From caec0c657de7d0e5f565bd63c501ba287db5dcd8 Mon Sep 17 00:00:00 2001
From: Akshay Bhat <nodeax@gmail.com>
Date: Mon, 14 Feb 2022 14:08:38 -0500
Subject: scap-security-guide: Fix openembedded platform tests

Update the installed_OS_is_openembedded check to drop the quotes
in the VERSION_ID string to match f451c68667cca of openembedded-core.
Without this fix, all tests are reported as "notapplicable".

Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...d_OS_is_openembedded-Update-pattern-match.patch | 30 ++++++++++++++++++++++
 .../scap-security-guide/scap-security-guide_git.bb |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch

diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch
new file mode 100644
index 0000000..61d9206
--- /dev/null
+++ b/meta-security-compliance/recipes-openscap/scap-security-guide/files/0001-installed_OS_is_openembedded-Update-pattern-match.patch
@@ -0,0 +1,30 @@
+From d943e41d64da6af89a6b8224110299ad88747497 Mon Sep 17 00:00:00 2001
+From: Akshay Bhat <akshay.bhat@timesys.com>
+Date: Mon, 14 Feb 2022 13:00:31 -0500
+Subject: [PATCH] installed_OS_is_openembedded: Update pattern match
+
+The VERSION_ID string is no longer quoted with f451c68667cca of
+openembedded-core. Update the pattern match check in
+installed_OS_is_openembedded to match the same.
+
+Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
+---
+ shared/checks/oval/installed_OS_is_openembedded.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/shared/checks/oval/installed_OS_is_openembedded.xml b/shared/checks/oval/installed_OS_is_openembedded.xml
+index 01df16b43..eaf9f2b10 100644
+--- a/shared/checks/oval/installed_OS_is_openembedded.xml
++++ b/shared/checks/oval/installed_OS_is_openembedded.xml
+@@ -23,7 +23,7 @@
+   </ind:textfilecontent54_test>
+   <ind:textfilecontent54_object id="obj_openembedded" version="1" comment="Check OpenEmbedded version">
+     <ind:filepath>/etc/os-release</ind:filepath>
+-    <ind:pattern operation="pattern match">^VERSION_ID=\"nodistro\.[0-9].$</ind:pattern>
++    <ind:pattern operation="pattern match">^VERSION_ID=nodistro\.[0-9]$</ind:pattern>
+     <ind:instance datatype="int">1</ind:instance>
+   </ind:textfilecontent54_object>
+ 
+-- 
+2.25.1
+
diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
index ddde5cc..f493ea8 100644
--- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
+++ b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide_git.bb
@@ -9,6 +9,7 @@ SRC_URI = "git://github.com/akuster/scap-security-guide.git;branch=oe-0.1.44;;pr
            file://0003-fix-remaining-getchildren-and-getiterator-functions.patch \
            file://0001-Fix-platform-spec-file-check-tests-in-installed-OS-d.patch \
            file://0002-Fix-missing-openembedded-from-ssg-constants.py.patch \
+           file://0001-installed_OS_is_openembedded-Update-pattern-match.patch \
           "
 PV = "0.1.44+git${SRCPV}"
 
-- 
cgit v1.2.3-54-g00ecf