fix(port-manager, certificate-manager): Improve port binding and ACME challenge route integration in SmartProxy
This commit is contained in:
parent
3b1531d4a2
commit
669cc2809c
@ -1,5 +1,14 @@
|
||||
# Changelog
|
||||
|
||||
## 2025-05-20 - 19.3.13 - fix(port-manager, certificate-manager)
|
||||
Improve port binding and ACME challenge route integration in SmartProxy
|
||||
|
||||
- Added reference counting in PortManager so that routes sharing the same port reuse the existing binding.
|
||||
- Enhanced error handling to distinguish internal port conflicts from external ones, with more descriptive messages.
|
||||
- Adjusted ACME challenge route addition to merge with existing port bindings when port is already in use.
|
||||
- Refactored updateRoutes to release orphaned ports and bind only new required ports, minimizing rebinding operations.
|
||||
- Improved certificate-manager logic to provide clearer error notifications when ACME port conflicts occur.
|
||||
|
||||
## 2025-05-19 - 19.3.12 - fix(tests)
|
||||
Update test mocks to include provisionAllCertificates methods in certificate manager stubs and related objects.
|
||||
|
||||
|
384
readme.plan.md
Normal file
384
readme.plan.md
Normal file
@ -0,0 +1,384 @@
|
||||
# SmartProxy Development Plan
|
||||
|
||||
## ACME Route Port Binding Intelligence Improvement
|
||||
|
||||
### Problem Statement
|
||||
Currently, SmartProxy has an issue with port binding conflicts between regular routes and ACME challenge routes. While SmartProxy is designed to support multiple routes sharing the same port (differentiated by host, path, etc.), there's a specific conflict when adding ACME challenge routes to a port that is already in use by other routes.
|
||||
|
||||
This results in the error: `Port 80 is already in use for ACME challenges` when SmartProxy tries to bind the ACME challenge route to a port that it's already using.
|
||||
|
||||
### Root Cause Analysis
|
||||
1. **Double Binding Attempt**: SmartProxy tries to bind to port 80 twice - once for application routes and once for ACME challenge routes.
|
||||
2. **Overlapping Route Updates**: When adding a challenge route, it triggers a port binding operation without checking if the port is already bound.
|
||||
3. **Naive Error Handling**: The code detects EADDRINUSE but doesn't distinguish between external conflicts and internal conflicts.
|
||||
4. **Port Binding Semantics**: The port manager doesn't recognize that a port already bound by SmartProxy can be reused for additional routes.
|
||||
|
||||
### Solution Architecture
|
||||
We need a more intelligent approach to port binding that understands when a port can be shared between routes vs. when a new binding is needed:
|
||||
|
||||
1. **Port Binding Awareness**: Track what ports are already bound by SmartProxy itself.
|
||||
2. **Smart Route Updates**: Only attempt to bind to ports that aren't already bound by SmartProxy.
|
||||
3. **Route Merging Logic**: When adding ACME challenge routes, merge them with existing routes on the same ports.
|
||||
4. **Dynamic Port Management**: Release port bindings when no routes are using them and rebind when needed.
|
||||
5. **Improved Error Recovery**: Handle port conflicts gracefully, with distinct handling for internal vs. external conflicts.
|
||||
|
||||
### Implementation Plan
|
||||
|
||||
#### Phase 1: Improve Port Manager Intelligence
|
||||
- [ ] Enhance `PortManager` to distinguish between ports that need new bindings vs ports that can reuse existing bindings
|
||||
- [ ] Add an internal tracking mechanism to detect when a requested port is already bound internally
|
||||
- [ ] Modify port addition logic to skip binding operations for ports already bound by SmartProxy
|
||||
- [ ] Implement reference counting for port bindings to track how many routes use each port
|
||||
- [ ] Add logic to release port bindings when no routes are using them anymore
|
||||
- [ ] Update error handling to provide more context for port binding failures
|
||||
|
||||
#### Phase 2: Refine ACME Challenge Route Integration
|
||||
- [ ] Modify `addChallengeRoute()` to check if the port is already in use by SmartProxy
|
||||
- [ ] Ensure route updates don't trigger unnecessary port binding operations
|
||||
- [ ] Implement a merging strategy for ACME routes with existing routes on the same port
|
||||
- [ ] Add diagnostic logging to track route and port binding relationships
|
||||
|
||||
#### Phase 3: Enhance Proxy Route Management
|
||||
- [ ] Restructure route update process to group routes by port
|
||||
- [ ] Implement a more efficient route update mechanism that minimizes port binding operations
|
||||
- [ ] Develop port lifecycle management to track usage across route changes
|
||||
- [ ] Add validation to detect potential binding conflicts before attempting operations
|
||||
- [ ] Create a proper route dependency graph to understand the relationships between routes
|
||||
- [ ] Implement efficient detection of "orphaned" ports that no longer have associated routes
|
||||
|
||||
#### Phase 4: Improve Error Handling and Recovery
|
||||
- [ ] Enhance error messages to be more specific about the nature of port conflicts
|
||||
- [ ] Add recovery mechanisms for common port binding scenarios
|
||||
- [ ] Implement a fallback port selection strategy for ACME challenges
|
||||
- [ ] Create a more robust validation system to catch issues before they cause runtime errors
|
||||
|
||||
### Detailed Technical Tasks
|
||||
|
||||
#### Phase 1: Improve Port Manager Intelligence
|
||||
1. Modify `/ts/proxies/smart-proxy/port-manager.ts`:
|
||||
- Add a new method `isPortBoundBySmartProxy(port: number): boolean`
|
||||
- Refactor `addPort()` to check if the port is already bound
|
||||
- Update `updatePorts()` to be more intelligent about which ports need binding
|
||||
- Add reference counting for port usage
|
||||
|
||||
2. Implement Port Reference Counting:
|
||||
```typescript
|
||||
// Add to PortManager class
|
||||
private portRefCounts: Map<number, number> = new Map();
|
||||
|
||||
public incrementPortRefCount(port: number): void {
|
||||
const currentCount = this.portRefCounts.get(port) || 0;
|
||||
this.portRefCounts.set(port, currentCount + 1);
|
||||
logger.log('debug', `Port ${port} reference count increased to ${currentCount + 1}`, { port, refCount: currentCount + 1 });
|
||||
}
|
||||
|
||||
public decrementPortRefCount(port: number): number {
|
||||
const currentCount = this.portRefCounts.get(port) || 0;
|
||||
if (currentCount <= 0) {
|
||||
logger.log('warn', `Attempted to decrement reference count for port ${port} below zero`, { port });
|
||||
return 0;
|
||||
}
|
||||
|
||||
const newCount = currentCount - 1;
|
||||
this.portRefCounts.set(port, newCount);
|
||||
logger.log('debug', `Port ${port} reference count decreased to ${newCount}`, { port, refCount: newCount });
|
||||
return newCount;
|
||||
}
|
||||
|
||||
public getPortRefCount(port: number): number {
|
||||
return this.portRefCounts.get(port) || 0;
|
||||
}
|
||||
```
|
||||
|
||||
3. Port Binding Logic Enhancements:
|
||||
```typescript
|
||||
public async addPort(port: number): Promise<void> {
|
||||
// If already bound by this instance, just increment ref count and return
|
||||
if (this.servers.has(port)) {
|
||||
this.incrementPortRefCount(port);
|
||||
logger.log('debug', `Port ${port} is already bound by SmartProxy, reusing binding`, { port });
|
||||
return;
|
||||
}
|
||||
|
||||
// Initialize ref count for new port
|
||||
this.portRefCounts.set(port, 1);
|
||||
|
||||
// Continue with normal binding...
|
||||
}
|
||||
|
||||
public async removePort(port: number): Promise<void> {
|
||||
// Decrement reference count
|
||||
const newCount = this.decrementPortRefCount(port);
|
||||
|
||||
// If port is still in use by other routes, keep it
|
||||
if (newCount > 0) {
|
||||
logger.log('debug', `Port ${port} still in use by ${newCount} routes, keeping binding open`, { port, refCount: newCount });
|
||||
return;
|
||||
}
|
||||
|
||||
// No more references, can actually close the port
|
||||
const server = this.servers.get(port);
|
||||
if (!server) {
|
||||
logger.log('warn', `Port ${port} not found in servers map`, { port });
|
||||
return;
|
||||
}
|
||||
|
||||
// Continue with normal unbinding logic...
|
||||
}
|
||||
```
|
||||
|
||||
4. Add Smarter Port Conflict Detection:
|
||||
```typescript
|
||||
private isPortConflict(error: any): { isConflict: boolean; isExternal: boolean } {
|
||||
if (error.code !== 'EADDRINUSE') {
|
||||
return { isConflict: false, isExternal: false };
|
||||
}
|
||||
|
||||
// Check if we already have this port
|
||||
const isBoundInternally = this.servers.has(Number(error.port));
|
||||
return { isConflict: true, isExternal: !isBoundInternally };
|
||||
}
|
||||
```
|
||||
|
||||
#### Phase 2: Refine ACME Challenge Route Integration
|
||||
1. Modify `/ts/proxies/smart-proxy/certificate-manager.ts`:
|
||||
- Enhance `addChallengeRoute()` to be aware of existing port bindings
|
||||
- Add port verification before attempting to add challenge routes
|
||||
|
||||
2. Smart Route Merging Logic:
|
||||
```typescript
|
||||
private async addChallengeRoute(): Promise<void> {
|
||||
// Check if route is already active
|
||||
if (this.challengeRouteActive) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Create challenge route
|
||||
const challengeRoute = this.challengeRoute;
|
||||
const challengePort = this.globalAcmeDefaults?.port || 80;
|
||||
|
||||
// Check if port is already in use by another route
|
||||
const portAlreadyUsed = this.routes.some(r =>
|
||||
Array.isArray(r.match.ports)
|
||||
? r.match.ports.includes(challengePort)
|
||||
: r.match.ports === challengePort
|
||||
);
|
||||
|
||||
if (portAlreadyUsed) {
|
||||
logger.log('info', `Port ${challengePort} is already used by an existing route, merging ACME challenge route`);
|
||||
}
|
||||
|
||||
// Continue with route update...
|
||||
}
|
||||
```
|
||||
|
||||
3. Update Route Manager Communication:
|
||||
```typescript
|
||||
// Add this method to smart-proxy.ts
|
||||
private async addRouteWithoutRebinding(route: IRouteConfig): Promise<void> {
|
||||
// Add route to configuration without triggering a port rebind
|
||||
this.settings.routes.push(route);
|
||||
this.routeManager.updateRoutes(this.settings.routes);
|
||||
|
||||
// Update HttpProxy if needed, but skip port binding updates
|
||||
if (this.httpProxyBridge.getHttpProxy()) {
|
||||
await this.httpProxyBridge.syncRoutesToHttpProxy(this.settings.routes);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
#### Phase 3: Enhance Proxy Route Management
|
||||
1. Modify `/ts/proxies/smart-proxy/smart-proxy.ts`:
|
||||
- Refactor `updateRoutes()` to group routes by port
|
||||
- Implement incremental updates that preserve port bindings
|
||||
- Add orphaned port detection and cleanup
|
||||
|
||||
2. Group Routes by Port:
|
||||
```typescript
|
||||
private groupRoutesByPort(routes: IRouteConfig[]): Map<number, IRouteConfig[]> {
|
||||
const portMap = new Map<number, IRouteConfig[]>();
|
||||
|
||||
for (const route of routes) {
|
||||
const ports = Array.isArray(route.match.ports)
|
||||
? route.match.ports
|
||||
: [route.match.ports];
|
||||
|
||||
for (const port of ports) {
|
||||
if (!portMap.has(port)) {
|
||||
portMap.set(port, []);
|
||||
}
|
||||
portMap.get(port)!.push(route);
|
||||
}
|
||||
}
|
||||
|
||||
return portMap;
|
||||
}
|
||||
```
|
||||
|
||||
3. Implement Port Usage Tracking:
|
||||
```typescript
|
||||
private updatePortUsageMap(routes: IRouteConfig[]): Map<number, Set<string>> {
|
||||
// Map of port -> Set of route names using that port
|
||||
const portUsage = new Map<number, Set<string>>();
|
||||
|
||||
for (const route of routes) {
|
||||
const ports = Array.isArray(route.match.ports)
|
||||
? route.match.ports
|
||||
: [route.match.ports];
|
||||
|
||||
const routeName = route.name || `unnamed_${Math.random().toString(36).substring(2, 9)}`;
|
||||
|
||||
for (const port of ports) {
|
||||
if (!portUsage.has(port)) {
|
||||
portUsage.set(port, new Set());
|
||||
}
|
||||
portUsage.get(port)!.add(routeName);
|
||||
}
|
||||
}
|
||||
|
||||
return portUsage;
|
||||
}
|
||||
|
||||
private findOrphanedPorts(oldUsage: Map<number, Set<string>>, newUsage: Map<number, Set<string>>): number[] {
|
||||
// Find ports that have no routes in new configuration
|
||||
const orphanedPorts: number[] = [];
|
||||
|
||||
for (const [port, routes] of oldUsage.entries()) {
|
||||
if (!newUsage.has(port) || newUsage.get(port)!.size === 0) {
|
||||
orphanedPorts.push(port);
|
||||
logger.log('info', `Port ${port} no longer has any associated routes, will be released`, { port });
|
||||
}
|
||||
}
|
||||
|
||||
return orphanedPorts;
|
||||
}
|
||||
```
|
||||
|
||||
4. Implement Incremental Update Logic:
|
||||
```typescript
|
||||
public async updateRoutesIncremental(newRoutes: IRouteConfig[]): Promise<void> {
|
||||
// Track port usage before and after update
|
||||
const oldPortUsage = this.updatePortUsageMap(this.settings.routes);
|
||||
const newPortUsage = this.updatePortUsageMap(newRoutes);
|
||||
|
||||
// Find orphaned ports - ports that no longer have any routes
|
||||
const orphanedPorts = this.findOrphanedPorts(oldPortUsage, newPortUsage);
|
||||
|
||||
// Ports that need new bindings - not in old configuration
|
||||
const newBindingPorts = [...newPortUsage.keys()].filter(p => !oldPortUsage.has(p));
|
||||
|
||||
// Close orphaned ports
|
||||
if (orphanedPorts.length > 0) {
|
||||
logger.log('info', `Releasing ${orphanedPorts.length} orphaned ports: ${orphanedPorts.join(', ')}`, { ports: orphanedPorts });
|
||||
await this.portManager.removePorts(orphanedPorts);
|
||||
}
|
||||
|
||||
// Bind to new ports
|
||||
if (newBindingPorts.length > 0) {
|
||||
logger.log('info', `Binding to ${newBindingPorts.length} new ports: ${newBindingPorts.join(', ')}`, { ports: newBindingPorts });
|
||||
await this.portManager.addPorts(newBindingPorts);
|
||||
}
|
||||
|
||||
// Update route configuration
|
||||
this.settings.routes = newRoutes;
|
||||
this.routeManager.updateRoutes(newRoutes);
|
||||
|
||||
// Update other components...
|
||||
}
|
||||
```
|
||||
|
||||
#### Phase 4: Improve Error Handling and Recovery
|
||||
1. Enhance Error Reporting:
|
||||
```typescript
|
||||
private handlePortBindingError(port: number, error: any): void {
|
||||
if (error.code === 'EADDRINUSE') {
|
||||
const isInternalConflict = this.portManager.isPortBoundBySmartProxy(port);
|
||||
if (isInternalConflict) {
|
||||
logger.log('warn', `Port ${port} is already bound by SmartProxy. This is likely a route configuration issue.`, { port });
|
||||
} else {
|
||||
logger.log('error', `Port ${port} is in use by another application. Please choose a different port.`, { port });
|
||||
}
|
||||
} else {
|
||||
logger.log('error', `Failed to bind to port ${port}: ${error.message}`, { port, error });
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
2. Implement ACME Port Fallback Strategy:
|
||||
```typescript
|
||||
private async selectAcmePort(): Promise<number> {
|
||||
const preferredPort = this.globalAcmeDefaults?.port || 80;
|
||||
|
||||
// Check if preferred port is already bound internally
|
||||
if (this.portManager.isPortBoundBySmartProxy(preferredPort)) {
|
||||
// We can use it without a new binding
|
||||
return preferredPort;
|
||||
}
|
||||
|
||||
// Try to bind to preferred port
|
||||
try {
|
||||
// Temporary test binding
|
||||
const server = plugins.net.createServer();
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
server.listen(preferredPort, () => {
|
||||
server.close();
|
||||
resolve();
|
||||
}).on('error', reject);
|
||||
});
|
||||
|
||||
// If we get here, port is available
|
||||
return preferredPort;
|
||||
} catch (error) {
|
||||
if (error.code === 'EADDRINUSE') {
|
||||
// Port is unavailable, try fallback ports
|
||||
for (const fallbackPort of [8080, 8081, 8082, 8083, 8084]) {
|
||||
try {
|
||||
// Test if we can bind to fallback
|
||||
const server = plugins.net.createServer();
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
server.listen(fallbackPort, () => {
|
||||
server.close();
|
||||
resolve();
|
||||
}).on('error', reject);
|
||||
});
|
||||
|
||||
logger.log('warn', `Primary ACME port ${preferredPort} is unavailable, using fallback port ${fallbackPort}`);
|
||||
return fallbackPort;
|
||||
} catch {
|
||||
// Try next fallback
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// All attempts failed
|
||||
throw new Error(`Could not find an available port for ACME challenges`);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### Testing Strategy
|
||||
1. **Unit Tests**:
|
||||
- Test port binding intelligence
|
||||
- Test route merging logic
|
||||
- Test error handling mechanisms
|
||||
- Test port reference counting
|
||||
- Test orphaned port detection and cleanup
|
||||
|
||||
2. **Integration Tests**:
|
||||
- Test multiple routes on the same port
|
||||
- Test ACME challenges on ports with existing routes
|
||||
- Test dynamic route addition and removal
|
||||
- Test port lifecycle (bind → share → release)
|
||||
- Test various recovery scenarios
|
||||
|
||||
3. **Stress Tests**:
|
||||
- Test rapid route updates
|
||||
- Test concurrent operations
|
||||
- Test large scale route changes (add/remove many at once)
|
||||
- Test frequent changes to see if ports are properly released
|
||||
- Test recovery from port conflicts
|
||||
|
||||
### Release Plan
|
||||
1. **19.4.0** - Phase 1 & 2: Port Manager and ACME Route Improvements
|
||||
2. **19.5.0** - Phase 3: Enhanced Route Management
|
||||
3. **19.6.0** - Phase 4: Improved Error Handling and Recovery
|
@ -5,7 +5,9 @@ import { SmartProxy } from '../ts/proxies/smart-proxy/smart-proxy.js';
|
||||
let echoServer: net.Server;
|
||||
let proxy: SmartProxy;
|
||||
|
||||
tap.test('port forwarding should not immediately close connections', async () => {
|
||||
tap.test('port forwarding should not immediately close connections', async (tools) => {
|
||||
// Set a timeout for this test
|
||||
tools.timeout(10000); // 10 seconds
|
||||
// Create an echo server
|
||||
echoServer = await new Promise<net.Server>((resolve) => {
|
||||
const server = net.createServer((socket) => {
|
||||
@ -39,7 +41,9 @@ tap.test('port forwarding should not immediately close connections', async () =>
|
||||
|
||||
const result = await new Promise<string>((resolve, reject) => {
|
||||
client.on('data', (data) => {
|
||||
resolve(data.toString());
|
||||
const response = data.toString();
|
||||
client.end(); // Close the connection after receiving data
|
||||
resolve(response);
|
||||
});
|
||||
|
||||
client.on('error', reject);
|
||||
@ -48,8 +52,6 @@ tap.test('port forwarding should not immediately close connections', async () =>
|
||||
});
|
||||
|
||||
expect(result).toEqual('ECHO: Hello');
|
||||
|
||||
client.end();
|
||||
});
|
||||
|
||||
tap.test('TLS passthrough should work correctly', async () => {
|
||||
@ -76,11 +78,23 @@ tap.test('TLS passthrough should work correctly', async () => {
|
||||
|
||||
tap.test('cleanup', async () => {
|
||||
if (echoServer) {
|
||||
echoServer.close();
|
||||
await new Promise<void>((resolve) => {
|
||||
echoServer.close(() => {
|
||||
console.log('Echo server closed');
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
}
|
||||
if (proxy) {
|
||||
await proxy.stop();
|
||||
console.log('Proxy stopped');
|
||||
}
|
||||
});
|
||||
|
||||
export default tap.start();
|
||||
export default tap.start().then(() => {
|
||||
// Force exit after tests complete
|
||||
setTimeout(() => {
|
||||
console.log('Forcing process exit');
|
||||
process.exit(0);
|
||||
}, 1000);
|
||||
});
|
@ -3,6 +3,6 @@
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@push.rocks/smartproxy',
|
||||
version: '19.3.12',
|
||||
version: '19.3.13',
|
||||
description: 'A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.'
|
||||
}
|
||||
|
@ -416,6 +416,33 @@ export class SmartCertManager {
|
||||
if (!this.challengeRoute) {
|
||||
throw new Error('Challenge route not initialized');
|
||||
}
|
||||
|
||||
// Get the challenge port
|
||||
const challengePort = this.globalAcmeDefaults?.port || 80;
|
||||
|
||||
// Check if any existing routes are already using this port
|
||||
const portInUseByRoutes = this.routes.some(route => {
|
||||
const routePorts = Array.isArray(route.match.ports) ? route.match.ports : [route.match.ports];
|
||||
return routePorts.some(p => {
|
||||
// Handle both number and port range objects
|
||||
if (typeof p === 'number') {
|
||||
return p === challengePort;
|
||||
} else if (typeof p === 'object' && 'from' in p && 'to' in p) {
|
||||
// Port range case - check if challengePort is in range
|
||||
return challengePort >= p.from && challengePort <= p.to;
|
||||
}
|
||||
return false;
|
||||
});
|
||||
});
|
||||
|
||||
if (portInUseByRoutes) {
|
||||
logger.log('info', `Port ${challengePort} is already used by another route, merging ACME challenge route`, {
|
||||
port: challengePort,
|
||||
component: 'certificate-manager'
|
||||
});
|
||||
}
|
||||
|
||||
// Add the challenge route
|
||||
const challengeRoute = this.challengeRoute;
|
||||
|
||||
try {
|
||||
@ -430,10 +457,27 @@ export class SmartCertManager {
|
||||
|
||||
logger.log('info', 'ACME challenge route successfully added', { component: 'certificate-manager' });
|
||||
} catch (error) {
|
||||
logger.log('error', `Failed to add challenge route: ${error.message}`, { error: error.message, component: 'certificate-manager' });
|
||||
// Handle specific EADDRINUSE errors differently based on whether it's an internal conflict
|
||||
if ((error as any).code === 'EADDRINUSE') {
|
||||
throw new Error(`Port ${this.globalAcmeDefaults?.port || 80} is already in use for ACME challenges`);
|
||||
logger.log('error', `Failed to add challenge route on port ${challengePort}: ${error.message}`, {
|
||||
error: error.message,
|
||||
port: challengePort,
|
||||
component: 'certificate-manager'
|
||||
});
|
||||
|
||||
// Provide a more informative error message
|
||||
throw new Error(
|
||||
`Port ${challengePort} is already in use. ` +
|
||||
`If it's in use by an external process, configure a different port in the ACME settings. ` +
|
||||
`If it's in use by SmartProxy, there may be a route configuration issue.`
|
||||
);
|
||||
}
|
||||
|
||||
// Log and rethrow other errors
|
||||
logger.log('error', `Failed to add challenge route: ${error.message}`, {
|
||||
error: error.message,
|
||||
component: 'certificate-manager'
|
||||
});
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
@ -1,6 +1,7 @@
|
||||
import * as plugins from '../../plugins.js';
|
||||
import type { ISmartProxyOptions } from './models/interfaces.js';
|
||||
import { RouteConnectionHandler } from './route-connection-handler.js';
|
||||
import { logger } from '../../core/utils/logger.js';
|
||||
|
||||
/**
|
||||
* PortManager handles the dynamic creation and removal of port listeners
|
||||
@ -8,12 +9,17 @@ import { RouteConnectionHandler } from './route-connection-handler.js';
|
||||
* This class provides methods to add and remove listening ports at runtime,
|
||||
* allowing SmartProxy to adapt to configuration changes without requiring
|
||||
* a full restart.
|
||||
*
|
||||
* It includes a reference counting system to track how many routes are using
|
||||
* each port, so ports can be automatically released when they are no longer needed.
|
||||
*/
|
||||
export class PortManager {
|
||||
private servers: Map<number, plugins.net.Server> = new Map();
|
||||
private settings: ISmartProxyOptions;
|
||||
private routeConnectionHandler: RouteConnectionHandler;
|
||||
private isShuttingDown: boolean = false;
|
||||
// Track how many routes are using each port
|
||||
private portRefCounts: Map<number, number> = new Map();
|
||||
|
||||
/**
|
||||
* Create a new PortManager
|
||||
@ -38,10 +44,18 @@ export class PortManager {
|
||||
public async addPort(port: number): Promise<void> {
|
||||
// Check if we're already listening on this port
|
||||
if (this.servers.has(port)) {
|
||||
console.log(`PortManager: Already listening on port ${port}`);
|
||||
// Port is already bound, just increment the reference count
|
||||
this.incrementPortRefCount(port);
|
||||
logger.log('debug', `PortManager: Port ${port} is already bound by SmartProxy, reusing binding`, {
|
||||
port,
|
||||
component: 'port-manager'
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
// Initialize reference count for new port
|
||||
this.portRefCounts.set(port, 1);
|
||||
|
||||
// Create a server for this port
|
||||
const server = plugins.net.createServer((socket) => {
|
||||
// Check if shutting down
|
||||
@ -54,24 +68,56 @@ export class PortManager {
|
||||
// Delegate to route connection handler
|
||||
this.routeConnectionHandler.handleConnection(socket);
|
||||
}).on('error', (err: Error) => {
|
||||
console.log(`Server Error on port ${port}: ${err.message}`);
|
||||
logger.log('error', `Server Error on port ${port}: ${err.message}`, {
|
||||
port,
|
||||
error: err.message,
|
||||
component: 'port-manager'
|
||||
});
|
||||
});
|
||||
|
||||
// Start listening on the port
|
||||
return new Promise<void>((resolve, reject) => {
|
||||
server.listen(port, () => {
|
||||
const isHttpProxyPort = this.settings.useHttpProxy?.includes(port);
|
||||
console.log(
|
||||
`SmartProxy -> OK: Now listening on port ${port}${
|
||||
isHttpProxyPort ? ' (HttpProxy forwarding enabled)' : ''
|
||||
}`
|
||||
);
|
||||
logger.log('info', `SmartProxy -> OK: Now listening on port ${port}${
|
||||
isHttpProxyPort ? ' (HttpProxy forwarding enabled)' : ''
|
||||
}`, {
|
||||
port,
|
||||
isHttpProxyPort: !!isHttpProxyPort,
|
||||
component: 'port-manager'
|
||||
});
|
||||
|
||||
// Store the server reference
|
||||
this.servers.set(port, server);
|
||||
resolve();
|
||||
}).on('error', (err) => {
|
||||
console.log(`Failed to listen on port ${port}: ${err.message}`);
|
||||
// Check if this is an external conflict
|
||||
const { isConflict, isExternal } = this.isPortConflict(err);
|
||||
|
||||
if (isConflict && !isExternal) {
|
||||
// This is an internal conflict (port already bound by SmartProxy)
|
||||
// This shouldn't normally happen because we check servers.has(port) above
|
||||
logger.log('warn', `Port ${port} binding conflict: already in use by SmartProxy`, {
|
||||
port,
|
||||
component: 'port-manager'
|
||||
});
|
||||
// Still increment reference count to maintain tracking
|
||||
this.incrementPortRefCount(port);
|
||||
resolve();
|
||||
return;
|
||||
}
|
||||
|
||||
// Log the error and propagate it
|
||||
logger.log('error', `Failed to listen on port ${port}: ${err.message}`, {
|
||||
port,
|
||||
error: err.message,
|
||||
code: (err as any).code,
|
||||
component: 'port-manager'
|
||||
});
|
||||
|
||||
// Clean up reference count since binding failed
|
||||
this.portRefCounts.delete(port);
|
||||
|
||||
reject(err);
|
||||
});
|
||||
});
|
||||
@ -84,10 +130,28 @@ export class PortManager {
|
||||
* @returns Promise that resolves when the server is closed
|
||||
*/
|
||||
public async removePort(port: number): Promise<void> {
|
||||
// Decrement the reference count first
|
||||
const newRefCount = this.decrementPortRefCount(port);
|
||||
|
||||
// If there are still references to this port, keep it open
|
||||
if (newRefCount > 0) {
|
||||
logger.log('debug', `PortManager: Port ${port} still has ${newRefCount} references, keeping open`, {
|
||||
port,
|
||||
refCount: newRefCount,
|
||||
component: 'port-manager'
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
// Get the server for this port
|
||||
const server = this.servers.get(port);
|
||||
if (!server) {
|
||||
console.log(`PortManager: Not listening on port ${port}`);
|
||||
logger.log('warn', `PortManager: Not listening on port ${port}`, {
|
||||
port,
|
||||
component: 'port-manager'
|
||||
});
|
||||
// Ensure reference count is reset
|
||||
this.portRefCounts.delete(port);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -95,13 +159,21 @@ export class PortManager {
|
||||
return new Promise<void>((resolve) => {
|
||||
server.close((err) => {
|
||||
if (err) {
|
||||
console.log(`Error closing server on port ${port}: ${err.message}`);
|
||||
logger.log('error', `Error closing server on port ${port}: ${err.message}`, {
|
||||
port,
|
||||
error: err.message,
|
||||
component: 'port-manager'
|
||||
});
|
||||
} else {
|
||||
console.log(`SmartProxy -> Stopped listening on port ${port}`);
|
||||
logger.log('info', `SmartProxy -> Stopped listening on port ${port}`, {
|
||||
port,
|
||||
component: 'port-manager'
|
||||
});
|
||||
}
|
||||
|
||||
// Remove the server reference
|
||||
// Remove the server reference and clean up reference counting
|
||||
this.servers.delete(port);
|
||||
this.portRefCounts.delete(port);
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
@ -192,4 +264,89 @@ export class PortManager {
|
||||
public getServers(): Map<number, plugins.net.Server> {
|
||||
return new Map(this.servers);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a port is bound by this SmartProxy instance
|
||||
*
|
||||
* @param port The port number to check
|
||||
* @returns True if the port is currently bound by SmartProxy
|
||||
*/
|
||||
public isPortBoundBySmartProxy(port: number): boolean {
|
||||
return this.servers.has(port);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current reference count for a port
|
||||
*
|
||||
* @param port The port number to check
|
||||
* @returns The number of routes using this port, 0 if none
|
||||
*/
|
||||
public getPortRefCount(port: number): number {
|
||||
return this.portRefCounts.get(port) || 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Increment the reference count for a port
|
||||
*
|
||||
* @param port The port number to increment
|
||||
* @returns The new reference count
|
||||
*/
|
||||
public incrementPortRefCount(port: number): number {
|
||||
const currentCount = this.portRefCounts.get(port) || 0;
|
||||
const newCount = currentCount + 1;
|
||||
this.portRefCounts.set(port, newCount);
|
||||
|
||||
logger.log('debug', `Port ${port} reference count increased to ${newCount}`, {
|
||||
port,
|
||||
refCount: newCount,
|
||||
component: 'port-manager'
|
||||
});
|
||||
|
||||
return newCount;
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrement the reference count for a port
|
||||
*
|
||||
* @param port The port number to decrement
|
||||
* @returns The new reference count
|
||||
*/
|
||||
public decrementPortRefCount(port: number): number {
|
||||
const currentCount = this.portRefCounts.get(port) || 0;
|
||||
|
||||
if (currentCount <= 0) {
|
||||
logger.log('warn', `Attempted to decrement reference count for port ${port} below zero`, {
|
||||
port,
|
||||
component: 'port-manager'
|
||||
});
|
||||
return 0;
|
||||
}
|
||||
|
||||
const newCount = currentCount - 1;
|
||||
this.portRefCounts.set(port, newCount);
|
||||
|
||||
logger.log('debug', `Port ${port} reference count decreased to ${newCount}`, {
|
||||
port,
|
||||
refCount: newCount,
|
||||
component: 'port-manager'
|
||||
});
|
||||
|
||||
return newCount;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if a port binding error is due to an external or internal conflict
|
||||
*
|
||||
* @param error The error object from a failed port binding
|
||||
* @returns Object indicating if this is a conflict and if it's external
|
||||
*/
|
||||
private isPortConflict(error: any): { isConflict: boolean; isExternal: boolean } {
|
||||
if (error.code !== 'EADDRINUSE') {
|
||||
return { isConflict: false, isExternal: false };
|
||||
}
|
||||
|
||||
// Check if we already have this port
|
||||
const isBoundInternally = this.servers.has(Number(error.port));
|
||||
return { isConflict: true, isExternal: !isBoundInternally };
|
||||
}
|
||||
}
|
@ -64,6 +64,9 @@ export class SmartProxy extends plugins.EventEmitter {
|
||||
private routeUpdateLock: any = null; // Will be initialized as AsyncMutex
|
||||
private acmeStateManager: AcmeStateManager;
|
||||
|
||||
// Track port usage across route updates
|
||||
private portUsageMap: Map<number, Set<string>> = new Map();
|
||||
|
||||
/**
|
||||
* Constructor for SmartProxy
|
||||
*
|
||||
@ -342,6 +345,16 @@ export class SmartProxy extends plugins.EventEmitter {
|
||||
// Get listening ports from RouteManager
|
||||
const listeningPorts = this.routeManager.getListeningPorts();
|
||||
|
||||
// Initialize port usage tracking
|
||||
this.portUsageMap = this.updatePortUsageMap(this.settings.routes);
|
||||
|
||||
// Log port usage for startup
|
||||
logger.log('info', `SmartProxy starting with ${listeningPorts.length} ports: ${listeningPorts.join(', ')}`, {
|
||||
portCount: listeningPorts.length,
|
||||
ports: listeningPorts,
|
||||
component: 'smart-proxy'
|
||||
});
|
||||
|
||||
// Provision NFTables rules for routes that use NFTables
|
||||
for (const route of this.settings.routes) {
|
||||
if (route.action.forwardingEngine === 'nftables') {
|
||||
@ -548,6 +561,18 @@ export class SmartProxy extends plugins.EventEmitter {
|
||||
return this.routeUpdateLock.runExclusive(async () => {
|
||||
logger.log('info', `Updating routes (${newRoutes.length} routes)`, { routeCount: newRoutes.length, component: 'route-manager' });
|
||||
|
||||
// Track port usage before and after updates
|
||||
const oldPortUsage = this.updatePortUsageMap(this.settings.routes);
|
||||
const newPortUsage = this.updatePortUsageMap(newRoutes);
|
||||
|
||||
// Find orphaned ports - ports that no longer have any routes
|
||||
const orphanedPorts = this.findOrphanedPorts(oldPortUsage, newPortUsage);
|
||||
|
||||
// Find new ports that need binding
|
||||
const currentPorts = new Set(this.portManager.getListeningPorts());
|
||||
const newPortsSet = new Set(newPortUsage.keys());
|
||||
const newBindingPorts = Array.from(newPortsSet).filter(p => !currentPorts.has(p));
|
||||
|
||||
// Get existing routes that use NFTables
|
||||
const oldNfTablesRoutes = this.settings.routes.filter(
|
||||
r => r.action.forwardingEngine === 'nftables'
|
||||
@ -584,14 +609,29 @@ export class SmartProxy extends plugins.EventEmitter {
|
||||
// Update routes in RouteManager
|
||||
this.routeManager.updateRoutes(newRoutes);
|
||||
|
||||
// Get the new set of required ports
|
||||
const requiredPorts = this.routeManager.getListeningPorts();
|
||||
|
||||
// Update port listeners to match the new configuration
|
||||
await this.portManager.updatePorts(requiredPorts);
|
||||
// Release orphaned ports first
|
||||
if (orphanedPorts.length > 0) {
|
||||
logger.log('info', `Releasing ${orphanedPorts.length} orphaned ports: ${orphanedPorts.join(', ')}`, {
|
||||
ports: orphanedPorts,
|
||||
component: 'smart-proxy'
|
||||
});
|
||||
await this.portManager.removePorts(orphanedPorts);
|
||||
}
|
||||
|
||||
// Add new ports
|
||||
if (newBindingPorts.length > 0) {
|
||||
logger.log('info', `Binding to ${newBindingPorts.length} new ports: ${newBindingPorts.join(', ')}`, {
|
||||
ports: newBindingPorts,
|
||||
component: 'smart-proxy'
|
||||
});
|
||||
await this.portManager.addPorts(newBindingPorts);
|
||||
}
|
||||
|
||||
// Update settings with the new routes
|
||||
this.settings.routes = newRoutes;
|
||||
|
||||
// Save the new port usage map for future reference
|
||||
this.portUsageMap = newPortUsage;
|
||||
|
||||
// If HttpProxy is initialized, resync the configurations
|
||||
if (this.httpProxyBridge.getHttpProxy()) {
|
||||
@ -637,6 +677,78 @@ export class SmartProxy extends plugins.EventEmitter {
|
||||
|
||||
await this.certManager.provisionCertificate(route);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the port usage map based on the provided routes
|
||||
*
|
||||
* This tracks which ports are used by which routes, allowing us to
|
||||
* detect when a port is no longer needed and can be released.
|
||||
*/
|
||||
private updatePortUsageMap(routes: IRouteConfig[]): Map<number, Set<string>> {
|
||||
// Reset the usage map
|
||||
const portUsage = new Map<number, Set<string>>();
|
||||
|
||||
for (const route of routes) {
|
||||
// Get the ports for this route
|
||||
const portsConfig = Array.isArray(route.match.ports)
|
||||
? route.match.ports
|
||||
: [route.match.ports];
|
||||
|
||||
// Expand port range objects to individual port numbers
|
||||
const expandedPorts: number[] = [];
|
||||
for (const portConfig of portsConfig) {
|
||||
if (typeof portConfig === 'number') {
|
||||
expandedPorts.push(portConfig);
|
||||
} else if (typeof portConfig === 'object' && 'from' in portConfig && 'to' in portConfig) {
|
||||
// Expand the port range
|
||||
for (let p = portConfig.from; p <= portConfig.to; p++) {
|
||||
expandedPorts.push(p);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Use route name if available, otherwise generate a unique ID
|
||||
const routeName = route.name || `unnamed_${Math.random().toString(36).substring(2, 9)}`;
|
||||
|
||||
// Add each port to the usage map
|
||||
for (const port of expandedPorts) {
|
||||
if (!portUsage.has(port)) {
|
||||
portUsage.set(port, new Set());
|
||||
}
|
||||
portUsage.get(port)!.add(routeName);
|
||||
}
|
||||
}
|
||||
|
||||
// Log port usage for debugging
|
||||
for (const [port, routes] of portUsage.entries()) {
|
||||
logger.log('debug', `Port ${port} is used by ${routes.size} routes: ${Array.from(routes).join(', ')}`, {
|
||||
port,
|
||||
routeCount: routes.size,
|
||||
component: 'smart-proxy'
|
||||
});
|
||||
}
|
||||
|
||||
return portUsage;
|
||||
}
|
||||
|
||||
/**
|
||||
* Find ports that have no routes in the new configuration
|
||||
*/
|
||||
private findOrphanedPorts(oldUsage: Map<number, Set<string>>, newUsage: Map<number, Set<string>>): number[] {
|
||||
const orphanedPorts: number[] = [];
|
||||
|
||||
for (const [port, routes] of oldUsage.entries()) {
|
||||
if (!newUsage.has(port) || newUsage.get(port)!.size === 0) {
|
||||
orphanedPorts.push(port);
|
||||
logger.log('info', `Port ${port} no longer has any associated routes, will be released`, {
|
||||
port,
|
||||
component: 'smart-proxy'
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
return orphanedPorts;
|
||||
}
|
||||
|
||||
/**
|
||||
* Force renewal of a certificate
|
||||
|
Loading…
x
Reference in New Issue
Block a user