@push.rocks/smartproxy 12.0.0 → 13.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (258) hide show
  1. package/dist_ts/00_commitinfo_data.js +1 -1
  2. package/dist_ts/certificate/acme/acme-factory.d.ts +17 -0
  3. package/dist_ts/certificate/acme/acme-factory.js +40 -0
  4. package/dist_ts/certificate/acme/challenge-handler.d.ts +44 -0
  5. package/dist_ts/certificate/acme/challenge-handler.js +92 -0
  6. package/dist_ts/certificate/acme/index.d.ts +4 -0
  7. package/dist_ts/certificate/acme/index.js +5 -0
  8. package/dist_ts/certificate/events/certificate-events.d.ts +33 -0
  9. package/dist_ts/certificate/events/certificate-events.js +38 -0
  10. package/dist_ts/certificate/index.d.ts +24 -0
  11. package/dist_ts/certificate/index.js +39 -0
  12. package/dist_ts/certificate/models/certificate-types.d.ts +77 -0
  13. package/dist_ts/certificate/models/certificate-types.js +2 -0
  14. package/dist_ts/certificate/providers/cert-provisioner.d.ts +93 -0
  15. package/dist_ts/certificate/providers/cert-provisioner.js +262 -0
  16. package/dist_ts/certificate/providers/index.d.ts +4 -0
  17. package/dist_ts/certificate/providers/index.js +5 -0
  18. package/dist_ts/certificate/storage/file-storage.d.ts +66 -0
  19. package/dist_ts/certificate/storage/file-storage.js +194 -0
  20. package/dist_ts/certificate/storage/index.d.ts +4 -0
  21. package/dist_ts/certificate/storage/index.js +5 -0
  22. package/dist_ts/certificate/utils/certificate-helpers.d.ts +17 -0
  23. package/dist_ts/certificate/utils/certificate-helpers.js +45 -0
  24. package/dist_ts/common/eventUtils.d.ts +1 -1
  25. package/dist_ts/common/port80-adapter.d.ts +1 -1
  26. package/dist_ts/core/events/index.d.ts +4 -0
  27. package/dist_ts/core/events/index.js +5 -0
  28. package/dist_ts/core/index.d.ts +6 -0
  29. package/dist_ts/core/index.js +8 -0
  30. package/dist_ts/core/models/common-types.d.ts +82 -0
  31. package/dist_ts/core/models/common-types.js +15 -0
  32. package/dist_ts/core/models/index.d.ts +4 -0
  33. package/dist_ts/core/models/index.js +5 -0
  34. package/dist_ts/core/utils/event-utils.d.ts +15 -0
  35. package/dist_ts/core/utils/event-utils.js +19 -0
  36. package/dist_ts/core/utils/index.d.ts +6 -0
  37. package/dist_ts/core/utils/index.js +7 -0
  38. package/dist_ts/core/utils/ip-utils.d.ts +53 -0
  39. package/dist_ts/core/utils/ip-utils.js +153 -0
  40. package/dist_ts/core/utils/validation-utils.d.ts +61 -0
  41. package/dist_ts/core/utils/validation-utils.js +149 -0
  42. package/dist_ts/forwarding/config/domain-config.d.ts +12 -0
  43. package/dist_ts/forwarding/config/domain-config.js +12 -0
  44. package/dist_ts/forwarding/config/domain-manager.d.ts +86 -0
  45. package/dist_ts/forwarding/config/domain-manager.js +242 -0
  46. package/dist_ts/forwarding/config/forwarding-types.d.ts +104 -0
  47. package/dist_ts/forwarding/config/forwarding-types.js +50 -0
  48. package/dist_ts/forwarding/config/index.d.ts +6 -0
  49. package/dist_ts/forwarding/config/index.js +7 -0
  50. package/dist_ts/forwarding/factory/forwarding-factory.d.ts +25 -0
  51. package/dist_ts/forwarding/factory/forwarding-factory.js +138 -0
  52. package/dist_ts/forwarding/factory/index.d.ts +4 -0
  53. package/dist_ts/forwarding/factory/index.js +5 -0
  54. package/dist_ts/forwarding/handlers/base-handler.d.ts +55 -0
  55. package/dist_ts/forwarding/handlers/base-handler.js +94 -0
  56. package/dist_ts/forwarding/handlers/http-handler.d.ts +30 -0
  57. package/dist_ts/forwarding/handlers/http-handler.js +131 -0
  58. package/dist_ts/forwarding/handlers/https-passthrough-handler.d.ts +29 -0
  59. package/dist_ts/forwarding/handlers/https-passthrough-handler.js +162 -0
  60. package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.d.ts +36 -0
  61. package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.js +229 -0
  62. package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.d.ts +35 -0
  63. package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.js +254 -0
  64. package/dist_ts/forwarding/handlers/index.d.ts +8 -0
  65. package/dist_ts/forwarding/handlers/index.js +9 -0
  66. package/dist_ts/forwarding/index.d.ts +19 -0
  67. package/dist_ts/forwarding/index.js +25 -0
  68. package/dist_ts/http/index.d.ts +15 -0
  69. package/dist_ts/http/index.js +20 -0
  70. package/dist_ts/http/models/http-types.d.ts +81 -0
  71. package/dist_ts/http/models/http-types.js +62 -0
  72. package/dist_ts/http/port80/acme-interfaces.d.ts +78 -0
  73. package/dist_ts/http/port80/acme-interfaces.js +6 -0
  74. package/dist_ts/http/port80/challenge-responder.d.ts +53 -0
  75. package/dist_ts/http/port80/challenge-responder.js +203 -0
  76. package/dist_ts/http/port80/index.d.ts +6 -0
  77. package/dist_ts/http/port80/index.js +9 -0
  78. package/dist_ts/http/port80/port80-handler.d.ts +121 -0
  79. package/dist_ts/http/port80/port80-handler.js +554 -0
  80. package/dist_ts/http/redirects/index.d.ts +4 -0
  81. package/dist_ts/http/redirects/index.js +5 -0
  82. package/dist_ts/http/router/index.d.ts +4 -0
  83. package/dist_ts/http/router/index.js +5 -0
  84. package/dist_ts/http/router/proxy-router.d.ts +115 -0
  85. package/dist_ts/http/router/proxy-router.js +325 -0
  86. package/dist_ts/index.d.ts +15 -8
  87. package/dist_ts/index.js +26 -10
  88. package/dist_ts/networkproxy/classes.np.certificatemanager.js +2 -2
  89. package/dist_ts/networkproxy/index.d.ts +1 -6
  90. package/dist_ts/networkproxy/index.js +4 -8
  91. package/dist_ts/plugins.d.ts +2 -1
  92. package/dist_ts/plugins.js +3 -2
  93. package/dist_ts/port80handler/classes.port80handler.d.ts +8 -136
  94. package/dist_ts/port80handler/classes.port80handler.js +14 -567
  95. package/dist_ts/proxies/index.d.ts +6 -0
  96. package/dist_ts/proxies/index.js +8 -0
  97. package/dist_ts/proxies/network-proxy/certificate-manager.d.ts +77 -0
  98. package/dist_ts/proxies/network-proxy/certificate-manager.js +373 -0
  99. package/dist_ts/proxies/network-proxy/connection-pool.d.ts +47 -0
  100. package/dist_ts/proxies/network-proxy/connection-pool.js +210 -0
  101. package/dist_ts/proxies/network-proxy/index.d.ts +10 -0
  102. package/dist_ts/proxies/network-proxy/index.js +12 -0
  103. package/dist_ts/proxies/network-proxy/models/index.d.ts +4 -0
  104. package/dist_ts/proxies/network-proxy/models/index.js +5 -0
  105. package/dist_ts/proxies/network-proxy/models/types.d.ts +80 -0
  106. package/dist_ts/proxies/network-proxy/models/types.js +35 -0
  107. package/dist_ts/proxies/network-proxy/network-proxy.d.ts +118 -0
  108. package/dist_ts/proxies/network-proxy/network-proxy.js +387 -0
  109. package/dist_ts/proxies/network-proxy/request-handler.d.ts +57 -0
  110. package/dist_ts/proxies/network-proxy/request-handler.js +394 -0
  111. package/dist_ts/proxies/network-proxy/websocket-handler.d.ts +38 -0
  112. package/dist_ts/proxies/network-proxy/websocket-handler.js +188 -0
  113. package/dist_ts/proxies/nftables-proxy/index.d.ts +5 -0
  114. package/dist_ts/proxies/nftables-proxy/index.js +6 -0
  115. package/dist_ts/proxies/nftables-proxy/models/errors.d.ts +15 -0
  116. package/dist_ts/proxies/nftables-proxy/models/errors.js +28 -0
  117. package/dist_ts/proxies/nftables-proxy/models/index.d.ts +5 -0
  118. package/dist_ts/proxies/nftables-proxy/models/index.js +6 -0
  119. package/dist_ts/proxies/nftables-proxy/models/interfaces.d.ts +75 -0
  120. package/dist_ts/proxies/nftables-proxy/models/interfaces.js +5 -0
  121. package/dist_ts/proxies/nftables-proxy/nftables-proxy.d.ts +136 -0
  122. package/dist_ts/proxies/nftables-proxy/nftables-proxy.js +1516 -0
  123. package/dist_ts/proxies/smart-proxy/connection-handler.d.ts +39 -0
  124. package/dist_ts/proxies/smart-proxy/connection-handler.js +894 -0
  125. package/dist_ts/proxies/smart-proxy/connection-manager.d.ts +78 -0
  126. package/dist_ts/proxies/smart-proxy/connection-manager.js +378 -0
  127. package/dist_ts/proxies/smart-proxy/domain-config-manager.d.ts +95 -0
  128. package/dist_ts/proxies/smart-proxy/domain-config-manager.js +255 -0
  129. package/dist_ts/proxies/smart-proxy/index.d.ts +13 -0
  130. package/dist_ts/proxies/smart-proxy/index.js +17 -0
  131. package/dist_ts/proxies/smart-proxy/models/index.d.ts +4 -0
  132. package/dist_ts/proxies/smart-proxy/models/index.js +5 -0
  133. package/dist_ts/proxies/smart-proxy/models/interfaces.d.ts +107 -0
  134. package/dist_ts/proxies/smart-proxy/models/interfaces.js +2 -0
  135. package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts +62 -0
  136. package/dist_ts/proxies/smart-proxy/network-proxy-bridge.js +316 -0
  137. package/dist_ts/proxies/smart-proxy/port-range-manager.d.ts +56 -0
  138. package/dist_ts/proxies/smart-proxy/port-range-manager.js +176 -0
  139. package/dist_ts/proxies/smart-proxy/security-manager.d.ts +64 -0
  140. package/dist_ts/proxies/smart-proxy/security-manager.js +149 -0
  141. package/dist_ts/proxies/smart-proxy/smart-proxy.d.ts +63 -0
  142. package/dist_ts/proxies/smart-proxy/smart-proxy.js +523 -0
  143. package/dist_ts/proxies/smart-proxy/timeout-manager.d.ts +47 -0
  144. package/dist_ts/proxies/smart-proxy/timeout-manager.js +154 -0
  145. package/dist_ts/proxies/smart-proxy/tls-manager.d.ts +57 -0
  146. package/dist_ts/proxies/smart-proxy/tls-manager.js +132 -0
  147. package/dist_ts/smartproxy/classes.pp.networkproxybridge.d.ts +2 -2
  148. package/dist_ts/smartproxy/classes.pp.networkproxybridge.js +1 -1
  149. package/dist_ts/smartproxy/classes.pp.tlsmanager.js +2 -2
  150. package/dist_ts/smartproxy/classes.smartproxy.js +3 -3
  151. package/dist_ts/tls/alerts/index.d.ts +4 -0
  152. package/dist_ts/tls/alerts/index.js +5 -0
  153. package/dist_ts/tls/alerts/tls-alert.d.ts +150 -0
  154. package/dist_ts/tls/alerts/tls-alert.js +226 -0
  155. package/dist_ts/tls/index.d.ts +18 -0
  156. package/dist_ts/tls/index.js +27 -0
  157. package/dist_ts/tls/sni/client-hello-parser.d.ts +100 -0
  158. package/dist_ts/tls/sni/client-hello-parser.js +463 -0
  159. package/dist_ts/tls/sni/index.d.ts +4 -0
  160. package/dist_ts/tls/sni/index.js +5 -0
  161. package/dist_ts/tls/sni/sni-extraction.d.ts +58 -0
  162. package/dist_ts/tls/sni/sni-extraction.js +275 -0
  163. package/dist_ts/tls/sni/sni-handler.d.ts +154 -0
  164. package/dist_ts/tls/sni/sni-handler.js +191 -0
  165. package/dist_ts/tls/utils/index.d.ts +4 -0
  166. package/dist_ts/tls/utils/index.js +5 -0
  167. package/dist_ts/tls/utils/tls-utils.d.ts +158 -0
  168. package/dist_ts/tls/utils/tls-utils.js +187 -0
  169. package/package.json +1 -1
  170. package/readme.md +89 -21
  171. package/readme.plan.md +253 -469
  172. package/ts/00_commitinfo_data.ts +1 -1
  173. package/ts/certificate/acme/acme-factory.ts +48 -0
  174. package/ts/certificate/acme/challenge-handler.ts +110 -0
  175. package/ts/certificate/acme/index.ts +3 -0
  176. package/ts/certificate/events/certificate-events.ts +36 -0
  177. package/ts/certificate/index.ts +67 -0
  178. package/ts/certificate/models/certificate-types.ts +88 -0
  179. package/ts/certificate/providers/cert-provisioner.ts +326 -0
  180. package/ts/certificate/providers/index.ts +3 -0
  181. package/ts/certificate/storage/file-storage.ts +234 -0
  182. package/ts/certificate/storage/index.ts +3 -0
  183. package/ts/certificate/utils/certificate-helpers.ts +50 -0
  184. package/ts/common/eventUtils.ts +1 -1
  185. package/ts/common/port80-adapter.ts +1 -1
  186. package/ts/core/events/index.ts +3 -0
  187. package/ts/core/index.ts +8 -0
  188. package/ts/core/models/common-types.ts +91 -0
  189. package/ts/core/models/index.ts +5 -0
  190. package/ts/core/utils/event-utils.ts +34 -0
  191. package/ts/core/utils/index.ts +7 -0
  192. package/ts/core/utils/ip-utils.ts +175 -0
  193. package/ts/core/utils/validation-utils.ts +177 -0
  194. package/ts/{smartproxy/forwarding → forwarding/config}/domain-config.ts +1 -1
  195. package/ts/{smartproxy/forwarding → forwarding/config}/domain-manager.ts +8 -8
  196. package/ts/{smartproxy/types/forwarding.types.ts → forwarding/config/forwarding-types.ts} +6 -6
  197. package/ts/forwarding/config/index.ts +7 -0
  198. package/ts/{smartproxy/forwarding/forwarding.factory.ts → forwarding/factory/forwarding-factory.ts} +12 -11
  199. package/ts/forwarding/factory/index.ts +5 -0
  200. package/ts/{smartproxy/forwarding/forwarding.handler.ts → forwarding/handlers/base-handler.ts} +2 -2
  201. package/ts/{smartproxy/forwarding/http.handler.ts → forwarding/handlers/http-handler.ts} +13 -4
  202. package/ts/{smartproxy/forwarding/https-passthrough.handler.ts → forwarding/handlers/https-passthrough-handler.ts} +13 -4
  203. package/ts/{smartproxy/forwarding/https-terminate-to-http.handler.ts → forwarding/handlers/https-terminate-to-http-handler.ts} +3 -3
  204. package/ts/{smartproxy/forwarding/https-terminate-to-https.handler.ts → forwarding/handlers/https-terminate-to-https-handler.ts} +3 -3
  205. package/ts/forwarding/handlers/index.ts +9 -0
  206. package/ts/forwarding/index.ts +34 -0
  207. package/ts/http/index.ts +23 -0
  208. package/ts/http/models/http-types.ts +105 -0
  209. package/ts/http/port80/acme-interfaces.ts +85 -0
  210. package/ts/http/port80/challenge-responder.ts +246 -0
  211. package/ts/http/port80/index.ts +13 -0
  212. package/ts/{port80handler/classes.port80handler.ts → http/port80/port80-handler.ts} +164 -161
  213. package/ts/http/redirects/index.ts +3 -0
  214. package/ts/http/router/index.ts +5 -0
  215. package/ts/{classes.router.ts → http/router/proxy-router.ts} +27 -20
  216. package/ts/index.ts +32 -9
  217. package/ts/plugins.ts +2 -1
  218. package/ts/proxies/index.ts +8 -0
  219. package/ts/{networkproxy/classes.np.certificatemanager.ts → proxies/network-proxy/certificate-manager.ts} +17 -16
  220. package/ts/{networkproxy/classes.np.connectionpool.ts → proxies/network-proxy/connection-pool.ts} +3 -3
  221. package/ts/proxies/network-proxy/index.ts +13 -0
  222. package/ts/proxies/network-proxy/models/index.ts +4 -0
  223. package/ts/{networkproxy/classes.np.types.ts → proxies/network-proxy/models/types.ts} +7 -11
  224. package/ts/{networkproxy/classes.np.networkproxy.ts → proxies/network-proxy/network-proxy.ts} +31 -24
  225. package/ts/{networkproxy/classes.np.requesthandler.ts → proxies/network-proxy/request-handler.ts} +12 -7
  226. package/ts/{networkproxy/classes.np.websockethandler.ts → proxies/network-proxy/websocket-handler.ts} +6 -6
  227. package/ts/proxies/nftables-proxy/index.ts +5 -0
  228. package/ts/proxies/nftables-proxy/models/errors.ts +30 -0
  229. package/ts/proxies/nftables-proxy/models/index.ts +5 -0
  230. package/ts/proxies/nftables-proxy/models/interfaces.ts +94 -0
  231. package/ts/{nfttablesproxy/classes.nftablesproxy.ts → proxies/nftables-proxy/nftables-proxy.ts} +24 -126
  232. package/ts/{smartproxy/classes.pp.connectionhandler.ts → proxies/smart-proxy/connection-handler.ts} +12 -12
  233. package/ts/{smartproxy/classes.pp.connectionmanager.ts → proxies/smart-proxy/connection-manager.ts} +8 -8
  234. package/ts/{smartproxy/classes.pp.domainconfigmanager.ts → proxies/smart-proxy/domain-config-manager.ts} +15 -14
  235. package/ts/proxies/smart-proxy/index.ts +18 -0
  236. package/ts/proxies/smart-proxy/models/index.ts +4 -0
  237. package/ts/{smartproxy/classes.pp.interfaces.ts → proxies/smart-proxy/models/interfaces.ts} +12 -8
  238. package/ts/{smartproxy/classes.pp.networkproxybridge.ts → proxies/smart-proxy/network-proxy-bridge.ts} +14 -14
  239. package/ts/{smartproxy/classes.pp.portrangemanager.ts → proxies/smart-proxy/port-range-manager.ts} +1 -1
  240. package/ts/{smartproxy/classes.pp.securitymanager.ts → proxies/smart-proxy/security-manager.ts} +3 -3
  241. package/ts/{smartproxy/classes.smartproxy.ts → proxies/smart-proxy/smart-proxy.ts} +29 -24
  242. package/ts/{smartproxy/classes.pp.timeoutmanager.ts → proxies/smart-proxy/timeout-manager.ts} +3 -3
  243. package/ts/{smartproxy/classes.pp.tlsmanager.ts → proxies/smart-proxy/tls-manager.ts} +3 -3
  244. package/ts/tls/alerts/index.ts +3 -0
  245. package/ts/{smartproxy/classes.pp.tlsalert.ts → tls/alerts/tls-alert.ts} +44 -43
  246. package/ts/tls/index.ts +33 -0
  247. package/ts/tls/sni/client-hello-parser.ts +629 -0
  248. package/ts/tls/sni/index.ts +3 -0
  249. package/ts/tls/sni/sni-extraction.ts +353 -0
  250. package/ts/tls/sni/sni-handler.ts +264 -0
  251. package/ts/tls/utils/index.ts +3 -0
  252. package/ts/tls/utils/tls-utils.ts +201 -0
  253. package/ts/common/acmeFactory.ts +0 -23
  254. package/ts/helpers.certificates.ts +0 -30
  255. package/ts/networkproxy/index.ts +0 -7
  256. package/ts/smartproxy/classes.pp.certprovisioner.ts +0 -200
  257. package/ts/smartproxy/classes.pp.snihandler.ts +0 -1281
  258. package/ts/smartproxy/forwarding/index.ts +0 -52
@@ -0,0 +1,158 @@
1
+ /**
2
+ * TLS record types as defined in various RFCs
3
+ */
4
+ export declare enum TlsRecordType {
5
+ CHANGE_CIPHER_SPEC = 20,
6
+ ALERT = 21,
7
+ HANDSHAKE = 22,
8
+ APPLICATION_DATA = 23,
9
+ HEARTBEAT = 24
10
+ }
11
+ /**
12
+ * TLS handshake message types
13
+ */
14
+ export declare enum TlsHandshakeType {
15
+ HELLO_REQUEST = 0,
16
+ CLIENT_HELLO = 1,
17
+ SERVER_HELLO = 2,
18
+ NEW_SESSION_TICKET = 4,
19
+ ENCRYPTED_EXTENSIONS = 8,// TLS 1.3
20
+ CERTIFICATE = 11,
21
+ SERVER_KEY_EXCHANGE = 12,
22
+ CERTIFICATE_REQUEST = 13,
23
+ SERVER_HELLO_DONE = 14,
24
+ CERTIFICATE_VERIFY = 15,
25
+ CLIENT_KEY_EXCHANGE = 16,
26
+ FINISHED = 20
27
+ }
28
+ /**
29
+ * TLS extension types
30
+ */
31
+ export declare enum TlsExtensionType {
32
+ SERVER_NAME = 0,// SNI
33
+ MAX_FRAGMENT_LENGTH = 1,
34
+ CLIENT_CERTIFICATE_URL = 2,
35
+ TRUSTED_CA_KEYS = 3,
36
+ TRUNCATED_HMAC = 4,
37
+ STATUS_REQUEST = 5,// OCSP
38
+ SUPPORTED_GROUPS = 10,// Previously named "elliptic_curves"
39
+ EC_POINT_FORMATS = 11,
40
+ SIGNATURE_ALGORITHMS = 13,
41
+ APPLICATION_LAYER_PROTOCOL_NEGOTIATION = 16,// ALPN
42
+ SIGNED_CERTIFICATE_TIMESTAMP = 18,// Certificate Transparency
43
+ PADDING = 21,
44
+ SESSION_TICKET = 35,
45
+ PRE_SHARED_KEY = 41,// TLS 1.3
46
+ EARLY_DATA = 42,// TLS 1.3 0-RTT
47
+ SUPPORTED_VERSIONS = 43,// TLS 1.3
48
+ COOKIE = 44,// TLS 1.3
49
+ PSK_KEY_EXCHANGE_MODES = 45,// TLS 1.3
50
+ CERTIFICATE_AUTHORITIES = 47,// TLS 1.3
51
+ POST_HANDSHAKE_AUTH = 49,// TLS 1.3
52
+ SIGNATURE_ALGORITHMS_CERT = 50,// TLS 1.3
53
+ KEY_SHARE = 51
54
+ }
55
+ /**
56
+ * TLS alert levels
57
+ */
58
+ export declare enum TlsAlertLevel {
59
+ WARNING = 1,
60
+ FATAL = 2
61
+ }
62
+ /**
63
+ * TLS alert description codes
64
+ */
65
+ export declare enum TlsAlertDescription {
66
+ CLOSE_NOTIFY = 0,
67
+ UNEXPECTED_MESSAGE = 10,
68
+ BAD_RECORD_MAC = 20,
69
+ DECRYPTION_FAILED = 21,// TLS 1.0 only
70
+ RECORD_OVERFLOW = 22,
71
+ DECOMPRESSION_FAILURE = 30,// TLS 1.2 and below
72
+ HANDSHAKE_FAILURE = 40,
73
+ NO_CERTIFICATE = 41,// SSLv3 only
74
+ BAD_CERTIFICATE = 42,
75
+ UNSUPPORTED_CERTIFICATE = 43,
76
+ CERTIFICATE_REVOKED = 44,
77
+ CERTIFICATE_EXPIRED = 45,
78
+ CERTIFICATE_UNKNOWN = 46,
79
+ ILLEGAL_PARAMETER = 47,
80
+ UNKNOWN_CA = 48,
81
+ ACCESS_DENIED = 49,
82
+ DECODE_ERROR = 50,
83
+ DECRYPT_ERROR = 51,
84
+ EXPORT_RESTRICTION = 60,// TLS 1.0 only
85
+ PROTOCOL_VERSION = 70,
86
+ INSUFFICIENT_SECURITY = 71,
87
+ INTERNAL_ERROR = 80,
88
+ INAPPROPRIATE_FALLBACK = 86,
89
+ USER_CANCELED = 90,
90
+ NO_RENEGOTIATION = 100,// TLS 1.2 and below
91
+ MISSING_EXTENSION = 109,// TLS 1.3
92
+ UNSUPPORTED_EXTENSION = 110,// TLS 1.3
93
+ CERTIFICATE_REQUIRED = 111,// TLS 1.3
94
+ UNRECOGNIZED_NAME = 112,
95
+ BAD_CERTIFICATE_STATUS_RESPONSE = 113,
96
+ BAD_CERTIFICATE_HASH_VALUE = 114,// TLS 1.2 and below
97
+ UNKNOWN_PSK_IDENTITY = 115,
98
+ CERTIFICATE_REQUIRED_1_3 = 116,// TLS 1.3
99
+ NO_APPLICATION_PROTOCOL = 120
100
+ }
101
+ /**
102
+ * TLS version codes (major.minor)
103
+ */
104
+ export declare const TlsVersion: {
105
+ SSL3: number[];
106
+ TLS1_0: number[];
107
+ TLS1_1: number[];
108
+ TLS1_2: number[];
109
+ TLS1_3: number[];
110
+ };
111
+ /**
112
+ * Utility functions for TLS protocol operations
113
+ */
114
+ export declare class TlsUtils {
115
+ /**
116
+ * Checks if a buffer contains a TLS handshake record
117
+ * @param buffer The buffer to check
118
+ * @returns true if the buffer starts with a TLS handshake record
119
+ */
120
+ static isTlsHandshake(buffer: Buffer): boolean;
121
+ /**
122
+ * Checks if a buffer contains TLS application data
123
+ * @param buffer The buffer to check
124
+ * @returns true if the buffer starts with a TLS application data record
125
+ */
126
+ static isTlsApplicationData(buffer: Buffer): boolean;
127
+ /**
128
+ * Checks if a buffer contains a TLS alert record
129
+ * @param buffer The buffer to check
130
+ * @returns true if the buffer starts with a TLS alert record
131
+ */
132
+ static isTlsAlert(buffer: Buffer): boolean;
133
+ /**
134
+ * Checks if a buffer contains a TLS ClientHello message
135
+ * @param buffer The buffer to check
136
+ * @returns true if the buffer appears to be a ClientHello message
137
+ */
138
+ static isClientHello(buffer: Buffer): boolean;
139
+ /**
140
+ * Gets the record length from a TLS record header
141
+ * @param buffer Buffer containing a TLS record
142
+ * @returns The record length if the buffer is valid, -1 otherwise
143
+ */
144
+ static getTlsRecordLength(buffer: Buffer): number;
145
+ /**
146
+ * Creates a connection ID based on source/destination information
147
+ * Used to track fragmented ClientHello messages across multiple packets
148
+ *
149
+ * @param connectionInfo Object containing connection identifiers
150
+ * @returns A string ID for the connection
151
+ */
152
+ static createConnectionId(connectionInfo: {
153
+ sourceIp?: string;
154
+ sourcePort?: number;
155
+ destIp?: string;
156
+ destPort?: number;
157
+ }): string;
158
+ }
@@ -0,0 +1,187 @@
1
+ import * as plugins from '../../plugins.js';
2
+ /**
3
+ * TLS record types as defined in various RFCs
4
+ */
5
+ export var TlsRecordType;
6
+ (function (TlsRecordType) {
7
+ TlsRecordType[TlsRecordType["CHANGE_CIPHER_SPEC"] = 20] = "CHANGE_CIPHER_SPEC";
8
+ TlsRecordType[TlsRecordType["ALERT"] = 21] = "ALERT";
9
+ TlsRecordType[TlsRecordType["HANDSHAKE"] = 22] = "HANDSHAKE";
10
+ TlsRecordType[TlsRecordType["APPLICATION_DATA"] = 23] = "APPLICATION_DATA";
11
+ TlsRecordType[TlsRecordType["HEARTBEAT"] = 24] = "HEARTBEAT";
12
+ })(TlsRecordType || (TlsRecordType = {}));
13
+ /**
14
+ * TLS handshake message types
15
+ */
16
+ export var TlsHandshakeType;
17
+ (function (TlsHandshakeType) {
18
+ TlsHandshakeType[TlsHandshakeType["HELLO_REQUEST"] = 0] = "HELLO_REQUEST";
19
+ TlsHandshakeType[TlsHandshakeType["CLIENT_HELLO"] = 1] = "CLIENT_HELLO";
20
+ TlsHandshakeType[TlsHandshakeType["SERVER_HELLO"] = 2] = "SERVER_HELLO";
21
+ TlsHandshakeType[TlsHandshakeType["NEW_SESSION_TICKET"] = 4] = "NEW_SESSION_TICKET";
22
+ TlsHandshakeType[TlsHandshakeType["ENCRYPTED_EXTENSIONS"] = 8] = "ENCRYPTED_EXTENSIONS";
23
+ TlsHandshakeType[TlsHandshakeType["CERTIFICATE"] = 11] = "CERTIFICATE";
24
+ TlsHandshakeType[TlsHandshakeType["SERVER_KEY_EXCHANGE"] = 12] = "SERVER_KEY_EXCHANGE";
25
+ TlsHandshakeType[TlsHandshakeType["CERTIFICATE_REQUEST"] = 13] = "CERTIFICATE_REQUEST";
26
+ TlsHandshakeType[TlsHandshakeType["SERVER_HELLO_DONE"] = 14] = "SERVER_HELLO_DONE";
27
+ TlsHandshakeType[TlsHandshakeType["CERTIFICATE_VERIFY"] = 15] = "CERTIFICATE_VERIFY";
28
+ TlsHandshakeType[TlsHandshakeType["CLIENT_KEY_EXCHANGE"] = 16] = "CLIENT_KEY_EXCHANGE";
29
+ TlsHandshakeType[TlsHandshakeType["FINISHED"] = 20] = "FINISHED";
30
+ })(TlsHandshakeType || (TlsHandshakeType = {}));
31
+ /**
32
+ * TLS extension types
33
+ */
34
+ export var TlsExtensionType;
35
+ (function (TlsExtensionType) {
36
+ TlsExtensionType[TlsExtensionType["SERVER_NAME"] = 0] = "SERVER_NAME";
37
+ TlsExtensionType[TlsExtensionType["MAX_FRAGMENT_LENGTH"] = 1] = "MAX_FRAGMENT_LENGTH";
38
+ TlsExtensionType[TlsExtensionType["CLIENT_CERTIFICATE_URL"] = 2] = "CLIENT_CERTIFICATE_URL";
39
+ TlsExtensionType[TlsExtensionType["TRUSTED_CA_KEYS"] = 3] = "TRUSTED_CA_KEYS";
40
+ TlsExtensionType[TlsExtensionType["TRUNCATED_HMAC"] = 4] = "TRUNCATED_HMAC";
41
+ TlsExtensionType[TlsExtensionType["STATUS_REQUEST"] = 5] = "STATUS_REQUEST";
42
+ TlsExtensionType[TlsExtensionType["SUPPORTED_GROUPS"] = 10] = "SUPPORTED_GROUPS";
43
+ TlsExtensionType[TlsExtensionType["EC_POINT_FORMATS"] = 11] = "EC_POINT_FORMATS";
44
+ TlsExtensionType[TlsExtensionType["SIGNATURE_ALGORITHMS"] = 13] = "SIGNATURE_ALGORITHMS";
45
+ TlsExtensionType[TlsExtensionType["APPLICATION_LAYER_PROTOCOL_NEGOTIATION"] = 16] = "APPLICATION_LAYER_PROTOCOL_NEGOTIATION";
46
+ TlsExtensionType[TlsExtensionType["SIGNED_CERTIFICATE_TIMESTAMP"] = 18] = "SIGNED_CERTIFICATE_TIMESTAMP";
47
+ TlsExtensionType[TlsExtensionType["PADDING"] = 21] = "PADDING";
48
+ TlsExtensionType[TlsExtensionType["SESSION_TICKET"] = 35] = "SESSION_TICKET";
49
+ TlsExtensionType[TlsExtensionType["PRE_SHARED_KEY"] = 41] = "PRE_SHARED_KEY";
50
+ TlsExtensionType[TlsExtensionType["EARLY_DATA"] = 42] = "EARLY_DATA";
51
+ TlsExtensionType[TlsExtensionType["SUPPORTED_VERSIONS"] = 43] = "SUPPORTED_VERSIONS";
52
+ TlsExtensionType[TlsExtensionType["COOKIE"] = 44] = "COOKIE";
53
+ TlsExtensionType[TlsExtensionType["PSK_KEY_EXCHANGE_MODES"] = 45] = "PSK_KEY_EXCHANGE_MODES";
54
+ TlsExtensionType[TlsExtensionType["CERTIFICATE_AUTHORITIES"] = 47] = "CERTIFICATE_AUTHORITIES";
55
+ TlsExtensionType[TlsExtensionType["POST_HANDSHAKE_AUTH"] = 49] = "POST_HANDSHAKE_AUTH";
56
+ TlsExtensionType[TlsExtensionType["SIGNATURE_ALGORITHMS_CERT"] = 50] = "SIGNATURE_ALGORITHMS_CERT";
57
+ TlsExtensionType[TlsExtensionType["KEY_SHARE"] = 51] = "KEY_SHARE";
58
+ })(TlsExtensionType || (TlsExtensionType = {}));
59
+ /**
60
+ * TLS alert levels
61
+ */
62
+ export var TlsAlertLevel;
63
+ (function (TlsAlertLevel) {
64
+ TlsAlertLevel[TlsAlertLevel["WARNING"] = 1] = "WARNING";
65
+ TlsAlertLevel[TlsAlertLevel["FATAL"] = 2] = "FATAL";
66
+ })(TlsAlertLevel || (TlsAlertLevel = {}));
67
+ /**
68
+ * TLS alert description codes
69
+ */
70
+ export var TlsAlertDescription;
71
+ (function (TlsAlertDescription) {
72
+ TlsAlertDescription[TlsAlertDescription["CLOSE_NOTIFY"] = 0] = "CLOSE_NOTIFY";
73
+ TlsAlertDescription[TlsAlertDescription["UNEXPECTED_MESSAGE"] = 10] = "UNEXPECTED_MESSAGE";
74
+ TlsAlertDescription[TlsAlertDescription["BAD_RECORD_MAC"] = 20] = "BAD_RECORD_MAC";
75
+ TlsAlertDescription[TlsAlertDescription["DECRYPTION_FAILED"] = 21] = "DECRYPTION_FAILED";
76
+ TlsAlertDescription[TlsAlertDescription["RECORD_OVERFLOW"] = 22] = "RECORD_OVERFLOW";
77
+ TlsAlertDescription[TlsAlertDescription["DECOMPRESSION_FAILURE"] = 30] = "DECOMPRESSION_FAILURE";
78
+ TlsAlertDescription[TlsAlertDescription["HANDSHAKE_FAILURE"] = 40] = "HANDSHAKE_FAILURE";
79
+ TlsAlertDescription[TlsAlertDescription["NO_CERTIFICATE"] = 41] = "NO_CERTIFICATE";
80
+ TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE"] = 42] = "BAD_CERTIFICATE";
81
+ TlsAlertDescription[TlsAlertDescription["UNSUPPORTED_CERTIFICATE"] = 43] = "UNSUPPORTED_CERTIFICATE";
82
+ TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REVOKED"] = 44] = "CERTIFICATE_REVOKED";
83
+ TlsAlertDescription[TlsAlertDescription["CERTIFICATE_EXPIRED"] = 45] = "CERTIFICATE_EXPIRED";
84
+ TlsAlertDescription[TlsAlertDescription["CERTIFICATE_UNKNOWN"] = 46] = "CERTIFICATE_UNKNOWN";
85
+ TlsAlertDescription[TlsAlertDescription["ILLEGAL_PARAMETER"] = 47] = "ILLEGAL_PARAMETER";
86
+ TlsAlertDescription[TlsAlertDescription["UNKNOWN_CA"] = 48] = "UNKNOWN_CA";
87
+ TlsAlertDescription[TlsAlertDescription["ACCESS_DENIED"] = 49] = "ACCESS_DENIED";
88
+ TlsAlertDescription[TlsAlertDescription["DECODE_ERROR"] = 50] = "DECODE_ERROR";
89
+ TlsAlertDescription[TlsAlertDescription["DECRYPT_ERROR"] = 51] = "DECRYPT_ERROR";
90
+ TlsAlertDescription[TlsAlertDescription["EXPORT_RESTRICTION"] = 60] = "EXPORT_RESTRICTION";
91
+ TlsAlertDescription[TlsAlertDescription["PROTOCOL_VERSION"] = 70] = "PROTOCOL_VERSION";
92
+ TlsAlertDescription[TlsAlertDescription["INSUFFICIENT_SECURITY"] = 71] = "INSUFFICIENT_SECURITY";
93
+ TlsAlertDescription[TlsAlertDescription["INTERNAL_ERROR"] = 80] = "INTERNAL_ERROR";
94
+ TlsAlertDescription[TlsAlertDescription["INAPPROPRIATE_FALLBACK"] = 86] = "INAPPROPRIATE_FALLBACK";
95
+ TlsAlertDescription[TlsAlertDescription["USER_CANCELED"] = 90] = "USER_CANCELED";
96
+ TlsAlertDescription[TlsAlertDescription["NO_RENEGOTIATION"] = 100] = "NO_RENEGOTIATION";
97
+ TlsAlertDescription[TlsAlertDescription["MISSING_EXTENSION"] = 109] = "MISSING_EXTENSION";
98
+ TlsAlertDescription[TlsAlertDescription["UNSUPPORTED_EXTENSION"] = 110] = "UNSUPPORTED_EXTENSION";
99
+ TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REQUIRED"] = 111] = "CERTIFICATE_REQUIRED";
100
+ TlsAlertDescription[TlsAlertDescription["UNRECOGNIZED_NAME"] = 112] = "UNRECOGNIZED_NAME";
101
+ TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE_STATUS_RESPONSE"] = 113] = "BAD_CERTIFICATE_STATUS_RESPONSE";
102
+ TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE_HASH_VALUE"] = 114] = "BAD_CERTIFICATE_HASH_VALUE";
103
+ TlsAlertDescription[TlsAlertDescription["UNKNOWN_PSK_IDENTITY"] = 115] = "UNKNOWN_PSK_IDENTITY";
104
+ TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REQUIRED_1_3"] = 116] = "CERTIFICATE_REQUIRED_1_3";
105
+ TlsAlertDescription[TlsAlertDescription["NO_APPLICATION_PROTOCOL"] = 120] = "NO_APPLICATION_PROTOCOL";
106
+ })(TlsAlertDescription || (TlsAlertDescription = {}));
107
+ /**
108
+ * TLS version codes (major.minor)
109
+ */
110
+ export const TlsVersion = {
111
+ SSL3: [0x03, 0x00],
112
+ TLS1_0: [0x03, 0x01],
113
+ TLS1_1: [0x03, 0x02],
114
+ TLS1_2: [0x03, 0x03],
115
+ TLS1_3: [0x03, 0x04],
116
+ };
117
+ /**
118
+ * Utility functions for TLS protocol operations
119
+ */
120
+ export class TlsUtils {
121
+ /**
122
+ * Checks if a buffer contains a TLS handshake record
123
+ * @param buffer The buffer to check
124
+ * @returns true if the buffer starts with a TLS handshake record
125
+ */
126
+ static isTlsHandshake(buffer) {
127
+ return buffer.length > 0 && buffer[0] === TlsRecordType.HANDSHAKE;
128
+ }
129
+ /**
130
+ * Checks if a buffer contains TLS application data
131
+ * @param buffer The buffer to check
132
+ * @returns true if the buffer starts with a TLS application data record
133
+ */
134
+ static isTlsApplicationData(buffer) {
135
+ return buffer.length > 0 && buffer[0] === TlsRecordType.APPLICATION_DATA;
136
+ }
137
+ /**
138
+ * Checks if a buffer contains a TLS alert record
139
+ * @param buffer The buffer to check
140
+ * @returns true if the buffer starts with a TLS alert record
141
+ */
142
+ static isTlsAlert(buffer) {
143
+ return buffer.length > 0 && buffer[0] === TlsRecordType.ALERT;
144
+ }
145
+ /**
146
+ * Checks if a buffer contains a TLS ClientHello message
147
+ * @param buffer The buffer to check
148
+ * @returns true if the buffer appears to be a ClientHello message
149
+ */
150
+ static isClientHello(buffer) {
151
+ // Minimum ClientHello size (TLS record header + handshake header)
152
+ if (buffer.length < 9) {
153
+ return false;
154
+ }
155
+ // Check record type (must be TLS_HANDSHAKE_RECORD_TYPE)
156
+ if (buffer[0] !== TlsRecordType.HANDSHAKE) {
157
+ return false;
158
+ }
159
+ // Skip version and length in TLS record header (5 bytes total)
160
+ // Check handshake type at byte 5 (must be CLIENT_HELLO)
161
+ return buffer[5] === TlsHandshakeType.CLIENT_HELLO;
162
+ }
163
+ /**
164
+ * Gets the record length from a TLS record header
165
+ * @param buffer Buffer containing a TLS record
166
+ * @returns The record length if the buffer is valid, -1 otherwise
167
+ */
168
+ static getTlsRecordLength(buffer) {
169
+ if (buffer.length < 5) {
170
+ return -1;
171
+ }
172
+ // Bytes 3-4 contain the record length (big-endian)
173
+ return (buffer[3] << 8) + buffer[4];
174
+ }
175
+ /**
176
+ * Creates a connection ID based on source/destination information
177
+ * Used to track fragmented ClientHello messages across multiple packets
178
+ *
179
+ * @param connectionInfo Object containing connection identifiers
180
+ * @returns A string ID for the connection
181
+ */
182
+ static createConnectionId(connectionInfo) {
183
+ const { sourceIp, sourcePort, destIp, destPort } = connectionInfo;
184
+ return `${sourceIp}:${sourcePort}-${destIp}:${destPort}`;
185
+ }
186
+ }
187
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGxzLXV0aWxzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvdGxzL3V0aWxzL3Rscy11dGlscy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBRTVDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksYUFNWDtBQU5ELFdBQVksYUFBYTtJQUN2Qiw4RUFBdUIsQ0FBQTtJQUN2QixvREFBVSxDQUFBO0lBQ1YsNERBQWMsQ0FBQTtJQUNkLDBFQUFxQixDQUFBO0lBQ3JCLDREQUFjLENBQUE7QUFDaEIsQ0FBQyxFQU5XLGFBQWEsS0FBYixhQUFhLFFBTXhCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxnQkFhWDtBQWJELFdBQVksZ0JBQWdCO0lBQzFCLHlFQUFpQixDQUFBO0lBQ2pCLHVFQUFnQixDQUFBO0lBQ2hCLHVFQUFnQixDQUFBO0lBQ2hCLG1GQUFzQixDQUFBO0lBQ3RCLHVGQUF3QixDQUFBO0lBQ3hCLHNFQUFnQixDQUFBO0lBQ2hCLHNGQUF3QixDQUFBO0lBQ3hCLHNGQUF3QixDQUFBO0lBQ3hCLGtGQUFzQixDQUFBO0lBQ3RCLG9GQUF1QixDQUFBO0lBQ3ZCLHNGQUF3QixDQUFBO0lBQ3hCLGdFQUFhLENBQUE7QUFDZixDQUFDLEVBYlcsZ0JBQWdCLEtBQWhCLGdCQUFnQixRQWEzQjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksZ0JBdUJYO0FBdkJELFdBQVksZ0JBQWdCO0lBQzFCLHFFQUFlLENBQUE7SUFDZixxRkFBdUIsQ0FBQTtJQUN2QiwyRkFBMEIsQ0FBQTtJQUMxQiw2RUFBbUIsQ0FBQTtJQUNuQiwyRUFBa0IsQ0FBQTtJQUNsQiwyRUFBa0IsQ0FBQTtJQUNsQixnRkFBcUIsQ0FBQTtJQUNyQixnRkFBcUIsQ0FBQTtJQUNyQix3RkFBeUIsQ0FBQTtJQUN6Qiw0SEFBMkMsQ0FBQTtJQUMzQyx3R0FBaUMsQ0FBQTtJQUNqQyw4REFBWSxDQUFBO0lBQ1osNEVBQW1CLENBQUE7SUFDbkIsNEVBQW1CLENBQUE7SUFDbkIsb0VBQWUsQ0FBQTtJQUNmLG9GQUF1QixDQUFBO0lBQ3ZCLDREQUFXLENBQUE7SUFDWCw0RkFBMkIsQ0FBQTtJQUMzQiw4RkFBNEIsQ0FBQTtJQUM1QixzRkFBd0IsQ0FBQTtJQUN4QixrR0FBOEIsQ0FBQTtJQUM5QixrRUFBYyxDQUFBO0FBQ2hCLENBQUMsRUF2QlcsZ0JBQWdCLEtBQWhCLGdCQUFnQixRQXVCM0I7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLGFBR1g7QUFIRCxXQUFZLGFBQWE7SUFDdkIsdURBQVcsQ0FBQTtJQUNYLG1EQUFTLENBQUE7QUFDWCxDQUFDLEVBSFcsYUFBYSxLQUFiLGFBQWEsUUFHeEI7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLG1CQW1DWDtBQW5DRCxXQUFZLG1CQUFtQjtJQUM3Qiw2RUFBZ0IsQ0FBQTtJQUNoQiwwRkFBdUIsQ0FBQTtJQUN2QixrRkFBbUIsQ0FBQTtJQUNuQix3RkFBc0IsQ0FBQTtJQUN0QixvRkFBb0IsQ0FBQTtJQUNwQixnR0FBMEIsQ0FBQTtJQUMxQix3RkFBc0IsQ0FBQTtJQUN0QixrRkFBbUIsQ0FBQTtJQUNuQixvRkFBb0IsQ0FBQTtJQUNwQixvR0FBNEIsQ0FBQTtJQUM1Qiw0RkFBd0IsQ0FBQTtJQUN4Qiw0RkFBd0IsQ0FBQTtJQUN4Qiw0RkFBd0IsQ0FBQTtJQUN4Qix3RkFBc0IsQ0FBQTtJQUN0QiwwRUFBZSxDQUFBO0lBQ2YsZ0ZBQWtCLENBQUE7SUFDbEIsOEVBQWlCLENBQUE7SUFDakIsZ0ZBQWtCLENBQUE7SUFDbEIsMEZBQXVCLENBQUE7SUFDdkIsc0ZBQXFCLENBQUE7SUFDckIsZ0dBQTBCLENBQUE7SUFDMUIsa0ZBQW1CLENBQUE7SUFDbkIsa0dBQTJCLENBQUE7SUFDM0IsZ0ZBQWtCLENBQUE7SUFDbEIsdUZBQXNCLENBQUE7SUFDdEIseUZBQXVCLENBQUE7SUFDdkIsaUdBQTJCLENBQUE7SUFDM0IsK0ZBQTBCLENBQUE7SUFDMUIseUZBQXVCLENBQUE7SUFDdkIscUhBQXFDLENBQUE7SUFDckMsMkdBQWdDLENBQUE7SUFDaEMsK0ZBQTBCLENBQUE7SUFDMUIsdUdBQThCLENBQUE7SUFDOUIscUdBQTZCLENBQUE7QUFDL0IsQ0FBQyxFQW5DVyxtQkFBbUIsS0FBbkIsbUJBQW1CLFFBbUM5QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUM7SUFDbEIsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQztJQUNwQixNQUFNLEVBQUUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDO0lBQ3BCLE1BQU0sRUFBRSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUM7SUFDcEIsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQztDQUNyQixDQUFDO0FBRUY7O0dBRUc7QUFDSCxNQUFNLE9BQU8sUUFBUTtJQUNuQjs7OztPQUlHO0lBQ0ksTUFBTSxDQUFDLGNBQWMsQ0FBQyxNQUFjO1FBQ3pDLE9BQU8sTUFBTSxDQUFDLE1BQU0sR0FBRyxDQUFDLElBQUksTUFBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLGFBQWEsQ0FBQyxTQUFTLENBQUM7SUFDcEUsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsb0JBQW9CLENBQUMsTUFBYztRQUMvQyxPQUFPLE1BQU0sQ0FBQyxNQUFNLEdBQUcsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxDQUFDLENBQUMsS0FBSyxhQUFhLENBQUMsZ0JBQWdCLENBQUM7SUFDM0UsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsVUFBVSxDQUFDLE1BQWM7UUFDckMsT0FBTyxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsSUFBSSxNQUFNLENBQUMsQ0FBQyxDQUFDLEtBQUssYUFBYSxDQUFDLEtBQUssQ0FBQztJQUNoRSxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLE1BQU0sQ0FBQyxhQUFhLENBQUMsTUFBYztRQUN4QyxrRUFBa0U7UUFDbEUsSUFBSSxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3RCLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELHdEQUF3RDtRQUN4RCxJQUFJLE1BQU0sQ0FBQyxDQUFDLENBQUMsS0FBSyxhQUFhLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDMUMsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsK0RBQStEO1FBQy9ELHdEQUF3RDtRQUN4RCxPQUFPLE1BQU0sQ0FBQyxDQUFDLENBQUMsS0FBSyxnQkFBZ0IsQ0FBQyxZQUFZLENBQUM7SUFDckQsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsa0JBQWtCLENBQUMsTUFBYztRQUM3QyxJQUFJLE1BQU0sQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDdEIsT0FBTyxDQUFDLENBQUMsQ0FBQztRQUNaLENBQUM7UUFFRCxtREFBbUQ7UUFDbkQsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxjQUtoQztRQUNDLE1BQU0sRUFBRSxRQUFRLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxjQUFjLENBQUM7UUFDbEUsT0FBTyxHQUFHLFFBQVEsSUFBSSxVQUFVLElBQUksTUFBTSxJQUFJLFFBQVEsRUFBRSxDQUFDO0lBQzNELENBQUM7Q0FDRiJ9
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@push.rocks/smartproxy",
3
- "version": "12.0.0",
3
+ "version": "13.1.2",
4
4
  "private": false,
5
5
  "description": "A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.",
6
6
  "main": "dist_ts/index.js",
package/readme.md CHANGED
@@ -8,30 +8,77 @@ A high-performance proxy toolkit for Node.js, offering:
8
8
  - Advanced TCP/SNI-based proxying with IP filtering and rules
9
9
  - Unified forwarding configuration system for all proxy types
10
10
 
11
+ ## Project Architecture Overview
12
+
13
+ SmartProxy has been restructured using a modern, modular architecture to improve maintainability and clarity:
14
+
15
+ ```
16
+ /ts
17
+ ├── /core # Core functionality
18
+ │ ├── /models # Data models and interfaces
19
+ │ ├── /utils # Shared utilities (IP validation, logging, etc.)
20
+ │ └── /events # Common event definitions
21
+ ├── /certificate # Certificate management
22
+ │ ├── /acme # ACME-specific functionality
23
+ │ ├── /providers # Certificate providers (static, ACME)
24
+ │ └── /storage # Certificate storage mechanisms
25
+ ├── /forwarding # Forwarding system
26
+ │ ├── /handlers # Various forwarding handlers
27
+ │ │ ├── base-handler.ts # Abstract base handler
28
+ │ │ ├── http-handler.ts # HTTP-only handler
29
+ │ │ └── ... # Other handlers
30
+ │ ├── /config # Configuration models
31
+ │ │ ├── forwarding-types.ts # Type definitions
32
+ │ │ ├── domain-config.ts # Domain config utilities
33
+ │ │ └── domain-manager.ts # Domain routing manager
34
+ │ └── /factory # Factory for creating handlers
35
+ ├── /proxies # Different proxy implementations
36
+ │ ├── /smart-proxy # SmartProxy implementation
37
+ │ │ ├── /models # SmartProxy-specific interfaces
38
+ │ │ ├── smart-proxy.ts # Main SmartProxy class
39
+ │ │ └── ... # Supporting classes
40
+ │ ├── /network-proxy # NetworkProxy implementation
41
+ │ │ ├── /models # NetworkProxy-specific interfaces
42
+ │ │ ├── network-proxy.ts # Main NetworkProxy class
43
+ │ │ └── ... # Supporting classes
44
+ │ └── /nftables-proxy # NfTablesProxy implementation
45
+ ├── /tls # TLS-specific functionality
46
+ │ ├── /sni # SNI handling components
47
+ │ └── /alerts # TLS alerts system
48
+ └── /http # HTTP-specific functionality
49
+ ├── /port80 # Port80Handler components
50
+ ├── /router # HTTP routing system
51
+ └── /redirects # Redirect handlers
52
+ ```
53
+
11
54
  ## Exports
12
55
  The following classes and interfaces are provided:
13
56
 
14
- - **NetworkProxy** (ts/networkproxy/classes.np.networkproxy.ts)
57
+ - **NetworkProxy** (`ts/proxies/network-proxy/network-proxy.ts`)
15
58
  HTTP/HTTPS reverse proxy with TLS termination, WebSocket support,
16
59
  connection pooling, and optional ACME integration.
17
- - **Port80Handler** (ts/port80handler/classes.port80handler.ts)
60
+ - **Port80Handler** (`ts/http/port80/port80-handler.ts`)
18
61
  ACME HTTP-01 challenge handler and certificate manager.
19
- - **NfTablesProxy** (ts/nfttablesproxy/classes.nftablesproxy.ts)
62
+ - **NfTablesProxy** (`ts/proxies/nftables-proxy/nftables-proxy.ts`)
20
63
  Low-level port forwarding using nftables NAT rules.
21
- - **Redirect**, **SslRedirect** (ts/redirect/classes.redirect.ts)
64
+ - **Redirect**, **SslRedirect** (`ts/http/redirects/redirect-handler.ts`)
22
65
  HTTP/HTTPS redirect server and shortcut for HTTP→HTTPS.
23
- - **SmartProxy** (ts/smartproxy/classes.smartproxy.ts)
66
+ - **SmartProxy** (`ts/proxies/smart-proxy/smart-proxy.ts`)
24
67
  TCP/SNI-based proxy with dynamic routing, IP filtering, and unified certificates.
25
- - **SniHandler** (ts/smartproxy/classes.pp.snihandler.ts)
68
+ - **SniHandler** (`ts/tls/sni/sni-handler.ts`)
26
69
  Static utilities to extract SNI hostnames from TLS handshakes.
27
- - **Forwarding Handlers** (ts/smartproxy/forwarding/*.ts)
70
+ - **Forwarding Handlers** (`ts/forwarding/handlers/*.ts`)
28
71
  Unified forwarding handlers for different connection types (HTTP, HTTPS passthrough, TLS termination).
29
- - **Interfaces**
30
- - IPortProxySettings, IDomainConfig (ts/smartproxy/classes.pp.interfaces.ts)
31
- - INetworkProxyOptions (ts/networkproxy/classes.np.types.ts)
32
- - IAcmeOptions, IDomainOptions (ts/common/types.ts)
33
- - INfTableProxySettings (ts/nfttablesproxy/classes.nftablesproxy.ts)
34
- - IForwardConfig, ForwardingType (ts/smartproxy/types/forwarding.types.ts)
72
+ - **Core Utilities**
73
+ - **ValidationUtils** (`ts/core/utils/validation-utils.ts`) for domain, port, and configuration validation
74
+ - **IpUtils** (`ts/core/utils/ip-utils.ts`) for IP address validation and filtering
75
+
76
+ - **Interfaces and Types**
77
+ - `ISmartProxyOptions`, `IDomainConfig` (`ts/proxies/smart-proxy/models/interfaces.ts`)
78
+ - `INetworkProxyOptions` (`ts/proxies/network-proxy/models/types.ts`)
79
+ - `IAcmeOptions`, `IDomainOptions` (`ts/certificate/models/certificate-types.ts`)
80
+ - `INfTableProxySettings` (`ts/proxies/nftables-proxy/models/interfaces.ts`)
81
+ - `IForwardConfig`, `TForwardingType` (`ts/forwarding/config/forwarding-types.ts`)
35
82
 
36
83
  ## Installation
37
84
  Install via npm:
@@ -189,16 +236,34 @@ const sni = SniHandler.extractSNI(buffer);
189
236
  const complete = SniHandler.handleFragmentedClientHello(buf, connId);
190
237
  ```
191
238
 
239
+ ### 7. Core Utilities (ValidationUtils, IpUtils)
240
+ ```typescript
241
+ import { ValidationUtils, IpUtils } from '@push.rocks/smartproxy';
242
+
243
+ // Validate a domain name
244
+ const isValidDomain = ValidationUtils.isValidDomainName('example.com');
245
+
246
+ // Check if an IP is allowed based on filters
247
+ const isAllowed = IpUtils.isIPAuthorized(
248
+ '192.168.1.1',
249
+ ['192.168.1.*'], // allowed IPs
250
+ ['192.168.1.100'] // blocked IPs
251
+ );
252
+
253
+ // Convert CIDR to glob patterns
254
+ const globPatterns = IpUtils.cidrToGlobPatterns('10.0.0.0/24');
255
+ ```
256
+
192
257
  ## API Reference
193
- For full configuration options and type definitions, see the TypeScript interfaces in the `ts/` directory:
194
- - `INetworkProxyOptions` (ts/networkproxy/classes.np.types.ts)
195
- - `IAcmeOptions`, `IDomainOptions`, `IForwardConfig` (ts/common/types.ts)
196
- - `INfTableProxySettings` (ts/nfttablesproxy/classes.nftablesproxy.ts)
197
- - `IPortProxySettings`, `IDomainConfig` (ts/smartproxy/classes.pp.interfaces.ts)
258
+ For full configuration options and type definitions, see the TypeScript interfaces:
259
+ - `INetworkProxyOptions` (`ts/proxies/network-proxy/models/types.ts`)
260
+ - `IAcmeOptions`, `IDomainOptions` (`ts/certificate/models/certificate-types.ts`)
261
+ - `IForwardConfig` (`ts/forwarding/config/forwarding-types.ts`)
262
+ - `INfTableProxySettings` (`ts/proxies/nftables-proxy/models/interfaces.ts`)
263
+ - `ISmartProxyOptions`, `IDomainConfig` (`ts/proxies/smart-proxy/models/interfaces.ts`)
198
264
 
199
265
  ## Architecture & Flow Diagrams
200
266
 
201
-
202
267
  ```mermaid
203
268
  flowchart TB
204
269
  Client([Client])
@@ -400,6 +465,9 @@ sequenceDiagram
400
465
  - SNI Utilities (SniHandler)
401
466
  • Robust ClientHello parsing, fragmentation & session resumption support
402
467
 
468
+ - Core Utilities
469
+ • ValidationUtils and IpUtils for configuration validation and IP management
470
+
403
471
  ## Certificate Hooks & Events
404
472
 
405
473
  Listen for certificate events via EventEmitter:
@@ -566,9 +634,9 @@ For more complex scenarios, additional options can be specified:
566
634
  - `qos`, `netProxyIntegration` (objects)
567
635
 
568
636
  ### Redirect / SslRedirect
569
- - Constructor options: `httpPort`, `httpsPort`, `sslOptions`, `rules` (RedirectRule[])
637
+ - Constructor options: `httpPort`, `httpsPort`, `sslOptions`, `rules` (IRedirectRule[])
570
638
 
571
- ### SmartProxy (IPortProxySettings)
639
+ ### SmartProxy (ISmartProxyOptions)
572
640
  - `fromPort`, `toPort` (number)
573
641
  - `domainConfigs` (IDomainConfig[]) - Using unified forwarding configuration
574
642
  - `sniEnabled`, `preserveSourceIP` (booleans)