4c0105ad09
fix(portproxy): Improve TLS handshake timeout handling and connection piping in PortProxy
2025-03-12 15:49:41 +00:00
7fe455b4df
fix(core): Refactor PortProxy and SniHandler: improve configuration handling, logging, and whitespace consistency
2025-03-12 12:19:36 +00:00
baaee0ad4d
fix(portproxy): Enforce TLS handshake and SNI validation on port 443 by blocking non-TLS connections and terminating session resumption attempts without SNI when allowSessionTicket is disabled.
2025-03-12 10:27:25 +00:00
ab1ec84832
fix(tls/sni): Improve logging for TLS session resumption by extracting and logging SNI values from ClientHello messages.
2025-03-12 10:01:54 +00:00
1a90566622
fix(TLS/SNI): Improve TLS session resumption handling and logging. Now, session resumption attempts are always logged with details, and connections without a proper SNI are rejected when allowSessionTicket is disabled. In addition, empty SNI extensions are explicitly treated as missing, ensuring stricter and more consistent TLS handshake validation.
2025-03-12 09:56:21 +00:00
62a3e1f4b7
fix(SniHandler): Improve TLS SNI session resumption handling: connections containing a session ticket are now only rejected when no SNI is present and allowSessionTicket is disabled. Updated return values and logging for clearer resumption detection.
2025-03-11 19:38:41 +00:00
9dbf6fdeb5
feat(PortProxy/TLS): Add allowSessionTicket option to control TLS session ticket handling
2025-03-11 19:31:20 +00:00
6fddafe9fd
feat(PortProxy): Add domain-specific NetworkProxy integration support to PortProxy
2025-03-11 17:50:56 +00:00
415b82a84a
fix(PortProxy): Improve SNI extraction handling in PortProxy by passing explicit connection info to extractSNIWithResumptionSupport for better TLS renegotiation and debug logging.
2025-03-11 17:37:43 +00:00
43378becd2
fix(PortProxy): Improve buffering and data handling during connection setup in PortProxy to prevent data loss
2025-03-11 17:05:15 +00:00
87d26c86a1
fix(PortProxy/SNI): Refactor SNI extraction in PortProxy to use the dedicated SniHandler class
2025-03-11 17:01:07 +00:00
8d06f1533e
feat(portproxy): Add ACME certificate management options to PortProxy, update ACME settings handling, and bump dependency versions
2025-03-11 12:56:03 +00:00
27a2bcb556
feat(NetworkProxy): Add support for array-based destinations and integration with PortProxy
...
- Update NetworkProxy to support new IReverseProxyConfig interface with destinationIps[] and destinationPorts[]
- Add load balancing with round-robin selection of destination endpoints
- Create automatic conversion of PortProxy domain configs to NetworkProxy configs
- Implement backward compatibility to ensure tests continue to work
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-03-11 12:34:24 +00:00
e31c84493f
feat(core): Improve wildcard domain matching and enhance NetworkProxy integration in PortProxy. Added support for TLD wildcards and complex wildcard patterns in the router, and refactored TLS renegotiation handling for stricter SNI enforcement.
2025-03-11 11:34:29 +00:00
df7a12041e
feat(portproxy): Add browser-friendly mode and SNI renegotiation configuration options to PortProxy
2025-03-11 09:57:06 +00:00
85cc57ae10
fix(PortProxy): Simplify TLS handshake SNI extraction and update timeout settings in PortProxy for improved maintainability and reliability.
2025-03-11 09:12:40 +00:00
865d21b36a
fix(portproxy): Relax TLS handshake and connection timeout settings for improved stability in chained proxy scenarios; update TLS session cache defaults and add keep-alive flags to connection records.
2025-03-11 04:39:17 +00:00
ccccc5b8c8
feat(PortProxy): Enhance TLS session cache, SNI extraction, and chained proxy support in PortProxy. Improve handling of multiple and fragmented TLS records, and add new configuration options (isChainedProxy, chainPosition, aggressiveTlsRefresh, tlsSessionCache) for robust TLS certificate refresh.
2025-03-11 04:24:29 +00:00
119b643690
fix(PortProxy): Improve SNI renegotiation handling by adding flexible domain configuration matching on rehandshake and session resumption events.
2025-03-11 03:56:09 +00:00
d6022c8f8a
fix(PortProxy): Improve TLS handshake buffering and enhance debug logging for SNI forwarding in PortProxy
2025-03-11 03:48:10 +00:00
0ea0f02428
fix(PortProxy): Improve connection reliability for initial and resumed TLS sessions
...
Added enhanced connection handling to fix issues with both initial connections and TLS session resumption:
1. Improved debugging for connection setup with detailed logging
2. Added explicit timeout for backend connections to prevent hanging connections
3. Enhanced error recovery for connection failures with faster client notification
4. Added detailed session tracking to maintain domain context across TLS sessions
5. Fixed handling of TLS renegotiation with improved activity timestamp updates
This should address the issue where initial connections may fail but subsequent retries succeed,
as well as ensuring proper certificate selection for resumed TLS sessions.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-03-11 03:33:03 +00:00
55f25f1976
feat(PortProxy): Improve TLS handshake SNI extraction and add session resumption tracking in PortProxy
2025-03-11 03:16:04 +00:00
7850a80452
fix(PortProxy): Fix TypeScript errors by using correct variable names
...
Fixed TypeScript errors caused by using 'connectionRecord' instead of 'record' in TLS renegotiation handlers.
The variable name mistake occurred when moving and restructuring the TLS handshake detection code.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-03-11 02:47:57 +00:00
ef8f583a90
fix(PortProxy): Move TLS renegotiation detection before socket piping
...
Fundamentally restructured TLS renegotiation handling to ensure handshake packets are properly detected. The previous implementation attached event handlers after pipe() was established, which might have caused handshake packets to bypass detection. Key changes:
1. Moved renegotiation detection before pipe() to ensure all TLS handshake packets are detected
2. Added explicit lockedDomain setting for all SNI connections
3. Simplified the NetworkProxy TLS handshake detection
4. Removed redundant data handlers that could interfere with each other
These changes should make renegotiation detection more reliable regardless of how Node.js internal pipe() implementation handles data events.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-03-11 02:45:51 +00:00
2bdd6f8c1f
fix(PortProxy): Update activity timestamp during TLS renegotiation to prevent connection timeouts
...
Ensures that TLS renegotiation packets properly update the connection's activity timestamp even when no SNI is present or when there are errors processing the renegotiation. This prevents connections from being closed due to inactivity during legitimate TLS renegotiation.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-03-11 02:40:08 +00:00
788b444fcc
fix(PortProxy): Improve TLS renegotiation SNI handling by first checking if the new SNI is allowed under the existing domain config. If not, attempt to find an alternative domain config and update the locked domain accordingly; otherwise, terminate the connection on SNI mismatch.
2025-03-11 02:25:58 +00:00
74fdb58f84
fix(PortProxy): Improve TLS renegotiation handling in PortProxy by validating the new SNI against allowed domain configurations. If the new SNI is permitted based on existing IP rules, update the locked domain to allow connection reuse; otherwise, terminate the connection to prevent misrouting.
2025-03-11 02:18:56 +00:00
c415a6c361
fix(PortProxy): Fix TLS renegotiation handling and adjust TLS keep-alive timeouts in PortProxy implementation
2025-03-10 22:35:34 +00:00
f9c42975dc
fix(classes.portproxy.ts): Simplify timeout management in PortProxy and fix chained proxy certificate refresh issues
2025-03-10 22:07:12 +00:00
8d3b07b1e6
fix(classes.portproxy.ts): Adjust TLS keep-alive timeout to refresh certificate context.
2025-03-10 14:15:03 +00:00
146fac73cf
fix(PortProxy): Improve TLS keep-alive management and fix whitespace formatting
2025-03-10 14:13:56 +00:00
9d7ed21cba
feat(PortProxy): Add advanced TLS keep-alive handling and system sleep detection
2025-03-08 12:40:55 +00:00
bbdea52677
feat(IPTablesProxy): Enhanced IPTablesProxy with multi-port and IPv6 support
2025-03-07 14:30:38 +00:00
98c61cccbb
fix(PortProxy): Adjust default timeout settings and enhance keep-alive connection handling in PortProxy.
2025-03-07 11:16:44 +00:00
a14b7802c4
fix(PortProxy): Ensure timeout values are within Node.js safe limits
2025-03-06 23:08:57 +00:00
cb6c2503e2
fix(portproxy): Adjust safe timeout defaults in PortProxy to prevent overflow issues.
2025-03-06 23:00:24 +00:00
0e605d9a9d
fix(PortProxy): Improved code formatting and readability in PortProxy class by adjusting spacing and comments.
2025-03-06 22:56:18 +00:00
d4251b2cf9
fix(portproxy): Improve connection timeouts and detailed logging for PortProxy
2025-03-05 18:40:42 +00:00
fe8106f0c8
fix(PortProxy): Adjust timeout settings and handle inactivity properly in PortProxy.
2025-03-05 18:24:28 +00:00
4fd5524a0f
fix(PortProxy): Adjust inactivity threshold to a random value between 20 and 30 minutes for better variability
2025-03-05 18:07:39 +00:00
0e888c5add
feat(PortProxy): Enhanced PortProxy with detailed logging, protocol detection, and rate limiting.
2025-03-05 17:46:25 +00:00
f6cc665f12
feat(core): Enhance core functionalities and test coverage for NetworkProxy and PortProxy
2025-03-05 17:06:51 +00:00
bd9292bf47
fix(PortProxy): Enhanced connection setup to handle pending data buffering before establishing outgoing connection
2025-03-05 14:33:09 +00:00
c0de8c59a2
fix(documentation): Refactored readme for clarity and consistency, fixed documentation typos
2025-03-03 03:05:49 +00:00
ced9b5b27b
fix(core): Improve connection management and error handling in PortProxy
2025-03-03 02:14:21 +00:00
131d9d326e
fix(portproxy): Refactored connection cleanup logic in PortProxy
2025-03-03 02:03:24 +00:00
296e1fcdc7
fix(PortProxy): Fix connection timeout and IP validation handling for PortProxy
2025-03-03 01:57:52 +00:00
191c8ac0e6
feat(classes.portproxy): Enhanced PortProxy to support initial data timeout and improved IP handling
2025-03-03 01:50:30 +00:00
fcd80dc56b
feat(PortProxy): Enhancements to connection management in PortProxy
2025-03-03 01:42:16 +00:00
a5a7781c17
fix(PortProxy): Enhance connection cleanup handling in PortProxy
2025-03-01 20:31:50 +00:00
