Windows: Enabled CRAM MD5 Authentication and associated tests. This effectively reverts a past decision to make Mesos's SASL dependency optional. See: https://issues.apache.org/jira/browse/MESOS-5450
This removes the `HAS_AUTHENTICATION` compile-time definition, updates documentation, and cleans up special-case code which conditionally disabled Authentication. Review: https://reviews.apache.org/r/62106/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/e7b3f3ba Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/e7b3f3ba Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/e7b3f3ba Branch: refs/heads/master Commit: e7b3f3bacab5ea1694ae4ef43b1a19921597509a Parents: 1be4ff7 Author: John Kordich <[email protected]> Authored: Mon Oct 2 11:05:14 2017 -0700 Committer: Joseph Wu <[email protected]> Committed: Mon Oct 2 11:56:40 2017 -0700 ---------------------------------------------------------------------- cmake/CompilationConfigure.cmake | 21 -------- docs/configuration-cmake.md | 8 --- docs/windows.md | 2 +- src/CMakeLists.txt | 13 ++--- src/Makefile.am | 2 - src/master/master.cpp | 18 ------- src/sched/sched.cpp | 16 ------ src/slave/slave.cpp | 3 -- src/tests/CMakeLists.txt | 6 +-- src/tests/authentication_tests.cpp | 95 ++++++++------------------------- src/tests/mesos.cpp | 4 -- support/windows-build.bat | 2 +- 12 files changed, 31 insertions(+), 159 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/cmake/CompilationConfigure.cmake ---------------------------------------------------------------------- diff --git a/cmake/CompilationConfigure.cmake b/cmake/CompilationConfigure.cmake index 4cb8ddd..9707e88 100644 --- a/cmake/CompilationConfigure.cmake +++ b/cmake/CompilationConfigure.cmake @@ -106,19 +106,6 @@ option( "Build libprocess with lock free run queue" FALSE) -option( - HAS_AUTHENTICATION - "Build Mesos against authentication libraries" - TRUE) - -if (WIN32 AND HAS_AUTHENTICATION) - message( - FATAL_ERROR - "Windows builds of Mesos currently do not support agent to master " - "authentication. To build without this capability, pass " - "`-DHAS_AUTHENTICATION=0` as an argument when you run CMake.") -endif () - # If 'REBUNDLED' is set to FALSE, this will cause Mesos to build against the # specified dependency repository. This is especially useful for Windows # builds, because building on MSVC 1900 requires newer versions of some @@ -330,14 +317,6 @@ endif () # GLOBAL CONFIGURATION. ####################### -if (HAS_AUTHENTICATION) - # NOTE: This conditional is required. It is not sufficient to set - # `-DHAS_AUTHENTICATION=${HAS_AUTHENTICATION}`, as this will define the - # symbol, and our intention is to only define it if the CMake variable - # `HAS_AUTHENTICATION` is set. - list(APPEND MESOS_CPPFLAGS -DHAS_AUTHENTICATION=1) -endif () - # Produce position independent libraries/executables so that we take # better advantage of Address space layout randomization (ASLR). # This helps guard against ROP and return-to-libc attacks, http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/docs/configuration-cmake.md ---------------------------------------------------------------------- diff --git a/docs/configuration-cmake.md b/docs/configuration-cmake.md index d2eb571..1b10221 100644 --- a/docs/configuration-cmake.md +++ b/docs/configuration-cmake.md @@ -79,14 +79,6 @@ the CMake build system. </tr> <tr> <td> - -DHAS_AUTHENTICATION - </td> - <td> - Build Mesos with support for authentication. [default=TRUE] - </td> - </tr> - <tr> - <td> -DREBUNDLED </td> <td> http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/docs/windows.md ---------------------------------------------------------------------- diff --git a/docs/windows.md b/docs/windows.md index b47ba5a..6b6a742 100644 --- a/docs/windows.md +++ b/docs/windows.md @@ -49,7 +49,7 @@ Following are the instructions for Windows 10. # Configure using CMake for an out-of-tree build. mkdir build cd build - cmake .. -G "Visual Studio 15 2017 Win64" -T "host=x64" -DENABLE_LIBEVENT=1 -DHAS_AUTHENTICATION=0 + cmake .. -G "Visual Studio 15 2017 Win64" -T "host=x64" -DENABLE_LIBEVENT=1 # Build Mesos. # To build just the Mesos agent, add `--target mesos-agent`. http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/CMakeLists.txt ---------------------------------------------------------------------- diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 1a828c4..f8d56ae 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -306,16 +306,12 @@ set(APPC_SRC appc/spec.cpp) set(AUTHENTICATION_SRC + authentication/cram_md5/authenticatee.cpp + authentication/cram_md5/authenticator.cpp + authentication/cram_md5/auxprop.cpp authentication/http/basic_authenticator_factory.cpp authentication/http/combined_authenticator.cpp) -if (NOT WIN32) - list(APPEND AUTHENTICATION_SRC - authentication/cram_md5/authenticatee.cpp - authentication/cram_md5/authenticator.cpp - authentication/cram_md5/auxprop.cpp) -endif () - if (ENABLE_SSL) list(APPEND AUTHENTICATION_SRC authentication/executor/jwt_secret_generator.cpp) @@ -611,13 +607,14 @@ target_include_directories( target_link_libraries( mesos PUBLIC process + sasl2 zookeeper mesos-protobufs $<$<PLATFORM_ID:Linux>:nvml> $<$<BOOL:${HAS_JAVA}>:mesos-java>) if (NOT WIN32) - target_link_libraries(mesos PUBLIC leveldb sasl2) + target_link_libraries(mesos PUBLIC leveldb) endif () if (ENABLE_PRECOMPILED_HEADERS) http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/Makefile.am ---------------------------------------------------------------------- diff --git a/src/Makefile.am b/src/Makefile.am index 93ed2bf..1b23234 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -231,8 +231,6 @@ LIB_ZOOKEEPER = -lzookeeper_mt LDADD += -lzookeeper_mt endif -MESOS_CPPFLAGS += -DHAS_AUTHENTICATION=1 - # Set up include paths for the protocol buffer compiler. PROTOCFLAGS = -I$(top_srcdir)/include -I$(srcdir) if ENABLE_GRPC http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/master/master.cpp ---------------------------------------------------------------------- diff --git a/src/master/master.cpp b/src/master/master.cpp index b40621e..51d92ef 100644 --- a/src/master/master.cpp +++ b/src/master/master.cpp @@ -491,34 +491,18 @@ void Master::initialize() << " Must be within [0%-100%]"; } -#ifdef HAS_AUTHENTICATION // Log authentication state. if (flags.authenticate_frameworks) { LOG(INFO) << "Master only allowing authenticated frameworks to register"; } else { LOG(INFO) << "Master allowing unauthenticated frameworks to register"; } -#else - if (flags.authenticate_frameworks) { - EXIT(EXIT_FAILURE) << "Authentication is not supported on this platform, " - "but --authenticate flag was passed as argument to " - "master"; - } -#endif // HAS_AUTHENTICATION -#ifdef HAS_AUTHENTICATION if (flags.authenticate_agents) { LOG(INFO) << "Master only allowing authenticated agents to register"; } else { LOG(INFO) << "Master allowing unauthenticated agents to register"; } -#else - if (flags.authenticate_agents) { - EXIT(EXIT_FAILURE) << "Authentication is not supported on this platform, " - "but --authenticate_slaves was passed as argument to " - "master"; - } -#endif // HAS_AUTHENTICATION if (flags.authenticate_http_frameworks) { LOG(INFO) << "Master only allowing authenticated HTTP frameworks to " @@ -544,7 +528,6 @@ void Master::initialize() credentials = _credentials.get(); } -#ifdef HAS_AUTHENTICATION // Extract authenticator names and validate them. authenticatorNames = strings::split(flags.authenticators, ","); if (authenticatorNames.empty()) { @@ -602,7 +585,6 @@ void Master::initialize() authenticator = None(); } } -#endif // HAS_AUTHENTICATION if (flags.authenticate_http_readonly) { Try<Nothing> result = initializeHttpAuthenticators( http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/sched/sched.cpp ---------------------------------------------------------------------- diff --git a/src/sched/sched.cpp b/src/sched/sched.cpp index 09f255e..fb77b79 100644 --- a/src/sched/sched.cpp +++ b/src/sched/sched.cpp @@ -341,7 +341,6 @@ protected: // is safe even if no timer is active or pending. Clock::cancel(frameworkRegistrationTimer); -#ifdef HAS_AUTHENTICATION if (credential.isSome()) { // Authenticate with the master. // TODO(adam-mesos): Consider adding an initial delay like we do for @@ -358,15 +357,6 @@ protected: // (e.g., rate limiting tests). doReliableRegistration(flags.registration_backoff_factor); } -#else - // Authentication not enabled on this platform. Proceed with registration - // without authentication. - reauthenticate = false; - LOG(INFO) << "Authentication is not available on this platform. " - "Attempting to register without authentication"; - - doReliableRegistration(flags.registration_backoff_factor); -#endif // HAS_AUTHENTICATION } else { // In this case, we don't actually invoke Scheduler::error // since we might get reconnected to a master imminently. @@ -378,7 +368,6 @@ protected: .onAny(defer(self(), &SchedulerProcess::detected, lambda::_1)); } -#ifdef HAS_AUTHENTICATION void authenticate() { if (!running.load()) { @@ -537,7 +526,6 @@ protected: LOG(WARNING) << "Authentication timed out"; } } -#endif // HAS_AUTHENTICATION void drop(const Event& event, const string& message) { @@ -825,13 +813,9 @@ protected: return; } -#ifdef HAS_AUTHENTICATION if (credential.isSome() && !authenticated) { return; } -#else - authenticated = false; -#endif // HAS_AUTHENTICATION VLOG(1) << "Sending SUBSCRIBE call to " << master.get().pid(); http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/slave/slave.cpp ---------------------------------------------------------------------- diff --git a/src/slave/slave.cpp b/src/slave/slave.cpp index bf85baf..1ac95f5 100644 --- a/src/slave/slave.cpp +++ b/src/slave/slave.cpp @@ -1060,13 +1060,10 @@ void Slave::authenticate() CHECK(authenticatee == nullptr); -#ifdef HAS_AUTHENTICATION - // On Windows CRAMMD5Authenticatee is not supported. if (authenticateeName == DEFAULT_AUTHENTICATEE) { LOG(INFO) << "Using default CRAM-MD5 authenticatee"; authenticatee = new cram_md5::CRAMMD5Authenticatee(); } -#endif // HAS_AUTHENTICATION if (authenticatee == nullptr) { Try<Authenticatee*> module = http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/CMakeLists.txt ---------------------------------------------------------------------- diff --git a/src/tests/CMakeLists.txt b/src/tests/CMakeLists.txt index def233d..386e047 100644 --- a/src/tests/CMakeLists.txt +++ b/src/tests/CMakeLists.txt @@ -79,9 +79,11 @@ set(MESOS_TESTS_SRC api_tests.cpp attributes_tests.cpp authentication_tests.cpp + authorization_tests.cpp check_tests.cpp command_executor_tests.cpp common_validation_tests.cpp + cram_md5_authentication_tests.cpp credentials_tests.cpp default_executor_tests.cpp exception_tests.cpp @@ -110,6 +112,7 @@ set(MESOS_TESTS_SRC scheduler_event_call_tests.cpp scheduler_http_api_tests.cpp scheduler_tests.cpp + slave_authorization_tests.cpp slave_tests.cpp slave_validation_tests.cpp sorter_tests.cpp @@ -144,9 +147,7 @@ list(APPEND MESOS_TESTS_SRC if (NOT WIN32) list(APPEND MESOS_TESTS_SRC - authorization_tests.cpp container_logger_tests.cpp - cram_md5_authentication_tests.cpp disk_quota_tests.cpp dynamic_weights_tests.cpp examples_tests.cpp @@ -170,7 +171,6 @@ if (NOT WIN32) registrar_tests.cpp reservation_endpoints_tests.cpp reservation_tests.cpp - slave_authorization_tests.cpp slave_recovery_tests.cpp state_tests.cpp teardown_tests.cpp http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/authentication_tests.cpp ---------------------------------------------------------------------- diff --git a/src/tests/authentication_tests.cpp b/src/tests/authentication_tests.cpp index b04be76..3c6124f 100644 --- a/src/tests/authentication_tests.cpp +++ b/src/tests/authentication_tests.cpp @@ -55,9 +55,7 @@ class AuthenticationTest : public MesosTest {}; // This test verifies that an unauthenticated framework is // denied registration by the master. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedFramework) +TEST_F(AuthenticationTest, UnauthenticatedFramework) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -82,9 +80,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedFramework) // This test verifies that an unauthenticated slave is // denied registration by the master. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedSlave) +TEST_F(AuthenticationTest, UnauthenticatedSlave) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -108,10 +104,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, UnauthenticatedSlave) // This test verifies that when the master is started with framework // authentication disabled, it registers unauthenticated frameworks. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - DisableFrameworkAuthentication) +TEST_F(AuthenticationTest, DisableFrameworkAuthentication) { master::Flags flags = CreateMasterFlags(); flags.authenticate_frameworks = false; // Disable authentication. @@ -140,9 +133,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that when the master is started with slave // authentication disabled, it registers unauthenticated slaves. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DisableSlaveAuthentication) +TEST_F(AuthenticationTest, DisableSlaveAuthentication) { master::Flags flags = CreateMasterFlags(); flags.authenticate_agents = false; // Disable authentication. @@ -170,10 +161,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DisableSlaveAuthentication) // This test verifies that an authenticated framework is denied // registration by the master if it uses a different // FrameworkInfo.principal than Credential.principal. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - MismatchedFrameworkInfoPrincipal) +TEST_F(AuthenticationTest, MismatchedFrameworkInfoPrincipal) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -203,11 +191,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // registration by the master if it uses a different // FrameworkInfo::principal than Credential.principal, even // when authentication is not required. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS( - AuthenticationTest, - DisabledFrameworkAuthenticationPrincipalMismatch) +TEST_F(AuthenticationTest, DisabledFrameworkAuthenticationPrincipalMismatch) { master::Flags flags = CreateMasterFlags(); flags.authenticate_frameworks = false; // Authentication not required. @@ -239,10 +223,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS( // This test verifies that if a Framework successfully authenticates // but does not set FrameworkInfo::principal, it is allowed to // register. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - UnspecifiedFrameworkInfoPrincipal) +TEST_F(AuthenticationTest, UnspecifiedFrameworkInfoPrincipal) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -270,9 +251,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that when the master is started with // authentication disabled, it registers authenticated frameworks. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedFramework) +TEST_F(AuthenticationTest, AuthenticatedFramework) { master::Flags flags = CreateMasterFlags(); flags.authenticate_frameworks = false; // Disable authentication. @@ -301,9 +280,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedFramework) // This test verifies that when the master is started with slave // authentication disabled, it registers authenticated slaves. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedSlave) +TEST_F(AuthenticationTest, AuthenticatedSlave) { master::Flags flags = CreateMasterFlags(); flags.authenticate_agents = false; // Disable authentication. @@ -328,10 +305,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, AuthenticatedSlave) // This test verifies that the framework properly retries // authentication when authenticate message is lost. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - RetryFrameworkAuthentication) +TEST_F(AuthenticationTest, RetryFrameworkAuthentication) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -368,9 +342,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that the slave properly retries // authentication when authenticate message is lost. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RetrySlaveAuthentication) +TEST_F(AuthenticationTest, RetrySlaveAuthentication) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -403,10 +375,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RetrySlaveAuthentication) // This test verifies that the framework properly retries // authentication when an intermediate message in SASL protocol // is lost. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - DropIntermediateSASLMessage) +TEST_F(AuthenticationTest, DropIntermediateSASLMessage) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -450,10 +419,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that the slave properly retries // authentication when an intermediate message in SASL protocol // is lost. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - DropIntermediateSASLMessageForSlave) +TEST_F(AuthenticationTest, DropIntermediateSASLMessageForSlave) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -495,9 +461,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // the framework is authenticated but the framework to think // otherwise. The framework should retry authentication and // eventually register. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DropFinalSASLMessage) +TEST_F(AuthenticationTest, DropFinalSASLMessage) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -544,10 +508,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, DropFinalSASLMessage) // the slave is authenticated but the slave to think // otherwise. The slave should retry authentication and // eventually register. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - DropFinalSASLMessageForSlave) +TEST_F(AuthenticationTest, DropFinalSASLMessageForSlave) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -586,9 +547,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that when a master fails over while a framework // authentication attempt is in progress the framework properly // authenticates. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, MasterFailover) +TEST_F(AuthenticationTest, MasterFailover) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -630,10 +589,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, MasterFailover) // This test verifies that when a master fails over while a slave // authentication attempt is in progress the slave properly // authenticates. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - MasterFailoverDuringSlaveAuthentication) +TEST_F(AuthenticationTest, MasterFailoverDuringSlaveAuthentication) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -670,9 +626,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that if the scheduler retries authentication // before the original authentication finishes (e.g., new master // detected due to leader election), it is handled properly. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, LeaderElection) +TEST_F(AuthenticationTest, LeaderElection) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -709,10 +663,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, LeaderElection) // This test verifies that if the slave retries authentication // before the original authentication finishes (e.g., new master // detected due to leader election), it is handled properly. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, - LeaderElectionDuringSlaveAuthentication) +TEST_F(AuthenticationTest, LeaderElectionDuringSlaveAuthentication) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -744,9 +695,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, // This test verifies that if a scheduler fails over in the midst of // authentication it successfully re-authenticates and re-registers // with the master when it comes back up. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, SchedulerFailover) +TEST_F(AuthenticationTest, SchedulerFailover) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); @@ -813,9 +762,7 @@ TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, SchedulerFailover) // This test verifies that a scheduler's re-registration will be // rejected if it specifies a principal different from what's used in // authentication. -// TODO(hausdorff): Enable on Windows when we enable authentication -// to the master. See MESOS-6733 and MESOS-6697. -TEST_F_TEMP_DISABLED_ON_WINDOWS(AuthenticationTest, RejectedSchedulerFailover) +TEST_F(AuthenticationTest, RejectedSchedulerFailover) { Try<Owned<cluster::Master>> master = StartMaster(); ASSERT_SOME(master); http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/src/tests/mesos.cpp ---------------------------------------------------------------------- diff --git a/src/tests/mesos.cpp b/src/tests/mesos.cpp index fc7f8cb..9185b5b 100644 --- a/src/tests/mesos.cpp +++ b/src/tests/mesos.cpp @@ -104,10 +104,8 @@ master::Flags MesosTest::CreateMasterFlags() flags.authenticate_http_readonly = true; flags.authenticate_http_readwrite = true; -#ifdef HAS_AUTHENTICATION flags.authenticate_frameworks = true; flags.authenticate_agents = true; -#endif // HAS_AUTHENTICATION flags.authenticate_http_frameworks = true; flags.http_framework_authenticators = "basic"; @@ -179,7 +177,6 @@ slave::Flags MesosTest::CreateSlaveFlags() flags.docker_store_dir = path::join(directory.get(), "store", "docker"); { -#ifdef HAS_AUTHENTICATION // Create a default credential file for master/agent authentication. const string& path = path::join(directory.get(), "credential"); @@ -203,7 +200,6 @@ slave::Flags MesosTest::CreateSlaveFlags() // Set default (permissive) ACLs. flags.acls = ACLs(); -#endif // HAS_AUTHENTICATION } flags.authenticate_http_readonly = true; http://git-wip-us.apache.org/repos/asf/mesos/blob/e7b3f3ba/support/windows-build.bat ---------------------------------------------------------------------- diff --git a/support/windows-build.bat b/support/windows-build.bat index 100013e..49732c4 100644 --- a/support/windows-build.bat +++ b/support/windows-build.bat @@ -52,7 +52,7 @@ REM You can pass in other flags by setting `OTHER_CMAKE_OPTIONS` before REM calling the script. For example, the ASF CI will add `-DPATCHEXE_PATH=...` REM because the path to GNU Patch is not the default. if not defined CMAKE_GENERATOR (set CMAKE_GENERATOR=Visual Studio 15 2017 Win64) -cmake .. -G "%CMAKE_GENERATOR%" -T "host=x64" -DENABLE_LIBEVENT=1 -DHAS_AUTHENTICATION=0 %OTHER_CMAKE_OPTIONS% +cmake .. -G "%CMAKE_GENERATOR%" -T "host=x64" -DENABLE_LIBEVENT=1 %OTHER_CMAKE_OPTIONS% if %errorlevel% neq 0 exit /b %errorlevel% REM Build and run the stout tests.
