reference a version_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The version_object element is used by a version test to define the different version information associated with a PIX system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="version_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The version_state element defines the version information held within a Cisco PIX software release. The pix_release element specifies the whole PIX version information. The pix_major_release, pix_minor_release and pix_build elements specify seperated parts of PIX software version information. For instance, if the PIX version is 7.1(2.3)49, then pix_release is 7.1(2.3)49, pix_major_release is 7.1, pix_minor_release is 2.3 and pix_build is 49. See the SHOW VERSION command within PIX for more information.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="pix_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The pix_release element specifies the whole PIX version information.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixverstepix_release">
+ <sch:rule context="pixos-def:version_state/pixos-def:pix_release">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the pix_release entity of a version_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_major_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The pix_major_release is the dotted version that starts a version string. For example the pix_release 7.1(2.3)49 has a pix_major_release of 7.1.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixverstepix_major_release">
+ <sch:rule context="pixos-def:version_state/pixos-def:pix_major_release">
+ <sch:assert test="@datatype='version'"><sch:value-of select="../@id"/> - datatype attribute for the pix_major_release entity of a version_state should be 'version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_minor_release" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The pix_minor_release is the dotted version that starts a version string. For example the pix_release 7.1(2.3)49 has a pix_minor_release of 2.3.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixverstepix_minor_release">
+ <sch:rule context="pixos-def:version_state/pixos-def:pix_minor_release">
+ <sch:assert test="@datatype='version'"><sch:value-of select="../@id"/> - datatype attribute for the pix_minor_release entity of a version_state should be 'version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_build" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The pix_build is an integer. For example the pix_release 7.1(2.3)49 has a pix_build of 49.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixverstepix_build">
+ <sch:rule context="pixos-def:version_state/pixos-def:pix_build">
+ <sch:assert test="@datatype='int'"><sch:value-of select="../@id"/> - datatype attribute for the pix_build entity of a version_state should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
Added: trunk/ovaldi/xml/pixos-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/pixos-system-characteristics-schema.xsd (rev 0)
+++ trunk/ovaldi/xml/pixos-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -0,0 +1,124 @@
+<?xml version="1.0"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:pixos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos" elementFormDefault="qualified" version="5.5">
+ <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
+ <xsd:annotation>
+ <xsd:documentation>The following is a description of the elements, types, and attributes that compose the Cisco PIX (Private Internet Exchange) specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
+ <xsd:documentation>This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+ <xsd:appinfo>
+ <schema>PixOS System Characteristics</schema>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:00 AM</date>
+ <terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+ <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
+ <sch:ns prefix="pixos-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <!-- =============================================================================== -->
+ <!-- ============================ PIX LINE ITEM ================================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="line_item" substitutionGroup="oval-sc:item">
+ <xsd:annotation>
+ <xsd:documentation>Stores the properties of specific lines in the PIX config file.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-sc:ItemType">
+ <xsd:sequence>
+ <xsd:element name="show_subcommand" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixoslineitemshow_subcommand">
+ <sch:rule context="pixos-sc:line_item/pixos-sc:show_subcommand">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the show_subcommand entity of a line_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="config_line" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="pixoslineitemconfig_line">
+ <sch:rule context="pixos-sc:line_item/pixos-sc:config_line">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the config_line entity of a line_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ============================ PIX VERSION ITEM ================================== -->
+ <!-- =============================================================================== -->
+ <xsd:element name="version_item" substitutionGroup="oval-sc:item">
+ <xsd:annotation>
+ <xsd:documentation>Stores results from SHOW VERSION command.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-sc:ItemType">
+ <xsd:sequence>
+ <xsd:element name="pix_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation/>
+ <xsd:appinfo>
+ <sch:pattern id="versionitempix_release">
+ <sch:rule context="pixos-sc:version_item/pixos-sc:pix_release">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the pix_release entity of a version_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_major_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation/>
+ <xsd:appinfo>
+ <sch:pattern id="versionitempix_major_release">
+ <sch:rule context="pixos-sc:version_item/pixos-sc:pix_major_release">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the pix_major_release entity of a version_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_minor_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation/>
+ <xsd:appinfo>
+ <sch:pattern id="versionitempix_minor_release">
+ <sch:rule context="pixos-sc:version_item/pixos-sc:pix_minor_release">
+ <sch:assert test="@datatype='version'">item <sch:value-of select="../@id"/> - datatype attribute for the pix_minor_release entity of a version_item should be 'version'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="pix_build" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation/>
+ <xsd:appinfo>
+ <sch:pattern id="versionitempix_build">
+ <sch:rule context="pixos-sc:version_item/pixos-sc:pix_build">
+ <sch:assert test="@datatype='int'">item <sch:value-of select="../@id"/> - datatype attribute for the pix_build entity of a version_item should be 'int'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+</xsd:schema>
Modified: trunk/ovaldi/xml/solaris-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/solaris-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/solaris-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,15 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:sol-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:sol-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Solaris specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Solaris Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:45 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:00 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Solaris portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="sol-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
@@ -25,11 +24,11 @@
<xsd:appinfo>
<sch:pattern id="isainfotst">
<sch:rule context="sol-def:isainfo_test/sol-def:object">
- <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:smf_object/@id">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/sol-def:isainfo_object/@id">
<sch:value-of select="../@id"/> - the object child element of an isainfo_test must reference an isainfo_object</sch:assert>
</sch:rule>
<sch:rule context="sol-def:isainfo_test/sol-def:state">
- <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:smf_state/@id">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/sol-def:isainfo_state/@id">
<sch:value-of select="../@id"/> - the state child element of an isainfo_test must reference an isainfo_state</sch:assert>
</sch:rule>
</sch:pattern>
Modified: trunk/ovaldi/xml/solaris-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/solaris-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/solaris-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:sol-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#solaris" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#solaris" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:sol-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#solaris" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#solaris" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Solaris specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Solaris System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:45 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:00 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Solaris portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="sol-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#solaris"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/unix-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/unix-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/unix-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,15 +1,14 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose generic UNIX tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>UNIX Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:46 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:00 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the UNIX portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="unix-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
Modified: trunk/ovaldi/xml/unix-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/unix-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/unix-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:unix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:unix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the UNIX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Unix System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:46 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:01 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the UNIX portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="unix-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
Modified: trunk/ovaldi/xml/windows-definitions-schema.xsd
===================================================================
--- trunk/ovaldi/xml/windows-definitions-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/windows-definitions-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:annotation>
@@ -7,10 +7,9 @@
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Windows Definition</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:46 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:01 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Windows portion of an OVAL Definitions file</sch:title>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="win-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
@@ -1696,7 +1695,7 @@
<sch:pattern id="fileobjfilename">
<sch:rule context="win-def:file_object/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a file_object should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -1736,7 +1735,7 @@
<sch:pattern id="filestefilename">
<sch:rule context="win-def:file_state/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a file_state should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2016,7 +2015,7 @@
<sch:pattern id="fap53objfilename">
<sch:rule context="win-def:fileauditedpermissions53_object/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileauditedpermissions53_object should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2024,7 +2023,7 @@
</xsd:element>
<xsd:element name="trustee_sid" type="oval-def:EntityObjectStringType">
<xsd:annotation>
- <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
+ <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service). If a pattern match operation is used attempts to identify all the trustees (for exampl a .* pattern) then the search should be limited to just the trustees on the DACL/SACL of the object in question.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fap53objtrustee_sid">
<sch:rule context="win-def:fileauditedpermissions53_object/win-def:trustee_sid">
@@ -2068,7 +2067,7 @@
<sch:pattern id="fap53stefilename">
<sch:rule context="win-def:fileauditedpermissions53_state/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileauditedpermissions53_state should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2410,7 +2409,7 @@
<sch:pattern id="fapobjfilename">
<sch:rule context="win-def:fileauditedpermissions_object/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileauditedpermissions_object should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2463,7 +2462,7 @@
<sch:pattern id="fapstefilename">
<sch:rule context="win-def:fileauditedpermissions_state/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileauditedpermissions_state should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2803,7 +2802,7 @@
<sch:pattern id="fer53objfilename">
<sch:rule context="win-def:fileeffectiverights53_object/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileeffectiverights53_object should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -2811,7 +2810,7 @@
</xsd:element>
<xsd:element name="trustee_sid" type="oval-def:EntityObjectStringType">
<xsd:annotation>
- <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
+ <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service). If a pattern match operation is used attempts to identify all the trustees (for exampl a .* pattern) then the search should be limited to just the trustees on the DACL/SACL of the object in question.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fer53objtrustee_sid">
<sch:rule context="win-def:fileeffectiverights53_object/win-def:trustee_sid">
@@ -2855,7 +2854,7 @@
<sch:pattern id="fer53stefilename">
<sch:rule context="win-def:fileeffectiverights53_state/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileeffectiverights53_state should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3197,7 +3196,7 @@
<sch:pattern id="fefobjfilename">
<sch:rule context="win-def:fileeffectiverights_object/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileeffectiverights_object should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3250,7 +3249,7 @@
<sch:pattern id="ferstefilename">
<sch:rule context="win-def:fileeffectiverights_state/win-def:filename">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the filename entity of a fileeffectiverights_state should be 'string'</sch:assert>
- <sch:assert test="if (not(@operation) or @operation='equals' or @operation='not equal') then (not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) else (1=1)"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
+ <sch:assert test="(not(contains(.,'\') or contains(.,'/') or contains(.,':') or contains(.,'*') or contains(.,'?') or contains(.,'>') or contains(.,'|'))) or (@operation='pattern match')"><sch:value-of select="../@id"/> - filename entity can not contain the characters / \ : * ? > | </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -4042,7 +4041,7 @@
</xsd:element>
<xsd:element name="id" type="oval-def:EntityObjectIntType" nillable="true">
<xsd:annotation>
- <xsd:documentation>The id element specifies a particular object under the metabase key. If the nillable attribute is set to true, then the object being specified is the higher level key. In this case, the id element should not be collected or used in analysis. Setting nil equal to true is different than using a .* pattern match, says to collect every id under a given key. The most likely use for xsi:nil within a metabase object is when checking for the existance of a particular key, without regards to the different ids associated with it.</xsd:documentation>
+ <xsd:documentation>The id element specifies a particular object under the metabase key. If the nillable attribute is set to true, then the object being specified is the higher level key. In this case, the id element should not be collected or used in analysis. Setting nil equal to true is different than using a .* pattern match, says to collect every id under a given key. The most likely use for xsi:nil within a metabase object is when checking for the existence of a particular key, without regards to the different ids associated with it.</xsd:documentation>
<xsd:appinfo>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
@@ -4909,7 +4908,7 @@
</xsd:element>
<xsd:element name="name" type="oval-def:EntityObjectStringType" nillable="true">
<xsd:annotation>
- <xsd:documentation>The name element describes the name assigned to a value associated with a specific registry key. If the nillable attribute is set to true, then the object being specified is the higher level hive/key. In this case, the name element should not be collected or used in analysis. Setting nil equal to true on an element is different than using a .* pattern match. A .* pattern match says to collect every name under a given hive/key. The most likely use for xsi:nil within a registry object is when checking for the existance of a particular key, without regards to the different names associated with it.</xsd:documentation>
+ <xsd:documentation>The name element describes the name assigned to a value associated with a specific registry key. If the nillable attribute is set to true, then the object being specified is the higher level hive/key. In this case, the name element should not be collected or used in analysis. Setting nil equal to true on an element is different than using a .* pattern match. A .* pattern match says to collect every name under a given hive/key. The most likely use for xsi:nil within a registry object is when checking for the existence of a particular key, without regards to the different names associated with it.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="regobjname">
<sch:rule context="win-def:registry_object/win-def:name">
@@ -5097,7 +5096,7 @@
</xsd:element>
<xsd:element name="trustee_sid" type="oval-def:EntityObjectStringType">
<xsd:annotation>
- <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
+ <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service). If a pattern match operation is used attempts to identify all the trustees (for exampl a .* pattern) then the search should be limited to just the trustees on the DACL/SACL of the object in question.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="rap53objtrustee_sid">
<sch:rule context="win-def:regkeyauditedpermissions53_object/win-def:trustee_sid">
@@ -5824,7 +5823,7 @@
<sch:rule context="win-def:regkeyeffectiverights53_test/win-def:object">
<sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:regkeyeffectiverights53_object/@id"><sch:value-of select="../@id"/> - the object child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_object</sch:assert>
</sch:rule>
- <sch:rule context="win-def:regkeyeffectiverights_test/win-def:state">
+ <sch:rule context="win-def:regkeyeffectiverights53_test/win-def:state">
<sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:regkeyeffectiverights53_state/@id"><sch:value-of select="../@id"/> - the state child element of a regkeyeffectiverights53_test must reference a regkeyeffectiverights53_state</sch:assert>
</sch:rule>
</sch:pattern>
@@ -5880,7 +5879,7 @@
</xsd:element>
<xsd:element name="trustee_sid" type="oval-def:EntityObjectStringType">
<xsd:annotation>
- <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
+ <xsd:documentation>The trustee_sid element is the unique sid that associated a user, group, system, or program (such as a Windows service). If a pattern match operation is used attempts to identify all the trustees (for exampl a .* pattern) then the search should be limited to just the trustees on the DACL/SACL of the object in question.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="rer53objtrustee_sid">
<sch:rule context="win-def:regkeyeffectiverights53_object/win-def:trustee_sid">
@@ -6727,8 +6726,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_read_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_read_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_read_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_read_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6740,8 +6739,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_write_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_write_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_write_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_write_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6753,8 +6752,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_create_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_create_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_create_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_create_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6766,8 +6765,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_exec_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_exec_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_exec_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_exec_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6779,8 +6778,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_delete_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_delete_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_delete_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_delete_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6792,8 +6791,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_atrib_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_atrib_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_atrib_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_atrib_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6805,8 +6804,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_perm_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_perm_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_perm_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_perm_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -6818,8 +6817,8 @@
<xsd:appinfo>
<sch:pattern id="srsteaccess_all_permission">
<sch:rule context="win-def:sharedresource_state/win-def:access_all_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">
- <sch:value-of select="../@id"/> - datatype attribute for the access_all_permission entity of a sharedresource_state should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">
+ <sch:value-of select="../@id"/> - datatype attribute for the access_all_permission entity of a sharedresource_state should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -7344,12 +7343,120 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ============================ USER SID TEST (55) ============================= -->
+ <!-- =============================================================================== -->
+ <xsd:element name="user_sid55_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The user_sid55_test is used to check information about Windows users. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a user_sid55_object and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="usersid55tst">
+ <sch:rule context="win-def:user_sid55_test/win-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:user_sid55_object/@id"><sch:value-of select="../@id"/> - the object child element of a user_sid55_test must reference a user_sid55_object</sch:assert>
+ </sch:rule>
+ <sch:rule context="win-def:user_sid55_test/win-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:user_sid55_state/@id"><sch:value-of select="../@id"/> - the state child element of a user_sid55_test must reference a user_sid55_state</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="user_sid55_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The user_sid55_object represents a set of users on a Windows system. This set (which might contain only one user) is identified by a SID.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType">
+ <xsd:sequence>
+ <xsd:choice>
+ <xsd:element ref="oval-def:set" minOccurs="0"/>
+ <xsd:sequence minOccurs="0">
+ <xsd:element name="user_sid" type="oval-def:EntityObjectStringType">
+ <xsd:annotation>
+ <xsd:documentation>The user_sid entity holds a string that represents the SID of a particular user.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="usersid55objuser">
+ <sch:rule context="win-def:user_sid55_object/win-def:user_sid">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the user_sid entity of a user_sid55_object should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="user_sid55_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The user_sid55_state element enumerates the different groups (identified by SID) that a Windows user might belong to. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="user_sid" type="oval-def:EntityStateStringType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>The user_sid entity holds a string that represents the SID of a particular user.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="usersid55steuser">
+ <sch:rule context="win-def:user_sid55_state/win-def:user_sid">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the user_sid entity of a user_sid55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="enabled" type="oval-def:EntityStateBoolType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>This element holds a boolean value that specifies whether the particular user account is enabled or not.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="usersid55steenabled">
+ <sch:rule context="win-def:user_sid55_state/win-def:enabled">
+ <sch:assert test="@datatype='boolean'"><sch:value-of select="../@id"/> - datatype attribute for the enabled entity of a user_sid55_state should be 'boolean'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="group_sid" type="oval-def:EntityStateStringType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>A string the represents the SID of a particular group. The group_sid element can be included multiple times in a system characteristic item in order to record that a user can be a member of a number of different groups. Note that the entity_check attribute associated with EntityStateStringType guides the evaluation of entities like group that refer to items that can occur an unbounded number of times.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="usersid55stegroup">
+ <sch:rule context="win-def:user_sid_55state/win-def:group_sid">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the group_sid entity of a user_sid55_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ======================== USER SID TEST (deprecated) ========================= -->
<!-- =============================================================================== -->
- <!-- =============================== USER SID TEST =============================== -->
- <!-- =============================================================================== -->
<xsd:element name="user_sid_test" substitutionGroup="oval-def:test">
<xsd:annotation>
- <xsd:documentation>The user_sid_test is used to check information about Windows users. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a user_sid_object and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:documentation>This test has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer user_sid55_test.</xsd:documentation>
+ <xsd:documentation>The user_sid_test is used to check information about Windows users. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a user_sid_object and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="usersidtst">
<sch:rule context="win-def:user_sid_test/win-def:object">
@@ -7374,7 +7481,8 @@
</xsd:element>
<xsd:element name="user_sid_object" substitutionGroup="oval-def:object">
<xsd:annotation>
- <xsd:documentation>The user_sid_object represents a set of users on a Windows system. This set (which might contain only one user) is identified by a SID.</xsd:documentation>
+ <xsd:documentation>This object has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer user_sid55_object.</xsd:documentation>
+ <xsd:documentation>The user_sid_object represents a set of users on a Windows system. This set (which might contain only one user) is identified by a SID.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -7404,7 +7512,8 @@
</xsd:element>
<xsd:element name="user_sid_state" substitutionGroup="oval-def:state">
<xsd:annotation>
- <xsd:documentation>The user_sid_state element enumerates the different groups (identified by SID) that a Windows user might belong to. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
+ <xsd:documentation>This state has been deprecated and will be removed in version 6.0 of the language. Recommend use of the newer user_sid55_state.</xsd:documentation>
+ <xsd:documentation>The user_sid_state element enumerates the different groups (identified by SID) that a Windows user might belong to. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -7512,7 +7621,7 @@
</xsd:element>
<xsd:element name="volume_state" substitutionGroup="oval-def:state">
<xsd:annotation>
- <xsd:documentation>The volume_state element defines the different metadata associate with a storage volume in Windows. This includes the rootpat, the file system type, name, and serial number, as well as any associated flags. Please refer to the individual elements in the schema for more details about what each represents. The GetVolumeInformation function as defined by Microsoft is also a good place to look for information.</xsd:documentation>
+ <xsd:documentation>The volume_state element defines the different metadata associate with a storage volume in Windows. This includes the rootpath, the file system type, name, and serial number, as well as any associated flags. Please refer to the individual elements in the schema for more details about what each represents. The GetVolumeInformation function as defined by Microsoft is also a good place to look for information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
@@ -7797,6 +7906,7 @@
<sch:pattern id="wmiobjnamespace">
<sch:rule context="win-def:wmi_object/win-def:namespace">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the namespace entity of a wmi_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the namespace entity of a wmi_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -7809,6 +7919,7 @@
<sch:pattern id="wmiobjwql">
<sch:rule context="win-def:wmi_object/win-def:wql">
<sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the wql entity of a wmi_object should be 'string'</sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the wql entity of a wmi_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -7871,8 +7982,113 @@
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
+ <!-- ========================= WUA UPDATE SEARCHER TEST ========================== -->
<!-- =============================================================================== -->
+ <xsd:element name="wuaupdatesearcher_test" substitutionGroup="oval-def:test">
+ <xsd:annotation>
+ <xsd:documentation>The wuaupdatesearcher_test is used to evaluate patch level in a Windows environment utilizing the WUA (Windows Update Agent) interface. It is based on the Search method of the IUpdateSearcher interface found in the WUA API. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a wmi_object and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.</xsd:documentation>
+ <xsd:documentation>Note that WUA can work off of many different sources including WSUS, update.microsoft.com, and a local cab file. The content source is specific to a given system evaluating a wuaupdatesearcher_test and thus is not defined by this test. The tool being used for evaluation should determine what content source is best for the system being assessed and then evaluate this test based on that selection.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearchertst">
+ <sch:rule context="win-def:wuaupdatesearcher_test/win-def:object">
+ <sch:assert test="@object_ref=/oval-def:oval_definitions/oval-def:objects/win-def:wuasearch_object/@id">
+ <sch:value-of select="../@id"/> - the object child element of a wuaupdatesearcher_test must reference a wuaupdatesearcher_object
+ </sch:assert>
+ </sch:rule>
+ <sch:rule context="win-def:wuaupdatesearcher_test/win-def:state">
+ <sch:assert test="@state_ref=/oval-def:oval_definitions/oval-def:states/win-def:wuasearch_state/@id">
+ <sch:value-of select="../@id"/> - the state child element of a wuaupdatesearcher_test must reference a wuaupdatesearcher_state
+ </sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:TestType">
+ <xsd:sequence>
+ <xsd:element name="object" type="oval-def:ObjectRefType"/>
+ <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="wuaupdatesearcher_object" substitutionGroup="oval-def:object">
+ <xsd:annotation>
+ <xsd:documentation>The wuaupdatesearcher_object element is used by a wuaupdatesearcher_test to define the specific search criteria to be evaluated. Each object extends the standard ObjectType as definied in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:ObjectType">
+ <xsd:sequence>
+ <xsd:choice>
+ <xsd:element ref="oval-def:set" minOccurs="0"/>
+ <xsd:sequence minOccurs="0">
+ <xsd:element name="search_criteria" type="oval-def:EntityObjectStringType">
+ <xsd:annotation>
+ <xsd:documentation>The search_criteria entity specifies a search criteria to use when generating a search result. The string used for the search criteria entity must match the custom search language for Search method of the IUpdateSearcher interface. The string consists of criteria that are evaluated to determine which updates to return. The Search method performs a synchronous search for updates by using the current configured search options. For more information about possible search criteria, please see the Search method of the IUpdateSearcher interface.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearcherobjsearchcriteria">
+ <sch:rule context="win-def:wuaupdatesearcher_object/win-def:search_criteria">
+ <sch:assert test="not(@datatype) or @datatype='string'">
+ <sch:value-of select="../@id"/> - datatype attribute for the search_criteria entity of a wuaupdatesearcher_object should be 'string'
+ </sch:assert>
+ <sch:assert test="not(@operation) or @operation='equals'">
+ <sch:value-of select="../@id"/> - operation attribute for the search_criteria entity of a wuaupdatesearcher_object should be 'equals'
+ </sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="wuaupdatesearcher_state" substitutionGroup="oval-def:state">
+ <xsd:annotation>
+ <xsd:documentation>The wuaupdatesearcher_state element defines entities that can be tested related to a uaupdatesearcher_object. This includes the search criteria and updated id. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-def:StateType">
+ <xsd:sequence>
+ <xsd:element name="search_criteria" type="oval-def:EntityStateStringType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>The search_criteria entity specifies a string to examine the search criteria that was used to generate the object set. Note that since this entity is part of the state, it is not used to determine the object set, but rather is used to test the search criteria that was actually used.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearcherstesearchcriteria">
+ <sch:rule context="win-def:wuaupdatesearcher_state/win-def:search_criteria">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the search_criteria entity of a wuaupdatesearcher_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="update_id" type="oval-def:EntityStateStringType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>The update_id enity specifies a string that represents a revision-independent identifier of an update. This information is part of the IUpdateIdentity interface that is part of the result of the IUpdateSearcher interface's Search method.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearchersteupdateid">
+ <sch:rule context="win-def:wuaupdatesearcher_state/win-def:update_id">
+ <sch:assert test="not(@datatype) or @datatype='string'"><sch:value-of select="../@id"/> - datatype attribute for the update_id entity of a wuaupdatesearcher_state should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
<!-- =============================================================================== -->
+ <!-- =============================================================================== -->
+ <!-- =============================================================================== -->
<xsd:complexType name="EntityStateAddrTypeType">
<xsd:annotation>
<xsd:documentation>The EntityStateAddrTypeType complex type restricts a string value to a specific set of values that describe address types associated with an interface. The empty string is also allowed to support empty emlement associated with variable references.</xsd:documentation>
Modified: trunk/ovaldi/xml/windows-system-characteristics-schema.xsd
===================================================================
--- trunk/ovaldi/xml/windows-system-characteristics-schema.xsd 2008-10-02 18:33:54 UTC (rev 388)
+++ trunk/ovaldi/xml/windows-system-characteristics-schema.xsd 2009-05-02 11:24:18 UTC (rev 389)
@@ -1,17 +1,17 @@
<?xml version="1.0"?>
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:win-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows" elementFormDefault="qualified" version="5.4">
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:win-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows" elementFormDefault="qualified" version="5.5">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Windows specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Windows System Characteristics</schema>
- <version>5.4</version>
- <date>4/1/2008 10:41:47 AM</date>
+ <version>5.5</version>
+ <date>9/26/2008 7:31:01 AM</date>
<terms_of_use>Copyright (c) 2002-2008, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
- <sch:title>schematron validation of the Windows portion of an OVAL System Characteristics file</sch:title>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="win-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows"/>
+ <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
@@ -1678,7 +1678,7 @@
<xsd:appinfo>
<sch:pattern id="fileaudititemtrustee_name">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:trustee_name">
- <sch:assert test="not(@datatype) or @datatype='string'">item <value-of select="../@id"/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_item should be 'string'</sch:assert>
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the trustee_name entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -1971,7 +1971,7 @@
<xsd:appinfo>
<sch:pattern id="feritemtrustee_name">
<sch:rule context="win-sc:fileeffectiverights_item/win-sc:trustee_name">
- <sch:assert test="not(@datatype) or @datatype='string'">item <value-of select="../@id"/> - datatype attribute for the trustee_name entity of a fileeffectiverights_item should be 'string'</sch:assert>
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the trustee_name entity of a fileeffectiverights_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3134,7 +3134,7 @@
<xsd:appinfo>
<sch:pattern id="rapitemtrustee_name">
<sch:rule context="win-sc:regkeyauditedpermissions_item/win-sc:trustee_name">
- <sch:assert test="not(@datatype) or @datatype='string'">item <value-of select="../@id"/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_item should be 'string'</sch:assert>
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the trustee_name entity of a regkeyauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3427,7 +3427,7 @@
<xsd:appinfo>
<sch:pattern id="reritemtrustee_name">
<sch:rule context="win-sc:regkeyeffectiverights_item/win-sc:trustee_name">
- <sch:assert test="not(@datatype) or @datatype='string'">item <value-of select="../@id"/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_item should be 'string'</sch:assert>
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the trustee_name entity of a regkeyeffectiverights_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3743,7 +3743,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_read_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_read_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_read_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_read_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3755,7 +3755,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_write_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_write_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_write_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_write_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3767,7 +3767,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_create_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_create_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_create_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_create_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3779,7 +3779,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_exec_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_exec_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_exec_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_exec_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3791,7 +3791,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_delete_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_delete_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_delete_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_delete_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3803,7 +3803,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_atrib_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_atrib_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_atrib_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_atrib_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3815,7 +3815,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_perm_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_perm_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_perm_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_perm_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3827,7 +3827,7 @@
<xsd:appinfo>
<sch:pattern id="sritemaccess_all_permission">
<sch:rule context="win-sc:sharedresource_item/win-sc:access_all_permission">
- <sch:assert test="not(@datatype) or @datatype='bool'">item <sch:value-of select="../@id"/> - datatype attribute for the access_all_permission entity of a sharedresource_item should be 'bool'</sch:assert>
+ <sch:assert test="@datatype='boolean'">item <sch:value-of select="../@id"/> - datatype attribute for the access_all_permission entity of a sharedresource_item should be 'boolean'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -3919,7 +3919,7 @@
<xsd:appinfo>
<sch:pattern id="uacitemelevationpromptadmin">
<sch:rule context="win-sc:uac_item/win-sc:elevation_prompt_admin">
- <sch:assert test="@not(@datatype) or datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the elevation_prompt_admin entity of a uac_item should be 'string'</sch:assert>
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the elevation_prompt_admin entity of a uac_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
@@ -4415,9 +4415,49 @@
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
+ <!-- =============================================================================== -->
+ <!-- ========================= WUA UPDATE SEARCHER ITEM ========================= -->
+ <!-- =============================================================================== -->
+ <xsd:element name="wuaupdatesearcher_item" substitutionGroup="oval-sc:item">
+ <xsd:annotation>
+ <xsd:documentation>The wuaupdatesearcher_item outlines information defined through the Search method of the IUpdateSearcher interface as part of Microsoft's WUA (Windows Update Agent) API. This information is related to the current patch level in a Windows environment. The test extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="oval-sc:ItemType">
+ <xsd:sequence>
+ <xsd:element name="search_criteria" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
+ <xsd:annotation>
+ <xsd:documentation></xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearcheritemsearchcriteria">
+ <sch:rule context="win-sc:wuaupdatesearcher_item/win-sc:search_criteria">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the search_criteria entity of a wuaupdatesearcher_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="update_id" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>The update_id entity specifies a string that represents a revision-independent identifier of an update. This information is part of the IUpdateIdentity interface that is part of the result of the IUpdateSearcher interface's Search method. Note that multiple update identifiers can be associated with a give search criteria and thus multiple entities can exist for this item.</xsd:documentation>
+ <xsd:appinfo>
+ <sch:pattern id="wuaupdatesearcheritemresult">
+ <sch:rule context="win-sc:wuaupdatesearcher_item/win-sc:update_id">
+ <sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id"/> - datatype attribute for the update_id entity of a wuaupdatesearcher_item should be 'string'</sch:assert>
+ </sch:rule>
+ </sch:pattern>
+ </xsd:appinfo>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
- <!-- =============================================================================== -->
<xsd:complexType name="EntityItemAddrTypeType">
<xsd:annotation>
<xsd:documentation>The EntityItemAddrTypeType restricts a string value to a specific set of values that describe the different address types of interfaces. The empty string is also allowed to support empty emlement associated with error conditions.</xsd:documentation>
More information about the Oval-commits
mailing list