@push.rocks/smartproxy 21.0.0 → 21.1.1

package/dist_ts/detection/detectors/tls-detector.js

@@ -0,0 +1,206 @@
+/**
+ * TLS protocol detector
+ */
+import { readUInt16BE, readUInt24BE, BufferAccumulator } from '../utils/buffer-utils.js';
+import { tlsVersionToString } from '../utils/parser-utils.js';
+// Import from protocols
+import { TlsRecordType, TlsHandshakeType, TlsExtensionType } from '../../protocols/tls/index.js';
+// Import TLS utilities for SNI extraction from protocols
+import { SniExtraction } from '../../protocols/tls/sni/sni-extraction.js';
+import { ClientHelloParser } from '../../protocols/tls/sni/client-hello-parser.js';
+/**
+ * TLS detector implementation
+ */
+export class TlsDetector {
+    /**
+     * Minimum bytes needed to identify TLS (record header)
+     */
+    static { this.MIN_TLS_HEADER_SIZE = 5; }
+    /**
+     * Fragment tracking for incomplete handshakes
+     */
+    static { this.fragmentedBuffers = new Map(); }
+    /**
+     * Create connection ID from context
+     */
+    createConnectionId(context) {
+        return `${context.sourceIp || 'unknown'}:${context.sourcePort || 0}->${context.destIp || 'unknown'}:${context.destPort || 0}`;
+    }
+    /**
+     * Detect TLS protocol from buffer
+     */
+    detect(buffer, options) {
+        // Check if buffer is too small
+        if (buffer.length < TlsDetector.MIN_TLS_HEADER_SIZE) {
+            return null;
+        }
+        // Check if this is a TLS record
+        if (!this.isTlsRecord(buffer)) {
+            return null;
+        }
+        // Extract basic TLS info
+        const recordType = buffer[0];
+        const tlsMajor = buffer[1];
+        const tlsMinor = buffer[2];
+        const recordLength = readUInt16BE(buffer, 3);
+        // Initialize connection info
+        const connectionInfo = {
+            protocol: 'tls',
+            tlsVersion: tlsVersionToString(tlsMajor, tlsMinor) || undefined
+        };
+        // If it's a handshake, try to extract more info
+        if (recordType === TlsRecordType.HANDSHAKE && buffer.length >= 6) {
+            const handshakeType = buffer[5];
+            // For ClientHello, extract SNI and other info
+            if (handshakeType === TlsHandshakeType.CLIENT_HELLO) {
+                // Check if we have the complete handshake
+                const totalRecordLength = recordLength + 5; // Including TLS header
+                if (buffer.length >= totalRecordLength) {
+                    // Extract SNI using existing logic
+                    const sni = SniExtraction.extractSNI(buffer);
+                    if (sni) {
+                        connectionInfo.domain = sni;
+                        connectionInfo.sni = sni;
+                    }
+                    // Parse ClientHello for additional info
+                    const parseResult = ClientHelloParser.parseClientHello(buffer);
+                    if (parseResult.isValid) {
+                        // Extract ALPN if present
+                        const alpnExtension = parseResult.extensions.find(ext => ext.type === TlsExtensionType.APPLICATION_LAYER_PROTOCOL_NEGOTIATION);
+                        if (alpnExtension) {
+                            connectionInfo.alpn = this.parseAlpnExtension(alpnExtension.data);
+                        }
+                        // Store cipher suites if needed
+                        if (parseResult.cipherSuites && options?.extractFullHeaders) {
+                            connectionInfo.cipherSuites = this.parseCipherSuites(parseResult.cipherSuites);
+                        }
+                    }
+                    // Return complete result
+                    return {
+                        protocol: 'tls',
+                        connectionInfo,
+                        remainingBuffer: buffer.length > totalRecordLength
+                            ? buffer.subarray(totalRecordLength)
+                            : undefined,
+                        isComplete: true
+                    };
+                }
+                else {
+                    // Incomplete handshake
+                    return {
+                        protocol: 'tls',
+                        connectionInfo,
+                        isComplete: false,
+                        bytesNeeded: totalRecordLength
+                    };
+                }
+            }
+        }
+        // For other TLS record types, just return basic info
+        return {
+            protocol: 'tls',
+            connectionInfo,
+            isComplete: true,
+            remainingBuffer: buffer.length > recordLength + 5
+                ? buffer.subarray(recordLength + 5)
+                : undefined
+        };
+    }
+    /**
+     * Check if buffer can be handled by this detector
+     */
+    canHandle(buffer) {
+        return buffer.length >= TlsDetector.MIN_TLS_HEADER_SIZE &&
+            this.isTlsRecord(buffer);
+    }
+    /**
+     * Get minimum bytes needed for detection
+     */
+    getMinimumBytes() {
+        return TlsDetector.MIN_TLS_HEADER_SIZE;
+    }
+    /**
+     * Check if buffer contains a valid TLS record
+     */
+    isTlsRecord(buffer) {
+        const recordType = buffer[0];
+        // Check for valid record type
+        const validTypes = [
+            TlsRecordType.CHANGE_CIPHER_SPEC,
+            TlsRecordType.ALERT,
+            TlsRecordType.HANDSHAKE,
+            TlsRecordType.APPLICATION_DATA,
+            TlsRecordType.HEARTBEAT
+        ];
+        if (!validTypes.includes(recordType)) {
+            return false;
+        }
+        // Check TLS version bytes (should be 0x03 0x0X)
+        if (buffer[1] !== 0x03) {
+            return false;
+        }
+        // Check record length is reasonable
+        const recordLength = readUInt16BE(buffer, 3);
+        if (recordLength > 16384) { // Max TLS record size
+            return false;
+        }
+        return true;
+    }
+    /**
+     * Parse ALPN extension data
+     */
+    parseAlpnExtension(data) {
+        const protocols = [];
+        if (data.length < 2) {
+            return protocols;
+        }
+        const listLength = readUInt16BE(data, 0);
+        let offset = 2;
+        while (offset < Math.min(2 + listLength, data.length)) {
+            const protoLength = data[offset];
+            offset++;
+            if (offset + protoLength <= data.length) {
+                const protocol = data.subarray(offset, offset + protoLength).toString('ascii');
+                protocols.push(protocol);
+                offset += protoLength;
+            }
+            else {
+                break;
+            }
+        }
+        return protocols;
+    }
+    /**
+     * Parse cipher suites
+     */
+    parseCipherSuites(cipherData) {
+        const suites = [];
+        for (let i = 0; i < cipherData.length - 1; i += 2) {
+            const suite = readUInt16BE(cipherData, i);
+            suites.push(suite);
+        }
+        return suites;
+    }
+    /**
+     * Detect with context for fragmented data
+     */
+    detectWithContext(buffer, context, options) {
+        const connectionId = this.createConnectionId(context);
+        // Get or create buffer accumulator for this connection
+        let accumulator = TlsDetector.fragmentedBuffers.get(connectionId);
+        if (!accumulator) {
+            accumulator = new BufferAccumulator();
+            TlsDetector.fragmentedBuffers.set(connectionId, accumulator);
+        }
+        // Add new data
+        accumulator.append(buffer);
+        // Try detection on accumulated data
+        const result = this.detect(accumulator.getBuffer(), options);
+        // If detection is complete or we have too much data, clean up
+        if (result?.isComplete || accumulator.length() > 65536) {
+            TlsDetector.fragmentedBuffers.delete(connectionId);
+        }
+        return result;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGxzLWRldGVjdG9yLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvZGV0ZWN0aW9uL2RldGVjdG9ycy90bHMtZGV0ZWN0b3IudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7O0dBRUc7QUFLSCxPQUFPLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQ3pGLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBRTlELHdCQUF3QjtBQUN4QixPQUFPLEVBQUUsYUFBYSxFQUFFLGdCQUFnQixFQUFFLGdCQUFnQixFQUFFLE1BQU0sOEJBQThCLENBQUM7QUFFakcseURBQXlEO0FBQ3pELE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSwyQ0FBMkMsQ0FBQztBQUMxRSxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxnREFBZ0QsQ0FBQztBQUVuRjs7R0FFRztBQUNILE1BQU0sT0FBTyxXQUFXO0lBQ3RCOztPQUVHO2FBQ3FCLHdCQUFtQixHQUFHLENBQUMsQ0FBQztJQUVoRDs7T0FFRzthQUNZLHNCQUFpQixHQUFHLElBQUksR0FBRyxFQUE2QixDQUFDO0lBRXhFOztPQUVHO0lBQ0ssa0JBQWtCLENBQUMsT0FBdUY7UUFDaEgsT0FBTyxHQUFHLE9BQU8sQ0FBQyxRQUFRLElBQUksU0FBUyxJQUFJLE9BQU8sQ0FBQyxVQUFVLElBQUksQ0FBQyxLQUFLLE9BQU8sQ0FBQyxNQUFNLElBQUksU0FBUyxJQUFJLE9BQU8sQ0FBQyxRQUFRLElBQUksQ0FBQyxFQUFFLENBQUM7SUFDaEksQ0FBQztJQUVEOztPQUVHO0lBQ0gsTUFBTSxDQUFDLE1BQWMsRUFBRSxPQUEyQjtRQUNoRCwrQkFBK0I7UUFDL0IsSUFBSSxNQUFNLENBQUMsTUFBTSxHQUFHLFdBQVcsQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBQ3BELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELGdDQUFnQztRQUNoQyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDO1lBQzlCLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELHlCQUF5QjtRQUN6QixNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDN0IsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzNCLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUMzQixNQUFNLFlBQVksR0FBRyxZQUFZLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBRTdDLDZCQUE2QjtRQUM3QixNQUFNLGNBQWMsR0FBb0I7WUFDdEMsUUFBUSxFQUFFLEtBQUs7WUFDZixVQUFVLEVBQUUsa0JBQWtCLENBQUMsUUFBUSxFQUFFLFFBQVEsQ0FBQyxJQUFJLFNBQVM7U0FDaEUsQ0FBQztRQUVGLGdEQUFnRDtRQUNoRCxJQUFJLFVBQVUsS0FBSyxhQUFhLENBQUMsU0FBUyxJQUFJLE1BQU0sQ0FBQyxNQUFNLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDakUsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBRWhDLDhDQUE4QztZQUM5QyxJQUFJLGFBQWEsS0FBSyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztnQkFDcEQsMENBQTBDO2dCQUMxQyxNQUFNLGlCQUFpQixHQUFHLFlBQVksR0FBRyxDQUFDLENBQUMsQ0FBQyx1QkFBdUI7Z0JBQ25FLElBQUksTUFBTSxDQUFDLE1BQU0sSUFBSSxpQkFBaUIsRUFBRSxDQUFDO29CQUN2QyxtQ0FBbUM7b0JBQ25DLE1BQU0sR0FBRyxHQUFHLGFBQWEsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7b0JBQzdDLElBQUksR0FBRyxFQUFFLENBQUM7d0JBQ1IsY0FBYyxDQUFDLE1BQU0sR0FBRyxHQUFHLENBQUM7d0JBQzVCLGNBQWMsQ0FBQyxHQUFHLEdBQUcsR0FBRyxDQUFDO29CQUMzQixDQUFDO29CQUVELHdDQUF3QztvQkFDeEMsTUFBTSxXQUFXLEdBQUcsaUJBQWlCLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7b0JBQy9ELElBQUksV0FBVyxDQUFDLE9BQU8sRUFBRSxDQUFDO3dCQUN4QiwwQkFBMEI7d0JBQzFCLE1BQU0sYUFBYSxHQUFHLFdBQVcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUMvQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEtBQUssZ0JBQWdCLENBQUMsc0NBQXNDLENBQzVFLENBQUM7d0JBRUYsSUFBSSxhQUFhLEVBQUUsQ0FBQzs0QkFDbEIsY0FBYyxDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFDO3dCQUNwRSxDQUFDO3dCQUVELGdDQUFnQzt3QkFDaEMsSUFBSSxXQUFXLENBQUMsWUFBWSxJQUFJLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxDQUFDOzRCQUM1RCxjQUFjLENBQUMsWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxXQUFXLENBQUMsWUFBWSxDQUFDLENBQUM7d0JBQ2pGLENBQUM7b0JBQ0gsQ0FBQztvQkFFRCx5QkFBeUI7b0JBQ3pCLE9BQU87d0JBQ0wsUUFBUSxFQUFFLEtBQUs7d0JBQ2YsY0FBYzt3QkFDZCxlQUFlLEVBQUUsTUFBTSxDQUFDLE1BQU0sR0FBRyxpQkFBaUI7NEJBQ2hELENBQUMsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDOzRCQUNwQyxDQUFDLENBQUMsU0FBUzt3QkFDYixVQUFVLEVBQUUsSUFBSTtxQkFDakIsQ0FBQztnQkFDSixDQUFDO3FCQUFNLENBQUM7b0JBQ04sdUJBQXVCO29CQUN2QixPQUFPO3dCQUNMLFFBQVEsRUFBRSxLQUFLO3dCQUNmLGNBQWM7d0JBQ2QsVUFBVSxFQUFFLEtBQUs7d0JBQ2pCLFdBQVcsRUFBRSxpQkFBaUI7cUJBQy9CLENBQUM7Z0JBQ0osQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQscURBQXFEO1FBQ3JELE9BQU87WUFDTCxRQUFRLEVBQUUsS0FBSztZQUNmLGNBQWM7WUFDZCxVQUFVLEVBQUUsSUFBSTtZQUNoQixlQUFlLEVBQUUsTUFBTSxDQUFDLE1BQU0sR0FBRyxZQUFZLEdBQUcsQ0FBQztnQkFDL0MsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsWUFBWSxHQUFHLENBQUMsQ0FBQztnQkFDbkMsQ0FBQyxDQUFDLFNBQVM7U0FDZCxDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0gsU0FBUyxDQUFDLE1BQWM7UUFDdEIsT0FBTyxNQUFNLENBQUMsTUFBTSxJQUFJLFdBQVcsQ0FBQyxtQkFBbUI7WUFDaEQsSUFBSSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxlQUFlO1FBQ2IsT0FBTyxXQUFXLENBQUMsbUJBQW1CLENBQUM7SUFDekMsQ0FBQztJQUVEOztPQUVHO0lBQ0ssV0FBVyxDQUFDLE1BQWM7UUFDaEMsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTdCLDhCQUE4QjtRQUM5QixNQUFNLFVBQVUsR0FBRztZQUNqQixhQUFhLENBQUMsa0JBQWtCO1lBQ2hDLGFBQWEsQ0FBQyxLQUFLO1lBQ25CLGFBQWEsQ0FBQyxTQUFTO1lBQ3ZCLGFBQWEsQ0FBQyxnQkFBZ0I7WUFDOUIsYUFBYSxDQUFDLFNBQVM7U0FDeEIsQ0FBQztRQUVGLElBQUksQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUM7WUFDckMsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsZ0RBQWdEO1FBQ2hELElBQUksTUFBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3ZCLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELG9DQUFvQztRQUNwQyxNQUFNLFlBQVksR0FBRyxZQUFZLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQzdDLElBQUksWUFBWSxHQUFHLEtBQUssRUFBRSxDQUFDLENBQUMsc0JBQXNCO1lBQ2hELE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOztPQUVHO0lBQ0ssa0JBQWtCLENBQUMsSUFBWTtRQUNyQyxNQUFNLFNBQVMsR0FBYSxFQUFFLENBQUM7UUFFL0IsSUFBSSxJQUFJLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3BCLE9BQU8sU0FBUyxDQUFDO1FBQ25CLENBQUM7UUFFRCxNQUFNLFVBQVUsR0FBRyxZQUFZLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ3pDLElBQUksTUFBTSxHQUFHLENBQUMsQ0FBQztRQUVmLE9BQU8sTUFBTSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLFVBQVUsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztZQUN0RCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDakMsTUFBTSxFQUFFLENBQUM7WUFFVCxJQUFJLE1BQU0sR0FBRyxXQUFXLElBQUksSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUN4QyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sRUFBRSxNQUFNLEdBQUcsV0FBVyxDQUFDLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUMvRSxTQUFTLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUN6QixNQUFNLElBQUksV0FBVyxDQUFDO1lBQ3hCLENBQUM7aUJBQU0sQ0FBQztnQkFDTixNQUFNO1lBQ1IsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLFNBQVMsQ0FBQztJQUNuQixDQUFDO0lBRUQ7O09BRUc7SUFDSyxpQkFBaUIsQ0FBQyxVQUFrQjtRQUMxQyxNQUFNLE1BQU0sR0FBYSxFQUFFLENBQUM7UUFFNUIsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNsRCxNQUFNLEtBQUssR0FBRyxZQUFZLENBQUMsVUFBVSxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBQzFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDckIsQ0FBQztRQUVELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7SUFFRDs7T0FFRztJQUNILGlCQUFpQixDQUNmLE1BQWMsRUFDZCxPQUF1RixFQUN2RixPQUEyQjtRQUUzQixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFdEQsdURBQXVEO1FBQ3ZELElBQUksV0FBVyxHQUFHLFdBQVcsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDbEUsSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ2pCLFdBQVcsR0FBRyxJQUFJLGlCQUFpQixFQUFFLENBQUM7WUFDdEMsV0FBVyxDQUFDLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxZQUFZLEVBQUUsV0FBVyxDQUFDLENBQUM7UUFDL0QsQ0FBQztRQUVELGVBQWU7UUFDZixXQUFXLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTNCLG9DQUFvQztRQUNwQyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxTQUFTLEVBQUUsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUU3RCw4REFBOEQ7UUFDOUQsSUFBSSxNQUFNLEVBQUUsVUFBVSxJQUFJLFdBQVcsQ0FBQyxNQUFNLEVBQUUsR0FBRyxLQUFLLEVBQUUsQ0FBQztZQUN2RCxXQUFXLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ3JELENBQUM7UUFFRCxPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDIn0=

package/dist_ts/detection/index.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Centralized Protocol Detection Module
+ *
+ * This module provides unified protocol detection capabilities for
+ * both TLS and HTTP protocols, extracting connection information
+ * without consuming the data stream.
+ */
+export * from './protocol-detector.js';
+export * from './models/detection-types.js';
+export * from './models/interfaces.js';
+export * from './detectors/tls-detector.js';
+export * from './detectors/http-detector.js';
+export * from './detectors/quick-detector.js';
+export * from './detectors/routing-extractor.js';
+export * from './utils/buffer-utils.js';
+export * from './utils/parser-utils.js';
+export * from './utils/fragment-manager.js';

package/dist_ts/detection/index.js

@@ -0,0 +1,22 @@
+/**
+ * Centralized Protocol Detection Module
+ *
+ * This module provides unified protocol detection capabilities for
+ * both TLS and HTTP protocols, extracting connection information
+ * without consuming the data stream.
+ */
+// Main detector
+export * from './protocol-detector.js';
+// Models
+export * from './models/detection-types.js';
+export * from './models/interfaces.js';
+// Individual detectors
+export * from './detectors/tls-detector.js';
+export * from './detectors/http-detector.js';
+export * from './detectors/quick-detector.js';
+export * from './detectors/routing-extractor.js';
+// Utilities
+export * from './utils/buffer-utils.js';
+export * from './utils/parser-utils.js';
+export * from './utils/fragment-manager.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9kZXRlY3Rpb24vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7OztHQU1HO0FBRUgsZ0JBQWdCO0FBQ2hCLGNBQWMsd0JBQXdCLENBQUM7QUFFdkMsU0FBUztBQUNULGNBQWMsNkJBQTZCLENBQUM7QUFDNUMsY0FBYyx3QkFBd0IsQ0FBQztBQUV2Qyx1QkFBdUI7QUFDdkIsY0FBYyw2QkFBNkIsQ0FBQztBQUM1QyxjQUFjLDhCQUE4QixDQUFDO0FBQzdDLGNBQWMsK0JBQStCLENBQUM7QUFDOUMsY0FBYyxrQ0FBa0MsQ0FBQztBQUVqRCxZQUFZO0FBQ1osY0FBYyx5QkFBeUIsQ0FBQztBQUN4QyxjQUFjLHlCQUF5QixDQUFDO0FBQ3hDLGNBQWMsNkJBQTZCLENBQUMifQ==

package/dist_ts/detection/models/detection-types.d.ts

@@ -0,0 +1,87 @@
+/**
+ * Type definitions for protocol detection
+ */
+/**
+ * Supported protocol types that can be detected
+ */
+export type TProtocolType = 'tls' | 'http' | 'unknown';
+/**
+ * HTTP method types
+ */
+export type THttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH' | 'HEAD' | 'OPTIONS' | 'CONNECT' | 'TRACE';
+/**
+ * TLS version identifiers
+ */
+export type TTlsVersion = 'SSLv3' | 'TLSv1.0' | 'TLSv1.1' | 'TLSv1.2' | 'TLSv1.3';
+/**
+ * Connection information extracted from protocol detection
+ */
+export interface IConnectionInfo {
+    /**
+     * The detected protocol type
+     */
+    protocol: TProtocolType;
+    /**
+     * Domain/hostname extracted from the connection
+     * - For TLS: from SNI extension
+     * - For HTTP: from Host header
+     */
+    domain?: string;
+    /**
+     * HTTP-specific fields
+     */
+    method?: THttpMethod;
+    path?: string;
+    httpVersion?: string;
+    headers?: Record<string, string>;
+    /**
+     * TLS-specific fields
+     */
+    tlsVersion?: TTlsVersion;
+    sni?: string;
+    alpn?: string[];
+    cipherSuites?: number[];
+}
+/**
+ * Result of protocol detection
+ */
+export interface IDetectionResult {
+    /**
+     * The detected protocol type
+     */
+    protocol: TProtocolType;
+    /**
+     * Extracted connection information
+     */
+    connectionInfo: IConnectionInfo;
+    /**
+     * Any remaining buffer data after detection headers
+     * This can be used to continue processing the stream
+     */
+    remainingBuffer?: Buffer;
+    /**
+     * Whether the detection is complete or needs more data
+     */
+    isComplete: boolean;
+    /**
+     * Minimum bytes needed for complete detection (if incomplete)
+     */
+    bytesNeeded?: number;
+}
+/**
+ * Options for protocol detection
+ */
+export interface IDetectionOptions {
+    /**
+     * Maximum bytes to buffer for detection (default: 8192)
+     */
+    maxBufferSize?: number;
+    /**
+     * Timeout for detection in milliseconds (default: 5000)
+     */
+    timeout?: number;
+    /**
+     * Whether to extract full headers or just essential info
+     */
+    extractFullHeaders?: boolean;
+}

package/dist_ts/detection/models/detection-types.js

@@ -0,0 +1,5 @@
+/**
+ * Type definitions for protocol detection
+ */
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGV0ZWN0aW9uLXR5cGVzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvZGV0ZWN0aW9uL21vZGVscy9kZXRlY3Rpb24tdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7O0dBRUcifQ==

package/dist_ts/detection/models/interfaces.d.ts

@@ -0,0 +1,97 @@
+/**
+ * Interface definitions for protocol detection components
+ */
+import type { IDetectionResult, IDetectionOptions } from './detection-types.js';
+/**
+ * Interface for protocol detectors
+ */
+export interface IProtocolDetector {
+    /**
+     * Detect protocol from buffer data
+     * @param buffer The buffer to analyze
+     * @param options Detection options
+     * @returns Detection result or null if protocol cannot be determined
+     */
+    detect(buffer: Buffer, options?: IDetectionOptions): IDetectionResult | null;
+    /**
+     * Check if buffer potentially contains this protocol
+     * @param buffer The buffer to check
+     * @returns True if buffer might contain this protocol
+     */
+    canHandle(buffer: Buffer): boolean;
+    /**
+     * Get the minimum bytes needed for detection
+     */
+    getMinimumBytes(): number;
+}
+/**
+ * Interface for connection tracking during fragmented detection
+ */
+export interface IConnectionTracker {
+    /**
+     * Connection identifier
+     */
+    id: string;
+    /**
+     * Accumulated buffer data
+     */
+    buffer: Buffer;
+    /**
+     * Timestamp of first data
+     */
+    startTime: number;
+    /**
+     * Current detection state
+     */
+    state: 'detecting' | 'complete' | 'failed';
+    /**
+     * Partial detection result (if any)
+     */
+    partialResult?: Partial<IDetectionResult>;
+}
+/**
+ * Interface for buffer accumulator (handles fragmented data)
+ */
+export interface IBufferAccumulator {
+    /**
+     * Add data to accumulator
+     */
+    append(data: Buffer): void;
+    /**
+     * Get accumulated buffer
+     */
+    getBuffer(): Buffer;
+    /**
+     * Get buffer length
+     */
+    length(): number;
+    /**
+     * Clear accumulated data
+     */
+    clear(): void;
+    /**
+     * Check if accumulator has enough data
+     */
+    hasMinimumBytes(minBytes: number): boolean;
+}
+/**
+ * Detection events
+ */
+export interface IDetectionEvents {
+    /**
+     * Emitted when protocol is successfully detected
+     */
+    detected: (result: IDetectionResult) => void;
+    /**
+     * Emitted when detection fails
+     */
+    failed: (error: Error) => void;
+    /**
+     * Emitted when detection times out
+     */
+    timeout: () => void;
+    /**
+     * Emitted when more data is needed
+     */
+    needMoreData: (bytesNeeded: number) => void;
+}

package/dist_ts/detection/models/interfaces.js

@@ -0,0 +1,5 @@
+/**
+ * Interface definitions for protocol detection components
+ */
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW50ZXJmYWNlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3RzL2RldGVjdGlvbi9tb2RlbHMvaW50ZXJmYWNlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRyJ9

package/dist_ts/detection/protocol-detector-v2.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Protocol Detector V2
+ *
+ * Simplified protocol detection using the new architecture
+ */
+import type { IDetectionResult, IDetectionOptions } from './models/detection-types.js';
+import type { IConnectionContext } from '../protocols/common/types.js';
+/**
+ * Main protocol detector class - V2
+ */
+export declare class ProtocolDetectorV2 {
+    private fragmentManager;
+    private tlsDetector;
+    private httpDetector;
+    constructor();
+    /**
+     * Detect protocol from buffer data
+     */
+    detect(buffer: Buffer, options?: IDetectionOptions): Promise<IDetectionResult>;
+    /**
+     * Detect protocol with connection context for fragmented data
+     */
+    detectWithContext(buffer: Buffer, context: IConnectionContext, options?: IDetectionOptions): Promise<IDetectionResult>;
+    /**
+     * Clean up resources
+     */
+    cleanup(): void;
+    /**
+     * Destroy detector instance
+     */
+    destroy(): void;
+    /**
+     * Extract domain from connection info
+     */
+    static extractDomain(connectionInfo: any): string | undefined;
+    /**
+     * Create a connection context from parameters
+     */
+    static createConnectionContext(params: {
+        sourceIp?: string;
+        sourcePort?: number;
+        destIp?: string;
+        destPort?: number;
+        socketId?: string;
+    }): IConnectionContext;
+}

package/dist_ts/detection/protocol-detector-v2.js

@@ -0,0 +1,116 @@
+/**
+ * Protocol Detector V2
+ *
+ * Simplified protocol detection using the new architecture
+ */
+import { TlsDetectorV2 } from './detectors/tls-detector-v2.js';
+import { HttpDetectorV2 } from './detectors/http-detector-v2.js';
+import { DetectionFragmentManager } from './utils/fragment-manager.js';
+/**
+ * Main protocol detector class - V2
+ */
+export class ProtocolDetectorV2 {
+    constructor() {
+        this.fragmentManager = new DetectionFragmentManager();
+        this.tlsDetector = new TlsDetectorV2(this.fragmentManager);
+        this.httpDetector = new HttpDetectorV2(this.fragmentManager);
+    }
+    /**
+     * Detect protocol from buffer data
+     */
+    async detect(buffer, options) {
+        // Quick sanity check
+        if (!buffer || buffer.length === 0) {
+            return {
+                protocol: 'unknown',
+                connectionInfo: { protocol: 'unknown' },
+                isComplete: true
+            };
+        }
+        // Try TLS detection first (more specific)
+        if (this.tlsDetector.canHandle(buffer)) {
+            const tlsResult = this.tlsDetector.detect(buffer, options);
+            if (tlsResult) {
+                return tlsResult;
+            }
+        }
+        // Try HTTP detection
+        if (this.httpDetector.canHandle(buffer)) {
+            const httpResult = this.httpDetector.detect(buffer, options);
+            if (httpResult) {
+                return httpResult;
+            }
+        }
+        // Neither TLS nor HTTP
+        return {
+            protocol: 'unknown',
+            connectionInfo: { protocol: 'unknown' },
+            isComplete: true
+        };
+    }
+    /**
+     * Detect protocol with connection context for fragmented data
+     */
+    async detectWithContext(buffer, context, options) {
+        // Quick sanity check
+        if (!buffer || buffer.length === 0) {
+            return {
+                protocol: 'unknown',
+                connectionInfo: { protocol: 'unknown' },
+                isComplete: true
+            };
+        }
+        // First peek to determine protocol type
+        if (this.tlsDetector.canHandle(buffer)) {
+            const result = this.tlsDetector.detectWithContext(buffer, context, options);
+            if (result) {
+                return result;
+            }
+        }
+        if (this.httpDetector.canHandle(buffer)) {
+            const result = this.httpDetector.detectWithContext(buffer, context, options);
+            if (result) {
+                return result;
+            }
+        }
+        // Can't determine protocol
+        return {
+            protocol: 'unknown',
+            connectionInfo: { protocol: 'unknown' },
+            isComplete: false,
+            bytesNeeded: Math.max(this.tlsDetector.getMinimumBytes(), this.httpDetector.getMinimumBytes())
+        };
+    }
+    /**
+     * Clean up resources
+     */
+    cleanup() {
+        this.fragmentManager.cleanup();
+    }
+    /**
+     * Destroy detector instance
+     */
+    destroy() {
+        this.fragmentManager.destroy();
+    }
+    /**
+     * Extract domain from connection info
+     */
+    static extractDomain(connectionInfo) {
+        return connectionInfo.domain || connectionInfo.sni || connectionInfo.host;
+    }
+    /**
+     * Create a connection context from parameters
+     */
+    static createConnectionContext(params) {
+        return {
+            id: params.socketId,
+            sourceIp: params.sourceIp || 'unknown',
+            sourcePort: params.sourcePort || 0,
+            destIp: params.destIp || 'unknown',
+            destPort: params.destPort || 0,
+            timestamp: Date.now()
+        };
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJvdG9jb2wtZGV0ZWN0b3ItdjIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9kZXRlY3Rpb24vcHJvdG9jb2wtZGV0ZWN0b3ItdjIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7R0FJRztBQUlILE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUMvRCxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0saUNBQWlDLENBQUM7QUFDakUsT0FBTyxFQUFFLHdCQUF3QixFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFFdkU7O0dBRUc7QUFDSCxNQUFNLE9BQU8sa0JBQWtCO0lBSzdCO1FBQ0UsSUFBSSxDQUFDLGVBQWUsR0FBRyxJQUFJLHdCQUF3QixFQUFFLENBQUM7UUFDdEQsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLGFBQWEsQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDM0QsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLGNBQWMsQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDL0QsQ0FBQztJQUVEOztPQUVHO0lBQ0gsS0FBSyxDQUFDLE1BQU0sQ0FBQyxNQUFjLEVBQUUsT0FBMkI7UUFDdEQscUJBQXFCO1FBQ3JCLElBQUksQ0FBQyxNQUFNLElBQUksTUFBTSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUNuQyxPQUFPO2dCQUNMLFFBQVEsRUFBRSxTQUFTO2dCQUNuQixjQUFjLEVBQUUsRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFFO2dCQUN2QyxVQUFVLEVBQUUsSUFBSTthQUNqQixDQUFDO1FBQ0osQ0FBQztRQUVELDBDQUEwQztRQUMxQyxJQUFJLElBQUksQ0FBQyxXQUFXLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUM7WUFDdkMsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQzNELElBQUksU0FBUyxFQUFFLENBQUM7Z0JBQ2QsT0FBTyxTQUFTLENBQUM7WUFDbkIsQ0FBQztRQUNILENBQUM7UUFFRCxxQkFBcUI7UUFDckIsSUFBSSxJQUFJLENBQUMsWUFBWSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDO1lBQ3hDLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQztZQUM3RCxJQUFJLFVBQVUsRUFBRSxDQUFDO2dCQUNmLE9BQU8sVUFBVSxDQUFDO1lBQ3BCLENBQUM7UUFDSCxDQUFDO1FBRUQsdUJBQXVCO1FBQ3ZCLE9BQU87WUFDTCxRQUFRLEVBQUUsU0FBUztZQUNuQixjQUFjLEVBQUUsRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFFO1lBQ3ZDLFVBQVUsRUFBRSxJQUFJO1NBQ2pCLENBQUM7SUFDSixDQUFDO0lBRUQ7O09BRUc7SUFDSCxLQUFLLENBQUMsaUJBQWlCLENBQ3JCLE1BQWMsRUFDZCxPQUEyQixFQUMzQixPQUEyQjtRQUUzQixxQkFBcUI7UUFDckIsSUFBSSxDQUFDLE1BQU0sSUFBSSxNQUFNLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ25DLE9BQU87Z0JBQ0wsUUFBUSxFQUFFLFNBQVM7Z0JBQ25CLGNBQWMsRUFBRSxFQUFFLFFBQVEsRUFBRSxTQUFTLEVBQUU7Z0JBQ3ZDLFVBQVUsRUFBRSxJQUFJO2FBQ2pCLENBQUM7UUFDSixDQUFDO1FBRUQsd0NBQXdDO1FBQ3hDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztZQUN2QyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLGlCQUFpQixDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDNUUsSUFBSSxNQUFNLEVBQUUsQ0FBQztnQkFDWCxPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1FBQ0gsQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztZQUN4QyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDN0UsSUFBSSxNQUFNLEVBQUUsQ0FBQztnQkFDWCxPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1FBQ0gsQ0FBQztRQUVELDJCQUEyQjtRQUMzQixPQUFPO1lBQ0wsUUFBUSxFQUFFLFNBQVM7WUFDbkIsY0FBYyxFQUFFLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRTtZQUN2QyxVQUFVLEVBQUUsS0FBSztZQUNqQixXQUFXLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FDbkIsSUFBSSxDQUFDLFdBQVcsQ0FBQyxlQUFlLEVBQUUsRUFDbEMsSUFBSSxDQUFDLFlBQVksQ0FBQyxlQUFlLEVBQUUsQ0FDcEM7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVEOztPQUVHO0lBQ0gsT0FBTztRQUNMLElBQUksQ0FBQyxlQUFlLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDakMsQ0FBQztJQUVEOztPQUVHO0lBQ0gsT0FBTztRQUNMLElBQUksQ0FBQyxlQUFlLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDakMsQ0FBQztJQUVEOztPQUVHO0lBQ0gsTUFBTSxDQUFDLGFBQWEsQ0FBQyxjQUFtQjtRQUN0QyxPQUFPLGNBQWMsQ0FBQyxNQUFNLElBQUksY0FBYyxDQUFDLEdBQUcsSUFBSSxjQUFjLENBQUMsSUFBSSxDQUFDO0lBQzVFLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxNQU05QjtRQUNDLE9BQU87WUFDTCxFQUFFLEVBQUUsTUFBTSxDQUFDLFFBQVE7WUFDbkIsUUFBUSxFQUFFLE1BQU0sQ0FBQyxRQUFRLElBQUksU0FBUztZQUN0QyxVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVUsSUFBSSxDQUFDO1lBQ2xDLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTSxJQUFJLFNBQVM7WUFDbEMsUUFBUSxFQUFFLE1BQU0sQ0FBQyxRQUFRLElBQUksQ0FBQztZQUM5QixTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtTQUN0QixDQUFDO0lBQ0osQ0FBQztDQUNGIn0=