[ https://issues.apache.org/jira/browse/MESOS-9042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16529062#comment-16529062 ]
Till Toenshoff commented on MESOS-9042: --------------------------------------- The solution I have now built does depend on users supplying the modules library explicitly when intending to use CRAM-MD5 authentication - that is a breaking change against the existing way of doing things. We need to discuss this and all the options we have. For that I will spin up a mail in the dev-list – hoping for your input. And here are some results of my approach: {noformat} $ otool -L libmesos.dylib libmesos.dylib: @rpath/libmesos.0.dylib (compatibility version 0.0.0, current version 1.7.0) @rpath/libprocess.dylib (compatibility version 0.0.0, current version 0.0.0) @rpath/libmesos-protobufs.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/local/opt/apr/libexec/lib/libapr-1.0.dylib (compatibility version 7.0.0, current version 7.3.0) /usr/lib/libcurl.4.dylib (compatibility version 7.0.0, current version 9.0.0) /Users/till/Development/mesos-private/build/3rdparty/glog-0.3.3/src/glog-0.3.3-build/lib/libglog.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.11) /usr/local/opt/subversion/lib/libsvn_delta-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/subversion/lib/libsvn_diff-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/subversion/lib/libsvn_subr-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0) /Users/till/Development/mesos-private/build/3rdparty/protobuf-3.5.0/src/protobuf-3.5.0-build/libprotobuf.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 400.9.4) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.200.5){noformat} No SASL in the dependencies anymore. The module library for RPC authentication shows this: {noformat} $ otool -L libauthentication.dylib libauthentication.dylib: @rpath/libauthentication.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/lib/libsasl2.2.dylib (compatibility version 3.0.0, current version 3.15.0) @rpath/libmesos.0.dylib (compatibility version 0.0.0, current version 1.7.0) @rpath/libprocess.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/local/opt/apr/libexec/lib/libapr-1.0.dylib (compatibility version 7.0.0, current version 7.3.0) /usr/lib/libcurl.4.dylib (compatibility version 7.0.0, current version 9.0.0) /Users/till/Development/mesos-private/build/3rdparty/glog-0.3.3/src/glog-0.3.3-build/lib/libglog.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.11) /usr/local/opt/subversion/lib/libsvn_delta-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/subversion/lib/libsvn_diff-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/subversion/lib/libsvn_subr-1.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0) @rpath/libmesos-protobufs.dylib (compatibility version 0.0.0, current version 0.0.0) /Users/till/Development/mesos-private/build/3rdparty/protobuf-3.5.0/src/protobuf-3.5.0-build/libprotobuf.dylib (compatibility version 0.0.0, current version 0.0.0) /usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 400.9.4) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.200.5){noformat} So this library now drags in a hard dependency against SASL. > Move SASL based CRAM-MD5 authentication out of libmesos. > -------------------------------------------------------- > > Key: MESOS-9042 > URL: https://issues.apache.org/jira/browse/MESOS-9042 > Project: Mesos > Issue Type: Improvement > Reporter: Till Toenshoff > Priority: Minor > Labels: SASL, building, deployment, modules, security > > We might want to reduce the hard dependencies of libmesos against third party > libraries, simplifying deployment and speeding up load times. In case of the > SASL based CRAM-MD5 authentication, we already have (test-)modules built > which provide the needed services. -- This message was sent by Atlassian JIRA (v7.6.3#76005)