@libp2p/tls 2.0.17 → 2.0.18-2c8ecb455

package/dist/src/index.d.ts

@@ -17,11 +17,12 @@
  * })
  * ```
  */
-import type { ComponentLogger, ConnectionEncrypter, PrivateKey } from '@libp2p/interface';
+import type { ComponentLogger, ConnectionEncrypter, Metrics, PrivateKey } from '@libp2p/interface';
 export declare const PROTOCOL = "/tls/1.0.0";
 export interface TLSComponents {
     privateKey: PrivateKey;
     logger: ComponentLogger;
+    metrics?: Metrics;
 }
 export declare function tls(): (components: TLSComponents) => ConnectionEncrypter;
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAEzF,eAAO,MAAM,QAAQ,eAAe,CAAA;AAEpC,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,UAAU,CAAA;IACtB,MAAM,EAAE,eAAe,CAAA;CACxB;AAED,wBAAgB,GAAG,IAAK,CAAC,UAAU,EAAE,aAAa,KAAK,mBAAmB,CAEzE"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAElG,eAAO,MAAM,QAAQ,eAAe,CAAA;AAEpC,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,UAAU,CAAA;IACtB,MAAM,EAAE,eAAe,CAAA;IACvB,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,wBAAgB,GAAG,IAAK,CAAC,UAAU,EAAE,aAAa,KAAK,mBAAmB,CAEzE"}

package/dist/src/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAG9B,MAAM,CAAC,MAAM,QAAQ,GAAG,YAAY,CAAA;AAOpC,MAAM,UAAU,GAAG;IACjB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAA;AAC5C,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAG9B,MAAM,CAAC,MAAM,QAAQ,GAAG,YAAY,CAAA;AAQpC,MAAM,UAAU,GAAG;IACjB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAA;AAC5C,CAAC"}

package/dist/src/tls.d.ts

@@ -25,7 +25,8 @@ import type { Uint8ArrayList } from 'uint8arraylist';
 export declare class TLS implements ConnectionEncrypter {
     protocol: string;
     private readonly log;
-    private readonly privateKey;
+    private readonly components;
+    private readonly metrics;
     constructor(components: TLSComponents);
     readonly [Symbol.toStringTag] = "@libp2p/tls";
     readonly [serviceCapabilities]: string[];

package/dist/src/tls.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tls.d.ts","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAIvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAC/C,OAAO,KAAK,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,iBAAiB,EAAU,uBAAuB,EAAc,MAAM,mBAAmB,CAAA;AACjJ,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEpD,qBAAa,GAAI,YAAW,mBAAmB;IACtC,QAAQ,EAAE,MAAM,CAAW;IAClC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAY;gBAE1B,UAAU,EAAE,aAAa;IAKtC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,iBAAgB;IAE7C,QAAQ,CAAC,CAAC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAEvC;IAEK,aAAa,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAI9L,cAAc,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAIrM;;OAEG;IACG,QAAQ,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;CAkEnN"}
+{"version":3,"file":"tls.d.ts","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAIvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAC/C,OAAO,KAAK,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,iBAAiB,EAAU,uBAAuB,EAAgB,MAAM,mBAAmB,CAAA;AACnJ,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEpD,qBAAa,GAAI,YAAW,mBAAmB;IACtC,QAAQ,EAAE,MAAM,CAAW;IAClC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAe;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CASvB;gBAEY,UAAU,EAAE,aAAa;IA2BtC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,iBAAgB;IAE7C,QAAQ,CAAC,CAAC,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAEvC;IAEK,aAAa,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAI9L,cAAc,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAIrM;;OAEG;IACG,QAAQ,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;CAgGnN"}

package/dist/src/tls.js

@@ -25,10 +25,33 @@ import { PROTOCOL } from './index.js';
 export class TLS {
     protocol = PROTOCOL;
     log;
-    privateKey;
+    components;
+    metrics;
     constructor(components) {
         this.log = components.logger.forComponent('libp2p:tls');
-        this.privateKey = components.privateKey;
+        this.components = components;
+        this.metrics = {
+            server: {
+                events: components.metrics?.registerCounterGroup('libp2p_tls_server_events_total', {
+                    label: 'event',
+                    help: 'Total count of TLS connection encryption events by type'
+                }),
+                errors: components.metrics?.registerCounterGroup('libp2p_tls_server_errors_total', {
+                    label: 'event',
+                    help: 'Total count of TLS connection encryption errors by type'
+                })
+            },
+            client: {
+                events: components.metrics?.registerCounterGroup('libp2p_tls_server_events_total', {
+                    label: 'event',
+                    help: 'Total count of TLS connection encryption events by type'
+                }),
+                errors: components.metrics?.registerCounterGroup('libp2p_tls_server_errors_total', {
+                    label: 'event',
+                    help: 'Total count of TLS connection encryption errors by type'
+                })
+            }
+        };
     }
     [Symbol.toStringTag] = '@libp2p/tls';
     [serviceCapabilities] = [
@@ -45,7 +68,7 @@ export class TLS {
      */
     async _encrypt(conn, isServer, options) {
         const opts = {
-            ...await generateCertificate(this.privateKey),
+            ...await generateCertificate(this.components.privateKey),
             isServer,
             // require TLS 1.3 or later
             minVersion: 'TLSv1.3',
@@ -69,9 +92,13 @@ export class TLS {
         }
         return new Promise((resolve, reject) => {
             options?.signal?.addEventListener('abort', () => {
-                const err = new HandshakeTimeoutError();
-                socket.destroy(err);
-                reject(err);
+                this.metrics[isServer ? 'server' : 'client'].events?.increment({
+                    abort: true
+                });
+                this.metrics[isServer ? 'server' : 'client'].errors?.increment({
+                    encrypt_abort: true
+                });
+                socket.emit('error', new HandshakeTimeoutError());
             });
             const verifyRemote = () => {
                 const remote = socket.getPeerCertificate();
@@ -87,21 +114,46 @@ export class TLS {
                     });
                 })
                     .catch((err) => {
-                    reject(err);
+                    this.metrics[isServer ? 'server' : 'client'].errors?.increment({
+                        verify_peer_certificate: true
+                    });
+                    socket.emit('error', err);
                 });
             };
             socket.on('error', (err) => {
+                this.log.error('error encrypting %s connection - %e', isServer ? 'server' : 'client', err);
+                if (err.name !== 'HandshakeTimeoutError') {
+                    this.metrics[isServer ? 'server' : 'client'].events?.increment({
+                        error: true
+                    });
+                }
+                socket.destroy(err);
+                if (isAbortable(conn)) {
+                    conn.abort(err);
+                }
                 reject(err);
             });
             socket.once('secure', () => {
                 this.log('verifying remote certificate');
+                this.metrics[isServer ? 'server' : 'client'].events?.increment({
+                    secure: true
+                });
                 verifyRemote();
             });
-        })
-            .catch(err => {
-            socket.destroy(err);
-            throw err;
+            socket.on('connect', () => {
+                this.metrics[isServer ? 'server' : 'client'].events?.increment({
+                    connect: true
+                });
+            });
+            socket.on('close', () => {
+                this.metrics[isServer ? 'server' : 'client'].events?.increment({
+                    close: true
+                });
+            });
         });
     }
 }
+function isAbortable(obj) {
+    return typeof obj?.abort === 'function';
+}
 //# sourceMappingURL=tls.js.map

package/dist/src/tls.js.map

@@ -1 +1 @@
-{"version":3,"file":"tls.js","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,SAAS,EAAyB,OAAO,EAAE,MAAM,UAAU,CAAA;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAC/F,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AAMrC,MAAM,OAAO,GAAG;IACP,QAAQ,GAAW,QAAQ,CAAA;IACjB,GAAG,CAAQ;IACX,UAAU,CAAY;IAEvC,YAAa,UAAyB;QACpC,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,UAAU,CAAA;IACzC,CAAC;IAEQ,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,aAAa,CAAA;IAEpC,CAAC,mBAAmB,CAAC,GAAa;QACzC,+BAA+B;KAChC,CAAA;IAED,KAAK,CAAC,aAAa,CAA6F,IAAY,EAAE,OAAiC;QAC7J,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,cAAc,CAA6F,IAAY,EAAE,OAAiC;QAC9J,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAA6F,IAAY,EAAE,QAAiB,EAAE,OAAiC;QAC3K,MAAM,IAAI,GAAqB;YAC7B,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;YAC7C,QAAQ;YACR,2BAA2B;YAC3B,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,SAAS;YACrB,kCAAkC;YAClC,kBAAkB,EAAE,KAAK;SAC1B,CAAA;QAED,IAAI,MAAiB,CAAA;QAErB,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,GAAG,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACvC,GAAG,IAAI;gBACP,uCAAuC;gBACvC,WAAW,EAAE,IAAI;aAClB,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,OAAO,CAAC;gBACf,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC;gBACxB,GAAG,IAAI;aACR,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,OAAO,CAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAChE,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBAC9C,MAAM,GAAG,GAAG,IAAI,qBAAqB,EAAE,CAAA;gBACvC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBACnB,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YAEF,MAAM,YAAY,GAAG,GAAS,EAAE;gBAC9B,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,EAAE,CAAA;gBAE1C,qBAAqB,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC;qBAC7D,IAAI,CAAC,UAAU,CAAC,EAAE;oBACjB,IAAI,CAAC,GAAG,CAAC,uCAAuC,EAAE,UAAU,CAAC,CAAA;oBAE7D,OAAO,CAAC;wBACN,UAAU;wBACV,IAAI,EAAE;4BACJ,GAAG,IAAI;4BACP,GAAG,UAAU,CAAC,MAAM,CAAC;yBACtB;qBACF,CAAC,CAAA;gBACJ,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,GAAU,EAAE,EAAE;oBACpB,MAAM,CAAC,GAAG,CAAC,CAAA;gBACb,CAAC,CAAC,CAAA;YACN,CAAC,CAAA;YAED,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAChC,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;gBACzB,IAAI,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAA;gBACxC,YAAY,EAAE,CAAA;YAChB,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC;aACC,KAAK,CAAC,GAAG,CAAC,EAAE;YACX,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YACnB,MAAM,GAAG,CAAA;QACX,CAAC,CAAC,CAAA;IACN,CAAC;CACF"}
+{"version":3,"file":"tls.js","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,SAAS,EAAyB,OAAO,EAAE,MAAM,UAAU,CAAA;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AACvD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AACnD,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAC/F,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AAMrC,MAAM,OAAO,GAAG;IACP,QAAQ,GAAW,QAAQ,CAAA;IACjB,GAAG,CAAQ;IACX,UAAU,CAAe;IACzB,OAAO,CASvB;IAED,YAAa,UAAyB;QACpC,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG;YACb,MAAM,EAAE;gBACN,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,EAAE;oBACjF,KAAK,EAAE,OAAO;oBACd,IAAI,EAAE,yDAAyD;iBAChE,CAAC;gBACF,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,EAAE;oBACjF,KAAK,EAAE,OAAO;oBACd,IAAI,EAAE,yDAAyD;iBAChE,CAAC;aACH;YACD,MAAM,EAAE;gBACN,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,EAAE;oBACjF,KAAK,EAAE,OAAO;oBACd,IAAI,EAAE,yDAAyD;iBAChE,CAAC;gBACF,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,EAAE;oBACjF,KAAK,EAAE,OAAO;oBACd,IAAI,EAAE,yDAAyD;iBAChE,CAAC;aACH;SACF,CAAA;IACH,CAAC;IAEQ,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,aAAa,CAAA;IAEpC,CAAC,mBAAmB,CAAC,GAAa;QACzC,+BAA+B;KAChC,CAAA;IAED,KAAK,CAAC,aAAa,CAA6F,IAAY,EAAE,OAAiC;QAC7J,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,cAAc,CAA6F,IAAY,EAAE,OAAiC;QAC9J,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAA6F,IAAY,EAAE,QAAiB,EAAE,OAAiC;QAC3K,MAAM,IAAI,GAAqB;YAC7B,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;YACxD,QAAQ;YACR,2BAA2B;YAC3B,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,SAAS;YACrB,kCAAkC;YAClC,kBAAkB,EAAE,KAAK;SAC1B,CAAA;QAED,IAAI,MAAiB,CAAA;QAErB,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,GAAG,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACvC,GAAG,IAAI;gBACP,uCAAuC;gBACvC,WAAW,EAAE,IAAI;aAClB,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,OAAO,CAAC;gBACf,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC;gBACxB,GAAG,IAAI;aACR,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,OAAO,CAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAChE,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBAC9C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;oBAC7D,KAAK,EAAE,IAAI;iBACZ,CAAC,CAAA;gBACF,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;oBAC7D,aAAa,EAAE,IAAI;iBACpB,CAAC,CAAA;gBACF,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,qBAAqB,EAAE,CAAC,CAAA;YACnD,CAAC,CAAC,CAAA;YAEF,MAAM,YAAY,GAAG,GAAS,EAAE;gBAC9B,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,EAAE,CAAA;gBAE1C,qBAAqB,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC;qBAC7D,IAAI,CAAC,UAAU,CAAC,EAAE;oBACjB,IAAI,CAAC,GAAG,CAAC,uCAAuC,EAAE,UAAU,CAAC,CAAA;oBAE7D,OAAO,CAAC;wBACN,UAAU;wBACV,IAAI,EAAE;4BACJ,GAAG,IAAI;4BACP,GAAG,UAAU,CAAC,MAAM,CAAC;yBACtB;qBACF,CAAC,CAAA;gBACJ,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,GAAU,EAAE,EAAE;oBACpB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;wBAC7D,uBAAuB,EAAE,IAAI;qBAC9B,CAAC,CAAA;oBACF,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;gBAC3B,CAAC,CAAC,CAAA;YACN,CAAC,CAAA;YAED,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAChC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,qCAAqC,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;gBAE1F,IAAI,GAAG,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;oBACzC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;wBAC7D,KAAK,EAAE,IAAI;qBACZ,CAAC,CAAA;gBACJ,CAAC;gBAED,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAEnB,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACjB,CAAC;gBAED,MAAM,CAAC,GAAG,CAAC,CAAA;YACb,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE;gBACzB,IAAI,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAA;gBACxC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;oBAC7D,MAAM,EAAE,IAAI;iBACb,CAAC,CAAA;gBACF,YAAY,EAAE,CAAA;YAChB,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACxB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;oBAC7D,OAAO,EAAE,IAAI;iBACd,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACtB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;oBAC7D,KAAK,EAAE,IAAI;iBACZ,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAMD,SAAS,WAAW,CAAM,GAA2B;IACnD,OAAO,OAAO,GAAG,EAAE,KAAK,KAAK,UAAU,CAAA;AACzC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@libp2p/tls",
-  "version": "2.0.17",
+  "version": "2.0.18-2c8ecb455",
   "description": "A connection encrypter that uses TLS 1.3",
   "license": "Apache-2.0 OR MIT",
   "homepage": "https://github.com/libp2p/js-libp2p/tree/main/packages/connection-encrypter-tls#readme",
@@ -48,9 +48,9 @@
     "doc-check": "aegir doc-check"
   },
   "dependencies": {
-    "@libp2p/crypto": "^5.0.13",
-    "@libp2p/interface": "^2.6.1",
-    "@libp2p/peer-id": "^5.0.14",
+    "@libp2p/crypto": "5.0.14-2c8ecb455",
+    "@libp2p/interface": "2.6.1-2c8ecb455",
+    "@libp2p/peer-id": "5.0.15-2c8ecb455",
     "@peculiar/asn1-schema": "^2.3.13",
     "@peculiar/asn1-x509": "^2.3.13",
     "@peculiar/webcrypto": "^1.5.0",
@@ -63,7 +63,7 @@
     "uint8arrays": "^5.1.0"
   },
   "devDependencies": {
-    "@libp2p/logger": "^5.1.10",
+    "@libp2p/logger": "5.1.11-2c8ecb455",
     "aegir": "^45.1.1",
     "it-pair": "^2.0.6",
     "protons": "^7.6.0",

package/src/index.ts

@@ -19,13 +19,14 @@
  */
 
 import { TLS } from './tls.js'
-import type { ComponentLogger, ConnectionEncrypter, PrivateKey } from '@libp2p/interface'
+import type { ComponentLogger, ConnectionEncrypter, Metrics, PrivateKey } from '@libp2p/interface'
 
 export const PROTOCOL = '/tls/1.0.0'
 
 export interface TLSComponents {
   privateKey: PrivateKey
   logger: ComponentLogger
+  metrics?: Metrics
 }
 
 export function tls (): (components: TLSComponents) => ConnectionEncrypter {

package/src/tls.ts

@@ -24,18 +24,50 @@ import { HandshakeTimeoutError } from './errors.js'
 import { generateCertificate, verifyPeerCertificate, itToStream, streamToIt } from './utils.js'
 import { PROTOCOL } from './index.js'
 import type { TLSComponents } from './index.js'
-import type { MultiaddrConnection, ConnectionEncrypter, SecuredConnection, Logger, SecureConnectionOptions, PrivateKey } from '@libp2p/interface'
+import type { MultiaddrConnection, ConnectionEncrypter, SecuredConnection, Logger, SecureConnectionOptions, CounterGroup } from '@libp2p/interface'
 import type { Duplex } from 'it-stream-types'
 import type { Uint8ArrayList } from 'uint8arraylist'
 
 export class TLS implements ConnectionEncrypter {
   public protocol: string = PROTOCOL
   private readonly log: Logger
-  private readonly privateKey: PrivateKey
+  private readonly components: TLSComponents
+  private readonly metrics: {
+    server: {
+      events?: CounterGroup
+      errors?: CounterGroup
+    }
+    client: {
+      events?: CounterGroup
+      errors?: CounterGroup
+    }
+  }
 
   constructor (components: TLSComponents) {
     this.log = components.logger.forComponent('libp2p:tls')
-    this.privateKey = components.privateKey
+    this.components = components
+    this.metrics = {
+      server: {
+        events: components.metrics?.registerCounterGroup('libp2p_tls_server_events_total', {
+          label: 'event',
+          help: 'Total count of TLS connection encryption events by type'
+        }),
+        errors: components.metrics?.registerCounterGroup('libp2p_tls_server_errors_total', {
+          label: 'event',
+          help: 'Total count of TLS connection encryption errors by type'
+        })
+      },
+      client: {
+        events: components.metrics?.registerCounterGroup('libp2p_tls_server_events_total', {
+          label: 'event',
+          help: 'Total count of TLS connection encryption events by type'
+        }),
+        errors: components.metrics?.registerCounterGroup('libp2p_tls_server_errors_total', {
+          label: 'event',
+          help: 'Total count of TLS connection encryption errors by type'
+        })
+      }
+    }
   }
 
   readonly [Symbol.toStringTag] = '@libp2p/tls'
@@ -57,7 +89,7 @@ export class TLS implements ConnectionEncrypter {
    */
   async _encrypt <Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection> (conn: Stream, isServer: boolean, options?: SecureConnectionOptions): Promise<SecuredConnection<Stream>> {
     const opts: TLSSocketOptions = {
-      ...await generateCertificate(this.privateKey),
+      ...await generateCertificate(this.components.privateKey),
       isServer,
       // require TLS 1.3 or later
       minVersion: 'TLSv1.3',
@@ -83,9 +115,13 @@ export class TLS implements ConnectionEncrypter {
 
     return new Promise<SecuredConnection<Stream>>((resolve, reject) => {
       options?.signal?.addEventListener('abort', () => {
-        const err = new HandshakeTimeoutError()
-        socket.destroy(err)
-        reject(err)
+        this.metrics[isServer ? 'server' : 'client'].events?.increment({
+          abort: true
+        })
+        this.metrics[isServer ? 'server' : 'client'].errors?.increment({
+          encrypt_abort: true
+        })
+        socket.emit('error', new HandshakeTimeoutError())
       })
 
       const verifyRemote = (): void => {
@@ -104,21 +140,55 @@ export class TLS implements ConnectionEncrypter {
             })
           })
           .catch((err: Error) => {
-            reject(err)
+            this.metrics[isServer ? 'server' : 'client'].errors?.increment({
+              verify_peer_certificate: true
+            })
+            socket.emit('error', err)
           })
       }
 
       socket.on('error', (err: Error) => {
+        this.log.error('error encrypting %s connection - %e', isServer ? 'server' : 'client', err)
+
+        if (err.name !== 'HandshakeTimeoutError') {
+          this.metrics[isServer ? 'server' : 'client'].events?.increment({
+            error: true
+          })
+        }
+
+        socket.destroy(err)
+
+        if (isAbortable(conn)) {
+          conn.abort(err)
+        }
+
         reject(err)
       })
       socket.once('secure', () => {
         this.log('verifying remote certificate')
+        this.metrics[isServer ? 'server' : 'client'].events?.increment({
+          secure: true
+        })
         verifyRemote()
       })
-    })
-      .catch(err => {
-        socket.destroy(err)
-        throw err
+      socket.on('connect', () => {
+        this.metrics[isServer ? 'server' : 'client'].events?.increment({
+          connect: true
+        })
+      })
+      socket.on('close', () => {
+        this.metrics[isServer ? 'server' : 'client'].events?.increment({
+          close: true
+        })
       })
+    })
   }
 }
+
+interface Abortable {
+  abort (err: Error): void
+}
+
+function isAbortable <T> (obj: T & Partial<Abortable>): obj is T & Abortable {
+  return typeof obj?.abort === 'function'
+}

package/dist/typedoc-urls.json

@@ -1,8 +0,0 @@
-{
-  "TLSComponents": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_tls.TLSComponents.html",
-  ".:TLSComponents": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_tls.TLSComponents.html",
-  "PROTOCOL": "https://libp2p.github.io/js-libp2p/variables/_libp2p_tls.PROTOCOL.html",
-  ".:PROTOCOL": "https://libp2p.github.io/js-libp2p/variables/_libp2p_tls.PROTOCOL.html",
-  "tls": "https://libp2p.github.io/js-libp2p/functions/_libp2p_tls.tls.html",
-  ".:tls": "https://libp2p.github.io/js-libp2p/functions/_libp2p_tls.tls.html"
-}