@push.rocks/smartproxy 25.17.10 → 26.1.0

package/ts/protocols/websocket/utils.ts

@@ -1,98 +0,0 @@
-/**
- * WebSocket Protocol Utilities
- */
-
-import * as crypto from 'node:crypto';
-import { WEBSOCKET_MAGIC_STRING } from './constants.js';
-import type { RawData } from './types.js';
-
-/**
- * Get the length of a WebSocket message regardless of its type
- * (handles all possible WebSocket message data types)
- */
-export function getMessageSize(data: RawData): number {
-  if (typeof data === 'string') {
-    // For string data, get the byte length
-    return Buffer.from(data, 'utf8').length;
-  } else if (data instanceof Buffer) {
-    // For Node.js Buffer
-    return data.length;
-  } else if (data instanceof ArrayBuffer) {
-    // For ArrayBuffer
-    return data.byteLength;
-  } else if (Array.isArray(data)) {
-    // For array of buffers, sum their lengths
-    return data.reduce((sum, chunk) => {
-      if (chunk instanceof Buffer) {
-        return sum + chunk.length;
-      } else if (chunk instanceof ArrayBuffer) {
-        return sum + chunk.byteLength;
-      }
-      return sum;
-    }, 0);
-  } else {
-    // For other types, try to determine the size or return 0
-    try {
-      return Buffer.from(data).length;
-    } catch (e) {
-      return 0;
-    }
-  }
-}
-
-/**
- * Convert any raw WebSocket data to Buffer for consistent handling
- */
-export function toBuffer(data: RawData): Buffer {
-  if (typeof data === 'string') {
-    return Buffer.from(data, 'utf8');
-  } else if (data instanceof Buffer) {
-    return data;
-  } else if (data instanceof ArrayBuffer) {
-    return Buffer.from(data);
-  } else if (Array.isArray(data)) {
-    // For array of buffers, concatenate them
-    return Buffer.concat(data.map(chunk => {
-      if (chunk instanceof Buffer) {
-        return chunk;
-      } else if (chunk instanceof ArrayBuffer) {
-        return Buffer.from(chunk);
-      }
-      return Buffer.from(chunk);
-    }));
-  } else {
-    // For other types, try to convert to Buffer or return empty Buffer
-    try {
-      return Buffer.from(data);
-    } catch (e) {
-      return Buffer.alloc(0);
-    }
-  }
-}
-
-/**
- * Generate WebSocket accept key from client key
- */
-export function generateAcceptKey(clientKey: string): string {
-  const hash = crypto.createHash('sha1');
-  hash.update(clientKey + WEBSOCKET_MAGIC_STRING);
-  return hash.digest('base64');
-}
-
-/**
- * Validate WebSocket upgrade request
- */
-export function isWebSocketUpgrade(headers: Record<string, string>): boolean {
-  const upgrade = headers['upgrade'];
-  const connection = headers['connection'];
-  
-  return upgrade?.toLowerCase() === 'websocket' && 
-         connection?.toLowerCase().includes('upgrade');
-}
-
-/**
- * Generate random WebSocket key for client handshake
- */
-export function generateWebSocketKey(): string {
-  return crypto.randomBytes(16).toString('base64');
-}

package/ts/routing/router/http-router.ts

@@ -1,266 +0,0 @@
-import * as plugins from '../../plugins.js';
-import type { IRouteConfig } from '../../proxies/smart-proxy/models/route-types.js';
-import { DomainMatcher, PathMatcher } from '../../core/routing/matchers/index.js';
-
-/**
- * Interface for router result with additional metadata
- */
-export interface RouterResult {
-  route: IRouteConfig;
-  pathMatch?: string;
-  pathParams?: Record<string, string>;
-  pathRemainder?: string;
-}
-
-
-/**
- * Logger interface for HttpRouter
- */
-export interface ILogger {
-  debug?: (message: string, data?: any) => void;
-  info: (message: string, data?: any) => void;
-  warn: (message: string, data?: any) => void;
-  error: (message: string, data?: any) => void;
-}
-
-/**
- * Unified HTTP Router for reverse proxy requests
- * 
- * Domain matching patterns:
- * - Exact matches: "example.com"
- * - Wildcard subdomains: "*.example.com" (matches any subdomain of example.com)
- * - TLD wildcards: "example.*" (matches example.com, example.org, etc.)
- * - Complex wildcards: "*.lossless*" (matches any subdomain of any lossless domain)
- * - Default fallback: "*" (matches any unmatched domain)
- * 
- * Path pattern matching:
- * - Exact path: "/api/users"
- * - Wildcard paths: "/api/*" 
- * - Path parameters: "/users/:id/profile"
- */
-export class HttpRouter {
-  // Store routes sorted by priority
-  private routes: IRouteConfig[] = [];
-  // Default route to use when no match is found (optional)
-  private defaultRoute?: IRouteConfig;
-  // Logger interface
-  private logger: ILogger;
-
-  constructor(
-    routes?: IRouteConfig[],
-    logger?: ILogger
-  ) {
-    this.logger = logger || {
-      error: console.error.bind(console),
-      warn: console.warn.bind(console),
-      info: console.info.bind(console),
-      debug: console.debug?.bind(console)
-    };
-    
-    if (routes) {
-      this.setRoutes(routes);
-    }
-  }
-
-  /**
-   * Sets a new set of routes
-   * @param routes Array of route configurations
-   */
-  public setRoutes(routes: IRouteConfig[]): void {
-    this.routes = [...routes];
-
-    // Sort routes by priority (higher priority first)
-    this.routes.sort((a, b) => {
-      const priorityA = a.priority ?? 0;
-      const priorityB = b.priority ?? 0;
-      return priorityB - priorityA;
-    });
-
-    // Find default route if any (route with "*" as domain)
-    this.defaultRoute = this.routes.find(route => {
-      const domains = Array.isArray(route.match.domains) 
-        ? route.match.domains 
-        : route.match.domains ? [route.match.domains] : [];
-      return domains.includes('*');
-    });
-
-    const uniqueDomains = this.getHostnames();
-    this.logger.info(`HttpRouter initialized with ${this.routes.length} routes (${uniqueDomains.length} unique hosts)`);
-  }
-
-  /**
-   * Routes a request based on hostname and path
-   * @param req The incoming HTTP request
-   * @returns The matching route or undefined if no match found
-   */
-  public routeReq(req: plugins.http.IncomingMessage): IRouteConfig | undefined {
-    const result = this.routeReqWithDetails(req);
-    return result ? result.route : undefined;
-  }
-
-  /**
-   * Routes a request with detailed matching information
-   * @param req The incoming HTTP request
-   * @returns Detailed routing result including matched route and path information
-   */
-  public routeReqWithDetails(req: plugins.http.IncomingMessage): RouterResult | undefined {
-    // Extract and validate host header
-    const originalHost = req.headers.host;
-    if (!originalHost) {
-      this.logger.error('No host header found in request');
-      return this.defaultRoute ? { route: this.defaultRoute } : undefined;
-    }
-    
-    // Parse URL for path matching
-    const parsedUrl = plugins.url.parse(req.url || '/');
-    const urlPath = parsedUrl.pathname || '/';
-    
-    // Extract hostname without port
-    const hostWithoutPort = originalHost.split(':')[0].toLowerCase();
-    
-    // Find matching route
-    const matchingRoute = this.findMatchingRoute(hostWithoutPort, urlPath);
-    
-    if (matchingRoute) {
-      return matchingRoute;
-    }
-    
-    // Fall back to default route if available
-    if (this.defaultRoute) {
-      this.logger.warn(`No specific route found for host: ${hostWithoutPort}, using default`);
-      return { route: this.defaultRoute };
-    }
-    
-    this.logger.error(`No route found for host: ${hostWithoutPort}`);
-    return undefined;
-  }
-
-  /**
-   * Find the best matching route for a given hostname and path
-   */
-  private findMatchingRoute(hostname: string, path: string): RouterResult | undefined {
-    // Try each route in priority order
-    for (const route of this.routes) {
-      // Skip disabled routes
-      if (route.enabled === false) {
-        continue;
-      }
-
-      // Check domain match
-      if (route.match.domains) {
-        const domains = Array.isArray(route.match.domains) 
-          ? route.match.domains 
-          : [route.match.domains];
-        
-        // Check if any domain pattern matches
-        const domainMatches = domains.some(domain => 
-          DomainMatcher.match(domain, hostname)
-        );
-        
-        if (!domainMatches) {
-          continue;
-        }
-      }
-
-      // Check path match if specified
-      if (route.match.path) {
-        const pathResult = PathMatcher.match(route.match.path, path);
-        if (pathResult.matches) {
-          return {
-            route,
-            pathMatch: pathResult.pathMatch || path,
-            pathParams: pathResult.params,
-            pathRemainder: pathResult.pathRemainder
-          };
-        }
-      } else {
-        // No path specified, so domain match is sufficient
-        return { route };
-      }
-    }
-    
-    return undefined;
-  }
-
-  /**
-   * Gets all currently active route configurations
-   * @returns Array of all active routes
-   */
-  public getRoutes(): IRouteConfig[] {
-    return [...this.routes];
-  }
-
-  /**
-   * Gets all hostnames that this router is configured to handle
-   * @returns Array of unique hostnames
-   */
-  public getHostnames(): string[] {
-    const hostnames = new Set<string>();
-    for (const route of this.routes) {
-      if (!route.match.domains) continue;
-      
-      const domains = Array.isArray(route.match.domains) 
-        ? route.match.domains 
-        : [route.match.domains];
-      
-      for (const domain of domains) {
-        if (domain !== '*') {
-          hostnames.add(domain.toLowerCase());
-        }
-      }
-    }
-    return Array.from(hostnames);
-  }
-
-  /**
-   * Adds a single new route configuration
-   * @param route The route configuration to add
-   */
-  public addRoute(route: IRouteConfig): void {
-    this.routes.push(route);
-    
-    // Re-sort routes by priority
-    this.routes.sort((a, b) => {
-      const priorityA = a.priority ?? 0;
-      const priorityB = b.priority ?? 0;
-      return priorityB - priorityA;
-    });
-  }
-
-  /**
-   * Removes routes by domain pattern
-   * @param domain The domain pattern to remove routes for
-   * @returns Boolean indicating whether any routes were removed
-   */
-  public removeRoutesByDomain(domain: string): boolean {
-    const initialCount = this.routes.length;
-    
-    // Filter out routes that match the domain
-    this.routes = this.routes.filter(route => {
-      if (!route.match.domains) return true;
-      
-      const domains = Array.isArray(route.match.domains) 
-        ? route.match.domains 
-        : [route.match.domains];
-      
-      return !domains.includes(domain);
-    });
-    
-    return this.routes.length !== initialCount;
-  }
-
-  /**
-   * Remove a specific route by reference
-   * @param route The route to remove
-   * @returns Boolean indicating if the route was found and removed
-   */
-  public removeRoute(route: IRouteConfig): boolean {
-    const index = this.routes.indexOf(route);
-    if (index !== -1) {
-      this.routes.splice(index, 1);
-      return true;
-    }
-    return false;
-  }
-
-}

package/ts/routing/router/index.ts

@@ -1,7 +0,0 @@
-/**
- * HTTP routing
- */
-
-// Export the unified HttpRouter
-export { HttpRouter } from './http-router.js';
-export type { RouterResult, ILogger } from './http-router.js';

package/ts/tls/index.ts

@@ -1,29 +0,0 @@
-/**
- * TLS module for smartproxy
- * Re-exports protocol components and provides smartproxy-specific functionality
- */
-
-// Re-export all protocol components from protocols/tls
-export * from '../protocols/tls/index.js';
-
-// Export smartproxy-specific SNI handler
-export * from './sni/sni-handler.js';
-
-// Create a namespace for SNI utilities
-import { SniHandler } from './sni/sni-handler.js';
-import { SniExtraction } from '../protocols/tls/sni/sni-extraction.js';
-import { ClientHelloParser } from '../protocols/tls/sni/client-hello-parser.js';
-
-// Export utility objects for convenience
-export const SNI = {
-  // Main handler class (for backward compatibility)
-  Handler: SniHandler,
-
-  // Utility classes
-  Extraction: SniExtraction,
-  Parser: ClientHelloParser,
-
-  // Convenience functions
-  extractSNI: SniHandler.extractSNI,
-  processTlsPacket: SniHandler.processTlsPacket,
-};

package/ts/tls/sni/index.ts

@@ -1,3 +0,0 @@
-/**
- * SNI handling
- */

package/ts/tls/sni/sni-handler.ts

@@ -1,264 +0,0 @@
-import { Buffer } from 'node:buffer';
-import { 
-  TlsRecordType,
-  TlsHandshakeType,
-  TlsExtensionType,
-  TlsUtils
-} from '../../protocols/tls/utils/tls-utils.js';
-import {
-  ClientHelloParser,
-  type LoggerFunction
-} from '../../protocols/tls/sni/client-hello-parser.js';
-import {
-  SniExtraction,
-  type ConnectionInfo
-} from '../../protocols/tls/sni/sni-extraction.js';
-
-/**
- * SNI (Server Name Indication) handler for TLS connections.
- * Provides robust extraction of SNI values from TLS ClientHello messages
- * with support for fragmented packets, TLS 1.3 resumption, Chrome-specific
- * connection behaviors, and tab hibernation/reactivation scenarios.
- * 
- * This class retains the original API but leverages the new modular implementation
- * for better maintainability and testability.
- */
-export class SniHandler {
-  // Re-export constants for backward compatibility
-  private static readonly TLS_HANDSHAKE_RECORD_TYPE = TlsRecordType.HANDSHAKE;
-  private static readonly TLS_APPLICATION_DATA_TYPE = TlsRecordType.APPLICATION_DATA;
-  private static readonly TLS_CLIENT_HELLO_HANDSHAKE_TYPE = TlsHandshakeType.CLIENT_HELLO;
-  private static readonly TLS_SNI_EXTENSION_TYPE = TlsExtensionType.SERVER_NAME;
-  private static readonly TLS_SESSION_TICKET_EXTENSION_TYPE = TlsExtensionType.SESSION_TICKET;
-  private static readonly TLS_SNI_HOST_NAME_TYPE = 0; // NameType.HOST_NAME in RFC 6066
-  private static readonly TLS_PSK_EXTENSION_TYPE = TlsExtensionType.PRE_SHARED_KEY;
-  private static readonly TLS_PSK_KE_MODES_EXTENSION_TYPE = TlsExtensionType.PSK_KEY_EXCHANGE_MODES;
-  private static readonly TLS_EARLY_DATA_EXTENSION_TYPE = TlsExtensionType.EARLY_DATA;
-
-  /**
-   * Checks if a buffer contains a TLS handshake message (record type 22)
-   * @param buffer - The buffer to check
-   * @returns true if the buffer starts with a TLS handshake record type
-   */
-  public static isTlsHandshake(buffer: Buffer): boolean {
-    return TlsUtils.isTlsHandshake(buffer);
-  }
-
-  /**
-   * Checks if a buffer contains TLS application data (record type 23)
-   * @param buffer - The buffer to check
-   * @returns true if the buffer starts with a TLS application data record type
-   */
-  public static isTlsApplicationData(buffer: Buffer): boolean {
-    return TlsUtils.isTlsApplicationData(buffer);
-  }
-
-  /**
-   * Creates a connection ID based on source/destination information
-   * Used to track fragmented ClientHello messages across multiple packets
-   *
-   * @param connectionInfo - Object containing connection identifiers (IP/port)
-   * @returns A string ID for the connection
-   */
-  public static createConnectionId(connectionInfo: {
-    sourceIp?: string;
-    sourcePort?: number;
-    destIp?: string;
-    destPort?: number;
-  }): string {
-    return TlsUtils.createConnectionId(connectionInfo);
-  }
-
-  /**
-   * Handles potential fragmented ClientHello messages by buffering and reassembling
-   * TLS record fragments that might span multiple TCP packets.
-   *
-   * @param buffer - The current buffer fragment
-   * @param connectionId - Unique identifier for the connection
-   * @param enableLogging - Whether to enable logging
-   * @returns A complete buffer if reassembly is successful, or undefined if more fragments are needed
-   */
-  public static handleFragmentedClientHello(
-    buffer: Buffer,
-    connectionId: string,
-    enableLogging: boolean = false
-  ): Buffer | undefined {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[SNI Fragment] ${message}`) : 
-      undefined;
-    
-    return ClientHelloParser.handleFragmentedClientHello(buffer, connectionId, logger);
-  }
-
-  /**
-   * Checks if a buffer contains a TLS ClientHello message
-   * @param buffer - The buffer to check
-   * @returns true if the buffer appears to be a ClientHello message
-   */
-  public static isClientHello(buffer: Buffer): boolean {
-    return TlsUtils.isClientHello(buffer);
-  }
-
-  /**
-   * Checks if a ClientHello message contains session resumption indicators
-   * such as session tickets or PSK (Pre-Shared Key) extensions.
-   *
-   * @param buffer - The buffer containing a ClientHello message
-   * @param enableLogging - Whether to enable logging
-   * @returns Object containing details about session resumption and SNI presence
-   */
-  public static hasSessionResumption(
-    buffer: Buffer,
-    enableLogging: boolean = false
-  ): { isResumption: boolean; hasSNI: boolean } {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[Session Resumption] ${message}`) : 
-      undefined;
-    
-    return ClientHelloParser.hasSessionResumption(buffer, logger);
-  }
-
-  /**
-   * Detects characteristics of a tab reactivation TLS handshake
-   * These often have specific patterns in Chrome and other browsers
-   *
-   * @param buffer - The buffer containing a ClientHello message
-   * @param enableLogging - Whether to enable logging
-   * @returns true if this appears to be a tab reactivation handshake
-   */
-  public static isTabReactivationHandshake(
-    buffer: Buffer,
-    enableLogging: boolean = false
-  ): boolean {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[Tab Reactivation] ${message}`) : 
-      undefined;
-    
-    return ClientHelloParser.isTabReactivationHandshake(buffer, logger);
-  }
-
-  /**
-   * Extracts the SNI (Server Name Indication) from a TLS ClientHello message.
-   * Implements robust parsing with support for session resumption edge cases.
-   *
-   * @param buffer - The buffer containing the TLS ClientHello message
-   * @param enableLogging - Whether to enable detailed debug logging
-   * @returns The extracted server name or undefined if not found
-   */
-  public static extractSNI(buffer: Buffer, enableLogging: boolean = false): string | undefined {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[SNI Extraction] ${message}`) : 
-      undefined;
-    
-    return SniExtraction.extractSNI(buffer, logger);
-  }
-
-  /**
-   * Attempts to extract SNI from the PSK extension in a TLS 1.3 ClientHello.
-   *
-   * In TLS 1.3, when a client attempts to resume a session, it may include
-   * the server name in the PSK identity hint rather than in the SNI extension.
-   *
-   * @param buffer - The buffer containing the TLS ClientHello message
-   * @param enableLogging - Whether to enable detailed debug logging
-   * @returns The extracted server name or undefined if not found
-   */
-  public static extractSNIFromPSKExtension(
-    buffer: Buffer,
-    enableLogging: boolean = false
-  ): string | undefined {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[PSK-SNI Extraction] ${message}`) : 
-      undefined;
-    
-    return SniExtraction.extractSNIFromPSKExtension(buffer, logger);
-  }
-
-  /**
-   * Checks if the buffer contains TLS 1.3 early data (0-RTT)
-   * @param buffer - The buffer to check
-   * @param enableLogging - Whether to enable logging
-   * @returns true if early data is detected
-   */
-  public static hasEarlyData(buffer: Buffer, enableLogging: boolean = false): boolean {
-    // This functionality has been moved to ClientHelloParser
-    // We can implement it in terms of the parse result if needed
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[Early Data] ${message}`) : 
-      undefined;
-    
-    const parseResult = ClientHelloParser.parseClientHello(buffer, logger);
-    return parseResult.isValid && parseResult.hasEarlyData;
-  }
-
-  /**
-   * Attempts to extract SNI from an initial ClientHello packet and handles
-   * session resumption edge cases more robustly than the standard extraction.
-   *
-   * This method handles:
-   * 1. Standard SNI extraction
-   * 2. TLS 1.3 PSK-based resumption (Chrome, Firefox, etc.)
-   * 3. Session ticket-based resumption
-   * 4. Fragmented ClientHello messages
-   * 5. TLS 1.3 Early Data (0-RTT)
-   * 6. Chrome's connection racing behaviors
-   *
-   * @param buffer - The buffer containing the TLS ClientHello message
-   * @param connectionInfo - Optional connection information for fragment handling
-   * @param enableLogging - Whether to enable detailed debug logging
-   * @returns The extracted server name or undefined if not found or more data needed
-   */
-  public static extractSNIWithResumptionSupport(
-    buffer: Buffer,
-    connectionInfo?: {
-      sourceIp?: string;
-      sourcePort?: number;
-      destIp?: string;
-      destPort?: number;
-    },
-    enableLogging: boolean = false
-  ): string | undefined {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[SNI Extraction] ${message}`) : 
-      undefined;
-    
-    return SniExtraction.extractSNIWithResumptionSupport(
-      buffer, 
-      connectionInfo as ConnectionInfo, 
-      logger
-    );
-  }
-
-  /**
-   * Main entry point for SNI extraction that handles all edge cases.
-   * This should be called for each TLS packet received from a client.
-   *
-   * The method uses connection tracking to handle fragmented ClientHello
-   * messages and various TLS 1.3 behaviors, including Chrome's connection
-   * racing patterns and tab reactivation behaviors.
-   *
-   * @param buffer - The buffer containing TLS data
-   * @param connectionInfo - Connection metadata (IPs and ports)
-   * @param enableLogging - Whether to enable detailed debug logging
-   * @param cachedSni - Optional cached SNI from previous connections (for racing detection)
-   * @returns The extracted server name or undefined if not found or more data needed
-   */
-  public static processTlsPacket(
-    buffer: Buffer,
-    connectionInfo: {
-      sourceIp: string;
-      sourcePort: number;
-      destIp: string;
-      destPort: number;
-      timestamp?: number;
-    },
-    enableLogging: boolean = false,
-    cachedSni?: string
-  ): string | undefined {
-    const logger = enableLogging ? 
-      (message: string) => console.log(`[TLS Packet] ${message}`) : 
-      undefined;
-    
-    return SniExtraction.processTlsPacket(buffer, connectionInfo, logger, cachedSni);
-  }
-}