3.7.2

changelog.md

@@ -1,5 +1,17 @@
 # Changelog
 
+## 2025-02-21 - 3.7.2 - fix(PortProxy)
+Improve SNICallback and connection handling in PortProxy
+
+- Fixed SNICallback to create minimal TLS context for SNI.
+- Changed connection setup to use net.connect for raw passthrough.
+
+## 2025-02-21 - 3.7.1 - fix(smartproxy.portproxy)
+Optimize SNI handling by simplifying context creation
+
+- Removed unnecessary SecureContext creation for SNI requests in PortProxy
+- Improved handling of SNI passthrough by acknowledging requests without context creation
+
 ## 2025-02-21 - 3.7.0 - feat(PortProxy)
 Add optional source IP preservation support in PortProxy
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@push.rocks/smartproxy",
-  "version": "3.7.0",
+  "version": "3.7.2",
   "private": false,
   "description": "a proxy for handling high workloads of proxying",
   "main": "dist_ts/index.js",

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '3.7.0',
+  version: '3.7.2',
   description: 'a proxy for handling high workloads of proxying'
 }

ts/smartproxy.portproxy.ts

@@ -70,16 +70,13 @@ export class PortProxy {
 
     const server = this.settings.sniEnabled
       ? plugins.tls.createServer({
-          ...this.settings,
           SNICallback: (serverName: string, cb: (err: Error | null, ctx?: plugins.tls.SecureContext) => void) => {
             console.log(`SNI request for domain: ${serverName}`);
-            const domainConfig = findMatchingDomain(serverName);
+            // Create a minimal context just to read SNI, we'll pass through the actual TLS
-            if (!domainConfig) {
+            const ctx = plugins.tls.createSecureContext({
-              // Always allow SNI for default IPs, even if domain doesn't match
+              minVersion: 'TLSv1.2',
-              console.log(`SNI domain ${serverName} not found, will check IP during connection`);
+              maxVersion: 'TLSv1.3'
-            }
+            });
-            // Create context with the provided TLS settings
-            const ctx = plugins.tls.createSecureContext(this.settings);
             cb(null, ctx);
           }
         })
@@ -135,7 +132,8 @@ export class PortProxy {
         connectionOptions.localAddress = remoteIP.replace('::ffff:', ''); // Remove IPv6 mapping if present
       }
 
-      const to = plugins.net.createConnection(connectionOptions);
+      // If this is a TLS connection, use net.connect to ensure raw passthrough
+      const to = plugins.net.connect(connectionOptions);
       console.log(`Connection established: ${remoteIP} -> ${targetHost}:${this.settings.toPort}${serverName ? ` (SNI: ${serverName})` : ''}`);
       from.setTimeout(120000);
       from.pipe(to);