@push.rocks/smartproxy 19.3.2 → 19.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/forwarding/factory/forwarding-factory.js +29 -1
- package/dist_ts/http/index.d.ts +1 -3
- package/dist_ts/http/index.js +4 -10
- package/dist_ts/http/models/http-types.d.ts +4 -91
- package/dist_ts/http/models/http-types.js +5 -60
- package/dist_ts/http/router/proxy-router.d.ts +1 -1
- package/dist_ts/http/router/route-router.d.ts +1 -1
- package/dist_ts/index.d.ts +9 -7
- package/dist_ts/index.js +10 -7
- package/dist_ts/proxies/{network-proxy → http-proxy}/certificate-manager.d.ts +2 -2
- package/dist_ts/proxies/{network-proxy → http-proxy}/certificate-manager.js +1 -1
- package/dist_ts/proxies/{network-proxy → http-proxy}/connection-pool.d.ts +2 -2
- package/dist_ts/proxies/http-proxy/connection-pool.js +210 -0
- package/dist_ts/proxies/http-proxy/context-creator.js +108 -0
- package/dist_ts/proxies/{network-proxy → http-proxy}/function-cache.js +1 -1
- package/dist_ts/proxies/http-proxy/handlers/index.d.ts +5 -0
- package/dist_ts/proxies/http-proxy/handlers/index.js +6 -0
- package/dist_ts/proxies/http-proxy/handlers/redirect-handler.d.ts +18 -0
- package/dist_ts/proxies/http-proxy/handlers/redirect-handler.js +78 -0
- package/dist_ts/proxies/http-proxy/handlers/static-handler.d.ts +19 -0
- package/dist_ts/proxies/http-proxy/handlers/static-handler.js +203 -0
- package/dist_ts/proxies/{network-proxy/network-proxy.d.ts → http-proxy/http-proxy.d.ts} +10 -9
- package/dist_ts/proxies/{network-proxy/network-proxy.js → http-proxy/http-proxy.js} +13 -12
- package/dist_ts/proxies/{network-proxy → http-proxy}/http-request-handler.js +1 -1
- package/dist_ts/proxies/http-proxy/http2-request-handler.js +201 -0
- package/dist_ts/proxies/{network-proxy → http-proxy}/index.d.ts +2 -2
- package/dist_ts/proxies/http-proxy/index.js +12 -0
- package/dist_ts/proxies/http-proxy/models/http-types.d.ts +119 -0
- package/dist_ts/proxies/http-proxy/models/http-types.js +112 -0
- package/dist_ts/proxies/http-proxy/models/index.d.ts +5 -0
- package/dist_ts/proxies/http-proxy/models/index.js +6 -0
- package/dist_ts/proxies/{network-proxy → http-proxy}/models/types.d.ts +2 -2
- package/dist_ts/proxies/http-proxy/models/types.js +276 -0
- package/dist_ts/proxies/{network-proxy → http-proxy}/request-handler.d.ts +3 -3
- package/dist_ts/proxies/{network-proxy → http-proxy}/request-handler.js +2 -2
- package/dist_ts/proxies/http-proxy/security-manager.js +255 -0
- package/dist_ts/proxies/{network-proxy → http-proxy}/websocket-handler.d.ts +3 -3
- package/dist_ts/proxies/{network-proxy → http-proxy}/websocket-handler.js +2 -2
- package/dist_ts/proxies/index.d.ts +5 -5
- package/dist_ts/proxies/index.js +5 -5
- package/dist_ts/proxies/smart-proxy/certificate-manager.d.ts +4 -4
- package/dist_ts/proxies/smart-proxy/certificate-manager.js +11 -11
- package/dist_ts/proxies/smart-proxy/http-proxy-bridge.d.ts +41 -0
- package/dist_ts/proxies/smart-proxy/http-proxy-bridge.js +121 -0
- package/dist_ts/proxies/smart-proxy/index.d.ts +2 -1
- package/dist_ts/proxies/smart-proxy/index.js +4 -2
- package/dist_ts/proxies/smart-proxy/models/interfaces.d.ts +2 -2
- package/dist_ts/proxies/smart-proxy/port-manager.js +3 -3
- package/dist_ts/proxies/smart-proxy/route-connection-handler.d.ts +3 -3
- package/dist_ts/proxies/smart-proxy/route-connection-handler.js +24 -265
- package/dist_ts/proxies/smart-proxy/smart-proxy.d.ts +1 -1
- package/dist_ts/proxies/smart-proxy/smart-proxy.js +25 -25
- package/dist_ts/routing/index.d.ts +5 -0
- package/dist_ts/routing/index.js +8 -0
- package/dist_ts/routing/models/http-types.d.ts +6 -0
- package/dist_ts/routing/models/http-types.js +7 -0
- package/dist_ts/routing/router/index.d.ts +8 -0
- package/dist_ts/routing/router/index.js +7 -0
- package/dist_ts/{classes.router.d.ts → routing/router/proxy-router.d.ts} +14 -11
- package/dist_ts/{classes.router.js → routing/router/proxy-router.js} +2 -2
- package/dist_ts/routing/router/route-router.d.ts +108 -0
- package/dist_ts/routing/router/route-router.js +393 -0
- package/package.json +1 -1
- package/readme.md +12 -12
- package/readme.plan.md +152 -257
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/forwarding/factory/forwarding-factory.ts +28 -0
- package/ts/index.ts +13 -9
- package/ts/proxies/{network-proxy → http-proxy}/certificate-manager.ts +2 -2
- package/ts/proxies/{network-proxy → http-proxy}/connection-pool.ts +2 -2
- package/ts/proxies/http-proxy/handlers/index.ts +6 -0
- package/ts/proxies/http-proxy/handlers/redirect-handler.ts +105 -0
- package/ts/proxies/http-proxy/handlers/static-handler.ts +251 -0
- package/ts/proxies/{network-proxy/network-proxy.ts → http-proxy/http-proxy.ts} +15 -14
- package/ts/proxies/{network-proxy → http-proxy}/index.ts +3 -3
- package/ts/proxies/http-proxy/models/http-types.ts +165 -0
- package/ts/proxies/http-proxy/models/index.ts +5 -0
- package/ts/proxies/{network-proxy → http-proxy}/models/types.ts +2 -2
- package/ts/proxies/{network-proxy → http-proxy}/request-handler.ts +3 -3
- package/ts/proxies/{network-proxy → http-proxy}/websocket-handler.ts +3 -3
- package/ts/proxies/index.ts +7 -7
- package/ts/proxies/smart-proxy/certificate-manager.ts +10 -10
- package/ts/proxies/smart-proxy/{network-proxy-bridge.ts → http-proxy-bridge.ts} +44 -44
- package/ts/proxies/smart-proxy/index.ts +4 -1
- package/ts/proxies/smart-proxy/models/interfaces.ts +3 -3
- package/ts/proxies/smart-proxy/port-manager.ts +2 -2
- package/ts/proxies/smart-proxy/route-connection-handler.ts +23 -307
- package/ts/proxies/smart-proxy/smart-proxy.ts +25 -25
- package/ts/routing/index.ts +9 -0
- package/ts/routing/models/http-types.ts +6 -0
- package/ts/{http → routing}/router/proxy-router.ts +1 -1
- package/ts/{http → routing}/router/route-router.ts +1 -1
- package/dist_ts/certificate/acme/acme-factory.d.ts +0 -17
- package/dist_ts/certificate/acme/acme-factory.js +0 -40
- package/dist_ts/certificate/acme/challenge-handler.d.ts +0 -44
- package/dist_ts/certificate/acme/challenge-handler.js +0 -92
- package/dist_ts/certificate/acme/index.d.ts +0 -4
- package/dist_ts/certificate/acme/index.js +0 -5
- package/dist_ts/certificate/certificate-manager.d.ts +0 -150
- package/dist_ts/certificate/certificate-manager.js +0 -505
- package/dist_ts/certificate/events/certificate-events.d.ts +0 -33
- package/dist_ts/certificate/events/certificate-events.js +0 -38
- package/dist_ts/certificate/events/simplified-events.d.ts +0 -56
- package/dist_ts/certificate/events/simplified-events.js +0 -13
- package/dist_ts/certificate/index.d.ts +0 -30
- package/dist_ts/certificate/index.js +0 -37
- package/dist_ts/certificate/models/certificate-errors.d.ts +0 -69
- package/dist_ts/certificate/models/certificate-errors.js +0 -141
- package/dist_ts/certificate/models/certificate-strategy.d.ts +0 -60
- package/dist_ts/certificate/models/certificate-strategy.js +0 -73
- package/dist_ts/certificate/models/certificate-types.d.ts +0 -97
- package/dist_ts/certificate/models/certificate-types.js +0 -2
- package/dist_ts/certificate/providers/cert-provisioner.d.ts +0 -119
- package/dist_ts/certificate/providers/cert-provisioner.js +0 -422
- package/dist_ts/certificate/providers/index.d.ts +0 -4
- package/dist_ts/certificate/providers/index.js +0 -5
- package/dist_ts/certificate/simplified-certificate-manager.d.ts +0 -150
- package/dist_ts/certificate/simplified-certificate-manager.js +0 -501
- package/dist_ts/certificate/storage/file-storage.d.ts +0 -66
- package/dist_ts/certificate/storage/file-storage.js +0 -194
- package/dist_ts/certificate/storage/index.d.ts +0 -4
- package/dist_ts/certificate/storage/index.js +0 -5
- package/dist_ts/certificate/utils/certificate-helpers.d.ts +0 -17
- package/dist_ts/certificate/utils/certificate-helpers.js +0 -45
- package/dist_ts/classes.iptablesproxy.d.ts +0 -112
- package/dist_ts/classes.iptablesproxy.js +0 -765
- package/dist_ts/classes.networkproxy.d.ts +0 -243
- package/dist_ts/classes.networkproxy.js +0 -1424
- package/dist_ts/classes.nftablesproxy.d.ts +0 -219
- package/dist_ts/classes.nftablesproxy.js +0 -1542
- package/dist_ts/classes.port80handler.d.ts +0 -215
- package/dist_ts/classes.port80handler.js +0 -736
- package/dist_ts/classes.portproxy.d.ts +0 -171
- package/dist_ts/classes.portproxy.js +0 -1802
- package/dist_ts/classes.pp.acmemanager.d.ts +0 -34
- package/dist_ts/classes.pp.acmemanager.js +0 -123
- package/dist_ts/classes.pp.connectionhandler.d.ts +0 -39
- package/dist_ts/classes.pp.connectionhandler.js +0 -754
- package/dist_ts/classes.pp.connectionmanager.d.ts +0 -78
- package/dist_ts/classes.pp.connectionmanager.js +0 -378
- package/dist_ts/classes.pp.domainconfigmanager.d.ts +0 -55
- package/dist_ts/classes.pp.domainconfigmanager.js +0 -103
- package/dist_ts/classes.pp.interfaces.d.ts +0 -133
- package/dist_ts/classes.pp.interfaces.js +0 -2
- package/dist_ts/classes.pp.networkproxybridge.d.ts +0 -57
- package/dist_ts/classes.pp.networkproxybridge.js +0 -306
- package/dist_ts/classes.pp.portproxy.d.ts +0 -64
- package/dist_ts/classes.pp.portproxy.js +0 -567
- package/dist_ts/classes.pp.portrangemanager.d.ts +0 -56
- package/dist_ts/classes.pp.portrangemanager.js +0 -179
- package/dist_ts/classes.pp.securitymanager.d.ts +0 -47
- package/dist_ts/classes.pp.securitymanager.js +0 -126
- package/dist_ts/classes.pp.snihandler.d.ts +0 -153
- package/dist_ts/classes.pp.snihandler.js +0 -1053
- package/dist_ts/classes.pp.timeoutmanager.d.ts +0 -47
- package/dist_ts/classes.pp.timeoutmanager.js +0 -154
- package/dist_ts/classes.pp.tlsalert.d.ts +0 -149
- package/dist_ts/classes.pp.tlsalert.js +0 -225
- package/dist_ts/classes.pp.tlsmanager.d.ts +0 -57
- package/dist_ts/classes.pp.tlsmanager.js +0 -132
- package/dist_ts/classes.snihandler.d.ts +0 -198
- package/dist_ts/classes.snihandler.js +0 -1210
- package/dist_ts/classes.sslredirect.d.ts +0 -8
- package/dist_ts/classes.sslredirect.js +0 -28
- package/dist_ts/common/acmeFactory.d.ts +0 -9
- package/dist_ts/common/acmeFactory.js +0 -20
- package/dist_ts/common/port80-adapter.d.ts +0 -11
- package/dist_ts/common/port80-adapter.js +0 -87
- package/dist_ts/examples/forwarding-example.d.ts +0 -1
- package/dist_ts/examples/forwarding-example.js +0 -96
- package/dist_ts/forwarding/config/domain-config.d.ts +0 -12
- package/dist_ts/forwarding/config/domain-config.js +0 -12
- package/dist_ts/forwarding/config/domain-manager.d.ts +0 -86
- package/dist_ts/forwarding/config/domain-manager.js +0 -242
- package/dist_ts/helpers.certificates.d.ts +0 -5
- package/dist_ts/helpers.certificates.js +0 -23
- package/dist_ts/http/port80/acme-interfaces.d.ts +0 -108
- package/dist_ts/http/port80/acme-interfaces.js +0 -51
- package/dist_ts/http/port80/challenge-responder.d.ts +0 -53
- package/dist_ts/http/port80/challenge-responder.js +0 -203
- package/dist_ts/http/port80/index.d.ts +0 -6
- package/dist_ts/http/port80/index.js +0 -9
- package/dist_ts/http/port80/port80-handler.d.ts +0 -136
- package/dist_ts/http/port80/port80-handler.js +0 -592
- package/dist_ts/http/redirects/index.d.ts +0 -4
- package/dist_ts/http/redirects/index.js +0 -5
- package/dist_ts/networkproxy/classes.np.certificatemanager.d.ts +0 -77
- package/dist_ts/networkproxy/classes.np.certificatemanager.js +0 -372
- package/dist_ts/networkproxy/classes.np.connectionpool.d.ts +0 -47
- package/dist_ts/networkproxy/classes.np.connectionpool.js +0 -210
- package/dist_ts/networkproxy/classes.np.networkproxy.d.ts +0 -118
- package/dist_ts/networkproxy/classes.np.networkproxy.js +0 -387
- package/dist_ts/networkproxy/classes.np.requesthandler.d.ts +0 -56
- package/dist_ts/networkproxy/classes.np.requesthandler.js +0 -393
- package/dist_ts/networkproxy/classes.np.types.d.ts +0 -83
- package/dist_ts/networkproxy/classes.np.types.js +0 -35
- package/dist_ts/networkproxy/classes.np.websockethandler.d.ts +0 -38
- package/dist_ts/networkproxy/classes.np.websockethandler.js +0 -188
- package/dist_ts/networkproxy/index.d.ts +0 -1
- package/dist_ts/networkproxy/index.js +0 -4
- package/dist_ts/nfttablesproxy/classes.nftablesproxy.d.ts +0 -219
- package/dist_ts/nfttablesproxy/classes.nftablesproxy.js +0 -1542
- package/dist_ts/port80handler/classes.port80handler.d.ts +0 -10
- package/dist_ts/port80handler/classes.port80handler.js +0 -16
- package/dist_ts/proxies/network-proxy/connection-pool.js +0 -210
- package/dist_ts/proxies/network-proxy/context-creator.js +0 -108
- package/dist_ts/proxies/network-proxy/http2-request-handler.js +0 -201
- package/dist_ts/proxies/network-proxy/index.js +0 -12
- package/dist_ts/proxies/network-proxy/models/index.d.ts +0 -4
- package/dist_ts/proxies/network-proxy/models/index.js +0 -5
- package/dist_ts/proxies/network-proxy/models/types.js +0 -276
- package/dist_ts/proxies/network-proxy/security-manager.js +0 -255
- package/dist_ts/proxies/network-proxy/simplified-certificate-bridge.d.ts +0 -48
- package/dist_ts/proxies/network-proxy/simplified-certificate-bridge.js +0 -76
- package/dist_ts/proxies/smart-proxy/connection-handler.d.ts +0 -39
- package/dist_ts/proxies/smart-proxy/connection-handler.js +0 -894
- package/dist_ts/proxies/smart-proxy/domain-config-manager.d.ts +0 -110
- package/dist_ts/proxies/smart-proxy/domain-config-manager.js +0 -386
- package/dist_ts/proxies/smart-proxy/legacy-smart-proxy.d.ts +0 -168
- package/dist_ts/proxies/smart-proxy/legacy-smart-proxy.js +0 -642
- package/dist_ts/proxies/smart-proxy/models/simplified-smartproxy-config.d.ts +0 -65
- package/dist_ts/proxies/smart-proxy/models/simplified-smartproxy-config.js +0 -31
- package/dist_ts/proxies/smart-proxy/models/smartproxy-options.d.ts +0 -102
- package/dist_ts/proxies/smart-proxy/models/smartproxy-options.js +0 -73
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts +0 -41
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.js +0 -121
- package/dist_ts/proxies/smart-proxy/port-range-manager.d.ts +0 -56
- package/dist_ts/proxies/smart-proxy/port-range-manager.js +0 -176
- package/dist_ts/proxies/smart-proxy/route-helpers/index.d.ts +0 -9
- package/dist_ts/proxies/smart-proxy/route-helpers/index.js +0 -11
- package/dist_ts/proxies/smart-proxy/route-helpers.d.ts +0 -7
- package/dist_ts/proxies/smart-proxy/route-helpers.js +0 -9
- package/dist_ts/proxies/smart-proxy/simplified-smart-proxy.d.ts +0 -41
- package/dist_ts/proxies/smart-proxy/simplified-smart-proxy.js +0 -132
- package/dist_ts/proxies/smart-proxy/utils/route-migration-utils.d.ts +0 -51
- package/dist_ts/proxies/smart-proxy/utils/route-migration-utils.js +0 -124
- package/dist_ts/redirect/classes.redirect.d.ts +0 -96
- package/dist_ts/redirect/classes.redirect.js +0 -194
- package/dist_ts/smartproxy/classes.pp.certprovisioner.d.ts +0 -54
- package/dist_ts/smartproxy/classes.pp.certprovisioner.js +0 -179
- package/dist_ts/smartproxy/classes.pp.connectionhandler.d.ts +0 -39
- package/dist_ts/smartproxy/classes.pp.connectionhandler.js +0 -894
- package/dist_ts/smartproxy/classes.pp.connectionmanager.d.ts +0 -78
- package/dist_ts/smartproxy/classes.pp.connectionmanager.js +0 -378
- package/dist_ts/smartproxy/classes.pp.domainconfigmanager.d.ts +0 -94
- package/dist_ts/smartproxy/classes.pp.domainconfigmanager.js +0 -255
- package/dist_ts/smartproxy/classes.pp.interfaces.d.ts +0 -103
- package/dist_ts/smartproxy/classes.pp.interfaces.js +0 -2
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.d.ts +0 -62
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.js +0 -316
- package/dist_ts/smartproxy/classes.pp.portrangemanager.d.ts +0 -56
- package/dist_ts/smartproxy/classes.pp.portrangemanager.js +0 -176
- package/dist_ts/smartproxy/classes.pp.securitymanager.d.ts +0 -64
- package/dist_ts/smartproxy/classes.pp.securitymanager.js +0 -149
- package/dist_ts/smartproxy/classes.pp.snihandler.d.ts +0 -153
- package/dist_ts/smartproxy/classes.pp.snihandler.js +0 -1053
- package/dist_ts/smartproxy/classes.pp.timeoutmanager.d.ts +0 -47
- package/dist_ts/smartproxy/classes.pp.timeoutmanager.js +0 -154
- package/dist_ts/smartproxy/classes.pp.tlsalert.d.ts +0 -149
- package/dist_ts/smartproxy/classes.pp.tlsalert.js +0 -225
- package/dist_ts/smartproxy/classes.pp.tlsmanager.d.ts +0 -57
- package/dist_ts/smartproxy/classes.pp.tlsmanager.js +0 -132
- package/dist_ts/smartproxy/classes.smartproxy.d.ts +0 -63
- package/dist_ts/smartproxy/classes.smartproxy.js +0 -521
- package/dist_ts/smartproxy/forwarding/domain-config.d.ts +0 -12
- package/dist_ts/smartproxy/forwarding/domain-config.js +0 -12
- package/dist_ts/smartproxy/forwarding/domain-manager.d.ts +0 -86
- package/dist_ts/smartproxy/forwarding/domain-manager.js +0 -241
- package/dist_ts/smartproxy/forwarding/forwarding.factory.d.ts +0 -24
- package/dist_ts/smartproxy/forwarding/forwarding.factory.js +0 -137
- package/dist_ts/smartproxy/forwarding/forwarding.handler.d.ts +0 -55
- package/dist_ts/smartproxy/forwarding/forwarding.handler.js +0 -94
- package/dist_ts/smartproxy/forwarding/http.handler.d.ts +0 -25
- package/dist_ts/smartproxy/forwarding/http.handler.js +0 -123
- package/dist_ts/smartproxy/forwarding/https-passthrough.handler.d.ts +0 -24
- package/dist_ts/smartproxy/forwarding/https-passthrough.handler.js +0 -154
- package/dist_ts/smartproxy/forwarding/https-terminate-to-http.handler.d.ts +0 -36
- package/dist_ts/smartproxy/forwarding/https-terminate-to-http.handler.js +0 -229
- package/dist_ts/smartproxy/forwarding/https-terminate-to-https.handler.d.ts +0 -35
- package/dist_ts/smartproxy/forwarding/https-terminate-to-https.handler.js +0 -254
- package/dist_ts/smartproxy/forwarding/index.d.ts +0 -16
- package/dist_ts/smartproxy/forwarding/index.js +0 -23
- package/dist_ts/smartproxy/types/forwarding.types.d.ts +0 -104
- package/dist_ts/smartproxy/types/forwarding.types.js +0 -50
- package/dist_ts/smartproxy.classes.networkproxy.d.ts +0 -31
- package/dist_ts/smartproxy.classes.networkproxy.js +0 -305
- package/dist_ts/smartproxy.classes.router.d.ts +0 -13
- package/dist_ts/smartproxy.classes.router.js +0 -33
- package/dist_ts/smartproxy.classes.sslredirect.d.ts +0 -8
- package/dist_ts/smartproxy.classes.sslredirect.js +0 -28
- package/dist_ts/smartproxy.helpers.certificates.d.ts +0 -5
- package/dist_ts/smartproxy.helpers.certificates.js +0 -23
- package/dist_ts/smartproxy.plugins.d.ts +0 -18
- package/dist_ts/smartproxy.plugins.js +0 -23
- package/dist_ts/smartproxy.portproxy.d.ts +0 -26
- package/dist_ts/smartproxy.portproxy.js +0 -295
- package/ts/http/index.ts +0 -16
- package/ts/http/models/http-types.ts +0 -108
- package/ts/http/redirects/index.ts +0 -3
- package/ts/proxies/network-proxy/models/index.ts +0 -4
- package/ts/redirect/classes.redirect.ts +0 -295
- /package/dist_ts/proxies/{network-proxy → http-proxy}/context-creator.d.ts +0 -0
- /package/dist_ts/proxies/{network-proxy → http-proxy}/function-cache.d.ts +0 -0
- /package/dist_ts/proxies/{network-proxy → http-proxy}/http-request-handler.d.ts +0 -0
- /package/dist_ts/proxies/{network-proxy → http-proxy}/http2-request-handler.d.ts +0 -0
- /package/dist_ts/proxies/{network-proxy → http-proxy}/security-manager.d.ts +0 -0
- /package/ts/proxies/{network-proxy → http-proxy}/context-creator.ts +0 -0
- /package/ts/proxies/{network-proxy → http-proxy}/function-cache.ts +0 -0
- /package/ts/proxies/{network-proxy → http-proxy}/http-request-handler.ts +0 -0
- /package/ts/proxies/{network-proxy → http-proxy}/http2-request-handler.ts +0 -0
- /package/ts/proxies/{network-proxy → http-proxy}/security-manager.ts +0 -0
- /package/ts/{http → routing}/router/index.ts +0 -0
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
import type { IConnectionRecord, IPortProxySettings } from './classes.pp.interfaces.js';
|
|
2
|
-
/**
|
|
3
|
-
* Manages timeouts and inactivity tracking for connections
|
|
4
|
-
*/
|
|
5
|
-
export declare class TimeoutManager {
|
|
6
|
-
private settings;
|
|
7
|
-
constructor(settings: IPortProxySettings);
|
|
8
|
-
/**
|
|
9
|
-
* Ensure timeout values don't exceed Node.js max safe integer
|
|
10
|
-
*/
|
|
11
|
-
ensureSafeTimeout(timeout: number): number;
|
|
12
|
-
/**
|
|
13
|
-
* Generate a slightly randomized timeout to prevent thundering herd
|
|
14
|
-
*/
|
|
15
|
-
randomizeTimeout(baseTimeout: number, variationPercent?: number): number;
|
|
16
|
-
/**
|
|
17
|
-
* Update connection activity timestamp
|
|
18
|
-
*/
|
|
19
|
-
updateActivity(record: IConnectionRecord): void;
|
|
20
|
-
/**
|
|
21
|
-
* Calculate effective inactivity timeout based on connection type
|
|
22
|
-
*/
|
|
23
|
-
getEffectiveInactivityTimeout(record: IConnectionRecord): number;
|
|
24
|
-
/**
|
|
25
|
-
* Calculate effective max lifetime based on connection type
|
|
26
|
-
*/
|
|
27
|
-
getEffectiveMaxLifetime(record: IConnectionRecord): number;
|
|
28
|
-
/**
|
|
29
|
-
* Setup connection timeout
|
|
30
|
-
* @returns The cleanup timer
|
|
31
|
-
*/
|
|
32
|
-
setupConnectionTimeout(record: IConnectionRecord, onTimeout: (record: IConnectionRecord, reason: string) => void): NodeJS.Timeout;
|
|
33
|
-
/**
|
|
34
|
-
* Check for inactivity on a connection
|
|
35
|
-
* @returns Object with check results
|
|
36
|
-
*/
|
|
37
|
-
checkInactivity(record: IConnectionRecord): {
|
|
38
|
-
isInactive: boolean;
|
|
39
|
-
shouldWarn: boolean;
|
|
40
|
-
inactivityTime: number;
|
|
41
|
-
effectiveTimeout: number;
|
|
42
|
-
};
|
|
43
|
-
/**
|
|
44
|
-
* Apply socket timeout settings
|
|
45
|
-
*/
|
|
46
|
-
applySocketTimeouts(record: IConnectionRecord): void;
|
|
47
|
-
}
|
|
@@ -1,154 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Manages timeouts and inactivity tracking for connections
|
|
3
|
-
*/
|
|
4
|
-
export class TimeoutManager {
|
|
5
|
-
constructor(settings) {
|
|
6
|
-
this.settings = settings;
|
|
7
|
-
}
|
|
8
|
-
/**
|
|
9
|
-
* Ensure timeout values don't exceed Node.js max safe integer
|
|
10
|
-
*/
|
|
11
|
-
ensureSafeTimeout(timeout) {
|
|
12
|
-
const MAX_SAFE_TIMEOUT = 2147483647; // Maximum safe value (2^31 - 1)
|
|
13
|
-
return Math.min(Math.floor(timeout), MAX_SAFE_TIMEOUT);
|
|
14
|
-
}
|
|
15
|
-
/**
|
|
16
|
-
* Generate a slightly randomized timeout to prevent thundering herd
|
|
17
|
-
*/
|
|
18
|
-
randomizeTimeout(baseTimeout, variationPercent = 5) {
|
|
19
|
-
const safeBaseTimeout = this.ensureSafeTimeout(baseTimeout);
|
|
20
|
-
const variation = safeBaseTimeout * (variationPercent / 100);
|
|
21
|
-
return this.ensureSafeTimeout(safeBaseTimeout + Math.floor(Math.random() * variation * 2) - variation);
|
|
22
|
-
}
|
|
23
|
-
/**
|
|
24
|
-
* Update connection activity timestamp
|
|
25
|
-
*/
|
|
26
|
-
updateActivity(record) {
|
|
27
|
-
record.lastActivity = Date.now();
|
|
28
|
-
// Clear any inactivity warning
|
|
29
|
-
if (record.inactivityWarningIssued) {
|
|
30
|
-
record.inactivityWarningIssued = false;
|
|
31
|
-
}
|
|
32
|
-
}
|
|
33
|
-
/**
|
|
34
|
-
* Calculate effective inactivity timeout based on connection type
|
|
35
|
-
*/
|
|
36
|
-
getEffectiveInactivityTimeout(record) {
|
|
37
|
-
let effectiveTimeout = this.settings.inactivityTimeout || 14400000; // 4 hours default
|
|
38
|
-
// For immortal keep-alive connections, use an extremely long timeout
|
|
39
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'immortal') {
|
|
40
|
-
return Number.MAX_SAFE_INTEGER;
|
|
41
|
-
}
|
|
42
|
-
// For extended keep-alive connections, apply multiplier
|
|
43
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'extended') {
|
|
44
|
-
const multiplier = this.settings.keepAliveInactivityMultiplier || 6;
|
|
45
|
-
effectiveTimeout = effectiveTimeout * multiplier;
|
|
46
|
-
}
|
|
47
|
-
return this.ensureSafeTimeout(effectiveTimeout);
|
|
48
|
-
}
|
|
49
|
-
/**
|
|
50
|
-
* Calculate effective max lifetime based on connection type
|
|
51
|
-
*/
|
|
52
|
-
getEffectiveMaxLifetime(record) {
|
|
53
|
-
// Use domain-specific timeout if available
|
|
54
|
-
const baseTimeout = record.domainConfig?.connectionTimeout ||
|
|
55
|
-
this.settings.maxConnectionLifetime ||
|
|
56
|
-
86400000; // 24 hours default
|
|
57
|
-
// For immortal keep-alive connections, use an extremely long lifetime
|
|
58
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'immortal') {
|
|
59
|
-
return Number.MAX_SAFE_INTEGER;
|
|
60
|
-
}
|
|
61
|
-
// For extended keep-alive connections, use the extended lifetime setting
|
|
62
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'extended') {
|
|
63
|
-
return this.ensureSafeTimeout(this.settings.extendedKeepAliveLifetime || 7 * 24 * 60 * 60 * 1000 // 7 days default
|
|
64
|
-
);
|
|
65
|
-
}
|
|
66
|
-
// Apply randomization if enabled
|
|
67
|
-
if (this.settings.enableRandomizedTimeouts) {
|
|
68
|
-
return this.randomizeTimeout(baseTimeout);
|
|
69
|
-
}
|
|
70
|
-
return this.ensureSafeTimeout(baseTimeout);
|
|
71
|
-
}
|
|
72
|
-
/**
|
|
73
|
-
* Setup connection timeout
|
|
74
|
-
* @returns The cleanup timer
|
|
75
|
-
*/
|
|
76
|
-
setupConnectionTimeout(record, onTimeout) {
|
|
77
|
-
// Clear any existing timer
|
|
78
|
-
if (record.cleanupTimer) {
|
|
79
|
-
clearTimeout(record.cleanupTimer);
|
|
80
|
-
}
|
|
81
|
-
// Calculate effective timeout
|
|
82
|
-
const effectiveLifetime = this.getEffectiveMaxLifetime(record);
|
|
83
|
-
// Set up the timeout
|
|
84
|
-
const timer = setTimeout(() => {
|
|
85
|
-
// Call the provided callback
|
|
86
|
-
onTimeout(record, 'connection_timeout');
|
|
87
|
-
}, effectiveLifetime);
|
|
88
|
-
// Make sure timeout doesn't keep the process alive
|
|
89
|
-
if (timer.unref) {
|
|
90
|
-
timer.unref();
|
|
91
|
-
}
|
|
92
|
-
return timer;
|
|
93
|
-
}
|
|
94
|
-
/**
|
|
95
|
-
* Check for inactivity on a connection
|
|
96
|
-
* @returns Object with check results
|
|
97
|
-
*/
|
|
98
|
-
checkInactivity(record) {
|
|
99
|
-
// Skip for connections with inactivity check disabled
|
|
100
|
-
if (this.settings.disableInactivityCheck) {
|
|
101
|
-
return {
|
|
102
|
-
isInactive: false,
|
|
103
|
-
shouldWarn: false,
|
|
104
|
-
inactivityTime: 0,
|
|
105
|
-
effectiveTimeout: 0
|
|
106
|
-
};
|
|
107
|
-
}
|
|
108
|
-
// Skip for immortal keep-alive connections
|
|
109
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'immortal') {
|
|
110
|
-
return {
|
|
111
|
-
isInactive: false,
|
|
112
|
-
shouldWarn: false,
|
|
113
|
-
inactivityTime: 0,
|
|
114
|
-
effectiveTimeout: 0
|
|
115
|
-
};
|
|
116
|
-
}
|
|
117
|
-
const now = Date.now();
|
|
118
|
-
const inactivityTime = now - record.lastActivity;
|
|
119
|
-
const effectiveTimeout = this.getEffectiveInactivityTimeout(record);
|
|
120
|
-
// Check if inactive
|
|
121
|
-
const isInactive = inactivityTime > effectiveTimeout;
|
|
122
|
-
// For keep-alive connections, we should warn first
|
|
123
|
-
const shouldWarn = record.hasKeepAlive &&
|
|
124
|
-
isInactive &&
|
|
125
|
-
!record.inactivityWarningIssued;
|
|
126
|
-
return {
|
|
127
|
-
isInactive,
|
|
128
|
-
shouldWarn,
|
|
129
|
-
inactivityTime,
|
|
130
|
-
effectiveTimeout
|
|
131
|
-
};
|
|
132
|
-
}
|
|
133
|
-
/**
|
|
134
|
-
* Apply socket timeout settings
|
|
135
|
-
*/
|
|
136
|
-
applySocketTimeouts(record) {
|
|
137
|
-
// Skip for immortal keep-alive connections
|
|
138
|
-
if (record.hasKeepAlive && this.settings.keepAliveTreatment === 'immortal') {
|
|
139
|
-
// Disable timeouts completely for immortal connections
|
|
140
|
-
record.incoming.setTimeout(0);
|
|
141
|
-
if (record.outgoing) {
|
|
142
|
-
record.outgoing.setTimeout(0);
|
|
143
|
-
}
|
|
144
|
-
return;
|
|
145
|
-
}
|
|
146
|
-
// Apply normal timeouts
|
|
147
|
-
const timeout = this.ensureSafeTimeout(this.settings.socketTimeout || 3600000); // 1 hour default
|
|
148
|
-
record.incoming.setTimeout(timeout);
|
|
149
|
-
if (record.outgoing) {
|
|
150
|
-
record.outgoing.setTimeout(timeout);
|
|
151
|
-
}
|
|
152
|
-
}
|
|
153
|
-
}
|
|
154
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5wcC50aW1lb3V0bWFuYWdlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL2NsYXNzZXMucHAudGltZW91dG1hbmFnZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBRUE7O0dBRUc7QUFDSCxNQUFNLE9BQU8sY0FBYztJQUN6QixZQUFvQixRQUE0QjtRQUE1QixhQUFRLEdBQVIsUUFBUSxDQUFvQjtJQUFHLENBQUM7SUFFcEQ7O09BRUc7SUFDSSxpQkFBaUIsQ0FBQyxPQUFlO1FBQ3RDLE1BQU0sZ0JBQWdCLEdBQUcsVUFBVSxDQUFDLENBQUMsZ0NBQWdDO1FBQ3JFLE9BQU8sSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxFQUFFLGdCQUFnQixDQUFDLENBQUM7SUFDekQsQ0FBQztJQUVEOztPQUVHO0lBQ0ksZ0JBQWdCLENBQUMsV0FBbUIsRUFBRSxtQkFBMkIsQ0FBQztRQUN2RSxNQUFNLGVBQWUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDNUQsTUFBTSxTQUFTLEdBQUcsZUFBZSxHQUFHLENBQUMsZ0JBQWdCLEdBQUcsR0FBRyxDQUFDLENBQUM7UUFDN0QsT0FBTyxJQUFJLENBQUMsaUJBQWlCLENBQzNCLGVBQWUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsR0FBRyxTQUFTLEdBQUcsQ0FBQyxDQUFDLEdBQUcsU0FBUyxDQUN4RSxDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0ksY0FBYyxDQUFDLE1BQXlCO1FBQzdDLE1BQU0sQ0FBQyxZQUFZLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBRWpDLCtCQUErQjtRQUMvQixJQUFJLE1BQU0sQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO1lBQ25DLE1BQU0sQ0FBQyx1QkFBdUIsR0FBRyxLQUFLLENBQUM7UUFDekMsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNJLDZCQUE2QixDQUFDLE1BQXlCO1FBQzVELElBQUksZ0JBQWdCLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsSUFBSSxRQUFRLENBQUMsQ0FBQyxrQkFBa0I7UUFFdEYscUVBQXFFO1FBQ3JFLElBQUksTUFBTSxDQUFDLFlBQVksSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLGtCQUFrQixLQUFLLFVBQVUsRUFBRSxDQUFDO1lBQzNFLE9BQU8sTUFBTSxDQUFDLGdCQUFnQixDQUFDO1FBQ2pDLENBQUM7UUFFRCx3REFBd0Q7UUFDeEQsSUFBSSxNQUFNLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsa0JBQWtCLEtBQUssVUFBVSxFQUFFLENBQUM7WUFDM0UsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyw2QkFBNkIsSUFBSSxDQUFDLENBQUM7WUFDcEUsZ0JBQWdCLEdBQUcsZ0JBQWdCLEdBQUcsVUFBVSxDQUFDO1FBQ25ELENBQUM7UUFFRCxPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFFRDs7T0FFRztJQUNJLHVCQUF1QixDQUFDLE1BQXlCO1FBQ3RELDJDQUEyQztRQUMzQyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsWUFBWSxFQUFFLGlCQUFpQjtZQUN0QyxJQUFJLENBQUMsUUFBUSxDQUFDLHFCQUFxQjtZQUNuQyxRQUFRLENBQUMsQ0FBQyxtQkFBbUI7UUFFakQsc0VBQXNFO1FBQ3RFLElBQUksTUFBTSxDQUFDLFlBQVksSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLGtCQUFrQixLQUFLLFVBQVUsRUFBRSxDQUFDO1lBQzNFLE9BQU8sTUFBTSxDQUFDLGdCQUFnQixDQUFDO1FBQ2pDLENBQUM7UUFFRCx5RUFBeUU7UUFDekUsSUFBSSxNQUFNLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsa0JBQWtCLEtBQUssVUFBVSxFQUFFLENBQUM7WUFDM0UsT0FBTyxJQUFJLENBQUMsaUJBQWlCLENBQzNCLElBQUksQ0FBQyxRQUFRLENBQUMseUJBQXlCLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQyxpQkFBaUI7YUFDckYsQ0FBQztRQUNKLENBQUM7UUFFRCxpQ0FBaUM7UUFDakMsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFDM0MsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDNUMsQ0FBQztRQUVELE9BQU8sSUFBSSxDQUFDLGlCQUFpQixDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFFRDs7O09BR0c7SUFDSSxzQkFBc0IsQ0FDM0IsTUFBeUIsRUFDekIsU0FBOEQ7UUFFOUQsMkJBQTJCO1FBQzNCLElBQUksTUFBTSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ3hCLFlBQVksQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDcEMsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUUvRCxxQkFBcUI7UUFDckIsTUFBTSxLQUFLLEdBQUcsVUFBVSxDQUFDLEdBQUcsRUFBRTtZQUM1Qiw2QkFBNkI7WUFDN0IsU0FBUyxDQUFDLE1BQU0sRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQzFDLENBQUMsRUFBRSxpQkFBaUIsQ0FBQyxDQUFDO1FBRXRCLG1EQUFtRDtRQUNuRCxJQUFJLEtBQUssQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNoQixLQUFLLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDaEIsQ0FBQztRQUVELE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVEOzs7T0FHRztJQUNJLGVBQWUsQ0FBQyxNQUF5QjtRQU05QyxzREFBc0Q7UUFDdEQsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLHNCQUFzQixFQUFFLENBQUM7WUFDekMsT0FBTztnQkFDTCxVQUFVLEVBQUUsS0FBSztnQkFDakIsVUFBVSxFQUFFLEtBQUs7Z0JBQ2pCLGNBQWMsRUFBRSxDQUFDO2dCQUNqQixnQkFBZ0IsRUFBRSxDQUFDO2FBQ3BCLENBQUM7UUFDSixDQUFDO1FBRUQsMkNBQTJDO1FBQzNDLElBQUksTUFBTSxDQUFDLFlBQVksSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLGtCQUFrQixLQUFLLFVBQVUsRUFBRSxDQUFDO1lBQzNFLE9BQU87Z0JBQ0wsVUFBVSxFQUFFLEtBQUs7Z0JBQ2pCLFVBQVUsRUFBRSxLQUFLO2dCQUNqQixjQUFjLEVBQUUsQ0FBQztnQkFDakIsZ0JBQWdCLEVBQUUsQ0FBQzthQUNwQixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUN2QixNQUFNLGNBQWMsR0FBRyxHQUFHLEdBQUcsTUFBTSxDQUFDLFlBQVksQ0FBQztRQUNqRCxNQUFNLGdCQUFnQixHQUFHLElBQUksQ0FBQyw2QkFBNkIsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVwRSxvQkFBb0I7UUFDcEIsTUFBTSxVQUFVLEdBQUcsY0FBYyxHQUFHLGdCQUFnQixDQUFDO1FBRXJELG1EQUFtRDtRQUNuRCxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsWUFBWTtZQUNuQixVQUFVO1lBQ1YsQ0FBQyxNQUFNLENBQUMsdUJBQXVCLENBQUM7UUFFbkQsT0FBTztZQUNMLFVBQVU7WUFDVixVQUFVO1lBQ1YsY0FBYztZQUNkLGdCQUFnQjtTQUNqQixDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0ksbUJBQW1CLENBQUMsTUFBeUI7UUFDbEQsMkNBQTJDO1FBQzNDLElBQUksTUFBTSxDQUFDLFlBQVksSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLGtCQUFrQixLQUFLLFVBQVUsRUFBRSxDQUFDO1lBQzNFLHVEQUF1RDtZQUN2RCxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUM5QixJQUFJLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQztnQkFDcEIsTUFBTSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDaEMsQ0FBQztZQUNELE9BQU87UUFDVCxDQUFDO1FBRUQsd0JBQXdCO1FBQ3hCLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLGFBQWEsSUFBSSxPQUFPLENBQUMsQ0FBQyxDQUFDLGlCQUFpQjtRQUNqRyxNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNwQyxJQUFJLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNwQixNQUFNLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN0QyxDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=
|
|
@@ -1,149 +0,0 @@
|
|
|
1
|
-
import * as net from 'net';
|
|
2
|
-
/**
|
|
3
|
-
* TlsAlert class for managing TLS alert messages
|
|
4
|
-
*/
|
|
5
|
-
export declare class TlsAlert {
|
|
6
|
-
static readonly LEVEL_WARNING = 1;
|
|
7
|
-
static readonly LEVEL_FATAL = 2;
|
|
8
|
-
static readonly CLOSE_NOTIFY = 0;
|
|
9
|
-
static readonly UNEXPECTED_MESSAGE = 10;
|
|
10
|
-
static readonly BAD_RECORD_MAC = 20;
|
|
11
|
-
static readonly DECRYPTION_FAILED = 21;
|
|
12
|
-
static readonly RECORD_OVERFLOW = 22;
|
|
13
|
-
static readonly DECOMPRESSION_FAILURE = 30;
|
|
14
|
-
static readonly HANDSHAKE_FAILURE = 40;
|
|
15
|
-
static readonly NO_CERTIFICATE = 41;
|
|
16
|
-
static readonly BAD_CERTIFICATE = 42;
|
|
17
|
-
static readonly UNSUPPORTED_CERTIFICATE = 43;
|
|
18
|
-
static readonly CERTIFICATE_REVOKED = 44;
|
|
19
|
-
static readonly CERTIFICATE_EXPIRED = 47;
|
|
20
|
-
static readonly CERTIFICATE_UNKNOWN = 48;
|
|
21
|
-
static readonly ILLEGAL_PARAMETER = 47;
|
|
22
|
-
static readonly UNKNOWN_CA = 48;
|
|
23
|
-
static readonly ACCESS_DENIED = 49;
|
|
24
|
-
static readonly DECODE_ERROR = 50;
|
|
25
|
-
static readonly DECRYPT_ERROR = 51;
|
|
26
|
-
static readonly EXPORT_RESTRICTION = 60;
|
|
27
|
-
static readonly PROTOCOL_VERSION = 70;
|
|
28
|
-
static readonly INSUFFICIENT_SECURITY = 71;
|
|
29
|
-
static readonly INTERNAL_ERROR = 80;
|
|
30
|
-
static readonly INAPPROPRIATE_FALLBACK = 86;
|
|
31
|
-
static readonly USER_CANCELED = 90;
|
|
32
|
-
static readonly NO_RENEGOTIATION = 100;
|
|
33
|
-
static readonly MISSING_EXTENSION = 109;
|
|
34
|
-
static readonly UNSUPPORTED_EXTENSION = 110;
|
|
35
|
-
static readonly CERTIFICATE_REQUIRED = 111;
|
|
36
|
-
static readonly UNRECOGNIZED_NAME = 112;
|
|
37
|
-
static readonly BAD_CERTIFICATE_STATUS_RESPONSE = 113;
|
|
38
|
-
static readonly BAD_CERTIFICATE_HASH_VALUE = 114;
|
|
39
|
-
static readonly UNKNOWN_PSK_IDENTITY = 115;
|
|
40
|
-
static readonly CERTIFICATE_REQUIRED_1_3 = 116;
|
|
41
|
-
static readonly NO_APPLICATION_PROTOCOL = 120;
|
|
42
|
-
/**
|
|
43
|
-
* Create a TLS alert buffer with the specified level and description code
|
|
44
|
-
*
|
|
45
|
-
* @param level Alert level (warning or fatal)
|
|
46
|
-
* @param description Alert description code
|
|
47
|
-
* @param tlsVersion TLS version bytes (default is TLS 1.2: 0x0303)
|
|
48
|
-
* @returns Buffer containing the TLS alert message
|
|
49
|
-
*/
|
|
50
|
-
static create(level: number, description: number, tlsVersion?: [number, number]): Buffer;
|
|
51
|
-
/**
|
|
52
|
-
* Create a warning-level TLS alert
|
|
53
|
-
*
|
|
54
|
-
* @param description Alert description code
|
|
55
|
-
* @returns Buffer containing the warning-level TLS alert message
|
|
56
|
-
*/
|
|
57
|
-
static createWarning(description: number): Buffer;
|
|
58
|
-
/**
|
|
59
|
-
* Create a fatal-level TLS alert
|
|
60
|
-
*
|
|
61
|
-
* @param description Alert description code
|
|
62
|
-
* @returns Buffer containing the fatal-level TLS alert message
|
|
63
|
-
*/
|
|
64
|
-
static createFatal(description: number): Buffer;
|
|
65
|
-
/**
|
|
66
|
-
* Send a TLS alert to a socket and optionally close the connection
|
|
67
|
-
*
|
|
68
|
-
* @param socket The socket to send the alert to
|
|
69
|
-
* @param level Alert level (warning or fatal)
|
|
70
|
-
* @param description Alert description code
|
|
71
|
-
* @param closeAfterSend Whether to close the connection after sending the alert
|
|
72
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
73
|
-
* @returns Promise that resolves when the alert has been sent
|
|
74
|
-
*/
|
|
75
|
-
static send(socket: net.Socket, level: number, description: number, closeAfterSend?: boolean, closeDelay?: number): Promise<void>;
|
|
76
|
-
/**
|
|
77
|
-
* Pre-defined TLS alert messages
|
|
78
|
-
*/
|
|
79
|
-
static readonly alerts: {
|
|
80
|
-
closeNotify: Buffer<ArrayBufferLike>;
|
|
81
|
-
unsupportedExtension: Buffer<ArrayBufferLike>;
|
|
82
|
-
certificateRequired: Buffer<ArrayBufferLike>;
|
|
83
|
-
unrecognizedName: Buffer<ArrayBufferLike>;
|
|
84
|
-
noRenegotiation: Buffer<ArrayBufferLike>;
|
|
85
|
-
userCanceled: Buffer<ArrayBufferLike>;
|
|
86
|
-
certificateExpiredWarning: Buffer<ArrayBufferLike>;
|
|
87
|
-
handshakeFailureWarning: Buffer<ArrayBufferLike>;
|
|
88
|
-
insufficientSecurityWarning: Buffer<ArrayBufferLike>;
|
|
89
|
-
unexpectedMessage: Buffer<ArrayBufferLike>;
|
|
90
|
-
badRecordMac: Buffer<ArrayBufferLike>;
|
|
91
|
-
recordOverflow: Buffer<ArrayBufferLike>;
|
|
92
|
-
handshakeFailure: Buffer<ArrayBufferLike>;
|
|
93
|
-
badCertificate: Buffer<ArrayBufferLike>;
|
|
94
|
-
certificateExpired: Buffer<ArrayBufferLike>;
|
|
95
|
-
certificateUnknown: Buffer<ArrayBufferLike>;
|
|
96
|
-
illegalParameter: Buffer<ArrayBufferLike>;
|
|
97
|
-
unknownCA: Buffer<ArrayBufferLike>;
|
|
98
|
-
accessDenied: Buffer<ArrayBufferLike>;
|
|
99
|
-
decodeError: Buffer<ArrayBufferLike>;
|
|
100
|
-
decryptError: Buffer<ArrayBufferLike>;
|
|
101
|
-
protocolVersion: Buffer<ArrayBufferLike>;
|
|
102
|
-
insufficientSecurity: Buffer<ArrayBufferLike>;
|
|
103
|
-
internalError: Buffer<ArrayBufferLike>;
|
|
104
|
-
unrecognizedNameFatal: Buffer<ArrayBufferLike>;
|
|
105
|
-
};
|
|
106
|
-
/**
|
|
107
|
-
* Utility method to send a warning-level unrecognized_name alert
|
|
108
|
-
* Specifically designed for SNI issues to encourage the client to retry with SNI
|
|
109
|
-
*
|
|
110
|
-
* @param socket The socket to send the alert to
|
|
111
|
-
* @returns Promise that resolves when the alert has been sent
|
|
112
|
-
*/
|
|
113
|
-
static sendSniRequired(socket: net.Socket): Promise<void>;
|
|
114
|
-
/**
|
|
115
|
-
* Utility method to send a close_notify alert and close the connection
|
|
116
|
-
*
|
|
117
|
-
* @param socket The socket to send the alert to
|
|
118
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
119
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
120
|
-
*/
|
|
121
|
-
static sendCloseNotify(socket: net.Socket, closeDelay?: number): Promise<void>;
|
|
122
|
-
/**
|
|
123
|
-
* Utility method to send a certificate_expired alert to force new TLS session
|
|
124
|
-
*
|
|
125
|
-
* @param socket The socket to send the alert to
|
|
126
|
-
* @param fatal Whether to send as a fatal alert (default: false)
|
|
127
|
-
* @param closeAfterSend Whether to close the connection after sending the alert (default: true)
|
|
128
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
129
|
-
* @returns Promise that resolves when the alert has been sent
|
|
130
|
-
*/
|
|
131
|
-
static sendCertificateExpired(socket: net.Socket, fatal?: boolean, closeAfterSend?: boolean, closeDelay?: number): Promise<void>;
|
|
132
|
-
/**
|
|
133
|
-
* Send a sequence of alerts to force SNI from clients
|
|
134
|
-
* This combines multiple alerts to ensure maximum browser compatibility
|
|
135
|
-
*
|
|
136
|
-
* @param socket The socket to send the alerts to
|
|
137
|
-
* @returns Promise that resolves when all alerts have been sent
|
|
138
|
-
*/
|
|
139
|
-
static sendForceSniSequence(socket: net.Socket): Promise<void>;
|
|
140
|
-
/**
|
|
141
|
-
* Send a fatal level alert that immediately terminates the connection
|
|
142
|
-
*
|
|
143
|
-
* @param socket The socket to send the alert to
|
|
144
|
-
* @param description Alert description code
|
|
145
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 100ms)
|
|
146
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
147
|
-
*/
|
|
148
|
-
static sendFatalAndClose(socket: net.Socket, description: number, closeDelay?: number): Promise<void>;
|
|
149
|
-
}
|
|
@@ -1,225 +0,0 @@
|
|
|
1
|
-
import * as net from 'net';
|
|
2
|
-
/**
|
|
3
|
-
* TlsAlert class for managing TLS alert messages
|
|
4
|
-
*/
|
|
5
|
-
export class TlsAlert {
|
|
6
|
-
// TLS Alert Levels
|
|
7
|
-
static { this.LEVEL_WARNING = 0x01; }
|
|
8
|
-
static { this.LEVEL_FATAL = 0x02; }
|
|
9
|
-
// TLS Alert Description Codes - RFC 8446 (TLS 1.3) / RFC 5246 (TLS 1.2)
|
|
10
|
-
static { this.CLOSE_NOTIFY = 0x00; }
|
|
11
|
-
static { this.UNEXPECTED_MESSAGE = 0x0A; }
|
|
12
|
-
static { this.BAD_RECORD_MAC = 0x14; }
|
|
13
|
-
static { this.DECRYPTION_FAILED = 0x15; } // TLS 1.0 only
|
|
14
|
-
static { this.RECORD_OVERFLOW = 0x16; }
|
|
15
|
-
static { this.DECOMPRESSION_FAILURE = 0x1E; } // TLS 1.2 and below
|
|
16
|
-
static { this.HANDSHAKE_FAILURE = 0x28; }
|
|
17
|
-
static { this.NO_CERTIFICATE = 0x29; } // SSLv3 only
|
|
18
|
-
static { this.BAD_CERTIFICATE = 0x2A; }
|
|
19
|
-
static { this.UNSUPPORTED_CERTIFICATE = 0x2B; }
|
|
20
|
-
static { this.CERTIFICATE_REVOKED = 0x2C; }
|
|
21
|
-
static { this.CERTIFICATE_EXPIRED = 0x2F; }
|
|
22
|
-
static { this.CERTIFICATE_UNKNOWN = 0x30; }
|
|
23
|
-
static { this.ILLEGAL_PARAMETER = 0x2F; }
|
|
24
|
-
static { this.UNKNOWN_CA = 0x30; }
|
|
25
|
-
static { this.ACCESS_DENIED = 0x31; }
|
|
26
|
-
static { this.DECODE_ERROR = 0x32; }
|
|
27
|
-
static { this.DECRYPT_ERROR = 0x33; }
|
|
28
|
-
static { this.EXPORT_RESTRICTION = 0x3C; } // TLS 1.0 only
|
|
29
|
-
static { this.PROTOCOL_VERSION = 0x46; }
|
|
30
|
-
static { this.INSUFFICIENT_SECURITY = 0x47; }
|
|
31
|
-
static { this.INTERNAL_ERROR = 0x50; }
|
|
32
|
-
static { this.INAPPROPRIATE_FALLBACK = 0x56; }
|
|
33
|
-
static { this.USER_CANCELED = 0x5A; }
|
|
34
|
-
static { this.NO_RENEGOTIATION = 0x64; } // TLS 1.2 and below
|
|
35
|
-
static { this.MISSING_EXTENSION = 0x6D; } // TLS 1.3
|
|
36
|
-
static { this.UNSUPPORTED_EXTENSION = 0x6E; } // TLS 1.3
|
|
37
|
-
static { this.CERTIFICATE_REQUIRED = 0x6F; } // TLS 1.3
|
|
38
|
-
static { this.UNRECOGNIZED_NAME = 0x70; }
|
|
39
|
-
static { this.BAD_CERTIFICATE_STATUS_RESPONSE = 0x71; }
|
|
40
|
-
static { this.BAD_CERTIFICATE_HASH_VALUE = 0x72; } // TLS 1.2 and below
|
|
41
|
-
static { this.UNKNOWN_PSK_IDENTITY = 0x73; }
|
|
42
|
-
static { this.CERTIFICATE_REQUIRED_1_3 = 0x74; } // TLS 1.3
|
|
43
|
-
static { this.NO_APPLICATION_PROTOCOL = 0x78; }
|
|
44
|
-
/**
|
|
45
|
-
* Create a TLS alert buffer with the specified level and description code
|
|
46
|
-
*
|
|
47
|
-
* @param level Alert level (warning or fatal)
|
|
48
|
-
* @param description Alert description code
|
|
49
|
-
* @param tlsVersion TLS version bytes (default is TLS 1.2: 0x0303)
|
|
50
|
-
* @returns Buffer containing the TLS alert message
|
|
51
|
-
*/
|
|
52
|
-
static create(level, description, tlsVersion = [0x03, 0x03]) {
|
|
53
|
-
return Buffer.from([
|
|
54
|
-
0x15, // Alert record type
|
|
55
|
-
tlsVersion[0],
|
|
56
|
-
tlsVersion[1], // TLS version (default to TLS 1.2: 0x0303)
|
|
57
|
-
0x00,
|
|
58
|
-
0x02, // Length
|
|
59
|
-
level, // Alert level
|
|
60
|
-
description, // Alert description
|
|
61
|
-
]);
|
|
62
|
-
}
|
|
63
|
-
/**
|
|
64
|
-
* Create a warning-level TLS alert
|
|
65
|
-
*
|
|
66
|
-
* @param description Alert description code
|
|
67
|
-
* @returns Buffer containing the warning-level TLS alert message
|
|
68
|
-
*/
|
|
69
|
-
static createWarning(description) {
|
|
70
|
-
return this.create(this.LEVEL_WARNING, description);
|
|
71
|
-
}
|
|
72
|
-
/**
|
|
73
|
-
* Create a fatal-level TLS alert
|
|
74
|
-
*
|
|
75
|
-
* @param description Alert description code
|
|
76
|
-
* @returns Buffer containing the fatal-level TLS alert message
|
|
77
|
-
*/
|
|
78
|
-
static createFatal(description) {
|
|
79
|
-
return this.create(this.LEVEL_FATAL, description);
|
|
80
|
-
}
|
|
81
|
-
/**
|
|
82
|
-
* Send a TLS alert to a socket and optionally close the connection
|
|
83
|
-
*
|
|
84
|
-
* @param socket The socket to send the alert to
|
|
85
|
-
* @param level Alert level (warning or fatal)
|
|
86
|
-
* @param description Alert description code
|
|
87
|
-
* @param closeAfterSend Whether to close the connection after sending the alert
|
|
88
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
89
|
-
* @returns Promise that resolves when the alert has been sent
|
|
90
|
-
*/
|
|
91
|
-
static async send(socket, level, description, closeAfterSend = false, closeDelay = 200) {
|
|
92
|
-
const alert = this.create(level, description);
|
|
93
|
-
return new Promise((resolve, reject) => {
|
|
94
|
-
try {
|
|
95
|
-
// Ensure the alert is written as a single packet
|
|
96
|
-
socket.cork();
|
|
97
|
-
const writeSuccessful = socket.write(alert, (err) => {
|
|
98
|
-
if (err) {
|
|
99
|
-
reject(err);
|
|
100
|
-
return;
|
|
101
|
-
}
|
|
102
|
-
if (closeAfterSend) {
|
|
103
|
-
setTimeout(() => {
|
|
104
|
-
socket.end();
|
|
105
|
-
resolve();
|
|
106
|
-
}, closeDelay);
|
|
107
|
-
}
|
|
108
|
-
else {
|
|
109
|
-
resolve();
|
|
110
|
-
}
|
|
111
|
-
});
|
|
112
|
-
socket.uncork();
|
|
113
|
-
// If write wasn't successful immediately, wait for drain
|
|
114
|
-
if (!writeSuccessful && !closeAfterSend) {
|
|
115
|
-
socket.once('drain', () => {
|
|
116
|
-
resolve();
|
|
117
|
-
});
|
|
118
|
-
}
|
|
119
|
-
}
|
|
120
|
-
catch (err) {
|
|
121
|
-
reject(err);
|
|
122
|
-
}
|
|
123
|
-
});
|
|
124
|
-
}
|
|
125
|
-
/**
|
|
126
|
-
* Pre-defined TLS alert messages
|
|
127
|
-
*/
|
|
128
|
-
static { this.alerts = {
|
|
129
|
-
// Warning level alerts
|
|
130
|
-
closeNotify: TlsAlert.createWarning(TlsAlert.CLOSE_NOTIFY),
|
|
131
|
-
unsupportedExtension: TlsAlert.createWarning(TlsAlert.UNSUPPORTED_EXTENSION),
|
|
132
|
-
certificateRequired: TlsAlert.createWarning(TlsAlert.CERTIFICATE_REQUIRED),
|
|
133
|
-
unrecognizedName: TlsAlert.createWarning(TlsAlert.UNRECOGNIZED_NAME),
|
|
134
|
-
noRenegotiation: TlsAlert.createWarning(TlsAlert.NO_RENEGOTIATION),
|
|
135
|
-
userCanceled: TlsAlert.createWarning(TlsAlert.USER_CANCELED),
|
|
136
|
-
// Warning level alerts for session resumption
|
|
137
|
-
certificateExpiredWarning: TlsAlert.createWarning(TlsAlert.CERTIFICATE_EXPIRED),
|
|
138
|
-
handshakeFailureWarning: TlsAlert.createWarning(TlsAlert.HANDSHAKE_FAILURE),
|
|
139
|
-
insufficientSecurityWarning: TlsAlert.createWarning(TlsAlert.INSUFFICIENT_SECURITY),
|
|
140
|
-
// Fatal level alerts
|
|
141
|
-
unexpectedMessage: TlsAlert.createFatal(TlsAlert.UNEXPECTED_MESSAGE),
|
|
142
|
-
badRecordMac: TlsAlert.createFatal(TlsAlert.BAD_RECORD_MAC),
|
|
143
|
-
recordOverflow: TlsAlert.createFatal(TlsAlert.RECORD_OVERFLOW),
|
|
144
|
-
handshakeFailure: TlsAlert.createFatal(TlsAlert.HANDSHAKE_FAILURE),
|
|
145
|
-
badCertificate: TlsAlert.createFatal(TlsAlert.BAD_CERTIFICATE),
|
|
146
|
-
certificateExpired: TlsAlert.createFatal(TlsAlert.CERTIFICATE_EXPIRED),
|
|
147
|
-
certificateUnknown: TlsAlert.createFatal(TlsAlert.CERTIFICATE_UNKNOWN),
|
|
148
|
-
illegalParameter: TlsAlert.createFatal(TlsAlert.ILLEGAL_PARAMETER),
|
|
149
|
-
unknownCA: TlsAlert.createFatal(TlsAlert.UNKNOWN_CA),
|
|
150
|
-
accessDenied: TlsAlert.createFatal(TlsAlert.ACCESS_DENIED),
|
|
151
|
-
decodeError: TlsAlert.createFatal(TlsAlert.DECODE_ERROR),
|
|
152
|
-
decryptError: TlsAlert.createFatal(TlsAlert.DECRYPT_ERROR),
|
|
153
|
-
protocolVersion: TlsAlert.createFatal(TlsAlert.PROTOCOL_VERSION),
|
|
154
|
-
insufficientSecurity: TlsAlert.createFatal(TlsAlert.INSUFFICIENT_SECURITY),
|
|
155
|
-
internalError: TlsAlert.createFatal(TlsAlert.INTERNAL_ERROR),
|
|
156
|
-
unrecognizedNameFatal: TlsAlert.createFatal(TlsAlert.UNRECOGNIZED_NAME),
|
|
157
|
-
}; }
|
|
158
|
-
/**
|
|
159
|
-
* Utility method to send a warning-level unrecognized_name alert
|
|
160
|
-
* Specifically designed for SNI issues to encourage the client to retry with SNI
|
|
161
|
-
*
|
|
162
|
-
* @param socket The socket to send the alert to
|
|
163
|
-
* @returns Promise that resolves when the alert has been sent
|
|
164
|
-
*/
|
|
165
|
-
static async sendSniRequired(socket) {
|
|
166
|
-
return this.send(socket, this.LEVEL_WARNING, this.UNRECOGNIZED_NAME);
|
|
167
|
-
}
|
|
168
|
-
/**
|
|
169
|
-
* Utility method to send a close_notify alert and close the connection
|
|
170
|
-
*
|
|
171
|
-
* @param socket The socket to send the alert to
|
|
172
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
173
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
174
|
-
*/
|
|
175
|
-
static async sendCloseNotify(socket, closeDelay = 200) {
|
|
176
|
-
return this.send(socket, this.LEVEL_WARNING, this.CLOSE_NOTIFY, true, closeDelay);
|
|
177
|
-
}
|
|
178
|
-
/**
|
|
179
|
-
* Utility method to send a certificate_expired alert to force new TLS session
|
|
180
|
-
*
|
|
181
|
-
* @param socket The socket to send the alert to
|
|
182
|
-
* @param fatal Whether to send as a fatal alert (default: false)
|
|
183
|
-
* @param closeAfterSend Whether to close the connection after sending the alert (default: true)
|
|
184
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
185
|
-
* @returns Promise that resolves when the alert has been sent
|
|
186
|
-
*/
|
|
187
|
-
static async sendCertificateExpired(socket, fatal = false, closeAfterSend = true, closeDelay = 200) {
|
|
188
|
-
const level = fatal ? this.LEVEL_FATAL : this.LEVEL_WARNING;
|
|
189
|
-
return this.send(socket, level, this.CERTIFICATE_EXPIRED, closeAfterSend, closeDelay);
|
|
190
|
-
}
|
|
191
|
-
/**
|
|
192
|
-
* Send a sequence of alerts to force SNI from clients
|
|
193
|
-
* This combines multiple alerts to ensure maximum browser compatibility
|
|
194
|
-
*
|
|
195
|
-
* @param socket The socket to send the alerts to
|
|
196
|
-
* @returns Promise that resolves when all alerts have been sent
|
|
197
|
-
*/
|
|
198
|
-
static async sendForceSniSequence(socket) {
|
|
199
|
-
try {
|
|
200
|
-
// Send unrecognized_name (warning)
|
|
201
|
-
socket.cork();
|
|
202
|
-
socket.write(this.alerts.unrecognizedName);
|
|
203
|
-
socket.uncork();
|
|
204
|
-
// Give the socket time to send the alert
|
|
205
|
-
return new Promise((resolve) => {
|
|
206
|
-
setTimeout(resolve, 50);
|
|
207
|
-
});
|
|
208
|
-
}
|
|
209
|
-
catch (err) {
|
|
210
|
-
return Promise.reject(err);
|
|
211
|
-
}
|
|
212
|
-
}
|
|
213
|
-
/**
|
|
214
|
-
* Send a fatal level alert that immediately terminates the connection
|
|
215
|
-
*
|
|
216
|
-
* @param socket The socket to send the alert to
|
|
217
|
-
* @param description Alert description code
|
|
218
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 100ms)
|
|
219
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
220
|
-
*/
|
|
221
|
-
static async sendFatalAndClose(socket, description, closeDelay = 100) {
|
|
222
|
-
return this.send(socket, this.LEVEL_FATAL, description, true, closeDelay);
|
|
223
|
-
}
|
|
224
|
-
}
|
|
225
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5wcC50bHNhbGVydC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL2NsYXNzZXMucHAudGxzYWxlcnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEdBQUcsTUFBTSxLQUFLLENBQUM7QUFFM0I7O0dBRUc7QUFDSCxNQUFNLE9BQU8sUUFBUTtJQUNuQixtQkFBbUI7YUFDSCxrQkFBYSxHQUFHLElBQUksQ0FBQzthQUNyQixnQkFBVyxHQUFHLElBQUksQ0FBQztJQUVuQyx3RUFBd0U7YUFDeEQsaUJBQVksR0FBRyxJQUFJLENBQUM7YUFDcEIsdUJBQWtCLEdBQUcsSUFBSSxDQUFDO2FBQzFCLG1CQUFjLEdBQUcsSUFBSSxDQUFDO2FBQ3RCLHNCQUFpQixHQUFHLElBQUksQ0FBQyxHQUFDLGVBQWU7YUFDekMsb0JBQWUsR0FBRyxJQUFJLENBQUM7YUFDdkIsMEJBQXFCLEdBQUcsSUFBSSxDQUFDLEdBQUMsb0JBQW9CO2FBQ2xELHNCQUFpQixHQUFHLElBQUksQ0FBQzthQUN6QixtQkFBYyxHQUFHLElBQUksQ0FBQyxHQUFDLGFBQWE7YUFDcEMsb0JBQWUsR0FBRyxJQUFJLENBQUM7YUFDdkIsNEJBQXVCLEdBQUcsSUFBSSxDQUFDO2FBQy9CLHdCQUFtQixHQUFHLElBQUksQ0FBQzthQUMzQix3QkFBbUIsR0FBRyxJQUFJLENBQUM7YUFDM0Isd0JBQW1CLEdBQUcsSUFBSSxDQUFDO2FBQzNCLHNCQUFpQixHQUFHLElBQUksQ0FBQzthQUN6QixlQUFVLEdBQUcsSUFBSSxDQUFDO2FBQ2xCLGtCQUFhLEdBQUcsSUFBSSxDQUFDO2FBQ3JCLGlCQUFZLEdBQUcsSUFBSSxDQUFDO2FBQ3BCLGtCQUFhLEdBQUcsSUFBSSxDQUFDO2FBQ3JCLHVCQUFrQixHQUFHLElBQUksQ0FBQyxHQUFDLGVBQWU7YUFDMUMscUJBQWdCLEdBQUcsSUFBSSxDQUFDO2FBQ3hCLDBCQUFxQixHQUFHLElBQUksQ0FBQzthQUM3QixtQkFBYyxHQUFHLElBQUksQ0FBQzthQUN0QiwyQkFBc0IsR0FBRyxJQUFJLENBQUM7YUFDOUIsa0JBQWEsR0FBRyxJQUFJLENBQUM7YUFDckIscUJBQWdCLEdBQUcsSUFBSSxDQUFDLEdBQUMsb0JBQW9CO2FBQzdDLHNCQUFpQixHQUFHLElBQUksQ0FBQyxHQUFDLFVBQVU7YUFDcEMsMEJBQXFCLEdBQUcsSUFBSSxDQUFDLEdBQUMsVUFBVTthQUN4Qyx5QkFBb0IsR0FBRyxJQUFJLENBQUMsR0FBQyxVQUFVO2FBQ3ZDLHNCQUFpQixHQUFHLElBQUksQ0FBQzthQUN6QixvQ0FBK0IsR0FBRyxJQUFJLENBQUM7YUFDdkMsK0JBQTBCLEdBQUcsSUFBSSxDQUFDLEdBQUMsb0JBQW9CO2FBQ3ZELHlCQUFvQixHQUFHLElBQUksQ0FBQzthQUM1Qiw2QkFBd0IsR0FBRyxJQUFJLENBQUMsR0FBQyxVQUFVO2FBQzNDLDRCQUF1QixHQUFHLElBQUksQ0FBQztJQUUvQzs7Ozs7OztPQU9HO0lBQ0gsTUFBTSxDQUFDLE1BQU0sQ0FDWCxLQUFhLEVBQ2IsV0FBbUIsRUFDbkIsYUFBK0IsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDO1FBRTNDLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQztZQUNqQixJQUFJLEVBQUUsb0JBQW9CO1lBQzFCLFVBQVUsQ0FBQyxDQUFDLENBQUM7WUFDYixVQUFVLENBQUMsQ0FBQyxDQUFDLEVBQUUsMkNBQTJDO1lBQzFELElBQUk7WUFDSixJQUFJLEVBQUUsU0FBUztZQUNmLEtBQUssRUFBRSxjQUFjO1lBQ3JCLFdBQVcsRUFBRSxvQkFBb0I7U0FDbEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsTUFBTSxDQUFDLGFBQWEsQ0FBQyxXQUFtQjtRQUN0QyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxXQUFXLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxNQUFNLENBQUMsV0FBVyxDQUFDLFdBQW1CO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLFdBQVcsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLElBQUksQ0FDZixNQUFrQixFQUNsQixLQUFhLEVBQ2IsV0FBbUIsRUFDbkIsaUJBQTBCLEtBQUssRUFDL0IsYUFBcUIsR0FBRztRQUV4QixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxXQUFXLENBQUMsQ0FBQztRQUU5QyxPQUFPLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQzNDLElBQUksQ0FBQztnQkFDSCxpREFBaUQ7Z0JBQ2pELE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFDZCxNQUFNLGVBQWUsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDLEdBQUcsRUFBRSxFQUFFO29CQUNsRCxJQUFJLEdBQUcsRUFBRSxDQUFDO3dCQUNSLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQzt3QkFDWixPQUFPO29CQUNULENBQUM7b0JBRUQsSUFBSSxjQUFjLEVBQUUsQ0FBQzt3QkFDbkIsVUFBVSxDQUFDLEdBQUcsRUFBRTs0QkFDZCxNQUFNLENBQUMsR0FBRyxFQUFFLENBQUM7NEJBQ2IsT0FBTyxFQUFFLENBQUM7d0JBQ1osQ0FBQyxFQUFFLFVBQVUsQ0FBQyxDQUFDO29CQUNqQixDQUFDO3lCQUFNLENBQUM7d0JBQ04sT0FBTyxFQUFFLENBQUM7b0JBQ1osQ0FBQztnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFDSCxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBRWhCLHlEQUF5RDtnQkFDekQsSUFBSSxDQUFDLGVBQWUsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUN4QyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxHQUFHLEVBQUU7d0JBQ3hCLE9BQU8sRUFBRSxDQUFDO29CQUNaLENBQUMsQ0FBQyxDQUFDO2dCQUNMLENBQUM7WUFDSCxDQUFDO1lBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztnQkFDYixNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDZCxDQUFDO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7O09BRUc7YUFDYSxXQUFNLEdBQUc7UUFDdkIsdUJBQXVCO1FBQ3ZCLFdBQVcsRUFBRSxRQUFRLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxZQUFZLENBQUM7UUFDMUQsb0JBQW9CLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMscUJBQXFCLENBQUM7UUFDNUUsbUJBQW1CLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsb0JBQW9CLENBQUM7UUFDMUUsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUM7UUFDcEUsZUFBZSxFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFDO1FBQ2xFLFlBQVksRUFBRSxRQUFRLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUM7UUFFNUQsOENBQThDO1FBQzlDLHlCQUF5QixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLG1CQUFtQixDQUFDO1FBQy9FLHVCQUF1QixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO1FBQzNFLDJCQUEyQixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLHFCQUFxQixDQUFDO1FBRW5GLHFCQUFxQjtRQUNyQixpQkFBaUIsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxrQkFBa0IsQ0FBQztRQUNwRSxZQUFZLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDO1FBQzNELGNBQWMsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUM7UUFDOUQsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUM7UUFDbEUsY0FBYyxFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FBQztRQUM5RCxrQkFBa0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQztRQUN0RSxrQkFBa0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQztRQUN0RSxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBQztRQUNsRSxTQUFTLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDO1FBQ3BELFlBQVksRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUM7UUFDMUQsV0FBVyxFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQztRQUN4RCxZQUFZLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsYUFBYSxDQUFDO1FBQzFELGVBQWUsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQztRQUNoRSxvQkFBb0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxxQkFBcUIsQ0FBQztRQUMxRSxhQUFhLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDO1FBQzVELHFCQUFxQixFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO0tBQ3hFLENBQUM7SUFFRjs7Ozs7O09BTUc7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxNQUFrQjtRQUM3QyxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDdkUsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLE1BQWtCLEVBQUUsYUFBcUIsR0FBRztRQUN2RSxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFlBQVksRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDcEYsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0gsTUFBTSxDQUFDLEtBQUssQ0FBQyxzQkFBc0IsQ0FDakMsTUFBa0IsRUFDbEIsUUFBaUIsS0FBSyxFQUN0QixpQkFBMEIsSUFBSSxFQUM5QixhQUFxQixHQUFHO1FBRXhCLE1BQU0sS0FBSyxHQUFHLEtBQUssQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQztRQUM1RCxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxJQUFJLENBQUMsbUJBQW1CLEVBQUUsY0FBYyxFQUFFLFVBQVUsQ0FBQyxDQUFDO0lBQ3hGLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLG9CQUFvQixDQUFDLE1BQWtCO1FBQ2xELElBQUksQ0FBQztZQUNILG1DQUFtQztZQUNuQyxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZCxNQUFNLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUMzQyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7WUFFaEIseUNBQXlDO1lBQ3pDLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRTtnQkFDN0IsVUFBVSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsQ0FBQztZQUMxQixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzdCLENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMsaUJBQWlCLENBQzVCLE1BQWtCLEVBQ2xCLFdBQW1CLEVBQ25CLGFBQXFCLEdBQUc7UUFFeEIsT0FBTyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsV0FBVyxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDNUUsQ0FBQyJ9
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
import type { IPortProxySettings } from './classes.pp.interfaces.js';
|
|
2
|
-
/**
|
|
3
|
-
* Interface for connection information used for SNI extraction
|
|
4
|
-
*/
|
|
5
|
-
interface IConnectionInfo {
|
|
6
|
-
sourceIp: string;
|
|
7
|
-
sourcePort: number;
|
|
8
|
-
destIp: string;
|
|
9
|
-
destPort: number;
|
|
10
|
-
}
|
|
11
|
-
/**
|
|
12
|
-
* Manages TLS-related operations including SNI extraction and validation
|
|
13
|
-
*/
|
|
14
|
-
export declare class TlsManager {
|
|
15
|
-
private settings;
|
|
16
|
-
constructor(settings: IPortProxySettings);
|
|
17
|
-
/**
|
|
18
|
-
* Check if a data chunk appears to be a TLS handshake
|
|
19
|
-
*/
|
|
20
|
-
isTlsHandshake(chunk: Buffer): boolean;
|
|
21
|
-
/**
|
|
22
|
-
* Check if a data chunk appears to be a TLS ClientHello
|
|
23
|
-
*/
|
|
24
|
-
isClientHello(chunk: Buffer): boolean;
|
|
25
|
-
/**
|
|
26
|
-
* Extract Server Name Indication (SNI) from TLS handshake
|
|
27
|
-
*/
|
|
28
|
-
extractSNI(chunk: Buffer, connInfo: IConnectionInfo, previousDomain?: string): string | undefined;
|
|
29
|
-
/**
|
|
30
|
-
* Handle session resumption attempts
|
|
31
|
-
*/
|
|
32
|
-
handleSessionResumption(chunk: Buffer, connectionId: string, hasSNI: boolean): {
|
|
33
|
-
shouldBlock: boolean;
|
|
34
|
-
reason?: string;
|
|
35
|
-
};
|
|
36
|
-
/**
|
|
37
|
-
* Check for SNI mismatch during renegotiation
|
|
38
|
-
*/
|
|
39
|
-
checkRenegotiationSNI(chunk: Buffer, connInfo: IConnectionInfo, expectedDomain: string, connectionId: string): {
|
|
40
|
-
hasMismatch: boolean;
|
|
41
|
-
extractedSNI?: string;
|
|
42
|
-
};
|
|
43
|
-
/**
|
|
44
|
-
* Create a renegotiation handler function for a connection
|
|
45
|
-
*/
|
|
46
|
-
createRenegotiationHandler(connectionId: string, lockedDomain: string, connInfo: IConnectionInfo, onMismatch: (connectionId: string, reason: string) => void): (chunk: Buffer) => void;
|
|
47
|
-
/**
|
|
48
|
-
* Analyze TLS connection for browser fingerprinting
|
|
49
|
-
* This helps identify browser vs non-browser connections
|
|
50
|
-
*/
|
|
51
|
-
analyzeClientHello(chunk: Buffer): {
|
|
52
|
-
isBrowserConnection: boolean;
|
|
53
|
-
isRenewal: boolean;
|
|
54
|
-
hasSNI: boolean;
|
|
55
|
-
};
|
|
56
|
-
}
|
|
57
|
-
export {};
|