v25.8.3

fix(smartproxy): no code or dependency changes detected; no version bump required
v25.8.2
2026-02-26 17:01:57 +00:00 · 2026-02-26 17:01:57 +00:00 · 2026-02-26 16:58:30 +00:00 · 2026-02-26 16:58:30 +00:00 · 2026-02-25 00:12:41 +00:00 · 2026-02-25 00:12:41 +00:00
10 changed files with 87 additions and 38 deletions
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,28 @@
 # Changelog

+## 2026-02-26 - 25.8.3 - fix(smartproxy)
+no code or dependency changes detected; no version bump required
+
+- No files changed in the provided diff (No changes).
+- package.json version remains 25.8.2.
+- No dependency or source updates detected; skip release.
+
+## 2026-02-26 - 25.8.2 - fix(connection)
+improve connection handling and timeouts
+
+- Flush logs on process beforeExit and avoid calling process.exit in SIGINT/SIGTERM handlers to preserve host graceful shutdown
+- Store protocol entries with a createdAt timestamp in ProtocolDetector and remove stale entries older than 30s to prevent leaked state from abandoned handshakes or port scanners
+- Add backend connect timeout (30s) and idle timeouts (5 minutes) for dynamic forwards; destroy sockets on timeout and emit logs for timeout events
+
+## 2026-02-25 - 25.8.1 - fix(allocator)
+switch global allocator from tikv-jemallocator to mimalloc
+
+- Replaced tikv-jemallocator with mimalloc in rust/Cargo.toml workspace dependencies.
+- Updated rust/crates/rustproxy/Cargo.toml to use mimalloc as a workspace dependency.
+- Updated rust/Cargo.lock: added mimalloc and libmimalloc-sys entries and removed tikv-jemallocator and tikv-jemalloc-sys entries.
+- Changed the global allocator in crates/rustproxy/src/main.rs from tikv_jemallocator::Jemalloc to mimalloc::MiMalloc.
+- Impact: runtime memory allocator is changed which may affect memory usage and performance; no public API changes but recommend testing memory/performance in deployments.
+
 ## 2026-02-24 - 25.8.0 - feat(rustproxy)
 use tikv-jemallocator as the global allocator to reduce glibc fragmentation and slow RSS growth; add allocator dependency and enable it in rustproxy, update lockfile, and run tsrust before tests

--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@push.rocks/smartproxy",
-  "version": "25.8.0",
+  "version": "25.8.3",
  "private": false,
  "description": "A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.",
  "main": "dist_ts/index.js",
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -612,6 +612,16 @@ version = "0.2.180"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bcc35a38544a891a5f7c865aca548a982ccb3b8650a5b06d0fd33a10283c56fc"

+[[package]]
+name = "libmimalloc-sys"
+version = "0.1.44"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "667f4fec20f29dfc6bc7357c582d91796c169ad7e2fce709468aefeb2c099870"
+dependencies = [
+ "cc",
+ "libc",
+]
+
 [[package]]
 name = "lock_api"
 version = "0.4.14"
@@ -642,6 +652,15 @@ version = "2.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"

+[[package]]
+name = "mimalloc"
+version = "0.1.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e1ee66a4b64c74f4ef288bcbb9192ad9c3feaad75193129ac8509af543894fd8"
+dependencies = [
+ "libmimalloc-sys",
+]
+
 [[package]]
 name = "mio"
 version = "1.1.1"
@@ -924,6 +943,7 @@ dependencies = [
 "http-body-util",
 "hyper",
 "hyper-util",
+ "mimalloc",
 "rcgen",
 "rustls",
 "rustproxy-config",
@@ -936,7 +956,6 @@ dependencies = [
 "rustproxy-tls",
 "serde",
 "serde_json",
- "tikv-jemallocator",
 "tokio",
 "tokio-rustls",
 "tokio-util",
@@ -1299,26 +1318,6 @@ dependencies = [
 "cfg-if",
 ]

-[[package]]
-name = "tikv-jemalloc-sys"
-version = "0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd8aa5b2ab86a2cefa406d889139c162cbb230092f7d1d7cbc1716405d852a3b"
-dependencies = [
- "cc",
- "libc",
-]
-
-[[package]]
-name = "tikv-jemallocator"
-version = "0.6.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0359b4327f954e0567e69fb191cf1436617748813819c94b8cd4a431422d053a"
-dependencies = [
- "libc",
- "tikv-jemalloc-sys",
-]
-
 [[package]]
 name = "time"
 version = "0.3.47"
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -91,8 +91,8 @@ libc = "0.2"
 # Socket-level options (keepalive, etc.)
 socket2 = { version = "0.5", features = ["all"] }

-# jemalloc allocator (prevents glibc fragmentation / slow RSS growth)
-tikv-jemallocator = "0.6"
+# mimalloc allocator (prevents glibc fragmentation / slow RSS growth)
+mimalloc = "0.1"

 # Internal crates
 rustproxy-config = { path = "crates/rustproxy-config" }
--- a/rust/crates/rustproxy/Cargo.toml
+++ b/rust/crates/rustproxy/Cargo.toml
@@ -39,7 +39,7 @@ hyper = { workspace = true }
 hyper-util = { workspace = true }
 http-body-util = { workspace = true }
 bytes = { workspace = true }
-tikv-jemallocator = { workspace = true }
+mimalloc = { workspace = true }

 [dev-dependencies]
 rcgen = { workspace = true }
--- a/rust/crates/rustproxy/src/main.rs
+++ b/rust/crates/rustproxy/src/main.rs
@@ -1,5 +1,5 @@
 #[global_allocator]
-static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
+static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc;

 use clap::Parser;
 use tracing_subscriber::EnvFilter;
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@push.rocks/smartproxy',
-  version: '25.8.0',
+  version: '25.8.3',
  description: 'A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.'
 }
--- a/ts/core/utils/log-deduplicator.ts
+++ b/ts/core/utils/log-deduplicator.ts
@@ -354,17 +354,17 @@ export class LogDeduplicator {
 // Global instance for connection-related log deduplication
 export const connectionLogDeduplicator = new LogDeduplicator(5000); // 5 second batches

-// Ensure logs are flushed on process exit
+// Ensure logs are flushed on process exit.
+// Only use beforeExit — do NOT call process.exit() from SIGINT/SIGTERM handlers
+// as that kills the host process's graceful shutdown (e.g., dcrouter connection draining).
 process.on('beforeExit', () => {
  connectionLogDeduplicator.flushAll();
 });

 process.on('SIGINT', () => {
  connectionLogDeduplicator.cleanup();
-  process.exit(0);
 });

 process.on('SIGTERM', () => {
  connectionLogDeduplicator.cleanup();
-  process.exit(0);
 });
--- a/ts/detection/protocol-detector.ts
+++ b/ts/detection/protocol-detector.ts
@@ -18,8 +18,8 @@ export class ProtocolDetector {
  private fragmentManager: DetectionFragmentManager;
  private tlsDetector: TlsDetector;
  private httpDetector: HttpDetector;
-  private connectionProtocols: Map<string, 'tls' | 'http'> = new Map();
-  
+  private connectionProtocols: Map<string, { protocol: 'tls' | 'http'; createdAt: number }> = new Map();
+
  constructor() {
    this.fragmentManager = new DetectionFragmentManager();
    this.tlsDetector = new TlsDetector();
@@ -124,8 +124,9 @@ export class ProtocolDetector {
    const connectionId = DetectionFragmentManager.createConnectionId(context);
    
    // Check if we already know the protocol for this connection
-    const knownProtocol = this.connectionProtocols.get(connectionId);
-    
+    const knownEntry = this.connectionProtocols.get(connectionId);
+    const knownProtocol = knownEntry?.protocol;
+
    if (knownProtocol === 'http') {
      const result = this.httpDetector.detectWithContext(buffer, context, options);
      if (result) {
@@ -163,7 +164,7 @@ export class ProtocolDetector {
    if (!knownProtocol) {
      // First peek to determine protocol type
      if (this.tlsDetector.canHandle(buffer)) {
-        this.connectionProtocols.set(connectionId, 'tls');
+        this.connectionProtocols.set(connectionId, { protocol: 'tls', createdAt: Date.now() });
        // Handle TLS with fragment accumulation
        const handler = this.fragmentManager.getHandler('tls');
        const fragmentResult = handler.addFragment(connectionId, buffer);
@@ -189,7 +190,7 @@ export class ProtocolDetector {
      }
      
      if (this.httpDetector.canHandle(buffer)) {
-        this.connectionProtocols.set(connectionId, 'http');
+        this.connectionProtocols.set(connectionId, { protocol: 'http', createdAt: Date.now() });
        const result = this.httpDetector.detectWithContext(buffer, context, options);
        if (result) {
          if (result.isComplete) {
@@ -221,6 +222,14 @@ export class ProtocolDetector {
  
  private cleanupInstance(): void {
    this.fragmentManager.cleanup();
+    // Remove stale connectionProtocols entries (abandoned handshakes, port scanners)
+    const maxAge = 30_000; // 30 seconds
+    const now = Date.now();
+    for (const [id, entry] of this.connectionProtocols) {
+      if (now - entry.createdAt > maxAge) {
+        this.connectionProtocols.delete(id);
+      }
+    }
  }
  
  /**
@@ -242,8 +251,7 @@ export class ProtocolDetector {
   * @param _maxAge Maximum age in milliseconds (default: 30 seconds)
   */
  static cleanupConnections(_maxAge: number = 30000): void {
-    // Cleanup is now handled internally by the fragment manager
-    this.getInstance().fragmentManager.cleanup();
+    this.getInstance().cleanupInstance();
  }
  
  /**
--- a/ts/proxies/smart-proxy/socket-handler-server.ts
+++ b/ts/proxies/smart-proxy/socket-handler-server.ts
@@ -254,11 +254,30 @@ export class SocketHandlerServer {

    // Connect to the resolved target
    const backend = plugins.net.connect(port, host, () => {
+      // Connection established — set idle timeout on both sides (5 min)
+      socket.setTimeout(300_000);
+      backend.setTimeout(300_000);
+
      // Pipe bidirectionally
      socket.pipe(backend);
      backend.pipe(socket);
    });

+    // Connect timeout: if backend doesn't connect within 30s, destroy both
+    backend.setTimeout(30_000);
+
+    backend.on('timeout', () => {
+      logger.log('warn', `Dynamic forward timeout to ${host}:${port}`, { component: 'socket-handler-server' });
+      backend.destroy();
+      socket.destroy();
+    });
+
+    socket.on('timeout', () => {
+      logger.log('debug', `Dynamic forward client idle timeout`, { component: 'socket-handler-server' });
+      socket.destroy();
+      backend.destroy();
+    });
+
    backend.on('error', (err) => {
      logger.log('error', `Dynamic forward backend error: ${err.message}`, { component: 'socket-handler-server' });
      socket.destroy();
Author	SHA1	Message	Date
Juergen Kunz	8df18728d4	v25.8.3 Some checks failed Default (tags) / security (push) Successful in 29s Details Default (tags) / test (push) Failing after 4m2s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2026-02-26 17:01:57 +00:00
Juergen Kunz	bedecc6b6b	fix(smartproxy): no code or dependency changes detected; no version bump required	2026-02-26 17:01:57 +00:00
Juergen Kunz	b5f166bc92	v25.8.2 Some checks failed Default (tags) / security (push) Successful in 31s Details Default (tags) / test (push) Failing after 4m1s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2026-02-26 16:58:30 +00:00
Juergen Kunz	94266222fe	fix(connection): improve connection handling and timeouts	2026-02-26 16:58:30 +00:00
Juergen Kunz	697d51a9d4	v25.8.1 Some checks failed Default (tags) / security (push) Successful in 42s Details Default (tags) / test (push) Failing after 4m4s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2026-02-25 00:12:41 +00:00
Juergen Kunz	7e5fe2bec3	fix(allocator): switch global allocator from tikv-jemallocator to mimalloc	2026-02-25 00:12:41 +00:00