Re: Review Request 18381: Added authentication support for slaves.

[Adam B]

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/18381/
-----------------------------------------------------------

(Updated March 11, 2014, 6:51 p.m.)


Review request for mesos and Vinod Kone.


Changes
-------

Rebased; moved deactivate(Slave) to a separate review (r/19006) that this 
depends on; filed new JIRA MESOS-1081 for the issue "Master should not 
deactivate authenticated framework/slave on new AuthenticateMessage unless new 
authentication succeeds."


Bugs: MESOS-804
    https://issues.apache.org/jira/browse/MESOS-804


Repository: mesos-git


Description (updated)
-------

Added authentication support for slaves.
Fixes MESOS-804.

Open Questions:
- Should AuthenticateMessage be replaced with AuthenticateFrameworkMessage, or 
specify an Authenticatee type as coded here?
- When multiple entries for the same principal exist in the credentials file, 
only the last entry is used. Acceptable behavior, but shouldn't this be 
documented?


Diffs (updated)
-----

  src/master/flags.hpp 012eb5a 
  src/master/master.hpp 49a3e15 
  src/master/master.cpp 2a40333 
  src/messages/messages.proto c26a3d0 
  src/sasl/authenticatee.hpp 42a4eba 
  src/sasl/common.hpp PRE-CREATION 
  src/sched/sched.cpp 00f6307 
  src/slave/flags.hpp c9a627b 
  src/slave/slave.hpp 01b80df 
  src/slave/slave.cpp 6abb95d 
  src/tests/authentication_tests.cpp 127c5e6 
  src/tests/cluster.hpp 24bb750 
  src/tests/mesos.cpp 96adeac 
  src/tests/sasl_tests.cpp 945426d 
  src/tests/slave_recovery_tests.cpp 40a9599 

Diff: https://reviews.apache.org/r/18381/diff/


Testing
-------

make check; manually tested flatfile slave authentication success/failure.
Added new slave authentication unit tests in authentication_tests.cpp.


Thanks,

Adam B