fix(SniHandler): Refactor hasSessionResumption to return detailed session resumption info

This commit is contained in:
Philipp Kunz 2025-03-11 19:41:04 +00:00
parent b2a57ada5d
commit 124f8d48b7
3 changed files with 16 additions and 9 deletions

View File

@ -1,5 +1,12 @@
# Changelog
## 2025-03-11 - 3.41.2 - fix(SniHandler)
Refactor hasSessionResumption to return detailed session resumption info
- Changed the return type of hasSessionResumption from boolean to an object with properties isResumption and hasSNI
- Updated early return conditions to return { isResumption: false, hasSNI: false } when buffer is too short or invalid
- Modified corresponding documentation to reflect the new return type
## 2025-03-11 - 3.41.1 - fix(SniHandler)
Improve TLS SNI session resumption handling: connections containing a session ticket are now only rejected when no SNI is present and allowSessionTicket is disabled. Updated return values and logging for clearer resumption detection.

View File

@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@push.rocks/smartproxy',
version: '3.41.1',
version: '3.41.2',
description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
}

View File

@ -285,12 +285,12 @@ export class SniHandler {
*
* @param buffer - The buffer containing a ClientHello message
* @param enableLogging - Whether to enable logging
* @returns true if the ClientHello contains session resumption mechanisms
* @returns Object containing details about session resumption and SNI presence
*/
public static hasSessionResumption(
buffer: Buffer,
enableLogging: boolean = false
): boolean {
): { isResumption: boolean; hasSNI: boolean } {
const log = (message: string) => {
if (enableLogging) {
console.log(`[Session Resumption] ${message}`);
@ -298,7 +298,7 @@ export class SniHandler {
};
if (!this.isClientHello(buffer)) {
return false;
return { isResumption: false, hasSNI: false };
}
try {
@ -306,7 +306,7 @@ export class SniHandler {
let pos = 5 + 1 + 3 + 2; // Position after handshake type, length and client version
pos += 32; // Skip client random
if (pos + 1 > buffer.length) return false;
if (pos + 1 > buffer.length) return { isResumption: false, hasSNI: false };
const sessionIdLength = buffer[pos];
let hasNonEmptySessionId = sessionIdLength > 0;
@ -319,17 +319,17 @@ export class SniHandler {
pos += 1 + sessionIdLength;
// Skip cipher suites
if (pos + 2 > buffer.length) return false;
if (pos + 2 > buffer.length) return { isResumption: false, hasSNI: false };
const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
pos += 2 + cipherSuitesLength;
// Skip compression methods
if (pos + 1 > buffer.length) return false;
if (pos + 1 > buffer.length) return { isResumption: false, hasSNI: false };
const compressionMethodsLength = buffer[pos];
pos += 1 + compressionMethodsLength;
// Check for extensions
if (pos + 2 > buffer.length) return false;
if (pos + 2 > buffer.length) return { isResumption: false, hasSNI: false };
// Look for session resumption extensions
const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
@ -337,7 +337,7 @@ export class SniHandler {
// Extensions end position
const extensionsEnd = pos + extensionsLength;
if (extensionsEnd > buffer.length) return false;
if (extensionsEnd > buffer.length) return { isResumption: false, hasSNI: false };
// Track resumption indicators
let hasSessionTicket = false;