You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by jo...@apache.org on 2017/10/02 18:59:17 UTC
[2/3] mesos git commit: Windows: Enabled CRAM MD5 Authentication and
associated tests.
Windows: Enabled CRAM MD5 Authentication and associated tests.
This effectively reverts a past decision to make Mesos's SASL
dependency optional.
See: https://issues.apache.org/jira/browse/MESOS-5450
This removes the `HAS_AUTHENTICATION` compile-time definition,
updates documentation, and cleans up special-case code which
conditionally disabled Authentication.
Review: https://reviews.apache.org/r/62106/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/e7b3f3ba
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/e7b3f3ba
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/e7b3f3ba
Branch: refs/heads/master
Commit: e7b3f3bacab5ea1694ae4ef43b1a19921597509a
Parents: 1be4ff7
Author: John Kordich <jo...@microsoft.com>
Authored: Mon Oct 2 11:05:14 2017 -0700
Committer: Joseph Wu <jo...@apache.org>
Committed: Mon Oct 2 11:56:40 2017 -0700
----------------------------------------------------------------------
cmake/CompilationConfigure.cmake | 21 --------
docs/configuration-cmake.md | 8 ---
docs/windows.md | 2 +-
src/CMakeLists.txt | 13 ++---
src/Makefile.am | 2 -
src/master/master.cpp | 18 -------
src/sched/sched.cpp | 16 ------
src/slave/slave.cpp | 3 --
src/tests/CMakeLists.txt | 6 +--
src/tests/authentication_tests.cpp | 95 ++++++++-------------------------
src/tests/mesos.cpp | 4 --
support/windows-build.bat | 2 +-
12 files changed, 31 insertions(+), 159 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/cmake/CompilationConfigure.cmake
----------------------------------------------------------------------
diff --git a/cmake/CompilationConfigure.cmake b/cmake/CompilationConfigure.cmake
index 4cb8ddd..9707e88 100644
--- a/cmake/CompilationConfigure.cmake
+++ b/cmake/CompilationConfigure.cmake
@@ -106,19 +106,6 @@ option(
"Build libprocess with lock free run queue"
FALSE)
-option(
- HAS_AUTHENTICATION
- "Build Mesos against authentication libraries"
- TRUE)
-
-if (WIN32 AND HAS_AUTHENTICATION)
- message(
- FATAL_ERROR
- "Windows builds of Mesos currently do not support agent to master "
- "authentication. To build without this capability, pass "
- "`-DHAS_AUTHENTICATION=0` as an argument when you run CMake.")
-endif ()
-
# If 'REBUNDLED' is set to FALSE, this will cause Mesos to build against the
# specified dependency repository. This is especially useful for Windows
# builds, because building on MSVC 1900 requires newer versions of some
@@ -330,14 +317,6 @@ endif ()
# GLOBAL CONFIGURATION.
#######################
-if (HAS_AUTHENTICATION)
- # NOTE: This conditional is required. It is not sufficient to set
- # `-DHAS_AUTHENTICATION=${HAS_AUTHENTICATION}`, as this will define the
- # symbol, and our intention is to only define it if the CMake variable
- # `HAS_AUTHENTICATION` is set.
- list(APPEND MESOS_CPPFLAGS -DHAS_AUTHENTICATION=1)
-endif ()
-
# Produce position independent libraries/executables so that we take
# better advantage of Address space layout randomization (ASLR).
# This helps guard against ROP and return-to-libc attacks,
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/docs/configuration-cmake.md
----------------------------------------------------------------------
diff --git a/docs/configuration-cmake.md b/docs/configuration-cmake.md
index d2eb571..1b10221 100644
--- a/docs/configuration-cmake.md
+++ b/docs/configuration-cmake.md
@@ -79,14 +79,6 @@ the CMake build system.
</tr>
<tr>
<td>
- -DHAS_AUTHENTICATION
- </td>
- <td>
- Build Mesos with support for authentication. [default=TRUE]
- </td>
- </tr>
- <tr>
- <td>
-DREBUNDLED
</td>
<td>
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/docs/windows.md
----------------------------------------------------------------------
diff --git a/docs/windows.md b/docs/windows.md
index b47ba5a..6b6a742 100644
--- a/docs/windows.md
+++ b/docs/windows.md
@@ -49,7 +49,7 @@ Following are the instructions for Windows 10.
# Configure using CMake for an out-of-tree build.
mkdir build
cd build
- cmake .. -G "Visual Studio 15 2017 Win64" -T "host=x64" -DENABLE_LIBEVENT=1 -DHAS_AUTHENTICATION=0
+ cmake .. -G "Visual Studio 15 2017 Win64" -T "host=x64" -DENABLE_LIBEVENT=1
# Build Mesos.
# To build just the Mesos agent, add `--target mesos-agent`.
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/CMakeLists.txt
----------------------------------------------------------------------
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 1a828c4..f8d56ae 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -306,16 +306,12 @@ set(APPC_SRC
appc/spec.cpp)
set(AUTHENTICATION_SRC
+ authentication/cram_md5/authenticatee.cpp
+ authentication/cram_md5/authenticator.cpp
+ authentication/cram_md5/auxprop.cpp
authentication/http/basic_authenticator_factory.cpp
authentication/http/combined_authenticator.cpp)
-if (NOT WIN32)
- list(APPEND AUTHENTICATION_SRC
- authentication/cram_md5/authenticatee.cpp
- authentication/cram_md5/authenticator.cpp
- authentication/cram_md5/auxprop.cpp)
-endif ()
-
if (ENABLE_SSL)
list(APPEND AUTHENTICATION_SRC
authentication/executor/jwt_secret_generator.cpp)
@@ -611,13 +607,14 @@ target_include_directories(
target_link_libraries(
mesos PUBLIC
process
+ sasl2
zookeeper
mesos-protobufs
$<$<PLATFORM_ID:Linux>:nvml>
$<$<BOOL:${HAS_JAVA}>:mesos-java>)
if (NOT WIN32)
- target_link_libraries(mesos PUBLIC leveldb sasl2)
+ target_link_libraries(mesos PUBLIC leveldb)
endif ()
if (ENABLE_PRECOMPILED_HEADERS)
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/Makefile.am
----------------------------------------------------------------------
diff --git a/src/Makefile.am b/src/Makefile.am
index 93ed2bf..1b23234 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -231,8 +231,6 @@ LIB_ZOOKEEPER = -lzookeeper_mt
LDADD += -lzookeeper_mt
endif
-MESOS_CPPFLAGS += -DHAS_AUTHENTICATION=1
-
# Set up include paths for the protocol buffer compiler.
PROTOCFLAGS = -I$(top_srcdir)/include -I$(srcdir)
if ENABLE_GRPC
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/master/master.cpp
----------------------------------------------------------------------
diff --git a/src/master/master.cpp b/src/master/master.cpp
index b40621e..51d92ef 100644
--- a/src/master/master.cpp
+++ b/src/master/master.cpp
@@ -491,34 +491,18 @@ void Master::initialize()
<< " Must be within [0%-100%]";
}
-#ifdef HAS_AUTHENTICATION
// Log authentication state.
if (flags.authenticate_frameworks) {
LOG(INFO) << "Master only allowing authenticated frameworks to register";
} else {
LOG(INFO) << "Master allowing unauthenticated frameworks to register";
}
-#else
- if (flags.authenticate_frameworks) {
- EXIT(EXIT_FAILURE) << "Authentication is not supported on this platform, "
- "but --authenticate flag was passed as argument to "
- "master";
- }
-#endif // HAS_AUTHENTICATION
-#ifdef HAS_AUTHENTICATION
if (flags.authenticate_agents) {
LOG(INFO) << "Master only allowing authenticated agents to register";
} else {
LOG(INFO) << "Master allowing unauthenticated agents to register";
}
-#else
- if (flags.authenticate_agents) {
- EXIT(EXIT_FAILURE) << "Authentication is not supported on this platform, "
- "but --authenticate_slaves was passed as argument to "
- "master";
- }
-#endif // HAS_AUTHENTICATION
if (flags.authenticate_http_frameworks) {
LOG(INFO) << "Master only allowing authenticated HTTP frameworks to "
@@ -544,7 +528,6 @@ void Master::initialize()
credentials = _credentials.get();
}
-#ifdef HAS_AUTHENTICATION
// Extract authenticator names and validate them.
authenticatorNames = strings::split(flags.authenticators, ",");
if (authenticatorNames.empty()) {
@@ -602,7 +585,6 @@ void Master::initialize()
authenticator = None();
}
}
-#endif // HAS_AUTHENTICATION
if (flags.authenticate_http_readonly) {
Try<Nothing> result = initializeHttpAuthenticators(
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/sched/sched.cpp
----------------------------------------------------------------------
diff --git a/src/sched/sched.cpp b/src/sched/sched.cpp
index 09f255e..fb77b79 100644
--- a/src/sched/sched.cpp
+++ b/src/sched/sched.cpp
@@ -341,7 +341,6 @@ protected:
// is safe even if no timer is active or pending.
Clock::cancel(frameworkRegistrationTimer);
-#ifdef HAS_AUTHENTICATION
if (credential.isSome()) {
// Authenticate with the master.
// TODO(adam-mesos): Consider adding an initial delay like we do for
@@ -358,15 +357,6 @@ protected:
// (e.g., rate limiting tests).
doReliableRegistration(flags.registration_backoff_factor);
}
-#else
- // Authentication not enabled on this platform. Proceed with registration
- // without authentication.
- reauthenticate = false;
- LOG(INFO) << "Authentication is not available on this platform. "
- "Attempting to register without authentication";
-
- doReliableRegistration(flags.registration_backoff_factor);
-#endif // HAS_AUTHENTICATION
} else {
// In this case, we don't actually invoke Scheduler::error
// since we might get reconnected to a master imminently.
@@ -378,7 +368,6 @@ protected:
.onAny(defer(self(), &SchedulerProcess::detected, lambda::_1));
}
-#ifdef HAS_AUTHENTICATION
void authenticate()
{
if (!running.load()) {
@@ -537,7 +526,6 @@ protected:
LOG(WARNING) << "Authentication timed out";
}
}
-#endif // HAS_AUTHENTICATION
void drop(const Event& event, const string& message)
{
@@ -825,13 +813,9 @@ protected:
return;
}
-#ifdef HAS_AUTHENTICATION
if (credential.isSome() && !authenticated) {
return;
}
-#else
- authenticated = false;
-#endif // HAS_AUTHENTICATION
VLOG(1) << "Sending SUBSCRIBE call to " << master.get().pid();
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/slave/slave.cpp
----------------------------------------------------------------------
diff --git a/src/slave/slave.cpp b/src/slave/slave.cpp
index bf85baf..1ac95f5 100644
--- a/src/slave/slave.cpp
+++ b/src/slave/slave.cpp
@@ -1060,13 +1060,10 @@ void Slave::authenticate()
CHECK(authenticatee == nullptr);
-#ifdef HAS_AUTHENTICATION
- // On Windows CRAMMD5Authenticatee is not supported.
if (authenticateeName == DEFAULT_AUTHENTICATEE) {
LOG(INFO) << "Using default CRAM-MD5 authenticatee";
authenticatee = new cram_md5::CRAMMD5Authenticatee();
}
-#endif // HAS_AUTHENTICATION
if (authenticatee == nullptr) {
Try<Authenticatee*> module =
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/CMakeLists.txt
----------------------------------------------------------------------
diff --git a/src/tests/CMakeLists.txt b/src/tests/CMakeLists.txt
index def233d..386e047 100644
--- a/src/tests/CMakeLists.txt
+++ b/src/tests/CMakeLists.txt
@@ -79,9 +79,11 @@ set(MESOS_TESTS_SRC
api_tests.cpp
attributes_tests.cpp
authentication_tests.cpp
+ authorization_tests.cpp
check_tests.cpp
command_executor_tests.cpp
common_validation_tests.cpp
+ cram_md5_authentication_tests.cpp
credentials_tests.cpp
default_executor_tests.cpp
exception_tests.cpp
@@ -110,6 +112,7 @@ set(MESOS_TESTS_SRC
scheduler_event_call_tests.cpp
scheduler_http_api_tests.cpp
scheduler_tests.cpp
+ slave_authorization_tests.cpp
slave_tests.cpp
slave_validation_tests.cpp
sorter_tests.cpp
@@ -144,9 +147,7 @@ list(APPEND MESOS_TESTS_SRC
if (NOT WIN32)
list(APPEND MESOS_TESTS_SRC
- authorization_tests.cpp
container_logger_tests.cpp
- cram_md5_authentication_tests.cpp
disk_quota_tests.cpp
dynamic_weights_tests.cpp
examples_tests.cpp
@@ -170,7 +171,6 @@ if (NOT WIN32)
registrar_tests.cpp
reservation_endpoints_tests.cpp
reservation_tests.cpp
- slave_authorization_tests.cpp
slave_recovery_tests.cpp
state_tests.cpp
teardown_tests.cpp
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/authentication_tests.cpp
----------------------------------------------------------------------
diff --git a/src/tests/authentication_tests.cpp b/src/tests/authentication_tests.cpp
index b04be76..3c6124f 100644
--- a/src/tests/authentication_tests.cpp
+++ b/src/tests/authentication_tests.cpp
@@ -55,9 +55,7 @@ class AuthenticationTest : public MesosTest {};
// This test verifies that an unauthenticated framework is
// denied registration by the master.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedFramework)
+TEST_F(AuthenticationTest, UnauthenticatedFramework)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -82,9 +80,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedFramework)
// This test verifies that an unauthenticated slave is
// denied registration by the master.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedSlave)
+TEST_F(AuthenticationTest, UnauthenticatedSlave)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -108,10 +104,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedSlave)
// This test verifies that when the master is started with framework
// authentication disabled, it registers unauthenticated frameworks.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- DisableFrameworkAuthentication)
+TEST_F(AuthenticationTest, DisableFrameworkAuthentication)
{
master::Flags flags = CreateMasterFlags();
flags.authenticate_frameworks = false; // Disable authentication.
@@ -140,9 +133,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that when the master is started with slave
// authentication disabled, it registers unauthenticated slaves.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DisableSlaveAuthentication)
+TEST_F(AuthenticationTest, DisableSlaveAuthentication)
{
master::Flags flags = CreateMasterFlags();
flags.authenticate_agents = false; // Disable authentication.
@@ -170,10 +161,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DisableSlaveAuthentication)
// This test verifies that an authenticated framework is denied
// registration by the master if it uses a different
// FrameworkInfo.principal than Credential.principal.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- MismatchedFrameworkInfoPrincipal)
+TEST_F(AuthenticationTest, MismatchedFrameworkInfoPrincipal)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -203,11 +191,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// registration by the master if it uses a different
// FrameworkInfo::principal than Credential.principal, even
// when authentication is not required.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(
- AuthenticationTest,
- DisabledFrameworkAuthenticationPrincipalMismatch)
+TEST_F(AuthenticationTest, DisabledFrameworkAuthenticationPrincipalMismatch)
{
master::Flags flags = CreateMasterFlags();
flags.authenticate_frameworks = false; // Authentication not required.
@@ -239,10 +223,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(
// This test verifies that if a Framework successfully authenticates
// but does not set FrameworkInfo::principal, it is allowed to
// register.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- UnspecifiedFrameworkInfoPrincipal)
+TEST_F(AuthenticationTest, UnspecifiedFrameworkInfoPrincipal)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -270,9 +251,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that when the master is started with
// authentication disabled, it registers authenticated frameworks.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedFramework)
+TEST_F(AuthenticationTest, AuthenticatedFramework)
{
master::Flags flags = CreateMasterFlags();
flags.authenticate_frameworks = false; // Disable authentication.
@@ -301,9 +280,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedFramework)
// This test verifies that when the master is started with slave
// authentication disabled, it registers authenticated slaves.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedSlave)
+TEST_F(AuthenticationTest, AuthenticatedSlave)
{
master::Flags flags = CreateMasterFlags();
flags.authenticate_agents = false; // Disable authentication.
@@ -328,10 +305,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedSlave)
// This test verifies that the framework properly retries
// authentication when authenticate message is lost.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- RetryFrameworkAuthentication)
+TEST_F(AuthenticationTest, RetryFrameworkAuthentication)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -368,9 +342,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that the slave properly retries
// authentication when authenticate message is lost.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RetrySlaveAuthentication)
+TEST_F(AuthenticationTest, RetrySlaveAuthentication)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -403,10 +375,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RetrySlaveAuthentication)
// This test verifies that the framework properly retries
// authentication when an intermediate message in SASL protocol
// is lost.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- DropIntermediateSASLMessage)
+TEST_F(AuthenticationTest, DropIntermediateSASLMessage)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -450,10 +419,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that the slave properly retries
// authentication when an intermediate message in SASL protocol
// is lost.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- DropIntermediateSASLMessageForSlave)
+TEST_F(AuthenticationTest, DropIntermediateSASLMessageForSlave)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -495,9 +461,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// the framework is authenticated but the framework to think
// otherwise. The framework should retry authentication and
// eventually register.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DropFinalSASLMessage)
+TEST_F(AuthenticationTest, DropFinalSASLMessage)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -544,10 +508,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DropFinalSASLMessage)
// the slave is authenticated but the slave to think
// otherwise. The slave should retry authentication and
// eventually register.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- DropFinalSASLMessageForSlave)
+TEST_F(AuthenticationTest, DropFinalSASLMessageForSlave)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -586,9 +547,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that when a master fails over while a framework
// authentication attempt is in progress the framework properly
// authenticates.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, MasterFailover)
+TEST_F(AuthenticationTest, MasterFailover)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -630,10 +589,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, MasterFailover)
// This test verifies that when a master fails over while a slave
// authentication attempt is in progress the slave properly
// authenticates.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- MasterFailoverDuringSlaveAuthentication)
+TEST_F(AuthenticationTest, MasterFailoverDuringSlaveAuthentication)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -670,9 +626,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that if the scheduler retries authentication
// before the original authentication finishes (e.g., new master
// detected due to leader election), it is handled properly.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, LeaderElection)
+TEST_F(AuthenticationTest, LeaderElection)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -709,10 +663,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, LeaderElection)
// This test verifies that if the slave retries authentication
// before the original authentication finishes (e.g., new master
// detected due to leader election), it is handled properly.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
- LeaderElectionDuringSlaveAuthentication)
+TEST_F(AuthenticationTest, LeaderElectionDuringSlaveAuthentication)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -744,9 +695,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest,
// This test verifies that if a scheduler fails over in the midst of
// authentication it successfully re-authenticates and re-registers
// with the master when it comes back up.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, SchedulerFailover)
+TEST_F(AuthenticationTest, SchedulerFailover)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
@@ -813,9 +762,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, SchedulerFailover)
// This test verifies that a scheduler's re-registration will be
// rejected if it specifies a principal different from what's used in
// authentication.
-// TODO(hausdorff): Enable on Windows when we enable authentication
-// to the master. See MESOS-6733 and MESOS-6697.
-TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RejectedSchedulerFailover)
+TEST_F(AuthenticationTest, RejectedSchedulerFailover)
{
Try<Owned<cluster::Master>> master = StartMaster();
ASSERT_SOME(master);
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/mesos.cpp
----------------------------------------------------------------------
diff --git a/src/tests/mesos.cpp b/src/tests/mesos.cpp
index fc7f8cb..9185b5b 100644
--- a/src/tests/mesos.cpp
+++ b/src/tests/mesos.cpp
@@ -104,10 +104,8 @@ master::Flags MesosTest::CreateMasterFlags()
flags.authenticate_http_readonly = true;
flags.authenticate_http_readwrite = true;
-#ifdef HAS_AUTHENTICATION
flags.authenticate_frameworks = true;
flags.authenticate_agents = true;
-#endif // HAS_AUTHENTICATION
flags.authenticate_http_frameworks = true;
flags.http_framework_authenticators = "basic";
@@ -179,7 +177,6 @@ slave::Flags MesosTest::CreateSlaveFlags()
flags.docker_store_dir = path::join(directory.get(), "store", "docker");
{
-#ifdef HAS_AUTHENTICATION
// Create a default credential file for master/agent authentication.
const string& path = path::join(directory.get(), "credential");
@@ -203,7 +200,6 @@ slave::Flags MesosTest::CreateSlaveFlags()
// Set default (permissive) ACLs.
flags.acls = ACLs();
-#endif // HAS_AUTHENTICATION
}
flags.authenticate_http_readonly = true;
http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/support/windows-build.bat
----------------------------------------------------------------------
diff --git a/support/windows-build.bat b/support/windows-build.bat
index 100013e..49732c4 100644
--- a/support/windows-build.bat
+++ b/support/windows-build.bat
@@ -52,7 +52,7 @@ REM You can pass in other flags by setting `OTHER_CMAKE_OPTIONS` before
REM calling the script. For example, the ASF CI will add `-DPATCHEXE_PATH=...`
REM because the path to GNU Patch is not the default.
if not defined CMAKE_GENERATOR (set CMAKE_GENERATOR=Visual Studio 15 2017 Win64)
-cmake .. -G "%CMAKE_GENERATOR%" -T "host=x64" -DENABLE_LIBEVENT=1 -DHAS_AUTHENTICATION=0 %OTHER_CMAKE_OPTIONS%
+cmake .. -G "%CMAKE_GENERATOR%" -T "host=x64" -DENABLE_LIBEVENT=1 %OTHER_CMAKE_OPTIONS%
if %errorlevel% neq 0 exit /b %errorlevel%
REM Build and run the stout tests.