Philipp Kunz
1e89062167
3.38.2
Default (tags) / security (push) Successful in 22s
Default (tags) / test (push) Failing after 1m11s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 17:38:32 +00:00
Philipp Kunz
21a24fd95b
fix(core): No code changes detected; bumping patch version for consistency.
2025-03-11 17:38:32 +00:00
Philipp Kunz
03ef5e7f6e
3.38.1
Default (tags) / security (push) Successful in 21s
Default (tags) / test (push) Failing after 1m1s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 17:37:43 +00:00
Philipp Kunz
415b82a84a
fix(PortProxy): Improve SNI extraction handling in PortProxy by passing explicit connection info to extractSNIWithResumptionSupport for better TLS renegotiation and debug logging.
2025-03-11 17:37:43 +00:00
Philipp Kunz
f304cc67b4
3.38.0
Default (tags) / security (push) Successful in 29s
Default (tags) / test (push) Failing after 1m1s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 17:33:31 +00:00
Philipp Kunz
0e12706176
feat(SniHandler): Enhance SNI extraction to support fragmented ClientHello messages, TLS 1.3 early data, and improved PSK parsing
2025-03-11 17:33:31 +00:00
Philipp Kunz
6daf4c914d
3.37.3
Default (tags) / security (push) Failing after 13m6s
Default (tags) / test (push) Has been cancelled
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-11 17:23:57 +00:00
Philipp Kunz
36e4341315
fix(snihandler): Enhance SNI extraction to support TLS 1.3 PSK-based session resumption by adding a dedicated extractSNIFromPSKExtension method and improved logging for session resumption indicators.
2025-03-11 17:23:57 +00:00
Philipp Kunz
474134d29c
3.37.2
Default (tags) / security (push) Successful in 20s
Default (tags) / test (push) Failing after 1m10s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 17:05:15 +00:00
Philipp Kunz
43378becd2
fix(PortProxy): Improve buffering and data handling during connection setup in PortProxy to prevent data loss
2025-03-11 17:05:15 +00:00
Philipp Kunz
5ba8eb778f
3.37.1
Default (tags) / security (push) Successful in 36s
Default (tags) / test (push) Failing after 1m2s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 17:01:07 +00:00
Philipp Kunz
87d26c86a1
fix(PortProxy/SNI): Refactor SNI extraction in PortProxy to use the dedicated SniHandler class
2025-03-11 17:01:07 +00:00
Philipp Kunz
d81cf94876
3.37.0
Default (tags) / security (push) Failing after 10m56s
Default (tags) / test (push) Has been cancelled
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-11 12:56:04 +00:00
Philipp Kunz
8d06f1533e
feat(portproxy): Add ACME certificate management options to PortProxy, update ACME settings handling, and bump dependency versions
2025-03-11 12:56:03 +00:00
Philipp Kunz
223be61c8d
3.35.0
2025-03-11 12:45:55 +00:00
Philipp Kunz
6a693f4d86
feat(NetworkProxy): Integrate Port80Handler for automatic ACME certificate management
...
- Add ACME certificate management capabilities to NetworkProxy
- Implement automatic certificate issuance and renewal
- Add SNI support for serving the correct certificates
- Create certificate storage and caching system
- Enable dynamic certificate issuance for new domains
- Support automatic HTTP-to-HTTPS redirects for secured domains
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 12:45:22 +00:00
Philipp Kunz
27a2bcb556
feat(NetworkProxy): Add support for array-based destinations and integration with PortProxy
...
- Update NetworkProxy to support new IReverseProxyConfig interface with destinationIps[] and destinationPorts[]
- Add load balancing with round-robin selection of destination endpoints
- Create automatic conversion of PortProxy domain configs to NetworkProxy configs
- Implement backward compatibility to ensure tests continue to work
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 12:34:24 +00:00
Philipp Kunz
0674ca7163
3.34.0
Default (tags) / security (push) Failing after 12m28s
Default (tags) / test (push) Has been cancelled
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-11 11:34:29 +00:00
Philipp Kunz
e31c84493f
feat(core): Improve wildcard domain matching and enhance NetworkProxy integration in PortProxy. Added support for TLD wildcards and complex wildcard patterns in the router, and refactored TLS renegotiation handling for stricter SNI enforcement.
2025-03-11 11:34:29 +00:00
Philipp Kunz
d2ad659d37
3.33.0
Default (tags) / security (push) Successful in 34s
Default (tags) / test (push) Failing after 14m16s
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-11 09:57:06 +00:00
Philipp Kunz
df7a12041e
feat(portproxy): Add browser-friendly mode and SNI renegotiation configuration options to PortProxy
2025-03-11 09:57:06 +00:00
Philipp Kunz
2b69150545
3.32.2
Default (tags) / security (push) Successful in 35s
Default (tags) / test (push) Failing after 1m2s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 09:12:40 +00:00
Philipp Kunz
85cc57ae10
fix(PortProxy): Simplify TLS handshake SNI extraction and update timeout settings in PortProxy for improved maintainability and reliability.
2025-03-11 09:12:40 +00:00
Philipp Kunz
e021b66898
3.32.1
Default (tags) / security (push) Successful in 30s
Default (tags) / test (push) Failing after 1m3s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 04:39:17 +00:00
Philipp Kunz
865d21b36a
fix(portproxy): Relax TLS handshake and connection timeout settings for improved stability in chained proxy scenarios; update TLS session cache defaults and add keep-alive flags to connection records.
2025-03-11 04:39:17 +00:00
Philipp Kunz
58ba0d9362
3.32.0
Default (tags) / security (push) Successful in 34s
Default (tags) / test (push) Failing after 1m2s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 04:24:29 +00:00
Philipp Kunz
ccccc5b8c8
feat(PortProxy): Enhance TLS session cache, SNI extraction, and chained proxy support in PortProxy. Improve handling of multiple and fragmented TLS records, and add new configuration options (isChainedProxy, chainPosition, aggressiveTlsRefresh, tlsSessionCache) for robust TLS certificate refresh.
2025-03-11 04:24:29 +00:00
Philipp Kunz
d8466a866c
3.31.2
Default (tags) / security (push) Successful in 28s
Default (tags) / test (push) Failing after 1m3s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 03:56:09 +00:00
Philipp Kunz
119b643690
fix(PortProxy): Improve SNI renegotiation handling by adding flexible domain configuration matching on rehandshake and session resumption events.
2025-03-11 03:56:09 +00:00
Philipp Kunz
98f1e0df4c
3.31.1
Default (tags) / security (push) Successful in 37s
Default (tags) / test (push) Failing after 1m3s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 03:48:10 +00:00
Philipp Kunz
d6022c8f8a
fix(PortProxy): Improve TLS handshake buffering and enhance debug logging for SNI forwarding in PortProxy
2025-03-11 03:48:10 +00:00
Philipp Kunz
0ea0f02428
fix(PortProxy): Improve connection reliability for initial and resumed TLS sessions
...
Added enhanced connection handling to fix issues with both initial connections and TLS session resumption:
1. Improved debugging for connection setup with detailed logging
2. Added explicit timeout for backend connections to prevent hanging connections
3. Enhanced error recovery for connection failures with faster client notification
4. Added detailed session tracking to maintain domain context across TLS sessions
5. Fixed handling of TLS renegotiation with improved activity timestamp updates
This should address the issue where initial connections may fail but subsequent retries succeed,
as well as ensuring proper certificate selection for resumed TLS sessions.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 03:33:03 +00:00
Philipp Kunz
e452f55203
3.31.0
Default (tags) / security (push) Successful in 35s
Default (tags) / test (push) Failing after 1m4s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 03:16:04 +00:00
Philipp Kunz
55f25f1976
feat(PortProxy): Improve TLS handshake SNI extraction and add session resumption tracking in PortProxy
2025-03-11 03:16:04 +00:00
Philipp Kunz
98b7f3ed7f
3.30.8
Default (tags) / security (push) Failing after 11m56s
Default (tags) / test (push) Has been cancelled
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-11 02:50:01 +00:00
Philipp Kunz
cb83caeafd
fix(core): No changes in this commit.
2025-03-11 02:50:01 +00:00
Philipp Kunz
7850a80452
fix(PortProxy): Fix TypeScript errors by using correct variable names
...
Fixed TypeScript errors caused by using 'connectionRecord' instead of 'record' in TLS renegotiation handlers.
The variable name mistake occurred when moving and restructuring the TLS handshake detection code.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 02:47:57 +00:00
Philipp Kunz
ef8f583a90
fix(PortProxy): Move TLS renegotiation detection before socket piping
...
Fundamentally restructured TLS renegotiation handling to ensure handshake packets are properly detected. The previous implementation attached event handlers after pipe() was established, which might have caused handshake packets to bypass detection. Key changes:
1. Moved renegotiation detection before pipe() to ensure all TLS handshake packets are detected
2. Added explicit lockedDomain setting for all SNI connections
3. Simplified the NetworkProxy TLS handshake detection
4. Removed redundant data handlers that could interfere with each other
These changes should make renegotiation detection more reliable regardless of how Node.js internal pipe() implementation handles data events.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 02:45:51 +00:00
Philipp Kunz
2bdd6f8c1f
fix(PortProxy): Update activity timestamp during TLS renegotiation to prevent connection timeouts
...
Ensures that TLS renegotiation packets properly update the connection's activity timestamp even when no SNI is present or when there are errors processing the renegotiation. This prevents connections from being closed due to inactivity during legitimate TLS renegotiation.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com>
2025-03-11 02:40:08 +00:00
Philipp Kunz
99d28eafd1
3.30.7
Default (tags) / security (push) Successful in 29s
Default (tags) / test (push) Failing after 1m1s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 02:25:59 +00:00
Philipp Kunz
788b444fcc
fix(PortProxy): Improve TLS renegotiation SNI handling by first checking if the new SNI is allowed under the existing domain config. If not, attempt to find an alternative domain config and update the locked domain accordingly; otherwise, terminate the connection on SNI mismatch.
2025-03-11 02:25:58 +00:00
Philipp Kunz
4225abe3c4
3.30.6
Default (tags) / security (push) Successful in 36s
Default (tags) / test (push) Failing after 1m0s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-11 02:18:56 +00:00
Philipp Kunz
74fdb58f84
fix(PortProxy): Improve TLS renegotiation handling in PortProxy by validating the new SNI against allowed domain configurations. If the new SNI is permitted based on existing IP rules, update the locked domain to allow connection reuse; otherwise, terminate the connection to prevent misrouting.
2025-03-11 02:18:56 +00:00
Philipp Kunz
bffdaffe39
3.30.5
Default (tags) / security (push) Successful in 20s
Default (tags) / test (push) Failing after 1m1s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-10 22:36:28 +00:00
Philipp Kunz
67a4228518
fix(internal): No uncommitted changes detected; project files and tests remain unchanged.
2025-03-10 22:36:28 +00:00
Philipp Kunz
681209f2e1
3.30.4
Default (tags) / security (push) Successful in 36s
Default (tags) / test (push) Failing after 1m1s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-10 22:35:34 +00:00
Philipp Kunz
c415a6c361
fix(PortProxy): Fix TLS renegotiation handling and adjust TLS keep-alive timeouts in PortProxy implementation
2025-03-10 22:35:34 +00:00
Philipp Kunz
009e3c4f0e
3.30.3
Default (tags) / security (push) Failing after 14m48s
Default (tags) / test (push) Has been cancelled
Default (tags) / release (push) Has been cancelled
Default (tags) / metadata (push) Has been cancelled
2025-03-10 22:07:12 +00:00
Philipp Kunz
f9c42975dc
fix(classes.portproxy.ts): Simplify timeout management in PortProxy and fix chained proxy certificate refresh issues
2025-03-10 22:07:12 +00:00
Philipp Kunz
feef949afe
3.30.2
Default (tags) / security (push) Successful in 34s
Default (tags) / test (push) Failing after 1m10s
Default (tags) / release (push) Has been skipped
Default (tags) / metadata (push) Has been skipped
2025-03-10 14:15:03 +00:00
