zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 00:17:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove checking of SNI headers

Browse source 
This is only useful when we used the [] proxy because the GFE requires SNI during handshake in order to request the client certificate. The GCP proxy does not need this (it always requests the client certificate). We do not need to check for its existence.

Also removed the checking of internal headers for ssl cert hash used only by the [] proxy.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=213059027
This commit is contained in:
jianglai 2018-09-14 16:01:56 -07:00
parent 8cdba74cab
commit 8d675a4b8c
10 changed files with 17 additions and 79 deletions
Download patch file Download diff file Expand all files Collapse all files

5
java/google/registry/flows/EppTlsAction.java
View file

@ -43,11 +43,6 @@ public class EppTlsAction implements Runnable {
@Override
public void run() {
// Check that SNI header is present. This is a signal that we're receiving traffic proxied by a
// GFE, which is the expectation of this servlet. The value is unused.
if (!tlsCredentials.hasSni()) {
logger.atWarning().log("Request did not include required SNI header.");
}
eppRequestHandler.executeEpp(
new HttpSessionMetadata(session),
tlsCredentials,