@push.rocks/smartproxy 21.1.7 → 22.6.0

package/ts/proxies/http-proxy/certificate-manager.ts

@@ -1,244 +0,0 @@
-import * as plugins from '../../plugins.js';
-import * as fs from 'fs';
-import * as path from 'path';
-import { fileURLToPath } from 'url';
-import { AsyncFileSystem } from '../../core/utils/fs-utils.js';
-import { type IHttpProxyOptions, type ICertificateEntry, type ILogger, createLogger } from './models/types.js';
-import type { IRouteConfig } from '../smart-proxy/models/route-types.js';
-
-/**
- * @deprecated This class is deprecated. Use SmartCertManager instead.
- * 
- * This is a stub implementation that maintains backward compatibility
- * while the functionality has been moved to SmartCertManager.
- */
-export class CertificateManager {
-  private defaultCertificates: { key: string; cert: string };
-  private certificateCache: Map<string, ICertificateEntry> = new Map();
-  private certificateStoreDir: string;
-  private logger: ILogger;
-  private httpsServer: plugins.https.Server | null = null;
-  private initialized = false;
-
-  constructor(private options: IHttpProxyOptions) {
-    this.certificateStoreDir = path.resolve(options.acme?.certificateStore || './certs');
-    this.logger = createLogger(options.logLevel || 'info');
-    
-    this.logger.warn('CertificateManager is deprecated - use SmartCertManager instead');
-    
-    // Initialize synchronously for backward compatibility but log warning
-    this.initializeSync();
-  }
-
-  /**
-   * Synchronous initialization for backward compatibility
-   * @deprecated This uses sync filesystem operations which block the event loop
-   */
-  private initializeSync(): void {
-    // Ensure certificate store directory exists
-    try {
-      if (!fs.existsSync(this.certificateStoreDir)) {
-        fs.mkdirSync(this.certificateStoreDir, { recursive: true });
-        this.logger.info(`Created certificate store directory: ${this.certificateStoreDir}`);
-      }
-    } catch (error) {
-      this.logger.warn(`Failed to create certificate store directory: ${error}`);
-    }
-    
-    this.loadDefaultCertificates();
-  }
-
-  /**
-   * Async initialization - preferred method
-   */
-  public async initialize(): Promise<void> {
-    if (this.initialized) return;
-    
-    // Ensure certificate store directory exists
-    try {
-      await AsyncFileSystem.ensureDir(this.certificateStoreDir);
-      this.logger.info(`Ensured certificate store directory: ${this.certificateStoreDir}`);
-    } catch (error) {
-      this.logger.warn(`Failed to create certificate store directory: ${error}`);
-    }
-    
-    await this.loadDefaultCertificatesAsync();
-    this.initialized = true;
-  }
-  
-  /**
-   * Loads default certificates from the filesystem
-   * @deprecated This uses sync filesystem operations which block the event loop
-   */
-  public loadDefaultCertificates(): void {
-    const __dirname = path.dirname(fileURLToPath(import.meta.url));
-    const certPath = path.join(__dirname, '..', '..', '..', 'assets', 'certs');
-
-    try {
-      this.defaultCertificates = {
-        key: fs.readFileSync(path.join(certPath, 'key.pem'), 'utf8'),
-        cert: fs.readFileSync(path.join(certPath, 'cert.pem'), 'utf8')
-      };
-      this.logger.info('Loaded default certificates from filesystem (sync - deprecated)');
-    } catch (error) {
-      this.logger.error(`Failed to load default certificates: ${error}`);
-      this.generateSelfSignedCertificate();
-    }
-  }
-
-  /**
-   * Loads default certificates from the filesystem asynchronously
-   */
-  public async loadDefaultCertificatesAsync(): Promise<void> {
-    const __dirname = path.dirname(fileURLToPath(import.meta.url));
-    const certPath = path.join(__dirname, '..', '..', '..', 'assets', 'certs');
-
-    try {
-      const [key, cert] = await Promise.all([
-        AsyncFileSystem.readFile(path.join(certPath, 'key.pem')),
-        AsyncFileSystem.readFile(path.join(certPath, 'cert.pem'))
-      ]);
-      
-      this.defaultCertificates = { key, cert };
-      this.logger.info('Loaded default certificates from filesystem (async)');
-    } catch (error) {
-      this.logger.error(`Failed to load default certificates: ${error}`);
-      this.generateSelfSignedCertificate();
-    }
-  }
-
-  /**
-   * Generates self-signed certificates as fallback
-   */
-  private generateSelfSignedCertificate(): void {
-    // Generate a self-signed certificate using forge or similar
-    // For now, just use a placeholder
-    const selfSignedCert = `-----BEGIN CERTIFICATE-----
-MIIBkTCB+wIJAKHHIgIIA0/cMA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNVBAYTAlVT
-MB4XDTE0MDEwMTAwMDAwMFoXDTI0MDEwMTAwMDAwMFowDTELMAkGA1UEBhMCVVMw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRiH0VwnOH3jCV7c6JFZWYrvuqy
------END CERTIFICATE-----`;
-    
-    const selfSignedKey = `-----BEGIN PRIVATE KEY-----
-MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMRiH0VwnOH3jCV7
-c6JFZWYrvuqyALCLXj0pcr1iqNdHjegNXnkl5zjdaUjq4edNOKl7M1AlFiYjG2xk
------END PRIVATE KEY-----`;
-
-    this.defaultCertificates = {
-      key: selfSignedKey,
-      cert: selfSignedCert
-    };
-
-    this.logger.warn('Using self-signed certificate as fallback');
-  }
-
-  /**
-   * Gets the default certificates
-   */
-  public getDefaultCertificates(): { key: string; cert: string } {
-    return this.defaultCertificates;
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public setExternalPort80Handler(handler: any): void {
-    this.logger.warn('setExternalPort80Handler is deprecated - use SmartCertManager instead');
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public async updateRoutes(routes: IRouteConfig[]): Promise<void> {
-    this.logger.warn('updateRoutes is deprecated - use SmartCertManager instead');
-  }
-
-  /**
-   * Handles SNI callback to provide appropriate certificate
-   */
-  public handleSNI(domain: string, cb: (err: Error | null, ctx: plugins.tls.SecureContext) => void): void {
-    const certificate = this.getCachedCertificate(domain);
-    
-    if (certificate) {
-      const context = plugins.tls.createSecureContext({
-        key: certificate.key,
-        cert: certificate.cert
-      });
-      cb(null, context);
-      return;
-    }
-    
-    // Use default certificate if no domain-specific certificate found
-    const defaultContext = plugins.tls.createSecureContext({
-      key: this.defaultCertificates.key,
-      cert: this.defaultCertificates.cert
-    });
-    cb(null, defaultContext);
-  }
-
-  /**
-   * Updates a certificate in the cache
-   */
-  public updateCertificate(domain: string, cert: string, key: string): void {
-    this.certificateCache.set(domain, {
-      cert,
-      key,
-      expires: new Date(Date.now() + 90 * 24 * 60 * 60 * 1000) // 90 days
-    });
-    
-    this.logger.info(`Certificate updated for ${domain}`);
-  }
-
-  /**
-   * Gets a cached certificate
-   */
-  private getCachedCertificate(domain: string): ICertificateEntry | null {
-    return this.certificateCache.get(domain) || null;
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public async initializePort80Handler(): Promise<any> {
-    this.logger.warn('initializePort80Handler is deprecated - use SmartCertManager instead');
-    return null;
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public async stopPort80Handler(): Promise<void> {
-    this.logger.warn('stopPort80Handler is deprecated - use SmartCertManager instead');
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public registerDomainsWithPort80Handler(domains: string[]): void {
-    this.logger.warn('registerDomainsWithPort80Handler is deprecated - use SmartCertManager instead');
-  }
-
-  /**
-   * @deprecated Use SmartCertManager instead
-   */
-  public registerRoutesWithPort80Handler(routes: IRouteConfig[]): void {
-    this.logger.warn('registerRoutesWithPort80Handler is deprecated - use SmartCertManager instead');
-  }
-
-  /**
-   * Sets the HTTPS server for certificate updates
-   */
-  public setHttpsServer(server: plugins.https.Server): void {
-    this.httpsServer = server;
-  }
-
-  /**
-   * Gets statistics for metrics
-   */
-  public getStats() {
-    return {
-      cachedCertificates: this.certificateCache.size,
-      defaultCertEnabled: true
-    };
-  }
-}

package/ts/proxies/http-proxy/connection-pool.ts

@@ -1,228 +0,0 @@
-import * as plugins from '../../plugins.js';
-import { type IHttpProxyOptions, type IConnectionEntry, type ILogger, createLogger } from './models/types.js';
-import { cleanupSocket } from '../../core/utils/socket-utils.js';
-
-/**
- * Manages a pool of backend connections for efficient reuse
- */
-export class ConnectionPool {
-  private connectionPool: Map<string, Array<IConnectionEntry>> = new Map();
-  private roundRobinPositions: Map<string, number> = new Map();
-  private logger: ILogger;
-
-  constructor(private options: IHttpProxyOptions) {
-    this.logger = createLogger(options.logLevel || 'info');
-  }
-  
-  /**
-   * Get a connection from the pool or create a new one
-   */
-  public getConnection(host: string, port: number): Promise<plugins.net.Socket> {
-    return new Promise((resolve, reject) => {
-      const poolKey = `${host}:${port}`;
-      const connectionList = this.connectionPool.get(poolKey) || [];
-      
-      // Look for an idle connection
-      const idleConnectionIndex = connectionList.findIndex(c => c.isIdle);
-      
-      if (idleConnectionIndex >= 0) {
-        // Get existing connection from pool
-        const connection = connectionList[idleConnectionIndex];
-        connection.isIdle = false;
-        connection.lastUsed = Date.now();
-        this.logger.debug(`Reusing connection from pool for ${poolKey}`);
-        
-        // Update the pool
-        this.connectionPool.set(poolKey, connectionList);
-        
-        resolve(connection.socket);
-        return;
-      }
-      
-      // No idle connection available, create a new one if pool isn't full
-      const poolSize = this.options.connectionPoolSize || 50;
-      if (connectionList.length < poolSize) {
-        this.logger.debug(`Creating new connection to ${host}:${port}`);
-        
-        try {
-          const socket = plugins.net.connect({
-            host,
-            port,
-            keepAlive: true,
-            keepAliveInitialDelay: 30000 // 30 seconds
-          });
-          
-          socket.once('connect', () => {
-            // Add to connection pool
-            const connection = {
-              socket,
-              lastUsed: Date.now(),
-              isIdle: false
-            };
-            
-            connectionList.push(connection);
-            this.connectionPool.set(poolKey, connectionList);
-            
-            // Setup cleanup when the connection is closed
-            socket.once('close', () => {
-              const idx = connectionList.findIndex(c => c.socket === socket);
-              if (idx >= 0) {
-                connectionList.splice(idx, 1);
-                this.connectionPool.set(poolKey, connectionList);
-                this.logger.debug(`Removed closed connection from pool for ${poolKey}`);
-              }
-            });
-            
-            resolve(socket);
-          });
-          
-          socket.once('error', (err) => {
-            this.logger.error(`Error creating connection to ${host}:${port}`, err);
-            reject(err);
-          });
-        } catch (err) {
-          this.logger.error(`Failed to create connection to ${host}:${port}`, err);
-          reject(err);
-        }
-      } else {
-        // Pool is full, wait for an idle connection or reject
-        this.logger.warn(`Connection pool for ${poolKey} is full (${connectionList.length})`);
-        reject(new Error(`Connection pool for ${poolKey} is full`));
-      }
-    });
-  }
-  
-  /**
-   * Return a connection to the pool for reuse
-   */
-  public returnConnection(socket: plugins.net.Socket, host: string, port: number): void {
-    const poolKey = `${host}:${port}`;
-    const connectionList = this.connectionPool.get(poolKey) || [];
-    
-    // Find this connection in the pool
-    const connectionIndex = connectionList.findIndex(c => c.socket === socket);
-    
-    if (connectionIndex >= 0) {
-      // Mark as idle and update last used time
-      connectionList[connectionIndex].isIdle = true;
-      connectionList[connectionIndex].lastUsed = Date.now();
-      
-      this.logger.debug(`Returned connection to pool for ${poolKey}`);
-    } else {
-      this.logger.warn(`Attempted to return unknown connection to pool for ${poolKey}`);
-    }
-  }
-  
-  /**
-   * Cleanup the connection pool by removing idle connections
-   * or reducing pool size if it exceeds the configured maximum
-   */
-  public cleanupConnectionPool(): void {
-    const now = Date.now();
-    const idleTimeout = this.options.keepAliveTimeout || 120000; // 2 minutes default
-    
-    for (const [host, connections] of this.connectionPool.entries()) {
-      // Sort by last used time (oldest first)
-      connections.sort((a, b) => a.lastUsed - b.lastUsed);
-      
-      // Remove idle connections older than the idle timeout
-      let removed = 0;
-      while (connections.length > 0) {
-        const connection = connections[0];
-        
-        // Remove if idle and exceeds timeout, or if pool is too large
-        if ((connection.isIdle && now - connection.lastUsed > idleTimeout) ||
-            connections.length > (this.options.connectionPoolSize || 50)) {
-          
-          cleanupSocket(connection.socket, `pool-${host}-idle`, { immediate: true }).catch(() => {});
-          
-          connections.shift(); // Remove from pool
-          removed++;
-        } else {
-          break; // Stop removing if we've reached active or recent connections
-        }
-      }
-      
-      if (removed > 0) {
-        this.logger.debug(`Removed ${removed} idle connections from pool for ${host}, ${connections.length} remaining`);
-      }
-      
-      // Update the pool with the remaining connections
-      if (connections.length === 0) {
-        this.connectionPool.delete(host);
-      } else {
-        this.connectionPool.set(host, connections);
-      }
-    }
-  }
-  
-  /**
-   * Close all connections in the pool
-   */
-  public closeAllConnections(): void {
-    for (const [host, connections] of this.connectionPool.entries()) {
-      this.logger.debug(`Closing ${connections.length} connections to ${host}`);
-      
-      for (const connection of connections) {
-        cleanupSocket(connection.socket, `pool-${host}-close`, { immediate: true }).catch(() => {});
-      }
-    }
-    
-    this.connectionPool.clear();
-    this.roundRobinPositions.clear();
-  }
-  
-  /**
-   * Get load balancing target using round-robin
-   */
-  public getNextTarget(targets: string[], port: number): { host: string, port: number } {
-    const targetKey = targets.join(',');
-    
-    // Initialize position if not exists
-    if (!this.roundRobinPositions.has(targetKey)) {
-      this.roundRobinPositions.set(targetKey, 0);
-    }
-    
-    // Get current position and increment for next time
-    const currentPosition = this.roundRobinPositions.get(targetKey)!;
-    const nextPosition = (currentPosition + 1) % targets.length;
-    this.roundRobinPositions.set(targetKey, nextPosition);
-    
-    // Return the selected target
-    return {
-      host: targets[currentPosition],
-      port
-    };
-  }
-  
-  /**
-   * Gets the connection pool status
-   */
-  public getPoolStatus(): Record<string, { total: number, idle: number }> {
-    return Object.fromEntries(
-      Array.from(this.connectionPool.entries()).map(([host, connections]) => [
-        host, 
-        {
-          total: connections.length, 
-          idle: connections.filter(c => c.isIdle).length
-        }
-      ])
-    );
-  }
-  
-  /**
-   * Setup a periodic cleanup task
-   */
-  public setupPeriodicCleanup(interval: number = 60000): NodeJS.Timeout {
-    const timer = setInterval(() => {
-      this.cleanupConnectionPool();
-    }, interval);
-    
-    // Don't prevent process exit
-    if (timer.unref) {
-      timer.unref();
-    }
-    
-    return timer;
-  }
-}

package/ts/proxies/http-proxy/context-creator.ts

@@ -1,145 +0,0 @@
-import * as plugins from '../../plugins.js';
-import '../../core/models/socket-augmentation.js';
-import type { IRouteContext, IHttpRouteContext, IHttp2RouteContext } from '../../core/models/route-context.js';
-
-/**
- * Context creator for NetworkProxy
- * Creates route contexts for matching and function evaluation
- */
-export class ContextCreator {
-  /**
-   * Create a route context from HTTP request information
-   */
-  public createHttpRouteContext(req: any, options: {
-    tlsVersion?: string;
-    connectionId: string;
-    clientIp: string;
-    serverIp: string;
-  }): IHttpRouteContext {
-    // Parse headers
-    const headers: Record<string, string> = {};
-    for (const [key, value] of Object.entries(req.headers)) {
-      if (typeof value === 'string') {
-        headers[key.toLowerCase()] = value;
-      } else if (Array.isArray(value) && value.length > 0) {
-        headers[key.toLowerCase()] = value[0];
-      }
-    }
-
-    // Parse domain from Host header
-    const domain = headers['host']?.split(':')[0] || '';
-
-    // Parse URL
-    const url = new URL(`http://${domain}${req.url || '/'}`);
-
-    return {
-      // Connection basics
-      port: req.socket.localPort || 0,
-      domain,
-      clientIp: options.clientIp,
-      serverIp: options.serverIp,
-
-      // HTTP specifics
-      path: url.pathname,
-      query: url.search ? url.search.substring(1) : '',
-      headers,
-
-      // TLS information
-      isTls: !!req.socket.encrypted,
-      tlsVersion: options.tlsVersion,
-
-      // Request objects
-      req,
-
-      // Metadata
-      timestamp: Date.now(),
-      connectionId: options.connectionId
-    };
-  }
-
-  /**
-   * Create a route context from HTTP/2 stream and headers
-   */
-  public createHttp2RouteContext(
-    stream: plugins.http2.ServerHttp2Stream,
-    headers: plugins.http2.IncomingHttpHeaders,
-    options: {
-      connectionId: string;
-      clientIp: string;
-      serverIp: string;
-    }
-  ): IHttp2RouteContext {
-    // Parse headers, excluding HTTP/2 pseudo-headers
-    const processedHeaders: Record<string, string> = {};
-    for (const [key, value] of Object.entries(headers)) {
-      if (!key.startsWith(':') && typeof value === 'string') {
-        processedHeaders[key.toLowerCase()] = value;
-      }
-    }
-
-    // Get domain from :authority pseudo-header
-    const authority = headers[':authority'] as string || '';
-    const domain = authority.split(':')[0];
-
-    // Get path from :path pseudo-header
-    const path = headers[':path'] as string || '/';
-
-    // Parse the path to extract query string
-    const pathParts = path.split('?');
-    const pathname = pathParts[0];
-    const query = pathParts.length > 1 ? pathParts[1] : '';
-
-    // Get the socket from the session
-    const socket = (stream.session as any)?.socket;
-
-    return {
-      // Connection basics
-      port: socket?.localPort || 0,
-      domain,
-      clientIp: options.clientIp,
-      serverIp: options.serverIp,
-
-      // HTTP specifics
-      path: pathname,
-      query,
-      headers: processedHeaders,
-
-      // HTTP/2 specific properties
-      method: headers[':method'] as string,
-      stream,
-
-      // TLS information - HTTP/2 is always on TLS in browsers
-      isTls: true,
-      tlsVersion: socket?.getTLSVersion?.() || 'TLSv1.3',
-
-      // Metadata
-      timestamp: Date.now(),
-      connectionId: options.connectionId
-    };
-  }
-
-  /**
-   * Create a basic route context from socket information
-   */
-  public createSocketRouteContext(socket: plugins.net.Socket, options: {
-    domain?: string;
-    tlsVersion?: string;
-    connectionId: string;
-  }): IRouteContext {
-    return {
-      // Connection basics
-      port: socket.localPort || 0,
-      domain: options.domain,
-      clientIp: socket.remoteAddress?.replace('::ffff:', '') || '0.0.0.0',
-      serverIp: socket.localAddress?.replace('::ffff:', '') || '0.0.0.0',
-
-      // TLS information
-      isTls: options.tlsVersion !== undefined,
-      tlsVersion: options.tlsVersion,
-
-      // Metadata
-      timestamp: Date.now(),
-      connectionId: options.connectionId
-    };
-  }
-}