@omindu/yaksha 1.0.0

package/src/client/index.js

@@ -0,0 +1,544 @@
+'use strict';
+
+/**
+ * Yaksha VPN Client
+ * High-performance VPN client with automatic reconnection and all features
+ */
+
+const EventEmitter = require('events');
+const Connection = require('../core/connection');
+const Protocol = require('../core/protocol');
+const Encryption = require('../core/encryption');
+const SecurityLevels = require('../security/levels');
+const SNISpoofing = require('../features/sni-spoof');
+const TrafficObfuscation = require('../features/traffic-obfuscation');
+const MultiPath = require('../features/multi-path');
+const DNSOverride = require('../features/dns-override');
+const TLSCamouflage = require('../features/tls-camouflage');
+const FirewallEvasion = require('../bypass/firewall-evasion');
+const Config = require('../utils/config');
+const Logger = require('../utils/logger');
+
+class YakshaClient extends EventEmitter {
+  constructor(options = {}) {
+    super();
+
+    // Configuration
+    this.config = new Config(options);
+    this.serverHost = options.server || 'localhost';
+    this.serverPort = options.port || 8443;
+    this.securityLevel = options.securityLevel || 'medium';
+    this.autoReconnect = options.autoReconnect !== false;
+    this.authCredentials = options.authCredentials || {};
+    this.customSecurityConfig = options.customSecurityConfig || null;
+
+    // Security configuration
+    if (this.securityLevel === 'custom' && this.customSecurityConfig) {
+      this.securityConfig = SecurityLevels.createCustomConfig(
+        this.customSecurityConfig,
+        this.customSecurityConfig.baseLevel || 'medium'
+      );
+    } else {
+      this.securityConfig = SecurityLevels.getConfig(this.securityLevel);
+    }
+
+    // Core components
+    this.protocol = new Protocol({
+      maxPayloadSize: options.maxPayloadSize || 65535,
+      enablePadding: this.securityConfig.obfuscation !== 'none'
+    });
+
+    this.encryption = new Encryption(this.securityLevel, {
+      customConfig: this.securityLevel === 'custom' ? this.securityConfig : null
+    });
+
+    // Feature modules
+    this.features = {
+      sniSpoofing: new SNISpoofing(this.securityLevel, {
+        enabled: options.features?.sniSpoofing !== false,
+        bugHost: options.bugHost || this.securityConfig.bugHost || null
+      }),
+      obfuscation: new TrafficObfuscation(this.securityLevel, {
+        enabled: options.features?.trafficObfuscation !== false
+      }),
+      multiPath: new MultiPath(this.securityLevel, {
+        enabled: options.features?.multiPath !== false
+      }),
+      dnsOverride: new DNSOverride(this.securityLevel, {
+        enabled: options.features?.dnsOverride !== false
+      }),
+      tlsCamouflage: new TLSCamouflage(this.securityLevel, {
+        enabled: options.features?.tlsCamouflage !== false
+      }),
+      firewallEvasion: new FirewallEvasion(this.securityLevel, {
+        enabled: options.features?.firewallEvasion !== false
+      })
+    };
+
+    this.logger = new Logger({
+      prefix: 'Client',
+      level: options.logLevel || 'info'
+    });
+
+    // Client state
+    this.connection = null;
+    this.sessionId = null;
+    this.sequence = 0;
+    this.connected = false;
+    this.authenticated = false;
+
+    // Statistics
+    this.stats = {
+      connectedAt: null,
+      bytesReceived: 0,
+      bytesSent: 0,
+      packetsReceived: 0,
+      packetsSent: 0,
+      reconnects: 0,
+      errors: 0
+    };
+  }
+
+  /**
+   * Connect to VPN server
+   */
+  async connect() {
+    if (this.connected) {
+      throw new Error('Already connected');
+    }
+
+    this.logger.info(`Connecting to Yaksha VPN Server at ${this.serverHost}:${this.serverPort}`);
+    this.logger.info(`Security Level: ${this.securityLevel.toUpperCase()}`);
+
+    try {
+      // Check if multi-path is enabled
+      if (this.features.multiPath.enabled) {
+        await this._connectMultiPath();
+      } else {
+        await this._connectSinglePath();
+      }
+
+      // Perform handshake
+      await this._performHandshake();
+
+      this.connected = true;
+      this.stats.connectedAt = Date.now();
+
+      this.emit('connected', {
+        server: `${this.serverHost}:${this.serverPort}`,
+        sessionId: this.sessionId
+      });
+
+      this.logger.info(`Connected successfully. Session ID: ${this.sessionId}`);
+
+      // Start keepalive
+      this._startKeepalive();
+
+    } catch (error) {
+      this.logger.error('Connection failed:', error.message);
+      this.stats.errors++;
+      await this.disconnect();
+      throw error;
+    }
+  }
+
+  /**
+   * Connect using single path
+   */
+  async _connectSinglePath() {
+    this.connection = new Connection({
+      host: this.serverHost,
+      port: this.serverPort,
+      autoReconnect: this.autoReconnect
+    });
+
+    // Set up event handlers
+    this.connection.on('tcp:data', (data) => {
+      this._handleData(data);
+    });
+
+    this.connection.on('udp:data', (data) => {
+      this._handleData(data);
+    });
+
+    this.connection.on('disconnected', () => {
+      this._handleDisconnection();
+    });
+
+    this.connection.on('reconnecting', (attempt, delay) => {
+      this.logger.info(`Reconnecting... (attempt ${attempt}, delay ${delay}ms)`);
+      this.emit('reconnecting', attempt, delay);
+    });
+
+    this.connection.on('error', (error) => {
+      this.logger.error('Connection error:', error.message);
+      this.stats.errors++;
+      this.emit('error', error);
+    });
+
+    await this.connection.connect();
+  }
+
+  /**
+   * Connect using multi-path
+   */
+  async _connectMultiPath() {
+    // Initialize multi-path routing
+    await this.features.multiPath.initializePaths(
+      this.serverHost,
+      this.serverPort,
+      {
+        autoReconnect: this.autoReconnect
+      }
+    );
+
+    // Set up event handlers
+    this.features.multiPath.on('data', (data, pathIndex) => {
+      this._handleData(data);
+    });
+
+    this.features.multiPath.on('path-error', (pathIndex, error) => {
+      this.logger.warn(`Path ${pathIndex} error:`, error.message);
+    });
+
+    this.features.multiPath.on('path-disconnected', (pathIndex) => {
+      this.logger.warn(`Path ${pathIndex} disconnected`);
+    });
+  }
+
+  /**
+   * Perform handshake with server
+   */
+  async _performHandshake() {
+    // Generate encryption keys
+    this.encryption.generateKeys();
+
+    // Build handshake packet
+    const handshakeData = JSON.stringify({
+      version: '1.1.0',
+      clientPublicKey: this.encryption.keys.publicKey 
+        ? this.encryption.keys.publicKey.toString('base64')
+        : null,
+      securityLevel: this.securityLevel,
+      credentials: this.authCredentials,
+      features: {
+        sniSpoofing: this.features.sniSpoofing.enabled,
+        obfuscation: this.features.obfuscation.enabled,
+        multiPath: this.features.multiPath.enabled,
+        dnsOverride: this.features.dnsOverride.enabled,
+        tlsCamouflage: this.features.tlsCamouflage.enabled,
+        firewallEvasion: this.features.firewallEvasion.enabled
+      }
+    });
+
+    // Generate temporary session ID
+    const tempSessionId = Math.floor(Math.random() * 0xFFFFFFFF);
+
+    const { packet } = this.protocol.createHandshake(
+      tempSessionId,
+      this.sequence++,
+      Buffer.from(handshakeData, 'utf8')
+    );
+
+    // Send handshake
+    await this._sendPacket(packet);
+
+    // Wait for handshake response
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => {
+        reject(new Error('Handshake timeout'));
+      }, 10000);
+
+      const handler = (data) => {
+        try {
+          const { header, payload } = this.protocol.deserialize(data);
+
+          if (header.type === Protocol.PACKET_TYPES.HANDSHAKE) {
+            const response = JSON.parse(payload.toString('utf8'));
+            
+            // Store session ID
+            this.sessionId = response.sessionId;
+
+            // Perform key exchange if server provided public key
+            if (response.publicKey) {
+              const serverPublicKey = Buffer.from(response.publicKey, 'base64');
+              this.encryption.keyExchange(serverPublicKey);
+            }
+
+            // Wait for auth response
+            this.once('_authResponse', (authSuccess) => {
+              clearTimeout(timeout);
+              if (authSuccess) {
+                this.authenticated = true;
+                resolve();
+              } else {
+                reject(new Error('Authentication failed'));
+              }
+            });
+          } else if (header.type === Protocol.PACKET_TYPES.DATA) {
+            // Authentication response
+            const response = JSON.parse(payload.toString('utf8'));
+            this.emit('_authResponse', response.success);
+          }
+        } catch (error) {
+          // Ignore parse errors during handshake
+        }
+      };
+
+      this.once('_rawData', handler);
+    });
+  }
+
+  /**
+   * Handle incoming data
+   */
+  _handleData(data) {
+    this.emit('_rawData', data);
+
+    try {
+      const { header, payload } = this.protocol.deserialize(data);
+
+      this.stats.packetsReceived++;
+      this.stats.bytesReceived += data.length;
+
+      // Handle different packet types
+      switch (header.type) {
+        case Protocol.PACKET_TYPES.DATA:
+          this._handleDataPacket(payload);
+          break;
+
+        case Protocol.PACKET_TYPES.KEEPALIVE:
+          // Server keepalive response
+          break;
+
+        case Protocol.PACKET_TYPES.CLOSE:
+          const reason = payload.toString('utf8');
+          this.logger.info(`Server closing connection: ${reason}`);
+          this.disconnect();
+          break;
+
+        default:
+          this.logger.warn(`Unknown packet type: ${header.type}`);
+      }
+
+    } catch (error) {
+      this.logger.error('Error handling data:', error.message);
+      this.stats.errors++;
+    }
+  }
+
+  /**
+   * Handle data packet
+   */
+  _handleDataPacket(payload) {
+    if (!this.authenticated) {
+      return;
+    }
+
+    // Decrypt data if encrypted
+    try {
+      // In production, decrypt payload here
+      // const decrypted = this.encryption.decrypt(...);
+
+      this.emit('data', payload);
+
+    } catch (error) {
+      this.logger.error('Error handling data packet:', error.message);
+    }
+  }
+
+  /**
+   * Send data through VPN tunnel
+   */
+  async send(data, protocol = 'udp') {
+    if (!this.connected || !this.authenticated) {
+      throw new Error('Not connected or authenticated');
+    }
+
+    try {
+      // Apply features in order
+      
+      // 1. TLS Camouflage
+      if (this.features.tlsCamouflage.enabled) {
+        data = this.features.tlsCamouflage.camouflage(data);
+      }
+
+      // 2. Traffic Obfuscation
+      if (this.features.obfuscation.enabled) {
+        const { data: obfuscated } = this.features.obfuscation.obfuscate(data);
+        data = obfuscated;
+      }
+
+      // 3. Firewall Evasion
+      if (this.features.firewallEvasion.enabled) {
+        data = this.features.firewallEvasion.evadeDPI(data);
+      }
+
+      // 4. Create protocol packet
+      const { packet } = this.protocol.createData(
+        this.sessionId,
+        this.sequence++,
+        data
+      );
+
+      // 5. Send via multi-path or single path
+      await this._sendPacket(packet, protocol);
+
+      this.stats.packetsSent++;
+      this.stats.bytesSent += packet.length;
+
+    } catch (error) {
+      this.logger.error('Error sending data:', error.message);
+      this.stats.errors++;
+      throw error;
+    }
+  }
+
+  /**
+   * Send packet
+   */
+  async _sendPacket(packet, protocol = 'tcp') {
+    if (this.features.multiPath.enabled && this.features.multiPath.paths.length > 0) {
+      await this.features.multiPath.send(packet, protocol);
+    } else if (this.connection) {
+      if (protocol === 'tcp') {
+        await this.connection.sendTCP(packet);
+      } else {
+        await this.connection.sendUDP(packet);
+      }
+    } else {
+      throw new Error('No connection available');
+    }
+  }
+
+  /**
+   * Start keepalive mechanism
+   */
+  _startKeepalive() {
+    this.keepaliveInterval = setInterval(() => {
+      if (this.connected && this.authenticated) {
+        const { packet } = this.protocol.createKeepalive(
+          this.sessionId,
+          this.sequence++
+        );
+        
+        this._sendPacket(packet, 'tcp').catch(error => {
+          this.logger.error('Keepalive failed:', error.message);
+        });
+      }
+    }, 30000); // Every 30 seconds
+  }
+
+  /**
+   * Stop keepalive mechanism
+   */
+  _stopKeepalive() {
+    if (this.keepaliveInterval) {
+      clearInterval(this.keepaliveInterval);
+      this.keepaliveInterval = null;
+    }
+  }
+
+  /**
+   * Handle disconnection
+   */
+  _handleDisconnection() {
+    if (!this.connected) {
+      return;
+    }
+
+    this.logger.info('Disconnected from server');
+    this.connected = false;
+    this.authenticated = false;
+
+    this._stopKeepalive();
+
+    this.emit('disconnected');
+
+    if (this.autoReconnect) {
+      this.logger.info('Attempting to reconnect...');
+      this.stats.reconnects++;
+      
+      setTimeout(() => {
+        this.connect().catch(error => {
+          this.logger.error('Reconnection failed:', error.message);
+        });
+      }, 3000);
+    }
+  }
+
+  /**
+   * Disconnect from server
+   */
+  async disconnect() {
+    if (!this.connected) {
+      return;
+    }
+
+    this.logger.info('Disconnecting from server...');
+
+    try {
+      // Send close packet
+      const { packet } = this.protocol.createClose(
+        this.sessionId,
+        this.sequence++,
+        'Client disconnecting'
+      );
+
+      await this._sendPacket(packet, 'tcp');
+    } catch (error) {
+      // Ignore errors during disconnect
+    }
+
+    this._stopKeepalive();
+
+    if (this.features.multiPath.enabled) {
+      this.features.multiPath.closeAll();
+    } else if (this.connection) {
+      this.connection.disconnect();
+    }
+
+    this.connected = false;
+    this.authenticated = false;
+    this.sessionId = null;
+
+    this.emit('disconnected');
+    this.logger.info('Disconnected');
+  }
+
+  /**
+   * Get statistics
+   */
+  getStats() {
+    const uptime = this.stats.connectedAt 
+      ? Date.now() - this.stats.connectedAt
+      : 0;
+
+    const stats = {
+      ...this.stats,
+      uptime,
+      connected: this.connected,
+      authenticated: this.authenticated
+    };
+
+    // Add multi-path stats if enabled
+    if (this.features.multiPath.enabled) {
+      stats.multiPath = this.features.multiPath.getStats();
+    }
+
+    return stats;
+  }
+
+  /**
+   * Resolve DNS through VPN tunnel
+   */
+  async resolveDNS(domain, type = 'A') {
+    if (this.features.dnsOverride.enabled) {
+      return await this.features.dnsOverride.resolve(domain, type);
+    }
+
+    throw new Error('DNS override not enabled');
+  }
+}
+
+module.exports = YakshaClient;