push.rocks/smartproxy
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(rustproxy): introduce a Rust-powered proxy engine and workspace with core crates for proxy functionality, ACME/TLS support, passthrough and HTTP proxies, metrics, nftables integration, routing/security, management IPC, tests, and README updates

Browse Source
This commit is contained in:
Jürgen Kunz
2026-02-09 10:55:46 +00:00
parent a31fee41df
commit 1df3b7af4a
151 changed files with 16927 additions and 19432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

218
test/test.acme-route-creation.ts
View File

@@ -1,218 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as plugins from '../ts/plugins.js';
/**
* Test that verifies ACME challenge routes are properly created
*/
tap.test('should create ACME challenge route', async (tools) => {
tools.timeout(5000);
// Create a challenge route manually to test its structure
const challengeRoute = {
name: 'acme-challenge',
priority: 1000,
match: {
ports: 18080,
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'socket-handler' as const,
socketHandler: (socket: any, context: any) => {
socket.once('data', (data: Buffer) => {
const request = data.toString();
const lines = request.split('\r\n');
const [method, path] = lines[0].split(' ');
const token = path?.split('/').pop() || '';
const response = [
'HTTP/1.1 200 OK',
'Content-Type: text/plain',
`Content-Length: ${token.length}`,
'Connection: close',
'',
token
].join('\r\n');
socket.write(response);
socket.end();
});
}
}
};
// Test that the challenge route has the correct structure
expect(challengeRoute).toBeDefined();
expect(challengeRoute.match.path).toEqual('/.well-known/acme-challenge/*');
expect(challengeRoute.match.ports).toEqual(18080);
expect(challengeRoute.action.type).toEqual('socket-handler');
expect(challengeRoute.priority).toEqual(1000);
// Create a proxy with the challenge route
const settings = {
routes: [
{
name: 'secure-route',
match: {
ports: [18443],
domains: 'test.local'
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: 8080 }]
}
},
challengeRoute
]
};
const proxy = new SmartProxy(settings);
// Mock NFTables manager
(proxy as any).nftablesManager = {
ensureNFTablesSetup: async () => {},
stop: async () => {}
};
// Mock certificate manager to prevent real ACME initialization
(proxy as any).createCertificateManager = async function() {
return {
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {},
provisionAllCertificates: async () => {},
stop: async () => {},
getAcmeOptions: () => ({}),
getState: () => ({ challengeRouteActive: false })
};
};
await proxy.start();
// Verify the challenge route is in the proxy's routes
const proxyRoutes = proxy.routeManager.getRoutes();
const foundChallengeRoute = proxyRoutes.find((r: any) => r.name === 'acme-challenge');
expect(foundChallengeRoute).toBeDefined();
expect(foundChallengeRoute?.match.path).toEqual('/.well-known/acme-challenge/*');
await proxy.stop();
});
tap.test('should handle HTTP request parsing correctly', async (tools) => {
tools.timeout(5000);
let handlerCalled = false;
let receivedContext: any;
let parsedRequest: any = {};
const settings = {
routes: [
{
name: 'test-static',
match: {
ports: [18090],
path: '/test/*'
},
action: {
type: 'socket-handler' as const,
socketHandler: (socket, context) => {
handlerCalled = true;
receivedContext = context;
// Parse HTTP request from socket
socket.once('data', (data) => {
const request = data.toString();
const lines = request.split('\r\n');
const [method, path, protocol] = lines[0].split(' ');
// Parse headers
const headers: any = {};
for (let i = 1; i < lines.length; i++) {
if (lines[i] === '') break;
const [key, value] = lines[i].split(': ');
if (key && value) {
headers[key.toLowerCase()] = value;
}
}
// Store parsed request data
parsedRequest = { method, path, headers };
// Send HTTP response
const response = [
'HTTP/1.1 200 OK',
'Content-Type: text/plain',
'Content-Length: 2',
'Connection: close',
'',
'OK'
].join('\r\n');
socket.write(response);
socket.end();
});
}
}
}
]
};
const proxy = new SmartProxy(settings);
// Mock NFTables manager
(proxy as any).nftablesManager = {
ensureNFTablesSetup: async () => {},
stop: async () => {}
};
await proxy.start();
// Create a simple HTTP request
const client = new plugins.net.Socket();
await new Promise<void>((resolve, reject) => {
client.connect(18090, 'localhost', () => {
// Send HTTP request
const request = [
'GET /test/example HTTP/1.1',
'Host: localhost:18090',
'User-Agent: test-client',
'',
''
].join('\r\n');
client.write(request);
// Wait for response
client.on('data', (data) => {
const response = data.toString();
expect(response).toContain('HTTP/1.1 200');
expect(response).toContain('OK');
client.end();
resolve();
});
});
client.on('error', reject);
});
// Verify handler was called
expect(handlerCalled).toBeTrue();
expect(receivedContext).toBeDefined();
// The context passed to socket handlers is IRouteContext, not HTTP request data
expect(receivedContext.port).toEqual(18090);
expect(receivedContext.routeName).toEqual('test-static');
// Verify the parsed HTTP request data
expect(parsedRequest.path).toEqual('/test/example');
expect(parsedRequest.method).toEqual('GET');
expect(parsedRequest.headers.host).toEqual('localhost:18090');
await proxy.stop();
});
export default tap.start();

188
test/test.acme-state-manager.node.ts
View File

@@ -1,188 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { AcmeStateManager } from '../ts/proxies/smart-proxy/acme-state-manager.js';
import type { IRouteConfig } from '../ts/proxies/smart-proxy/models/route-types.js';
tap.test('AcmeStateManager should track challenge routes correctly', async (tools) => {
const stateManager = new AcmeStateManager();
const challengeRoute: IRouteConfig = {
name: 'acme-challenge',
priority: 1000,
match: {
ports: 80,
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'socket-handler',
socketHandler: async (socket, context) => {
// Mock handler that would write the challenge response
socket.end('challenge response');
}
}
};
// Initially no challenge routes
expect(stateManager.isChallengeRouteActive()).toBeFalse();
expect(stateManager.getActiveChallengeRoutes()).toEqual([]);
// Add challenge route
stateManager.addChallengeRoute(challengeRoute);
expect(stateManager.isChallengeRouteActive()).toBeTrue();
expect(stateManager.getActiveChallengeRoutes()).toHaveProperty("length", 1);
expect(stateManager.getPrimaryChallengeRoute()).toEqual(challengeRoute);
// Remove challenge route
stateManager.removeChallengeRoute('acme-challenge');
expect(stateManager.isChallengeRouteActive()).toBeFalse();
expect(stateManager.getActiveChallengeRoutes()).toEqual([]);
expect(stateManager.getPrimaryChallengeRoute()).toBeNull();
});
tap.test('AcmeStateManager should track port allocations', async (tools) => {
const stateManager = new AcmeStateManager();
const challengeRoute1: IRouteConfig = {
name: 'acme-challenge-1',
priority: 1000,
match: {
ports: 80,
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'socket-handler'
}
};
const challengeRoute2: IRouteConfig = {
name: 'acme-challenge-2',
priority: 900,
match: {
ports: [80, 8080],
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'socket-handler'
}
};
// Add first route
stateManager.addChallengeRoute(challengeRoute1);
expect(stateManager.isPortAllocatedForAcme(80)).toBeTrue();
expect(stateManager.isPortAllocatedForAcme(8080)).toBeFalse();
expect(stateManager.getAcmePorts()).toEqual([80]);
// Add second route
stateManager.addChallengeRoute(challengeRoute2);
expect(stateManager.isPortAllocatedForAcme(80)).toBeTrue();
expect(stateManager.isPortAllocatedForAcme(8080)).toBeTrue();
expect(stateManager.getAcmePorts()).toContain(80);
expect(stateManager.getAcmePorts()).toContain(8080);
// Remove first route - port 80 should still be allocated
stateManager.removeChallengeRoute('acme-challenge-1');
expect(stateManager.isPortAllocatedForAcme(80)).toBeTrue();
expect(stateManager.isPortAllocatedForAcme(8080)).toBeTrue();
// Remove second route - all ports should be deallocated
stateManager.removeChallengeRoute('acme-challenge-2');
expect(stateManager.isPortAllocatedForAcme(80)).toBeFalse();
expect(stateManager.isPortAllocatedForAcme(8080)).toBeFalse();
expect(stateManager.getAcmePorts()).toEqual([]);
});
tap.test('AcmeStateManager should select primary route by priority', async (tools) => {
const stateManager = new AcmeStateManager();
const lowPriorityRoute: IRouteConfig = {
name: 'low-priority',
priority: 100,
match: {
ports: 80
},
action: {
type: 'socket-handler'
}
};
const highPriorityRoute: IRouteConfig = {
name: 'high-priority',
priority: 2000,
match: {
ports: 80
},
action: {
type: 'socket-handler'
}
};
const defaultPriorityRoute: IRouteConfig = {
name: 'default-priority',
// No priority specified - should default to 0
match: {
ports: 80
},
action: {
type: 'socket-handler'
}
};
// Add low priority first
stateManager.addChallengeRoute(lowPriorityRoute);
expect(stateManager.getPrimaryChallengeRoute()?.name).toEqual('low-priority');
// Add high priority - should become primary
stateManager.addChallengeRoute(highPriorityRoute);
expect(stateManager.getPrimaryChallengeRoute()?.name).toEqual('high-priority');
// Add default priority - primary should remain high priority
stateManager.addChallengeRoute(defaultPriorityRoute);
expect(stateManager.getPrimaryChallengeRoute()?.name).toEqual('high-priority');
// Remove high priority - primary should fall back to low priority
stateManager.removeChallengeRoute('high-priority');
expect(stateManager.getPrimaryChallengeRoute()?.name).toEqual('low-priority');
});
tap.test('AcmeStateManager should handle clear operation', async (tools) => {
const stateManager = new AcmeStateManager();
const challengeRoute1: IRouteConfig = {
name: 'route-1',
match: {
ports: [80, 443]
},
action: {
type: 'socket-handler'
}
};
const challengeRoute2: IRouteConfig = {
name: 'route-2',
match: {
ports: 8080
},
action: {
type: 'socket-handler'
}
};
// Add routes
stateManager.addChallengeRoute(challengeRoute1);
stateManager.addChallengeRoute(challengeRoute2);
// Verify state before clear
expect(stateManager.isChallengeRouteActive()).toBeTrue();
expect(stateManager.getActiveChallengeRoutes()).toHaveProperty("length", 2);
expect(stateManager.getAcmePorts()).toHaveProperty("length", 3);
// Clear all state
stateManager.clear();
// Verify state after clear
expect(stateManager.isChallengeRouteActive()).toBeFalse();
expect(stateManager.getActiveChallengeRoutes()).toEqual([]);
expect(stateManager.getAcmePorts()).toEqual([]);
expect(stateManager.getPrimaryChallengeRoute()).toBeNull();
});
export default tap.start();

122
test/test.acme-timing-simple.ts
View File

@@ -1,122 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
// Test that certificate provisioning is deferred until after ports are listening
tap.test('should defer certificate provisioning until ports are ready', async (tapTest) => {
// Track when operations happen
let portsListening = false;
let certProvisioningStarted = false;
let operationOrder: string[] = [];
// Create proxy with certificate route but without real ACME
const proxy = new SmartProxy({
routes: [{
name: 'test-route',
match: {
ports: 8443,
domains: ['test.local']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@local.dev',
useProduction: false
}
}
}
}]
});
// Override the certificate manager creation to avoid real ACME
const originalCreateCertManager = proxy['createCertificateManager'];
proxy['createCertificateManager'] = async function(...args: any[]) {
console.log('Creating mock cert manager');
operationOrder.push('create-cert-manager');
const mockCertManager = {
certStore: null,
smartAcme: null,
httpProxy: null,
renewalTimer: null,
pendingChallenges: new Map(),
challengeRoute: null,
certStatus: new Map(),
globalAcmeDefaults: null,
updateRoutesCallback: undefined,
challengeRouteActive: false,
isProvisioning: false,
acmeStateManager: null,
initialize: async () => {
operationOrder.push('cert-manager-init');
console.log('Mock cert manager initialized');
},
provisionAllCertificates: async () => {
operationOrder.push('cert-provisioning');
certProvisioningStarted = true;
// Check that ports are listening when provisioning starts
if (!portsListening) {
throw new Error('Certificate provisioning started before ports ready!');
}
console.log('Mock certificate provisioning (ports are ready)');
},
stop: async () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
setUpdateRoutesCallback: () => {},
getAcmeOptions: () => ({}),
getState: () => ({ challengeRouteActive: false }),
getCertStatus: () => new Map(),
checkAndRenewCertificates: async () => {},
addChallengeRoute: async () => {},
removeChallengeRoute: async () => {},
getCertificate: async () => null,
isValidCertificate: () => false,
waitForProvisioning: async () => {}
} as any;
// Call initialize immediately as the real createCertificateManager does
await mockCertManager.initialize();
return mockCertManager;
};
// Track port manager operations
const originalAddPorts = proxy['portManager'].addPorts;
proxy['portManager'].addPorts = async function(ports: number[]) {
operationOrder.push('ports-starting');
const result = await originalAddPorts.call(this, ports);
operationOrder.push('ports-ready');
portsListening = true;
console.log('Ports are now listening');
return result;
};
// Start the proxy
await proxy.start();
// Log the operation order for debugging
console.log('Operation order:', operationOrder);
// Verify operations happened in the correct order
expect(operationOrder).toContain('create-cert-manager');
expect(operationOrder).toContain('cert-manager-init');
expect(operationOrder).toContain('ports-starting');
expect(operationOrder).toContain('ports-ready');
expect(operationOrder).toContain('cert-provisioning');
// Verify ports were ready before certificate provisioning
const portsReadyIndex = operationOrder.indexOf('ports-ready');
const certProvisioningIndex = operationOrder.indexOf('cert-provisioning');
expect(portsReadyIndex).toBeLessThan(certProvisioningIndex);
expect(certProvisioningStarted).toEqual(true);
expect(portsListening).toEqual(true);
await proxy.stop();
});
export default tap.start();

204
test/test.acme-timing.ts
View File

@@ -1,204 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as net from 'net';
// Test that certificate provisioning waits for ports to be ready
tap.test('should defer certificate provisioning until after ports are listening', async (tapTest) => {
// Track the order of operations
const operationLog: string[] = [];
// Create a mock server to verify ports are listening
let port80Listening = false;
// Try to use port 8080 instead of 80 to avoid permission issues in testing
const acmePort = 8080;
// Create proxy with ACME certificate requirement
const proxy = new SmartProxy({
useHttpProxy: [acmePort],
httpProxyPort: 8845, // Use different port to avoid conflicts
acme: {
email: 'test@test.local',
useProduction: false,
port: acmePort
},
routes: [{
name: 'test-acme-route',
match: {
ports: 8443,
domains: ['test.local']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@test.local',
useProduction: false
}
}
}
}]
});
// Mock some internal methods to track operation order
const originalAddPorts = proxy['portManager'].addPorts;
proxy['portManager'].addPorts = async function(ports: number[]) {
operationLog.push('Starting port listeners');
const result = await originalAddPorts.call(this, ports);
operationLog.push('Port listeners started');
port80Listening = true;
return result;
};
// Track that we created a certificate manager and SmartProxy will call provisionAllCertificates
let certManagerCreated = false;
// Override createCertificateManager to set up our tracking
const originalCreateCertManager = (proxy as any).createCertificateManager;
(proxy as any).certManagerCreated = false;
// Mock certificate manager to avoid real ACME initialization
(proxy as any).createCertificateManager = async function() {
operationLog.push('Creating certificate manager');
const mockCertManager = {
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {
operationLog.push('Certificate manager initialized');
},
provisionAllCertificates: async () => {
operationLog.push('Starting certificate provisioning');
if (!port80Listening) {
operationLog.push('ERROR: Certificate provisioning started before ports ready');
}
operationLog.push('Certificate provisioning completed');
},
stop: async () => {},
getAcmeOptions: () => ({ email: 'test@test.local', useProduction: false }),
getState: () => ({ challengeRouteActive: false })
};
certManagerCreated = true;
(proxy as any).certManager = mockCertManager;
return mockCertManager;
};
// Start the proxy
await proxy.start();
// Verify the order of operations
expect(operationLog).toContain('Starting port listeners');
expect(operationLog).toContain('Port listeners started');
expect(operationLog).toContain('Starting certificate provisioning');
// Ensure port listeners started before certificate provisioning
const portStartIndex = operationLog.indexOf('Port listeners started');
const certStartIndex = operationLog.indexOf('Starting certificate provisioning');
expect(portStartIndex).toBeLessThan(certStartIndex);
expect(operationLog).not.toContain('ERROR: Certificate provisioning started before ports ready');
await proxy.stop();
});
// Test that ACME challenge route is available when certificate is requested
tap.test('should have ACME challenge route ready before certificate provisioning', async (tapTest) => {
let challengeRouteActive = false;
let certificateProvisioningStarted = false;
const proxy = new SmartProxy({
useHttpProxy: [8080],
httpProxyPort: 8846, // Use different port to avoid conflicts
acme: {
email: 'test@test.local',
useProduction: false,
port: 8080
},
routes: [{
name: 'test-route',
match: {
ports: 8443,
domains: ['test.example.com']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}]
});
// Mock the certificate manager to track operations
const originalInitialize = proxy['certManager'] ?
proxy['certManager'].initialize : null;
if (proxy['certManager']) {
const certManager = proxy['certManager'];
// Track when challenge route is added
const originalAddChallenge = certManager['addChallengeRoute'];
certManager['addChallengeRoute'] = async function() {
await originalAddChallenge.call(this);
challengeRouteActive = true;
};
// Track when certificate provisioning starts
const originalProvisionAcme = certManager['provisionAcmeCertificate'];
certManager['provisionAcmeCertificate'] = async function(...args: any[]) {
certificateProvisioningStarted = true;
// Verify challenge route is active
expect(challengeRouteActive).toEqual(true);
// Don't actually provision in test
return;
};
}
// Mock certificate manager to avoid real ACME initialization
(proxy as any).createCertificateManager = async function() {
const mockCertManager = {
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {
challengeRouteActive = true;
},
provisionAllCertificates: async () => {
certificateProvisioningStarted = true;
expect(challengeRouteActive).toEqual(true);
},
stop: async () => {},
getAcmeOptions: () => ({ email: 'test@test.local', useProduction: false }),
getState: () => ({ challengeRouteActive: false }),
addChallengeRoute: async () => {
challengeRouteActive = true;
},
provisionAcmeCertificate: async () => {
certificateProvisioningStarted = true;
expect(challengeRouteActive).toEqual(true);
}
};
// Call initialize like the real createCertificateManager does
await mockCertManager.initialize();
return mockCertManager;
};
await proxy.start();
// Give it a moment to complete initialization
await new Promise(resolve => setTimeout(resolve, 100));
// Verify challenge route was added before any certificate provisioning
expect(challengeRouteActive).toEqual(true);
await proxy.stop();
});
export default tap.start();

77
test/test.certificate-acme-update.ts
View File

@@ -1,77 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as plugins from '../ts/plugins.js';
import * as smartproxy from '../ts/index.js';
// This test verifies that SmartProxy correctly uses the updated SmartAcme v8.0.0 API
// with the optional wildcard parameter
tap.test('SmartCertManager should call getCertificateForDomain with wildcard option', async () => {
console.log('Testing SmartCertManager with SmartAcme v8.0.0 API...');
// Create a mock route with ACME certificate configuration
const mockRoute: smartproxy.IRouteConfig = {
match: {
domains: ['test.example.com'],
ports: 443
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@example.com',
useProduction: false
}
}
},
name: 'test-route'
};
// Create a certificate manager
const certManager = new smartproxy.SmartCertManager(
[mockRoute],
'./test-certs',
{
email: 'test@example.com',
useProduction: false
}
);
// Since we can't actually test ACME in a unit test, we'll just verify the logic
// The actual test would be that it builds and runs without errors
// Test the wildcard logic for different domain types and challenge handlers
const testCases = [
{ domain: 'example.com', hasDnsChallenge: true, shouldIncludeWildcard: true },
{ domain: 'example.com', hasDnsChallenge: false, shouldIncludeWildcard: false },
{ domain: 'sub.example.com', hasDnsChallenge: true, shouldIncludeWildcard: true },
{ domain: 'sub.example.com', hasDnsChallenge: false, shouldIncludeWildcard: false },
{ domain: '*.example.com', hasDnsChallenge: true, shouldIncludeWildcard: false },
{ domain: '*.example.com', hasDnsChallenge: false, shouldIncludeWildcard: false },
{ domain: 'test', hasDnsChallenge: true, shouldIncludeWildcard: false }, // single label domain
{ domain: 'test', hasDnsChallenge: false, shouldIncludeWildcard: false },
{ domain: 'my.sub.example.com', hasDnsChallenge: true, shouldIncludeWildcard: true },
{ domain: 'my.sub.example.com', hasDnsChallenge: false, shouldIncludeWildcard: false }
];
for (const testCase of testCases) {
const shouldIncludeWildcard = !testCase.domain.startsWith('*.') &&
testCase.domain.includes('.') &&
testCase.domain.split('.').length >= 2 &&
testCase.hasDnsChallenge;
console.log(`Domain: ${testCase.domain}, DNS-01: ${testCase.hasDnsChallenge}, Should include wildcard: ${shouldIncludeWildcard}`);
expect(shouldIncludeWildcard).toEqual(testCase.shouldIncludeWildcard);
}
console.log('All wildcard logic tests passed!');
});
tap.start({
throwOnError: true
});

423
test/test.certificate-provision.ts
View File

@@ -1,423 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import type { TSmartProxyCertProvisionObject } from '../ts/index.js';
import * as fs from 'fs';
import * as path from 'path';
import { fileURLToPath } from 'url';
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
let testProxy: SmartProxy;
// Load test certificates from helpers
const testCert = fs.readFileSync(path.join(__dirname, 'helpers/test-cert.pem'), 'utf8');
const testKey = fs.readFileSync(path.join(__dirname, 'helpers/test-key.pem'), 'utf8');
// Helper to create a fully mocked certificate manager that doesn't contact ACME servers
function createMockCertManager(options: {
onProvisionAll?: () => void;
onGetCertForDomain?: (domain: string) => void;
} = {}) {
return {
setUpdateRoutesCallback: function(callback: any) {
this.updateRoutesCallback = callback;
},
updateRoutesCallback: null as any,
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
setRoutes: function(routes: any) {},
initialize: async function() {},
provisionAllCertificates: async function() {
if (options.onProvisionAll) {
options.onProvisionAll();
}
},
stop: async function() {},
getAcmeOptions: function() {
return { email: 'test@example.com', useProduction: false };
},
getState: function() {
return { challengeRouteActive: false };
},
smartAcme: {
getCertificateForDomain: async (domain: string) => {
if (options.onGetCertForDomain) {
options.onGetCertForDomain(domain);
}
throw new Error('Mocked ACME - not calling real servers');
}
}
};
}
tap.test('SmartProxy should support custom certificate provision function', async () => {
// Create test certificate object matching ICert interface
const testCertObject = {
id: 'test-cert-1',
domainName: 'test.example.com',
created: Date.now(),
validUntil: Date.now() + 90 * 24 * 60 * 60 * 1000, // 90 days
privateKey: testKey,
publicKey: testCert,
csr: ''
};
// Custom certificate store for testing
const customCerts = new Map<string, typeof testCertObject>();
customCerts.set('test.example.com', testCertObject);
// Create proxy with custom certificate provision
testProxy = new SmartProxy({
certProvisionFunction: async (domain: string): Promise<TSmartProxyCertProvisionObject> => {
console.log(`Custom cert provision called for domain: ${domain}`);
// Return custom cert for known domains
if (customCerts.has(domain)) {
console.log(`Returning custom certificate for ${domain}`);
return customCerts.get(domain)!;
}
// Fallback to Let's Encrypt for other domains
console.log(`Falling back to Let's Encrypt for ${domain}`);
return 'http01';
},
certProvisionFallbackToAcme: true,
acme: {
email: 'test@example.com',
useProduction: false
},
routes: [
{
name: 'test-route',
match: {
ports: [443],
domains: ['test.example.com']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}
]
});
expect(testProxy).toBeInstanceOf(SmartProxy);
});
tap.test('Custom certificate provision function should be called', async () => {
let provisionCalled = false;
const provisionedDomains: string[] = [];
const testProxy2 = new SmartProxy({
certProvisionFunction: async (domain: string): Promise<TSmartProxyCertProvisionObject> => {
provisionCalled = true;
provisionedDomains.push(domain);
// Return a test certificate matching ICert interface
return {
id: `test-cert-${domain}`,
domainName: domain,
created: Date.now(),
validUntil: Date.now() + 90 * 24 * 60 * 60 * 1000,
privateKey: testKey,
publicKey: testCert,
csr: ''
};
},
acme: {
email: 'test@example.com',
useProduction: false,
port: 9080
},
routes: [
{
name: 'custom-cert-route',
match: {
ports: [9443],
domains: ['custom.example.com']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}
]
});
// Fully mock the certificate manager to avoid ACME server contact
let certManagerCalled = false;
(testProxy2 as any).createCertificateManager = async function() {
const mockCertManager = createMockCertManager({
onProvisionAll: () => {
certManagerCalled = true;
// Simulate calling the provision function
testProxy2.settings.certProvisionFunction?.('custom.example.com');
}
});
// Set callback as in real implementation
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
return mockCertManager;
};
// Start the proxy (this will trigger certificate provisioning)
await testProxy2.start();
expect(certManagerCalled).toBeTrue();
expect(provisionCalled).toBeTrue();
expect(provisionedDomains).toContain('custom.example.com');
await testProxy2.stop();
});
tap.test('Should fallback to ACME when custom provision fails', async () => {
const failedDomains: string[] = [];
let acmeAttempted = false;
const testProxy3 = new SmartProxy({
certProvisionFunction: async (domain: string): Promise<TSmartProxyCertProvisionObject> => {
failedDomains.push(domain);
throw new Error('Custom provision failed for testing');
},
certProvisionFallbackToAcme: true,
acme: {
email: 'test@example.com',
useProduction: false,
port: 9080
},
routes: [
{
name: 'fallback-route',
match: {
ports: [9444],
domains: ['fallback.example.com']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}
]
});
// Fully mock the certificate manager to avoid ACME server contact
(testProxy3 as any).createCertificateManager = async function() {
const mockCertManager = createMockCertManager({
onProvisionAll: async () => {
// Simulate the provision logic: first try custom function, then ACME
try {
await testProxy3.settings.certProvisionFunction?.('fallback.example.com');
} catch (e) {
// Custom provision failed, try ACME
acmeAttempted = true;
}
}
});
// Set callback as in real implementation
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
return mockCertManager;
};
// Start the proxy
await testProxy3.start();
// Custom provision should have failed
expect(failedDomains).toContain('fallback.example.com');
// ACME should have been attempted as fallback
expect(acmeAttempted).toBeTrue();
await testProxy3.stop();
});
tap.test('Should not fallback when certProvisionFallbackToAcme is false', async () => {
let errorThrown = false;
let errorMessage = '';
const testProxy4 = new SmartProxy({
certProvisionFunction: async (_domain: string): Promise<TSmartProxyCertProvisionObject> => {
throw new Error('Custom provision failed for testing');
},
certProvisionFallbackToAcme: false,
acme: {
email: 'test@example.com',
useProduction: false,
port: 9082
},
routes: [
{
name: 'no-fallback-route',
match: {
ports: [9449],
domains: ['no-fallback.example.com']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}
]
});
// Fully mock the certificate manager to avoid ACME server contact
(testProxy4 as any).createCertificateManager = async function() {
const mockCertManager = createMockCertManager({
onProvisionAll: async () => {
// Simulate the provision logic with no fallback
try {
await testProxy4.settings.certProvisionFunction?.('no-fallback.example.com');
} catch (e: any) {
errorThrown = true;
errorMessage = e.message;
// With certProvisionFallbackToAcme=false, the error should propagate
if (!testProxy4.settings.certProvisionFallbackToAcme) {
throw e;
}
}
}
});
// Set callback as in real implementation
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
return mockCertManager;
};
try {
await testProxy4.start();
} catch (e) {
// Expected to fail
}
expect(errorThrown).toBeTrue();
expect(errorMessage).toInclude('Custom provision failed for testing');
await testProxy4.stop();
});
tap.test('Should return http01 for unknown domains', async () => {
let returnedHttp01 = false;
let acmeAttempted = false;
const testProxy5 = new SmartProxy({
certProvisionFunction: async (domain: string): Promise<TSmartProxyCertProvisionObject> => {
if (domain === 'known.example.com') {
return {
id: `test-cert-${domain}`,
domainName: domain,
created: Date.now(),
validUntil: Date.now() + 90 * 24 * 60 * 60 * 1000,
privateKey: testKey,
publicKey: testCert,
csr: ''
};
}
returnedHttp01 = true;
return 'http01';
},
acme: {
email: 'test@example.com',
useProduction: false,
port: 9081
},
routes: [
{
name: 'unknown-domain-route',
match: {
ports: [9446],
domains: ['unknown.example.com']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8080
}],
tls: {
mode: 'terminate',
certificate: 'auto'
}
}
}
]
});
// Fully mock the certificate manager to avoid ACME server contact
(testProxy5 as any).createCertificateManager = async function() {
const mockCertManager = createMockCertManager({
onProvisionAll: async () => {
// Simulate the provision logic: call provision function first
const result = await testProxy5.settings.certProvisionFunction?.('unknown.example.com');
if (result === 'http01') {
// http01 means use ACME
acmeAttempted = true;
}
}
});
// Set callback as in real implementation
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
return mockCertManager;
};
await testProxy5.start();
// Should have returned http01 for unknown domain
expect(returnedHttp01).toBeTrue();
// ACME should have been attempted
expect(acmeAttempted).toBeTrue();
await testProxy5.stop();
});
tap.test('cleanup', async () => {
// Clean up any test proxies
if (testProxy) {
await testProxy.stop();
}
});
export default tap.start();

241
test/test.certificate-provisioning.ts
View File

@@ -1,241 +0,0 @@
import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
import { expect, tap } from '@git.zone/tstest/tapbundle';
const testProxy = new SmartProxy({
routes: [{
name: 'test-route',
match: { ports: 9443, domains: 'test.local' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@test.local',
useProduction: false
}
}
}
}],
acme: {
port: 9080 // Use high port for ACME challenges
}
});
tap.test('should provision certificate automatically', async () => {
// Mock certificate manager to avoid real ACME initialization
const mockCertStatus = {
domain: 'test-route',
status: 'valid' as const,
source: 'acme' as const,
expiryDate: new Date(Date.now() + 90 * 24 * 60 * 60 * 1000),
issueDate: new Date()
};
(testProxy as any).createCertificateManager = async function() {
return {
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {},
provisionAllCertificates: async () => {},
stop: async () => {},
getAcmeOptions: () => ({ email: 'test@test.local', useProduction: false }),
getState: () => ({ challengeRouteActive: false }),
getCertificateStatus: () => mockCertStatus
};
};
(testProxy as any).getCertificateStatus = () => mockCertStatus;
await testProxy.start();
const status = testProxy.getCertificateStatus('test-route');
expect(status).toBeDefined();
expect(status.status).toEqual('valid');
expect(status.source).toEqual('acme');
await testProxy.stop();
});
tap.test('should handle static certificates', async () => {
const proxy = new SmartProxy({
routes: [{
name: 'static-route',
match: { ports: 9444, domains: 'static.example.com' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }],
tls: {
mode: 'terminate',
certificate: {
cert: '-----BEGIN CERTIFICATE-----\nMIIC...\n-----END CERTIFICATE-----',
key: '-----BEGIN PRIVATE KEY-----\nMIIE...\n-----END PRIVATE KEY-----'
}
}
}
}]
});
await proxy.start();
const status = proxy.getCertificateStatus('static-route');
expect(status).toBeDefined();
expect(status.status).toEqual('valid');
expect(status.source).toEqual('static');
await proxy.stop();
});
tap.test('should handle ACME challenge routes', async () => {
const proxy = new SmartProxy({
routes: [{
name: 'auto-cert-route',
match: { ports: 9445, domains: 'acme.local' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'acme@test.local',
useProduction: false,
challengePort: 9081
}
}
}
}, {
name: 'port-9081-route',
match: { ports: 9081, domains: 'acme.local' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }]
}
}],
acme: {
port: 9081 // Use high port for ACME challenges
}
});
// Mock certificate manager to avoid real ACME initialization
(proxy as any).createCertificateManager = async function() {
return {
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {},
provisionAllCertificates: async () => {},
stop: async () => {},
getAcmeOptions: () => ({ email: 'acme@test.local', useProduction: false }),
getState: () => ({ challengeRouteActive: false })
};
};
await proxy.start();
// Verify the proxy is configured with routes including the necessary port
const routes = proxy.settings.routes;
// Check that we have a route listening on the ACME challenge port
const acmeChallengePort = 9081;
const routesOnChallengePort = routes.filter((r: any) => {
const ports = Array.isArray(r.match.ports) ? r.match.ports : [r.match.ports];
return ports.includes(acmeChallengePort);
});
expect(routesOnChallengePort.length).toBeGreaterThan(0);
expect(routesOnChallengePort[0].name).toEqual('port-9081-route');
// Verify the main route has ACME configuration
const mainRoute = routes.find((r: any) => r.name === 'auto-cert-route');
expect(mainRoute).toBeDefined();
expect(mainRoute?.action.tls?.certificate).toEqual('auto');
expect(mainRoute?.action.tls?.acme?.email).toEqual('acme@test.local');
expect(mainRoute?.action.tls?.acme?.challengePort).toEqual(9081);
await proxy.stop();
});
tap.test('should renew certificates', async () => {
const proxy = new SmartProxy({
routes: [{
name: 'renew-route',
match: { ports: 9446, domains: 'renew.local' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'renew@test.local',
useProduction: false,
renewBeforeDays: 30
}
}
}
}],
acme: {
port: 9082 // Use high port for ACME challenges
}
});
// Mock certificate manager with renewal capability
let renewCalled = false;
const mockCertStatus = {
domain: 'renew-route',
status: 'valid' as const,
source: 'acme' as const,
expiryDate: new Date(Date.now() + 90 * 24 * 60 * 60 * 1000),
issueDate: new Date()
};
(proxy as any).certManager = {
renewCertificate: async (routeName: string) => {
renewCalled = true;
expect(routeName).toEqual('renew-route');
},
getCertificateStatus: () => mockCertStatus,
setUpdateRoutesCallback: () => {},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
initialize: async () => {},
provisionAllCertificates: async () => {},
stop: async () => {},
getAcmeOptions: () => ({ email: 'renew@test.local', useProduction: false }),
getState: () => ({ challengeRouteActive: false })
};
(proxy as any).createCertificateManager = async function() {
return this.certManager;
};
(proxy as any).getCertificateStatus = function(routeName: string) {
return this.certManager.getCertificateStatus(routeName);
};
(proxy as any).renewCertificate = async function(routeName: string) {
if (this.certManager) {
await this.certManager.renewCertificate(routeName);
}
};
await proxy.start();
// Force renewal
await proxy.renewCertificate('renew-route');
expect(renewCalled).toBeTrue();
const status = proxy.getCertificateStatus('renew-route');
expect(status).toBeDefined();
expect(status.status).toEqual('valid');
await proxy.stop();
});
export default tap.start();

146
test/test.cleanup-queue-bug.node.ts
View File

@@ -1,146 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
tap.test('cleanup queue bug - verify queue processing handles more than batch size', async () => {
console.log('\n=== Cleanup Queue Bug Test ===');
console.log('Purpose: Verify that the cleanup queue correctly processes all connections');
console.log('even when there are more than the batch size (100)');
// Create proxy
const proxy = new SmartProxy({
routes: [{
name: 'test-route',
match: { ports: 8588 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9996 }]
}
}],
enableDetailedLogging: false,
});
await proxy.start();
console.log('✓ Proxy started on port 8588');
// Access connection manager
const cm = (proxy as any).connectionManager;
// Create mock connection records
console.log('\n--- Creating 150 mock connections ---');
const mockConnections: any[] = [];
for (let i = 0; i < 150; i++) {
// Create mock socket objects with necessary methods
const mockIncoming = {
destroyed: true,
writable: false,
remoteAddress: '127.0.0.1',
removeAllListeners: () => {},
destroy: () => {},
end: () => {},
on: () => {},
once: () => {},
emit: () => {},
pause: () => {},
resume: () => {}
};
const mockOutgoing = {
destroyed: true,
writable: false,
removeAllListeners: () => {},
destroy: () => {},
end: () => {},
on: () => {},
once: () => {},
emit: () => {}
};
const mockRecord = {
id: `mock-${i}`,
incoming: mockIncoming,
outgoing: mockOutgoing,
connectionClosed: false,
incomingStartTime: Date.now(),
lastActivity: Date.now(),
remoteIP: '127.0.0.1',
remotePort: 10000 + i,
localPort: 8588,
bytesReceived: 100,
bytesSent: 100,
incomingTerminationReason: null,
cleanupTimer: null
};
// Add to connection records
cm.connectionRecords.set(mockRecord.id, mockRecord);
mockConnections.push(mockRecord);
}
console.log(`Created ${cm.getConnectionCount()} mock connections`);
expect(cm.getConnectionCount()).toEqual(150);
// Queue all connections for cleanup
console.log('\n--- Queueing all connections for cleanup ---');
// The cleanup queue processes immediately when it reaches batch size (100)
// So after queueing 150, the first 100 will be processed immediately
for (const conn of mockConnections) {
cm.initiateCleanupOnce(conn, 'test_cleanup');
}
// After queueing 150, the first 100 should have been processed immediately
// leaving 50 in the queue
console.log(`Cleanup queue size after queueing: ${cm.cleanupQueue.size}`);
console.log(`Active connections after initial batch: ${cm.getConnectionCount()}`);
// The first 100 should have been cleaned up immediately
expect(cm.cleanupQueue.size).toEqual(50);
expect(cm.getConnectionCount()).toEqual(50);
// Wait for remaining cleanup to complete
console.log('\n--- Waiting for remaining cleanup batches to process ---');
// The remaining 50 connections should be cleaned up in the next batch
let waitTime = 0;
let lastCount = cm.getConnectionCount();
while (cm.getConnectionCount() > 0 || cm.cleanupQueue.size > 0) {
await new Promise(resolve => setTimeout(resolve, 100));
waitTime += 100;
const currentCount = cm.getConnectionCount();
if (currentCount !== lastCount) {
console.log(`Active connections: ${currentCount}, Queue size: ${cm.cleanupQueue.size}`);
lastCount = currentCount;
}
if (waitTime > 5000) {
console.log('Timeout waiting for cleanup to complete');
break;
}
}
console.log(`All cleanup completed in ${waitTime}ms`);
// Check final state
const finalCount = cm.getConnectionCount();
console.log(`\nFinal connection count: ${finalCount}`);
console.log(`Final cleanup queue size: ${cm.cleanupQueue.size}`);
// All connections should be cleaned up
expect(finalCount).toEqual(0);
expect(cm.cleanupQueue.size).toEqual(0);
// Verify termination stats - all 150 should have been terminated
const stats = cm.getTerminationStats();
console.log('Termination stats:', stats);
expect(stats.incoming.test_cleanup).toEqual(150);
// Cleanup
console.log('\n--- Stopping proxy ---');
await proxy.stop();
console.log('\n✓ Test complete: Cleanup queue now correctly processes all connections');
});
export default tap.start();

240
test/test.connect-disconnect-cleanup.node.ts
View File

@@ -1,240 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy and configurations
import { SmartProxy } from '../ts/index.js';
tap.test('should handle clients that connect and immediately disconnect without sending data', async () => {
console.log('\n=== Testing Connect-Disconnect Cleanup ===');
// Create a SmartProxy instance
const proxy = new SmartProxy({
enableDetailedLogging: false,
initialDataTimeout: 5000, // 5 second timeout for initial data
routes: [{
name: 'test-route',
match: { ports: 8560 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent port
}]
}
}]
});
// Start the proxy
await proxy.start();
console.log('✓ Proxy started on port 8560');
// Helper to get active connection count
const getActiveConnections = () => {
const connectionManager = (proxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
const initialCount = getActiveConnections();
console.log(`Initial connection count: ${initialCount}`);
// Test 1: Connect and immediately disconnect without sending data
console.log('\n--- Test 1: Immediate disconnect ---');
const connectionCounts: number[] = [];
for (let i = 0; i < 10; i++) {
const client = new net.Socket();
// Connect and immediately destroy
client.connect(8560, 'localhost', () => {
// Connected - immediately destroy without sending data
client.destroy();
});
// Wait a tiny bit
await new Promise(resolve => setTimeout(resolve, 10));
const count = getActiveConnections();
connectionCounts.push(count);
if ((i + 1) % 5 === 0) {
console.log(`After ${i + 1} connect/disconnect cycles: ${count} active connections`);
}
}
// Wait a bit for cleanup
await new Promise(resolve => setTimeout(resolve, 500));
const afterImmediateDisconnect = getActiveConnections();
console.log(`After immediate disconnect test: ${afterImmediateDisconnect} active connections`);
// Test 2: Connect, wait a bit, then disconnect without sending data
console.log('\n--- Test 2: Delayed disconnect ---');
for (let i = 0; i < 5; i++) {
const client = new net.Socket();
client.on('error', () => {
// Ignore errors
});
client.connect(8560, 'localhost', () => {
// Wait 100ms then disconnect without sending data
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
}, 100);
});
}
// Check count immediately
const duringDelayed = getActiveConnections();
console.log(`During delayed disconnect test: ${duringDelayed} active connections`);
// Wait for cleanup
await new Promise(resolve => setTimeout(resolve, 1000));
const afterDelayedDisconnect = getActiveConnections();
console.log(`After delayed disconnect test: ${afterDelayedDisconnect} active connections`);
// Test 3: Mix of immediate and delayed disconnects
console.log('\n--- Test 3: Mixed disconnect patterns ---');
const promises = [];
for (let i = 0; i < 20; i++) {
promises.push(new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8560, 'localhost', () => {
if (i % 2 === 0) {
// Half disconnect immediately
client.destroy();
} else {
// Half wait 50ms
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
}, 50);
}
});
// Failsafe timeout
setTimeout(() => resolve(), 200);
}));
}
// Wait for all to complete
await Promise.all(promises);
const duringMixed = getActiveConnections();
console.log(`During mixed test: ${duringMixed} active connections`);
// Final cleanup wait
await new Promise(resolve => setTimeout(resolve, 1000));
const finalCount = getActiveConnections();
console.log(`\nFinal connection count: ${finalCount}`);
// Stop the proxy
await proxy.stop();
console.log('✓ Proxy stopped');
// Verify all connections were cleaned up
expect(finalCount).toEqual(initialCount);
expect(afterImmediateDisconnect).toEqual(initialCount);
expect(afterDelayedDisconnect).toEqual(initialCount);
// Check that connections didn't accumulate during the test
const maxCount = Math.max(...connectionCounts);
console.log(`\nMax connection count during immediate disconnect test: ${maxCount}`);
expect(maxCount).toBeLessThan(3); // Should stay very low
console.log('\n✅ PASS: Connect-disconnect cleanup working correctly!');
});
tap.test('should handle clients that error during connection', async () => {
console.log('\n=== Testing Connection Error Cleanup ===');
const proxy = new SmartProxy({
enableDetailedLogging: false,
routes: [{
name: 'test-route',
match: { ports: 8561 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999
}]
}
}]
});
await proxy.start();
console.log('✓ Proxy started on port 8561');
const getActiveConnections = () => {
const connectionManager = (proxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
const initialCount = getActiveConnections();
console.log(`Initial connection count: ${initialCount}`);
// Create connections that will error
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
// Connect to proxy
client.connect(8561, 'localhost', () => {
// Force an error by writing invalid data then destroying
try {
client.write(Buffer.alloc(1024 * 1024)); // Large write
client.destroy();
} catch (e) {
// Ignore
}
});
// Timeout
setTimeout(() => resolve(), 500);
}));
}
await Promise.all(promises);
console.log('✓ All error connections completed');
// Wait for cleanup
await new Promise(resolve => setTimeout(resolve, 500));
const finalCount = getActiveConnections();
console.log(`Final connection count: ${finalCount}`);
await proxy.stop();
console.log('✓ Proxy stopped');
expect(finalCount).toEqual(initialCount);
console.log('\n✅ PASS: Connection error cleanup working correctly!');
});
export default tap.start();

277
test/test.connection-cleanup-comprehensive.node.ts
View File

@@ -1,277 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy and configurations
import { SmartProxy } from '../ts/index.js';
tap.test('comprehensive connection cleanup test - all scenarios', async () => {
console.log('\n=== Comprehensive Connection Cleanup Test ===');
// Create a SmartProxy instance
const proxy = new SmartProxy({
enableDetailedLogging: false,
initialDataTimeout: 2000,
socketTimeout: 5000,
routes: [
{
name: 'non-tls-route',
match: { ports: 8570 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent port
}]
}
},
{
name: 'tls-route',
match: { ports: 8571 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent port
}],
tls: {
mode: 'passthrough'
}
}
}
]
});
// Start the proxy
await proxy.start();
console.log('✓ Proxy started on ports 8570 (non-TLS) and 8571 (TLS)');
// Helper to get active connection count
const getActiveConnections = () => {
const connectionManager = (proxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
const initialCount = getActiveConnections();
console.log(`Initial connection count: ${initialCount}`);
// Test 1: Rapid ECONNREFUSED retries (from original issue)
console.log('\n--- Test 1: Rapid ECONNREFUSED retries ---');
for (let i = 0; i < 10; i++) {
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
client.destroy();
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8570, 'localhost', () => {
// Send data to trigger routing
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
});
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 100);
});
if ((i + 1) % 5 === 0) {
const count = getActiveConnections();
console.log(`After ${i + 1} ECONNREFUSED retries: ${count} active connections`);
}
}
// Test 2: Connect without sending data (immediate disconnect)
console.log('\n--- Test 2: Connect without sending data ---');
for (let i = 0; i < 10; i++) {
const client = new net.Socket();
client.on('error', () => {
// Ignore
});
// Connect to non-TLS port and immediately disconnect
client.connect(8570, 'localhost', () => {
client.destroy();
});
await new Promise(resolve => setTimeout(resolve, 10));
}
const afterNoData = getActiveConnections();
console.log(`After connect-without-data test: ${afterNoData} active connections`);
// Test 3: TLS connections that disconnect before handshake
console.log('\n--- Test 3: TLS early disconnect ---');
for (let i = 0; i < 10; i++) {
const client = new net.Socket();
client.on('error', () => {
// Ignore
});
// Connect to TLS port but disconnect before sending handshake
client.connect(8571, 'localhost', () => {
// Wait 50ms then disconnect (before initial data timeout)
setTimeout(() => {
client.destroy();
}, 50);
});
await new Promise(resolve => setTimeout(resolve, 100));
}
const afterTlsEarly = getActiveConnections();
console.log(`After TLS early disconnect test: ${afterTlsEarly} active connections`);
// Test 4: Mixed pattern - simulating real-world chaos
console.log('\n--- Test 4: Mixed chaos pattern ---');
const promises = [];
for (let i = 0; i < 30; i++) {
promises.push(new Promise<void>((resolve) => {
const client = new net.Socket();
const port = i % 2 === 0 ? 8570 : 8571;
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(port, 'localhost', () => {
const scenario = i % 5;
switch (scenario) {
case 0:
// Immediate disconnect
client.destroy();
break;
case 1:
// Send data then disconnect
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
setTimeout(() => client.destroy(), 20);
break;
case 2:
// Disconnect after delay
setTimeout(() => client.destroy(), 100);
break;
case 3:
// Send partial TLS handshake
if (port === 8571) {
client.write(Buffer.from([0x16, 0x03, 0x01])); // Partial TLS
}
setTimeout(() => client.destroy(), 50);
break;
case 4:
// Just let it timeout
break;
}
});
// Failsafe
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 500);
}));
// Small delay between connections
if (i % 5 === 0) {
await new Promise(resolve => setTimeout(resolve, 10));
}
}
await Promise.all(promises);
console.log('✓ Chaos test completed');
// Wait for any cleanup
await new Promise(resolve => setTimeout(resolve, 1000));
const afterChaos = getActiveConnections();
console.log(`After chaos test: ${afterChaos} active connections`);
// Test 5: NFTables route (should cleanup properly)
console.log('\n--- Test 5: NFTables route cleanup ---');
const nftProxy = new SmartProxy({
enableDetailedLogging: false,
routes: [{
name: 'nftables-route',
match: { ports: 8572 },
action: {
type: 'forward',
forwardingEngine: 'nftables',
targets: [{
host: 'localhost',
port: 9999
}]
}
}]
});
await nftProxy.start();
const getNftConnections = () => {
const connectionManager = (nftProxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
// Create NFTables connections
for (let i = 0; i < 5; i++) {
const client = new net.Socket();
client.on('error', () => {
// Ignore
});
client.connect(8572, 'localhost', () => {
setTimeout(() => client.destroy(), 50);
});
await new Promise(resolve => setTimeout(resolve, 100));
}
await new Promise(resolve => setTimeout(resolve, 500));
const nftFinal = getNftConnections();
console.log(`NFTables connections after test: ${nftFinal}`);
await nftProxy.stop();
// Final check on main proxy
const finalCount = getActiveConnections();
console.log(`\nFinal connection count: ${finalCount}`);
// Stop the proxy
await proxy.stop();
console.log('✓ Proxy stopped');
// Verify all connections were cleaned up
expect(finalCount).toEqual(initialCount);
expect(afterNoData).toEqual(initialCount);
expect(afterTlsEarly).toEqual(initialCount);
expect(afterChaos).toEqual(initialCount);
expect(nftFinal).toEqual(0);
console.log('\n✅ PASS: Comprehensive connection cleanup test passed!');
console.log('All connection scenarios properly cleaned up:');
console.log('- ECONNREFUSED rapid retries');
console.log('- Connect without sending data');
console.log('- TLS early disconnect');
console.log('- Mixed chaos patterns');
console.log('- NFTables connections');
});
export default tap.start();

304
test/test.connection-limits.node.ts
View File

@@ -1,304 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
import { HttpProxy } from '../ts/proxies/http-proxy/index.js';
let testServer: net.Server;
let smartProxy: SmartProxy;
let httpProxy: HttpProxy;
const TEST_SERVER_PORT = 5100;
const PROXY_PORT = 5101;
const HTTP_PROXY_PORT = 5102;
// Track all created servers and connections for cleanup
const allServers: net.Server[] = [];
const allProxies: (SmartProxy | HttpProxy)[] = [];
const activeConnections: net.Socket[] = [];
// Helper: Creates a test TCP server
function createTestServer(port: number): Promise<net.Server> {
return new Promise((resolve) => {
const server = net.createServer((socket) => {
socket.on('data', (data) => {
socket.write(`Echo: ${data.toString()}`);
});
socket.on('error', () => {});
});
server.listen(port, 'localhost', () => {
console.log(`[Test Server] Listening on localhost:${port}`);
allServers.push(server);
resolve(server);
});
});
}
// Helper: Creates multiple concurrent connections
// If waitForData is true, waits for the connection to be fully established (can receive data)
async function createConcurrentConnections(
port: number,
count: number,
waitForData: boolean = false
): Promise<net.Socket[]> {
const connections: net.Socket[] = [];
const promises: Promise<net.Socket>[] = [];
for (let i = 0; i < count; i++) {
promises.push(
new Promise((resolve, reject) => {
const client = new net.Socket();
const timeout = setTimeout(() => {
client.destroy();
reject(new Error(`Connection ${i} timeout`));
}, 5000);
client.connect(port, 'localhost', () => {
if (!waitForData) {
clearTimeout(timeout);
activeConnections.push(client);
connections.push(client);
resolve(client);
}
// If waitForData, we wait for the close event to see if connection was rejected
});
if (waitForData) {
// Wait a bit to see if connection gets closed by server
client.once('close', () => {
clearTimeout(timeout);
reject(new Error('Connection closed by server'));
});
// If we can write and get a response, connection is truly established
setTimeout(() => {
if (!client.destroyed) {
clearTimeout(timeout);
activeConnections.push(client);
connections.push(client);
resolve(client);
}
}, 100);
}
client.on('error', (err) => {
clearTimeout(timeout);
reject(err);
});
})
);
}
await Promise.all(promises);
return connections;
}
// Helper: Clean up connections
function cleanupConnections(connections: net.Socket[]): void {
connections.forEach(conn => {
if (!conn.destroyed) {
conn.destroy();
}
});
}
tap.test('Setup test environment', async () => {
testServer = await createTestServer(TEST_SERVER_PORT);
// Create SmartProxy with low connection limits for testing
smartProxy = new SmartProxy({
routes: [{
name: 'test-route',
match: {
ports: PROXY_PORT
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: TEST_SERVER_PORT
}]
},
security: {
maxConnections: 5 // Low limit for testing
}
}],
maxConnectionsPerIP: 3, // Low per-IP limit
connectionRateLimitPerMinute: 10, // Low rate limit
defaults: {
security: {
maxConnections: 10 // Low global limit
}
}
});
await smartProxy.start();
allProxies.push(smartProxy);
});
tap.test('Per-IP connection limits', async () => {
// Test that we can create up to the per-IP limit
const connections1 = await createConcurrentConnections(PROXY_PORT, 3);
expect(connections1.length).toEqual(3);
// Allow server-side processing to complete
await new Promise(resolve => setTimeout(resolve, 50));
// Try to create one more connection - should fail
// Use waitForData=true to detect if server closes the connection after accepting it
try {
await createConcurrentConnections(PROXY_PORT, 1, true);
// If we get here, the 4th connection was truly established
throw new Error('Should not allow more than 3 connections per IP');
} catch (err) {
console.log(`Per-IP limit error received: ${err.message}`);
// Connection should be rejected - either reset, refused, or closed by server
const isRejected = err.message.includes('ECONNRESET') ||
err.message.includes('ECONNREFUSED') ||
err.message.includes('closed');
expect(isRejected).toBeTrue();
}
// Clean up first set of connections
cleanupConnections(connections1);
await new Promise(resolve => setTimeout(resolve, 100));
// Should be able to create new connections after cleanup
const connections2 = await createConcurrentConnections(PROXY_PORT, 2);
expect(connections2.length).toEqual(2);
cleanupConnections(connections2);
});
tap.test('Route-level connection limits', async () => {
// Create multiple connections up to route limit
const connections = await createConcurrentConnections(PROXY_PORT, 5);
expect(connections.length).toEqual(5);
// Try to exceed route limit
try {
await createConcurrentConnections(PROXY_PORT, 1);
throw new Error('Should not allow more than 5 connections for this route');
} catch (err) {
// Connection should be rejected - either reset or refused
console.log('Connection limit error:', err.message);
const isRejected = err.message.includes('ECONNRESET') ||
err.message.includes('ECONNREFUSED') ||
err.message.includes('closed') ||
err.message.includes('5 connections');
expect(isRejected).toBeTrue();
}
cleanupConnections(connections);
});
tap.test('Connection rate limiting', async () => {
// Create connections rapidly
const connections: net.Socket[] = [];
// Create 10 connections rapidly (at rate limit)
for (let i = 0; i < 10; i++) {
try {
const conn = await createConcurrentConnections(PROXY_PORT, 1);
connections.push(...conn);
// Small delay to avoid per-IP limit
if (connections.length >= 3) {
cleanupConnections(connections.splice(0, 3));
await new Promise(resolve => setTimeout(resolve, 50));
}
} catch (err) {
// Expected to fail at some point due to rate limit
expect(i).toBeGreaterThan(0);
break;
}
}
cleanupConnections(connections);
});
tap.test('HttpProxy per-IP validation', async () => {
// Skip complex HttpProxy integration test - focus on SmartProxy connection limits
// The HttpProxy has its own per-IP validation that's tested separately
// This test would require TLS certificates and more complex setup
console.log('Skipping HttpProxy per-IP validation - tested separately');
});
tap.test('IP tracking cleanup', async (tools) => {
// Wait for any previous test cleanup to complete
await tools.delayFor(300);
// Create and close connections
const connections: net.Socket[] = [];
for (let i = 0; i < 2; i++) {
try {
const conn = await createConcurrentConnections(PROXY_PORT, 1);
connections.push(...conn);
} catch {
// Ignore rejections
}
}
// Close all connections
cleanupConnections(connections);
// Wait for cleanup to process
await tools.delayFor(500);
// Verify that IP tracking has been cleaned up
const securityManager = (smartProxy as any).securityManager;
const ipCount = securityManager.getConnectionCountByIP('::ffff:127.0.0.1');
// Should have no connections tracked for this IP after cleanup
// Note: Due to asynchronous cleanup, we allow for some variance
expect(ipCount).toBeLessThanOrEqual(1);
});
tap.test('Cleanup queue race condition handling', async () => {
// Wait for previous test cleanup
await new Promise(resolve => setTimeout(resolve, 300));
// Create connections sequentially to avoid hitting per-IP limit
const allConnections: net.Socket[] = [];
for (let i = 0; i < 2; i++) {
try {
const conn = await createConcurrentConnections(PROXY_PORT, 1);
allConnections.push(...conn);
} catch {
// Ignore connection rejections
}
}
// Close all connections rapidly
allConnections.forEach(conn => conn.destroy());
// Give cleanup queue time to process
await new Promise(resolve => setTimeout(resolve, 500));
// Verify all connections were cleaned up
const connectionManager = (smartProxy as any).connectionManager;
const remainingConnections = connectionManager.getConnectionCount();
// Allow for some variance due to async cleanup
expect(remainingConnections).toBeLessThanOrEqual(1);
});
tap.test('Cleanup and shutdown', async () => {
// Clean up any remaining connections
cleanupConnections(activeConnections);
activeConnections.length = 0;
// Stop all proxies
for (const proxy of allProxies) {
await proxy.stop();
}
allProxies.length = 0;
// Close all test servers
for (const server of allServers) {
await new Promise<void>((resolve) => {
server.close(() => resolve());
});
}
allServers.length = 0;
});
export default tap.start();

83
test/test.fix-verification.ts
View File

@@ -1,83 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
tap.test('should verify certificate manager callback is preserved on updateRoutes', async () => {
// Create proxy with initial cert routes
const proxy = new SmartProxy({
routes: [{
name: 'cert-route',
match: { ports: [18443], domains: ['test.local'] },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 3000 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: { email: 'test@local.test' }
}
}
}],
acme: { email: 'test@local.test', port: 18080 }
});
// Track callback preservation
let initialCallbackSet = false;
let updateCallbackSet = false;
// Mock certificate manager creation
(proxy as any).createCertificateManager = async function(...args: any[]) {
const certManager = {
updateRoutesCallback: null as any,
setUpdateRoutesCallback: function(callback: any) {
this.updateRoutesCallback = callback;
if (!initialCallbackSet) {
initialCallbackSet = true;
} else {
updateCallbackSet = true;
}
},
setHttpProxy: () => {},
setGlobalAcmeDefaults: () => {},
setAcmeStateManager: () => {},
setRoutes: (routes: any) => {},
initialize: async () => {},
provisionAllCertificates: async () => {},
stop: async () => {},
getAcmeOptions: () => ({ email: 'test@local.test' }),
getState: () => ({ challengeRouteActive: false })
};
// Set callback as in real implementation
certManager.setUpdateRoutesCallback(async (routes) => {
await this.updateRoutes(routes);
});
return certManager;
};
await proxy.start();
expect(initialCallbackSet).toEqual(true);
// Update routes - this should preserve the callback
await proxy.updateRoutes([{
name: 'updated-route',
match: { ports: [18444], domains: ['test2.local'] },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 3001 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: { email: 'test@local.test' }
}
}
}]);
expect(updateCallbackSet).toEqual(true);
await proxy.stop();
console.log('Fix verified: Certificate manager callback is preserved on updateRoutes');
});
export default tap.start();

183
test/test.http-fix-unit.ts
View File

@@ -1,183 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
// Unit test for the HTTP forwarding fix
tap.test('should forward non-TLS connections on HttpProxy ports', async (tapTest) => {
// Test configuration
const testPort = 8080;
const httpProxyPort = 8844;
// Track forwarding logic
let forwardedToHttpProxy = false;
let setupDirectConnection = false;
// Create mock settings
const mockSettings = {
useHttpProxy: [testPort],
httpProxyPort: httpProxyPort,
routes: [{
name: 'test-route',
match: { ports: testPort },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }]
}
}]
};
// Create mock connection record
const mockRecord = {
id: 'test-connection',
localPort: testPort,
remoteIP: '127.0.0.1',
isTLS: false
};
// Mock HttpProxyBridge
const mockHttpProxyBridge = {
getHttpProxy: () => ({ available: true }),
forwardToHttpProxy: async () => {
forwardedToHttpProxy = true;
}
};
// Test the logic from handleForwardAction
const route = mockSettings.routes[0];
const action = route.action as any;
// Simulate the fixed logic
if (!action.tls) {
// No TLS settings - check if this port should use HttpProxy
const isHttpProxyPort = mockSettings.useHttpProxy?.includes(mockRecord.localPort);
if (isHttpProxyPort && mockHttpProxyBridge.getHttpProxy()) {
// Forward non-TLS connections to HttpProxy if configured
console.log(`Using HttpProxy for non-TLS connection on port ${mockRecord.localPort}`);
await mockHttpProxyBridge.forwardToHttpProxy();
} else {
// Basic forwarding
console.log(`Using basic forwarding`);
setupDirectConnection = true;
}
}
// Verify the fix works correctly
expect(forwardedToHttpProxy).toEqual(true);
expect(setupDirectConnection).toEqual(false);
console.log('Test passed: Non-TLS connections on HttpProxy ports are forwarded correctly');
});
// Test that non-HttpProxy ports still use direct connection
tap.test('should use direct connection for non-HttpProxy ports', async (tapTest) => {
let forwardedToHttpProxy = false;
let setupDirectConnection = false;
const mockSettings = {
useHttpProxy: [80, 443], // Different ports
httpProxyPort: 8844,
routes: [{
name: 'test-route',
match: { ports: 8080 }, // Not in useHttpProxy
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }]
}
}]
};
const mockRecord = {
id: 'test-connection-2',
localPort: 8080, // Not in useHttpProxy
remoteIP: '127.0.0.1',
isTLS: false
};
const mockHttpProxyBridge = {
getHttpProxy: () => ({ available: true }),
forwardToHttpProxy: async () => {
forwardedToHttpProxy = true;
}
};
const route = mockSettings.routes[0];
const action = route.action as any;
// Test the logic
if (!action.tls) {
const isHttpProxyPort = mockSettings.useHttpProxy?.includes(mockRecord.localPort);
if (isHttpProxyPort && mockHttpProxyBridge.getHttpProxy()) {
console.log(`Using HttpProxy for non-TLS connection on port ${mockRecord.localPort}`);
await mockHttpProxyBridge.forwardToHttpProxy();
} else {
console.log(`Using basic forwarding for port ${mockRecord.localPort}`);
setupDirectConnection = true;
}
}
// Verify port 8080 uses direct connection when not in useHttpProxy
expect(forwardedToHttpProxy).toEqual(false);
expect(setupDirectConnection).toEqual(true);
console.log('Test passed: Non-HttpProxy ports use direct connection');
});
// Test HTTP-01 ACME challenge scenario
tap.test('should handle ACME HTTP-01 challenges on port 80 with HttpProxy', async (tapTest) => {
let forwardedToHttpProxy = false;
const mockSettings = {
useHttpProxy: [80], // Port 80 configured for HttpProxy
httpProxyPort: 8844,
acme: {
port: 80,
email: 'test@example.com'
},
routes: [{
name: 'acme-challenge',
match: {
ports: 80,
paths: ['/.well-known/acme-challenge/*']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8080 }]
}
}]
};
const mockRecord = {
id: 'acme-connection',
localPort: 80,
remoteIP: '127.0.0.1',
isTLS: false
};
const mockHttpProxyBridge = {
getHttpProxy: () => ({ available: true }),
forwardToHttpProxy: async () => {
forwardedToHttpProxy = true;
}
};
const route = mockSettings.routes[0];
const action = route.action as any;
// Test the fix for ACME HTTP-01 challenges
if (!action.tls) {
const isHttpProxyPort = mockSettings.useHttpProxy?.includes(mockRecord.localPort);
if (isHttpProxyPort && mockHttpProxyBridge.getHttpProxy()) {
console.log(`Using HttpProxy for ACME challenge on port ${mockRecord.localPort}`);
await mockHttpProxyBridge.forwardToHttpProxy();
}
}
// Verify HTTP-01 challenges on port 80 go through HttpProxy
expect(forwardedToHttpProxy).toEqual(true);
console.log('Test passed: ACME HTTP-01 challenges on port 80 use HttpProxy');
});
export default tap.start();

256
test/test.http-fix-verification.ts
View File

@@ -1,256 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { RouteConnectionHandler } from '../ts/proxies/smart-proxy/route-connection-handler.js';
import type { ISmartProxyOptions } from '../ts/proxies/smart-proxy/models/interfaces.js';
import * as net from 'net';
// Direct test of the fix in RouteConnectionHandler
tap.test('should detect and forward non-TLS connections on useHttpProxy ports', async (tapTest) => {
// Create mock objects
const mockSettings: ISmartProxyOptions = {
useHttpProxy: [8080],
httpProxyPort: 8844,
routes: [{
name: 'test-route',
match: { ports: 8080 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }]
}
}]
};
let httpProxyForwardCalled = false;
let directConnectionCalled = false;
// Create mocks for dependencies
const mockHttpProxyBridge = {
getHttpProxy: () => ({ available: true }),
forwardToHttpProxy: async (...args: any[]) => {
console.log('Mock: forwardToHttpProxy called');
httpProxyForwardCalled = true;
}
};
// Mock connection manager
const mockConnectionManager = {
createConnection: (socket: any) => ({
id: 'test-connection',
localPort: 8080,
remoteIP: '127.0.0.1',
isTLS: false
}),
generateConnectionId: () => 'test-connection-id',
initiateCleanupOnce: () => {},
cleanupConnection: () => {},
getConnectionCount: () => 1,
trackConnectionByRoute: (routeId: string, connectionId: string) => {},
handleError: (type: string, record: any) => {
return (error: Error) => {
console.log(`Mock: Error handled for ${type}: ${error.message}`);
};
}
};
// Mock route manager that returns a matching route
const mockRouteManager = {
findMatchingRoute: (criteria: any) => ({
route: mockSettings.routes[0]
}),
getRoutes: () => mockSettings.routes,
getRoutesForPort: (port: number) => mockSettings.routes.filter(r => {
const ports = Array.isArray(r.match.ports) ? r.match.ports : [r.match.ports];
return ports.some(p => {
if (typeof p === 'number') {
return p === port;
} else if (p && typeof p === 'object' && 'from' in p && 'to' in p) {
return port >= p.from && port <= p.to;
}
return false;
});
})
};
// Mock security manager
const mockSecurityManager = {
validateAndTrackIP: () => ({ allowed: true })
};
// Create a mock SmartProxy instance with necessary properties
const mockSmartProxy = {
settings: mockSettings,
connectionManager: mockConnectionManager,
securityManager: mockSecurityManager,
httpProxyBridge: mockHttpProxyBridge,
routeManager: mockRouteManager
} as any;
// Create route connection handler instance
const handler = new RouteConnectionHandler(mockSmartProxy);
// Override setupDirectConnection to track if it's called
handler['setupDirectConnection'] = (...args: any[]) => {
console.log('Mock: setupDirectConnection called');
directConnectionCalled = true;
};
// Test: Create a mock socket representing non-TLS connection on port 8080
const mockSocket = {
localPort: 8080,
remoteAddress: '127.0.0.1',
on: function(event: string, handler: Function) { return this; },
once: function(event: string, handler: Function) {
// Capture the data handler
if (event === 'data') {
this._dataHandler = handler;
}
return this;
},
end: () => {},
destroy: () => {},
pause: () => {},
resume: () => {},
removeListener: function() { return this; },
emit: () => {},
setNoDelay: () => {},
setKeepAlive: () => {},
_dataHandler: null as any
} as any;
// Simulate the handler processing the connection
handler.handleConnection(mockSocket);
// Simulate receiving non-TLS data
if (mockSocket._dataHandler) {
mockSocket._dataHandler(Buffer.from('GET / HTTP/1.1\r\nHost: test.local\r\n\r\n'));
}
// Give it a moment to process
await new Promise(resolve => setTimeout(resolve, 100));
// Verify that the connection was forwarded to HttpProxy, not direct connection
expect(httpProxyForwardCalled).toEqual(true);
expect(directConnectionCalled).toEqual(false);
});
// Test that verifies TLS connections still work normally
tap.test('should handle TLS connections normally', async (tapTest) => {
const mockSettings: ISmartProxyOptions = {
useHttpProxy: [443],
httpProxyPort: 8844,
routes: [{
name: 'tls-route',
match: { ports: 443 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8443 }],
tls: { mode: 'terminate' }
}
}]
};
let httpProxyForwardCalled = false;
const mockHttpProxyBridge = {
getHttpProxy: () => ({ available: true }),
forwardToHttpProxy: async (...args: any[]) => {
httpProxyForwardCalled = true;
}
};
const mockConnectionManager = {
createConnection: (socket: any) => ({
id: 'test-tls-connection',
localPort: 443,
remoteIP: '127.0.0.1',
isTLS: true,
tlsHandshakeComplete: false
}),
generateConnectionId: () => 'test-tls-connection-id',
initiateCleanupOnce: () => {},
cleanupConnection: () => {},
getConnectionCount: () => 1,
trackConnectionByRoute: (routeId: string, connectionId: string) => {},
handleError: (type: string, record: any) => {
return (error: Error) => {
console.log(`Mock: Error handled for ${type}: ${error.message}`);
};
}
};
const mockTlsManager = {
isTlsHandshake: (chunk: Buffer) => true,
isClientHello: (chunk: Buffer) => true,
extractSNI: (chunk: Buffer) => 'test.local'
};
const mockRouteManager = {
findMatchingRoute: (criteria: any) => ({
route: mockSettings.routes[0]
}),
getRoutes: () => mockSettings.routes,
getRoutesForPort: (port: number) => mockSettings.routes.filter(r => {
const ports = Array.isArray(r.match.ports) ? r.match.ports : [r.match.ports];
return ports.some(p => {
if (typeof p === 'number') {
return p === port;
} else if (p && typeof p === 'object' && 'from' in p && 'to' in p) {
return port >= p.from && port <= p.to;
}
return false;
});
})
};
const mockSecurityManager = {
validateAndTrackIP: () => ({ allowed: true })
};
// Create a mock SmartProxy instance with necessary properties
const mockSmartProxy = {
settings: mockSettings,
connectionManager: mockConnectionManager,
securityManager: mockSecurityManager,
tlsManager: mockTlsManager,
httpProxyBridge: mockHttpProxyBridge,
routeManager: mockRouteManager
} as any;
const handler = new RouteConnectionHandler(mockSmartProxy);
const mockSocket = {
localPort: 443,
remoteAddress: '127.0.0.1',
on: function(event: string, handler: Function) { return this; },
once: function(event: string, handler: Function) {
// Capture the data handler
if (event === 'data') {
this._dataHandler = handler;
}
return this;
},
end: () => {},
destroy: () => {},
pause: () => {},
resume: () => {},
removeListener: function() { return this; },
emit: () => {},
setNoDelay: () => {},
setKeepAlive: () => {},
_dataHandler: null as any
} as any;
handler.handleConnection(mockSocket);
// Simulate TLS handshake
if (mockSocket._dataHandler) {
const tlsHandshake = Buffer.from([0x16, 0x03, 0x01, 0x00, 0x05]);
mockSocket._dataHandler(tlsHandshake);
}
await new Promise(resolve => setTimeout(resolve, 100));
// TLS connections with 'terminate' mode should go to HttpProxy
expect(httpProxyForwardCalled).toEqual(true);
});
export default tap.start();

189
test/test.http-forwarding-fix.ts
View File

@@ -1,189 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as net from 'net';
// Test that verifies HTTP connections on ports configured in useHttpProxy are properly forwarded
tap.test('should detect and forward non-TLS connections on HttpProxy ports', async (tapTest) => {
// Track whether the connection was forwarded to HttpProxy
let forwardedToHttpProxy = false;
let connectionPath = '';
// Create a SmartProxy instance first
const proxy = new SmartProxy({
useHttpProxy: [8081], // Use different port to avoid conflicts
httpProxyPort: 8847, // Use different port to avoid conflicts
routes: [{
name: 'test-http-forward',
match: { ports: 8081 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 8181 }]
}
}]
});
// Add detailed logging to the existing proxy instance
proxy.settings.enableDetailedLogging = true;
// Override the HttpProxy initialization to avoid actual HttpProxy setup
proxy['httpProxyBridge'].initialize = async () => {
console.log('Mock: HttpProxyBridge initialized');
};
proxy['httpProxyBridge'].start = async () => {
console.log('Mock: HttpProxyBridge started');
};
proxy['httpProxyBridge'].stop = async () => {
console.log('Mock: HttpProxyBridge stopped');
return Promise.resolve(); // Ensure it returns a resolved promise
};
await proxy.start();
// Mock the HttpProxy forwarding AFTER start to ensure it's not overridden
const originalForward = (proxy as any).httpProxyBridge.forwardToHttpProxy;
(proxy as any).httpProxyBridge.forwardToHttpProxy = async function(...args: any[]) {
forwardedToHttpProxy = true;
connectionPath = 'httpproxy';
console.log('Mock: Connection forwarded to HttpProxy with args:', args[0], 'on port:', args[2]?.localPort);
// Properly close the connection for the test
const socket = args[1];
socket.end();
socket.destroy();
};
// Mock getHttpProxy to indicate HttpProxy is available
(proxy as any).httpProxyBridge.getHttpProxy = () => ({ available: true });
// Make a connection to port 8080
const client = new net.Socket();
await new Promise<void>((resolve, reject) => {
client.connect(8081, 'localhost', () => {
console.log('Client connected to proxy on port 8081');
// Send a non-TLS HTTP request
client.write('GET / HTTP/1.1\r\nHost: test.local\r\n\r\n');
// Add a small delay to ensure data is sent
setTimeout(() => resolve(), 50);
});
client.on('error', reject);
});
// Give it a moment to process
await new Promise(resolve => setTimeout(resolve, 100));
// Verify the connection was forwarded to HttpProxy
expect(forwardedToHttpProxy).toEqual(true);
expect(connectionPath).toEqual('httpproxy');
client.destroy();
// Restore original method before stopping
(proxy as any).httpProxyBridge.forwardToHttpProxy = originalForward;
console.log('About to stop proxy...');
await proxy.stop();
console.log('Proxy stopped');
// Wait a bit to ensure port is released
await new Promise(resolve => setTimeout(resolve, 100));
});
// Test that verifies the fix detects non-TLS connections
tap.test('should properly detect non-TLS connections on HttpProxy ports', async (tapTest) => {
const targetPort = 8182;
let receivedConnection = false;
// Create a target server that never receives the connection (because it goes to HttpProxy)
const targetServer = net.createServer((socket) => {
receivedConnection = true;
socket.end();
});
await new Promise<void>((resolve) => {
targetServer.listen(targetPort, () => {
console.log(`Target server listening on port ${targetPort}`);
resolve();
});
});
// Mock HttpProxyBridge to track forwarding
let httpProxyForwardCalled = false;
const proxy = new SmartProxy({
useHttpProxy: [8082], // Use different port to avoid conflicts
httpProxyPort: 8848, // Use different port to avoid conflicts
routes: [{
name: 'test-route',
match: {
ports: 8082
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: targetPort }]
}
}]
});
// Override the forwardToHttpProxy method to track calls
const originalForward = proxy['httpProxyBridge'].forwardToHttpProxy;
proxy['httpProxyBridge'].forwardToHttpProxy = async function(...args: any[]) {
httpProxyForwardCalled = true;
console.log('HttpProxy forward called with connectionId:', args[0]);
// Properly close the connection
const socket = args[1];
socket.end();
socket.destroy();
};
// Mock HttpProxyBridge methods
proxy['httpProxyBridge'].initialize = async () => {
console.log('Mock: HttpProxyBridge initialized');
};
proxy['httpProxyBridge'].start = async () => {
console.log('Mock: HttpProxyBridge started');
};
proxy['httpProxyBridge'].stop = async () => {
console.log('Mock: HttpProxyBridge stopped');
return Promise.resolve(); // Ensure it returns a resolved promise
};
// Mock getHttpProxy to return a truthy value
proxy['httpProxyBridge'].getHttpProxy = () => ({} as any);
await proxy.start();
// Make a non-TLS connection
const client = new net.Socket();
await new Promise<void>((resolve, reject) => {
client.connect(8082, 'localhost', () => {
console.log('Connected to proxy');
client.write('GET / HTTP/1.1\r\nHost: test.local\r\n\r\n');
// Add a small delay to ensure data is sent
setTimeout(() => resolve(), 50);
});
client.on('error', () => resolve()); // Ignore errors since we're ending the connection
});
await new Promise(resolve => setTimeout(resolve, 100));
// Verify that HttpProxy was called, not direct connection
expect(httpProxyForwardCalled).toEqual(true);
expect(receivedConnection).toEqual(false); // Target should not receive direct connection
client.destroy();
await proxy.stop();
await new Promise<void>((resolve) => {
targetServer.close(() => resolve());
});
// Wait a bit to ensure port is released
await new Promise(resolve => setTimeout(resolve, 100));
// Restore original method
proxy['httpProxyBridge'].forwardToHttpProxy = originalForward;
});
export default tap.start();

246
test/test.http-port8080-simple.ts
View File

@@ -1,246 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as plugins from '../ts/plugins.js';
import * as net from 'net';
import * as http from 'http';
/**
* This test verifies our improved port binding intelligence for ACME challenges.
* It specifically tests:
* 1. Using port 8080 instead of 80 for ACME HTTP challenges
* 2. Correctly handling shared port bindings between regular routes and challenge routes
* 3. Avoiding port conflicts when updating routes
*/
tap.test('should handle ACME challenges on port 8080 with improved port binding intelligence', async (tapTest) => {
// Create a simple echo server to act as our target
const targetPort = 9001;
let receivedData = '';
const targetServer = net.createServer((socket) => {
console.log('Target server received connection');
socket.on('data', (data) => {
receivedData += data.toString();
console.log('Target server received data:', data.toString().split('\n')[0]);
// Send a simple HTTP response
const response = 'HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\nContent-Length: 13\r\n\r\nHello, World!';
socket.write(response);
});
});
await new Promise<void>((resolve) => {
targetServer.listen(targetPort, () => {
console.log(`Target server listening on port ${targetPort}`);
resolve();
});
});
// In this test we will NOT create a mock ACME server on the same port
// as SmartProxy will use, instead we'll let SmartProxy handle it
const acmeServerPort = 9009;
const acmeRequests: string[] = [];
let acmeServer: http.Server | null = null;
// We'll assume the ACME port is available for SmartProxy
let acmePortAvailable = true;
// Create SmartProxy with ACME configured to use port 8080
console.log('Creating SmartProxy with ACME port 8080...');
const tempCertDir = './temp-certs';
try {
await plugins.smartfile.fs.ensureDir(tempCertDir);
} catch (error) {
// Directory may already exist, that's ok
}
const proxy = new SmartProxy({
enableDetailedLogging: true,
routes: [
{
name: 'test-route',
match: {
ports: [9003],
domains: ['test.example.com']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: targetPort }],
tls: {
mode: 'terminate',
certificate: 'auto' // Use ACME for certificate
}
}
},
// Also add a route for port 8080 to test port sharing
{
name: 'http-route',
match: {
ports: [9009],
domains: ['test.example.com']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: targetPort }]
}
}
],
acme: {
email: 'test@example.com',
useProduction: false,
port: 9009, // Use 9009 instead of default 80
certificateStore: tempCertDir
}
});
// Mock the certificate manager to avoid actual ACME operations
console.log('Mocking certificate manager...');
const createCertManager = (proxy as any).createCertificateManager;
(proxy as any).createCertificateManager = async function(...args: any[]) {
// Create a completely mocked certificate manager that doesn't use ACME at all
return {
initialize: async () => {},
getCertPair: async () => {
return {
publicKey: 'MOCK CERTIFICATE',
privateKey: 'MOCK PRIVATE KEY'
};
},
getAcmeOptions: () => {
return {
port: 9009
};
},
getState: () => {
return {
initializing: false,
ready: true,
port: 9009
};
},
provisionAllCertificates: async () => {
console.log('Mock: Provisioning certificates');
return [];
},
stop: async () => {},
setRoutes: (routes: any) => {},
smartAcme: {
getCertificateForDomain: async () => {
// Return a mock certificate
return {
publicKey: 'MOCK CERTIFICATE',
privateKey: 'MOCK PRIVATE KEY',
validUntil: Date.now() + 90 * 24 * 60 * 60 * 1000,
created: Date.now()
};
},
start: async () => {},
stop: async () => {}
}
};
};
// Track port binding attempts to verify intelligence
const portBindAttempts: number[] = [];
const originalAddPort = (proxy as any).portManager.addPort;
(proxy as any).portManager.addPort = async function(port: number) {
portBindAttempts.push(port);
return originalAddPort.call(this, port);
};
try {
console.log('Starting SmartProxy...');
await proxy.start();
console.log('Port binding attempts:', portBindAttempts);
// Check that we tried to bind to port 9009
// Should attempt to bind to port 9009
expect(portBindAttempts.includes(9009)).toEqual(true);
// Should attempt to bind to port 9003
expect(portBindAttempts.includes(9003)).toEqual(true);
// Get actual bound ports
const boundPorts = proxy.getListeningPorts();
console.log('Actually bound ports:', boundPorts);
// If port 9009 was available, we should be bound to it
if (acmePortAvailable) {
// Should be bound to port 9009 if available
expect(boundPorts.includes(9009)).toEqual(true);
}
// Should be bound to port 9003
expect(boundPorts.includes(9003)).toEqual(true);
// Test adding a new route on port 8080
console.log('Testing route update with port reuse...');
// Reset tracking
portBindAttempts.length = 0;
// Add a new route on port 8080
const newRoutes = [
...proxy.settings.routes,
{
name: 'additional-route',
match: {
ports: [9009],
path: '/additional'
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: targetPort }]
}
}
];
// Update routes - this should NOT try to rebind port 8080
await proxy.updateRoutes(newRoutes);
console.log('Port binding attempts after update:', portBindAttempts);
// We should not try to rebind port 9009 since it's already bound
// Should not attempt to rebind port 9009
expect(portBindAttempts.includes(9009)).toEqual(false);
// We should still be listening on both ports
const portsAfterUpdate = proxy.getListeningPorts();
console.log('Bound ports after update:', portsAfterUpdate);
if (acmePortAvailable) {
// Should still be bound to port 9009
expect(portsAfterUpdate.includes(9009)).toEqual(true);
}
// Should still be bound to port 9003
expect(portsAfterUpdate.includes(9003)).toEqual(true);
// The test is successful at this point - we've verified the port binding intelligence
console.log('Port binding intelligence verified successfully!');
// We'll skip the actual connection test to avoid timeouts
} finally {
// Clean up
console.log('Cleaning up...');
await proxy.stop();
if (targetServer) {
await new Promise<void>((resolve) => {
targetServer.close(() => resolve());
});
}
// No acmeServer to close in this test
// Clean up temp directory
try {
// Remove temp directory
await plugins.smartfile.fs.remove(tempCertDir);
} catch (error) {
console.error('Failed to remove temp directory:', error);
}
}
});
export default tap.start();

114
test/test.http-proxy-security-limits.node.ts
View File

@@ -1,114 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { SecurityManager } from '../ts/proxies/http-proxy/security-manager.js';
import { createLogger } from '../ts/proxies/http-proxy/models/types.js';
let securityManager: SecurityManager;
const logger = createLogger('error'); // Quiet logger for tests
tap.test('Setup HttpProxy SecurityManager', async () => {
securityManager = new SecurityManager(logger, [], 3, 10); // Low limits for testing
});
tap.test('HttpProxy IP connection tracking', async () => {
const testIP = '10.0.0.1';
// Track connections
securityManager.trackConnectionByIP(testIP, 'http-conn1');
securityManager.trackConnectionByIP(testIP, 'http-conn2');
expect(securityManager.getConnectionCountByIP(testIP)).toEqual(2);
// Validate IP should pass
let result = securityManager.validateIP(testIP);
expect(result.allowed).toBeTrue();
// Add one more to reach limit
securityManager.trackConnectionByIP(testIP, 'http-conn3');
// Should now reject new connections
result = securityManager.validateIP(testIP);
expect(result.allowed).toBeFalse();
expect(result.reason).toInclude('Maximum connections per IP (3) exceeded');
// Remove a connection
securityManager.removeConnectionByIP(testIP, 'http-conn1');
// Should allow connections again
result = securityManager.validateIP(testIP);
expect(result.allowed).toBeTrue();
// Clean up
securityManager.removeConnectionByIP(testIP, 'http-conn2');
securityManager.removeConnectionByIP(testIP, 'http-conn3');
});
tap.test('HttpProxy connection rate limiting', async () => {
const testIP = '10.0.0.2';
// Make 10 connection attempts rapidly (at rate limit)
// Note: We don't track connections here as we're testing rate limiting, not per-IP limiting
for (let i = 0; i < 10; i++) {
const result = securityManager.validateIP(testIP);
expect(result.allowed).toBeTrue();
}
// 11th connection should be rate limited
const result = securityManager.validateIP(testIP);
expect(result.allowed).toBeFalse();
expect(result.reason).toInclude('Connection rate limit (10/min) exceeded');
});
tap.test('HttpProxy CLIENT_IP header handling', async () => {
// This tests the scenario where SmartProxy forwards the real client IP
const realClientIP = '203.0.113.1';
const proxyIP = '127.0.0.1';
// Simulate SmartProxy tracking the real client IP
securityManager.trackConnectionByIP(realClientIP, 'forwarded-conn1');
securityManager.trackConnectionByIP(realClientIP, 'forwarded-conn2');
securityManager.trackConnectionByIP(realClientIP, 'forwarded-conn3');
// Real client IP should be at limit
let result = securityManager.validateIP(realClientIP);
expect(result.allowed).toBeFalse();
// But proxy IP should still be allowed
result = securityManager.validateIP(proxyIP);
expect(result.allowed).toBeTrue();
// Clean up
securityManager.removeConnectionByIP(realClientIP, 'forwarded-conn1');
securityManager.removeConnectionByIP(realClientIP, 'forwarded-conn2');
securityManager.removeConnectionByIP(realClientIP, 'forwarded-conn3');
});
tap.test('HttpProxy automatic cleanup', async (tools) => {
const testIP = '10.0.0.3';
// Create and immediately remove connections
for (let i = 0; i < 5; i++) {
securityManager.trackConnectionByIP(testIP, `cleanup-conn${i}`);
securityManager.removeConnectionByIP(testIP, `cleanup-conn${i}`);
}
// Add rate limit entries
for (let i = 0; i < 5; i++) {
securityManager.validateIP(testIP);
}
// Wait a bit (cleanup runs every 60 seconds in production)
// For testing, we'll just verify the cleanup logic works
await tools.delayFor(100);
// Manually trigger cleanup (in production this happens automatically)
(securityManager as any).performIpCleanup();
// IP should be cleaned up
expect(securityManager.getConnectionCountByIP(testIP)).toEqual(0);
});
tap.test('Cleanup HttpProxy SecurityManager', async () => {
securityManager.clearIPTracking();
});
export default tap.start();

405
test/test.httpproxy.function-targets.ts
View File

@@ -1,405 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as plugins from '../ts/plugins.js';
import { HttpProxy } from '../ts/proxies/http-proxy/index.js';
import type { IRouteConfig } from '../ts/proxies/smart-proxy/models/route-types.js';
import type { IRouteContext } from '../ts/core/models/route-context.js';
// Declare variables for tests
let httpProxy: HttpProxy;
let testServer: plugins.http.Server;
let testServerHttp2: plugins.http2.Http2Server;
let serverPort: number;
let serverPortHttp2: number;
// Setup test environment
tap.test('setup HttpProxy function-based targets test environment', async (tools) => {
// Set a reasonable timeout for the test
tools.timeout(30000); // 30 seconds
// Create simple HTTP server to respond to requests
testServer = plugins.http.createServer((req, res) => {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({
url: req.url,
headers: req.headers,
method: req.method,
message: 'HTTP/1.1 Response'
}));
});
// Create simple HTTP/2 server to respond to requests
testServerHttp2 = plugins.http2.createServer();
testServerHttp2.on('stream', (stream, headers) => {
stream.respond({
'content-type': 'application/json',
':status': 200
});
stream.end(JSON.stringify({
path: headers[':path'],
headers,
method: headers[':method'],
message: 'HTTP/2 Response'
}));
});
// Handle HTTP/2 errors
testServerHttp2.on('error', (err) => {
console.error('HTTP/2 server error:', err);
});
// Start the servers
await new Promise<void>(resolve => {
testServer.listen(0, () => {
const address = testServer.address() as { port: number };
serverPort = address.port;
resolve();
});
});
await new Promise<void>(resolve => {
testServerHttp2.listen(0, () => {
const address = testServerHttp2.address() as { port: number };
serverPortHttp2 = address.port;
resolve();
});
});
// Create HttpProxy instance
httpProxy = new HttpProxy({
port: 0, // Use dynamic port
logLevel: 'info', // Use info level to see more logs
// Disable ACME to avoid trying to bind to port 80
acme: {
enabled: false
}
});
await httpProxy.start();
// Log the actual port being used
const actualPort = httpProxy.getListeningPort();
console.log(`HttpProxy actual listening port: ${actualPort}`);
});
// Test static host/port routes
tap.test('should support static host/port routes', async () => {
// Get proxy port first
const proxyPort = httpProxy.getListeningPort();
const routes: IRouteConfig[] = [
{
name: 'static-route',
priority: 100,
match: {
domains: 'example.com',
ports: proxyPort
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: serverPort
}]
}
}
];
await httpProxy.updateRouteConfigs(routes);
// Make request to proxy
const response = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/test',
method: 'GET',
headers: {
'Host': 'example.com'
}
});
expect(response.statusCode).toEqual(200);
const body = JSON.parse(response.body);
expect(body.url).toEqual('/test');
expect(body.headers.host).toEqual(`localhost:${serverPort}`);
});
// Test function-based host
tap.test('should support function-based host', async () => {
const proxyPort = httpProxy.getListeningPort();
const routes: IRouteConfig[] = [
{
name: 'function-host-route',
priority: 100,
match: {
domains: 'function.example.com',
ports: proxyPort
},
action: {
type: 'forward',
targets: [{
host: (context: IRouteContext) => {
// Return localhost always in this test
return 'localhost';
},
port: serverPort
}]
}
}
];
await httpProxy.updateRouteConfigs(routes);
// Make request to proxy
const response = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/function-host',
method: 'GET',
headers: {
'Host': 'function.example.com'
}
});
expect(response.statusCode).toEqual(200);
const body = JSON.parse(response.body);
expect(body.url).toEqual('/function-host');
expect(body.headers.host).toEqual(`localhost:${serverPort}`);
});
// Test function-based port
tap.test('should support function-based port', async () => {
const proxyPort = httpProxy.getListeningPort();
const routes: IRouteConfig[] = [
{
name: 'function-port-route',
priority: 100,
match: {
domains: 'function-port.example.com',
ports: proxyPort
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: (context: IRouteContext) => {
// Return test server port
return serverPort;
}
}]
}
}
];
await httpProxy.updateRouteConfigs(routes);
// Make request to proxy
const response = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/function-port',
method: 'GET',
headers: {
'Host': 'function-port.example.com'
}
});
expect(response.statusCode).toEqual(200);
const body = JSON.parse(response.body);
expect(body.url).toEqual('/function-port');
expect(body.headers.host).toEqual(`localhost:${serverPort}`);
});
// Test function-based host AND port
tap.test('should support function-based host AND port', async () => {
const proxyPort = httpProxy.getListeningPort();
const routes: IRouteConfig[] = [
{
name: 'function-both-route',
priority: 100,
match: {
domains: 'function-both.example.com',
ports: proxyPort
},
action: {
type: 'forward',
targets: [{
host: (context: IRouteContext) => {
return 'localhost';
},
port: (context: IRouteContext) => {
return serverPort;
}
}]
}
}
];
await httpProxy.updateRouteConfigs(routes);
// Make request to proxy
const response = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/function-both',
method: 'GET',
headers: {
'Host': 'function-both.example.com'
}
});
expect(response.statusCode).toEqual(200);
const body = JSON.parse(response.body);
expect(body.url).toEqual('/function-both');
expect(body.headers.host).toEqual(`localhost:${serverPort}`);
});
// Test context-based routing with path
tap.test('should support context-based routing with path', async () => {
const proxyPort = httpProxy.getListeningPort();
const routes: IRouteConfig[] = [
{
name: 'context-path-route',
priority: 100,
match: {
domains: 'context.example.com',
ports: proxyPort
},
action: {
type: 'forward',
targets: [{
host: (context: IRouteContext) => {
// Use path to determine host
if (context.path?.startsWith('/api')) {
return 'localhost';
} else {
return '127.0.0.1'; // Another way to reference localhost
}
},
port: serverPort
}]
}
}
];
await httpProxy.updateRouteConfigs(routes);
// Make request to proxy with /api path
const apiResponse = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/api/test',
method: 'GET',
headers: {
'Host': 'context.example.com'
}
});
expect(apiResponse.statusCode).toEqual(200);
const apiBody = JSON.parse(apiResponse.body);
expect(apiBody.url).toEqual('/api/test');
// Make request to proxy with non-api path
const nonApiResponse = await makeRequest({
hostname: 'localhost',
port: proxyPort,
path: '/web/test',
method: 'GET',
headers: {
'Host': 'context.example.com'
}
});
expect(nonApiResponse.statusCode).toEqual(200);
const nonApiBody = JSON.parse(nonApiResponse.body);
expect(nonApiBody.url).toEqual('/web/test');
});
// Cleanup test environment
tap.test('cleanup HttpProxy function-based targets test environment', async () => {
// Skip cleanup if setup failed
if (!httpProxy && !testServer && !testServerHttp2) {
console.log('Skipping cleanup - setup failed');
return;
}
// Stop test servers first
if (testServer) {
await new Promise<void>((resolve, reject) => {
testServer.close((err) => {
if (err) {
console.error('Error closing test server:', err);
reject(err);
} else {
console.log('Test server closed successfully');
resolve();
}
});
});
}
if (testServerHttp2) {
await new Promise<void>((resolve, reject) => {
testServerHttp2.close((err) => {
if (err) {
console.error('Error closing HTTP/2 test server:', err);
reject(err);
} else {
console.log('HTTP/2 test server closed successfully');
resolve();
}
});
});
}
// Stop HttpProxy last
if (httpProxy) {
console.log('Stopping HttpProxy...');
await httpProxy.stop();
console.log('HttpProxy stopped successfully');
}
// Force exit after a short delay to ensure cleanup
const cleanupTimeout = setTimeout(() => {
console.log('Cleanup completed, exiting');
}, 100);
// Don't keep the process alive just for this timeout
if (cleanupTimeout.unref) {
cleanupTimeout.unref();
}
});
// Helper function to make HTTPS requests with self-signed certificate support
async function makeRequest(options: plugins.http.RequestOptions): Promise<{ statusCode: number, headers: plugins.http.IncomingHttpHeaders, body: string }> {
return new Promise((resolve, reject) => {
// Use HTTPS with rejectUnauthorized: false to accept self-signed certificates
const req = plugins.https.request({
...options,
rejectUnauthorized: false, // Accept self-signed certificates
}, (res) => {
let body = '';
res.on('data', (chunk) => {
body += chunk;
});
res.on('end', () => {
resolve({
statusCode: res.statusCode || 0,
headers: res.headers,
body
});
});
});
req.on('error', (err) => {
console.error(`Request error: ${err.message}`);
reject(err);
});
req.end();
});
}
// Start the tests
tap.start().then(() => {
// Ensure process exits after tests complete
process.exit(0);
});

596
test/test.httpproxy.ts
View File

@@ -1,596 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as smartproxy from '../ts/index.js';
import { loadTestCertificates } from './helpers/certificates.js';
import * as https from 'https';
import * as http from 'http';
import { WebSocket, WebSocketServer } from 'ws';
let testProxy: smartproxy.HttpProxy;
let testServer: http.Server;
let wsServer: WebSocketServer;
let testCertificates: { privateKey: string; publicKey: string };
// Helper function to make HTTPS requests
async function makeHttpsRequest(
options: https.RequestOptions,
): Promise<{ statusCode: number; headers: http.IncomingHttpHeaders; body: string }> {
console.log('[TEST] Making HTTPS request:', {
hostname: options.hostname,
port: options.port,
path: options.path,
method: options.method,
headers: options.headers,
});
return new Promise((resolve, reject) => {
const req = https.request(options, (res) => {
console.log('[TEST] Received HTTPS response:', {
statusCode: res.statusCode,
headers: res.headers,
});
let data = '';
res.on('data', (chunk) => (data += chunk));
res.on('end', () => {
console.log('[TEST] Response completed:', { data });
// Ensure the socket is destroyed to prevent hanging connections
res.socket?.destroy();
resolve({
statusCode: res.statusCode!,
headers: res.headers,
body: data,
});
});
});
req.on('error', (error) => {
console.error('[TEST] Request error:', error);
reject(error);
});
req.end();
});
}
// Setup test environment
tap.test('setup test environment', async () => {
// Load and validate certificates
console.log('[TEST] Loading and validating certificates');
testCertificates = loadTestCertificates();
console.log('[TEST] Certificates loaded and validated');
// Create a test HTTP server
testServer = http.createServer((req, res) => {
console.log('[TEST SERVER] Received HTTP request:', {
url: req.url,
method: req.method,
headers: req.headers,
});
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('Hello from test server!');
});
// Handle WebSocket upgrade requests
testServer.on('upgrade', (request, socket, head) => {
console.log('[TEST SERVER] Received WebSocket upgrade request:', {
url: request.url,
method: request.method,
headers: {
host: request.headers.host,
upgrade: request.headers.upgrade,
connection: request.headers.connection,
'sec-websocket-key': request.headers['sec-websocket-key'],
'sec-websocket-version': request.headers['sec-websocket-version'],
'sec-websocket-protocol': request.headers['sec-websocket-protocol'],
},
});
if (request.headers.upgrade?.toLowerCase() !== 'websocket') {
console.log('[TEST SERVER] Not a WebSocket upgrade request');
socket.destroy();
return;
}
console.log('[TEST SERVER] Handling WebSocket upgrade');
wsServer.handleUpgrade(request, socket, head, (ws) => {
console.log('[TEST SERVER] WebSocket connection upgraded');
wsServer.emit('connection', ws, request);
});
});
// Create a WebSocket server (for the test HTTP server)
console.log('[TEST SERVER] Creating WebSocket server');
wsServer = new WebSocketServer({
noServer: true,
perMessageDeflate: false,
clientTracking: true,
handleProtocols: () => 'echo-protocol',
});
wsServer.on('connection', (ws, request) => {
console.log('[TEST SERVER] WebSocket connection established:', {
url: request.url,
headers: {
host: request.headers.host,
upgrade: request.headers.upgrade,
connection: request.headers.connection,
'sec-websocket-key': request.headers['sec-websocket-key'],
'sec-websocket-version': request.headers['sec-websocket-version'],
'sec-websocket-protocol': request.headers['sec-websocket-protocol'],
},
});
// Set up connection timeout
const connectionTimeout = setTimeout(() => {
console.error('[TEST SERVER] WebSocket connection timed out');
ws.terminate();
}, 5000);
// Clear timeout when connection is properly closed
const clearConnectionTimeout = () => {
clearTimeout(connectionTimeout);
};
ws.on('message', (message) => {
const msg = message.toString();
console.log('[TEST SERVER] Received WebSocket message:', msg);
try {
const response = `Echo: ${msg}`;
console.log('[TEST SERVER] Sending WebSocket response:', response);
ws.send(response);
// Clear timeout on successful message exchange
clearConnectionTimeout();
} catch (error) {
console.error('[TEST SERVER] Error sending WebSocket message:', error);
}
});
ws.on('error', (error) => {
console.error('[TEST SERVER] WebSocket error:', error);
clearConnectionTimeout();
});
ws.on('close', (code, reason) => {
console.log('[TEST SERVER] WebSocket connection closed:', {
code,
reason: reason.toString(),
wasClean: code === 1000 || code === 1001,
});
clearConnectionTimeout();
});
ws.on('ping', (data) => {
try {
console.log('[TEST SERVER] Received ping, sending pong');
ws.pong(data);
} catch (error) {
console.error('[TEST SERVER] Error sending pong:', error);
}
});
ws.on('pong', (data) => {
console.log('[TEST SERVER] Received pong');
});
});
wsServer.on('error', (error) => {
console.error('Test server: WebSocket server error:', error);
});
wsServer.on('headers', (headers) => {
console.log('Test server: WebSocket headers:', headers);
});
wsServer.on('close', () => {
console.log('Test server: WebSocket server closed');
});
await new Promise<void>((resolve) => testServer.listen(3100, resolve));
console.log('Test server listening on port 3100');
});
tap.test('should create proxy instance', async () => {
// Test with the original minimal options (only port)
testProxy = new smartproxy.HttpProxy({
port: 3001,
});
expect(testProxy).toEqual(testProxy); // Instance equality check
});
tap.test('should create proxy instance with extended options', async () => {
// Test with extended options to verify backward compatibility
testProxy = new smartproxy.HttpProxy({
port: 3001,
maxConnections: 5000,
keepAliveTimeout: 120000,
headersTimeout: 60000,
logLevel: 'info',
cors: {
allowOrigin: '*',
allowMethods: 'GET, POST, OPTIONS',
allowHeaders: 'Content-Type',
maxAge: 3600
}
});
expect(testProxy).toEqual(testProxy); // Instance equality check
expect(testProxy.options.port).toEqual(3001);
});
tap.test('should start the proxy server', async () => {
// Create a new proxy instance
testProxy = new smartproxy.HttpProxy({
port: 3001,
maxConnections: 5000,
backendProtocol: 'http1',
acme: {
enabled: false // Disable ACME for testing
}
});
// Configure routes for the proxy
await testProxy.updateRouteConfigs([
{
match: {
ports: [3001],
domains: ['push.rocks', 'localhost']
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 3100
}],
tls: {
mode: 'terminate'
},
websocket: {
enabled: true,
subprotocols: ['echo-protocol']
}
}
}
]);
// Start the proxy
await testProxy.start();
// Verify the proxy is listening on the correct port
expect(testProxy.getListeningPort()).toEqual(3001);
});
tap.test('should route HTTPS requests based on host header', async () => {
// IMPORTANT: Connect to localhost (where the proxy is listening) but use the Host header "push.rocks"
const response = await makeHttpsRequest({
hostname: 'localhost', // changed from 'push.rocks' to 'localhost'
port: 3001,
path: '/',
method: 'GET',
headers: {
host: 'push.rocks', // virtual host for routing
},
rejectUnauthorized: false,
});
expect(response.statusCode).toEqual(200);
expect(response.body).toEqual('Hello from test server!');
});
tap.test('should handle unknown host headers', async () => {
// Connect to localhost but use an unknown host header.
const response = await makeHttpsRequest({
hostname: 'localhost', // connecting to localhost
port: 3001,
path: '/',
method: 'GET',
headers: {
host: 'unknown.host', // this should not match any proxy config
},
rejectUnauthorized: false,
});
// Expect a 404 response with the appropriate error message.
expect(response.statusCode).toEqual(404);
});
tap.test('should support WebSocket connections', async () => {
// Create a WebSocket client
console.log('[TEST] Testing WebSocket connection');
console.log('[TEST] Creating WebSocket to wss://localhost:3001/ with host header: push.rocks');
const ws = new WebSocket('wss://localhost:3001/', {
protocol: 'echo-protocol',
rejectUnauthorized: false,
headers: {
host: 'push.rocks'
}
});
const connectionTimeout = setTimeout(() => {
console.error('[TEST] WebSocket connection timeout');
ws.terminate();
}, 5000);
const timeouts: NodeJS.Timeout[] = [connectionTimeout];
try {
// Wait for connection with timeout
await Promise.race([
new Promise<void>((resolve, reject) => {
ws.on('open', () => {
console.log('[TEST] WebSocket connected');
clearTimeout(connectionTimeout);
resolve();
});
ws.on('error', (err) => {
console.error('[TEST] WebSocket connection error:', err);
clearTimeout(connectionTimeout);
reject(err);
});
}),
new Promise<void>((_, reject) => {
const timeout = setTimeout(() => reject(new Error('Connection timeout')), 3000);
timeouts.push(timeout);
})
]);
// Send a message and receive echo with timeout
await Promise.race([
new Promise<void>((resolve, reject) => {
const testMessage = 'Hello WebSocket!';
let messageReceived = false;
ws.on('message', (data) => {
messageReceived = true;
const message = data.toString();
console.log('[TEST] Received WebSocket message:', message);
expect(message).toEqual(`Echo: ${testMessage}`);
resolve();
});
ws.on('error', (err) => {
console.error('[TEST] WebSocket message error:', err);
reject(err);
});
console.log('[TEST] Sending WebSocket message:', testMessage);
ws.send(testMessage);
// Add additional debug logging
const debugTimeout = setTimeout(() => {
if (!messageReceived) {
console.log('[TEST] No message received after 2 seconds');
}
}, 2000);
timeouts.push(debugTimeout);
}),
new Promise<void>((_, reject) => {
const timeout = setTimeout(() => reject(new Error('Message timeout')), 3000);
timeouts.push(timeout);
})
]);
// Close the connection properly
await Promise.race([
new Promise<void>((resolve) => {
ws.on('close', () => {
console.log('[TEST] WebSocket closed');
resolve();
});
ws.close();
}),
new Promise<void>((resolve) => {
const timeout = setTimeout(() => {
console.log('[TEST] Force closing WebSocket');
ws.terminate();
resolve();
}, 2000);
timeouts.push(timeout);
})
]);
} catch (error) {
console.error('[TEST] WebSocket test error:', error);
try {
ws.terminate();
} catch (terminateError) {
console.error('[TEST] Error during terminate:', terminateError);
}
// Skip if WebSocket fails for now
console.log('[TEST] WebSocket test failed, continuing with other tests');
} finally {
// Clean up all timeouts
timeouts.forEach(timeout => clearTimeout(timeout));
}
});
tap.test('should handle custom headers', async () => {
await testProxy.addDefaultHeaders({
'X-Proxy-Header': 'test-value',
});
const response = await makeHttpsRequest({
hostname: 'localhost', // changed to 'localhost'
port: 3001,
path: '/',
method: 'GET',
headers: {
host: 'push.rocks', // still routing to push.rocks
},
rejectUnauthorized: false,
});
expect(response.headers['x-proxy-header']).toEqual('test-value');
});
tap.test('should handle CORS preflight requests', async () => {
// Test OPTIONS request (CORS preflight)
const response = await makeHttpsRequest({
hostname: 'localhost',
port: 3001,
path: '/',
method: 'OPTIONS',
headers: {
host: 'push.rocks',
origin: 'https://example.com',
'access-control-request-method': 'POST',
'access-control-request-headers': 'content-type'
},
rejectUnauthorized: false,
});
// Should get appropriate CORS headers
expect(response.statusCode).toBeLessThan(300); // 200 or 204
expect(response.headers['access-control-allow-origin']).toEqual('*');
expect(response.headers['access-control-allow-methods']).toContain('GET');
expect(response.headers['access-control-allow-methods']).toContain('POST');
});
tap.test('should track connections and metrics', async () => {
// Get metrics from the proxy
const metrics = testProxy.getMetrics();
// Verify metrics structure and some values
expect(metrics).toHaveProperty('activeConnections');
expect(metrics).toHaveProperty('totalRequests');
expect(metrics).toHaveProperty('failedRequests');
expect(metrics).toHaveProperty('uptime');
expect(metrics).toHaveProperty('memoryUsage');
expect(metrics).toHaveProperty('activeWebSockets');
// Should have served at least some requests from previous tests
expect(metrics.totalRequests).toBeGreaterThan(0);
expect(metrics.uptime).toBeGreaterThan(0);
});
tap.test('should update capacity settings', async () => {
// Update proxy capacity settings
testProxy.updateCapacity(2000, 60000, 25);
// Verify settings were updated
expect(testProxy.options.maxConnections).toEqual(2000);
expect(testProxy.options.keepAliveTimeout).toEqual(60000);
expect(testProxy.options.connectionPoolSize).toEqual(25);
});
tap.test('should handle certificate requests', async () => {
// Test certificate request (this won't actually issue a cert in test mode)
const result = await testProxy.requestCertificate('test.example.com');
// In test mode with ACME disabled, this should return false
expect(result).toEqual(false);
});
tap.test('should update certificates directly', async () => {
// Test certificate update
const testCert = '-----BEGIN CERTIFICATE-----\nMIIB...test...';
const testKey = '-----BEGIN PRIVATE KEY-----\nMIIE...test...';
// This should not throw
expect(() => {
testProxy.updateCertificate('test.example.com', testCert, testKey);
}).not.toThrow();
});
tap.test('cleanup', async () => {
console.log('[TEST] Starting cleanup');
try {
// 1. Close WebSocket clients if server exists
if (wsServer && wsServer.clients) {
console.log(`[TEST] Terminating ${wsServer.clients.size} WebSocket clients`);
wsServer.clients.forEach((client) => {
try {
client.terminate();
} catch (err) {
console.error('[TEST] Error terminating client:', err);
}
});
}
// 2. Close WebSocket server with timeout
if (wsServer) {
console.log('[TEST] Closing WebSocket server');
await Promise.race([
new Promise<void>((resolve, reject) => {
wsServer.close((err) => {
if (err) {
console.error('[TEST] Error closing WebSocket server:', err);
reject(err);
} else {
console.log('[TEST] WebSocket server closed');
resolve();
}
});
}).catch((err) => {
console.error('[TEST] Caught error closing WebSocket server:', err);
}),
new Promise<void>((resolve) => {
setTimeout(() => {
console.log('[TEST] WebSocket server close timeout');
resolve();
}, 1000);
})
]);
}
// 3. Close test server with timeout
if (testServer) {
console.log('[TEST] Closing test server');
// First close all connections
testServer.closeAllConnections();
await Promise.race([
new Promise<void>((resolve, reject) => {
testServer.close((err) => {
if (err) {
console.error('[TEST] Error closing test server:', err);
reject(err);
} else {
console.log('[TEST] Test server closed');
resolve();
}
});
}).catch((err) => {
console.error('[TEST] Caught error closing test server:', err);
}),
new Promise<void>((resolve) => {
setTimeout(() => {
console.log('[TEST] Test server close timeout');
resolve();
}, 1000);
})
]);
}
// 4. Stop the proxy with timeout
if (testProxy) {
console.log('[TEST] Stopping proxy');
await Promise.race([
testProxy.stop()
.then(() => {
console.log('[TEST] Proxy stopped successfully');
})
.catch((error) => {
console.error('[TEST] Error stopping proxy:', error);
}),
new Promise<void>((resolve) => {
setTimeout(() => {
console.log('[TEST] Proxy stop timeout');
resolve();
}, 2000);
})
]);
}
} catch (error) {
console.error('[TEST] Error during cleanup:', error);
}
console.log('[TEST] Cleanup complete');
// Add debugging to see what might be keeping the process alive
if (process.env.DEBUG_HANDLES) {
console.log('[TEST] Active handles:', (process as any)._getActiveHandles?.().length);
console.log('[TEST] Active requests:', (process as any)._getActiveRequests?.().length);
}
});
// Exit handler removed to prevent interference with test cleanup
// Teardown test removed - let tap handle proper cleanup
export default tap.start();

250
test/test.keepalive-support.node.ts
View File

@@ -1,250 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { SmartProxy } from '../ts/index.js';
import * as plugins from '../ts/plugins.js';
tap.test('keepalive support - verify keepalive connections are properly handled', async (tools) => {
console.log('\n=== KeepAlive Support Test ===');
console.log('Purpose: Verify that keepalive connections are not prematurely cleaned up');
// Create a simple echo backend
const echoBackend = net.createServer((socket) => {
socket.on('data', (data) => {
// Echo back received data
try {
socket.write(data);
} catch (err) {
// Ignore write errors during shutdown
}
});
socket.on('error', (err: NodeJS.ErrnoException) => {
// Ignore errors from backend sockets
console.log(`Backend socket error (expected during cleanup): ${err.code}`);
});
});
await new Promise<void>((resolve) => {
echoBackend.listen(9998, () => {
console.log('✓ Echo backend started on port 9998');
resolve();
});
});
// Test 1: Standard keepalive treatment
console.log('\n--- Test 1: Standard KeepAlive Treatment ---');
const proxy1 = new SmartProxy({
routes: [{
name: 'keepalive-route',
match: { ports: 8590 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9998 }]
}
}],
keepAlive: true,
keepAliveTreatment: 'standard',
inactivityTimeout: 5000, // 5 seconds for faster testing
enableDetailedLogging: false,
});
await proxy1.start();
console.log('✓ Proxy with standard keepalive started on port 8590');
// Create a keepalive connection
const client1 = net.connect(8590, 'localhost');
// Add error handler to prevent unhandled errors
client1.on('error', (err: NodeJS.ErrnoException) => {
console.log(`Client1 error (expected during cleanup): ${err.code}`);
});
await new Promise<void>((resolve) => {
client1.on('connect', () => {
console.log('Client connected');
client1.setKeepAlive(true, 1000);
resolve();
});
});
// Send initial data
client1.write('Hello keepalive\n');
// Wait for echo
await new Promise<void>((resolve) => {
client1.once('data', (data) => {
console.log(`Received echo: ${data.toString().trim()}`);
resolve();
});
});
// Check connection is marked as keepalive
const cm1 = (proxy1 as any).connectionManager;
const connections1 = cm1.getConnections();
let keepAliveCount = 0;
for (const [id, record] of connections1) {
if (record.hasKeepAlive) {
keepAliveCount++;
console.log(`KeepAlive connection ${id}: hasKeepAlive=${record.hasKeepAlive}`);
}
}
expect(keepAliveCount).toEqual(1);
// Wait to ensure it's not cleaned up prematurely
await plugins.smartdelay.delayFor(6000);
const afterWaitCount1 = cm1.getConnectionCount();
console.log(`Connections after 6s wait: ${afterWaitCount1}`);
expect(afterWaitCount1).toEqual(1); // Should still be connected
// Send more data to keep it alive
client1.write('Still alive\n');
// Clean up test 1
client1.destroy();
await proxy1.stop();
await plugins.smartdelay.delayFor(500); // Wait for port to be released
// Test 2: Extended keepalive treatment
console.log('\n--- Test 2: Extended KeepAlive Treatment ---');
const proxy2 = new SmartProxy({
routes: [{
name: 'keepalive-extended',
match: { ports: 8591 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9998 }]
}
}],
keepAlive: true,
keepAliveTreatment: 'extended',
keepAliveInactivityMultiplier: 6,
inactivityTimeout: 2000, // 2 seconds base, 12 seconds with multiplier
enableDetailedLogging: false,
});
await proxy2.start();
console.log('✓ Proxy with extended keepalive started on port 8591');
const client2 = net.connect(8591, 'localhost');
// Add error handler to prevent unhandled errors
client2.on('error', (err: NodeJS.ErrnoException) => {
console.log(`Client2 error (expected during cleanup): ${err.code}`);
});
await new Promise<void>((resolve) => {
client2.on('connect', () => {
console.log('Client connected with extended timeout');
client2.setKeepAlive(true, 1000);
resolve();
});
});
// Send initial data
client2.write('Extended keepalive\n');
// Check connection
const cm2 = (proxy2 as any).connectionManager;
await plugins.smartdelay.delayFor(1000);
const connections2 = cm2.getConnections();
for (const [id, record] of connections2) {
console.log(`Extended connection ${id}: hasKeepAlive=${record.hasKeepAlive}, treatment=extended`);
}
// Wait 3 seconds (would timeout with standard treatment)
await plugins.smartdelay.delayFor(3000);
const midWaitCount = cm2.getConnectionCount();
console.log(`Connections after 3s (base timeout exceeded): ${midWaitCount}`);
expect(midWaitCount).toEqual(1); // Should still be connected due to extended treatment
// Clean up test 2
client2.destroy();
await proxy2.stop();
await plugins.smartdelay.delayFor(500); // Wait for port to be released
// Test 3: Immortal keepalive treatment
console.log('\n--- Test 3: Immortal KeepAlive Treatment ---');
const proxy3 = new SmartProxy({
routes: [{
name: 'keepalive-immortal',
match: { ports: 8592 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9998 }]
}
}],
keepAlive: true,
keepAliveTreatment: 'immortal',
inactivityTimeout: 1000, // 1 second - should be ignored for immortal
enableDetailedLogging: false,
});
await proxy3.start();
console.log('✓ Proxy with immortal keepalive started on port 8592');
const client3 = net.connect(8592, 'localhost');
// Add error handler to prevent unhandled errors
client3.on('error', (err: NodeJS.ErrnoException) => {
console.log(`Client3 error (expected during cleanup): ${err.code}`);
});
await new Promise<void>((resolve) => {
client3.on('connect', () => {
console.log('Client connected with immortal treatment');
client3.setKeepAlive(true, 1000);
resolve();
});
});
// Send initial data
client3.write('Immortal connection\n');
// Wait well beyond normal timeout
await plugins.smartdelay.delayFor(5000);
const cm3 = (proxy3 as any).connectionManager;
const immortalCount = cm3.getConnectionCount();
console.log(`Immortal connections after 5s inactivity: ${immortalCount}`);
expect(immortalCount).toEqual(1); // Should never timeout
// Verify zombie detection doesn't affect immortal connections
console.log('\n--- Verifying zombie detection respects keepalive ---');
// Manually trigger inactivity check
cm3.performOptimizedInactivityCheck();
await plugins.smartdelay.delayFor(1000);
const afterCheckCount = cm3.getConnectionCount();
console.log(`Connections after manual inactivity check: ${afterCheckCount}`);
expect(afterCheckCount).toEqual(1); // Should still be alive
// Clean up
client3.destroy();
await proxy3.stop();
// Close backend and wait for it to fully close
await new Promise<void>((resolve) => {
echoBackend.close(() => {
console.log('Echo backend closed');
resolve();
});
});
console.log('\n✓ All keepalive tests passed:');
console.log(' - Standard treatment works correctly');
console.log(' - Extended treatment applies multiplier');
console.log(' - Immortal treatment never times out');
console.log(' - Zombie detection respects keepalive settings');
});
export default tap.start();

151
test/test.memory-leak-check.node.ts
View File

@@ -1,151 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy, createHttpRoute } from '../ts/index.js';
import * as http from 'http';
tap.test('should not have memory leaks in long-running operations', async (tools) => {
// Get initial memory usage
const getMemoryUsage = () => {
if (global.gc) {
global.gc();
}
const usage = process.memoryUsage();
return {
heapUsed: Math.round(usage.heapUsed / 1024 / 1024), // MB
external: Math.round(usage.external / 1024 / 1024), // MB
rss: Math.round(usage.rss / 1024 / 1024) // MB
};
};
// Create a target server
const targetServer = http.createServer((req, res) => {
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('OK');
});
await new Promise<void>((resolve) => targetServer.listen(3100, resolve));
// Create the proxy - use non-privileged port
const routes = [
createHttpRoute(['test1.local', 'test2.local', 'test3.local'], { host: 'localhost', port: 3100 }),
];
// Update route to use port 8080
routes[0].match.ports = 8080;
const proxy = new SmartProxy({
routes: routes
});
await proxy.start();
console.log('Starting memory leak test...');
const initialMemory = getMemoryUsage();
console.log('Initial memory:', initialMemory);
// Function to make requests
const makeRequest = (domain: string): Promise<void> => {
return new Promise((resolve, reject) => {
const req = http.request({
hostname: 'localhost',
port: 8080,
path: '/',
method: 'GET',
headers: {
'Host': domain
}
}, (res) => {
res.on('data', () => {});
res.on('end', resolve);
});
req.on('error', reject);
req.end();
});
};
// Test 1: Many requests to the same routes
console.log('Test 1: Making 1000 requests to same routes...');
for (let i = 0; i < 1000; i++) {
await makeRequest(`test${(i % 3) + 1}.local`);
if (i % 100 === 0) {
console.log(` Progress: ${i}/1000`);
}
}
const afterSameRoutesMemory = getMemoryUsage();
console.log('Memory after same routes:', afterSameRoutesMemory);
// Test 2: Many requests to different routes (tests routeContextCache)
console.log('Test 2: Making 1000 requests to different routes...');
for (let i = 0; i < 1000; i++) {
// Create unique domain to test cache growth
await makeRequest(`test${i}.local`);
if (i % 100 === 0) {
console.log(` Progress: ${i}/1000`);
}
}
const afterDifferentRoutesMemory = getMemoryUsage();
console.log('Memory after different routes:', afterDifferentRoutesMemory);
// Test 3: Check metrics collector memory
console.log('Test 3: Checking metrics collector...');
const metrics = proxy.getMetrics();
console.log(`Active connections: ${metrics.connections.active()}`);
console.log(`Total connections: ${metrics.connections.total()}`);
console.log(`RPS: ${metrics.requests.perSecond()}`);
// Test 4: Many rapid connections (tests requestTimestamps array)
console.log('Test 4: Making 500 rapid requests...');
const rapidRequests = [];
for (let i = 0; i < 500; i++) {
rapidRequests.push(makeRequest('test1.local'));
if (i % 50 === 0) {
// Wait a bit to let some complete
await Promise.all(rapidRequests);
rapidRequests.length = 0;
// Add delay to allow connections to close
await new Promise(resolve => setTimeout(resolve, 100));
console.log(` Progress: ${i}/500`);
}
}
await Promise.all(rapidRequests);
const afterRapidMemory = getMemoryUsage();
console.log('Memory after rapid requests:', afterRapidMemory);
// Force garbage collection and check final memory
await new Promise(resolve => setTimeout(resolve, 1000));
const finalMemory = getMemoryUsage();
console.log('Final memory:', finalMemory);
// Memory leak checks
const memoryGrowth = finalMemory.heapUsed - initialMemory.heapUsed;
console.log(`Total memory growth: ${memoryGrowth} MB`);
// Check for excessive memory growth
// Allow some growth but not excessive (e.g., more than 50MB for this test)
expect(memoryGrowth).toBeLessThan(50);
// Check specific potential leaks
// 1. Route context cache should not grow unbounded
const routeHandler = proxy.routeConnectionHandler as any;
if (routeHandler.routeContextCache) {
console.log(`Route context cache size: ${routeHandler.routeContextCache.size}`);
// Should not have 1000 entries from different routes test
expect(routeHandler.routeContextCache.size).toBeLessThan(100);
}
// 2. Metrics collector should clean up old timestamps
const metricsCollector = (proxy as any).metricsCollector;
if (metricsCollector && metricsCollector.requestTimestamps) {
console.log(`Request timestamps array length: ${metricsCollector.requestTimestamps.length}`);
// Should clean up old timestamps periodically
expect(metricsCollector.requestTimestamps.length).toBeLessThanOrEqual(10000);
}
// Cleanup
await proxy.stop();
await new Promise<void>((resolve) => targetServer.close(() => resolve()));
console.log('Memory leak test completed successfully');
});
// Run with: node --expose-gc test.memory-leak-check.node.ts
export default tap.start();

59
test/test.memory-leak-simple.ts
View File

@@ -1,59 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy, createHttpRoute } from '../ts/index.js';
import * as http from 'http';
tap.test('memory leak fixes verification', async () => {
// Test 1: MetricsCollector requestTimestamps cleanup
console.log('\n=== Test 1: MetricsCollector requestTimestamps cleanup ===');
const proxy = new SmartProxy({
routes: [
createHttpRoute('test.local', { host: 'localhost', port: 3200 }, {
match: {
ports: 8081,
domains: 'test.local'
}
}),
]
});
await proxy.start();
const metricsCollector = (proxy as any).metricsCollector;
// Check initial state
console.log('Initial timestamps:', metricsCollector.requestTimestamps.length);
// Simulate many requests to test cleanup
for (let i = 0; i < 6000; i++) {
metricsCollector.recordRequest();
}
// Should be cleaned up to MAX_TIMESTAMPS (5000)
console.log('After 6000 requests:', metricsCollector.requestTimestamps.length);
expect(metricsCollector.requestTimestamps.length).toBeLessThanOrEqual(5000);
await proxy.stop();
// Test 2: Verify intervals are cleaned up
console.log('\n=== Test 2: Verify cleanup methods exist ===');
// Check RequestHandler has destroy method
const { RequestHandler } = await import('../ts/proxies/http-proxy/request-handler.js');
const requestHandler = new RequestHandler({ port: 8080 }, null as any);
expect(typeof requestHandler.destroy).toEqual('function');
console.log('✓ RequestHandler has destroy method');
// Check FunctionCache has destroy method
const { FunctionCache } = await import('../ts/proxies/http-proxy/function-cache.js');
const functionCache = new FunctionCache({ debug: () => {}, info: () => {} } as any);
expect(typeof functionCache.destroy).toEqual('function');
console.log('✓ FunctionCache has destroy method');
// Cleanup
requestHandler.destroy();
functionCache.destroy();
console.log('\n✅ All memory leak fixes verified!');
});
export default tap.start();

131
test/test.memory-leak-unit.ts
View File

@@ -1,131 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
tap.test('memory leak fixes - unit tests', async () => {
console.log('\n=== Testing MetricsCollector memory management ===');
// Import and test MetricsCollector directly
const { MetricsCollector } = await import('../ts/proxies/smart-proxy/metrics-collector.js');
// Create a mock SmartProxy with minimal required properties
const mockProxy = {
connectionManager: {
getConnectionCount: () => 0,
getConnections: () => new Map(),
getTerminationStats: () => ({ incoming: {} })
},
routeConnectionHandler: {
newConnectionSubject: {
subscribe: () => ({ unsubscribe: () => {} })
}
},
settings: {}
};
const collector = new MetricsCollector(mockProxy as any);
collector.start();
// Test timestamp cleanup
console.log('Testing requestTimestamps cleanup...');
// Add 6000 timestamps
for (let i = 0; i < 6000; i++) {
collector.recordRequest(`conn-${i}`, 'test-route', '127.0.0.1');
}
// Access private property for testing
let timestamps = (collector as any).requestTimestamps;
console.log(`Timestamps after 6000 requests: ${timestamps.length}`);
// Force one more request to trigger cleanup
collector.recordRequest('conn-final', 'test-route', '127.0.0.1');
timestamps = (collector as any).requestTimestamps;
console.log(`Timestamps after cleanup trigger: ${timestamps.length}`);
// Now check the RPS window - all timestamps are within 1 minute so they won't be cleaned
const now = Date.now();
const oldestTimestamp = Math.min(...timestamps);
const windowAge = now - oldestTimestamp;
console.log(`Window age: ${windowAge}ms (should be < 60000ms for all to be kept)`);
// Since all timestamps are recent (within RPS window), they won't be cleaned by window
// But the array size should still be limited
console.log(`MAX_TIMESTAMPS: ${(collector as any).MAX_TIMESTAMPS}`);
// The issue is our rapid-fire test - all timestamps are within the window
// Let's test with older timestamps
console.log('\nTesting with mixed old/new timestamps...');
(collector as any).requestTimestamps = [];
// Add some old timestamps (older than window)
const oldTime = now - 70000; // 70 seconds ago
for (let i = 0; i < 3000; i++) {
(collector as any).requestTimestamps.push(oldTime);
}
// Add new timestamps to exceed limit
for (let i = 0; i < 3000; i++) {
collector.recordRequest(`conn-new-${i}`, 'test-route', '127.0.0.1');
}
timestamps = (collector as any).requestTimestamps;
console.log(`After mixed timestamps: ${timestamps.length} (old ones should be cleaned)`);
// Old timestamps should be cleaned when we exceed MAX_TIMESTAMPS
expect(timestamps.length).toBeLessThanOrEqual(5000);
// Stop the collector
collector.stop();
console.log('\n=== Testing FunctionCache cleanup ===');
const { FunctionCache } = await import('../ts/proxies/http-proxy/function-cache.js');
const mockLogger = {
debug: () => {},
info: () => {},
warn: () => {},
error: () => {}
};
const cache = new FunctionCache(mockLogger as any);
// Check that cleanup interval was set
expect((cache as any).cleanupInterval).toBeTruthy();
// Test destroy method
cache.destroy();
// Cleanup interval should be cleared
expect((cache as any).cleanupInterval).toBeNull();
console.log('✓ FunctionCache properly cleans up interval');
console.log('\n=== Testing RequestHandler cleanup ===');
const { RequestHandler } = await import('../ts/proxies/http-proxy/request-handler.js');
const mockConnectionPool = {
getConnection: () => null,
releaseConnection: () => {}
};
const handler = new RequestHandler(
{ port: 8080, logLevel: 'error' },
mockConnectionPool as any
);
// Check that cleanup interval was set
expect((handler as any).rateLimitCleanupInterval).toBeTruthy();
// Test destroy method
handler.destroy();
// Cleanup interval should be cleared
expect((handler as any).rateLimitCleanupInterval).toBeNull();
console.log('✓ RequestHandler properly cleans up interval');
console.log('\n✅ All memory leak fixes verified!');
});
export default tap.start();

280
test/test.metrics-collector.ts
View File

@@ -1,280 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
tap.test('MetricsCollector provides accurate metrics', async (tools) => {
console.log('\n=== MetricsCollector Test ===');
// Create a simple echo server for testing
const echoServer = net.createServer((socket) => {
socket.on('data', (data) => {
socket.write(data);
});
socket.on('error', () => {}); // Ignore errors
});
await new Promise<void>((resolve) => {
echoServer.listen(9995, () => {
console.log('✓ Echo server started on port 9995');
resolve();
});
});
// Create SmartProxy with test routes
const proxy = new SmartProxy({
routes: [
{
name: 'test-route-1',
match: { ports: 8700 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9995 }]
}
},
{
name: 'test-route-2',
match: { ports: 8701 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9995 }]
}
}
],
enableDetailedLogging: true,
});
await proxy.start();
console.log('✓ Proxy started on ports 8700 and 8701');
// Get metrics interface
const metrics = proxy.getMetrics();
// Test 1: Initial state
console.log('\n--- Test 1: Initial State ---');
expect(metrics.connections.active()).toEqual(0);
expect(metrics.connections.total()).toEqual(0);
expect(metrics.requests.perSecond()).toEqual(0);
expect(metrics.connections.byRoute().size).toEqual(0);
expect(metrics.connections.byIP().size).toEqual(0);
const throughput = metrics.throughput.instant();
expect(throughput.in).toEqual(0);
expect(throughput.out).toEqual(0);
console.log('✓ Initial metrics are all zero');
// Test 2: Create connections and verify metrics
console.log('\n--- Test 2: Active Connections ---');
const clients: net.Socket[] = [];
// Create 3 connections to route 1
for (let i = 0; i < 3; i++) {
const client = net.connect(8700, 'localhost');
clients.push(client);
await new Promise<void>((resolve) => {
client.on('connect', resolve);
client.on('error', () => resolve());
});
}
// Create 2 connections to route 2
for (let i = 0; i < 2; i++) {
const client = net.connect(8701, 'localhost');
clients.push(client);
await new Promise<void>((resolve) => {
client.on('connect', resolve);
client.on('error', () => resolve());
});
}
// Wait for connections to be fully established and routed
await plugins.smartdelay.delayFor(300);
// Verify connection counts
expect(metrics.connections.active()).toEqual(5);
expect(metrics.connections.total()).toEqual(5);
console.log(`✓ Active connections: ${metrics.connections.active()}`);
console.log(`✓ Total connections: ${metrics.connections.total()}`);
// Test 3: Connections by route
console.log('\n--- Test 3: Connections by Route ---');
const routeConnections = metrics.connections.byRoute();
console.log('Route connections:', Array.from(routeConnections.entries()));
// Check if we have the expected counts
let route1Count = 0;
let route2Count = 0;
for (const [routeName, count] of routeConnections) {
if (routeName === 'test-route-1') route1Count = count;
if (routeName === 'test-route-2') route2Count = count;
}
expect(route1Count).toEqual(3);
expect(route2Count).toEqual(2);
console.log('✓ Route test-route-1 has 3 connections');
console.log('✓ Route test-route-2 has 2 connections');
// Test 4: Connections by IP
console.log('\n--- Test 4: Connections by IP ---');
const ipConnections = metrics.connections.byIP();
// All connections are from localhost (127.0.0.1 or ::1)
let totalIPConnections = 0;
for (const [ip, count] of ipConnections) {
console.log(` IP ${ip}: ${count} connections`);
totalIPConnections += count;
}
expect(totalIPConnections).toEqual(5);
console.log('✓ Total connections by IP matches active connections');
// Test 5: RPS calculation
console.log('\n--- Test 5: Requests Per Second ---');
const rps = metrics.requests.perSecond();
console.log(` Current RPS: ${rps.toFixed(2)}`);
// We created 5 connections, so RPS should be > 0
expect(rps).toBeGreaterThan(0);
console.log('✓ RPS is greater than 0');
// Test 6: Throughput
console.log('\n--- Test 6: Throughput ---');
// Send some data through connections
for (const client of clients) {
if (!client.destroyed) {
client.write('Hello metrics!\n');
}
}
// Wait for data to be transmitted and for sampling to occur
await plugins.smartdelay.delayFor(1100); // Wait for at least one sampling interval
const throughputAfter = metrics.throughput.instant();
console.log(` Bytes in: ${throughputAfter.in}`);
console.log(` Bytes out: ${throughputAfter.out}`);
// Throughput might still be 0 if no samples were taken, so just check it's defined
expect(throughputAfter.in).toBeDefined();
expect(throughputAfter.out).toBeDefined();
console.log('✓ Throughput shows bytes transferred');
// Test 7: Close some connections
console.log('\n--- Test 7: Connection Cleanup ---');
// Close first 2 clients
clients[0].destroy();
clients[1].destroy();
await plugins.smartdelay.delayFor(100);
expect(metrics.connections.active()).toEqual(3);
// Note: total() includes active connections + terminated connections from stats
// The terminated connections might not be counted immediately
const totalConns = metrics.connections.total();
expect(totalConns).toBeGreaterThanOrEqual(3); // At least the active connections
console.log(`✓ Active connections reduced to ${metrics.connections.active()}`);
console.log(`✓ Total connections: ${totalConns}`);
// Test 8: Helper methods
console.log('\n--- Test 8: Helper Methods ---');
// Test getTopIPs
const topIPs = metrics.connections.topIPs(5);
expect(topIPs.length).toBeGreaterThan(0);
console.log('✓ getTopIPs returns IP list');
// Test throughput rate
const throughputRate = metrics.throughput.recent();
console.log(` Throughput rate: ${throughputRate.in} bytes/sec in, ${throughputRate.out} bytes/sec out`);
console.log('✓ Throughput rates calculated');
// Cleanup
console.log('\n--- Cleanup ---');
for (const client of clients) {
if (!client.destroyed) {
client.destroy();
}
}
await proxy.stop();
echoServer.close();
console.log('\n✓ All MetricsCollector tests passed');
});
// Test with mock data for unit testing
tap.test('MetricsCollector unit test with mock data', async () => {
console.log('\n=== MetricsCollector Unit Test ===');
// Create a mock SmartProxy with mock ConnectionManager
const mockConnections = new Map([
['conn1', {
remoteIP: '192.168.1.1',
routeName: 'api',
bytesReceived: 1000,
bytesSent: 500,
incomingStartTime: Date.now() - 5000
}],
['conn2', {
remoteIP: '192.168.1.1',
routeName: 'web',
bytesReceived: 2000,
bytesSent: 1500,
incomingStartTime: Date.now() - 10000
}],
['conn3', {
remoteIP: '192.168.1.2',
routeName: 'api',
bytesReceived: 500,
bytesSent: 250,
incomingStartTime: Date.now() - 3000
}]
]);
const mockSmartProxy = {
connectionManager: {
getConnectionCount: () => mockConnections.size,
getConnections: () => mockConnections,
getTerminationStats: () => ({
incoming: { normal: 10, timeout: 2, error: 1 }
})
}
};
// Import MetricsCollector directly
const { MetricsCollector } = await import('../ts/proxies/smart-proxy/metrics-collector.js');
const metrics = new MetricsCollector(mockSmartProxy as any);
// Test metrics calculation
console.log('\n--- Testing with Mock Data ---');
expect(metrics.connections.active()).toEqual(3);
console.log(`✓ Active connections: ${metrics.connections.active()}`);
expect(metrics.connections.total()).toEqual(16); // 3 active + 13 terminated
console.log(`✓ Total connections: ${metrics.connections.total()}`);
const routeConns = metrics.connections.byRoute();
expect(routeConns.get('api')).toEqual(2);
expect(routeConns.get('web')).toEqual(1);
console.log('✓ Connections by route calculated correctly');
const ipConns = metrics.connections.byIP();
expect(ipConns.get('192.168.1.1')).toEqual(2);
expect(ipConns.get('192.168.1.2')).toEqual(1);
console.log('✓ Connections by IP calculated correctly');
// Throughput tracker returns rates, not totals - just verify it returns something
const throughput = metrics.throughput.instant();
expect(throughput.in).toBeDefined();
expect(throughput.out).toBeDefined();
console.log(`✓ Throughput rates calculated: ${throughput.in} bytes/sec in, ${throughput.out} bytes/sec out`);
// Test RPS tracking
metrics.recordRequest('test-1', 'test-route', '192.168.1.1');
metrics.recordRequest('test-2', 'test-route', '192.168.1.1');
metrics.recordRequest('test-3', 'test-route', '192.168.1.2');
const rps = metrics.requests.perSecond();
expect(rps).toBeGreaterThan(0);
console.log(`✓ RPS tracking works: ${rps.toFixed(2)} req/sec`);
console.log('\n✓ All unit tests passed');
});
export default tap.start();

188
test/test.nftables-manager.ts
View File

@@ -1,188 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { NFTablesManager } from '../ts/proxies/smart-proxy/nftables-manager.js';
import type { IRouteConfig } from '../ts/proxies/smart-proxy/models/route-types.js';
import type { ISmartProxyOptions } from '../ts/proxies/smart-proxy/models/interfaces.js';
import * as child_process from 'child_process';
import { promisify } from 'util';
const exec = promisify(child_process.exec);
// Check if we have root privileges
async function checkRootPrivileges(): Promise<boolean> {
try {
const { stdout } = await exec('id -u');
return stdout.trim() === '0';
} catch (err) {
return false;
}
}
// Skip tests if not root
const isRoot = await checkRootPrivileges();
if (!isRoot) {
console.log('');
console.log('========================================');
console.log('NFTablesManager tests require root privileges');
console.log('Skipping NFTablesManager tests');
console.log('========================================');
console.log('');
// Skip tests when not running as root - tests are marked with tap.skip.test
}
/**
* Tests for the NFTablesManager class
*/
// Sample route configurations for testing
const sampleRoute: IRouteConfig = {
name: 'test-nftables-route',
match: {
ports: 8080,
domains: 'test.example.com'
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8000
}],
forwardingEngine: 'nftables',
nftables: {
protocol: 'tcp',
preserveSourceIP: true,
useIPSets: true
}
}
};
// Sample SmartProxy options
const sampleOptions: ISmartProxyOptions = {
routes: [sampleRoute],
enableDetailedLogging: true
};
// Instance of NFTablesManager for testing
let manager: NFTablesManager;
// Skip these tests by default since they require root privileges to run NFTables commands
// When running as root, change this to false
const SKIP_TESTS = true;
tap.skip.test('NFTablesManager setup test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Create a SmartProxy instance first
const { SmartProxy } = await import('../ts/proxies/smart-proxy/smart-proxy.js');
const proxy = new SmartProxy(sampleOptions);
// Create a new instance of NFTablesManager
manager = new NFTablesManager(proxy);
// Verify the instance was created successfully
expect(manager).toBeTruthy();
});
tap.skip.test('NFTablesManager route provisioning test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Provision the sample route
const result = await manager.provisionRoute(sampleRoute);
// Verify the route was provisioned successfully
expect(result).toEqual(true);
// Verify the route is listed as provisioned
expect(manager.isRouteProvisioned(sampleRoute)).toEqual(true);
});
tap.skip.test('NFTablesManager status test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Get the status of the managed rules
const status = await manager.getStatus();
// Verify status includes our route
const keys = Object.keys(status);
expect(keys.length).toBeGreaterThan(0);
// Check the status of the first rule
const firstStatus = status[keys[0]];
expect(firstStatus.active).toEqual(true);
expect(firstStatus.ruleCount.added).toBeGreaterThan(0);
});
tap.skip.test('NFTablesManager route updating test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Create an updated version of the sample route
const updatedRoute: IRouteConfig = {
...sampleRoute,
action: {
...sampleRoute.action,
targets: [{
host: 'localhost',
port: 9000 // Different port
}],
nftables: {
...sampleRoute.action.nftables,
protocol: 'all' // Different protocol
}
}
};
// Update the route
const result = await manager.updateRoute(sampleRoute, updatedRoute);
// Verify the route was updated successfully
expect(result).toEqual(true);
// Verify the old route is no longer provisioned
expect(manager.isRouteProvisioned(sampleRoute)).toEqual(false);
// Verify the new route is provisioned
expect(manager.isRouteProvisioned(updatedRoute)).toEqual(true);
});
tap.skip.test('NFTablesManager route deprovisioning test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Create an updated version of the sample route from the previous test
const updatedRoute: IRouteConfig = {
...sampleRoute,
action: {
...sampleRoute.action,
targets: [{
host: 'localhost',
port: 9000 // Different port from original test
}],
nftables: {
...sampleRoute.action.nftables,
protocol: 'all' // Different protocol from original test
}
}
};
// Deprovision the route
const result = await manager.deprovisionRoute(updatedRoute);
// Verify the route was deprovisioned successfully
expect(result).toEqual(true);
// Verify the route is no longer provisioned
expect(manager.isRouteProvisioned(updatedRoute)).toEqual(false);
});
tap.skip.test('NFTablesManager cleanup test', async () => {
// Test will be skipped if not running as root due to tap.skip.test
// Stop all NFTables rules
await manager.stop();
// Get the status of the managed rules
const status = await manager.getStatus();
// Verify there are no active rules
expect(Object.keys(status).length).toEqual(0);
});
export default tap.start();

166
test/test.nftables-status.ts
View File

@@ -1,166 +0,0 @@
import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
import { NFTablesManager } from '../ts/proxies/smart-proxy/nftables-manager.js';
import { createNfTablesRoute } from '../ts/proxies/smart-proxy/utils/route-helpers.js';
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as child_process from 'child_process';
import { promisify } from 'util';
const exec = promisify(child_process.exec);
// Check if we have root privileges
async function checkRootPrivileges(): Promise<boolean> {
try {
const { stdout } = await exec('id -u');
return stdout.trim() === '0';
} catch (err) {
return false;
}
}
// Skip tests if not root
const isRoot = await checkRootPrivileges();
if (!isRoot) {
console.log('');
console.log('========================================');
console.log('NFTables status tests require root privileges');
console.log('Skipping NFTables status tests');
console.log('========================================');
console.log('');
}
// Define the test function based on root privileges
const testFn = isRoot ? tap.test : tap.skip.test;
testFn('NFTablesManager status functionality', async () => {
const { SmartProxy } = await import('../ts/proxies/smart-proxy/smart-proxy.js');
const proxy = new SmartProxy({ routes: [] });
const nftablesManager = new NFTablesManager(proxy);
// Create test routes
const testRoutes = [
createNfTablesRoute('test-route-1', { host: 'localhost', port: 8080 }, { ports: 9080 }),
createNfTablesRoute('test-route-2', { host: 'localhost', port: 8081 }, { ports: 9081 }),
createNfTablesRoute('test-route-3', { host: 'localhost', port: 8082 }, {
ports: 9082,
ipAllowList: ['127.0.0.1', '192.168.1.0/24']
})
];
// Get initial status (should be empty)
let status = await nftablesManager.getStatus();
expect(Object.keys(status).length).toEqual(0);
// Provision routes
for (const route of testRoutes) {
await nftablesManager.provisionRoute(route);
}
// Get status after provisioning
status = await nftablesManager.getStatus();
expect(Object.keys(status).length).toEqual(3);
// Check status structure
for (const routeStatus of Object.values(status)) {
expect(routeStatus).toHaveProperty('active');
expect(routeStatus).toHaveProperty('ruleCount');
expect(routeStatus).toHaveProperty('lastUpdate');
expect(routeStatus.active).toBeTrue();
}
// Deprovision one route
await nftablesManager.deprovisionRoute(testRoutes[0]);
// Check status after deprovisioning
status = await nftablesManager.getStatus();
expect(Object.keys(status).length).toEqual(2);
// Cleanup remaining routes
await nftablesManager.stop();
// Final status should be empty
status = await nftablesManager.getStatus();
expect(Object.keys(status).length).toEqual(0);
});
testFn('SmartProxy getNfTablesStatus functionality', async () => {
const smartProxy = new SmartProxy({
routes: [
createNfTablesRoute('proxy-test-1', { host: 'localhost', port: 3000 }, { ports: 3001 }),
createNfTablesRoute('proxy-test-2', { host: 'localhost', port: 3002 }, { ports: 3003 }),
// Include a non-NFTables route to ensure it's not included in the status
{
name: 'non-nftables-route',
match: { ports: 3004 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 3005 }]
}
}
]
});
// Start the proxy
await smartProxy.start();
// Get NFTables status
const status = await smartProxy.getNfTablesStatus();
// Should only have 2 NFTables routes
const statusKeys = Object.keys(status);
expect(statusKeys.length).toEqual(2);
// Check that both NFTables routes are in the status
const routeIds = statusKeys.sort();
expect(routeIds).toContain('proxy-test-1:3001');
expect(routeIds).toContain('proxy-test-2:3003');
// Verify status structure
for (const [routeId, routeStatus] of Object.entries(status)) {
expect(routeStatus).toHaveProperty('active', true);
expect(routeStatus).toHaveProperty('ruleCount');
expect(routeStatus.ruleCount).toHaveProperty('total');
expect(routeStatus.ruleCount.total).toBeGreaterThan(0);
}
// Stop the proxy
await smartProxy.stop();
// After stopping, status should be empty
const finalStatus = await smartProxy.getNfTablesStatus();
expect(Object.keys(finalStatus).length).toEqual(0);
});
testFn('NFTables route update status tracking', async () => {
const smartProxy = new SmartProxy({
routes: [
createNfTablesRoute('update-test', { host: 'localhost', port: 4000 }, { ports: 4001 })
]
});
await smartProxy.start();
// Get initial status
let status = await smartProxy.getNfTablesStatus();
expect(Object.keys(status).length).toEqual(1);
const initialUpdate = status['update-test:4001'].lastUpdate;
// Wait a moment
await new Promise(resolve => setTimeout(resolve, 10));
// Update the route
await smartProxy.updateRoutes([
createNfTablesRoute('update-test', { host: 'localhost', port: 4002 }, { ports: 4001 })
]);
// Get status after update
status = await smartProxy.getNfTablesStatus();
expect(Object.keys(status).length).toEqual(1);
const updatedTime = status['update-test:4001'].lastUpdate;
// The update time should be different
expect(updatedTime.getTime()).toBeGreaterThan(initialUpdate.getTime());
await smartProxy.stop();
});
export default tap.start();

281
test/test.port80-management.node.ts
View File

@@ -1,281 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
/**
* Test that verifies port 80 is not double-registered when both
* user routes and ACME challenges use the same port
*/
tap.test('should not double-register port 80 when user route and ACME use same port', async (tools) => {
tools.timeout(5000);
let port80AddCount = 0;
const activePorts = new Set<number>();
const settings = {
port: 9901,
routes: [
{
name: 'user-route',
match: {
ports: [80]
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: 3000 }]
}
},
{
name: 'secure-route',
match: {
ports: [443]
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: 3001 }],
tls: {
mode: 'terminate' as const,
certificate: 'auto' as const
}
}
}
],
acme: {
email: 'test@test.com',
port: 80 // ACME on same port as user route
}
};
const proxy = new SmartProxy(settings);
// Mock the port manager to track port additions
const mockPortManager = {
addPort: async (port: number) => {
if (activePorts.has(port)) {
return; // Simulate deduplication
}
activePorts.add(port);
if (port === 80) {
port80AddCount++;
}
},
addPorts: async (ports: number[]) => {
for (const port of ports) {
await mockPortManager.addPort(port);
}
},
updatePorts: async (requiredPorts: Set<number>) => {
for (const port of requiredPorts) {
await mockPortManager.addPort(port);
}
},
setShuttingDown: () => {},
closeAll: async () => { activePorts.clear(); },
stop: async () => { await mockPortManager.closeAll(); }
};
// Inject mock
(proxy as any).portManager = mockPortManager;
// Mock certificate manager to prevent ACME calls
(proxy as any).createCertificateManager = async function(routes: any[], certDir: string, acmeOptions: any, initialState?: any) {
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) { /* noop */ },
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
initialize: async function() {
// Simulate ACME route addition
const challengeRoute = {
name: 'acme-challenge',
priority: 1000,
match: {
ports: acmeOptions?.port || 80,
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'static'
}
};
// This would trigger route update in real implementation
},
provisionAllCertificates: async function() {
// Mock implementation to satisfy the call in SmartProxy.start()
// Add the ACME challenge port here too in case initialize was skipped
const challengePort = acmeOptions?.port || 80;
await mockPortManager.addPort(challengePort);
console.log(`Added ACME challenge port from provisionAllCertificates: ${challengePort}`);
},
getAcmeOptions: () => acmeOptions,
getState: () => ({ challengeRouteActive: false }),
stop: async () => {}
};
return mockCertManager;
};
// Mock NFTables
(proxy as any).nftablesManager = {
ensureNFTablesSetup: async () => {},
stop: async () => {}
};
// Mock admin server
(proxy as any).startAdminServer = async function() {
(this as any).servers.set(this.settings.port, {
port: this.settings.port,
close: async () => {}
});
};
await proxy.start();
// Verify that port 80 was added only once
expect(port80AddCount).toEqual(1);
await proxy.stop();
});
/**
* Test that verifies ACME can use a different port than user routes
*/
tap.test('should handle ACME on different port than user routes', async (tools) => {
tools.timeout(5000);
const portAddHistory: number[] = [];
const activePorts = new Set<number>();
const settings = {
port: 9902,
routes: [
{
name: 'user-route',
match: {
ports: [80]
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: 3000 }]
}
},
{
name: 'secure-route',
match: {
ports: [443]
},
action: {
type: 'forward' as const,
targets: [{ host: 'localhost', port: 3001 }],
tls: {
mode: 'terminate' as const,
certificate: 'auto' as const
}
}
}
],
acme: {
email: 'test@test.com',
port: 8080 // ACME on different port than user routes
}
};
const proxy = new SmartProxy(settings);
// Mock the port manager
const mockPortManager = {
addPort: async (port: number) => {
console.log(`Attempting to add port: ${port}`);
if (!activePorts.has(port)) {
activePorts.add(port);
portAddHistory.push(port);
console.log(`Port ${port} added to history`);
} else {
console.log(`Port ${port} already active, not adding to history`);
}
},
addPorts: async (ports: number[]) => {
for (const port of ports) {
await mockPortManager.addPort(port);
}
},
updatePorts: async (requiredPorts: Set<number>) => {
for (const port of requiredPorts) {
await mockPortManager.addPort(port);
}
},
setShuttingDown: () => {},
closeAll: async () => { activePorts.clear(); },
stop: async () => { await mockPortManager.closeAll(); }
};
// Inject mocks
(proxy as any).portManager = mockPortManager;
// Mock certificate manager
(proxy as any).createCertificateManager = async function(routes: any[], certDir: string, acmeOptions: any, initialState?: any) {
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) { /* noop */ },
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
initialize: async function() {
// Simulate ACME route addition on different port
const challengePort = acmeOptions?.port || 80;
const challengeRoute = {
name: 'acme-challenge',
priority: 1000,
match: {
ports: challengePort,
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'static'
}
};
// Add the ACME port to our port tracking
await mockPortManager.addPort(challengePort);
// For debugging
console.log(`Added ACME challenge port: ${challengePort}`);
},
provisionAllCertificates: async function() {
// Mock implementation to satisfy the call in SmartProxy.start()
// Add the ACME challenge port here too in case initialize was skipped
const challengePort = acmeOptions?.port || 80;
await mockPortManager.addPort(challengePort);
console.log(`Added ACME challenge port from provisionAllCertificates: ${challengePort}`);
},
getAcmeOptions: () => acmeOptions,
getState: () => ({ challengeRouteActive: false }),
stop: async () => {}
};
return mockCertManager;
};
// Mock NFTables
(proxy as any).nftablesManager = {
ensureNFTablesSetup: async () => {},
stop: async () => {}
};
// Mock admin server
(proxy as any).startAdminServer = async function() {
(this as any).servers.set(this.settings.port, {
port: this.settings.port,
close: async () => {}
});
};
await proxy.start();
// Log the port history for debugging
console.log('Port add history:', portAddHistory);
// Verify that all expected ports were added
expect(portAddHistory.includes(80)).toBeTrue(); // User route
expect(portAddHistory.includes(443)).toBeTrue(); // TLS route
expect(portAddHistory.includes(8080)).toBeTrue(); // ACME challenge on different port
await proxy.stop();
});
export default tap.start();

182
test/test.proxy-chain-cleanup.node.ts
View File

@@ -1,182 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as plugins from '../ts/plugins.js';
import { SmartProxy } from '../ts/index.js';
let outerProxy: SmartProxy;
let innerProxy: SmartProxy;
tap.test('setup two smartproxies in a chain configuration', async () => {
// Setup inner proxy (backend proxy)
innerProxy = new SmartProxy({
routes: [
{
name: 'inner-backend',
match: {
ports: 8002
},
action: {
type: 'forward',
targets: [{
host: 'httpbin.org',
port: 443
}]
}
}
],
defaults: {
target: {
host: 'httpbin.org',
port: 443
}
},
acceptProxyProtocol: true,
sendProxyProtocol: false,
enableDetailedLogging: true,
inactivityTimeout: 10000 // Shorter timeout for testing
});
await innerProxy.start();
// Setup outer proxy (frontend proxy)
outerProxy = new SmartProxy({
routes: [
{
name: 'outer-frontend',
match: {
ports: 8001
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8002
}],
sendProxyProtocol: true
}
}
],
defaults: {
target: {
host: 'localhost',
port: 8002
}
},
sendProxyProtocol: true,
enableDetailedLogging: true,
inactivityTimeout: 10000 // Shorter timeout for testing
});
await outerProxy.start();
});
tap.test('should properly cleanup connections in proxy chain', async (tools) => {
const testDuration = 30000; // 30 seconds
const connectionInterval = 500; // Create new connection every 500ms
const connectionDuration = 2000; // Each connection lasts 2 seconds
let connectionsCreated = 0;
let connectionsCompleted = 0;
// Function to create a test connection
const createTestConnection = async () => {
connectionsCreated++;
const connectionId = connectionsCreated;
try {
const socket = plugins.net.connect({
port: 8001,
host: 'localhost'
});
await new Promise<void>((resolve, reject) => {
socket.on('connect', () => {
console.log(`Connection ${connectionId} established`);
// Send TLS Client Hello for httpbin.org
const clientHello = Buffer.from([
0x16, 0x03, 0x01, 0x00, 0xc8, // TLS handshake header
0x01, 0x00, 0x00, 0xc4, // Client Hello
0x03, 0x03, // TLS 1.2
...Array(32).fill(0), // Random bytes
0x00, // Session ID length
0x00, 0x02, 0x13, 0x01, // Cipher suites
0x01, 0x00, // Compression methods
0x00, 0x97, // Extensions length
0x00, 0x00, 0x00, 0x0f, 0x00, 0x0d, // SNI extension
0x00, 0x00, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x62, 0x69, 0x6e, 0x2e, 0x6f, 0x72, 0x67 // "httpbin.org"
]);
socket.write(clientHello);
// Keep connection alive for specified duration
setTimeout(() => {
socket.destroy();
connectionsCompleted++;
console.log(`Connection ${connectionId} closed (completed: ${connectionsCompleted}/${connectionsCreated})`);
resolve();
}, connectionDuration);
});
socket.on('error', (err) => {
console.log(`Connection ${connectionId} error: ${err.message}`);
connectionsCompleted++;
reject(err);
});
});
} catch (err) {
console.log(`Failed to create connection ${connectionId}: ${err.message}`);
connectionsCompleted++;
}
};
// Start creating connections
const startTime = Date.now();
const connectionTimer = setInterval(() => {
if (Date.now() - startTime < testDuration) {
createTestConnection().catch(() => {});
} else {
clearInterval(connectionTimer);
}
}, connectionInterval);
// Monitor connection counts
const monitorInterval = setInterval(() => {
const outerConnections = (outerProxy as any).connectionManager.getConnectionCount();
const innerConnections = (innerProxy as any).connectionManager.getConnectionCount();
console.log(`Active connections - Outer: ${outerConnections}, Inner: ${innerConnections}, Created: ${connectionsCreated}, Completed: ${connectionsCompleted}`);
}, 2000);
// Wait for test duration + cleanup time
await tools.delayFor(testDuration + 10000);
clearInterval(connectionTimer);
clearInterval(monitorInterval);
// Wait for all connections to complete
while (connectionsCompleted < connectionsCreated) {
await tools.delayFor(100);
}
// Give some time for cleanup
await tools.delayFor(5000);
// Check final connection counts
const finalOuterConnections = (outerProxy as any).connectionManager.getConnectionCount();
const finalInnerConnections = (innerProxy as any).connectionManager.getConnectionCount();
console.log(`\nFinal connection counts:`);
console.log(`Outer proxy: ${finalOuterConnections}`);
console.log(`Inner proxy: ${finalInnerConnections}`);
console.log(`Total created: ${connectionsCreated}`);
console.log(`Total completed: ${connectionsCompleted}`);
// Both proxies should have cleaned up all connections
expect(finalOuterConnections).toEqual(0);
expect(finalInnerConnections).toEqual(0);
});
tap.test('cleanup proxies', async () => {
await outerProxy.stop();
await innerProxy.stop();
});
export default tap.start();

193
test/test.proxy-chain-simple.node.ts
View File

@@ -1,193 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy and configurations
import { SmartProxy } from '../ts/index.js';
tap.test('simple proxy chain test - identify connection accumulation', async () => {
console.log('\n=== Simple Proxy Chain Test ===');
console.log('Setup: Client → SmartProxy1 (8590) → SmartProxy2 (8591) → Backend (down)');
// Create backend server that accepts and immediately closes connections
const backend = net.createServer((socket) => {
console.log('Backend: Connection received, closing immediately');
socket.destroy();
});
await new Promise<void>((resolve) => {
backend.listen(9998, () => {
console.log('✓ Backend server started on port 9998 (closes connections immediately)');
resolve();
});
});
// Create SmartProxy2 (downstream)
const proxy2 = new SmartProxy({
enableDetailedLogging: true,
socketTimeout: 5000,
routes: [{
name: 'to-backend',
match: { ports: 8591 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9998 // Backend that closes immediately
}]
}
}]
});
// Create SmartProxy1 (upstream)
const proxy1 = new SmartProxy({
enableDetailedLogging: true,
socketTimeout: 5000,
routes: [{
name: 'to-proxy2',
match: { ports: 8590 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8591 // Forward to proxy2
}]
}
}]
});
await proxy2.start();
console.log('✓ SmartProxy2 started on port 8591');
await proxy1.start();
console.log('✓ SmartProxy1 started on port 8590');
// Helper to get connection counts
const getConnectionCounts = () => {
const conn1 = (proxy1 as any).connectionManager;
const conn2 = (proxy2 as any).connectionManager;
return {
proxy1: conn1 ? conn1.getConnectionCount() : 0,
proxy2: conn2 ? conn2.getConnectionCount() : 0
};
};
console.log('\n--- Making 5 sequential connections ---');
for (let i = 0; i < 5; i++) {
console.log(`\n=== Connection ${i + 1} ===`);
const counts = getConnectionCounts();
console.log(`Before: Proxy1=${counts.proxy1}, Proxy2=${counts.proxy2}`);
await new Promise<void>((resolve) => {
const client = new net.Socket();
let dataReceived = false;
client.on('data', (data) => {
console.log(`Client received data: ${data.toString()}`);
dataReceived = true;
});
client.on('error', (err: NodeJS.ErrnoException) => {
console.log(`Client error: ${err.code}`);
resolve();
});
client.on('close', () => {
console.log(`Client closed (data received: ${dataReceived})`);
resolve();
});
client.connect(8590, 'localhost', () => {
console.log('Client connected to Proxy1');
// Send HTTP request
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
});
// Timeout
setTimeout(() => {
if (!client.destroyed) {
console.log('Client timeout, destroying');
client.destroy();
}
resolve();
}, 2000);
});
// Wait a bit and check counts
await new Promise(resolve => setTimeout(resolve, 500));
const afterCounts = getConnectionCounts();
console.log(`After: Proxy1=${afterCounts.proxy1}, Proxy2=${afterCounts.proxy2}`);
if (afterCounts.proxy1 > 0 || afterCounts.proxy2 > 0) {
console.log('⚠️ WARNING: Connections not cleaned up!');
}
}
console.log('\n--- Test with backend completely down ---');
// Stop backend
backend.close();
await new Promise(resolve => setTimeout(resolve, 100));
console.log('✓ Backend stopped');
// Make more connections with backend down
for (let i = 0; i < 3; i++) {
console.log(`\n=== Connection ${i + 6} (backend down) ===`);
const counts = getConnectionCounts();
console.log(`Before: Proxy1=${counts.proxy1}, Proxy2=${counts.proxy2}`);
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8590, 'localhost', () => {
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
});
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 1000);
});
await new Promise(resolve => setTimeout(resolve, 500));
const afterCounts = getConnectionCounts();
console.log(`After: Proxy1=${afterCounts.proxy1}, Proxy2=${afterCounts.proxy2}`);
}
// Final check
console.log('\n--- Final Check ---');
await new Promise(resolve => setTimeout(resolve, 1000));
const finalCounts = getConnectionCounts();
console.log(`Final counts: Proxy1=${finalCounts.proxy1}, Proxy2=${finalCounts.proxy2}`);
await proxy1.stop();
await proxy2.stop();
// Verify
if (finalCounts.proxy1 > 0 || finalCounts.proxy2 > 0) {
console.log('\n❌ FAIL: Connections accumulated!');
} else {
console.log('\n✅ PASS: No connection accumulation');
}
expect(finalCounts.proxy1).toEqual(0);
expect(finalCounts.proxy2).toEqual(0);
});
export default tap.start();

364
test/test.proxy-chaining-accumulation.node.ts
View File

@@ -1,364 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy and configurations
import { SmartProxy } from '../ts/index.js';
tap.test('should handle proxy chaining without connection accumulation', async () => {
console.log('\n=== Testing Proxy Chaining Connection Accumulation ===');
console.log('Setup: Client → SmartProxy1 → SmartProxy2 → Backend (down)');
// Create SmartProxy2 (downstream proxy)
const proxy2 = new SmartProxy({
enableDetailedLogging: false,
socketTimeout: 5000,
routes: [{
name: 'backend-route',
match: { ports: 8581 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent backend
}]
}
}]
});
// Create SmartProxy1 (upstream proxy)
const proxy1 = new SmartProxy({
enableDetailedLogging: false,
socketTimeout: 5000,
routes: [{
name: 'chain-route',
match: { ports: 8580 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8581 // Forward to proxy2
}]
}
}]
});
// Start both proxies
await proxy2.start();
console.log('✓ SmartProxy2 started on port 8581');
await proxy1.start();
console.log('✓ SmartProxy1 started on port 8580');
// Helper to get connection counts
const getConnectionCounts = () => {
const conn1 = (proxy1 as any).connectionManager;
const conn2 = (proxy2 as any).connectionManager;
return {
proxy1: conn1 ? conn1.getConnectionCount() : 0,
proxy2: conn2 ? conn2.getConnectionCount() : 0
};
};
const initialCounts = getConnectionCounts();
console.log(`\nInitial connection counts - Proxy1: ${initialCounts.proxy1}, Proxy2: ${initialCounts.proxy2}`);
// Test 1: Single connection attempt
console.log('\n--- Test 1: Single connection through chain ---');
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', (err: NodeJS.ErrnoException) => {
console.log(`Client received error: ${err.code}`);
resolve();
});
client.on('close', () => {
console.log('Client connection closed');
resolve();
});
client.connect(8580, 'localhost', () => {
console.log('Client connected to Proxy1');
// Send data to trigger routing
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
});
// Timeout
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 1000);
});
// Check connections after single attempt
await new Promise(resolve => setTimeout(resolve, 500));
let counts = getConnectionCounts();
console.log(`After single connection - Proxy1: ${counts.proxy1}, Proxy2: ${counts.proxy2}`);
// Test 2: Multiple simultaneous connections
console.log('\n--- Test 2: Multiple simultaneous connections ---');
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8580, 'localhost', () => {
// Send data
client.write(`GET /test${i} HTTP/1.1\r\nHost: test.com\r\n\r\n`);
});
// Timeout
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 500);
}));
}
await Promise.all(promises);
console.log('✓ All simultaneous connections completed');
// Check connections
counts = getConnectionCounts();
console.log(`After simultaneous connections - Proxy1: ${counts.proxy1}, Proxy2: ${counts.proxy2}`);
// Test 3: Rapid serial connections (simulating retries)
console.log('\n--- Test 3: Rapid serial connections (retries) ---');
for (let i = 0; i < 20; i++) {
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8580, 'localhost', () => {
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
// Quick disconnect to simulate retry behavior
setTimeout(() => client.destroy(), 50);
});
// Timeout
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 200);
});
if ((i + 1) % 5 === 0) {
counts = getConnectionCounts();
console.log(`After ${i + 1} retries - Proxy1: ${counts.proxy1}, Proxy2: ${counts.proxy2}`);
}
// Small delay between retries
await new Promise(resolve => setTimeout(resolve, 50));
}
// Test 4: Long-lived connection attempt
console.log('\n--- Test 4: Long-lived connection attempt ---');
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
resolve();
});
client.on('close', () => {
console.log('Long-lived client closed');
resolve();
});
client.connect(8580, 'localhost', () => {
console.log('Long-lived client connected');
// Send data periodically
const interval = setInterval(() => {
if (!client.destroyed && client.writable) {
client.write('PING\r\n');
} else {
clearInterval(interval);
}
}, 100);
// Close after 2 seconds
setTimeout(() => {
clearInterval(interval);
client.destroy();
}, 2000);
});
// Timeout
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 3000);
});
// Final check
await new Promise(resolve => setTimeout(resolve, 1000));
const finalCounts = getConnectionCounts();
console.log(`\nFinal connection counts - Proxy1: ${finalCounts.proxy1}, Proxy2: ${finalCounts.proxy2}`);
// Monitor for a bit to see if connections are cleaned up
console.log('\nMonitoring connection cleanup...');
for (let i = 0; i < 3; i++) {
await new Promise(resolve => setTimeout(resolve, 500));
counts = getConnectionCounts();
console.log(`After ${(i + 1) * 0.5}s - Proxy1: ${counts.proxy1}, Proxy2: ${counts.proxy2}`);
}
// Stop proxies
await proxy1.stop();
console.log('\n✓ SmartProxy1 stopped');
await proxy2.stop();
console.log('✓ SmartProxy2 stopped');
// Analysis
console.log('\n=== Analysis ===');
if (finalCounts.proxy1 > 0 || finalCounts.proxy2 > 0) {
console.log('❌ FAIL: Connections accumulated!');
console.log(`Proxy1 leaked ${finalCounts.proxy1} connections`);
console.log(`Proxy2 leaked ${finalCounts.proxy2} connections`);
} else {
console.log('✅ PASS: No connection accumulation detected');
}
// Verify
expect(finalCounts.proxy1).toEqual(0);
expect(finalCounts.proxy2).toEqual(0);
});
tap.test('should handle proxy chain with HTTP traffic', async () => {
console.log('\n=== Testing Proxy Chain with HTTP Traffic ===');
// Create SmartProxy2 with HTTP handling
const proxy2 = new SmartProxy({
useHttpProxy: [8583], // Enable HTTP proxy handling
httpProxyPort: 8584,
enableDetailedLogging: false,
routes: [{
name: 'http-backend',
match: { ports: 8583 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent backend
}]
}
}]
});
// Create SmartProxy1 with HTTP handling
const proxy1 = new SmartProxy({
useHttpProxy: [8582], // Enable HTTP proxy handling
httpProxyPort: 8585,
enableDetailedLogging: false,
routes: [{
name: 'http-chain',
match: { ports: 8582 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8583 // Forward to proxy2
}]
}
}]
});
await proxy2.start();
console.log('✓ SmartProxy2 (HTTP) started on port 8583');
await proxy1.start();
console.log('✓ SmartProxy1 (HTTP) started on port 8582');
// Helper to get connection counts
const getConnectionCounts = () => {
const conn1 = (proxy1 as any).connectionManager;
const conn2 = (proxy2 as any).connectionManager;
return {
proxy1: conn1 ? conn1.getConnectionCount() : 0,
proxy2: conn2 ? conn2.getConnectionCount() : 0
};
};
console.log('\nSending HTTP requests through chain...');
// Make HTTP requests
for (let i = 0; i < 5; i++) {
await new Promise<void>((resolve) => {
const client = new net.Socket();
let responseData = '';
client.on('data', (data) => {
responseData += data.toString();
// Check if we got a complete HTTP response
if (responseData.includes('\r\n\r\n')) {
console.log(`Response ${i + 1}: ${responseData.split('\r\n')[0]}`);
client.destroy();
}
});
client.on('error', () => {
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8582, 'localhost', () => {
client.write(`GET /test${i} HTTP/1.1\r\nHost: test.com\r\nConnection: close\r\n\r\n`);
});
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 1000);
});
await new Promise(resolve => setTimeout(resolve, 100));
}
await new Promise(resolve => setTimeout(resolve, 1000));
const finalCounts = getConnectionCounts();
console.log(`\nFinal HTTP proxy counts - Proxy1: ${finalCounts.proxy1}, Proxy2: ${finalCounts.proxy2}`);
await proxy1.stop();
await proxy2.stop();
expect(finalCounts.proxy1).toEqual(0);
expect(finalCounts.proxy2).toEqual(0);
});
export default tap.start();

199
test/test.rapid-retry-cleanup.node.ts
View File

@@ -1,199 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy and configurations
import { SmartProxy } from '../ts/index.js';
tap.test('should handle rapid connection retries without leaking connections', async () => {
console.log('\n=== Testing Rapid Connection Retry Cleanup ===');
// Create a SmartProxy instance
const proxy = new SmartProxy({
enableDetailedLogging: false,
maxConnectionLifetime: 10000,
socketTimeout: 5000,
routes: [{
name: 'test-route',
match: { ports: 8550 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9999 // Non-existent port to force connection failures
}]
}
}]
});
// Start the proxy
await proxy.start();
console.log('✓ Proxy started on port 8550');
// Helper to get active connection count
const getActiveConnections = () => {
const connectionManager = (proxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
// Track connection counts
const connectionCounts: number[] = [];
const initialCount = getActiveConnections();
console.log(`Initial connection count: ${initialCount}`);
// Simulate rapid retries
const retryCount = 20;
const retryDelay = 50; // 50ms between retries
let successfulConnections = 0;
let failedConnections = 0;
console.log(`\nSimulating ${retryCount} rapid connection attempts...`);
for (let i = 0; i < retryCount; i++) {
await new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
failedConnections++;
client.destroy();
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8550, 'localhost', () => {
// Send some data to trigger routing
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
successfulConnections++;
});
// Force close after a short time
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
}, 100);
});
// Small delay between retries
await new Promise(resolve => setTimeout(resolve, retryDelay));
// Check connection count after each attempt
const currentCount = getActiveConnections();
connectionCounts.push(currentCount);
if ((i + 1) % 5 === 0) {
console.log(`After ${i + 1} attempts: ${currentCount} active connections`);
}
}
console.log(`\nConnection attempts complete:`);
console.log(`- Successful: ${successfulConnections}`);
console.log(`- Failed: ${failedConnections}`);
// Wait a bit for any pending cleanups
console.log('\nWaiting for cleanup...');
await new Promise(resolve => setTimeout(resolve, 1000));
// Check final connection count
const finalCount = getActiveConnections();
console.log(`\nFinal connection count: ${finalCount}`);
// Analyze connection count trend
const maxCount = Math.max(...connectionCounts);
const avgCount = connectionCounts.reduce((a, b) => a + b, 0) / connectionCounts.length;
console.log(`\nConnection count statistics:`);
console.log(`- Maximum: ${maxCount}`);
console.log(`- Average: ${avgCount.toFixed(2)}`);
console.log(`- Initial: ${initialCount}`);
console.log(`- Final: ${finalCount}`);
// Stop the proxy
await proxy.stop();
console.log('\n✓ Proxy stopped');
// Verify results
expect(finalCount).toEqual(initialCount);
expect(maxCount).toBeLessThan(10); // Should not accumulate many connections
console.log('\n✅ PASS: Connection cleanup working correctly under rapid retries!');
});
tap.test('should handle routing failures without leaking connections', async () => {
console.log('\n=== Testing Routing Failure Cleanup ===');
// Create a SmartProxy instance with no routes
const proxy = new SmartProxy({
enableDetailedLogging: false,
maxConnectionLifetime: 10000,
socketTimeout: 5000,
routes: [] // No routes - all connections will fail routing
});
// Start the proxy
await proxy.start();
console.log('✓ Proxy started on port 8551 with no routes');
// Helper to get active connection count
const getActiveConnections = () => {
const connectionManager = (proxy as any).connectionManager;
return connectionManager ? connectionManager.getConnectionCount() : 0;
};
const initialCount = getActiveConnections();
console.log(`Initial connection count: ${initialCount}`);
// Create multiple connections that will fail routing
const connectionPromises = [];
for (let i = 0; i < 10; i++) {
connectionPromises.push(new Promise<void>((resolve) => {
const client = new net.Socket();
client.on('error', () => {
client.destroy();
resolve();
});
client.on('close', () => {
resolve();
});
client.connect(8551, 'localhost', () => {
// Send data to trigger routing (which will fail)
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
});
// Force close after a short time
setTimeout(() => {
if (!client.destroyed) {
client.destroy();
}
resolve();
}, 500);
}));
}
// Wait for all connections to complete
await Promise.all(connectionPromises);
console.log('✓ All connection attempts completed');
// Wait for cleanup
await new Promise(resolve => setTimeout(resolve, 500));
const finalCount = getActiveConnections();
console.log(`Final connection count: ${finalCount}`);
// Stop the proxy
await proxy.stop();
console.log('✓ Proxy stopped');
// Verify no connections leaked
expect(finalCount).toEqual(initialCount);
console.log('\n✅ PASS: Routing failures cleaned up correctly!');
});
export default tap.start();

117
test/test.route-callback-simple.ts
View File

@@ -1,117 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
tap.test('should set update routes callback on certificate manager', async () => {
// Create a simple proxy with a route requiring certificates
const proxy = new SmartProxy({
acme: {
email: 'test@local.dev',
useProduction: false,
port: 8080 // Use non-privileged port for ACME challenges globally
},
routes: [{
name: 'test-route',
match: {
ports: [8443],
domains: ['test.local']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 3000 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@local.dev',
useProduction: false
}
}
}
}]
});
// Track callback setting
let callbackSet = false;
// Override createCertificateManager to track callback setting
(proxy as any).createCertificateManager = async function(
routes: any,
certStore: string,
acmeOptions?: any,
initialState?: any
) {
// Create a mock certificate manager
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) {
callbackSet = true;
},
setHttpProxy: function(proxy: any) {},
setGlobalAcmeDefaults: function(defaults: any) {},
setAcmeStateManager: function(manager: any) {},
setRoutes: function(routes: any) {},
initialize: async function() {},
provisionAllCertificates: async function() {},
stop: async function() {},
getAcmeOptions: function() { return acmeOptions || {}; },
getState: function() { return initialState || { challengeRouteActive: false }; }
};
// Mimic the real createCertificateManager behavior
// Always set up the route update callback for ACME challenges
mockCertManager.setUpdateRoutesCallback(async (routes) => {
await this.updateRoutes(routes);
});
// Connect with HttpProxy if available (mimic real behavior)
if ((this as any).httpProxyBridge.getHttpProxy()) {
mockCertManager.setHttpProxy((this as any).httpProxyBridge.getHttpProxy());
}
// Set the ACME state manager
mockCertManager.setAcmeStateManager((this as any).acmeStateManager);
// Pass down the global ACME config if available
if ((this as any).settings.acme) {
mockCertManager.setGlobalAcmeDefaults((this as any).settings.acme);
}
await mockCertManager.initialize();
return mockCertManager;
};
await proxy.start();
// The callback should have been set during initialization
expect(callbackSet).toEqual(true);
// Reset tracking
callbackSet = false;
// Update routes - this should recreate the certificate manager
await proxy.updateRoutes([{
name: 'new-route',
match: {
ports: [8444],
domains: ['new.local']
},
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 3001 }],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@local.dev',
useProduction: false
}
}
}
}]);
// The callback should have been set again after update
expect(callbackSet).toEqual(true);
await proxy.stop();
});
export default tap.start();

343
test/test.route-update-callback.node.ts
View File

@@ -1,343 +0,0 @@
import * as plugins from '../ts/plugins.js';
import { SmartProxy } from '../ts/index.js';
import { tap, expect } from '@git.zone/tstest/tapbundle';
let testProxy: SmartProxy;
// Create test routes using high ports to avoid permission issues
const createRoute = (id: number, domain: string, port: number = 8443) => ({
name: `test-route-${id}`,
match: {
ports: [port],
domains: [domain]
},
action: {
type: 'forward' as const,
targets: [{
host: 'localhost',
port: 3000 + id
}],
tls: {
mode: 'terminate' as const,
certificate: 'auto' as const,
acme: {
email: 'test@testdomain.test',
useProduction: false
}
}
}
});
tap.test('should create SmartProxy instance', async () => {
testProxy = new SmartProxy({
routes: [createRoute(1, 'test1.testdomain.test', 8443)],
acme: {
email: 'test@testdomain.test',
useProduction: false,
port: 8080
}
});
expect(testProxy).toBeInstanceOf(SmartProxy);
});
tap.test('should preserve route update callback after updateRoutes', async () => {
// Mock the certificate manager to avoid actual ACME initialization
const originalInitializeCertManager = (testProxy as any).initializeCertificateManager;
let certManagerInitialized = false;
(testProxy as any).initializeCertificateManager = async function() {
certManagerInitialized = true;
// Create a minimal mock certificate manager
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) {
this.updateRoutesCallback = callback;
},
updateRoutesCallback: null,
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
setRoutes: function(routes: any) {},
initialize: async function() {
// This is where the callback is actually set in the real implementation
return Promise.resolve();
},
provisionAllCertificates: async function() {
return Promise.resolve();
},
stop: async function() {},
getAcmeOptions: function() {
return { email: 'test@testdomain.test' };
},
getState: function() {
return { challengeRouteActive: false };
}
};
(this as any).certManager = mockCertManager;
// Simulate the real behavior where setUpdateRoutesCallback is called
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
};
// Start the proxy (with mocked cert manager)
await testProxy.start();
expect(certManagerInitialized).toEqual(true);
// Get initial certificate manager reference
const initialCertManager = (testProxy as any).certManager;
expect(initialCertManager).toBeTruthy();
expect(initialCertManager.updateRoutesCallback).toBeTruthy();
// Store the initial callback reference
const initialCallback = initialCertManager.updateRoutesCallback;
// Update routes - this should recreate the cert manager with callback
const newRoutes = [
createRoute(1, 'test1.testdomain.test', 8443),
createRoute(2, 'test2.testdomain.test', 8444)
];
// Mock the updateRoutes to simulate the real implementation
testProxy.updateRoutes = async function(routes) {
// Update settings
this.settings.routes = routes;
// Simulate what happens in the real code - recreate cert manager via createCertificateManager
if ((this as any).certManager) {
await (this as any).certManager.stop();
// Simulate createCertificateManager which creates a new cert manager
const newMockCertManager = {
setUpdateRoutesCallback: function(callback: any) {
this.updateRoutesCallback = callback;
},
updateRoutesCallback: null,
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
setRoutes: function(routes: any) {},
initialize: async function() {},
provisionAllCertificates: async function() {},
stop: async function() {},
getAcmeOptions: function() {
return { email: 'test@testdomain.test' };
},
getState: function() {
return { challengeRouteActive: false };
}
};
// Set the callback as done in createCertificateManager
newMockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
(this as any).certManager = newMockCertManager;
await (this as any).certManager.initialize();
}
};
await testProxy.updateRoutes(newRoutes);
// Get new certificate manager reference
const newCertManager = (testProxy as any).certManager;
expect(newCertManager).toBeTruthy();
expect(newCertManager).not.toEqual(initialCertManager); // Should be a new instance
expect(newCertManager.updateRoutesCallback).toBeTruthy(); // Callback should be set
// Test that the callback works
const testChallengeRoute = {
name: 'acme-challenge',
match: {
ports: [8080],
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'static' as const,
content: 'challenge-token'
}
};
// This should not throw "No route update callback set" error
let callbackWorked = false;
try {
// If callback is set, this should work
if (newCertManager.updateRoutesCallback) {
await newCertManager.updateRoutesCallback([...newRoutes, testChallengeRoute]);
callbackWorked = true;
}
} catch (error) {
throw new Error(`Route update callback failed: ${error.message}`);
}
expect(callbackWorked).toEqual(true);
console.log('Route update callback successfully preserved and invoked');
});
tap.test('should handle multiple sequential route updates', async () => {
// Continue with the mocked proxy from previous test
let updateCount = 0;
// Perform multiple route updates
for (let i = 1; i <= 3; i++) {
const routes = [];
for (let j = 1; j <= i; j++) {
routes.push(createRoute(j, `test${j}.testdomain.test`, 8440 + j));
}
await testProxy.updateRoutes(routes);
updateCount++;
// Verify cert manager is properly set up each time
const certManager = (testProxy as any).certManager;
expect(certManager).toBeTruthy();
expect(certManager.updateRoutesCallback).toBeTruthy();
console.log(`Route update ${i} callback is properly set`);
}
expect(updateCount).toEqual(3);
});
tap.test('should handle route updates when cert manager is not initialized', async () => {
// Create proxy without routes that need certificates
const proxyWithoutCerts = new SmartProxy({
routes: [{
name: 'no-cert-route',
match: {
ports: [9080]
},
action: {
type: 'forward' as const,
targets: [{
host: 'localhost',
port: 3000
}]
}
}]
});
// Mock initializeCertificateManager to avoid ACME issues
(proxyWithoutCerts as any).initializeCertificateManager = async function() {
// Only create cert manager if routes need it
const autoRoutes = this.settings.routes.filter((r: any) =>
r.action.tls?.certificate === 'auto'
);
if (autoRoutes.length === 0) {
console.log('No routes require certificate management');
return;
}
// Create mock cert manager
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) {
this.updateRoutesCallback = callback;
},
updateRoutesCallback: null,
setHttpProxy: function() {},
setRoutes: function(routes: any) {},
initialize: async function() {},
provisionAllCertificates: async function() {},
stop: async function() {},
getAcmeOptions: function() {
return { email: 'test@testdomain.test' };
},
getState: function() {
return { challengeRouteActive: false };
}
};
(this as any).certManager = mockCertManager;
// Set the callback
mockCertManager.setUpdateRoutesCallback(async (routes: any) => {
await this.updateRoutes(routes);
});
};
await proxyWithoutCerts.start();
// This should not have a cert manager
const certManager = (proxyWithoutCerts as any).certManager;
expect(certManager).toBeFalsy();
// Update with routes that need certificates
await proxyWithoutCerts.updateRoutes([createRoute(1, 'cert-needed.testdomain.test', 9443)]);
// In the real implementation, cert manager is not created by updateRoutes if it doesn't exist
// This is the expected behavior - cert manager is only created during start() or re-created if already exists
const newCertManager = (proxyWithoutCerts as any).certManager;
expect(newCertManager).toBeFalsy(); // Should still be null
await proxyWithoutCerts.stop();
});
tap.test('should clean up properly', async () => {
await testProxy.stop();
});
tap.test('real code integration test - verify fix is applied', async () => {
// This test will start with routes that need certificates to test the fix
const realProxy = new SmartProxy({
routes: [createRoute(1, 'test.example.com', 9999)],
acme: {
email: 'test@example.com',
useProduction: false,
port: 18080
}
});
// Mock the certificate manager creation to track callback setting
let callbackSet = false;
(realProxy as any).createCertificateManager = async function(routes: any[], certDir: string, acmeOptions: any, initialState?: any) {
const mockCertManager = {
setUpdateRoutesCallback: function(callback: any) {
callbackSet = true;
this.updateRoutesCallback = callback;
},
updateRoutesCallback: null as any,
setHttpProxy: function() {},
setGlobalAcmeDefaults: function() {},
setAcmeStateManager: function() {},
setRoutes: function(routes: any) {},
initialize: async function() {},
provisionAllCertificates: async function() {},
stop: async function() {},
getAcmeOptions: function() {
return acmeOptions || { email: 'test@example.com', useProduction: false };
},
getState: function() {
return initialState || { challengeRouteActive: false };
}
};
// Always set up the route update callback for ACME challenges
mockCertManager.setUpdateRoutesCallback(async (routes) => {
await this.updateRoutes(routes);
});
return mockCertManager;
};
await realProxy.start();
// The callback should have been set during initialization
expect(callbackSet).toEqual(true);
callbackSet = false; // Reset for update test
// Update routes - this should recreate cert manager with callback preserved
const newRoute = createRoute(2, 'test2.example.com', 9999);
await realProxy.updateRoutes([createRoute(1, 'test.example.com', 9999), newRoute]);
// The callback should have been set again during update
expect(callbackSet).toEqual(true);
await realProxy.stop();
console.log('Real code integration test passed - fix is correctly applied!');
});
export default tap.start();

54
test/test.smartacme-integration.ts
View File

@@ -1,54 +0,0 @@
import * as plugins from '../ts/plugins.js';
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartCertManager } from '../ts/proxies/smart-proxy/certificate-manager.js';
import type { IRouteConfig } from '../ts/proxies/smart-proxy/models/route-types.js';
let certManager: SmartCertManager;
tap.test('should create a SmartCertManager instance', async () => {
const routes: IRouteConfig[] = [
{
name: 'test-acme-route',
match: {
domains: ['test.example.com'],
ports: []
},
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 3000
}],
tls: {
mode: 'terminate',
certificate: 'auto',
acme: {
email: 'test@example.com'
}
}
}
}
];
certManager = new SmartCertManager(routes, './test-certs', {
email: 'test@example.com',
useProduction: false
});
// Just verify it creates without error
expect(certManager).toBeInstanceOf(SmartCertManager);
});
tap.test('should verify SmartAcme handlers are accessible', async () => {
// Test that we can access SmartAcme handlers
const http01Handler = new plugins.smartacme.handlers.Http01MemoryHandler();
expect(http01Handler).toBeDefined();
});
tap.test('should verify SmartAcme cert managers are accessible', async () => {
// Test that we can access SmartAcme cert managers
const memoryCertManager = new plugins.smartacme.certmanagers.MemoryCertManager();
expect(memoryCertManager).toBeDefined();
});
export default tap.start();

144
test/test.stuck-connection-cleanup.node.ts
View File

@@ -1,144 +0,0 @@
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import { SmartProxy } from '../ts/index.js';
import * as plugins from '../ts/plugins.js';
tap.test('stuck connection cleanup - verify connections to hanging backends are cleaned up', async (tools) => {
console.log('\n=== Stuck Connection Cleanup Test ===');
console.log('Purpose: Verify that connections to backends that accept but never respond are cleaned up');
// Create a hanging backend that accepts connections but never responds
let backendConnections = 0;
const hangingBackend = net.createServer((socket) => {
backendConnections++;
console.log(`Hanging backend: Connection ${backendConnections} received`);
// Accept the connection but never send any data back
// This simulates a hung backend service
});
await new Promise<void>((resolve) => {
hangingBackend.listen(9997, () => {
console.log('✓ Hanging backend started on port 9997');
resolve();
});
});
// Create proxy that forwards to hanging backend
const proxy = new SmartProxy({
routes: [{
name: 'to-hanging-backend',
match: { ports: 8589 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9997 }]
}
}],
keepAlive: true,
enableDetailedLogging: false,
inactivityTimeout: 5000, // 5 second inactivity check interval for faster testing
});
await proxy.start();
console.log('✓ Proxy started on port 8589');
// Create connections that will get stuck
console.log('\n--- Creating connections to hanging backend ---');
const clients: net.Socket[] = [];
for (let i = 0; i < 5; i++) {
const client = net.connect(8589, 'localhost');
clients.push(client);
await new Promise<void>((resolve) => {
client.on('connect', () => {
console.log(`Client ${i} connected`);
// Send data that will never get a response
client.write(`GET / HTTP/1.1\r\nHost: localhost\r\n\r\n`);
resolve();
});
client.on('error', (err) => {
console.log(`Client ${i} error: ${err.message}`);
resolve();
});
});
}
// Wait a moment for connections to establish
await plugins.smartdelay.delayFor(1000);
// Check initial connection count
const initialCount = (proxy as any).connectionManager.getConnectionCount();
console.log(`\nInitial connection count: ${initialCount}`);
expect(initialCount).toEqual(5);
// Get connection details
const connections = (proxy as any).connectionManager.getConnections();
let stuckCount = 0;
for (const [id, record] of connections) {
if (record.bytesReceived > 0 && record.bytesSent === 0) {
stuckCount++;
console.log(`Stuck connection ${id}: received=${record.bytesReceived}, sent=${record.bytesSent}`);
}
}
console.log(`Stuck connections found: ${stuckCount}`);
expect(stuckCount).toEqual(5);
// Wait for inactivity check to run (it checks every 30s by default, but we set it to 5s)
console.log('\n--- Waiting for stuck connection detection (65 seconds) ---');
console.log('Note: Stuck connections are cleaned up after 60 seconds with no response');
// Speed up time by manually triggering inactivity check after simulating time passage
// First, age the connections by updating their timestamps
const now = Date.now();
for (const [id, record] of connections) {
// Simulate that these connections are 61 seconds old
record.incomingStartTime = now - 61000;
record.lastActivity = now - 61000;
}
// Manually trigger inactivity check
console.log('Manually triggering inactivity check...');
(proxy as any).connectionManager.performOptimizedInactivityCheck();
// Wait for cleanup to complete
await plugins.smartdelay.delayFor(1000);
// Check connection count after cleanup
const afterCleanupCount = (proxy as any).connectionManager.getConnectionCount();
console.log(`\nConnection count after cleanup: ${afterCleanupCount}`);
// Verify termination stats
const stats = (proxy as any).connectionManager.getTerminationStats();
console.log('\nTermination stats:', stats);
// All connections should be cleaned up as "stuck_no_response"
expect(afterCleanupCount).toEqual(0);
// The termination reason might be under incoming or general stats
const stuckCleanups = (stats.incoming.stuck_no_response || 0) +
(stats.outgoing?.stuck_no_response || 0);
console.log(`Stuck cleanups detected: ${stuckCleanups}`);
expect(stuckCleanups).toBeGreaterThan(0);
// Verify clients were disconnected
let closedClients = 0;
for (const client of clients) {
if (client.destroyed) {
closedClients++;
}
}
console.log(`Closed clients: ${closedClients}/5`);
expect(closedClients).toEqual(5);
// Cleanup
console.log('\n--- Cleanup ---');
await proxy.stop();
hangingBackend.close();
console.log('✓ Test complete: Stuck connections are properly detected and cleaned up');
});
export default tap.start();

157
test/test.websocket-keepalive.node.ts
View File

@@ -1,157 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/index.js';
import * as net from 'net';
tap.test('websocket keep-alive settings for SNI passthrough', async (tools) => {
// Test 1: Verify grace periods for TLS connections
console.log('\n=== Test 1: Grace periods for encrypted connections ===');
const proxy = new SmartProxy({
keepAliveTreatment: 'extended',
keepAliveInactivityMultiplier: 10,
inactivityTimeout: 60000, // 1 minute for testing
routes: [
{
name: 'test-passthrough',
match: { ports: 8443, domains: 'test.local' },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9443 }],
tls: { mode: 'passthrough' }
}
}
]
});
// Override route port
proxy.settings.routes[0].match.ports = 8443;
await proxy.start();
// Access connection manager
const connectionManager = proxy.connectionManager;
// Test 2: Verify longer grace periods are applied
console.log('\n=== Test 2: Checking grace period configuration ===');
// Create a mock connection record
const mockRecord = {
id: 'test-conn-1',
remoteIP: '127.0.0.1',
incomingStartTime: Date.now() - 120000, // 2 minutes old
isTLS: true,
incoming: { destroyed: false } as any,
outgoing: { destroyed: true } as any, // Half-zombie state
connectionClosed: false,
hasKeepAlive: true,
lastActivity: Date.now() - 60000
};
// The grace period should be 5 minutes for TLS connections
const gracePeriod = mockRecord.isTLS ? 300000 : 30000;
console.log(`Grace period for TLS connection: ${gracePeriod}ms (${gracePeriod / 1000} seconds)`);
expect(gracePeriod).toEqual(300000); // 5 minutes
// Test 3: Verify keep-alive treatment
console.log('\n=== Test 3: Keep-alive treatment configuration ===');
const settings = proxy.settings;
console.log(`Keep-alive treatment: ${settings.keepAliveTreatment}`);
console.log(`Keep-alive multiplier: ${settings.keepAliveInactivityMultiplier}`);
console.log(`Base inactivity timeout: ${settings.inactivityTimeout}ms`);
// Calculate effective timeout
const effectiveTimeout = settings.inactivityTimeout! * (settings.keepAliveInactivityMultiplier || 6);
console.log(`Effective timeout for keep-alive connections: ${effectiveTimeout}ms (${effectiveTimeout / 1000} seconds)`);
expect(settings.keepAliveTreatment).toEqual('extended');
expect(effectiveTimeout).toEqual(600000); // 10 minutes with our test config
// Test 4: Verify SNI passthrough doesn't get WebSocket heartbeat
console.log('\n=== Test 4: SNI passthrough handling ===');
// Check route configuration
const route = proxy.settings.routes[0];
expect(route.action.tls?.mode).toEqual('passthrough');
// In passthrough mode, WebSocket-specific handling should be skipped
// The connection should be treated as a raw TCP connection
console.log('✓ SNI passthrough routes bypass WebSocket heartbeat checks');
await proxy.stop();
console.log('\n✅ WebSocket keep-alive configuration test completed!');
});
// Test actual long-lived connection behavior
tap.test('long-lived connection survival test', async (tools) => {
tools.timeout(60000); // This test waits 55 seconds
console.log('\n=== Testing long-lived connection survival ===');
// Create a simple echo server
const echoServer = net.createServer((socket) => {
console.log('Echo server: client connected');
socket.on('data', (data) => {
socket.write(data); // Echo back
});
});
await new Promise<void>((resolve) => echoServer.listen(9444, resolve));
// Create proxy with immortal keep-alive
const proxy = new SmartProxy({
keepAliveTreatment: 'immortal', // Never timeout
routes: [
{
name: 'echo-passthrough',
match: { ports: 8444 },
action: {
type: 'forward',
targets: [{ host: 'localhost', port: 9444 }]
}
}
]
});
// Override route port
proxy.settings.routes[0].match.ports = 8444;
await proxy.start();
// Create a client connection
const client = new net.Socket();
await new Promise<void>((resolve, reject) => {
client.connect(8444, 'localhost', () => {
console.log('Client connected to proxy');
resolve();
});
client.on('error', reject);
});
// Keep connection alive with periodic data
let pingCount = 0;
const pingInterval = setInterval(() => {
if (client.writable) {
client.write(`ping ${++pingCount}\n`);
console.log(`Sent ping ${pingCount}`);
}
}, 20000); // Every 20 seconds
// Wait 55 seconds to verify connection survives past old 30s timeout
await new Promise(resolve => setTimeout(resolve, 55000));
// Check if connection is still alive
const isAlive = client.writable && !client.destroyed;
console.log(`Connection alive after 55 seconds: ${isAlive}`);
expect(isAlive).toBeTrue();
// Clean up
clearInterval(pingInterval);
client.destroy();
await proxy.stop();
await new Promise<void>((resolve) => echoServer.close(() => resolve()));
console.log('✅ Long-lived connection survived past 30-second timeout!');
});
export default tap.start();

57
test/test.wrapped-socket.ts
View File

@@ -312,61 +312,4 @@ tap.test('WrappedSocket - should handle encoding and address methods', async ()
server.close();
});
tap.test('WrappedSocket - should work with ConnectionManager', async () => {
// This test verifies that WrappedSocket can be used seamlessly with ConnectionManager
const { ConnectionManager } = await import('../ts/proxies/smart-proxy/connection-manager.js');
// Create minimal settings
const settings = {
routes: [],
defaults: {
security: {
maxConnections: 100
}
}
};
// Create a mock SmartProxy instance
const mockSmartProxy = {
settings,
securityManager: {
trackConnectionByIP: () => {},
untrackConnectionByIP: () => {},
removeConnectionByIP: () => {}
}
} as any;
const connectionManager = new ConnectionManager(mockSmartProxy);
// Create a simple test server
const server = net.createServer();
await new Promise<void>((resolve) => {
server.listen(0, 'localhost', () => resolve());
});
const serverPort = (server.address() as net.AddressInfo).port;
// Create a client connection
const clientSocket = net.connect(serverPort, 'localhost');
// Wait for connection to establish
await new Promise<void>((resolve) => {
clientSocket.once('connect', () => resolve());
});
// Wrap with proxy info
const wrappedSocket = new WrappedSocket(clientSocket, '203.0.113.45', 65432);
// Create connection using wrapped socket
const record = connectionManager.createConnection(wrappedSocket);
expect(record).toBeTruthy();
expect(record!.remoteIP).toEqual('203.0.113.45'); // Should use the real client IP
expect(record!.localPort).toEqual(clientSocket.localPort);
// Clean up
connectionManager.cleanupConnection(record!, 'test-complete');
server.close();
});
export default tap.start();

304
test/test.zombie-connection-cleanup.node.ts
View File

@@ -1,304 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as net from 'net';
import * as plugins from '../ts/plugins.js';
// Import SmartProxy
import { SmartProxy } from '../ts/index.js';
// Import types through type-only imports
import type { ConnectionManager } from '../ts/proxies/smart-proxy/connection-manager.js';
import type { IConnectionRecord } from '../ts/proxies/smart-proxy/models/interfaces.js';
tap.test('zombie connection cleanup - verify inactivity check detects and cleans destroyed sockets', async () => {
console.log('\n=== Zombie Connection Cleanup Test ===');
console.log('Purpose: Verify that connections with destroyed sockets are detected and cleaned up');
console.log('Setup: Client → OuterProxy (8590) → InnerProxy (8591) → Backend (9998)');
// Create backend server that can be controlled
let acceptConnections = true;
let destroyImmediately = false;
const backendConnections: net.Socket[] = [];
const backend = net.createServer((socket) => {
console.log('Backend: Connection received');
backendConnections.push(socket);
if (destroyImmediately) {
console.log('Backend: Destroying connection immediately');
socket.destroy();
} else {
socket.on('data', (data) => {
console.log('Backend: Received data, echoing back');
socket.write(data);
});
}
});
await new Promise<void>((resolve) => {
backend.listen(9998, () => {
console.log('✓ Backend server started on port 9998');
resolve();
});
});
// Create InnerProxy with faster inactivity check for testing
const innerProxy = new SmartProxy({
enableDetailedLogging: true,
inactivityTimeout: 5000, // 5 seconds for faster testing
inactivityCheckInterval: 1000, // Check every second
routes: [{
name: 'to-backend',
match: { ports: 8591 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 9998
}]
}
}]
});
// Create OuterProxy with faster inactivity check
const outerProxy = new SmartProxy({
enableDetailedLogging: true,
inactivityTimeout: 5000, // 5 seconds for faster testing
inactivityCheckInterval: 1000, // Check every second
routes: [{
name: 'to-inner',
match: { ports: 8590 },
action: {
type: 'forward',
targets: [{
host: 'localhost',
port: 8591
}]
}
}]
});
await innerProxy.start();
console.log('✓ InnerProxy started on port 8591');
await outerProxy.start();
console.log('✓ OuterProxy started on port 8590');
// Helper to get connection details
const getConnectionDetails = () => {
const outerConnMgr = (outerProxy as any).connectionManager as ConnectionManager;
const innerConnMgr = (innerProxy as any).connectionManager as ConnectionManager;
const outerRecords = Array.from((outerConnMgr as any).connectionRecords.values()) as IConnectionRecord[];
const innerRecords = Array.from((innerConnMgr as any).connectionRecords.values()) as IConnectionRecord[];
return {
outer: {
count: outerConnMgr.getConnectionCount(),
records: outerRecords,
zombies: outerRecords.filter(r =>
!r.connectionClosed &&
r.incoming?.destroyed &&
(r.outgoing?.destroyed ?? true)
),
halfZombies: outerRecords.filter(r =>
!r.connectionClosed &&
(r.incoming?.destroyed || r.outgoing?.destroyed) &&
!(r.incoming?.destroyed && (r.outgoing?.destroyed ?? true))
)
},
inner: {
count: innerConnMgr.getConnectionCount(),
records: innerRecords,
zombies: innerRecords.filter(r =>
!r.connectionClosed &&
r.incoming?.destroyed &&
(r.outgoing?.destroyed ?? true)
),
halfZombies: innerRecords.filter(r =>
!r.connectionClosed &&
(r.incoming?.destroyed || r.outgoing?.destroyed) &&
!(r.incoming?.destroyed && (r.outgoing?.destroyed ?? true))
)
}
};
};
console.log('\n--- Test 1: Create zombie by destroying sockets without events ---');
// Create a connection and forcefully destroy sockets to create zombies
const client1 = new net.Socket();
await new Promise<void>((resolve) => {
client1.connect(8590, 'localhost', () => {
console.log('Client1 connected to OuterProxy');
client1.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
// Wait for connection to be established through the chain
setTimeout(() => {
console.log('Forcefully destroying backend connections to create zombies');
// Get connection details before destruction
const beforeDetails = getConnectionDetails();
console.log(`Before destruction: Outer=${beforeDetails.outer.count}, Inner=${beforeDetails.inner.count}`);
// Destroy all backend connections without proper close events
backendConnections.forEach(conn => {
if (!conn.destroyed) {
// Remove all listeners to prevent proper cleanup
conn.removeAllListeners();
conn.destroy();
}
});
// Also destroy the client socket abruptly
client1.removeAllListeners();
client1.destroy();
resolve();
}, 500);
});
});
// Check immediately after destruction
await new Promise(resolve => setTimeout(resolve, 100));
let details = getConnectionDetails();
console.log(`\nAfter destruction:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
// Wait for inactivity check to run (should detect zombies)
console.log('\nWaiting for inactivity check to detect zombies...');
await new Promise(resolve => setTimeout(resolve, 2000));
details = getConnectionDetails();
console.log(`\nAfter first inactivity check:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
console.log('\n--- Test 2: Create half-zombie by destroying only one socket ---');
// Clear backend connections array
backendConnections.length = 0;
const client2 = new net.Socket();
await new Promise<void>((resolve) => {
client2.connect(8590, 'localhost', () => {
console.log('Client2 connected to OuterProxy');
client2.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
setTimeout(() => {
console.log('Creating half-zombie by destroying only outgoing socket on outer proxy');
// Access the connection records directly
const outerConnMgr = (outerProxy as any).connectionManager as ConnectionManager;
const outerRecords = Array.from((outerConnMgr as any).connectionRecords.values()) as IConnectionRecord[];
// Find the active connection and destroy only its outgoing socket
const activeRecord = outerRecords.find(r => !r.connectionClosed && r.outgoing && !r.outgoing.destroyed);
if (activeRecord && activeRecord.outgoing) {
console.log('Found active connection, destroying outgoing socket');
activeRecord.outgoing.removeAllListeners();
activeRecord.outgoing.destroy();
}
resolve();
}, 500);
});
});
// Check half-zombie state
await new Promise(resolve => setTimeout(resolve, 100));
details = getConnectionDetails();
console.log(`\nAfter creating half-zombie:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
// Wait for 30-second grace period (simulated by multiple checks)
console.log('\nWaiting for half-zombie grace period (30 seconds simulated)...');
// Manually age the connection to trigger half-zombie cleanup
const outerConnMgr = (outerProxy as any).connectionManager as ConnectionManager;
const records = Array.from((outerConnMgr as any).connectionRecords.values()) as IConnectionRecord[];
records.forEach(record => {
if (!record.connectionClosed) {
// Age the connection by 35 seconds
record.incomingStartTime -= 35000;
}
});
// Trigger inactivity check
await new Promise(resolve => setTimeout(resolve, 2000));
details = getConnectionDetails();
console.log(`\nAfter half-zombie cleanup:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
// Clean up client2 properly
if (!client2.destroyed) {
client2.destroy();
}
console.log('\n--- Test 3: Rapid zombie creation under load ---');
// Create multiple connections rapidly and destroy them
const rapidClients: net.Socket[] = [];
for (let i = 0; i < 5; i++) {
const client = new net.Socket();
rapidClients.push(client);
client.connect(8590, 'localhost', () => {
console.log(`Rapid client ${i} connected`);
client.write('GET / HTTP/1.1\r\nHost: test.com\r\n\r\n');
// Destroy after random delay
setTimeout(() => {
client.removeAllListeners();
client.destroy();
}, Math.random() * 500);
});
// Small delay between connections
await new Promise(resolve => setTimeout(resolve, 50));
}
// Wait a bit
await new Promise(resolve => setTimeout(resolve, 1000));
details = getConnectionDetails();
console.log(`\nAfter rapid connections:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
// Wait for cleanup
console.log('\nWaiting for final cleanup...');
await new Promise(resolve => setTimeout(resolve, 3000));
details = getConnectionDetails();
console.log(`\nFinal state:`);
console.log(` Outer: ${details.outer.count} connections, ${details.outer.zombies.length} zombies, ${details.outer.halfZombies.length} half-zombies`);
console.log(` Inner: ${details.inner.count} connections, ${details.inner.zombies.length} zombies, ${details.inner.halfZombies.length} half-zombies`);
// Cleanup
await outerProxy.stop();
await innerProxy.stop();
backend.close();
// Verify all connections are cleaned up
console.log('\n--- Verification ---');
if (details.outer.count === 0 && details.inner.count === 0) {
console.log('✅ PASS: All zombie connections were cleaned up');
} else {
console.log('❌ FAIL: Some connections remain');
}
expect(details.outer.count).toEqual(0);
expect(details.inner.count).toEqual(0);
expect(details.outer.zombies.length).toEqual(0);
expect(details.inner.zombies.length).toEqual(0);
expect(details.outer.halfZombies.length).toEqual(0);
expect(details.inner.halfZombies.length).toEqual(0);
});
export default tap.start();