push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Philipp Kunz
2025-05-29 01:00:20 +00:00
parent 2024ea5a69
commit d8d1bdcd41
14 changed files with 190 additions and 791 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
readme.plan2.md
View File

@ -478,16 +478,16 @@ const domainRouter = (socket: net.Socket, context: IRouteContext) => {
## Detailed Implementation Tasks
### Step 1: Update TSocketHandler Type (15 minutes)
- [ ] Open `ts/proxies/smart-proxy/models/route-types.ts`
- [ ] Find line 14: `export type TSocketHandler = (socket: plugins.net.Socket) => void | Promise<void>;`
- [ ] Import IRouteContext at top of file: `import type { IRouteContext } from '../../../core/models/route-context.js';`
- [ ] Update TSocketHandler to: `export type TSocketHandler = (socket: plugins.net.Socket, context: IRouteContext) => void | Promise<void>;`
- [ ] Save file
- [x] Open `ts/proxies/smart-proxy/models/route-types.ts`
- [x] Find line 14: `export type TSocketHandler = (socket: plugins.net.Socket) => void | Promise<void>;`
- [x] Import IRouteContext at top of file: `import type { IRouteContext } from '../../../core/models/route-context.js';`
- [x] Update TSocketHandler to: `export type TSocketHandler = (socket: plugins.net.Socket, context: IRouteContext) => void | Promise<void>;`
- [x] Save file
### Step 2: Update Socket Handler Implementation (30 minutes)
- [ ] Open `ts/proxies/smart-proxy/route-connection-handler.ts`
- [ ] Find `handleSocketHandlerAction` method (around line 790)
- [ ] Add route context creation after line 809:
- [x] Open `ts/proxies/smart-proxy/route-connection-handler.ts`
- [x] Find `handleSocketHandlerAction` method (around line 790)
- [x] Add route context creation after line 809:
```typescript
// Create route context for the handler
const routeContext = this.createRouteContext({
@ -502,19 +502,19 @@ const domainRouter = (socket: net.Socket, context: IRouteContext) => {
routeId: route.id,
});
```
- [ ] Update line 812 from `const result = route.action.socketHandler(socket);`
- [ ] To: `const result = route.action.socketHandler(socket, routeContext);`
- [ ] Save file
- [x] Update line 812 from `const result = route.action.socketHandler(socket);`
- [x] To: `const result = route.action.socketHandler(socket, routeContext);`
- [x] Save file
### Step 3: Update Existing Socket Handlers in route-helpers.ts (20 minutes)
- [ ] Open `ts/proxies/smart-proxy/utils/route-helpers.ts`
- [ ] Update `echo` handler (line 856):
- [x] Open `ts/proxies/smart-proxy/utils/route-helpers.ts`
- [x] Update `echo` handler (line 856):
- From: `echo: (socket: plugins.net.Socket) => {`
- To: `echo: (socket: plugins.net.Socket, context: IRouteContext) => {`
- [ ] Update `proxy` handler (line 864):
- [x] Update `proxy` handler (line 864):
- From: `proxy: (targetHost: string, targetPort: number) => (socket: plugins.net.Socket) => {`
- To: `proxy: (targetHost: string, targetPort: number) => (socket: plugins.net.Socket, context: IRouteContext) => {`
- [ ] Update `lineProtocol` handler (line 879):
- [x] Update `lineProtocol` handler (line 879):
- From: `lineProtocol: (handler: (line: string, socket: plugins.net.Socket) => void) => (socket: plugins.net.Socket) => {`
- To: `lineProtocol: (handler: (line: string, socket: plugins.net.Socket) => void) => (socket: plugins.net.Socket, context: IRouteContext) => {`
- [ ] Update `httpResponse` handler (line 896):
@ -635,11 +635,11 @@ const domainRouter = (socket: net.Socket, context: IRouteContext) => {
});
}
```
- [ ] Save file
- [x] Save file
### Step 9: Update Helper Functions (20 minutes)
- [ ] Still in `route-helpers.ts`
- [ ] Update `createHttpToHttpsRedirect` function (around line 109):
- [x] Still in `route-helpers.ts`
- [x] Update `createHttpToHttpsRedirect` function (around line 109):
- Change the action to use socket handler:
```typescript
action: {
@ -647,8 +647,8 @@ const domainRouter = (socket: net.Socket, context: IRouteContext) => {
socketHandler: SocketHandlers.httpRedirect(`https://{domain}:${httpsPort}{path}`, 301)
}
```
- [ ] Delete entire `createStaticFileRoute` function (lines 277-322)
- [ ] Save file
- [x] Delete entire `createStaticFileRoute` function (lines 277-322)
- [x] Save file
### Step 10: Update Test Files (1.5 hours)
#### 10.1 Update Socket Handler Tests

98
test/test.route-redirects.ts
View File

@ -1,98 +0,0 @@
import { tap, expect } from '@git.zone/tstest/tapbundle';
import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
import { createHttpToHttpsRedirect } from '../ts/proxies/smart-proxy/utils/route-helpers.js';
import type { IRouteConfig } from '../ts/proxies/smart-proxy/models/route-types.js';
// Test that HTTP to HTTPS redirects work correctly
tap.test('should handle HTTP to HTTPS redirects', async (tools) => {
// Create a simple HTTP to HTTPS redirect route
const redirectRoute = createHttpToHttpsRedirect(
'example.com',
443,
{
name: 'HTTP to HTTPS Redirect Test'
}
);
// Verify the route is configured correctly
expect(redirectRoute.action.type).toEqual('redirect');
expect(redirectRoute.action.redirect).toBeTruthy();
expect(redirectRoute.action.redirect?.to).toEqual('https://{domain}:443{path}');
expect(redirectRoute.action.redirect?.status).toEqual(301);
expect(redirectRoute.match.ports).toEqual(80);
expect(redirectRoute.match.domains).toEqual('example.com');
});
tap.test('should handle custom redirect configurations', async (tools) => {
// Create a custom redirect route
const customRedirect: IRouteConfig = {
name: 'custom-redirect',
match: {
ports: [8080],
domains: ['old.example.com']
},
action: {
type: 'redirect',
redirect: {
to: 'https://new.example.com{path}',
status: 302
}
}
};
// Verify the route structure
expect(customRedirect.action.redirect?.to).toEqual('https://new.example.com{path}');
expect(customRedirect.action.redirect?.status).toEqual(302);
});
tap.test('should support multiple redirect scenarios', async (tools) => {
const routes: IRouteConfig[] = [
// HTTP to HTTPS redirect
createHttpToHttpsRedirect(['example.com', 'www.example.com']),
// Custom redirect with different port
{
name: 'custom-port-redirect',
match: {
ports: 8080,
domains: 'api.example.com'
},
action: {
type: 'redirect',
redirect: {
to: 'https://{domain}:8443{path}',
status: 308
}
}
},
// Redirect to different domain entirely
{
name: 'domain-redirect',
match: {
ports: 80,
domains: 'old-domain.com'
},
action: {
type: 'redirect',
redirect: {
to: 'https://new-domain.com{path}',
status: 301
}
}
}
];
// Create SmartProxy with redirect routes
const proxy = new SmartProxy({
routes
});
// Verify all routes are redirect type
routes.forEach(route => {
expect(route.action.type).toEqual('redirect');
expect(route.action.redirect).toBeTruthy();
});
});
export default tap.start();

2
test/test.socket-handler-race.ts
View File

@ -9,7 +9,7 @@ tap.test('should handle async handler that sets up listeners after delay', async
match: { ports: 7777 },
action: {
type: 'socket-handler',
socketHandler: async (socket) => {
socketHandler: async (socket, context) => {
// Simulate async work BEFORE setting up listeners
await new Promise(resolve => setTimeout(resolve, 50));

2
test/test.socket-handler.simple.ts
View File

@ -12,7 +12,7 @@ tap.test('simple socket handler test', async () => {
},
action: {
type: 'socket-handler',
socketHandler: (socket) => {
socketHandler: (socket, context) => {
console.log('Handler called!');
socket.write('HELLO\n');
socket.end();

6
test/test.socket-handler.ts
View File

@ -15,7 +15,7 @@ tap.test('setup socket handler test', async () => {
},
action: {
type: 'socket-handler',
socketHandler: (socket) => {
socketHandler: (socket, context) => {
console.log('Socket handler called');
// Simple echo server
socket.write('ECHO SERVER\n');
@ -81,7 +81,7 @@ tap.test('should handle async socket handler', async () => {
match: { ports: 9999 },
action: {
type: 'socket-handler',
socketHandler: async (socket) => {
socketHandler: async (socket, context) => {
// Set up data handler first
socket.on('data', async (data) => {
console.log('Async handler received:', data.toString());
@ -134,7 +134,7 @@ tap.test('should handle errors in socket handler', async () => {
match: { ports: 9999 },
action: {
type: 'socket-handler',
socketHandler: (socket) => {
socketHandler: (socket, context) => {
throw new Error('Handler error');
}
}

3
ts/proxies/http-proxy/handlers/index.ts
View File

@ -2,5 +2,4 @@
* HTTP handlers for various route types
*/
export { RedirectHandler } from './redirect-handler.js';
export { StaticHandler } from './static-handler.js';
// Empty - all handlers have been removed

105
ts/proxies/http-proxy/handlers/redirect-handler.ts
View File

@ -1,105 +0,0 @@
import * as plugins from '../../../plugins.js';
import type { IRouteConfig } from '../../smart-proxy/models/route-types.js';
import type { IConnectionRecord } from '../../smart-proxy/models/interfaces.js';
import type { ILogger } from '../models/types.js';
import { createLogger } from '../models/types.js';
import { HttpStatus, getStatusText } from '../models/http-types.js';
export interface IRedirectHandlerContext {
connectionId: string;
connectionManager: any; // Avoid circular deps
settings: any;
logger?: ILogger;
}
/**
* Handles HTTP redirect routes
*/
export class RedirectHandler {
/**
* Handle redirect routes
*/
public static async handleRedirect(
socket: plugins.net.Socket,
route: IRouteConfig,
context: IRedirectHandlerContext
): Promise<void> {
const { connectionId, connectionManager, settings } = context;
const logger = context.logger || createLogger(settings.logLevel || 'info');
const action = route.action;
// We should have a redirect configuration
if (!action.redirect) {
logger.error(`[${connectionId}] Redirect action missing redirect configuration`);
socket.end();
connectionManager.cleanupConnection({ id: connectionId }, 'missing_redirect');
return;
}
// For TLS connections, we can't do redirects at the TCP level
// This check should be done before calling this handler
// Wait for the first HTTP request to perform the redirect
const dataListeners: ((chunk: Buffer) => void)[] = [];
const httpDataHandler = (chunk: Buffer) => {
// Remove all data listeners to avoid duplicated processing
for (const listener of dataListeners) {
socket.removeListener('data', listener);
}
// Parse HTTP request to get path
try {
const headersEnd = chunk.indexOf('\r\n\r\n');
if (headersEnd === -1) {
// Not a complete HTTP request, need more data
socket.once('data', httpDataHandler);
dataListeners.push(httpDataHandler);
return;
}
const httpHeaders = chunk.slice(0, headersEnd).toString();
const requestLine = httpHeaders.split('\r\n')[0];
const [method, path] = requestLine.split(' ');
// Extract Host header
const hostMatch = httpHeaders.match(/Host: (.+?)(\r\n|\r|\n|$)/i);
const host = hostMatch ? hostMatch[1].trim() : '';
// Process the redirect URL with template variables
let redirectUrl = action.redirect.to;
redirectUrl = redirectUrl.replace(/\{domain\}/g, host);
redirectUrl = redirectUrl.replace(/\{path\}/g, path || '');
redirectUrl = redirectUrl.replace(/\{port\}/g, socket.localPort?.toString() || '80');
// Prepare the HTTP redirect response
const redirectResponse = [
`HTTP/1.1 ${action.redirect.status} Moved`,
`Location: ${redirectUrl}`,
'Connection: close',
'Content-Length: 0',
'',
'',
].join('\r\n');
if (settings.enableDetailedLogging) {
logger.info(
`[${connectionId}] Redirecting to ${redirectUrl} with status ${action.redirect.status}`
);
}
// Send the redirect response
socket.end(redirectResponse);
connectionManager.initiateCleanupOnce({ id: connectionId }, 'redirect_complete');
} catch (err) {
logger.error(`[${connectionId}] Error processing HTTP redirect: ${err}`);
socket.end();
connectionManager.initiateCleanupOnce({ id: connectionId }, 'redirect_error');
}
};
// Setup the HTTP data handler
socket.once('data', httpDataHandler);
dataListeners.push(httpDataHandler);
}
}

261
ts/proxies/http-proxy/handlers/static-handler.ts
View File

@ -1,261 +0,0 @@
import * as plugins from '../../../plugins.js';
import type { IRouteConfig } from '../../smart-proxy/models/route-types.js';
import type { IConnectionRecord } from '../../smart-proxy/models/interfaces.js';
import type { ILogger } from '../models/types.js';
import { createLogger } from '../models/types.js';
import type { IRouteContext } from '../../../core/models/route-context.js';
import { HttpStatus, getStatusText } from '../models/http-types.js';
export interface IStaticHandlerContext {
connectionId: string;
connectionManager: any; // Avoid circular deps
settings: any;
logger?: ILogger;
}
/**
* Handles static routes including ACME challenges
*/
export class StaticHandler {
/**
* Handle static routes
*/
public static async handleStatic(
socket: plugins.net.Socket,
route: IRouteConfig,
context: IStaticHandlerContext,
record: IConnectionRecord,
initialChunk?: Buffer
): Promise<void> {
const { connectionId, connectionManager, settings } = context;
const logger = context.logger || createLogger(settings.logLevel || 'info');
if (!route.action.handler) {
logger.error(`[${connectionId}] Static route '${route.name}' has no handler`);
socket.end();
connectionManager.cleanupConnection(record, 'no_handler');
return;
}
let buffer = Buffer.alloc(0);
let processingData = false;
const handleHttpData = async (chunk: Buffer) => {
// Accumulate the data
buffer = Buffer.concat([buffer, chunk]);
// Prevent concurrent processing of the same buffer
if (processingData) return;
processingData = true;
try {
// Process data until we have a complete request or need more data
await processBuffer();
} finally {
processingData = false;
}
};
const processBuffer = async () => {
// Look for end of HTTP headers
const headerEndIndex = buffer.indexOf('\r\n\r\n');
if (headerEndIndex === -1) {
// Need more data
if (buffer.length > 8192) {
// Prevent excessive buffering
logger.error(`[${connectionId}] HTTP headers too large`);
socket.end();
connectionManager.cleanupConnection(record, 'headers_too_large');
}
return; // Wait for more data to arrive
}
// Parse the HTTP request
const headerBuffer = buffer.slice(0, headerEndIndex);
const headers = headerBuffer.toString();
const lines = headers.split('\r\n');
if (lines.length === 0) {
logger.error(`[${connectionId}] Invalid HTTP request`);
socket.end();
connectionManager.cleanupConnection(record, 'invalid_request');
return;
}
// Parse request line
const requestLine = lines[0];
const requestParts = requestLine.split(' ');
if (requestParts.length < 3) {
logger.error(`[${connectionId}] Invalid HTTP request line`);
socket.end();
connectionManager.cleanupConnection(record, 'invalid_request_line');
return;
}
const [method, path, httpVersion] = requestParts;
// Parse headers
const headersMap: Record<string, string> = {};
for (let i = 1; i < lines.length; i++) {
const colonIndex = lines[i].indexOf(':');
if (colonIndex > 0) {
const key = lines[i].slice(0, colonIndex).trim().toLowerCase();
const value = lines[i].slice(colonIndex + 1).trim();
headersMap[key] = value;
}
}
// Check for Content-Length to handle request body
const requestBodyLength = parseInt(headersMap['content-length'] || '0', 10);
const bodyStartIndex = headerEndIndex + 4; // Skip the \r\n\r\n
// If there's a body, ensure we have the full body
if (requestBodyLength > 0) {
const totalExpectedLength = bodyStartIndex + requestBodyLength;
// If we don't have the complete body yet, wait for more data
if (buffer.length < totalExpectedLength) {
// Implement a reasonable body size limit to prevent memory issues
if (requestBodyLength > 1024 * 1024) {
// 1MB limit
logger.error(`[${connectionId}] Request body too large`);
socket.end();
connectionManager.cleanupConnection(record, 'body_too_large');
return;
}
return; // Wait for more data
}
}
// Extract query string if present
let pathname = path;
let query: string | undefined;
const queryIndex = path.indexOf('?');
if (queryIndex !== -1) {
pathname = path.slice(0, queryIndex);
query = path.slice(queryIndex + 1);
}
try {
// Get request body if present
let requestBody: Buffer | undefined;
if (requestBodyLength > 0) {
requestBody = buffer.slice(bodyStartIndex, bodyStartIndex + requestBodyLength);
}
// Pause socket to prevent data loss during async processing
socket.pause();
// Remove the data listener since we're handling the request
socket.removeListener('data', handleHttpData);
// Build route context with parsed HTTP information
const context: IRouteContext = {
port: record.localPort,
domain: record.lockedDomain || headersMap['host']?.split(':')[0],
clientIp: record.remoteIP,
serverIp: socket.localAddress!,
path: pathname,
query: query,
headers: headersMap,
isTls: record.isTLS,
tlsVersion: record.tlsVersion,
routeName: route.name,
routeId: route.id,
timestamp: Date.now(),
connectionId,
};
// Since IRouteContext doesn't have a body property,
// we need an alternative approach to handle the body
let response;
if (requestBody) {
if (settings.enableDetailedLogging) {
logger.info(
`[${connectionId}] Processing request with body (${requestBody.length} bytes)`
);
}
// Pass the body as an additional parameter by extending the context object
// This is not type-safe, but it allows handlers that expect a body to work
const extendedContext = {
...context,
// Provide both raw buffer and string representation
requestBody: requestBody,
requestBodyText: requestBody.toString(),
method: method,
};
// Call the handler with the extended context
// The handler needs to know to look for the non-standard properties
response = await route.action.handler(extendedContext as any);
} else {
// Call the handler with the standard context
const extendedContext = {
...context,
method: method,
};
response = await route.action.handler(extendedContext as any);
}
// Prepare the HTTP response
const responseHeaders = response.headers || {};
const contentLength = Buffer.byteLength(response.body || '');
responseHeaders['Content-Length'] = contentLength.toString();
if (!responseHeaders['Content-Type']) {
responseHeaders['Content-Type'] = 'text/plain';
}
// Build the response
let httpResponse = `HTTP/1.1 ${response.status} ${getStatusText(response.status)}\r\n`;
for (const [key, value] of Object.entries(responseHeaders)) {
httpResponse += `${key}: ${value}\r\n`;
}
httpResponse += '\r\n';
// Send response
socket.write(httpResponse);
if (response.body) {
socket.write(response.body);
}
socket.end();
connectionManager.cleanupConnection(record, 'completed');
} catch (error) {
logger.error(`[${connectionId}] Error in static handler: ${error}`);
// Send error response
const errorResponse =
'HTTP/1.1 500 Internal Server Error\r\n' +
'Content-Type: text/plain\r\n' +
'Content-Length: 21\r\n' +
'\r\n' +
'Internal Server Error';
socket.write(errorResponse);
socket.end();
connectionManager.cleanupConnection(record, 'handler_error');
}
};
// Process initial chunk if provided
if (initialChunk && initialChunk.length > 0) {
if (settings.enableDetailedLogging) {
logger.info(`[${connectionId}] Processing initial data chunk (${initialChunk.length} bytes)`);
}
// Process the initial chunk immediately
handleHttpData(initialChunk);
}
// Listen for additional data
socket.on('data', handleHttpData);
// Ensure cleanup on socket close
socket.once('close', () => {
socket.removeListener('data', handleHttpData);
});
}
}

102
ts/proxies/smart-proxy/certificate-manager.ts
View File

@ -693,48 +693,70 @@ export class SmartCertManager {
path: '/.well-known/acme-challenge/*'
},
action: {
type: 'static',
handler: async (context) => {
// Extract the token from the path
const token = context.path?.split('/').pop();
if (!token) {
return { status: 404, body: 'Not found' };
}
// Create mock request/response objects for SmartAcme
const mockReq = {
url: context.path,
method: 'GET',
headers: context.headers || {}
};
let responseData: any = null;
const mockRes = {
statusCode: 200,
setHeader: (name: string, value: string) => {},
end: (data: any) => {
responseData = data;
type: 'socket-handler',
socketHandler: (socket, context) => {
// Wait for HTTP request data
socket.once('data', async (data) => {
const request = data.toString();
const lines = request.split('\r\n');
const [method, path] = lines[0].split(' ');
// Extract the token from the path
const token = path?.split('/').pop();
if (!token) {
socket.write('HTTP/1.1 404 Not Found\r\n');
socket.write('Content-Type: text/plain\r\n');
socket.write('Content-Length: 9\r\n');
socket.write('Connection: close\r\n');
socket.write('\r\n');
socket.write('Not found');
socket.end();
return;
}
};
// Use SmartAcme's handler
const handled = await new Promise<boolean>((resolve) => {
http01Handler.handleRequest(mockReq as any, mockRes as any, () => {
resolve(false);
});
// Give it a moment to process
setTimeout(() => resolve(true), 100);
});
if (handled && responseData) {
return {
status: mockRes.statusCode,
headers: { 'Content-Type': 'text/plain' },
body: responseData
// Create mock request/response objects for SmartAcme
const mockReq = {
url: path,
method: 'GET',
headers: {}
};
} else {
return { status: 404, body: 'Not found' };
}
let responseData: any = null;
const mockRes = {
statusCode: 200,
setHeader: (name: string, value: string) => {},
end: (data: any) => {
responseData = data;
}
};
// Use SmartAcme's handler
const handled = await new Promise<boolean>((resolve) => {
http01Handler.handleRequest(mockReq as any, mockRes as any, () => {
resolve(false);
});
// Give it a moment to process
setTimeout(() => resolve(true), 100);
});
if (handled && responseData) {
const body = String(responseData);
socket.write(`HTTP/1.1 ${mockRes.statusCode} OK\r\n`);
socket.write('Content-Type: text/plain\r\n');
socket.write(`Content-Length: ${body.length}\r\n`);
socket.write('Connection: close\r\n');
socket.write('\r\n');
socket.write(body);
} else {
socket.write('HTTP/1.1 404 Not Found\r\n');
socket.write('Content-Type: text/plain\r\n');
socket.write('Content-Length: 9\r\n');
socket.write('Connection: close\r\n');
socket.write('\r\n');
socket.write('Not found');
}
socket.end();
});
}
}
};

64
ts/proxies/smart-proxy/models/route-types.ts
View File

@ -2,16 +2,20 @@ import * as plugins from '../../../plugins.js';
// Certificate types removed - use local definition
import type { TForwardingType } from '../../../forwarding/config/forwarding-types.js';
import type { PortRange } from '../../../proxies/nftables-proxy/models/interfaces.js';
import type { IRouteContext } from '../../../core/models/route-context.js';
// Re-export IRouteContext for convenience
export type { IRouteContext };
/**
* Supported action types for route configurations
*/
export type TRouteActionType = 'forward' | 'redirect' | 'block' | 'static' | 'socket-handler';
export type TRouteActionType = 'forward' | 'socket-handler';
/**
* Socket handler function type
*/
export type TSocketHandler = (socket: plugins.net.Socket) => void | Promise<void>;
export type TSocketHandler = (socket: plugins.net.Socket, context: IRouteContext) => void | Promise<void>;
/**
* TLS handling modes for route configurations
@ -40,36 +44,6 @@ export interface IRouteMatch {
headers?: Record<string, string | RegExp>; // Match specific HTTP headers
}
/**
* Context provided to port and host mapping functions
*/
export interface IRouteContext {
// Connection information
port: number; // The matched incoming port
domain?: string; // The domain from SNI or Host header
clientIp: string; // The client's IP address
serverIp: string; // The server's IP address
path?: string; // URL path (for HTTP connections)
query?: string; // Query string (for HTTP connections)
headers?: Record<string, string>; // HTTP headers (for HTTP connections)
method?: string; // HTTP method (for HTTP connections)
// TLS information
isTls: boolean; // Whether the connection is TLS
tlsVersion?: string; // TLS version if applicable
// Route information
routeName?: string; // The name of the matched route
routeId?: string; // The ID of the matched route
// Target information (resolved from dynamic mapping)
targetHost?: string | string[]; // The resolved target host(s)
targetPort?: number; // The resolved target port
// Additional properties
timestamp: number; // The request timestamp
connectionId: string; // Unique connection identifier
}
/**
* Target configuration for forwarding
@ -89,15 +63,6 @@ export interface IRouteAcme {
renewBeforeDays?: number; // Days before expiry to renew (default: 30)
}
/**
* Static route handler response
*/
export interface IStaticResponse {
status: number;
headers?: Record<string, string>;
body: string | Buffer;
}
/**
* TLS configuration for route actions
*/
@ -117,14 +82,6 @@ export interface IRouteTls {
sessionTimeout?: number; // TLS session timeout in seconds
}
/**
* Redirect configuration for route actions
*/
export interface IRouteRedirect {
to: string; // URL or template with {domain}, {port}, etc.
status: 301 | 302 | 307 | 308;
}
/**
* Authentication options
*/
@ -270,12 +227,6 @@ export interface IRouteAction {
// TLS handling
tls?: IRouteTls;
// For redirects
redirect?: IRouteRedirect;
// For static files
static?: IRouteStaticFiles;
// WebSocket support
websocket?: IRouteWebSocket;
@ -300,9 +251,6 @@ export interface IRouteAction {
// NFTables-specific options
nftables?: INfTablesOptions;
// Handler function for static routes
handler?: (context: IRouteContext) => Promise<IStaticResponse>;
// Socket handler function (when type is 'socket-handler')
socketHandler?: TSocketHandler;
}

95
ts/proxies/smart-proxy/route-connection-handler.ts
View File

@ -10,7 +10,6 @@ import { HttpProxyBridge } from './http-proxy-bridge.js';
import { TimeoutManager } from './timeout-manager.js';
import { RouteManager } from './route-manager.js';
import type { ForwardingHandler } from '../../forwarding/handlers/base-handler.js';
import { RedirectHandler, StaticHandler } from '../http-proxy/handlers/index.js';
/**
* Handles new connection processing and setup logic with support for route-based configuration
@ -389,16 +388,6 @@ export class RouteConnectionHandler {
case 'forward':
return this.handleForwardAction(socket, record, route, initialChunk);
case 'redirect':
return this.handleRedirectAction(socket, record, route);
case 'block':
return this.handleBlockAction(socket, record, route);
case 'static':
this.handleStaticAction(socket, record, route, initialChunk);
return;
case 'socket-handler':
logger.log('info', `Handling socket-handler action for route ${route.name}`, {
connectionId,
@ -718,73 +707,6 @@ export class RouteConnectionHandler {
}
}
/**
* Handle a redirect action for a route
*/
private handleRedirectAction(
socket: plugins.net.Socket,
record: IConnectionRecord,
route: IRouteConfig
): void {
// For TLS connections, we can't do redirects at the TCP level
if (record.isTLS) {
logger.log('warn', `Cannot redirect TLS connection ${record.id} at TCP level`, {
connectionId: record.id,
component: 'route-handler'
});
socket.end();
this.connectionManager.cleanupConnection(record, 'tls_redirect_error');
return;
}
// Delegate to HttpProxy's RedirectHandler
RedirectHandler.handleRedirect(socket, route, {
connectionId: record.id,
connectionManager: this.connectionManager,
settings: this.settings
});
}
/**
* Handle a block action for a route
*/
private handleBlockAction(
socket: plugins.net.Socket,
record: IConnectionRecord,
route: IRouteConfig
): void {
const connectionId = record.id;
if (this.settings.enableDetailedLogging) {
logger.log('info', `Blocking connection ${connectionId} based on route '${route.name || 'unnamed'}'`, {
connectionId,
routeName: route.name || 'unnamed',
component: 'route-handler'
});
}
// Simply close the connection
socket.end();
this.connectionManager.initiateCleanupOnce(record, 'route_blocked');
}
/**
* Handle a static action for a route
*/
private async handleStaticAction(
socket: plugins.net.Socket,
record: IConnectionRecord,
route: IRouteConfig,
initialChunk?: Buffer
): Promise<void> {
// Delegate to HttpProxy's StaticHandler
await StaticHandler.handleStatic(socket, route, {
connectionId: record.id,
connectionManager: this.connectionManager,
settings: this.settings
}, record, initialChunk);
}
/**
* Handle a socket-handler action for a route
*/
@ -807,9 +729,22 @@ export class RouteConnectionHandler {
return;
}
// Create route context for the handler
const routeContext = this.createRouteContext({
connectionId: record.id,
port: record.localPort,
domain: record.lockedDomain,
clientIp: record.remoteIP,
serverIp: socket.localAddress || '',
isTls: record.isTLS || false,
tlsVersion: record.tlsVersion,
routeName: route.name,
routeId: route.id,
});
try {
// Call the handler
const result = route.action.socketHandler(socket);
// Call the handler with socket AND context
const result = route.action.socketHandler(socket, routeContext);
// Handle async handlers properly
if (result instanceof Promise) {

2
ts/proxies/smart-proxy/utils/index.ts
View File

@ -19,7 +19,6 @@ import {
createWebSocketRoute as createWebSocketPatternRoute,
createLoadBalancerRoute as createLoadBalancerPatternRoute,
createApiGatewayRoute,
createStaticFileServerRoute,
addRateLimiting,
addBasicAuth,
addJwtAuth
@ -29,7 +28,6 @@ export {
createWebSocketPatternRoute,
createLoadBalancerPatternRoute,
createApiGatewayRoute,
createStaticFileServerRoute,
addRateLimiting,
addBasicAuth,
addJwtAuth

139
ts/proxies/smart-proxy/utils/route-helpers.ts
View File

@ -11,7 +11,6 @@
* - HTTPS passthrough routes (createHttpsPassthroughRoute)
* - Complete HTTPS servers with redirects (createCompleteHttpsServer)
* - Load balancer routes (createLoadBalancerRoute)
* - Static file server routes (createStaticFileRoute)
* - API routes (createApiRoute)
* - WebSocket routes (createWebSocketRoute)
* - Port mapping routes (createPortMappingRoute, createOffsetPortMappingRoute)
@ -119,11 +118,8 @@ export function createHttpToHttpsRedirect(
// Create route action
const action: IRouteAction = {
type: 'redirect',
redirect: {
to: `https://{domain}:${httpsPort}{path}`,
status: 301
}
type: 'socket-handler',
socketHandler: SocketHandlers.httpRedirect(`https://{domain}:${httpsPort}{path}`, 301)
};
// Create the route config
@ -267,60 +263,6 @@ export function createLoadBalancerRoute(
};
}
/**
* Create a static file server route
* @param domains Domain(s) to match
* @param rootDir Root directory path for static files
* @param options Additional route options
* @returns Route configuration object
*/
export function createStaticFileRoute(
domains: string | string[],
rootDir: string,
options: {
indexFiles?: string[];
serveOnHttps?: boolean;
certificate?: 'auto' | { key: string; cert: string };
httpPort?: number | number[];
httpsPort?: number | number[];
name?: string;
[key: string]: any;
} = {}
): IRouteConfig {
// Create route match
const match: IRouteMatch = {
ports: options.serveOnHttps
? (options.httpsPort || 443)
: (options.httpPort || 80),
domains
};
// Create route action
const action: IRouteAction = {
type: 'static',
static: {
root: rootDir,
index: options.indexFiles || ['index.html', 'index.htm']
}
};
// Add TLS configuration if serving on HTTPS
if (options.serveOnHttps) {
action.tls = {
mode: 'terminate',
certificate: options.certificate || 'auto'
};
}
// Create the route config
return {
match,
action,
name: options.name || `Static Files for ${Array.isArray(domains) ? domains.join(', ') : domains}`,
...options
};
}
/**
* Create an API route configuration
* @param domains Domain(s) to match
@ -853,7 +795,7 @@ export const SocketHandlers = {
/**
* Simple echo server handler
*/
echo: (socket: plugins.net.Socket) => {
echo: (socket: plugins.net.Socket, context: IRouteContext) => {
socket.write('ECHO SERVER READY\n');
socket.on('data', data => socket.write(data));
},
@ -861,7 +803,7 @@ export const SocketHandlers = {
/**
* TCP proxy handler
*/
proxy: (targetHost: string, targetPort: number) => (socket: plugins.net.Socket) => {
proxy: (targetHost: string, targetPort: number) => (socket: plugins.net.Socket, context: IRouteContext) => {
const target = plugins.net.connect(targetPort, targetHost);
socket.pipe(target);
target.pipe(socket);
@ -876,7 +818,7 @@ export const SocketHandlers = {
/**
* Line-based protocol handler
*/
lineProtocol: (handler: (line: string, socket: plugins.net.Socket) => void) => (socket: plugins.net.Socket) => {
lineProtocol: (handler: (line: string, socket: plugins.net.Socket) => void) => (socket: plugins.net.Socket, context: IRouteContext) => {
let buffer = '';
socket.on('data', (data) => {
buffer += data.toString();
@ -893,7 +835,7 @@ export const SocketHandlers = {
/**
* Simple HTTP response handler (for testing)
*/
httpResponse: (statusCode: number, body: string) => (socket: plugins.net.Socket) => {
httpResponse: (statusCode: number, body: string) => (socket: plugins.net.Socket, context: IRouteContext) => {
const response = [
`HTTP/1.1 ${statusCode} ${statusCode === 200 ? 'OK' : 'Error'}`,
'Content-Type: text/plain',
@ -905,5 +847,74 @@ export const SocketHandlers = {
socket.write(response);
socket.end();
},
/**
* Block connection immediately
*/
block: (message?: string) => (socket: plugins.net.Socket, context: IRouteContext) => {
const finalMessage = message || `Connection blocked from ${context.clientIp}`;
if (finalMessage) {
socket.write(finalMessage);
}
socket.end();
},
/**
* HTTP block response
*/
httpBlock: (statusCode: number = 403, message?: string) => (socket: plugins.net.Socket, context: IRouteContext) => {
const defaultMessage = `Access forbidden for ${context.domain || context.clientIp}`;
const finalMessage = message || defaultMessage;
const response = [
`HTTP/1.1 ${statusCode} ${finalMessage}`,
'Content-Type: text/plain',
`Content-Length: ${finalMessage.length}`,
'Connection: close',
'',
finalMessage
].join('\r\n');
socket.write(response);
socket.end();
},
/**
* HTTP redirect handler
*/
httpRedirect: (locationTemplate: string, statusCode: number = 301) => (socket: plugins.net.Socket, context: IRouteContext) => {
let buffer = '';
socket.once('data', (data) => {
buffer += data.toString();
const lines = buffer.split('\r\n');
const requestLine = lines[0];
const [method, path] = requestLine.split(' ');
const domain = context.domain || 'localhost';
const port = context.port;
let finalLocation = locationTemplate
.replace('{domain}', domain)
.replace('{port}', String(port))
.replace('{path}', path)
.replace('{clientIp}', context.clientIp);
const message = `Redirecting to ${finalLocation}`;
const response = [
`HTTP/1.1 ${statusCode} ${statusCode === 301 ? 'Moved Permanently' : 'Found'}`,
`Location: ${finalLocation}`,
'Content-Type: text/plain',
`Content-Length: ${message.length}`,
'Connection: close',
'',
message
].join('\r\n');
socket.write(response);
socket.end();
});
}
};

62
ts/proxies/smart-proxy/utils/route-patterns.ts
View File

@ -7,6 +7,7 @@
import type { IRouteConfig, IRouteMatch, IRouteAction, IRouteTarget } from '../models/route-types.js';
import { mergeRouteConfigs } from './route-utils.js';
import { SocketHandlers } from './route-helpers.js';
/**
* Create a basic HTTP route configuration
@ -112,11 +113,11 @@ export function createHttpToHttpsRedirect(
ports: 80
},
action: {
type: 'redirect',
redirect: {
to: options.preservePath ? 'https://{domain}{path}' : 'https://{domain}',
status: options.redirectCode || 301
}
type: 'socket-handler',
socketHandler: SocketHandlers.httpRedirect(
options.preservePath ? 'https://{domain}{path}' : 'https://{domain}',
options.redirectCode || 301
)
},
name: options.name || `HTTP to HTTPS redirect: ${Array.isArray(domains) ? domains.join(', ') : domains}`
};
@ -214,57 +215,6 @@ export function createApiGatewayRoute(
return mergeRouteConfigs(baseRoute, apiRoute);
}
/**
* Create a static file server route pattern
* @param domains Domain(s) to match
* @param rootDirectory Root directory for static files
* @param options Additional route options
* @returns Static file server route configuration
*/
export function createStaticFileServerRoute(
domains: string | string[],
rootDirectory: string,
options: {
useTls?: boolean;
certificate?: 'auto' | { key: string; cert: string };
indexFiles?: string[];
cacheControl?: string;
path?: string;
[key: string]: any;
} = {}
): IRouteConfig {
// Create base route with static action
const baseRoute: IRouteConfig = {
match: {
domains,
ports: options.useTls ? 443 : 80,
path: options.path || '/'
},
action: {
type: 'static',
static: {
root: rootDirectory,
index: options.indexFiles || ['index.html', 'index.htm'],
headers: {
'Cache-Control': options.cacheControl || 'public, max-age=3600'
}
}
},
name: options.name || `Static Server: ${Array.isArray(domains) ? domains.join(', ') : domains}`,
priority: options.priority || 50
};
// Add TLS configuration if requested
if (options.useTls) {
baseRoute.action.tls = {
mode: 'terminate',
certificate: options.certificate || 'auto'
};
}
return baseRoute;
}
/**
* Create a WebSocket route pattern
* @param domains Domain(s) to match