// This test verifies that a missing secret fails the authenticatee.
TYPED_TEST(CRAMMD5Authentication, AuthenticateeSecretMissing)
{
Credential credential;
credential.set_principal("benh");
Try<Authenticatee*> authenticatee = TypeParam::TypeAuthenticatee::create();
CHECK_SOME(authenticatee);
Future<bool> future =
authenticatee.get()->authenticate(UPID(), UPID(), credential);
AWAIT_EQ(false, future);
delete authenticatee.get();
}
// Bad password should return an authentication failure.
TEST(SASL, failed1)
{
// Set up secrets.
map<string, string> secrets;
secrets["benh"] = "secret1";
sasl::secrets::load(secrets);
// Launch a dummy process (somebody to send the AuthenticateMessage).
UPID pid = spawn(new ProcessBase(), true);
Credential credential;
credential.set_principal("benh");
credential.set_secret("secret");
Authenticatee authenticatee(credential, UPID());
Future<Message> message =
FUTURE_MESSAGE(Eq(AuthenticateMessage().GetTypeName()), _, _);
Future<bool> client = authenticatee.authenticate(pid);
AWAIT_READY(message);
Authenticator authenticator(message.get().from);
Future<bool> server = authenticator.authenticate();
AWAIT_EQ(false, client);
AWAIT_EQ(false, server);
terminate(pid);
}
// This test verifies that the pending future returned by
// 'Authenticator::authenticate()' is properly failed when the Authenticator is
// destructed in the middle of authentication.
TYPED_TEST(CRAMMD5Authentication, AuthenticatorDestructionRace)
{
// Launch a dummy process (somebody to send the AuthenticateMessage).
UPID pid = spawn(new ProcessBase(), true);
Credential credential1;
credential1.set_principal("benh");
credential1.set_secret("secret");
Credentials credentials;
Credential* credential2 = credentials.add_credentials();
credential2->set_principal(credential1.principal());
credential2->set_secret(credential1.secret());
secrets::load(credentials);
Future<Message> message =
FUTURE_MESSAGE(Eq(AuthenticateMessage().GetTypeName()), _, _);
Try<Authenticatee*> authenticatee = TypeParam::TypeAuthenticatee::create();
CHECK_SOME(authenticatee);
Future<bool> client =
authenticatee.get()->authenticate(pid, UPID(), credential1);
AWAIT_READY(message);
Try<Authenticator*> authenticator = TypeParam::TypeAuthenticator::create();
CHECK_SOME(authenticator);
authenticator.get()->initialize(message.get().from);
// Drop the AuthenticationStepMessage from authenticator to keep
// the authentication from getting completed.
Future<AuthenticationStepMessage> authenticationStepMessage =
DROP_PROTOBUF(AuthenticationStepMessage(), _, _);
Future<Option<string>> principal = authenticator.get()->authenticate();
AWAIT_READY(authenticationStepMessage);
// At this point 'AuthenticatorProcess::authenticate()' has been
// executed and its promise associated with the promise returned
// by 'Authenticator::authenticate()'.
// Authentication should be pending.
ASSERT_TRUE(principal.isPending());
// Now delete the authenticator.
delete authenticator.get();
// The future should be failed at this point.
AWAIT_FAILED(principal);
terminate(pid);
delete authenticatee.get();
}
v1::scheduler::Event evolve(const StatusUpdateMessage& message)
{
v1::scheduler::Event event;
event.set_type(v1::scheduler::Event::UPDATE);
v1::scheduler::Event::Update* update = event.mutable_update();
update->mutable_status()->CopyFrom(evolve(message.update().status()));
if (message.update().has_slave_id()) {
update->mutable_status()->mutable_agent_id()->CopyFrom(
evolve(message.update().slave_id()));
}
if (message.update().has_executor_id()) {
update->mutable_status()->mutable_executor_id()->CopyFrom(
evolve(message.update().executor_id()));
}
update->mutable_status()->set_timestamp(message.update().timestamp());
// If the update does not have a 'uuid', it does not need
// acknowledging. However, prior to 0.23.0, the update uuid
// was required and always set. In 0.24.0, we can rely on the
// update uuid check here, until then we must still check for
// this being sent from the driver (from == UPID()) or from
// the master (pid == UPID()).
// TODO(vinod): Get rid of this logic in 0.25.0 because master
// and slave correctly set task status in 0.24.0.
if (!message.update().has_uuid() || message.update().uuid() == "") {
update->mutable_status()->clear_uuid();
} else if (UPID(message.pid()) == UPID()) {
update->mutable_status()->clear_uuid();
} else {
update->mutable_status()->set_uuid(message.update().uuid());
}
return event;
}
TYPED_TEST(CRAMMD5Authentication, Success)
{
// Launch a dummy process (somebody to send the AuthenticateMessage).
UPID pid = spawn(new ProcessBase(), true);
Credential credential1;
credential1.set_principal("benh");
credential1.set_secret("secret");
Credentials credentials;
Credential* credential2 = credentials.add_credentials();
credential2->set_principal(credential1.principal());
credential2->set_secret(credential1.secret());
Future<Message> message =
FUTURE_MESSAGE(Eq(AuthenticateMessage().GetTypeName()), _, _);
Try<Authenticatee*> authenticatee = TypeParam::TypeAuthenticatee::create();
CHECK_SOME(authenticatee);
Future<bool> client =
authenticatee.get()->authenticate(pid, UPID(), credential1);
AWAIT_READY(message);
Try<Authenticator*> authenticator = TypeParam::TypeAuthenticator::create();
CHECK_SOME(authenticator);
EXPECT_SOME(authenticator.get()->initialize(credentials));
Future<Option<string>> principal =
authenticator.get()->authenticate(message.get().from);
AWAIT_EQ(true, client);
AWAIT_READY(principal);
EXPECT_SOME_EQ("benh", principal.get());
terminate(pid);
delete authenticator.get();
delete authenticatee.get();
}
