@simonyea/holysheep-cli 2.1.40 → 2.1.41

package/src/tools/claude-process-proxy.js

@@ -1,1030 +0,0 @@
-#!/usr/bin/env node
-'use strict'
-
-const fs = require('fs')
-const http = require('http')
-const https = require('https')
-const net = require('net')
-const path = require('path')
-const os = require('os')
-const crypto = require('crypto')
-const { URL } = require('url')
-const fetch = global.fetch || require('node-fetch')
-
-const HOLYSHEEP_DIR = path.join(os.homedir(), '.holysheep')
-const CONFIG_PATH = path.join(HOLYSHEEP_DIR, 'claude-proxy.json')
-const DEFAULT_PROXY_PORT = 14556
-
-function ensureDir() {
-  if (!fs.existsSync(HOLYSHEEP_DIR)) fs.mkdirSync(HOLYSHEEP_DIR, { recursive: true })
-}
-
-function readConfig() {
-  try {
-    return JSON.parse(fs.readFileSync(CONFIG_PATH, 'utf8'))
-  } catch {
-    return {}
-  }
-}
-
-function writeConfig(data) {
-  ensureDir()
-  fs.writeFileSync(CONFIG_PATH, JSON.stringify(data, null, 2), 'utf8')
-}
-
-function getProcessProxyPort(config = readConfig()) {
-  const value = Number(config.processProxyPort)
-  return Number.isInteger(value) && value > 0 ? value : DEFAULT_PROXY_PORT
-}
-
-function getLocalProxyUrl(port = getProcessProxyPort()) {
-  return `http://127.0.0.1:${port}`
-}
-
-function getControlPlaneUrl(config) {
-  return String(config.controlPlaneUrl || config.relayUrl || '').replace(/\/+$/, '')
-}
-
-const leaseCache = new Map()
-const MAX_PROXY_RETRIES = 3
-const ENABLE_TIMING_LOG = process.env.HS_CLAUDE_TIMING_LOG === '1'
-const SLOW_PATH_LOG_MS = Number(process.env.HS_CLAUDE_SLOW_PATH_LOG_MS) || 5000
-
-function sanitizeUrl(value) {
-  if (!value) return ''
-  try {
-    const url = new URL(String(value))
-    return `${url.protocol}//${url.host}${url.pathname}`
-  } catch {
-    return String(value)
-  }
-}
-
-function logProxyTiming(event, details = {}) {
-  if (!ENABLE_TIMING_LOG) return
-  const payload = Object.fromEntries(
-    Object.entries(details).filter(([, value]) => value !== undefined && value !== null && value !== '')
-  )
-  console.error(`[hs-claude-proxy] ${event} ${JSON.stringify(payload)}`)
-}
-
-function createForwardTrace({ clientReq, targetUrl, nodeProxyUrl, sessionId, lease, attempt, isDirect }) {
-  return {
-    requestId: crypto.randomUUID().slice(0, 8),
-    sessionId,
-    nodeId: lease?.nodeId || '',
-    attempt,
-    isDirect,
-    method: clientReq?.method || '',
-    target: sanitizeUrl(targetUrl),
-    nodeProxy: sanitizeUrl(nodeProxyUrl),
-    leaseOpenMs: lease?._hsLeaseOpenMs,
-    leaseAgeMs: lease?._hsLeaseOpenedAt ? Date.now() - lease._hsLeaseOpenedAt : undefined,
-  }
-}
-
-function createForwardError(statusCode, body) {
-  const error = new Error(`HTTP ${statusCode}: ${String(body || '').slice(0, 200)}`)
-  error.statusCode = Number(statusCode) || 502
-  error.body = String(body || '')
-  return error
-}
-
-function createClientValidationErrorBody(message) {
-  return JSON.stringify({
-    type: 'error',
-    error: {
-      type: 'client_validation_error',
-      message,
-    },
-  })
-}
-
-// [HolySheep fork v2.1.36 / hs24] This is the ONLY trigger for switching to a
-// different node (via fetchFreshLease({forceReassign:true}) → control plane
-// drops Redis stickiness → chooseNode round-robins). It is NOT a generic retry
-// trigger — same-node retries don't need this.
-//
-// Previous versions returned true for any 403/503, which made the CLI tear
-// down 5-min session stickiness on every transient upstream hiccup (busy
-// account, momentary scheduler capacity, ticket timing) and bounced the
-// session node3↔node4↔node3 repeatedly. Bug surfaced as repeated lease.close
-// log lines and ~5s stalls.
-//
-// Fix: only force-reassign when upstream sends an EXPLICIT "switch node"
-// signal in the body. Other errors (403/503/ECONNREFUSED) stay on the same
-// node — the retry loop will either succeed after upstream recovers, or fall
-// through to direct-https fallback.
-//
-// IMPORTANT: we deliberately do NOT match bare `client_validation_error` —
-// forwardViaNodeProxy wraps local forward errors (ECONNREFUSED etc.) in a
-// client_validation_error body (see createClientValidationErrorBody), so
-// matching that type alone would fire false positives on local-level errors
-// that have nothing to do with node health. We only match specific messages
-// that upstream emits when it explicitly wants the CLI to pick a new node:
-//   - homi-crs internalRoutes.js:1025 ("当前代理节点 X 不可用")
-//   - homi-crs auth.js / internalRoutes.js ("Claude Code 必须使用 hs claude 指令启动")
-//   - control plane server.js ("No active Claude relay nodes are available")
-function shouldRefreshLeaseAfterError(err) {
-  const body = String(err?.body || err?.message || '')
-  return (
-    body.includes('Claude Code 必须使用 hs claude 指令启动') ||
-    body.includes('当前代理节点') ||
-    body.includes('No active Claude relay nodes are available')
-  )
-}
-
-function isRetryableNodeLeaseError(err) {
-  const message = String(err?.message || '')
-  return [
-    'No session lease',
-    'ECONNREFUSED',
-    'ECONNRESET',
-    'socket hang up',
-    'ETIMEDOUT',
-    'EHOSTUNREACH',
-    'ENETUNREACH',
-    'Upstream proxy CONNECT failed',
-    'No available Claude accounts support the requested model',
-    'No available Claude accounts',
-    'Bad Gateway',
-    'HTTP 402',
-    'HTTP 403',
-    'HTTP 502',
-    'HTTP 503',
-    'HTTP 504',
-    'client_validation_error',
-    'upstream response timeout',
-    'upstream stream stalled',
-    '不可用'
-  ].some((token) => message.includes(token))
-}
-
-async function readJsonResponse(response) {
-  const chunks = []
-  for await (const chunk of response) chunks.push(Buffer.from(chunk))
-  if (!chunks.length) return null
-  try {
-    return JSON.parse(Buffer.concat(chunks).toString('utf8'))
-  } catch {
-    return null
-  }
-}
-
-// 向 relay 申请新 lease（启动时 + CONNECT 失败时被动重试）
-async function fetchFreshLease(config, sessionId, options = {}) {
-  const controlPlaneUrl = getControlPlaneUrl(config)
-  if (!controlPlaneUrl) throw new Error('Claude relay control plane is not configured')
-
-  const startedAt = Date.now()
-  const response = await fetch(`${controlPlaneUrl}/session/open`, {
-    method: 'POST',
-    headers: { 'content-type': 'application/json' },
-    body: JSON.stringify({
-      sessionId,
-      bridgeId: config.bridgeId || 'local-bridge',
-      deviceId: config.deviceId || '',
-      installSource: config.installSource || 'holysheep-cli',
-      proxyMode: 'claude-process',
-      forceReassign: options.forceReassign === true,
-    }),
-  })
-
-  const payload = await response.json().catch(() => null)
-  if (!response.ok || !payload?.success || !payload?.data?.ticket) {
-    throw new Error(payload?.error?.message || `Failed to open Claude session (HTTP ${response.status})`)
-  }
-  const openedAt = Date.now()
-  payload.data._hsLeaseOpenMs = openedAt - startedAt
-  payload.data._hsLeaseOpenedAt = openedAt
-  if (payload.data._hsLeaseOpenMs >= SLOW_PATH_LOG_MS) {
-    logProxyTiming('lease.open', {
-      sessionId,
-      nodeId: payload.data.nodeId || '',
-      leaseOpenMs: payload.data._hsLeaseOpenMs,
-      forceReassign: options.forceReassign === true,
-    })
-  }
-  leaseCache.set(sessionId, payload.data)
-  return payload.data
-}
-
-// 请求路径：只读缓存，不检查过期时间（续约由失败触发，不由时间触发）
-function getCachedLease(sessionId) {
-  const cached = leaseCache.get(sessionId)
-  if (!cached) throw new Error('No session lease available')
-  return cached
-}
-
-function buildAuthHeaders(config, lease) {
-  return {
-    'x-hs-bridge-id': config.bridgeId || 'local-bridge',
-    'x-hs-device-id': config.deviceId || '',
-    'x-hs-install-source': config.installSource || 'holysheep-cli',
-    'x-hs-session-id': lease.sessionId,
-    'x-hs-bridge-ticket': lease.ticket,
-    'x-hs-node-id': lease.nodeId || '',
-  }
-}
-
-// [HolySheep fork v2.1.29 / hs22] Rewrite User-Agent away from claude-cli/*.
-// CRS enforces a "Claude Code CLI must use hs claude" policy keyed on UA —
-// when it sees claude-cli/* or claude-code/*, it 403s even with valid bridge
-// headers, under the assumption the user bypassed the wrapper. Every forward
-// path (node-proxy + direct-https fallback) now normalises UA to
-// holysheep-cli so the wrapper identity is preserved end-to-end.
-function sanitizeClaudeClientHeaders(headers, config) {
-  const out = { ...(headers || {}) }
-  for (const k of Object.keys(out)) {
-    if (/^x-forwarded-|^x-real-ip$|^forwarded$|^via$/i.test(k)) {
-      delete out[k]
-      continue
-    }
-    if (/^user-agent$/i.test(k) && /claude-cli|claude-code/i.test(String(out[k] || ''))) {
-      out[k] = `holysheep-cli/${(config && config.cliVersion) || 'process-proxy'} (hs-claude-proxy)`
-    }
-  }
-  return out
-}
-
-function deriveNodeProxyUrl(lease) {
-  if (process.env.HS_CLAUDE_NODE_PROXY_OVERRIDE) {
-    return String(process.env.HS_CLAUDE_NODE_PROXY_OVERRIDE).replace(/\/+$/, '')
-  }
-  // [HolySheep fork v2.1.34 / hs23] Distinguish "field present but empty"
-  // (sub2api nodes have no process-proxy) from "field absent" (old lease format).
-  // Control plane sets nodeProxyUrl:"" for sub2api nodes = no process proxy exists.
-  // Return null so callers skip node-proxy and go straight to direct-https.
-  // Only fall through to port inference when field is entirely absent (legacy leases).
-  if (Object.prototype.hasOwnProperty.call(lease, 'nodeProxyUrl')) {
-    if (!lease.nodeProxyUrl) return null  // explicit empty = no proxy on this node
-    return String(lease.nodeProxyUrl)
-  }
-  // Legacy fallback: field absent → infer proxy port from nodeBaseUrl
-  if (!lease.nodeBaseUrl) return null
-  const upstream = new URL(String(lease.nodeBaseUrl))
-  const proxyPort = upstream.port === '3101' ? '3129' : upstream.port
-  upstream.port = proxyPort || '3129'
-  upstream.pathname = ''
-  upstream.search = ''
-  upstream.hash = ''
-  return upstream.toString().replace(/\/+$/, '')
-}
-
-// [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
-//
-// Background: the assigned node's forward-proxy at :3129 can be unreachable
-// (we've seen node3's proxy offline while node3's /v1/messages at :3101 is
-// up). When that happens, claude-agent-acp spawns get ECONNREFUSED on every
-// prompt and the user sees the generic "Internal error: API Error: 400".
-//
-// Fix: when the node-proxy forward fails with ECONNREFUSED (or the proxy
-// URL itself won't resolve), retry the same request directly against
-// `config.baseUrlAnthropic` (usually https://api.holysheep.ai). We still
-// send the bridge headers — the upstream CRS accepts them and reuses the
-// same lease. This gives users a usable claude path even while HolySheep
-// SRE fixes the assigned node.
-function forwardDirectHttps({ config, lease, clientReq, clientRes, trace }) {
-  const https = require('https')
-  const crsBase = config.baseUrlAnthropic || 'https://api.holysheep.ai'
-  const target = new URL(clientReq.url && clientReq.url.startsWith('http') ? clientReq.url : clientReq.url, crsBase)
-  return new Promise((resolve, reject) => {
-    // [HolySheep fork v2.1.27 / hs20] Sanitize headers before the direct
-    // upstream hit. claude-agent-acp usually runs in a clean env so these
-    // should never be present, but a future client library could set them
-    // (or a proxy earlier in the chain could tag the request) and leak the
-    // loopback origin / real client IP to api.holysheep.ai. The upstream
-    // doesn't need them — it authenticates off bridge headers + API key.
-    const sanitized = sanitizeClaudeClientHeaders(clientReq.headers, config)
-    const headers = {
-      ...sanitized,
-      ...buildAuthHeaders(config, lease),
-      host: target.host,
-      connection: 'close',
-    }
-    const upReq = https.request({
-      hostname: target.hostname,
-      port: target.port || 443,
-      path: target.pathname + target.search,
-      method: clientReq.method,
-      headers,
-      timeout: RESPONSE_TIMEOUT_MS + 5000,
-    }, (upRes) => {
-      clientRes.writeHead(upRes.statusCode, upRes.headers)
-      upRes.pipe(clientRes)
-      upRes.on('end', resolve)
-      upRes.on('error', reject)
-    })
-    upReq.on('error', reject)
-    upReq.on('timeout', () => {
-      upReq.destroy(new Error('direct-https upstream timeout'))
-    })
-    clientReq.pipe(upReq)
-  })
-}
-
-function forwardViaNodeProxy({ nodeProxyUrl, targetUrl, clientReq, clientRes, extraHeaders = {}, trace = null }) {
-  const upstream = new URL(nodeProxyUrl)
-  return new Promise((resolve, reject) => {
-    const requestStartedAt = Date.now()
-    const resolvedTrace = trace || createForwardTrace({
-      clientReq,
-      targetUrl,
-      nodeProxyUrl,
-      sessionId: clientReq.headers['x-hs-session-id'] || '',
-      lease: null,
-      attempt: 0,
-      isDirect: !String(clientReq.url || '').startsWith('http'),
-    })
-    let settled = false
-    let responseTimer = null
-    let stallTimer = null
-    let sawUpstreamResponse = false
-    let sawUpstreamData = false
-    let forwardReq = null
-    let upstreamAssignedAt = null
-    let firstByteAt = null
-
-    const clearResponseTimer = () => {
-      if (responseTimer) {
-        clearTimeout(responseTimer)
-        responseTimer = null
-      }
-    }
-
-    const clearStallTimer = () => {
-      if (stallTimer) {
-        clearTimeout(stallTimer)
-        stallTimer = null
-      }
-    }
-
-    const clearTimers = () => {
-      clearResponseTimer()
-      clearStallTimer()
-    }
-
-    const finish = () => {
-      if (settled) return
-      settled = true
-      clearTimers()
-      const finishedAt = Date.now()
-      const totalMs = finishedAt - requestStartedAt
-      if (totalMs >= SLOW_PATH_LOG_MS) {
-        logProxyTiming('request.complete', {
-          ...resolvedTrace,
-          totalMs,
-          connectMs: upstreamAssignedAt ? upstreamAssignedAt - requestStartedAt : undefined,
-          firstByteMs: firstByteAt ? firstByteAt - requestStartedAt : undefined,
-          streamMs: firstByteAt ? finishedAt - firstByteAt : undefined,
-          bytesStarted: sawUpstreamData,
-        })
-      }
-      resolve()
-    }
-
-    const failWithAnthropicError = (message) => {
-      if (settled) return
-      settled = true
-      clearTimers()
-      const failedAt = Date.now()
-      logProxyTiming('request.fail', {
-        ...resolvedTrace,
-        totalMs: failedAt - requestStartedAt,
-        connectMs: upstreamAssignedAt ? upstreamAssignedAt - requestStartedAt : undefined,
-        firstByteMs: firstByteAt ? firstByteAt - requestStartedAt : undefined,
-        bytesStarted: sawUpstreamData,
-        error: message,
-      })
-      if (forwardReq && !forwardReq.destroyed) {
-        forwardReq.destroy()
-      }
-      const error = createForwardError(400, createClientValidationErrorBody(message))
-      error.message = message
-      reject(error)
-    }
-
-    const fail = (error) => {
-      const err = error instanceof Error ? error : new Error(String(error || 'Proxy error'))
-      return failWithAnthropicError(err.message || 'Proxy error')
-    }
-
-    const armResponseTimer = () => {
-      if (settled || sawUpstreamResponse || responseTimer) return
-      responseTimer = setTimeout(() => failWithAnthropicError('upstream response timeout'), RESPONSE_TIMEOUT_MS)
-    }
-
-    const armStallTimer = () => {
-      if (settled) return
-      sawUpstreamData = true
-      clearStallTimer()
-      stallTimer = setTimeout(() => failWithAnthropicError('upstream stream stalled'), STALL_TIMEOUT_MS)
-    }
-
-    // [HolySheep fork v2.1.29 / hs22] Same UA-rewrite logic as forwardDirectHttps.
-    // Even when we go through node4:3129, the forward-proxy delivers the UA
-    // verbatim to upstream CRS; keeping claude-cli/* gets us 403.
-    // `extraHeaders` already contains bridge auth via buildAuthHeaders.
-    // `config` may be undefined here because forwardViaNodeProxy doesn't take
-    // one; use a minimal stub — cliVersion is optional.
-    const finalHeaders = {
-      ...sanitizeClaudeClientHeaders(clientReq.headers, { cliVersion: undefined }),
-      ...extraHeaders,
-      host: targetUrl.host,
-      connection: 'close',
-    }
-    // Build the forward-proxy path. CRS's per-node proxy at :3129 accepts an
-    // absolute URL as the HTTP/1.1 request target and rewrites the scheme
-    // internally. We ALWAYS send http:// in the path (even if targetUrl is
-    // https://) because:
-    //   1. node:3129 listens on plain HTTP and ignores the scheme of the
-    //      request-target — it reads `targetUrl = new URL(req.url)`,
-    //      validates hostname, and proxies upstream.
-    //   2. bun's `http.request` treats `path: 'https://...'` as a signal to
-    //      issue a CONNECT tunnel (instead of a plain absolute-URI forward
-    //      request), which silently drops the x-hs-* headers we injected
-    //      because they would only ride on the outer CONNECT, not the inner
-    //      TLS tunnel — yielding 403 'Missing bridge session headers'.
-    //      (Node's `http.request` does NOT have this behaviour; the bug is
-    //      bun-specific. Reproduced under bun 1.3.9 at AionUi's runtime.)
-    // Rewriting to http:// preserves correctness on both runtimes.
-    const forwardPath = (() => {
-      const clone = new URL(targetUrl.toString())
-      clone.protocol = 'http:'
-      return clone.toString()
-    })()
-    if (ENABLE_TIMING_LOG) {
-      const hsHeaders = Object.fromEntries(
-        Object.entries(finalHeaders).filter(([k]) => /^x-hs-/i.test(k))
-      )
-      console.error(
-        `[hs-claude-proxy] forward.headers ${JSON.stringify({
-          target: sanitizeUrl(targetUrl),
-          forwardPath,
-          node: sanitizeUrl(nodeProxyUrl),
-          hsHeaders,
-          clientHeadersKeys: Object.keys(clientReq.headers).slice(0, 20),
-        })}`
-      )
-    }
-    forwardReq = http.request({
-      host: upstream.hostname,
-      port: Number(upstream.port || 80),
-      method: clientReq.method,
-      path: forwardPath,
-      agent: false,
-      headers: finalHeaders,
-    }, (forwardRes) => {
-      sawUpstreamResponse = true
-      clearResponseTimer()
-
-      const status = forwardRes.statusCode || 502
-      if (status === 403 || status === 502 || status === 503) {
-        const chunks = []
-        forwardRes.on('data', (c) => chunks.push(c))
-        forwardRes.on('end', () => {
-          if (settled) return
-          settled = true
-          clearTimers()
-          const body = Buffer.concat(chunks).toString('utf8')
-          const error = createForwardError(status, body)
-          logProxyTiming('request.upstream_error', {
-            ...resolvedTrace,
-            status,
-            totalMs: Date.now() - requestStartedAt,
-            body: String(body || '').slice(0, 200),
-          })
-          reject(error)
-        })
-        forwardRes.on('error', fail)
-        return
-      }
-
-      upstreamAssignedAt = upstreamAssignedAt || Date.now()
-      clientRes.writeHead(status, forwardRes.headers)
-      forwardRes.on('data', () => {
-        if (!firstByteAt) {
-          firstByteAt = Date.now()
-          logProxyTiming('request.first_byte', {
-            ...resolvedTrace,
-            firstByteMs: firstByteAt - requestStartedAt,
-          })
-        }
-        armStallTimer()
-      })
-      forwardRes.once('end', () => {
-        clearStallTimer()
-        finish()
-      })
-      forwardRes.once('close', () => {
-        clearStallTimer()
-        finish()
-      })
-      forwardRes.once('error', fail)
-      forwardRes.pipe(clientRes)
-    })
-
-    forwardReq.on('socket', (socket) => {
-      upstreamAssignedAt = upstreamAssignedAt || Date.now()
-      socket.once('connect', () => {
-        upstreamAssignedAt = upstreamAssignedAt || Date.now()
-      })
-    })
-    forwardReq.setTimeout(RESPONSE_TIMEOUT_MS, () => {
-      if (!sawUpstreamResponse) failWithAnthropicError('upstream response timeout')
-    })
-    forwardReq.once('error', fail)
-    clientReq.once('aborted', () => finish())
-
-    armResponseTimer()
-    clientReq.pipe(forwardReq)
-  })
-}
-
-function createConnectTunnel(proxyUrl, target, headers) {
-  return new Promise((resolve, reject) => {
-    const upstream = new URL(proxyUrl)
-    const request = http.request({
-      host: upstream.hostname,
-      port: Number(upstream.port || 80),
-      method: 'CONNECT',
-      path: target,
-      headers,
-      agent: false,
-      timeout: 15000, // CONNECT 握手 15 秒超时
-    })
-
-    request.once('connect', (response, socket, head) => {
-      if (response.statusCode !== 200) {
-        socket.destroy()
-        return reject(new Error(`Upstream proxy CONNECT failed (HTTP ${response.statusCode})`))
-      }
-      if (head?.length) socket.unshift(head)
-      resolve(socket)
-    })
-    request.once('timeout', () => {
-      request.destroy(new Error('CONNECT tunnel handshake timeout'))
-    })
-    request.once('error', reject)
-    request.end()
-  })
-}
-
-// 等上游返回 first byte 的最大时间。
-// 这里不能默认等 5 分钟，否则上游/代理链路卡死时，用户会感觉每次下一条请求都被“挂住”。
-// 默认快速失败为 30 秒，仍可通过环境变量覆盖。
-const RESPONSE_TIMEOUT_MS = Number(process.env.HS_CLAUDE_RESPONSE_TIMEOUT_MS) || 30000
-// 上游 stream 已开始后，相邻两个 chunk 之间的最大间隔。
-const STALL_TIMEOUT_MS = Number(process.env.HS_CLAUDE_STALL_TIMEOUT_MS) || 120000
-
-function pipeWithCleanup(a, b) {
-  for (const sock of [a, b]) {
-    if (typeof sock.setKeepAlive === 'function') sock.setKeepAlive(true, 10000)
-  }
-
-  let timer = null
-  let closed = false
-  let streaming = false
-
-  const clearTimer = () => {
-    if (timer) {
-      clearTimeout(timer)
-      timer = null
-    }
-  }
-
-  const destroySocket = (sock, err) => {
-    if (!sock || sock.destroyed) return
-    if (err) sock.destroy(err)
-    else sock.destroy()
-  }
-
-  const close = (reason) => {
-    if (closed) return
-    closed = true
-    clearTimer()
-    const err = reason ? new Error(reason) : null
-    destroySocket(a, err)
-    destroySocket(b, err)
-  }
-
-  const armResponseTimer = () => {
-    if (streaming || closed || timer) return
-    timer = setTimeout(() => close('upstream response timeout'), RESPONSE_TIMEOUT_MS)
-  }
-
-  const armStallTimer = () => {
-    if (closed) return
-    streaming = true
-    clearTimer()
-    timer = setTimeout(() => close('upstream stream stalled'), STALL_TIMEOUT_MS)
-  }
-
-  b.on('data', armStallTimer)
-
-  armResponseTimer()
-  a.pipe(b)
-  b.pipe(a)
-
-  a.once('error', () => close())
-  b.once('error', () => close())
-  a.once('close', () => close())
-  b.once('close', () => close())
-}
-
-function createProcessProxyServer({ sessionId, configPath = CONFIG_PATH, allowAnthropicConnect = false }) {
-  const server = http.createServer(async (clientReq, clientRes) => {
-    const isDirect = !clientReq.url.startsWith('http')
-    if (ENABLE_TIMING_LOG) {
-      console.error(
-        `[hs-claude-proxy] incoming ${JSON.stringify({
-          method: clientReq.method,
-          url: String(clientReq.url).slice(0, 120),
-          ua: String(clientReq.headers['user-agent'] || '').slice(0, 60),
-          host: clientReq.headers.host || '',
-          isDirect,
-        })}`
-      )
-    }
-
-    // [HolySheep fork v2.1.30 / hs22b] Buffer the incoming request body ONCE
-    // so retries + direct-https fallback can re-send it. Before this, each
-    // retry called clientReq.pipe(forwardReq) on a stream that had already
-    // been consumed by the previous attempt, making the second/third/...
-    // retry (and the fallback) hit CRS with an EMPTY body — upstream
-    // responded 400 "model is required" and the user saw no reply. Only
-    // the very first (often doomed-to-ECONNREFUSED) attempt had the real
-    // body; every retry+fallback arrived empty.
-    //
-    // Buffer into memory before any forward. Typical claude-agent-acp
-    // POST bodies are 5-40 KB so this is fine. Override from wire type
-    // to Buffer so downstream functions can pipe(from body stream)
-    // multiple times by wrapping a fresh Readable each time.
-    let bufferedBody = null
-    if (clientReq.method && !['GET', 'HEAD', 'OPTIONS'].includes(clientReq.method.toUpperCase())) {
-      try {
-        const chunks = []
-        for await (const chunk of clientReq) chunks.push(chunk)
-        bufferedBody = Buffer.concat(chunks)
-      } catch (e) {
-        // client disconnected mid-read; bail out early.
-        if (!clientRes.headersSent) {
-          clientRes.writeHead(400, { 'content-type': 'text/plain' })
-          clientRes.end('client disconnected while uploading body: ' + (e && e.message))
-        }
-        return
-      }
-    }
-    // Shadow `clientReq` with a wrapper that yields a fresh Readable body
-    // stream each time `.pipe()` is called. This keeps the rest of the
-    // handler unchanged (node-proxy + direct-fallback both still use
-    // `clientReq.pipe(upstream)`).
-    const { Readable } = require('stream')
-    const makeBodyStream = () => {
-      if (bufferedBody === null) return null
-      const r = new Readable({ read() {} })
-      r.push(bufferedBody)
-      r.push(null)
-      return r
-    }
-    const originalClientReq = clientReq
-    clientReq = new Proxy(originalClientReq, {
-      get(target, prop, receiver) {
-        if (prop === 'pipe') {
-          return (dest, opts) => {
-            const s = makeBodyStream()
-            if (!s) {
-              // GET/HEAD — just end the dest
-              if (dest && typeof dest.end === 'function') dest.end()
-              return dest
-            }
-            return s.pipe(dest, opts)
-          }
-        }
-        return Reflect.get(target, prop, receiver)
-      },
-    })
-
-    const doForward = async (lease, attempt) => {
-      const config = readConfig(configPath)
-      const nodeProxyUrl = deriveNodeProxyUrl(lease)
-
-      // [HolySheep fork v2.1.34 / hs23] nodeProxyUrl===null means the control
-      // plane signalled this node has no process proxy (sub2api nodes).
-      // Skip node-proxy entirely and go straight to direct-https. This avoids
-      // the ECONNREFUSED → retry × MAX_PROXY_RETRIES delay that was burning
-      // ~5 s before falling back.
-      if (nodeProxyUrl === null) {
-        logProxyTiming('request.direct-noproxy', { sessionId, nodeId: lease.nodeId || '', attempt })
-        return forwardDirectHttps({ config, lease, clientReq, clientRes, trace: null })
-      }
-
-      if (isDirect) {
-        const crsBase = config.baseUrlAnthropic || 'https://api.holysheep.ai'
-        const target = new URL(clientReq.url, crsBase)
-        return forwardViaNodeProxy({
-          nodeProxyUrl,
-          targetUrl: target,
-          clientReq,
-          clientRes,
-          extraHeaders: buildAuthHeaders(config, lease),
-          trace: createForwardTrace({
-            clientReq,
-            targetUrl: target,
-            nodeProxyUrl,
-            sessionId,
-            lease,
-            attempt,
-            isDirect,
-          }),
-        })
-      }
-
-      const targetUrl = new URL(clientReq.url)
-      const headers = {
-        ...buildAuthHeaders(config, lease),
-        host: targetUrl.host,
-      }
-      return forwardViaNodeProxy({
-        nodeProxyUrl,
-        targetUrl,
-        clientReq,
-        clientRes,
-        extraHeaders: headers,
-        trace: createForwardTrace({
-          clientReq,
-          targetUrl,
-          nodeProxyUrl,
-          sessionId,
-          lease,
-          attempt,
-          isDirect,
-        }),
-      })
-    }
-
-    let lastError = null
-    for (let attempt = 0; attempt <= MAX_PROXY_RETRIES; attempt++) {
-      try {
-        if (attempt === 0) {
-          await doForward(getCachedLease(sessionId), attempt)
-        } else {
-          const config = readConfig(configPath)
-          const prevLease = (() => { try { return leaseCache.get(sessionId) } catch { return null } })()
-          const forceReassign = shouldRefreshLeaseAfterError(lastError)
-          const retryReason = String(lastError?.body || lastError?.message || '').slice(0, 120)
-          // [HolySheep fork v2.1.36 / hs24] Emit structured breadcrumb so we
-          // can see whether the retry stayed on same node (sticky) or forced
-          // reassign. Previously invisible — made diagnosing node-bounce hard.
-          if (forceReassign) {
-            console.error(`[hs-claude-proxy] lease.force-reassign ${JSON.stringify({
-              sessionId, nodeId: prevLease?.nodeId || '', attempt, reason: retryReason,
-            })}`)
-          } else {
-            console.error(`[hs-claude-proxy] lease.sticky-hit ${JSON.stringify({
-              sessionId, nodeId: prevLease?.nodeId || '', attempt, retryReason,
-            })}`)
-          }
-          leaseCache.delete(sessionId)
-          if (forceReassign) {
-            await closeSession(configPath, sessionId)
-          }
-          const freshLease = await fetchFreshLease(config, sessionId, {
-            forceReassign,
-          })
-          await doForward(freshLease, attempt)
-        }
-        lastError = null
-        break
-      } catch (err) {
-        lastError = err
-        logProxyTiming('request.retry', {
-          sessionId,
-          attempt,
-          error: String(err?.message || err),
-          retryable: isRetryableNodeLeaseError(err),
-          forceReassign: shouldRefreshLeaseAfterError(err),
-        })
-        if (clientRes.headersSent) return
-        if (!isRetryableNodeLeaseError(err) && attempt > 0) break
-      }
-    }
-    // [HolySheep fork v2.1.27 / hs20] Direct HTTPS fallback.
-    // If EVERY node-proxy retry failed with a connection-level error
-    // (ECONNREFUSED, EHOSTUNREACH, ETIMEDOUT, or a generic "Proxy error"
-    // mentioning ECONNREFUSED in the body), fall back to a direct HTTPS
-    // POST against api.holysheep.ai. The relay on that side recognises
-    // bridge headers + cr_ keys and forwards to an account pool even when
-    // the per-device assigned node is dead. Keeps users productive while
-    // SRE re-balances nodes.
-    if (lastError && !clientRes.headersSent) {
-      const msg = String(lastError?.message || lastError?.body || '')
-      const isConnectionLevel = /ECONNREFUSED|EHOSTUNREACH|ETIMEDOUT|ENETUNREACH|connect/i.test(msg)
-      if (isConnectionLevel) {
-        try {
-          const config = readConfig(configPath)
-          const lease = getCachedLease(sessionId) || await fetchFreshLease(config, sessionId, {})
-          logProxyTiming('request.direct-fallback', {
-            sessionId,
-            originalError: msg.slice(0, 160),
-          })
-          await forwardDirectHttps({ config, lease, clientReq, clientRes, trace: null })
-          lastError = null
-        } catch (fallbackErr) {
-          lastError = fallbackErr
-          logProxyTiming('request.direct-fallback.fail', {
-            sessionId,
-            error: String(fallbackErr?.message || fallbackErr),
-          })
-        }
-      }
-    }
-    if (lastError && !clientRes.headersSent) {
-      const status = Number(lastError.statusCode || 502)
-      const body = String(lastError.body || lastError.message || 'Proxy error')
-      const isJson = body.trim().startsWith('{')
-      clientRes.writeHead(status, {
-        'content-type': isJson ? 'application/json; charset=utf-8' : 'text/plain; charset=utf-8'
-      })
-      clientRes.end(body)
-    }
-  })
-
-  // Hosts that must NOT be tunneled directly — they must go through CRS via
-  // the HTTP path (ANTHROPIC_BASE_URL), not a CONNECT tunnel that bypasses it.
-  const BLOCKED_CONNECT = allowAnthropicConnect ? new Set() : new Set(['api.anthropic.com'])
-
-  server.on('connect', async (req, clientSocket, head) => {
-    const target = String(req.url || '').trim()
-    if (ENABLE_TIMING_LOG) {
-      console.error(
-        `[hs-claude-proxy] incoming.CONNECT ${JSON.stringify({
-          target: target.slice(0, 120),
-          ua: String(req.headers['user-agent'] || '').slice(0, 60),
-          headers: Object.keys(req.headers).slice(0, 20),
-        })}`
-      )
-    }
-    const [host, rawPort] = target.split(':')
-    const port = Number(rawPort || 443)
-    if (!host || !Number.isInteger(port) || ![80, 443].includes(port)) {
-      clientSocket.write('HTTP/1.1 403 Forbidden\r\n\r\n')
-      return clientSocket.destroy()
-    }
-
-    if (BLOCKED_CONNECT.has(host)) {
-      // Block direct CONNECT tunnels to Anthropic — traffic must go through
-      // ANTHROPIC_BASE_URL so CRS can apply multi-account scheduling.
-      clientSocket.write('HTTP/1.1 403 Forbidden\r\ncontent-type: text/plain; charset=utf-8\r\n\r\nDirect tunnel to api.anthropic.com is blocked; use ANTHROPIC_BASE_URL path')
-      return clientSocket.destroy()
-    }
-
-    const doConnect = async (lease) => {
-      const nodeProxyUrl = deriveNodeProxyUrl(lease)
-      // [HolySheep fork v2.1.34 / hs23] No process proxy on this node (sub2api).
-      // CONNECT tunnels go directly to the target host — no bridge headers needed.
-      if (nodeProxyUrl === null) {
-        logProxyTiming('connect.direct-noproxy', { sessionId, nodeId: lease.nodeId || '', target })
-        const upstreamSocket = await new Promise((resolve, reject) => {
-          const sock = net.connect(port, host, () => resolve(sock))
-          sock.once('error', reject)
-          sock.setTimeout(15000, () => sock.destroy(new Error('CONNECT direct tunnel timeout')))
-        })
-        clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n')
-        if (head?.length) upstreamSocket.write(head)
-        pipeWithCleanup(clientSocket, upstreamSocket)
-        return
-      }
-      const upstreamSocket = await createConnectTunnel(
-        nodeProxyUrl,
-        target,
-        buildAuthHeaders(readConfig(configPath), lease)
-      )
-      clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n')
-      if (head?.length) upstreamSocket.write(head)
-      pipeWithCleanup(clientSocket, upstreamSocket)
-    }
-
-    let lastError = null
-    for (let attempt = 0; attempt <= MAX_PROXY_RETRIES; attempt++) {
-      try {
-        if (attempt === 0) {
-          await doConnect(getCachedLease(sessionId))
-        } else {
-          const config = readConfig(configPath)
-          const prevLease = (() => { try { return leaseCache.get(sessionId) } catch { return null } })()
-          const forceReassign = shouldRefreshLeaseAfterError(lastError)
-          const retryReason = String(lastError?.body || lastError?.message || '').slice(0, 120)
-          // [HolySheep fork v2.1.36 / hs24] Same breadcrumb as HTTP retry loop.
-          if (forceReassign) {
-            console.error(`[hs-claude-proxy] lease.force-reassign ${JSON.stringify({
-              sessionId, nodeId: prevLease?.nodeId || '', attempt, reason: retryReason, path: 'CONNECT',
-            })}`)
-          } else {
-            console.error(`[hs-claude-proxy] lease.sticky-hit ${JSON.stringify({
-              sessionId, nodeId: prevLease?.nodeId || '', attempt, retryReason, path: 'CONNECT',
-            })}`)
-          }
-          leaseCache.delete(sessionId)
-          if (forceReassign) {
-            await closeSession(configPath, sessionId)
-          }
-          const freshLease = await fetchFreshLease(config, sessionId, {
-            forceReassign,
-          })
-          await doConnect(freshLease)
-        }
-        lastError = null
-        break
-      } catch (err) {
-        lastError = err
-        if (!isRetryableNodeLeaseError(err) && attempt > 0) break
-      }
-    }
-    if (lastError) {
-      const status = Number(lastError.statusCode || 502)
-      const body = String(lastError.body || lastError.message || 'Proxy error')
-      const statusText = status === 403 ? 'Forbidden' : status === 503 ? 'Service Unavailable' : 'Bad Gateway'
-      const contentType = body.trim().startsWith('{')
-        ? 'application/json; charset=utf-8'
-        : 'text/plain; charset=utf-8'
-      clientSocket.write(`HTTP/1.1 ${status} ${statusText}\r\ncontent-type: ${contentType}\r\n\r\n${body}`)
-      clientSocket.destroy()
-    }
-  })
-
-  return server
-}
-
-async function startProcessProxy({ port = null, sessionId = null, configPath = CONFIG_PATH, allowAnthropicConnect = false } = {}) {
-  const config = readConfig(configPath)
-  const preferredPort = port || getProcessProxyPort(config)
-  const effectiveSessionId = sessionId || crypto.randomUUID()
-
-  // 启动时拿一次 lease，之后靠被动重试维持，不再主动续约
-  await fetchFreshLease(config, effectiveSessionId)
-
-  const server = createProcessProxyServer({ sessionId: effectiveSessionId, configPath, allowAnthropicConnect })
-
-  return new Promise((resolve, reject) => {
-    const tryListen = (p) => {
-      server.once('error', (err) => {
-        if (err.code === 'EADDRINUSE') {
-          server.once('error', reject)
-          server.listen(0, '127.0.0.1')
-        } else {
-          reject(err)
-        }
-      })
-      server.once('listening', () => {
-        resolve({ server, port: server.address().port, sessionId: effectiveSessionId })
-      })
-      server.listen(p, '127.0.0.1')
-    }
-    tryListen(preferredPort)
-  })
-}
-
-async function closeSession(configPath, sessionId) {
-  if (!sessionId) return
-  const config = readConfig(configPath)
-  const controlPlaneUrl = getControlPlaneUrl(config)
-  if (!controlPlaneUrl) {
-    logProxyTiming('lease.close', { sessionId, skipped: 'no-control-plane' })
-    return
-  }
-  const startedAt = Date.now()
-  let status = 'unknown'
-  try {
-    const response = await fetch(`${controlPlaneUrl}/session/close`, {
-      method: 'POST',
-      headers: { 'content-type': 'application/json' },
-      body: JSON.stringify({ sessionId }),
-    })
-    status = response.ok ? 'ok' : `http_${response.status}`
-  } catch (err) {
-    status = `err_${err.name || 'unknown'}`
-  }
-  // Always log lease.close — unlike other events this isn't slow-path-gated
-  // because lease leaks silently accumulate on CRS, making it critical to
-  // observe every release attempt.
-  console.error(
-    `[hs-claude-proxy] lease.close ${JSON.stringify({
-      sessionId,
-      status,
-      durationMs: Date.now() - startedAt,
-    })}`
-  )
-}
-
-module.exports = {
-  CONFIG_PATH,
-  DEFAULT_PROXY_PORT,
-  closeSession,
-  getLocalProxyUrl,
-  getProcessProxyPort,
-  getControlPlaneUrl,
-  readConfig,
-  startProcessProxy,
-  writeConfig,
-}