Revert "Allow -test 0"

This reverts commit 1e2c175e19.

Revert "Don't bind any sockets when using -test"

This reverts commit 982f341de8.

Revert "Implement -test to check certificates expiration"

This reverts commit 2158674d17.

dnscrypt-proxy/config.go

@@ -136,7 +136,6 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 	listAll := flag.Bool("list-all", false, "print the complete list of available resolvers, ignoring filters")
 	jsonOutput := flag.Bool("json", false, "output list as JSON")
 	check := flag.Bool("check", false, "check the configuration file and exit")
-	testGracePeriod := flag.Int("test", -1, "test that certificates of chosen servers are not going to expire before that number of minutes")
 	flag.Parse()
 	if *svcFlag == "stop" || *svcFlag == "uninstall" {
 		return nil
@@ -269,11 +268,6 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error {
 	}
 	proxy.allWeeklyRanges = allWeeklyRanges
 
-	if testGracePeriod != nil && *testGracePeriod >= 0 {
-		proxy.testGracePeriod = testGracePeriod
-		proxy.listenAddresses = nil
-	}
-
 	if *listAll {
 		config.ServerNames = nil
 		config.SourceRequireDNSSEC = false

dnscrypt-proxy/dnscrypt_certs.go

@@ -95,12 +95,6 @@ func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk
 		} else {
 			certInfo.ForwardSecurity = true
 		}
-		if proxy.testGracePeriod != nil {
-			if remaining := (tsEnd - now) / 60; uint32(*proxy.testGracePeriod) > remaining {
-				dlog.Fatalf("Certificate for [%v] is going to expire in %d minutes, before the grace period",
-					providerName, remaining)
-			}
-		}
 		if !proxy.certIgnoreTimestamp {
 			if now > tsEnd || now < tsBegin {
 				dlog.Debugf("[%v] Certificate not valid at the current date", providerName)

dnscrypt-proxy/proxy.go

@@ -6,7 +6,6 @@ import (
 	"math/rand"
 	"net"
 	"net/http"
-	"os"
 	"sync/atomic"
 	"time"
 
@@ -53,7 +52,6 @@ type Proxy struct {
 	maxClients                   uint32
 	xTransport                   *XTransport
 	allWeeklyRanges              *map[string]WeeklyRanges
-	testGracePeriod              *int
 }
 
 func (proxy *Proxy) StartProxy() {
@@ -85,14 +83,6 @@ func (proxy *Proxy) StartProxy() {
 		dlog.Fatal(err)
 	}
 	liveServers, err := proxy.serversInfo.refresh(proxy)
-	if proxy.testGracePeriod != nil {
-		if liveServers > 0 {
-			dlog.Noticef("%d certificates successfully checked", liveServers)
-			os.Exit(0)
-		} else {
-			dlog.Fatal("Unable to check servers certificates")
-		}
-	}
 	if liveServers > 0 {
 		dlog.Noticef("dnscrypt-proxy is ready - live servers: %d", liveServers)
 		SystemDNotify()

dnscrypt-proxy/serversInfo.go

@@ -286,7 +286,6 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
 	showCerts := len(os.Getenv("SHOW_CERTS")) > 0
 	found := false
 	var wantedHash [32]byte
-	now := time.Now()
 	for _, cert := range tls.PeerCertificates {
 		h := sha256.Sum256(cert.RawTBSCertificate)
 		if showCerts {
@@ -294,11 +293,6 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
 		} else {
 			dlog.Debugf("Advertised cert: [%s] [%x]", cert.Subject, h)
 		}
-		if proxy.testGracePeriod != nil {
-			if remaining := int(cert.NotAfter.Sub(now).Minutes()); *proxy.testGracePeriod > remaining {
-				dlog.Fatalf("Certificate [%s] for [%s] is going to expire before the grace period, in %d minutes", cert.Subject, name, remaining)
-			}
-		}
 		for _, hash := range stamp.hashes {
 			if len(hash) == len(wantedHash) {
 				copy(wantedHash[:], hash)