@atlascrew/apparatus 0.9.0

package/dist/cluster.js

@@ -0,0 +1,462 @@
+import dgram from "dgram";
+import { createHmac, timingSafeEqual } from "crypto";
+import net from "net";
+import { logger } from "./logger.js";
+import { request } from "undici";
+import os from "os";
+import { cfg } from "./config.js";
+import { loadClusterStateSync, writeClusterState } from "./persistence/cluster-state.js";
+import { markPersistenceHydrated, markPersistenceWrite, registerPersistenceStore } from "./persistence/status.js";
+const DEFAULT_GOSSIP_PORT = 7946;
+const CLUSTER_COMMAND_TTL_MS = 30_000;
+const MAX_RECENT_SIGNATURES = 2048;
+const LOOPBACK_HOSTS = new Set(["localhost", "127.0.0.1", "::1", "::ffff:127.0.0.1"]);
+const CLUSTER_SHARED_SECRET = process.env.CLUSTER_SHARED_SECRET || "";
+const CLUSTER_ATTACK_ALLOWLIST = (process.env.CLUSTER_ATTACK_ALLOWLIST || "")
+    .split(",")
+    .map((entry) => entry.trim().toLowerCase())
+    .filter(Boolean);
+let gossipPort = DEFAULT_GOSSIP_PORT;
+const members = new Map(); // IP -> LastSeen Timestamp
+const recentSignatures = new Map();
+const commandMetrics = {
+    received: 0,
+    authorized: 0,
+    rejected: 0,
+};
+const myIp = getLocalIp();
+let clusterStatePersistQueue = Promise.resolve(true);
+const CLUSTER_STORE_KEY = "clusterState";
+registerPersistenceStore(CLUSTER_STORE_KEY, cfg.clusterStatePath);
+for (const member of loadClusterStateSync(cfg.clusterStatePath)) {
+    if (member.ip !== myIp) {
+        members.set(member.ip, member.lastSeen);
+    }
+}
+markPersistenceHydrated(CLUSTER_STORE_KEY);
+function snapshotClusterMembers() {
+    return Array.from(members.entries()).map(([ip, lastSeen]) => ({ ip, lastSeen }));
+}
+function persistClusterStateQueued() {
+    clusterStatePersistQueue = clusterStatePersistQueue.then(() => writeClusterState(cfg.clusterStatePath, snapshotClusterMembers()), () => writeClusterState(cfg.clusterStatePath, snapshotClusterMembers()));
+    void clusterStatePersistQueue.then((persisted) => {
+        markPersistenceWrite(CLUSTER_STORE_KEY, persisted);
+        if (!persisted) {
+            logger.warn("Cluster members state persisted in memory only due to write failure");
+        }
+    });
+}
+function canonicalizeForSignature(value) {
+    if (Array.isArray(value)) {
+        return value.map(canonicalizeForSignature);
+    }
+    if (value && typeof value === "object") {
+        const sortedEntries = Object.entries(value)
+            .sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
+            .map(([key, nested]) => [key, canonicalizeForSignature(nested)]);
+        return Object.fromEntries(sortedEntries);
+    }
+    return value;
+}
+function serializeForSignature(payload) {
+    return JSON.stringify(canonicalizeForSignature(payload));
+}
+export function createClusterCommandSignature(secret, payload) {
+    return createHmac("sha256", secret)
+        .update(serializeForSignature(payload))
+        .digest("hex");
+}
+function isLoopbackAddress(value) {
+    const normalized = value.trim().toLowerCase();
+    if (LOOPBACK_HOSTS.has(normalized)) {
+        return true;
+    }
+    if (normalized.startsWith("::ffff:")) {
+        const ipv4Mapped = normalized.slice("::ffff:".length);
+        return ipv4Mapped.startsWith("127.");
+    }
+    const ipVersion = net.isIP(normalized);
+    if (ipVersion === 4) {
+        return normalized.startsWith("127.");
+    }
+    return false;
+}
+function isPrivateIpv4(host) {
+    const octets = host.split(".").map((part) => Number(part));
+    if (octets.length !== 4 || octets.some((part) => !Number.isInteger(part) || part < 0 || part > 255)) {
+        return false;
+    }
+    const [a, b] = octets;
+    if (a === 10)
+        return true;
+    if (a === 172 && b >= 16 && b <= 31)
+        return true;
+    if (a === 192 && b === 168)
+        return true;
+    if (a === 127)
+        return true;
+    if (a === 169 && b === 254)
+        return true;
+    return false;
+}
+function hostMatchesAllowlist(host) {
+    if (CLUSTER_ATTACK_ALLOWLIST.length === 0)
+        return false;
+    return CLUSTER_ATTACK_ALLOWLIST.some((entry) => {
+        if (entry.startsWith(".")) {
+            return host.endsWith(entry);
+        }
+        return host === entry;
+    });
+}
+function isAllowedClusterTargetHost(host) {
+    const normalizedHost = host.toLowerCase();
+    if (hostMatchesAllowlist(normalizedHost)) {
+        return true;
+    }
+    if (normalizedHost === "localhost") {
+        return true;
+    }
+    const ipVersion = net.isIP(normalizedHost);
+    if (ipVersion === 4) {
+        return isPrivateIpv4(normalizedHost);
+    }
+    if (ipVersion === 6) {
+        return normalizedHost === "::1" || normalizedHost.startsWith("fc") || normalizedHost.startsWith("fd");
+    }
+    return false;
+}
+function getLocalIp() {
+    const ifaces = os.networkInterfaces();
+    for (const name of Object.keys(ifaces)) {
+        for (const iface of ifaces[name] || []) {
+            if (!iface.internal && iface.family === "IPv4") {
+                return iface.address;
+            }
+        }
+    }
+    return "127.0.0.1";
+}
+class AttackCommandValidationError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "AttackCommandValidationError";
+    }
+}
+function isAuthorizedClusterCommand(data, sourceIp) {
+    if (!CLUSTER_SHARED_SECRET) {
+        const isLoopbackBind = isLoopbackAddress(cfg.host);
+        if (!isLoopbackBind) {
+            commandMetrics.rejected += 1;
+            return false;
+        }
+        const acceptedUnsignedSource = isLoopbackAddress(sourceIp);
+        if (acceptedUnsignedSource) {
+            commandMetrics.authorized += 1;
+            logger.warn({ sourceIp }, "Cluster: Accepting unsigned command because CLUSTER_SHARED_SECRET is unset");
+        }
+        else {
+            commandMetrics.rejected += 1;
+        }
+        return acceptedUnsignedSource;
+    }
+    if (typeof data?.signature !== "string") {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    const { signature, ...unsignedPayload } = data;
+    if (!/^[0-9a-fA-F]+$/.test(signature) || signature.length % 2 !== 0) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    const timestamp = unsignedPayload.ts;
+    if (typeof timestamp !== "number" || !Number.isFinite(timestamp)) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    if (Math.abs(Date.now() - timestamp) > CLUSTER_COMMAND_TTL_MS) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    const expected = createHmac("sha256", CLUSTER_SHARED_SECRET)
+        .update(serializeForSignature(unsignedPayload))
+        .digest();
+    const provided = Buffer.from(signature, "hex");
+    if (provided.length !== expected.length) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    if (!timingSafeEqual(provided, expected)) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    const signatureKey = signature.toLowerCase();
+    const now = Date.now();
+    for (const [existingSignature, seenAt] of recentSignatures) {
+        if (now - seenAt > CLUSTER_COMMAND_TTL_MS) {
+            recentSignatures.delete(existingSignature);
+        }
+    }
+    if (recentSignatures.has(signatureKey)) {
+        commandMetrics.rejected += 1;
+        return false;
+    }
+    recentSignatures.set(signatureKey, now);
+    if (recentSignatures.size > MAX_RECENT_SIGNATURES) {
+        const oldest = recentSignatures.keys().next().value;
+        if (oldest) {
+            recentSignatures.delete(oldest);
+        }
+    }
+    commandMetrics.authorized += 1;
+    return true;
+}
+export function startClusterNode(options = {}) {
+    const host = options.host;
+    gossipPort = options.port ?? gossipPort;
+    const socket = dgram.createSocket("udp4");
+    if (!CLUSTER_SHARED_SECRET) {
+        if (isLoopbackAddress(cfg.host)) {
+            logger.warn("Cluster shared secret is unset. Remote cluster commands are denied by default.");
+        }
+        else {
+            logger.error({ host: cfg.host }, "Cluster shared secret is unset while bound non-loopback; unsigned remote commands will be rejected.");
+        }
+    }
+    // Listen for beacons
+    socket.on("message", (msg, rinfo) => {
+        try {
+            const data = JSON.parse(msg.toString());
+            if (data.type === "BEACON" && data.ip !== myIp) {
+                if (!members.has(data.ip)) {
+                    logger.info({ newMember: data.ip }, "Cluster: New Node Discovered");
+                }
+                members.set(data.ip, Date.now());
+                persistClusterStateQueued();
+            }
+            if (data.type === "ATTACK") {
+                commandMetrics.received += 1;
+                if (!isAuthorizedClusterCommand(data, rinfo.address)) {
+                    logger.warn({ ip: rinfo.address }, "Cluster: Ignoring unauthorized ATTACK command");
+                    return;
+                }
+                try {
+                    const valid = validateAttackCommand(String(data.target), Number(data.rate));
+                    executeAttack(valid.target, valid.rate);
+                }
+                catch (error) {
+                    logger.warn({ ip: rinfo.address, target: data?.target, error: error?.message || String(error) }, "Cluster: Rejecting invalid ATTACK command");
+                }
+            }
+            if (data.type === "STOP_ATTACK") {
+                commandMetrics.received += 1;
+                if (!isAuthorizedClusterCommand(data, rinfo.address)) {
+                    logger.warn({ ip: rinfo.address }, "Cluster: Ignoring unauthorized STOP_ATTACK command");
+                    return;
+                }
+                stopClusterAttack();
+            }
+        }
+        catch (error) {
+            logger.debug({ ip: rinfo.address, error: error?.message || String(error) }, "Cluster: Ignoring invalid gossip payload");
+        }
+    });
+    socket.bind(gossipPort, host, () => {
+        socket.setBroadcast(true);
+    });
+    const beaconInterval = setInterval(() => {
+        const beacon = JSON.stringify({ type: "BEACON", ip: myIp });
+        socket.send(beacon, gossipPort, "255.255.255.255");
+        const now = Date.now();
+        let removedAny = false;
+        for (const [ip, lastSeen] of members) {
+            if (now - lastSeen > 15000) {
+                members.delete(ip);
+                removedAny = true;
+            }
+        }
+        if (removedAny) {
+            persistClusterStateQueued();
+        }
+    }, 5000);
+    logger.info({ port: gossipPort, ip: myIp }, "Cluster Gossip Started");
+    return {
+        socket,
+        port: () => gossipPort,
+        stop: () => {
+            clearInterval(beaconInterval);
+            stopClusterAttack();
+            socket.close();
+        }
+    };
+}
+let attackInterval = null;
+let attackStopTimeout = null;
+export function isClusterAttackActive() {
+    return Boolean(attackInterval);
+}
+function executeAttack(target, rate) {
+    if (attackInterval)
+        clearInterval(attackInterval);
+    if (attackStopTimeout)
+        clearTimeout(attackStopTimeout);
+    logger.warn({ target, rate }, "Cluster: Starting Distributed Attack");
+    const delay = 1000 / rate;
+    attackInterval = setInterval(() => {
+        request(target).catch(() => { }); // Fire and forget
+    }, delay);
+    // Stop after 30s
+    attackStopTimeout = setTimeout(() => {
+        stopClusterAttack();
+        logger.info("Cluster: Attack Finished");
+    }, 30000);
+}
+export function stopClusterAttack() {
+    const hadAttack = Boolean(attackInterval);
+    if (attackInterval) {
+        clearInterval(attackInterval);
+        attackInterval = null;
+    }
+    if (attackStopTimeout) {
+        clearTimeout(attackStopTimeout);
+        attackStopTimeout = null;
+    }
+    return hadAttack;
+}
+async function broadcastClusterCommand(command) {
+    await new Promise((resolve, reject) => {
+        const socket = dgram.createSocket("udp4");
+        let closed = false;
+        let settled = false;
+        let timeoutTimer;
+        const safeClose = () => {
+            if (!closed) {
+                closed = true;
+                socket.close();
+            }
+        };
+        const complete = (error) => {
+            if (settled)
+                return;
+            settled = true;
+            if (timeoutTimer) {
+                clearTimeout(timeoutTimer);
+            }
+            safeClose();
+            if (error) {
+                reject(error);
+                return;
+            }
+            resolve();
+        };
+        timeoutTimer = setTimeout(() => {
+            complete(new Error("Cluster broadcast timed out"));
+        }, 5000);
+        socket.once("error", (error) => {
+            complete(error);
+        });
+        socket.bind(() => {
+            socket.setBroadcast(true);
+            const basePayload = {
+                ...command,
+                ts: Date.now(),
+            };
+            const payload = JSON.stringify(CLUSTER_SHARED_SECRET
+                ? {
+                    ...basePayload,
+                    signature: createClusterCommandSignature(CLUSTER_SHARED_SECRET, basePayload),
+                }
+                : basePayload);
+            socket.send(payload, gossipPort, "255.255.255.255", (error) => {
+                if (error) {
+                    complete(error);
+                    return;
+                }
+                complete();
+            });
+        });
+    });
+}
+export function validateAttackCommand(target, rate) {
+    if (!target)
+        throw new AttackCommandValidationError("Missing target");
+    if (!Number.isFinite(rate) || rate <= 0)
+        throw new AttackCommandValidationError("Invalid rate");
+    let parsed;
+    try {
+        parsed = new URL(target);
+    }
+    catch {
+        throw new AttackCommandValidationError("Invalid target URL");
+    }
+    if (!["http:", "https:"].includes(parsed.protocol)) {
+        throw new AttackCommandValidationError("Target URL must be http/https");
+    }
+    if (!isAllowedClusterTargetHost(parsed.hostname)) {
+        throw new AttackCommandValidationError("Target host is not allowed for cluster attack");
+    }
+    return {
+        target: parsed.toString(),
+        rate: Math.min(2000, Math.max(1, Math.trunc(rate))),
+    };
+}
+export async function broadcastClusterAttack(target, rate) {
+    const valid = validateAttackCommand(target, rate);
+    await broadcastClusterCommand({ type: "ATTACK", target: valid.target, rate: valid.rate });
+    return { message: "Attack command broadcasted to cluster", nodes: members.size + 1 };
+}
+export async function broadcastClusterStop() {
+    await broadcastClusterCommand({ type: "STOP_ATTACK" });
+    stopClusterAttack();
+    return { message: "Stop command broadcasted to cluster", nodes: members.size + 1 };
+}
+// Handler to trigger the cluster attack
+export async function clusterAttackHandler(req, res) {
+    // Security boundary note: app.ts mounts this endpoint behind securityGate.
+    const { target, rate } = req.body;
+    if (!target)
+        return res.status(400).json({ error: "Missing target" });
+    if (rate === undefined || rate === null)
+        return res.status(400).json({ error: "Missing rate" });
+    try {
+        const result = await broadcastClusterAttack(String(target), Number(rate));
+        res.json(result);
+    }
+    catch (error) {
+        if (error instanceof AttackCommandValidationError) {
+            return res.status(400).json({ error: error?.message || "Invalid attack command" });
+        }
+        logger.error({ error: error?.message || String(error) }, "Cluster attack broadcast failed");
+        return res.status(500).json({ error: error?.message || "Failed to broadcast cluster attack command" });
+    }
+}
+export async function clusterAttackStopHandler(_req, res) {
+    // Security boundary note: app.ts mounts this endpoint behind securityGate.
+    try {
+        const result = await broadcastClusterStop();
+        res.json(result);
+    }
+    catch (error) {
+        res.status(500).json({ error: error?.message || "Failed to broadcast cluster stop command" });
+    }
+}
+export function getClusterMembers() {
+    const list = Array.from(members.entries()).map(([ip, lastSeen]) => ({
+        ip,
+        role: "peer",
+        status: "active",
+        lastSeen
+    }));
+    // Add self
+    list.unshift({
+        ip: myIp,
+        role: "self",
+        status: "active",
+        lastSeen: Date.now()
+    });
+    return list;
+}
+export function getClusterCommandMetrics() {
+    return { ...commandMetrics };
+}
+//# sourceMappingURL=cluster.js.map

package/dist/cluster.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cluster.js","sourceRoot":"","sources":["../src/cluster.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AACrD,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAEjC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACzF,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,yBAAyB,CAAC;AAElH,MAAM,mBAAmB,GAAG,IAAI,CAAC;AACjC,MAAM,sBAAsB,GAAG,MAAM,CAAC;AACtC,MAAM,qBAAqB,GAAG,IAAI,CAAC;AACnC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,CAAC,CAAC,CAAC;AACtF,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,EAAE,CAAC;AACtE,MAAM,wBAAwB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC;KACxE,KAAK,CAAC,GAAG,CAAC;KACV,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;KAC1C,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,IAAI,UAAU,GAAG,mBAAmB,CAAC;AACrC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAkB,CAAC,CAAC,2BAA2B;AACtE,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;AACnD,MAAM,cAAc,GAAG;IACnB,QAAQ,EAAE,CAAC;IACX,UAAU,EAAE,CAAC;IACb,QAAQ,EAAE,CAAC;CACd,CAAC;AACF,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;AAC1B,IAAI,wBAAwB,GAAqB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AACvE,MAAM,iBAAiB,GAAG,cAAc,CAAC;AAEzC,wBAAwB,CAAC,iBAAiB,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC;AAElE,KAAK,MAAM,MAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE,CAAC;IAC9D,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;AACL,CAAC;AACD,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;AAE3C,SAAS,sBAAsB;IAC3B,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;AACrF,CAAC;AAED,SAAS,yBAAyB;IAC9B,wBAAwB,GAAG,wBAAwB,CAAC,IAAI,CACpD,GAAG,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,gBAAgB,EAAE,sBAAsB,EAAE,CAAC,EACvE,GAAG,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,gBAAgB,EAAE,sBAAsB,EAAE,CAAC,CAC1E,CAAC;IAEF,KAAK,wBAAwB,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;QAC7C,oBAAoB,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;QACnD,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;QACvF,CAAC;IACL,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAc;IAC5C,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC;aACjE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aAChD,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACrE,OAAO,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,qBAAqB,CAAC,OAAgC;IAC3D,OAAO,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,MAAc,EAAE,OAAgC;IAC1F,OAAO,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC;SAC9B,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;SACtC,MAAM,CAAC,KAAK,CAAC,CAAC;AACvB,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACpC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,OAAO,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED,MAAM,SAAS,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;QAClB,OAAO,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,aAAa,CAAC,IAAY;IAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;QAClG,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;IACtB,IAAI,CAAC,KAAK,EAAE;QAAE,OAAO,IAAI,CAAC;IAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACxC,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACxC,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAY;IACtC,IAAI,wBAAwB,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACxD,OAAO,wBAAwB,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QAC3C,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,IAAI,KAAK,KAAK,CAAC;IAC1B,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,0BAA0B,CAAC,IAAY;IAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC1C,IAAI,oBAAoB,CAAC,cAAc,CAAC,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,cAAc,KAAK,WAAW,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,MAAM,SAAS,GAAG,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC,cAAc,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;QAClB,OAAO,cAAc,KAAK,KAAK,IAAI,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAC1G,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,UAAU;IACf,MAAM,MAAM,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC;IACtC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;YACrC,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC7C,OAAO,KAAK,CAAC,OAAO,CAAC;YACzB,CAAC;QACL,CAAC;IACL,CAAC;IACD,OAAO,WAAW,CAAC;AACvB,CAAC;AAOD,MAAM,4BAA6B,SAAQ,KAAK;IAC5C,YAAY,OAAe;QACvB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;IAC/C,CAAC;CACJ;AAED,SAAS,0BAA0B,CAAC,IAA2B,EAAE,QAAgB;IAC7E,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACzB,MAAM,cAAc,GAAG,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;YAC7B,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,MAAM,sBAAsB,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC3D,IAAI,sBAAsB,EAAE,CAAC;YACzB,cAAc,CAAC,UAAU,IAAI,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,EAAE,4EAA4E,CAAC,CAAC;QAC5G,CAAC;aAAM,CAAC;YACJ,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QACjC,CAAC;QACD,OAAO,sBAAsB,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,IAAI,EAAE,SAAS,KAAK,QAAQ,EAAE,CAAC;QACtC,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,eAAe,EAAE,GAAG,IAAI,CAAC;IAC/C,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAClE,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,MAAM,SAAS,GAAG,eAAe,CAAC,EAAE,CAAC;IACrC,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/D,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,GAAG,sBAAsB,EAAE,CAAC;QAC5D,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,EAAE,qBAAqB,CAAC;SACvD,MAAM,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC;SAC9C,MAAM,EAAE,CAAC;IACd,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAE/C,IAAI,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACtC,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;QACvC,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,YAAY,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,IAAI,gBAAgB,EAAE,CAAC;QACzD,IAAI,GAAG,GAAG,MAAM,GAAG,sBAAsB,EAAE,CAAC;YACxC,gBAAgB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC/C,CAAC;IACL,CAAC;IACD,IAAI,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;QACrC,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,gBAAgB,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IACxC,IAAI,gBAAgB,CAAC,IAAI,GAAG,qBAAqB,EAAE,CAAC;QAChD,MAAM,MAAM,GAAG,gBAAgB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACpD,IAAI,MAAM,EAAE,CAAC;YACT,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;IACL,CAAC;IAED,cAAc,CAAC,UAAU,IAAI,CAAC,CAAC;IAC/B,OAAO,IAAI,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,UAA4C,EAAE;IAC3E,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,UAAU,GAAG,OAAO,CAAC,IAAI,IAAI,UAAU,CAAC;IACxC,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAE1C,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACzB,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;QAClG,CAAC;aAAM,CAAC;YACJ,MAAM,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,qGAAqG,CAAC,CAAC;QAC5I,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QAChC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YACxC,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC7C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;oBACxB,MAAM,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,8BAA8B,CAAC,CAAC;gBACxE,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACjC,yBAAyB,EAAE,CAAC;YAChC,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACzB,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;gBAC7B,IAAI,CAAC,0BAA0B,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnD,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,+CAA+C,CAAC,CAAC;oBACpF,OAAO;gBACX,CAAC;gBACD,IAAI,CAAC;oBACD,MAAM,KAAK,GAAG,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;oBAC5E,aAAa,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;gBAAC,OAAO,KAAU,EAAE,CAAC;oBAClB,MAAM,CAAC,IAAI,CACP,EAAE,EAAE,EAAE,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,EACnF,2CAA2C,CAC9C,CAAC;gBACN,CAAC;YACL,CAAC;YACD,IAAI,IAAI,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC9B,cAAc,CAAC,QAAQ,IAAI,CAAC,CAAC;gBAC7B,IAAI,CAAC,0BAA0B,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnD,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,oDAAoD,CAAC,CAAC;oBACzF,OAAO;gBACX,CAAC;gBACD,iBAAiB,EAAE,CAAC;YACxB,CAAC;QACL,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,0CAA0C,CAAC,CAAC;QAC5H,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE;QAC/B,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE;QACpC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,iBAAiB,CAAC,CAAC;QAEnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,KAAK,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,IAAI,OAAO,EAAE,CAAC;YACnC,IAAI,GAAG,GAAG,QAAQ,GAAG,KAAK,EAAE,CAAC;gBACzB,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACnB,UAAU,GAAG,IAAI,CAAC;YACtB,CAAC;QACL,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACb,yBAAyB,EAAE,CAAC;QAChC,CAAC;IACL,CAAC,EAAE,IAAI,CAAC,CAAC;IAET,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,wBAAwB,CAAC,CAAC;IAEtE,OAAO;QACH,MAAM;QACN,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;QACtB,IAAI,EAAE,GAAG,EAAE;YACP,aAAa,CAAC,cAAc,CAAC,CAAC;YAC9B,iBAAiB,EAAE,CAAC;YACpB,MAAM,CAAC,KAAK,EAAE,CAAC;QACnB,CAAC;KACJ,CAAC;AACN,CAAC;AAED,IAAI,cAAc,GAA0B,IAAI,CAAC;AACjD,IAAI,iBAAiB,GAA0B,IAAI,CAAC;AAEpD,MAAM,UAAU,qBAAqB;IACjC,OAAO,OAAO,CAAC,cAAc,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,IAAY;IAC/C,IAAI,cAAc;QAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAClD,IAAI,iBAAiB;QAAE,YAAY,CAAC,iBAAiB,CAAC,CAAC;IACvD,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,sCAAsC,CAAC,CAAC;IAEtE,MAAM,KAAK,GAAG,IAAI,GAAG,IAAI,CAAC;IAC1B,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE;QAC9B,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC,CAAC,kBAAkB;IACvD,CAAC,EAAE,KAAK,CAAC,CAAC;IAEV,iBAAiB;IACjB,iBAAiB,GAAG,UAAU,CAAC,GAAG,EAAE;QAChC,iBAAiB,EAAE,CAAC;QACpB,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC5C,CAAC,EAAE,KAAK,CAAC,CAAC;AACd,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC7B,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAC1C,IAAI,cAAc,EAAE,CAAC;QACjB,aAAa,CAAC,cAAc,CAAC,CAAC;QAC9B,cAAc,GAAG,IAAI,CAAC;IAC1B,CAAC;IACD,IAAI,iBAAiB,EAAE,CAAC;QACpB,YAAY,CAAC,iBAAiB,CAAC,CAAC;QAChC,iBAAiB,GAAG,IAAI,CAAC;IAC7B,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,KAAK,UAAU,uBAAuB,CAAC,OAAgC;IACnE,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,YAAwC,CAAC;QAE7C,MAAM,SAAS,GAAG,GAAG,EAAE;YACnB,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,MAAM,GAAG,IAAI,CAAC;gBACd,MAAM,CAAC,KAAK,EAAE,CAAC;YACnB,CAAC;QACL,CAAC,CAAC;QAEF,MAAM,QAAQ,GAAG,CAAC,KAAoB,EAAE,EAAE;YACtC,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,IAAI,YAAY,EAAE,CAAC;gBACf,YAAY,CAAC,YAAY,CAAC,CAAC;YAC/B,CAAC;YACD,SAAS,EAAE,CAAC;YACZ,IAAI,KAAK,EAAE,CAAC;gBACR,MAAM,CAAC,KAAK,CAAC,CAAC;gBACd,OAAO;YACX,CAAC;YACD,OAAO,EAAE,CAAC;QACd,CAAC,CAAC;QAEF,YAAY,GAAG,UAAU,CAAC,GAAG,EAAE;YAC3B,QAAQ,CAAC,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAC;QACvD,CAAC,EAAE,IAAI,CAAC,CAAC;QAET,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YAC3B,QAAQ,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;YACb,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;YAC1B,MAAM,WAAW,GAA4B;gBACzC,GAAG,OAAO;gBACV,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE;aACjB,CAAC;YACF,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,qBAAqB;gBAChD,CAAC,CAAC;oBACE,GAAG,WAAW;oBACd,SAAS,EAAE,6BAA6B,CAAC,qBAAqB,EAAE,WAAW,CAAC;iBAC/E;gBACD,CAAC,CAAC,WAAW,CAChB,CAAC;YACF,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC1D,IAAI,KAAK,EAAE,CAAC;oBACR,QAAQ,CAAC,KAAK,CAAC,CAAC;oBAChB,OAAO;gBACX,CAAC;gBACD,QAAQ,EAAE,CAAC;YACf,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAAc,EAAE,IAAY;IAC9D,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,4BAA4B,CAAC,gBAAgB,CAAC,CAAC;IACtE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC;QAAE,MAAM,IAAI,4BAA4B,CAAC,cAAc,CAAC,CAAC;IAEhG,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACD,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACL,MAAM,IAAI,4BAA4B,CAAC,oBAAoB,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,4BAA4B,CAAC,+BAA+B,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,CAAC,0BAA0B,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,4BAA4B,CAAC,+CAA+C,CAAC,CAAC;IAC5F,CAAC;IAED,OAAO;QACH,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE;QACzB,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;KACtD,CAAC;AACN,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAAc,EAAE,IAAY;IACrE,MAAM,KAAK,GAAG,qBAAqB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClD,MAAM,uBAAuB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1F,OAAO,EAAE,OAAO,EAAE,uCAAuC,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;AACzF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACtC,MAAM,uBAAuB,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC,CAAC;IACvD,iBAAiB,EAAE,CAAC;IACpB,OAAO,EAAE,OAAO,EAAE,qCAAqC,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;AACvF,CAAC;AAED,wCAAwC;AACxC,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAY,EAAE,GAAa;IAClE,2EAA2E;IAC3E,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;IAClC,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,CAAC,CAAC;IACtE,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;IAEhG,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1E,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QAClB,IAAI,KAAK,YAAY,4BAA4B,EAAE,CAAC;YAChD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,wBAAwB,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,iCAAiC,CAAC,CAAC;QAC5F,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,4CAA4C,EAAE,CAAC,CAAC;IAC3G,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,IAAa,EAAE,GAAa;IACvE,2EAA2E;IAC3E,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,oBAAoB,EAAE,CAAC;QAC5C,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QAClB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,0CAA0C,EAAE,CAAC,CAAC;IAClG,CAAC;AACL,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAChE,EAAE;QACF,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,QAAQ;QAChB,QAAQ;KACX,CAAC,CAAC,CAAC;IAEJ,WAAW;IACX,IAAI,CAAC,OAAO,CAAC;QACT,EAAE,EAAE,IAAI;QACR,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE;KACvB,CAAC,CAAC;IAEH,OAAO,IAAI,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,wBAAwB;IACpC,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;AACjC,CAAC"}

package/dist/config.js

@@ -0,0 +1,61 @@
+// Port validation helper - ensures valid port range
+function parsePort(value, defaultPort) {
+    const port = parseInt(value ?? String(defaultPort), 10);
+    if (isNaN(port) || port < 0 || port > 65535) {
+        return defaultPort;
+    }
+    return port;
+}
+function resolvePersistencePath(value, defaultPath) {
+    if (typeof value === "string") {
+        return value;
+    }
+    return process.env.NODE_ENV === "test" ? "" : defaultPath;
+}
+export const cfg = {
+    host: process.env.HOST || "127.0.0.1",
+    portHttp1: parsePort(process.env.PORT_HTTP1, 8090),
+    portHttp2: parsePort(process.env.PORT_HTTP2, 8443),
+    portTcp: parsePort(process.env.PORT_TCP, 9000),
+    portUdp: parsePort(process.env.PORT_UDP, 9001),
+    portGrpc: parsePort(process.env.PORT_GRPC, 50051),
+    portRedis: parsePort(process.env.PORT_REDIS, 6379),
+    portSmtp: parsePort(process.env.PORT_SMTP, 2525),
+    portIcap: parsePort(process.env.PORT_ICAP, 1344),
+    portSyslog: parsePort(process.env.PORT_SYSLOG, 5514),
+    portSyslogAlt: parsePort(process.env.PORT_SYSLOG_ALT, 5140),
+    portMqtt: parsePort(process.env.PORT_MQTT, 1883),
+    portBadSsl: parsePort(process.env.PORT_BAD_SSL, 8444),
+    enableCors: process.env.CORS !== "false",
+    bodyLimit: process.env.BODY_LIMIT || "20mb",
+    tlsKeyPath: process.env.TLS_KEY || "certs/server.key",
+    tlsCertPath: process.env.TLS_CRT || "certs/server.crt",
+    enableH2C: process.env.H2C === "true",
+    enableCompression: process.env.COMPRESSION !== "false",
+    demoMode: process.env.DEMO_MODE === "true" || process.env.APPARATUS_DEMO === "true",
+    tunnelUrl: process.env.TUNNEL_URL || "",
+    tunnelApiKey: process.env.TUNNEL_API_KEY || "",
+    // Integration with Chimera scripts
+    k6ScenariosPath: process.env.K6_SCENARIOS_PATH || "",
+    nucleiTemplatesPath: process.env.NUCLEI_TEMPLATES_PATH || "",
+    scenarioCatalogPath: resolvePersistencePath(process.env.SCENARIO_CATALOG_PATH, "data/scenarios.json"),
+    webhookStorePath: resolvePersistencePath(process.env.WEBHOOK_STORE_PATH, "data/webhooks.json"),
+    deceptionHistoryPath: resolvePersistencePath(process.env.DECEPTION_HISTORY_PATH, "data/deception-history.json"),
+    drillRunsPath: resolvePersistencePath(process.env.DRILL_RUNS_PATH, "data/drill-runs.json"),
+    requestHistoryPath: resolvePersistencePath(process.env.REQUEST_HISTORY_PATH, "data/request-history.json"),
+    tarpitStatePath: resolvePersistencePath(process.env.TARPIT_STATE_PATH, "data/tarpit-state.json"),
+    clusterStatePath: resolvePersistencePath(process.env.CLUSTER_STATE_PATH, "data/cluster-state.json"),
+};
+export const MTD_SKIP_ROUTE_PREFIXES = [
+    "/mtd",
+    "/health",
+    "/healthz",
+    "/sse",
+    "/dashboard",
+    "/assets",
+    "/_sensor",
+    "/metrics",
+    "/docs",
+    "/api/docs-index",
+];
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,SAAS,SAAS,CAAC,KAAyB,EAAE,WAAmB;IAC7D,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,IAAI,MAAM,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;IACxD,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;QAC1C,OAAO,WAAW,CAAC;IACvB,CAAC;IACD,OAAO,IAAI,CAAC;AAChB,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAyB,EAAE,WAAmB;IAC1E,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;AAC9D,CAAC;AAED,MAAM,CAAC,MAAM,GAAG,GAAG;IACf,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,WAAW;IACrC,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC;IAClD,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC;IAClD,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC;IAC9C,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC;IAC9C,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC;IACjD,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC;IAClD,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC;IAChD,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC;IAChD,UAAU,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC;IACpD,aAAa,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC;IAC3D,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC;IAChD,UAAU,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC;IACrD,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,KAAK,OAAO;IACxC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,MAAM;IAC3C,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,kBAAkB;IACrD,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,kBAAkB;IACtD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,MAAM;IACrC,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,OAAO;IACtD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,MAAM;IACnF,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE;IACvC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE;IAC9C,mCAAmC;IACnC,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,EAAE;IACpD,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,EAAE;IAC5D,mBAAmB,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,qBAAqB,CAAC;IACrG,gBAAgB,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;IAC9F,oBAAoB,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,6BAA6B,CAAC;IAC/G,aAAa,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,sBAAsB,CAAC;IAC1F,kBAAkB,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,2BAA2B,CAAC;IACzG,eAAe,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,wBAAwB,CAAC;IAChG,gBAAgB,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;CACtG,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACnC,MAAM;IACN,SAAS;IACT,UAAU;IACV,MAAM;IACN,YAAY;IACZ,SAAS;IACT,UAAU;IACV,UAAU;IACV,OAAO;IACP,iBAAiB;CACX,CAAC"}