fix(ConnectionHandler): Use the correct TLS alert data and increase the delay before socket termination when session resumption without SNI is detected.

2025-03-17 13:19:18 +00:00
parent 0fb5e5ea50
commit c6350e271a
3 changed files with 9 additions and 3 deletions
--- a/ts/classes.pp.connectionhandler.ts
+++ b/ts/classes.pp.connectionhandler.ts
@ -618,7 +618,7 @@ export class ConnectionHandler {
            try {
              // Use cork/uncork to ensure the alert is sent as a single packet
              socket.cork();
-              const writeSuccessful = socket.write(certificateExpiredAlert);
+              const writeSuccessful = socket.write(serverNameUnknownAlertData);
              socket.uncork();
              
              // Function to handle the clean socket termination - but more gradually
@ -630,7 +630,7 @@ export class ConnectionHandler {
                // Log the cleanup but wait for natural closure
                setTimeout(() => {
                  this.connectionManager.cleanupConnection(record, 'session_ticket_blocked_no_sni');
-                }, 1000); // Longer delay to let socket cleanup happen naturally
+                }, 5000); // Longer delay to let socket cleanup happen naturally
              };
              
              if (writeSuccessful) {