peep-proxy 0.1.0

package/dist/hooks/useSorting.js

@@ -0,0 +1,71 @@
+import { useInput } from "ink";
+import { useCallback, useMemo, useState } from "react";
+function getResponseSize(entry) {
+    if (entry.state === "pending" || !entry.response)
+        return null;
+    return entry.response.body.length;
+}
+function compareEntries(a, b, column) {
+    switch (column) {
+        case "id":
+            return a.seq - b.seq;
+        case "method":
+            return a.request.method.localeCompare(b.request.method);
+        case "url":
+            return a.request.path.localeCompare(b.request.path);
+        case "status": {
+            const aCode = a.response?.statusCode ?? Number.MAX_SAFE_INTEGER;
+            const bCode = b.response?.statusCode ?? Number.MAX_SAFE_INTEGER;
+            return aCode - bCode;
+        }
+        case "duration": {
+            const aDur = a.response?.duration ?? Number.MAX_SAFE_INTEGER;
+            const bDur = b.response?.duration ?? Number.MAX_SAFE_INTEGER;
+            return aDur - bDur;
+        }
+        case "size": {
+            const aSize = getResponseSize(a) ?? Number.MAX_SAFE_INTEGER;
+            const bSize = getResponseSize(b) ?? Number.MAX_SAFE_INTEGER;
+            return aSize - bSize;
+        }
+    }
+}
+export function useSorting({ entries, isActive = true }) {
+    const [sortConfig, setSortConfig] = useState(null);
+    const [modalOpen, setModalOpen] = useState(false);
+    const selectColumn = useCallback((column) => {
+        setSortConfig((prev) => {
+            if (prev?.column === column) {
+                return {
+                    column,
+                    direction: prev.direction === "asc" ? "desc" : "asc",
+                };
+            }
+            return { column, direction: "asc" };
+        });
+        setModalOpen(false);
+    }, []);
+    const closeModal = useCallback(() => {
+        setModalOpen(false);
+    }, []);
+    useInput((input) => {
+        if (modalOpen)
+            return;
+        if (input === "s") {
+            setModalOpen(true);
+            return;
+        }
+        if (input === "S") {
+            setSortConfig(null);
+        }
+    }, { isActive });
+    const sortedEntries = useMemo(() => {
+        const config = sortConfig ?? {
+            column: "id",
+            direction: "desc",
+        };
+        const multiplier = config.direction === "asc" ? 1 : -1;
+        return [...entries].sort((a, b) => multiplier * compareEntries(a, b, config.column));
+    }, [entries, sortConfig]);
+    return { sortedEntries, sortConfig, modalOpen, selectColumn, closeModal };
+}

package/dist/hooks/useTerminalDimensions.d.ts

@@ -0,0 +1,6 @@
+type Dimensions = {
+    columns: number;
+    rows: number;
+};
+export declare function useTerminalDimensions(): Dimensions;
+export {};

package/dist/hooks/useTerminalDimensions.js

@@ -0,0 +1,25 @@
+import { useStdout } from "ink";
+import { useEffect, useState } from "react";
+const FALLBACK = { columns: 80, rows: 24 };
+export function useTerminalDimensions() {
+    const { stdout } = useStdout();
+    const [dimensions, setDimensions] = useState(() => ({
+        columns: stdout?.columns ?? FALLBACK.columns,
+        rows: stdout?.rows ?? FALLBACK.rows,
+    }));
+    useEffect(() => {
+        if (!stdout)
+            return;
+        const onResize = () => {
+            setDimensions({
+                columns: stdout.columns,
+                rows: stdout.rows,
+            });
+        };
+        stdout.on("resize", onResize);
+        return () => {
+            stdout.off("resize", onResize);
+        };
+    }, [stdout]);
+    return dimensions;
+}

package/dist/hooks/useTrafficEntries.d.ts

@@ -0,0 +1,2 @@
+import type { TrafficEntry, TrafficStore } from "../store/index.js";
+export declare function useTrafficEntries(store: TrafficStore): TrafficEntry[];

package/dist/hooks/useTrafficEntries.js

@@ -0,0 +1,16 @@
+import { useEffect, useState } from "react";
+export function useTrafficEntries(store) {
+    const [entries, setEntries] = useState(() => store.entries);
+    useEffect(() => {
+        const refresh = () => setEntries(store.entries);
+        store.on("add", refresh);
+        store.on("update", refresh);
+        store.on("clear", refresh);
+        return () => {
+            store.off("add", refresh);
+            store.off("update", refresh);
+            store.off("clear", refresh);
+        };
+    }, [store]);
+    return entries;
+}

package/dist/proxy/ca.d.ts

@@ -0,0 +1,4 @@
+import type { CaConfig } from "./types.js";
+export declare function generateCA(): CaConfig;
+export declare function loadOrCreateCA(dir: string): Promise<CaConfig>;
+export declare function generateHostCert(host: string, ca: CaConfig): CaConfig;

package/dist/proxy/ca.js

@@ -0,0 +1,72 @@
+import * as fs from "node:fs/promises";
+import * as path from "node:path";
+import forge from "node-forge";
+export function generateCA() {
+    const keys = forge.pki.rsa.generateKeyPair(2048);
+    const cert = forge.pki.createCertificate();
+    cert.publicKey = keys.publicKey;
+    cert.serialNumber = "01";
+    cert.validity.notBefore = new Date();
+    cert.validity.notAfter = new Date();
+    cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 10);
+    const attrs = [{ name: "commonName", value: "Peep Proxy CA" }];
+    cert.setSubject(attrs);
+    cert.setIssuer(attrs);
+    cert.setExtensions([
+        { name: "basicConstraints", cA: true },
+        {
+            name: "keyUsage",
+            keyCertSign: true,
+            cRLSign: true,
+        },
+    ]);
+    cert.sign(keys.privateKey, forge.md.sha256.create());
+    return {
+        certPem: forge.pki.certificateToPem(cert),
+        keyPem: forge.pki.privateKeyToPem(keys.privateKey),
+    };
+}
+export async function loadOrCreateCA(dir) {
+    const certPath = path.join(dir, "ca-cert.pem");
+    const keyPath = path.join(dir, "ca-key.pem");
+    try {
+        const [certPem, keyPem] = await Promise.all([
+            fs.readFile(certPath, "utf-8"),
+            fs.readFile(keyPath, "utf-8"),
+        ]);
+        return { certPem, keyPem };
+    }
+    catch {
+        await fs.mkdir(dir, { recursive: true });
+        const ca = generateCA();
+        await Promise.all([
+            fs.writeFile(certPath, ca.certPem),
+            fs.writeFile(keyPath, ca.keyPem),
+        ]);
+        return ca;
+    }
+}
+export function generateHostCert(host, ca) {
+    const caCert = forge.pki.certificateFromPem(ca.certPem);
+    const caKey = forge.pki.privateKeyFromPem(ca.keyPem);
+    const keys = forge.pki.rsa.generateKeyPair(2048);
+    const cert = forge.pki.createCertificate();
+    cert.publicKey = keys.publicKey;
+    cert.serialNumber = forge.util.bytesToHex(forge.random.getBytesSync(16));
+    cert.validity.notBefore = new Date();
+    cert.validity.notAfter = new Date();
+    cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
+    cert.setSubject([{ name: "commonName", value: host }]);
+    cert.setIssuer(caCert.subject.attributes);
+    cert.setExtensions([
+        {
+            name: "subjectAltName",
+            altNames: [{ type: 2, value: host }],
+        },
+    ]);
+    cert.sign(caKey, forge.md.sha256.create());
+    return {
+        certPem: forge.pki.certificateToPem(cert),
+        keyPem: forge.pki.privateKeyToPem(keys.privateKey),
+    };
+}

package/dist/proxy/cert-trust.d.ts

@@ -0,0 +1,20 @@
+export declare function isCaTrusted(certPemPath: string): boolean;
+export declare function trustCa(certPemPath: string): boolean;
+export declare function findNssProfiles(): string[];
+export declare function isNssTrusted(): boolean;
+export type NssTrustResult = {
+    status: "no-profiles";
+} | {
+    status: "ok";
+    count: number;
+} | {
+    status: "no-certutil";
+    hasBrew: boolean;
+} | {
+    status: "install-failed";
+} | {
+    status: "partial";
+    trusted: number;
+    total: number;
+};
+export declare function trustNssStores(certPemPath: string): NssTrustResult;

package/dist/proxy/cert-trust.js

@@ -0,0 +1,181 @@
+import { execFileSync, spawnSync } from "node:child_process";
+import { existsSync, readdirSync } from "node:fs";
+import { homedir, platform } from "node:os";
+import { join } from "node:path";
+export function isCaTrusted(certPemPath) {
+    if (platform() === "darwin") {
+        try {
+            execFileSync("security", ["verify-cert", "-c", certPemPath, "-l", "-L", "-q"], { stdio: "pipe" });
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    if (platform() === "linux") {
+        return [
+            "/etc/pki/ca-trust/source/anchors/peep.pem",
+            "/usr/local/share/ca-certificates/peep.crt",
+            "/etc/ca-certificates/trust-source/anchors/peep.crt",
+            "/usr/share/pki/trust/anchors/peep.pem",
+        ].some((p) => existsSync(p));
+    }
+    return false;
+}
+export function trustCa(certPemPath) {
+    if (platform() === "darwin") {
+        const result = spawnSync("sudo", [
+            "--prompt=Password: ",
+            "--",
+            "security",
+            "add-trusted-cert",
+            "-d",
+            "-r",
+            "trustRoot",
+            "-k",
+            "/Library/Keychains/System.keychain",
+            certPemPath,
+        ], { stdio: "inherit" });
+        return result.status === 0;
+    }
+    if (platform() === "linux") {
+        let trustFile;
+        let updateCmd;
+        if (existsSync("/etc/pki/ca-trust/source/anchors/")) {
+            trustFile = "/etc/pki/ca-trust/source/anchors/peep.pem";
+            updateCmd = ["update-ca-trust", "extract"];
+        }
+        else if (existsSync("/usr/local/share/ca-certificates/")) {
+            trustFile = "/usr/local/share/ca-certificates/peep.crt";
+            updateCmd = ["update-ca-certificates"];
+        }
+        else {
+            return false;
+        }
+        const cp = spawnSync("sudo", ["--prompt=Password: ", "--", "cp", certPemPath, trustFile], { stdio: "inherit" });
+        if (cp.status !== 0)
+            return false;
+        const update = spawnSync("sudo", ["--prompt=Password: ", "--", ...updateCmd], { stdio: "inherit" });
+        return update.status === 0;
+    }
+    return false;
+}
+function findCertutil() {
+    try {
+        return execFileSync("which", ["certutil"], { stdio: "pipe" })
+            .toString()
+            .trim();
+    }
+    catch { }
+    if (platform() === "darwin") {
+        const cellarBin = "/opt/homebrew/opt/nss/bin/certutil";
+        if (existsSync(cellarBin))
+            return cellarBin;
+        const intelBin = "/usr/local/opt/nss/bin/certutil";
+        if (existsSync(intelBin))
+            return intelBin;
+    }
+    return null;
+}
+function hasHomebrew() {
+    try {
+        execFileSync("which", ["brew"], { stdio: "pipe" });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function installNssViaHomebrew() {
+    if (platform() !== "darwin" || !hasHomebrew())
+        return false;
+    process.stderr.write("Installing nss (needed for Firefox/Zen certificate trust)...\n");
+    const result = spawnSync("brew", ["install", "nss"], {
+        stdio: "inherit",
+        env: { ...process.env, HOMEBREW_NO_AUTO_UPDATE: "1" },
+    });
+    return result.status === 0;
+}
+export function findNssProfiles() {
+    const profiles = [];
+    const home = homedir();
+    const browserDirs = platform() === "darwin"
+        ? [
+            join(home, "Library/Application Support/Firefox/Profiles"),
+            join(home, "Library/Application Support/zen/Profiles"),
+        ]
+        : [join(home, ".mozilla/firefox"), join(home, ".zen")];
+    for (const dir of browserDirs) {
+        if (!existsSync(dir))
+            continue;
+        try {
+            for (const entry of readdirSync(dir, { withFileTypes: true })) {
+                if (!entry.isDirectory())
+                    continue;
+                const certDb = join(dir, entry.name, "cert9.db");
+                if (existsSync(certDb)) {
+                    profiles.push(join(dir, entry.name));
+                }
+            }
+        }
+        catch { }
+    }
+    return profiles;
+}
+export function isNssTrusted() {
+    const profiles = findNssProfiles();
+    if (profiles.length === 0)
+        return true;
+    const certutil = findCertutil();
+    if (!certutil)
+        return false;
+    return profiles.every((profile) => {
+        try {
+            execFileSync(certutil, ["-L", "-d", `sql:${profile}`, "-n", "Peep Proxy CA"], { stdio: "pipe" });
+            return true;
+        }
+        catch {
+            return false;
+        }
+    });
+}
+export function trustNssStores(certPemPath) {
+    const profiles = findNssProfiles();
+    if (profiles.length === 0)
+        return { status: "no-profiles" };
+    let certutil = findCertutil();
+    if (!certutil) {
+        if (!hasHomebrew()) {
+            return { status: "no-certutil", hasBrew: false };
+        }
+        if (!installNssViaHomebrew()) {
+            return { status: "install-failed" };
+        }
+        certutil = findCertutil();
+        if (!certutil) {
+            return { status: "install-failed" };
+        }
+    }
+    let trusted = 0;
+    for (const profile of profiles) {
+        try {
+            execFileSync(certutil, [
+                "-A",
+                "-d",
+                `sql:${profile}`,
+                "-t",
+                "CT,,",
+                "-n",
+                "Peep Proxy CA",
+                "-i",
+                certPemPath,
+            ], { stdio: "pipe" });
+            trusted++;
+        }
+        catch { }
+    }
+    if (trusted === profiles.length) {
+        return { status: "ok", count: trusted };
+    }
+    return { status: "partial", trusted, total: profiles.length };
+}

package/dist/proxy/index.d.ts

@@ -0,0 +1,3 @@
+export { ProxyServer } from "./proxy-server.js";
+export { loadOrCreateCA } from "./ca.js";
+export type { CaConfig, ProxyConfig, ProxyConnectEvent, ProxyErrorEvent, ProxyEventMap, ProxyRequestEvent, ProxyResponseEvent, RequestId, } from "./types.js";

package/dist/proxy/index.js

@@ -0,0 +1,2 @@
+export { ProxyServer } from "./proxy-server.js";
+export { loadOrCreateCA } from "./ca.js";

package/dist/proxy/proxy-server.d.ts

@@ -0,0 +1,9 @@
+import type { ProxyConfig, ProxyEventMap } from "./types.js";
+export declare class ProxyServer {
+    #private;
+    constructor(config: ProxyConfig);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    on<K extends keyof ProxyEventMap>(event: K, listener: (...args: ProxyEventMap[K]) => void): void;
+    off<K extends keyof ProxyEventMap>(event: K, listener: (...args: ProxyEventMap[K]) => void): void;
+}