smartproxy

push.rocks/smartproxy

Fork 0

Commit Graph

Select branches

Hide Pull Requests

master

v1.0.10

v1.0.11

v1.0.12

v1.0.13

v1.0.14

v1.0.15

v1.0.16

v1.0.17

v1.0.18

v1.0.19

v1.0.2

v1.0.20

v1.0.21

v1.0.22

v1.0.23

v1.0.24

v1.0.25

v1.0.26

v1.0.27

v1.0.28

v1.0.29

v1.0.3

v1.0.30

v1.0.31

v1.0.32

v1.0.33

v1.0.34

v1.0.35

v1.0.36

v1.0.37

v1.0.38

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v10.0.0

v10.0.1

v10.0.2

v2.0.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.16

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v3.0.0

v3.0.1

v3.0.10

v3.0.11

v3.0.12

v3.0.13

v3.0.14

v3.0.15

v3.0.16

v3.0.17

v3.0.18

v3.0.19

v3.0.2

v3.0.20

v3.0.21

v3.0.22

v3.0.23

v3.0.24

v3.0.25

v3.0.26

v3.0.27

v3.0.28

v3.0.29

v3.0.3

v3.0.30

v3.0.31

v3.0.32

v3.0.33

v3.0.34

v3.0.35

v3.0.36

v3.0.37

v3.0.38

v3.0.39

v3.0.4

v3.0.40

v3.0.41

v3.0.42

v3.0.43

v3.0.44

v3.0.45

v3.0.46

v3.0.47

v3.0.48

v3.0.49

v3.0.5

v3.0.50

v3.0.51

v3.0.52

v3.0.53

v3.0.54

v3.0.55

v3.0.56

v3.0.57

v3.0.58

v3.0.59

v3.0.6

v3.0.60

v3.0.61

v3.0.7

v3.0.8

v3.0.9

v3.1.0

v3.1.1

v3.1.2

v3.1.3

v3.1.4

v3.10.0

v3.10.1

v3.10.2

v3.10.3

v3.10.4

v3.10.5

v3.11.0

v3.12.0

v3.13.0

v3.14.0

v3.14.1

v3.14.2

v3.15.0

v3.16.0

v3.16.1

v3.16.2

v3.16.3

v3.16.4

v3.16.5

v3.16.6

v3.16.7

v3.16.8

v3.16.9

v3.17.0

v3.17.1

v3.18.0

v3.18.1

v3.18.2

v3.19.0

v3.2.0

v3.20.0

v3.20.1

v3.20.2

v3.21.0

v3.22.0

v3.22.1

v3.22.2

v3.22.3

v3.22.4

v3.22.5

v3.23.0

v3.23.1

v3.24.0

v3.25.0

v3.25.1

v3.25.2

v3.25.3

v3.25.4

v3.26.0

v3.27.0

v3.28.0

v3.28.1

v3.28.2

v3.28.3

v3.28.4

v3.28.5

v3.28.6

v3.29.0

v3.29.1

v3.29.2

v3.29.3

v3.3.0

v3.3.1

v3.30.0

v3.30.1

v3.30.2

v3.30.3

v3.30.4

v3.30.5

v3.30.6

v3.30.7

v3.30.8

v3.31.0

v3.31.1

v3.31.2

v3.32.0

v3.32.1

v3.32.2

v3.33.0

v3.34.0

v3.37.0

v3.37.1

v3.37.2

v3.37.3

v3.38.0

v3.38.1

v3.38.2

v3.39.0

v3.4.0

v3.4.1

v3.4.2

v3.4.3

v3.4.4

v3.40.0

v3.41.0

v3.41.1

v3.41.2

v3.41.3

v3.41.4

v3.41.5

v3.41.6

v3.41.7

v3.41.8

v3.5.0

v3.6.0

v3.7.0

v3.7.1

v3.7.2

v3.7.3

v3.8.0

v3.8.1

v3.9.0

v3.9.1

v3.9.2

v3.9.3

v3.9.4

v4.0.0

v4.1.0

v4.1.1

v4.1.10

v4.1.11

v4.1.12

v4.1.13

v4.1.14

v4.1.15

v4.1.16

v4.1.2

v4.1.3

v4.1.4

v4.1.5

v4.1.6

v4.1.7

v4.1.8

v4.1.9

v4.2.0

v4.2.1

v4.2.2

v4.2.3

v4.2.4

v4.2.5

v4.2.6

v4.3.0

v5.0.0

v5.1.0

v6.0.0

v6.0.1

v7.0.0

v7.0.1

v7.1.0

v7.1.1

v7.1.2

v7.1.3

v7.1.4

v7.2.0

v8.0.0

v9.0.0

73f3dfcad4 10.0.2 master v10.0.2 Philipp Kunz 2025-05-03 19:02:26 +00:00
8291f1f33a fix(tlsalert): Centralize plugin imports in TlsAlert and update plan checklist Philipp Kunz 2025-05-03 19:02:26 +00:00
f512fb4252 10.0.1 v10.0.1 Philipp Kunz 2025-05-03 13:27:59 +00:00
1f3ee1eafc fix(docs): Improve mermaid diagram formatting in readme.md using HTML <br> tags for line breaks Philipp Kunz 2025-05-03 13:27:59 +00:00
910c8160f6 10.0.0 v10.0.0 Philipp Kunz 2025-05-03 13:19:23 +00:00
0e634c46a6 BREAKING CHANGE(smartproxy): Update documentation and refactor core proxy components; remove legacy performRenewals method from SmartProxy; update router type imports and adjust test suites for improved coverage Philipp Kunz 2025-05-03 13:19:23 +00:00
32b4e32bf0 9.0.0 v9.0.0 Philipp Kunz 2025-05-02 14:58:33 +00:00
878e76ab23 BREAKING CHANGE(acme): Refactor ACME configuration and certificate provisioning by replacing legacy port80HandlerConfig with unified acme options and updating CertProvisioner event subscriptions Philipp Kunz 2025-05-02 14:58:33 +00:00
edd8ca8d70 8.0.0 v8.0.0 Philipp Kunz 2025-05-02 11:19:14 +00:00
8a396a04fa BREAKING CHANGE(certProvisioner): Refactor: Introduce unified CertProvisioner to centralize certificate provisioning and renewal; remove legacy ACME config from Port80Handler and update SmartProxy to delegate certificate lifecycle management. Philipp Kunz 2025-05-02 11:19:14 +00:00
09aadc702e update Philipp Kunz 2025-05-01 15:39:20 +00:00
a59ebd6202 7.2.0 v7.2.0 Philipp Kunz 2025-05-01 12:13:18 +00:00
0d8740d812 feat(ACME/Certificate): Introduce certificate provider hook and observable certificate events; remove legacy ACME flow Philipp Kunz 2025-05-01 12:13:18 +00:00
e6a138279d before refactor Philipp Kunz 2025-05-01 11:48:04 +00:00
a30571dae2 7.1.4 v7.1.4 Philipp Kunz 2025-04-30 13:39:42 +00:00
24d6d6982d fix(dependencies): Update dependency versions in package.json Philipp Kunz 2025-04-30 13:39:42 +00:00
cfa19f27cc 7.1.3 v7.1.3 Philipp Kunz 2025-04-28 15:37:35 +00:00
03cc490b8a fix(docs): Update project hints documentation in readme.hints.md Philipp Kunz 2025-04-28 15:37:35 +00:00
2616b24d61 7.1.2 v7.1.2 Philipp Kunz 2025-04-19 18:42:36 +00:00
46214f5380 fix(networkproxy/requesthandler): Improve HTTP/2 request handling and error management in the proxy request handler; add try-catch around routing and update header processing to support per-backend protocol overrides. Philipp Kunz 2025-04-19 18:42:36 +00:00
d8383311be 7.1.1 v7.1.1 Philipp Kunz 2025-04-19 18:32:46 +00:00
578d11344f fix(commit-info): Update commit metadata and synchronize project configuration (no code changes) Philipp Kunz 2025-04-19 18:32:46 +00:00
ce3d0feb77 7.1.0 v7.1.0 Philipp Kunz 2025-04-19 18:31:31 +00:00
04abab505b feat(core): Add backendProtocol option to support HTTP/2 client sessions alongside HTTP/1. This update enhances NetworkProxy's core functionality by integrating HTTP/2 support in server creation and request handling, while updating plugin exports and documentation accordingly. Philipp Kunz 2025-04-19 18:31:10 +00:00
e69c55de3b 7.0.1 v7.0.1 Philipp Kunz 2025-04-05 08:54:35 +00:00
9a9bcd2df0 fix(package.json): Update packageManager field in package.json to specify the pnpm version for improved reproducibility. Philipp Kunz 2025-04-05 08:54:34 +00:00
b27cb8988c 7.0.0 v7.0.0 Philipp Kunz 2025-04-04 17:15:50 +00:00
0de7531e17 BREAKING CHANGE(redirect): Remove deprecated SSL redirect implementation and update exports to use the new redirect module Philipp Kunz 2025-04-04 17:15:50 +00:00
c0002fee38 6.0.1 v6.0.1 Philipp Kunz 2025-03-25 22:35:36 +00:00
27f9b1eac1 fix(readme): Update README documentation: replace all outdated PortProxy references with SmartProxy, adjust architecture diagrams, code examples, and configuration details (including correcting IPTables to NfTables) to reflect the new naming. Philipp Kunz 2025-03-25 22:35:36 +00:00
03b9227d78 6.0.0 v6.0.0 Philipp Kunz 2025-03-25 22:31:07 +00:00
6944289ea7 BREAKING_CHANGE(core): refactored the codebase to be more maintainable Philipp Kunz 2025-03-25 22:30:57 +00:00
50fab2e1c3 5.1.0 v5.1.0 Philipp Kunz 2025-03-18 22:04:37 +00:00
88a1891bcf feat(docs): docs: replace IPTablesProxy references with NfTablesProxy in README and examples, updating configuration options and diagrams for advanced nftables features Philipp Kunz 2025-03-18 22:04:37 +00:00
6b2765a429 5.0.0 v5.0.0 Philipp Kunz 2025-03-18 21:55:09 +00:00
9b5b8225bc BREAKING CHANGE(nftables): Replace IPTablesProxy with NfTablesProxy and update module exports in index.ts Philipp Kunz 2025-03-18 21:55:09 +00:00
54e81b3c32 4.3.0 v4.3.0 Philipp Kunz 2025-03-18 15:00:24 +00:00
b7b47cd11f feat(Port80Handler): Add glob pattern support for domain certificate management in Port80Handler. Wildcard domains are now detected and skipped in certificate issuance and retrieval, ensuring that only explicit domains receive ACME certificates and improving route matching. Philipp Kunz 2025-03-18 15:00:24 +00:00
62061517fd 4.2.6 v4.2.6 Philipp Kunz 2025-03-18 14:56:57 +00:00
531350a1c1 fix(Port80Handler): Restrict ACME HTTP-01 challenge handling to domains with acmeMaintenance or acmeForward enabled Philipp Kunz 2025-03-18 14:56:57 +00:00
559a52af41 4.2.5 v4.2.5 Philipp Kunz 2025-03-18 14:53:39 +00:00
f8c86c76ae fix(networkproxy): Refactor certificate management components: rename AcmeCertManager to Port80Handler and update related event names from CertManagerEvents to Port80HandlerEvents. The changes update internal API usage in ts/classes.networkproxy.ts and ts/classes.port80handler.ts to unify and simplify ACME certificate handling and HTTP-01 challenge management. Philipp Kunz 2025-03-18 14:53:39 +00:00
cc04e8786c 4.2.4 v4.2.4 Philipp Kunz 2025-03-18 12:49:52 +00:00
9cb6e397b9 fix(ts/index.ts): Fix export order in ts/index.ts by moving the port proxy export back and adding interfaces export for proper module exposure Philipp Kunz 2025-03-18 12:49:52 +00:00
11b65bf684 4.2.3 v4.2.3 Philipp Kunz 2025-03-18 00:32:01 +00:00
4b30e377b9 fix(connectionhandler): Remove unnecessary delay in TLS session ticket handling for connections without SNI Philipp Kunz 2025-03-18 00:32:01 +00:00
b10f35be4b 4.2.2 v4.2.2 Philipp Kunz 2025-03-18 00:29:17 +00:00
426249e70e fix(connectionhandler): Ensure proper termination of TLS connections without SNI by explicitly ending the socket after sending the unrecognized_name alert. This prevents the connection from hanging and avoids potential duplicate handling. Philipp Kunz 2025-03-18 00:29:17 +00:00
ba0d9d0b8e 4.2.1 v4.2.1 Philipp Kunz 2025-03-17 14:28:09 +00:00
151b8f498c fix(core): No uncommitted changes detected in the project. Philipp Kunz 2025-03-17 14:28:08 +00:00
0db4b07b22 4.2.0 v4.2.0 Philipp Kunz 2025-03-17 14:27:10 +00:00
b55e2da23e feat(tlsalert): add sendForceSniSequence and sendFatalAndClose helper functions to TlsAlert for improved SNI enforcement Philipp Kunz 2025-03-17 14:27:10 +00:00
3593e411cf 4.1.16 v4.1.16 Philipp Kunz 2025-03-17 13:37:48 +00:00
ca6f6de798 fix(tls): Improve TLS alert handling in connection handler: use the new TlsAlert class to send proper unrecognized_name alerts when a ClientHello is missing SNI and wait for a retry on the same connection before closing. Also, add alertFallbackTimeout tracking to connection records for better timeout management. Philipp Kunz 2025-03-17 13:37:48 +00:00
80d2f30804 4.1.15 v4.1.15 Philipp Kunz 2025-03-17 13:23:07 +00:00
22f46700f1 fix(connectionhandler): Delay socket termination in TLS session resumption handling to allow proper alert processing Philipp Kunz 2025-03-17 13:23:07 +00:00
1611f65455 4.1.14 v4.1.14 Philipp Kunz 2025-03-17 13:19:18 +00:00
c6350e271a fix(ConnectionHandler): Use the correct TLS alert data and increase the delay before socket termination when session resumption without SNI is detected. Philipp Kunz 2025-03-17 13:19:18 +00:00
0fb5e5ea50 4.1.13 v4.1.13 Philipp Kunz 2025-03-17 13:15:12 +00:00
35f6739b3c fix(tls-handshake): Set certificate_expired TLS alert level to warning instead of fatal to allow graceful termination. Philipp Kunz 2025-03-17 13:15:12 +00:00
4634c68ea6 4.1.12 v4.1.12 Philipp Kunz 2025-03-17 13:09:54 +00:00
e126032b61 fix(classes.pp.connectionhandler): Replace unrecognized_name alert data with certificate_expired alert in TLS handshake handling for session resumption without SNI Philipp Kunz 2025-03-17 13:09:54 +00:00
7797c799dd 4.1.11 v4.1.11 Philipp Kunz 2025-03-17 13:00:02 +00:00
e8639e1b01 fix(connectionhandler): Increase delay before cleaning up connections when session resumption is blocked due to missing SNI, allowing more natural socket termination. Philipp Kunz 2025-03-17 13:00:02 +00:00
60a0ad106d 4.1.10 v4.1.10 Philipp Kunz 2025-03-16 14:49:25 +00:00
a70c123007 fix(connectionhandler): Increase delay timings for TLS alert transmission in session ticket blocking to allow graceful socket termination Philipp Kunz 2025-03-16 14:49:25 +00:00
46aa7620b0 4.1.9 v4.1.9 Philipp Kunz 2025-03-16 14:13:36 +00:00
f72db86e37 fix(ConnectionHandler): Replace closeNotify alert with handshake failure alert in TLS ClientHello handling to properly signal missing SNI and enforce session ticket restrictions. Philipp Kunz 2025-03-16 14:13:35 +00:00
d612df107e 4.1.8 v4.1.8 Philipp Kunz 2025-03-16 14:02:18 +00:00
1c34578c36 fix(ConnectionHandler/tls): Change the TLS alert sent when a ClientHello lacks SNI: use the close_notify alert instead of handshake_failure to prompt immediate retry with SNI. Philipp Kunz 2025-03-16 14:02:18 +00:00
1f9943b5a7 4.1.7 v4.1.7 Philipp Kunz 2025-03-16 13:47:34 +00:00
67ddf97547 fix(classes.pp.connectionhandler): Improve TLS alert handling in ClientHello when SNI is missing and session tickets are disallowed Philipp Kunz 2025-03-16 13:47:34 +00:00
8a96b45ece 4.1.6 v4.1.6 Philipp Kunz 2025-03-16 13:28:48 +00:00
2b6464acd5 fix(tls): Refine TLS ClientHello handling when allowSessionTicket is false by replacing extensive alert timeout logic with a concise warning alert and short delay, encouraging immediate client retry with proper SNI Philipp Kunz 2025-03-16 13:28:48 +00:00
efbb4335d7 4.1.5 v4.1.5 Philipp Kunz 2025-03-16 13:19:37 +00:00
9dd402054d fix(TLS/ConnectionHandler): Improve handling of TLS session resumption without SNI by sending an unrecognized_name alert instead of immediately terminating the connection. This change adds a grace period for the client to retry the handshake with proper SNI and cleans up the connection if no valid response is received. Philipp Kunz 2025-03-16 13:19:37 +00:00
6c1efc1dc0 4.1.4 v4.1.4 Philipp Kunz 2025-03-15 19:10:54 +00:00
cad0e6a2b2 fix(ConnectionHandler): Refactor ConnectionHandler code formatting for improved readability and consistency in log messages and whitespace handling Philipp Kunz 2025-03-15 19:10:54 +00:00
794e1292e5 4.1.3 v4.1.3 Philipp Kunz 2025-03-15 18:51:50 +00:00
ee79f9ab7c fix(connectionhandler): Improve handling of TLS ClientHello messages when allowSessionTicket is disabled and no SNI is provided by sending a warning alert (unrecognized_name, code 0x70) with a proper callback and delay to ensure the alert is transmitted before closing the connection. Philipp Kunz 2025-03-15 18:51:50 +00:00
107bc3b50b 4.1.2 v4.1.2 Philipp Kunz 2025-03-15 17:16:18 +00:00
97982976c8 fix(connectionhandler): Send proper TLS alert before terminating connections when SNI is missing and session tickets are disallowed. Philipp Kunz 2025-03-15 17:16:18 +00:00
fe60f88746 4.1.1 v4.1.1 Philipp Kunz 2025-03-15 17:00:11 +00:00
252a987344 fix(tls): Enforce strict SNI handling in TLS connections by terminating ClientHello messages lacking SNI when session tickets are disallowed and removing legacy session cache code. Philipp Kunz 2025-03-15 17:00:10 +00:00
677d30563f 4.1.0 v4.1.0 Philipp Kunz 2025-03-14 11:34:53 +00:00
9aa747b5d4 feat(SniHandler): Enhance SNI extraction to support session caching and tab reactivation by adding session cache initialization, cleanup and helper methods. Update processTlsPacket to use cached SNI for session resumption and connection racing scenarios. Philipp Kunz 2025-03-14 11:34:52 +00:00
1de9491e1d 4.0.0 v4.0.0 Philipp Kunz 2025-03-14 09:53:25 +00:00
e2ee673197 BREAKING CHANGE(core): refactor: reorganize internal module structure to use classes.pp.* modules Philipp Kunz 2025-03-14 09:53:25 +00:00
985031e9ac 3.41.8 v3.41.8 Philipp Kunz 2025-03-12 15:49:42 +00:00
4c0105ad09 fix(portproxy): Improve TLS handshake timeout handling and connection piping in PortProxy Philipp Kunz 2025-03-12 15:49:41 +00:00
06896b3102 3.41.7 v3.41.7 Philipp Kunz 2025-03-12 12:19:36 +00:00
7fe455b4df fix(core): Refactor PortProxy and SniHandler: improve configuration handling, logging, and whitespace consistency Philipp Kunz 2025-03-12 12:19:36 +00:00
21801aa53d 3.41.6 v3.41.6 Philipp Kunz 2025-03-12 10:54:24 +00:00
ddfbcdb1f3 fix(SniHandler): Refactor SniHandler: update whitespace, comment formatting, and consistent type definitions Philipp Kunz 2025-03-12 10:54:24 +00:00
b401d126bc 3.41.5 v3.41.5 Philipp Kunz 2025-03-12 10:27:26 +00:00
baaee0ad4d fix(portproxy): Enforce TLS handshake and SNI validation on port 443 by blocking non-TLS connections and terminating session resumption attempts without SNI when allowSessionTicket is disabled. Philipp Kunz 2025-03-12 10:27:25 +00:00
fe7c4c2f5e 3.41.4 v3.41.4 Philipp Kunz 2025-03-12 10:01:54 +00:00
ab1ec84832 fix(tls/sni): Improve logging for TLS session resumption by extracting and logging SNI values from ClientHello messages. Philipp Kunz 2025-03-12 10:01:54 +00:00
156abbf5b4 3.41.3 v3.41.3 Philipp Kunz 2025-03-12 09:56:21 +00:00
1a90566622 fix(TLS/SNI): Improve TLS session resumption handling and logging. Now, session resumption attempts are always logged with details, and connections without a proper SNI are rejected when allowSessionTicket is disabled. In addition, empty SNI extensions are explicitly treated as missing, ensuring stricter and more consistent TLS handshake validation. Philipp Kunz 2025-03-12 09:56:21 +00:00