openscap_git: update to 1.3.0

removed unneeded patch
convert over to cmake

refactor files

Signed-off-by: Armin Kuster <akuster808@gmail.com>

meta-security-compliance/recipes-openscap/openscap/files/crypto_pkgconfig.patch

@@ -1,36 +0,0 @@
-Index: git/configure.ac
-===================================================================
---- git.orig/configure.ac
-+++ git/configure.ac
-@@ -360,25 +360,13 @@ case "${with_crypto}" in
-         AC_DEFINE([HAVE_NSS3], [1], [Define to 1 if you have 'NSS' library.])
-         ;;
-     gcrypt)
--	SAVE_LIBS=$LIBS
--        AC_CHECK_LIB([gcrypt], [gcry_check_version],
--                     [crapi_CFLAGS=`libgcrypt-config --cflags`;
--                      crapi_LIBS=`libgcrypt-config --libs`;
--                      crapi_libname="GCrypt";],
--                     [AC_MSG_ERROR([library 'gcrypt' is required for GCrypt.])],
--                     [])
--        AC_DEFINE([HAVE_GCRYPT], [1], [Define to 1 if you have 'gcrypt' library.])
--	AC_CACHE_CHECK([for GCRYCTL_SET_ENFORCED_FIPS_FLAG],
--                    [ac_cv_gcryctl_set_enforced_fips_flag],
--                    [AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include<gcrypt.h>],
--                                                        [return GCRYCTL_SET_ENFORCED_FIPS_FLAG;])],
--                                       [ac_cv_gcryctl_set_enforced_fips_flag=yes],
--                                       [ac_cv_gcryctl_set_enforced_fips_flag=no])])
-+	PKG_CHECK_MODULES([libgcrypt], [libgcrypt >= 1.7.9],[],
-+			  AC_MSG_FAILURE([libgcrypt devel support is missing]))
- 
--	if test "${ac_cv_gcryctl_set_enforced_fips_flag}" == "yes"; then
--	   AC_DEFINE([HAVE_GCRYCTL_SET_ENFORCED_FIPS_FLAG], [1], [Define to 1 if you have 'gcrypt' library with GCRYCTL_SET_ENFORCED_FIPS_FLAG.])
--	fi
--	LIBS=$SAVE_LIBS
-+	crapi_libname="libgcrypt"
-+	crapi_CFLAGS=$libgcrypt_CFLAGS
-+	crapi_LIBS=$libgcrypt_LIBS
-+        AC_DEFINE([HAVE_GCRYPT], [1], [Define to 1 if you have 'libgcrypt' library.])
-         ;;
-          *)
-           AC_MSG_ERROR([unknown crypto backend])

meta-security-compliance/recipes-openscap/openscap/openscap.inc

@@ -1,2 +1,77 @@
+# Copyright (C) 2017 Armin Kuster  <akuster808@gmail.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+SUMARRY = "NIST Certified SCAP 1.2 toolkit"
+HOME_URL = "https://www.open-scap.org/tools/openscap-base/"
+LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
+LICENSE = "LGPL-2.1"
+
+DEPENDS = "autoconf-archive dbus acl bzip2 pkgconfig gconf procps curl libxml2 libxslt libcap swig libgcrypt chrpath-replacement-native "
+
+DEPENDS_class-native = "autoconf-archive-native pkgconfig-native swig-native curl-native libxml2-native libxslt-native dpkg-native libgcrypt-native nss-native"
+
+inherit cmake pkgconfig python3native perlnative ptest
+
+S = "${WORKDIR}/git"
+
+PACKAGECONFIG ?= "python3 rpm perl"
+PACKAGECONFIG[python3] = "-DENABLE_PYTHON3=True, , python3, python3"
+PACKAGECONFIG[perl] = "-DENABLE_PERL=True,, perl, perl"
+PACKAGECONFIG[rpm] = "-DENABLE_OSCAP_UTIL_AS_RPM=True, ,rpm, rpm"
+
+EXTRA_OECONF += "-DENABLE_PROBES_INDEPENDENT=yes -DENABLE_PROBES_LINUX=yes -DWITH_CRYPTO=gcrypt\
+		-DENABLE_PROBES_SOLARIS=yes -DENABLE_PROBES_UNIX=yes  -DENABLE_TESTS=no \
+		-DENABLE_OSCAP_UTIL_SSH=yes -DENABLE_OSCAP_UTIL=yes -DENABLE_SCE=yes \
+                -DENABLE_OSCAP_UTIL_DOCKER=no \
+                "
+
+EXTRA_OECONF_class-native += "-DENABLE_PROBES=True"
+
 STAGING_OSCAP_DIR = "${TMPDIR}/work-shared/${MACHINE}/oscap-source"
 STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts"
+
+EXTRANATIVEPATH += "chrpath-native"
+
+do_configure_append_class-native () {
+	sed -i 's:OSCAP_DEFAULT_CPE_PATH.*$:OSCAP_DEFAULT_CPE_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe":' ${S}/config.h
+	sed -i 's:OSCAP_DEFAULT_SCHEMA_PATH.*$:OSCAP_DEFAULT_SCHEMA_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas":' ${S}/config.h
+	sed -i 's:OSCAP_DEFAULT_XSLT_PATH.*$:OSCAP_DEFAULT_XSLT_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl":' ${S}/config.h
+}
+
+do_clean[cleandirs] += " ${STAGING_OSCAP_BUILDDIR}"
+
+do_compile_append_class-target() {
+	sed -i -e 's:${STAGING_BINDIR_NATIVE}/python3-native/python3:${bindir}/python3:' ${B}/utils/oscap-docker
+}
+
+do_install_append_class-native () {
+	oscapdir=${STAGING_OSCAP_BUILDDIR}/${datadir_native}
+	install -d $oscapdir	
+	cp -a ${D}/${STAGING_DATADIR_NATIVE}/openscap $oscapdir
+}
+
+TESTDIR = "tests"
+
+do_compile_ptest() {
+    oe-runcmake ${TESTDIR} 
+}
+
+do_install_ptest() {
+    # install the tests
+    cp -rf ${B}/${TESTDIR} ${D}${PTEST_PATH}
+}
+
+do_fixup_rpath() {
+	chrpath -d ${D}${libdir}/libopenscap.so.25.0.1
+	chrpath -d ${D}${libdir}/libopenscap_sce.so.25.0.1
+	chrpath -d ${D}${bindir}/oscap
+}
+
+addtask fixup_rpath before do_package after do_install
+
+FILES_${PN} += "${PYTHON_SITEPACKAGES_DIR}"
+
+RDEPENDS_${PN} += "libxml2 python3 libgcc"
+RDEPENDS_${PN}-ptest = "bash perl python3-core"
+
+BBCLASSEXTEND = "native"

meta-security-compliance/recipes-openscap/openscap/openscap_git.bb

@@ -1,88 +1,11 @@
 # Copyright (C) 2017 Armin Kuster  <akuster808@gmail.com>
 # Released under the MIT license (see COPYING.MIT for the terms)
 
-SUMARRY = "NIST Certified SCAP 1.2 toolkit"
+SUMARRY = "NIST Certified SCAP 1.2 toolkit with OE changes"
-HOME_URL = "https://www.open-scap.org/tools/openscap-base/"
-LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
-LICENSE = "LGPL-2.1"
 
-DEPENDS = "autoconf-archive pkgconfig gconf procps curl libxml2 rpm \
+SRCREV = "4bbdb46ff651f809d5b38ca08d769790c4bfff90"
-          libxslt libcap swig swig-native"
+SRC_URI = "git://github.com/akuster/openscap.git;branch=oe-1.3 \
-
-DEPENDS_class-native = "autoconf-archive-native pkgconfig-native swig-native curl-native libxml2-native libxslt-native dpkg-native libgcrypt-native nss-native"
-
-SRCREV = "59c234b3e9907480c89dfbd1b466a6bf72a2d2ed"
-SRC_URI = "git://github.com/akuster/openscap.git;branch=oe \
-           file://crypto_pkgconfig.patch \
            file://run-ptest \
 "
-PV = "v1.2.17+git${SRCPV}"
-
-inherit autotools-brokensep pkgconfig python3native perlnative ptest
-
-S = "${WORKDIR}/git"
-
-PACKAGECONFIG ?= "nss3 pcre rpm"
-PACKAGECONFIG[pcre] = ",--enable-regex-posix, libpcre"
-PACKAGECONFIG[gcrypt] = "--with-crypto=gcrypt,, libgcrypt "
-PACKAGECONFIG[nss3] = "--with-crypto=nss3,, nss"
-PACKAGECONFIG[python] = "--enable-python, --disable-python, python, python"
-PACKAGECONFIG[python3] = "--enable-python3, --disable-python3, python3, python3"
-PACKAGECONFIG[perl] = "--enable-perl, --disable-perl, perl, perl"
-PACKAGECONFIG[rpm] = " --enable-util-scap-as-rpm, --disable-util-scap-as-rpm, rpm, rpm"
-
-export LDFLAGS += " -ldl"
-
-EXTRA_OECONF += "--enable-probes-independent --enable-probes-linux \
-		--enable-probes-solaris --enable-probes-unix  --disable-util-oscap-docker\
-		--enable-util-oscap-ssh --enable-util-oscap --enable-ssp --enable-sce \
-"
-
-EXTRA_OECONF_class-native += "--disable-probes-independent --enable-probes-linux \
-		--disable-probes-solaris --disable-probes-unix \
-		--enable-util-oscap \
-"
-
-do_configure_prepend () {
-	sed -i 's:-I/usr/include:-I${STAGING_INCDIR}:' ${S}/swig/perl/Makefile.am
-	sed -i 's:-I/usr/include:-I${STAGING_INCDIR}:' ${S}/swig/python3/Makefile.am
-	sed -i 's:-I/usr/include:-I${STAGING_INCDIR}:' ${S}/swig/python2/Makefile.am
-	sed -i 's:python2:python:' ${S}/utils/scap-as-rpm
-}
-
 
 include openscap.inc
-
-do_configure_append_class-native () {
-	sed -i 's:OSCAP_DEFAULT_CPE_PATH.*$:OSCAP_DEFAULT_CPE_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe":' ${S}/config.h
-	sed -i 's:OSCAP_DEFAULT_SCHEMA_PATH.*$:OSCAP_DEFAULT_SCHEMA_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas":' ${S}/config.h
-	sed -i 's:OSCAP_DEFAULT_XSLT_PATH.*$:OSCAP_DEFAULT_XSLT_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl":' ${S}/config.h
-}
-
-do_clean[cleandirs] += " ${STAGING_OSCAP_BUILDDIR}"
-
-do_install_append_class-native () {
-	oscapdir=${STAGING_OSCAP_BUILDDIR}/${datadir_native}
-	install -d $oscapdir	
-	cp -a ${D}/${STAGING_DATADIR_NATIVE}/openscap $oscapdir
-}
-
-TESTDIR = "tests"
-
-do_compile_ptest() {
-    sed -i 's:python2:python:' ${S}/${TESTDIR}/nist/test_worker.py
-    echo 'buildtest-TESTS: $(check)' >> ${TESTDIR}/Makefile
-    oe_runmake -C ${TESTDIR} buildtest-TESTS
-}
-
-do_install_ptest() {
-    # install the tests
-    cp -rf ${B}/${TESTDIR} ${D}${PTEST_PATH}
-}
-
-FILES_${PN} += "${PYTHON_SITEPACKAGES_DIR}"
-
-RDEPENDS_${PN} += "libxml2 python libgcc"
-RDEPENDS_${PN}-ptest = "bash perl python"
-
-BBCLASSEXTEND = "native"