mirror of
https://github.com/google/nomulus.git
synced 2025-08-05 09:21:49 +02:00
Do not send SNI headers in the GCP proxy
The server no longer checks it as of [] ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=213278568
This commit is contained in:
parent
1d134cdd3f
commit
5be04f45b2
7 changed files with 0 additions and 22 deletions
|
@ -150,7 +150,6 @@ public class EppProtocolModule {
|
|||
config.epp.relayHost,
|
||||
config.epp.relayPath,
|
||||
accessTokenSupplier,
|
||||
config.epp.serverHostname,
|
||||
helloBytes,
|
||||
metrics);
|
||||
}
|
||||
|
|
|
@ -69,7 +69,6 @@ public class ProxyConfig {
|
|||
public int maxMessageLengthBytes;
|
||||
public int headerLengthBytes;
|
||||
public int readTimeoutSeconds;
|
||||
public String serverHostname;
|
||||
public Quota quota;
|
||||
}
|
||||
|
||||
|
|
|
@ -96,10 +96,6 @@ epp:
|
|||
# request.
|
||||
readTimeoutSeconds: 3600
|
||||
|
||||
# Hostname of the EPP server.
|
||||
# TODO(b/64510444) Remove this after nomulus no longer check sni header.
|
||||
serverHostname: epp.yourdomain.tld
|
||||
|
||||
# Quota configuration for EPP
|
||||
quota:
|
||||
|
||||
|
|
|
@ -52,10 +52,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
|
|||
/** Name of the HTTP header that stores the client certificate hash. */
|
||||
public static final String SSL_CLIENT_CERTIFICATE_HASH_FIELD = "X-SSL-Certificate";
|
||||
|
||||
/** Name of the HTTP header that stores the epp server name requested by the client using SNI. */
|
||||
// TODO(b/64510444): remove this header entirely when borg proxy is retired.
|
||||
public static final String REQUESTED_SERVERNAME_VIA_SNI_FIELD = "X-Requested-Servername-SNI";
|
||||
|
||||
/** Name of the HTTP header that stores the client IP address. */
|
||||
public static final String FORWARDED_FOR_FIELD = "X-Forwarded-For";
|
||||
|
||||
|
@ -64,7 +60,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
|
|||
|
||||
public static final String EPP_CONTENT_TYPE = "application/epp+xml";
|
||||
|
||||
private final String serverHostname;
|
||||
private final byte[] helloBytes;
|
||||
|
||||
private String sslClientCertificateHash;
|
||||
|
@ -74,11 +69,9 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
|
|||
String relayHost,
|
||||
String relayPath,
|
||||
Supplier<String> accessTokenSupplier,
|
||||
String serverHostname,
|
||||
byte[] helloBytes,
|
||||
FrontendMetrics metrics) {
|
||||
super(relayHost, relayPath, accessTokenSupplier, metrics);
|
||||
this.serverHostname = serverHostname;
|
||||
this.helloBytes = helloBytes;
|
||||
}
|
||||
|
||||
|
@ -135,7 +128,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
|
|||
request
|
||||
.headers()
|
||||
.set(SSL_CLIENT_CERTIFICATE_HASH_FIELD, sslClientCertificateHash)
|
||||
.set(REQUESTED_SERVERNAME_VIA_SNI_FIELD, serverHostname)
|
||||
.set(FORWARDED_FOR_FIELD, clientAddress)
|
||||
.set(HttpHeaderNames.CONTENT_TYPE, EPP_CONTENT_TYPE)
|
||||
.set(HttpHeaderNames.ACCEPT, EPP_CONTENT_TYPE);
|
||||
|
|
|
@ -106,7 +106,6 @@ public class EppProtocolModuleTest extends ProtocolModuleTest {
|
|||
PROXY_CONFIG.epp.relayPath,
|
||||
TestModule.provideFakeAccessToken().get(),
|
||||
getCertificateHash(certificate),
|
||||
PROXY_CONFIG.epp.serverHostname,
|
||||
CLIENT_ADDRESS,
|
||||
cookies);
|
||||
}
|
||||
|
|
|
@ -85,7 +85,6 @@ public class TestUtils {
|
|||
String path,
|
||||
String accessToken,
|
||||
String sslClientCertificateHash,
|
||||
String serverHostname,
|
||||
String clientAddress,
|
||||
Cookie... cookies) {
|
||||
FullHttpRequest request = makeHttpPostRequest(content, host, path);
|
||||
|
@ -95,7 +94,6 @@ public class TestUtils {
|
|||
.set("content-type", "application/epp+xml")
|
||||
.set("accept", "application/epp+xml")
|
||||
.set("X-SSL-Certificate", sslClientCertificateHash)
|
||||
.set("X-Requested-Servername-SNI", serverHostname)
|
||||
.set("X-Forwarded-For", clientAddress);
|
||||
if (cookies.length != 0) {
|
||||
request.headers().set("cookie", ClientCookieEncoder.STRICT.encode(cookies));
|
||||
|
|
|
@ -62,7 +62,6 @@ public class EppServiceHandlerTest {
|
|||
private static final String RELAY_HOST = "registry.example.tld";
|
||||
private static final String RELAY_PATH = "/epp";
|
||||
private static final String ACCESS_TOKEN = "this.access.token";
|
||||
private static final String SERVER_HOSTNAME = "epp.example.tld";
|
||||
private static final String CLIENT_ADDRESS = "epp.client.tld";
|
||||
private static final String PROTOCOL = "epp";
|
||||
|
||||
|
@ -75,7 +74,6 @@ public class EppServiceHandlerTest {
|
|||
RELAY_HOST,
|
||||
RELAY_PATH,
|
||||
() -> ACCESS_TOKEN,
|
||||
SERVER_HOSTNAME,
|
||||
HELLO.getBytes(UTF_8),
|
||||
metrics);
|
||||
|
||||
|
@ -110,7 +108,6 @@ public class EppServiceHandlerTest {
|
|||
RELAY_PATH,
|
||||
ACCESS_TOKEN,
|
||||
getCertificateHash(clientCertificate),
|
||||
SERVER_HOSTNAME,
|
||||
CLIENT_ADDRESS,
|
||||
cookies);
|
||||
}
|
||||
|
@ -155,7 +152,6 @@ public class EppServiceHandlerTest {
|
|||
RELAY_HOST,
|
||||
RELAY_PATH,
|
||||
() -> ACCESS_TOKEN,
|
||||
SERVER_HOSTNAME,
|
||||
HELLO.getBytes(UTF_8),
|
||||
metrics);
|
||||
EmbeddedChannel channel2 = setUpNewChannel(eppServiceHandler2);
|
||||
|
@ -180,7 +176,6 @@ public class EppServiceHandlerTest {
|
|||
RELAY_HOST,
|
||||
RELAY_PATH,
|
||||
() -> ACCESS_TOKEN,
|
||||
SERVER_HOSTNAME,
|
||||
HELLO.getBytes(UTF_8),
|
||||
metrics);
|
||||
EmbeddedChannel channel2 = setUpNewChannel(eppServiceHandler2);
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue