New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add migrate timeout option #5757
Conversation
This commit adds an option that allows the user to specify a larger time to wait for migration to finish. The minimum will always be 60 seconds, but in cases where the latency in the environment is really high, there is a need for a longer migration timeout.
@@ -431,7 +431,7 @@ def get_ssl_hash_verify | |||
# Migrates the meterpreter instance to the process specified | |||
# by pid. The connection to the server remains established. | |||
# | |||
def migrate(pid, writable_dir = nil) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changing the calling syntax of migrate()
may break scripts and post-modules.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new calling syntax also must have the :pid
and :timeout
key, it would also be nice to document these too.
# Correct way of calling the new #migrate method
client.core.migrate(pid: target_pid, timeout: 60)
Examples that this would break:
|
@hmoore-r7 Since one PR is only for one action, I will generate another PR for the above scripts. We can then land both PRs simultaneously. |
1. Raise if :pid is missing 2. Set :timeout to 0 if nil, but default will always be 60 3. API documentation 4. Update all scripts that use migrate 5. rspec update
Many thanks to @void-in for helping me out with filling the gaps, and doing documentation. His PR has been merged into mine. |
Eye-balling this right quick. Looks like we missed:
Looks like another patch is needed. |
Given the impact of this change, is it worth preserving the old API behavior? Changing the function signature to something like |
It kinds of makes more sense to me to preserve the original behavior. But I'm okay with whatever the decision is :-) |
I'm happy to go either way. I went with the |
Maybe something like: Given how many modules/scripts are calling this directly, it would be less risky to stick with the old calling convention and add a new |
@hmoore-r7 I like the opts way as well. Updating the scripts identified by @wchen-r7 is not difficult. It was my bad I updated only the scripts identified by you and didn't look at other places. I can generate another PR to @OJ branch for the remaining modules. However, we can't be sure for third-party modules and scripts. If you are willing to take that risk, let me know. I suppose at certain time we would have to make changes which might break some third party scripts as we did in case of payload URIs. |
@bcook-r7 Want to be a deciding vote here? Continue with the changed calling convention, possibly break third-party stuff, or make this backwards compatible? |
I gotta go with backward compatible. If pid is not optional, it should not be in opts, but left as the first non-optional parameter. |
@bcook-r7 Okay. The name opts also make sense for optional data. I wish we had a better name which might have persuade you guys :). It means @OJ need to update the migrate def to cater for the decision. The don't think any of the post modules need the timeout so they are good to go. Can OJ selectively merge from my PR? Like merge changes of only lib/rex/post/meterpreter/client_core.rb? All the other changes need to be reverted. |
I think the simplest thing to do at this point would be for me to close this PR and open a new one. The number of changes required will be minimal, and dancing with git to make it work through this PR seems like unnecessary effort! Thanks for the support guys. |
Changes Unknown when pulling e697312 on OJ:migrate-timeout into ** on rapid7:master**. |
What is wrong with you @coveralls ? You're drunk. |
This commit adds an option that allows the user to specify a larger time to wait for migration to finish. The minimum will always be 60 seconds, but in cases where the latency in the environment is really high, there is a need for a longer migration timeout.
I moved the writable folder for linux so that it's passed with the
-p
flag.The migrate function now takes
opts
instead of parameters, and those opts contain all the things that were required before, along with the new timeout.The code has a few "tidies" as well, bringing things closer to the current standard.
Verification
-t
parameter does change the timeout value (hard to simulate, I used debug output).