From 060e3198bca48f327984b2d1d73a5d4592866736 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Sun, 6 Jan 2013 01:18:47 +1300
Subject: Remove cert_wait_time flag.

We now cater for this by generating certs with a commencement date an hour in
the past in netlib.
---
 libmproxy/cmdline.py | 5 -----
 libmproxy/proxy.py   | 7 +------
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/libmproxy/cmdline.py b/libmproxy/cmdline.py
index 060e0073..de70bea8 100644
--- a/libmproxy/cmdline.py
+++ b/libmproxy/cmdline.py
@@ -248,11 +248,6 @@ def common_options(parser):
         help="Byte size limit of HTTP request and response bodies."\
              " Understands k/m/g suffixes, i.e. 3m for 3 megabytes."
     )
-    parser.add_argument(
-        "--cert-wait-time", type=float,
-        action="store", dest="cert_wait_time", default=0,
-        help="Wait for specified number of seconds after a new cert is generated. This can smooth over small discrepancies between the client and server times."
-    )
 
     parser.add_argument(
         "--no-upstream-cert", default=False,
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index 98bcb23d..370eca9a 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -38,12 +38,11 @@ class Log(controller.Msg):
 
 
 class ProxyConfig:
-    def __init__(self, certfile = None, cacert = None, clientcerts = None, cert_wait_time=0, no_upstream_cert=False, body_size_limit = None, reverse_proxy=None, transparent_proxy=None, certdir = None, authenticator=None):
+    def __init__(self, certfile = None, cacert = None, clientcerts = None, no_upstream_cert=False, body_size_limit = None, reverse_proxy=None, transparent_proxy=None, certdir = None, authenticator=None):
         assert not (reverse_proxy and transparent_proxy)
         self.certfile = certfile
         self.cacert = cacert
         self.clientcerts = clientcerts
-        self.cert_wait_time = cert_wait_time
         self.no_upstream_cert = no_upstream_cert
         self.body_size_limit = body_size_limit
         self.reverse_proxy = reverse_proxy
@@ -247,9 +246,6 @@ class ProxyHandler(tcp.BaseHandler):
                 sans = cert.altnames
                 host = cert.cn.decode("utf8").encode("idna")
             ret = self.config.certstore.get_cert(host, sans, self.config.cacert)
-            # FIXME: Is this still necessary? Can we now set a proper
-            # commencement date, since we're using PyOpenSSL?
-            time.sleep(self.config.cert_wait_time)
             if not ret:
                 raise ProxyError(502, "mitmproxy: Unable to generate dummy cert.")
             return ret
@@ -555,7 +551,6 @@ def process_proxy_options(parser, options):
         certfile = options.cert,
         cacert = cacert,
         clientcerts = options.clientcerts,
-        cert_wait_time = options.cert_wait_time,
         body_size_limit = body_size_limit,
         no_upstream_cert = options.no_upstream_cert,
         reverse_proxy = rp,
-- 
cgit v1.2.3