mirror of
https://github.com/google/nomulus
synced 2026-06-09 16:33:02 +00:00
Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 576c05ff5f | |||
| f52e887db5 | |||
| 6ed286e3bc | |||
| 93d922af6f | |||
| 0b73e9032c |
@@ -1,25 +1,28 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -24,6 +24,7 @@ import java.time.ZonedDateTime;
|
||||
import java.util.TimeZone;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.DateTimeZone;
|
||||
import org.joda.time.LocalDate;
|
||||
|
||||
/** Utilities methods and constants related to Joda {@link DateTime} objects. */
|
||||
public class DateTimeUtils {
|
||||
@@ -108,4 +109,12 @@ public class DateTimeUtils {
|
||||
zonedDateTime.toInstant().toEpochMilli(),
|
||||
DateTimeZone.forTimeZone(TimeZone.getTimeZone(zonedDateTime.getZone())));
|
||||
}
|
||||
|
||||
public static java.sql.Date toSqlDate(LocalDate localDate) {
|
||||
return new java.sql.Date(localDate.toDateTimeAtStartOfDay().getMillis());
|
||||
}
|
||||
|
||||
public static LocalDate toLocalDate(java.sql.Date date) {
|
||||
return new LocalDate(date.getTime(), DateTimeZone.UTC);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,7 +18,6 @@ import static com.google.common.base.Preconditions.checkArgument;
|
||||
|
||||
import com.google.common.util.concurrent.Uninterruptibles;
|
||||
import java.io.Serializable;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import javax.annotation.concurrent.ThreadSafe;
|
||||
import javax.inject.Inject;
|
||||
import org.joda.time.ReadableDuration;
|
||||
@@ -41,6 +40,6 @@ public final class SystemSleeper implements Sleeper, Serializable {
|
||||
@Override
|
||||
public void sleepUninterruptibly(ReadableDuration duration) {
|
||||
checkArgument(duration.getMillis() >= 0);
|
||||
Uninterruptibles.sleepUninterruptibly(duration.getMillis(), TimeUnit.MILLISECONDS);
|
||||
Uninterruptibles.sleepUninterruptibly(java.time.Duration.ofMillis(duration.getMillis()));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -30,11 +30,14 @@ javax.inject:javax.inject:1
|
||||
javax.persistence:javax.persistence-api:2.2
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.11.1
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -30,11 +30,14 @@ javax.inject:javax.inject:1
|
||||
javax.persistence:javax.persistence-api:2.2
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.11.1
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
// Copyright 2020 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.config;
|
||||
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import dagger.Module;
|
||||
import dagger.Provides;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import google.registry.util.Clock;
|
||||
import javax.inject.Singleton;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
/** Dagger module that provides the {@link CertificateChecker} used in the application. */
|
||||
// TODO(sarahbot@): Move this module to a better location. Possibly flows/. If we decide to move
|
||||
// CertificateChecker.java to core/ delete this file and inject the CertificateChecker constructor
|
||||
// instead.
|
||||
@Module
|
||||
public abstract class CertificateCheckerModule {
|
||||
|
||||
@Provides
|
||||
@Singleton
|
||||
static CertificateChecker provideCertificateChecker(
|
||||
@Config("maxValidityDaysSchedule") ImmutableSortedMap<DateTime, Integer> validityDaysMap,
|
||||
@Config("expirationWarningDays") int daysToExpiration,
|
||||
@Config("minimumRsaKeyLength") int minimumRsaKeyLength,
|
||||
Clock clock) {
|
||||
return new CertificateChecker(validityDaysMap, daysToExpiration, minimumRsaKeyLength, clock);
|
||||
}
|
||||
|
||||
private CertificateCheckerModule() {}
|
||||
}
|
||||
@@ -16,9 +16,12 @@ package google.registry.config;
|
||||
|
||||
import static com.google.common.base.Suppliers.memoize;
|
||||
import static com.google.common.collect.ImmutableList.toImmutableList;
|
||||
import static com.google.common.collect.ImmutableSortedMap.toImmutableSortedMap;
|
||||
import static google.registry.config.ConfigUtils.makeUrl;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static google.registry.util.ResourceUtils.readResourceUtf8;
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
import static java.util.Comparator.naturalOrder;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.base.Ascii;
|
||||
@@ -27,6 +30,7 @@ import com.google.common.base.Strings;
|
||||
import com.google.common.base.Supplier;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import dagger.Module;
|
||||
import dagger.Provides;
|
||||
import google.registry.util.TaskQueueUtils;
|
||||
@@ -46,6 +50,7 @@ import javax.inject.Qualifier;
|
||||
import javax.inject.Singleton;
|
||||
import javax.mail.internet.AddressException;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.DateTimeConstants;
|
||||
import org.joda.time.Duration;
|
||||
|
||||
@@ -1345,6 +1350,33 @@ public final class RegistryConfig {
|
||||
public static String provideRdapTosStaticUrl(RegistryConfigSettings config) {
|
||||
return config.registryPolicy.rdapTosStaticUrl;
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("maxValidityDaysSchedule")
|
||||
public static ImmutableSortedMap<DateTime, Integer> provideValidityDaysMap(
|
||||
RegistryConfigSettings config) {
|
||||
return config.sslCertificateValidation.maxValidityDaysSchedule.entrySet().stream()
|
||||
.collect(
|
||||
toImmutableSortedMap(
|
||||
naturalOrder(),
|
||||
e ->
|
||||
e.getKey().equals("START_OF_TIME")
|
||||
? START_OF_TIME
|
||||
: DateTime.parse(e.getKey()),
|
||||
e -> e.getValue()));
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("expirationWarningDays")
|
||||
public static int provideDaysToExpiration(RegistryConfigSettings config) {
|
||||
return config.sslCertificateValidation.expirationWarningDays;
|
||||
}
|
||||
|
||||
@Provides
|
||||
@Config("minimumRsaKeyLength")
|
||||
public static int provideMinimumRsaKeyLength(RegistryConfigSettings config) {
|
||||
return config.sslCertificateValidation.minimumRsaKeyLength;
|
||||
}
|
||||
}
|
||||
|
||||
/** Returns the App Engine project ID, which is based off the environment name. */
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
package google.registry.config;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/** The POJO that YAML config files are deserialized into. */
|
||||
public class RegistryConfigSettings {
|
||||
@@ -38,6 +39,7 @@ public class RegistryConfigSettings {
|
||||
public Beam beam;
|
||||
public Keyring keyring;
|
||||
public RegistryTool registryTool;
|
||||
public SslCertificateValidation sslCertificateValidation;
|
||||
|
||||
/** Configuration options that apply to the entire App Engine project. */
|
||||
public static class AppEngine {
|
||||
@@ -218,4 +220,11 @@ public class RegistryConfigSettings {
|
||||
public String clientSecret;
|
||||
public String username;
|
||||
}
|
||||
|
||||
/** Configuration for the certificate checker. */
|
||||
public static class SslCertificateValidation {
|
||||
public Map<String, Integer> maxValidityDaysSchedule;
|
||||
public int expirationWarningDays;
|
||||
public int minimumRsaKeyLength;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -446,3 +446,17 @@ registryTool:
|
||||
# OAuth client secret used by the tool.
|
||||
clientSecret: YOUR_CLIENT_SECRET
|
||||
username: toolusername
|
||||
|
||||
# Configuration options for checking SSL certificates.
|
||||
sslCertificateValidation:
|
||||
# A map specifying the maximum amount of days the certificate can be valid.
|
||||
# The entry key is the date closest before the date the certificate was issued
|
||||
# and the entry value is the applicable maximum validity days for that certificate.
|
||||
maxValidityDaysSchedule:
|
||||
"START_OF_TIME": 825
|
||||
"2020-09-01T00:00:00Z": 398
|
||||
# The number of days before a certificate expires that indicates the
|
||||
# certificate is nearing expiration and warnings should be sent.
|
||||
expirationWarningDays: 30
|
||||
# The minimum number of bits an RSA key must contain
|
||||
minimumRsaKeyLength: 2048
|
||||
|
||||
@@ -24,7 +24,6 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
|
||||
import static google.registry.util.CollectionUtils.nullToEmpty;
|
||||
import static google.registry.util.CollectionUtils.nullToEmptyImmutableCopy;
|
||||
import static google.registry.util.DateTimeUtils.END_OF_TIME;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.cache.CacheBuilder;
|
||||
@@ -387,7 +386,7 @@ public abstract class EppResource extends BackupGroupRoot implements Buildable {
|
||||
private static LoadingCache<VKey<? extends EppResource>, EppResource> createEppResourcesCache(
|
||||
Duration expiry) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(expiry.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(expiry.getMillis()))
|
||||
.maximumSize(getEppResourceMaxCachedEntries())
|
||||
.build(CACHE_LOADER);
|
||||
}
|
||||
|
||||
@@ -59,25 +59,11 @@ public class OteStats {
|
||||
|
||||
private OteStats() {}
|
||||
|
||||
private static final Predicate<EppInput> HAS_CLAIMS_NOTICE =
|
||||
eppInput -> {
|
||||
Optional<LaunchCreateExtension> launchCreate =
|
||||
eppInput.getSingleExtension(LaunchCreateExtension.class);
|
||||
return launchCreate.isPresent() && launchCreate.get().getNotice() != null;
|
||||
};
|
||||
|
||||
private static final Predicate<EppInput> HAS_SEC_DNS =
|
||||
eppInput ->
|
||||
eppInput.getSingleExtension(SecDnsCreateExtension.class).isPresent()
|
||||
|| eppInput.getSingleExtension(SecDnsUpdateExtension.class).isPresent();
|
||||
|
||||
private static final Predicate<EppInput> IS_SUNRISE =
|
||||
eppInput -> {
|
||||
Optional<LaunchCreateExtension> launchCreate =
|
||||
eppInput.getSingleExtension(LaunchCreateExtension.class);
|
||||
return launchCreate.isPresent() && !isNullOrEmpty(launchCreate.get().getSignedMarks());
|
||||
};
|
||||
|
||||
private static final Predicate<EppInput> IS_IDN =
|
||||
eppInput ->
|
||||
((DomainCommand.Create)
|
||||
@@ -94,6 +80,18 @@ public class OteStats {
|
||||
.getResourceCommand())
|
||||
.getInetAddresses());
|
||||
|
||||
private static boolean hasClaimsNotice(EppInput eppInput) {
|
||||
Optional<LaunchCreateExtension> launchCreate =
|
||||
eppInput.getSingleExtension(LaunchCreateExtension.class);
|
||||
return launchCreate.isPresent() && launchCreate.get().getNotice() != null;
|
||||
}
|
||||
|
||||
private static boolean isSunrise(EppInput eppInput) {
|
||||
Optional<LaunchCreateExtension> launchCreate =
|
||||
eppInput.getSingleExtension(LaunchCreateExtension.class);
|
||||
return launchCreate.isPresent() && !isNullOrEmpty(launchCreate.get().getSignedMarks());
|
||||
}
|
||||
|
||||
/** Enum defining the distinct statistics (types of registrar actions) to record. */
|
||||
public enum StatType {
|
||||
CONTACT_CREATES(0, equalTo(Type.CONTACT_CREATE)),
|
||||
@@ -107,8 +105,8 @@ public class OteStats {
|
||||
DOMAIN_CREATES(0, equalTo(Type.DOMAIN_CREATE)),
|
||||
DOMAIN_CREATES_ASCII(1, equalTo(Type.DOMAIN_CREATE), IS_IDN.negate()),
|
||||
DOMAIN_CREATES_IDN(1, equalTo(Type.DOMAIN_CREATE), IS_IDN),
|
||||
DOMAIN_CREATES_START_DATE_SUNRISE(1, equalTo(Type.DOMAIN_CREATE), IS_SUNRISE),
|
||||
DOMAIN_CREATES_WITH_CLAIMS_NOTICE(1, equalTo(Type.DOMAIN_CREATE), HAS_CLAIMS_NOTICE),
|
||||
DOMAIN_CREATES_START_DATE_SUNRISE(1, equalTo(Type.DOMAIN_CREATE), OteStats::isSunrise),
|
||||
DOMAIN_CREATES_WITH_CLAIMS_NOTICE(1, equalTo(Type.DOMAIN_CREATE), OteStats::hasClaimsNotice),
|
||||
DOMAIN_CREATES_WITH_FEE(
|
||||
1,
|
||||
equalTo(Type.DOMAIN_CREATE),
|
||||
|
||||
@@ -20,7 +20,6 @@ import static google.registry.config.RegistryConfig.getEppResourceMaxCachedEntri
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static google.registry.util.TypeUtils.instantiate;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.cache.CacheBuilder;
|
||||
@@ -244,7 +243,7 @@ public abstract class ForeignKeyIndex<E extends EppResource> extends BackupGroup
|
||||
private static LoadingCache<Key<ForeignKeyIndex<?>>, Optional<ForeignKeyIndex<?>>>
|
||||
createForeignKeyIndexesCache(Duration expiry) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(expiry.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(expiry.getMillis()))
|
||||
.maximumSize(getEppResourceMaxCachedEntries())
|
||||
.build(CACHE_LOADER);
|
||||
}
|
||||
|
||||
@@ -15,17 +15,32 @@
|
||||
package google.registry.model.rde;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static com.google.common.base.Verify.verify;
|
||||
import static com.google.common.base.Verify.verifyNotNull;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
import static google.registry.model.rde.RdeNamingUtils.makePartialName;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
|
||||
import com.google.common.base.VerifyException;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.googlecode.objectify.Key;
|
||||
import com.googlecode.objectify.annotation.Entity;
|
||||
import com.googlecode.objectify.annotation.Id;
|
||||
import com.googlecode.objectify.annotation.Ignore;
|
||||
import google.registry.model.BackupGroupRoot;
|
||||
import google.registry.model.ImmutableObject;
|
||||
import google.registry.model.rde.RdeRevision.RdeRevisionId;
|
||||
import google.registry.persistence.VKey;
|
||||
import google.registry.persistence.converter.LocalDateConverter;
|
||||
import google.registry.schema.replay.DatastoreEntity;
|
||||
import google.registry.schema.replay.SqlEntity;
|
||||
import java.io.Serializable;
|
||||
import java.util.Optional;
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Convert;
|
||||
import javax.persistence.EnumType;
|
||||
import javax.persistence.Enumerated;
|
||||
import javax.persistence.IdClass;
|
||||
import javax.persistence.Transient;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.LocalDate;
|
||||
|
||||
/**
|
||||
* Datastore entity for tracking RDE revisions.
|
||||
@@ -35,32 +50,67 @@ import org.joda.time.DateTime;
|
||||
* flag is included in the generated XML.
|
||||
*/
|
||||
@Entity
|
||||
public final class RdeRevision extends ImmutableObject {
|
||||
@javax.persistence.Entity
|
||||
@IdClass(RdeRevisionId.class)
|
||||
public final class RdeRevision extends BackupGroupRoot implements DatastoreEntity, SqlEntity {
|
||||
|
||||
/** String triplet of tld, date, and mode, e.g. {@code soy_2015-09-01_full}. */
|
||||
@Id
|
||||
String id;
|
||||
@Id @Transient String id;
|
||||
|
||||
@javax.persistence.Id @Ignore String tld;
|
||||
|
||||
@javax.persistence.Id @Ignore LocalDate date;
|
||||
|
||||
@javax.persistence.Id @Ignore RdeMode mode;
|
||||
|
||||
/**
|
||||
* Number of last revision successfully staged to GCS.
|
||||
*
|
||||
* <p>This values begins at zero upon object creation and thenceforth incremented transactionally.
|
||||
*/
|
||||
@Column(nullable = false)
|
||||
int revision;
|
||||
|
||||
/** Hibernate requires an empty constructor. */
|
||||
private RdeRevision() {}
|
||||
|
||||
public static RdeRevision create(
|
||||
String id, String tld, LocalDate date, RdeMode mode, int revision) {
|
||||
RdeRevision instance = new RdeRevision();
|
||||
instance.id = id;
|
||||
instance.tld = tld;
|
||||
instance.date = date;
|
||||
instance.mode = mode;
|
||||
instance.revision = revision;
|
||||
return instance;
|
||||
}
|
||||
|
||||
public int getRevision() {
|
||||
return revision;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ImmutableList<SqlEntity> toSqlEntities() {
|
||||
return ImmutableList.of(); // we don't care about RdeRevision history
|
||||
}
|
||||
|
||||
@Override
|
||||
public ImmutableList<DatastoreEntity> toDatastoreEntities() {
|
||||
return ImmutableList.of(); // we don't care about RdeRevision history
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns next revision ID to use when staging a new deposit file for the given triplet.
|
||||
*
|
||||
* @return {@code 0} for first deposit generation and {@code >0} for resends
|
||||
*/
|
||||
public static int getNextRevision(String tld, DateTime date, RdeMode mode) {
|
||||
RdeRevision object =
|
||||
ofy().load().type(RdeRevision.class).id(makePartialName(tld, date, mode)).now();
|
||||
return object == null ? 0 : object.revision + 1;
|
||||
String id = makePartialName(tld, date, mode);
|
||||
RdeRevisionId sqlKey = RdeRevisionId.create(tld, date.toLocalDate(), mode);
|
||||
Key<RdeRevision> ofyKey = Key.create(RdeRevision.class, id);
|
||||
Optional<RdeRevision> revisionOptional =
|
||||
tm().maybeLoad(VKey.create(RdeRevision.class, sqlKey, ofyKey));
|
||||
return revisionOptional.map(rdeRevision -> rdeRevision.revision + 1).orElse(0);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -76,17 +126,56 @@ public final class RdeRevision extends ImmutableObject {
|
||||
checkArgument(revision >= 0, "Negative revision: %s", revision);
|
||||
String triplet = makePartialName(tld, date, mode);
|
||||
tm().assertInTransaction();
|
||||
RdeRevision object = ofy().load().type(RdeRevision.class).id(triplet).now();
|
||||
RdeRevisionId sqlKey = RdeRevisionId.create(tld, date.toLocalDate(), mode);
|
||||
Key<RdeRevision> ofyKey = Key.create(RdeRevision.class, triplet);
|
||||
Optional<RdeRevision> revisionOptional =
|
||||
tm().maybeLoad(VKey.create(RdeRevision.class, sqlKey, ofyKey));
|
||||
if (revision == 0) {
|
||||
verify(object == null, "RdeRevision object already created: %s", object);
|
||||
revisionOptional.ifPresent(
|
||||
rdeRevision -> {
|
||||
throw new IllegalArgumentException(
|
||||
String.format(
|
||||
"RdeRevision object already created and revision 0 specified: %s",
|
||||
rdeRevision));
|
||||
});
|
||||
} else {
|
||||
verifyNotNull(object, "RDE revision object missing for %s?! revision=%s", triplet, revision);
|
||||
verify(object.revision == revision - 1,
|
||||
"RDE revision object should be at %s but was: %s", revision - 1, object);
|
||||
checkArgument(
|
||||
revisionOptional.isPresent(),
|
||||
"Couldn't find existing RDE revision %s when trying to save new revision %s",
|
||||
triplet,
|
||||
revision);
|
||||
checkArgument(
|
||||
revisionOptional.get().revision == revision - 1,
|
||||
"RDE revision object should be at revision %s but was: %s",
|
||||
revision - 1,
|
||||
revisionOptional.get());
|
||||
}
|
||||
RdeRevision object = RdeRevision.create(triplet, tld, date.toLocalDate(), mode, revision);
|
||||
tm().put(object);
|
||||
}
|
||||
|
||||
/** Class to represent the composite primary key of {@link RdeRevision} entity. */
|
||||
static class RdeRevisionId extends ImmutableObject implements Serializable {
|
||||
|
||||
String tld;
|
||||
|
||||
// Auto-conversion doesn't work for ID classes, we must specify @Column and @Convert
|
||||
@Column(columnDefinition = "date")
|
||||
@Convert(converter = LocalDateConverter.class)
|
||||
LocalDate date;
|
||||
|
||||
@Enumerated(EnumType.STRING)
|
||||
RdeMode mode;
|
||||
|
||||
/** Hibernate requires this default constructor. */
|
||||
private RdeRevisionId() {}
|
||||
|
||||
static RdeRevisionId create(String tld, LocalDate date, RdeMode mode) {
|
||||
RdeRevisionId instance = new RdeRevisionId();
|
||||
instance.tld = tld;
|
||||
instance.date = date;
|
||||
instance.mode = mode;
|
||||
return instance;
|
||||
}
|
||||
object = new RdeRevision();
|
||||
object.id = triplet;
|
||||
object.revision = revision;
|
||||
ofy().save().entity(object);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,7 +28,6 @@ import static google.registry.util.CollectionUtils.nullToEmptyImmutableCopy;
|
||||
import static google.registry.util.DateTimeUtils.END_OF_TIME;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
import static org.joda.money.CurrencyUnit.USD;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
@@ -260,7 +259,8 @@ public class Registry extends ImmutableObject implements Buildable, DatastoreAnd
|
||||
/** A cache that loads the {@link Registry} for a given tld. */
|
||||
private static final LoadingCache<String, Optional<Registry>> CACHE =
|
||||
CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(getSingletonCacheRefreshDuration().getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(
|
||||
java.time.Duration.ofMillis(getSingletonCacheRefreshDuration().getMillis()))
|
||||
.build(
|
||||
new CacheLoader<String, Optional<Registry>>() {
|
||||
@Override
|
||||
|
||||
@@ -25,7 +25,6 @@ import static google.registry.model.common.EntityGroupRoot.getCrossTldKey;
|
||||
import static google.registry.model.ofy.ObjectifyService.allocateId;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.base.Splitter;
|
||||
@@ -197,7 +196,7 @@ public final class PremiumList extends BaseDomainLabelList<Money, PremiumList.Pr
|
||||
@VisibleForTesting
|
||||
static LoadingCache<String, PremiumList> createCachePremiumLists(Duration cachePersistDuration) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(cachePersistDuration.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(cachePersistDuration.getMillis()))
|
||||
.build(
|
||||
new CacheLoader<String, PremiumList>() {
|
||||
@Override
|
||||
@@ -221,7 +220,8 @@ public final class PremiumList extends BaseDomainLabelList<Money, PremiumList.Pr
|
||||
static final LoadingCache<Key<PremiumListRevision>, PremiumListRevision>
|
||||
cachePremiumListRevisions =
|
||||
CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(getSingletonCachePersistDuration().getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(
|
||||
java.time.Duration.ofMillis(getSingletonCachePersistDuration().getMillis()))
|
||||
.build(
|
||||
new CacheLoader<Key<PremiumListRevision>, PremiumListRevision>() {
|
||||
@Override
|
||||
@@ -260,14 +260,14 @@ public final class PremiumList extends BaseDomainLabelList<Money, PremiumList.Pr
|
||||
static LoadingCache<Key<PremiumListEntry>, Optional<PremiumListEntry>>
|
||||
createCachePremiumListEntries(Duration cachePersistDuration) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(cachePersistDuration.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(cachePersistDuration.getMillis()))
|
||||
.maximumSize(getStaticPremiumListMaxCachedEntries())
|
||||
.build(
|
||||
new CacheLoader<Key<PremiumListEntry>, Optional<PremiumListEntry>>() {
|
||||
@Override
|
||||
public Optional<PremiumListEntry> load(final Key<PremiumListEntry> entryKey) {
|
||||
return tm()
|
||||
.doTransactionless(() -> Optional.ofNullable(ofy().load().key(entryKey).now()));
|
||||
return tm().doTransactionless(
|
||||
() -> Optional.ofNullable(ofy().load().key(entryKey).now()));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@@ -20,7 +20,6 @@ import static com.google.common.collect.ImmutableSet.toImmutableSet;
|
||||
import static google.registry.config.RegistryConfig.getDomainLabelListCacheDuration;
|
||||
import static google.registry.model.registry.label.ReservationType.FULLY_BLOCKED;
|
||||
import static google.registry.util.CollectionUtils.nullToEmpty;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
import static org.joda.time.DateTimeZone.UTC;
|
||||
|
||||
import com.google.common.base.Splitter;
|
||||
@@ -241,7 +240,8 @@ public final class ReservedList
|
||||
|
||||
private static LoadingCache<String, ReservedList> cache =
|
||||
CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(getDomainLabelListCacheDuration().getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(
|
||||
java.time.Duration.ofMillis(getDomainLabelListCacheDuration().getMillis()))
|
||||
.build(
|
||||
new CacheLoader<String, ReservedList>() {
|
||||
@Override
|
||||
|
||||
@@ -75,7 +75,7 @@ public class Spec11ThreatMatch extends ImmutableObject implements Buildable, Sql
|
||||
String registrarId;
|
||||
|
||||
/** Date on which the check was run, on which the domain was flagged as abusive. */
|
||||
@Column(nullable = false)
|
||||
@Column(nullable = false, columnDefinition = "date")
|
||||
LocalDate checkDate;
|
||||
|
||||
/** The domain's top-level domain. */
|
||||
|
||||
@@ -16,23 +16,25 @@ package google.registry.model.reporting;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import google.registry.persistence.transaction.JpaTransactionManager;
|
||||
import google.registry.util.DateTimeUtils;
|
||||
import javax.persistence.TemporalType;
|
||||
import org.joda.time.LocalDate;
|
||||
|
||||
/**
|
||||
* Data access object for {@link google.registry.model.reporting.Spec11ThreatMatch}.
|
||||
*
|
||||
* <p>A JpaTransactionManager is passed into each static method because they are called from a BEAM
|
||||
* pipeline and we don't know where it's coming from.</p>
|
||||
* pipeline and we don't know where it's coming from.
|
||||
*/
|
||||
public class Spec11ThreatMatchDao {
|
||||
|
||||
|
||||
/** Delete all entries with the specified date from the database. */
|
||||
public static void deleteEntriesByDate(JpaTransactionManager jpaTm, LocalDate date) {
|
||||
jpaTm.assertInTransaction();
|
||||
jpaTm
|
||||
.getEntityManager()
|
||||
.createQuery("DELETE FROM Spec11ThreatMatch WHERE check_date = :date")
|
||||
.setParameter("date", date.toString())
|
||||
.setParameter("date", DateTimeUtils.toSqlDate(date), TemporalType.DATE)
|
||||
.executeUpdate();
|
||||
}
|
||||
|
||||
|
||||
@@ -57,7 +57,6 @@ import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.concurrent.Callable;
|
||||
import javax.annotation.Nullable;
|
||||
import javax.persistence.CollectionTable;
|
||||
import javax.persistence.Column;
|
||||
@@ -146,8 +145,7 @@ public class ClaimsListShard extends ImmutableObject implements DatastoreAndSqlE
|
||||
|
||||
private static final Retrier LOADER_RETRIER = new Retrier(new SystemSleeper(), 2);
|
||||
|
||||
private static final Callable<ClaimsListShard> LOADER_CALLABLE =
|
||||
() -> {
|
||||
private static ClaimsListShard loadClaimsListShard() {
|
||||
// Find the most recent revision.
|
||||
Key<ClaimsListRevision> revisionKey = getCurrentRevision();
|
||||
|
||||
@@ -246,7 +244,9 @@ public class ClaimsListShard extends ImmutableObject implements DatastoreAndSqlE
|
||||
*/
|
||||
private static final Supplier<ClaimsListShard> CACHE =
|
||||
memoizeWithShortExpiration(
|
||||
() -> LOADER_RETRIER.callWithRetry(LOADER_CALLABLE, IllegalStateException.class));
|
||||
() ->
|
||||
LOADER_RETRIER.callWithRetry(
|
||||
ClaimsListShard::loadClaimsListShard, IllegalStateException.class));
|
||||
|
||||
/** Returns the revision id of this claims list, or throws exception if it is null. */
|
||||
public Long getRevisionId() {
|
||||
|
||||
@@ -144,16 +144,19 @@ public class DomainTransferData extends TransferData<DomainTransferData.Builder>
|
||||
rootKey, serverApproveAutorenewPollMessage, serverApproveAutorenewPollMessageHistoryId);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused") // For Hibernate.
|
||||
private void loadServerApproveBillingEventHistoryId(
|
||||
@AlsoLoad("serverApproveBillingEvent") VKey<BillingEvent.OneTime> val) {
|
||||
serverApproveBillingEventHistoryId = DomainBase.getHistoryId(val);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused") // For Hibernate.
|
||||
private void loadServerApproveAutorenewEventHistoryId(
|
||||
@AlsoLoad("serverApproveAutorenewEvent") VKey<BillingEvent.Recurring> val) {
|
||||
serverApproveAutorenewEventHistoryId = DomainBase.getHistoryId(val);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused") // For Hibernate.
|
||||
private void loadServerApproveAutorenewPollMessageHistoryId(
|
||||
@AlsoLoad("serverApproveAutorenewPollMessage") VKey<PollMessage.Autorenew> val) {
|
||||
serverApproveAutorenewPollMessageHistoryId = DomainBase.getHistoryId(val);
|
||||
|
||||
@@ -22,7 +22,6 @@ import google.registry.request.RequestHandler;
|
||||
import google.registry.util.SystemClock;
|
||||
import java.io.IOException;
|
||||
import java.security.Security;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
@@ -51,13 +50,16 @@ public class ServletBase extends HttpServlet {
|
||||
// etc), we log the error but keep the main thread running. Also the shutdown hook will only be
|
||||
// registered if metric reporter starts up correctly.
|
||||
try {
|
||||
metricReporter.get().startAsync().awaitRunning(10, TimeUnit.SECONDS);
|
||||
metricReporter.get().startAsync().awaitRunning(java.time.Duration.ofSeconds(10));
|
||||
logger.atInfo().log("Started up MetricReporter");
|
||||
LifecycleManager.getInstance()
|
||||
.setShutdownHook(
|
||||
() -> {
|
||||
try {
|
||||
metricReporter.get().stopAsync().awaitTerminated(10, TimeUnit.SECONDS);
|
||||
metricReporter
|
||||
.get()
|
||||
.stopAsync()
|
||||
.awaitTerminated(java.time.Duration.ofSeconds(10));
|
||||
logger.atInfo().log("Shut down MetricReporter");
|
||||
} catch (TimeoutException e) {
|
||||
logger.atSevere().withCause(e).log("Failed to stop MetricReporter.");
|
||||
|
||||
@@ -17,6 +17,7 @@ package google.registry.module.frontend;
|
||||
import com.google.monitoring.metrics.MetricReporter;
|
||||
import dagger.Component;
|
||||
import dagger.Lazy;
|
||||
import google.registry.config.CertificateCheckerModule;
|
||||
import google.registry.config.CredentialModule;
|
||||
import google.registry.config.RegistryConfig.ConfigModule;
|
||||
import google.registry.flows.ServerTridProviderModule;
|
||||
@@ -44,6 +45,7 @@ import javax.inject.Singleton;
|
||||
@Component(
|
||||
modules = {
|
||||
AuthModule.class,
|
||||
CertificateCheckerModule.class,
|
||||
ConfigModule.class,
|
||||
ConsoleConfigModule.class,
|
||||
CredentialModule.class,
|
||||
|
||||
@@ -14,17 +14,23 @@
|
||||
|
||||
package google.registry.persistence.converter;
|
||||
|
||||
import google.registry.util.DateTimeUtils;
|
||||
import java.sql.Date;
|
||||
import javax.persistence.AttributeConverter;
|
||||
import javax.persistence.Converter;
|
||||
import org.joda.time.LocalDate;
|
||||
import org.joda.time.format.ISODateTimeFormat;
|
||||
|
||||
/** JPA converter for {@link LocalDate}. */
|
||||
/** JPA converter for {@link LocalDate}, to/from {@link Date}. */
|
||||
@Converter(autoApply = true)
|
||||
public class LocalDateConverter extends ToStringConverterBase<LocalDate> {
|
||||
public class LocalDateConverter implements AttributeConverter<LocalDate, Date> {
|
||||
|
||||
/** Converts the string (a date in ISO-8601 format) into a LocalDate. */
|
||||
@Override
|
||||
public LocalDate convertToEntityAttribute(String columnValue) {
|
||||
return (columnValue == null) ? null : LocalDate.parse(columnValue, ISODateTimeFormat.date());
|
||||
public Date convertToDatabaseColumn(LocalDate attribute) {
|
||||
return attribute == null ? null : DateTimeUtils.toSqlDate(attribute);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LocalDate convertToEntityAttribute(Date dbData) {
|
||||
return dbData == null ? null : DateTimeUtils.toLocalDate(dbData);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,7 +18,6 @@ import static google.registry.config.RegistryConfig.getDomainLabelListCacheDurat
|
||||
import static google.registry.config.RegistryConfig.getSingletonCachePersistDuration;
|
||||
import static google.registry.config.RegistryConfig.getStaticPremiumListMaxCachedEntries;
|
||||
import static google.registry.schema.tld.PremiumListDao.getPriceForLabel;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
|
||||
import com.google.auto.value.AutoValue;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
@@ -48,7 +47,7 @@ class PremiumListCache {
|
||||
static LoadingCache<String, Optional<PremiumList>> createCachePremiumLists(
|
||||
Duration cachePersistDuration) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(cachePersistDuration.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(cachePersistDuration.getMillis()))
|
||||
.build(
|
||||
new CacheLoader<String, Optional<PremiumList>>() {
|
||||
@Override
|
||||
@@ -81,7 +80,7 @@ class PremiumListCache {
|
||||
static LoadingCache<RevisionIdAndLabel, Optional<BigDecimal>> createCachePremiumEntries(
|
||||
Duration cachePersistDuration) {
|
||||
return CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(cachePersistDuration.getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(java.time.Duration.ofMillis(cachePersistDuration.getMillis()))
|
||||
.maximumSize(getStaticPremiumListMaxCachedEntries())
|
||||
.build(
|
||||
new CacheLoader<RevisionIdAndLabel, Optional<BigDecimal>>() {
|
||||
|
||||
@@ -18,7 +18,6 @@ import static google.registry.config.RegistryConfig.ConfigModule.TmchCaMode.PILO
|
||||
import static google.registry.config.RegistryConfig.ConfigModule.TmchCaMode.PRODUCTION;
|
||||
import static google.registry.config.RegistryConfig.getSingletonCacheRefreshDuration;
|
||||
import static google.registry.util.ResourceUtils.readResourceUtf8;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
|
||||
import com.google.common.cache.CacheBuilder;
|
||||
import com.google.common.cache.CacheLoader;
|
||||
@@ -77,7 +76,8 @@ public final class TmchCertificateAuthority {
|
||||
*/
|
||||
private static final LoadingCache<TmchCaMode, X509CRL> CRL_CACHE =
|
||||
CacheBuilder.newBuilder()
|
||||
.expireAfterWrite(getSingletonCacheRefreshDuration().getMillis(), MILLISECONDS)
|
||||
.expireAfterWrite(
|
||||
java.time.Duration.ofMillis(getSingletonCacheRefreshDuration().getMillis()))
|
||||
.build(
|
||||
new CacheLoader<TmchCaMode, X509CRL>() {
|
||||
@Override
|
||||
|
||||
@@ -18,7 +18,6 @@ import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.google.common.collect.Sets.SetView;
|
||||
import java.io.File;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
/**
|
||||
* Compares two Datastore backups in V3 format on local file system. This is for use in tests and
|
||||
@@ -30,8 +29,10 @@ import java.util.function.Predicate;
|
||||
*/
|
||||
class CompareDbBackups {
|
||||
private static final String DS_V3_BACKUP_FILE_PREFIX = "output-";
|
||||
private static final Predicate<File> DATA_FILE_MATCHER =
|
||||
file -> file.isFile() && file.getName().startsWith(DS_V3_BACKUP_FILE_PREFIX);
|
||||
|
||||
private static boolean isDatastoreV3File(File file) {
|
||||
return file.isFile() && file.getName().startsWith(DS_V3_BACKUP_FILE_PREFIX);
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
if (args.length != 2) {
|
||||
@@ -40,9 +41,11 @@ class CompareDbBackups {
|
||||
}
|
||||
|
||||
ImmutableSet<EntityWrapper> entities1 =
|
||||
RecordAccumulator.readDirectory(new File(args[0]), DATA_FILE_MATCHER).getEntityWrapperSet();
|
||||
RecordAccumulator.readDirectory(new File(args[0]), CompareDbBackups::isDatastoreV3File)
|
||||
.getEntityWrapperSet();
|
||||
ImmutableSet<EntityWrapper> entities2 =
|
||||
RecordAccumulator.readDirectory(new File(args[1]), DATA_FILE_MATCHER).getEntityWrapperSet();
|
||||
RecordAccumulator.readDirectory(new File(args[1]), CompareDbBackups::isDatastoreV3File)
|
||||
.getEntityWrapperSet();
|
||||
|
||||
// Calculate the entities added and removed.
|
||||
SetView<EntityWrapper> added = Sets.difference(entities2, entities1);
|
||||
|
||||
@@ -38,6 +38,7 @@ import google.registry.tools.params.OptionalLongParameter;
|
||||
import google.registry.tools.params.OptionalPhoneNumberParameter;
|
||||
import google.registry.tools.params.OptionalStringParameter;
|
||||
import google.registry.tools.params.PathParameter;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import google.registry.util.CidrAddressBlock;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
@@ -49,6 +50,7 @@ import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import javax.annotation.Nullable;
|
||||
import javax.inject.Inject;
|
||||
import org.joda.money.CurrencyUnit;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
@@ -57,9 +59,9 @@ abstract class CreateOrUpdateRegistrarCommand extends MutatingCommand {
|
||||
|
||||
static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
@Parameter(
|
||||
description = "Client identifier of the registrar account",
|
||||
required = true)
|
||||
@Inject CertificateChecker certificateChecker;
|
||||
|
||||
@Parameter(description = "Client identifier of the registrar account", required = true)
|
||||
List<String> mainParameters;
|
||||
|
||||
@Parameter(
|
||||
@@ -356,11 +358,21 @@ abstract class CreateOrUpdateRegistrarCommand extends MutatingCommand {
|
||||
}
|
||||
if (clientCertificateFilename != null) {
|
||||
String asciiCert = new String(Files.readAllBytes(clientCertificateFilename), US_ASCII);
|
||||
// An empty certificate file is allowed in order to provide a functionality for removing an
|
||||
// existing certificate without providing a replacement. An uploaded empty certificate file
|
||||
// will prevent the registrar from being able to establish EPP connections.
|
||||
if (!asciiCert.equals("")) {
|
||||
certificateChecker.validateCertificate(asciiCert);
|
||||
}
|
||||
builder.setClientCertificate(asciiCert, now);
|
||||
}
|
||||
|
||||
if (failoverClientCertificateFilename != null) {
|
||||
String asciiCert =
|
||||
new String(Files.readAllBytes(failoverClientCertificateFilename), US_ASCII);
|
||||
if (!asciiCert.equals("")) {
|
||||
certificateChecker.validateCertificate(asciiCert);
|
||||
}
|
||||
builder.setFailoverClientCertificate(asciiCert, now);
|
||||
}
|
||||
if (!isNullOrEmpty(clientCertificateHash)) {
|
||||
|
||||
@@ -20,6 +20,7 @@ import dagger.Lazy;
|
||||
import google.registry.batch.BatchModule;
|
||||
import google.registry.beam.initsql.BeamJpaModule;
|
||||
import google.registry.bigquery.BigqueryModule;
|
||||
import google.registry.config.CertificateCheckerModule;
|
||||
import google.registry.config.CredentialModule.LocalCredentialJson;
|
||||
import google.registry.config.RegistryConfig.Config;
|
||||
import google.registry.config.RegistryConfig.ConfigModule;
|
||||
@@ -60,6 +61,7 @@ import javax.inject.Singleton;
|
||||
BatchModule.class,
|
||||
BeamJpaModule.class,
|
||||
BigqueryModule.class,
|
||||
CertificateCheckerModule.class,
|
||||
ConfigModule.class,
|
||||
CloudDnsWriterModule.class,
|
||||
DatastoreAdminModule.class,
|
||||
@@ -83,42 +85,83 @@ import javax.inject.Singleton;
|
||||
})
|
||||
interface RegistryToolComponent {
|
||||
void inject(AckPollMessagesCommand command);
|
||||
|
||||
void inject(CheckDomainClaimsCommand command);
|
||||
|
||||
void inject(CheckDomainCommand command);
|
||||
|
||||
void inject(CountDomainsCommand command);
|
||||
|
||||
void inject(CreateAnchorTenantCommand command);
|
||||
|
||||
void inject(CreateCdnsTld command);
|
||||
|
||||
void inject(CreateContactCommand command);
|
||||
|
||||
void inject(CreateDomainCommand command);
|
||||
|
||||
void inject(CreateRegistrarCommand command);
|
||||
|
||||
void inject(CreateTldCommand command);
|
||||
|
||||
void inject(DeployInvoicingPipelineCommand command);
|
||||
|
||||
void inject(DeploySpec11PipelineCommand command);
|
||||
|
||||
void inject(EncryptEscrowDepositCommand command);
|
||||
|
||||
void inject(GenerateAllocationTokensCommand command);
|
||||
|
||||
void inject(GenerateDnsReportCommand command);
|
||||
|
||||
void inject(GenerateEscrowDepositCommand command);
|
||||
|
||||
void inject(GetKeyringSecretCommand command);
|
||||
|
||||
void inject(GetOperationStatusCommand command);
|
||||
|
||||
void inject(GhostrydeCommand command);
|
||||
|
||||
void inject(ImportDatastoreCommand command);
|
||||
|
||||
void inject(ListCursorsCommand command);
|
||||
|
||||
void inject(ListDatastoreOperationsCommand command);
|
||||
|
||||
void inject(LoadSnapshotCommand command);
|
||||
|
||||
void inject(LockDomainCommand command);
|
||||
|
||||
void inject(LoginCommand command);
|
||||
|
||||
void inject(LogoutCommand command);
|
||||
|
||||
void inject(PendingEscrowCommand command);
|
||||
|
||||
void inject(RenewDomainCommand command);
|
||||
|
||||
void inject(SendEscrowReportToIcannCommand command);
|
||||
|
||||
void inject(SetNumInstancesCommand command);
|
||||
|
||||
void inject(SetupOteCommand command);
|
||||
|
||||
void inject(UnlockDomainCommand command);
|
||||
|
||||
void inject(UnrenewDomainCommand command);
|
||||
|
||||
void inject(UpdateCursorsCommand command);
|
||||
|
||||
void inject(UpdateDomainCommand command);
|
||||
|
||||
void inject(UpdateKmsKeyringCommand command);
|
||||
|
||||
void inject(UpdateRegistrarCommand command);
|
||||
|
||||
void inject(UpdateTldCommand command);
|
||||
|
||||
void inject(ValidateEscrowDepositCommand command);
|
||||
|
||||
void inject(WhoisQueryCommand command);
|
||||
|
||||
AppEngineConnection appEngineConnection();
|
||||
|
||||
+40
-14
@@ -56,6 +56,7 @@ import google.registry.ui.forms.FormFieldException;
|
||||
import google.registry.ui.server.RegistrarFormFields;
|
||||
import google.registry.ui.server.SendEmailUtils;
|
||||
import google.registry.util.AppEngineServiceUtils;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import google.registry.util.CollectionUtils;
|
||||
import google.registry.util.DiffUtils;
|
||||
import java.util.HashSet;
|
||||
@@ -64,7 +65,6 @@ import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.function.Predicate;
|
||||
import javax.inject.Inject;
|
||||
import org.joda.time.DateTime;
|
||||
|
||||
@@ -93,11 +93,13 @@ public class RegistrarSettingsAction implements Runnable, JsonActionRunner.JsonA
|
||||
@Inject SendEmailUtils sendEmailUtils;
|
||||
@Inject AuthenticatedRegistrarAccessor registrarAccessor;
|
||||
@Inject AuthResult authResult;
|
||||
@Inject CertificateChecker certificateChecker;
|
||||
|
||||
@Inject RegistrarSettingsAction() {}
|
||||
|
||||
private static final Predicate<RegistrarContact> HAS_PHONE =
|
||||
contact -> contact.getPhoneNumber() != null;
|
||||
private static boolean hasPhone(RegistrarContact contact) {
|
||||
return contact.getPhoneNumber() != null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
@@ -306,19 +308,43 @@ public class RegistrarSettingsAction implements Runnable, JsonActionRunner.JsonA
|
||||
RegistrarFormFields.IP_ADDRESS_ALLOW_LIST_FIELD
|
||||
.extractUntyped(args)
|
||||
.orElse(ImmutableList.of()));
|
||||
RegistrarFormFields.CLIENT_CERTIFICATE_FIELD
|
||||
.extractUntyped(args)
|
||||
.ifPresent(
|
||||
certificate -> builder.setClientCertificate(certificate, tm().getTransactionTime()));
|
||||
RegistrarFormFields.FAILOVER_CLIENT_CERTIFICATE_FIELD
|
||||
.extractUntyped(args)
|
||||
.ifPresent(
|
||||
certificate ->
|
||||
builder.setFailoverClientCertificate(certificate, tm().getTransactionTime()));
|
||||
|
||||
Optional<String> certificateString =
|
||||
RegistrarFormFields.CLIENT_CERTIFICATE_FIELD.extractUntyped(args);
|
||||
if (certificateString.isPresent()) {
|
||||
if (validateCertificate(initialRegistrar.getClientCertificate(), certificateString.get())) {
|
||||
builder.setClientCertificate(certificateString.get(), tm().getTransactionTime());
|
||||
}
|
||||
}
|
||||
|
||||
Optional<String> failoverCertificateString =
|
||||
RegistrarFormFields.FAILOVER_CLIENT_CERTIFICATE_FIELD.extractUntyped(args);
|
||||
if (failoverCertificateString.isPresent()) {
|
||||
if (validateCertificate(
|
||||
initialRegistrar.getFailoverClientCertificate(), failoverCertificateString.get())) {
|
||||
builder.setFailoverClientCertificate(
|
||||
failoverCertificateString.get(), tm().getTransactionTime());
|
||||
}
|
||||
}
|
||||
|
||||
return checkNotChangedUnlessAllowed(builder, initialRegistrar, Role.OWNER);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if the registrar should accept the new certificate. Returns false if the
|
||||
* certificate is already the one stored for the registrar.
|
||||
*/
|
||||
private boolean validateCertificate(String existingCertificate, String certificateString) {
|
||||
if ((existingCertificate == null) || !existingCertificate.equals(certificateString)) {
|
||||
// TODO(sarhabot): remove this check after November 1, 2020
|
||||
if (tm().getTransactionTime().isAfter(DateTime.parse("2020-11-01T00:00:00Z"))) {
|
||||
certificateChecker.validateCertificate(certificateString);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates a registrar with the ADMIN-controlled args from the http request.
|
||||
*
|
||||
@@ -512,8 +538,8 @@ public class RegistrarSettingsAction implements Runnable, JsonActionRunner.JsonA
|
||||
Multimap<Type, RegistrarContact> newContactsByType,
|
||||
Type... types) {
|
||||
for (Type type : types) {
|
||||
if (oldContactsByType.get(type).stream().anyMatch(HAS_PHONE)
|
||||
&& newContactsByType.get(type).stream().noneMatch(HAS_PHONE)) {
|
||||
if (oldContactsByType.get(type).stream().anyMatch(RegistrarSettingsAction::hasPhone)
|
||||
&& newContactsByType.get(type).stream().noneMatch(RegistrarSettingsAction::hasPhone)) {
|
||||
throw new ContactRequirementException(
|
||||
String.format(
|
||||
"Please provide a phone number for at least one %s contact",
|
||||
|
||||
@@ -53,6 +53,7 @@
|
||||
<class>google.registry.model.poll.PollMessage</class>
|
||||
<class>google.registry.model.poll.PollMessage$OneTime</class>
|
||||
<class>google.registry.model.poll.PollMessage$Autorenew</class>
|
||||
<class>google.registry.model.rde.RdeRevision</class>
|
||||
<class>google.registry.model.registrar.Registrar</class>
|
||||
<class>google.registry.model.registrar.RegistrarContact</class>
|
||||
<class>google.registry.model.registry.label.PremiumList</class>
|
||||
|
||||
@@ -143,6 +143,7 @@ public class TestPipelineExtension extends Pipeline
|
||||
// Null until the pipeline has been run
|
||||
@Nullable private List<TransformHierarchy.Node> runVisitedNodes;
|
||||
|
||||
@SuppressWarnings("UnnecessaryLambda") // Stay true to the original class.
|
||||
private final Predicate<Node> isPAssertNode =
|
||||
node ->
|
||||
node.getTransform() instanceof PAssert.GroupThenAssert
|
||||
|
||||
@@ -27,7 +27,6 @@ import static google.registry.testing.DatastoreHelper.persistActiveContact;
|
||||
import static google.registry.util.DateTimeUtils.END_OF_TIME;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
@@ -225,7 +224,7 @@ public class OfyTest {
|
||||
if (firstAttemptTime == null) {
|
||||
// Sleep a bit to ensure that the next attempt is at a new millisecond.
|
||||
firstAttemptTime = tm().getTransactionTime();
|
||||
sleepUninterruptibly(10, MILLISECONDS);
|
||||
sleepUninterruptibly(java.time.Duration.ofMillis(10));
|
||||
throw new ConcurrentModificationException();
|
||||
}
|
||||
assertThat(tm().getTransactionTime()).isGreaterThan(firstAttemptTime);
|
||||
|
||||
@@ -15,118 +15,116 @@
|
||||
package google.registry.model.rde;
|
||||
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
import static google.registry.model.rde.RdeMode.FULL;
|
||||
import static google.registry.model.rde.RdeRevision.getNextRevision;
|
||||
import static google.registry.model.rde.RdeRevision.saveRevision;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import com.google.common.base.VerifyException;
|
||||
import google.registry.testing.AppEngineExtension;
|
||||
import google.registry.model.EntityTestCase;
|
||||
import google.registry.testing.DualDatabaseTest;
|
||||
import org.joda.time.DateTime;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.RegisterExtension;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.TestTemplate;
|
||||
|
||||
/** Unit tests for {@link RdeRevision}. */
|
||||
public class RdeRevisionTest {
|
||||
@DualDatabaseTest
|
||||
public class RdeRevisionTest extends EntityTestCase {
|
||||
|
||||
@RegisterExtension
|
||||
final AppEngineExtension appEngine =
|
||||
AppEngineExtension.builder().withDatastoreAndCloudSql().build();
|
||||
public RdeRevisionTest() {
|
||||
super(JpaEntityCoverageCheck.ENABLED);
|
||||
}
|
||||
|
||||
@Test
|
||||
@BeforeEach
|
||||
void beforeEach() {
|
||||
fakeClock.setTo(DateTime.parse("1984-12-18TZ"));
|
||||
}
|
||||
|
||||
@TestTemplate
|
||||
void testGetNextRevision_objectDoesntExist_returnsZero() {
|
||||
assertThat(getNextRevision("torment", DateTime.parse("1984-12-18TZ"), FULL)).isEqualTo(0);
|
||||
tm().transact(
|
||||
() -> assertThat(getNextRevision("torment", fakeClock.nowUtc(), FULL)).isEqualTo(0));
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testGetNextRevision_objectExistsAtZero_returnsOne() {
|
||||
save("sorrow", DateTime.parse("1984-12-18TZ"), FULL, 0);
|
||||
assertThat(getNextRevision("sorrow", DateTime.parse("1984-12-18TZ"), FULL)).isEqualTo(1);
|
||||
save("sorrow", fakeClock.nowUtc(), FULL, 0);
|
||||
tm().transact(
|
||||
() -> assertThat(getNextRevision("sorrow", fakeClock.nowUtc(), FULL)).isEqualTo(1));
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_objectDoesntExist_newRevisionIsZero_nextRevIsOne() {
|
||||
tm().transact(() -> saveRevision("despondency", DateTime.parse("1984-12-18TZ"), FULL, 0));
|
||||
tm().transact(() -> saveRevision("despondency", fakeClock.nowUtc(), FULL, 0));
|
||||
tm().transact(
|
||||
() ->
|
||||
assertThat(getNextRevision("despondency", DateTime.parse("1984-12-18TZ"), FULL))
|
||||
.isEqualTo(1));
|
||||
assertThat(getNextRevision("despondency", fakeClock.nowUtc(), FULL)).isEqualTo(1));
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_objectDoesntExist_newRevisionIsOne_throwsVe() {
|
||||
VerifyException thrown =
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
VerifyException.class,
|
||||
() ->
|
||||
tm().transact(
|
||||
() ->
|
||||
saveRevision("despondency", DateTime.parse("1984-12-18TZ"), FULL, 1)));
|
||||
assertThat(thrown).hasMessageThat().contains("object missing");
|
||||
IllegalArgumentException.class,
|
||||
() -> tm().transact(() -> saveRevision("despondency", fakeClock.nowUtc(), FULL, 1)));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.isEqualTo(
|
||||
"Couldn't find existing RDE revision despondency_1984-12-18_full "
|
||||
+ "when trying to save new revision 1");
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_objectExistsAtZero_newRevisionIsZero_throwsVe() {
|
||||
save("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 0);
|
||||
VerifyException thrown =
|
||||
save("melancholy", fakeClock.nowUtc(), FULL, 0);
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
VerifyException.class,
|
||||
() ->
|
||||
tm().transact(
|
||||
() -> saveRevision("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 0)));
|
||||
IllegalArgumentException.class,
|
||||
() -> tm().transact(() -> saveRevision("melancholy", fakeClock.nowUtc(), FULL, 0)));
|
||||
assertThat(thrown).hasMessageThat().contains("object already created");
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_objectExistsAtZero_newRevisionIsOne_nextRevIsTwo() {
|
||||
save("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 0);
|
||||
tm().transact(() -> saveRevision("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 1));
|
||||
tm().transact(
|
||||
() ->
|
||||
assertThat(getNextRevision("melancholy", DateTime.parse("1984-12-18TZ"), FULL))
|
||||
.isEqualTo(2));
|
||||
DateTime startOfDay = fakeClock.nowUtc().withTimeAtStartOfDay();
|
||||
save("melancholy", startOfDay, FULL, 0);
|
||||
fakeClock.advanceOneMilli();
|
||||
tm().transact(() -> saveRevision("melancholy", startOfDay, FULL, 1));
|
||||
tm().transact(() -> assertThat(getNextRevision("melancholy", startOfDay, FULL)).isEqualTo(2));
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_objectExistsAtZero_newRevisionIsTwo_throwsVe() {
|
||||
save("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 0);
|
||||
VerifyException thrown =
|
||||
save("melancholy", fakeClock.nowUtc(), FULL, 0);
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
VerifyException.class,
|
||||
() ->
|
||||
tm().transact(
|
||||
() -> saveRevision("melancholy", DateTime.parse("1984-12-18TZ"), FULL, 2)));
|
||||
assertThat(thrown).hasMessageThat().contains("should be at 1 ");
|
||||
IllegalArgumentException.class,
|
||||
() -> tm().transact(() -> saveRevision("melancholy", fakeClock.nowUtc(), FULL, 2)));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains("RDE revision object should be at revision 1 but was");
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_negativeRevision_throwsIae() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
tm().transact(
|
||||
() ->
|
||||
saveRevision("melancholy", DateTime.parse("1984-12-18TZ"), FULL, -1)));
|
||||
() -> tm().transact(() -> saveRevision("melancholy", fakeClock.nowUtc(), FULL, -1)));
|
||||
assertThat(thrown).hasMessageThat().contains("Negative revision");
|
||||
}
|
||||
|
||||
@Test
|
||||
@TestTemplate
|
||||
void testSaveRevision_callerNotInTransaction_throwsIse() {
|
||||
IllegalStateException thrown =
|
||||
assertThrows(
|
||||
IllegalStateException.class,
|
||||
() -> saveRevision("frenzy", DateTime.parse("1984-12-18TZ"), FULL, 1));
|
||||
IllegalStateException.class, () -> saveRevision("frenzy", fakeClock.nowUtc(), FULL, 1));
|
||||
assertThat(thrown).hasMessageThat().contains("transaction");
|
||||
}
|
||||
|
||||
public static void save(String tld, DateTime date, RdeMode mode, int revision) {
|
||||
String triplet = RdeNamingUtils.makePartialName(tld, date, mode);
|
||||
RdeRevision object = new RdeRevision();
|
||||
object.id = triplet;
|
||||
object.revision = revision;
|
||||
ofy().saveWithoutBackup().entity(object).now();
|
||||
RdeRevision object = RdeRevision.create(triplet, tld, date.toLocalDate(), mode, revision);
|
||||
tm().transact(() -> tm().put(object));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -92,15 +92,13 @@ public class Spec11ThreatMatchDaoTest extends EntityTestCase {
|
||||
}
|
||||
|
||||
private Spec11ThreatMatch createThreatMatch(String domainName, LocalDate date) {
|
||||
Spec11ThreatMatch threatMatch =
|
||||
new Spec11ThreatMatch()
|
||||
.asBuilder()
|
||||
.setThreatTypes(ImmutableSet.of(ThreatType.MALWARE))
|
||||
.setCheckDate(date)
|
||||
.setDomainName(domainName)
|
||||
.setRegistrarId("Example Registrar")
|
||||
.setDomainRepoId("1-COM")
|
||||
.build();
|
||||
return threatMatch;
|
||||
return new Spec11ThreatMatch()
|
||||
.asBuilder()
|
||||
.setThreatTypes(ImmutableSet.of(ThreatType.MALWARE))
|
||||
.setCheckDate(date)
|
||||
.setDomainName(domainName)
|
||||
.setRegistrarId("Example Registrar")
|
||||
.setDomainRepoId("1-COM")
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,6 +24,7 @@ import google.registry.model.history.ContactHistoryTest;
|
||||
import google.registry.model.history.DomainHistoryTest;
|
||||
import google.registry.model.history.HostHistoryTest;
|
||||
import google.registry.model.poll.PollMessageTest;
|
||||
import google.registry.model.rde.RdeRevisionTest;
|
||||
import google.registry.model.registry.RegistryLockDaoTest;
|
||||
import google.registry.model.registry.RegistryTest;
|
||||
import google.registry.model.registry.label.ReservedListSqlDaoTest;
|
||||
@@ -86,6 +87,7 @@ import org.junit.runner.RunWith;
|
||||
LockDaoTest.class,
|
||||
PollMessageTest.class,
|
||||
PremiumListDaoTest.class,
|
||||
RdeRevisionTest.class,
|
||||
RegistrarDaoTest.class,
|
||||
RegistryTest.class,
|
||||
ReservedListSqlDaoTest.class,
|
||||
|
||||
@@ -88,5 +88,40 @@ public final class CertificateSamples {
|
||||
*/
|
||||
public static final String SAMPLE_CERT2_HASH = "GNd6ZP8/n91t9UTnpxR8aH7aAW4+CpvufYx9ViGbcMY";
|
||||
|
||||
/*
|
||||
* openssl req -new -nodes -x509 -days 200 -newkey rsa:2048 -keyout client1.key -out client1.crt
|
||||
* -subj "/C=US/ST=New York/L=New York/O=Google/OU=domain-registry-test/CN=client1"
|
||||
*/
|
||||
public static final String SAMPLE_CERT3 =
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
+ "MIIDyzCCArOgAwIBAgIUJnhiVrxAxgwkLJzHPm1w/lBoNs4wDQYJKoZIhvcNAQEL\n"
|
||||
+ "BQAwdTELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhO\n"
|
||||
+ "ZXcgWW9yazEPMA0GA1UECgwGR29vZ2xlMR0wGwYDVQQLDBRkb21haW4tcmVnaXN0\n"
|
||||
+ "cnktdGVzdDEQMA4GA1UEAwwHY2xpZW50MTAeFw0yMDEwMTIxNzU5NDFaFw0yMTA0\n"
|
||||
+ "MzAxNzU5NDFaMHUxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8G\n"
|
||||
+ "A1UEBwwITmV3IFlvcmsxDzANBgNVBAoMBkdvb2dsZTEdMBsGA1UECwwUZG9tYWlu\n"
|
||||
+ "LXJlZ2lzdHJ5LXRlc3QxEDAOBgNVBAMMB2NsaWVudDEwggEiMA0GCSqGSIb3DQEB\n"
|
||||
+ "AQUAA4IBDwAwggEKAoIBAQC0msirO7kXyGEC93stsNYGc02Z77Q2qfHFwaGYkUG8\n"
|
||||
+ "QvOF5SWN+jwTo5Td6Jj26A26a8MLCtK45TCBuMRNcUsHhajhT19ocphO20iY3zhi\n"
|
||||
+ "ycwV1id0iwME4kPd1m57BELRE9tUPOxF81/JQXdR1fwT5KRVHYRDWZhaZ5aBmlZY\n"
|
||||
+ "3t/H9Ly0RBYyApkMaGs3nlb94OOug6SouUfRt02S59ja3wsE2SVF/Eui647OXP7O\n"
|
||||
+ "QdYXofxuqLoNkE8EnAdl43/enGLiCIVd0G2lABibFF+gbxTtfgbg7YtfUZJdL+Mb\n"
|
||||
+ "RAcAtuLXEamNQ9H63JgVF16PlQVCDz2XyI3uCfPpDDiBAgMBAAGjUzBRMB0GA1Ud\n"
|
||||
+ "DgQWBBQ26bWk8qfEBjXs/xZ4m8JZyalnITAfBgNVHSMEGDAWgBQ26bWk8qfEBjXs\n"
|
||||
+ "/xZ4m8JZyalnITAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAZ\n"
|
||||
+ "VcsgslBKanKOieJ5ik2d9qzOMXKfBuWPRFWbkC3t9i5awhHqnGAaj6nICnnMZIyt\n"
|
||||
+ "rdx5lZW5aaQyf0EP/90JAA8Xmty4A6MXmEjQAMiCOpP3A7eeS6Xglgi8IOZl4/bg\n"
|
||||
+ "LonW62TUkilo5IiFt/QklFTeHIjXB+OvA8+2Quqyd+zp7v6KnhXjvaomim78DhwE\n"
|
||||
+ "0PIUnjmiRpGpHfTVioTdfhPHZ2Y93Y8K7juL93sQog9aBu5m9XRJCY6wGyWPE83i\n"
|
||||
+ "kmLfGzjcnaJ6kqCd9xQRFZ0JwHmGlkAQvFoeengbNUqSyjyVgsOoNkEsrWwe/JFO\n"
|
||||
+ "iqBvjEhJlvRoefvkdR98\n"
|
||||
+ "-----END CERTIFICATE-----\n";
|
||||
|
||||
/*
|
||||
* python -c "import sys;print sys.argv[1].decode('hex').encode('base64').strip('\n=')" $(openssl
|
||||
* x509 -fingerprint -sha256 -in client1.crt | grep -Po '(?<=Fingerprint=).*' | sed s/://g)
|
||||
*/
|
||||
public static final String SAMPLE_CERT3_HASH = "GM2tYFuzdpDXN0lqpUXlsvrqk8OdMayryV+4/DOFZ0M";
|
||||
|
||||
private CertificateSamples() {}
|
||||
}
|
||||
|
||||
@@ -93,7 +93,7 @@ public class TestSftpServer implements FtpServer {
|
||||
try (PEMParser pemParser = new PEMParser(new StringReader(key))) {
|
||||
PEMKeyPair pemPair = (PEMKeyPair) pemParser.readObject();
|
||||
KeyPair result = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemPair);
|
||||
logger.atInfo().log("Read key pair %s", result);
|
||||
logger.atInfo().log("Read key pair successfully.");
|
||||
return result;
|
||||
} catch (IOException e) {
|
||||
logger.atSevere().withCause(e).log("Couldn't read key pair from string.");
|
||||
|
||||
@@ -175,7 +175,12 @@ public abstract class CommandTestCase<C extends Command> {
|
||||
|
||||
/** Returns a path to a known good certificate file. */
|
||||
String getCertFilename() throws IOException {
|
||||
return writeToNamedTmpFile("cert.pem", CertificateSamples.SAMPLE_CERT);
|
||||
return getCertFilename(CertificateSamples.SAMPLE_CERT);
|
||||
}
|
||||
|
||||
/** Returns a path to a specified certificate file. */
|
||||
String getCertFilename(String certificateFile) throws IOException {
|
||||
return writeToNamedTmpFile("cert.pem", certificateFile);
|
||||
}
|
||||
|
||||
/** Reloads the given resource from Datastore. */
|
||||
|
||||
@@ -19,9 +19,12 @@ import static com.google.common.truth.Truth8.assertThat;
|
||||
import static google.registry.model.ofy.ObjectifyService.ofy;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.jpaTm;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3_HASH;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT_HASH;
|
||||
import static google.registry.testing.DatastoreHelper.createTlds;
|
||||
import static google.registry.testing.DatastoreHelper.persistNewRegistrar;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static org.joda.time.DateTimeZone.UTC;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
@@ -31,10 +34,11 @@ import static org.mockito.Mockito.when;
|
||||
|
||||
import com.beust.jcommander.ParameterException;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import com.google.common.collect.Range;
|
||||
import com.google.common.net.MediaType;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.testing.CertificateSamples;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import java.io.IOException;
|
||||
import java.util.Optional;
|
||||
import org.joda.money.CurrencyUnit;
|
||||
@@ -52,6 +56,12 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
@BeforeEach
|
||||
void beforeEach() {
|
||||
command.setConnection(connection);
|
||||
command.certificateChecker =
|
||||
new CertificateChecker(
|
||||
ImmutableSortedMap.of(START_OF_TIME, 825, DateTime.parse("2020-09-01T00:00:00Z"), 398),
|
||||
30,
|
||||
2048,
|
||||
fakeClock);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -354,12 +364,13 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
|
||||
@Test
|
||||
void testSuccess_clientCertFileFlag() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--cert_file=" + getCertFilename(),
|
||||
"--cert_file=" + getCertFilename(SAMPLE_CERT3),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
@@ -371,8 +382,67 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
|
||||
Optional<Registrar> registrar = Registrar.loadByClientId("clientz");
|
||||
assertThat(registrar).isPresent();
|
||||
assertThat(registrar.get().getClientCertificateHash())
|
||||
.isEqualTo(CertificateSamples.SAMPLE_CERT_HASH);
|
||||
assertThat(registrar.get().getClientCertificateHash()).isEqualTo(SAMPLE_CERT3_HASH);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_clientCertFileFlagWithViolation() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-10-01T00:00:00Z"));
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--cert_file=" + getCertFilename(SAMPLE_CERT),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
Optional<Registrar> registrar = Registrar.loadByClientId("clientz");
|
||||
assertThat(registrar).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_clientCertFileFlagWithMultipleViolations() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2055-10-01T00:00:00Z"));
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--cert_file=" + getCertFilename(SAMPLE_CERT),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
Optional<Registrar> registrar = Registrar.loadByClientId("clientz");
|
||||
assertThat(registrar).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -400,12 +470,13 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
|
||||
@Test
|
||||
void testSuccess_failoverClientCertFileFlag() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--failover_cert_file=" + getCertFilename(),
|
||||
"--failover_cert_file=" + getCertFilename(SAMPLE_CERT3),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
@@ -420,8 +491,68 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
Registrar registrar = registrarOptional.get();
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
assertThat(registrar.getClientCertificateHash()).isNull();
|
||||
assertThat(registrar.getFailoverClientCertificate()).isEqualTo(SAMPLE_CERT);
|
||||
assertThat(registrar.getFailoverClientCertificateHash()).isEqualTo(SAMPLE_CERT_HASH);
|
||||
assertThat(registrar.getFailoverClientCertificate()).isEqualTo(SAMPLE_CERT3);
|
||||
assertThat(registrar.getFailoverClientCertificateHash()).isEqualTo(SAMPLE_CERT3_HASH);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_failoverClientCertFileFlagWithViolations() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--failover_cert_file=" + getCertFilename(SAMPLE_CERT),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
Optional<Registrar> registrar = Registrar.loadByClientId("clientz");
|
||||
assertThat(registrar).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_failoverClientCertFileFlagWithMultipleViolations() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2055-11-01T00:00:00Z"));
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--failover_cert_file=" + getCertFilename(SAMPLE_CERT),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
Optional<Registrar> registrar = Registrar.loadByClientId("clientz");
|
||||
assertThat(registrar).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -1049,48 +1180,6 @@ class CreateRegistrarCommandTest extends CommandTestCase<CreateRegistrarCommand>
|
||||
"clientz"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFailure_invalidCertFileContents() {
|
||||
assertThrows(
|
||||
Exception.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--cert_file=" + writeToTmpFile("ABCDEF"),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFailure_invalidFailoverCertFileContents() {
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommandForced(
|
||||
"--name=blobio",
|
||||
"--password=some_password",
|
||||
"--registrar_type=REAL",
|
||||
"--iana_id=8",
|
||||
"--failover_cert_file=" + writeToTmpFile("ABCDEF"),
|
||||
"--passcode=01234",
|
||||
"--icann_referral_email=foo@bar.test",
|
||||
"--street=\"123 Fake St\"",
|
||||
"--city Fakington",
|
||||
"--state MA",
|
||||
"--zip 00351",
|
||||
"--cc US",
|
||||
"clientz"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFailure_certHashAndCertFile() {
|
||||
assertThrows(
|
||||
|
||||
@@ -19,10 +19,13 @@ import static com.google.common.truth.Truth.assertThat;
|
||||
import static com.google.common.truth.Truth8.assertThat;
|
||||
import static google.registry.persistence.transaction.TransactionManagerFactory.jpaTm;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3_HASH;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT_HASH;
|
||||
import static google.registry.testing.DatastoreHelper.createTlds;
|
||||
import static google.registry.testing.DatastoreHelper.loadRegistrar;
|
||||
import static google.registry.testing.DatastoreHelper.persistResource;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static org.joda.time.DateTimeZone.UTC;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
@@ -30,20 +33,33 @@ import com.beust.jcommander.ParameterException;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import google.registry.model.registrar.Registrar.State;
|
||||
import google.registry.model.registrar.Registrar.Type;
|
||||
import google.registry.persistence.VKey;
|
||||
import google.registry.testing.AppEngineExtension;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import google.registry.util.CidrAddressBlock;
|
||||
import java.util.Optional;
|
||||
import org.joda.money.CurrencyUnit;
|
||||
import org.joda.time.DateTime;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
/** Unit tests for {@link UpdateRegistrarCommand}. */
|
||||
class UpdateRegistrarCommandTest extends CommandTestCase<UpdateRegistrarCommand> {
|
||||
|
||||
@BeforeEach
|
||||
void beforeEach() {
|
||||
command.certificateChecker =
|
||||
new CertificateChecker(
|
||||
ImmutableSortedMap.of(START_OF_TIME, 825, DateTime.parse("2020-09-01T00:00:00Z"), 398),
|
||||
30,
|
||||
2048,
|
||||
fakeClock);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testSuccess_alsoUpdateInCloudSql() throws Exception {
|
||||
assertThat(loadRegistrar("NewRegistrar").verifyPassword("some_password")).isFalse();
|
||||
@@ -232,15 +248,94 @@ class UpdateRegistrarCommandTest extends CommandTestCase<UpdateRegistrarCommand>
|
||||
|
||||
@Test
|
||||
void testSuccess_certFile() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
assertThat(registrar.getClientCertificateHash()).isNull();
|
||||
runCommand("--cert_file=" + getCertFilename(), "--force", "NewRegistrar");
|
||||
runCommand("--cert_file=" + getCertFilename(SAMPLE_CERT3), "--force", "NewRegistrar");
|
||||
registrar = loadRegistrar("NewRegistrar");
|
||||
// NB: Hash was computed manually using 'openssl x509 -fingerprint -sha256 -in ...' and then
|
||||
// converting the result from a hex string to non-padded base64 encoded string.
|
||||
assertThat(registrar.getClientCertificate()).isEqualTo(SAMPLE_CERT);
|
||||
assertThat(registrar.getClientCertificateHash()).isEqualTo(SAMPLE_CERT_HASH);
|
||||
assertThat(registrar.getClientCertificate()).isEqualTo(SAMPLE_CERT3);
|
||||
assertThat(registrar.getClientCertificateHash()).isEqualTo(SAMPLE_CERT3_HASH);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_certFileWithViolation() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
assertThat(registrar.getClientCertificateHash()).isNull();
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> runCommand("--cert_file=" + getCertFilename(), "--force", "NewRegistrar"));
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_certFileWithMultipleViolations() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2055-10-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
assertThat(registrar.getClientCertificateHash()).isNull();
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> runCommand("--cert_file=" + getCertFilename(), "--force", "NewRegistrar"));
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertThat(registrar.getClientCertificate()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_failoverCertFileWithViolation() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommand("--failover_cert_file=" + getCertFilename(), "--force", "NewRegistrar"));
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testFail_failoverCertFileWithMultipleViolations() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2055-10-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommand("--failover_cert_file=" + getCertFilename(), "--force", "NewRegistrar"));
|
||||
assertThat(thrown.getMessage())
|
||||
.isEqualTo(
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testSuccess_failoverCertFile() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Registrar registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
runCommand("--failover_cert_file=" + getCertFilename(SAMPLE_CERT3), "--force", "NewRegistrar");
|
||||
registrar = loadRegistrar("NewRegistrar");
|
||||
assertThat(registrar.getFailoverClientCertificate()).isEqualTo(SAMPLE_CERT3);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -672,7 +767,7 @@ class UpdateRegistrarCommandTest extends CommandTestCase<UpdateRegistrarCommand>
|
||||
IllegalArgumentException.class,
|
||||
() ->
|
||||
runCommand(
|
||||
"--cert_file=" + getCertFilename(),
|
||||
"--cert_file=" + getCertFilename(SAMPLE_CERT3),
|
||||
"--cert_hash=ABCDEF",
|
||||
"--force",
|
||||
"NewRegistrar"));
|
||||
|
||||
+215
-1
@@ -43,6 +43,7 @@ import google.registry.util.EmailMessage;
|
||||
import java.util.Map;
|
||||
import java.util.function.BiFunction;
|
||||
import java.util.function.Function;
|
||||
import org.joda.time.DateTime;
|
||||
import org.json.simple.JSONValue;
|
||||
import org.json.simple.parser.ParseException;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@@ -367,6 +368,18 @@ class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase {
|
||||
|
||||
@Test
|
||||
void testUpdate_clientCertificate() {
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
doTestUpdate(
|
||||
Role.OWNER,
|
||||
Registrar::getClientCertificate,
|
||||
CertificateSamples.SAMPLE_CERT3,
|
||||
(builder, s) -> builder.setClientCertificate(s, clock.nowUtc()));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_clientCertificateWithViolationsBeforeNovemberSucceeds() {
|
||||
// TODO(sarahbot): remove this test after November 1, 2020.
|
||||
clock.setTo(DateTime.parse("2018-07-02T00:00:00Z"));
|
||||
doTestUpdate(
|
||||
Role.OWNER,
|
||||
Registrar::getClientCertificate,
|
||||
@@ -374,15 +387,216 @@ class RegistrarSettingsActionTest extends RegistrarSettingsActionTestCase {
|
||||
(builder, s) -> builder.setClientCertificate(s, clock.nowUtc()));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_otherFieldsWhenClientCertificateWithViolationsAlreadyExistedSucceeds() {
|
||||
// TODO(sarahbot): remove this test after November 1, 2020.
|
||||
|
||||
// The frontend will always send the entire registrar entity back for an update, so the checks
|
||||
// on the certificate should only run if a new certificate is being uploaded. All other updates
|
||||
// after November 1st should still succeed even if a bad certificate is stored.
|
||||
|
||||
// Set a bad certificate before checks on uploads are enforced
|
||||
clock.setTo(DateTime.parse("2018-07-02T00:00:00Z"));
|
||||
Registrar existingRegistrar = loadRegistrar(CLIENT_ID);
|
||||
existingRegistrar =
|
||||
existingRegistrar
|
||||
.asBuilder()
|
||||
.setClientCertificate(CertificateSamples.SAMPLE_CERT, clock.nowUtc())
|
||||
.build();
|
||||
persistResource(existingRegistrar);
|
||||
|
||||
// Update the other registrar fields after enforcement begins should succeed
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("url", "test.url");
|
||||
args.put("phoneNumber", "+1.1234567890");
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response).containsEntry("status", "SUCCESS");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "SUCCESS");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_clientCertificateWithViolationsAlreadyExistedSucceeds() {
|
||||
// TODO(sarahbot): remove this test after November 1, 2020.
|
||||
|
||||
// The frontend will always send the entire registrar entity back for an update, so the checks
|
||||
// on the certificate should only run if it is a new certificate
|
||||
|
||||
// Set a bad certificate before checks on uploads are enforced
|
||||
clock.setTo(DateTime.parse("2018-07-02T00:00:00Z"));
|
||||
Registrar existingRegistrar = loadRegistrar(CLIENT_ID);
|
||||
existingRegistrar =
|
||||
existingRegistrar
|
||||
.asBuilder()
|
||||
.setClientCertificate(CertificateSamples.SAMPLE_CERT, clock.nowUtc())
|
||||
.build();
|
||||
persistResource(existingRegistrar);
|
||||
|
||||
// Update with the same certificate after enforcement starts
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("clientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response).containsEntry("status", "SUCCESS");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "SUCCESS");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_clientCertificateWithViolationsFails() {
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("clientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response)
|
||||
.containsExactly(
|
||||
"status",
|
||||
"ERROR",
|
||||
"results",
|
||||
ImmutableList.of(),
|
||||
"message",
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_clientCertificateWithMultipleViolationsFails() {
|
||||
clock.setTo(DateTime.parse("2055-11-01T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("clientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response)
|
||||
.containsExactly(
|
||||
"status",
|
||||
"ERROR",
|
||||
"results",
|
||||
ImmutableList.of(),
|
||||
"message",
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_failoverClientCertificate() {
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
doTestUpdate(
|
||||
Role.OWNER,
|
||||
Registrar::getFailoverClientCertificate,
|
||||
CertificateSamples.SAMPLE_CERT,
|
||||
CertificateSamples.SAMPLE_CERT3,
|
||||
(builder, s) -> builder.setFailoverClientCertificate(s, clock.nowUtc()));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_failoverClientCertificateWithViolationsAlreadyExistedSucceeds() {
|
||||
// TODO(sarahbot): remove this test after November 1, 2020.
|
||||
|
||||
// The frontend will always send the entire registrar entity back for an update, so the checks
|
||||
// on the certificate should only run if it is a new certificate
|
||||
|
||||
// Set a bad certificate before checks on uploads are enforced
|
||||
clock.setTo(DateTime.parse("2018-07-02T00:00:00Z"));
|
||||
Registrar existingRegistrar = loadRegistrar(CLIENT_ID);
|
||||
existingRegistrar =
|
||||
existingRegistrar
|
||||
.asBuilder()
|
||||
.setFailoverClientCertificate(CertificateSamples.SAMPLE_CERT, clock.nowUtc())
|
||||
.build();
|
||||
persistResource(existingRegistrar);
|
||||
|
||||
// Update with the same certificate after enforcement starts
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("failoverClientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response).containsEntry("status", "SUCCESS");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "SUCCESS");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_failoverClientCertificateWithViolationsFails() {
|
||||
clock.setTo(DateTime.parse("2020-11-02T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("failoverClientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response)
|
||||
.containsExactly(
|
||||
"status",
|
||||
"ERROR",
|
||||
"results",
|
||||
ImmutableList.of(),
|
||||
"message",
|
||||
"Certificate validity period is too long; it must be less than or equal to 398"
|
||||
+ " days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_failoverClientCertificateWithMultipleViolationsFails() {
|
||||
clock.setTo(DateTime.parse("2055-11-01T00:00:00Z"));
|
||||
Map<String, Object> args = Maps.newHashMap(loadRegistrar(CLIENT_ID).toJsonMap());
|
||||
args.put("failoverClientCertificate", CertificateSamples.SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", args));
|
||||
|
||||
assertThat(response)
|
||||
.containsExactly(
|
||||
"status",
|
||||
"ERROR",
|
||||
"results",
|
||||
ImmutableList.of(),
|
||||
"message",
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
assertNoTasksEnqueued("sheet");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testUpdate_allowedTlds() {
|
||||
doTestUpdate(
|
||||
|
||||
+9
@@ -24,6 +24,7 @@ import static google.registry.security.JsonHttpTestUtils.createJsonPayload;
|
||||
import static google.registry.testing.DatastoreHelper.createTlds;
|
||||
import static google.registry.testing.DatastoreHelper.disallowRegistrarAccess;
|
||||
import static google.registry.testing.DatastoreHelper.loadRegistrar;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
@@ -31,6 +32,7 @@ import com.google.appengine.api.users.User;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSetMultimap;
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import com.google.common.truth.Truth;
|
||||
import google.registry.model.ofy.Ofy;
|
||||
import google.registry.model.registrar.RegistrarContact;
|
||||
@@ -46,6 +48,7 @@ import google.registry.testing.FakeClock;
|
||||
import google.registry.testing.InjectExtension;
|
||||
import google.registry.ui.server.SendEmailUtils;
|
||||
import google.registry.util.AppEngineServiceUtils;
|
||||
import google.registry.util.CertificateChecker;
|
||||
import google.registry.util.EmailMessage;
|
||||
import google.registry.util.SendEmailService;
|
||||
import java.io.PrintWriter;
|
||||
@@ -115,6 +118,12 @@ public abstract class RegistrarSettingsActionTestCase {
|
||||
AuthResult.create(
|
||||
AuthLevel.USER,
|
||||
UserAuthInfo.create(new User("user@email.com", "email.com", "12345"), false));
|
||||
action.certificateChecker =
|
||||
new CertificateChecker(
|
||||
ImmutableSortedMap.of(START_OF_TIME, 825, DateTime.parse("2020-09-01T00:00:00Z"), 398),
|
||||
30,
|
||||
2048,
|
||||
clock);
|
||||
inject.setStaticField(Ofy.class, "clock", clock);
|
||||
when(req.getMethod()).thenReturn("POST");
|
||||
when(rsp.getWriter()).thenReturn(new PrintWriter(writer));
|
||||
|
||||
@@ -18,6 +18,8 @@ import static com.google.common.truth.Truth.assertThat;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT2;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT2_HASH;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT3_HASH;
|
||||
import static google.registry.testing.CertificateSamples.SAMPLE_CERT_HASH;
|
||||
import static google.registry.testing.DatastoreHelper.loadRegistrar;
|
||||
import static google.registry.testing.DatastoreHelper.persistResource;
|
||||
@@ -27,6 +29,7 @@ import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import google.registry.model.registrar.Registrar;
|
||||
import java.util.Map;
|
||||
import org.joda.time.DateTime;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
/**
|
||||
@@ -38,10 +41,11 @@ class SecuritySettingsTest extends RegistrarSettingsActionTestCase {
|
||||
|
||||
@Test
|
||||
void testPost_updateCert_success() throws Exception {
|
||||
clock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Registrar modified =
|
||||
loadRegistrar(CLIENT_ID)
|
||||
.asBuilder()
|
||||
.setClientCertificate(SAMPLE_CERT, clock.nowUtc())
|
||||
.setClientCertificate(SAMPLE_CERT3, clock.nowUtc())
|
||||
.build();
|
||||
Map<String, Object> response = action.handleJsonRequest(ImmutableMap.of(
|
||||
"op", "update",
|
||||
@@ -67,17 +71,58 @@ class SecuritySettingsTest extends RegistrarSettingsActionTestCase {
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: FormFieldException");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testPost_updateCertWithViolations_failure() {
|
||||
clock.setTo(DateTime.parse("2055-11-01T00:00:00Z"));
|
||||
Map<String, Object> reqJson = loadRegistrar(CLIENT_ID).toJsonMap();
|
||||
reqJson.put("clientCertificate", SAMPLE_CERT);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", reqJson));
|
||||
assertThat(response).containsEntry("status", "ERROR");
|
||||
assertThat(response)
|
||||
.containsEntry(
|
||||
"message",
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testPost_updateFailoverCertWithViolations_failure() {
|
||||
clock.setTo(DateTime.parse("2055-11-01T00:00:00Z"));
|
||||
Map<String, Object> reqJson = loadRegistrar(CLIENT_ID).toJsonMap();
|
||||
reqJson.put("failoverClientCertificate", SAMPLE_CERT2);
|
||||
Map<String, Object> response =
|
||||
action.handleJsonRequest(
|
||||
ImmutableMap.of(
|
||||
"op", "update",
|
||||
"id", CLIENT_ID,
|
||||
"args", reqJson));
|
||||
assertThat(response).containsEntry("status", "ERROR");
|
||||
assertThat(response)
|
||||
.containsEntry(
|
||||
"message",
|
||||
"Certificate is expired.\nCertificate validity period is too long; it must be less"
|
||||
+ " than or equal to 398 days.");
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "ERROR: IllegalArgumentException");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testChangeCertificates() throws Exception {
|
||||
clock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Map<String, Object> jsonMap = loadRegistrar(CLIENT_ID).toJsonMap();
|
||||
jsonMap.put("clientCertificate", SAMPLE_CERT);
|
||||
jsonMap.put("clientCertificate", SAMPLE_CERT3);
|
||||
jsonMap.put("failoverClientCertificate", null);
|
||||
Map<String, Object> response = action.handleJsonRequest(ImmutableMap.of(
|
||||
"op", "update", "id", CLIENT_ID, "args", jsonMap));
|
||||
assertThat(response).containsEntry("status", "SUCCESS");
|
||||
Registrar registrar = loadRegistrar(CLIENT_ID);
|
||||
assertThat(registrar.getClientCertificate()).isEqualTo(SAMPLE_CERT);
|
||||
assertThat(registrar.getClientCertificateHash()).isEqualTo(SAMPLE_CERT_HASH);
|
||||
assertThat(registrar.getClientCertificate()).isEqualTo(SAMPLE_CERT3);
|
||||
assertThat(registrar.getClientCertificateHash()).isEqualTo(SAMPLE_CERT3_HASH);
|
||||
assertThat(registrar.getFailoverClientCertificate()).isNull();
|
||||
assertThat(registrar.getFailoverClientCertificateHash()).isNull();
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "SUCCESS");
|
||||
@@ -86,14 +131,15 @@ class SecuritySettingsTest extends RegistrarSettingsActionTestCase {
|
||||
|
||||
@Test
|
||||
void testChangeFailoverCertificate() throws Exception {
|
||||
clock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
Map<String, Object> jsonMap = loadRegistrar(CLIENT_ID).toJsonMap();
|
||||
jsonMap.put("failoverClientCertificate", SAMPLE_CERT2);
|
||||
jsonMap.put("failoverClientCertificate", SAMPLE_CERT3);
|
||||
Map<String, Object> response = action.handleJsonRequest(ImmutableMap.of(
|
||||
"op", "update", "id", CLIENT_ID, "args", jsonMap));
|
||||
assertThat(response).containsEntry("status", "SUCCESS");
|
||||
Registrar registrar = loadRegistrar(CLIENT_ID);
|
||||
assertThat(registrar.getFailoverClientCertificate()).isEqualTo(SAMPLE_CERT2);
|
||||
assertThat(registrar.getFailoverClientCertificateHash()).isEqualTo(SAMPLE_CERT2_HASH);
|
||||
assertThat(registrar.getFailoverClientCertificate()).isEqualTo(SAMPLE_CERT3);
|
||||
assertThat(registrar.getFailoverClientCertificateHash()).isEqualTo(SAMPLE_CERT3_HASH);
|
||||
assertMetric(CLIENT_ID, "update", "[OWNER]", "SUCCESS");
|
||||
verifyNotificationEmailsSent();
|
||||
}
|
||||
|
||||
@@ -523,6 +523,7 @@ class google.registry.model.poll.PollMessage$OneTime {
|
||||
}
|
||||
class google.registry.model.rde.RdeRevision {
|
||||
@Id java.lang.String id;
|
||||
google.registry.model.UpdateAutoTimestamp updateTimestamp;
|
||||
int revision;
|
||||
}
|
||||
class google.registry.model.registrar.Registrar {
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -62,3 +62,5 @@ V61__domain_hist_columns.sql
|
||||
V62__disable_key_auto_generation_for_history_tables.sql
|
||||
V63__add_schema_for_ds_data.sql
|
||||
V64__transfer_history_columns.sql
|
||||
V65__local_date_date_type.sql
|
||||
V66__create_rde_revision.sql
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
-- Copyright 2020 The Nomulus Authors. All Rights Reserved.
|
||||
--
|
||||
-- Licensed under the Apache License, Version 2.0 (the "License");
|
||||
-- you may not use this file except in compliance with the License.
|
||||
-- You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing, software
|
||||
-- distributed under the License is distributed on an "AS IS" BASIS,
|
||||
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
-- See the License for the specific language governing permissions and
|
||||
-- limitations under the License.
|
||||
|
||||
ALTER TABLE "Spec11ThreatMatch" ALTER COLUMN "check_date" TYPE date USING check_date::date;
|
||||
@@ -0,0 +1,22 @@
|
||||
-- Copyright 2020 The Nomulus Authors. All Rights Reserved.
|
||||
--
|
||||
-- Licensed under the Apache License, Version 2.0 (the "License");
|
||||
-- you may not use this file except in compliance with the License.
|
||||
-- You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing, software
|
||||
-- distributed under the License is distributed on an "AS IS" BASIS,
|
||||
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
-- See the License for the specific language governing permissions and
|
||||
-- limitations under the License.
|
||||
|
||||
CREATE TABLE "RdeRevision" (
|
||||
tld TEXT NOT NULL,
|
||||
mode TEXT NOT NULL,
|
||||
date date NOT NULL,
|
||||
update_timestamp timestamptz,
|
||||
revision int4 NOT NULL,
|
||||
PRIMARY KEY (tld, mode, date)
|
||||
);
|
||||
@@ -494,6 +494,15 @@
|
||||
primary key (revision_id)
|
||||
);
|
||||
|
||||
create table "RdeRevision" (
|
||||
date date not null,
|
||||
mode text not null,
|
||||
tld text not null,
|
||||
update_timestamp timestamptz,
|
||||
revision int4 not null,
|
||||
primary key (date, mode, tld)
|
||||
);
|
||||
|
||||
create table "Registrar" (
|
||||
registrar_id text not null,
|
||||
allowed_tlds text[],
|
||||
@@ -597,7 +606,7 @@
|
||||
|
||||
create table "Spec11ThreatMatch" (
|
||||
id bigserial not null,
|
||||
check_date text not null,
|
||||
check_date date not null,
|
||||
domain_name text not null,
|
||||
domain_repo_id text not null,
|
||||
registrar_id text not null,
|
||||
|
||||
@@ -682,6 +682,19 @@ CREATE SEQUENCE public."PremiumList_revision_id_seq"
|
||||
ALTER SEQUENCE public."PremiumList_revision_id_seq" OWNED BY public."PremiumList".revision_id;
|
||||
|
||||
|
||||
--
|
||||
-- Name: RdeRevision; Type: TABLE; Schema: public; Owner: -
|
||||
--
|
||||
|
||||
CREATE TABLE public."RdeRevision" (
|
||||
tld text NOT NULL,
|
||||
mode text NOT NULL,
|
||||
date date NOT NULL,
|
||||
update_timestamp timestamp with time zone,
|
||||
revision integer NOT NULL
|
||||
);
|
||||
|
||||
|
||||
--
|
||||
-- Name: Registrar; Type: TABLE; Schema: public; Owner: -
|
||||
--
|
||||
@@ -847,7 +860,7 @@ ALTER SEQUENCE public."ReservedList_revision_id_seq" OWNED BY public."ReservedLi
|
||||
|
||||
CREATE TABLE public."Spec11ThreatMatch" (
|
||||
id bigint NOT NULL,
|
||||
check_date text NOT NULL,
|
||||
check_date date NOT NULL,
|
||||
domain_name text NOT NULL,
|
||||
domain_repo_id text NOT NULL,
|
||||
registrar_id text NOT NULL,
|
||||
@@ -1166,6 +1179,14 @@ ALTER TABLE ONLY public."PremiumList"
|
||||
ADD CONSTRAINT "PremiumList_pkey" PRIMARY KEY (revision_id);
|
||||
|
||||
|
||||
--
|
||||
-- Name: RdeRevision RdeRevision_pkey; Type: CONSTRAINT; Schema: public; Owner: -
|
||||
--
|
||||
|
||||
ALTER TABLE ONLY public."RdeRevision"
|
||||
ADD CONSTRAINT "RdeRevision_pkey" PRIMARY KEY (tld, mode, date);
|
||||
|
||||
|
||||
--
|
||||
-- Name: RegistrarPoc RegistrarPoc_pkey; Type: CONSTRAINT; Schema: public; Owner: -
|
||||
--
|
||||
|
||||
+1
-1
@@ -53,7 +53,7 @@ ext {
|
||||
'com.google.code.gson:gson:2.8.5',
|
||||
'com.google.dagger:dagger-compiler:2.28',
|
||||
'com.google.dagger:dagger:2.28',
|
||||
'com.google.errorprone:error_prone_annotations:2.3.3',
|
||||
'com.google.errorprone:error_prone_annotations:2.3.4',
|
||||
'com.google.flogger:flogger-system-backend:0.1',
|
||||
'com.google.flogger:flogger:0.1',
|
||||
'com.google.guava:guava-testlib:29.0-jre',
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ configurations {
|
||||
|
||||
dependencies {
|
||||
// compatibility with Java 8
|
||||
errorprone("com.google.errorprone:error_prone_core:2.3.3")
|
||||
errorprone("com.google.errorprone:error_prone_core:2.3.4")
|
||||
}
|
||||
|
||||
test {
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
@@ -10,11 +10,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -28,12 +28,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
@@ -10,11 +10,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -28,12 +28,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
+56
-13
@@ -46,7 +46,6 @@ import java.security.cert.X509Certificate;
|
||||
import java.time.Duration;
|
||||
import java.time.Instant;
|
||||
import java.util.Date;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Stream;
|
||||
import javax.net.ssl.SSLException;
|
||||
import javax.net.ssl.SSLSession;
|
||||
@@ -74,9 +73,13 @@ class SslClientInitializerTest {
|
||||
/** Fake port to test if the SSL engine gets the correct peer port. */
|
||||
private static final int SSL_PORT = 12345;
|
||||
|
||||
private static final Function<Channel, String> hostProvider = channel -> SSL_HOST;
|
||||
private static String hostProvider(Channel channel) {
|
||||
return SSL_HOST;
|
||||
}
|
||||
|
||||
private static final Function<Channel, Integer> portProvider = channel -> SSL_PORT;
|
||||
private static int portProvider(Channel channel) {
|
||||
return SSL_PORT;
|
||||
}
|
||||
|
||||
@RegisterExtension NettyExtension nettyExtension = new NettyExtension();
|
||||
|
||||
@@ -114,7 +117,12 @@ class SslClientInitializerTest {
|
||||
void testSuccess_swappedInitializerWithSslHandler(SslProvider sslProvider) {
|
||||
SslClientInitializer<EmbeddedChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(),
|
||||
null,
|
||||
null);
|
||||
EmbeddedChannel channel = new EmbeddedChannel();
|
||||
ChannelPipeline pipeline = channel.pipeline();
|
||||
pipeline.addLast(sslClientInitializer);
|
||||
@@ -131,7 +139,12 @@ class SslClientInitializerTest {
|
||||
void testSuccess_nullHost(SslProvider sslProvider) {
|
||||
SslClientInitializer<EmbeddedChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, channel -> null, portProvider, ImmutableList.of(), null, null);
|
||||
sslProvider,
|
||||
channel -> null,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(),
|
||||
null,
|
||||
null);
|
||||
EmbeddedChannel channel = new EmbeddedChannel();
|
||||
ChannelPipeline pipeline = channel.pipeline();
|
||||
pipeline.addLast(sslClientInitializer);
|
||||
@@ -144,7 +157,12 @@ class SslClientInitializerTest {
|
||||
void testSuccess_nullPort(SslProvider sslProvider) {
|
||||
SslClientInitializer<EmbeddedChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, channel -> null, ImmutableList.of(), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
channel -> null,
|
||||
ImmutableList.of(),
|
||||
null,
|
||||
null);
|
||||
EmbeddedChannel channel = new EmbeddedChannel();
|
||||
ChannelPipeline pipeline = channel.pipeline();
|
||||
pipeline.addLast(sslClientInitializer);
|
||||
@@ -162,7 +180,12 @@ class SslClientInitializerTest {
|
||||
nettyExtension.setUpServer(localAddress, getServerHandler(false, ssc.key(), ssc.cert()));
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(),
|
||||
null,
|
||||
null);
|
||||
nettyExtension.setUpClient(localAddress, sslClientInitializer);
|
||||
// The connection is now terminated, both the client side and the server side should get
|
||||
// exceptions.
|
||||
@@ -192,7 +215,12 @@ class SslClientInitializerTest {
|
||||
// Set up the client to trust the self signed cert used to sign the cert that server provides.
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(ssc.cert()), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(ssc.cert()),
|
||||
null,
|
||||
null);
|
||||
nettyExtension.setUpClient(localAddress, sslClientInitializer);
|
||||
|
||||
setUpSslChannel(nettyExtension.getClientChannel(), cert);
|
||||
@@ -228,7 +256,12 @@ class SslClientInitializerTest {
|
||||
// Set up the client to trust the self signed cert used to sign the cert that server provides.
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(ssc.cert()), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(ssc.cert()),
|
||||
null,
|
||||
null);
|
||||
nettyExtension.setUpClient(localAddress, sslClientInitializer);
|
||||
|
||||
verifySslException(
|
||||
@@ -264,7 +297,12 @@ class SslClientInitializerTest {
|
||||
// Set up the client to trust the self signed cert used to sign the cert that server provides.
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(ssc.cert()), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(ssc.cert()),
|
||||
null,
|
||||
null);
|
||||
nettyExtension.setUpClient(localAddress, sslClientInitializer);
|
||||
|
||||
verifySslException(
|
||||
@@ -292,8 +330,8 @@ class SslClientInitializerTest {
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider,
|
||||
hostProvider,
|
||||
portProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(serverSsc.cert()),
|
||||
() -> clientSsc.key(),
|
||||
() -> ImmutableList.of(clientSsc.cert()));
|
||||
@@ -333,7 +371,12 @@ class SslClientInitializerTest {
|
||||
// Set up the client to trust the self signed cert used to sign the cert that server provides.
|
||||
SslClientInitializer<LocalChannel> sslClientInitializer =
|
||||
new SslClientInitializer<>(
|
||||
sslProvider, hostProvider, portProvider, ImmutableList.of(ssc.cert()), null, null);
|
||||
sslProvider,
|
||||
SslClientInitializerTest::hostProvider,
|
||||
SslClientInitializerTest::portProvider,
|
||||
ImmutableList.of(ssc.cert()),
|
||||
null,
|
||||
null);
|
||||
nettyExtension.setUpClient(localAddress, sslClientInitializer);
|
||||
|
||||
// When the client rejects the server cert due to wrong hostname, both the client and server
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -46,7 +46,6 @@ import io.netty.util.internal.logging.JdkLoggerFactory;
|
||||
import java.util.ArrayDeque;
|
||||
import java.util.HashMap;
|
||||
import java.util.Queue;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
import javax.inject.Provider;
|
||||
|
||||
@@ -317,7 +316,7 @@ public class ProxyServer implements Runnable {
|
||||
if (proxyModule.provideEnvironment() != Environment.LOCAL) {
|
||||
MetricReporter metricReporter = proxyComponent.metricReporter();
|
||||
try {
|
||||
metricReporter.startAsync().awaitRunning(10, TimeUnit.SECONDS);
|
||||
metricReporter.startAsync().awaitRunning(java.time.Duration.ofSeconds(10));
|
||||
logger.atInfo().log("Started up MetricReporter");
|
||||
} catch (TimeoutException timeoutException) {
|
||||
logger.atSevere().withCause(timeoutException).log(
|
||||
@@ -328,7 +327,7 @@ public class ProxyServer implements Runnable {
|
||||
new Thread(
|
||||
() -> {
|
||||
try {
|
||||
metricReporter.stopAsync().awaitTerminated(10, TimeUnit.SECONDS);
|
||||
metricReporter.stopAsync().awaitTerminated(java.time.Duration.ofSeconds(10));
|
||||
logger.atInfo().log("Shut down MetricReporter");
|
||||
} catch (TimeoutException timeoutException) {
|
||||
logger.atWarning().withCause(timeoutException).log(
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,24 +1,27 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
com.google.code.findbugs:jsr305:3.0.2
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
com.google.guava:guava:27.0.1-jre
|
||||
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
|
||||
com.google.j2objc:j2objc-annotations:1.1
|
||||
com.google.protobuf:protobuf-java:3.4.0
|
||||
com.googlecode.java-diff-utils:diffutils:1.3.0
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# This is a Gradle generated file for dependency locking.
|
||||
# Manual edits can break the build and are not advised.
|
||||
# This file is expected to be part of source control.
|
||||
com.github.ben-manes.caffeine:caffeine:2.7.0
|
||||
com.github.kevinstern:software-and-algorithms:1.0
|
||||
com.github.stephenc.jcip:jcip-annotations:1.0-1
|
||||
com.google.auto.value:auto-value:1.6.3
|
||||
com.google.auto:auto-common:0.10
|
||||
com.google.code.findbugs:jFormatString:3.0.0
|
||||
@@ -11,11 +11,11 @@ com.google.dagger:dagger-compiler:2.28
|
||||
com.google.dagger:dagger-producers:2.28
|
||||
com.google.dagger:dagger-spi:2.28
|
||||
com.google.dagger:dagger:2.28
|
||||
com.google.errorprone:error_prone_annotation:2.3.3
|
||||
com.google.errorprone:error_prone_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_check_api:2.3.3
|
||||
com.google.errorprone:error_prone_core:2.3.3
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.3
|
||||
com.google.errorprone:error_prone_annotation:2.3.4
|
||||
com.google.errorprone:error_prone_annotations:2.3.4
|
||||
com.google.errorprone:error_prone_check_api:2.3.4
|
||||
com.google.errorprone:error_prone_core:2.3.4
|
||||
com.google.errorprone:error_prone_type_annotations:2.3.4
|
||||
com.google.errorprone:javac-shaded:9-dev-r4023-3
|
||||
com.google.googlejavaformat:google-java-format:1.5
|
||||
com.google.guava:failureaccess:1.0.1
|
||||
@@ -29,12 +29,15 @@ javax.annotation:jsr250-api:1.0
|
||||
javax.inject:javax.inject:1
|
||||
net.ltgt.gradle.incap:incap:0.2
|
||||
org.checkerframework:checker-compat-qual:2.5.3
|
||||
org.checkerframework:checker-qual:2.5.3
|
||||
org.checkerframework:dataflow:2.5.3
|
||||
org.checkerframework:javacutil:2.5.3
|
||||
org.checkerframework:checker-qual:3.0.0
|
||||
org.checkerframework:dataflow:3.0.0
|
||||
org.checkerframework:javacutil:3.0.0
|
||||
org.codehaus.mojo:animal-sniffer-annotations:1.17
|
||||
org.jetbrains.kotlin:kotlin-stdlib-common:1.3.61
|
||||
org.jetbrains.kotlin:kotlin-stdlib:1.3.61
|
||||
org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.1.0
|
||||
org.jetbrains:annotations:13.0
|
||||
org.pcollections:pcollections:2.1.2
|
||||
org.plumelib:plume-util:1.0.6
|
||||
org.plumelib:reflection-util:0.0.2
|
||||
org.plumelib:require-javadoc:0.1.0
|
||||
|
||||
@@ -16,13 +16,18 @@ package google.registry.util;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.security.PublicKey;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.util.Date;
|
||||
import java.util.stream.Collectors;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.Days;
|
||||
|
||||
@@ -53,7 +58,6 @@ public class CertificateChecker {
|
||||
* );
|
||||
* </pre>
|
||||
*/
|
||||
// TODO(sarahbot): Inject this.
|
||||
public CertificateChecker(
|
||||
ImmutableSortedMap<DateTime, Integer> maxValidityLengthSchedule,
|
||||
int daysToExpiration,
|
||||
@@ -69,8 +73,23 @@ public class CertificateChecker {
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks a certificate for violations and returns a list of all the violations the certificate
|
||||
* has.
|
||||
* Checks the given certificate string for violations and throws an exception if any violations
|
||||
* exist.
|
||||
*/
|
||||
public void validateCertificate(String certificateString) {
|
||||
ImmutableSet<CertificateViolation> violations = checkCertificate(certificateString);
|
||||
if (!violations.isEmpty()) {
|
||||
String displayMessages =
|
||||
violations.stream()
|
||||
.map(violation -> getViolationDisplayMessage(violation))
|
||||
.collect(Collectors.joining("\n"));
|
||||
throw new IllegalArgumentException(displayMessages);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks a given certificate for violations and returns a list of all the violations the
|
||||
* certificate has.
|
||||
*/
|
||||
public ImmutableSet<CertificateViolation> checkCertificate(X509Certificate certificate) {
|
||||
ImmutableSet.Builder<CertificateViolation> violations = new ImmutableSet.Builder<>();
|
||||
@@ -105,6 +124,25 @@ public class CertificateChecker {
|
||||
return violations.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts a given string to a certificate and checks it for violations, returning a list of all
|
||||
* the violations the certificate has.
|
||||
*/
|
||||
public ImmutableSet<CertificateViolation> checkCertificate(String certificateString) {
|
||||
X509Certificate certificate;
|
||||
|
||||
try {
|
||||
certificate =
|
||||
(X509Certificate)
|
||||
CertificateFactory.getInstance("X509")
|
||||
.generateCertificate(new ByteArrayInputStream(certificateString.getBytes(UTF_8)));
|
||||
} catch (CertificateException e) {
|
||||
throw new IllegalArgumentException("Unable to read given certificate.");
|
||||
}
|
||||
|
||||
return checkCertificate(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether the certificate is nearing expiration.
|
||||
*
|
||||
|
||||
@@ -71,7 +71,7 @@ public class Retrier implements Serializable {
|
||||
* @return the value returned by the {@link Callable}.
|
||||
*/
|
||||
public <V> V callWithRetry(Callable<V> callable, Predicate<Throwable> isRetryable) {
|
||||
return callWithRetry(callable, LOGGING_FAILURE_REPORTER, isRetryable);
|
||||
return callWithRetry(callable, Retrier::reportFailure, isRetryable);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -92,7 +92,7 @@ public class Retrier implements Serializable {
|
||||
Callable<V> callable,
|
||||
Class<? extends Throwable> retryableError,
|
||||
Class<? extends Throwable>... moreRetryableErrors) {
|
||||
return callWithRetry(callable, LOGGING_FAILURE_REPORTER, retryableError, moreRetryableErrors);
|
||||
return callWithRetry(callable, Retrier::reportFailure, retryableError, moreRetryableErrors);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -171,8 +171,8 @@ public class Retrier implements Serializable {
|
||||
}
|
||||
}
|
||||
|
||||
private static final FailureReporter LOGGING_FAILURE_REPORTER =
|
||||
(thrown, failures, maxAttempts) ->
|
||||
logger.atInfo().withCause(thrown).log(
|
||||
"Retrying transient error, attempt %d/%d", failures, maxAttempts);
|
||||
private static void reportFailure(Throwable thrown, int failures, int maxAttempts) {
|
||||
logger.atInfo().withCause(thrown).log(
|
||||
"Retrying transient error, attempt %d/%d", failures, maxAttempts);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,6 +21,7 @@ import static google.registry.util.CertificateChecker.CertificateViolation.NOT_Y
|
||||
import static google.registry.util.CertificateChecker.CertificateViolation.RSA_KEY_LENGTH_TOO_SHORT;
|
||||
import static google.registry.util.CertificateChecker.CertificateViolation.VALIDITY_LENGTH_TOO_LONG;
|
||||
import static google.registry.util.DateTimeUtils.START_OF_TIME;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import com.google.common.collect.ImmutableSortedMap;
|
||||
import google.registry.testing.FakeClock;
|
||||
@@ -35,6 +36,54 @@ import org.junit.jupiter.api.Test;
|
||||
class CertificateCheckerTest {
|
||||
|
||||
private static final String SSL_HOST = "www.example.tld";
|
||||
private static final String GOOD_CERTIFICATE =
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
+ "MIIDyzCCArOgAwIBAgIUJnhiVrxAxgwkLJzHPm1w/lBoNs4wDQYJKoZIhvcNAQEL\n"
|
||||
+ "BQAwdTELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhO\n"
|
||||
+ "ZXcgWW9yazEPMA0GA1UECgwGR29vZ2xlMR0wGwYDVQQLDBRkb21haW4tcmVnaXN0\n"
|
||||
+ "cnktdGVzdDEQMA4GA1UEAwwHY2xpZW50MTAeFw0yMDEwMTIxNzU5NDFaFw0yMTA0\n"
|
||||
+ "MzAxNzU5NDFaMHUxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8G\n"
|
||||
+ "A1UEBwwITmV3IFlvcmsxDzANBgNVBAoMBkdvb2dsZTEdMBsGA1UECwwUZG9tYWlu\n"
|
||||
+ "LXJlZ2lzdHJ5LXRlc3QxEDAOBgNVBAMMB2NsaWVudDEwggEiMA0GCSqGSIb3DQEB\n"
|
||||
+ "AQUAA4IBDwAwggEKAoIBAQC0msirO7kXyGEC93stsNYGc02Z77Q2qfHFwaGYkUG8\n"
|
||||
+ "QvOF5SWN+jwTo5Td6Jj26A26a8MLCtK45TCBuMRNcUsHhajhT19ocphO20iY3zhi\n"
|
||||
+ "ycwV1id0iwME4kPd1m57BELRE9tUPOxF81/JQXdR1fwT5KRVHYRDWZhaZ5aBmlZY\n"
|
||||
+ "3t/H9Ly0RBYyApkMaGs3nlb94OOug6SouUfRt02S59ja3wsE2SVF/Eui647OXP7O\n"
|
||||
+ "QdYXofxuqLoNkE8EnAdl43/enGLiCIVd0G2lABibFF+gbxTtfgbg7YtfUZJdL+Mb\n"
|
||||
+ "RAcAtuLXEamNQ9H63JgVF16PlQVCDz2XyI3uCfPpDDiBAgMBAAGjUzBRMB0GA1Ud\n"
|
||||
+ "DgQWBBQ26bWk8qfEBjXs/xZ4m8JZyalnITAfBgNVHSMEGDAWgBQ26bWk8qfEBjXs\n"
|
||||
+ "/xZ4m8JZyalnITAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAZ\n"
|
||||
+ "VcsgslBKanKOieJ5ik2d9qzOMXKfBuWPRFWbkC3t9i5awhHqnGAaj6nICnnMZIyt\n"
|
||||
+ "rdx5lZW5aaQyf0EP/90JAA8Xmty4A6MXmEjQAMiCOpP3A7eeS6Xglgi8IOZl4/bg\n"
|
||||
+ "LonW62TUkilo5IiFt/QklFTeHIjXB+OvA8+2Quqyd+zp7v6KnhXjvaomim78DhwE\n"
|
||||
+ "0PIUnjmiRpGpHfTVioTdfhPHZ2Y93Y8K7juL93sQog9aBu5m9XRJCY6wGyWPE83i\n"
|
||||
+ "kmLfGzjcnaJ6kqCd9xQRFZ0JwHmGlkAQvFoeengbNUqSyjyVgsOoNkEsrWwe/JFO\n"
|
||||
+ "iqBvjEhJlvRoefvkdR98\n"
|
||||
+ "-----END CERTIFICATE-----\n";
|
||||
private static final String BAD_CERTIFICATE =
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
+ "MIIDvTCCAqWgAwIBAgIJANoEy6mYwalPMA0GCSqGSIb3DQEBCwUAMHUxCzAJBgNV\n"
|
||||
+ "BAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxDzAN\n"
|
||||
+ "BgNVBAoMBkdvb2dsZTEdMBsGA1UECwwUZG9tYWluLXJlZ2lzdHJ5LXRlc3QxEDAO\n"
|
||||
+ "BgNVBAMMB2NsaWVudDIwHhcNMTUwODI2MTkyODU3WhcNNDMwMTExMTkyODU3WjB1\n"
|
||||
+ "MQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcMCE5ldyBZ\n"
|
||||
+ "b3JrMQ8wDQYDVQQKDAZHb29nbGUxHTAbBgNVBAsMFGRvbWFpbi1yZWdpc3RyeS10\n"
|
||||
+ "ZXN0MRAwDgYDVQQDDAdjbGllbnQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
|
||||
+ "CgKCAQEAw2FtuDyoR+rUJHp6k7KwaoHGHPV1xnC8IpG9O0SZubOXrFrnBHggBsbu\n"
|
||||
+ "+DsknbHXjmoihSFFem0KQqJg5y34aDAHXQV3iqa7nDfb1x4oc5voVz9gqjdmGKNm\n"
|
||||
+ "WF4MTIPNMu8KY52M852mMCxODK+6MZYp7wCmVa63KdCm0bW/XsLgoA/+FVGwKLhf\n"
|
||||
+ "UqFzt10Cf+87zl4VHrSaJqcHBYM6yAO5lvkr5VC6g8rRQ+dJ+pBT2D99YpSF1aFc\n"
|
||||
+ "rWbBreIypixZAnXm/Xoogu6RnohS29VCJp2dXFAJmKXGwyKNQFXfEKxZBaBi8uKH\n"
|
||||
+ "XF459795eyF9xHgSckEgu7jZlxOk6wIDAQABo1AwTjAdBgNVHQ4EFgQUv26AsQyc\n"
|
||||
+ "kLOjkhqcFLOuueB33l4wHwYDVR0jBBgwFoAUv26AsQyckLOjkhqcFLOuueB33l4w\n"
|
||||
+ "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEANBuV+QDISSnGAEHKbR40\n"
|
||||
+ "zUYdOjdZ399zcFNqTSPHwmE0Qu8pbmXhofpBfjzrcv0tkVbhSLYnT22qhx7aDmhb\n"
|
||||
+ "bOS8CeVYCwl5eiDTkJly3pRZLzJpy+UT5z8SPxO3MrTqn+wuj0lBpWRTBCWYAUpr\n"
|
||||
+ "IFRmgVB3IwVb60UIuxhmuk8TVss2SzNrdhdt36eAIPJ0RWEb0KHYHi35Y6lt4f+t\n"
|
||||
+ "iVk+ZR0cCbHUs7Q1RqREXHd/ICuMRLY/MsadVQ9WDqVOridh198X/OIqdx/p9kvJ\n"
|
||||
+ "1R80jDcVGNhYVXLmHu4ho4xrOaliSYvUJSCmaaSEGVZ/xE5PI7S6A8RMdj0iXLSt\n"
|
||||
+ "Bg==\n"
|
||||
+ "-----END CERTIFICATE-----\n";
|
||||
|
||||
private FakeClock fakeClock = new FakeClock();
|
||||
private CertificateChecker certificateChecker =
|
||||
@@ -189,6 +238,24 @@ class CertificateCheckerTest {
|
||||
.containsExactly(ALGORITHM_CONSTRAINED);
|
||||
}
|
||||
|
||||
@Test
|
||||
void test_checkCertificate_validCertificateString() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
assertThat(certificateChecker.checkCertificate(GOOD_CERTIFICATE)).isEmpty();
|
||||
assertThat(certificateChecker.checkCertificate(BAD_CERTIFICATE))
|
||||
.containsExactly(VALIDITY_LENGTH_TOO_LONG);
|
||||
}
|
||||
|
||||
@Test
|
||||
void test_checkCertificate_invalidCertificateString() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2020-11-01T00:00:00Z"));
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> certificateChecker.checkCertificate("bad certificate string"));
|
||||
assertThat(thrown).hasMessageThat().isEqualTo("Unable to read given certificate.");
|
||||
}
|
||||
|
||||
@Test
|
||||
void test_isNearingExpiration_yesItIs() throws Exception {
|
||||
fakeClock.setTo(DateTime.parse("2021-09-20T00:00:00Z"));
|
||||
|
||||
@@ -24,12 +24,16 @@ import static google.registry.util.DateTimeUtils.latestOf;
|
||||
import static google.registry.util.DateTimeUtils.leapSafeAddYears;
|
||||
import static google.registry.util.DateTimeUtils.leapSafeSubtractYears;
|
||||
import static google.registry.util.DateTimeUtils.toJodaDateTime;
|
||||
import static google.registry.util.DateTimeUtils.toLocalDate;
|
||||
import static google.registry.util.DateTimeUtils.toSqlDate;
|
||||
import static google.registry.util.DateTimeUtils.toZonedDateTime;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import java.sql.Date;
|
||||
import java.time.ZonedDateTime;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.LocalDate;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
/** Unit tests for {@link DateTimeUtils}. */
|
||||
@@ -136,4 +140,16 @@ class DateTimeUtilsTest {
|
||||
DateTime dateTime = toJodaDateTime(zonedDateTime);
|
||||
assertThat(dateTime.toString()).isEqualTo("2016-02-29T11:22:33.168Z");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testSuccess_toSqlDate() {
|
||||
LocalDate localDate = LocalDate.parse("2020-02-29");
|
||||
assertThat(toSqlDate(localDate)).isEqualTo(Date.valueOf("2020-02-29"));
|
||||
}
|
||||
|
||||
@Test
|
||||
void testSuccess_toLocalDate() {
|
||||
Date date = Date.valueOf("2020-02-29");
|
||||
assertThat(toLocalDate(date)).isEqualTo(LocalDate.parse("2020-02-29"));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user