@push.rocks/smartproxy 19.6.17 → 20.0.1

package/ts/proxies/smart-proxy/route-connection-handler.ts

@@ -3,7 +3,7 @@ import type { IConnectionRecord, ISmartProxyOptions } from './models/interfaces.
 import { logger } from '../../core/utils/logger.js';
 import { connectionLogDeduplicator } from '../../core/utils/log-deduplicator.js';
 // Route checking functions have been removed
-import type { IRouteConfig, IRouteAction } from './models/route-types.js';
+import type { IRouteConfig, IRouteAction, IRouteTarget } from './models/route-types.js';
 import type { IRouteContext } from '../../core/models/route-context.js';
 import { cleanupSocket, setupSocketHandlers, createSocketWithErrorHandler, setupBidirectionalForwarding } from '../../core/utils/socket-utils.js';
 import { WrappedSocket } from '../../core/models/wrapped-socket.js';
@@ -657,6 +657,80 @@ export class RouteConnectionHandler {
     }
   }
 
+  /**
+   * Select the appropriate target from the targets array based on sub-matching criteria
+   */
+  private selectTarget(
+    targets: IRouteTarget[],
+    context: {
+      port: number;
+      path?: string;
+      headers?: Record<string, string>;
+      method?: string;
+    }
+  ): IRouteTarget | null {
+    // Sort targets by priority (higher first)
+    const sortedTargets = [...targets].sort((a, b) => (b.priority || 0) - (a.priority || 0));
+    
+    // Find the first matching target
+    for (const target of sortedTargets) {
+      if (!target.match) {
+        // No match criteria means this is a default/fallback target
+        return target;
+      }
+      
+      // Check port match
+      if (target.match.ports && !target.match.ports.includes(context.port)) {
+        continue;
+      }
+      
+      // Check path match (supports wildcards)
+      if (target.match.path && context.path) {
+        const pathPattern = target.match.path.replace(/\*/g, '.*');
+        const pathRegex = new RegExp(`^${pathPattern}$`);
+        if (!pathRegex.test(context.path)) {
+          continue;
+        }
+      }
+      
+      // Check method match
+      if (target.match.method && context.method && !target.match.method.includes(context.method)) {
+        continue;
+      }
+      
+      // Check headers match
+      if (target.match.headers && context.headers) {
+        let headersMatch = true;
+        for (const [key, pattern] of Object.entries(target.match.headers)) {
+          const headerValue = context.headers[key.toLowerCase()];
+          if (!headerValue) {
+            headersMatch = false;
+            break;
+          }
+          
+          if (pattern instanceof RegExp) {
+            if (!pattern.test(headerValue)) {
+              headersMatch = false;
+              break;
+            }
+          } else if (headerValue !== pattern) {
+            headersMatch = false;
+            break;
+          }
+        }
+        if (!headersMatch) {
+          continue;
+        }
+      }
+      
+      // All criteria matched
+      return target;
+    }
+    
+    // No matching target found, return the first target without match criteria (default)
+    return sortedTargets.find(t => !t.match) || null;
+  }
+
   /**
    * Handle a forward action for a route
    */
@@ -731,14 +805,37 @@ export class RouteConnectionHandler {
       return;
     }
 
-    // We should have a target configuration for forwarding
-    if (!action.target) {
-      logger.log('error', `Forward action missing target configuration for connection ${connectionId}`, {
+    // Select the appropriate target from the targets array
+    if (!action.targets || action.targets.length === 0) {
+      logger.log('error', `Forward action missing targets configuration for connection ${connectionId}`, {
+        connectionId,
+        component: 'route-handler'
+      });
+      socket.end();
+      this.smartProxy.connectionManager.cleanupConnection(record, 'missing_targets');
+      return;
+    }
+    
+    // Create context for target selection
+    const targetSelectionContext = {
+      port: record.localPort,
+      path: undefined, // Will be populated from HTTP headers if available
+      headers: undefined, // Will be populated from HTTP headers if available
+      method: undefined // Will be populated from HTTP headers if available
+    };
+    
+    // TODO: Extract path, headers, and method from initialChunk if it's HTTP
+    // For now, we'll select based on port only
+    
+    const selectedTarget = this.selectTarget(action.targets, targetSelectionContext);
+    if (!selectedTarget) {
+      logger.log('error', `No matching target found for connection ${connectionId}`, {
         connectionId,
+        port: targetSelectionContext.port,
         component: 'route-handler'
       });
       socket.end();
-      this.smartProxy.connectionManager.cleanupConnection(record, 'missing_target');
+      this.smartProxy.connectionManager.cleanupConnection(record, 'no_matching_target');
       return;
     }
 
@@ -759,9 +856,9 @@ export class RouteConnectionHandler {
 
     // Determine host using function or static value
     let targetHost: string | string[];
-    if (typeof action.target.host === 'function') {
+    if (typeof selectedTarget.host === 'function') {
       try {
-        targetHost = action.target.host(routeContext);
+        targetHost = selectedTarget.host(routeContext);
         if (this.smartProxy.settings.enableDetailedLogging) {
           logger.log('info', `Dynamic host resolved to ${Array.isArray(targetHost) ? targetHost.join(', ') : targetHost} for connection ${connectionId}`, {
             connectionId,
@@ -780,7 +877,7 @@ export class RouteConnectionHandler {
         return;
       }
     } else {
-      targetHost = action.target.host;
+      targetHost = selectedTarget.host;
     }
 
     // If an array of hosts, select one randomly for load balancing
@@ -790,9 +887,9 @@ export class RouteConnectionHandler {
 
     // Determine port using function or static value
     let targetPort: number;
-    if (typeof action.target.port === 'function') {
+    if (typeof selectedTarget.port === 'function') {
       try {
-        targetPort = action.target.port(routeContext);
+        targetPort = selectedTarget.port(routeContext);
         if (this.smartProxy.settings.enableDetailedLogging) {
           logger.log('info', `Dynamic port mapping from ${record.localPort} to ${targetPort} for connection ${connectionId}`, {
             connectionId,
@@ -813,20 +910,27 @@ export class RouteConnectionHandler {
         this.smartProxy.connectionManager.cleanupConnection(record, 'port_mapping_error');
         return;
       }
-    } else if (action.target.port === 'preserve') {
+    } else if (selectedTarget.port === 'preserve') {
       // Use incoming port if port is 'preserve'
       targetPort = record.localPort;
     } else {
       // Use static port from configuration
-      targetPort = action.target.port;
+      targetPort = selectedTarget.port;
     }
 
     // Store the resolved host in the context
     routeContext.targetHost = selectedHost;
 
+    // Get effective settings (target overrides route-level settings)
+    const effectiveTls = selectedTarget.tls || action.tls;
+    const effectiveWebsocket = selectedTarget.websocket || action.websocket;
+    const effectiveSendProxyProtocol = selectedTarget.sendProxyProtocol !== undefined 
+      ? selectedTarget.sendProxyProtocol 
+      : action.sendProxyProtocol;
+
     // Determine if this needs TLS handling
-    if (action.tls) {
-      switch (action.tls.mode) {
+    if (effectiveTls) {
+      switch (effectiveTls.mode) {
         case 'passthrough':
           // For TLS passthrough, just forward directly
           if (this.smartProxy.settings.enableDetailedLogging) {
@@ -853,9 +957,9 @@ export class RouteConnectionHandler {
           // For TLS termination, use HttpProxy
           if (this.smartProxy.httpProxyBridge.getHttpProxy()) {
             if (this.smartProxy.settings.enableDetailedLogging) {
-              logger.log('info', `Using HttpProxy for TLS termination to ${Array.isArray(action.target.host) ? action.target.host.join(', ') : action.target.host} for connection ${connectionId}`, {
+              logger.log('info', `Using HttpProxy for TLS termination to ${Array.isArray(selectedTarget.host) ? selectedTarget.host.join(', ') : selectedTarget.host} for connection ${connectionId}`, {
                 connectionId,
-                targetHost: action.target.host,
+                targetHost: selectedTarget.host,
                 component: 'route-handler'
               });
             }
@@ -929,10 +1033,10 @@ export class RouteConnectionHandler {
       } else {
         // Basic forwarding
         if (this.smartProxy.settings.enableDetailedLogging) {
-          logger.log('info', `Using basic forwarding to ${Array.isArray(action.target.host) ? action.target.host.join(', ') : action.target.host}:${action.target.port} for connection ${connectionId}`, {
+          logger.log('info', `Using basic forwarding to ${Array.isArray(selectedTarget.host) ? selectedTarget.host.join(', ') : selectedTarget.host}:${selectedTarget.port} for connection ${connectionId}`, {
             connectionId,
-            targetHost: action.target.host,
-            targetPort: action.target.port,
+            targetHost: selectedTarget.host,
+            targetPort: selectedTarget.port,
             component: 'route-handler'
           });
         }
@@ -940,27 +1044,27 @@ export class RouteConnectionHandler {
         // Get the appropriate host value
         let targetHost: string;
 
-        if (typeof action.target.host === 'function') {
+        if (typeof selectedTarget.host === 'function') {
           // For function-based host, use the same routeContext created earlier
-          const hostResult = action.target.host(routeContext);
+          const hostResult = selectedTarget.host(routeContext);
           targetHost = Array.isArray(hostResult)
             ? hostResult[Math.floor(Math.random() * hostResult.length)]
             : hostResult;
         } else {
           // For static host value
-          targetHost = Array.isArray(action.target.host)
-            ? action.target.host[Math.floor(Math.random() * action.target.host.length)]
-            : action.target.host;
+          targetHost = Array.isArray(selectedTarget.host)
+            ? selectedTarget.host[Math.floor(Math.random() * selectedTarget.host.length)]
+            : selectedTarget.host;
         }
 
         // Determine port - either function-based, static, or preserve incoming port
         let targetPort: number;
-        if (typeof action.target.port === 'function') {
-          targetPort = action.target.port(routeContext);
-        } else if (action.target.port === 'preserve') {
+        if (typeof selectedTarget.port === 'function') {
+          targetPort = selectedTarget.port(routeContext);
+        } else if (selectedTarget.port === 'preserve') {
           targetPort = record.localPort;
         } else {
-          targetPort = action.target.port;
+          targetPort = selectedTarget.port;
         }
 
         // Update the connection record and context with resolved values

package/ts/proxies/smart-proxy/utils/route-helpers.ts

@@ -42,7 +42,7 @@ export function createHttpRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Create the route config
@@ -82,7 +82,7 @@ export function createHttpsTerminateRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     tls: {
       mode: options.reencrypt ? 'terminate-and-reencrypt' : 'terminate',
       certificate: options.certificate || 'auto'
@@ -152,7 +152,7 @@ export function createHttpsPassthroughRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     tls: {
       mode: 'passthrough'
     }
@@ -243,7 +243,7 @@ export function createLoadBalancerRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Add TLS configuration if provided
@@ -303,7 +303,7 @@ export function createApiRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target
+    targets: [target]
   };
 
   // Add TLS configuration if using HTTPS
@@ -374,7 +374,7 @@ export function createWebSocketRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target,
+    targets: [target],
     websocket: {
       enabled: true,
       pingInterval: options.pingInterval || 30000, // 30 seconds
@@ -432,10 +432,10 @@ export function createPortMappingRoute(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: options.targetHost,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -500,10 +500,10 @@ export function createDynamicRoute(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: options.targetHost,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -548,10 +548,10 @@ export function createSmartLoadBalancer(options: {
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: hostSelector,
       port: options.portMapper
-    }
+    }]
   };
 
   // Create the route config
@@ -609,10 +609,10 @@ export function createNfTablesRoute(
   // Create route action
   const action: IRouteAction = {
     type: 'forward',
-    target: {
+    targets: [{
       host: target.host,
       port: target.port
-    },
+    }],
     forwardingEngine: 'nftables',
     nftables: {
       protocol: options.protocol || 'tcp',

package/ts/proxies/smart-proxy/utils/route-patterns.ts

@@ -24,10 +24,10 @@ export function createHttpRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      }
+      }]
     },
     name: options.name || `HTTP: ${Array.isArray(domains) ? domains.join(', ') : domains}`
   };
@@ -53,10 +53,10 @@ export function createHttpsTerminateRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      },
+      }],
       tls: {
         mode: options.reencrypt ? 'terminate-and-reencrypt' : 'terminate',
         certificate: options.certificate || 'auto'
@@ -83,10 +83,10 @@ export function createHttpsPassthroughRoute(
     },
     action: {
       type: 'forward',
-      target: {
+      targets: [{
         host: target.host,
         port: target.port
-      },
+      }],
       tls: {
         mode: 'passthrough'
       }

package/ts/proxies/smart-proxy/utils/route-utils.ts

@@ -66,12 +66,9 @@ export function mergeRouteConfigs(
       // Otherwise merge the action properties
       mergedRoute.action = { ...mergedRoute.action };
       
-      // Merge target
-      if (overrideRoute.action.target) {
-        mergedRoute.action.target = {
-          ...mergedRoute.action.target,
-          ...overrideRoute.action.target
-        };
+      // Merge targets
+      if (overrideRoute.action.targets) {
+        mergedRoute.action.targets = overrideRoute.action.targets;
       }
       
       // Merge TLS options

package/ts/proxies/smart-proxy/utils/route-validators.ts

@@ -102,29 +102,43 @@ export function validateRouteAction(action: IRouteAction): { valid: boolean; err
     errors.push(`Invalid action type: ${action.type}`);
   }
 
-  // Validate target for 'forward' action
+  // Validate targets for 'forward' action
   if (action.type === 'forward') {
-    if (!action.target) {
-      errors.push('Target is required for forward action');
+    if (!action.targets || !Array.isArray(action.targets) || action.targets.length === 0) {
+      errors.push('Targets array is required for forward action');
     } else {
-      // Validate target host
-      if (!action.target.host) {
-        errors.push('Target host is required');
-      } else if (typeof action.target.host !== 'string' &&
-                !Array.isArray(action.target.host) &&
-                typeof action.target.host !== 'function') {
-        errors.push('Target host must be a string, array of strings, or function');
-      }
+      // Validate each target
+      action.targets.forEach((target, index) => {
+        // Validate target host
+        if (!target.host) {
+          errors.push(`Target[${index}] host is required`);
+        } else if (typeof target.host !== 'string' &&
+                  !Array.isArray(target.host) &&
+                  typeof target.host !== 'function') {
+          errors.push(`Target[${index}] host must be a string, array of strings, or function`);
+        }
 
-      // Validate target port
-      if (action.target.port === undefined) {
-        errors.push('Target port is required');
-      } else if (typeof action.target.port !== 'number' &&
-                typeof action.target.port !== 'function') {
-        errors.push('Target port must be a number or a function');
-      } else if (typeof action.target.port === 'number' && !isValidPort(action.target.port)) {
-        errors.push('Target port must be between 1 and 65535');
-      }
+        // Validate target port
+        if (target.port === undefined) {
+          errors.push(`Target[${index}] port is required`);
+        } else if (typeof target.port !== 'number' &&
+                  typeof target.port !== 'function' &&
+                  target.port !== 'preserve') {
+          errors.push(`Target[${index}] port must be a number, 'preserve', or a function`);
+        } else if (typeof target.port === 'number' && !isValidPort(target.port)) {
+          errors.push(`Target[${index}] port must be between 1 and 65535`);
+        }
+        
+        // Validate match criteria if present
+        if (target.match) {
+          if (target.match.ports && !Array.isArray(target.match.ports)) {
+            errors.push(`Target[${index}] match.ports must be an array`);
+          }
+          if (target.match.method && !Array.isArray(target.match.method)) {
+            errors.push(`Target[${index}] match.method must be an array`);
+          }
+        }
+      });
     }
 
     // Validate TLS options for forward actions
@@ -242,7 +256,10 @@ export function hasRequiredPropertiesForAction(route: IRouteConfig, actionType:
 
   switch (actionType) {
     case 'forward':
-      return !!route.action.target && !!route.action.target.host && !!route.action.target.port;
+      return !!route.action.targets && 
+             Array.isArray(route.action.targets) && 
+             route.action.targets.length > 0 &&
+             route.action.targets.every(t => t.host && t.port !== undefined);
     case 'socket-handler':
       return !!route.action.socketHandler && typeof route.action.socketHandler === 'function';
     default: