@push.rocks/smartproxy 21.0.0 → 21.1.1

package/dist_ts/detection/detectors/quick-detector.js

@@ -0,0 +1,131 @@
+/**
+ * Quick Protocol Detector
+ *
+ * Lightweight protocol identification based on minimal bytes
+ * No parsing, just identification
+ */
+import { TlsRecordType } from '../../protocols/tls/index.js';
+import { HttpParser } from '../../protocols/http/index.js';
+/**
+ * Quick protocol detector for fast identification
+ */
+export class QuickProtocolDetector {
+    /**
+     * Check if this detector can handle the data
+     */
+    canHandle(data) {
+        return data.length >= 1;
+    }
+    /**
+     * Perform quick detection based on first few bytes
+     */
+    quickDetect(data) {
+        if (data.length === 0) {
+            return {
+                protocol: 'unknown',
+                confidence: 0,
+                requiresMoreData: true
+            };
+        }
+        // Check for TLS
+        const tlsResult = this.checkTls(data);
+        if (tlsResult.confidence > 80) {
+            return tlsResult;
+        }
+        // Check for HTTP
+        const httpResult = this.checkHttp(data);
+        if (httpResult.confidence > 80) {
+            return httpResult;
+        }
+        // Need more data or unknown
+        return {
+            protocol: 'unknown',
+            confidence: 0,
+            requiresMoreData: data.length < 20
+        };
+    }
+    /**
+     * Check if data looks like TLS
+     */
+    checkTls(data) {
+        if (data.length < 3) {
+            return {
+                protocol: 'tls',
+                confidence: 0,
+                requiresMoreData: true
+            };
+        }
+        const firstByte = data[0];
+        const secondByte = data[1];
+        // Check for valid TLS record type
+        const validRecordTypes = [
+            TlsRecordType.CHANGE_CIPHER_SPEC,
+            TlsRecordType.ALERT,
+            TlsRecordType.HANDSHAKE,
+            TlsRecordType.APPLICATION_DATA,
+            TlsRecordType.HEARTBEAT
+        ];
+        if (!validRecordTypes.includes(firstByte)) {
+            return {
+                protocol: 'tls',
+                confidence: 0
+            };
+        }
+        // Check TLS version byte (0x03 for all TLS/SSL versions)
+        if (secondByte !== 0x03) {
+            return {
+                protocol: 'tls',
+                confidence: 0
+            };
+        }
+        // High confidence it's TLS
+        return {
+            protocol: 'tls',
+            confidence: 95,
+            metadata: {
+                recordType: firstByte
+            }
+        };
+    }
+    /**
+     * Check if data looks like HTTP
+     */
+    checkHttp(data) {
+        if (data.length < 3) {
+            return {
+                protocol: 'http',
+                confidence: 0,
+                requiresMoreData: true
+            };
+        }
+        // Quick check for HTTP methods
+        const start = data.subarray(0, Math.min(10, data.length)).toString('ascii');
+        // Check common HTTP methods
+        const httpMethods = ['GET ', 'POST ', 'PUT ', 'DELETE ', 'HEAD ', 'OPTIONS', 'PATCH ', 'CONNECT', 'TRACE '];
+        for (const method of httpMethods) {
+            if (start.startsWith(method)) {
+                return {
+                    protocol: 'http',
+                    confidence: 95,
+                    metadata: {
+                        method: method.trim()
+                    }
+                };
+            }
+        }
+        // Check if it might be HTTP but need more data
+        if (HttpParser.isPrintableAscii(data, Math.min(20, data.length))) {
+            // Could be HTTP, but not sure
+            return {
+                protocol: 'http',
+                confidence: 30,
+                requiresMoreData: data.length < 20
+            };
+        }
+        return {
+            protocol: 'http',
+            confidence: 0
+        };
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicXVpY2stZGV0ZWN0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9kZXRlY3Rpb24vZGV0ZWN0b3JzL3F1aWNrLWRldGVjdG9yLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7OztHQUtHO0FBR0gsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLDhCQUE4QixDQUFDO0FBQzdELE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUUzRDs7R0FFRztBQUNILE1BQU0sT0FBTyxxQkFBcUI7SUFDaEM7O09BRUc7SUFDSCxTQUFTLENBQUMsSUFBWTtRQUNwQixPQUFPLElBQUksQ0FBQyxNQUFNLElBQUksQ0FBQyxDQUFDO0lBQzFCLENBQUM7SUFFRDs7T0FFRztJQUNILFdBQVcsQ0FBQyxJQUFZO1FBQ3RCLElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUN0QixPQUFPO2dCQUNMLFFBQVEsRUFBRSxTQUFTO2dCQUNuQixVQUFVLEVBQUUsQ0FBQztnQkFDYixnQkFBZ0IsRUFBRSxJQUFJO2FBQ3ZCLENBQUM7UUFDSixDQUFDO1FBRUQsZ0JBQWdCO1FBQ2hCLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdEMsSUFBSSxTQUFTLENBQUMsVUFBVSxHQUFHLEVBQUUsRUFBRSxDQUFDO1lBQzlCLE9BQU8sU0FBUyxDQUFDO1FBQ25CLENBQUM7UUFFRCxpQkFBaUI7UUFDakIsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN4QyxJQUFJLFVBQVUsQ0FBQyxVQUFVLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDL0IsT0FBTyxVQUFVLENBQUM7UUFDcEIsQ0FBQztRQUVELDRCQUE0QjtRQUM1QixPQUFPO1lBQ0wsUUFBUSxFQUFFLFNBQVM7WUFDbkIsVUFBVSxFQUFFLENBQUM7WUFDYixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsTUFBTSxHQUFHLEVBQUU7U0FDbkMsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNLLFFBQVEsQ0FBQyxJQUFZO1FBQzNCLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNwQixPQUFPO2dCQUNMLFFBQVEsRUFBRSxLQUFLO2dCQUNmLFVBQVUsRUFBRSxDQUFDO2dCQUNiLGdCQUFnQixFQUFFLElBQUk7YUFDdkIsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDMUIsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTNCLGtDQUFrQztRQUNsQyxNQUFNLGdCQUFnQixHQUFHO1lBQ3ZCLGFBQWEsQ0FBQyxrQkFBa0I7WUFDaEMsYUFBYSxDQUFDLEtBQUs7WUFDbkIsYUFBYSxDQUFDLFNBQVM7WUFDdkIsYUFBYSxDQUFDLGdCQUFnQjtZQUM5QixhQUFhLENBQUMsU0FBUztTQUN4QixDQUFDO1FBRUYsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1lBQzFDLE9BQU87Z0JBQ0wsUUFBUSxFQUFFLEtBQUs7Z0JBQ2YsVUFBVSxFQUFFLENBQUM7YUFDZCxDQUFDO1FBQ0osQ0FBQztRQUVELHlEQUF5RDtRQUN6RCxJQUFJLFVBQVUsS0FBSyxJQUFJLEVBQUUsQ0FBQztZQUN4QixPQUFPO2dCQUNMLFFBQVEsRUFBRSxLQUFLO2dCQUNmLFVBQVUsRUFBRSxDQUFDO2FBQ2QsQ0FBQztRQUNKLENBQUM7UUFFRCwyQkFBMkI7UUFDM0IsT0FBTztZQUNMLFFBQVEsRUFBRSxLQUFLO1lBQ2YsVUFBVSxFQUFFLEVBQUU7WUFDZCxRQUFRLEVBQUU7Z0JBQ1IsVUFBVSxFQUFFLFNBQVM7YUFDdEI7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0ssU0FBUyxDQUFDLElBQVk7UUFDNUIsSUFBSSxJQUFJLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3BCLE9BQU87Z0JBQ0wsUUFBUSxFQUFFLE1BQU07Z0JBQ2hCLFVBQVUsRUFBRSxDQUFDO2dCQUNiLGdCQUFnQixFQUFFLElBQUk7YUFDdkIsQ0FBQztRQUNKLENBQUM7UUFFRCwrQkFBK0I7UUFDL0IsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRTVFLDRCQUE0QjtRQUM1QixNQUFNLFdBQVcsR0FBRyxDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsTUFBTSxFQUFFLFNBQVMsRUFBRSxPQUFPLEVBQUUsU0FBUyxFQUFFLFFBQVEsRUFBRSxTQUFTLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDNUcsS0FBSyxNQUFNLE1BQU0sSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUNqQyxJQUFJLEtBQUssQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztnQkFDN0IsT0FBTztvQkFDTCxRQUFRLEVBQUUsTUFBTTtvQkFDaEIsVUFBVSxFQUFFLEVBQUU7b0JBQ2QsUUFBUSxFQUFFO3dCQUNSLE1BQU0sRUFBRSxNQUFNLENBQUMsSUFBSSxFQUFFO3FCQUN0QjtpQkFDRixDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7UUFFRCwrQ0FBK0M7UUFDL0MsSUFBSSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxFQUFFLENBQUM7WUFDakUsOEJBQThCO1lBQzlCLE9BQU87Z0JBQ0wsUUFBUSxFQUFFLE1BQU07Z0JBQ2hCLFVBQVUsRUFBRSxFQUFFO2dCQUNkLGdCQUFnQixFQUFFLElBQUksQ0FBQyxNQUFNLEdBQUcsRUFBRTthQUNuQyxDQUFDO1FBQ0osQ0FBQztRQUVELE9BQU87WUFDTCxRQUFRLEVBQUUsTUFBTTtZQUNoQixVQUFVLEVBQUUsQ0FBQztTQUNkLENBQUM7SUFDSixDQUFDO0NBQ0YifQ==

package/dist_ts/detection/detectors/routing-extractor.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Routing Information Extractor
+ *
+ * Extracts minimal routing information from protocols
+ * without full parsing
+ */
+import type { IRoutingInfo, IConnectionContext, TProtocolType } from '../../protocols/common/types.js';
+/**
+ * Extracts routing information from protocol data
+ */
+export declare class RoutingExtractor {
+    /**
+     * Extract routing info based on protocol type
+     */
+    static extract(data: Buffer, protocol: TProtocolType, context?: IConnectionContext): IRoutingInfo | null;
+    /**
+     * Extract routing from TLS ClientHello (SNI)
+     */
+    private static extractTlsRouting;
+    /**
+     * Extract routing from HTTP headers (Host header)
+     */
+    private static extractHttpRouting;
+    /**
+     * Try to extract domain from any protocol
+     */
+    static extractDomain(data: Buffer, hint?: TProtocolType): string | null;
+}

package/dist_ts/detection/detectors/routing-extractor.js

@@ -0,0 +1,122 @@
+/**
+ * Routing Information Extractor
+ *
+ * Extracts minimal routing information from protocols
+ * without full parsing
+ */
+import { SniExtraction } from '../../protocols/tls/sni/sni-extraction.js';
+import { HttpParser } from '../../protocols/http/index.js';
+/**
+ * Extracts routing information from protocol data
+ */
+export class RoutingExtractor {
+    /**
+     * Extract routing info based on protocol type
+     */
+    static extract(data, protocol, context) {
+        switch (protocol) {
+            case 'tls':
+            case 'https':
+                return this.extractTlsRouting(data, context);
+            case 'http':
+                return this.extractHttpRouting(data);
+            default:
+                return null;
+        }
+    }
+    /**
+     * Extract routing from TLS ClientHello (SNI)
+     */
+    static extractTlsRouting(data, context) {
+        try {
+            // Quick SNI extraction without full parsing
+            const sni = SniExtraction.extractSNI(data);
+            if (sni) {
+                return {
+                    domain: sni,
+                    protocol: 'tls',
+                    port: 443 // Default HTTPS port
+                };
+            }
+            return null;
+        }
+        catch (error) {
+            // Extraction failed, return null
+            return null;
+        }
+    }
+    /**
+     * Extract routing from HTTP headers (Host header)
+     */
+    static extractHttpRouting(data) {
+        try {
+            // Look for first line
+            const firstLineEnd = data.indexOf('\n');
+            if (firstLineEnd === -1) {
+                return null;
+            }
+            // Parse request line
+            const firstLine = data.subarray(0, firstLineEnd).toString('ascii').trim();
+            const requestLine = HttpParser.parseRequestLine(firstLine);
+            if (!requestLine) {
+                return null;
+            }
+            // Look for Host header
+            let pos = firstLineEnd + 1;
+            const maxSearch = Math.min(data.length, 4096); // Don't search too far
+            while (pos < maxSearch) {
+                const lineEnd = data.indexOf('\n', pos);
+                if (lineEnd === -1)
+                    break;
+                const line = data.subarray(pos, lineEnd).toString('ascii').trim();
+                // Empty line means end of headers
+                if (line.length === 0)
+                    break;
+                // Check for Host header
+                if (line.toLowerCase().startsWith('host:')) {
+                    const hostValue = line.substring(5).trim();
+                    const domain = HttpParser.extractDomainFromHost(hostValue);
+                    return {
+                        domain,
+                        path: requestLine.path,
+                        protocol: 'http',
+                        port: 80 // Default HTTP port
+                    };
+                }
+                pos = lineEnd + 1;
+            }
+            // No Host header found, but we have the path
+            return {
+                path: requestLine.path,
+                protocol: 'http',
+                port: 80
+            };
+        }
+        catch (error) {
+            // Extraction failed
+            return null;
+        }
+    }
+    /**
+     * Try to extract domain from any protocol
+     */
+    static extractDomain(data, hint) {
+        // If we have a hint, use it
+        if (hint) {
+            const routing = this.extract(data, hint);
+            return routing?.domain || null;
+        }
+        // Try TLS first (more specific)
+        const tlsRouting = this.extractTlsRouting(data);
+        if (tlsRouting?.domain) {
+            return tlsRouting.domain;
+        }
+        // Try HTTP
+        const httpRouting = this.extractHttpRouting(data);
+        if (httpRouting?.domain) {
+            return httpRouting.domain;
+        }
+        return null;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGluZy1leHRyYWN0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9kZXRlY3Rpb24vZGV0ZWN0b3JzL3JvdXRpbmctZXh0cmFjdG9yLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7OztHQUtHO0FBR0gsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLDJDQUEyQyxDQUFDO0FBQzFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUUzRDs7R0FFRztBQUNILE1BQU0sT0FBTyxnQkFBZ0I7SUFDM0I7O09BRUc7SUFDSCxNQUFNLENBQUMsT0FBTyxDQUNaLElBQVksRUFDWixRQUF1QixFQUN2QixPQUE0QjtRQUU1QixRQUFRLFFBQVEsRUFBRSxDQUFDO1lBQ2pCLEtBQUssS0FBSyxDQUFDO1lBQ1gsS0FBSyxPQUFPO2dCQUNWLE9BQU8sSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztZQUUvQyxLQUFLLE1BQU07Z0JBQ1QsT0FBTyxJQUFJLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLENBQUM7WUFFdkM7Z0JBQ0UsT0FBTyxJQUFJLENBQUM7UUFDaEIsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLE1BQU0sQ0FBQyxpQkFBaUIsQ0FDOUIsSUFBWSxFQUNaLE9BQTRCO1FBRTVCLElBQUksQ0FBQztZQUNILDRDQUE0QztZQUM1QyxNQUFNLEdBQUcsR0FBRyxhQUFhLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBRTNDLElBQUksR0FBRyxFQUFFLENBQUM7Z0JBQ1IsT0FBTztvQkFDTCxNQUFNLEVBQUUsR0FBRztvQkFDWCxRQUFRLEVBQUUsS0FBSztvQkFDZixJQUFJLEVBQUUsR0FBRyxDQUFFLHFCQUFxQjtpQkFDakMsQ0FBQztZQUNKLENBQUM7WUFFRCxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsaUNBQWlDO1lBQ2pDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxJQUFZO1FBQzVDLElBQUksQ0FBQztZQUNILHNCQUFzQjtZQUN0QixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3hDLElBQUksWUFBWSxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hCLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztZQUVELHFCQUFxQjtZQUNyQixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsRUFBRSxZQUFZLENBQUMsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDMUUsTUFBTSxXQUFXLEdBQUcsVUFBVSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBRTNELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztnQkFDakIsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO1lBRUQsdUJBQXVCO1lBQ3ZCLElBQUksR0FBRyxHQUFHLFlBQVksR0FBRyxDQUFDLENBQUM7WUFDM0IsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsdUJBQXVCO1lBRXRFLE9BQU8sR0FBRyxHQUFHLFNBQVMsRUFBRSxDQUFDO2dCQUN2QixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxHQUFHLENBQUMsQ0FBQztnQkFDeEMsSUFBSSxPQUFPLEtBQUssQ0FBQyxDQUFDO29CQUFFLE1BQU07Z0JBRTFCLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFFbEUsa0NBQWtDO2dCQUNsQyxJQUFJLElBQUksQ0FBQyxNQUFNLEtBQUssQ0FBQztvQkFBRSxNQUFNO2dCQUU3Qix3QkFBd0I7Z0JBQ3hCLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO29CQUMzQyxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO29CQUMzQyxNQUFNLE1BQU0sR0FBRyxVQUFVLENBQUMscUJBQXFCLENBQUMsU0FBUyxDQUFDLENBQUM7b0JBRTNELE9BQU87d0JBQ0wsTUFBTTt3QkFDTixJQUFJLEVBQUUsV0FBVyxDQUFDLElBQUk7d0JBQ3RCLFFBQVEsRUFBRSxNQUFNO3dCQUNoQixJQUFJLEVBQUUsRUFBRSxDQUFFLG9CQUFvQjtxQkFDL0IsQ0FBQztnQkFDSixDQUFDO2dCQUVELEdBQUcsR0FBRyxPQUFPLEdBQUcsQ0FBQyxDQUFDO1lBQ3BCLENBQUM7WUFFRCw2Q0FBNkM7WUFDN0MsT0FBTztnQkFDTCxJQUFJLEVBQUUsV0FBVyxDQUFDLElBQUk7Z0JBQ3RCLFFBQVEsRUFBRSxNQUFNO2dCQUNoQixJQUFJLEVBQUUsRUFBRTthQUNULENBQUM7UUFDSixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLG9CQUFvQjtZQUNwQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7SUFDSCxDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNLENBQUMsYUFBYSxDQUFDLElBQVksRUFBRSxJQUFvQjtRQUNyRCw0QkFBNEI7UUFDNUIsSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUNULE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDO1lBQ3pDLE9BQU8sT0FBTyxFQUFFLE1BQU0sSUFBSSxJQUFJLENBQUM7UUFDakMsQ0FBQztRQUVELGdDQUFnQztRQUNoQyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDaEQsSUFBSSxVQUFVLEVBQUUsTUFBTSxFQUFFLENBQUM7WUFDdkIsT0FBTyxVQUFVLENBQUMsTUFBTSxDQUFDO1FBQzNCLENBQUM7UUFFRCxXQUFXO1FBQ1gsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ2xELElBQUksV0FBVyxFQUFFLE1BQU0sRUFBRSxDQUFDO1lBQ3hCLE9BQU8sV0FBVyxDQUFDLE1BQU0sQ0FBQztRQUM1QixDQUFDO1FBRUQsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0NBQ0YifQ==

package/dist_ts/detection/detectors/tls-detector-v2.d.ts

@@ -0,0 +1,33 @@
+/**
+ * TLS Protocol Detector V2
+ *
+ * Simplified TLS detection using the new architecture
+ */
+import type { IProtocolDetector } from '../models/interfaces.js';
+import type { IDetectionResult, IDetectionOptions } from '../models/detection-types.js';
+import type { IConnectionContext } from '../../protocols/common/types.js';
+import { DetectionFragmentManager } from '../utils/fragment-manager.js';
+/**
+ * Simplified TLS detector
+ */
+export declare class TlsDetectorV2 implements IProtocolDetector {
+    private quickDetector;
+    private fragmentManager;
+    constructor(fragmentManager: DetectionFragmentManager);
+    /**
+     * Check if buffer can be handled by this detector
+     */
+    canHandle(buffer: Buffer): boolean;
+    /**
+     * Get minimum bytes needed for detection
+     */
+    getMinimumBytes(): number;
+    /**
+     * Detect TLS protocol from buffer
+     */
+    detect(buffer: Buffer, options?: IDetectionOptions): IDetectionResult | null;
+    /**
+     * Handle fragmented detection
+     */
+    detectWithContext(buffer: Buffer, context: IConnectionContext, options?: IDetectionOptions): IDetectionResult | null;
+}

package/dist_ts/detection/detectors/tls-detector-v2.js

@@ -0,0 +1,80 @@
+/**
+ * TLS Protocol Detector V2
+ *
+ * Simplified TLS detection using the new architecture
+ */
+import { QuickProtocolDetector } from './quick-detector.js';
+import { RoutingExtractor } from './routing-extractor.js';
+import { DetectionFragmentManager } from '../utils/fragment-manager.js';
+/**
+ * Simplified TLS detector
+ */
+export class TlsDetectorV2 {
+    constructor(fragmentManager) {
+        this.quickDetector = new QuickProtocolDetector();
+        this.fragmentManager = fragmentManager;
+    }
+    /**
+     * Check if buffer can be handled by this detector
+     */
+    canHandle(buffer) {
+        const result = this.quickDetector.quickDetect(buffer);
+        return result.protocol === 'tls' && result.confidence > 50;
+    }
+    /**
+     * Get minimum bytes needed for detection
+     */
+    getMinimumBytes() {
+        return 5; // TLS record header
+    }
+    /**
+     * Detect TLS protocol from buffer
+     */
+    detect(buffer, options) {
+        // Quick detection first
+        const quickResult = this.quickDetector.quickDetect(buffer);
+        if (quickResult.protocol !== 'tls' || quickResult.confidence < 50) {
+            return null;
+        }
+        // If we don't need domain extraction, we can return early
+        if (quickResult.confidence >= 95 && !options?.extractFullHeaders) {
+            return {
+                protocol: 'tls',
+                connectionInfo: { protocol: 'tls' },
+                isComplete: true
+            };
+        }
+        // Extract routing information if needed
+        const routing = RoutingExtractor.extract(buffer, 'tls');
+        return {
+            protocol: 'tls',
+            connectionInfo: {
+                protocol: 'tls',
+                domain: routing?.domain,
+                sni: routing?.domain
+            },
+            isComplete: !quickResult.requiresMoreData,
+            bytesNeeded: quickResult.requiresMoreData ? buffer.length + 100 : undefined
+        };
+    }
+    /**
+     * Handle fragmented detection
+     */
+    detectWithContext(buffer, context, options) {
+        const handler = this.fragmentManager.getHandler('tls');
+        const connectionId = DetectionFragmentManager.createConnectionId(context);
+        // Add fragment
+        const result = handler.addFragment(connectionId, buffer);
+        if (result.error) {
+            handler.complete(connectionId);
+            return null;
+        }
+        // Try detection on accumulated buffer
+        const detectResult = this.detect(result.buffer, options);
+        if (detectResult && detectResult.isComplete) {
+            handler.complete(connectionId);
+        }
+        return detectResult;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGxzLWRldGVjdG9yLXYyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvZGV0ZWN0aW9uL2RldGVjdG9ycy90bHMtZGV0ZWN0b3ItdjIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7R0FJRztBQUtILE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLHFCQUFxQixDQUFDO0FBQzVELE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBQzFELE9BQU8sRUFBRSx3QkFBd0IsRUFBRSxNQUFNLDhCQUE4QixDQUFDO0FBRXhFOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGFBQWE7SUFJeEIsWUFBWSxlQUF5QztRQUg3QyxrQkFBYSxHQUFHLElBQUkscUJBQXFCLEVBQUUsQ0FBQztRQUlsRCxJQUFJLENBQUMsZUFBZSxHQUFHLGVBQWUsQ0FBQztJQUN6QyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxTQUFTLENBQUMsTUFBYztRQUN0QixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN0RCxPQUFPLE1BQU0sQ0FBQyxRQUFRLEtBQUssS0FBSyxJQUFJLE1BQU0sQ0FBQyxVQUFVLEdBQUcsRUFBRSxDQUFDO0lBQzdELENBQUM7SUFFRDs7T0FFRztJQUNILGVBQWU7UUFDYixPQUFPLENBQUMsQ0FBQyxDQUFDLG9CQUFvQjtJQUNoQyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNLENBQUMsTUFBYyxFQUFFLE9BQTJCO1FBQ2hELHdCQUF3QjtRQUN4QixNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUUzRCxJQUFJLFdBQVcsQ0FBQyxRQUFRLEtBQUssS0FBSyxJQUFJLFdBQVcsQ0FBQyxVQUFVLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDbEUsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsMERBQTBEO1FBQzFELElBQUksV0FBVyxDQUFDLFVBQVUsSUFBSSxFQUFFLElBQUksQ0FBQyxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsQ0FBQztZQUNqRSxPQUFPO2dCQUNMLFFBQVEsRUFBRSxLQUFLO2dCQUNmLGNBQWMsRUFBRSxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUU7Z0JBQ25DLFVBQVUsRUFBRSxJQUFJO2FBQ2pCLENBQUM7UUFDSixDQUFDO1FBRUQsd0NBQXdDO1FBQ3hDLE1BQU0sT0FBTyxHQUFHLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFFeEQsT0FBTztZQUNMLFFBQVEsRUFBRSxLQUFLO1lBQ2YsY0FBYyxFQUFFO2dCQUNkLFFBQVEsRUFBRSxLQUFLO2dCQUNmLE1BQU0sRUFBRSxPQUFPLEVBQUUsTUFBTTtnQkFDdkIsR0FBRyxFQUFFLE9BQU8sRUFBRSxNQUFNO2FBQ3JCO1lBQ0QsVUFBVSxFQUFFLENBQUMsV0FBVyxDQUFDLGdCQUFnQjtZQUN6QyxXQUFXLEVBQUUsV0FBVyxDQUFDLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxHQUFHLEdBQUcsQ0FBQyxDQUFDLENBQUMsU0FBUztTQUM1RSxDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0gsaUJBQWlCLENBQ2YsTUFBYyxFQUNkLE9BQTJCLEVBQzNCLE9BQTJCO1FBRTNCLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3ZELE1BQU0sWUFBWSxHQUFHLHdCQUF3QixDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRTFFLGVBQWU7UUFDZixNQUFNLE1BQU0sR0FBRyxPQUFPLENBQUMsV0FBVyxDQUFDLFlBQVksRUFBRSxNQUFNLENBQUMsQ0FBQztRQUV6RCxJQUFJLE1BQU0sQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQixPQUFPLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQy9CLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELHNDQUFzQztRQUN0QyxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFPLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFMUQsSUFBSSxZQUFZLElBQUksWUFBWSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQzVDLE9BQU8sQ0FBQyxRQUFRLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDakMsQ0FBQztRQUVELE9BQU8sWUFBWSxDQUFDO0lBQ3RCLENBQUM7Q0FDRiJ9

package/dist_ts/detection/detectors/tls-detector.d.ts

@@ -0,0 +1,55 @@
+/**
+ * TLS protocol detector
+ */
+import type { IProtocolDetector } from '../models/interfaces.js';
+import type { IDetectionResult, IDetectionOptions } from '../models/detection-types.js';
+/**
+ * TLS detector implementation
+ */
+export declare class TlsDetector implements IProtocolDetector {
+    /**
+     * Minimum bytes needed to identify TLS (record header)
+     */
+    private static readonly MIN_TLS_HEADER_SIZE;
+    /**
+     * Fragment tracking for incomplete handshakes
+     */
+    private static fragmentedBuffers;
+    /**
+     * Create connection ID from context
+     */
+    private createConnectionId;
+    /**
+     * Detect TLS protocol from buffer
+     */
+    detect(buffer: Buffer, options?: IDetectionOptions): IDetectionResult | null;
+    /**
+     * Check if buffer can be handled by this detector
+     */
+    canHandle(buffer: Buffer): boolean;
+    /**
+     * Get minimum bytes needed for detection
+     */
+    getMinimumBytes(): number;
+    /**
+     * Check if buffer contains a valid TLS record
+     */
+    private isTlsRecord;
+    /**
+     * Parse ALPN extension data
+     */
+    private parseAlpnExtension;
+    /**
+     * Parse cipher suites
+     */
+    private parseCipherSuites;
+    /**
+     * Detect with context for fragmented data
+     */
+    detectWithContext(buffer: Buffer, context: {
+        sourceIp?: string;
+        sourcePort?: number;
+        destIp?: string;
+        destPort?: number;
+    }, options?: IDetectionOptions): IDetectionResult | null;
+}