Signed-off-by: Jeffrey Blank <[email protected]>
---
RHEL6/transforms/xccdf2stigformat.xslt | 63 ++++++++++++++++++++++++--------
1 files changed, 47 insertions(+), 16 deletions(-)
diff --git a/RHEL6/transforms/xccdf2stigformat.xslt
b/RHEL6/transforms/xccdf2stigformat.xslt
index 4f472c2..23abe7e 100644
--- a/RHEL6/transforms/xccdf2stigformat.xslt
+++ b/RHEL6/transforms/xccdf2stigformat.xslt
@@ -4,32 +4,63 @@
<!-- This transform transforms that project's main XCCDF content
into the format expected in a DISA STIG. -->
-
<xsl:include href="constants.xslt"/>
+ <xsl:template match="xccdf:Benchmark">
+ <Benchmark xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";
xmlns:xhtml="http://www.w3.org/1999/xhtml";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:cpe="http://cpe.mitre.org/language/2.0";
xmlns:dc="http://purl.org/dc/elements/1.1/";
+xmlns="http://checklists.nist.gov/xccdf/1.1"; id="RHEL_6_STIG" xml:lang="en"
+xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1
http://nvd.nist.gov/schema/xccdf-1.1.4.xsd http://cpe.mitre.org/dictionary/2.0
http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd";>
+ <status date="2012-10-01">pre-draft</status>
+ <title>Pre-Draft Red Hat Enterprise Linux 6 Security Technical
Implementation Guide</title>
+ <description>The Red Hat Enterprise Linux 6 Security Technical
Implementation Guide (STIG) is published as a tool to improve the security of
Department of Defense (DoD) information systems. Comments or proposed revisions
to this document should be sent via e-mail to the following address:
[email protected].</description>
+ <notice id="terms-of-use" xml:lang="en" />
+ <!-- this is here as a placeholder, prior to any publication. this is
PRE-DRAFT, NON-RELEASE material. -->
+ <reference href="http://iase.disa.mil";>
+ <dc:publisher>DISA, Field Security Operations</dc:publisher>
+ <dc:source>iase.disa.mil</dc:source>
+ </reference>
+ <version>0.7</version>
+
+ <!-- retain desired Profile -->
+ <xsl:apply-templates select="xccdf:Profile" />
+ <!-- retain all Values -->
+ <xsl:apply-templates select=".//xccdf:Value" />
+ <!-- retain Rules only from the selected Profile -->
+ <xsl:apply-templates select=".//xccdf:Rule" />
+ </Benchmark>
+ </xsl:template>
+
+
+ <xsl:template match="xccdf:Profile">
+ <xsl:if test="@id=$profile">
+ <xsl:copy>
+ <xsl:apply-templates select="@*|node()"/>
+ </xsl:copy>
+ </xsl:if>
+ </xsl:template>
+
+
+ <xsl:template match="xccdf:Value">
+ <xsl:copy>
+ <xsl:apply-templates select="@*|node()"/>
+ </xsl:copy>
+ </xsl:template>
+
<xsl:template match="xccdf:Rule">
+ <Group>
+ <xsl:attribute name="id">groupid</xsl:attribute>
<xsl:copy>
- <!-- deal with oscap element ordering pickiness -->
- <xsl:apply-templates
select="@*|node()[not(self::xccdf:rationale|self::xccdf:ident|self::xccdf:check|self::xccdf:fix)]"/>
- <!-- insert CCI 336 if no other CCI is referenced -->
- <xsl:if test="not(xccdf:reference[@href=$disa-cciuri])">
- <xsl:element name="reference"
namespace="http://checklists.nist.gov/xccdf/1.1";>
- <xsl:attribute name="href"><xsl:value-of
select="$disa-cciuri"/></xsl:attribute>
- <xsl:text>366</xsl:text>
- </xsl:element>
- </xsl:if>
-
- <xsl:apply-templates
select="node()[self::xccdf:rationale|self::xccdf:ident|self::xccdf:check|self::xccdf:fix]"/>
+ <xsl:apply-templates select="@*|node()"/>
</xsl:copy>
+ </Group>
</xsl:template>
- <!-- copy everything else through to final output -->
<xsl:template match="@*|node()">
- <xsl:copy>
- <xsl:apply-templates select="@*|node()" />
- </xsl:copy>
+ <xsl:copy>
+ <xsl:apply-templates select="@*|node()" />
+ </xsl:copy>
</xsl:template>
</xsl:stylesheet>
--
1.7.1
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
