remove certforward feature

The certforward feature was implemented to support #gotofail, which only works on unpatched iOS devices. Given that many apps don't support iOS 7 anymore, jailbreak+ssl killswitch is usually the better option. By removing certforward, we can make netlib a pure python module again, which significantly simplifies distribution.
2026-04-27 19:15:33 +08:00 · 2015-06-26 13:27:40 +02:00
parent 876252eba8
commit b369962cbe
4 changed files with 18 additions and 40 deletions
--- a/test/test_server.py
+++ b/test/test_server.py
@@ -757,14 +757,6 @@ class TestIncompleteResponse(tservers.HTTPProxTest):
        assert self.pathod("200").status_code == 502


-class TestCertForward(tservers.HTTPProxTest):
-    certforward = True
-    ssl = True
-
-    def test_app_err(self):
-        tutils.raises("handshake error", self.pathod, "200:b@100")
-
-
 class TestUpstreamProxy(tservers.HTTPUpstreamProxTest, CommonMixin, AppMixin):
    ssl = False

--- a/test/tservers.py
+++ b/test/tservers.py
@@ -89,7 +89,6 @@ class ProxTestBase(object):
    no_upstream_cert = False
    authenticator = None
    masterclass = TestMaster
-    certforward = False

    @classmethod
    def setupAll(cls):
@@ -131,7 +130,6 @@ class ProxTestBase(object):
            no_upstream_cert = cls.no_upstream_cert,
            cadir = cls.cadir,
            authenticator = cls.authenticator,
-            certforward = cls.certforward,
            ssl_ports=([cls.server.port, cls.server2.port] if cls.ssl else []),
            clientcerts = tutils.test_data.path("data/clientcert") if cls.clientcerts else None
        )