Merge pull request #40 from MISP/fix-timeout

Fix timeout

setup.py

@@ -9,7 +9,7 @@ setup(
     name='MISP_maltego',
     author='Christophe Vandeplas',
     # also update version in util.py
-    version='1.4.5',
+    version='1.4.6',
     author_email='christophe@vandeplas.com',
     maintainer='Christophe Vandeplas',
     url='https://github.com/MISP/MISP-maltego',
@@ -36,7 +36,7 @@ setup(
     python_requires='>=3.5',
     install_requires=[
         'canari>=3.3.10,<4',
-        'PyMISP>=2.4.114'
+        'PyMISP>=2.4.127'
     ],
     dependency_links=[
         # custom links for the install_requires

src/MISP_maltego/transforms/attributetoevent.py

@@ -82,19 +82,24 @@ class SearchInMISP(Transform):
 
         # for all other normal entities
         conn = MISPConnection(config, request.parameters)
-        events_json = conn.misp.search(controller='events', value=request.entity.value, with_attachments=False)
+
         # we need to do really rebuild the Entity from scratch as request.entity is of type Unknown
-        for e in events_json:
-            # find the value as attribute
-            attr = get_attribute_in_event(e, request.entity.value, substring=True)
-            if attr:
-                for item in attribute_to_entity(attr, only_self=True):
-                    response += item
-            # find the value as object, and return the object
-            if 'Object' in e['Event']:
-                for o in e['Event']['Object']:
-                    if get_attribute_in_object(o, attribute_value=request.entity.value, substring=True).get('value'):
-                        response += conn.object_to_entity(o, link_label=link_label)
+        # TODO First try to build the object, then only attributes (for those that are not in object, or for all?)
+        # TODO check for the right version of MISP before, it needs to be 2.4.127 or higher.
+        # obj_json = conn.misp.search(controller='objects', value=request.entity.value, with_attachments=False)
+        # for o in obj_json:
+        #         for item in attribute_to_entity(attr, only_self=True, link_label=link_label):
+        #             response += item
+        #     # find the value as object, and return the object
+        #     if 'Object' in e['Event']:
+        #         for o in e['Event']['Object']:
+        #             if get_attribute_in_object(o, attribute_value=request.entity.value, substring=True).get('value'):
+        #                 response += conn.object_to_entity(o, link_label=link_label)
+
+        attr_json = conn.misp.search(controller='attributes', value=request.entity.value, with_attachments=False)
+        for a in attr_json['Attribute']:
+            for item in attribute_to_entity(a, only_self=True, link_label=link_label):
+                response += item
 
         return response
 

src/MISP_maltego/transforms/common/util.py

@@ -12,7 +12,7 @@ import requests
 import tempfile
 import time
 
-__version__ = '1.4.5'  # also update version in setup.py
+__version__ = '1.4.6'  # also update version in setup.py
 
 tag_note_prefixes = ['tlp:', 'PAP:', 'de-vs:', 'euci:', 'fr-classif:', 'nato:']
 
@@ -85,7 +85,7 @@ class MISPConnection():
                     misp_key = parameters['mispkey'].value
                 except AttributeError:
                     raise MaltegoException("ERROR: mispurl and mispkey need to be set to something valid")
-            self.misp = PyMISP(misp_url, misp_key, misp_verify, 'json', misp_debug, tool='misp_maltego')
+            self.misp = PyMISP(url=misp_url, key=misp_key, ssl=misp_verify, debug=misp_debug, tool='misp_maltego', timeout=(2, 60))
         except Exception:
             if is_local_exec_mode():
                 raise MaltegoException("ERROR: Cannot connect to MISP server. Please verify your MISP_Maltego.conf settings.")
@@ -219,6 +219,7 @@ def attribute_to_entity(a, link_label=None, event_tags=[], only_self=False):
     if a['type'] in ('url', 'uri'):
         yield(URL(url=a['value'], short_title=a['value'], link_label=link_label, notes=notes, bookmark=Bookmark.Green))
         return
+    # FIXME implement attachment screenshot type
 
     # attribute is from an object, and a relation gives better understanding of the type of attribute
     if a.get('object_relation') and mapping_misp_to_maltego.get(a['object_relation']):
@@ -444,9 +445,9 @@ def galaxycluster_to_entity(c, link_label=None, link_direction=LinkDirection.Inp
 
 # LATER this uses the galaxies from github as the MISP web UI does not fully support the Galaxies in the webui.
 # See https://github.com/MISP/MISP/issues/3801
-galaxy_archive_url = 'https://github.com/MISP/misp-galaxy/archive/master.zip'
+galaxy_archive_url = 'https://github.com/MISP/misp-galaxy/archive/main.zip'
 local_path_uuid_mapping = os.path.join(local_path_root, 'MISP_maltego_galaxy_mapping.json')
-local_path_clusters = os.path.join(local_path_root, 'misp-galaxy-master', 'clusters')
+local_path_clusters = os.path.join(local_path_root, 'misp-galaxy-main', 'clusters')
 galaxy_cluster_uuids = None
 
 
@@ -479,6 +480,8 @@ def galaxy_update_local_copy(force=False):
             zf.extractall(local_path_root)
             zf.close()
         except Exception:
+            # remove the lock
+            os.remove(lockfile)
             raise(MaltegoException("ERROR: Could not download Galaxy data from htts://github.com/MISP/MISP-galaxy/. Please check internet connectivity."))
 
         # generate the uuid mapping and save it to a file