push.rocks/smartproxy
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): critical security and stability fixes
Some checks failed
Default (tags) / security (push) Successful in 1m2s
Details
Default (tags) / test (push) Failing after 46m14s
Details
Default (tags) / release (push) Has been skipped
Details
Default (tags) / metadata (push) Has been skipped
Details

Browse Source
This commit is contained in:
Jürgen Kunz
2025-08-14 14:30:54 +00:00
parent 6eac957baf
commit 5fbcf81c2c
19 changed files with 1647 additions and 1301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
ts/proxies/smart-proxy/certificate-manager.ts
View File

@@ -110,6 +110,14 @@ export class SmartCertManager {
this.certProvisionFallbackToAcme = fallback;
}
/**
* Update the routes array to keep it in sync with SmartProxy
* This prevents stale route data when adding/removing challenge routes
*/
public setRoutes(routes: IRouteConfig[]): void {
this.routes = routes;
}
/**
* Set callback for updating routes (used for challenge routes)
*/
@@ -391,15 +399,14 @@ export class SmartCertManager {
}
// Parse certificate to get dates
// Parse certificate to get dates - for now just use defaults
// TODO: Implement actual certificate parsing if needed
const certInfo = { validTo: new Date(Date.now() + 90 * 24 * 60 * 60 * 1000), validFrom: new Date() };
const expiryDate = this.extractExpiryDate(cert);
const issueDate = new Date(); // Current date as issue date
const certData: ICertificateData = {
cert,
key,
expiryDate: certInfo.validTo,
issueDate: certInfo.validFrom,
expiryDate,
issueDate,
source: 'static'
};
@@ -573,6 +580,8 @@ export class SmartCertManager {
// With the re-ordering of start(), port binding should already be done
// This updateRoutes call should just add the route without binding again
await this.updateRoutesCallback(updatedRoutes);
// Keep local routes in sync after updating
this.routes = updatedRoutes;
this.challengeRouteActive = true;
// Register with state manager
@@ -662,6 +671,8 @@ export class SmartCertManager {
try {
const filteredRoutes = this.routes.filter(r => r.name !== 'acme-challenge');
await this.updateRoutesCallback(filteredRoutes);
// Keep local routes in sync after updating
this.routes = filteredRoutes;
this.challengeRouteActive = false;
// Remove from state manager
@@ -697,6 +708,11 @@ export class SmartCertManager {
this.checkAndRenewCertificates();
}, 12 * 60 * 60 * 1000);
// Unref the timer so it doesn't keep the process alive
if (this.renewalTimer.unref) {
this.renewalTimer.unref();
}
// Also do an immediate check
this.checkAndRenewCertificates();
}