diff --git a/changelog.md b/changelog.md index c4274ee..e632a6f 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,11 @@ # Changelog +## 2025-03-17 - 4.1.15 - fix(connectionhandler) +Delay socket termination in TLS session resumption handling to allow proper alert processing + +- Removed the immediate socket.end() call in finishConnection and moved it inside the setTimeout, ensuring that clients (especially Chrome) have additional time to process the TLS alert before connection termination +- This prevents premature socket closure on ClientHello without SNI when session tickets are disallowed + ## 2025-03-17 - 4.1.14 - fix(ConnectionHandler) Use the correct TLS alert data and increase the delay before socket termination when session resumption without SNI is detected. diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index 1d981ed..cd86256 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@push.rocks/smartproxy', - version: '4.1.14', + version: '4.1.15', description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.' } diff --git a/ts/classes.pp.connectionhandler.ts b/ts/classes.pp.connectionhandler.ts index 8ea1384..40b38e3 100644 --- a/ts/classes.pp.connectionhandler.ts +++ b/ts/classes.pp.connectionhandler.ts @@ -625,10 +625,10 @@ export class ConnectionHandler { const finishConnection = () => { // Give Chrome more time to process the alert before closing // We won't call destroy() at all - just end() and let the socket close naturally - socket.end(); // Log the cleanup but wait for natural closure setTimeout(() => { + socket.end(); this.connectionManager.cleanupConnection(record, 'session_ticket_blocked_no_sni'); }, 5000); // Longer delay to let socket cleanup happen naturally };