@f2a/network 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +278 -63
- package/dist/cli/commands.d.ts.map +1 -1
- package/dist/cli/commands.js +29 -2
- package/dist/cli/commands.js.map +1 -1
- package/dist/cli/config.d.ts +176 -0
- package/dist/cli/config.d.ts.map +1 -0
- package/dist/cli/config.js +386 -0
- package/dist/cli/config.js.map +1 -0
- package/dist/cli/daemon.d.ts +54 -0
- package/dist/cli/daemon.d.ts.map +1 -0
- package/dist/cli/daemon.js +572 -0
- package/dist/cli/daemon.js.map +1 -0
- package/dist/cli/index.js +90 -16
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/init.d.ts +13 -0
- package/dist/cli/init.d.ts.map +1 -0
- package/dist/cli/init.js +352 -0
- package/dist/cli/init.js.map +1 -0
- package/dist/core/e2ee-crypto.d.ts +127 -1
- package/dist/core/e2ee-crypto.d.ts.map +1 -1
- package/dist/core/e2ee-crypto.js +446 -12
- package/dist/core/e2ee-crypto.js.map +1 -1
- package/dist/core/f2a.d.ts +2 -1
- package/dist/core/f2a.d.ts.map +1 -1
- package/dist/core/f2a.js +6 -2
- package/dist/core/f2a.js.map +1 -1
- package/dist/core/identity/encrypted-key-store.d.ts +19 -0
- package/dist/core/identity/encrypted-key-store.d.ts.map +1 -0
- package/dist/core/identity/encrypted-key-store.js +72 -0
- package/dist/core/identity/encrypted-key-store.js.map +1 -0
- package/dist/core/identity/identity-manager.d.ts +133 -0
- package/dist/core/identity/identity-manager.d.ts.map +1 -0
- package/dist/core/identity/identity-manager.js +454 -0
- package/dist/core/identity/identity-manager.js.map +1 -0
- package/dist/core/identity/index.d.ts +8 -0
- package/dist/core/identity/index.d.ts.map +1 -0
- package/dist/core/identity/index.js +7 -0
- package/dist/core/identity/index.js.map +1 -0
- package/dist/core/identity/types.d.ts +70 -0
- package/dist/core/identity/types.d.ts.map +1 -0
- package/dist/core/identity/types.js +17 -0
- package/dist/core/identity/types.js.map +1 -0
- package/dist/core/p2p-network.d.ts +26 -0
- package/dist/core/p2p-network.d.ts.map +1 -1
- package/dist/core/p2p-network.js +434 -105
- package/dist/core/p2p-network.js.map +1 -1
- package/dist/core/reputation-security.d.ts +15 -0
- package/dist/core/reputation-security.d.ts.map +1 -1
- package/dist/core/reputation-security.js +73 -3
- package/dist/core/reputation-security.js.map +1 -1
- package/dist/core/reputation.d.ts +129 -4
- package/dist/core/reputation.d.ts.map +1 -1
- package/dist/core/reputation.js +294 -1
- package/dist/core/reputation.js.map +1 -1
- package/dist/core/review-committee.d.ts +2 -2
- package/dist/core/review-committee.d.ts.map +1 -1
- package/dist/core/review-committee.js +17 -0
- package/dist/core/review-committee.js.map +1 -1
- package/dist/daemon/control-server.d.ts.map +1 -1
- package/dist/daemon/control-server.js +44 -1
- package/dist/daemon/control-server.js.map +1 -1
- package/dist/daemon/webhook.d.ts +3 -0
- package/dist/daemon/webhook.d.ts.map +1 -1
- package/dist/daemon/webhook.js +318 -6
- package/dist/daemon/webhook.js.map +1 -1
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -3
- package/dist/index.js.map +1 -1
- package/dist/types/index.d.ts +4 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/result.d.ts +1 -1
- package/dist/types/result.d.ts.map +1 -1
- package/dist/types/result.js.map +1 -1
- package/dist/utils/crypto-utils.d.ts +17 -0
- package/dist/utils/crypto-utils.d.ts.map +1 -0
- package/dist/utils/crypto-utils.js +28 -0
- package/dist/utils/crypto-utils.js.map +1 -0
- package/dist/utils/logger.d.ts +1 -0
- package/dist/utils/logger.d.ts.map +1 -1
- package/dist/utils/logger.js +9 -3
- package/dist/utils/logger.js.map +1 -1
- package/dist/utils/rate-limiter.d.ts.map +1 -1
- package/dist/utils/rate-limiter.js +3 -1
- package/dist/utils/rate-limiter.js.map +1 -1
- package/dist/utils/signature.d.ts +47 -1
- package/dist/utils/signature.d.ts.map +1 -1
- package/dist/utils/signature.js +166 -11
- package/dist/utils/signature.js.map +1 -1
- package/package.json +2 -1
|
@@ -8,6 +8,45 @@ import { Logger } from '../utils/logger.js';
|
|
|
8
8
|
import { RateLimiter } from '../utils/rate-limiter.js';
|
|
9
9
|
/** 默认允许的 CORS 来源 */
|
|
10
10
|
const DEFAULT_ALLOWED_ORIGINS = ['http://localhost'];
|
|
11
|
+
/**
|
|
12
|
+
* P2 修复:生产环境 CORS 配置验证
|
|
13
|
+
* 检查是否在生产环境使用了宽松的 CORS 配置
|
|
14
|
+
* P2-4 修复:在严格模式下禁止 localhost
|
|
15
|
+
*/
|
|
16
|
+
function validateCorsConfig(allowedOrigins) {
|
|
17
|
+
const isProduction = process.env.NODE_ENV === 'production';
|
|
18
|
+
const isStrictMode = process.env.F2A_STRICT_CORS === 'true';
|
|
19
|
+
if (isProduction || isStrictMode) {
|
|
20
|
+
// 检查是否使用默认配置
|
|
21
|
+
if (allowedOrigins.length === 1 && allowedOrigins[0] === 'http://localhost') {
|
|
22
|
+
const logger = new Logger({ component: 'ControlServer' });
|
|
23
|
+
if (isStrictMode) {
|
|
24
|
+
// P2-4 修复:严格模式下禁止 localhost
|
|
25
|
+
logger.error('CORS configuration error: localhost origin is not allowed in strict mode!');
|
|
26
|
+
throw new Error('Localhost CORS origin is not allowed in strict mode (F2A_STRICT_CORS=true). Configure specific allowed origins.');
|
|
27
|
+
}
|
|
28
|
+
logger.error('CORS configuration warning: Using default localhost origin in production!');
|
|
29
|
+
logger.error('Set F2A_ALLOWED_ORIGINS environment variable or pass allowedOrigins option.');
|
|
30
|
+
logger.error('Example: F2A_ALLOWED_ORIGINS=https://your-domain.com,https://api.your-domain.com');
|
|
31
|
+
}
|
|
32
|
+
// 检查是否包含通配符或过于宽松的配置
|
|
33
|
+
if (allowedOrigins.includes('*')) {
|
|
34
|
+
const logger = new Logger({ component: 'ControlServer' });
|
|
35
|
+
logger.error('CORS configuration error: Wildcard origin (*) is not allowed in production!');
|
|
36
|
+
throw new Error('Wildcard CORS origin is not allowed in production. Configure specific allowed origins.');
|
|
37
|
+
}
|
|
38
|
+
// 检查是否包含 localhost
|
|
39
|
+
if (allowedOrigins.some(o => o.includes('localhost') || o.includes('127.0.0.1'))) {
|
|
40
|
+
const logger = new Logger({ component: 'ControlServer' });
|
|
41
|
+
// P2-4 修复:严格模式下禁止 localhost
|
|
42
|
+
if (isStrictMode) {
|
|
43
|
+
logger.error('CORS configuration error: localhost/127.0.0.1 origins are not allowed in strict mode!');
|
|
44
|
+
throw new Error('Localhost/127.0.0.1 CORS origins are not allowed in strict mode (F2A_STRICT_CORS=true). Configure specific allowed origins.');
|
|
45
|
+
}
|
|
46
|
+
logger.warn('CORS configuration warning: localhost/127.0.0.1 origins in production may be a security risk.');
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
}
|
|
11
50
|
export class ControlServer {
|
|
12
51
|
server;
|
|
13
52
|
f2a;
|
|
@@ -24,7 +63,11 @@ export class ControlServer {
|
|
|
24
63
|
// 速率限制: 每分钟最多 60 个请求
|
|
25
64
|
this.rateLimiter = new RateLimiter({ maxRequests: 60, windowMs: 60000 });
|
|
26
65
|
// CORS 配置:优先使用传入的 allowedOrigins,否则使用默认值
|
|
27
|
-
|
|
66
|
+
// 支持从环境变量 F2A_ALLOWED_ORIGINS 读取(逗号分隔)
|
|
67
|
+
const envOrigins = process.env.F2A_ALLOWED_ORIGINS?.split(',').map(o => o.trim()).filter(Boolean);
|
|
68
|
+
this.allowedOrigins = options?.allowedOrigins ?? envOrigins ?? DEFAULT_ALLOWED_ORIGINS;
|
|
69
|
+
// P2 修复:生产环境强制验证 CORS 配置
|
|
70
|
+
validateCorsConfig(this.allowedOrigins);
|
|
28
71
|
}
|
|
29
72
|
/**
|
|
30
73
|
* 启动控制服务器
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"control-server.js","sourceRoot":"","sources":["../../src/daemon/control-server.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAA2C,MAAM,MAAM,CAAC;AAE7E,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AASvD,oBAAoB;AACpB,MAAM,uBAAuB,GAAG,CAAC,kBAAkB,CAAC,CAAC;AAErD,MAAM,OAAO,aAAa;IAChB,MAAM,CAAU;IAChB,GAAG,CAAM;IACT,IAAI,CAAS;IACb,YAAY,CAAe;IAC3B,MAAM,CAAS;IACf,WAAW,CAAc;IACzB,cAAc,CAAW;IAEjC,YAAY,GAAQ,EAAE,IAAY,EAAE,YAA2B,EAAE,OAA8B;QAC7F,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,IAAI,YAAY,EAAE,CAAC;QACvD,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;QACzD,qBAAqB;QACrB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QACzE,yCAAyC;QACzC,IAAI,CAAC,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"control-server.js","sourceRoot":"","sources":["../../src/daemon/control-server.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAA2C,MAAM,MAAM,CAAC;AAE7E,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AASvD,oBAAoB;AACpB,MAAM,uBAAuB,GAAG,CAAC,kBAAkB,CAAC,CAAC;AAErD;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,cAAwB;IAClD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,MAAM,CAAC;IAE5D,IAAI,YAAY,IAAI,YAAY,EAAE,CAAC;QACjC,aAAa;QACb,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,IAAI,cAAc,CAAC,CAAC,CAAC,KAAK,kBAAkB,EAAE,CAAC;YAC5E,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;YAC1D,IAAI,YAAY,EAAE,CAAC;gBACjB,4BAA4B;gBAC5B,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC;gBAC1F,MAAM,IAAI,KAAK,CAAC,iHAAiH,CAAC,CAAC;YACrI,CAAC;YACD,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC;YAC1F,MAAM,CAAC,KAAK,CAAC,6EAA6E,CAAC,CAAC;YAC5F,MAAM,CAAC,KAAK,CAAC,kFAAkF,CAAC,CAAC;QACnG,CAAC;QAED,oBAAoB;QACpB,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;YAC1D,MAAM,CAAC,KAAK,CAAC,6EAA6E,CAAC,CAAC;YAC5F,MAAM,IAAI,KAAK,CAAC,wFAAwF,CAAC,CAAC;QAC5G,CAAC;QAED,mBAAmB;QACnB,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACjF,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;YAC1D,4BAA4B;YAC5B,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,CAAC,KAAK,CAAC,uFAAuF,CAAC,CAAC;gBACtG,MAAM,IAAI,KAAK,CAAC,6HAA6H,CAAC,CAAC;YACjJ,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,+FAA+F,CAAC,CAAC;QAC/G,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,OAAO,aAAa;IAChB,MAAM,CAAU;IAChB,GAAG,CAAM;IACT,IAAI,CAAS;IACb,YAAY,CAAe;IAC3B,MAAM,CAAS;IACf,WAAW,CAAc;IACzB,cAAc,CAAW;IAEjC,YAAY,GAAQ,EAAE,IAAY,EAAE,YAA2B,EAAE,OAA8B;QAC7F,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,IAAI,YAAY,EAAE,CAAC;QACvD,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;QACzD,qBAAqB;QACrB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QACzE,yCAAyC;QACzC,uCAAuC;QACvC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAClG,IAAI,CAAC,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,UAAU,IAAI,uBAAuB,CAAC;QAEvF,yBAAyB;QACzB,kBAAkB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,KAAK;QACH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;gBACtC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAC/B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAEhC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE;gBACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBACnD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,IAAI;QACF,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QAC1B,CAAC;QACD,YAAY;QACZ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,UAA8B;QACvD,IAAI,CAAC,UAAU;YAAE,OAAO,SAAS,CAAC;QAClC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACnD,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtC,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,GAAoB,EAAE,GAAmB;QACjE,sBAAsB;QAClB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;QAClC,MAAM,WAAW,GAAG,MAAM,IAAI,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC;YAChE,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;QAE3B,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,WAAW,CAAC,CAAC;QAC1D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,2BAA2B,CAAC,CAAC;QAE3E,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACV,OAAO;QACT,CAAC;QAED,iBAAiB;QACjB,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAClD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACnE,OAAO;QACT,CAAC;QAED,4BAA4B;QAC5B,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAClD,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7C,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;gBACxE,OAAO;YACT,CAAC;YACD,6CAA6C;YAC7C,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAuB;mBACzD,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACxD,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;gBACnE,OAAO;YACT,CAAC;YACD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM;gBACvB,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE;aAChD,CAAC,CAAC,CAAC;YACJ,OAAO;QACT,CAAC;QAED,kCAAkC;QAClC,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjD,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7C,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;gBACxE,OAAO;YACT,CAAC;YACD,6CAA6C;YAC7C,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAuB;mBACzD,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACxD,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC;gBACnE,OAAO;YACT,CAAC;YACD,wBAAwB;YACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC1B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,oBAAoB;aAC3B,CAAC,CAAC,CAAC;YACJ,OAAO;QACT,CAAC;QACD,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;QACvD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;YACtD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,mBAAmB;gBAC1B,IAAI,EAAE,qBAAqB;aAC5B,CAAC,CAAC,CAAC;YACJ,OAAO;QACT,CAAC;QAED,WAAW;QACX,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAuB,CAAC;QAE/D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1C,YAAY;YACZ,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC;gBAC9B,EAAE,EAAE,QAAQ;gBACZ,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;YACvD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,wCAAwC;gBAC/C,IAAI,EAAE,cAAc;aACrB,CAAC,CAAC,CAAC;YACJ,OAAO;QACT,CAAC;QAED,UAAU;QACV,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC;YAC9B,EAAE,EAAE,QAAQ;YACZ,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC;QACvC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACjB,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,IAAY,EAAE,GAAmB;QACtD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAEjC,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,QAAQ;oBACX,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;oBACvB,MAAM;gBACR,KAAK,OAAO;oBACV,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;oBACtB,MAAM;gBACR,KAAK,UAAU;oBACb,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;oBAC7C,MAAM;gBACR;oBACE,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;oBACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;wBACrB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,gBAAgB;wBACvB,IAAI,EAAE,gBAAgB;qBACvB,CAAC,CAAC,CAAC;YACR,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,cAAc;gBACrB,IAAI,EAAE,cAAc;aACrB,CAAC,CAAC,CAAC;QACN,CAAC;IACH,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAmB;QACtC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACrB,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM;YACvB,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS;SAC9B,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAmB;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC3C,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACrB,OAAO,EAAE,IAAI;YACb,KAAK;SACN,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,UAA8B,EAAE,GAAmB;QAC9E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YACzD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,IAAI;gBACb,MAAM;aACP,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,IAAI,EAAE,iBAAiB;aACxB,CAAC,CAAC,CAAC;QACN,CAAC;IACH,CAAC;CACF"}
|
package/dist/daemon/webhook.d.ts
CHANGED
|
@@ -10,6 +10,7 @@ export interface WebhookNotification {
|
|
|
10
10
|
}
|
|
11
11
|
export declare class WebhookService {
|
|
12
12
|
private config;
|
|
13
|
+
private logger;
|
|
13
14
|
constructor(config: WebhookConfig);
|
|
14
15
|
/**
|
|
15
16
|
* 发送通知
|
|
@@ -20,6 +21,8 @@ export declare class WebhookService {
|
|
|
20
21
|
}>;
|
|
21
22
|
/**
|
|
22
23
|
* 发送 HTTP 请求
|
|
24
|
+
* P2-1 修复:在请求前验证 DNS 解析后的 IP 地址,防止 DNS 重绑定攻击
|
|
25
|
+
* P2-1 修复:使用解析后的 IP 地址发送请求,避免 TOCTOU 漏洞
|
|
23
26
|
*/
|
|
24
27
|
private sendRequest;
|
|
25
28
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/daemon/webhook.ts"],"names":[],"mappings":"AAAA;;GAEG;
|
|
1
|
+
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/daemon/webhook.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAKlD,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,KAAK,GAAG,gBAAgB,CAAC;IACpC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAwQD,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,MAAM,CAAS;gBAEX,MAAM,EAAE,aAAa;IAUjC;;OAEG;IACG,IAAI,CAAC,YAAY,EAAE,mBAAmB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAyC5F;;;;OAIG;YACW,WAAW;IAwFzB;;OAEG;IACH,OAAO,CAAC,KAAK;CAGd"}
|
package/dist/daemon/webhook.js
CHANGED
|
@@ -3,8 +3,257 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import { request } from 'https';
|
|
5
5
|
import { request as httpRequest } from 'http';
|
|
6
|
+
import { lookup } from 'dns';
|
|
7
|
+
import { isIPv6 } from 'net';
|
|
8
|
+
import { promisify } from 'util';
|
|
9
|
+
import { Logger } from '../utils/logger.js';
|
|
10
|
+
const dnsLookup = promisify(lookup);
|
|
11
|
+
/**
|
|
12
|
+
* P2-2 修复:判断字符串是否为 IPv6 地址格式
|
|
13
|
+
* 使用 Node.js 标准库进行验证,避免正则匹配无效字符串
|
|
14
|
+
* P2-3 修复:处理特殊 IPv6 地址如 ::(未指定地址)
|
|
15
|
+
*/
|
|
16
|
+
function isIPv6Format(hostname) {
|
|
17
|
+
// 去除方括号后检查
|
|
18
|
+
const cleanHostname = hostname.startsWith('[') && hostname.endsWith(']')
|
|
19
|
+
? hostname.slice(1, -1)
|
|
20
|
+
: hostname;
|
|
21
|
+
// P2-3 修复:特殊处理 :: (未指定地址)
|
|
22
|
+
if (cleanHostname === '::') {
|
|
23
|
+
return true;
|
|
24
|
+
}
|
|
25
|
+
return isIPv6(cleanHostname);
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* P2-2 修复:检查 IPv4 地址是否为私有地址
|
|
29
|
+
* 拆分为独立函数以提高可读性
|
|
30
|
+
* P2-7 修复:添加 CGNAT 地址检测 (100.64.0.0/10)
|
|
31
|
+
* P2-10 修复:添加文档/测试网络地址检测
|
|
32
|
+
*/
|
|
33
|
+
function isPrivateIPv4(octets) {
|
|
34
|
+
// 127.x.x.x (loopback)
|
|
35
|
+
if (octets[0] === 127)
|
|
36
|
+
return true;
|
|
37
|
+
// 10.x.x.x (Class A private)
|
|
38
|
+
if (octets[0] === 10)
|
|
39
|
+
return true;
|
|
40
|
+
// 192.168.x.x (Class C private)
|
|
41
|
+
if (octets[0] === 192 && octets[1] === 168)
|
|
42
|
+
return true;
|
|
43
|
+
// 172.16.x.x - 172.31.x.x (Class B private)
|
|
44
|
+
if (octets[0] === 172 && octets[1] >= 16 && octets[1] <= 31)
|
|
45
|
+
return true;
|
|
46
|
+
// 169.254.x.x (link-local)
|
|
47
|
+
if (octets[0] === 169 && octets[1] === 254)
|
|
48
|
+
return true;
|
|
49
|
+
// 0.0.0.0 (all interfaces)
|
|
50
|
+
if (octets[0] === 0 && octets[1] === 0 && octets[2] === 0 && octets[3] === 0)
|
|
51
|
+
return true;
|
|
52
|
+
// P2-7 修复:100.64.0.0/10 (CGNAT - RFC 6598)
|
|
53
|
+
// 运营商级 NAT 地址,不应从公网访问
|
|
54
|
+
if (octets[0] === 100 && octets[1] >= 64 && octets[1] <= 127)
|
|
55
|
+
return true;
|
|
56
|
+
// P2-10 修复:文档/测试网络地址
|
|
57
|
+
// 192.0.2.0/24 (TEST-NET-1 - RFC 5737)
|
|
58
|
+
if (octets[0] === 192 && octets[1] === 0 && octets[2] === 2)
|
|
59
|
+
return true;
|
|
60
|
+
// 198.51.100.0/24 (TEST-NET-2 - RFC 5737)
|
|
61
|
+
if (octets[0] === 198 && octets[1] === 51 && octets[2] === 100)
|
|
62
|
+
return true;
|
|
63
|
+
// 203.0.113.0/24 (TEST-NET-3 - RFC 5737)
|
|
64
|
+
if (octets[0] === 203 && octets[1] === 0 && octets[2] === 113)
|
|
65
|
+
return true;
|
|
66
|
+
// P2-10 修复:192.0.0.0/24 (IETF Protocol Assignments - RFC 6890)
|
|
67
|
+
if (octets[0] === 192 && octets[1] === 0 && octets[2] === 0)
|
|
68
|
+
return true;
|
|
69
|
+
return false;
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* P2-8 修复:解析 IPv4 映射的 IPv6 地址 (::ffff:x.x.x.x 或 ::ffff:xxxx:xxxx)
|
|
73
|
+
* @returns IPv4 八位组数组,如果不是 IPv4 映射地址则返回 null
|
|
74
|
+
*/
|
|
75
|
+
function parseIPv4MappedIPv6(hostname) {
|
|
76
|
+
const lower = hostname.toLowerCase();
|
|
77
|
+
// IPv4-mapped IPv6: ::ffff:x.x.x.x 或 0:0:0:0:0:ffff:x.x.x.x (点分十进制)
|
|
78
|
+
const mappedMatch = lower.match(/^(?:0:){0,5}:ffff:(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
|
|
79
|
+
if (mappedMatch) {
|
|
80
|
+
return [
|
|
81
|
+
parseInt(mappedMatch[1], 10),
|
|
82
|
+
parseInt(mappedMatch[2], 10),
|
|
83
|
+
parseInt(mappedMatch[3], 10),
|
|
84
|
+
parseInt(mappedMatch[4], 10)
|
|
85
|
+
];
|
|
86
|
+
}
|
|
87
|
+
// IPv4-mapped IPv6 十六进制格式: ::ffff:xxxx:xxxx (URL 解析器会将 ::ffff:127.0.0.1 转为 ::ffff:7f00:1)
|
|
88
|
+
const hexMatch = lower.match(/^::ffff:([0-9a-f]{1,4}):([0-9a-f]{1,4})$/);
|
|
89
|
+
if (hexMatch) {
|
|
90
|
+
const high = hexMatch[1].padStart(4, '0');
|
|
91
|
+
const low = hexMatch[2].padStart(4, '0');
|
|
92
|
+
return [
|
|
93
|
+
parseInt(high.slice(0, 2), 16),
|
|
94
|
+
parseInt(high.slice(2, 4), 16),
|
|
95
|
+
parseInt(low.slice(0, 2), 16),
|
|
96
|
+
parseInt(low.slice(2, 4), 16)
|
|
97
|
+
];
|
|
98
|
+
}
|
|
99
|
+
return null;
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* P2-9 修复:解析 IPv4 兼容的 IPv6 地址 (::xxxx:xxxx 或 ::x.x.x.x)
|
|
103
|
+
* @returns IPv4 八位组数组,如果不是 IPv4 兼容地址则返回 null
|
|
104
|
+
*/
|
|
105
|
+
function parseIPv4CompatibleIPv6(hostname) {
|
|
106
|
+
const lower = hostname.toLowerCase();
|
|
107
|
+
// IPv4-compatible IPv6: ::x.x.x.x (已弃用但仍需检测)
|
|
108
|
+
const compatMatch = lower.match(/^(?:0:){0,6}(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
|
|
109
|
+
if (compatMatch) {
|
|
110
|
+
return [
|
|
111
|
+
parseInt(compatMatch[1], 10),
|
|
112
|
+
parseInt(compatMatch[2], 10),
|
|
113
|
+
parseInt(compatMatch[3], 10),
|
|
114
|
+
parseInt(compatMatch[4], 10)
|
|
115
|
+
];
|
|
116
|
+
}
|
|
117
|
+
// IPv4-compatible IPv6: ::xxxx:xxxx 格式 (如 ::7f00:1 表示 127.0.0.1)
|
|
118
|
+
const hexMatch = lower.match(/^(?:0:){0,6}([0-9a-f]{1,4}):([0-9a-f]{1,4})$/);
|
|
119
|
+
if (hexMatch) {
|
|
120
|
+
const high = hexMatch[1].padStart(4, '0');
|
|
121
|
+
const low = hexMatch[2].padStart(4, '0');
|
|
122
|
+
return [
|
|
123
|
+
parseInt(high.slice(0, 2), 16),
|
|
124
|
+
parseInt(high.slice(2, 4), 16),
|
|
125
|
+
parseInt(low.slice(0, 2), 16),
|
|
126
|
+
parseInt(low.slice(2, 4), 16)
|
|
127
|
+
];
|
|
128
|
+
}
|
|
129
|
+
return null;
|
|
130
|
+
}
|
|
131
|
+
/**
|
|
132
|
+
* P2-11 修复:检查 NAT64 地址 (64:ff9b::/96)
|
|
133
|
+
*/
|
|
134
|
+
function isNAT64Address(hostname) {
|
|
135
|
+
const lower = hostname.toLowerCase();
|
|
136
|
+
// NAT64: 64:ff9b::/96 (RFC 6146)
|
|
137
|
+
if (lower.startsWith('64:ff9b:'))
|
|
138
|
+
return true;
|
|
139
|
+
// 也检查完整格式
|
|
140
|
+
if (lower.match(/^64:ff9b:(?:0:){0,5}/))
|
|
141
|
+
return true;
|
|
142
|
+
return false;
|
|
143
|
+
}
|
|
144
|
+
/**
|
|
145
|
+
* P2-11 修复:检查 Teredo 地址 (2001::/32)
|
|
146
|
+
*/
|
|
147
|
+
function isTeredoAddress(hostname) {
|
|
148
|
+
const lower = hostname.toLowerCase();
|
|
149
|
+
// Teredo: 2001::/32 (RFC 4380)
|
|
150
|
+
if (lower.startsWith('2001:') && lower.split(':')[1] === '')
|
|
151
|
+
return true;
|
|
152
|
+
// 检查 2001:0000: 格式
|
|
153
|
+
if (lower.match(/^2001:0{0,4}:/))
|
|
154
|
+
return true;
|
|
155
|
+
return false;
|
|
156
|
+
}
|
|
157
|
+
/**
|
|
158
|
+
* P2-12 修复:重构后的 IPv6 私有地址检测
|
|
159
|
+
* 拆分为多个子函数以提高可读性
|
|
160
|
+
*/
|
|
161
|
+
function isPrivateIPv6(hostname) {
|
|
162
|
+
const lowerHostname = hostname.toLowerCase();
|
|
163
|
+
// :: (未指定地址) - P2-3 修复
|
|
164
|
+
if (lowerHostname === '::' || lowerHostname === '0:0:0:0:0:0:0:0')
|
|
165
|
+
return true;
|
|
166
|
+
// ::1 (loopback)
|
|
167
|
+
if (lowerHostname === '::1' || lowerHostname === '0:0:0:0:0:0:0:1')
|
|
168
|
+
return true;
|
|
169
|
+
// P2-8 修复:检查 IPv4 映射的 IPv6 地址 (::ffff:x.x.x.x)
|
|
170
|
+
const mappedIPv4 = parseIPv4MappedIPv6(lowerHostname);
|
|
171
|
+
if (mappedIPv4) {
|
|
172
|
+
return isPrivateIPv4(mappedIPv4);
|
|
173
|
+
}
|
|
174
|
+
// P2-9 修复:检查 IPv4 兼容的 IPv6 地址 (::xxxx:xxxx)
|
|
175
|
+
const compatibleIPv4 = parseIPv4CompatibleIPv6(lowerHostname);
|
|
176
|
+
if (compatibleIPv4) {
|
|
177
|
+
return isPrivateIPv4(compatibleIPv4);
|
|
178
|
+
}
|
|
179
|
+
// P2-11 修复:检查 NAT64 地址 (64:ff9b::/96)
|
|
180
|
+
if (isNAT64Address(lowerHostname))
|
|
181
|
+
return true;
|
|
182
|
+
// P2-11 修复:检查 Teredo 地址 (2001::/32)
|
|
183
|
+
if (isTeredoAddress(lowerHostname))
|
|
184
|
+
return true;
|
|
185
|
+
// P2-2 修复:只对纯 IPv6 格式的地址检查 fc/fd 前缀
|
|
186
|
+
// 避免误拦截 fc2.com 等合法域名
|
|
187
|
+
if (isIPv6Format(lowerHostname)) {
|
|
188
|
+
// fc00::/7 (ULA - Unique Local Address)
|
|
189
|
+
if (lowerHostname.startsWith('fc') || lowerHostname.startsWith('fd'))
|
|
190
|
+
return true;
|
|
191
|
+
// fe80::/10 (link-local)
|
|
192
|
+
if (lowerHostname.startsWith('fe8') || lowerHostname.startsWith('fe9') ||
|
|
193
|
+
lowerHostname.startsWith('fea') || lowerHostname.startsWith('feb'))
|
|
194
|
+
return true;
|
|
195
|
+
}
|
|
196
|
+
return false;
|
|
197
|
+
}
|
|
198
|
+
/**
|
|
199
|
+
* P2-2 修复:验证 IP 是否为内网地址,防止 SSRF 攻击
|
|
200
|
+
* 重构为调用 isPrivateIPv4() 和 isPrivateIPv6() 辅助函数
|
|
201
|
+
* 阻止以下私有地址段:
|
|
202
|
+
* - 127.x.x.x (loopback)
|
|
203
|
+
* - 10.x.x.x (Class A private)
|
|
204
|
+
* - 192.168.x.x (Class C private)
|
|
205
|
+
* - 172.16.x.x - 172.31.x.x (Class B private)
|
|
206
|
+
* - 169.254.x.x (link-local)
|
|
207
|
+
* - ::1 (IPv6 loopback)
|
|
208
|
+
* - fc00::/7 (IPv6 ULA)
|
|
209
|
+
* - fe80::/10 (IPv6 link-local)
|
|
210
|
+
*/
|
|
211
|
+
function isPrivateIP(hostname) {
|
|
212
|
+
// P1-1 修复:去除 IPv6 地址的方括号
|
|
213
|
+
// URL.hostname 对 IPv6 地址返回带方括号的格式,如 [::1]
|
|
214
|
+
let cleanHostname = hostname;
|
|
215
|
+
if (hostname.startsWith('[') && hostname.endsWith(']')) {
|
|
216
|
+
cleanHostname = hostname.slice(1, -1);
|
|
217
|
+
}
|
|
218
|
+
// IPv4 地址检查
|
|
219
|
+
const ipv4Regex = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/;
|
|
220
|
+
const match = cleanHostname.match(ipv4Regex);
|
|
221
|
+
if (match) {
|
|
222
|
+
const octets = [parseInt(match[1], 10), parseInt(match[2], 10), parseInt(match[3], 10), parseInt(match[4], 10)];
|
|
223
|
+
return isPrivateIPv4(octets);
|
|
224
|
+
}
|
|
225
|
+
// IPv6 地址检查
|
|
226
|
+
return isPrivateIPv6(cleanHostname);
|
|
227
|
+
}
|
|
228
|
+
/**
|
|
229
|
+
* P2-2 修复:验证 webhook URL 安全性
|
|
230
|
+
*/
|
|
231
|
+
function validateWebhookUrl(urlString) {
|
|
232
|
+
try {
|
|
233
|
+
const url = new URL(urlString);
|
|
234
|
+
// 只允许 http 和 https 协议
|
|
235
|
+
if (url.protocol !== 'http:' && url.protocol !== 'https:') {
|
|
236
|
+
return { valid: false, error: `Invalid protocol: ${url.protocol}. Only http and https are allowed.` };
|
|
237
|
+
}
|
|
238
|
+
// 检查是否为内网地址
|
|
239
|
+
const hostname = url.hostname;
|
|
240
|
+
// 检查 localhost 别名
|
|
241
|
+
if (hostname === 'localhost' || hostname === 'local' || hostname.endsWith('.localhost') || hostname.endsWith('.local')) {
|
|
242
|
+
return { valid: false, error: 'localhost and local domains are not allowed for security reasons.' };
|
|
243
|
+
}
|
|
244
|
+
// 检查私有 IP 地址
|
|
245
|
+
if (isPrivateIP(hostname)) {
|
|
246
|
+
return { valid: false, error: `Private IP address ${hostname} is not allowed for security reasons (SSRF protection).` };
|
|
247
|
+
}
|
|
248
|
+
return { valid: true };
|
|
249
|
+
}
|
|
250
|
+
catch (error) {
|
|
251
|
+
return { valid: false, error: `Invalid URL: ${error instanceof Error ? error.message : String(error)}` };
|
|
252
|
+
}
|
|
253
|
+
}
|
|
6
254
|
export class WebhookService {
|
|
7
255
|
config;
|
|
256
|
+
logger;
|
|
8
257
|
constructor(config) {
|
|
9
258
|
this.config = {
|
|
10
259
|
timeout: 5000,
|
|
@@ -12,15 +261,25 @@ export class WebhookService {
|
|
|
12
261
|
retryDelay: 1000,
|
|
13
262
|
...config
|
|
14
263
|
};
|
|
264
|
+
this.logger = new Logger({ component: 'Webhook' });
|
|
15
265
|
}
|
|
16
266
|
/**
|
|
17
267
|
* 发送通知
|
|
18
268
|
*/
|
|
19
269
|
async send(notification) {
|
|
20
270
|
if (!this.config.token) {
|
|
21
|
-
|
|
271
|
+
this.logger.warn('Token not set, skipping notification');
|
|
22
272
|
return { success: false, error: 'Token not set' };
|
|
23
273
|
}
|
|
274
|
+
// P2-2 修复:验证 URL 安全性,防止 SSRF 攻击
|
|
275
|
+
const urlValidation = validateWebhookUrl(this.config.url);
|
|
276
|
+
if (!urlValidation.valid) {
|
|
277
|
+
this.logger.error('Webhook URL validation failed', {
|
|
278
|
+
url: this.config.url,
|
|
279
|
+
error: urlValidation.error
|
|
280
|
+
});
|
|
281
|
+
return { success: false, error: urlValidation.error };
|
|
282
|
+
}
|
|
24
283
|
const payload = JSON.stringify({
|
|
25
284
|
message: notification.message,
|
|
26
285
|
name: notification.name || 'F2A',
|
|
@@ -30,12 +289,12 @@ export class WebhookService {
|
|
|
30
289
|
for (let attempt = 1; attempt <= this.config.retries; attempt++) {
|
|
31
290
|
try {
|
|
32
291
|
await this.sendRequest(payload);
|
|
33
|
-
|
|
292
|
+
this.logger.info('Notification sent', { attempt });
|
|
34
293
|
return { success: true };
|
|
35
294
|
}
|
|
36
295
|
catch (err) {
|
|
37
296
|
const message = err instanceof Error ? err.message : String(err);
|
|
38
|
-
|
|
297
|
+
this.logger.warn('Attempt failed', { attempt, error: message });
|
|
39
298
|
if (attempt < this.config.retries) {
|
|
40
299
|
await this.delay(this.config.retryDelay);
|
|
41
300
|
}
|
|
@@ -45,21 +304,74 @@ export class WebhookService {
|
|
|
45
304
|
}
|
|
46
305
|
/**
|
|
47
306
|
* 发送 HTTP 请求
|
|
307
|
+
* P2-1 修复:在请求前验证 DNS 解析后的 IP 地址,防止 DNS 重绑定攻击
|
|
308
|
+
* P2-1 修复:使用解析后的 IP 地址发送请求,避免 TOCTOU 漏洞
|
|
48
309
|
*/
|
|
49
|
-
sendRequest(payload) {
|
|
310
|
+
async sendRequest(payload) {
|
|
311
|
+
const url = new URL(this.config.url);
|
|
312
|
+
// P2-1 修复:DNS 重绑定防护 - 解析并验证 IP 地址
|
|
313
|
+
let resolvedAddress;
|
|
314
|
+
try {
|
|
315
|
+
const { address } = await dnsLookup(url.hostname);
|
|
316
|
+
if (isPrivateIP(address)) {
|
|
317
|
+
throw new Error(`DNS resolved to private IP address ${address}, possible DNS rebinding attack`);
|
|
318
|
+
}
|
|
319
|
+
resolvedAddress = address;
|
|
320
|
+
this.logger.debug('DNS resolution validated', {
|
|
321
|
+
hostname: url.hostname,
|
|
322
|
+
resolvedIP: address
|
|
323
|
+
});
|
|
324
|
+
}
|
|
325
|
+
catch (error) {
|
|
326
|
+
// P0-1 修复:DNS 解析失败应拒绝请求,而非回退到原始 hostname
|
|
327
|
+
// 回退会导致 HTTP 客户端重新进行 DNS 解析,可被绕过
|
|
328
|
+
if (error instanceof Error && error.message.includes('private IP')) {
|
|
329
|
+
throw error; // 重新抛出私有 IP 错误
|
|
330
|
+
}
|
|
331
|
+
throw new Error(`DNS resolution failed: ${error instanceof Error ? error.message : String(error)}`);
|
|
332
|
+
}
|
|
50
333
|
return new Promise((resolve, reject) => {
|
|
51
334
|
const isHttps = this.config.url.startsWith('https');
|
|
52
335
|
const client = isHttps ? request : httpRequest;
|
|
336
|
+
// P2-1 修复:使用解析后的 IP 地址构建请求 URL
|
|
337
|
+
// 保留原始 hostname 作为 Host header(用于 SNI 和虚拟主机)
|
|
338
|
+
let requestUrl;
|
|
339
|
+
// P2-2 修复:Host header 应包含端口(非标准端口时虚拟主机路由需要)
|
|
340
|
+
const hostHeader = url.port
|
|
341
|
+
? `${url.hostname}:${url.port}`
|
|
342
|
+
: url.hostname;
|
|
53
343
|
const options = {
|
|
54
344
|
method: 'POST',
|
|
55
345
|
headers: {
|
|
56
346
|
'Authorization': `Bearer ${this.config.token}`,
|
|
57
347
|
'Content-Type': 'application/json',
|
|
58
|
-
'Content-Length': Buffer.byteLength(payload)
|
|
348
|
+
'Content-Length': Buffer.byteLength(payload),
|
|
349
|
+
'Host': hostHeader // 设置原始 hostname(含端口)作为 Host header
|
|
59
350
|
},
|
|
60
351
|
timeout: this.config.timeout
|
|
61
352
|
};
|
|
62
|
-
|
|
353
|
+
if (resolvedAddress !== url.hostname) {
|
|
354
|
+
// P2-1 修复:使用解析后的 IP 地址构建 URL,保留端口号
|
|
355
|
+
// IPv6 地址需要用方括号包裹
|
|
356
|
+
let hostForUrl;
|
|
357
|
+
if (url.port) {
|
|
358
|
+
// 有显式端口时,使用 IP:端口
|
|
359
|
+
hostForUrl = isIPv6(resolvedAddress)
|
|
360
|
+
? `[${resolvedAddress}]:${url.port}`
|
|
361
|
+
: `${resolvedAddress}:${url.port}`;
|
|
362
|
+
}
|
|
363
|
+
else {
|
|
364
|
+
// 无显式端口时,仅使用 IP(浏览器/Node 会使用默认端口)
|
|
365
|
+
hostForUrl = isIPv6(resolvedAddress)
|
|
366
|
+
? `[${resolvedAddress}]`
|
|
367
|
+
: resolvedAddress;
|
|
368
|
+
}
|
|
369
|
+
requestUrl = `${url.protocol}//${hostForUrl}${url.pathname}${url.search}`;
|
|
370
|
+
}
|
|
371
|
+
else {
|
|
372
|
+
requestUrl = this.config.url;
|
|
373
|
+
}
|
|
374
|
+
const req = client(requestUrl, options, (res) => {
|
|
63
375
|
if (res.statusCode === 200 || res.statusCode === 202) {
|
|
64
376
|
resolve();
|
|
65
377
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../src/daemon/webhook.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAkB,MAAM,OAAO,CAAC;AAChD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,MAAM,CAAC;AAU9C,MAAM,OAAO,cAAc;IACjB,MAAM,CAAgB;IAE9B,YAAY,MAAqB;QAC/B,IAAI,CAAC,MAAM,GAAG;YACZ,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,CAAC;YACV,UAAU,EAAE,IAAI;YAChB,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,YAAiC;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;YAC9D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;QACpD,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;YAC7B,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,KAAK;YAChC,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,KAAK;YACxC,OAAO,EAAE,YAAY,CAAC,OAAO,KAAK,KAAK;SACxC,CAAC,CAAC;QAEH,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAQ,EAAE,OAAO,EAAE,EAAE,CAAC;YACjE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,wCAAwC,OAAO,GAAG,CAAC,CAAC;gBAChE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,GAAG,CAAC,qBAAqB,OAAO,YAAY,OAAO,EAAE,CAAC,CAAC;gBAE/D,IAAI,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAQ,EAAE,CAAC;oBACnC,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,UAAW,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IACzD,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,OAAe;QACjC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC;YAE/C,MAAM,OAAO,GAAmB;gBAC9B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;oBAC9C,cAAc,EAAE,kBAAkB;oBAClC,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC;iBAC7C;gBACD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;aAC7B,CAAC;YAEF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBACnD,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;oBACrD,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACrB,GAAG,CAAC,OAAO,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/B,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,EAAU;QACtB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IACzD,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../src/daemon/webhook.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAkB,MAAM,OAAO,CAAC;AAChD,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,MAAM,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAEjC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;AASpC;;;;GAIG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,WAAW;IACX,MAAM,aAAa,GAAG,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;QACtE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACvB,CAAC,CAAC,QAAQ,CAAC;IAEb,0BAA0B;IAC1B,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,SAAS,aAAa,CAAC,MAAgB;IACrC,uBAAuB;IACvB,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAEnC,6BAA6B;IAC7B,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,EAAE;QAAE,OAAO,IAAI,CAAC;IAElC,gCAAgC;IAChC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAExD,4CAA4C;IAC5C,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE;QAAE,OAAO,IAAI,CAAC;IAEzE,2BAA2B;IAC3B,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAExD,2BAA2B;IAC3B,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1F,2CAA2C;IAC3C,sBAAsB;IACtB,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG;QAAE,OAAO,IAAI,CAAC;IAE1E,qBAAqB;IACrB,uCAAuC;IACvC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzE,0CAA0C;IAC1C,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC5E,yCAAyC;IACzC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAE3E,+DAA+D;IAC/D,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzE,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,oEAAoE;IACpE,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;IACjG,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;YACL,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;SAC7B,CAAC;IACJ,CAAC;IAED,0FAA0F;IAC1F,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;IACzE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACzC,OAAO;YACL,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC9B,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC7B,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,QAAgB;IAC/C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,6CAA6C;IAC7C,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC3F,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;YACL,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5B,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;SAC7B,CAAC;IACJ,CAAC;IAED,iEAAiE;IACjE,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC7E,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACzC,OAAO;YACL,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC9B,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;YAC7B,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;SAC9B,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,QAAgB;IACtC,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,iCAAiC;IACjC,IAAI,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,UAAU;IACV,IAAI,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC;QAAE,OAAO,IAAI,CAAC;IACrD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,+BAA+B;IAC/B,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE;QAAE,OAAO,IAAI,CAAC;IACzE,mBAAmB;IACnB,IAAI,KAAK,CAAC,KAAK,CAAC,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,QAAgB;IACrC,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAE7C,uBAAuB;IACvB,IAAI,aAAa,KAAK,IAAI,IAAI,aAAa,KAAK,iBAAiB;QAAE,OAAO,IAAI,CAAC;IAE/E,iBAAiB;IACjB,IAAI,aAAa,KAAK,KAAK,IAAI,aAAa,KAAK,iBAAiB;QAAE,OAAO,IAAI,CAAC;IAEhF,+CAA+C;IAC/C,MAAM,UAAU,GAAG,mBAAmB,CAAC,aAAa,CAAC,CAAC;IACtD,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,aAAa,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC;IAED,4CAA4C;IAC5C,MAAM,cAAc,GAAG,uBAAuB,CAAC,aAAa,CAAC,CAAC;IAC9D,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,aAAa,CAAC,cAAc,CAAC,CAAC;IACvC,CAAC;IAED,sCAAsC;IACtC,IAAI,cAAc,CAAC,aAAa,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/C,oCAAoC;IACpC,IAAI,eAAe,CAAC,aAAa,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhD,oCAAoC;IACpC,sBAAsB;IACtB,IAAI,YAAY,CAAC,aAAa,CAAC,EAAE,CAAC;QAChC,wCAAwC;QACxC,IAAI,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QAElF,yBAAyB;QACzB,IAAI,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC;YAClE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;IACtF,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,WAAW,CAAC,QAAgB;IACnC,yBAAyB;IACzB,0CAA0C;IAC1C,IAAI,aAAa,GAAG,QAAQ,CAAC;IAC7B,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvD,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,YAAY;IACZ,MAAM,SAAS,GAAG,8CAA8C,CAAC;IACjE,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAE7C,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,MAAM,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAChH,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IAED,YAAY;IACZ,OAAO,aAAa,CAAC,aAAa,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,SAAiB;IAC3C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAE/B,sBAAsB;QACtB,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC1D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,GAAG,CAAC,QAAQ,oCAAoC,EAAE,CAAC;QACxG,CAAC;QAED,YAAY;QACZ,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;QAE9B,kBAAkB;QAClB,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvH,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,mEAAmE,EAAE,CAAC;QACtG,CAAC;QAED,aAAa;QACb,IAAI,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,QAAQ,yDAAyD,EAAE,CAAC;QAC1H,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;IAC3G,CAAC;AACH,CAAC;AAED,MAAM,OAAO,cAAc;IACjB,MAAM,CAAgB;IACtB,MAAM,CAAS;IAEvB,YAAY,MAAqB;QAC/B,IAAI,CAAC,MAAM,GAAG;YACZ,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,CAAC;YACV,UAAU,EAAE,IAAI;YAChB,GAAG,MAAM;SACV,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,YAAiC;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;QACpD,CAAC;QAED,gCAAgC;QAChC,MAAM,aAAa,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;gBACjD,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG;gBACpB,KAAK,EAAE,aAAa,CAAC,KAAK;aAC3B,CAAC,CAAC;YACH,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,EAAE,CAAC;QACxD,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;YAC7B,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,KAAK;YAChC,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,KAAK;YACxC,OAAO,EAAE,YAAY,CAAC,OAAO,KAAK,KAAK;SACxC,CAAC,CAAC;QAEH,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAQ,EAAE,OAAO,EAAE,EAAE,CAAC;YACjE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;gBAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;gBACnD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;gBAEhE,IAAI,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAQ,EAAE,CAAC;oBACnC,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,UAAW,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IACzD,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,WAAW,CAAC,OAAe;QACvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAErC,kCAAkC;QAClC,IAAI,eAAuB,CAAC;QAC5B,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAElD,IAAI,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CAAC,sCAAsC,OAAO,iCAAiC,CAAC,CAAC;YAClG,CAAC;YAED,eAAe,GAAG,OAAO,CAAC;YAE1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;gBAC5C,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,UAAU,EAAE,OAAO;aACpB,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,yCAAyC;YACzC,iCAAiC;YACjC,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACnE,MAAM,KAAK,CAAC,CAAC,eAAe;YAC9B,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACtG,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC;YAE/C,+BAA+B;YAC/B,6CAA6C;YAC7C,IAAI,UAAkB,CAAC;YACvB,4CAA4C;YAC5C,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI;gBACzB,CAAC,CAAC,GAAG,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE;gBAC/B,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;YACjB,MAAM,OAAO,GAAmB;gBAC9B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;oBAC9C,cAAc,EAAE,kBAAkB;oBAClC,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC;oBAC5C,MAAM,EAAE,UAAU,CAAE,mCAAmC;iBACxD;gBACD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;aAC7B,CAAC;YAEF,IAAI,eAAe,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;gBACrC,mCAAmC;gBACnC,kBAAkB;gBAClB,IAAI,UAAkB,CAAC;gBACvB,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACb,kBAAkB;oBAClB,UAAU,GAAG,MAAM,CAAC,eAAe,CAAC;wBAClC,CAAC,CAAC,IAAI,eAAe,KAAK,GAAG,CAAC,IAAI,EAAE;wBACpC,CAAC,CAAC,GAAG,eAAe,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;gBACvC,CAAC;qBAAM,CAAC;oBACN,kCAAkC;oBAClC,UAAU,GAAG,MAAM,CAAC,eAAe,CAAC;wBAClC,CAAC,CAAC,IAAI,eAAe,GAAG;wBACxB,CAAC,CAAC,eAAe,CAAC;gBACtB,CAAC;gBACD,UAAU,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,UAAU,GAAG,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC;YAC5E,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAC/B,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC9C,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;oBACrD,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACrB,GAAG,CAAC,OAAO,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/B,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,EAAU;QACtB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IACzD,CAAC;CACF"}
|
package/dist/index.d.ts
CHANGED
|
@@ -2,12 +2,13 @@
|
|
|
2
2
|
* F2A SDK 入口
|
|
3
3
|
* P2P networking protocol for OpenClaw Agents
|
|
4
4
|
*/
|
|
5
|
+
export declare const VERSION: any;
|
|
5
6
|
export { F2A } from './core/f2a.js';
|
|
6
7
|
export { P2PNetwork } from './core/p2p-network.js';
|
|
7
8
|
export { TokenManager, defaultTokenManager } from './core/token-manager.js';
|
|
8
9
|
export { E2EECrypto, defaultE2EECrypto } from './core/e2ee-crypto.js';
|
|
9
10
|
export { ReputationManager, REPUTATION_TIERS } from './core/reputation.js';
|
|
10
|
-
export type { ReputationEntry, ReputationEvent, ReputationLevel, ReputationTier, ReputationConfig, ReputationStorage } from './core/reputation.js';
|
|
11
|
+
export type { IReputationManager, IReputationEntry, ReputationEntry, ReputationEvent, ReputationLevel, ReputationTier, ReputationConfig, ReputationStorage } from './core/reputation.js';
|
|
11
12
|
export { ReviewCommittee } from './core/review-committee.js';
|
|
12
13
|
export type { TaskReview, ReviewResult, ReviewDimensions, RiskFlag, ReviewCommitteeConfig, PendingReview } from './core/review-committee.js';
|
|
13
14
|
export { AutonomousEconomy } from './core/autonomous-economy.js';
|
|
@@ -16,9 +17,8 @@ export { ChainSignatureManager, InvitationManager, ChallengeManager } from './co
|
|
|
16
17
|
export type { SignedReputationEvent, ReviewerSignature, InvitationRecord, InvitationConfig, ChallengeRecord, ChallengeResult } from './core/reputation-security.js';
|
|
17
18
|
export { Logger } from './utils/logger.js';
|
|
18
19
|
export { RateLimiter } from './utils/rate-limiter.js';
|
|
19
|
-
export { RequestSigner } from './utils/signature.js';
|
|
20
|
+
export { RequestSigner, loadSignatureConfig, loadSignatureConfigSafe, isSignatureAvailable, requireSignatureInProduction } from './utils/signature.js';
|
|
20
21
|
export { createMessageSizeLimitMiddleware, createMessageTypeFilterMiddleware } from './utils/middleware.js';
|
|
21
22
|
export type { Middleware, MiddlewareContext, MiddlewareResult } from './utils/middleware.js';
|
|
22
23
|
export * from './types/index.js';
|
|
23
|
-
export declare const VERSION = "1.0.1";
|
|
24
24
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,eAAO,MAAM,OAAO,KAAsB,CAAC;AAG3C,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAGtE,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAC3E,YAAY,EACV,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,EACf,eAAe,EACf,eAAe,EACf,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,YAAY,EACV,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,QAAQ,EACR,qBAAqB,EACrB,aAAa,EACd,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,YAAY,EACV,WAAW,EACX,QAAQ,EACR,UAAU,EACV,aAAa,EACb,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,+BAA+B,CAAC;AACvC,YAAY,EACV,qBAAqB,EACrB,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,eAAe,EAChB,MAAM,+BAA+B,CAAC;AAGvC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,uBAAuB,EACvB,oBAAoB,EACpB,4BAA4B,EAC7B,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,gCAAgC,EAChC,iCAAiC,EAClC,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAG7F,cAAc,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -2,6 +2,11 @@
|
|
|
2
2
|
* F2A SDK 入口
|
|
3
3
|
* P2P networking protocol for OpenClaw Agents
|
|
4
4
|
*/
|
|
5
|
+
// P2-8 修复:从 package.json 读取版本号,保持一致性
|
|
6
|
+
import { createRequire } from 'module';
|
|
7
|
+
const require = createRequire(import.meta.url);
|
|
8
|
+
const packageJson = require('../package.json');
|
|
9
|
+
export const VERSION = packageJson.version;
|
|
5
10
|
// 核心 P2P 网络
|
|
6
11
|
export { F2A } from './core/f2a.js';
|
|
7
12
|
export { P2PNetwork } from './core/p2p-network.js';
|
|
@@ -16,10 +21,9 @@ export { ChainSignatureManager, InvitationManager, ChallengeManager } from './co
|
|
|
16
21
|
// 工具模块
|
|
17
22
|
export { Logger } from './utils/logger.js';
|
|
18
23
|
export { RateLimiter } from './utils/rate-limiter.js';
|
|
19
|
-
export { RequestSigner } from './utils/signature.js';
|
|
24
|
+
export { RequestSigner, loadSignatureConfig, loadSignatureConfigSafe, isSignatureAvailable, requireSignatureInProduction } from './utils/signature.js';
|
|
20
25
|
export { createMessageSizeLimitMiddleware, createMessageTypeFilterMiddleware } from './utils/middleware.js';
|
|
21
26
|
// 类型定义
|
|
22
27
|
export * from './types/index.js';
|
|
23
|
-
//
|
|
24
|
-
export const VERSION = '1.0.1';
|
|
28
|
+
// 版本号已在文件顶部从 package.json 导出
|
|
25
29
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,YAAY;AACZ,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAEtE,mBAAmB;AACnB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,qCAAqC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AACvC,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,WAAW,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAC/C,MAAM,CAAC,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC;AAE3C,YAAY;AACZ,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAEtE,mBAAmB;AACnB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAY3E,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAU7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAUjE,mBAAmB;AACnB,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,+BAA+B,CAAC;AAUvC,OAAO;AACP,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,uBAAuB,EACvB,oBAAoB,EACpB,4BAA4B,EAC7B,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,gCAAgC,EAChC,iCAAiC,EAClC,MAAM,uBAAuB,CAAC;AAG/B,OAAO;AACP,cAAc,kBAAkB,CAAC;AAEjC,6BAA6B"}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -49,6 +49,10 @@ export interface P2PNetworkConfig {
|
|
|
49
49
|
listenAddresses?: string[];
|
|
50
50
|
/** 引导节点列表 */
|
|
51
51
|
bootstrapPeers?: string[];
|
|
52
|
+
/** 引导节点指纹映射 - key为multiaddr或peerId,value为预期的PeerID */
|
|
53
|
+
bootstrapPeerFingerprints?: Record<string, string>;
|
|
54
|
+
/** 信任的 Peer 白名单(不会被清理) */
|
|
55
|
+
trustedPeers?: string[];
|
|
52
56
|
/** 是否启用 MDNS 本地发现 */
|
|
53
57
|
enableMDNS?: boolean;
|
|
54
58
|
/** 是否启用 DHT (默认 true) */
|