feat(smart-proxy): Improve connection/rate-limit atomicity, SNI parsing, HttpProxy & ACME orchestration, and routing utilities

2025-12-09 13:07:29 +00:00
parent a0b23a8e7e
commit 9c25bf0a27
8 changed files with 363 additions and 114 deletions
--- a/ts/proxies/smart-proxy/connection-manager.ts
+++ b/ts/proxies/smart-proxy/connection-manager.ts
@@ -58,8 +58,16 @@ export class ConnectionManager extends LifecycleComponent {
  /**
   * Create and track a new connection
   * Accepts either a regular net.Socket or a WrappedSocket for transparent PROXY protocol support
+   *
+   * @param socket - The socket for the connection
+   * @param options - Optional configuration
+   * @param options.connectionId - Pre-generated connection ID (for atomic IP tracking)
+   * @param options.skipIpTracking - Skip IP tracking (if already done atomically)
   */
-  public createConnection(socket: plugins.net.Socket | WrappedSocket): IConnectionRecord | null {
+  public createConnection(
+    socket: plugins.net.Socket | WrappedSocket,
+    options?: { connectionId?: string; skipIpTracking?: boolean }
+  ): IConnectionRecord | null {
    // Enforce connection limit
    if (this.connectionRecords.size >= this.maxConnections) {
      // Use deduplicated logging for connection limit
@@ -78,8 +86,8 @@ export class ConnectionManager extends LifecycleComponent {
      socket.destroy();
      return null;
    }
-    
-    const connectionId = this.generateConnectionId();
+
+    const connectionId = options?.connectionId || this.generateConnectionId();
    const remoteIP = socket.remoteAddress || '';
    const remotePort = socket.remotePort || 0;
    const localPort = socket.localPort || 0;
@@ -109,18 +117,23 @@ export class ConnectionManager extends LifecycleComponent {
      isBrowserConnection: false,
      domainSwitches: 0
    };
-    
-    this.trackConnection(connectionId, record);
+
+    this.trackConnection(connectionId, record, options?.skipIpTracking);
    return record;
  }
  
  /**
   * Track an existing connection
+   * @param connectionId - The connection ID
+   * @param record - The connection record
+   * @param skipIpTracking - Skip IP tracking if already done atomically
   */
-  public trackConnection(connectionId: string, record: IConnectionRecord): void {
+  public trackConnection(connectionId: string, record: IConnectionRecord, skipIpTracking?: boolean): void {
    this.connectionRecords.set(connectionId, record);
-    this.smartProxy.securityManager.trackConnectionByIP(record.remoteIP, connectionId);
-    
+    if (!skipIpTracking) {
+      this.smartProxy.securityManager.trackConnectionByIP(record.remoteIP, connectionId);
+    }
+
    // Schedule inactivity check
    if (!this.smartProxy.settings.disableInactivityCheck) {
      this.scheduleInactivityCheck(connectionId, record);