|
|
05c9156458
|
fix(port80handler): refactor ACME challenge handling to use dedicated Http01MemoryHandler, remove obsolete readme.plan.md, and update version to 10.0.12
|
2025-05-05 15:16:26 +00:00 |
|
|
|
19578b061e
|
fix(dependencies): Bump @push.rocks/smartacme to ^7.2.5 and @tsclass/tsclass to ^9.2.0; update MemoryCertManager import to use plugins.smartacme.certmanagers.MemoryCertManager()
|
2025-05-05 10:52:48 +00:00 |
|
|
|
a646f4ad28
|
fix(docs): Update README: rename certProviderFunction to certProvisionFunction in configuration options for consistency.
|
2025-05-05 10:46:05 +00:00 |
|
|
|
adb85d920f
|
fix(documentation): Update documentation to use certProviderFunction instead of certProvider in SmartProxy settings.
|
2025-05-05 10:30:08 +00:00 |
|
|
|
9b773608c7
|
fix(smartproxy): rename certProvider to certProvisionFunction in certificate provisioning interfaces and SmartProxy
|
2025-05-05 10:29:00 +00:00 |
|
|
|
c6dff8b78d
|
fix(core): refactor: Rename IPortProxySettings to ISmartProxyOptions in internal modules
|
2025-05-04 13:49:22 +00:00 |
|
|
|
30c25ec70c
|
fix(smartproxy): No changes detected in project files. This commit updates commit info without modifying any functionality.
|
2025-05-04 13:05:48 +00:00 |
|
|
|
e7243243d0
|
fix(exports/types): Refactor exports and remove duplicate IReverseProxyConfig interface
|
2025-05-04 13:04:34 +00:00 |
|
|
|
8cd693c063
|
fix(core): Refactor module exports and update packageManager version in package.json
|
2025-05-04 12:44:35 +00:00 |
|
|
|
f72f884eda
|
fix(smartproxy): Update dependency versions (@push.rocks/smartacme to ^7.2.4, @push.rocks/smartnetwork to ^4.0.1, ws to ^8.18.2) and export common types via index.ts for easier imports.
|
2025-05-04 12:21:02 +00:00 |
|
|
|
8291f1f33a
|
fix(tlsalert): Centralize plugin imports in TlsAlert and update plan checklist
|
2025-05-03 19:02:26 +00:00 |
|
|
|
1f3ee1eafc
|
fix(docs): Improve mermaid diagram formatting in readme.md using HTML <br> tags for line breaks
|
2025-05-03 13:27:59 +00:00 |
|
|
|
0e634c46a6
|
BREAKING CHANGE(smartproxy): Update documentation and refactor core proxy components; remove legacy performRenewals method from SmartProxy; update router type imports and adjust test suites for improved coverage
|
2025-05-03 13:19:23 +00:00 |
|
|
|
878e76ab23
|
BREAKING CHANGE(acme): Refactor ACME configuration and certificate provisioning by replacing legacy port80HandlerConfig with unified acme options and updating CertProvisioner event subscriptions
|
2025-05-02 14:58:33 +00:00 |
|
|
|
8a396a04fa
|
BREAKING CHANGE(certProvisioner): Refactor: Introduce unified CertProvisioner to centralize certificate provisioning and renewal; remove legacy ACME config from Port80Handler and update SmartProxy to delegate certificate lifecycle management.
|
2025-05-02 11:19:14 +00:00 |
|
|
|
0d8740d812
|
feat(ACME/Certificate): Introduce certificate provider hook and observable certificate events; remove legacy ACME flow
|
2025-05-01 12:13:18 +00:00 |
|
|
|
24d6d6982d
|
fix(dependencies): Update dependency versions in package.json
|
2025-04-30 13:39:42 +00:00 |
|
|
|
03cc490b8a
|
fix(docs): Update project hints documentation in readme.hints.md
|
2025-04-28 15:37:35 +00:00 |
|
|
|
46214f5380
|
fix(networkproxy/requesthandler): Improve HTTP/2 request handling and error management in the proxy request handler; add try-catch around routing and update header processing to support per-backend protocol overrides.
|
2025-04-19 18:42:36 +00:00 |
|
|
|
578d11344f
|
fix(commit-info): Update commit metadata and synchronize project configuration (no code changes)
|
2025-04-19 18:32:46 +00:00 |
|
|
|
04abab505b
|
feat(core): Add backendProtocol option to support HTTP/2 client sessions alongside HTTP/1. This update enhances NetworkProxy's core functionality by integrating HTTP/2 support in server creation and request handling, while updating plugin exports and documentation accordingly.
|
2025-04-19 18:31:10 +00:00 |
|
|
|
9a9bcd2df0
|
fix(package.json): Update packageManager field in package.json to specify the pnpm version for improved reproducibility.
|
2025-04-05 08:54:34 +00:00 |
|
|
|
0de7531e17
|
BREAKING CHANGE(redirect): Remove deprecated SSL redirect implementation and update exports to use the new redirect module
|
2025-04-04 17:15:50 +00:00 |
|
|
|
27f9b1eac1
|
fix(readme): Update README documentation: replace all outdated PortProxy references with SmartProxy, adjust architecture diagrams, code examples, and configuration details (including correcting IPTables to NfTables) to reflect the new naming.
|
2025-03-25 22:35:36 +00:00 |
|
|
|
88a1891bcf
|
feat(docs): docs: replace IPTablesProxy references with NfTablesProxy in README and examples, updating configuration options and diagrams for advanced nftables features
|
2025-03-18 22:04:37 +00:00 |
|
|
|
9b5b8225bc
|
BREAKING CHANGE(nftables): Replace IPTablesProxy with NfTablesProxy and update module exports in index.ts
|
2025-03-18 21:55:09 +00:00 |
|
|
|
b7b47cd11f
|
feat(Port80Handler): Add glob pattern support for domain certificate management in Port80Handler. Wildcard domains are now detected and skipped in certificate issuance and retrieval, ensuring that only explicit domains receive ACME certificates and improving route matching.
|
2025-03-18 15:00:24 +00:00 |
|
|
|
531350a1c1
|
fix(Port80Handler): Restrict ACME HTTP-01 challenge handling to domains with acmeMaintenance or acmeForward enabled
|
2025-03-18 14:56:57 +00:00 |
|
|
|
f8c86c76ae
|
fix(networkproxy): Refactor certificate management components: rename AcmeCertManager to Port80Handler and update related event names from CertManagerEvents to Port80HandlerEvents. The changes update internal API usage in ts/classes.networkproxy.ts and ts/classes.port80handler.ts to unify and simplify ACME certificate handling and HTTP-01 challenge management.
|
2025-03-18 14:53:39 +00:00 |
|
|
|
9cb6e397b9
|
fix(ts/index.ts): Fix export order in ts/index.ts by moving the port proxy export back and adding interfaces export for proper module exposure
|
2025-03-18 12:49:52 +00:00 |
|
|
|
4b30e377b9
|
fix(connectionhandler): Remove unnecessary delay in TLS session ticket handling for connections without SNI
|
2025-03-18 00:32:01 +00:00 |
|
|
|
426249e70e
|
fix(connectionhandler): Ensure proper termination of TLS connections without SNI by explicitly ending the socket after sending the unrecognized_name alert. This prevents the connection from hanging and avoids potential duplicate handling.
|
2025-03-18 00:29:17 +00:00 |
|
|
|
151b8f498c
|
fix(core): No uncommitted changes detected in the project.
|
2025-03-17 14:28:08 +00:00 |
|
|
|
b55e2da23e
|
feat(tlsalert): add sendForceSniSequence and sendFatalAndClose helper functions to TlsAlert for improved SNI enforcement
|
2025-03-17 14:27:10 +00:00 |
|
|
|
ca6f6de798
|
fix(tls): Improve TLS alert handling in connection handler: use the new TlsAlert class to send proper unrecognized_name alerts when a ClientHello is missing SNI and wait for a retry on the same connection before closing. Also, add alertFallbackTimeout tracking to connection records for better timeout management.
|
2025-03-17 13:37:48 +00:00 |
|
|
|
22f46700f1
|
fix(connectionhandler): Delay socket termination in TLS session resumption handling to allow proper alert processing
|
2025-03-17 13:23:07 +00:00 |
|
|
|
c6350e271a
|
fix(ConnectionHandler): Use the correct TLS alert data and increase the delay before socket termination when session resumption without SNI is detected.
|
2025-03-17 13:19:18 +00:00 |
|
|
|
35f6739b3c
|
fix(tls-handshake): Set certificate_expired TLS alert level to warning instead of fatal to allow graceful termination.
|
2025-03-17 13:15:12 +00:00 |
|
|
|
e126032b61
|
fix(classes.pp.connectionhandler): Replace unrecognized_name alert data with certificate_expired alert in TLS handshake handling for session resumption without SNI
|
2025-03-17 13:09:54 +00:00 |
|
|
|
e8639e1b01
|
fix(connectionhandler): Increase delay before cleaning up connections when session resumption is blocked due to missing SNI, allowing more natural socket termination.
|
2025-03-17 13:00:02 +00:00 |
|
|
|
a70c123007
|
fix(connectionhandler): Increase delay timings for TLS alert transmission in session ticket blocking to allow graceful socket termination
|
2025-03-16 14:49:25 +00:00 |
|
|
|
f72db86e37
|
fix(ConnectionHandler): Replace closeNotify alert with handshake failure alert in TLS ClientHello handling to properly signal missing SNI and enforce session ticket restrictions.
|
2025-03-16 14:13:35 +00:00 |
|
|
|
1c34578c36
|
fix(ConnectionHandler/tls): Change the TLS alert sent when a ClientHello lacks SNI: use the close_notify alert instead of handshake_failure to prompt immediate retry with SNI.
|
2025-03-16 14:02:18 +00:00 |
|
|
|
67ddf97547
|
fix(classes.pp.connectionhandler): Improve TLS alert handling in ClientHello when SNI is missing and session tickets are disallowed
|
2025-03-16 13:47:34 +00:00 |
|
|
|
2b6464acd5
|
fix(tls): Refine TLS ClientHello handling when allowSessionTicket is false by replacing extensive alert timeout logic with a concise warning alert and short delay, encouraging immediate client retry with proper SNI
|
2025-03-16 13:28:48 +00:00 |
|
|
|
9dd402054d
|
fix(TLS/ConnectionHandler): Improve handling of TLS session resumption without SNI by sending an unrecognized_name alert instead of immediately terminating the connection. This change adds a grace period for the client to retry the handshake with proper SNI and cleans up the connection if no valid response is received.
|
2025-03-16 13:19:37 +00:00 |
|
|
|
cad0e6a2b2
|
fix(ConnectionHandler): Refactor ConnectionHandler code formatting for improved readability and consistency in log messages and whitespace handling
|
2025-03-15 19:10:54 +00:00 |
|
|
|
ee79f9ab7c
|
fix(connectionhandler): Improve handling of TLS ClientHello messages when allowSessionTicket is disabled and no SNI is provided by sending a warning alert (unrecognized_name, code 0x70) with a proper callback and delay to ensure the alert is transmitted before closing the connection.
|
2025-03-15 18:51:50 +00:00 |
|
|
|
97982976c8
|
fix(connectionhandler): Send proper TLS alert before terminating connections when SNI is missing and session tickets are disallowed.
|
2025-03-15 17:16:18 +00:00 |
|
|
|
252a987344
|
fix(tls): Enforce strict SNI handling in TLS connections by terminating ClientHello messages lacking SNI when session tickets are disallowed and removing legacy session cache code.
|
2025-03-15 17:00:10 +00:00 |
|
