[PATCH] Fix build on Fedora 18+ and the upcoming RHEL release

[Simon Lukasik]

From: Simon Lukasik <sluka...@redhat.com>

Previously, the xccdf namespace has been added to the shorthand
document by <xsl:attribute>. Newer libxml releases are more strict
and do not allow attributes named "xmlns". Which is explicitly
forbiden by XSLT specification.

    http://www.w3.org/TR/xslt#creating-attributes

Addressing:
xsltproc -o output/unlinked-noprofiles-rhel6-xccdf.xml 
transforms/shorthand2xccdf.xslt output/rhel6-shorthand.xml
compilation error: file transforms/shorthand2xccdf.xslt line 19 element 
attribute
xsl:attribute: The attribute name 'xmlns' is not allowed.
make: *** [shorthand2xccdf] Error
---
 RHEL6/Makefile                            |  3 ++-
 RHEL6/transforms/add_xccdf_namespace.xslt | 15 +++++++++++++++
 RHEL6/transforms/shorthand2xccdf.xslt     |  3 ---
 3 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 RHEL6/transforms/add_xccdf_namespace.xslt

diff --git a/RHEL6/Makefile b/RHEL6/Makefile
index 9214ce9..d34b127 100644
--- a/RHEL6/Makefile
+++ b/RHEL6/Makefile
@@ -14,7 +14,8 @@ shorthand-guide:
        xmllint --format --output $(OUT)/rhel6-shorthand.xml 
$(OUT)/rhel6-shorthand.xml
 
 shorthand2xccdf: shorthand-guide
-       xsltproc -o $(OUT)/unlinked-unresolved-noprofiles-rhel6-xccdf.xml 
$(TRANS)/shorthand2xccdf.xslt $(OUT)/rhel6-shorthand.xml
+       xsltproc -o $(OUT)/unlinked-unresolved-noprofiles-rhel6-shorthand.xml 
$(TRANS)/shorthand2xccdf.xslt $(OUT)/rhel6-shorthand.xml
+       xsltproc -o $(OUT)/unlinked-unresolved-noprofiles-rhel6-xccdf.xml 
$(TRANS)/add_xccdf_namespace.xslt 
$(OUT)/unlinked-unresolved-noprofiles-rhel6-shorthand.xml
        xsltproc -stringparam profile "allprofiles" -o 
$(OUT)/unlinked-unresolved-rhel6-xccdf.xml \
                $(TRANS)/xccdf-addprofiles.xslt 
$(OUT)/unlinked-unresolved-noprofiles-rhel6-xccdf.xml
        oscap xccdf resolve -o $(OUT)/unlinked-rhel6-xccdf.xml 
$(OUT)/unlinked-unresolved-rhel6-xccdf.xml
diff --git a/RHEL6/transforms/add_xccdf_namespace.xslt 
b/RHEL6/transforms/add_xccdf_namespace.xslt
new file mode 100644
index 0000000..3acd511
--- /dev/null
+++ b/RHEL6/transforms/add_xccdf_namespace.xslt
@@ -0,0 +1,15 @@
+<?xml version="1.0"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform";>
+       <!-- Add the XCCDF 1.1 namespace to all elements without namespace. -->
+       <xsl:template match="node()|@*">
+               <xsl:copy>
+                       <xsl:apply-templates select="node()|@*"/>
+               </xsl:copy>
+       </xsl:template>
+
+       <xsl:template match="*[namespace-uri()='']">
+               <xsl:element name="{local-name()}" 
namespace="http://checklists.nist.gov/xccdf/1.1";>
+                       <xsl:apply-templates select="node()|@*" />
+               </xsl:element>
+       </xsl:template>
+</xsl:stylesheet>
diff --git a/RHEL6/transforms/shorthand2xccdf.xslt 
b/RHEL6/transforms/shorthand2xccdf.xslt
index 1a849e2..39f6741 100644
--- a/RHEL6/transforms/shorthand2xccdf.xslt
+++ b/RHEL6/transforms/shorthand2xccdf.xslt
@@ -16,9 +16,6 @@ exclude-result-prefixes="xccdf xhtml dc">
   <!-- Content:template -->
   <xsl:template match="Benchmark">
     <xsl:copy>
-      <xsl:attribute name="xmlns">
-        <xsl:text>http://checklists.nist.gov/xccdf/1.1</xsl:text>
-      </xsl:attribute>
       <xsl:apply-templates select="@*|node()" />
     </xsl:copy>
   </xsl:template>
-- 
1.8.2.1

_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide