refactor: remove unused generateSslBumpConfig function

Co-authored-by: Mossaka <[email protected]>

Author: Copilot

src/ssl-bump.ts

@@ -173,58 +173,3 @@ export function parseUrlPatterns(patterns: string[]): string[] {
     return `^${p}$`;
   });
 }
-
-/**
- * Generates Squid SSL Bump configuration section
- *
- * This configuration enables SSL interception for HTTPS traffic,
- * allowing URL-based filtering for encrypted connections.
- *
- * @param caFiles - Paths to CA certificate and key
- * @param sslDbPath - Path to SSL certificate database
- * @param port - Squid listening port
- * @returns Squid configuration string for SSL Bump
- */
-export function generateSslBumpConfig(
-  caFiles: CaFiles,
-  sslDbPath: string,
-  port: number
-): string {
-  return `
-# SSL Bump configuration for HTTPS inspection
-# WARNING: This enables TLS interception - traffic is decrypted for inspection
-
-# SSL port configuration with bump capabilities
-https_port ${port} intercept ssl-bump \\
-  cert=${caFiles.certPath} \\
-  key=${caFiles.keyPath} \\
-  generate-host-certificates=on \\
-  dynamic_cert_mem_cache_size=4MB \\
-  tls-default-ca=off
-
-# SSL certificate database for dynamic certificate generation
-sslcrtd_program /usr/lib/squid/security_file_certgen -s ${sslDbPath} -M 4MB
-
-# SSL Bump steps:
-# 1. Peek at SNI to get the server name
-# 2. Bump (intercept) connections to allowed domains
-# 3. Terminate (deny) connections to other domains
-
-acl step1 at_step SslBump1
-acl step2 at_step SslBump2
-acl step3 at_step SslBump3
-
-# Peek at ClientHello to see SNI
-ssl_bump peek step1
-
-# Stare at server certificate to validate it
-ssl_bump stare step2
-
-# Bump allowed domains to enable URL inspection
-ssl_bump bump allowed_domains
-ssl_bump bump allowed_domains_regex
-
-# Terminate connections to non-allowed domains
-ssl_bump terminate all
-`;
-}