synapse 2.175.0__py311-none-any.whl → 2.177.0__py311-none-any.whl

synapse/tests/test_lib_cell.py

@@ -23,6 +23,7 @@ import synapse.cortex as s_cortex
 import synapse.daemon as s_daemon
 import synapse.telepath as s_telepath
 
+import synapse.lib.auth as s_auth
 import synapse.lib.base as s_base
 import synapse.lib.cell as s_cell
 import synapse.lib.coro as s_coro
@@ -31,7 +32,6 @@ import synapse.lib.nexus as s_nexus
 import synapse.lib.certdir as s_certdir
 import synapse.lib.msgpack as s_msgpack
 import synapse.lib.version as s_version
-import synapse.lib.hiveauth as s_hiveauth
 import synapse.lib.lmdbslab as s_lmdbslab
 import synapse.lib.crypto.passwd as s_passwd
 import synapse.lib.platforms.linux as s_linux
@@ -133,7 +133,27 @@ async def altAuthCtor(cell):
     authconf = cell.conf.get('auth:conf')
     assert authconf['foo'] == 'bar'
     authconf['baz'] = 'faz'
-    return await s_cell.Cell._initCellHiveAuth(cell)
+
+    maxusers = cell.conf.get('max:users')
+
+    seed = s_common.guid((cell.iden, 'hive', 'auth'))
+
+    auth = await s_auth.Auth.anit(
+        cell.slab,
+        'auth',
+        seed=seed,
+        nexsroot=cell.getCellNexsRoot(),
+        maxusers=maxusers
+    )
+
+    auth.link(cell.dist)
+
+    def finilink():
+        auth.unlink(cell.dist)
+
+    cell.onfini(finilink)
+    cell.onfini(auth.fini)
+    return auth
 
 class CellTest(s_t_utils.SynTest):
 
@@ -417,8 +437,6 @@ class CellTest(s_t_utils.SynTest):
         # Ensure the cell and its auth have been fini'd
         self.true(echo.isfini)
         self.true(echo.auth.isfini)
-        root = await echo.auth.getUserByName('root')
-        self.true(root.isfini)
 
     async def test_cell_userapi(self):
 
@@ -1189,6 +1207,7 @@ class CellTest(s_t_utils.SynTest):
             async with await s_cell.Cell.anit(dirn, conf=conf) as cell:
                 self.eq('faz', cell.conf.get('auth:conf')['baz'])
                 await cell.auth.addUser('visi')
+                await cell._storCellAuthMigration()
 
     async def test_cell_auth_userlimit(self):
         maxusers = 3
@@ -1237,7 +1256,8 @@ class CellTest(s_t_utils.SynTest):
 
         with self.setTstEnvars(SYN_CELL_MAX_USERS=str(maxusers)):
             with self.getTestDir() as dirn:
-                async with await s_cell.Cell.initFromArgv([dirn]) as cell:
+                argv = [dirn, '--https', '0', '--telepath', 'tcp://0.0.0.0:0']
+                async with await s_cell.Cell.initFromArgv(argv) as cell:
                     await cell.auth.addUser('visi1')
                     await cell.auth.addUser('visi2')
                     await cell.auth.addUser('visi3')
@@ -1597,7 +1617,7 @@ class CellTest(s_t_utils.SynTest):
 
         async with self.getTestCell(s_cell.Cell, conf=conf) as cell:  # type: s_cell.Cell
             iden = s_common.guid((cell.iden, 'auth', 'user', 'foo@bar.mynet.com'))
-            user = cell.auth.user(iden)  # type: s_hiveauth.HiveUser
+            user = cell.auth.user(iden)  # type: s_auth.User
             self.eq(user.name, 'foo@bar.mynet.com')
             self.eq(user.pack().get('email'), 'foo@barcorp.com')
             self.false(user.isAdmin())
@@ -1607,7 +1627,7 @@ class CellTest(s_t_utils.SynTest):
             self.false(user.allowed(('newp', 'secret')))
 
             iden = s_common.guid((cell.iden, 'auth', 'user', 'sally@bar.mynet.com'))
-            user = cell.auth.user(iden)  # type: s_hiveauth.HiveUser
+            user = cell.auth.user(iden)  # type: s_auth.User
             self.eq(user.name, 'sally@bar.mynet.com')
             self.true(user.isAdmin())
 
@@ -2036,6 +2056,23 @@ class CellTest(s_t_utils.SynTest):
                 self.true(await user.tryPasswd('hehe'))
                 self.false(await user.tryPasswd('secret1234'))
 
+        # Password policies do not prevent live migration of an existing password
+        with self.getRegrDir('cells', 'passwd-2.109.0') as dirn:
+            policy = {'complexity': {'length': 5}}
+            conf = {'auth:passwd:policy': policy}
+            async with self.getTestCell(s_cell.Cell, conf=conf, dirn=dirn) as cell:  # type: s_cell.Cell
+                root = await cell.auth.getUserByName('root')
+                shadow = root.info.get('passwd')
+                self.isinstance(shadow, tuple)
+                self.len(2, shadow)
+
+                # Old password works and is migrated to the new password scheme
+                self.false(await root.tryPasswd('newp'))
+                self.true(await root.tryPasswd('root'))
+                shadow = root.info.get('passwd')
+                self.isinstance(shadow, dict)
+                self.eq(shadow.get('type'), s_passwd.DEFAULT_PTYP)
+
         # Pre-nexus changes of root via auth:passwd work too.
         with self.getRegrDir('cells', 'passwd-2.109.0') as dirn:
             conf = {'auth:passwd': 'supersecretpassword'}
@@ -2625,6 +2662,122 @@ class CellTest(s_t_utils.SynTest):
             with self.raises(s_exc.NoSuchIden):
                 await cell.delUserApiKey(newp)
 
+    async def test_cell_iter_slab_data(self):
+        async with self.getTestCell(s_cell.Cell) as cell:
+            data = await s_t_utils.alist(cell.iterSlabData('cell:info'))
+            self.eq(data, (
+                ('cell:version', s_version.version),
+                ('nexus:version', s_cell.NEXUS_VERSION),
+                ('synapse:version', s_version.version)
+            ))
+            with self.raises(s_exc.BadArg):
+                await s_t_utils.alist(cell.iterSlabData('newp'))
+
+            sfkv = cell.slab.getSafeKeyVal('hehe', prefix='yup')
+            sfkv.set('wow', 'yes')
+            data = await s_t_utils.alist(cell.iterSlabData('hehe'))
+            self.eq(data, [('yupwow', 'yes')])
+            data = await s_t_utils.alist(cell.iterSlabData('hehe', prefix='yup'))
+            self.eq(data, [('wow', 'yes')])
+
+    async def test_cell_nexus_compat(self):
+        with mock.patch('synapse.lib.cell.NEXUS_VERSION', (0, 0)):
+            async with self.getRegrCore('hive-migration') as core0:
+                with mock.patch('synapse.lib.cell.NEXUS_VERSION', (2, 177)):
+                    conf = {'mirror': core0.getLocalUrl()}
+                    async with self.getRegrCore('hive-migration', conf=conf) as core1:
+                        await core1.sync()
+
+                        await core1.nodes('$lib.user.vars.set(foo, bar)')
+                        self.eq('bar', await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.vars.pop(foo)')
+                        self.none(await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.profile.set(bar, baz)')
+                        self.eq('baz', await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        await core1.nodes('$lib.user.profile.pop(bar)')
+                        self.none(await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        self.eq((0, 0), core1.nexsvers)
+                        await core0.setNexsVers((2, 177))
+                        await core1.sync()
+                        self.eq((2, 177), core1.nexsvers)
+
+                        await core1.nodes('$lib.user.vars.set(foo, bar)')
+                        self.eq('bar', await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.vars.pop(foo)')
+                        self.none(await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.profile.set(bar, baz)')
+                        self.eq('baz', await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        await core1.nodes('$lib.user.profile.pop(bar)')
+                        self.none(await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+    async def test_cell_hive_migration(self):
+
+        with self.getAsyncLoggerStream('synapse.lib.cell') as stream:
+
+            async with self.getRegrCore('hive-migration') as core:
+                visi = await core.auth.getUserByName('visi')
+                asvisi = {'user': visi.iden}
+
+                valu = await core.callStorm('return($lib.user.vars.get(foovar))', opts=asvisi)
+                self.eq('barvalu', valu)
+
+                valu = await core.callStorm('return($lib.user.profile.get(fooprof))', opts=asvisi)
+                self.eq('barprof', valu)
+
+                msgs = await core.stormlist('cron.list')
+                self.stormIsInPrint('visi       8437c35a', msgs)
+                self.stormIsInPrint('[tel:mob:telem=*]', msgs)
+
+                msgs = await core.stormlist('dmon.list')
+                self.stormIsInPrint('0973342044469bc40b577969028c5079:  (foodmon             ): running', msgs)
+
+                msgs = await core.stormlist('trigger.list')
+                self.stormIsInPrint('visi       27f5dc524e7c3ee8685816ddf6ca1326', msgs)
+                self.stormIsInPrint('[ +#count test:str=$tag ]', msgs)
+
+                msgs = await core.stormlist('testcmd0 foo')
+                self.stormIsInPrint('foo haha', msgs)
+
+                msgs = await core.stormlist('testcmd1')
+                self.stormIsInPrint('hello', msgs)
+
+                msgs = await core.stormlist('model.deprecated.locks')
+                self.stormIsInPrint('ou:hasalias', msgs)
+
+                nodes = await core.nodes('_visi:int')
+                self.len(1, nodes)
+                node = nodes[0]
+                self.eq(node.get('tick'), 1577836800000,)
+                self.eq(node.get('._woot'), 5)
+                self.nn(node.getTagProp('test', 'score'), 6)
+
+                roles = s_t_utils.deguidify('[{"type": "role", "iden": "e1ef725990aa62ae3c4b98be8736d89f", "name": "all", "rules": [], "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"rules": [[true, ["layer", "read"]]]}, "4d50eb257549436414643a71e057091a": {"rules": [[true, ["view", "read"]]]}}}]')
+                users = s_t_utils.deguidify('[{"type": "user", "iden": "a357138db50780b62093a6ce0d057fd8", "name": "root", "rules": [], "roles": [], "admin": true, "email": null, "locked": false, "archived": false, "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"admin": true}, "4d50eb257549436414643a71e057091a": {"admin": true}}}, {"type": "user", "iden": "f77ac6744671a845c27e571071877827", "name": "visi", "rules": [[true, ["cron", "add"]], [true, ["dmon", "add"]], [true, ["trigger", "add"]]], "roles": [{"type": "role", "iden": "e1ef725990aa62ae3c4b98be8736d89f", "name": "all", "rules": [], "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"rules": [[true, ["layer", "read"]]]}, "4d50eb257549436414643a71e057091a": {"rules": [[true, ["view", "read"]]]}}}], "admin": false, "email": null, "locked": false, "archived": false, "authgates": {"f21b7ae79c2dacb89484929a8409e5d8": {"admin": true}, "d7d0380dd4e743e35af31a20d014ed48": {"admin": true}}}]')
+                gates = s_t_utils.deguidify('[{"iden": "46cfde2c1682566602860f8df7d0cc83", "type": "layer", "users": [{"iden": "a357138db50780b62093a6ce0d057fd8", "rules": [], "admin": true}], "roles": [{"iden": "e1ef725990aa62ae3c4b98be8736d89f", "rules": [[true, ["layer", "read"]]], "admin": false}]}, {"iden": "d7d0380dd4e743e35af31a20d014ed48", "type": "trigger", "users": [{"iden": "f77ac6744671a845c27e571071877827", "rules": [], "admin": true}], "roles": []}, {"iden": "f21b7ae79c2dacb89484929a8409e5d8", "type": "cronjob", "users": [{"iden": "f77ac6744671a845c27e571071877827", "rules": [], "admin": true}], "roles": []}, {"iden": "4d50eb257549436414643a71e057091a", "type": "view", "users": [{"iden": "a357138db50780b62093a6ce0d057fd8", "rules": [], "admin": true}], "roles": [{"iden": "e1ef725990aa62ae3c4b98be8736d89f", "rules": [[true, ["view", "read"]]], "admin": false}]}, {"iden": "cortex", "type": "cortex", "users": [], "roles": []}]')
+
+                self.eq(roles, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.roles.list())'))))
+                self.eq(users, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.users.list())'))))
+                self.eq(gates, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.gates.list())'))))
+
+                with self.raises(s_exc.BadTag):
+                    await core.nodes('[ it:dev:str=foo +#test.newp ]')
+
+        stream.seek(0)
+        data = stream.getvalue()
+        newprole = s_common.guid('newprole')
+        newpuser = s_common.guid('newpuser')
+
+        self.isin(f'Unknown user {newpuser} on gate', data)
+        self.isin(f'Unknown role {newprole} on gate', data)
+        self.isin(f'Unknown role {newprole} on user', data)
+
     async def test_cell_check_sysctl(self):
         sysctls = s_linux.getSysctls()
 
@@ -2640,7 +2793,7 @@ class CellTest(s_t_utils.SynTest):
 
         stream.seek(0)
         data = stream.getvalue()
-        raw_mesgs = [m for m in data.split('\\n') if m]
+        raw_mesgs = [m for m in data.split('\n') if m]
         msgs = [json.loads(m) for m in raw_mesgs]
 
         self.len(1, msgs)

synapse/tests/test_lib_httpapi.py

@@ -525,7 +525,7 @@ class HttpApiTest(s_tests.SynTest):
 
                 async with self.getHttpSess() as noobsess:
                     info = {'user': 'noob', 'passwd': 'nooblet'}
-                    async with sess.post(f'https://localhost:{port}/api/v1/login', json=info) as resp:
+                    async with noobsess.post(f'https://localhost:{port}/api/v1/login', json=info) as resp:
                         item = await resp.json()
                         self.eq('AuthDeny', item.get('code'))
 
@@ -1136,6 +1136,11 @@ class HttpApiTest(s_tests.SynTest):
                     self.len(1, data['gates'])
                     self.eq(data['gates'][0]['iden'], 'cortex')
 
+                    deflayr, defview = await core.callStorm('''
+                        $view = $lib.view.get()
+                        return(($view.layers.0.iden, $view.iden))
+                    ''')
+
                     # user add. couple of messages fall out from it
                     await core.callStorm('auth.user.add beep --email beep@vertex.link')
                     mesg = await sock.receive_json()
@@ -1151,18 +1156,6 @@ class HttpApiTest(s_tests.SynTest):
                     mesg = await sock.receive_json()
                     data = mesg['data']
                     self.eq(data['event'], 'user:info')
-                    self.eq(data['info']['name'], 'email')
-                    self.eq(data['info']['valu'], 'beep@vertex.link')
-                    self.gt(data['offset'], base)
-                    base = data['offset']
-
-                    mesg = await sock.receive_json()
-                    data = mesg['data']
-                    deflayr, defview = await core.callStorm('''
-                        $view = $lib.view.get()
-                        return(($view.layers.0.iden, $view.iden))
-                    ''')
-                    self.eq(data['event'], 'user:info')
                     self.eq(data['info']['name'], 'role:grant')
                     self.eq(data['info']['iden'], beepiden)
                     self.eq(data['info']['role']['iden'], rall.iden)
@@ -1174,6 +1167,14 @@ class HttpApiTest(s_tests.SynTest):
                     self.gt(data['offset'], base)
                     base = data['offset']
 
+                    mesg = await sock.receive_json()
+                    data = mesg['data']
+                    self.eq(data['event'], 'user:info')
+                    self.eq(data['info']['name'], 'email')
+                    self.eq(data['info']['valu'], 'beep@vertex.link')
+                    self.gt(data['offset'], base)
+                    base = data['offset']
+
                     # set password
                     await core.callStorm('$lib.auth.users.byname("beep").setPasswd("plzdontdothis")')
                     mesg = await sock.receive_json()
@@ -1893,7 +1894,10 @@ class HttpApiTest(s_tests.SynTest):
                     self.eq(roles, {'all', 'ninjas'})
 
             # Remove the role from the Auth subsystem.
-            core.auth.rolesbyiden.pop(ninjas.get('iden'))
+            core.auth.roledefs.delete(ninjas.get('iden'))
+            core.auth.roleidenbyname.delete('ninjas')
+            core.auth.rolebyidencache.pop(ninjas.get('iden'))
+            core.auth.roleidenbynamecache.pop('ninjas')
 
             async with self.getHttpSess() as sess:
                 async with sess.post(f'https://localhost:{port}/api/v1/login',

synapse/tests/test_lib_layer.py

@@ -7,11 +7,11 @@ import synapse.common as s_common
 import synapse.cortex as s_cortex
 import synapse.telepath as s_telepath
 
+import synapse.lib.auth as s_auth
 import synapse.lib.time as s_time
 import synapse.lib.layer as s_layer
 import synapse.lib.msgpack as s_msgpack
 import synapse.lib.spooled as s_spooled
-import synapse.lib.hiveauth as s_hiveauth
 
 import synapse.tools.backup as s_tools_backup
 
@@ -1369,6 +1369,8 @@ class LayerTest(s_t_utils.SynTest):
             readlayr = core.getLayer(readlayrinfo.get('iden'))
             self.true(readlayr.readonly)
 
+            self.none(await core._cloneLayer(readlayrinfo['iden'], readlayrinfo, None))
+
     async def test_layer_ro(self):
         with self.getTestDir() as dirn:
             async with self.getTestCore(dirn=dirn) as core:
@@ -1966,7 +1968,7 @@ class LayerTest(s_t_utils.SynTest):
                 parent = core.view.layers[0]
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2015,7 +2017,7 @@ class LayerTest(s_t_utils.SynTest):
                 ''', opts=opts)
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2046,7 +2048,7 @@ class LayerTest(s_t_utils.SynTest):
                 })
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, layr.iden, delete=True)
@@ -2107,7 +2109,7 @@ class LayerTest(s_t_utils.SynTest):
             parent = core.view.layers[0]
 
             seen.clear()
-            with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+            with mock.patch.object(s_auth.User, 'confirm', confirm):
                 with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                         await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2122,7 +2124,7 @@ class LayerTest(s_t_utils.SynTest):
             await user.delRule((False, ('node', 'data', 'set', 'hehe')))
 
             seen.clear()
-            with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+            with mock.patch.object(s_auth.User, 'confirm', confirm):
                 with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                         await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2189,30 +2191,28 @@ class LayerTest(s_t_utils.SynTest):
 
     async def test_push_pull_default_migration(self):
         async with self.getRegrCore('2.159.0-layr-pdefs') as core:
-            def_tree = await core.saveHiveTree(('cortex', 'layers', '507ebf7e6ec7aadc47ace6f1f8f77954'))
-            dst_tree = await core.saveHiveTree(('cortex', 'layers', '9bf7a3adbf69bd16832529ab1fcd1c83'))
-
-            epulls = {'value':
-                          {'28cb757e9e390a234822f55b922f3295':
-                               {'chunk:size': 1000,
-                                'iden': '28cb757e9e390a234822f55b922f3295',
-                                'offs': 0,
-                                'queue:size': 10000,
-                                'time': 1703781215891,
-                                'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
-                                'user': '1d8e6e87a2931f8d27690ff408debdab'}}}
-            epushs = {'value':
-                          {'e112f93f09e43f3a10ae945b84721778':
-                               {'chunk:size': 1000,
-                                'iden': 'e112f93f09e43f3a10ae945b84721778',
-                                'offs': 0,
-                                'queue:size': 10000,
-                                'time': 1703781208684,
-                                'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
-                                'user': '1d8e6e87a2931f8d27690ff408debdab'}}}
-
-            self.eq(def_tree.get('kids').get('pulls'), epulls)
-            self.eq(def_tree.get('kids').get('pushs'), epushs)
-
-            self.notin('pulls', dst_tree.get('kids'))
-            self.notin('pushs', dst_tree.get('kids'))
+            def_tree = core.getLayer('507ebf7e6ec7aadc47ace6f1f8f77954').layrinfo
+            dst_tree = core.getLayer('9bf7a3adbf69bd16832529ab1fcd1c83').layrinfo
+
+            epulls = {'28cb757e9e390a234822f55b922f3295':
+                           {'chunk:size': 1000,
+                            'iden': '28cb757e9e390a234822f55b922f3295',
+                            'offs': 0,
+                            'queue:size': 10000,
+                            'time': 1703781215891,
+                            'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
+                            'user': '1d8e6e87a2931f8d27690ff408debdab'}}
+            epushs = {'e112f93f09e43f3a10ae945b84721778':
+                           {'chunk:size': 1000,
+                            'iden': 'e112f93f09e43f3a10ae945b84721778',
+                            'offs': 0,
+                            'queue:size': 10000,
+                            'time': 1703781208684,
+                            'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
+                            'user': '1d8e6e87a2931f8d27690ff408debdab'}}
+
+            self.eq(def_tree.get('pulls'), epulls)
+            self.eq(def_tree.get('pushs'), epushs)
+
+            self.notin('pulls', dst_tree)
+            self.notin('pushs', dst_tree)

synapse/tests/test_lib_link.py

@@ -63,10 +63,15 @@ class LinkTest(s_test.SynTest):
         host, port = serv.sockets[0].getsockname()
 
         link = await s_link.connect(host, port)
-
+        info = link.getAddrInfo()
+        self.eq(info.get('family'), 'tcp')
+        self.eq(info.get('ipver'), 'ipv4')
         await link.send(b'visi')
         self.eq(b'vert', await link.recvsize(4))
         self.none(await link.recvsize(1))
+        await link.fini()
+        # We can still get the info after we've closed the socket / fini'd the link.
+        self.eq(info, link.getAddrInfo())
 
     async def test_link_tx_sadpath(self):
 
@@ -295,3 +300,39 @@ class LinkTest(s_test.SynTest):
                         await s_link.connect(hostname, port=port, ssl=sslctx)
                 finally:
                     server.close()
+
+                # Ensure we can talk to a TLS link though.
+                async def func(link: s_link.Link):
+                    self.eq(b'go', await link.recv(2))
+                    await link.tx(link.getAddrInfo())
+                    await link.fini()
+
+                srv_sslctx = certdir.getServerSSLContext(hostname)  # type: ssl.SSLContext
+                server = await s_link.listen(hostname, lport, onlink=func, ssl=srv_sslctx)
+                sslctx = certdir.getClientSSLContext()  # type: ssl.SSLContext
+                _, port = server.sockets[0].getsockname()
+                print(f'listening on port {port=}')
+                async with await s_link.connect(hostname, port=port, ssl=sslctx) as link:
+                    await link.send(b'go')
+                    item = await link.rx()
+                    self.eq(link.getAddrInfo().get('family'), 'tls')
+                    self.eq(item.get('family'), 'tls')
+                server.close()
+
+    async def test_link_unix(self):
+        with self.getTestDir() as dirn:
+
+            async def func(link: s_link.Link):
+                self.eq(b'go', await link.recv(2))
+                await link.tx(link.getAddrInfo())
+                await link.fini()
+            fp = s_common.genpath(dirn, 'sock')
+            server = await s_link.unixlisten(fp, onlink=func)
+
+            async with await s_link.unixconnect(fp) as link:
+                await link.send(b'go')
+                item = await link.rx()
+                self.eq(link.getAddrInfo().get('family'), 'unix')
+                self.eq(item.get('addr'), fp)
+                self.eq(item.get('family'), 'unix')
+            server.close()

synapse/tests/test_lib_lmdbslab.py

@@ -1528,6 +1528,74 @@ class LmdbSlabTest(s_t_utils.SynTest):
 
                 self.eq(3, slab.count(b'foo', db=dupsdb))
 
+    async def test_safekeyval(self):
+        with self.getTestDir() as dirn:
+
+            path = os.path.join(dirn, 'test.lmdb')
+
+            async with await s_lmdbslab.Slab.anit(path) as slab:
+
+                safekv = slab.getSafeKeyVal('test')
+
+                subkv1 = safekv.getSubKeyVal('pref1')
+                subkv2 = subkv1.getSubKeyVal('pref2')
+
+                self.eq(subkv2.prefix, 'pref1pref2')
+
+                subkv2.set('foo', 'bar')
+                subkv2.set('baz', 'faz')
+
+                self.eq(list(subkv2.keys()), ['baz', 'foo'])
+                self.eq(list(safekv.keys()), ['pref1pref2baz', 'pref1pref2foo'])
+                self.eq(list(safekv.values()), ['faz', 'bar'])
+
+                await safekv.truncate()
+                self.len(0, safekv.items())
+
+                subkv2.set('wow', 'guys')
+
+                newp = 'a' * 512
+
+                with self.raises(s_exc.BadArg):
+                    safekv.getSubKeyVal(newp)
+
+                with self.raises(s_exc.BadArg):
+                    safekv.get(newp)
+
+                with self.raises(s_exc.BadArg):
+                    safekv.set(newp, 'newp')
+
+                with self.raises(s_exc.BadArg):
+                    safekv.pop(newp)
+
+                with self.raises(s_exc.BadArg):
+                    safekv.delete(newp)
+
+                with self.raises(s_exc.BadArg):
+                    list(safekv.keys(pref=newp))
+
+                with self.raises(s_exc.BadArg):
+                    list(safekv.items(pref=newp))
+
+                with self.raises(s_exc.BadArg):
+                    list(safekv.values(pref=newp))
+
+                with self.raises(s_exc.BadArg):
+                    await safekv.truncate(pref=newp)
+
+                with self.raises(s_exc.BadArg):
+                    safekv.getSubKeyVal('')
+
+                with self.raises(s_exc.BadArg):
+                    slab.getSafeKeyVal('newp', create=False)
+
+            async with await s_lmdbslab.Slab.anit(path) as slab:
+                safekv = slab.getSafeKeyVal('test', create=False)
+                subkv1 = safekv.getSubKeyVal('pref1')
+                subkv2 = subkv1.getSubKeyVal('pref2')
+                self.eq(list(subkv2.keys()), ['wow'])
+
+
 class LmdbSlabMemLockTest(s_t_utils.SynTest):
 
     async def test_lmdbslabmemlock(self):

synapse/tests/test_lib_nexus.py

@@ -4,9 +4,9 @@ from unittest import mock
 import synapse.exc as s_exc
 import synapse.common as s_common
 
+import synapse.lib.auth as s_auth
 import synapse.lib.cell as s_cell
 import synapse.lib.nexus as s_nexus
-import synapse.lib.hiveauth as s_hiveauth
 
 import synapse.tests.utils as s_t_utils
 
@@ -207,7 +207,7 @@ class NexusTest(s_t_utils.SynTest):
 
     async def test_nexus_safety(self):
 
-        orig = s_hiveauth.Auth.reqUser
+        orig = s_auth.Auth.reqUser
         async def slowReq(self, iden):
             await asyncio.sleep(0.2)
             return await orig(self, iden)
@@ -215,7 +215,7 @@ class NexusTest(s_t_utils.SynTest):
         with self.getTestDir() as dirn:
             async with self.getTestCore(dirn=dirn) as core:
 
-                with mock.patch('synapse.lib.hiveauth.Auth.reqUser', slowReq):
+                with mock.patch('synapse.lib.auth.Auth.reqUser', slowReq):
 
                     vcnt = len(core.views)
                     deflayr = (await core.getLayerDef()).get('iden')
@@ -245,7 +245,7 @@ class NexusTest(s_t_utils.SynTest):
                 vcnt = len(core.views)
                 strt = await core.nexsroot.index()
 
-                with mock.patch('synapse.lib.hiveauth.Auth.reqUser', slowReq):
+                with mock.patch('synapse.lib.auth.Auth.reqUser', slowReq):
                     for x in range(3):
                         vdef = {'layers': (deflayr,), 'name': f'someview{x}'}
                         with self.raises(TimeoutError):

synapse/tests/test_lib_node.py

@@ -174,13 +174,6 @@ class NodeTest(s_t_utils.SynTest):
             self.isin('tick', props)
             self.notin('newp', props)
 
-        form = 'test:str'
-        valu = 'cool'
-        props = {'tick': 12345,
-                 'hehe': 'hehe',
-                 }
-        tval = (None, None)
-
         async with self.getTestCore() as core:
             await core.addTagProp('score', ('int', {}), {})
             await core.addTagProp('note', ('str', {'lower': True, 'strip': 'True'}), {})