Do not send SNI headers in the GCP proxy

The server no longer checks it as of []

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=213278568

proxy/java/google/registry/proxy/EppProtocolModule.java

@@ -150,7 +150,6 @@ public class EppProtocolModule {
         config.epp.relayHost,
         config.epp.relayPath,
         accessTokenSupplier,
-        config.epp.serverHostname,
         helloBytes,
         metrics);
   }

proxy/java/google/registry/proxy/ProxyConfig.java

@@ -69,7 +69,6 @@ public class ProxyConfig {
     public int maxMessageLengthBytes;
     public int headerLengthBytes;
     public int readTimeoutSeconds;
-    public String serverHostname;
     public Quota quota;
   }
 

proxy/java/google/registry/proxy/config/default-config.yaml

@@ -96,10 +96,6 @@ epp:
   # request.
   readTimeoutSeconds: 3600
 
-  # Hostname of the EPP server.
-  # TODO(b/64510444) Remove this after nomulus no longer check sni header.
-  serverHostname: epp.yourdomain.tld
-
   # Quota configuration for EPP
   quota:
 

proxy/java/google/registry/proxy/handler/EppServiceHandler.java

@@ -52,10 +52,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
   /** Name of the HTTP header that stores the client certificate hash. */
   public static final String SSL_CLIENT_CERTIFICATE_HASH_FIELD = "X-SSL-Certificate";
 
-  /** Name of the HTTP header that stores the epp server name requested by the client using SNI. */
-  // TODO(b/64510444): remove this header entirely when borg proxy is retired.
-  public static final String REQUESTED_SERVERNAME_VIA_SNI_FIELD = "X-Requested-Servername-SNI";
-
   /** Name of the HTTP header that stores the client IP address. */
   public static final String FORWARDED_FOR_FIELD = "X-Forwarded-For";
 
@@ -64,7 +60,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
 
   public static final String EPP_CONTENT_TYPE = "application/epp+xml";
 
-  private final String serverHostname;
   private final byte[] helloBytes;
 
   private String sslClientCertificateHash;
@@ -74,11 +69,9 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
       String relayHost,
       String relayPath,
       Supplier<String> accessTokenSupplier,
-      String serverHostname,
       byte[] helloBytes,
       FrontendMetrics metrics) {
     super(relayHost, relayPath, accessTokenSupplier, metrics);
-    this.serverHostname = serverHostname;
     this.helloBytes = helloBytes;
   }
 
@@ -135,7 +128,6 @@ public class EppServiceHandler extends HttpsRelayServiceHandler {
     request
         .headers()
         .set(SSL_CLIENT_CERTIFICATE_HASH_FIELD, sslClientCertificateHash)
-        .set(REQUESTED_SERVERNAME_VIA_SNI_FIELD, serverHostname)
         .set(FORWARDED_FOR_FIELD, clientAddress)
         .set(HttpHeaderNames.CONTENT_TYPE, EPP_CONTENT_TYPE)
         .set(HttpHeaderNames.ACCEPT, EPP_CONTENT_TYPE);

proxy/javatests/google/registry/proxy/EppProtocolModuleTest.java

@@ -106,7 +106,6 @@ public class EppProtocolModuleTest extends ProtocolModuleTest {
         PROXY_CONFIG.epp.relayPath,
         TestModule.provideFakeAccessToken().get(),
         getCertificateHash(certificate),
-        PROXY_CONFIG.epp.serverHostname,
         CLIENT_ADDRESS,
         cookies);
   }

proxy/javatests/google/registry/proxy/TestUtils.java

@@ -85,7 +85,6 @@ public class TestUtils {
       String path,
       String accessToken,
       String sslClientCertificateHash,
-      String serverHostname,
       String clientAddress,
       Cookie... cookies) {
     FullHttpRequest request = makeHttpPostRequest(content, host, path);
@@ -95,7 +94,6 @@ public class TestUtils {
         .set("content-type", "application/epp+xml")
         .set("accept", "application/epp+xml")
         .set("X-SSL-Certificate", sslClientCertificateHash)
-        .set("X-Requested-Servername-SNI", serverHostname)
         .set("X-Forwarded-For", clientAddress);
     if (cookies.length != 0) {
       request.headers().set("cookie", ClientCookieEncoder.STRICT.encode(cookies));

proxy/javatests/google/registry/proxy/handler/EppServiceHandlerTest.java

@@ -62,7 +62,6 @@ public class EppServiceHandlerTest {
   private static final String RELAY_HOST = "registry.example.tld";
   private static final String RELAY_PATH = "/epp";
   private static final String ACCESS_TOKEN = "this.access.token";
-  private static final String SERVER_HOSTNAME = "epp.example.tld";
   private static final String CLIENT_ADDRESS = "epp.client.tld";
   private static final String PROTOCOL = "epp";
 
@@ -75,7 +74,6 @@ public class EppServiceHandlerTest {
           RELAY_HOST,
           RELAY_PATH,
           () -> ACCESS_TOKEN,
-          SERVER_HOSTNAME,
           HELLO.getBytes(UTF_8),
           metrics);
 
@@ -110,7 +108,6 @@ public class EppServiceHandlerTest {
         RELAY_PATH,
         ACCESS_TOKEN,
         getCertificateHash(clientCertificate),
-        SERVER_HOSTNAME,
         CLIENT_ADDRESS,
         cookies);
   }
@@ -155,7 +152,6 @@ public class EppServiceHandlerTest {
             RELAY_HOST,
             RELAY_PATH,
             () -> ACCESS_TOKEN,
-            SERVER_HOSTNAME,
             HELLO.getBytes(UTF_8),
             metrics);
     EmbeddedChannel channel2 = setUpNewChannel(eppServiceHandler2);
@@ -180,7 +176,6 @@ public class EppServiceHandlerTest {
             RELAY_HOST,
             RELAY_PATH,
             () -> ACCESS_TOKEN,
-            SERVER_HOSTNAME,
             HELLO.getBytes(UTF_8),
             metrics);
     EmbeddedChannel channel2 = setUpNewChannel(eppServiceHandler2);