Remove enforcement date from the SslServerInitializer (#1117)

The enforcement data has passed and ICANN has confirmed that their web WHOIS prober conforms to our requirements.  --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/google/nomulus/1117)
2025-07-25 20:18:34 +02:00 · 2021-04-30 15:44:03 -04:00 · 2021-04-30 15:44:03 -04:00 · 8d63cbfca0
commit 8d63cbfca0
parent eb6a1fe1ed
7 changed files with 37 additions and 141 deletions
--- a/proxy/src/main/java/google/registry/proxy/EppProtocolModule.java
+++ b/proxy/src/main/java/google/registry/proxy/EppProtocolModule.java
@ -50,7 +50,6 @@ import javax.inject.Named;
 import javax.inject.Provider;
 import javax.inject.Qualifier;
 import javax.inject.Singleton;
-import org.joda.time.DateTime;

 /** A module that provides the {@link FrontendProtocol} used for epp protocol. */
@Module
@ -160,19 +159,11 @@ public final class EppProtocolModule {
  @Provides
  @EppProtocol
  static SslServerInitializer<NioSocketChannel> provideSslServerInitializer(
-      ProxyConfig config,
      SslProvider sslProvider,
      Supplier<PrivateKey> privateKeySupplier,
-      Supplier<ImmutableList<X509Certificate>> certificatesSupplier,
-      Clock clock) {
+      Supplier<ImmutableList<X509Certificate>> certificatesSupplier) {
    return new SslServerInitializer<>(
-        true,
-        false,
-        sslProvider,
-        privateKeySupplier,
-        certificatesSupplier,
-        DateTime.parse(config.tlsEnforcementStartTime),
-        clock);
+        true, false, sslProvider, privateKeySupplier, certificatesSupplier);
  }

  @Provides
--- a/proxy/src/main/java/google/registry/proxy/ProxyConfig.java
+++ b/proxy/src/main/java/google/registry/proxy/ProxyConfig.java
@ -48,7 +48,6 @@ public class ProxyConfig {
  public WebWhois webWhois;
  public HttpsRelay httpsRelay;
  public Metrics metrics;
-  public String tlsEnforcementStartTime;

  /** Configuration options that apply to GCS. */
  public static class Gcs {
--- a/proxy/src/main/java/google/registry/proxy/WebWhoisProtocolsModule.java
+++ b/proxy/src/main/java/google/registry/proxy/WebWhoisProtocolsModule.java
@ -21,8 +21,6 @@ import dagger.multibindings.IntoSet;
 import google.registry.networking.handler.SslServerInitializer;
 import google.registry.proxy.Protocol.FrontendProtocol;
 import google.registry.proxy.handler.WebWhoisRedirectHandler;
-import google.registry.util.Clock;
-import google.registry.util.DateTimeUtils;
 import io.netty.channel.ChannelHandler;
 import io.netty.channel.socket.nio.NioSocketChannel;
 import io.netty.handler.codec.http.HttpServerCodec;
@ -135,15 +133,8 @@ public final class WebWhoisProtocolsModule {
  static SslServerInitializer<NioSocketChannel> provideSslServerInitializer(
      SslProvider sslProvider,
      Supplier<PrivateKey> privateKeySupplier,
-      Supplier<ImmutableList<X509Certificate>> certificatesSupplier,
-      Clock clock) {
+      Supplier<ImmutableList<X509Certificate>> certificatesSupplier) {
    return new SslServerInitializer<>(
-        false,
-        false,
-        sslProvider,
-        privateKeySupplier,
-        certificatesSupplier,
-        DateTimeUtils.END_OF_TIME,
-        clock);
+        false, false, sslProvider, privateKeySupplier, certificatesSupplier);
  }
 }
--- a/proxy/src/main/java/google/registry/proxy/config/default-config.yaml
+++ b/proxy/src/main/java/google/registry/proxy/config/default-config.yaml
@ -8,9 +8,6 @@
 # GCP project ID
 projectId: your-gcp-project-id

-# Time to begin enforcement of TLS versions and cipher suites.
-tlsEnforcementStartTime: "1970-01-01T00:00:00Z"
-
 # OAuth scope that the GoogleCredential will be constructed with. This list
 # should include all service scopes that the proxy depends on.
 gcpScopes: