@push.rocks/smartproxy 23.0.0 → 23.1.0

package/dist_ts/protocols/tls/constants.js

@@ -1,135 +0,0 @@
-/**
- * TLS Protocol Constants
- * Based on various TLS RFCs
- */
-/**
- * TLS record types as defined in various RFCs
- */
-export var TlsRecordType;
-(function (TlsRecordType) {
-    TlsRecordType[TlsRecordType["CHANGE_CIPHER_SPEC"] = 20] = "CHANGE_CIPHER_SPEC";
-    TlsRecordType[TlsRecordType["ALERT"] = 21] = "ALERT";
-    TlsRecordType[TlsRecordType["HANDSHAKE"] = 22] = "HANDSHAKE";
-    TlsRecordType[TlsRecordType["APPLICATION_DATA"] = 23] = "APPLICATION_DATA";
-    TlsRecordType[TlsRecordType["HEARTBEAT"] = 24] = "HEARTBEAT";
-})(TlsRecordType || (TlsRecordType = {}));
-/**
- * TLS handshake message types
- */
-export var TlsHandshakeType;
-(function (TlsHandshakeType) {
-    TlsHandshakeType[TlsHandshakeType["HELLO_REQUEST"] = 0] = "HELLO_REQUEST";
-    TlsHandshakeType[TlsHandshakeType["CLIENT_HELLO"] = 1] = "CLIENT_HELLO";
-    TlsHandshakeType[TlsHandshakeType["SERVER_HELLO"] = 2] = "SERVER_HELLO";
-    TlsHandshakeType[TlsHandshakeType["NEW_SESSION_TICKET"] = 4] = "NEW_SESSION_TICKET";
-    TlsHandshakeType[TlsHandshakeType["ENCRYPTED_EXTENSIONS"] = 8] = "ENCRYPTED_EXTENSIONS";
-    TlsHandshakeType[TlsHandshakeType["CERTIFICATE"] = 11] = "CERTIFICATE";
-    TlsHandshakeType[TlsHandshakeType["SERVER_KEY_EXCHANGE"] = 12] = "SERVER_KEY_EXCHANGE";
-    TlsHandshakeType[TlsHandshakeType["CERTIFICATE_REQUEST"] = 13] = "CERTIFICATE_REQUEST";
-    TlsHandshakeType[TlsHandshakeType["SERVER_HELLO_DONE"] = 14] = "SERVER_HELLO_DONE";
-    TlsHandshakeType[TlsHandshakeType["CERTIFICATE_VERIFY"] = 15] = "CERTIFICATE_VERIFY";
-    TlsHandshakeType[TlsHandshakeType["CLIENT_KEY_EXCHANGE"] = 16] = "CLIENT_KEY_EXCHANGE";
-    TlsHandshakeType[TlsHandshakeType["FINISHED"] = 20] = "FINISHED";
-})(TlsHandshakeType || (TlsHandshakeType = {}));
-/**
- * TLS extension types
- */
-export var TlsExtensionType;
-(function (TlsExtensionType) {
-    TlsExtensionType[TlsExtensionType["SERVER_NAME"] = 0] = "SERVER_NAME";
-    TlsExtensionType[TlsExtensionType["MAX_FRAGMENT_LENGTH"] = 1] = "MAX_FRAGMENT_LENGTH";
-    TlsExtensionType[TlsExtensionType["CLIENT_CERTIFICATE_URL"] = 2] = "CLIENT_CERTIFICATE_URL";
-    TlsExtensionType[TlsExtensionType["TRUSTED_CA_KEYS"] = 3] = "TRUSTED_CA_KEYS";
-    TlsExtensionType[TlsExtensionType["TRUNCATED_HMAC"] = 4] = "TRUNCATED_HMAC";
-    TlsExtensionType[TlsExtensionType["STATUS_REQUEST"] = 5] = "STATUS_REQUEST";
-    TlsExtensionType[TlsExtensionType["SUPPORTED_GROUPS"] = 10] = "SUPPORTED_GROUPS";
-    TlsExtensionType[TlsExtensionType["EC_POINT_FORMATS"] = 11] = "EC_POINT_FORMATS";
-    TlsExtensionType[TlsExtensionType["SIGNATURE_ALGORITHMS"] = 13] = "SIGNATURE_ALGORITHMS";
-    TlsExtensionType[TlsExtensionType["APPLICATION_LAYER_PROTOCOL_NEGOTIATION"] = 16] = "APPLICATION_LAYER_PROTOCOL_NEGOTIATION";
-    TlsExtensionType[TlsExtensionType["SIGNED_CERTIFICATE_TIMESTAMP"] = 18] = "SIGNED_CERTIFICATE_TIMESTAMP";
-    TlsExtensionType[TlsExtensionType["PADDING"] = 21] = "PADDING";
-    TlsExtensionType[TlsExtensionType["SESSION_TICKET"] = 35] = "SESSION_TICKET";
-    TlsExtensionType[TlsExtensionType["PRE_SHARED_KEY"] = 41] = "PRE_SHARED_KEY";
-    TlsExtensionType[TlsExtensionType["EARLY_DATA"] = 42] = "EARLY_DATA";
-    TlsExtensionType[TlsExtensionType["SUPPORTED_VERSIONS"] = 43] = "SUPPORTED_VERSIONS";
-    TlsExtensionType[TlsExtensionType["COOKIE"] = 44] = "COOKIE";
-    TlsExtensionType[TlsExtensionType["PSK_KEY_EXCHANGE_MODES"] = 45] = "PSK_KEY_EXCHANGE_MODES";
-    TlsExtensionType[TlsExtensionType["CERTIFICATE_AUTHORITIES"] = 47] = "CERTIFICATE_AUTHORITIES";
-    TlsExtensionType[TlsExtensionType["POST_HANDSHAKE_AUTH"] = 49] = "POST_HANDSHAKE_AUTH";
-    TlsExtensionType[TlsExtensionType["SIGNATURE_ALGORITHMS_CERT"] = 50] = "SIGNATURE_ALGORITHMS_CERT";
-    TlsExtensionType[TlsExtensionType["KEY_SHARE"] = 51] = "KEY_SHARE";
-})(TlsExtensionType || (TlsExtensionType = {}));
-/**
- * TLS alert levels
- */
-export var TlsAlertLevel;
-(function (TlsAlertLevel) {
-    TlsAlertLevel[TlsAlertLevel["WARNING"] = 1] = "WARNING";
-    TlsAlertLevel[TlsAlertLevel["FATAL"] = 2] = "FATAL";
-})(TlsAlertLevel || (TlsAlertLevel = {}));
-/**
- * TLS alert description codes
- */
-export var TlsAlertDescription;
-(function (TlsAlertDescription) {
-    TlsAlertDescription[TlsAlertDescription["CLOSE_NOTIFY"] = 0] = "CLOSE_NOTIFY";
-    TlsAlertDescription[TlsAlertDescription["UNEXPECTED_MESSAGE"] = 10] = "UNEXPECTED_MESSAGE";
-    TlsAlertDescription[TlsAlertDescription["BAD_RECORD_MAC"] = 20] = "BAD_RECORD_MAC";
-    TlsAlertDescription[TlsAlertDescription["DECRYPTION_FAILED"] = 21] = "DECRYPTION_FAILED";
-    TlsAlertDescription[TlsAlertDescription["RECORD_OVERFLOW"] = 22] = "RECORD_OVERFLOW";
-    TlsAlertDescription[TlsAlertDescription["DECOMPRESSION_FAILURE"] = 30] = "DECOMPRESSION_FAILURE";
-    TlsAlertDescription[TlsAlertDescription["HANDSHAKE_FAILURE"] = 40] = "HANDSHAKE_FAILURE";
-    TlsAlertDescription[TlsAlertDescription["NO_CERTIFICATE"] = 41] = "NO_CERTIFICATE";
-    TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE"] = 42] = "BAD_CERTIFICATE";
-    TlsAlertDescription[TlsAlertDescription["UNSUPPORTED_CERTIFICATE"] = 43] = "UNSUPPORTED_CERTIFICATE";
-    TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REVOKED"] = 44] = "CERTIFICATE_REVOKED";
-    TlsAlertDescription[TlsAlertDescription["CERTIFICATE_EXPIRED"] = 45] = "CERTIFICATE_EXPIRED";
-    TlsAlertDescription[TlsAlertDescription["CERTIFICATE_UNKNOWN"] = 46] = "CERTIFICATE_UNKNOWN";
-    TlsAlertDescription[TlsAlertDescription["ILLEGAL_PARAMETER"] = 47] = "ILLEGAL_PARAMETER";
-    TlsAlertDescription[TlsAlertDescription["UNKNOWN_CA"] = 48] = "UNKNOWN_CA";
-    TlsAlertDescription[TlsAlertDescription["ACCESS_DENIED"] = 49] = "ACCESS_DENIED";
-    TlsAlertDescription[TlsAlertDescription["DECODE_ERROR"] = 50] = "DECODE_ERROR";
-    TlsAlertDescription[TlsAlertDescription["DECRYPT_ERROR"] = 51] = "DECRYPT_ERROR";
-    TlsAlertDescription[TlsAlertDescription["EXPORT_RESTRICTION"] = 60] = "EXPORT_RESTRICTION";
-    TlsAlertDescription[TlsAlertDescription["PROTOCOL_VERSION"] = 70] = "PROTOCOL_VERSION";
-    TlsAlertDescription[TlsAlertDescription["INSUFFICIENT_SECURITY"] = 71] = "INSUFFICIENT_SECURITY";
-    TlsAlertDescription[TlsAlertDescription["INTERNAL_ERROR"] = 80] = "INTERNAL_ERROR";
-    TlsAlertDescription[TlsAlertDescription["INAPPROPRIATE_FALLBACK"] = 86] = "INAPPROPRIATE_FALLBACK";
-    TlsAlertDescription[TlsAlertDescription["USER_CANCELED"] = 90] = "USER_CANCELED";
-    TlsAlertDescription[TlsAlertDescription["NO_RENEGOTIATION"] = 100] = "NO_RENEGOTIATION";
-    TlsAlertDescription[TlsAlertDescription["MISSING_EXTENSION"] = 109] = "MISSING_EXTENSION";
-    TlsAlertDescription[TlsAlertDescription["UNSUPPORTED_EXTENSION"] = 110] = "UNSUPPORTED_EXTENSION";
-    TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REQUIRED"] = 111] = "CERTIFICATE_REQUIRED";
-    TlsAlertDescription[TlsAlertDescription["UNRECOGNIZED_NAME"] = 112] = "UNRECOGNIZED_NAME";
-    TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE_STATUS_RESPONSE"] = 113] = "BAD_CERTIFICATE_STATUS_RESPONSE";
-    TlsAlertDescription[TlsAlertDescription["BAD_CERTIFICATE_HASH_VALUE"] = 114] = "BAD_CERTIFICATE_HASH_VALUE";
-    TlsAlertDescription[TlsAlertDescription["UNKNOWN_PSK_IDENTITY"] = 115] = "UNKNOWN_PSK_IDENTITY";
-    TlsAlertDescription[TlsAlertDescription["CERTIFICATE_REQUIRED_1_3"] = 116] = "CERTIFICATE_REQUIRED_1_3";
-    TlsAlertDescription[TlsAlertDescription["NO_APPLICATION_PROTOCOL"] = 120] = "NO_APPLICATION_PROTOCOL";
-})(TlsAlertDescription || (TlsAlertDescription = {}));
-/**
- * TLS version codes (major.minor)
- */
-export const TlsVersion = {
-    SSL3: [0x03, 0x00],
-    TLS1_0: [0x03, 0x01],
-    TLS1_1: [0x03, 0x02],
-    TLS1_2: [0x03, 0x03],
-    TLS1_3: [0x03, 0x04],
-};
-/**
- * Convert TLS version bytes to version string
- */
-export function tlsVersionToString(major, minor) {
-    if (major === 0x03) {
-        switch (minor) {
-            case 0x00: return 'SSLv3';
-            case 0x01: return 'TLSv1.0';
-            case 0x02: return 'TLSv1.1';
-            case 0x03: return 'TLSv1.2';
-            case 0x04: return 'TLSv1.3';
-        }
-    }
-    return null;
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvcHJvdG9jb2xzL3Rscy9jb25zdGFudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7OztHQUdHO0FBRUg7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxhQU1YO0FBTkQsV0FBWSxhQUFhO0lBQ3ZCLDhFQUF1QixDQUFBO0lBQ3ZCLG9EQUFVLENBQUE7SUFDViw0REFBYyxDQUFBO0lBQ2QsMEVBQXFCLENBQUE7SUFDckIsNERBQWMsQ0FBQTtBQUNoQixDQUFDLEVBTlcsYUFBYSxLQUFiLGFBQWEsUUFNeEI7QUFFRDs7R0FFRztBQUNILE1BQU0sQ0FBTixJQUFZLGdCQWFYO0FBYkQsV0FBWSxnQkFBZ0I7SUFDMUIseUVBQWlCLENBQUE7SUFDakIsdUVBQWdCLENBQUE7SUFDaEIsdUVBQWdCLENBQUE7SUFDaEIsbUZBQXNCLENBQUE7SUFDdEIsdUZBQXdCLENBQUE7SUFDeEIsc0VBQWdCLENBQUE7SUFDaEIsc0ZBQXdCLENBQUE7SUFDeEIsc0ZBQXdCLENBQUE7SUFDeEIsa0ZBQXNCLENBQUE7SUFDdEIsb0ZBQXVCLENBQUE7SUFDdkIsc0ZBQXdCLENBQUE7SUFDeEIsZ0VBQWEsQ0FBQTtBQUNmLENBQUMsRUFiVyxnQkFBZ0IsS0FBaEIsZ0JBQWdCLFFBYTNCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxnQkF1Qlg7QUF2QkQsV0FBWSxnQkFBZ0I7SUFDMUIscUVBQWUsQ0FBQTtJQUNmLHFGQUF1QixDQUFBO0lBQ3ZCLDJGQUEwQixDQUFBO0lBQzFCLDZFQUFtQixDQUFBO0lBQ25CLDJFQUFrQixDQUFBO0lBQ2xCLDJFQUFrQixDQUFBO0lBQ2xCLGdGQUFxQixDQUFBO0lBQ3JCLGdGQUFxQixDQUFBO0lBQ3JCLHdGQUF5QixDQUFBO0lBQ3pCLDRIQUEyQyxDQUFBO0lBQzNDLHdHQUFpQyxDQUFBO0lBQ2pDLDhEQUFZLENBQUE7SUFDWiw0RUFBbUIsQ0FBQTtJQUNuQiw0RUFBbUIsQ0FBQTtJQUNuQixvRUFBZSxDQUFBO0lBQ2Ysb0ZBQXVCLENBQUE7SUFDdkIsNERBQVcsQ0FBQTtJQUNYLDRGQUEyQixDQUFBO0lBQzNCLDhGQUE0QixDQUFBO0lBQzVCLHNGQUF3QixDQUFBO0lBQ3hCLGtHQUE4QixDQUFBO0lBQzlCLGtFQUFjLENBQUE7QUFDaEIsQ0FBQyxFQXZCVyxnQkFBZ0IsS0FBaEIsZ0JBQWdCLFFBdUIzQjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksYUFHWDtBQUhELFdBQVksYUFBYTtJQUN2Qix1REFBVyxDQUFBO0lBQ1gsbURBQVMsQ0FBQTtBQUNYLENBQUMsRUFIVyxhQUFhLEtBQWIsYUFBYSxRQUd4QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksbUJBbUNYO0FBbkNELFdBQVksbUJBQW1CO0lBQzdCLDZFQUFnQixDQUFBO0lBQ2hCLDBGQUF1QixDQUFBO0lBQ3ZCLGtGQUFtQixDQUFBO0lBQ25CLHdGQUFzQixDQUFBO0lBQ3RCLG9GQUFvQixDQUFBO0lBQ3BCLGdHQUEwQixDQUFBO0lBQzFCLHdGQUFzQixDQUFBO0lBQ3RCLGtGQUFtQixDQUFBO0lBQ25CLG9GQUFvQixDQUFBO0lBQ3BCLG9HQUE0QixDQUFBO0lBQzVCLDRGQUF3QixDQUFBO0lBQ3hCLDRGQUF3QixDQUFBO0lBQ3hCLDRGQUF3QixDQUFBO0lBQ3hCLHdGQUFzQixDQUFBO0lBQ3RCLDBFQUFlLENBQUE7SUFDZixnRkFBa0IsQ0FBQTtJQUNsQiw4RUFBaUIsQ0FBQTtJQUNqQixnRkFBa0IsQ0FBQTtJQUNsQiwwRkFBdUIsQ0FBQTtJQUN2QixzRkFBcUIsQ0FBQTtJQUNyQixnR0FBMEIsQ0FBQTtJQUMxQixrRkFBbUIsQ0FBQTtJQUNuQixrR0FBMkIsQ0FBQTtJQUMzQixnRkFBa0IsQ0FBQTtJQUNsQix1RkFBc0IsQ0FBQTtJQUN0Qix5RkFBdUIsQ0FBQTtJQUN2QixpR0FBMkIsQ0FBQTtJQUMzQiwrRkFBMEIsQ0FBQTtJQUMxQix5RkFBdUIsQ0FBQTtJQUN2QixxSEFBcUMsQ0FBQTtJQUNyQywyR0FBZ0MsQ0FBQTtJQUNoQywrRkFBMEIsQ0FBQTtJQUMxQix1R0FBOEIsQ0FBQTtJQUM5QixxR0FBNkIsQ0FBQTtBQUMvQixDQUFDLEVBbkNXLG1CQUFtQixLQUFuQixtQkFBbUIsUUFtQzlCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQUMsTUFBTSxVQUFVLEdBQUc7SUFDeEIsSUFBSSxFQUFFLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQztJQUNsQixNQUFNLEVBQUUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDO0lBQ3BCLE1BQU0sRUFBRSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUM7SUFDcEIsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQztJQUNwQixNQUFNLEVBQUUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDO0NBQ1osQ0FBQztBQU9YOztHQUVHO0FBQ0gsTUFBTSxVQUFVLGtCQUFrQixDQUFDLEtBQWEsRUFBRSxLQUFhO0lBQzdELElBQUksS0FBSyxLQUFLLElBQUksRUFBRSxDQUFDO1FBQ25CLFFBQVEsS0FBSyxFQUFFLENBQUM7WUFDZCxLQUFLLElBQUksQ0FBQyxDQUFDLE9BQU8sT0FBTyxDQUFDO1lBQzFCLEtBQUssSUFBSSxDQUFDLENBQUMsT0FBTyxTQUFTLENBQUM7WUFDNUIsS0FBSyxJQUFJLENBQUMsQ0FBQyxPQUFPLFNBQVMsQ0FBQztZQUM1QixLQUFLLElBQUksQ0FBQyxDQUFDLE9BQU8sU0FBUyxDQUFDO1lBQzVCLEtBQUssSUFBSSxDQUFDLENBQUMsT0FBTyxTQUFTLENBQUM7UUFDOUIsQ0FBQztJQUNILENBQUM7SUFDRCxPQUFPLElBQUksQ0FBQztBQUNkLENBQUMifQ==

package/dist_ts/protocols/tls/parser.d.ts

@@ -1,53 +0,0 @@
-/**
- * TLS Protocol Parser
- * Generic TLS parsing utilities separated from implementation logic
- */
-import { Buffer } from 'buffer';
-import type { ITlsExtension } from './types.js';
-/**
- * Result of a ClientHello parse operation
- */
-export interface IClientHelloParseResult {
-    isValid: boolean;
-    version?: [number, number];
-    random?: Buffer;
-    sessionId?: Buffer;
-    hasSessionId: boolean;
-    cipherSuites?: Buffer;
-    compressionMethods?: Buffer;
-    extensions: ITlsExtension[];
-    serverNameList?: string[];
-    hasSessionTicket: boolean;
-    hasPsk: boolean;
-    hasEarlyData: boolean;
-    error?: string;
-}
-/**
- * TLS protocol parser utilities
- */
-export declare class TlsParser {
-    /**
-     * Checks if a buffer contains a TLS handshake record
-     */
-    static isTlsHandshake(buffer: Buffer): boolean;
-    /**
-     * Checks if a buffer contains a TLS ClientHello message
-     */
-    static isClientHello(buffer: Buffer): boolean;
-    /**
-     * Gets the record length from a TLS record header
-     */
-    static getTlsRecordLength(buffer: Buffer): number;
-    /**
-     * Parses a TLS ClientHello message and extracts all components
-     */
-    static parseClientHello(buffer: Buffer): IClientHelloParseResult;
-    /**
-     * Parses the server name extension data and extracts hostnames
-     */
-    static parseServerNameExtension(data: Buffer): string[];
-    /**
-     * Extract SNI (Server Name Indication) from ClientHello
-     */
-    static extractSNI(buffer: Buffer): string | null;
-}

package/dist_ts/protocols/tls/parser.js

@@ -1,294 +0,0 @@
-/**
- * TLS Protocol Parser
- * Generic TLS parsing utilities separated from implementation logic
- */
-import { Buffer } from 'buffer';
-import { TlsRecordType, TlsHandshakeType, TlsExtensionType } from './constants.js';
-/**
- * TLS protocol parser utilities
- */
-export class TlsParser {
-    /**
-     * Checks if a buffer contains a TLS handshake record
-     */
-    static isTlsHandshake(buffer) {
-        return buffer.length > 0 && buffer[0] === TlsRecordType.HANDSHAKE;
-    }
-    /**
-     * Checks if a buffer contains a TLS ClientHello message
-     */
-    static isClientHello(buffer) {
-        // Minimum ClientHello size (TLS record header + handshake header)
-        if (buffer.length < 9) {
-            return false;
-        }
-        // Check record type (must be TLS_HANDSHAKE_RECORD_TYPE)
-        if (buffer[0] !== TlsRecordType.HANDSHAKE) {
-            return false;
-        }
-        // Check handshake type at byte 5 (must be CLIENT_HELLO)
-        return buffer[5] === TlsHandshakeType.CLIENT_HELLO;
-    }
-    /**
-     * Gets the record length from a TLS record header
-     */
-    static getTlsRecordLength(buffer) {
-        if (buffer.length < 5) {
-            return -1;
-        }
-        // Bytes 3-4 contain the record length (big-endian)
-        return (buffer[3] << 8) + buffer[4];
-    }
-    /**
-     * Parses a TLS ClientHello message and extracts all components
-     */
-    static parseClientHello(buffer) {
-        const result = {
-            isValid: false,
-            hasSessionId: false,
-            extensions: [],
-            hasSessionTicket: false,
-            hasPsk: false,
-            hasEarlyData: false
-        };
-        try {
-            // Check basic validity
-            if (buffer.length < 5) {
-                result.error = 'Buffer too small for TLS record header';
-                return result;
-            }
-            // Check record type (must be HANDSHAKE)
-            if (buffer[0] !== TlsRecordType.HANDSHAKE) {
-                result.error = `Not a TLS handshake record: ${buffer[0]}`;
-                return result;
-            }
-            // Get TLS version from record header
-            const majorVersion = buffer[1];
-            const minorVersion = buffer[2];
-            result.version = [majorVersion, minorVersion];
-            // Parse record length (bytes 3-4, big-endian)
-            const recordLength = (buffer[3] << 8) + buffer[4];
-            // Validate record length against buffer size
-            if (buffer.length < recordLength + 5) {
-                result.error = 'Buffer smaller than expected record length';
-                return result;
-            }
-            // Start of handshake message in the buffer
-            let pos = 5;
-            // Check handshake type (must be CLIENT_HELLO)
-            if (buffer[pos] !== TlsHandshakeType.CLIENT_HELLO) {
-                result.error = `Not a ClientHello message: ${buffer[pos]}`;
-                return result;
-            }
-            // Skip handshake type (1 byte)
-            pos += 1;
-            // Parse handshake length (3 bytes, big-endian)
-            const handshakeLength = (buffer[pos] << 16) + (buffer[pos + 1] << 8) + buffer[pos + 2];
-            // Skip handshake length (3 bytes)
-            pos += 3;
-            // Skip client version (2 bytes)
-            pos += 2;
-            // Extract client random (32 bytes)
-            if (pos + 32 > buffer.length) {
-                result.error = 'Buffer too small for client random';
-                return result;
-            }
-            result.random = buffer.slice(pos, pos + 32);
-            // Skip client random (32 bytes)
-            pos += 32;
-            // Parse session ID
-            if (pos + 1 > buffer.length) {
-                result.error = 'Buffer too small for session ID length';
-                return result;
-            }
-            const sessionIdLength = buffer[pos];
-            pos += 1;
-            result.hasSessionId = sessionIdLength > 0;
-            if (sessionIdLength > 0) {
-                if (pos + sessionIdLength > buffer.length) {
-                    result.error = 'Buffer too small for session ID';
-                    return result;
-                }
-                result.sessionId = buffer.slice(pos, pos + sessionIdLength);
-            }
-            // Skip session ID
-            pos += sessionIdLength;
-            // Check if we have enough bytes left for cipher suites
-            if (pos + 2 > buffer.length) {
-                result.error = 'Buffer too small for cipher suites length';
-                return result;
-            }
-            // Parse cipher suites length (2 bytes, big-endian)
-            const cipherSuitesLength = (buffer[pos] << 8) + buffer[pos + 1];
-            pos += 2;
-            // Extract cipher suites
-            if (pos + cipherSuitesLength > buffer.length) {
-                result.error = 'Buffer too small for cipher suites';
-                return result;
-            }
-            result.cipherSuites = buffer.slice(pos, pos + cipherSuitesLength);
-            // Skip cipher suites
-            pos += cipherSuitesLength;
-            // Check if we have enough bytes left for compression methods
-            if (pos + 1 > buffer.length) {
-                result.error = 'Buffer too small for compression methods length';
-                return result;
-            }
-            // Parse compression methods length (1 byte)
-            const compressionMethodsLength = buffer[pos];
-            pos += 1;
-            // Extract compression methods
-            if (pos + compressionMethodsLength > buffer.length) {
-                result.error = 'Buffer too small for compression methods';
-                return result;
-            }
-            result.compressionMethods = buffer.slice(pos, pos + compressionMethodsLength);
-            // Skip compression methods
-            pos += compressionMethodsLength;
-            // Check if we have enough bytes for extensions length
-            if (pos + 2 > buffer.length) {
-                // No extensions present - this is valid for older TLS versions
-                result.isValid = true;
-                return result;
-            }
-            // Parse extensions length (2 bytes, big-endian)
-            const extensionsLength = (buffer[pos] << 8) + buffer[pos + 1];
-            pos += 2;
-            // Extensions end position
-            const extensionsEnd = pos + extensionsLength;
-            // Check if extensions length is valid
-            if (extensionsEnd > buffer.length) {
-                result.error = 'Extensions length exceeds buffer size';
-                return result;
-            }
-            // Iterate through extensions
-            const serverNames = [];
-            while (pos + 4 <= extensionsEnd) {
-                // Parse extension type (2 bytes, big-endian)
-                const extensionType = (buffer[pos] << 8) + buffer[pos + 1];
-                pos += 2;
-                // Parse extension length (2 bytes, big-endian)
-                const extensionLength = (buffer[pos] << 8) + buffer[pos + 1];
-                pos += 2;
-                // Extract extension data
-                if (pos + extensionLength > extensionsEnd) {
-                    result.error = `Extension ${extensionType} data exceeds bounds`;
-                    return result;
-                }
-                const extensionData = buffer.slice(pos, pos + extensionLength);
-                // Record all extensions
-                result.extensions.push({
-                    type: extensionType,
-                    data: extensionData
-                });
-                // Track specific extension types
-                if (extensionType === TlsExtensionType.SERVER_NAME) {
-                    // Server Name Indication (SNI)
-                    const sniNames = this.parseServerNameExtension(extensionData);
-                    serverNames.push(...sniNames);
-                }
-                else if (extensionType === TlsExtensionType.SESSION_TICKET) {
-                    // Session ticket
-                    result.hasSessionTicket = true;
-                }
-                else if (extensionType === TlsExtensionType.PRE_SHARED_KEY) {
-                    // TLS 1.3 PSK
-                    result.hasPsk = true;
-                }
-                else if (extensionType === TlsExtensionType.EARLY_DATA) {
-                    // TLS 1.3 Early Data (0-RTT)
-                    result.hasEarlyData = true;
-                }
-                // Move to next extension
-                pos += extensionLength;
-            }
-            // Store any server names found
-            if (serverNames.length > 0) {
-                result.serverNameList = serverNames;
-            }
-            // Mark as valid if we get here
-            result.isValid = true;
-            return result;
-        }
-        catch (error) {
-            const errorMessage = error instanceof Error ? error.message : String(error);
-            result.error = errorMessage;
-            return result;
-        }
-    }
-    /**
-     * Parses the server name extension data and extracts hostnames
-     */
-    static parseServerNameExtension(data) {
-        const serverNames = [];
-        try {
-            // Need at least 2 bytes for server name list length
-            if (data.length < 2) {
-                return serverNames;
-            }
-            // Parse server name list length (2 bytes)
-            const listLength = (data[0] << 8) + data[1];
-            // Skip to first name entry
-            let pos = 2;
-            // End of list
-            const listEnd = pos + listLength;
-            // Validate length
-            if (listEnd > data.length) {
-                return serverNames;
-            }
-            // Process all name entries
-            while (pos + 3 <= listEnd) {
-                // Name type (1 byte)
-                const nameType = data[pos];
-                pos += 1;
-                // For hostname, type must be 0
-                if (nameType !== 0) {
-                    // Skip this entry
-                    if (pos + 2 <= listEnd) {
-                        const nameLength = (data[pos] << 8) + data[pos + 1];
-                        pos += 2 + nameLength;
-                        continue;
-                    }
-                    else {
-                        return serverNames;
-                    }
-                }
-                // Parse hostname length (2 bytes)
-                if (pos + 2 > listEnd) {
-                    return serverNames;
-                }
-                const nameLength = (data[pos] << 8) + data[pos + 1];
-                pos += 2;
-                // Extract hostname
-                if (pos + nameLength > listEnd) {
-                    return serverNames;
-                }
-                // Extract the hostname as UTF-8
-                try {
-                    const hostname = data.slice(pos, pos + nameLength).toString('utf8');
-                    serverNames.push(hostname);
-                }
-                catch (err) {
-                    // Ignore invalid hostnames
-                }
-                // Move to next entry
-                pos += nameLength;
-            }
-            return serverNames;
-        }
-        catch (error) {
-            return serverNames;
-        }
-    }
-    /**
-     * Extract SNI (Server Name Indication) from ClientHello
-     */
-    static extractSNI(buffer) {
-        const parseResult = this.parseClientHello(buffer);
-        if (!parseResult.isValid || !parseResult.serverNameList || parseResult.serverNameList.length === 0) {
-            return null;
-        }
-        return parseResult.serverNameList[0];
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGFyc2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvcHJvdG9jb2xzL3Rscy9wYXJzZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7OztHQUdHO0FBRUgsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLFFBQVEsQ0FBQztBQUNoQyxPQUFPLEVBQUUsYUFBYSxFQUFFLGdCQUFnQixFQUFFLGdCQUFnQixFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFzQm5GOztHQUVHO0FBQ0gsTUFBTSxPQUFPLFNBQVM7SUFDcEI7O09BRUc7SUFDSCxNQUFNLENBQUMsY0FBYyxDQUFDLE1BQWM7UUFDbEMsT0FBTyxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsSUFBSSxNQUFNLENBQUMsQ0FBQyxDQUFDLEtBQUssYUFBYSxDQUFDLFNBQVMsQ0FBQztJQUNwRSxDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNLENBQUMsYUFBYSxDQUFDLE1BQWM7UUFDakMsa0VBQWtFO1FBQ2xFLElBQUksTUFBTSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUN0QixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7UUFFRCx3REFBd0Q7UUFDeEQsSUFBSSxNQUFNLENBQUMsQ0FBQyxDQUFDLEtBQUssYUFBYSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQzFDLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELHdEQUF3RDtRQUN4RCxPQUFPLE1BQU0sQ0FBQyxDQUFDLENBQUMsS0FBSyxnQkFBZ0IsQ0FBQyxZQUFZLENBQUM7SUFDckQsQ0FBQztJQUVEOztPQUVHO0lBQ0gsTUFBTSxDQUFDLGtCQUFrQixDQUFDLE1BQWM7UUFDdEMsSUFBSSxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3RCLE9BQU8sQ0FBQyxDQUFDLENBQUM7UUFDWixDQUFDO1FBRUQsbURBQW1EO1FBQ25ELE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFjO1FBQ3BDLE1BQU0sTUFBTSxHQUE0QjtZQUN0QyxPQUFPLEVBQUUsS0FBSztZQUNkLFlBQVksRUFBRSxLQUFLO1lBQ25CLFVBQVUsRUFBRSxFQUFFO1lBQ2QsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixNQUFNLEVBQUUsS0FBSztZQUNiLFlBQVksRUFBRSxLQUFLO1NBQ3BCLENBQUM7UUFFRixJQUFJLENBQUM7WUFDSCx1QkFBdUI7WUFDdkIsSUFBSSxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUN0QixNQUFNLENBQUMsS0FBSyxHQUFHLHdDQUF3QyxDQUFDO2dCQUN4RCxPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1lBRUQsd0NBQXdDO1lBQ3hDLElBQUksTUFBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLGFBQWEsQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDMUMsTUFBTSxDQUFDLEtBQUssR0FBRywrQkFBK0IsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQzFELE9BQU8sTUFBTSxDQUFDO1lBQ2hCLENBQUM7WUFFRCxxQ0FBcUM7WUFDckMsTUFBTSxZQUFZLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQy9CLE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUMvQixNQUFNLENBQUMsT0FBTyxHQUFHLENBQUMsWUFBWSxFQUFFLFlBQVksQ0FBQyxDQUFDO1lBRTlDLDhDQUE4QztZQUM5QyxNQUFNLFlBQVksR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFFbEQsNkNBQTZDO1lBQzdDLElBQUksTUFBTSxDQUFDLE1BQU0sR0FBRyxZQUFZLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQ3JDLE1BQU0sQ0FBQyxLQUFLLEdBQUcsNENBQTRDLENBQUM7Z0JBQzVELE9BQU8sTUFBTSxDQUFDO1lBQ2hCLENBQUM7WUFFRCwyQ0FBMkM7WUFDM0MsSUFBSSxHQUFHLEdBQUcsQ0FBQyxDQUFDO1lBRVosOENBQThDO1lBQzlDLElBQUksTUFBTSxDQUFDLEdBQUcsQ0FBQyxLQUFLLGdCQUFnQixDQUFDLFlBQVksRUFBRSxDQUFDO2dCQUNsRCxNQUFNLENBQUMsS0FBSyxHQUFHLDhCQUE4QixNQUFNLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDM0QsT0FBTyxNQUFNLENBQUM7WUFDaEIsQ0FBQztZQUVELCtCQUErQjtZQUMvQixHQUFHLElBQUksQ0FBQyxDQUFDO1lBRVQsK0NBQStDO1lBQy9DLE1BQU0sZUFBZSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxNQUFNLENBQUMsR0FBRyxHQUFHLENBQUMsQ0FBQyxDQUFDO1lBRXZGLGtDQUFrQztZQUNsQyxHQUFHLElBQUksQ0FBQyxDQUFDO1lBRVQsZ0NBQWdDO1lBQ2hDLEdBQUcsSUFBSSxDQUFDLENBQUM7WUFFVCxtQ0FBbUM7WUFDbkMsSUFBSSxHQUFHLEdBQUcsRUFBRSxHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDN0IsTUFBTSxDQUFDLEtBQUssR0FBRyxvQ0FBb0MsQ0FBQztnQkFDcEQsT0FBTyxNQUFNLENBQUM7WUFDaEIsQ0FBQztZQUVELE1BQU0sQ0FBQyxNQUFNLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsR0FBRyxHQUFHLEVBQUUsQ0FBQyxDQUFDO1lBRTVDLGdDQUFnQztZQUNoQyxHQUFHLElBQUksRUFBRSxDQUFDO1lBRVYsbUJBQW1CO1lBQ25CLElBQUksR0FBRyxHQUFHLENBQUMsR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBQzVCLE1BQU0sQ0FBQyxLQUFLLEdBQUcsd0NBQXdDLENBQUM7Z0JBQ3hELE9BQU8sTUFBTSxDQUFDO1lBQ2hCLENBQUM7WUFFRCxNQUFNLGVBQWUsR0FBRyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDcEMsR0FBRyxJQUFJLENBQUMsQ0FBQztZQUVULE1BQU0sQ0FBQyxZQUFZLEdBQUcsZUFBZSxHQUFHLENBQUMsQ0FBQztZQUUxQyxJQUFJLGVBQWUsR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDeEIsSUFBSSxHQUFHLEdBQUcsZUFBZSxHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztvQkFDMUMsTUFBTSxDQUFDLEtBQUssR0FBRyxpQ0FBaUMsQ0FBQztvQkFDakQsT0FBTyxNQUFNLENBQUM7Z0JBQ2hCLENBQUM7Z0JBRUQsTUFBTSxDQUFDLFNBQVMsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxHQUFHLEdBQUcsZUFBZSxDQUFDLENBQUM7WUFDOUQsQ0FBQztZQUVELGtCQUFrQjtZQUNsQixHQUFHLElBQUksZUFBZSxDQUFDO1lBRXZCLHVEQUF1RDtZQUN2RCxJQUFJLEdBQUcsR0FBRyxDQUFDLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUM1QixNQUFNLENBQUMsS0FBSyxHQUFHLDJDQUEyQyxDQUFDO2dCQUMzRCxPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1lBRUQsbURBQW1EO1lBQ25ELE1BQU0sa0JBQWtCLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsTUFBTSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQztZQUNoRSxHQUFHLElBQUksQ0FBQyxDQUFDO1lBRVQsd0JBQXdCO1lBQ3hCLElBQUksR0FBRyxHQUFHLGtCQUFrQixHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDN0MsTUFBTSxDQUFDLEtBQUssR0FBRyxvQ0FBb0MsQ0FBQztnQkFDcEQsT0FBTyxNQUFNLENBQUM7WUFDaEIsQ0FBQztZQUVELE1BQU0sQ0FBQyxZQUFZLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsR0FBRyxHQUFHLGtCQUFrQixDQUFDLENBQUM7WUFFbEUscUJBQXFCO1lBQ3JCLEdBQUcsSUFBSSxrQkFBa0IsQ0FBQztZQUUxQiw2REFBNkQ7WUFDN0QsSUFBSSxHQUFHLEdBQUcsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDNUIsTUFBTSxDQUFDLEtBQUssR0FBRyxpREFBaUQsQ0FBQztnQkFDakUsT0FBTyxNQUFNLENBQUM7WUFDaEIsQ0FBQztZQUVELDRDQUE0QztZQUM1QyxNQUFNLHdCQUF3QixHQUFHLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUM3QyxHQUFHLElBQUksQ0FBQyxDQUFDO1lBRVQsOEJBQThCO1lBQzlCLElBQUksR0FBRyxHQUFHLHdCQUF3QixHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDbkQsTUFBTSxDQUFDLEtBQUssR0FBRywwQ0FBMEMsQ0FBQztnQkFDMUQsT0FBTyxNQUFNLENBQUM7WUFDaEIsQ0FBQztZQUVELE1BQU0sQ0FBQyxrQkFBa0IsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxHQUFHLEdBQUcsd0JBQXdCLENBQUMsQ0FBQztZQUU5RSwyQkFBMkI7WUFDM0IsR0FBRyxJQUFJLHdCQUF3QixDQUFDO1lBRWhDLHNEQUFzRDtZQUN0RCxJQUFJLEdBQUcsR0FBRyxDQUFDLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUM1QiwrREFBK0Q7Z0JBQy9ELE1BQU0sQ0FBQyxPQUFPLEdBQUcsSUFBSSxDQUFDO2dCQUN0QixPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1lBRUQsZ0RBQWdEO1lBQ2hELE1BQU0sZ0JBQWdCLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsTUFBTSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQztZQUM5RCxHQUFHLElBQUksQ0FBQyxDQUFDO1lBRVQsMEJBQTBCO1lBQzFCLE1BQU0sYUFBYSxHQUFHLEdBQUcsR0FBRyxnQkFBZ0IsQ0FBQztZQUU3QyxzQ0FBc0M7WUFDdEMsSUFBSSxhQUFhLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUNsQyxNQUFNLENBQUMsS0FBSyxHQUFHLHVDQUF1QyxDQUFDO2dCQUN2RCxPQUFPLE1BQU0sQ0FBQztZQUNoQixDQUFDO1lBRUQsNkJBQTZCO1lBQzdCLE1BQU0sV0FBVyxHQUFhLEVBQUUsQ0FBQztZQUVqQyxPQUFPLEdBQUcsR0FBRyxDQUFDLElBQUksYUFBYSxFQUFFLENBQUM7Z0JBQ2hDLDZDQUE2QztnQkFDN0MsTUFBTSxhQUFhLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsTUFBTSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDM0QsR0FBRyxJQUFJLENBQUMsQ0FBQztnQkFFVCwrQ0FBK0M7Z0JBQy9DLE1BQU0sZUFBZSxHQUFHLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxHQUFHLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQzdELEdBQUcsSUFBSSxDQUFDLENBQUM7Z0JBRVQseUJBQXlCO2dCQUN6QixJQUFJLEdBQUcsR0FBRyxlQUFlLEdBQUcsYUFBYSxFQUFFLENBQUM7b0JBQzFDLE1BQU0sQ0FBQyxLQUFLLEdBQUcsYUFBYSxhQUFhLHNCQUFzQixDQUFDO29CQUNoRSxPQUFPLE1BQU0sQ0FBQztnQkFDaEIsQ0FBQztnQkFFRCxNQUFNLGFBQWEsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxHQUFHLEdBQUcsZUFBZSxDQUFDLENBQUM7Z0JBRS9ELHdCQUF3QjtnQkFDeEIsTUFBTSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUM7b0JBQ3JCLElBQUksRUFBRSxhQUFhO29CQUNuQixJQUFJLEVBQUUsYUFBYTtpQkFDcEIsQ0FBQyxDQUFDO2dCQUVILGlDQUFpQztnQkFDakMsSUFBSSxhQUFhLEtBQUssZ0JBQWdCLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQ25ELCtCQUErQjtvQkFDL0IsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLHdCQUF3QixDQUFDLGFBQWEsQ0FBQyxDQUFDO29CQUM5RCxXQUFXLENBQUMsSUFBSSxDQUFDLEdBQUcsUUFBUSxDQUFDLENBQUM7Z0JBQ2hDLENBQUM7cUJBQU0sSUFBSSxhQUFhLEtBQUssZ0JBQWdCLENBQUMsY0FBYyxFQUFFLENBQUM7b0JBQzdELGlCQUFpQjtvQkFDakIsTUFBTSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQztnQkFDakMsQ0FBQztxQkFBTSxJQUFJLGFBQWEsS0FBSyxnQkFBZ0IsQ0FBQyxjQUFjLEVBQUUsQ0FBQztvQkFDN0QsY0FBYztvQkFDZCxNQUFNLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQztnQkFDdkIsQ0FBQztxQkFBTSxJQUFJLGFBQWEsS0FBSyxnQkFBZ0IsQ0FBQyxVQUFVLEVBQUUsQ0FBQztvQkFDekQsNkJBQTZCO29CQUM3QixNQUFNLENBQUMsWUFBWSxHQUFHLElBQUksQ0FBQztnQkFDN0IsQ0FBQztnQkFFRCx5QkFBeUI7Z0JBQ3pCLEdBQUcsSUFBSSxlQUFlLENBQUM7WUFDekIsQ0FBQztZQUVELCtCQUErQjtZQUMvQixJQUFJLFdBQVcsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQzNCLE1BQU0sQ0FBQyxjQUFjLEdBQUcsV0FBVyxDQUFDO1lBQ3RDLENBQUM7WUFFRCwrQkFBK0I7WUFDL0IsTUFBTSxDQUFDLE9BQU8sR0FBRyxJQUFJLENBQUM7WUFDdEIsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLFlBQVksR0FBRyxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDNUUsTUFBTSxDQUFDLEtBQUssR0FBRyxZQUFZLENBQUM7WUFDNUIsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyx3QkFBd0IsQ0FBQyxJQUFZO1FBQzFDLE1BQU0sV0FBVyxHQUFhLEVBQUUsQ0FBQztRQUVqQyxJQUFJLENBQUM7WUFDSCxvREFBb0Q7WUFDcEQsSUFBSSxJQUFJLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUNwQixPQUFPLFdBQVcsQ0FBQztZQUNyQixDQUFDO1lBRUQsMENBQTBDO1lBQzFDLE1BQU0sVUFBVSxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUU1QywyQkFBMkI7WUFDM0IsSUFBSSxHQUFHLEdBQUcsQ0FBQyxDQUFDO1lBRVosY0FBYztZQUNkLE1BQU0sT0FBTyxHQUFHLEdBQUcsR0FBRyxVQUFVLENBQUM7WUFFakMsa0JBQWtCO1lBQ2xCLElBQUksT0FBTyxHQUFHLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDMUIsT0FBTyxXQUFXLENBQUM7WUFDckIsQ0FBQztZQUVELDJCQUEyQjtZQUMzQixPQUFPLEdBQUcsR0FBRyxDQUFDLElBQUksT0FBTyxFQUFFLENBQUM7Z0JBQzFCLHFCQUFxQjtnQkFDckIsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUMzQixHQUFHLElBQUksQ0FBQyxDQUFDO2dCQUVULCtCQUErQjtnQkFDL0IsSUFBSSxRQUFRLEtBQUssQ0FBQyxFQUFFLENBQUM7b0JBQ25CLGtCQUFrQjtvQkFDbEIsSUFBSSxHQUFHLEdBQUcsQ0FBQyxJQUFJLE9BQU8sRUFBRSxDQUFDO3dCQUN2QixNQUFNLFVBQVUsR0FBRyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxJQUFJLENBQUMsR0FBRyxHQUFHLENBQUMsQ0FBQyxDQUFDO3dCQUNwRCxHQUFHLElBQUksQ0FBQyxHQUFHLFVBQVUsQ0FBQzt3QkFDdEIsU0FBUztvQkFDWCxDQUFDO3lCQUFNLENBQUM7d0JBQ04sT0FBTyxXQUFXLENBQUM7b0JBQ3JCLENBQUM7Z0JBQ0gsQ0FBQztnQkFFRCxrQ0FBa0M7Z0JBQ2xDLElBQUksR0FBRyxHQUFHLENBQUMsR0FBRyxPQUFPLEVBQUUsQ0FBQztvQkFDdEIsT0FBTyxXQUFXLENBQUM7Z0JBQ3JCLENBQUM7Z0JBRUQsTUFBTSxVQUFVLEdBQUcsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDcEQsR0FBRyxJQUFJLENBQUMsQ0FBQztnQkFFVCxtQkFBbUI7Z0JBQ25CLElBQUksR0FBRyxHQUFHLFVBQVUsR0FBRyxPQUFPLEVBQUUsQ0FBQztvQkFDL0IsT0FBTyxXQUFXLENBQUM7Z0JBQ3JCLENBQUM7Z0JBRUQsZ0NBQWdDO2dCQUNoQyxJQUFJLENBQUM7b0JBQ0gsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsR0FBRyxHQUFHLFVBQVUsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDcEUsV0FBVyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztnQkFDN0IsQ0FBQztnQkFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO29CQUNiLDJCQUEyQjtnQkFDN0IsQ0FBQztnQkFFRCxxQkFBcUI7Z0JBQ3JCLEdBQUcsSUFBSSxVQUFVLENBQUM7WUFDcEIsQ0FBQztZQUVELE9BQU8sV0FBVyxDQUFDO1FBQ3JCLENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsT0FBTyxXQUFXLENBQUM7UUFDckIsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sQ0FBQyxVQUFVLENBQUMsTUFBYztRQUM5QixNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFbEQsSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsY0FBYyxJQUFJLFdBQVcsQ0FBQyxjQUFjLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ25HLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELE9BQU8sV0FBVyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUN2QyxDQUFDO0NBQ0YifQ==

package/dist_ts/protocols/tls/types.d.ts

@@ -1,65 +0,0 @@
-/**
- * TLS Protocol Type Definitions
- */
-import type { TTlsVersionString } from './constants.js';
-/**
- * TLS record header structure
- */
-export interface ITlsRecordHeader {
-    type: number;
-    version: {
-        major: number;
-        minor: number;
-    };
-    length: number;
-}
-/**
- * TLS handshake header structure
- */
-export interface ITlsHandshakeHeader {
-    type: number;
-    length: number;
-}
-/**
- * TLS extension structure
- */
-export interface ITlsExtension {
-    type: number;
-    data: Buffer;
-}
-/**
- * Server Name Indication (SNI) hostname
- */
-export interface ISniHostname {
-    type: number;
-    hostname: string;
-}
-/**
- * Parsed ClientHello information
- */
-export interface IClientHelloInfo {
-    version: TTlsVersionString | null;
-    sessionId: Buffer | null;
-    cipherSuites: number[];
-    compressionMethods: number[];
-    extensions: ITlsExtension[];
-    sni?: string;
-    alpn?: string[];
-    supportedVersions?: TTlsVersionString[];
-}
-/**
- * TLS alert structure
- */
-export interface ITlsAlert {
-    level: number;
-    description: number;
-}
-/**
- * Connection information for TLS tracking
- */
-export interface ITlsConnectionInfo {
-    sourceIp?: string;
-    sourcePort?: number;
-    destIp?: string;
-    destPort?: number;
-}

package/dist_ts/protocols/tls/types.js

@@ -1,5 +0,0 @@
-/**
- * TLS Protocol Type Definitions
- */
-export {};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9wcm90b2NvbHMvdGxzL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHIn0=

package/dist_ts/proxies/http-proxy/certificate-manager.d.ts

@@ -1,95 +0,0 @@
-import * as plugins from '../../plugins.js';
-import { type IHttpProxyOptions } from './models/types.js';
-import type { IRouteConfig } from '../smart-proxy/models/route-types.js';
-/**
- * @deprecated This class is deprecated. Use SmartCertManager instead.
- *
- * This is a stub implementation that maintains backward compatibility
- * while the functionality has been moved to SmartCertManager.
- */
-export declare class CertificateManager {
-    private options;
-    private defaultCertificates;
-    private certificateCache;
-    private certificateStoreDir;
-    private logger;
-    private httpsServer;
-    private initialized;
-    constructor(options: IHttpProxyOptions);
-    /**
-     * Synchronous initialization for backward compatibility
-     * @deprecated This uses sync filesystem operations which block the event loop
-     */
-    private initializeSync;
-    /**
-     * Async initialization - preferred method
-     */
-    initialize(): Promise<void>;
-    /**
-     * Loads default certificates from the filesystem
-     * @deprecated This uses sync filesystem operations which block the event loop
-     */
-    loadDefaultCertificates(): void;
-    /**
-     * Loads default certificates from the filesystem asynchronously
-     */
-    loadDefaultCertificatesAsync(): Promise<void>;
-    /**
-     * Generates self-signed certificates as fallback
-     */
-    private generateSelfSignedCertificate;
-    /**
-     * Gets the default certificates
-     */
-    getDefaultCertificates(): {
-        key: string;
-        cert: string;
-    };
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    setExternalPort80Handler(handler: any): void;
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    updateRoutes(routes: IRouteConfig[]): Promise<void>;
-    /**
-     * Handles SNI callback to provide appropriate certificate
-     */
-    handleSNI(domain: string, cb: (err: Error | null, ctx: plugins.tls.SecureContext) => void): void;
-    /**
-     * Updates a certificate in the cache
-     */
-    updateCertificate(domain: string, cert: string, key: string): void;
-    /**
-     * Gets a cached certificate
-     */
-    private getCachedCertificate;
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    initializePort80Handler(): Promise<any>;
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    stopPort80Handler(): Promise<void>;
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    registerDomainsWithPort80Handler(domains: string[]): void;
-    /**
-     * @deprecated Use SmartCertManager instead
-     */
-    registerRoutesWithPort80Handler(routes: IRouteConfig[]): void;
-    /**
-     * Sets the HTTPS server for certificate updates
-     */
-    setHttpsServer(server: plugins.https.Server): void;
-    /**
-     * Gets statistics for metrics
-     */
-    getStats(): {
-        cachedCertificates: number;
-        defaultCertEnabled: boolean;
-    };
-}