MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Retire `CertificateExpirationGauge` in favor of other expiration monitoring tools

This commit is contained in:
Jon Chambers 2022-10-17 14:54:04 -04:00 committed by Jon Chambers
parent cccccb4dd6
commit a41d047f58
3 changed files with 0 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
service/src/main/java/org/whispersystems/textsecuregcm/storage/DirectoryReconciliationClient.java
View File

@ -4,9 +4,6 @@
*/
package org.whispersystems.textsecuregcm.storage;
import static com.codahale.metrics.MetricRegistry.name;
import com.codahale.metrics.SharedMetricRegistries;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
@ -19,9 +16,7 @@ import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
import org.whispersystems.textsecuregcm.configuration.DirectoryServerConfiguration;
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationRequest;
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationResponse;
import org.whispersystems.textsecuregcm.util.CertificateExpirationGauge;
import org.whispersystems.textsecuregcm.util.CertificateUtil;
import org.whispersystems.textsecuregcm.util.Constants;
public class DirectoryReconciliationClient {
@ -33,10 +28,6 @@ public class DirectoryReconciliationClient {
{
this.replicationUrl = directoryServerConfiguration.getReplicationUrl();
this.client = initializeClient(directoryServerConfiguration);
SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME)
.register(name(getClass(), directoryServerConfiguration.getReplicationName(), "days_until_certificate_expiration"),
new CertificateExpirationGauge(CertificateUtil.getCertificate(directoryServerConfiguration.getReplicationCaCertificate())));
}
public DirectoryReconciliationResponse add(DirectoryReconciliationRequest request) {

31
service/src/main/java/org/whispersystems/textsecuregcm/util/CertificateExpirationGauge.java
View File

@ -1,31 +0,0 @@
/*
* Copyright 2013-2020 Signal Messenger, LLC
* SPDX-License-Identifier: AGPL-3.0-only
*/
package org.whispersystems.textsecuregcm.util;
import com.codahale.metrics.CachedGauge;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.util.concurrent.TimeUnit;
/**
* Measures and reports the number of days until a certificate expires.
*/
public class CertificateExpirationGauge extends CachedGauge<Long> {
private final Instant certificateExpiration;
public CertificateExpirationGauge(final X509Certificate certificate) {
super(1, TimeUnit.HOURS);
certificateExpiration = certificate.getNotAfter().toInstant();
}
@Override
protected Long loadValue() {
return Duration.between(Instant.now(), certificateExpiration).toDays();
}
}

36
service/src/test/java/org/whispersystems/textsecuregcm/util/CertificateExpirationGaugeTest.java
View File

@ -1,36 +0,0 @@
/*
* Copyright 2013-2020 Signal Messenger, LLC
* SPDX-License-Identifier: AGPL-3.0-only
*/
package org.whispersystems.textsecuregcm.util;
import org.junit.jupiter.api.Test;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.util.Date;
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
class CertificateExpirationGaugeTest {
@Test
void loadValue() {
final X509Certificate certificate = mock(X509Certificate.class);
final long daysUntilExpiration = 17;
final Instant now = Instant.now();
final Instant later = now.plus(Duration.ofDays(daysUntilExpiration)).plus(Duration.ofMinutes(1));
when(certificate.getNotAfter()).thenReturn(new Date(later.toEpochMilli()));
final CertificateExpirationGauge gauge = new CertificateExpirationGauge(certificate);
assertEquals(daysUntilExpiration, (long) gauge.loadValue());
}
}