@push.rocks/smartproxy 21.0.0 → 21.1.0

package/ts/detection/models/interfaces.ts

@@ -0,0 +1,115 @@
+/**
+ * Interface definitions for protocol detection components
+ */
+
+import type { IDetectionResult, IDetectionOptions } from './detection-types.js';
+
+/**
+ * Interface for protocol detectors
+ */
+export interface IProtocolDetector {
+  /**
+   * Detect protocol from buffer data
+   * @param buffer The buffer to analyze
+   * @param options Detection options
+   * @returns Detection result or null if protocol cannot be determined
+   */
+  detect(buffer: Buffer, options?: IDetectionOptions): IDetectionResult | null;
+  
+  /**
+   * Check if buffer potentially contains this protocol
+   * @param buffer The buffer to check
+   * @returns True if buffer might contain this protocol
+   */
+  canHandle(buffer: Buffer): boolean;
+  
+  /**
+   * Get the minimum bytes needed for detection
+   */
+  getMinimumBytes(): number;
+}
+
+/**
+ * Interface for connection tracking during fragmented detection
+ */
+export interface IConnectionTracker {
+  /**
+   * Connection identifier
+   */
+  id: string;
+  
+  /**
+   * Accumulated buffer data
+   */
+  buffer: Buffer;
+  
+  /**
+   * Timestamp of first data
+   */
+  startTime: number;
+  
+  /**
+   * Current detection state
+   */
+  state: 'detecting' | 'complete' | 'failed';
+  
+  /**
+   * Partial detection result (if any)
+   */
+  partialResult?: Partial<IDetectionResult>;
+}
+
+/**
+ * Interface for buffer accumulator (handles fragmented data)
+ */
+export interface IBufferAccumulator {
+  /**
+   * Add data to accumulator
+   */
+  append(data: Buffer): void;
+  
+  /**
+   * Get accumulated buffer
+   */
+  getBuffer(): Buffer;
+  
+  /**
+   * Get buffer length
+   */
+  length(): number;
+  
+  /**
+   * Clear accumulated data
+   */
+  clear(): void;
+  
+  /**
+   * Check if accumulator has enough data
+   */
+  hasMinimumBytes(minBytes: number): boolean;
+}
+
+/**
+ * Detection events
+ */
+export interface IDetectionEvents {
+  /**
+   * Emitted when protocol is successfully detected
+   */
+  detected: (result: IDetectionResult) => void;
+  
+  /**
+   * Emitted when detection fails
+   */
+  failed: (error: Error) => void;
+  
+  /**
+   * Emitted when detection times out
+   */
+  timeout: () => void;
+  
+  /**
+   * Emitted when more data is needed
+   */
+  needMoreData: (bytesNeeded: number) => void;
+}

package/ts/detection/protocol-detector.ts

@@ -0,0 +1,230 @@
+/**
+ * Protocol Detector
+ * 
+ * Simplified protocol detection using the new architecture
+ */
+
+import type { IDetectionResult, IDetectionOptions } from './models/detection-types.js';
+import type { IConnectionContext } from '../protocols/common/types.js';
+import { TlsDetector } from './detectors/tls-detector.js';
+import { HttpDetector } from './detectors/http-detector.js';
+import { DetectionFragmentManager } from './utils/fragment-manager.js';
+
+/**
+ * Main protocol detector class
+ */
+export class ProtocolDetector {
+  private static instance: ProtocolDetector;
+  private fragmentManager: DetectionFragmentManager;
+  private tlsDetector: TlsDetector;
+  private httpDetector: HttpDetector;
+  
+  constructor() {
+    this.fragmentManager = new DetectionFragmentManager();
+    this.tlsDetector = new TlsDetector(this.fragmentManager);
+    this.httpDetector = new HttpDetector(this.fragmentManager);
+  }
+  
+  private static getInstance(): ProtocolDetector {
+    if (!this.instance) {
+      this.instance = new ProtocolDetector();
+    }
+    return this.instance;
+  }
+  
+  /**
+   * Detect protocol from buffer data
+   */
+  static async detect(buffer: Buffer, options?: IDetectionOptions): Promise<IDetectionResult> {
+    return this.getInstance().detectInstance(buffer, options);
+  }
+  
+  private async detectInstance(buffer: Buffer, options?: IDetectionOptions): Promise<IDetectionResult> {
+    // Quick sanity check
+    if (!buffer || buffer.length === 0) {
+      return {
+        protocol: 'unknown',
+        connectionInfo: { protocol: 'unknown' },
+        isComplete: true
+      };
+    }
+    
+    // Try TLS detection first (more specific)
+    if (this.tlsDetector.canHandle(buffer)) {
+      const tlsResult = this.tlsDetector.detect(buffer, options);
+      if (tlsResult) {
+        return tlsResult;
+      }
+    }
+    
+    // Try HTTP detection
+    if (this.httpDetector.canHandle(buffer)) {
+      const httpResult = this.httpDetector.detect(buffer, options);
+      if (httpResult) {
+        return httpResult;
+      }
+    }
+    
+    // Neither TLS nor HTTP
+    return {
+      protocol: 'unknown',
+      connectionInfo: { protocol: 'unknown' },
+      isComplete: true
+    };
+  }
+  
+  /**
+   * Detect protocol with connection tracking for fragmented data
+   * @deprecated Use detectWithContext instead
+   */
+  static async detectWithConnectionTracking(
+    buffer: Buffer,
+    connectionId: string,
+    options?: IDetectionOptions
+  ): Promise<IDetectionResult> {
+    // Convert connection ID to context
+    const context: IConnectionContext = {
+      id: connectionId,
+      sourceIp: 'unknown',
+      sourcePort: 0,
+      destIp: 'unknown',
+      destPort: 0,
+      timestamp: Date.now()
+    };
+    
+    return this.getInstance().detectWithContextInstance(buffer, context, options);
+  }
+  
+  /**
+   * Detect protocol with connection context for fragmented data
+   */
+  static async detectWithContext(
+    buffer: Buffer,
+    context: IConnectionContext,
+    options?: IDetectionOptions
+  ): Promise<IDetectionResult> {
+    return this.getInstance().detectWithContextInstance(buffer, context, options);
+  }
+  
+  private async detectWithContextInstance(
+    buffer: Buffer,
+    context: IConnectionContext,
+    options?: IDetectionOptions
+  ): Promise<IDetectionResult> {
+    // Quick sanity check
+    if (!buffer || buffer.length === 0) {
+      return {
+        protocol: 'unknown',
+        connectionInfo: { protocol: 'unknown' },
+        isComplete: true
+      };
+    }
+    
+    // First peek to determine protocol type
+    if (this.tlsDetector.canHandle(buffer)) {
+      const result = this.tlsDetector.detectWithContext(buffer, context, options);
+      if (result) {
+        return result;
+      }
+    }
+    
+    if (this.httpDetector.canHandle(buffer)) {
+      const result = this.httpDetector.detectWithContext(buffer, context, options);
+      if (result) {
+        return result;
+      }
+    }
+    
+    // Can't determine protocol
+    return {
+      protocol: 'unknown',
+      connectionInfo: { protocol: 'unknown' },
+      isComplete: false,
+      bytesNeeded: Math.max(
+        this.tlsDetector.getMinimumBytes(),
+        this.httpDetector.getMinimumBytes()
+      )
+    };
+  }
+  
+  /**
+   * Clean up resources
+   */
+  static cleanup(): void {
+    this.getInstance().cleanupInstance();
+  }
+  
+  private cleanupInstance(): void {
+    this.fragmentManager.cleanup();
+  }
+  
+  /**
+   * Destroy detector instance
+   */
+  static destroy(): void {
+    this.getInstance().destroyInstance();
+    this.instance = null as any;
+  }
+  
+  private destroyInstance(): void {
+    this.fragmentManager.destroy();
+  }
+  
+  /**
+   * Clean up old connection tracking entries
+   * 
+   * @param maxAge Maximum age in milliseconds (default: 30 seconds)
+   */
+  static cleanupConnections(maxAge: number = 30000): void {
+    // Cleanup is now handled internally by the fragment manager
+    this.getInstance().fragmentManager.cleanup();
+  }
+  
+  /**
+   * Extract domain from connection info
+   */
+  static extractDomain(connectionInfo: any): string | undefined {
+    return connectionInfo.domain || connectionInfo.sni || connectionInfo.host;
+  }
+  
+  /**
+   * Create a connection ID from connection parameters
+   * @deprecated Use createConnectionContext instead
+   */
+  static createConnectionId(params: {
+    sourceIp?: string;
+    sourcePort?: number;
+    destIp?: string;
+    destPort?: number;
+    socketId?: string;
+  }): string {
+    // If socketId is provided, use it
+    if (params.socketId) {
+      return params.socketId;
+    }
+    
+    // Otherwise create from connection tuple
+    const { sourceIp = 'unknown', sourcePort = 0, destIp = 'unknown', destPort = 0 } = params;
+    return `${sourceIp}:${sourcePort}-${destIp}:${destPort}`;
+  }
+  
+  /**
+   * Create a connection context from parameters
+   */
+  static createConnectionContext(params: {
+    sourceIp?: string;
+    sourcePort?: number;
+    destIp?: string;
+    destPort?: number;
+    socketId?: string;
+  }): IConnectionContext {
+    return {
+      id: params.socketId,
+      sourceIp: params.sourceIp || 'unknown',
+      sourcePort: params.sourcePort || 0,
+      destIp: params.destIp || 'unknown',
+      destPort: params.destPort || 0,
+      timestamp: Date.now()
+    };
+  }
+}

package/ts/detection/utils/buffer-utils.ts

@@ -0,0 +1,141 @@
+/**
+ * Buffer manipulation utilities for protocol detection
+ */
+
+// Import from protocols
+import { HttpParser } from '../../protocols/http/index.js';
+
+/**
+ * BufferAccumulator class for handling fragmented data
+ */
+export class BufferAccumulator {
+  private chunks: Buffer[] = [];
+  private totalLength = 0;
+  
+  /**
+   * Append data to the accumulator
+   */
+  append(data: Buffer): void {
+    this.chunks.push(data);
+    this.totalLength += data.length;
+  }
+  
+  /**
+   * Get the accumulated buffer
+   */
+  getBuffer(): Buffer {
+    if (this.chunks.length === 0) {
+      return Buffer.alloc(0);
+    }
+    if (this.chunks.length === 1) {
+      return this.chunks[0];
+    }
+    return Buffer.concat(this.chunks, this.totalLength);
+  }
+  
+  /**
+   * Get current buffer length
+   */
+  length(): number {
+    return this.totalLength;
+  }
+  
+  /**
+   * Clear all accumulated data
+   */
+  clear(): void {
+    this.chunks = [];
+    this.totalLength = 0;
+  }
+  
+  /**
+   * Check if accumulator has minimum bytes
+   */
+  hasMinimumBytes(minBytes: number): boolean {
+    return this.totalLength >= minBytes;
+  }
+}
+
+/**
+ * Read a big-endian 16-bit integer from buffer
+ */
+export function readUInt16BE(buffer: Buffer, offset: number): number {
+  if (offset + 2 > buffer.length) {
+    throw new Error('Buffer too short for UInt16BE read');
+  }
+  return (buffer[offset] << 8) | buffer[offset + 1];
+}
+
+/**
+ * Read a big-endian 24-bit integer from buffer
+ */
+export function readUInt24BE(buffer: Buffer, offset: number): number {
+  if (offset + 3 > buffer.length) {
+    throw new Error('Buffer too short for UInt24BE read');
+  }
+  return (buffer[offset] << 16) | (buffer[offset + 1] << 8) | buffer[offset + 2];
+}
+
+/**
+ * Find a byte sequence in a buffer
+ */
+export function findSequence(buffer: Buffer, sequence: Buffer, startOffset = 0): number {
+  if (sequence.length === 0) {
+    return startOffset;
+  }
+  
+  const searchLength = buffer.length - sequence.length + 1;
+  for (let i = startOffset; i < searchLength; i++) {
+    let found = true;
+    for (let j = 0; j < sequence.length; j++) {
+      if (buffer[i + j] !== sequence[j]) {
+        found = false;
+        break;
+      }
+    }
+    if (found) {
+      return i;
+    }
+  }
+  return -1;
+}
+
+/**
+ * Extract a line from buffer (up to CRLF or LF)
+ */
+export function extractLine(buffer: Buffer, startOffset = 0): { line: string; nextOffset: number } | null {
+  // Delegate to protocol parser
+  return HttpParser.extractLine(buffer, startOffset);
+}
+
+/**
+ * Check if buffer starts with a string (case-insensitive)
+ */
+export function startsWithString(buffer: Buffer, str: string, offset = 0): boolean {
+  if (offset + str.length > buffer.length) {
+    return false;
+  }
+  
+  const bufferStr = buffer.slice(offset, offset + str.length).toString('utf8');
+  return bufferStr.toLowerCase() === str.toLowerCase();
+}
+
+/**
+ * Safe buffer slice that doesn't throw on out-of-bounds
+ */
+export function safeSlice(buffer: Buffer, start: number, end?: number): Buffer {
+  const safeStart = Math.max(0, Math.min(start, buffer.length));
+  const safeEnd = end === undefined 
+    ? buffer.length 
+    : Math.max(safeStart, Math.min(end, buffer.length));
+    
+  return buffer.slice(safeStart, safeEnd);
+}
+
+/**
+ * Check if buffer contains printable ASCII
+ */
+export function isPrintableAscii(buffer: Buffer, length?: number): boolean {
+  // Delegate to protocol parser
+  return HttpParser.isPrintableAscii(buffer, length);
+}

package/ts/detection/utils/fragment-manager.ts

@@ -0,0 +1,64 @@
+/**
+ * Fragment Manager for Detection Module
+ * 
+ * Manages fragmented protocol data using the shared fragment handler
+ */
+
+import { FragmentHandler, type IFragmentOptions } from '../../protocols/common/fragment-handler.js';
+import type { IConnectionContext } from '../../protocols/common/types.js';
+
+/**
+ * Detection-specific fragment manager
+ */
+export class DetectionFragmentManager {
+  private tlsFragments: FragmentHandler;
+  private httpFragments: FragmentHandler;
+  
+  constructor() {
+    // Configure fragment handlers with appropriate limits
+    const tlsOptions: IFragmentOptions = {
+      maxBufferSize: 16384,  // TLS record max size
+      timeout: 5000,
+      cleanupInterval: 30000
+    };
+    
+    const httpOptions: IFragmentOptions = {
+      maxBufferSize: 8192,   // HTTP header reasonable limit
+      timeout: 5000,
+      cleanupInterval: 30000
+    };
+    
+    this.tlsFragments = new FragmentHandler(tlsOptions);
+    this.httpFragments = new FragmentHandler(httpOptions);
+  }
+  
+  /**
+   * Get fragment handler for protocol type
+   */
+  getHandler(protocol: 'tls' | 'http'): FragmentHandler {
+    return protocol === 'tls' ? this.tlsFragments : this.httpFragments;
+  }
+  
+  /**
+   * Create connection ID from context
+   */
+  static createConnectionId(context: IConnectionContext): string {
+    return context.id || `${context.sourceIp}:${context.sourcePort}-${context.destIp}:${context.destPort}`;
+  }
+  
+  /**
+   * Clean up all handlers
+   */
+  cleanup(): void {
+    this.tlsFragments.cleanup();
+    this.httpFragments.cleanup();
+  }
+  
+  /**
+   * Destroy all handlers
+   */
+  destroy(): void {
+    this.tlsFragments.destroy();
+    this.httpFragments.destroy();
+  }
+}

package/ts/detection/utils/parser-utils.ts

@@ -0,0 +1,77 @@
+/**
+ * Parser utilities for protocol detection
+ * Now delegates to protocol modules for actual parsing
+ */
+
+import type { THttpMethod, TTlsVersion } from '../models/detection-types.js';
+import { HttpParser, HTTP_METHODS, HTTP_VERSIONS } from '../../protocols/http/index.js';
+import { tlsVersionToString as protocolTlsVersionToString } from '../../protocols/tls/index.js';
+
+// Re-export constants for backward compatibility
+export { HTTP_METHODS, HTTP_VERSIONS };
+
+/**
+ * Parse HTTP request line
+ */
+export function parseHttpRequestLine(line: string): {
+  method: THttpMethod;
+  path: string;
+  version: string;
+} | null {
+  // Delegate to protocol parser
+  const result = HttpParser.parseRequestLine(line);
+  return result ? {
+    method: result.method as THttpMethod,
+    path: result.path,
+    version: result.version
+  } : null;
+}
+
+/**
+ * Parse HTTP header line
+ */
+export function parseHttpHeader(line: string): { name: string; value: string } | null {
+  // Delegate to protocol parser
+  return HttpParser.parseHeaderLine(line);
+}
+
+/**
+ * Parse HTTP headers from lines
+ */
+export function parseHttpHeaders(lines: string[]): Record<string, string> {
+  // Delegate to protocol parser
+  return HttpParser.parseHeaders(lines);
+}
+
+/**
+ * Convert TLS version bytes to version string
+ */
+export function tlsVersionToString(major: number, minor: number): TTlsVersion | null {
+  // Delegate to protocol parser
+  return protocolTlsVersionToString(major, minor) as TTlsVersion;
+}
+
+/**
+ * Extract domain from Host header value
+ */
+export function extractDomainFromHost(hostHeader: string): string {
+  // Delegate to protocol parser
+  return HttpParser.extractDomainFromHost(hostHeader);
+}
+
+/**
+ * Validate domain name
+ */
+export function isValidDomain(domain: string): boolean {
+  // Delegate to protocol parser
+  return HttpParser.isValidDomain(domain);
+}
+
+/**
+ * Check if string is a valid HTTP method
+ */
+export function isHttpMethod(str: string): str is THttpMethod {
+  // Delegate to protocol parser
+  return HttpParser.isHttpMethod(str) && (str as THttpMethod) !== undefined;
+}
+

package/ts/index.ts

@@ -34,4 +34,6 @@ export type { IAcmeOptions } from './proxies/smart-proxy/models/interfaces.js';
 // Modular exports for new architecture
 // Certificate module has been removed - use SmartCertManager instead
 export * as tls from './tls/index.js';
-export * as routing from './routing/index.js';
+export * as routing from './routing/index.js';
+export * as detection from './detection/index.js';
+export * as protocols from './protocols/index.js';