@push.rocks/smartproxy 23.0.0 → 23.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/changelog.md +17 -0
- package/dist_rust/{rustproxy → rustproxy_linux_amd64} +0 -0
- package/dist_rust/rustproxy_linux_arm64 +0 -0
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/plugins.d.ts +2 -1
- package/dist_ts/plugins.js +3 -2
- package/dist_ts/proxies/smart-proxy/rust-proxy-bridge.d.ts +9 -21
- package/dist_ts/proxies/smart-proxy/rust-proxy-bridge.js +84 -212
- package/dist_ts/proxies/smart-proxy/smart-proxy.js +2 -3
- package/npmextra.json +3 -0
- package/package.json +13 -11
- package/readme.md +41 -11
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/plugins.ts +2 -0
- package/ts/proxies/smart-proxy/rust-proxy-bridge.ts +103 -233
- package/ts/proxies/smart-proxy/smart-proxy.ts +1 -2
- package/dist_ts/common/eventUtils.d.ts +0 -14
- package/dist_ts/common/eventUtils.js +0 -20
- package/dist_ts/common/types.d.ts +0 -82
- package/dist_ts/common/types.js +0 -15
- package/dist_ts/core/utils/event-system.d.ts +0 -200
- package/dist_ts/core/utils/event-system.js +0 -224
- package/dist_ts/core/utils/event-utils.d.ts +0 -15
- package/dist_ts/core/utils/event-utils.js +0 -11
- package/dist_ts/core/utils/route-manager.d.ts +0 -88
- package/dist_ts/core/utils/route-manager.js +0 -342
- package/dist_ts/core/utils/route-utils.d.ts +0 -28
- package/dist_ts/core/utils/route-utils.js +0 -67
- package/dist_ts/detection/detectors/http-detector-v2.d.ts +0 -33
- package/dist_ts/detection/detectors/http-detector-v2.js +0 -87
- package/dist_ts/detection/detectors/tls-detector-v2.d.ts +0 -33
- package/dist_ts/detection/detectors/tls-detector-v2.js +0 -80
- package/dist_ts/detection/protocol-detector-v2.d.ts +0 -46
- package/dist_ts/detection/protocol-detector-v2.js +0 -116
- package/dist_ts/forwarding/config/forwarding-types.d.ts +0 -42
- package/dist_ts/forwarding/config/forwarding-types.js +0 -18
- package/dist_ts/forwarding/config/index.d.ts +0 -9
- package/dist_ts/forwarding/config/index.js +0 -10
- package/dist_ts/forwarding/factory/forwarding-factory.d.ts +0 -25
- package/dist_ts/forwarding/factory/forwarding-factory.js +0 -172
- package/dist_ts/forwarding/factory/index.d.ts +0 -4
- package/dist_ts/forwarding/factory/index.js +0 -5
- package/dist_ts/forwarding/handlers/base-handler.d.ts +0 -62
- package/dist_ts/forwarding/handlers/base-handler.js +0 -121
- package/dist_ts/forwarding/handlers/http-handler.d.ts +0 -30
- package/dist_ts/forwarding/handlers/http-handler.js +0 -143
- package/dist_ts/forwarding/handlers/https-passthrough-handler.d.ts +0 -29
- package/dist_ts/forwarding/handlers/https-passthrough-handler.js +0 -156
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.d.ts +0 -36
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.js +0 -276
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.d.ts +0 -35
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.js +0 -261
- package/dist_ts/forwarding/handlers/index.d.ts +0 -8
- package/dist_ts/forwarding/handlers/index.js +0 -9
- package/dist_ts/forwarding/index.d.ts +0 -13
- package/dist_ts/forwarding/index.js +0 -16
- package/dist_ts/http/index.d.ts +0 -5
- package/dist_ts/http/index.js +0 -8
- package/dist_ts/http/models/http-types.d.ts +0 -6
- package/dist_ts/http/models/http-types.js +0 -7
- package/dist_ts/http/router/index.d.ts +0 -8
- package/dist_ts/http/router/index.js +0 -7
- package/dist_ts/http/router/proxy-router.d.ts +0 -115
- package/dist_ts/http/router/proxy-router.js +0 -325
- package/dist_ts/http/router/route-router.d.ts +0 -108
- package/dist_ts/http/router/route-router.js +0 -393
- package/dist_ts/protocols/tls/constants.d.ts +0 -122
- package/dist_ts/protocols/tls/constants.js +0 -135
- package/dist_ts/protocols/tls/parser.d.ts +0 -53
- package/dist_ts/protocols/tls/parser.js +0 -294
- package/dist_ts/protocols/tls/types.d.ts +0 -65
- package/dist_ts/protocols/tls/types.js +0 -5
- package/dist_ts/proxies/http-proxy/certificate-manager.d.ts +0 -95
- package/dist_ts/proxies/http-proxy/certificate-manager.js +0 -214
- package/dist_ts/proxies/http-proxy/connection-pool.d.ts +0 -47
- package/dist_ts/proxies/http-proxy/connection-pool.js +0 -195
- package/dist_ts/proxies/http-proxy/context-creator.d.ts +0 -34
- package/dist_ts/proxies/http-proxy/context-creator.js +0 -108
- package/dist_ts/proxies/http-proxy/default-certificates.d.ts +0 -54
- package/dist_ts/proxies/http-proxy/default-certificates.js +0 -127
- package/dist_ts/proxies/http-proxy/function-cache.d.ts +0 -95
- package/dist_ts/proxies/http-proxy/function-cache.js +0 -215
- package/dist_ts/proxies/http-proxy/handlers/index.d.ts +0 -4
- package/dist_ts/proxies/http-proxy/handlers/index.js +0 -6
- package/dist_ts/proxies/http-proxy/handlers/redirect-handler.d.ts +0 -18
- package/dist_ts/proxies/http-proxy/handlers/redirect-handler.js +0 -78
- package/dist_ts/proxies/http-proxy/handlers/static-handler.d.ts +0 -19
- package/dist_ts/proxies/http-proxy/handlers/static-handler.js +0 -211
- package/dist_ts/proxies/http-proxy/http-proxy.d.ts +0 -117
- package/dist_ts/proxies/http-proxy/http-proxy.js +0 -521
- package/dist_ts/proxies/http-proxy/http-request-handler.d.ts +0 -40
- package/dist_ts/proxies/http-proxy/http-request-handler.js +0 -257
- package/dist_ts/proxies/http-proxy/http2-request-handler.d.ts +0 -24
- package/dist_ts/proxies/http-proxy/http2-request-handler.js +0 -201
- package/dist_ts/proxies/http-proxy/index.d.ts +0 -14
- package/dist_ts/proxies/http-proxy/index.js +0 -16
- package/dist_ts/proxies/http-proxy/models/http-types.d.ts +0 -117
- package/dist_ts/proxies/http-proxy/models/http-types.js +0 -92
- package/dist_ts/proxies/http-proxy/models/index.d.ts +0 -5
- package/dist_ts/proxies/http-proxy/models/index.js +0 -6
- package/dist_ts/proxies/http-proxy/models/types.d.ts +0 -75
- package/dist_ts/proxies/http-proxy/models/types.js +0 -35
- package/dist_ts/proxies/http-proxy/request-handler.d.ts +0 -97
- package/dist_ts/proxies/http-proxy/request-handler.js +0 -737
- package/dist_ts/proxies/http-proxy/security-manager.d.ts +0 -98
- package/dist_ts/proxies/http-proxy/security-manager.js +0 -341
- package/dist_ts/proxies/http-proxy/websocket-handler.d.ts +0 -50
- package/dist_ts/proxies/http-proxy/websocket-handler.js +0 -505
- package/dist_ts/proxies/smart-proxy/acme-state-manager.d.ts +0 -42
- package/dist_ts/proxies/smart-proxy/acme-state-manager.js +0 -101
- package/dist_ts/proxies/smart-proxy/cert-store.d.ts +0 -10
- package/dist_ts/proxies/smart-proxy/cert-store.js +0 -72
- package/dist_ts/proxies/smart-proxy/certificate-manager.d.ts +0 -164
- package/dist_ts/proxies/smart-proxy/certificate-manager.js +0 -745
- package/dist_ts/proxies/smart-proxy/connection-manager.d.ts +0 -128
- package/dist_ts/proxies/smart-proxy/connection-manager.js +0 -689
- package/dist_ts/proxies/smart-proxy/http-proxy-bridge.d.ts +0 -43
- package/dist_ts/proxies/smart-proxy/http-proxy-bridge.js +0 -180
- package/dist_ts/proxies/smart-proxy/metrics-collector.d.ts +0 -98
- package/dist_ts/proxies/smart-proxy/metrics-collector.js +0 -355
- package/dist_ts/proxies/smart-proxy/nftables-manager.d.ts +0 -82
- package/dist_ts/proxies/smart-proxy/nftables-manager.js +0 -237
- package/dist_ts/proxies/smart-proxy/port-manager.d.ts +0 -117
- package/dist_ts/proxies/smart-proxy/port-manager.js +0 -318
- package/dist_ts/proxies/smart-proxy/route-connection-handler.d.ts +0 -60
- package/dist_ts/proxies/smart-proxy/route-connection-handler.js +0 -1407
- package/dist_ts/proxies/smart-proxy/route-manager.d.ts +0 -112
- package/dist_ts/proxies/smart-proxy/route-manager.js +0 -453
- package/dist_ts/proxies/smart-proxy/route-orchestrator.d.ts +0 -56
- package/dist_ts/proxies/smart-proxy/route-orchestrator.js +0 -204
- package/dist_ts/proxies/smart-proxy/rust-binary-locator.d.ts +0 -23
- package/dist_ts/proxies/smart-proxy/rust-binary-locator.js +0 -104
- package/dist_ts/proxies/smart-proxy/security-manager.d.ts +0 -74
- package/dist_ts/proxies/smart-proxy/security-manager.js +0 -227
- package/dist_ts/proxies/smart-proxy/throughput-tracker.d.ts +0 -36
- package/dist_ts/proxies/smart-proxy/throughput-tracker.js +0 -115
- package/dist_ts/proxies/smart-proxy/timeout-manager.d.ts +0 -48
- package/dist_ts/proxies/smart-proxy/timeout-manager.js +0 -158
- package/dist_ts/proxies/smart-proxy/tls-manager.d.ts +0 -50
- package/dist_ts/proxies/smart-proxy/tls-manager.js +0 -110
- package/dist_ts/proxies/smart-proxy/utils/route-patterns.d.ts +0 -161
- package/dist_ts/proxies/smart-proxy/utils/route-patterns.js +0 -282
- package/dist_ts/proxies/smart-proxy/utils/route-validators.d.ts +0 -73
- package/dist_ts/proxies/smart-proxy/utils/route-validators.js +0 -259
- package/dist_ts/routing/router/proxy-router.d.ts +0 -115
- package/dist_ts/routing/router/proxy-router.js +0 -325
- package/dist_ts/routing/router/route-router.d.ts +0 -108
- package/dist_ts/routing/router/route-router.js +0 -393
- package/dist_ts/tls/alerts/index.d.ts +0 -4
- package/dist_ts/tls/alerts/index.js +0 -5
- package/dist_ts/tls/alerts/tls-alert.d.ts +0 -150
- package/dist_ts/tls/alerts/tls-alert.js +0 -226
- package/dist_ts/tls/sni/client-hello-parser.d.ts +0 -100
- package/dist_ts/tls/sni/client-hello-parser.js +0 -464
- package/dist_ts/tls/sni/sni-extraction.d.ts +0 -58
- package/dist_ts/tls/sni/sni-extraction.js +0 -275
- package/dist_ts/tls/utils/index.d.ts +0 -4
- package/dist_ts/tls/utils/index.js +0 -5
- package/dist_ts/tls/utils/tls-utils.d.ts +0 -49
- package/dist_ts/tls/utils/tls-utils.js +0 -75
- package/ts/proxies/smart-proxy/rust-binary-locator.ts +0 -112
|
@@ -1,226 +0,0 @@
|
|
|
1
|
-
import * as plugins from '../../plugins.js';
|
|
2
|
-
import { TlsAlertLevel, TlsAlertDescription, TlsVersion } from '../utils/tls-utils.js';
|
|
3
|
-
/**
|
|
4
|
-
* TlsAlert class for creating and sending TLS alert messages
|
|
5
|
-
*/
|
|
6
|
-
export class TlsAlert {
|
|
7
|
-
// Use enum values from TlsAlertLevel
|
|
8
|
-
static { this.LEVEL_WARNING = TlsAlertLevel.WARNING; }
|
|
9
|
-
static { this.LEVEL_FATAL = TlsAlertLevel.FATAL; }
|
|
10
|
-
// Use enum values from TlsAlertDescription
|
|
11
|
-
static { this.CLOSE_NOTIFY = TlsAlertDescription.CLOSE_NOTIFY; }
|
|
12
|
-
static { this.UNEXPECTED_MESSAGE = TlsAlertDescription.UNEXPECTED_MESSAGE; }
|
|
13
|
-
static { this.BAD_RECORD_MAC = TlsAlertDescription.BAD_RECORD_MAC; }
|
|
14
|
-
static { this.DECRYPTION_FAILED = TlsAlertDescription.DECRYPTION_FAILED; }
|
|
15
|
-
static { this.RECORD_OVERFLOW = TlsAlertDescription.RECORD_OVERFLOW; }
|
|
16
|
-
static { this.DECOMPRESSION_FAILURE = TlsAlertDescription.DECOMPRESSION_FAILURE; }
|
|
17
|
-
static { this.HANDSHAKE_FAILURE = TlsAlertDescription.HANDSHAKE_FAILURE; }
|
|
18
|
-
static { this.NO_CERTIFICATE = TlsAlertDescription.NO_CERTIFICATE; }
|
|
19
|
-
static { this.BAD_CERTIFICATE = TlsAlertDescription.BAD_CERTIFICATE; }
|
|
20
|
-
static { this.UNSUPPORTED_CERTIFICATE = TlsAlertDescription.UNSUPPORTED_CERTIFICATE; }
|
|
21
|
-
static { this.CERTIFICATE_REVOKED = TlsAlertDescription.CERTIFICATE_REVOKED; }
|
|
22
|
-
static { this.CERTIFICATE_EXPIRED = TlsAlertDescription.CERTIFICATE_EXPIRED; }
|
|
23
|
-
static { this.CERTIFICATE_UNKNOWN = TlsAlertDescription.CERTIFICATE_UNKNOWN; }
|
|
24
|
-
static { this.ILLEGAL_PARAMETER = TlsAlertDescription.ILLEGAL_PARAMETER; }
|
|
25
|
-
static { this.UNKNOWN_CA = TlsAlertDescription.UNKNOWN_CA; }
|
|
26
|
-
static { this.ACCESS_DENIED = TlsAlertDescription.ACCESS_DENIED; }
|
|
27
|
-
static { this.DECODE_ERROR = TlsAlertDescription.DECODE_ERROR; }
|
|
28
|
-
static { this.DECRYPT_ERROR = TlsAlertDescription.DECRYPT_ERROR; }
|
|
29
|
-
static { this.EXPORT_RESTRICTION = TlsAlertDescription.EXPORT_RESTRICTION; }
|
|
30
|
-
static { this.PROTOCOL_VERSION = TlsAlertDescription.PROTOCOL_VERSION; }
|
|
31
|
-
static { this.INSUFFICIENT_SECURITY = TlsAlertDescription.INSUFFICIENT_SECURITY; }
|
|
32
|
-
static { this.INTERNAL_ERROR = TlsAlertDescription.INTERNAL_ERROR; }
|
|
33
|
-
static { this.INAPPROPRIATE_FALLBACK = TlsAlertDescription.INAPPROPRIATE_FALLBACK; }
|
|
34
|
-
static { this.USER_CANCELED = TlsAlertDescription.USER_CANCELED; }
|
|
35
|
-
static { this.NO_RENEGOTIATION = TlsAlertDescription.NO_RENEGOTIATION; }
|
|
36
|
-
static { this.MISSING_EXTENSION = TlsAlertDescription.MISSING_EXTENSION; }
|
|
37
|
-
static { this.UNSUPPORTED_EXTENSION = TlsAlertDescription.UNSUPPORTED_EXTENSION; }
|
|
38
|
-
static { this.CERTIFICATE_REQUIRED = TlsAlertDescription.CERTIFICATE_REQUIRED; }
|
|
39
|
-
static { this.UNRECOGNIZED_NAME = TlsAlertDescription.UNRECOGNIZED_NAME; }
|
|
40
|
-
static { this.BAD_CERTIFICATE_STATUS_RESPONSE = TlsAlertDescription.BAD_CERTIFICATE_STATUS_RESPONSE; }
|
|
41
|
-
static { this.BAD_CERTIFICATE_HASH_VALUE = TlsAlertDescription.BAD_CERTIFICATE_HASH_VALUE; }
|
|
42
|
-
static { this.UNKNOWN_PSK_IDENTITY = TlsAlertDescription.UNKNOWN_PSK_IDENTITY; }
|
|
43
|
-
static { this.CERTIFICATE_REQUIRED_1_3 = TlsAlertDescription.CERTIFICATE_REQUIRED_1_3; }
|
|
44
|
-
static { this.NO_APPLICATION_PROTOCOL = TlsAlertDescription.NO_APPLICATION_PROTOCOL; }
|
|
45
|
-
/**
|
|
46
|
-
* Create a TLS alert buffer with the specified level and description code
|
|
47
|
-
*
|
|
48
|
-
* @param level Alert level (warning or fatal)
|
|
49
|
-
* @param description Alert description code
|
|
50
|
-
* @param tlsVersion TLS version bytes (default is TLS 1.2: 0x0303)
|
|
51
|
-
* @returns Buffer containing the TLS alert message
|
|
52
|
-
*/
|
|
53
|
-
static create(level, description, tlsVersion = [TlsVersion.TLS1_2[0], TlsVersion.TLS1_2[1]]) {
|
|
54
|
-
return Buffer.from([
|
|
55
|
-
0x15, // Alert record type
|
|
56
|
-
tlsVersion[0],
|
|
57
|
-
tlsVersion[1], // TLS version (default to TLS 1.2: 0x0303)
|
|
58
|
-
0x00,
|
|
59
|
-
0x02, // Length
|
|
60
|
-
level, // Alert level
|
|
61
|
-
description, // Alert description
|
|
62
|
-
]);
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* Create a warning-level TLS alert
|
|
66
|
-
*
|
|
67
|
-
* @param description Alert description code
|
|
68
|
-
* @returns Buffer containing the warning-level TLS alert message
|
|
69
|
-
*/
|
|
70
|
-
static createWarning(description) {
|
|
71
|
-
return this.create(this.LEVEL_WARNING, description);
|
|
72
|
-
}
|
|
73
|
-
/**
|
|
74
|
-
* Create a fatal-level TLS alert
|
|
75
|
-
*
|
|
76
|
-
* @param description Alert description code
|
|
77
|
-
* @returns Buffer containing the fatal-level TLS alert message
|
|
78
|
-
*/
|
|
79
|
-
static createFatal(description) {
|
|
80
|
-
return this.create(this.LEVEL_FATAL, description);
|
|
81
|
-
}
|
|
82
|
-
/**
|
|
83
|
-
* Send a TLS alert to a socket and optionally close the connection
|
|
84
|
-
*
|
|
85
|
-
* @param socket The socket to send the alert to
|
|
86
|
-
* @param level Alert level (warning or fatal)
|
|
87
|
-
* @param description Alert description code
|
|
88
|
-
* @param closeAfterSend Whether to close the connection after sending the alert
|
|
89
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
90
|
-
* @returns Promise that resolves when the alert has been sent
|
|
91
|
-
*/
|
|
92
|
-
static async send(socket, level, description, closeAfterSend = false, closeDelay = 200) {
|
|
93
|
-
const alert = this.create(level, description);
|
|
94
|
-
return new Promise((resolve, reject) => {
|
|
95
|
-
try {
|
|
96
|
-
// Ensure the alert is written as a single packet
|
|
97
|
-
socket.cork();
|
|
98
|
-
const writeSuccessful = socket.write(alert, (err) => {
|
|
99
|
-
if (err) {
|
|
100
|
-
reject(err);
|
|
101
|
-
return;
|
|
102
|
-
}
|
|
103
|
-
if (closeAfterSend) {
|
|
104
|
-
setTimeout(() => {
|
|
105
|
-
socket.end();
|
|
106
|
-
resolve();
|
|
107
|
-
}, closeDelay);
|
|
108
|
-
}
|
|
109
|
-
else {
|
|
110
|
-
resolve();
|
|
111
|
-
}
|
|
112
|
-
});
|
|
113
|
-
socket.uncork();
|
|
114
|
-
// If write wasn't successful immediately, wait for drain
|
|
115
|
-
if (!writeSuccessful && !closeAfterSend) {
|
|
116
|
-
socket.once('drain', () => {
|
|
117
|
-
resolve();
|
|
118
|
-
});
|
|
119
|
-
}
|
|
120
|
-
}
|
|
121
|
-
catch (err) {
|
|
122
|
-
reject(err);
|
|
123
|
-
}
|
|
124
|
-
});
|
|
125
|
-
}
|
|
126
|
-
/**
|
|
127
|
-
* Pre-defined TLS alert messages
|
|
128
|
-
*/
|
|
129
|
-
static { this.alerts = {
|
|
130
|
-
// Warning level alerts
|
|
131
|
-
closeNotify: TlsAlert.createWarning(TlsAlert.CLOSE_NOTIFY),
|
|
132
|
-
unsupportedExtension: TlsAlert.createWarning(TlsAlert.UNSUPPORTED_EXTENSION),
|
|
133
|
-
certificateRequired: TlsAlert.createWarning(TlsAlert.CERTIFICATE_REQUIRED),
|
|
134
|
-
unrecognizedName: TlsAlert.createWarning(TlsAlert.UNRECOGNIZED_NAME),
|
|
135
|
-
noRenegotiation: TlsAlert.createWarning(TlsAlert.NO_RENEGOTIATION),
|
|
136
|
-
userCanceled: TlsAlert.createWarning(TlsAlert.USER_CANCELED),
|
|
137
|
-
// Warning level alerts for session resumption
|
|
138
|
-
certificateExpiredWarning: TlsAlert.createWarning(TlsAlert.CERTIFICATE_EXPIRED),
|
|
139
|
-
handshakeFailureWarning: TlsAlert.createWarning(TlsAlert.HANDSHAKE_FAILURE),
|
|
140
|
-
insufficientSecurityWarning: TlsAlert.createWarning(TlsAlert.INSUFFICIENT_SECURITY),
|
|
141
|
-
// Fatal level alerts
|
|
142
|
-
unexpectedMessage: TlsAlert.createFatal(TlsAlert.UNEXPECTED_MESSAGE),
|
|
143
|
-
badRecordMac: TlsAlert.createFatal(TlsAlert.BAD_RECORD_MAC),
|
|
144
|
-
recordOverflow: TlsAlert.createFatal(TlsAlert.RECORD_OVERFLOW),
|
|
145
|
-
handshakeFailure: TlsAlert.createFatal(TlsAlert.HANDSHAKE_FAILURE),
|
|
146
|
-
badCertificate: TlsAlert.createFatal(TlsAlert.BAD_CERTIFICATE),
|
|
147
|
-
certificateExpired: TlsAlert.createFatal(TlsAlert.CERTIFICATE_EXPIRED),
|
|
148
|
-
certificateUnknown: TlsAlert.createFatal(TlsAlert.CERTIFICATE_UNKNOWN),
|
|
149
|
-
illegalParameter: TlsAlert.createFatal(TlsAlert.ILLEGAL_PARAMETER),
|
|
150
|
-
unknownCA: TlsAlert.createFatal(TlsAlert.UNKNOWN_CA),
|
|
151
|
-
accessDenied: TlsAlert.createFatal(TlsAlert.ACCESS_DENIED),
|
|
152
|
-
decodeError: TlsAlert.createFatal(TlsAlert.DECODE_ERROR),
|
|
153
|
-
decryptError: TlsAlert.createFatal(TlsAlert.DECRYPT_ERROR),
|
|
154
|
-
protocolVersion: TlsAlert.createFatal(TlsAlert.PROTOCOL_VERSION),
|
|
155
|
-
insufficientSecurity: TlsAlert.createFatal(TlsAlert.INSUFFICIENT_SECURITY),
|
|
156
|
-
internalError: TlsAlert.createFatal(TlsAlert.INTERNAL_ERROR),
|
|
157
|
-
unrecognizedNameFatal: TlsAlert.createFatal(TlsAlert.UNRECOGNIZED_NAME),
|
|
158
|
-
}; }
|
|
159
|
-
/**
|
|
160
|
-
* Utility method to send a warning-level unrecognized_name alert
|
|
161
|
-
* Specifically designed for SNI issues to encourage the client to retry with SNI
|
|
162
|
-
*
|
|
163
|
-
* @param socket The socket to send the alert to
|
|
164
|
-
* @returns Promise that resolves when the alert has been sent
|
|
165
|
-
*/
|
|
166
|
-
static async sendSniRequired(socket) {
|
|
167
|
-
return this.send(socket, this.LEVEL_WARNING, this.UNRECOGNIZED_NAME);
|
|
168
|
-
}
|
|
169
|
-
/**
|
|
170
|
-
* Utility method to send a close_notify alert and close the connection
|
|
171
|
-
*
|
|
172
|
-
* @param socket The socket to send the alert to
|
|
173
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
174
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
175
|
-
*/
|
|
176
|
-
static async sendCloseNotify(socket, closeDelay = 200) {
|
|
177
|
-
return this.send(socket, this.LEVEL_WARNING, this.CLOSE_NOTIFY, true, closeDelay);
|
|
178
|
-
}
|
|
179
|
-
/**
|
|
180
|
-
* Utility method to send a certificate_expired alert to force new TLS session
|
|
181
|
-
*
|
|
182
|
-
* @param socket The socket to send the alert to
|
|
183
|
-
* @param fatal Whether to send as a fatal alert (default: false)
|
|
184
|
-
* @param closeAfterSend Whether to close the connection after sending the alert (default: true)
|
|
185
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 200ms)
|
|
186
|
-
* @returns Promise that resolves when the alert has been sent
|
|
187
|
-
*/
|
|
188
|
-
static async sendCertificateExpired(socket, fatal = false, closeAfterSend = true, closeDelay = 200) {
|
|
189
|
-
const level = fatal ? this.LEVEL_FATAL : this.LEVEL_WARNING;
|
|
190
|
-
return this.send(socket, level, this.CERTIFICATE_EXPIRED, closeAfterSend, closeDelay);
|
|
191
|
-
}
|
|
192
|
-
/**
|
|
193
|
-
* Send a sequence of alerts to force SNI from clients
|
|
194
|
-
* This combines multiple alerts to ensure maximum browser compatibility
|
|
195
|
-
*
|
|
196
|
-
* @param socket The socket to send the alerts to
|
|
197
|
-
* @returns Promise that resolves when all alerts have been sent
|
|
198
|
-
*/
|
|
199
|
-
static async sendForceSniSequence(socket) {
|
|
200
|
-
try {
|
|
201
|
-
// Send unrecognized_name (warning)
|
|
202
|
-
socket.cork();
|
|
203
|
-
socket.write(this.alerts.unrecognizedName);
|
|
204
|
-
socket.uncork();
|
|
205
|
-
// Give the socket time to send the alert
|
|
206
|
-
return new Promise((resolve) => {
|
|
207
|
-
setTimeout(resolve, 50);
|
|
208
|
-
});
|
|
209
|
-
}
|
|
210
|
-
catch (err) {
|
|
211
|
-
return Promise.reject(err);
|
|
212
|
-
}
|
|
213
|
-
}
|
|
214
|
-
/**
|
|
215
|
-
* Send a fatal level alert that immediately terminates the connection
|
|
216
|
-
*
|
|
217
|
-
* @param socket The socket to send the alert to
|
|
218
|
-
* @param description Alert description code
|
|
219
|
-
* @param closeDelay Milliseconds to wait before closing the connection (default: 100ms)
|
|
220
|
-
* @returns Promise that resolves when the alert has been sent and the connection closed
|
|
221
|
-
*/
|
|
222
|
-
static async sendFatalAndClose(socket, description, closeDelay = 100) {
|
|
223
|
-
return this.send(socket, this.LEVEL_FATAL, description, true, closeDelay);
|
|
224
|
-
}
|
|
225
|
-
}
|
|
226
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGxzLWFsZXJ0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvdGxzL2FsZXJ0cy90bHMtYWxlcnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxrQkFBa0IsQ0FBQztBQUM1QyxPQUFPLEVBQUUsYUFBYSxFQUFFLG1CQUFtQixFQUFFLFVBQVUsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBRXZGOztHQUVHO0FBQ0gsTUFBTSxPQUFPLFFBQVE7SUFDbkIscUNBQXFDO2FBQ3JCLGtCQUFhLEdBQUcsYUFBYSxDQUFDLE9BQU8sQ0FBQzthQUN0QyxnQkFBVyxHQUFHLGFBQWEsQ0FBQyxLQUFLLENBQUM7SUFFbEQsMkNBQTJDO2FBQzNCLGlCQUFZLEdBQUcsbUJBQW1CLENBQUMsWUFBWSxDQUFDO2FBQ2hELHVCQUFrQixHQUFHLG1CQUFtQixDQUFDLGtCQUFrQixDQUFDO2FBQzVELG1CQUFjLEdBQUcsbUJBQW1CLENBQUMsY0FBYyxDQUFDO2FBQ3BELHNCQUFpQixHQUFHLG1CQUFtQixDQUFDLGlCQUFpQixDQUFDO2FBQzFELG9CQUFlLEdBQUcsbUJBQW1CLENBQUMsZUFBZSxDQUFDO2FBQ3RELDBCQUFxQixHQUFHLG1CQUFtQixDQUFDLHFCQUFxQixDQUFDO2FBQ2xFLHNCQUFpQixHQUFHLG1CQUFtQixDQUFDLGlCQUFpQixDQUFDO2FBQzFELG1CQUFjLEdBQUcsbUJBQW1CLENBQUMsY0FBYyxDQUFDO2FBQ3BELG9CQUFlLEdBQUcsbUJBQW1CLENBQUMsZUFBZSxDQUFDO2FBQ3RELDRCQUF1QixHQUFHLG1CQUFtQixDQUFDLHVCQUF1QixDQUFDO2FBQ3RFLHdCQUFtQixHQUFHLG1CQUFtQixDQUFDLG1CQUFtQixDQUFDO2FBQzlELHdCQUFtQixHQUFHLG1CQUFtQixDQUFDLG1CQUFtQixDQUFDO2FBQzlELHdCQUFtQixHQUFHLG1CQUFtQixDQUFDLG1CQUFtQixDQUFDO2FBQzlELHNCQUFpQixHQUFHLG1CQUFtQixDQUFDLGlCQUFpQixDQUFDO2FBQzFELGVBQVUsR0FBRyxtQkFBbUIsQ0FBQyxVQUFVLENBQUM7YUFDNUMsa0JBQWEsR0FBRyxtQkFBbUIsQ0FBQyxhQUFhLENBQUM7YUFDbEQsaUJBQVksR0FBRyxtQkFBbUIsQ0FBQyxZQUFZLENBQUM7YUFDaEQsa0JBQWEsR0FBRyxtQkFBbUIsQ0FBQyxhQUFhLENBQUM7YUFDbEQsdUJBQWtCLEdBQUcsbUJBQW1CLENBQUMsa0JBQWtCLENBQUM7YUFDNUQscUJBQWdCLEdBQUcsbUJBQW1CLENBQUMsZ0JBQWdCLENBQUM7YUFDeEQsMEJBQXFCLEdBQUcsbUJBQW1CLENBQUMscUJBQXFCLENBQUM7YUFDbEUsbUJBQWMsR0FBRyxtQkFBbUIsQ0FBQyxjQUFjLENBQUM7YUFDcEQsMkJBQXNCLEdBQUcsbUJBQW1CLENBQUMsc0JBQXNCLENBQUM7YUFDcEUsa0JBQWEsR0FBRyxtQkFBbUIsQ0FBQyxhQUFhLENBQUM7YUFDbEQscUJBQWdCLEdBQUcsbUJBQW1CLENBQUMsZ0JBQWdCLENBQUM7YUFDeEQsc0JBQWlCLEdBQUcsbUJBQW1CLENBQUMsaUJBQWlCLENBQUM7YUFDMUQsMEJBQXFCLEdBQUcsbUJBQW1CLENBQUMscUJBQXFCLENBQUM7YUFDbEUseUJBQW9CLEdBQUcsbUJBQW1CLENBQUMsb0JBQW9CLENBQUM7YUFDaEUsc0JBQWlCLEdBQUcsbUJBQW1CLENBQUMsaUJBQWlCLENBQUM7YUFDMUQsb0NBQStCLEdBQUcsbUJBQW1CLENBQUMsK0JBQStCLENBQUM7YUFDdEYsK0JBQTBCLEdBQUcsbUJBQW1CLENBQUMsMEJBQTBCLENBQUM7YUFDNUUseUJBQW9CLEdBQUcsbUJBQW1CLENBQUMsb0JBQW9CLENBQUM7YUFDaEUsNkJBQXdCLEdBQUcsbUJBQW1CLENBQUMsd0JBQXdCLENBQUM7YUFDeEUsNEJBQXVCLEdBQUcsbUJBQW1CLENBQUMsdUJBQXVCLENBQUM7SUFFdEY7Ozs7Ozs7T0FPRztJQUNILE1BQU0sQ0FBQyxNQUFNLENBQ1gsS0FBYSxFQUNiLFdBQW1CLEVBQ25CLGFBQStCLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTNFLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQztZQUNqQixJQUFJLEVBQUUsb0JBQW9CO1lBQzFCLFVBQVUsQ0FBQyxDQUFDLENBQUM7WUFDYixVQUFVLENBQUMsQ0FBQyxDQUFDLEVBQUUsMkNBQTJDO1lBQzFELElBQUk7WUFDSixJQUFJLEVBQUUsU0FBUztZQUNmLEtBQUssRUFBRSxjQUFjO1lBQ3JCLFdBQVcsRUFBRSxvQkFBb0I7U0FDbEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsTUFBTSxDQUFDLGFBQWEsQ0FBQyxXQUFtQjtRQUN0QyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxXQUFXLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxNQUFNLENBQUMsV0FBVyxDQUFDLFdBQW1CO1FBQ3BDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLFdBQVcsQ0FBQyxDQUFDO0lBQ3BELENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLElBQUksQ0FDZixNQUEwQixFQUMxQixLQUFhLEVBQ2IsV0FBbUIsRUFDbkIsaUJBQTBCLEtBQUssRUFDL0IsYUFBcUIsR0FBRztRQUV4QixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssRUFBRSxXQUFXLENBQUMsQ0FBQztRQUU5QyxPQUFPLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQzNDLElBQUksQ0FBQztnQkFDSCxpREFBaUQ7Z0JBQ2pELE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFDZCxNQUFNLGVBQWUsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDLEdBQUcsRUFBRSxFQUFFO29CQUNsRCxJQUFJLEdBQUcsRUFBRSxDQUFDO3dCQUNSLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQzt3QkFDWixPQUFPO29CQUNULENBQUM7b0JBRUQsSUFBSSxjQUFjLEVBQUUsQ0FBQzt3QkFDbkIsVUFBVSxDQUFDLEdBQUcsRUFBRTs0QkFDZCxNQUFNLENBQUMsR0FBRyxFQUFFLENBQUM7NEJBQ2IsT0FBTyxFQUFFLENBQUM7d0JBQ1osQ0FBQyxFQUFFLFVBQVUsQ0FBQyxDQUFDO29CQUNqQixDQUFDO3lCQUFNLENBQUM7d0JBQ04sT0FBTyxFQUFFLENBQUM7b0JBQ1osQ0FBQztnQkFDSCxDQUFDLENBQUMsQ0FBQztnQkFDSCxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBRWhCLHlEQUF5RDtnQkFDekQsSUFBSSxDQUFDLGVBQWUsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUN4QyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxHQUFHLEVBQUU7d0JBQ3hCLE9BQU8sRUFBRSxDQUFDO29CQUNaLENBQUMsQ0FBQyxDQUFDO2dCQUNMLENBQUM7WUFDSCxDQUFDO1lBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztnQkFDYixNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDZCxDQUFDO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7O09BRUc7YUFDYSxXQUFNLEdBQUc7UUFDdkIsdUJBQXVCO1FBQ3ZCLFdBQVcsRUFBRSxRQUFRLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxZQUFZLENBQUM7UUFDMUQsb0JBQW9CLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMscUJBQXFCLENBQUM7UUFDNUUsbUJBQW1CLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsb0JBQW9CLENBQUM7UUFDMUUsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUM7UUFDcEUsZUFBZSxFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFDO1FBQ2xFLFlBQVksRUFBRSxRQUFRLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUM7UUFFNUQsOENBQThDO1FBQzlDLHlCQUF5QixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLG1CQUFtQixDQUFDO1FBQy9FLHVCQUF1QixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO1FBQzNFLDJCQUEyQixFQUFFLFFBQVEsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLHFCQUFxQixDQUFDO1FBRW5GLHFCQUFxQjtRQUNyQixpQkFBaUIsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxrQkFBa0IsQ0FBQztRQUNwRSxZQUFZLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDO1FBQzNELGNBQWMsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUM7UUFDOUQsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUM7UUFDbEUsY0FBYyxFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FBQztRQUM5RCxrQkFBa0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQztRQUN0RSxrQkFBa0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQztRQUN0RSxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBQztRQUNsRSxTQUFTLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDO1FBQ3BELFlBQVksRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUM7UUFDMUQsV0FBVyxFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQztRQUN4RCxZQUFZLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsYUFBYSxDQUFDO1FBQzFELGVBQWUsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQztRQUNoRSxvQkFBb0IsRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLFFBQVEsQ0FBQyxxQkFBcUIsQ0FBQztRQUMxRSxhQUFhLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDO1FBQzVELHFCQUFxQixFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO0tBQ3hFLENBQUM7SUFFRjs7Ozs7O09BTUc7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxNQUEwQjtRQUNyRCxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDdkUsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLE1BQTBCLEVBQUUsYUFBcUIsR0FBRztRQUMvRSxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFlBQVksRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDcEYsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0gsTUFBTSxDQUFDLEtBQUssQ0FBQyxzQkFBc0IsQ0FDakMsTUFBMEIsRUFDMUIsUUFBaUIsS0FBSyxFQUN0QixpQkFBMEIsSUFBSSxFQUM5QixhQUFxQixHQUFHO1FBRXhCLE1BQU0sS0FBSyxHQUFHLEtBQUssQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQztRQUM1RCxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxJQUFJLENBQUMsbUJBQW1CLEVBQUUsY0FBYyxFQUFFLFVBQVUsQ0FBQyxDQUFDO0lBQ3hGLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLG9CQUFvQixDQUFDLE1BQTBCO1FBQzFELElBQUksQ0FBQztZQUNILG1DQUFtQztZQUNuQyxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZCxNQUFNLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUMzQyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7WUFFaEIseUNBQXlDO1lBQ3pDLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRTtnQkFDN0IsVUFBVSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsQ0FBQztZQUMxQixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzdCLENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILE1BQU0sQ0FBQyxLQUFLLENBQUMsaUJBQWlCLENBQzVCLE1BQTBCLEVBQzFCLFdBQW1CLEVBQ25CLGFBQXFCLEdBQUc7UUFFeEIsT0FBTyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsV0FBVyxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDNUUsQ0FBQyJ9
|
|
@@ -1,100 +0,0 @@
|
|
|
1
|
-
import { Buffer } from 'buffer';
|
|
2
|
-
/**
|
|
3
|
-
* Interface for logging functions used by the parser
|
|
4
|
-
*/
|
|
5
|
-
export type LoggerFunction = (message: string) => void;
|
|
6
|
-
/**
|
|
7
|
-
* Result of a session resumption check
|
|
8
|
-
*/
|
|
9
|
-
export interface SessionResumptionResult {
|
|
10
|
-
isResumption: boolean;
|
|
11
|
-
hasSNI: boolean;
|
|
12
|
-
}
|
|
13
|
-
/**
|
|
14
|
-
* Information about parsed TLS extensions
|
|
15
|
-
*/
|
|
16
|
-
export interface ExtensionInfo {
|
|
17
|
-
type: number;
|
|
18
|
-
length: number;
|
|
19
|
-
data: Buffer;
|
|
20
|
-
}
|
|
21
|
-
/**
|
|
22
|
-
* Result of a ClientHello parse operation
|
|
23
|
-
*/
|
|
24
|
-
export interface ClientHelloParseResult {
|
|
25
|
-
isValid: boolean;
|
|
26
|
-
version?: [number, number];
|
|
27
|
-
random?: Buffer;
|
|
28
|
-
sessionId?: Buffer;
|
|
29
|
-
hasSessionId: boolean;
|
|
30
|
-
cipherSuites?: Buffer;
|
|
31
|
-
compressionMethods?: Buffer;
|
|
32
|
-
extensions: ExtensionInfo[];
|
|
33
|
-
serverNameList?: string[];
|
|
34
|
-
hasSessionTicket: boolean;
|
|
35
|
-
hasPsk: boolean;
|
|
36
|
-
hasEarlyData: boolean;
|
|
37
|
-
error?: string;
|
|
38
|
-
}
|
|
39
|
-
/**
|
|
40
|
-
* Fragment tracking information
|
|
41
|
-
*/
|
|
42
|
-
export interface FragmentTrackingInfo {
|
|
43
|
-
buffer: Buffer;
|
|
44
|
-
timestamp: number;
|
|
45
|
-
connectionId: string;
|
|
46
|
-
}
|
|
47
|
-
/**
|
|
48
|
-
* Class for parsing TLS ClientHello messages
|
|
49
|
-
*/
|
|
50
|
-
export declare class ClientHelloParser {
|
|
51
|
-
private static fragmentedBuffers;
|
|
52
|
-
private static fragmentTimeout;
|
|
53
|
-
/**
|
|
54
|
-
* Clean up expired fragments
|
|
55
|
-
*/
|
|
56
|
-
private static cleanupExpiredFragments;
|
|
57
|
-
/**
|
|
58
|
-
* Handles potential fragmented ClientHello messages by buffering and reassembling
|
|
59
|
-
* TLS record fragments that might span multiple TCP packets.
|
|
60
|
-
*
|
|
61
|
-
* @param buffer The current buffer fragment
|
|
62
|
-
* @param connectionId Unique identifier for the connection
|
|
63
|
-
* @param logger Optional logging function
|
|
64
|
-
* @returns A complete buffer if reassembly is successful, or undefined if more fragments are needed
|
|
65
|
-
*/
|
|
66
|
-
static handleFragmentedClientHello(buffer: Buffer, connectionId: string, logger?: LoggerFunction): Buffer | undefined;
|
|
67
|
-
/**
|
|
68
|
-
* Parses a TLS ClientHello message and extracts all components
|
|
69
|
-
*
|
|
70
|
-
* @param buffer The buffer containing the ClientHello message
|
|
71
|
-
* @param logger Optional logging function
|
|
72
|
-
* @returns Parsed ClientHello or undefined if parsing failed
|
|
73
|
-
*/
|
|
74
|
-
static parseClientHello(buffer: Buffer, logger?: LoggerFunction): ClientHelloParseResult;
|
|
75
|
-
/**
|
|
76
|
-
* Parses the server name extension data and extracts hostnames
|
|
77
|
-
*
|
|
78
|
-
* @param data Extension data buffer
|
|
79
|
-
* @param serverNames Array to populate with found server names
|
|
80
|
-
* @param logger Optional logging function
|
|
81
|
-
* @returns true if parsing succeeded
|
|
82
|
-
*/
|
|
83
|
-
private static parseServerNameExtension;
|
|
84
|
-
/**
|
|
85
|
-
* Determines if a ClientHello contains session resumption indicators
|
|
86
|
-
*
|
|
87
|
-
* @param buffer The ClientHello buffer
|
|
88
|
-
* @param logger Optional logging function
|
|
89
|
-
* @returns Session resumption result
|
|
90
|
-
*/
|
|
91
|
-
static hasSessionResumption(buffer: Buffer, logger?: LoggerFunction): SessionResumptionResult;
|
|
92
|
-
/**
|
|
93
|
-
* Checks if a ClientHello appears to be from a tab reactivation
|
|
94
|
-
*
|
|
95
|
-
* @param buffer The ClientHello buffer
|
|
96
|
-
* @param logger Optional logging function
|
|
97
|
-
* @returns true if it appears to be a tab reactivation
|
|
98
|
-
*/
|
|
99
|
-
static isTabReactivationHandshake(buffer: Buffer, logger?: LoggerFunction): boolean;
|
|
100
|
-
}
|