fix(PortProxy): Improve SNI extraction handling in PortProxy by passing explicit connection info to extractSNIWithResumptionSupport for better TLS renegotiation and debug logging.

changelog.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2025-03-11 - 3.38.1 - fix(PortProxy)
+Improve SNI extraction handling in PortProxy by passing explicit connection info to extractSNIWithResumptionSupport for better TLS renegotiation and debug logging.
+
+- In the renegotiation handler, create and pass a connection info object (sourceIp, sourcePort, destIp, destPort) instead of a boolean flag.
+- Update the TLS handshake processing to construct a connection info object for detailed SNI extraction and logging.
+- Enhance consistency by using processTlsPacket with cached SNI hints during fallback.
+
 ## 2025-03-11 - 3.38.0 - feat(SniHandler)
 Enhance SNI extraction to support fragmented ClientHello messages, TLS 1.3 early data, and improved PSK parsing
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '3.38.0',
+  version: '3.38.1',
   description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
 }

ts/classes.portproxy.ts

@@ -920,7 +920,15 @@ export class PortProxy {
           if (SniHandler.isClientHello(renegChunk)) {
             try {
               // Extract SNI from ClientHello
-              const newSNI = SniHandler.extractSNIWithResumptionSupport(renegChunk, this.settings.enableTlsDebugLogging);
+              // Create a connection info object for the existing connection
+              const connInfo = {
+                sourceIp: record.remoteIP,
+                sourcePort: record.incoming.remotePort || 0,
+                destIp: record.incoming.localAddress || '',
+                destPort: record.incoming.localPort || 0
+              };
+              
+              const newSNI = SniHandler.extractSNIWithResumptionSupport(renegChunk, connInfo, this.settings.enableTlsDebugLogging);
 
               // Skip if no SNI was found
               if (!newSNI) return;
@@ -1590,7 +1598,15 @@ export class PortProxy {
                 `[${connectionId}] TLS handshake detected from ${remoteIP}, ${chunk.length} bytes`
               );
               // Try to extract SNI and log detailed debug info
-              SniHandler.extractSNIWithResumptionSupport(chunk, true);
+              // Create connection info for debug logging
+              const debugConnInfo = {
+                sourceIp: remoteIP,
+                sourcePort: socket.remotePort || 0,
+                destIp: socket.localAddress || '',
+                destPort: socket.localPort || 0
+              };
+              
+              SniHandler.extractSNIWithResumptionSupport(chunk, debugConnInfo, true);
             }
           }
         });
@@ -1797,7 +1813,21 @@ export class PortProxy {
                 );
               }
 
-              serverName = SniHandler.extractSNIWithResumptionSupport(chunk, this.settings.enableTlsDebugLogging) || '';
+              // Create connection info object for SNI extraction
+              const connInfo = {
+                sourceIp: remoteIP,
+                sourcePort: socket.remotePort || 0,
+                destIp: socket.localAddress || '',
+                destPort: socket.localPort || 0
+              };
+              
+              // Use the new processTlsPacket method for comprehensive handling
+              serverName = SniHandler.processTlsPacket(
+                chunk, 
+                connInfo,
+                this.settings.enableTlsDebugLogging,
+                connectionRecord.lockedDomain // Pass any previously negotiated domain as a hint
+              ) || '';
             }
 
             // Lock the connection to the negotiated SNI.