synapse 2.178.0__py311-none-any.whl → 2.180.0__py311-none-any.whl

synapse/tests/test_lib_stormhttp.py

@@ -692,6 +692,9 @@ class StormHttpTest(s_test.SynTest):
             tlscadir = s_common.gendir(dirn, 'cadir')
             cacertpath = shutil.copyfile(os.path.join(cadir, 'somelocalca.crt'), os.path.join(tlscadir, 'somelocalca.crt'))
 
+            with s_common.genfile(cacertpath) as fd:
+                ca_cert = fd.read().decode()
+
             pkey, cert = tdir.genUserCert('someuser', signas='somelocalca')
             user_pkey = tdir._pkeyToByts(pkey).decode()
             user_cert = tdir._certToByts(cert).decode()
@@ -835,3 +838,40 @@ class StormHttpTest(s_test.SynTest):
                 ## bad cert
                 sslopts['client_cert'] = 'not-gonna-work'
                 await self.asyncraises(s_exc.BadArg, core.callStorm(q, opts=opts))
+
+            # Provide a CA certificate directly
+            async with self.getTestCore(dirn=dirn) as core:
+
+                sslctx = core.initSslCtx(certpath, pkeypath)
+                sslctx.load_verify_locations(cafile=cacertpath)
+
+                addr, port = await core.addHttpsPort(0, sslctx=sslctx)
+                root = await core.auth.getUserByName('root')
+                await root.setPasswd('root')
+
+                core.addHttpApi('/api/v0/test', s_test.HttpReflector, {'cell': core})
+
+                sslopts = {}
+
+                opts = {
+                    'vars': {
+                        'url': f'https://root:root@localhost:{port}/api/v0/test',
+                        'verify': True,
+                        'sslopts': sslopts,
+                    },
+                }
+
+                q = 'return($lib.inet.http.get($url, ssl_verify=$verify, ssl_opts=$sslopts))'
+
+                size, sha256 = await core.callStorm('return($lib.bytes.put($lib.base64.decode(Zm9v)))')
+                opts['vars']['sha256'] = sha256
+
+                ## no cert provided
+                resp = await core.callStorm(q, opts=opts)
+                self.eq(-1, resp['code'])
+                self.isin('certificate verify failed', resp['reason'])
+
+                ## provide just the CA Certificate
+                sslopts['ca_cert'] = ca_cert
+                resp = await core.callStorm(q, opts=opts)
+                self.eq(200, resp['code'])

synapse/tests/test_lib_stormlib_modelext.py

@@ -57,12 +57,24 @@ class StormtypesModelextTest(s_test.SynTest):
             model_defs = await core.callStorm('return ( $lib.model.ext.getExtModel() )')
             self.isinstance(model_defs, dict)
 
+            self.len(1, await core.nodes('_visi:int:tick'))
+            await core._delAllFormProp('_visi:int', 'tick', {})
+            self.len(0, await core.nodes('_visi:int:tick'))
+
+            self.len(1, await core.nodes('._woot'))
+            await core._delAllUnivProp('_woot', {})
+            self.len(0, await core.nodes('._woot'))
+
+            self.len(1, await core.nodes('#lol:score'))
+            await core._delAllTagProp('score', {})
+            self.len(0, await core.nodes('#lol:score'))
+
             await core.callStorm('_visi:int=10 test:int=1234 | delnode')
             await core.callStorm('''
-                $lib.model.ext.delTagProp(score)
-                $lib.model.ext.delUnivProp(_woot)
+                $lib.model.ext.delTagProp(score, force=(true))
+                $lib.model.ext.delUnivProp(_woot, force=(true))
                 $lib.model.ext.delFormProp(_visi:int, tick)
-                $lib.model.ext.delFormProp(test:int, _tick)
+                $lib.model.ext.delFormProp(test:int, _tick, force=(true))
                 $lib.model.ext.delForm(_visi:int)
                 $lib.model.ext.delEdge(inet:user, _copies, *)
             ''')
@@ -276,6 +288,46 @@ class StormtypesModelextTest(s_test.SynTest):
 
             self.nn(core.model.edge(('inet:user', '_copies', None)))
 
+        # Property values left behind in layers are cleanly removed
+        async with self.getTestCore() as core:
+            await core.callStorm('''
+                $typeinfo = ({})
+                $docinfo = ({"doc": "NEWP"})
+                $lib.model.ext.addUnivProp(_woot, (int, ({})), $docinfo)
+                $lib.model.ext.addTagProp(score, (int, ({})), $docinfo)
+                $lib.model.ext.addFormProp(test:int, _tick, (time, ({})), $docinfo)
+            ''')
+            fork = await core.callStorm('return ( $lib.view.get().fork().iden ) ')
+            nodes = await core.nodes('[test:int=1234 :_tick=2024 ._woot=1 +#hehe:score=10]')
+            self.len(1, nodes)
+            self.eq(nodes[0].get('._woot'), 1)
+
+            nodes = await core.nodes('test:int=1234 [:_tick=2023 ._woot=2 +#hehe:score=9]',
+                                     opts={'view': fork})
+            self.len(1, nodes)
+            self.eq(nodes[0].get('._woot'), 2)
+
+            self.len(0, await core.nodes('test:int | delnode'))
+
+            with self.raises(s_exc.CantDelUniv):
+                await core.callStorm('$lib.model.ext.delUnivProp(_woot)')
+            with self.raises(s_exc.CantDelProp):
+                await core.callStorm('$lib.model.ext.delFormProp(test:int, _tick)')
+            with self.raises(s_exc.CantDelProp):
+                await core.callStorm('$lib.model.ext.delTagProp(score)')
+
+            await core.callStorm('$lib.model.ext.delUnivProp(_woot, force=(true))')
+            await core.callStorm('$lib.model.ext.delFormProp(test:int, _tick, force=(true))')
+            await core.callStorm('$lib.model.ext.delTagProp(score, force=(true))')
+
+            nodes = await core.nodes('[test:int=1234]')
+            self.len(1, nodes)
+            self.none(nodes[0].get('._woot'))
+            self.none(nodes[0].get('_tick'))
+            nodes = await core.nodes('test:int=1234', opts={'view': fork})
+            self.none(nodes[0].get('._woot'))
+            self.none(nodes[0].get('_tick'))
+
     async def test_lib_stormlib_behold_modelext(self):
         self.skipIfNexusReplay()
         async with self.getTestCore() as core:

synapse/tests/test_lib_stormlib_stix.py

@@ -410,6 +410,21 @@ class StormLibStixTest(s_test.SynTest):
             self.len(1, [n for n in nodes if n[0][0] == 'it:cmd'])
             self.stormIsInWarn("STIX bundle ingest has no relationship definition for: ('threat-actor', 'gronks', 'threat-actor')", msgs)
 
+            msgs = await core.stormlist('yield $lib.stix.import.ingest(({}), newp)')
+            self.stormIsInErr('config must be a dictionary', msgs)
+
+            msgs = await core.stormlist('yield $lib.stix.import.ingest(({}), ({"relationships": 5}))')
+            self.stormIsInErr('Error processing relationships', msgs)
+
+            msgs = await core.stormlist('yield $lib.stix.import.ingest(({}), ({"bundle": 3}))')
+            self.stormIsInErr('bundle value must be a dictionary', msgs)
+
+            msgs = await core.stormlist('yield $lib.stix.import.ingest(({}), ({"bundle": {"storm": 3}}))')
+            self.stormIsInErr('storm query must be a string', msgs)
+
+            msgs = await core.stormlist('yield $lib.stix.import.ingest(({"objects": 3}), ({}))')
+            self.stormIsInErr('data.objects must be array', msgs)
+
     async def test_stix_export_custom(self):
 
         async with self.getTestCore() as core:

synapse/tests/test_lib_stormlib_vault.py

@@ -159,10 +159,13 @@ class StormlibVaultTest(s_test.SynTest):
 
             # Rename vault
             opts = {'vars': {'giden': giden}}
+            self.eq('gvault', await core.callStorm('return($lib.vault.get($giden).name)', opts=opts))
             q = '$lib.vault.get($giden).name = foobar'
             await core.callStorm(q, opts=opts)
             vault = core.getVault(giden)
             self.eq(vault.get('name'), 'foobar')
+            self.nn(await core.callStorm('return($lib.vault.byname(foobar))'))
+            await self.asyncraises(s_exc.NoSuchName, core.callStorm('return($lib.vault.byname(gvault))'))
 
             # Get secrets without EDIT perms
             opts = {'vars': {'giden': giden}, 'user': visi1.iden}
@@ -222,10 +225,17 @@ class StormlibVaultTest(s_test.SynTest):
             q = '$vault = $lib.vault.get($giden) return($vault.setPerm($iden, $lib.auth.easyperm.level.deny))'
             self.true(await core.callStorm(q, opts=opts))
 
-            # List vaults again
             opts = {'user': visi1.iden}
             self.eq(0, await core.callStorm('return($lib.len($lib.vault.list()))', opts=opts))
 
+            # Remove permission on global vault
+            opts = {'vars': {'iden': visi1.iden, 'giden': giden}}
+            q = '$vault = $lib.vault.get($giden) return($vault.setPerm($iden, $lib.null))'
+            self.true(await core.callStorm(q, opts=opts))
+
+            opts = {'user': visi1.iden}
+            self.eq(1, await core.callStorm('return($lib.len($lib.vault.list()))', opts=opts))
+
             # Runtime asroot
 
             await core.addStormPkg({

synapse/tests/test_lib_stormtypes.py

@@ -6388,6 +6388,11 @@ words\tword\twrd'''
             self.eq(1, await core.callStorm('return($lib.math.number(1.23).toint())'))
             self.eq(2, await core.callStorm('return($lib.math.number(1.23).toint(rounding=ROUND_UP))'))
 
+            with self.raises(s_exc.BadCast):
+                    await core.callStorm('return($lib.math.number((null)))')
+            with self.raises(s_exc.BadCast):
+                    await core.callStorm('return($lib.math.number(newp))')
+
             with self.raises(s_exc.StormRuntimeError):
                 await core.callStorm('return($lib.math.number(1.23).toint(rounding=NEWP))')
 

synapse/tests/test_lib_types.py

@@ -1606,3 +1606,12 @@ class TypesTest(s_t_utils.SynTest):
 
             core.getLayer()._testAddPropArrayIndx(buid, 'test:int', '_hehe', ('newp' * 100,))
             self.len(0, await core.nodes('test:int:_hehe*[~=newp]'))
+
+    async def test_types_typehash(self):
+        async with self.getTestCore() as core:
+            self.true(core.model.form('inet:fqdn').type.typehash is core.model.prop('inet:dns:a:fqdn').type.typehash)
+            self.true(core.model.form('it:prod:softname').type.typehash is core.model.prop('it:network:name').type.typehash)
+            self.true(core.model.form('inet:asn').type.typehash is not core.model.prop('inet:proto:port').type.typehash)
+
+            self.true(s_common.isguid(core.model.form('inet:fqdn').type.typehash))
+            self.true(s_common.isguid(core.model.form('inet:fqdn').typehash))

synapse/tests/test_model_dns.py

@@ -108,6 +108,14 @@ class DnsModelTest(s_t_utils.SynTest):
             self.eq(node.get('name:fqdn'), 'vertex.link')
             self.eq(node.get('type'), 255)
 
+            nodes = await core.nodes('[inet:dns:request=* :reply:code=NXDOMAIN]')
+            self.eq(nodes[0].get('reply:code'), 3)
+            self.eq(nodes[0].repr('reply:code'), 'NXDOMAIN')
+
+            nodes = await core.nodes('[inet:dns:request=* :reply:code=1138]')
+            self.eq(nodes[0].get('reply:code'), 1138)
+            self.eq(nodes[0].repr('reply:code'), '1138')
+
             nodes = await core.nodes('[inet:dns:query=("tcp://1.2.3.4", 4.3.2.1.in-addr.arpa, 255)]')
             self.len(1, nodes)
             node = nodes[0]

synapse/tests/test_model_geopol.py

@@ -108,6 +108,7 @@ class GeoPolModelTest(s_t_utils.SynTest):
 
             nodes = await core.nodes('''
                 [ pol:candidate=*
+                    :id=" P00009423"
                     :race={pol:race}
                     :contact={[ps:contact=* :name=whippit]}
                     :winner=$lib.true
@@ -116,6 +117,7 @@ class GeoPolModelTest(s_t_utils.SynTest):
                 ]
             ''')
             self.eq(1, nodes[0].get('winner'))
+            self.eq('P00009423', nodes[0].get('id'))
             self.len(1, await core.nodes('pol:candidate -> pol:race'))
             self.len(1, await core.nodes('pol:candidate -> ou:org +:name=vertex'))
             self.len(1, await core.nodes('pol:candidate -> ps:contact +:name=whippit'))

synapse/tests/test_model_geospace.py

@@ -2,7 +2,6 @@ import synapse.exc as s_exc
 import synapse.common as s_common
 
 import synapse.tests.utils as s_t_utils
-from synapse.tests.utils import alist
 
 import synapse.lib.module as s_module
 
@@ -499,6 +498,7 @@ class GeoTest(s_t_utils.SynTest):
                     :place:name=woot
                     :place={[geo:place=* :name=woot]}
                     :accuracy=10m
+                    :node=(test:int, 1234)
                 ]
             ''')
             self.eq(1655510400000, nodes[0].get('time'))
@@ -507,6 +507,8 @@ class GeoTest(s_t_utils.SynTest):
             self.eq('woot', nodes[0].get('place:name'))
             self.eq(10000, nodes[0].get('accuracy'))
             self.len(1, await core.nodes('geo:telem -> geo:place +:name=woot'))
+            self.eq(('test:int', 1234), nodes[0].get('node'))
+            self.len(1, await core.nodes('test:int=1234'))
 
     async def test_model_geospace_area(self):
 

synapse/tests/test_model_inet.py

@@ -2684,7 +2684,15 @@ class InetModelTest(s_t_utils.SynTest):
                 'acct': 'vertex.link/visi',
             }
 
-            q = '[inet:search:query=$valu :time=$p.time :text=$p.text :engine=$p.engine :acct=$p.acct :host=$p.host]'
+            q = '''[
+                inet:search:query=$valu
+                    :time=$p.time
+                    :text=$p.text
+                    :engine=$p.engine
+                    :acct=$p.acct
+                    :host=$p.host
+                    :account=*
+            ]'''
             nodes = await core.nodes(q, opts={'vars': {'valu': iden, 'p': props}})
             self.len(1, nodes)
             node = nodes[0]
@@ -2694,6 +2702,7 @@ class InetModelTest(s_t_utils.SynTest):
             self.eq(node.get('engine'), 'roofroof')
             self.eq(node.get('host'), host)
             self.eq(node.get('acct'), ('vertex.link', 'visi'))
+            self.len(1, await core.nodes('inet:search:query :account -> inet:service:account'))
 
             residen = s_common.guid()
             props = {

synapse/tests/test_model_infotech.py

@@ -407,6 +407,35 @@ class InfotechModelTest(s_t_utils.SynTest):
             self.eq(nodes[0].get('net6'), ('fe80::', 'fe80::ffff:ffff:ffff:ffff'))
             self.eq(nodes[0].get('type'), 'virtual.sdn.')
 
+            nodes = await core.nodes('''[
+                it:sec:stix:indicator=*
+                    :id=zoinks
+                    :name=woot
+                    :confidence=90
+                    :revoked=(false)
+                    :description="my neato indicator"
+                    :pattern="some rule text"
+                    :pattern_type=yara
+                    :created=20240815
+                    :updated=20240815
+                    :labels=(hehe, haha)
+                    :valid_from=20240815
+                    :valid_until=20240815
+            ]''')
+            self.len(1, nodes)
+            self.eq('zoinks', nodes[0].get('id'))
+            self.eq('woot', nodes[0].get('name'))
+            self.eq(90, nodes[0].get('confidence'))
+            self.eq(False, nodes[0].get('revoked'))
+            self.eq('my neato indicator', nodes[0].get('description'))
+            self.eq('some rule text', nodes[0].get('pattern'))
+            self.eq('yara', nodes[0].get('pattern_type'))
+            self.eq(('haha', 'hehe'), nodes[0].get('labels'))
+            self.eq(1723680000000, nodes[0].get('created'))
+            self.eq(1723680000000, nodes[0].get('updated'))
+            self.eq(1723680000000, nodes[0].get('valid_from'))
+            self.eq(1723680000000, nodes[0].get('valid_until'))
+
     async def test_infotech_ios(self):
 
         async with self.getTestCore() as core:
@@ -1553,6 +1582,24 @@ class InfotechModelTest(s_t_utils.SynTest):
             self.eq(rule, nodes[0].get('rule'))
             self.eq(0x10000200003, nodes[0].get('version'))
 
+            nodes = await core.nodes('''[
+                (it:app:yara:netmatch=* :node=(inet:fqdn, foo.com))
+                (it:app:yara:netmatch=* :node=(inet:ipv4, 1.2.3.4))
+                (it:app:yara:netmatch=* :node=(inet:ipv6, "::ffff"))
+                (it:app:yara:netmatch=* :node=(inet:url, "http://foo.com"))
+                    :rule=$rule
+                    :version=1.2.3
+            ]''', opts=opts)
+            self.len(4, nodes)
+            for node in nodes:
+                self.nn(node.get('node'))
+                self.nn(node.get('version'))
+
+            self.len(4, await core.nodes('it:app:yara:rule=$rule -> it:app:yara:netmatch', opts=opts))
+
+            with self.raises(s_exc.BadTypeValu):
+                await core.nodes('[it:app:yara:netmatch=* :node=(it:dev:str, foo)]')
+
     async def test_it_app_snort(self):
 
         async with self.getTestCore() as core:

synapse/tests/test_model_person.py

@@ -165,6 +165,7 @@ class PsModelTest(s_t_utils.SynTest):
                     :birth:place:name=$p."birth:place:name"
                     :death:place=$p."death:place" :death:place:loc=$p."death:place:loc"
                     :death:place:name=$p."death:place:name"
+                    :service:accounts=(*, *)
                         )]'''
             nodes = await core.nodes(q, opts=opts)
             self.len(1, nodes)
@@ -208,6 +209,7 @@ class PsModelTest(s_t_utils.SynTest):
             self.eq(node.get('death:place:name'), 'reston, va, usa, earth, sol, milkyway')
             self.len(1, await core.nodes('ps:contact :birth:place -> geo:place'))
             self.len(1, await core.nodes('ps:contact :death:place -> geo:place'))
+            self.len(2, await core.nodes('ps:contact :service:accounts -> inet:service:account'))
 
             nodes = await core.nodes('''[
                 ps:achievement=*

synapse/tests/test_model_syn.py

@@ -340,11 +340,22 @@ class SynModelTest(s_t_utils.SynTest):
             nodes = await core.nodes(f'syn:trigger={iden}')
             self.len(1, nodes)
 
+            indx = await core.getNexsIndx()
+
             # set the trigger doc
             nodes = await core.nodes(f'syn:trigger={iden} [ :doc=hehe ]')
             self.len(1, nodes)
             self.eq('hehe', nodes[0].get('doc'))
 
+            self.eq(await core.getNexsIndx(), indx + 1)
+
+            # set the trigger name
+            nodes = await core.nodes(f'syn:trigger={iden} [ :name=trigname ]')
+            self.len(1, nodes)
+            self.eq('trigname', nodes[0].get('name'))
+
+            self.eq(await core.getNexsIndx(), indx + 2)
+
             # Trigger reloads and make some more triggers to play with
             tdef = {'cond': 'prop:set', 'prop': 'inet:ipv4:asn', 'storm': '[inet:user=1] | testcmd'}
             await core.view.addTrigger(tdef)

synapse/tests/test_model_telco.py

@@ -112,7 +112,7 @@ class TelcoModelTest(s_t_utils.SynTest):
             q = '''[(tel:mob:telem=$valu :time=$p.time :latlong=$p.latlong :place=$p.place :host=$p.host
              :loc=$p.loc :accuracy=$p.accuracy :cell=$p.cell :imsi=$p.imsi :imei=$p.imei :phone=$p.phone
              :mac=$p.mac :ipv4=$p.ipv4 :ipv6=$p.ipv6 :wifi=$p.wifi :adid=$p.adid :aaid=$p.aaid :idfa=$p.idfa
-             :name=$p.name :email=$p.email :acct=$p.acct :app=$p.app :data=$p.data)]'''
+             :name=$p.name :email=$p.email :acct=$p.acct :app=$p.app :data=$p.data :account=*)]'''
             nodes = await core.nodes(q, opts={'vars': {'valu': guid, 'p': props}})
             self.len(1, nodes)
             node = nodes[0]
@@ -142,6 +142,7 @@ class TelcoModelTest(s_t_utils.SynTest):
             self.eq(node.get('acct'), ('vertex.link', 'clown'))
             self.eq(node.get('app'), softguid)
             self.eq(node.get('data'), {'some key': 'some valu', 'BEEP': 1})
+            self.len(1, await core.nodes('tel:mob:telem :account -> inet:service:account'))
 
     async def test_telco_imei(self):
         async with self.getTestCore() as core:

synapse/tests/test_utils_stormcov.py

@@ -78,7 +78,7 @@ class TestUtilsStormcov(s_utils.SynTest):
                 await core.stormlist(s_files.getAssetStr('stormcov/lookup.storm'), opts={'mode': 'lookup'})
 
             orig = s_snap.Snap.nodesByPropValu
-            async def nodesByPropValu(self, full, cmpr, valu):
+            async def nodesByPropValu(self, full, cmpr, valu, norm=True):
                 frame = inspect.currentframe()
                 if pivotracer.dynamic_source_filename(None, frame) is not None:
                     assert (2, 2) == pivotracer.line_number_range(frame)

synapse/tools/changelog.py

@@ -109,6 +109,8 @@ class ModelDiffer:
             changes['new_edges'] = {k: _curv.get(k) for k in new_edges}
 
         updated_edges = collections.defaultdict(dict)
+        deprecated_edges = {}
+
         for edge, curinfo in _curv.items():
             if edge in new_edges:
                 continue
@@ -116,12 +118,19 @@ class ModelDiffer:
             if curinfo == oldinfo:
                 continue
 
+            if curinfo.get('deprecated') and not oldinfo.get('deprecated'):
+                deprecated_edges[edge] = curinfo
+                continue
+
             # TODO - Support changes to the edges?
             assert False, f'A change was found for the edge: {edge}'
 
         if updated_edges:
             changes['updated_edges'] = dict(updated_edges)
 
+        if deprecated_edges:
+            changes['deprecated_edges'] = deprecated_edges
+
         return changes
 
     def _compareForms(self, curv, oldv, outp: s_output.OutPut) -> dict:
@@ -723,6 +732,25 @@ def _gen_model_rst(version, model_ref, changes, current_model, outp: s_output.Ou
                 ]
                 rst.addLines(*lines)
 
+    if dep_edges := changes.get('edges').get('deprecated_edges'):
+
+        rst.addHead('Deprecated Edges', lvl=1)
+        for (n1, name, n2), info in dep_edges.items():
+            if n1 is not None and n2 is not None:
+                mesg = f'''The edge has been deprecated when used with a ``{n1}`` and an ``{n2}`` node. {info.get('doc')}'''
+            elif n1 is None and n2 is not None:
+                mesg = f'''The edge has been deprecated when used with a ``{n2}`` target node. {info.get('doc')}'''
+            elif n1 is not None and n2 is None:
+                mesg = f'''The edge has been deprecated when used with a  ``{n1}`` node. {info.get('doc')}'''
+            else:
+                mesg = f'''The edge has been deprecated. {info.get('doc')}'''
+
+            rst.addLines(
+                f'``{name}``',
+                *textwrap.wrap(mesg, initial_indent='    ', subsequent_indent='    ', width=width),
+                '\n',
+            )
+
     return rst
 
 

{synapse-2.178.0.dist-info → synapse-2.180.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: synapse
-Version: 2.178.0
+Version: 2.180.0
 Summary: Synapse Intelligence Analysis Framework
 Author-email: The Vertex Project LLC <root@vertex.link>
 License: Apache License 2.0