@push.rocks/smartproxy 20.0.1 → 21.1.0

package/dist_ts/protocols/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Protocol-specific modules for smartproxy
+ *
+ * This directory contains generic protocol knowledge separated from
+ * smartproxy-specific implementation details.
+ */
+export * as common from './common/index.js';
+export * as tls from './tls/index.js';
+export * as http from './http/index.js';
+export * as proxy from './proxy/index.js';
+export * as websocket from './websocket/index.js';

package/dist_ts/protocols/index.js

@@ -0,0 +1,12 @@
+/**
+ * Protocol-specific modules for smartproxy
+ *
+ * This directory contains generic protocol knowledge separated from
+ * smartproxy-specific implementation details.
+ */
+export * as common from './common/index.js';
+export * as tls from './tls/index.js';
+export * as http from './http/index.js';
+export * as proxy from './proxy/index.js';
+export * as websocket from './websocket/index.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9wcm90b2NvbHMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7O0dBS0c7QUFFSCxPQUFPLEtBQUssTUFBTSxNQUFNLG1CQUFtQixDQUFDO0FBQzVDLE9BQU8sS0FBSyxHQUFHLE1BQU0sZ0JBQWdCLENBQUM7QUFDdEMsT0FBTyxLQUFLLElBQUksTUFBTSxpQkFBaUIsQ0FBQztBQUN4QyxPQUFPLEtBQUssS0FBSyxNQUFNLGtCQUFrQixDQUFDO0FBQzFDLE9BQU8sS0FBSyxTQUFTLE1BQU0sc0JBQXNCLENBQUMifQ==

package/dist_ts/protocols/proxy/index.d.ts

@@ -0,0 +1,6 @@
+/**
+ * PROXY Protocol Module
+ * HAProxy PROXY protocol implementation
+ */
+export * from './types.js';
+export * from './parser.js';

package/dist_ts/protocols/proxy/index.js

@@ -0,0 +1,7 @@
+/**
+ * PROXY Protocol Module
+ * HAProxy PROXY protocol implementation
+ */
+export * from './types.js';
+export * from './parser.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm90b2NvbHMvcHJveHkvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7OztHQUdHO0FBRUgsY0FBYyxZQUFZLENBQUM7QUFDM0IsY0FBYyxhQUFhLENBQUMifQ==

package/dist_ts/protocols/proxy/parser.d.ts

@@ -0,0 +1,44 @@
+/**
+ * PROXY Protocol Parser
+ * Implementation of HAProxy PROXY protocol v1 (text format)
+ * Spec: https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
+ */
+import type { IProxyInfo, IProxyParseResult, TProxyProtocol } from './types.js';
+/**
+ * PROXY protocol parser
+ */
+export declare class ProxyProtocolParser {
+    static readonly PROXY_V1_SIGNATURE = "PROXY ";
+    static readonly MAX_HEADER_LENGTH = 107;
+    static readonly HEADER_TERMINATOR = "\r\n";
+    /**
+     * Parse PROXY protocol v1 header from buffer
+     * Returns proxy info and remaining data after header
+     */
+    static parse(data: Buffer): IProxyParseResult;
+    /**
+     * Generate PROXY protocol v1 header
+     */
+    static generate(info: IProxyInfo): Buffer;
+    /**
+     * Validate IP address format
+     */
+    static isValidIP(ip: string, protocol: TProxyProtocol): boolean;
+    /**
+     * Check if string is valid IPv4
+     */
+    static isIPv4(ip: string): boolean;
+    /**
+     * Check if string is valid IPv6
+     */
+    static isIPv6(ip: string): boolean;
+    /**
+     * Create a connection ID string for tracking
+     */
+    static createConnectionId(connectionInfo: {
+        sourceIp?: string;
+        sourcePort?: number;
+        destIp?: string;
+        destPort?: number;
+    }): string;
+}

package/dist_ts/protocols/proxy/parser.js

@@ -0,0 +1,153 @@
+/**
+ * PROXY Protocol Parser
+ * Implementation of HAProxy PROXY protocol v1 (text format)
+ * Spec: https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
+ */
+/**
+ * PROXY protocol parser
+ */
+export class ProxyProtocolParser {
+    static { this.PROXY_V1_SIGNATURE = 'PROXY '; }
+    static { this.MAX_HEADER_LENGTH = 107; } // Max length for v1 header
+    static { this.HEADER_TERMINATOR = '\r\n'; }
+    /**
+     * Parse PROXY protocol v1 header from buffer
+     * Returns proxy info and remaining data after header
+     */
+    static parse(data) {
+        // Check if buffer starts with PROXY signature
+        if (!data.toString('ascii', 0, 6).startsWith(this.PROXY_V1_SIGNATURE)) {
+            return {
+                proxyInfo: null,
+                remainingData: data
+            };
+        }
+        // Find header terminator
+        const headerEndIndex = data.indexOf(this.HEADER_TERMINATOR);
+        if (headerEndIndex === -1) {
+            // Header incomplete, need more data
+            if (data.length > this.MAX_HEADER_LENGTH) {
+                // Header too long, invalid
+                throw new Error('PROXY protocol header exceeds maximum length');
+            }
+            return {
+                proxyInfo: null,
+                remainingData: data
+            };
+        }
+        // Extract header line
+        const headerLine = data.toString('ascii', 0, headerEndIndex);
+        const remainingData = data.slice(headerEndIndex + 2); // Skip \r\n
+        // Parse header
+        const parts = headerLine.split(' ');
+        if (parts.length < 2) {
+            throw new Error(`Invalid PROXY protocol header format: ${headerLine}`);
+        }
+        const [signature, protocol] = parts;
+        // Validate protocol
+        if (!['TCP4', 'TCP6', 'UNKNOWN'].includes(protocol)) {
+            throw new Error(`Invalid PROXY protocol: ${protocol}`);
+        }
+        // For UNKNOWN protocol, ignore addresses
+        if (protocol === 'UNKNOWN') {
+            return {
+                proxyInfo: {
+                    protocol: 'UNKNOWN',
+                    sourceIP: '',
+                    sourcePort: 0,
+                    destinationIP: '',
+                    destinationPort: 0
+                },
+                remainingData
+            };
+        }
+        // For TCP4/TCP6, we need all 6 parts
+        if (parts.length !== 6) {
+            throw new Error(`Invalid PROXY protocol header format: ${headerLine}`);
+        }
+        const [, , srcIP, dstIP, srcPort, dstPort] = parts;
+        // Validate and parse ports
+        const sourcePort = parseInt(srcPort, 10);
+        const destinationPort = parseInt(dstPort, 10);
+        if (isNaN(sourcePort) || sourcePort < 0 || sourcePort > 65535) {
+            throw new Error(`Invalid source port: ${srcPort}`);
+        }
+        if (isNaN(destinationPort) || destinationPort < 0 || destinationPort > 65535) {
+            throw new Error(`Invalid destination port: ${dstPort}`);
+        }
+        // Validate IP addresses
+        const protocolType = protocol;
+        if (!this.isValidIP(srcIP, protocolType)) {
+            throw new Error(`Invalid source IP for ${protocol}: ${srcIP}`);
+        }
+        if (!this.isValidIP(dstIP, protocolType)) {
+            throw new Error(`Invalid destination IP for ${protocol}: ${dstIP}`);
+        }
+        return {
+            proxyInfo: {
+                protocol: protocolType,
+                sourceIP: srcIP,
+                sourcePort,
+                destinationIP: dstIP,
+                destinationPort
+            },
+            remainingData
+        };
+    }
+    /**
+     * Generate PROXY protocol v1 header
+     */
+    static generate(info) {
+        if (info.protocol === 'UNKNOWN') {
+            return Buffer.from(`PROXY UNKNOWN\r\n`, 'ascii');
+        }
+        const header = `PROXY ${info.protocol} ${info.sourceIP} ${info.destinationIP} ${info.sourcePort} ${info.destinationPort}\r\n`;
+        if (header.length > this.MAX_HEADER_LENGTH) {
+            throw new Error('Generated PROXY protocol header exceeds maximum length');
+        }
+        return Buffer.from(header, 'ascii');
+    }
+    /**
+     * Validate IP address format
+     */
+    static isValidIP(ip, protocol) {
+        if (protocol === 'TCP4') {
+            return this.isIPv4(ip);
+        }
+        else if (protocol === 'TCP6') {
+            return this.isIPv6(ip);
+        }
+        return false;
+    }
+    /**
+     * Check if string is valid IPv4
+     */
+    static isIPv4(ip) {
+        const parts = ip.split('.');
+        if (parts.length !== 4)
+            return false;
+        for (const part of parts) {
+            const num = parseInt(part, 10);
+            if (isNaN(num) || num < 0 || num > 255 || part !== num.toString()) {
+                return false;
+            }
+        }
+        return true;
+    }
+    /**
+     * Check if string is valid IPv6
+     */
+    static isIPv6(ip) {
+        // Basic IPv6 validation
+        const ipv6Regex = /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/;
+        return ipv6Regex.test(ip);
+    }
+    /**
+     * Create a connection ID string for tracking
+     */
+    static createConnectionId(connectionInfo) {
+        const { sourceIp, sourcePort, destIp, destPort } = connectionInfo;
+        return `${sourceIp}:${sourcePort}-${destIp}:${destPort}`;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFyc2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvcHJvdG9jb2xzL3Byb3h5L3BhcnNlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7OztHQUlHO0FBSUg7O0dBRUc7QUFDSCxNQUFNLE9BQU8sbUJBQW1CO2FBQ2QsdUJBQWtCLEdBQUcsUUFBUSxDQUFDO2FBQzlCLHNCQUFpQixHQUFHLEdBQUcsQ0FBQyxHQUFDLDJCQUEyQjthQUNwRCxzQkFBaUIsR0FBRyxNQUFNLENBQUM7SUFFM0M7OztPQUdHO0lBQ0gsTUFBTSxDQUFDLEtBQUssQ0FBQyxJQUFZO1FBQ3ZCLDhDQUE4QztRQUM5QyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO1lBQ3RFLE9BQU87Z0JBQ0wsU0FBUyxFQUFFLElBQUk7Z0JBQ2YsYUFBYSxFQUFFLElBQUk7YUFDcEIsQ0FBQztRQUNKLENBQUM7UUFFRCx5QkFBeUI7UUFDekIsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUM1RCxJQUFJLGNBQWMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDO1lBQzFCLG9DQUFvQztZQUNwQyxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7Z0JBQ3pDLDJCQUEyQjtnQkFDM0IsTUFBTSxJQUFJLEtBQUssQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO1lBQ2xFLENBQUM7WUFDRCxPQUFPO2dCQUNMLFNBQVMsRUFBRSxJQUFJO2dCQUNmLGFBQWEsRUFBRSxJQUFJO2FBQ3BCLENBQUM7UUFDSixDQUFDO1FBRUQsc0JBQXNCO1FBQ3RCLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsT0FBTyxFQUFFLENBQUMsRUFBRSxjQUFjLENBQUMsQ0FBQztRQUM3RCxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLGNBQWMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLFlBQVk7UUFFbEUsZUFBZTtRQUNmLE1BQU0sS0FBSyxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFcEMsSUFBSSxLQUFLLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3JCLE1BQU0sSUFBSSxLQUFLLENBQUMseUNBQXlDLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFDekUsQ0FBQztRQUVELE1BQU0sQ0FBQyxTQUFTLEVBQUUsUUFBUSxDQUFDLEdBQUcsS0FBSyxDQUFDO1FBRXBDLG9CQUFvQjtRQUNwQixJQUFJLENBQUMsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLFNBQVMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDO1lBQ3BELE1BQU0sSUFBSSxLQUFLLENBQUMsMkJBQTJCLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFDekQsQ0FBQztRQUVELHlDQUF5QztRQUN6QyxJQUFJLFFBQVEsS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUMzQixPQUFPO2dCQUNMLFNBQVMsRUFBRTtvQkFDVCxRQUFRLEVBQUUsU0FBUztvQkFDbkIsUUFBUSxFQUFFLEVBQUU7b0JBQ1osVUFBVSxFQUFFLENBQUM7b0JBQ2IsYUFBYSxFQUFFLEVBQUU7b0JBQ2pCLGVBQWUsRUFBRSxDQUFDO2lCQUNuQjtnQkFDRCxhQUFhO2FBQ2QsQ0FBQztRQUNKLENBQUM7UUFFRCxxQ0FBcUM7UUFDckMsSUFBSSxLQUFLLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSxLQUFLLENBQUMseUNBQXlDLFVBQVUsRUFBRSxDQUFDLENBQUM7UUFDekUsQ0FBQztRQUVELE1BQU0sQ0FBQyxFQUFFLEFBQUQsRUFBRyxLQUFLLEVBQUUsS0FBSyxFQUFFLE9BQU8sRUFBRSxPQUFPLENBQUMsR0FBRyxLQUFLLENBQUM7UUFFbkQsMkJBQTJCO1FBQzNCLE1BQU0sVUFBVSxHQUFHLFFBQVEsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDekMsTUFBTSxlQUFlLEdBQUcsUUFBUSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsQ0FBQztRQUU5QyxJQUFJLEtBQUssQ0FBQyxVQUFVLENBQUMsSUFBSSxVQUFVLEdBQUcsQ0FBQyxJQUFJLFVBQVUsR0FBRyxLQUFLLEVBQUUsQ0FBQztZQUM5RCxNQUFNLElBQUksS0FBSyxDQUFDLHdCQUF3QixPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ3JELENBQUM7UUFFRCxJQUFJLEtBQUssQ0FBQyxlQUFlLENBQUMsSUFBSSxlQUFlLEdBQUcsQ0FBQyxJQUFJLGVBQWUsR0FBRyxLQUFLLEVBQUUsQ0FBQztZQUM3RSxNQUFNLElBQUksS0FBSyxDQUFDLDZCQUE2QixPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQzFELENBQUM7UUFFRCx3QkFBd0I7UUFDeEIsTUFBTSxZQUFZLEdBQUcsUUFBMEIsQ0FBQztRQUNoRCxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsWUFBWSxDQUFDLEVBQUUsQ0FBQztZQUN6QyxNQUFNLElBQUksS0FBSyxDQUFDLHlCQUF5QixRQUFRLEtBQUssS0FBSyxFQUFFLENBQUMsQ0FBQztRQUNqRSxDQUFDO1FBRUQsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLFlBQVksQ0FBQyxFQUFFLENBQUM7WUFDekMsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsUUFBUSxLQUFLLEtBQUssRUFBRSxDQUFDLENBQUM7UUFDdEUsQ0FBQztRQUVELE9BQU87WUFDTCxTQUFTLEVBQUU7Z0JBQ1QsUUFBUSxFQUFFLFlBQVk7Z0JBQ3RCLFFBQVEsRUFBRSxLQUFLO2dCQUNmLFVBQVU7Z0JBQ1YsYUFBYSxFQUFFLEtBQUs7Z0JBQ3BCLGVBQWU7YUFDaEI7WUFDRCxhQUFhO1NBQ2QsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBZ0I7UUFDOUIsSUFBSSxJQUFJLENBQUMsUUFBUSxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQ2hDLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUNuRCxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsU0FBUyxJQUFJLENBQUMsUUFBUSxJQUFJLElBQUksQ0FBQyxRQUFRLElBQUksSUFBSSxDQUFDLGFBQWEsSUFBSSxJQUFJLENBQUMsVUFBVSxJQUFJLElBQUksQ0FBQyxlQUFlLE1BQU0sQ0FBQztRQUU5SCxJQUFJLE1BQU0sQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7WUFDM0MsTUFBTSxJQUFJLEtBQUssQ0FBQyx3REFBd0QsQ0FBQyxDQUFDO1FBQzVFLENBQUM7UUFFRCxPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxTQUFTLENBQUMsRUFBVSxFQUFFLFFBQXdCO1FBQ25ELElBQUksUUFBUSxLQUFLLE1BQU0sRUFBRSxDQUFDO1lBQ3hCLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUN6QixDQUFDO2FBQU0sSUFBSSxRQUFRLEtBQUssTUFBTSxFQUFFLENBQUM7WUFDL0IsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3pCLENBQUM7UUFDRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBVTtRQUN0QixNQUFNLEtBQUssR0FBRyxFQUFFLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzVCLElBQUksS0FBSyxDQUFDLE1BQU0sS0FBSyxDQUFDO1lBQUUsT0FBTyxLQUFLLENBQUM7UUFFckMsS0FBSyxNQUFNLElBQUksSUFBSSxLQUFLLEVBQUUsQ0FBQztZQUN6QixNQUFNLEdBQUcsR0FBRyxRQUFRLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQy9CLElBQUksS0FBSyxDQUFDLEdBQUcsQ0FBQyxJQUFJLEdBQUcsR0FBRyxDQUFDLElBQUksR0FBRyxHQUFHLEdBQUcsSUFBSSxJQUFJLEtBQUssR0FBRyxDQUFDLFFBQVEsRUFBRSxFQUFFLENBQUM7Z0JBQ2xFLE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztRQUNILENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBVTtRQUN0Qix3QkFBd0I7UUFDeEIsTUFBTSxTQUFTLEdBQUcsaXBCQUFpcEIsQ0FBQztRQUNwcUIsT0FBTyxTQUFTLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQzVCLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxjQUt6QjtRQUNDLE1BQU0sRUFBRSxRQUFRLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBRSxRQUFRLEVBQUUsR0FBRyxjQUFjLENBQUM7UUFDbEUsT0FBTyxHQUFHLFFBQVEsSUFBSSxVQUFVLElBQUksTUFBTSxJQUFJLFFBQVEsRUFBRSxDQUFDO0lBQzNELENBQUMifQ==

package/dist_ts/protocols/proxy/types.d.ts

@@ -0,0 +1,47 @@
+/**
+ * PROXY Protocol Type Definitions
+ * Based on HAProxy PROXY protocol specification
+ */
+/**
+ * PROXY protocol version
+ */
+export type TProxyProtocolVersion = 'v1' | 'v2';
+/**
+ * Connection protocol type
+ */
+export type TProxyProtocol = 'TCP4' | 'TCP6' | 'UNKNOWN';
+/**
+ * Interface representing parsed PROXY protocol information
+ */
+export interface IProxyInfo {
+    protocol: TProxyProtocol;
+    sourceIP: string;
+    sourcePort: number;
+    destinationIP: string;
+    destinationPort: number;
+}
+/**
+ * Interface for parse result including remaining data
+ */
+export interface IProxyParseResult {
+    proxyInfo: IProxyInfo | null;
+    remainingData: Buffer;
+}
+/**
+ * PROXY protocol v2 header format
+ */
+export interface IProxyV2Header {
+    signature: Buffer;
+    versionCommand: number;
+    family: number;
+    length: number;
+}
+/**
+ * Connection information for PROXY protocol
+ */
+export interface IProxyConnectionInfo {
+    sourceIp?: string;
+    sourcePort?: number;
+    destIp?: string;
+    destPort?: number;
+}

package/dist_ts/protocols/proxy/types.js

@@ -0,0 +1,6 @@
+/**
+ * PROXY Protocol Type Definitions
+ * Based on HAProxy PROXY protocol specification
+ */
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm90b2NvbHMvcHJveHkvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7OztHQUdHIn0=

package/dist_ts/protocols/tls/alerts/index.d.ts

@@ -0,0 +1,4 @@
+export {};
+/**
+ * TLS alerts
+ */

package/dist_ts/protocols/tls/alerts/index.js

@@ -0,0 +1,5 @@
+export {};
+/**
+ * TLS alerts
+ */
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm90b2NvbHMvdGxzL2FsZXJ0cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7O0dBRUcifQ==

package/dist_ts/protocols/tls/alerts/tls-alert.d.ts

@@ -0,0 +1,150 @@
+import * as plugins from '../../../plugins.js';
+import { TlsAlertLevel, TlsAlertDescription } from '../utils/tls-utils.js';
+/**
+ * TlsAlert class for creating and sending TLS alert messages
+ */
+export declare class TlsAlert {
+    static readonly LEVEL_WARNING = TlsAlertLevel.WARNING;
+    static readonly LEVEL_FATAL = TlsAlertLevel.FATAL;
+    static readonly CLOSE_NOTIFY = TlsAlertDescription.CLOSE_NOTIFY;
+    static readonly UNEXPECTED_MESSAGE = TlsAlertDescription.UNEXPECTED_MESSAGE;
+    static readonly BAD_RECORD_MAC = TlsAlertDescription.BAD_RECORD_MAC;
+    static readonly DECRYPTION_FAILED = TlsAlertDescription.DECRYPTION_FAILED;
+    static readonly RECORD_OVERFLOW = TlsAlertDescription.RECORD_OVERFLOW;
+    static readonly DECOMPRESSION_FAILURE = TlsAlertDescription.DECOMPRESSION_FAILURE;
+    static readonly HANDSHAKE_FAILURE = TlsAlertDescription.HANDSHAKE_FAILURE;
+    static readonly NO_CERTIFICATE = TlsAlertDescription.NO_CERTIFICATE;
+    static readonly BAD_CERTIFICATE = TlsAlertDescription.BAD_CERTIFICATE;
+    static readonly UNSUPPORTED_CERTIFICATE = TlsAlertDescription.UNSUPPORTED_CERTIFICATE;
+    static readonly CERTIFICATE_REVOKED = TlsAlertDescription.CERTIFICATE_REVOKED;
+    static readonly CERTIFICATE_EXPIRED = TlsAlertDescription.CERTIFICATE_EXPIRED;
+    static readonly CERTIFICATE_UNKNOWN = TlsAlertDescription.CERTIFICATE_UNKNOWN;
+    static readonly ILLEGAL_PARAMETER = TlsAlertDescription.ILLEGAL_PARAMETER;
+    static readonly UNKNOWN_CA = TlsAlertDescription.UNKNOWN_CA;
+    static readonly ACCESS_DENIED = TlsAlertDescription.ACCESS_DENIED;
+    static readonly DECODE_ERROR = TlsAlertDescription.DECODE_ERROR;
+    static readonly DECRYPT_ERROR = TlsAlertDescription.DECRYPT_ERROR;
+    static readonly EXPORT_RESTRICTION = TlsAlertDescription.EXPORT_RESTRICTION;
+    static readonly PROTOCOL_VERSION = TlsAlertDescription.PROTOCOL_VERSION;
+    static readonly INSUFFICIENT_SECURITY = TlsAlertDescription.INSUFFICIENT_SECURITY;
+    static readonly INTERNAL_ERROR = TlsAlertDescription.INTERNAL_ERROR;
+    static readonly INAPPROPRIATE_FALLBACK = TlsAlertDescription.INAPPROPRIATE_FALLBACK;
+    static readonly USER_CANCELED = TlsAlertDescription.USER_CANCELED;
+    static readonly NO_RENEGOTIATION = TlsAlertDescription.NO_RENEGOTIATION;
+    static readonly MISSING_EXTENSION = TlsAlertDescription.MISSING_EXTENSION;
+    static readonly UNSUPPORTED_EXTENSION = TlsAlertDescription.UNSUPPORTED_EXTENSION;
+    static readonly CERTIFICATE_REQUIRED = TlsAlertDescription.CERTIFICATE_REQUIRED;
+    static readonly UNRECOGNIZED_NAME = TlsAlertDescription.UNRECOGNIZED_NAME;
+    static readonly BAD_CERTIFICATE_STATUS_RESPONSE = TlsAlertDescription.BAD_CERTIFICATE_STATUS_RESPONSE;
+    static readonly BAD_CERTIFICATE_HASH_VALUE = TlsAlertDescription.BAD_CERTIFICATE_HASH_VALUE;
+    static readonly UNKNOWN_PSK_IDENTITY = TlsAlertDescription.UNKNOWN_PSK_IDENTITY;
+    static readonly CERTIFICATE_REQUIRED_1_3 = TlsAlertDescription.CERTIFICATE_REQUIRED_1_3;
+    static readonly NO_APPLICATION_PROTOCOL = TlsAlertDescription.NO_APPLICATION_PROTOCOL;
+    /**
+     * Create a TLS alert buffer with the specified level and description code
+     *
+     * @param level Alert level (warning or fatal)
+     * @param description Alert description code
+     * @param tlsVersion TLS version bytes (default is TLS 1.2: 0x0303)
+     * @returns Buffer containing the TLS alert message
+     */
+    static create(level: number, description: number, tlsVersion?: [number, number]): Buffer;
+    /**
+     * Create a warning-level TLS alert
+     *
+     * @param description Alert description code
+     * @returns Buffer containing the warning-level TLS alert message
+     */
+    static createWarning(description: number): Buffer;
+    /**
+     * Create a fatal-level TLS alert
+     *
+     * @param description Alert description code
+     * @returns Buffer containing the fatal-level TLS alert message
+     */
+    static createFatal(description: number): Buffer;
+    /**
+     * Send a TLS alert to a socket and optionally close the connection
+     *
+     * @param socket The socket to send the alert to
+     * @param level Alert level (warning or fatal)
+     * @param description Alert description code
+     * @param closeAfterSend Whether to close the connection after sending the alert
+     * @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
+     * @returns Promise that resolves when the alert has been sent
+     */
+    static send(socket: plugins.net.Socket, level: number, description: number, closeAfterSend?: boolean, closeDelay?: number): Promise<void>;
+    /**
+     * Pre-defined TLS alert messages
+     */
+    static readonly alerts: {
+        closeNotify: Buffer<ArrayBufferLike>;
+        unsupportedExtension: Buffer<ArrayBufferLike>;
+        certificateRequired: Buffer<ArrayBufferLike>;
+        unrecognizedName: Buffer<ArrayBufferLike>;
+        noRenegotiation: Buffer<ArrayBufferLike>;
+        userCanceled: Buffer<ArrayBufferLike>;
+        certificateExpiredWarning: Buffer<ArrayBufferLike>;
+        handshakeFailureWarning: Buffer<ArrayBufferLike>;
+        insufficientSecurityWarning: Buffer<ArrayBufferLike>;
+        unexpectedMessage: Buffer<ArrayBufferLike>;
+        badRecordMac: Buffer<ArrayBufferLike>;
+        recordOverflow: Buffer<ArrayBufferLike>;
+        handshakeFailure: Buffer<ArrayBufferLike>;
+        badCertificate: Buffer<ArrayBufferLike>;
+        certificateExpired: Buffer<ArrayBufferLike>;
+        certificateUnknown: Buffer<ArrayBufferLike>;
+        illegalParameter: Buffer<ArrayBufferLike>;
+        unknownCA: Buffer<ArrayBufferLike>;
+        accessDenied: Buffer<ArrayBufferLike>;
+        decodeError: Buffer<ArrayBufferLike>;
+        decryptError: Buffer<ArrayBufferLike>;
+        protocolVersion: Buffer<ArrayBufferLike>;
+        insufficientSecurity: Buffer<ArrayBufferLike>;
+        internalError: Buffer<ArrayBufferLike>;
+        unrecognizedNameFatal: Buffer<ArrayBufferLike>;
+    };
+    /**
+     * Utility method to send a warning-level unrecognized_name alert
+     * Specifically designed for SNI issues to encourage the client to retry with SNI
+     *
+     * @param socket The socket to send the alert to
+     * @returns Promise that resolves when the alert has been sent
+     */
+    static sendSniRequired(socket: plugins.net.Socket): Promise<void>;
+    /**
+     * Utility method to send a close_notify alert and close the connection
+     *
+     * @param socket The socket to send the alert to
+     * @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
+     * @returns Promise that resolves when the alert has been sent and the connection closed
+     */
+    static sendCloseNotify(socket: plugins.net.Socket, closeDelay?: number): Promise<void>;
+    /**
+     * Utility method to send a certificate_expired alert to force new TLS session
+     *
+     * @param socket The socket to send the alert to
+     * @param fatal Whether to send as a fatal alert (default: false)
+     * @param closeAfterSend Whether to close the connection after sending the alert (default: true)
+     * @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
+     * @returns Promise that resolves when the alert has been sent
+     */
+    static sendCertificateExpired(socket: plugins.net.Socket, fatal?: boolean, closeAfterSend?: boolean, closeDelay?: number): Promise<void>;
+    /**
+     * Send a sequence of alerts to force SNI from clients
+     * This combines multiple alerts to ensure maximum browser compatibility
+     *
+     * @param socket The socket to send the alerts to
+     * @returns Promise that resolves when all alerts have been sent
+     */
+    static sendForceSniSequence(socket: plugins.net.Socket): Promise<void>;
+    /**
+     * Send a fatal level alert that immediately terminates the connection
+     *
+     * @param socket The socket to send the alert to
+     * @param description Alert description code
+     * @param closeDelay Milliseconds to wait before closing the connection (default: 100ms)
+     * @returns Promise that resolves when the alert has been sent and the connection closed
+     */
+    static sendFatalAndClose(socket: plugins.net.Socket, description: number, closeDelay?: number): Promise<void>;
+}