watchd: remove use_ssl config, use HTTP for non-ssl checks

config.ini.sample

@@ -18,22 +18,14 @@ profiling = 0
 # Database file for proxy storage
 database = proxies.sqlite
 
-# Check type(s): judges, ssl, irc, head (comma-separated for random selection)
+# Check type(s): judges, ssl, irc, head, tor (comma-separated for random selection)
 #   judges  - HTTP judge servers that echo back request headers
-#   ssl     - TLS handshake test (fast, no payload, verifies MITM)
-#   irc     - IRC server connection test
-#   head    - HTTP HEAD request test
+#   ssl     - TLS handshake test (port 443, verifies MITM)
+#   irc     - IRC server connection test (port 6667)
+#   head    - HTTP HEAD request test (port 80)
+#   tor     - Tor exit check via check.torproject.org (port 80)
 checktype = judges,head
 
-# SSL verification mode (1=always, 0=never, 2=random)
-#   When enabled, tests TLS handshake with certificate verification.
-#   Benefits:
-#   - Fast: TLS handshake completes quickly, no payload transfer
-#   - Meaningful: Verifies proxy supports encrypted connections
-#   - MITM detection: Certificate validation catches interception
-#   - Fallback: Works when judge servers are blocked/rate-limited
-use_ssl = 1
-
 # Thread configuration
 threads = 50
 min_threads = 5

config.py

@@ -101,7 +101,6 @@ class Config(ComboParser):
         self.add_item(section, 'timeout_fail_max', float, 15, 'max extra timeout for failures (default: 15)', False)
         self.add_item(section, 'submit_after', int, 200, 'min. number of tested proxies for DB write', False)
         self.add_item(section, 'debug', bool, False, 'whether to print additional debug info', False)
-        self.add_item(section, 'use_ssl', int, 1, 'whether to use SSL (1=always, 0=never, 2=random)', False)
         self.add_item(section, 'checktime', int, 1800, 'base checking interval for proxies in db in seconds', False)
         self.add_item(section, 'perfail_checktime', int, 3600, 'additional checking interval for proxies in db in seconds per experienced failure', False)
         self.add_item(section, 'database', str, 'proxies.sqlite', 'filename of database', True)

proxywatchd.py

@@ -1434,25 +1434,15 @@ class TargetTestJob():
             ssl_only_check = True  # handshake only, no HTTP request
             server_port = 443
             verifycert = True
-        elif self.checktype == 'tor':
-            # Tor check uses HTTP by default (like judges/head)
-            use_ssl = random.choice([0, 1]) if config.watchd.use_ssl == 2 else config.watchd.use_ssl
-            ssl_only_check = False
-            server_port = 443 if use_ssl else 80
-            verifycert = True if use_ssl else False
         else:
-            use_ssl = random.choice([0, 1]) if config.watchd.use_ssl == 2 else config.watchd.use_ssl
-            ssl_only_check = False  # minimal SSL test (handshake only, no request)
-            if ps.consecutive_success > 0 and (ps.consecutive_success % 3) == 0:
-                use_ssl = 1
-                ssl_only_check = True  # periodic MITM check - handshake is sufficient
-
+            # head, judges, tor, irc: always use plain HTTP
+            use_ssl = 0
+            ssl_only_check = False
+            verifycert = False
             if self.checktype == 'irc':
-                server_port = 6697 if use_ssl else 6667
+                server_port = 6667
             else:
-                server_port = 443 if use_ssl else 80
-
-            verifycert = True if use_ssl else False
+                server_port = 80
         protos = ['http', 'socks5', 'socks4'] if ps.proto is None else [ps.proto]
         last_error_category = None