----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/27494/#review60125 -----------------------------------------------------------
Code looks great; almost ready to commit. I just want to open up the couple of discussions below first. src/messages/messages.proto <https://reviews.apache.org/r/27494/#comment101459> A little more clarity on this change: 'string' and 'bytes' are exactly the same on the wire, and both are represented as std::string in C++, so that shouldn't be a problem. https://www.mail-archive.com/[email protected]/msg01478.html Java and Python represent UTF-8 strings ('string') differently from byte arrays ('bytes'), but the framework scheduler would send this message from the C++ libmesos authenticatee. Some pure language bindings may have to change the datatype used to support framework authentication after this change. This may need to be documented in upgrade notes. src/slave/slave.cpp <https://reviews.apache.org/r/27494/#comment101461> This feels a little awkward. Now, we try to authenticate if --authenticatee is set (to non-default) or --credential is set; otherwise register directly? Maybe it's time to have an explicit --authenticate flag, so --credential isn't both a path to a credential file and a switch to enable authentication. Thoughts? Or maybe just check to see if there's a viable authenticatee, and if not, try to register without authenticating. The master/authenticator would reject an unauthenticated slave/framework if the master has enabled authn, so the authenticatee doesn't have to be so strict about exiting instead of registering without authentication. - Adam B On Nov. 5, 2014, 4:19 p.m., Till Toenshoff wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/27494/ > ----------------------------------------------------------- > > (Updated Nov. 5, 2014, 4:19 p.m.) > > > Review request for mesos, Adam B and Vinod Kone. > > > Bugs: MESOS-2001 > https://issues.apache.org/jira/browse/MESOS-2001 > > > Repository: mesos-git > > > Description > ------- > > Also fixes messages.proto to use a raw bytestream instead of a string for > AuthenticationStartMessage as non CRAM-MD5 authentication may transmit binary > data. > > Note that this patch covers modularized slave authentication only. Framework > authentication currently is currently covered by the default (built-in) > implementation. There will be a subsequent patch for modularized framework > authentication. > > > Diffs > ----- > > src/messages/messages.proto de0e2a2 > src/sched/sched.cpp e5f828d > src/scheduler/scheduler.cpp c74187c > src/slave/constants.hpp 701dd89 > src/slave/constants.cpp d6ad78c > src/slave/flags.hpp efbd35d > src/slave/slave.hpp 5b082fc > src/slave/slave.cpp dbfd1a8 > > Diff: https://reviews.apache.org/r/27494/diff/ > > > Testing > ------- > > make check > > NOTE all three CRAM-MD5 authenticatee module related RRs need to get applied > before running make check. > > > Thanks, > > Till Toenshoff > >
