@karpeleslab/teamclaude 1.0.7 → 1.0.8

package/src/h2/relay.js

@@ -0,0 +1,417 @@
+// Transparent HTTP/2 relay for the MITM proxy.
+//
+// Bridges two already-decrypted h2 byte streams (claude ⇄ upstream). The
+// request direction (claude→upstream) is parsed frame-by-frame: HEADERS/
+// CONTINUATION blocks are HPACK-decoded, handed to `rewriteRequest` (which
+// rewrites only the auth field), re-encoded, and re-framed; every other frame
+// is forwarded verbatim. The response direction (upstream→claude) is passed
+// through byte-for-byte and only *observed* (read-only HPACK decode) so we can
+// surface `:status` + rate-limit headers for quota tracking.
+
+import { readFrames, buildFrame, buildHeaderBlock, stripHeadersPayload, FRAME, FLAG, PREFACE } from './frames.js';
+import { HpackDecoder, HpackEncoder } from './hpack.js';
+
+const SETTINGS_HEADER_TABLE_SIZE = 0x1;
+
+// Wire src→dst with backpressure; `onClose` fires once when either side ends.
+function link(src, dst, onData, onClose) {
+  let closed = false;
+  const close = () => { if (closed) return; closed = true; onClose(); };
+  src.on('data', (chunk) => {
+    try { onData(chunk); } catch (err) { close(); src.destroy(err); }
+  });
+  src.on('end', close);
+  src.on('close', close);
+  src.on('error', close);
+  return { pauseSrc: () => src.pause(), resumeSrc: () => src.resume() };
+}
+
+function writeBackpressured(dst, buf, ctl) {
+  if (buf.length === 0) return;
+  if (!dst.write(buf)) {
+    ctl.pauseSrc();
+    dst.once('drain', () => ctl.resumeSrc());
+  }
+}
+
+/**
+ * @param claude decrypted duplex toward the client
+ * @param upstream decrypted duplex toward Anthropic
+ * @param opts.rewriteRequest (fields[]) => fields[]   // mutate/return the header list
+ * @param opts.onResponseHeaders (fields[]) => void    // observe response headers
+ * @param opts.log
+ */
+export function h2Relay(claude, upstream, opts = {}) {
+  const rewriteRequest = opts.rewriteRequest || ((f) => f);
+  const onResponseHeaders = opts.onResponseHeaders || (() => {});
+  const makeBodyPatcher = opts.makeBodyPatcher || null; // () => { push(buf)->buf } per stream
+  const bodyPatchers = makeBodyPatcher ? new Map() : null; // streamId -> patcher
+  const tap = opts.tap || null; // optional request-logging tap (per streamId)
+  const log = opts.log || (() => {});
+
+  // Streams that have started (request headers seen) but not yet completed, so a
+  // mid-flight connection teardown can close their tap records instead of
+  // leaking them (e.g. a stuck "in-flight" entry in the TUI activity feed).
+  const openStreams = new Set();
+  const closeStream = (id) => { if (bodyPatchers) bodyPatchers.delete(id); tap?.end(id); openStreams.delete(id); };
+
+  const reqDec = new HpackDecoder();         // decodes claude's request blocks
+  const reqEnc = new HpackEncoder();         // re-encodes to upstream
+  reqEnc.dynamicIndexing = false;            // independent of upstream's table size
+  const respDec = new HpackDecoder();        // read-only, decodes upstream responses
+
+  const destroyBoth = () => {
+    for (const id of openStreams) tap?.end(id);
+    openStreams.clear();
+    claude.destroy(); upstream.destroy();
+  };
+
+  // ── request direction: claude → upstream (rewrite HEADERS) ──
+  let rbuf = Buffer.alloc(0);
+  let prefaceSeen = false;
+  let asm = null; // { streamId, frags:[], priority, endStream } while assembling a block
+  let reqCtl;
+
+  const onReqData = (chunk) => {
+    rbuf = Buffer.concat([rbuf, chunk]);
+    if (!prefaceSeen) {
+      if (rbuf.length < PREFACE.length) return;
+      writeBackpressured(upstream, rbuf.subarray(0, PREFACE.length), reqCtl); // forward preface verbatim
+      rbuf = rbuf.subarray(PREFACE.length);
+      prefaceSeen = true;
+    }
+    const { frames, rest } = readFrames(rbuf);
+    rbuf = rest;
+    for (const fr of frames) handleReqFrame(fr);
+  };
+
+  function handleReqFrame(fr) {
+    // Mid-block: only CONTINUATION on the same stream may follow (RFC 7540 §6.10).
+    if (asm) {
+      if (fr.type === FRAME.CONTINUATION && fr.streamId === asm.streamId) {
+        asm.frags.push(Buffer.from(fr.payload));
+        if (fr.flags & FLAG.END_HEADERS) finishReqBlock();
+        return;
+      }
+      // Shouldn't happen; bail safely.
+      throw new Error('interleaved frame during header block');
+    }
+    if (fr.type === FRAME.HEADERS) {
+      const { block, priority } = stripHeadersPayload(fr.payload, fr.flags);
+      asm = { streamId: fr.streamId, frags: [block], priority, endStream: !!(fr.flags & FLAG.END_STREAM) };
+      if (fr.flags & FLAG.END_HEADERS) finishReqBlock();
+      return;
+    }
+    if (fr.type === FRAME.DATA && (bodyPatchers || tap)) {
+      // Same-length in-place body patch (account_uuid) via a per-stream streaming
+      // JSON state machine; re-emit the DATA frame unchanged in length/flags so
+      // framing & flow control are preserved.
+      let payload = Buffer.from(fr.payload);
+      if (bodyPatchers) {
+        let p = bodyPatchers.get(fr.streamId);
+        if (!p) { p = makeBodyPatcher(); bodyPatchers.set(fr.streamId, p); }
+        payload = p.push(payload);
+      }
+      if (tap) tap.reqData(fr.streamId, payload);
+      writeBackpressured(upstream, buildFrame({ type: FRAME.DATA, flags: fr.flags, streamId: fr.streamId, payload }), reqCtl);
+      if (fr.flags & FLAG.END_STREAM && bodyPatchers) bodyPatchers.delete(fr.streamId);
+      return;
+    }
+    if (fr.type === FRAME.RST_STREAM) { closeStream(fr.streamId); }
+    if (fr.type === FRAME.SETTINGS && fr.streamId === 0 && !(fr.flags & 0x1)) {
+      applyTableSizeSetting(fr.payload, respDec); // claude's setting governs response encoding
+    }
+    writeBackpressured(upstream, fr.raw, reqCtl); // everything else: verbatim
+  }
+
+  function finishReqBlock() {
+    const { streamId, frags, priority, endStream } = asm;
+    asm = null;
+    const fields = reqDec.decode(Buffer.concat(frags)); // keep decoder dynamic table in sync
+    const rewritten = rewriteRequest(fields);
+    if (tap) tap.req(streamId, rewritten);
+    openStreams.add(streamId);
+    const newBlock = reqEnc.encode(rewritten);
+    writeBackpressured(upstream, buildHeaderBlock(streamId, newBlock, { endStream, priority }), reqCtl);
+  }
+
+  reqCtl = link(claude, upstream, onReqData, destroyBoth);
+
+  // ── response direction: upstream → claude (passthrough + observe) ──
+  let sbuf = Buffer.alloc(0);
+  let rasm = null;
+  let respCtl;
+
+  const onRespData = (chunk) => {
+    writeBackpressured(claude, chunk, respCtl); // verbatim passthrough first
+    sbuf = Buffer.concat([sbuf, chunk]);
+    const { frames, rest } = readFrames(sbuf);
+    sbuf = rest;
+    for (const fr of frames) observeRespFrame(fr);
+  };
+
+  function observeRespFrame(fr) {
+    if (rasm) {
+      if (fr.type === FRAME.CONTINUATION && fr.streamId === rasm.streamId) {
+        rasm.frags.push(Buffer.from(fr.payload));
+        if (fr.flags & FLAG.END_HEADERS) finishRespBlock(rasm.streamId);
+      }
+      return;
+    }
+    if (fr.type === FRAME.HEADERS) {
+      const { block } = stripHeadersPayload(fr.payload, fr.flags);
+      rasm = { streamId: fr.streamId, frags: [block] };
+      if (fr.flags & FLAG.END_HEADERS) finishRespBlock(fr.streamId);
+      if (fr.flags & FLAG.END_STREAM) closeStream(fr.streamId);
+      return;
+    }
+    if (fr.type === FRAME.DATA) {
+      if (tap) tap.resData(fr.streamId, Buffer.from(fr.payload));
+      if (fr.flags & FLAG.END_STREAM) closeStream(fr.streamId);
+    }
+  }
+
+  function finishRespBlock(streamId) {
+    const { frags } = rasm;
+    rasm = null;
+    try {
+      const fields = respDec.decode(Buffer.concat(frags));
+      onResponseHeaders(fields);
+      if (tap) tap.res(streamId, fields);
+    } catch (err) {
+      log(`[TeamClaude] h2 response header decode failed: ${err.message}`);
+    }
+  }
+
+  respCtl = link(upstream, claude, onRespData, destroyBoth);
+}
+
+const MAX_HEAD = 65536; // runaway-head guard for a single request/response head
+
+// Parse an HTTP/1.1 message head: its start line + the body framing it declares.
+// `chunked` wins over content-length per RFC 7230 §3.3.3.
+function parseH1Head(headText) {
+  const lines = headText.split('\r\n');
+  let contentLength = null;
+  let chunked = false;
+  for (let i = 1; i < lines.length; i++) {
+    const line = lines[i];
+    if (line === '') break;
+    const c = line.indexOf(':');
+    if (c < 0) continue;
+    const name = line.slice(0, c).trim().toLowerCase();
+    const value = line.slice(c + 1).trim().toLowerCase();
+    if (name === 'transfer-encoding') { if (/(^|,)\s*chunked\s*$/.test(value)) chunked = true; }
+    else if (name === 'content-length') { const n = parseInt(value, 10); if (!Number.isNaN(n)) contentLength = n; }
+  }
+  return { startLine: lines[0] || '', contentLength, chunked };
+}
+
+// A streaming body-length tracker. process(buf) returns how many leading bytes of
+// `buf` belong to the current message body and whether the body is complete; it
+// keeps internal state across calls so a body split over many chunks is tracked
+// exactly. `kind`: 'none' | 'length' | 'chunked' | 'until-close'.
+function makeBodyTracker(kind, length = 0) {
+  if (kind === 'none') return () => ({ consumed: 0, done: true });
+  if (kind === 'until-close') return (buf) => ({ consumed: buf.length, done: false });
+  if (kind === 'length') {
+    let need = length;
+    return (buf) => { const take = Math.min(need, buf.length); need -= take; return { consumed: take, done: need === 0 }; };
+  }
+  // chunked: count framing bytes (size lines, data, trailing CRLFs, trailers)
+  let phase = 'size'; // size | data | dataCRLF | trailers
+  let need = 0;       // bytes left in current chunk's data
+  let line = '';      // accumulates a CRLF-terminated control line across chunks
+  return (buf) => {
+    let i = 0;
+    while (i < buf.length) {
+      if (phase === 'size') {
+        const nl = buf.indexOf(0x0a, i);
+        if (nl < 0) { line += buf.toString('latin1', i); return { consumed: buf.length, done: false }; }
+        line += buf.toString('latin1', i, nl + 1); i = nl + 1;
+        const size = parseInt(line.trim().split(';')[0], 16); line = '';
+        if (Number.isNaN(size)) return { consumed: i, done: true };  // malformed: stop here
+        if (size === 0) phase = 'trailers'; else { need = size; phase = 'data'; }
+      } else if (phase === 'data') {
+        const take = Math.min(need, buf.length - i); i += take; need -= take;
+        if (need === 0) phase = 'dataCRLF';
+      } else if (phase === 'dataCRLF') {
+        const nl = buf.indexOf(0x0a, i);
+        if (nl < 0) return { consumed: buf.length, done: false };
+        i = nl + 1; phase = 'size';
+      } else { // trailers: read until a blank line ends the message
+        const nl = buf.indexOf(0x0a, i);
+        if (nl < 0) { line += buf.toString('latin1', i); return { consumed: buf.length, done: false }; }
+        const seg = line + buf.toString('latin1', i, nl + 1); line = ''; i = nl + 1;
+        if (seg === '\r\n' || seg === '\n') return { consumed: i, done: true };
+      }
+    }
+    return { consumed: i, done: false };
+  };
+}
+
+const methodOf = (startLine) => startLine.split(' ')[0].toUpperCase();
+const statusOf = (startLine) => parseInt(startLine.split(' ')[1], 10) || 0;
+
+/**
+ * Faithful HTTP/1.1 relay. Frames every request/response on a keep-alive
+ * connection (parsing content-length / chunked bodies), so each request's auth
+ * line is rewritten via `rewriteHead`, each request body is patched, and each
+ * exchange is logged to its own tap record. Responses are written to claude
+ * verbatim first — parsing is observation-only, so a framing miss can never
+ * corrupt the relayed stream — and matched to requests in FIFO order (HTTP/1.1
+ * guarantees in-order responses).
+ *
+ * @param opts.rewriteHead (headText) => headText      // rewrite each request head
+ * @param opts.onResponseHeaders (fields[]) => void    // observe each response's headers
+ */
+export function h1Relay(claude, upstream, opts = {}) {
+  const rewriteHead = opts.rewriteHead || ((h) => h);
+  const makeBodyPatcher = opts.makeBodyPatcher || null;
+  const onResponseHeaders = opts.onResponseHeaders || (() => {});
+  const tap = opts.tap || null;
+  const destroyBoth = () => { claude.destroy(); upstream.destroy(); };
+  claude.on('error', destroyBoth);
+  upstream.on('error', destroyBoth);
+
+  let nextId = 0;
+  const pending = []; // request ids awaiting a response head, in send order
+
+  // Close any tap records still open when the connection tears down.
+  const endOpen = () => { if (!tap) return; if (resId !== null) tap.end(resId); for (const p of pending) tap.end(p.id); pending.length = 0; };
+
+  // ── request direction: claude → upstream (rewrite head, patch + forward body) ──
+  let reqBuf = Buffer.alloc(0);
+  let reqPhase = 'head';
+  let reqTrack = null, reqPatcher = null, reqId = null;
+
+  const pumpReq = () => {
+    while (reqBuf.length) {
+      if (reqPhase === 'head') {
+        const idx = reqBuf.indexOf('\r\n\r\n');
+        if (idx < 0) { if (reqBuf.length > MAX_HEAD) destroyBoth(); return; }
+        const head = rewriteHead(reqBuf.subarray(0, idx + 4).toString('latin1'));
+        reqBuf = reqBuf.subarray(idx + 4);
+        const info = parseH1Head(head);
+        reqId = ++nextId;
+        pending.push({ id: reqId, method: methodOf(info.startLine) });
+        if (tap) tap.reqHead(reqId, head);
+        upstream.write(Buffer.from(head, 'latin1'));
+        const kind = info.chunked ? 'chunked' : (info.contentLength > 0 ? 'length' : 'none');
+        reqPatcher = makeBodyPatcher ? makeBodyPatcher() : null;
+        reqTrack = makeBodyTracker(kind, info.contentLength || 0);
+        reqPhase = 'body';
+      } else {
+        const { consumed, done } = reqTrack(reqBuf);
+        if (consumed > 0) {
+          let slice = Buffer.from(reqBuf.subarray(0, consumed));
+          reqBuf = reqBuf.subarray(consumed);
+          if (reqPatcher) slice = reqPatcher.push(slice); // same-length account_uuid patch
+          if (tap) tap.reqData(reqId, slice);
+          upstream.write(slice);
+        }
+        if (done) { reqPhase = 'head'; reqTrack = null; reqPatcher = null; }
+        else if (consumed === 0) return; // need more body bytes
+      }
+    }
+  };
+  claude.on('data', (c) => { reqBuf = Buffer.concat([reqBuf, c]); pumpReq(); });
+  claude.on('end', () => upstream.end());
+  claude.on('close', () => upstream.destroy());
+
+  // ── response direction: upstream → claude (verbatim passthrough + observe) ──
+  let resBuf = Buffer.alloc(0);
+  let resPhase = 'head';
+  let resTrack = null, resId = null;
+
+  const pumpRes = () => {
+    while (resBuf.length) {
+      if (resPhase === 'head') {
+        const idx = resBuf.indexOf('\r\n\r\n');
+        if (idx < 0) { if (resBuf.length > MAX_HEAD) resBuf = resBuf.subarray(resBuf.length - MAX_HEAD); return; }
+        const head = resBuf.subarray(0, idx + 4).toString('latin1');
+        resBuf = resBuf.subarray(idx + 4);
+        const info = parseH1Head(head);
+        const status = statusOf(info.startLine);
+        if (status >= 100 && status < 200) continue; // interim (e.g. 100-continue): no body, no request consumed
+        onResponseHeaders(headFields(head));
+        const req = pending.shift();
+        resId = req ? req.id : ++nextId;
+        if (tap) tap.resHead(resId, head);
+        const bodyless = req?.method === 'HEAD' || status === 204 || status === 304;
+        const kind = bodyless ? 'none'
+          : info.chunked ? 'chunked'
+          : info.contentLength !== null ? 'length'
+          : 'until-close';
+        resTrack = makeBodyTracker(kind, info.contentLength || 0);
+        resPhase = 'body';
+      } else {
+        const { consumed, done } = resTrack(resBuf);
+        if (consumed > 0) { if (tap) tap.resData(resId, Buffer.from(resBuf.subarray(0, consumed))); resBuf = resBuf.subarray(consumed); }
+        if (done) { if (tap) tap.end(resId); resId = null; resPhase = 'head'; resTrack = null; }
+        else if (consumed === 0) return;
+      }
+    }
+  };
+  upstream.on('data', (c) => {
+    claude.write(c);                 // faithful passthrough first
+    resBuf = Buffer.concat([resBuf, c]);
+    try { pumpRes(); } catch { resBuf = Buffer.alloc(0); } // never let a parse bug break the relay
+  });
+  upstream.on('end', () => { endOpen(); claude.end(); });
+  upstream.on('close', () => { endOpen(); claude.destroy(); });
+}
+
+// Parse an HTTP/1.1 head into an h2-style [{name,value}] list (lowercased names),
+// so a response can feed the same quota observer the h2 path uses.
+function headFields(headText) {
+  const out = [];
+  const lines = headText.split('\r\n');
+  out.push({ name: ':status', value: String(statusOf(lines[0] || '')) });
+  for (let i = 1; i < lines.length; i++) {
+    const line = lines[i];
+    if (line === '') break;
+    const c = line.indexOf(':');
+    if (c < 0) continue;
+    out.push({ name: line.slice(0, c).trim().toLowerCase(), value: line.slice(c + 1).trim() });
+  }
+  return out;
+}
+
+/** Rewrite an HTTP/1.1 request head: replace the Authorization line with
+ *  `authValue` (or set x-api-key), and drop the other client-supplied key. */
+export function rewriteH1Auth(headText, { authorization = null, apiKey = null }) {
+  const lines = headText.split('\r\n');
+  const out = [lines[0]]; // request line
+  let setAuth = false;
+  for (let i = 1; i < lines.length; i++) {
+    const line = lines[i];
+    if (line === '') { out.push(line); continue; }
+    const lower = line.toLowerCase();
+    if (lower.startsWith('x-api-key:')) continue;
+    if (lower.startsWith('authorization:')) {
+      if (authorization) { out.push(`authorization: ${authorization}`); setAuth = true; }
+      continue;
+    }
+    out.push(line);
+  }
+  // insert our credential just before the terminating blank line if not already set
+  if (!setAuth && (authorization || apiKey)) {
+    const blank = out.lastIndexOf('');
+    const hdr = authorization ? `authorization: ${authorization}` : `x-api-key: ${apiKey}`;
+    out.splice(blank, 0, hdr);
+  }
+  return out.join('\r\n');
+}
+
+// Parse a SETTINGS payload for HEADER_TABLE_SIZE and apply it to a decoder's
+// size limit (so it stays in sync with the announcing peer's encoder).
+function applyTableSizeSetting(payload, decoder) {
+  for (let i = 0; i + 6 <= payload.length; i += 6) {
+    if (payload.readUInt16BE(i) === SETTINGS_HEADER_TABLE_SIZE) {
+      const size = payload.readUInt32BE(i + 2);
+      decoder.sizeLimit = size;
+      decoder.table.setMaxSize(Math.min(size, decoder.table.maxSize));
+    }
+  }
+}