From 4e451387284575bfe36d73945b9cfcb4a6f7f987 Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Fri, 18 Mar 2022 19:00:37 +1100 Subject: [PATCH] refactor: combined `ForwardProxy` and `ReverseProxy` into `Proxy` `ForwardProxy` and `ReverseProxy` has been combined into a single `Proxy`. The core part of this change is that both the proxies now share the same `UTP` socket. This allows us to get information about the reverse proxy's port when handling an incoming connection. This is critical for `NAT` punch-through procedure. Fixes #360 --- src/PolykeyAgent.ts | 105 +- src/agent/service/index.ts | 6 +- .../service/nodesHolePunchMessageSend.ts | 2 +- src/agent/service/vaultsGitInfoGet.ts | 2 +- src/agent/service/vaultsGitPackGet.ts | 2 +- src/agent/service/vaultsScan.ts | 2 +- src/agent/utils.ts | 6 +- src/bin/agent/CommandStart.ts | 13 +- src/bin/agent/CommandStatus.ts | 20 +- src/bin/types.ts | 7 +- src/bin/utils/options.ts | 24 +- src/bootstrap/utils.ts | 13 +- src/client/service/agentStatus.ts | 19 +- src/client/service/index.ts | 6 +- src/config.ts | 15 +- src/network/ConnectionForward.ts | 6 +- src/network/ConnectionReverse.ts | 10 +- src/network/ForwardProxy.ts | 483 ------- src/network/Proxy.ts | 707 ++++++++++ src/network/ReverseProxy.ts | 334 ----- src/network/errors.ts | 31 +- src/network/index.ts | 3 +- src/network/types.ts | 21 +- src/nodes/NodeConnection.ts | 43 +- src/nodes/NodeConnectionManager.ts | 47 +- src/proto/js/polykey/v1/agent/agent_pb.d.ts | 30 +- src/proto/js/polykey/v1/agent/agent_pb.js | 108 +- .../js/polykey/v1/client_service_grpc_pb.d.ts | 98 +- .../js/polykey/v1/client_service_grpc_pb.js | 66 +- src/proto/js/polykey/v1/nodes/nodes_pb.d.ts | 6 +- src/proto/js/polykey/v1/nodes/nodes_pb.js | 12 +- .../schemas/polykey/v1/agent/agent.proto | 10 +- .../schemas/polykey/v1/nodes/nodes.proto | 2 +- src/status/StatusSchema.json | 8 +- src/status/types.ts | 4 +- tests/agent/GRPCClientAgent.test.ts | 103 +- tests/agent/service/notificationsSend.test.ts | 29 +- tests/agent/utils.ts | 8 +- tests/bin/agent/start.test.ts | 47 +- tests/bin/agent/status.test.ts | 22 +- tests/bin/agent/stop.test.ts | 8 +- .../allowDisallowPermissions.test.ts | 10 +- .../authenticateAuthenticated.test.ts | 3 +- tests/bin/identities/claim.test.ts | 3 +- tests/bin/identities/discoverGet.test.ts | 13 +- tests/bin/identities/search.test.ts | 3 +- tests/bin/identities/trustUntrustList.test.ts | 10 +- tests/bin/keys/renew.test.ts | 3 +- tests/bin/keys/reset.test.ts | 3 +- tests/bin/nodes/add.test.ts | 3 +- tests/bin/nodes/claim.test.ts | 6 +- tests/bin/nodes/find.test.ts | 17 +- tests/bin/nodes/ping.test.ts | 11 +- tests/bin/notifications/sendReadClear.test.ts | 14 +- tests/bin/vaults/vaults.test.ts | 12 +- tests/client/rpcVaults.test.ts | 22 +- tests/client/service/agentStatus.test.ts | 37 +- .../gestaltsDiscoveryByIdentity.test.ts | 27 +- .../service/gestaltsDiscoveryByNode.test.ts | 27 +- .../gestaltsGestaltTrustByIdentity.test.ts | 35 +- .../gestaltsGestaltTrustByNode.test.ts | 36 +- tests/client/service/identitiesClaim.test.ts | 29 +- tests/client/service/keysKeyPairRenew.test.ts | 20 +- tests/client/service/keysKeyPairReset.test.ts | 20 +- tests/client/service/nodesAdd.test.ts | 29 +- tests/client/service/nodesClaim.test.ts | 29 +- tests/client/service/nodesFind.test.ts | 29 +- tests/client/service/nodesPing.test.ts | 29 +- .../client/service/notificationsClear.test.ts | 29 +- .../client/service/notificationsRead.test.ts | 29 +- .../client/service/notificationsSend.test.ts | 27 +- tests/client/utils.ts | 3 +- tests/discovery/Discovery.test.ts | 39 +- .../{ForwardProxy.test.ts => Proxy.test.ts} | 1253 ++++++++++++++--- tests/network/ReverseProxy.test.ts | 782 ---------- tests/network/index.test.ts | 93 +- tests/nodes/NodeConnection.test.ts | 153 +- .../NodeConnectionManager.general.test.ts | 74 +- .../NodeConnectionManager.lifecycle.test.ts | 60 +- .../NodeConnectionManager.seednodes.test.ts | 61 +- .../NodeConnectionManager.termination.test.ts | 123 +- .../NodeConnectionManager.timeout.test.ts | 43 +- tests/nodes/NodeGraph.test.ts | 25 +- tests/nodes/NodeManager.test.ts | 64 +- tests/nodes/TestNodeConnection.ts | 8 +- tests/nodes/utils.ts | 8 +- .../NotificationsManager.test.ts | 31 +- tests/status/Status.test.ts | 28 +- tests/utils.ts | 3 +- tests/vaults/VaultManager.test.ts | 53 +- 90 files changed, 2722 insertions(+), 3235 deletions(-) delete mode 100644 src/network/ForwardProxy.ts create mode 100644 src/network/Proxy.ts delete mode 100644 src/network/ReverseProxy.ts rename tests/network/{ForwardProxy.test.ts => Proxy.test.ts} (65%) delete mode 100644 tests/network/ReverseProxy.test.ts diff --git a/src/PolykeyAgent.ts b/src/PolykeyAgent.ts index 5329b8747..dfb4aa1ef 100644 --- a/src/PolykeyAgent.ts +++ b/src/PolykeyAgent.ts @@ -21,8 +21,7 @@ import { Discovery } from './discovery'; import { SessionManager } from './sessions'; import { GRPCServer } from './grpc'; import { IdentitiesManager, providers } from './identities'; -import ForwardProxy from './network/ForwardProxy'; -import ReverseProxy from './network/ReverseProxy'; +import Proxy from './network/Proxy'; import { EventBus, captureRejectionSymbol } from './events'; import { createAgentService, AgentServiceService } from './agent'; import { createClientService, ClientServiceService } from './client'; @@ -31,13 +30,10 @@ import * as utils from './utils'; import * as errors from './errors'; type NetworkConfig = { + forwardHost?: Host; + forwardPort?: Port; proxyHost?: Host; proxyPort?: Port; - egressHost?: Host; - egressPort?: Port; - // ReverseProxy - ingressHost?: Host; - ingressPort?: Port; // GRPCServer for agent service agentHost?: Host; agentPort?: Port; @@ -59,8 +55,7 @@ class PolykeyAgent { nodePath = config.defaults.nodePath, keysConfig = {}, networkConfig = {}, - forwardProxyConfig = {}, - reverseProxyConfig = {}, + proxyConfig = {}, nodeConnectionManagerConfig = {}, seedNodes = {}, // Optional dependencies @@ -72,8 +67,7 @@ class PolykeyAgent { sigchain, acl, gestaltGraph, - fwdProxy, - revProxy, + proxy, nodeGraph, nodeConnectionManager, nodeManager, @@ -95,16 +89,12 @@ class PolykeyAgent { dbKeyBits?: number; recoveryCode?: string; }; - forwardProxyConfig?: { + proxyConfig?: { authToken?: string; connConnectTime?: number; connTimeoutTime?: number; connPingIntervalTime?: number; }; - reverseProxyConfig?: { - connConnectTime?: number; - connTimeoutTime?: number; - }; nodeConnectionManagerConfig?: { connConnectTime?: number; connTimeoutTime?: number; @@ -120,8 +110,7 @@ class PolykeyAgent { sigchain?: Sigchain; acl?: ACL; gestaltGraph?: GestaltGraph; - fwdProxy?: ForwardProxy; - revProxy?: ReverseProxy; + proxy?: Proxy; nodeGraph?: NodeGraph; nodeConnectionManager?: NodeConnectionManager; nodeManager?: NodeManager; @@ -147,14 +136,10 @@ class PolykeyAgent { ...config.defaults.keysConfig, ...utils.filterEmptyObject(keysConfig), }; - const forwardProxyConfig_ = { + const proxyConfig_ = { authToken: (await keysUtils.getRandomBytes(10)).toString(), - ...config.defaults.forwardProxyConfig, - ...utils.filterEmptyObject(forwardProxyConfig), - }; - const reverseProxyConfig_ = { - ...config.defaults.reverseProxyConfig, - ...utils.filterEmptyObject(reverseProxyConfig), + ...config.defaults.proxyConfig, + ...utils.filterEmptyObject(proxyConfig), }; const nodeConnectionManagerConfig_ = { ...config.defaults.nodeConnectionManagerConfig, @@ -256,17 +241,11 @@ class PolykeyAgent { logger: logger.getChild(GestaltGraph.name), fresh, })); - fwdProxy = - fwdProxy ?? - new ForwardProxy({ - ...forwardProxyConfig_, - logger: logger.getChild(ForwardProxy.name), - }); - revProxy = - revProxy ?? - new ReverseProxy({ - ...reverseProxyConfig_, - logger: logger.getChild(ReverseProxy.name), + proxy = + proxy ?? + new Proxy({ + ...proxyConfig_, + logger: logger.getChild(Proxy.name), }); nodeGraph = nodeGraph ?? @@ -281,8 +260,7 @@ class PolykeyAgent { new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes, ...nodeConnectionManagerConfig_, logger: logger.getChild(NodeConnectionManager.name), @@ -359,8 +337,7 @@ class PolykeyAgent { await notificationsManager?.stop(); await vaultManager?.stop(); await discovery?.stop(); - await revProxy?.stop(); - await fwdProxy?.stop(); + await proxy?.stop(); await gestaltGraph?.stop(); await acl?.stop(); await sigchain?.stop(); @@ -381,8 +358,7 @@ class PolykeyAgent { sigchain, acl, gestaltGraph, - fwdProxy, - revProxy, + proxy, nodeGraph, nodeConnectionManager, nodeManager, @@ -414,8 +390,7 @@ class PolykeyAgent { public readonly sigchain: Sigchain; public readonly acl: ACL; public readonly gestaltGraph: GestaltGraph; - public readonly fwdProxy: ForwardProxy; - public readonly revProxy: ReverseProxy; + public readonly proxy: Proxy; public readonly nodeGraph: NodeGraph; public readonly nodeConnectionManager: NodeConnectionManager; public readonly nodeManager: NodeManager; @@ -440,8 +415,7 @@ class PolykeyAgent { sigchain, acl, gestaltGraph, - fwdProxy, - revProxy, + proxy, nodeGraph, nodeConnectionManager, nodeManager, @@ -464,8 +438,7 @@ class PolykeyAgent { sigchain: Sigchain; acl: ACL; gestaltGraph: GestaltGraph; - fwdProxy: ForwardProxy; - revProxy: ReverseProxy; + proxy: Proxy; nodeGraph: NodeGraph; nodeConnectionManager: NodeConnectionManager; nodeManager: NodeManager; @@ -489,8 +462,7 @@ class PolykeyAgent { this.sigchain = sigchain; this.acl = acl; this.gestaltGraph = gestaltGraph; - this.fwdProxy = fwdProxy; - this.revProxy = revProxy; + this.proxy = proxy; this.discovery = discovery; this.nodeGraph = nodeGraph; this.nodeConnectionManager = nodeConnectionManager; @@ -541,8 +513,7 @@ class PolykeyAgent { nodeId: keyChangeData.nodeId, }); await this.nodeManager.refreshBuckets(); - this.fwdProxy.setTLSConfig(keyChangeData.tlsConfig); - this.revProxy.setTLSConfig(keyChangeData.tlsConfig); + this.proxy.setTLSConfig(keyChangeData.tlsConfig); this.grpcServerClient.setTLSConfig(keyChangeData.tlsConfig); this.logger.info('Propagated root keypair change'); }, @@ -563,7 +534,7 @@ class PolykeyAgent { notificationsManager: this.notificationsManager, acl: this.acl, gestaltGraph: this.gestaltGraph, - revProxy: this.revProxy, + proxy: this.proxy, }); const clientService = createClientService({ pkAgent: this, @@ -581,8 +552,7 @@ class PolykeyAgent { acl: this.acl, grpcServerClient: this.grpcServerClient, grpcServerAgent: this.grpcServerAgent, - fwdProxy: this.fwdProxy, - revProxy: this.revProxy, + proxy: this.proxy, fs: this.fs, }); // Starting modules @@ -613,18 +583,13 @@ class PolykeyAgent { host: networkConfig_.agentHost, port: networkConfig_.agentPort, }); - await this.fwdProxy.start({ - proxyHost: networkConfig_.proxyHost, - proxyPort: networkConfig_.proxyPort, - egressHost: networkConfig_.egressHost, - egressPort: networkConfig_.egressPort, - tlsConfig, - }); - await this.revProxy.start({ + await this.proxy.start({ + forwardHost: networkConfig_.forwardHost, + forwardPort: networkConfig_.forwardPort, serverHost: this.grpcServerAgent.getHost(), serverPort: this.grpcServerAgent.getPort(), - ingressHost: networkConfig_.ingressHost, - ingressPort: networkConfig_.ingressPort, + proxyHost: networkConfig_.proxyHost, + proxyPort: networkConfig_.proxyPort, tlsConfig, }); await this.nodeConnectionManager.start(); @@ -639,8 +604,8 @@ class PolykeyAgent { nodeId: this.keyManager.getNodeId(), clientHost: this.grpcServerClient.getHost(), clientPort: this.grpcServerClient.getPort(), - ingressHost: this.revProxy.getIngressHost(), - ingressPort: this.revProxy.getIngressPort(), + proxyHost: this.proxy.getProxyHost(), + proxyPort: this.proxy.getProxyPort(), }); this.logger.info(`Started ${this.constructor.name}`); } catch (e) { @@ -650,8 +615,7 @@ class PolykeyAgent { await this.notificationsManager?.stop(); await this.vaultManager?.stop(); await this.discovery?.stop(); - await this.revProxy?.stop(); - await this.fwdProxy?.stop(); + await this.proxy?.stop(); await this.grpcServerAgent?.stop(); await this.grpcServerClient?.stop(); await this.gestaltGraph?.stop(); @@ -679,8 +643,7 @@ class PolykeyAgent { await this.discovery.stop(); await this.nodeConnectionManager.stop(); await this.nodeGraph.stop(); - await this.revProxy.stop(); - await this.fwdProxy.stop(); + await this.proxy.stop(); await this.grpcServerAgent.stop(); await this.grpcServerClient.stop(); await this.gestaltGraph.stop(); diff --git a/src/agent/service/index.ts b/src/agent/service/index.ts index d7427d601..aa96bfd2e 100644 --- a/src/agent/service/index.ts +++ b/src/agent/service/index.ts @@ -10,7 +10,7 @@ import type { Sigchain } from '../../sigchain'; import type { ACL } from '../../acl'; import type { GestaltGraph } from '../../gestalts'; import type { IAgentServiceServer } from '../../proto/js/polykey/v1/agent_service_grpc_pb'; -import type ReverseProxy from '../../network/ReverseProxy'; +import type Proxy from '../../network/Proxy'; import echo from './echo'; import nodesChainDataGet from './nodesChainDataGet'; import nodesClaimsGet from './nodesClaimsGet'; @@ -34,9 +34,9 @@ function createService(container: { sigchain: Sigchain; acl: ACL; gestaltGraph: GestaltGraph; - revProxy: ReverseProxy; + proxy: Proxy; }): IAgentServiceServer { - const connectionInfoGet = agentUtils.connectionInfoGetter(container.revProxy); + const connectionInfoGet = agentUtils.connectionInfoGetter(container.proxy); const container_ = { ...container, connectionInfoGet: connectionInfoGet, diff --git a/src/agent/service/nodesHolePunchMessageSend.ts b/src/agent/service/nodesHolePunchMessageSend.ts index 7c8a2e0a1..d524e9f24 100644 --- a/src/agent/service/nodesHolePunchMessageSend.ts +++ b/src/agent/service/nodesHolePunchMessageSend.ts @@ -51,7 +51,7 @@ function nodesHolePunchMessageSend({ // back to the source node. if (keyManager.getNodeId().equals(targetId)) { const [host, port] = networkUtils.parseAddress( - call.request.getEgressAddress(), + call.request.getProxyAddress(), ); await nodeConnectionManager.holePunchReverse(host, port); // Otherwise, find if node in table diff --git a/src/agent/service/vaultsGitInfoGet.ts b/src/agent/service/vaultsGitInfoGet.ts index 6391b3f7b..72f01a74c 100644 --- a/src/agent/service/vaultsGitInfoGet.ts +++ b/src/agent/service/vaultsGitInfoGet.ts @@ -50,7 +50,7 @@ function vaultsGitInfoGet({ if (connectionInfo == null) { throw new agentErrors.ErrorConnectionInfoMissing(); } - const nodeId = connectionInfo.nodeId; + const nodeId = connectionInfo.remoteNodeId; const nodeIdEncoded = nodesUtils.encodeNodeId(nodeId); const actionType = validationUtils.parseVaultAction(request.getAction()); const permissions = await acl.getNodePerm(nodeId); diff --git a/src/agent/service/vaultsGitPackGet.ts b/src/agent/service/vaultsGitPackGet.ts index 0a180b4ff..5528ade31 100644 --- a/src/agent/service/vaultsGitPackGet.ts +++ b/src/agent/service/vaultsGitPackGet.ts @@ -37,7 +37,7 @@ function vaultsGitPackGet({ if (connectionInfo == null) { throw new agentErrors.ErrorConnectionInfoMissing(); } - const nodeId = connectionInfo.nodeId; + const nodeId = connectionInfo.remoteNodeId; const nodeIdEncoded = nodesUtils.encodeNodeId(nodeId); // Getting vaultId const vaultNameOrId = meta.get('vaultNameOrId').pop()!.toString(); diff --git a/src/agent/service/vaultsScan.ts b/src/agent/service/vaultsScan.ts index cb4447b03..6dfd028e4 100644 --- a/src/agent/service/vaultsScan.ts +++ b/src/agent/service/vaultsScan.ts @@ -26,7 +26,7 @@ function vaultsScan({ if (connectionInfo == null) { throw new agentErrors.ErrorConnectionInfoMissing(); } - const nodeId = connectionInfo.nodeId; + const nodeId = connectionInfo.remoteNodeId; try { const listResponse = vaultManager.handleScanVaults(nodeId); for await (const { diff --git a/src/agent/utils.ts b/src/agent/utils.ts index 6d6b6fdd2..f38e540d5 100644 --- a/src/agent/utils.ts +++ b/src/agent/utils.ts @@ -1,14 +1,14 @@ import type { Host, Port } from 'network/types'; -import type ReverseProxy from 'network/ReverseProxy'; +import type Proxy from 'network/Proxy'; import type { ConnectionInfoGet } from './types'; import type { ServerSurfaceCall } from '@grpc/grpc-js/build/src/server-call'; -function connectionInfoGetter(revProxy: ReverseProxy): ConnectionInfoGet { +function connectionInfoGetter(proxy: Proxy): ConnectionInfoGet { return (call: ServerSurfaceCall) => { let urlString = call.getPeer(); if (!/^.*:\/\//.test(urlString)) urlString = 'pk://' + urlString; const url = new URL(urlString); - return revProxy.getConnectionInfoByProxy( + return proxy.getConnectionInfoByReverse( url.hostname as Host, parseInt(url.port) as Port, ); diff --git a/src/bin/agent/CommandStart.ts b/src/bin/agent/CommandStart.ts index 7e911eb1e..75be8c78a 100644 --- a/src/bin/agent/CommandStart.ts +++ b/src/bin/agent/CommandStart.ts @@ -22,8 +22,8 @@ class CommandStart extends CommandPolykey { this.addOption(binOptions.rootKeyPairBits); this.addOption(binOptions.clientHost); this.addOption(binOptions.clientPort); - this.addOption(binOptions.ingressHost); - this.addOption(binOptions.ingressPort); + this.addOption(binOptions.proxyHost); + this.addOption(binOptions.proxyPort); this.addOption(binOptions.connTimeoutTime); this.addOption(binOptions.seedNodes); this.addOption(binOptions.network); @@ -83,17 +83,14 @@ class CommandStart extends CommandPolykey { rootKeyPairBits: options.rootKeyPairBits, recoveryCode: recoveryCodeIn, }, - forwardProxyConfig: { - connTimeoutTime: options.connTimeoutTime, - }, - reverseProxyConfig: { + proxyConfig: { connTimeoutTime: options.connTimeoutTime, }, networkConfig: { clientHost: options.clientHost, clientPort: options.clientPort, - ingressHost: options.ingressHost, - ingressPort: options.ingressPort, + proxyHost: options.proxyHost, + proxyPort: options.proxyPort, }, seedNodes, fresh: options.fresh, diff --git a/src/bin/agent/CommandStatus.ts b/src/bin/agent/CommandStatus.ts index ea15fb6e7..ed6fd6af7 100644 --- a/src/bin/agent/CommandStatus.ts +++ b/src/bin/agent/CommandStatus.ts @@ -67,14 +67,12 @@ class CommandStatus extends CommandPolykey { const nodeId = response.getNodeId(); const clientHost = response.getClientHost(); const clientPort = response.getClientPort(); - const ingressHost = response.getIngressHost(); - const ingressPort = response.getIngressPort(); - const egressHost = response.getEgressHost(); - const egressPort = response.getEgressPort(); - const agentHost = response.getAgentHost(); - const agentPort = response.getAgentPort(); const proxyHost = response.getProxyHost(); const proxyPort = response.getProxyPort(); + const agentHost = response.getAgentHost(); + const agentPort = response.getAgentPort(); + const forwardHost = response.getForwardHost(); + const forwardPort = response.getForwardPort(); const rootPublicKeyPem = response.getRootPublicKeyPem(); const rootCertPem = response.getRootCertPem(); const rootCertChainPem = response.getRootCertChainPem(); @@ -87,14 +85,12 @@ class CommandStatus extends CommandPolykey { nodeId, clientHost, clientPort, - ingressHost, - ingressPort, - egressHost, - egressPort, - agentHost, - agentPort, proxyHost, proxyPort, + agentHost, + agentPort, + forwardHost, + forwardPort, rootPublicKeyPem, rootCertPem, rootCertChainPem, diff --git a/src/bin/types.ts b/src/bin/types.ts index a842f9033..fcda63e0d 100644 --- a/src/bin/types.ts +++ b/src/bin/types.ts @@ -32,13 +32,10 @@ type AgentChildProcessInput = { connTimeoutTime?: number; }; networkConfig?: { + forwardHost?: Host; + forwardPort?: Port; proxyHost?: Host; proxyPort?: Port; - egressHost?: Host; - egressPort?: Port; - // ReverseProxy - ingressHost?: Host; - ingressPort?: Port; // GRPCServer for agent service agentHost?: Host; agentPort?: Port; diff --git a/src/bin/utils/options.ts b/src/bin/utils/options.ts index b9238919b..60ea5ac0a 100644 --- a/src/bin/utils/options.ts +++ b/src/bin/utils/options.ts @@ -74,28 +74,22 @@ const clientPort = new commander.Option( .env('PK_CLIENT_PORT') .argParser(binParsers.parsePort); -const ingressHost = new commander.Option( - '-ih, --ingress-host ', - 'Ingress host', -) - .env('PK_INGRESS_HOST') +const proxyHost = new commander.Option('-ph, --proxy-host ', 'Proxy host') + .env('PK_PROXY_HOST') .argParser(binParsers.parseHost) - .default(config.defaults.networkConfig.ingressHost); + .default(config.defaults.networkConfig.proxyHost); -const ingressPort = new commander.Option( - '-ip, --ingress-port ', - 'Ingress Port', -) - .env('PK_INGRESS_PORT') +const proxyPort = new commander.Option('-pp, --proxy-port ', 'Proxy Port') + .env('PK_PROXY_PORT') .argParser(binParsers.parsePort) - .default(config.defaults.networkConfig.ingressPort); + .default(config.defaults.networkConfig.proxyPort); const connTimeoutTime = new commander.Option( '--connection-timeout ', 'Timeout value for connection establishment between nodes', ) .argParser(binParsers.parseInteger) - .default(config.defaults.forwardProxyConfig.connTimeoutTime); + .default(config.defaults.proxyConfig.connTimeoutTime); const passwordFile = new commander.Option( '-pf, --password-file ', @@ -168,8 +162,8 @@ export { nodeId, clientHost, clientPort, - ingressHost, - ingressPort, + proxyHost, + proxyPort, connTimeoutTime, recoveryCodeFile, passwordFile, diff --git a/src/bootstrap/utils.ts b/src/bootstrap/utils.ts index fc855bb02..422709b01 100644 --- a/src/bootstrap/utils.ts +++ b/src/bootstrap/utils.ts @@ -12,8 +12,7 @@ import { KeyManager, utils as keyUtils } from '../keys'; import { Sigchain } from '../sigchain'; import { ACL } from '../acl'; import { GestaltGraph } from '../gestalts'; -import ForwardProxy from '../network/ForwardProxy'; -import ReverseProxy from '../network/ReverseProxy'; +import Proxy from '../network/Proxy'; import { NodeConnectionManager, NodeGraph, NodeManager } from '../nodes'; import { VaultManager } from '../vaults'; import { NotificationsManager } from '../notifications'; @@ -132,12 +131,9 @@ async function bootstrapState({ fresh, }); // Proxies are constructed only, but not started - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken: '', - logger: logger.getChild(ForwardProxy.name), - }); - const revProxy = new ReverseProxy({ - logger: logger.getChild(ReverseProxy.name), + logger: logger.getChild(Proxy.name), }); const nodeGraph = await NodeGraph.createNodeGraph({ db, @@ -148,8 +144,7 @@ async function bootstrapState({ const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: logger.getChild(NodeConnectionManager.name), }); const nodeManager = new NodeManager({ diff --git a/src/client/service/agentStatus.ts b/src/client/service/agentStatus.ts index d478c9c29..0076019b0 100644 --- a/src/client/service/agentStatus.ts +++ b/src/client/service/agentStatus.ts @@ -2,8 +2,7 @@ import type * as grpc from '@grpc/grpc-js'; import type { Authenticate } from '../types'; import type { KeyManager } from '../../keys'; import type { GRPCServer } from '../../grpc'; -import type ForwardProxy from '../../network/ForwardProxy'; -import type ReverseProxy from '../../network/ReverseProxy'; +import type Proxy from '../../network/Proxy'; import type * as utilsPB from '../../proto/js/polykey/v1/utils/utils_pb'; import process from 'process'; import * as grpcUtils from '../../grpc/utils'; @@ -15,15 +14,13 @@ function agentStatus({ keyManager, grpcServerClient, grpcServerAgent, - fwdProxy, - revProxy, + proxy, }: { authenticate: Authenticate; keyManager: KeyManager; grpcServerClient: GRPCServer; grpcServerAgent: GRPCServer; - fwdProxy: ForwardProxy; - revProxy: ReverseProxy; + proxy: Proxy; }) { return async ( call: grpc.ServerUnaryCall, @@ -37,14 +34,12 @@ function agentStatus({ response.setNodeId(nodeUtils.encodeNodeId(keyManager.getNodeId())); response.setClientHost(grpcServerClient.getHost()); response.setClientPort(grpcServerClient.getPort()); - response.setIngressHost(revProxy.getIngressHost()); - response.setIngressPort(revProxy.getIngressPort()); - response.setEgressHost(fwdProxy.getEgressHost()); - response.setEgressPort(fwdProxy.getEgressPort()); + response.setProxyHost(proxy.getProxyHost()); + response.setProxyPort(proxy.getProxyPort()); response.setAgentHost(grpcServerAgent.getHost()); response.setAgentPort(grpcServerAgent.getPort()); - response.setProxyHost(fwdProxy.getProxyHost()); - response.setProxyPort(fwdProxy.getProxyPort()); + response.setForwardHost(proxy.getForwardHost()); + response.setForwardPort(proxy.getForwardPort()); response.setRootPublicKeyPem(keyManager.getRootKeyPairPem().publicKey); response.setRootCertPem(keyManager.getRootCertPem()); response.setRootCertChainPem(await keyManager.getRootCertChainPem()); diff --git a/src/client/service/index.ts b/src/client/service/index.ts index 50e282fbb..494c5088c 100644 --- a/src/client/service/index.ts +++ b/src/client/service/index.ts @@ -14,8 +14,7 @@ import type { Discovery } from '../../discovery'; import type { Sigchain } from '../../sigchain'; import type { GRPCServer } from '../../grpc'; import type ACL from '../../acl/ACL'; -import type ForwardProxy from '../../network/ForwardProxy'; -import type ReverseProxy from '../../network/ReverseProxy'; +import type Proxy from '../../network/Proxy'; import type { IClientServiceServer } from '../../proto/js/polykey/v1/client_service_grpc_pb'; import type { FileSystem } from '../../types'; import Logger from '@matrixai/logger'; @@ -108,8 +107,7 @@ function createService({ acl: ACL; grpcServerClient: GRPCServer; grpcServerAgent: GRPCServer; - fwdProxy: ForwardProxy; - revProxy: ReverseProxy; + proxy: Proxy; logger?: Logger; fs?: FileSystem; }) { diff --git a/src/config.ts b/src/config.ts index c8322e2f2..7e9b732bd 100644 --- a/src/config.ts +++ b/src/config.ts @@ -71,13 +71,10 @@ const config = { }, networkConfig: { // ForwardProxy - proxyHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, + forwardPort: 0 as Port, + proxyHost: '0.0.0.0' as Host, proxyPort: 0 as Port, - egressHost: '0.0.0.0' as Host, - egressPort: 0 as Port, - // ReverseProxy - ingressHost: '0.0.0.0' as Host, - ingressPort: 0 as Port, // GRPCServer for agent service agentHost: '127.0.0.1' as Host, agentPort: 0 as Port, @@ -85,15 +82,11 @@ const config = { clientHost: '127.0.0.1' as Host, clientPort: 0 as Port, }, - forwardProxyConfig: { + proxyConfig: { connConnectTime: 20000, connTimeoutTime: 20000, connPingIntervalTime: 1000, }, - reverseProxyConfig: { - connConnectTime: 20000, - connTimeoutTime: 20000, - }, nodeConnectionManagerConfig: { connConnectTime: 20000, connTimeoutTime: 60000, diff --git a/src/network/ConnectionForward.ts b/src/network/ConnectionForward.ts index f9ac7e7d0..c41238a92 100644 --- a/src/network/ConnectionForward.ts +++ b/src/network/ConnectionForward.ts @@ -14,7 +14,7 @@ import * as keysUtils from '../keys/utils'; import { promise, timerStart, timerStop } from '../utils'; type ConnectionsForward = { - ingress: Map; + proxy: Map; client: Map; }; @@ -199,7 +199,7 @@ class ConnectionForward extends Connection { } await this.startKeepAliveInterval(); this.serverCertChain = serverCertChain; - this.connections.ingress.set(this.address, this); + this.connections.proxy.set(this.address, this); this.startKeepAliveTimeout(); this.logger.info('Started Connection Forward'); } @@ -226,7 +226,7 @@ class ConnectionForward extends Connection { endPs.push(this.endGracefully(this.clientSocket, this.endTime)); } await Promise.all(endPs); - this.connections.ingress.delete(this.address); + this.connections.proxy.delete(this.address); this.connections.client.delete(this.clientAddress); this.logger.info('Stopped Connection Forward'); } diff --git a/src/network/ConnectionReverse.ts b/src/network/ConnectionReverse.ts index b80e735a0..084624297 100644 --- a/src/network/ConnectionReverse.ts +++ b/src/network/ConnectionReverse.ts @@ -15,8 +15,8 @@ import * as keysUtils from '../keys/utils'; import { promise, timerStart, timerStop } from '../utils'; type ConnectionsReverse = { - egress: Map; proxy: Map; + reverse: Map; }; interface ConnectionReverse extends StartStop {} @@ -173,8 +173,8 @@ class ConnectionReverse extends Connection { this.utpSocket.off('message', this.handleMessage); throw new networkErrors.ErrorConnectionStartTimeout(); } - this.connections.egress.set(this.address, this); - this.connections.proxy.set(this.proxyAddress, this); + this.connections.proxy.set(this.address, this); + this.connections.reverse.set(this.proxyAddress, this); this.startKeepAliveTimeout(); this.logger.info('Started Connection Reverse'); } @@ -203,8 +203,8 @@ class ConnectionReverse extends Connection { endPs.push(this.endGracefully(this.tlsSocket, this.endTime)); } await Promise.all(endPs); - this.connections.egress.delete(this.address); - this.connections.proxy.delete(this.proxyAddress); + this.connections.proxy.delete(this.address); + this.connections.reverse.delete(this.proxyAddress); this.logger.info('Stopped Connection Reverse'); } diff --git a/src/network/ForwardProxy.ts b/src/network/ForwardProxy.ts deleted file mode 100644 index ca3d9e71e..000000000 --- a/src/network/ForwardProxy.ts +++ /dev/null @@ -1,483 +0,0 @@ -import type { AddressInfo, Socket } from 'net'; -import type { Host, Port, Address, ConnectionInfo, TLSConfig } from './types'; -import type { ConnectionsForward } from './ConnectionForward'; -import type { NodeId } from '../nodes/types'; -import type { Timer } from '../types'; -import http from 'http'; -import UTP from 'utp-native'; -import { Mutex } from 'async-mutex'; -import Logger from '@matrixai/logger'; -import { StartStop, ready } from '@matrixai/async-init/dist/StartStop'; -import ConnectionForward from './ConnectionForward'; -import * as networkUtils from './utils'; -import * as networkErrors from './errors'; -import * as nodesUtils from '../nodes/utils'; -import { promisify, timerStart, timerStop } from '../utils'; - -interface ForwardProxy extends StartStop {} -@StartStop() -class ForwardProxy { - public readonly authToken: string; - public readonly connConnectTime: number; - public readonly connKeepAliveTimeoutTime: number; - public readonly connEndTime: number; - public readonly connPunchIntervalTime: number; - public readonly connKeepAliveIntervalTime: number; - - protected logger: Logger; - protected proxyHost: Host; - protected proxyPort: Port; - protected egressHost: Host; - protected egressPort: Port; - protected server: http.Server; - protected utpSocket: UTP; - protected tlsConfig: TLSConfig; - protected connectionLocks: Map = new Map(); - protected connections: ConnectionsForward = { - ingress: new Map(), - client: new Map(), - }; - - constructor({ - authToken, - connConnectTime = 20000, - connKeepAliveTimeoutTime = 20000, - connEndTime = 1000, - connPunchIntervalTime = 1000, - connKeepAliveIntervalTime = 1000, - logger, - }: { - authToken: string; - connConnectTime?: number; - connKeepAliveTimeoutTime?: number; - connEndTime?: number; - connPunchIntervalTime?: number; - connKeepAliveIntervalTime?: number; - logger?: Logger; - }) { - this.logger = logger ?? new Logger(ForwardProxy.name); - this.logger.info('Creating Forward Proxy'); - this.authToken = authToken; - this.connConnectTime = connConnectTime; - this.connKeepAliveTimeoutTime = connKeepAliveTimeoutTime; - this.connEndTime = connEndTime; - this.connPunchIntervalTime = connPunchIntervalTime; - this.connKeepAliveIntervalTime = connKeepAliveIntervalTime; - this.server = http.createServer(); - this.server.on('request', this.handleRequest); - this.server.on('connect', this.handleConnect); - this.logger.info('Created Forward Proxy'); - } - - /** - * UTP only supports IPv4 - */ - public async start({ - proxyHost = '127.0.0.1' as Host, - proxyPort = 0 as Port, - egressHost = '0.0.0.0' as Host, - egressPort = 0 as Port, - tlsConfig, - }: { - proxyHost?: Host; - proxyPort?: Port; - egressHost?: Host; - egressPort?: Port; - tlsConfig: TLSConfig; - }): Promise { - let proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); - let egressAddress = networkUtils.buildAddress(egressHost, egressPort); - this.logger.info( - `Starting Forward Proxy from ${proxyAddress} to ${egressAddress}`, - ); - // Normal sockets defaults to `allowHalfOpen: false` - // But UTP defaults to `allowHalfOpen: true` - // Setting `allowHalfOpen: false` on UTP is buggy and cannot be used - const utpSocket = UTP({ allowHalfOpen: true }); - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(egressPort, egressHost); - egressPort = utpSocket.address().port; - const serverListen = promisify(this.server.listen).bind(this.server); - await serverListen(proxyPort, proxyHost); - proxyPort = (this.server.address() as AddressInfo).port as Port; - this.proxyHost = proxyHost; - this.proxyPort = proxyPort; - this.egressHost = egressHost; - this.egressPort = egressPort; - this.utpSocket = utpSocket; - this.tlsConfig = tlsConfig; - proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); - egressAddress = networkUtils.buildAddress(egressHost, egressPort); - this.logger.info( - `Started Forward Proxy from ${proxyAddress} to ${egressAddress}`, - ); - } - - public async stop(): Promise { - this.logger.info('Stopping Forward Proxy Server'); - // Ensure no new connections are created - this.server.removeAllListeners('connect'); - this.server.on('connect', async (_request, clientSocket) => { - const clientSocketEnd = promisify(clientSocket.end).bind(clientSocket); - await clientSocketEnd('HTTP/1.1 503 Service Unavailable\r\n' + '\r\n'); - clientSocket.destroy(); - }); - const connStops: Array> = []; - for (const [_, conn] of this.connections.ingress) { - connStops.push(conn.stop()); - } - const serverClose = promisify(this.server.close).bind(this.server); - await serverClose(); - await Promise.all(connStops); - // Even when all connections are destroyed - // the utp socket sometimes hangs in closing - // here we asynchronously close and unreference it - // in order to speed up the closing - this.utpSocket.close(); - this.utpSocket.unref(); - this.logger.info('Stopped Forward Proxy Server'); - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getProxyHost(): Host { - return this.proxyHost; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getProxyPort(): Port { - return this.proxyPort; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getEgressHost(): Host { - return this.egressHost; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getEgressPort(): Port { - return this.egressPort; - } - public getConnectionCount(): number { - return this.connections.ingress.size; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getConnectionInfoByClient( - clientHost: Host, - clientPort: Port, - ): ConnectionInfo | undefined { - const clientAddress = networkUtils.buildAddress(clientHost, clientPort); - const conn = this.connections.client.get(clientAddress); - if (conn == null) { - return; - } - const serverCertificates = conn.getServerCertificates(); - const serverNodeIds = conn.getServerNodeIds(); - return { - nodeId: serverNodeIds[0], - certificates: serverCertificates, - egressHost: this.egressHost, - egressPort: this.egressPort, - ingressHost: conn.host, - ingressPort: conn.port, - }; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public getConnectionInfoByIngress( - ingressHost: Host, - ingressPort: Port, - ): ConnectionInfo | undefined { - const ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - const conn = this.connections.ingress.get(ingressAddress); - if (conn == null) { - return; - } - const serverCertificates = conn.getServerCertificates(); - const serverNodeIds = conn.getServerNodeIds(); - return { - nodeId: serverNodeIds[0], - certificates: serverCertificates, - egressHost: this.egressHost, - egressPort: this.egressPort, - ingressHost: conn.host, - ingressPort: conn.port, - }; - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning()) - public setTLSConfig(tlsConfig: TLSConfig): void { - this.logger.info(`Updating ${this.constructor.name} TLS Config`); - this.tlsConfig = tlsConfig; - } - - /** - * Manually opens a connection with the ForwardProxy - * Usually you just use HTTP Connect requests to trigger handleConnect - * This will default to using `this.connConnectTime` if - * timer is not set or set to `undefined` - * It will only stop the timer if using the default timer - * Set timer to `null` explicitly to wait forever - */ - @ready(new networkErrors.ErrorForwardProxyNotRunning(), true) - public async openConnection( - nodeId: NodeId, - ingressHost: Host, - ingressPort: Port, - timer?: Timer, - ): Promise { - let timer_ = timer; - if (timer === undefined) { - timer_ = timerStart(this.connConnectTime); - } - const ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - let lock = this.connectionLocks.get(ingressAddress); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(ingressAddress, lock); - } - const release = await lock.acquire(); - try { - await this.establishConnection(nodeId, ingressHost, ingressPort, timer_); - } finally { - if (timer === undefined) { - timerStop(timer_!); - } - release(); - this.connectionLocks.delete(ingressAddress); - } - } - - @ready(new networkErrors.ErrorForwardProxyNotRunning(), true) - public async closeConnection( - ingressHost: Host, - ingressPort: Port, - ): Promise { - const ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - let lock = this.connectionLocks.get(ingressAddress); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(ingressAddress, lock); - } - const release = await lock.acquire(); - try { - const conn = this.connections.ingress.get(ingressAddress); - if (conn == null) { - return; - } - await conn.stop(); - } finally { - release(); - this.connectionLocks.delete(ingressAddress); - } - } - - /** - * HTTP Connect Proxy will proxy TCP to TLS + uTP - */ - protected handleConnect = async ( - request: http.IncomingMessage, - clientSocket: Socket, - ): Promise => { - const clientSocketEnd = promisify(clientSocket.end).bind(clientSocket); - const clientSocketWrite = promisify(clientSocket.write).bind(clientSocket); - let ingressAddress: string | null = null; - const handleConnectError = (e) => { - if (ingressAddress != null) { - this.logger.error( - `Failed CONNECT to ${ingressAddress} - ${e.toString()}`, - ); - } else { - this.logger.error(`Failed CONNECT - ${e.toString()}`); - } - clientSocket.destroy(); - }; - clientSocket.on('error', handleConnectError); - if (request.url === undefined) { - await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); - clientSocket.destroy(new networkErrors.ErrorForwardProxyInvalidUrl()); - return; - } - const url = new URL(`pk://${request.url}`); - const nodeIdEncodedForURL = url.searchParams.get('nodeId'); - const nodeId = - nodeIdEncodedForURL != null - ? nodesUtils.decodeNodeId(nodeIdEncodedForURL) - : undefined; - if (nodeId == null) { - await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); - clientSocket.destroy(new networkErrors.ErrorForwardProxyMissingNodeId()); - return; - } - const hostMatch = url.hostname.match(/\[(.+)\]|(.+)/)!; - if (hostMatch == null) { - await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); - clientSocket.destroy(new networkErrors.ErrorForwardProxyInvalidUrl()); - return; - } - const ingressHost = (hostMatch[1] ?? hostMatch[2]) as Host; - const ingressPort = (url.port === '' ? 80 : parseInt(url.port)) as Port; - ingressAddress = url.host; - this.logger.info(`Handling CONNECT to ${ingressAddress}`); - // Must be authenticated - if (!this.authenticated(request)) { - await clientSocketEnd( - 'HTTP/1.1 407 Proxy Authentication Required\r\n' + - 'Proxy-Authenticate: Basic\r\n' + - '\r\n', - ); - clientSocket.destroy(new networkErrors.ErrorForwardProxyAuth()); - return; - } - let lock = this.connectionLocks.get(ingressAddress as Address); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(ingressAddress as Address, lock); - } - const release = await lock.acquire(); - try { - const timer = timerStart(this.connConnectTime); - try { - await this.connect( - nodeId, - ingressHost, - ingressPort, - clientSocket, - timer, - ); - } catch (e) { - if (e instanceof networkErrors.ErrorConnectionStartTimeout) { - if (!clientSocket.destroyed) { - await clientSocketEnd('HTTP/1.1 504 Gateway Timeout\r\n' + '\r\n'); - clientSocket.destroy(e); - } - return; - } - if (e instanceof networkErrors.ErrorConnectionStart) { - if (!clientSocket.destroyed) { - await clientSocketEnd('HTTP/1.1 502 Bad Gateway\r\n' + '\r\n'); - clientSocket.destroy(e); - } - return; - } - if (e instanceof networkErrors.ErrorCertChain) { - if (!clientSocket.destroyed) { - await clientSocketEnd( - 'HTTP/1.1 526 Invalid SSL Certificate\r\n' + '\r\n', - ); - clientSocket.destroy(e); - } - return; - } - if (e instanceof networkErrors.ErrorConnectionTimeout) { - if (!clientSocket.destroyed) { - await clientSocketEnd( - 'HTTP/1.1 524 A Timeout Occurred\r\n' + '\r\n', - ); - clientSocket.destroy(e); - } - return; - } - if (e instanceof networkErrors.ErrorConnection) { - if (!clientSocket.destroyed) { - await clientSocketEnd( - 'HTTP/1.1 500 Internal Server Error\r\n' + '\r\n', - ); - clientSocket.destroy(e); - } - return; - } - if (!clientSocket.destroyed) { - await clientSocketEnd( - 'HTTP/1.1 500 Internal Server Error\r\n' + '\r\n', - ); - clientSocket.destroy(e); - } - return; - } finally { - timerStop(timer); - } - // After composing, switch off this error handler - clientSocket.off('error', handleConnectError); - await clientSocketWrite( - 'HTTP/1.1 200 Connection Established\r\n' + '\r\n', - ); - this.logger.info(`Handled CONNECT to ${ingressAddress}`); - } finally { - release(); - this.connectionLocks.delete(ingressAddress as Address); - } - }; - - protected async connect( - nodeId: NodeId, - ingressHost: Host, - ingressPort: Port, - clientSocket: Socket, - timer?: Timer, - ): Promise { - const conn = await this.establishConnection( - nodeId, - ingressHost, - ingressPort, - timer, - ); - conn.compose(clientSocket); - } - - protected async establishConnection( - nodeId: NodeId, - ingressHost: Host, - ingressPort: Port, - timer?: Timer, - ): Promise { - const ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - let conn: ConnectionForward | undefined; - conn = this.connections.ingress.get(ingressAddress); - // No more than one connection to an ingress address. - if (conn != null) { - return conn; - } - conn = new ConnectionForward({ - nodeId, - connections: this.connections, - utpSocket: this.utpSocket, - host: ingressHost, - port: ingressPort, - tlsConfig: this.tlsConfig, - keepAliveTimeoutTime: this.connKeepAliveTimeoutTime, - endTime: this.connEndTime, - punchIntervalTime: this.connPunchIntervalTime, - keepAliveIntervalTime: this.connKeepAliveIntervalTime, - logger: this.logger.getChild( - `${ConnectionForward.name} ${ingressAddress}`, - ), - }); - await conn.start({ timer }); - return conn; - } - - /** - * Given a request, authenticate its proxy-authorization token. - */ - protected authenticated(request: http.IncomingMessage): boolean { - const bearerAuthToken = networkUtils.toAuthToken(this.authToken); - return ( - request.headers['proxy-authorization'] !== undefined && - request.headers['proxy-authorization'] === bearerAuthToken - ); - } - - /** - * Regular HTTP requests are not allowed - */ - protected handleRequest = ( - _request: http.IncomingMessage, - response: http.ServerResponse, - ): void => { - response.writeHead(405); - response.end(); - }; -} - -export default ForwardProxy; diff --git a/src/network/Proxy.ts b/src/network/Proxy.ts new file mode 100644 index 000000000..7ff47eb6c --- /dev/null +++ b/src/network/Proxy.ts @@ -0,0 +1,707 @@ +import type { AddressInfo, Socket } from 'net'; +import type { Host, Port, Address, ConnectionInfo, TLSConfig } from './types'; +import type { ConnectionsForward } from './ConnectionForward'; +import type { NodeId } from '../nodes/types'; +import type { Timer } from '../types'; +import type UTPConnection from 'utp-native/lib/connection'; +import type { ConnectionsReverse } from './ConnectionReverse'; +import http from 'http'; +import UTP from 'utp-native'; +import { Mutex } from 'async-mutex'; +import Logger from '@matrixai/logger'; +import { StartStop, ready } from '@matrixai/async-init/dist/StartStop'; +import ConnectionReverse from './ConnectionReverse'; +import ConnectionForward from './ConnectionForward'; +import * as networkUtils from './utils'; +import * as networkErrors from './errors'; +import * as nodesUtils from '../nodes/utils'; +import { promisify, timerStart, timerStop } from '../utils'; + +interface Proxy extends StartStop {} +@StartStop() +class Proxy { + public readonly authToken: string; + public readonly connConnectTime: number; + public readonly connKeepAliveTimeoutTime: number; + public readonly connEndTime: number; + public readonly connPunchIntervalTime: number; + public readonly connKeepAliveIntervalTime: number; + + protected logger: Logger; + protected forwardHost: Host; + protected forwardPort: Port; + protected serverHost: Host; + protected serverPort: Port; + protected proxyHost: Host; + protected proxyPort: Port; + protected server: http.Server; + protected utpSocket: UTP; + protected tlsConfig: TLSConfig; + protected connectionLocksForward: Map = new Map(); + protected connectionsForward: ConnectionsForward = { + proxy: new Map(), + client: new Map(), + }; + protected connectionLocksReverse: Map = new Map(); + protected connectionsReverse: ConnectionsReverse = { + proxy: new Map(), + reverse: new Map(), + }; + + constructor({ + authToken, + connConnectTime = 20000, + connKeepAliveTimeoutTime = 20000, + connEndTime = 1000, + connPunchIntervalTime = 1000, + connKeepAliveIntervalTime = 1000, + logger, + }: { + authToken: string; + connConnectTime?: number; + connKeepAliveTimeoutTime?: number; + connEndTime?: number; + connPunchIntervalTime?: number; + connKeepAliveIntervalTime?: number; + logger?: Logger; + }) { + this.logger = logger ?? new Logger(Proxy.name); + this.logger.info(`Creating ${Proxy.name}`); + this.authToken = authToken; + this.connConnectTime = connConnectTime; + this.connKeepAliveTimeoutTime = connKeepAliveTimeoutTime; + this.connEndTime = connEndTime; + this.connPunchIntervalTime = connPunchIntervalTime; + this.connKeepAliveIntervalTime = connKeepAliveIntervalTime; + this.server = http.createServer(); + this.server.on('request', this.handleRequest); + this.server.on('connect', this.handleConnectForward); + this.logger.info(`Created ${Proxy.name}`); + } + + /** + * UTP only supports IPv4 + */ + public async start({ + proxyHost = '0.0.0.0' as Host, + proxyPort = 0 as Port, + forwardHost = '127.0.0.1' as Host, + forwardPort = 0 as Port, + serverHost, + serverPort, + tlsConfig, + }: { + proxyHost?: Host; + proxyPort?: Port; + forwardHost?: Host; + forwardPort?: Port; + serverHost: Host; + serverPort: Port; + tlsConfig: TLSConfig; + }): Promise { + let forwardAddress = networkUtils.buildAddress(forwardHost, forwardPort); + let proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let serverAddress = networkUtils.buildAddress(serverHost, serverPort); + this.logger.info( + `Starting Forward Proxy from ${forwardAddress} to ${proxyAddress} and Reverse Proxy from ${proxyAddress} to ${serverAddress}`, + ); + // Normal sockets defaults to `allowHalfOpen: false` + // But UTP defaults to `allowHalfOpen: true` + // Setting `allowHalfOpen: false` on UTP is buggy and cannot be used + const utpSocket = UTP.createServer( + { allowHalfOpen: true }, + this.handleConnectionReverse, + ); + const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); + await utpSocketListen(proxyPort, proxyHost); + proxyPort = utpSocket.address().port; + const serverListen = promisify(this.server.listen).bind(this.server); + await serverListen(forwardPort, forwardHost); + forwardPort = (this.server.address() as AddressInfo).port as Port; + this.forwardHost = forwardHost; + this.forwardPort = forwardPort; + this.serverHost = serverHost; + this.serverPort = serverPort; + this.proxyHost = proxyHost; + this.proxyPort = proxyPort; + this.utpSocket = utpSocket; + this.tlsConfig = tlsConfig; + forwardAddress = networkUtils.buildAddress(forwardHost, forwardPort); + proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + serverAddress = networkUtils.buildAddress(serverHost, serverPort); + this.logger.info( + `Started Forward Proxy from ${forwardAddress} to ${proxyAddress} and Reverse Proxy from ${proxyAddress} to ${serverAddress}`, + ); + } + + public async stop(): Promise { + this.logger.info('Stopping Proxy Server'); + // Ensure no new connections are created + this.server.removeAllListeners('connect'); + this.server.on('connect', async (_request, clientSocket) => { + const clientSocketEnd = promisify(clientSocket.end).bind(clientSocket); + await clientSocketEnd('HTTP/1.1 503 Service Unavailable\r\n' + '\r\n'); + clientSocket.destroy(); + }); + this.utpSocket.removeAllListeners('connection'); + this.utpSocket.on('connection', (utpConn: UTPConnection) => { + utpConn.end(); + utpConn.destroy(); + }); + const connStops: Array> = []; + for (const [_, conn] of this.connectionsForward.proxy) { + connStops.push(conn.stop()); + } + for (const [_, conn] of this.connectionsReverse.proxy) { + connStops.push(conn.stop()); + } + const serverClose = promisify(this.server.close).bind(this.server); + await serverClose(); + await Promise.all(connStops); + // Even when all connections are destroyed + // the utp socket sometimes hangs in closing + // here we asynchronously close and un-reference it + // in order to speed up the closing + this.utpSocket.close(); + this.utpSocket.unref(); + this.logger.info('Stopped Proxy Server'); + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getForwardHost(): Host { + return this.forwardHost; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getForwardPort(): Port { + return this.forwardPort; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getServerHost(): Host { + return this.serverHost; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getServerPort(): Port { + return this.serverPort; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getProxyHost(): Host { + return this.proxyHost; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getProxyPort(): Port { + return this.proxyPort; + } + + public getConnectionForwardCount(): number { + return this.connectionsForward.proxy.size; + } + + public getConnectionReverseCount(): number { + return this.connectionsReverse.proxy.size; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getConnectionInfoByClient( + clientHost: Host, + clientPort: Port, + ): ConnectionInfo | undefined { + const clientAddress = networkUtils.buildAddress(clientHost, clientPort); + const conn = this.connectionsForward.client.get(clientAddress); + if (conn == null) { + return; + } + const serverCertificates = conn.getServerCertificates(); + const serverNodeIds = conn.getServerNodeIds(); + return { + remoteNodeId: serverNodeIds[0], + remoteCertificates: serverCertificates, + localHost: this.proxyHost, + localPort: this.proxyPort, + remoteHost: conn.host, + remotePort: conn.port, + }; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getConnectionInfoByReverse( + reverseHost: Host, + reversePort: Port, + ): ConnectionInfo | undefined { + const proxyAddress = networkUtils.buildAddress(reverseHost, reversePort); + const conn = this.connectionsReverse.reverse.get(proxyAddress); + if (conn == null) { + return; + } + const clientCertificates = conn.getClientCertificates(); + const clientNodeIds = conn.getClientNodeIds(); + return { + remoteNodeId: clientNodeIds[0], + remoteCertificates: clientCertificates, + remoteHost: conn.host, + remotePort: conn.port, + localHost: this.proxyHost, + localPort: this.proxyPort, + }; + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public getConnectionInfoByProxy( + proxyHost: Host, + proxyPort: Port, + ): ConnectionInfo | undefined { + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + // Check for a forward connection + const forwardConn = this.connectionsForward.proxy.get(proxyAddress); + if (forwardConn != null) { + const certificates = forwardConn.getServerCertificates(); + const nodeIds = forwardConn.getServerNodeIds(); + return { + remoteNodeId: nodeIds[0], + remoteCertificates: certificates, + localHost: this.proxyHost, + localPort: this.proxyPort, + remoteHost: forwardConn.host, + remotePort: forwardConn.port, + }; + } + // Check for a reverse connection + const reverseConn = this.connectionsReverse.proxy.get(proxyAddress); + if (reverseConn != null) { + const certificates = reverseConn.getClientCertificates(); + const nodeIds = reverseConn.getClientNodeIds(); + return { + remoteNodeId: nodeIds[0], + remoteCertificates: certificates, + localHost: this.proxyHost, + localPort: this.proxyPort, + remoteHost: reverseConn.host, + remotePort: reverseConn.port, + }; + } + // Otherwise return nothing + } + + @ready(new networkErrors.ErrorProxyNotRunning()) + public setTLSConfig(tlsConfig: TLSConfig): void { + this.logger.info(`Updating ${this.constructor.name} TLS Config`); + this.tlsConfig = tlsConfig; + } + + // Forward connection specific methods + + /** + * Manually opens a connection with the ForwardProxy + * Usually you just use HTTP Connect requests to trigger handleConnect + * This will default to using `this.connConnectTime` if + * timer is not set or set to `undefined` + * It will only stop the timer if using the default timer + * Set timer to `null` explicitly to wait forever + */ + @ready(new networkErrors.ErrorProxyNotRunning(), true) + public async openConnectionForward( + nodeId: NodeId, + proxyHost: Host, + proxyPort: Port, + timer?: Timer, + ): Promise { + let timer_ = timer; + if (timer === undefined) { + timer_ = timerStart(this.connConnectTime); + } + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let lock = this.connectionLocksForward.get(proxyAddress); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksForward.set(proxyAddress, lock); + } + const release = await lock.acquire(); + try { + await this.establishConnectionForward( + nodeId, + proxyHost, + proxyPort, + timer_, + ); + } finally { + if (timer === undefined) { + timerStop(timer_!); + } + release(); + this.connectionLocksForward.delete(proxyAddress); + } + } + + @ready(new networkErrors.ErrorProxyNotRunning(), true) + public async closeConnectionForward( + proxyHost: Host, + proxyPort: Port, + ): Promise { + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let lock = this.connectionLocksForward.get(proxyAddress); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksForward.set(proxyAddress, lock); + } + const release = await lock.acquire(); + try { + const conn = this.connectionsForward.proxy.get(proxyAddress); + if (conn == null) { + return; + } + await conn.stop(); + } finally { + release(); + this.connectionLocksForward.delete(proxyAddress); + } + } + + /** + * HTTP Connect Proxy will proxy TCP to TLS + uTP + */ + protected handleConnectForward = async ( + request: http.IncomingMessage, + clientSocket: Socket, + ): Promise => { + const clientSocketEnd = promisify(clientSocket.end).bind(clientSocket); + const clientSocketWrite = promisify(clientSocket.write).bind(clientSocket); + let proxyAddress: string | null = null; + const handleConnectError = (e) => { + if (proxyAddress != null) { + this.logger.error( + `Failed CONNECT to ${proxyAddress} - ${e.toString()}`, + ); + } else { + this.logger.error(`Failed CONNECT - ${e.toString()}`); + } + clientSocket.destroy(); + }; + clientSocket.on('error', handleConnectError); + if (request.url === undefined) { + await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); + clientSocket.destroy(new networkErrors.ErrorProxyConnectInvalidUrl()); + return; + } + const url = new URL(`pk://${request.url}`); + const nodeIdEncodedForURL = url.searchParams.get('nodeId'); + const nodeId = + nodeIdEncodedForURL != null + ? nodesUtils.decodeNodeId(nodeIdEncodedForURL) + : undefined; + if (nodeId == null) { + await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); + clientSocket.destroy(new networkErrors.ErrorProxyConnectMissingNodeId()); + return; + } + const hostMatch = url.hostname.match(/\[(.+)\]|(.+)/)!; + if (hostMatch == null) { + await clientSocketEnd('HTTP/1.1 400 Bad Request\r\n' + '\r\n'); + clientSocket.destroy(new networkErrors.ErrorProxyConnectInvalidUrl()); + return; + } + const proxyHost = (hostMatch[1] ?? hostMatch[2]) as Host; + const proxyPort = (url.port === '' ? 80 : parseInt(url.port)) as Port; + proxyAddress = url.host; + this.logger.info(`Handling CONNECT to ${proxyAddress}`); + // Must be authenticated + if (!this.authenticated(request)) { + await clientSocketEnd( + 'HTTP/1.1 407 Proxy Authentication Required\r\n' + + 'Proxy-Authenticate: Basic\r\n' + + '\r\n', + ); + clientSocket.destroy(new networkErrors.ErrorProxyConnectAuth()); + return; + } + let lock = this.connectionLocksForward.get(proxyAddress as Address); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksForward.set(proxyAddress as Address, lock); + } + const release = await lock.acquire(); + try { + const timer = timerStart(this.connConnectTime); + try { + await this.connectForward( + nodeId, + proxyHost, + proxyPort, + clientSocket, + timer, + ); + } catch (e) { + if (e instanceof networkErrors.ErrorConnectionStartTimeout) { + if (!clientSocket.destroyed) { + await clientSocketEnd('HTTP/1.1 504 Gateway Timeout\r\n' + '\r\n'); + clientSocket.destroy(e); + } + return; + } + if (e instanceof networkErrors.ErrorConnectionStart) { + if (!clientSocket.destroyed) { + await clientSocketEnd('HTTP/1.1 502 Bad Gateway\r\n' + '\r\n'); + clientSocket.destroy(e); + } + return; + } + if (e instanceof networkErrors.ErrorCertChain) { + if (!clientSocket.destroyed) { + await clientSocketEnd( + 'HTTP/1.1 526 Invalid SSL Certificate\r\n' + '\r\n', + ); + clientSocket.destroy(e); + } + return; + } + if (e instanceof networkErrors.ErrorConnectionTimeout) { + if (!clientSocket.destroyed) { + await clientSocketEnd( + 'HTTP/1.1 524 A Timeout Occurred\r\n' + '\r\n', + ); + clientSocket.destroy(e); + } + return; + } + if (e instanceof networkErrors.ErrorConnection) { + if (!clientSocket.destroyed) { + await clientSocketEnd( + 'HTTP/1.1 500 Internal Server Error\r\n' + '\r\n', + ); + clientSocket.destroy(e); + } + return; + } + if (!clientSocket.destroyed) { + await clientSocketEnd( + 'HTTP/1.1 500 Internal Server Error\r\n' + '\r\n', + ); + clientSocket.destroy(e); + } + return; + } finally { + timerStop(timer); + } + // After composing, switch off this error handler + clientSocket.off('error', handleConnectError); + await clientSocketWrite( + 'HTTP/1.1 200 Connection Established\r\n' + '\r\n', + ); + this.logger.info(`Handled CONNECT to ${proxyAddress}`); + } finally { + release(); + this.connectionLocksForward.delete(proxyAddress as Address); + } + }; + + protected async connectForward( + nodeId: NodeId, + proxyHost: Host, + proxyPort: Port, + clientSocket: Socket, + timer?: Timer, + ): Promise { + const conn = await this.establishConnectionForward( + nodeId, + proxyHost, + proxyPort, + timer, + ); + conn.compose(clientSocket); + } + + protected async establishConnectionForward( + nodeId: NodeId, + proxyHost: Host, + proxyPort: Port, + timer?: Timer, + ): Promise { + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let conn: ConnectionForward | undefined; + conn = this.connectionsForward.proxy.get(proxyAddress); + // No more than one connection to an proxy address. + if (conn != null) { + return conn; + } + conn = new ConnectionForward({ + nodeId, + connections: this.connectionsForward, + utpSocket: this.utpSocket, + host: proxyHost, + port: proxyPort, + tlsConfig: this.tlsConfig, + keepAliveTimeoutTime: this.connKeepAliveTimeoutTime, + endTime: this.connEndTime, + punchIntervalTime: this.connPunchIntervalTime, + keepAliveIntervalTime: this.connKeepAliveIntervalTime, + logger: this.logger.getChild(`${ConnectionForward.name} ${proxyAddress}`), + }); + await conn.start({ timer }); + return conn; + } + + /** + * Given a request, authenticate its proxy-authorization token. + */ + protected authenticated(request: http.IncomingMessage): boolean { + const bearerAuthToken = networkUtils.toAuthToken(this.authToken); + return ( + request.headers['proxy-authorization'] !== undefined && + request.headers['proxy-authorization'] === bearerAuthToken + ); + } + + /** + * Regular HTTP requests are not allowed + */ + protected handleRequest = ( + _request: http.IncomingMessage, + response: http.ServerResponse, + ): void => { + response.writeHead(405); + response.end(); + }; + + // Reverse connection specific methods + + @ready(new networkErrors.ErrorProxyNotRunning(), true) + public async openConnectionReverse( + proxyHost: Host, + proxyPort: Port, + timer?: Timer, + ): Promise { + let timer_ = timer; + if (timer === undefined) { + timer_ = timerStart(this.connConnectTime); + } + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let lock = this.connectionLocksReverse.get(proxyAddress); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksReverse.set(proxyAddress, lock); + } + const release = await lock.acquire(); + try { + await this.establishConnectionReverse(proxyHost, proxyPort, timer_); + } finally { + if (timer === undefined) { + timerStop(timer_!); + } + release(); + this.connectionLocksReverse.delete(proxyAddress); + } + } + + @ready(new networkErrors.ErrorProxyNotRunning(), true) + public async closeConnectionReverse( + proxyHost: Host, + proxyPort: Port, + ): Promise { + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let lock = this.connectionLocksReverse.get(proxyAddress); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksReverse.set(proxyAddress, lock); + } + const release = await lock.acquire(); + try { + const conn = this.connectionsReverse.proxy.get(proxyAddress); + if (conn == null) { + return; + } + await conn.stop(); + } finally { + release(); + this.connectionLocksReverse.delete(proxyAddress); + } + } + + protected handleConnectionReverse = async ( + utpConn: UTPConnection, + ): Promise => { + const proxyAddress = networkUtils.buildAddress( + utpConn.remoteAddress, + utpConn.remotePort, + ); + let lock = this.connectionLocksReverse.get(proxyAddress); + if (lock == null) { + lock = new Mutex(); + this.connectionLocksReverse.set(proxyAddress, lock); + } + const release = await lock.acquire(); + try { + this.logger.info(`Handling connection from ${proxyAddress}`); + const timer = timerStart(this.connConnectTime); + try { + await this.connectReverse( + utpConn.remoteAddress, + utpConn.remotePort, + utpConn, + timer, + ); + } catch (e) { + if (!(e instanceof networkErrors.ErrorNetwork)) { + throw e; + } + if (!utpConn.destroyed) { + utpConn.destroy(); + } + this.logger.warn( + `Failed connection from ${proxyAddress} - ${e.toString()}`, + ); + } finally { + timerStop(timer); + } + this.logger.info(`Handled connection from ${proxyAddress}`); + } finally { + release(); + this.connectionLocksReverse.delete(proxyAddress); + } + }; + + protected async connectReverse( + proxyHost: Host, + proxyPort: Port, + utpConn: UTPConnection, + timer?: Timer, + ): Promise { + const conn = await this.establishConnectionReverse( + proxyHost, + proxyPort, + timer, + ); + await conn.compose(utpConn, timer); + } + + protected async establishConnectionReverse( + proxyHost: Host, + proxyPort: Port, + timer?: Timer, + ): Promise { + const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); + let conn = this.connectionsReverse.proxy.get(proxyAddress); + if (conn != null) { + return conn; + } + conn = new ConnectionReverse({ + serverHost: this.serverHost, + serverPort: this.serverPort, + connections: this.connectionsReverse, + utpSocket: this.utpSocket, + host: proxyHost, + port: proxyPort, + tlsConfig: this.tlsConfig, + keepAliveTimeoutTime: this.connKeepAliveTimeoutTime, + endTime: this.connEndTime, + punchIntervalTime: this.connPunchIntervalTime, + logger: this.logger.getChild(`${ConnectionReverse.name} ${proxyAddress}`), + }); + await conn.start({ timer }); + return conn; + } +} + +export default Proxy; diff --git a/src/network/ReverseProxy.ts b/src/network/ReverseProxy.ts deleted file mode 100644 index 204a903f1..000000000 --- a/src/network/ReverseProxy.ts +++ /dev/null @@ -1,334 +0,0 @@ -import type UTPConnection from 'utp-native/lib/connection'; -import type { Host, Port, Address, ConnectionInfo, TLSConfig } from './types'; -import type { ConnectionsReverse } from './ConnectionReverse'; -import type { Timer } from '../types'; -import UTP from 'utp-native'; -import { Mutex } from 'async-mutex'; -import Logger from '@matrixai/logger'; -import { StartStop, ready } from '@matrixai/async-init/dist/StartStop'; -import ConnectionReverse from './ConnectionReverse'; -import * as networkUtils from './utils'; -import * as networkErrors from './errors'; -import { promisify, timerStart, timerStop } from '../utils'; - -interface ReverseProxy extends StartStop {} -@StartStop() -class ReverseProxy { - public readonly connConnectTime: number; - public readonly connKeepAliveTimeoutTime: number; - public readonly connEndTime: number; - public readonly connPunchIntervalTime: number; - - protected logger: Logger; - protected ingressHost: Host; - protected ingressPort: Port; - protected serverHost: Host; - protected serverPort: Port; - protected utpSocket: UTP; - protected tlsConfig: TLSConfig; - protected connectionLocks: Map = new Map(); - protected connections: ConnectionsReverse = { - egress: new Map(), - proxy: new Map(), - }; - - constructor({ - connConnectTime = 20000, - connKeepAliveTimeoutTime = 20000, - connEndTime = 1000, - connPunchIntervalTime = 1000, - logger, - }: { - connConnectTime?: number; - connKeepAliveTimeoutTime?: number; - connEndTime?: number; - connPunchIntervalTime?: number; - logger?: Logger; - }) { - this.logger = logger ?? new Logger(ReverseProxy.name); - this.logger.info('Creating Reverse Proxy'); - this.connConnectTime = connConnectTime; - this.connKeepAliveTimeoutTime = connKeepAliveTimeoutTime; - this.connEndTime = connEndTime; - this.connPunchIntervalTime = connPunchIntervalTime; - this.logger.info('Created Reverse Proxy'); - } - - /** - * UTP only supports IPv4 - */ - public async start({ - serverHost, - serverPort, - ingressHost = '0.0.0.0' as Host, - ingressPort = 0 as Port, - tlsConfig, - }: { - serverHost: Host; - serverPort: Port; - ingressHost?: Host; - ingressPort?: Port; - tlsConfig: TLSConfig; - }): Promise { - let ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - let serverAddress = networkUtils.buildAddress(serverHost, serverPort); - this.logger.info( - `Starting Reverse Proxy from ${ingressAddress} to ${serverAddress}`, - ); - // Normal sockets defaults to `allowHalfOpen: false` - // But UTP defaults to `allowHalfOpen: true` - // Setting `allowHalfOpen: false` on UTP is buggy and cannot be used - const utpSocket = UTP.createServer( - { - allowHalfOpen: true, - }, - this.handleConnection, - ); - const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); - await utpSocketListen(ingressPort, ingressHost); - ingressPort = utpSocket.address().port; - this.serverHost = serverHost; - this.serverPort = serverPort; - this.ingressHost = ingressHost; - this.ingressPort = ingressPort; - this.utpSocket = utpSocket; - this.tlsConfig = tlsConfig; - ingressAddress = networkUtils.buildAddress(ingressHost, ingressPort); - serverAddress = networkUtils.buildAddress(serverHost, serverPort); - this.logger.info( - `Started Reverse Proxy from ${ingressAddress} to ${serverAddress}`, - ); - } - - public async stop(): Promise { - this.logger.info('Stopping Reverse Proxy'); - // Ensure no new connections are created - this.utpSocket.removeAllListeners('connection'); - this.utpSocket.on('connection', (utpConn: UTPConnection) => { - utpConn.end(); - utpConn.destroy(); - }); - const connStops: Array> = []; - for (const [_, conn] of this.connections.egress) { - connStops.push(conn.stop()); - } - await Promise.all(connStops); - // Even when all connections are destroyed - // the utp socket sometimes hangs in closing - // here we asynchronously close and unreference it - // in order to speed up the closing - this.utpSocket.close(); - this.utpSocket.unref(); - this.logger.info('Stopped Reverse Proxy'); - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getIngressHost(): Host { - return this.ingressHost; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getIngressPort(): Port { - return this.ingressPort; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getServerHost(): Host { - return this.serverHost; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getServerPort(): Port { - return this.serverPort; - } - - public getConnectionCount(): number { - return this.connections.egress.size; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getConnectionInfoByProxy( - proxyHost: Host, - proxyPort: Port, - ): ConnectionInfo | undefined { - const proxyAddress = networkUtils.buildAddress(proxyHost, proxyPort); - const conn = this.connections.proxy.get(proxyAddress); - if (conn == null) { - return; - } - const clientCertificates = conn.getClientCertificates(); - const clientNodeIds = conn.getClientNodeIds(); - return { - nodeId: clientNodeIds[0], - certificates: clientCertificates, - egressHost: conn.host, - egressPort: conn.port, - ingressHost: this.ingressHost, - ingressPort: this.ingressPort, - }; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public getConnectionInfoByEgress( - egressHost: Host, - egressPort: Port, - ): ConnectionInfo | undefined { - const egressAddress = networkUtils.buildAddress(egressHost, egressPort); - const conn = this.connections.egress.get(egressAddress); - if (conn == null) { - return; - } - const clientCertificates = conn.getClientCertificates(); - const clientNodeIds = conn.getClientNodeIds(); - return { - nodeId: clientNodeIds[0], - certificates: clientCertificates, - egressHost: conn.host, - egressPort: conn.port, - ingressHost: this.ingressHost, - ingressPort: this.ingressPort, - }; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning()) - public setTLSConfig(tlsConfig: TLSConfig): void { - this.logger.info(`Updating ${this.constructor.name} TLS Config`); - this.tlsConfig = tlsConfig; - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning(), true) - public async openConnection( - egressHost: Host, - egressPort: Port, - timer?: Timer, - ): Promise { - let timer_ = timer; - if (timer === undefined) { - timer_ = timerStart(this.connConnectTime); - } - const egressAddress = networkUtils.buildAddress(egressHost, egressPort); - let lock = this.connectionLocks.get(egressAddress); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(egressAddress, lock); - } - const release = await lock.acquire(); - try { - await this.establishConnection(egressHost, egressPort, timer_); - } finally { - if (timer === undefined) { - timerStop(timer_!); - } - release(); - this.connectionLocks.delete(egressAddress); - } - } - - @ready(new networkErrors.ErrorReverseProxyNotRunning(), true) - public async closeConnection( - egressHost: Host, - egressPort: Port, - ): Promise { - const egressAddress = networkUtils.buildAddress(egressHost, egressPort); - let lock = this.connectionLocks.get(egressAddress); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(egressAddress, lock); - } - const release = await lock.acquire(); - try { - const conn = this.connections.egress.get(egressAddress); - if (conn == null) { - return; - } - await conn.stop(); - } finally { - release(); - this.connectionLocks.delete(egressAddress); - } - } - - protected handleConnection = async ( - utpConn: UTPConnection, - ): Promise => { - const egressAddress = networkUtils.buildAddress( - utpConn.remoteAddress, - utpConn.remotePort, - ); - let lock = this.connectionLocks.get(egressAddress); - if (lock == null) { - lock = new Mutex(); - this.connectionLocks.set(egressAddress, lock); - } - const release = await lock.acquire(); - try { - this.logger.info(`Handling connection from ${egressAddress}`); - const timer = timerStart(this.connConnectTime); - try { - await this.connect( - utpConn.remoteAddress, - utpConn.remotePort, - utpConn, - timer, - ); - } catch (e) { - if (!(e instanceof networkErrors.ErrorNetwork)) { - throw e; - } - if (!utpConn.destroyed) { - utpConn.destroy(); - } - this.logger.warn( - `Failed connection from ${egressAddress} - ${e.toString()}`, - ); - } finally { - timerStop(timer); - } - this.logger.info(`Handled connection from ${egressAddress}`); - } finally { - release(); - this.connectionLocks.delete(egressAddress); - } - }; - - protected async connect( - egressHost: Host, - egressPort: Port, - utpConn: UTPConnection, - timer?: Timer, - ): Promise { - const conn = await this.establishConnection(egressHost, egressPort, timer); - await conn.compose(utpConn, timer); - } - - protected async establishConnection( - egressHost: Host, - egressPort: Port, - timer?: Timer, - ): Promise { - const egressAddress = networkUtils.buildAddress(egressHost, egressPort); - let conn = this.connections.egress.get(egressAddress); - if (conn != null) { - return conn; - } - conn = new ConnectionReverse({ - serverHost: this.serverHost, - serverPort: this.serverPort, - connections: this.connections, - utpSocket: this.utpSocket, - host: egressHost, - port: egressPort, - tlsConfig: this.tlsConfig, - keepAliveTimeoutTime: this.connKeepAliveTimeoutTime, - endTime: this.connEndTime, - punchIntervalTime: this.connPunchIntervalTime, - logger: this.logger.getChild( - `${ConnectionReverse.name} ${egressAddress}`, - ), - }); - await conn.start({ timer }); - return conn; - } -} - -export default ReverseProxy; diff --git a/src/network/errors.ts b/src/network/errors.ts index 868b482d0..234f90a22 100644 --- a/src/network/errors.ts +++ b/src/network/errors.ts @@ -2,35 +2,28 @@ import { ErrorPolykey, sysexits } from '../errors'; class ErrorNetwork extends ErrorPolykey {} -class ErrorForwardProxy extends ErrorNetwork {} +class ErrorProxy extends ErrorNetwork {} -class ErrorForwardProxyNotRunning extends ErrorForwardProxy { - description = 'ForwardProxy is not running'; +class ErrorProxyNotRunning extends ErrorProxy { + description = 'Proxy is not running'; exitCode = sysexits.USAGE; } -class ErrorForwardProxyInvalidUrl extends ErrorForwardProxy { +class ErrorProxyConnectInvalidUrl extends ErrorProxy { description = 'Invalid target host used for HTTP connect proxy'; exitCode = sysexits.PROTOCOL; } -class ErrorForwardProxyMissingNodeId extends ErrorForwardProxy { +class ErrorProxyConnectMissingNodeId extends ErrorProxy { description = 'Node ID query parameter is required for HTTP connect proxy'; exitCode = sysexits.PROTOCOL; } -class ErrorForwardProxyAuth extends ErrorForwardProxy { +class ErrorProxyConnectAuth extends ErrorProxy { description = 'Incorrect HTTP connect proxy password'; exitCode = sysexits.NOPERM; } -class ErrorReverseProxy extends ErrorNetwork {} - -class ErrorReverseProxyNotRunning extends ErrorReverseProxy { - description = 'ReverseProxy is not running'; - exitCode = sysexits.USAGE; -} - class ErrorConnection extends ErrorNetwork {} class ErrorConnectionNotRunning extends ErrorConnection { @@ -133,13 +126,11 @@ class ErrorHostnameResolutionFailed extends ErrorNetwork {} export { ErrorNetwork, - ErrorForwardProxy, - ErrorForwardProxyNotRunning, - ErrorForwardProxyInvalidUrl, - ErrorForwardProxyMissingNodeId, - ErrorForwardProxyAuth, - ErrorReverseProxy, - ErrorReverseProxyNotRunning, + ErrorProxy, + ErrorProxyNotRunning, + ErrorProxyConnectInvalidUrl, + ErrorProxyConnectMissingNodeId, + ErrorProxyConnectAuth, ErrorConnection, ErrorConnectionNotRunning, ErrorConnectionComposed, diff --git a/src/network/index.ts b/src/network/index.ts index 182581151..d4c3c66d9 100644 --- a/src/network/index.ts +++ b/src/network/index.ts @@ -1,8 +1,7 @@ export { default as Connection } from './Connection'; export { default as ConnectionForward } from './ConnectionForward'; export { default as ConnectionReverse } from './ConnectionReverse'; -export { default as ForwardProxy } from './ForwardProxy'; -export { default as ReverseProxy } from './ReverseProxy'; +export { default as Proxy } from './Proxy'; export * as utils from './utils'; export * as types from './types'; export * as errors from './errors'; diff --git a/src/network/types.ts b/src/network/types.ts index ec29a005f..40d672a85 100644 --- a/src/network/types.ts +++ b/src/network/types.ts @@ -37,13 +37,22 @@ type ProxyConfig = { authToken: string; }; +/** + * Proxy connection information + * @property remoteNodeId - NodeId of the remote connecting node + * @property remoteCertificates - Certificate chain of the remote connecting node + * @property localHost - Proxy host of the local connecting node + * @property localPort - Proxy port of the local connecting node + * @property remoteHost - Proxy host of the remote connecting node + * @property remotePort - Proxy port of the remote connecting node + */ type ConnectionInfo = { - nodeId: NodeId; - certificates: Array; - egressHost: Host; - egressPort: Port; - ingressHost: Host; - ingressPort: Port; + remoteNodeId: NodeId; + remoteCertificates: Array; + localHost: Host; + localPort: Port; + remoteHost: Host; + remotePort: Port; }; type PingMessage = { diff --git a/src/nodes/NodeConnection.ts b/src/nodes/NodeConnection.ts index 1e4482cdb..2a0816cac 100644 --- a/src/nodes/NodeConnection.ts +++ b/src/nodes/NodeConnection.ts @@ -2,7 +2,7 @@ import type { NodeId } from './types'; import type { Host, Hostname, Port } from '../network/types'; import type KeyManager from '../keys/KeyManager'; import type { Certificate, PublicKey, PublicKeyPem } from '../keys/types'; -import type ForwardProxy from '../network/ForwardProxy'; +import type Proxy from '../network/Proxy'; import type GRPCClient from '../grpc/GRPCClient'; import type NodeConnectionManager from './NodeConnectionManager'; import Logger from '@matrixai/logger'; @@ -30,7 +30,7 @@ class NodeConnection { protected logger: Logger; protected destroyCallback: () => Promise; - protected fwdProxy: ForwardProxy; + protected proxy: Proxy; protected client: T; static async createNodeConnection({ @@ -39,7 +39,7 @@ class NodeConnection { targetPort, targetHostname, connConnectTime = 20000, - fwdProxy, + proxy, keyManager, clientFactory, nodeConnectionManager, @@ -51,7 +51,7 @@ class NodeConnection { targetPort: Port; targetHostname?: Hostname; connConnectTime?: number; - fwdProxy: ForwardProxy; + proxy: Proxy; keyManager: KeyManager; clientFactory: (...args) => Promise; nodeConnectionManager: NodeConnectionManager; @@ -60,29 +60,29 @@ class NodeConnection { }): Promise> { logger.info(`Creating ${this.name}`); const proxyConfig = { - host: fwdProxy.getProxyHost(), - port: fwdProxy.getProxyPort(), - authToken: fwdProxy.authToken, + host: proxy.getForwardHost(), + port: proxy.getForwardPort(), + authToken: proxy.authToken, }; - // 1. Get the egress port of the fwdProxy (used for hole punching) - const egressAddress = networkUtils.buildAddress( - fwdProxy.getEgressHost(), - fwdProxy.getEgressPort(), + // 1. Get the proxy port of the fwdProxy (used for hole punching) + const proxyAddress = networkUtils.buildAddress( + proxy.getProxyHost(), + proxy.getProxyPort(), ); const signature = await keyManager.signWithRootKeyPair( - Buffer.from(egressAddress), + Buffer.from(proxyAddress), ); // 2. Ask fwdProxy for connection to target (the revProxy of other node) // 2. Start sending hole-punching packets to the target (via the client start - // this establishes a HTTP CONNECT request with the forward proxy) - // 3. Relay the egress port to the broker/s (such that they can inform the other node) + // 3. Relay the proxy port to the broker/s (such that they can inform the other node) // 4. Start sending hole-punching packets to other node (done in openConnection()) // Done in parallel const nodeConnection = new NodeConnection({ host: targetHost, port: targetPort, hostname: targetHostname, - fwdProxy: fwdProxy, + proxy: proxy, destroyCallback, logger, }); @@ -100,7 +100,7 @@ class NodeConnection { nodeId, keyManager.getNodeId(), targetNodeId, - egressAddress, + proxyAddress, signature, ); }); @@ -146,14 +146,14 @@ class NodeConnection { host, port, hostname, - fwdProxy, + proxy, destroyCallback, logger, }: { host: Host; port: Port; hostname?: Hostname; - fwdProxy: ForwardProxy; + proxy: Proxy; destroyCallback: () => Promise; logger: Logger; }) { @@ -161,7 +161,7 @@ class NodeConnection { this.host = host; this.port = port; this.hostname = hostname; - this.fwdProxy = fwdProxy; + this.proxy = proxy; this.destroyCallback = destroyCallback; } @@ -192,14 +192,11 @@ class NodeConnection { */ @ready(new nodesErrors.ErrorNodeConnectionDestroyed()) public getRootCertChain(): Array { - const connInfo = this.fwdProxy.getConnectionInfoByIngress( - this.host, - this.port, - ); + const connInfo = this.proxy.getConnectionInfoByProxy(this.host, this.port); if (connInfo == null) { throw new nodesErrors.ErrorNodeConnectionInfoNotExist(); } - return connInfo.certificates; + return connInfo.remoteCertificates; } /** diff --git a/src/nodes/NodeConnectionManager.ts b/src/nodes/NodeConnectionManager.ts index dadb96b40..567a09930 100644 --- a/src/nodes/NodeConnectionManager.ts +++ b/src/nodes/NodeConnectionManager.ts @@ -1,6 +1,5 @@ import type KeyManager from '../keys/KeyManager'; -import type ReverseProxy from '../network/ReverseProxy'; -import type ForwardProxy from '../network/ForwardProxy'; +import type Proxy from '../network/Proxy'; import type { Host, Hostname, Port } from '../network/types'; import type { ResourceAcquire } from '../utils'; import type { Timer } from '../types'; @@ -54,8 +53,7 @@ class NodeConnectionManager { protected logger: Logger; protected nodeGraph: NodeGraph; protected keyManager: KeyManager; - protected fwdProxy: ForwardProxy; - protected revProxy: ReverseProxy; + protected proxy: Proxy; protected seedNodes: SeedNodes; /** * Data structure to store all NodeConnections. If a connection to a node n does @@ -72,8 +70,7 @@ class NodeConnectionManager { public constructor({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes = {}, initialClosestNodes = 3, connConnectTime = 20000, @@ -82,8 +79,7 @@ class NodeConnectionManager { }: { nodeGraph: NodeGraph; keyManager: KeyManager; - fwdProxy: ForwardProxy; - revProxy: ReverseProxy; + proxy: Proxy; seedNodes?: SeedNodes; initialClosestNodes?: number; connConnectTime?: number; @@ -93,8 +89,7 @@ class NodeConnectionManager { this.logger = logger ?? new Logger(NodeConnectionManager.name); this.keyManager = keyManager; this.nodeGraph = nodeGraph; - this.fwdProxy = fwdProxy; - this.revProxy = revProxy; + this.proxy = proxy; this.seedNodes = seedNodes; this.initialClosestNodes = initialClosestNodes; this.connConnectTime = connConnectTime; @@ -318,7 +313,7 @@ class NodeConnectionManager { targetHost: targetHost, targetHostname: targetHostname, targetPort: targetAddress.port, - fwdProxy: this.fwdProxy, + proxy: this.proxy, keyManager: this.keyManager, nodeConnectionManager: this, destroyCallback, @@ -371,17 +366,17 @@ class NodeConnectionManager { * A connection is established if the client node's forward proxy is sending * hole punching packets at the same time as this node (acting as the server) * sends hole-punching packets back to the client's forward proxy. - * @param egressHost host of the client's forward proxy - * @param egressPort port of the client's forward proxy + * @param proxyHost host of the client's forward proxy + * @param proxyPort port of the client's forward proxy * @param timer Connection timeout timer */ @ready(new nodesErrors.ErrorNodeConnectionManagerNotRunning()) public async holePunchReverse( - egressHost: Host, - egressPort: Port, + proxyHost: Host, + proxyPort: Port, timer?: Timer, ): Promise { - await this.revProxy.openConnection(egressHost, egressPort, timer); + await this.proxy.openConnectionReverse(proxyHost, proxyPort, timer); } /** @@ -394,17 +389,17 @@ class NodeConnectionManager { * This is not needed to be called when doing hole punching since the * ForwardProxy automatically starts the process. * @param nodeId Node Id of the node we are connecting to - * @param ingressHost Ingress host of the reverse proxy - * @param ingressPort Ingress port of the reverse proxy + * @param proxyHost Proxy host of the reverse proxy + * @param proxyPort Proxy port of the reverse proxy * @param timer Connection timeout timer */ public async holePunchForward( nodeId: NodeId, - ingressHost: Host, - ingressPort: Port, + proxyHost: Host, + proxyPort: Port, timer?: Timer, ): Promise { - await this.fwdProxy.openConnection(nodeId, ingressHost, ingressPort, timer); + await this.proxy.openConnectionForward(nodeId, proxyHost, proxyPort, timer); } /** @@ -648,22 +643,22 @@ class NodeConnectionManager { * @param relayNodeId node ID of the relay node (i.e. the seed node) * @param sourceNodeId node ID of the current node (i.e. the sender) * @param targetNodeId node ID of the target node to hole punch - * @param egressAddress stringified address of `egressHost:egressPort` + * @param proxyAddress stringified address of `proxyHost:proxyPort` * @param signature signature to verify source node is sender (signature based - * on egressAddress as message) + * on proxyAddress as message) */ @ready(new nodesErrors.ErrorNodeConnectionManagerNotRunning()) public async sendHolePunchMessage( relayNodeId: NodeId, sourceNodeId: NodeId, targetNodeId: NodeId, - egressAddress: string, + proxyAddress: string, signature: Buffer, ): Promise { const relayMsg = new nodesPB.Relay(); relayMsg.setSrcId(nodesUtils.encodeNodeId(sourceNodeId)); relayMsg.setTargetId(nodesUtils.encodeNodeId(targetNodeId)); - relayMsg.setEgressAddress(egressAddress); + relayMsg.setProxyAddress(proxyAddress); relayMsg.setSignature(signature.toString()); await this.withConnF(relayNodeId, async (connection) => { const client = connection.getClient(); @@ -685,7 +680,7 @@ class NodeConnectionManager { validationUtils.parseNodeId(message.getTargetId()), validationUtils.parseNodeId(message.getSrcId()), validationUtils.parseNodeId(message.getTargetId()), - message.getEgressAddress(), + message.getProxyAddress(), Buffer.from(message.getSignature()), ); } diff --git a/src/proto/js/polykey/v1/agent/agent_pb.d.ts b/src/proto/js/polykey/v1/agent/agent_pb.d.ts index 0f71b7012..fd75dab4b 100644 --- a/src/proto/js/polykey/v1/agent/agent_pb.d.ts +++ b/src/proto/js/polykey/v1/agent/agent_pb.d.ts @@ -15,22 +15,18 @@ export class InfoMessage extends jspb.Message { setClientHost(value: string): InfoMessage; getClientPort(): number; setClientPort(value: number): InfoMessage; - getIngressHost(): string; - setIngressHost(value: string): InfoMessage; - getIngressPort(): number; - setIngressPort(value: number): InfoMessage; - getEgressHost(): string; - setEgressHost(value: string): InfoMessage; - getEgressPort(): number; - setEgressPort(value: number): InfoMessage; - getAgentHost(): string; - setAgentHost(value: string): InfoMessage; - getAgentPort(): number; - setAgentPort(value: number): InfoMessage; getProxyHost(): string; setProxyHost(value: string): InfoMessage; getProxyPort(): number; setProxyPort(value: number): InfoMessage; + getAgentHost(): string; + setAgentHost(value: string): InfoMessage; + getAgentPort(): number; + setAgentPort(value: number): InfoMessage; + getForwardHost(): string; + setForwardHost(value: string): InfoMessage; + getForwardPort(): number; + setForwardPort(value: number): InfoMessage; getRootPublicKeyPem(): string; setRootPublicKeyPem(value: string): InfoMessage; getRootCertPem(): string; @@ -54,14 +50,12 @@ export namespace InfoMessage { nodeId: string, clientHost: string, clientPort: number, - ingressHost: string, - ingressPort: number, - egressHost: string, - egressPort: number, - agentHost: string, - agentPort: number, proxyHost: string, proxyPort: number, + agentHost: string, + agentPort: number, + forwardHost: string, + forwardPort: number, rootPublicKeyPem: string, rootCertPem: string, rootCertChainPem: string, diff --git a/src/proto/js/polykey/v1/agent/agent_pb.js b/src/proto/js/polykey/v1/agent/agent_pb.js index 2421558f8..bf04d814b 100644 --- a/src/proto/js/polykey/v1/agent/agent_pb.js +++ b/src/proto/js/polykey/v1/agent/agent_pb.js @@ -72,14 +72,12 @@ proto.polykey.v1.agent.InfoMessage.toObject = function(includeInstance, msg) { nodeId: jspb.Message.getFieldWithDefault(msg, 2, ""), clientHost: jspb.Message.getFieldWithDefault(msg, 3, ""), clientPort: jspb.Message.getFieldWithDefault(msg, 4, 0), - ingressHost: jspb.Message.getFieldWithDefault(msg, 5, ""), - ingressPort: jspb.Message.getFieldWithDefault(msg, 6, 0), - egressHost: jspb.Message.getFieldWithDefault(msg, 7, ""), - egressPort: jspb.Message.getFieldWithDefault(msg, 8, 0), + proxyHost: jspb.Message.getFieldWithDefault(msg, 5, ""), + proxyPort: jspb.Message.getFieldWithDefault(msg, 6, 0), agentHost: jspb.Message.getFieldWithDefault(msg, 9, ""), agentPort: jspb.Message.getFieldWithDefault(msg, 10, 0), - proxyHost: jspb.Message.getFieldWithDefault(msg, 11, ""), - proxyPort: jspb.Message.getFieldWithDefault(msg, 12, 0), + forwardHost: jspb.Message.getFieldWithDefault(msg, 11, ""), + forwardPort: jspb.Message.getFieldWithDefault(msg, 12, 0), rootPublicKeyPem: jspb.Message.getFieldWithDefault(msg, 13, ""), rootCertPem: jspb.Message.getFieldWithDefault(msg, 14, ""), rootCertChainPem: jspb.Message.getFieldWithDefault(msg, 15, "") @@ -137,19 +135,11 @@ proto.polykey.v1.agent.InfoMessage.deserializeBinaryFromReader = function(msg, r break; case 5: var value = /** @type {string} */ (reader.readString()); - msg.setIngressHost(value); + msg.setProxyHost(value); break; case 6: var value = /** @type {number} */ (reader.readUint32()); - msg.setIngressPort(value); - break; - case 7: - var value = /** @type {string} */ (reader.readString()); - msg.setEgressHost(value); - break; - case 8: - var value = /** @type {number} */ (reader.readUint32()); - msg.setEgressPort(value); + msg.setProxyPort(value); break; case 9: var value = /** @type {string} */ (reader.readString()); @@ -161,11 +151,11 @@ proto.polykey.v1.agent.InfoMessage.deserializeBinaryFromReader = function(msg, r break; case 11: var value = /** @type {string} */ (reader.readString()); - msg.setProxyHost(value); + msg.setForwardHost(value); break; case 12: var value = /** @type {number} */ (reader.readUint32()); - msg.setProxyPort(value); + msg.setForwardPort(value); break; case 13: var value = /** @type {string} */ (reader.readString()); @@ -236,34 +226,20 @@ proto.polykey.v1.agent.InfoMessage.serializeBinaryToWriter = function(message, w f ); } - f = message.getIngressHost(); + f = message.getProxyHost(); if (f.length > 0) { writer.writeString( 5, f ); } - f = message.getIngressPort(); + f = message.getProxyPort(); if (f !== 0) { writer.writeUint32( 6, f ); } - f = message.getEgressHost(); - if (f.length > 0) { - writer.writeString( - 7, - f - ); - } - f = message.getEgressPort(); - if (f !== 0) { - writer.writeUint32( - 8, - f - ); - } f = message.getAgentHost(); if (f.length > 0) { writer.writeString( @@ -278,14 +254,14 @@ proto.polykey.v1.agent.InfoMessage.serializeBinaryToWriter = function(message, w f ); } - f = message.getProxyHost(); + f = message.getForwardHost(); if (f.length > 0) { writer.writeString( 11, f ); } - f = message.getProxyPort(); + f = message.getForwardPort(); if (f !== 0) { writer.writeUint32( 12, @@ -389,10 +365,10 @@ proto.polykey.v1.agent.InfoMessage.prototype.setClientPort = function(value) { /** - * optional string ingress_host = 5; + * optional string proxy_host = 5; * @return {string} */ -proto.polykey.v1.agent.InfoMessage.prototype.getIngressHost = function() { +proto.polykey.v1.agent.InfoMessage.prototype.getProxyHost = function() { return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 5, "")); }; @@ -401,16 +377,16 @@ proto.polykey.v1.agent.InfoMessage.prototype.getIngressHost = function() { * @param {string} value * @return {!proto.polykey.v1.agent.InfoMessage} returns this */ -proto.polykey.v1.agent.InfoMessage.prototype.setIngressHost = function(value) { +proto.polykey.v1.agent.InfoMessage.prototype.setProxyHost = function(value) { return jspb.Message.setProto3StringField(this, 5, value); }; /** - * optional uint32 ingress_port = 6; + * optional uint32 proxy_port = 6; * @return {number} */ -proto.polykey.v1.agent.InfoMessage.prototype.getIngressPort = function() { +proto.polykey.v1.agent.InfoMessage.prototype.getProxyPort = function() { return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 6, 0)); }; @@ -419,47 +395,11 @@ proto.polykey.v1.agent.InfoMessage.prototype.getIngressPort = function() { * @param {number} value * @return {!proto.polykey.v1.agent.InfoMessage} returns this */ -proto.polykey.v1.agent.InfoMessage.prototype.setIngressPort = function(value) { +proto.polykey.v1.agent.InfoMessage.prototype.setProxyPort = function(value) { return jspb.Message.setProto3IntField(this, 6, value); }; -/** - * optional string egress_host = 7; - * @return {string} - */ -proto.polykey.v1.agent.InfoMessage.prototype.getEgressHost = function() { - return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 7, "")); -}; - - -/** - * @param {string} value - * @return {!proto.polykey.v1.agent.InfoMessage} returns this - */ -proto.polykey.v1.agent.InfoMessage.prototype.setEgressHost = function(value) { - return jspb.Message.setProto3StringField(this, 7, value); -}; - - -/** - * optional uint32 egress_port = 8; - * @return {number} - */ -proto.polykey.v1.agent.InfoMessage.prototype.getEgressPort = function() { - return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 8, 0)); -}; - - -/** - * @param {number} value - * @return {!proto.polykey.v1.agent.InfoMessage} returns this - */ -proto.polykey.v1.agent.InfoMessage.prototype.setEgressPort = function(value) { - return jspb.Message.setProto3IntField(this, 8, value); -}; - - /** * optional string agent_host = 9; * @return {string} @@ -497,10 +437,10 @@ proto.polykey.v1.agent.InfoMessage.prototype.setAgentPort = function(value) { /** - * optional string proxy_host = 11; + * optional string forward_host = 11; * @return {string} */ -proto.polykey.v1.agent.InfoMessage.prototype.getProxyHost = function() { +proto.polykey.v1.agent.InfoMessage.prototype.getForwardHost = function() { return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 11, "")); }; @@ -509,16 +449,16 @@ proto.polykey.v1.agent.InfoMessage.prototype.getProxyHost = function() { * @param {string} value * @return {!proto.polykey.v1.agent.InfoMessage} returns this */ -proto.polykey.v1.agent.InfoMessage.prototype.setProxyHost = function(value) { +proto.polykey.v1.agent.InfoMessage.prototype.setForwardHost = function(value) { return jspb.Message.setProto3StringField(this, 11, value); }; /** - * optional uint32 proxy_port = 12; + * optional uint32 forward_port = 12; * @return {number} */ -proto.polykey.v1.agent.InfoMessage.prototype.getProxyPort = function() { +proto.polykey.v1.agent.InfoMessage.prototype.getForwardPort = function() { return /** @type {number} */ (jspb.Message.getFieldWithDefault(this, 12, 0)); }; @@ -527,7 +467,7 @@ proto.polykey.v1.agent.InfoMessage.prototype.getProxyPort = function() { * @param {number} value * @return {!proto.polykey.v1.agent.InfoMessage} returns this */ -proto.polykey.v1.agent.InfoMessage.prototype.setProxyPort = function(value) { +proto.polykey.v1.agent.InfoMessage.prototype.setForwardPort = function(value) { return jspb.Message.setProto3IntField(this, 12, value); }; diff --git a/src/proto/js/polykey/v1/client_service_grpc_pb.d.ts b/src/proto/js/polykey/v1/client_service_grpc_pb.d.ts index 42258e4bc..023631a45 100644 --- a/src/proto/js/polykey/v1/client_service_grpc_pb.d.ts +++ b/src/proto/js/polykey/v1/client_service_grpc_pb.d.ts @@ -52,12 +52,12 @@ interface IClientServiceService extends grpc.ServiceDefinition; responseDeserialize: grpc.deserialize; } +interface IClientServiceService_IVaultsPermissionGet extends grpc.MethodDefinition { + path: "/polykey.v1.ClientService/VaultsPermissionGet"; + requestStream: false; + responseStream: true; + requestSerialize: grpc.serialize; + requestDeserialize: grpc.deserialize; + responseSerialize: grpc.serialize; + responseDeserialize: grpc.deserialize; +} +interface IClientServiceService_IVaultsPermissionSet extends grpc.MethodDefinition { + path: "/polykey.v1.ClientService/VaultsPermissionSet"; + requestStream: false; + responseStream: false; + requestSerialize: grpc.serialize; + requestDeserialize: grpc.deserialize; + responseSerialize: grpc.serialize; + responseDeserialize: grpc.deserialize; +} +interface IClientServiceService_IVaultsPermissionUnset extends grpc.MethodDefinition { + path: "/polykey.v1.ClientService/VaultsPermissionUnset"; + requestStream: false; + responseStream: false; + requestSerialize: grpc.serialize; + requestDeserialize: grpc.deserialize; + responseSerialize: grpc.serialize; + responseDeserialize: grpc.deserialize; +} interface IClientServiceService_IVaultsVersion extends grpc.MethodDefinition { path: "/polykey.v1.ClientService/VaultsVersion"; requestStream: false; @@ -409,33 +436,6 @@ interface IClientServiceService_IVaultsScan extends grpc.MethodDefinition; responseDeserialize: grpc.deserialize; } -interface IClientServiceService_IVaultsPermissionSet extends grpc.MethodDefinition { - path: "/polykey.v1.ClientService/VaultsPermissionSet"; - requestStream: false; - responseStream: false; - requestSerialize: grpc.serialize; - requestDeserialize: grpc.deserialize; - responseSerialize: grpc.serialize; - responseDeserialize: grpc.deserialize; -} -interface IClientServiceService_IVaultsPermissionUnset extends grpc.MethodDefinition { - path: "/polykey.v1.ClientService/VaultsPermissionUnset"; - requestStream: false; - responseStream: false; - requestSerialize: grpc.serialize; - requestDeserialize: grpc.deserialize; - responseSerialize: grpc.serialize; - responseDeserialize: grpc.deserialize; -} -interface IClientServiceService_IVaultsPermissionGet extends grpc.MethodDefinition { - path: "/polykey.v1.ClientService/VaultsPermissionGet"; - requestStream: false; - responseStream: true; - requestSerialize: grpc.serialize; - requestDeserialize: grpc.deserialize; - responseSerialize: grpc.serialize; - responseDeserialize: grpc.deserialize; -} interface IClientServiceService_IIdentitiesAuthenticate extends grpc.MethodDefinition { path: "/polykey.v1.ClientService/IdentitiesAuthenticate"; requestStream: false; @@ -698,12 +698,12 @@ export interface IClientServiceServer extends grpc.UntypedServiceImplementation vaultsSecretsNew: grpc.handleUnaryCall; vaultsSecretsNewDir: grpc.handleUnaryCall; vaultsSecretsStat: grpc.handleUnaryCall; + vaultsPermissionGet: grpc.handleServerStreamingCall; + vaultsPermissionSet: grpc.handleUnaryCall; + vaultsPermissionUnset: grpc.handleUnaryCall; vaultsVersion: grpc.handleUnaryCall; vaultsLog: grpc.handleServerStreamingCall; vaultsScan: grpc.handleServerStreamingCall; - vaultsPermissionSet: grpc.handleUnaryCall; - vaultsPermissionUnset: grpc.handleUnaryCall; - vaultsPermissionGet: grpc.handleServerStreamingCall; identitiesAuthenticate: grpc.handleServerStreamingCall; identitiesAuthenticatedGet: grpc.handleServerStreamingCall; identitiesTokenPut: grpc.handleUnaryCall; @@ -828,6 +828,14 @@ export interface IClientServiceClient { vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; + vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, options?: Partial): grpc.ClientReadableStream; + vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; + vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; @@ -835,14 +843,6 @@ export interface IClientServiceClient { vaultsLog(request: polykey_v1_vaults_vaults_pb.Log, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, options?: Partial): grpc.ClientReadableStream; vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; - vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, options?: Partial): grpc.ClientReadableStream; - vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; identitiesAuthenticate(request: polykey_v1_identities_identities_pb.Provider, options?: Partial): grpc.ClientReadableStream; identitiesAuthenticate(request: polykey_v1_identities_identities_pb.Provider, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; identitiesAuthenticatedGet(request: polykey_v1_identities_identities_pb.OptionalProvider, options?: Partial): grpc.ClientReadableStream; @@ -1013,6 +1013,14 @@ export class ClientServiceClient extends grpc.Client implements IClientServiceCl public vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; public vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; public vaultsSecretsStat(request: polykey_v1_secrets_secrets_pb.Secret, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_secrets_secrets_pb.Stat) => void): grpc.ClientUnaryCall; + public vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, options?: Partial): grpc.ClientReadableStream; + public vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; + public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; + public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; public vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; public vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; public vaultsVersion(request: polykey_v1_vaults_vaults_pb.Version, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_vaults_vaults_pb.VersionResult) => void): grpc.ClientUnaryCall; @@ -1020,14 +1028,6 @@ export class ClientServiceClient extends grpc.Client implements IClientServiceCl public vaultsLog(request: polykey_v1_vaults_vaults_pb.Log, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; public vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, options?: Partial): grpc.ClientReadableStream; public vaultsScan(request: polykey_v1_nodes_nodes_pb.Node, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; - public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionSet(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionUnset(request: polykey_v1_vaults_vaults_pb.Permissions, metadata: grpc.Metadata, options: Partial, callback: (error: grpc.ServiceError | null, response: polykey_v1_utils_utils_pb.StatusMessage) => void): grpc.ClientUnaryCall; - public vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, options?: Partial): grpc.ClientReadableStream; - public vaultsPermissionGet(request: polykey_v1_vaults_vaults_pb.Vault, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; public identitiesAuthenticate(request: polykey_v1_identities_identities_pb.Provider, options?: Partial): grpc.ClientReadableStream; public identitiesAuthenticate(request: polykey_v1_identities_identities_pb.Provider, metadata?: grpc.Metadata, options?: Partial): grpc.ClientReadableStream; public identitiesAuthenticatedGet(request: polykey_v1_identities_identities_pb.OptionalProvider, options?: Partial): grpc.ClientReadableStream; diff --git a/src/proto/js/polykey/v1/client_service_grpc_pb.js b/src/proto/js/polykey/v1/client_service_grpc_pb.js index 6b6e4bf1b..ede2e9470 100644 --- a/src/proto/js/polykey/v1/client_service_grpc_pb.js +++ b/src/proto/js/polykey/v1/client_service_grpc_pb.js @@ -834,6 +834,39 @@ vaultsList: { responseSerialize: serialize_polykey_v1_secrets_Stat, responseDeserialize: deserialize_polykey_v1_secrets_Stat, }, + vaultsPermissionGet: { + path: '/polykey.v1.ClientService/VaultsPermissionGet', + requestStream: false, + responseStream: true, + requestType: polykey_v1_vaults_vaults_pb.Vault, + responseType: polykey_v1_vaults_vaults_pb.Permissions, + requestSerialize: serialize_polykey_v1_vaults_Vault, + requestDeserialize: deserialize_polykey_v1_vaults_Vault, + responseSerialize: serialize_polykey_v1_vaults_Permissions, + responseDeserialize: deserialize_polykey_v1_vaults_Permissions, + }, + vaultsPermissionSet: { + path: '/polykey.v1.ClientService/VaultsPermissionSet', + requestStream: false, + responseStream: false, + requestType: polykey_v1_vaults_vaults_pb.Permissions, + responseType: polykey_v1_utils_utils_pb.StatusMessage, + requestSerialize: serialize_polykey_v1_vaults_Permissions, + requestDeserialize: deserialize_polykey_v1_vaults_Permissions, + responseSerialize: serialize_polykey_v1_utils_StatusMessage, + responseDeserialize: deserialize_polykey_v1_utils_StatusMessage, + }, + vaultsPermissionUnset: { + path: '/polykey.v1.ClientService/VaultsPermissionUnset', + requestStream: false, + responseStream: false, + requestType: polykey_v1_vaults_vaults_pb.Permissions, + responseType: polykey_v1_utils_utils_pb.StatusMessage, + requestSerialize: serialize_polykey_v1_vaults_Permissions, + requestDeserialize: deserialize_polykey_v1_vaults_Permissions, + responseSerialize: serialize_polykey_v1_utils_StatusMessage, + responseDeserialize: deserialize_polykey_v1_utils_StatusMessage, + }, vaultsVersion: { path: '/polykey.v1.ClientService/VaultsVersion', requestStream: false, @@ -867,39 +900,6 @@ vaultsList: { responseSerialize: serialize_polykey_v1_vaults_List, responseDeserialize: deserialize_polykey_v1_vaults_List, }, - vaultsPermissionSet: { - path: '/polykey.v1.ClientService/VaultsPermissionSet', - requestStream: false, - responseStream: false, - requestType: polykey_v1_vaults_vaults_pb.Permissions, - responseType: polykey_v1_utils_utils_pb.StatusMessage, - requestSerialize: serialize_polykey_v1_vaults_Permissions, - requestDeserialize: deserialize_polykey_v1_vaults_Permissions, - responseSerialize: serialize_polykey_v1_utils_StatusMessage, - responseDeserialize: deserialize_polykey_v1_utils_StatusMessage, - }, - vaultsPermissionUnset: { - path: '/polykey.v1.ClientService/VaultsPermissionUnset', - requestStream: false, - responseStream: false, - requestType: polykey_v1_vaults_vaults_pb.Permissions, - responseType: polykey_v1_utils_utils_pb.StatusMessage, - requestSerialize: serialize_polykey_v1_vaults_Permissions, - requestDeserialize: deserialize_polykey_v1_vaults_Permissions, - responseSerialize: serialize_polykey_v1_utils_StatusMessage, - responseDeserialize: deserialize_polykey_v1_utils_StatusMessage, - }, - vaultsPermissionGet: { - path: '/polykey.v1.ClientService/VaultsPermissionGet', - requestStream: false, - responseStream: true, - requestType: polykey_v1_vaults_vaults_pb.Vault, - responseType: polykey_v1_vaults_vaults_pb.Permissions, - requestSerialize: serialize_polykey_v1_vaults_Vault, - requestDeserialize: deserialize_polykey_v1_vaults_Vault, - responseSerialize: serialize_polykey_v1_vaults_Permissions, - responseDeserialize: deserialize_polykey_v1_vaults_Permissions, - }, // Identities identitiesAuthenticate: { path: '/polykey.v1.ClientService/IdentitiesAuthenticate', diff --git a/src/proto/js/polykey/v1/nodes/nodes_pb.d.ts b/src/proto/js/polykey/v1/nodes/nodes_pb.d.ts index b257a2328..0da62ce43 100644 --- a/src/proto/js/polykey/v1/nodes/nodes_pb.d.ts +++ b/src/proto/js/polykey/v1/nodes/nodes_pb.d.ts @@ -132,8 +132,8 @@ export class Relay extends jspb.Message { setSrcId(value: string): Relay; getTargetId(): string; setTargetId(value: string): Relay; - getEgressAddress(): string; - setEgressAddress(value: string): Relay; + getProxyAddress(): string; + setProxyAddress(value: string): Relay; getSignature(): string; setSignature(value: string): Relay; @@ -151,7 +151,7 @@ export namespace Relay { export type AsObject = { srcId: string, targetId: string, - egressAddress: string, + proxyAddress: string, signature: string, } } diff --git a/src/proto/js/polykey/v1/nodes/nodes_pb.js b/src/proto/js/polykey/v1/nodes/nodes_pb.js index 7a86f1de4..01d29ce4f 100644 --- a/src/proto/js/polykey/v1/nodes/nodes_pb.js +++ b/src/proto/js/polykey/v1/nodes/nodes_pb.js @@ -1207,7 +1207,7 @@ proto.polykey.v1.nodes.Relay.toObject = function(includeInstance, msg) { var f, obj = { srcId: jspb.Message.getFieldWithDefault(msg, 1, ""), targetId: jspb.Message.getFieldWithDefault(msg, 2, ""), - egressAddress: jspb.Message.getFieldWithDefault(msg, 3, ""), + proxyAddress: jspb.Message.getFieldWithDefault(msg, 3, ""), signature: jspb.Message.getFieldWithDefault(msg, 4, "") }; @@ -1255,7 +1255,7 @@ proto.polykey.v1.nodes.Relay.deserializeBinaryFromReader = function(msg, reader) break; case 3: var value = /** @type {string} */ (reader.readString()); - msg.setEgressAddress(value); + msg.setProxyAddress(value); break; case 4: var value = /** @type {string} */ (reader.readString()); @@ -1304,7 +1304,7 @@ proto.polykey.v1.nodes.Relay.serializeBinaryToWriter = function(message, writer) f ); } - f = message.getEgressAddress(); + f = message.getProxyAddress(); if (f.length > 0) { writer.writeString( 3, @@ -1358,10 +1358,10 @@ proto.polykey.v1.nodes.Relay.prototype.setTargetId = function(value) { /** - * optional string egress_address = 3; + * optional string proxy_address = 3; * @return {string} */ -proto.polykey.v1.nodes.Relay.prototype.getEgressAddress = function() { +proto.polykey.v1.nodes.Relay.prototype.getProxyAddress = function() { return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 3, "")); }; @@ -1370,7 +1370,7 @@ proto.polykey.v1.nodes.Relay.prototype.getEgressAddress = function() { * @param {string} value * @return {!proto.polykey.v1.nodes.Relay} returns this */ -proto.polykey.v1.nodes.Relay.prototype.setEgressAddress = function(value) { +proto.polykey.v1.nodes.Relay.prototype.setProxyAddress = function(value) { return jspb.Message.setProto3StringField(this, 3, value); }; diff --git a/src/proto/schemas/polykey/v1/agent/agent.proto b/src/proto/schemas/polykey/v1/agent/agent.proto index 7e1a1e8d9..06d6cdc57 100644 --- a/src/proto/schemas/polykey/v1/agent/agent.proto +++ b/src/proto/schemas/polykey/v1/agent/agent.proto @@ -7,14 +7,12 @@ message InfoMessage { string node_id = 2; string client_host = 3; uint32 client_port = 4; - string ingress_host = 5; - uint32 ingress_port = 6; - string egress_host = 7; - uint32 egress_port = 8; + string proxy_host = 5; + uint32 proxy_port = 6; string agent_host = 9; uint32 agent_port = 10; - string proxy_host = 11; - uint32 proxy_port = 12; + string forward_host = 11; + uint32 forward_port = 12; string root_public_key_pem = 13; string root_cert_pem = 14; string root_cert_chain_pem = 15; diff --git a/src/proto/schemas/polykey/v1/nodes/nodes.proto b/src/proto/schemas/polykey/v1/nodes/nodes.proto index 83566e6d3..4c5d64a51 100644 --- a/src/proto/schemas/polykey/v1/nodes/nodes.proto +++ b/src/proto/schemas/polykey/v1/nodes/nodes.proto @@ -37,7 +37,7 @@ message Connection { message Relay { string src_id = 1; string target_id = 2; - string egress_address = 3; + string proxy_address = 3; string signature = 4; } diff --git a/src/status/StatusSchema.json b/src/status/StatusSchema.json index b4c2c4fab..5cf2a36c6 100644 --- a/src/status/StatusSchema.json +++ b/src/status/StatusSchema.json @@ -31,16 +31,16 @@ "nodeId": { "type": "object" }, "clientHost": { "type": "string" }, "clientPort": { "type": "number" }, - "ingressHost": { "type": "string" }, - "ingressPort": { "type": "number" } + "proxyHost": { "type": "string" }, + "proxyPort": { "type": "number" } }, "required": [ "pid", "nodeId", "clientHost", "clientPort", - "ingressHost", - "ingressPort" + "proxyHost", + "proxyPort" ] } } diff --git a/src/status/types.ts b/src/status/types.ts index 0783fa08c..044754698 100644 --- a/src/status/types.ts +++ b/src/status/types.ts @@ -16,8 +16,8 @@ type StatusLive = { nodeId: NodeId; clientHost: Host; clientPort: Port; - ingressHost: Host; - ingressPort: Port; + proxyHost: Host; + proxyPort: Port; [key: string]: any; }; }; diff --git a/tests/agent/GRPCClientAgent.test.ts b/tests/agent/GRPCClientAgent.test.ts index 408775ab8..78808e361 100644 --- a/tests/agent/GRPCClientAgent.test.ts +++ b/tests/agent/GRPCClientAgent.test.ts @@ -13,8 +13,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCClientAgent from '@/agent/GRPCClientAgent'; import VaultManager from '@/vaults/VaultManager'; import NotificationsManager from '@/notifications/NotificationsManager'; @@ -40,7 +40,7 @@ describe(GRPCClientAgent.name, () => { }); let client: GRPCClientAgent; let server: grpc.Server; - let port: number; + let port: Port; let dataDir: string; let keysPath: string; let vaultsPath: string; @@ -55,8 +55,8 @@ describe(GRPCClientAgent.name, () => { let gestaltGraph: GestaltGraph; let db: DB; let notificationsManager: NotificationsManager; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + beforeEach(async () => { dataDir = await fs.promises.mkdtemp( path.join(os.tmpdir(), 'polykey-test-'), @@ -74,18 +74,10 @@ describe(GRPCClientAgent.name, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }; - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'abc', logger: logger, }); - await fwdProxy.start({ - tlsConfig, - egressHost: host, - proxyHost: host, - }); - revProxy = new ReverseProxy({ - logger: logger, - }); db = await DB.createDB({ dbPath: dbPath, fs: fs, @@ -120,8 +112,7 @@ describe(GRPCClientAgent.name, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy: fwdProxy, - revProxy: revProxy, + proxy, logger, }); await nodeConnectionManager.start(); @@ -164,20 +155,20 @@ describe(GRPCClientAgent.name, () => { notificationsManager, acl, gestaltGraph, - revProxy, + proxy, }); - await revProxy.start({ - ingressHost: host, + client = await testAgentUtils.openTestAgentClient(port); + await proxy.start({ + tlsConfig, + proxyHost: host, + forwardHost: host, serverHost: host, - serverPort: port as Port, - tlsConfig: tlsConfig, + serverPort: port, }); - client = await testAgentUtils.openTestAgentClient(port); }, global.defaultTimeout); afterEach(async () => { await testAgentUtils.closeTestAgentClient(client); await testAgentUtils.closeTestAgentServer(server); - await revProxy.stop(); await vaultManager.stop(); await notificationsManager.stop(); await sigchain.stop(); @@ -185,7 +176,7 @@ describe(GRPCClientAgent.name, () => { await nodeGraph.stop(); await gestaltGraph.stop(); await acl.stop(); - await fwdProxy.stop(); + await proxy.stop(); await db.stop(); await keyManager.stop(); await fs.promises.rm(dataDir, { @@ -221,12 +212,12 @@ describe(GRPCClientAgent.name, () => { const localHost = '127.0.0.1' as Host; let clientWithProxies1: GRPCClientAgent; - let clientFwdProxy1: ForwardProxy; + let clientProxy1: Proxy; let clientKeyManager1: KeyManager; let nodeId1: NodeId; let clientWithProxies2: GRPCClientAgent; - let clientFwdProxy2: ForwardProxy; + let clientProxy2: Proxy; let clientKeyManager2: KeyManager; let nodeId2: NodeId; @@ -235,7 +226,7 @@ describe(GRPCClientAgent.name, () => { path.join(os.tmpdir(), 'polykey-test-'), ); // Setting up clients - clientFwdProxy1 = new ForwardProxy({ + clientProxy1 = new Proxy({ authToken: 'auth', logger, }); @@ -245,28 +236,30 @@ describe(GRPCClientAgent.name, () => { logger, }); nodeId1 = clientKeyManager1.getNodeId(); - await clientFwdProxy1.start({ + await clientProxy1.start({ tlsConfig: { keyPrivatePem: clientKeyManager1.getRootKeyPairPem().privateKey, certChainPem: await clientKeyManager1.getRootCertChainPem(), }, - egressHost: localHost, proxyHost: localHost, + forwardHost: localHost, + serverHost: host, + serverPort: port, }); clientWithProxies1 = await GRPCClientAgent.createGRPCClientAgent({ host: localHost, nodeId: keyManager.getNodeId(), - port: revProxy.getIngressPort(), + port: proxy.getProxyPort(), proxyConfig: { - host: clientFwdProxy1.getProxyHost(), - port: clientFwdProxy1.getProxyPort(), - authToken: clientFwdProxy1.authToken, + host: clientProxy1.getForwardHost(), + port: clientProxy1.getForwardPort(), + authToken: clientProxy1.authToken, }, timeout: 5000, logger, }); - clientFwdProxy2 = new ForwardProxy({ + clientProxy2 = new Proxy({ authToken: 'auth', logger, }); @@ -276,58 +269,60 @@ describe(GRPCClientAgent.name, () => { logger, }); nodeId2 = clientKeyManager2.getNodeId(); - await clientFwdProxy2.start({ + await clientProxy2.start({ tlsConfig: { keyPrivatePem: clientKeyManager2.getRootKeyPairPem().privateKey, certChainPem: await clientKeyManager2.getRootCertChainPem(), }, - egressHost: localHost, proxyHost: localHost, + forwardHost: localHost, + serverHost: host, + serverPort: port, }); clientWithProxies2 = await GRPCClientAgent.createGRPCClientAgent({ host: localHost, logger, nodeId: keyManager.getNodeId(), - port: revProxy.getIngressPort(), + port: proxy.getProxyPort(), proxyConfig: { - host: clientFwdProxy2.getProxyHost(), - port: clientFwdProxy2.getProxyPort(), - authToken: clientFwdProxy2.authToken, + host: clientProxy2.getForwardHost(), + port: clientProxy2.getForwardPort(), + authToken: clientProxy2.authToken, }, timeout: 5000, }); }); afterEach(async () => { await testAgentUtils.closeTestAgentClient(clientWithProxies1); - await clientFwdProxy1.stop(); + await clientProxy1.stop(); await clientKeyManager1.stop(); await testAgentUtils.closeTestAgentClient(clientWithProxies2); - await clientFwdProxy2.stop(); + await clientProxy2.stop(); await clientKeyManager2.stop(); }); test('connectionInfoGetter returns correct information for each connection', async () => { // We can't directly spy on the connectionInfoGetter result // but we can check that it called `getConnectionInfoByProxy` properly const getConnectionInfoByProxySpy = jest.spyOn( - ReverseProxy.prototype, - 'getConnectionInfoByProxy', + Proxy.prototype, + 'getConnectionInfoByReverse', ); await clientWithProxies1.echo(new utilsPB.EchoMessage()); await clientWithProxies2.echo(new utilsPB.EchoMessage()); // It should've returned the expected information const returnedInfo1 = getConnectionInfoByProxySpy.mock.results[0].value; - expect(returnedInfo1.ingressPort).toEqual(revProxy.getIngressPort()); - expect(returnedInfo1.ingressHost).toEqual(localHost); - expect(returnedInfo1.egressPort).toEqual(clientFwdProxy1.getEgressPort()); - expect(returnedInfo1.egressHost).toEqual(localHost); - expect(returnedInfo1.nodeId).toStrictEqual(nodeId1); + expect(returnedInfo1.localPort).toEqual(proxy.getProxyPort()); + expect(returnedInfo1.localHost).toEqual(localHost); + expect(returnedInfo1.remotePort).toEqual(clientProxy1.getProxyPort()); + expect(returnedInfo1.remoteHost).toEqual(localHost); + expect(returnedInfo1.remoteNodeId).toStrictEqual(nodeId1); // Checking second call const returnedInfo2 = getConnectionInfoByProxySpy.mock.results[1].value; - expect(returnedInfo2.ingressPort).toEqual(revProxy.getIngressPort()); - expect(returnedInfo2.ingressHost).toEqual(localHost); - expect(returnedInfo2.egressPort).toEqual(clientFwdProxy2.getEgressPort()); - expect(returnedInfo2.egressHost).toEqual(localHost); - expect(returnedInfo2.nodeId).toStrictEqual(nodeId2); + expect(returnedInfo2.localPort).toEqual(proxy.getProxyPort()); + expect(returnedInfo2.localHost).toEqual(localHost); + expect(returnedInfo2.remotePort).toEqual(clientProxy2.getProxyPort()); + expect(returnedInfo2.remoteHost).toEqual(localHost); + expect(returnedInfo2.remoteNodeId).toStrictEqual(nodeId2); }); }); }); diff --git a/tests/agent/service/notificationsSend.test.ts b/tests/agent/service/notificationsSend.test.ts index 207a01a2c..a0eb81ffa 100644 --- a/tests/agent/service/notificationsSend.test.ts +++ b/tests/agent/service/notificationsSend.test.ts @@ -14,8 +14,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import NotificationsManager from '@/notifications/NotificationsManager'; import ACL from '@/acl/ACL'; import GRPCClientAgent from '@/agent/GRPCClientAgent'; @@ -44,8 +44,8 @@ describe('notificationsSend', () => { let notificationsManager: NotificationsManager; let acl: ACL; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -86,24 +86,17 @@ describe('notificationsSend', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -118,8 +111,7 @@ describe('notificationsSend', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -167,8 +159,7 @@ describe('notificationsSend', () => { await nodeConnectionManager.stop(); await sigchain.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await acl.stop(); await db.stop(); await senderKeyManager.stop(); diff --git a/tests/agent/utils.ts b/tests/agent/utils.ts index 6bfda2465..8cf77303e 100644 --- a/tests/agent/utils.ts +++ b/tests/agent/utils.ts @@ -9,7 +9,7 @@ import type { NotificationsManager } from '@/notifications'; import type { ACL } from '@/acl'; import type { GestaltGraph } from '@/gestalts'; import type { NodeId } from 'nodes/types'; -import type { ReverseProxy } from 'network/index'; +import type Proxy from 'network/Proxy'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import * as grpc from '@grpc/grpc-js'; import { promisify } from '@/utils'; @@ -30,7 +30,7 @@ async function openTestAgentServer({ notificationsManager, acl, gestaltGraph, - revProxy, + proxy, }: { keyManager: KeyManager; vaultManager: VaultManager; @@ -41,7 +41,7 @@ async function openTestAgentServer({ notificationsManager: NotificationsManager; acl: ACL; gestaltGraph: GestaltGraph; - revProxy: ReverseProxy; + proxy: Proxy; }) { const agentService: IAgentServiceServer = createAgentService({ keyManager, @@ -53,7 +53,7 @@ async function openTestAgentServer({ nodeConnectionManager, acl, gestaltGraph, - revProxy, + proxy, }); const server = new grpc.Server(); diff --git a/tests/bin/agent/start.test.ts b/tests/bin/agent/start.test.ts index b1c99affe..313d9a55b 100644 --- a/tests/bin/agent/start.test.ts +++ b/tests/bin/agent/start.test.ts @@ -1,4 +1,5 @@ import type { RecoveryCode } from '@/keys/types'; +import type { StatusLive } from '@/status/types'; import os from 'os'; import path from 'path'; import fs from 'fs'; @@ -40,7 +41,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -100,7 +101,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--background', '--background-out-file', @@ -184,7 +185,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -205,7 +206,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -282,7 +283,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -366,7 +367,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -398,7 +399,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -446,7 +447,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -487,7 +488,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -556,7 +557,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -591,7 +592,7 @@ describe('start', () => { '2048', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -640,7 +641,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -680,8 +681,8 @@ describe('start', () => { // Make sure these ports are not occupied const clientHost = '127.0.0.2'; const clientPort = 55555; - const ingressHost = '127.0.0.3'; - const ingressPort = 55556; + const proxyHost = '127.0.0.3'; + const proxyPort = 55556; const agentProcess = await testBinUtils.pkSpawn( [ 'agent', @@ -694,10 +695,10 @@ describe('start', () => { clientHost, '--client-port', clientPort.toString(), - '--ingress-host', - ingressHost, - '--ingress-port', - ingressPort.toString(), + '--proxy-host', + proxyHost, + '--proxy-port', + proxyPort.toString(), '--verbose', ], { @@ -720,7 +721,7 @@ describe('start', () => { global.defaultTimeout * 2, ); describe('start with global agent', () => { - let globalAgentStatus; + let globalAgentStatus: StatusLive; let globalAgentClose; let agentDataDir; let agent: PolykeyAgent; @@ -746,8 +747,8 @@ describe('start', () => { logger, }); seedNodeId1 = globalAgentStatus.data.nodeId; - seedNodeHost1 = globalAgentStatus.data.ingressHost; - seedNodePort1 = globalAgentStatus.data.ingressPort; + seedNodeHost1 = globalAgentStatus.data.proxyHost; + seedNodePort1 = globalAgentStatus.data.proxyPort; seedNodeId2 = agent.keyManager.getNodeId(); seedNodeHost2 = agent.grpcServerAgent.getHost(); seedNodePort2 = agent.grpcServerAgent.getPort(); @@ -795,7 +796,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -859,7 +860,7 @@ describe('start', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', diff --git a/tests/bin/agent/status.test.ts b/tests/bin/agent/status.test.ts index e8df32dd7..ba9d306ed 100644 --- a/tests/bin/agent/status.test.ts +++ b/tests/bin/agent/status.test.ts @@ -48,7 +48,7 @@ describe('status', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -162,14 +162,12 @@ describe('status', () => { nodeId: nodesUtils.encodeNodeId(statusInfo.data.nodeId), clientHost: statusInfo.data.clientHost, clientPort: statusInfo.data.clientPort, - ingressHost: statusInfo.data.ingressHost, - ingressPort: statusInfo.data.ingressPort, - egressHost: expect.any(String), - egressPort: expect.any(Number), + proxyHost: statusInfo.data.proxyHost, + proxyPort: statusInfo.data.proxyPort, agentHost: expect.any(String), agentPort: expect.any(Number), - proxyHost: expect.any(String), - proxyPort: expect.any(Number), + forwardHost: expect.any(String), + forwardPort: expect.any(Number), rootPublicKeyPem: expect.any(String), rootCertPem: expect.any(String), rootCertChainPem: expect.any(String), @@ -213,14 +211,12 @@ describe('status', () => { nodeId: nodesUtils.encodeNodeId(statusInfo.data.nodeId), clientHost: statusInfo.data.clientHost, clientPort: statusInfo.data.clientPort, - ingressHost: statusInfo.data.ingressHost, - ingressPort: statusInfo.data.ingressPort, - egressHost: expect.any(String), - egressPort: expect.any(Number), + proxyHost: statusInfo.data.proxyHost, + proxyPort: statusInfo.data.proxyPort, agentHost: expect.any(String), agentPort: expect.any(Number), - proxyHost: expect.any(String), - proxyPort: expect.any(Number), + forwardHost: expect.any(String), + forwardPort: expect.any(Number), rootPublicKeyPem: expect.any(String), rootCertPem: expect.any(String), rootCertChainPem: expect.any(String), diff --git a/tests/bin/agent/stop.test.ts b/tests/bin/agent/stop.test.ts index c3052c0b7..be708f4ea 100644 --- a/tests/bin/agent/stop.test.ts +++ b/tests/bin/agent/stop.test.ts @@ -36,7 +36,7 @@ describe('stop', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -95,7 +95,7 @@ describe('stop', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -182,7 +182,7 @@ describe('stop', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', @@ -234,7 +234,7 @@ describe('stop', () => { '1024', '--client-host', '127.0.0.1', - '--ingress-host', + '--proxy-host', '127.0.0.1', '--workers', '0', diff --git a/tests/bin/identities/allowDisallowPermissions.test.ts b/tests/bin/identities/allowDisallowPermissions.test.ts index f3dbd2096..ddb6fb765 100644 --- a/tests/bin/identities/allowDisallowPermissions.test.ts +++ b/tests/bin/identities/allowDisallowPermissions.test.ts @@ -59,8 +59,7 @@ describe('allow/disallow/permissions', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -74,16 +73,15 @@ describe('allow/disallow/permissions', () => { nodePath: nodePathGestalt, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, logger, }); nodeId = node.keyManager.getNodeId(); - nodeHost = node.revProxy.getIngressHost(); - nodePort = node.revProxy.getIngressPort(); + nodeHost = node.proxy.getProxyHost(); + nodePort = node.proxy.getProxyPort(); node.identitiesManager.registerProvider(provider); await node.identitiesManager.putToken(provider.id, identity, { accessToken: 'def456', diff --git a/tests/bin/identities/authenticateAuthenticated.test.ts b/tests/bin/identities/authenticateAuthenticated.test.ts index ef286b595..71110bb9d 100644 --- a/tests/bin/identities/authenticateAuthenticated.test.ts +++ b/tests/bin/identities/authenticateAuthenticated.test.ts @@ -45,8 +45,7 @@ describe('authenticate/authenticated', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/identities/claim.test.ts b/tests/bin/identities/claim.test.ts index 901812f9a..de1817c30 100644 --- a/tests/bin/identities/claim.test.ts +++ b/tests/bin/identities/claim.test.ts @@ -47,8 +47,7 @@ describe('claim', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/identities/discoverGet.test.ts b/tests/bin/identities/discoverGet.test.ts index 968dfa27a..c1e194ab3 100644 --- a/tests/bin/identities/discoverGet.test.ts +++ b/tests/bin/identities/discoverGet.test.ts @@ -52,8 +52,7 @@ describe('discover/get', () => { nodePath: path.join(dataDir, 'nodeA'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -63,15 +62,14 @@ describe('discover/get', () => { logger, }); nodeAId = nodeA.keyManager.getNodeId(); - nodeAHost = nodeA.revProxy.getIngressHost(); - nodeAPort = nodeA.revProxy.getIngressPort(); + nodeAHost = nodeA.proxy.getProxyHost(); + nodeAPort = nodeA.proxy.getProxyPort(); nodeB = await PolykeyAgent.createPolykeyAgent({ password, nodePath: path.join(dataDir, 'nodeB'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -96,8 +94,7 @@ describe('discover/get', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/identities/search.test.ts b/tests/bin/identities/search.test.ts index e4377d19b..db82c3216 100644 --- a/tests/bin/identities/search.test.ts +++ b/tests/bin/identities/search.test.ts @@ -129,8 +129,7 @@ describe('search', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/identities/trustUntrustList.test.ts b/tests/bin/identities/trustUntrustList.test.ts index 7b933d33e..a11c13260 100644 --- a/tests/bin/identities/trustUntrustList.test.ts +++ b/tests/bin/identities/trustUntrustList.test.ts @@ -59,8 +59,7 @@ describe('trust/untrust/list', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -74,16 +73,15 @@ describe('trust/untrust/list', () => { nodePath: nodePathGestalt, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, logger, }); nodeId = node.keyManager.getNodeId(); - nodeHost = node.revProxy.getIngressHost(); - nodePort = node.revProxy.getIngressPort(); + nodeHost = node.proxy.getProxyHost(); + nodePort = node.proxy.getProxyPort(); node.identitiesManager.registerProvider(provider); await node.identitiesManager.putToken(provider.id, identity, { accessToken: 'def456', diff --git a/tests/bin/keys/renew.test.ts b/tests/bin/keys/renew.test.ts index 043e5bf6b..a90150b2f 100644 --- a/tests/bin/keys/renew.test.ts +++ b/tests/bin/keys/renew.test.ts @@ -36,8 +36,7 @@ describe('renew', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/keys/reset.test.ts b/tests/bin/keys/reset.test.ts index 3acb10600..68b6685b7 100644 --- a/tests/bin/keys/reset.test.ts +++ b/tests/bin/keys/reset.test.ts @@ -36,8 +36,7 @@ describe('reset', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/nodes/add.test.ts b/tests/bin/nodes/add.test.ts index 48aae33c4..062cf6cdf 100644 --- a/tests/bin/nodes/add.test.ts +++ b/tests/bin/nodes/add.test.ts @@ -43,8 +43,7 @@ describe('add', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/nodes/claim.test.ts b/tests/bin/nodes/claim.test.ts index fd9787465..5dc9b92f5 100644 --- a/tests/bin/nodes/claim.test.ts +++ b/tests/bin/nodes/claim.test.ts @@ -40,8 +40,7 @@ describe('claim', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -58,8 +57,7 @@ describe('claim', () => { nodePath: path.join(dataDir, 'remoteNode'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/nodes/find.test.ts b/tests/bin/nodes/find.test.ts index 802691a8a..6be67177a 100644 --- a/tests/bin/nodes/find.test.ts +++ b/tests/bin/nodes/find.test.ts @@ -44,8 +44,7 @@ describe('find', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -62,8 +61,7 @@ describe('find', () => { nodePath: path.join(dataDir, 'remoteOnline'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -73,8 +71,8 @@ describe('find', () => { logger, }); remoteOnlineNodeId = remoteOnline.keyManager.getNodeId(); - remoteOnlineHost = remoteOnline.revProxy.getIngressHost(); - remoteOnlinePort = remoteOnline.revProxy.getIngressPort(); + remoteOnlineHost = remoteOnline.proxy.getProxyHost(); + remoteOnlinePort = remoteOnline.proxy.getProxyPort(); await testNodesUtils.nodesConnect(polykeyAgent, remoteOnline); // Setting up an offline remote keynode remoteOffline = await PolykeyAgent.createPolykeyAgent({ @@ -82,8 +80,7 @@ describe('find', () => { nodePath: path.join(dataDir, 'remoteOffline'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -93,8 +90,8 @@ describe('find', () => { logger, }); remoteOfflineNodeId = remoteOffline.keyManager.getNodeId(); - remoteOfflineHost = remoteOffline.revProxy.getIngressHost(); - remoteOfflinePort = remoteOffline.revProxy.getIngressPort(); + remoteOfflineHost = remoteOffline.proxy.getProxyHost(); + remoteOfflinePort = remoteOffline.proxy.getProxyPort(); await testNodesUtils.nodesConnect(polykeyAgent, remoteOffline); await remoteOffline.stop(); }, global.defaultTimeout * 3); diff --git a/tests/bin/nodes/ping.test.ts b/tests/bin/nodes/ping.test.ts index afe076555..196ec8ce8 100644 --- a/tests/bin/nodes/ping.test.ts +++ b/tests/bin/nodes/ping.test.ts @@ -40,12 +40,11 @@ describe('ping', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, - forwardProxyConfig: { + proxyConfig: { connConnectTime: 2000, }, nodeConnectionManagerConfig: { @@ -61,8 +60,7 @@ describe('ping', () => { nodePath: path.join(dataDir, 'remoteOnline'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -79,8 +77,7 @@ describe('ping', () => { nodePath: path.join(dataDir, 'remoteOffline'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/bin/notifications/sendReadClear.test.ts b/tests/bin/notifications/sendReadClear.test.ts index f83863e5a..eb97e4390 100644 --- a/tests/bin/notifications/sendReadClear.test.ts +++ b/tests/bin/notifications/sendReadClear.test.ts @@ -52,31 +52,29 @@ describe('send/read/claim', () => { nodePath: nodePathSender, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, logger, }); senderId = sender.keyManager.getNodeId(); - senderHost = sender.revProxy.getIngressHost(); - senderPort = sender.revProxy.getIngressPort(); + senderHost = sender.proxy.getProxyHost(); + senderPort = sender.proxy.getProxyPort(); receiver = await PolykeyAgent.createPolykeyAgent({ password, nodePath: nodePathReceiver, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, logger, }); receiverId = receiver.keyManager.getNodeId(); - receiverHost = receiver.revProxy.getIngressHost(); - receiverPort = receiver.revProxy.getIngressPort(); + receiverHost = receiver.proxy.getProxyHost(); + receiverPort = receiver.proxy.getProxyPort(); }); afterAll(async () => { await receiver.stop(); diff --git a/tests/bin/vaults/vaults.test.ts b/tests/bin/vaults/vaults.test.ts index 6a5c1a974..e1cb0c691 100644 --- a/tests/bin/vaults/vaults.test.ts +++ b/tests/bin/vaults/vaults.test.ts @@ -228,14 +228,14 @@ describe('CLI vaults', () => { const targetNodeId = targetPolykeyAgent.keyManager.getNodeId(); const targetNodeIdEncoded = nodesUtils.encodeNodeId(targetNodeId); await polykeyAgent.nodeManager.setNode(targetNodeId, { - host: targetPolykeyAgent.revProxy.getIngressHost(), - port: targetPolykeyAgent.revProxy.getIngressPort(), + host: targetPolykeyAgent.proxy.getProxyHost(), + port: targetPolykeyAgent.proxy.getProxyPort(), }); await targetPolykeyAgent.nodeManager.setNode( polykeyAgent.keyManager.getNodeId(), { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }, ); await polykeyAgent.acl.setNodePerm(targetNodeId, { @@ -706,8 +706,8 @@ describe('CLI vaults', () => { const remoteOnlineNodeIdEncoded = nodesUtils.encodeNodeId(remoteOnlineNodeId); await polykeyAgent.nodeManager.setNode(remoteOnlineNodeId, { - host: remoteOnline.revProxy.getIngressHost(), - port: remoteOnline.revProxy.getIngressPort(), + host: remoteOnline.proxy.getProxyHost(), + port: remoteOnline.proxy.getProxyPort(), } as NodeAddress); await remoteOnline.gestaltGraph.setNode({ diff --git a/tests/client/rpcVaults.test.ts b/tests/client/rpcVaults.test.ts index 34192efde..6e477e62d 100644 --- a/tests/client/rpcVaults.test.ts +++ b/tests/client/rpcVaults.test.ts @@ -12,7 +12,7 @@ import * as utilsPB from '@/proto/js/polykey/v1/utils/utils_pb'; import * as vaultsPB from '@/proto/js/polykey/v1/vaults/vaults_pb'; import * as secretsPB from '@/proto/js/polykey/v1/secrets/secrets_pb'; import KeyManager from '@/keys/KeyManager'; -import ForwardProxy from '@/network/ForwardProxy'; +import Proxy from '@/network/Proxy'; import * as grpcUtils from '@/grpc/utils'; import * as vaultErrors from '@/vaults/errors'; import * as vaultsUtils from '@/vaults/utils'; @@ -64,7 +64,7 @@ describe('Vaults client service', () => { logger, }); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken: 'abc', logger: logger, }); @@ -73,7 +73,7 @@ describe('Vaults client service', () => { password, nodePath: dataDir, logger, - fwdProxy, + proxy, keyManager, }); @@ -380,21 +380,21 @@ describe('Vaults client service', () => { }); await pkAgent.nodeManager.setNode(targetNodeId1, { - host: remoteKeynode1.revProxy.getIngressHost(), - port: remoteKeynode1.revProxy.getIngressPort(), + host: remoteKeynode1.proxy.getProxyHost(), + port: remoteKeynode1.proxy.getProxyPort(), }); await pkAgent.nodeManager.setNode(targetNodeId2, { - host: remoteKeynode2.revProxy.getIngressHost(), - port: remoteKeynode2.revProxy.getIngressPort(), + host: remoteKeynode2.proxy.getProxyHost(), + port: remoteKeynode2.proxy.getProxyPort(), }); await remoteKeynode1.nodeManager.setNode(pkAgentNodeId, { - host: pkAgent.revProxy.getIngressHost(), - port: pkAgent.revProxy.getIngressPort(), + host: pkAgent.proxy.getProxyHost(), + port: pkAgent.proxy.getProxyPort(), }); await remoteKeynode2.nodeManager.setNode(pkAgentNodeId, { - host: pkAgent.revProxy.getIngressHost(), - port: pkAgent.revProxy.getIngressPort(), + host: pkAgent.proxy.getProxyHost(), + port: pkAgent.proxy.getProxyPort(), }); await remoteKeynode1.acl.setNodePerm(pkAgentNodeId, { gestalt: { diff --git a/tests/client/service/agentStatus.test.ts b/tests/client/service/agentStatus.test.ts index 6be7ae2c4..ff1a0a1fe 100644 --- a/tests/client/service/agentStatus.test.ts +++ b/tests/client/service/agentStatus.test.ts @@ -5,8 +5,7 @@ import os from 'os'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import { Metadata } from '@grpc/grpc-js'; import KeyManager from '@/keys/KeyManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import agentStatus from '@/client/service/agentStatus'; @@ -44,8 +43,7 @@ describe('agentStatus', () => { let keyManager: KeyManager; let grpcServerClient: GRPCServer; let grpcServerAgent: GRPCServer; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let grpcServer: GRPCServer; let grpcClient: GRPCClientClient; beforeEach(async () => { @@ -66,20 +64,13 @@ describe('agentStatus', () => { await grpcServerAgent.start({ services: [], }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -91,8 +82,7 @@ describe('agentStatus', () => { keyManager, grpcServerClient, grpcServerAgent, - fwdProxy, - revProxy, + proxy, }), }; grpcServer = new GRPCServer({ logger }); @@ -111,8 +101,7 @@ describe('agentStatus', () => { afterEach(async () => { await grpcClient.destroy(); await grpcServer.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await grpcServerAgent.stop(); await grpcServerClient.stop(); await keyManager.stop(); @@ -133,14 +122,12 @@ describe('agentStatus', () => { nodeId: expect.any(String), clientHost: expect.any(String), clientPort: expect.any(Number), - ingressHost: expect.any(String), - ingressPort: expect.any(Number), - egressHost: expect.any(String), - egressPort: expect.any(Number), - agentHost: expect.any(String), - agentPort: expect.any(Number), proxyHost: expect.any(String), proxyPort: expect.any(Number), + agentHost: expect.any(String), + agentPort: expect.any(Number), + forwardHost: expect.any(String), + forwardPort: expect.any(Number), rootPublicKeyPem: expect.any(String), rootCertPem: expect.any(String), rootCertChainPem: expect.any(String), diff --git a/tests/client/service/gestaltsDiscoveryByIdentity.test.ts b/tests/client/service/gestaltsDiscoveryByIdentity.test.ts index b12e726e9..a987f6aad 100644 --- a/tests/client/service/gestaltsDiscoveryByIdentity.test.ts +++ b/tests/client/service/gestaltsDiscoveryByIdentity.test.ts @@ -15,8 +15,7 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import gestaltsDiscoveryByIdentity from '@/client/service/gestaltsDiscoveryByIdentity'; @@ -63,8 +62,7 @@ describe('gestaltsDiscoveryByIdentity', () => { let nodeConnectionManager: NodeConnectionManager; let nodeManager: NodeManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let acl: ACL; let db: DB; let keyManager: KeyManager; @@ -105,20 +103,13 @@ describe('gestaltsDiscoveryByIdentity', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -137,8 +128,7 @@ describe('gestaltsDiscoveryByIdentity', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -187,8 +177,7 @@ describe('gestaltsDiscoveryByIdentity', () => { await nodeGraph.stop(); await nodeConnectionManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await identitiesManager.stop(); await gestaltGraph.stop(); await acl.stop(); diff --git a/tests/client/service/gestaltsDiscoveryByNode.test.ts b/tests/client/service/gestaltsDiscoveryByNode.test.ts index 97510dda2..d03fe307a 100644 --- a/tests/client/service/gestaltsDiscoveryByNode.test.ts +++ b/tests/client/service/gestaltsDiscoveryByNode.test.ts @@ -15,8 +15,7 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import gestaltsDiscoveryByNode from '@/client/service/gestaltsDiscoveryByNode'; @@ -63,8 +62,7 @@ describe('gestaltsDiscoveryByNode', () => { let nodeConnectionManager: NodeConnectionManager; let nodeManager: NodeManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let acl: ACL; let db: DB; let keyManager: KeyManager; @@ -105,20 +103,13 @@ describe('gestaltsDiscoveryByNode', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -137,8 +128,7 @@ describe('gestaltsDiscoveryByNode', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -187,8 +177,7 @@ describe('gestaltsDiscoveryByNode', () => { await nodeGraph.stop(); await nodeConnectionManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await identitiesManager.stop(); await gestaltGraph.stop(); await acl.stop(); diff --git a/tests/client/service/gestaltsGestaltTrustByIdentity.test.ts b/tests/client/service/gestaltsGestaltTrustByIdentity.test.ts index 6b87fc7c3..8bd0a749e 100644 --- a/tests/client/service/gestaltsGestaltTrustByIdentity.test.ts +++ b/tests/client/service/gestaltsGestaltTrustByIdentity.test.ts @@ -18,8 +18,7 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import GestaltGraph from '@/gestalts/GestaltGraph'; import ACL from '@/acl/ACL'; import GRPCServer from '@/grpc/GRPCServer'; @@ -79,8 +78,7 @@ describe('gestaltsGestaltTrustByIdentity', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -122,8 +120,8 @@ describe('gestaltsGestaltTrustByIdentity', () => { let nodeConnectionManager: NodeConnectionManager; let nodeGraph: NodeGraph; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let acl: ACL; let db: DB; let keyManager: KeyManager; @@ -172,20 +170,13 @@ describe('gestaltsGestaltTrustByIdentity', () => { accessToken: 'def456', }, ); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -204,8 +195,7 @@ describe('gestaltsGestaltTrustByIdentity', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -220,8 +210,8 @@ describe('gestaltsGestaltTrustByIdentity', () => { logger: logger.getChild('nodeManager'), }); await nodeManager.setNode(nodesUtils.decodeNodeId(nodeId)!, { - host: node.revProxy.getIngressHost(), - port: node.revProxy.getIngressPort(), + host: node.proxy.getProxyHost(), + port: node.proxy.getProxyPort(), }); discovery = await Discovery.createDiscovery({ db, @@ -258,8 +248,7 @@ describe('gestaltsGestaltTrustByIdentity', () => { await discovery.stop(); await nodeConnectionManager.stop(); await nodeGraph.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await sigchain.stop(); await identitiesManager.stop(); await gestaltGraph.stop(); diff --git a/tests/client/service/gestaltsGestaltTrustByNode.test.ts b/tests/client/service/gestaltsGestaltTrustByNode.test.ts index aa3618bd0..ccc7c827d 100644 --- a/tests/client/service/gestaltsGestaltTrustByNode.test.ts +++ b/tests/client/service/gestaltsGestaltTrustByNode.test.ts @@ -18,8 +18,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GestaltGraph from '@/gestalts/GestaltGraph'; import ACL from '@/acl/ACL'; import GRPCServer from '@/grpc/GRPCServer'; @@ -76,8 +76,7 @@ describe('gestaltsGestaltTrustByNode', () => { nodePath, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -119,8 +118,8 @@ describe('gestaltsGestaltTrustByNode', () => { let nodeConnectionManager: NodeConnectionManager; let nodeGraph: NodeGraph; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let acl: ACL; let db: DB; let keyManager: KeyManager; @@ -169,20 +168,13 @@ describe('gestaltsGestaltTrustByNode', () => { accessToken: 'def456', }, ); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -201,8 +193,7 @@ describe('gestaltsGestaltTrustByNode', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -217,8 +208,8 @@ describe('gestaltsGestaltTrustByNode', () => { logger: logger.getChild('nodeManager'), }); await nodeManager.setNode(nodesUtils.decodeNodeId(nodeId)!, { - host: node.revProxy.getIngressHost(), - port: node.revProxy.getIngressPort(), + host: node.proxy.getProxyHost(), + port: node.proxy.getProxyPort(), }); discovery = await Discovery.createDiscovery({ db, @@ -255,8 +246,7 @@ describe('gestaltsGestaltTrustByNode', () => { await discovery.stop(); await nodeConnectionManager.stop(); await nodeGraph.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await sigchain.stop(); await identitiesManager.stop(); await gestaltGraph.stop(); diff --git a/tests/client/service/identitiesClaim.test.ts b/tests/client/service/identitiesClaim.test.ts index f385e1cf4..4abb4ce40 100644 --- a/tests/client/service/identitiesClaim.test.ts +++ b/tests/client/service/identitiesClaim.test.ts @@ -13,8 +13,8 @@ import IdentitiesManager from '@/identities/IdentitiesManager'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import identitiesClaim from '@/client/service/identitiesClaim'; @@ -82,8 +82,8 @@ describe('identitiesClaim', () => { let nodeGraph: NodeGraph; let nodeConnectionManager: NodeConnectionManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -109,20 +109,13 @@ describe('identitiesClaim', () => { }); testProvider = new TestProvider(); identitiesManager.registerProvider(testProvider); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -140,10 +133,9 @@ describe('identitiesClaim', () => { }); nodeConnectionManager = new NodeConnectionManager({ connConnectTime: 2000, - fwdProxy, + proxy, keyManager, nodeGraph, - revProxy, logger: logger.getChild('nodeConnectionManager'), }); await nodeConnectionManager.start(); @@ -174,8 +166,7 @@ describe('identitiesClaim', () => { await nodeConnectionManager.stop(); await nodeGraph.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await identitiesManager.stop(); await db.stop(); await keyManager.stop(); diff --git a/tests/client/service/keysKeyPairRenew.test.ts b/tests/client/service/keysKeyPairRenew.test.ts index 699b73ca5..714055cf0 100644 --- a/tests/client/service/keysKeyPairRenew.test.ts +++ b/tests/client/service/keysKeyPairRenew.test.ts @@ -1,6 +1,5 @@ import type { Host, Port, TLSConfig } from '@/network/types'; -import type ForwardProxy from '@/network/ForwardProxy'; -import type ReverseProxy from '@/network/ReverseProxy'; +import type Proxy from '@/network/Proxy'; import type Status from '@/status/Status'; import type KeyManager from '@/keys/KeyManager'; import fs from 'fs'; @@ -51,8 +50,8 @@ describe('keysKeyPairRenew', () => { let dataDir: string; let keyManager: KeyManager; let grpcServerClient: GRPCServer; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let status: Status; let grpcServer: GRPCServer; let grpcClient: GRPCClientClient; @@ -69,8 +68,7 @@ describe('keysKeyPairRenew', () => { }); keyManager = pkAgent.keyManager; grpcServerClient = pkAgent.grpcServerClient; - fwdProxy = pkAgent.fwdProxy; - revProxy = pkAgent.revProxy; + proxy = pkAgent.proxy; status = pkAgent.status; const clientService = { keysKeyPairRenew: keysKeyPairRenew({ @@ -104,9 +102,7 @@ describe('keysKeyPairRenew', () => { const rootKeyPair1 = keyManager.getRootKeyPairPem(); const nodeId1 = keyManager.getNodeId(); // @ts-ignore - get protected property - const fwdTLSConfig1 = fwdProxy.tlsConfig; - // @ts-ignore - get protected property - const revTLSConfig1 = revProxy.tlsConfig; + const fwdTLSConfig1 = proxy.tlsConfig; // @ts-ignore - get protected property const serverTLSConfig1 = grpcServerClient.tlsConfig; const expectedTLSConfig1: TLSConfig = { @@ -116,7 +112,6 @@ describe('keysKeyPairRenew', () => { const nodeIdStatus1 = (await status.readStatus())!.data.nodeId; expect(mockedRefreshBuckets.mock.calls).toHaveLength(0); expect(fwdTLSConfig1).toEqual(expectedTLSConfig1); - expect(revTLSConfig1).toEqual(expectedTLSConfig1); expect(serverTLSConfig1).toEqual(expectedTLSConfig1); expect(nodeId1.equals(nodeIdStatus1)).toBe(true); // Run command @@ -130,9 +125,7 @@ describe('keysKeyPairRenew', () => { const rootKeyPair2 = keyManager.getRootKeyPairPem(); const nodeId2 = keyManager.getNodeId(); // @ts-ignore - get protected property - const fwdTLSConfig2 = fwdProxy.tlsConfig; - // @ts-ignore - get protected property - const revTLSConfig2 = revProxy.tlsConfig; + const fwdTLSConfig2 = proxy.tlsConfig; // @ts-ignore - get protected property const serverTLSConfig2 = grpcServerClient.tlsConfig; const expectedTLSConfig2: TLSConfig = { @@ -142,7 +135,6 @@ describe('keysKeyPairRenew', () => { const nodeIdStatus2 = (await status.readStatus())!.data.nodeId; expect(mockedRefreshBuckets.mock.calls).toHaveLength(1); expect(fwdTLSConfig2).toEqual(expectedTLSConfig2); - expect(revTLSConfig2).toEqual(expectedTLSConfig2); expect(serverTLSConfig2).toEqual(expectedTLSConfig2); expect(rootKeyPair2.privateKey).not.toBe(rootKeyPair1.privateKey); expect(rootKeyPair2.publicKey).not.toBe(rootKeyPair1.publicKey); diff --git a/tests/client/service/keysKeyPairReset.test.ts b/tests/client/service/keysKeyPairReset.test.ts index d4eed5d93..155d6071e 100644 --- a/tests/client/service/keysKeyPairReset.test.ts +++ b/tests/client/service/keysKeyPairReset.test.ts @@ -1,6 +1,5 @@ import type { Host, Port, TLSConfig } from '@/network/types'; -import type ForwardProxy from '@/network/ForwardProxy'; -import type ReverseProxy from '@/network/ReverseProxy'; +import type Proxy from '@/network/Proxy'; import type Status from '@/status/Status'; import type KeyManager from '@/keys/KeyManager'; import fs from 'fs'; @@ -51,8 +50,8 @@ describe('keysKeyPairReset', () => { let dataDir: string; let keyManager: KeyManager; let grpcServerClient: GRPCServer; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let status: Status; let grpcServer: GRPCServer; let grpcClient: GRPCClientClient; @@ -69,8 +68,7 @@ describe('keysKeyPairReset', () => { }); keyManager = pkAgent.keyManager; grpcServerClient = pkAgent.grpcServerClient; - fwdProxy = pkAgent.fwdProxy; - revProxy = pkAgent.revProxy; + proxy = pkAgent.proxy; status = pkAgent.status; const clientService = { keysKeyPairReset: keysKeyPairReset({ @@ -104,9 +102,7 @@ describe('keysKeyPairReset', () => { const rootKeyPair1 = keyManager.getRootKeyPairPem(); const nodeId1 = keyManager.getNodeId(); // @ts-ignore - get protected property - const fwdTLSConfig1 = fwdProxy.tlsConfig; - // @ts-ignore - get protected property - const revTLSConfig1 = revProxy.tlsConfig; + const fwdTLSConfig1 = proxy.tlsConfig; // @ts-ignore - get protected property const serverTLSConfig1 = grpcServerClient.tlsConfig; const expectedTLSConfig1: TLSConfig = { @@ -116,7 +112,6 @@ describe('keysKeyPairReset', () => { const nodeIdStatus1 = (await status.readStatus())!.data.nodeId; expect(mockedRefreshBuckets.mock.calls).toHaveLength(0); expect(fwdTLSConfig1).toEqual(expectedTLSConfig1); - expect(revTLSConfig1).toEqual(expectedTLSConfig1); expect(serverTLSConfig1).toEqual(expectedTLSConfig1); expect(nodeId1.equals(nodeIdStatus1)).toBe(true); // Run command @@ -130,9 +125,7 @@ describe('keysKeyPairReset', () => { const rootKeyPair2 = keyManager.getRootKeyPairPem(); const nodeId2 = keyManager.getNodeId(); // @ts-ignore - get protected property - const fwdTLSConfig2 = fwdProxy.tlsConfig; - // @ts-ignore - get protected property - const revTLSConfig2 = revProxy.tlsConfig; + const fwdTLSConfig2 = proxy.tlsConfig; // @ts-ignore - get protected property const serverTLSConfig2 = grpcServerClient.tlsConfig; const expectedTLSConfig2: TLSConfig = { @@ -142,7 +135,6 @@ describe('keysKeyPairReset', () => { const nodeIdStatus2 = (await status.readStatus())!.data.nodeId; expect(mockedRefreshBuckets.mock.calls).toHaveLength(1); expect(fwdTLSConfig2).toEqual(expectedTLSConfig2); - expect(revTLSConfig2).toEqual(expectedTLSConfig2); expect(serverTLSConfig2).toEqual(expectedTLSConfig2); expect(rootKeyPair2.privateKey).not.toBe(rootKeyPair1.privateKey); expect(rootKeyPair2.publicKey).not.toBe(rootKeyPair1.publicKey); diff --git a/tests/client/service/nodesAdd.test.ts b/tests/client/service/nodesAdd.test.ts index 97c2d2cb4..1cd51eb05 100644 --- a/tests/client/service/nodesAdd.test.ts +++ b/tests/client/service/nodesAdd.test.ts @@ -10,8 +10,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import nodesAdd from '@/client/service/nodesAdd'; @@ -52,8 +52,8 @@ describe('nodesAdd', () => { let nodeConnectionManager: NodeConnectionManager; let nodeManager: NodeManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -73,24 +73,17 @@ describe('nodesAdd', () => { dbPath, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -105,8 +98,7 @@ describe('nodesAdd', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -145,8 +137,7 @@ describe('nodesAdd', () => { await nodeGraph.stop(); await nodeConnectionManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await db.stop(); await keyManager.stop(); await fs.promises.rm(dataDir, { diff --git a/tests/client/service/nodesClaim.test.ts b/tests/client/service/nodesClaim.test.ts index ea2d926e3..07d41e500 100644 --- a/tests/client/service/nodesClaim.test.ts +++ b/tests/client/service/nodesClaim.test.ts @@ -14,8 +14,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import nodesClaim from '@/client/service/nodesClaim'; @@ -81,8 +81,8 @@ describe('nodesClaim', () => { let notificationsManager: NotificationsManager; let acl: ACL; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -106,24 +106,17 @@ describe('nodesClaim', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -138,8 +131,7 @@ describe('nodesClaim', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -189,8 +181,7 @@ describe('nodesClaim', () => { await nodeGraph.stop(); await notificationsManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await acl.stop(); await db.stop(); await keyManager.stop(); diff --git a/tests/client/service/nodesFind.test.ts b/tests/client/service/nodesFind.test.ts index b64d9dd35..1197638f5 100644 --- a/tests/client/service/nodesFind.test.ts +++ b/tests/client/service/nodesFind.test.ts @@ -9,8 +9,8 @@ import KeyManager from '@/keys/KeyManager'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import nodesFind from '@/client/service/nodesFind'; @@ -56,8 +56,8 @@ describe('nodesFind', () => { let nodeGraph: NodeGraph; let nodeConnectionManager: NodeConnectionManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -77,24 +77,17 @@ describe('nodesFind', () => { dbPath, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -109,8 +102,7 @@ describe('nodesFind', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -141,8 +133,7 @@ describe('nodesFind', () => { await sigchain.stop(); await nodeGraph.stop(); await nodeConnectionManager.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await db.stop(); await keyManager.stop(); await fs.promises.rm(dataDir, { diff --git a/tests/client/service/nodesPing.test.ts b/tests/client/service/nodesPing.test.ts index f653eb62d..0bfcabc97 100644 --- a/tests/client/service/nodesPing.test.ts +++ b/tests/client/service/nodesPing.test.ts @@ -10,8 +10,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCServer from '@/grpc/GRPCServer'; import GRPCClientClient from '@/client/GRPCClientClient'; import nodesPing from '@/client/service/nodesPing'; @@ -57,8 +57,8 @@ describe('nodesPing', () => { let nodeConnectionManager: NodeConnectionManager; let nodeManager: NodeManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -78,24 +78,17 @@ describe('nodesPing', () => { dbPath, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -110,8 +103,7 @@ describe('nodesPing', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -150,8 +142,7 @@ describe('nodesPing', () => { await sigchain.stop(); await nodeGraph.stop(); await nodeConnectionManager.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await db.stop(); await keyManager.stop(); await fs.promises.rm(dataDir, { diff --git a/tests/client/service/notificationsClear.test.ts b/tests/client/service/notificationsClear.test.ts index 2b32d03e1..2fab2e233 100644 --- a/tests/client/service/notificationsClear.test.ts +++ b/tests/client/service/notificationsClear.test.ts @@ -11,8 +11,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import NotificationsManager from '@/notifications/NotificationsManager'; import ACL from '@/acl/ACL'; import GRPCClientClient from '@/client/GRPCClientClient'; @@ -58,8 +58,8 @@ describe('notificationsClear', () => { let notificationsManager: NotificationsManager; let acl: ACL; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -83,24 +83,17 @@ describe('notificationsClear', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -115,8 +108,7 @@ describe('notificationsClear', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -165,8 +157,7 @@ describe('notificationsClear', () => { await nodeGraph.stop(); await nodeConnectionManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await acl.stop(); await db.stop(); await keyManager.stop(); diff --git a/tests/client/service/notificationsRead.test.ts b/tests/client/service/notificationsRead.test.ts index c5442b973..1b77af1a3 100644 --- a/tests/client/service/notificationsRead.test.ts +++ b/tests/client/service/notificationsRead.test.ts @@ -12,8 +12,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import NotificationsManager from '@/notifications/NotificationsManager'; import ACL from '@/acl/ACL'; import GRPCClientClient from '@/client/GRPCClientClient'; @@ -132,8 +132,8 @@ describe('notificationsRead', () => { let notificationsManager: NotificationsManager; let acl: ACL; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -157,24 +157,17 @@ describe('notificationsRead', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -189,8 +182,7 @@ describe('notificationsRead', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -239,8 +231,7 @@ describe('notificationsRead', () => { await sigchain.stop(); await nodeGraph.stop(); await nodeConnectionManager.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await acl.stop(); await db.stop(); await keyManager.stop(); diff --git a/tests/client/service/notificationsSend.test.ts b/tests/client/service/notificationsSend.test.ts index 7786f69fe..01764d368 100644 --- a/tests/client/service/notificationsSend.test.ts +++ b/tests/client/service/notificationsSend.test.ts @@ -12,8 +12,7 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import Sigchain from '@/sigchain/Sigchain'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import NotificationsManager from '@/notifications/NotificationsManager'; import ACL from '@/acl/ACL'; import GRPCClientClient from '@/client/GRPCClientClient'; @@ -69,8 +68,7 @@ describe('notificationsSend', () => { let notificationsManager: NotificationsManager; let acl: ACL; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let db: DB; let keyManager: KeyManager; let grpcServer: GRPCServer; @@ -94,24 +92,17 @@ describe('notificationsSend', () => { db, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ - serverHost: '1.1.1.1' as Host, - serverPort: 1 as Port, + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: '127.0.0.1' as Host, + serverPort: 0 as Port, }); sigchain = await Sigchain.createSigchain({ db, @@ -126,8 +117,7 @@ describe('notificationsSend', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -176,8 +166,7 @@ describe('notificationsSend', () => { await nodeGraph.stop(); await nodeConnectionManager.stop(); await sigchain.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await acl.stop(); await db.stop(); await keyManager.stop(); diff --git a/tests/client/utils.ts b/tests/client/utils.ts index 71d81d943..247b1da8b 100644 --- a/tests/client/utils.ts +++ b/tests/client/utils.ts @@ -37,8 +37,7 @@ async function openTestClientServer({ discovery: pkAgent.discovery, sigchain: pkAgent.sigchain, acl: pkAgent.acl, - fwdProxy: pkAgent.fwdProxy, - revProxy: pkAgent.revProxy, + proxy: pkAgent.proxy, grpcServerClient: pkAgent.grpcServerClient, grpcServerAgent: pkAgent.grpcServerAgent, fs: pkAgent.fs, diff --git a/tests/discovery/Discovery.test.ts b/tests/discovery/Discovery.test.ts index 3f56a17a4..70c4641dd 100644 --- a/tests/discovery/Discovery.test.ts +++ b/tests/discovery/Discovery.test.ts @@ -15,7 +15,7 @@ import { NodeConnectionManager, NodeGraph, NodeManager } from '@/nodes'; import { KeyManager } from '@/keys'; import { ACL } from '@/acl'; import { Sigchain } from '@/sigchain'; -import { ForwardProxy, ReverseProxy } from '@/network'; +import Proxy from '@/network/Proxy'; import { poll } from '@/utils'; import * as nodesUtils from '@/nodes/utils'; import * as claimsUtils from '@/claims/utils'; @@ -53,8 +53,7 @@ describe('Discovery', () => { let acl: ACL; let keyManager: KeyManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; // Other gestalt let nodeA: PolykeyAgent; let nodeB: PolykeyAgent; @@ -112,23 +111,15 @@ describe('Discovery', () => { keyManager, logger: logger.getChild('sigChain'), }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'abc123', logger: logger.getChild('fwxProxy'), }); - await fwdProxy.start({ - proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, - }); - revProxy = new ReverseProxy({ logger: logger.getChild('revProxy') }); - await revProxy.start({ + await proxy.start({ + forwardHost: '127.0.0.1' as Host, serverHost: '127.0.0.1' as Host, - serverPort: 55555 as Port, - ingressHost: '127.0.0.1' as Host, + serverPort: 0 as Port, + proxyHost: '127.0.0.1' as Host, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -142,8 +133,7 @@ describe('Discovery', () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 2000, connTimeoutTime: 2000, logger: logger.getChild('NodeConnectionManager'), @@ -163,8 +153,7 @@ describe('Discovery', () => { nodePath: path.join(dataDir, 'nodeA'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -178,8 +167,7 @@ describe('Discovery', () => { nodePath: path.join(dataDir, 'nodeB'), networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, @@ -190,8 +178,8 @@ describe('Discovery', () => { }); await testNodesUtils.nodesConnect(nodeA, nodeB); await nodeGraph.setNode(nodeA.keyManager.getNodeId(), { - host: nodeA.revProxy.getIngressHost(), - port: nodeA.revProxy.getIngressPort(), + host: nodeA.proxy.getProxyHost(), + port: nodeA.proxy.getProxyPort(), }); await nodeA.nodeManager.claimNode(nodeB.keyManager.getNodeId()); nodeA.identitiesManager.registerProvider(testProvider); @@ -215,8 +203,7 @@ describe('Discovery', () => { await nodeB.stop(); await nodeConnectionManager.stop(); await nodeGraph.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await sigchain.stop(); await identitiesManager.stop(); await gestaltGraph.stop(); diff --git a/tests/network/ForwardProxy.test.ts b/tests/network/Proxy.test.ts similarity index 65% rename from tests/network/ForwardProxy.test.ts rename to tests/network/Proxy.test.ts index a1f9e2377..ec5d17e86 100644 --- a/tests/network/ForwardProxy.test.ts +++ b/tests/network/Proxy.test.ts @@ -1,4 +1,4 @@ -import type { Socket } from 'net'; +import type { Socket, AddressInfo } from 'net'; import type { KeyPairPem } from '@/keys/types'; import type { Host, Port } from '@/network/types'; import http from 'http'; @@ -7,7 +7,7 @@ import tls from 'tls'; import UTP from 'utp-native'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import { - ForwardProxy, + Proxy, utils as networkUtils, errors as networkErrors, } from '@/network'; @@ -18,7 +18,7 @@ import * as testUtils from '../utils'; /** * Mock HTTP Connect Request - * This is what clients to the ForwardProxy should be doing + * This is what clients to the Proxy should be doing * Returns the network socket established * @throws Error on failure to connect, may contain status code as message */ @@ -54,8 +54,63 @@ async function httpConnect( return socket; } -describe(ForwardProxy.name, () => { - const logger = new Logger(`${ForwardProxy.name} test`, LogLevel.WARN, [ +/** + * Mock TCP server + * This is the server that the Proxy will be proxying to + */ +function tcpServer(end: boolean = false) { + const { p: serverConnP, resolveP: resolveServerConnP } = promise(); + const { p: serverConnEndP, resolveP: resolveServerConnEndP } = + promise(); + const { p: serverConnClosedP, resolveP: resolveServerConnClosedP } = + promise(); + const server = net.createServer( + { + allowHalfOpen: false, + }, + (conn) => { + resolveServerConnP(); + conn.on('end', () => { + resolveServerConnEndP(); + conn.end(); + conn.destroy(); + }); + conn.once('close', () => { + resolveServerConnClosedP(); + }); + if (end) { + conn.removeAllListeners('end'); + conn.on('end', () => { + resolveServerConnEndP(); + conn.destroy(); + }); + conn.end(); + } + }, + ); + const serverClose = promisify(server.close).bind(server); + const serverListen = promisify(server.listen).bind(server); + const serverHost = () => { + return (server.address() as AddressInfo).address as Host; + }; + const serverPort = () => { + return (server.address() as AddressInfo).port as Port; + }; + return { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + }; +} + +describe(Proxy.name, () => { + const localHost = '127.0.0.1' as Host; + const port = 0 as Port; + const logger = new Logger(`${Proxy.name} test`, LogLevel.WARN, [ new StreamHandler(), ]); const nodeIdABC = testUtils.generateRandomNodeId(); @@ -77,70 +132,78 @@ describe(ForwardProxy.name, () => { ); certPem = keysUtils.certToPem(cert); }); - test('forward proxy readiness', async () => { - const fwdProxy = new ForwardProxy({ + test('proxy readiness', async () => { + const proxy = new Proxy({ authToken, logger, }); // Should be a noop (already stopped) - await fwdProxy.stop(); - await fwdProxy.start({ + await proxy.stop(); + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, - }); - expect(typeof fwdProxy.getProxyHost()).toBe('string'); - expect(typeof fwdProxy.getProxyPort()).toBe('number'); - expect(fwdProxy.getProxyPort()).toBeGreaterThan(0); - expect(typeof fwdProxy.getEgressHost()).toBe('string'); - expect(typeof fwdProxy.getEgressPort()).toBe('number'); - expect(fwdProxy.getEgressPort()).toBeGreaterThan(0); - expect(fwdProxy.getConnectionCount()).toBe(0); + serverHost: localHost, + serverPort: port, + }); + expect(typeof proxy.getForwardHost()).toBe('string'); + expect(typeof proxy.getForwardPort()).toBe('number'); + expect(proxy.getForwardPort()).toBeGreaterThan(0); + expect(typeof proxy.getProxyHost()).toBe('string'); + expect(typeof proxy.getProxyPort()).toBe('number'); + expect(proxy.getProxyPort()).toBeGreaterThan(0); + expect(proxy.getConnectionForwardCount()).toBe(0); // Should be a noop (already started) - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - await fwdProxy.stop(); + await proxy.stop(); expect(() => { - fwdProxy.getProxyHost(); - }).toThrow(networkErrors.ErrorForwardProxyNotRunning); + proxy.getForwardHost(); + }).toThrow(networkErrors.ErrorProxyNotRunning); await expect(async () => { - await fwdProxy.closeConnection('::1' as Host, 1 as Port); - }).rejects.toThrow(networkErrors.ErrorForwardProxyNotRunning); + await proxy.closeConnectionForward('::1' as Host, 1 as Port); + }).rejects.toThrow(networkErrors.ErrorProxyNotRunning); // Start it again - await fwdProxy.start({ - proxyHost: '::1' as Host, + await proxy.start({ + forwardHost: '::1' as Host, + serverHost: localHost, + serverPort: port, tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, }); - expect(fwdProxy.getProxyHost()).toBe('::1'); - await fwdProxy.stop(); + expect(proxy.getForwardHost()).toBe('::1'); + await proxy.stop(); }); test('HTTP CONNECT bad request failures to the forward proxy', async () => { // The forward proxy will emit error logs when this occurs // In production these connect errors should never happen - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy CONNECT bad request'), + logger: logger.getChild('Proxy CONNECT bad request'), }); - await fwdProxy.start({ - proxyHost: '::1' as Host, + await proxy.start({ + forwardHost: '::1' as Host, tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); // Incorrect auth token await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), 'incorrect auth token', `127.0.0.1:80?nodeId=${encodeURIComponent(nodeIdSomeEncoded)}`, ), @@ -148,8 +211,8 @@ describe(ForwardProxy.name, () => { // No node id await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, '127.0.0.1:80', ), @@ -157,56 +220,60 @@ describe(ForwardProxy.name, () => { // Missing target await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `?nodeId=${encodeURIComponent(nodeIdSomeEncoded)}`, ), ).rejects.toThrow('400'); - await fwdProxy.stop(); + await proxy.stop(); }); test('connection to port 0 fails', async () => { - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy port 0'), + logger: logger.getChild('Proxy port 0'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); // Cannot open connection to port 0 await expect(() => - fwdProxy.openConnection(nodeIdABC, '127.0.0.1' as Host, 0 as Port), + proxy.openConnectionForward(nodeIdABC, '127.0.0.1' as Host, 0 as Port), ).rejects.toThrow(networkErrors.ErrorConnectionStart); await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `127.0.0.1:0?nodeId=${encodeURIComponent(nodeIdABCEncoded)}`, ), ).rejects.toThrow('502'); - await fwdProxy.stop(); + await proxy.stop(); }); test('connection start timeout due to hanging remote', async () => { // 1 seconds to wait to establish a connection // Must reduce the ping interval time to 100ms // Also reduce the end tome to 100ms // So that we can test timeouts quicker - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, connConnectTime: 1000, connKeepAliveIntervalTime: 100, connEndTime: 100, - logger: logger.getChild('ForwardProxy connection timeout'), + logger: logger.getChild('Proxy connection timeout'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); // This UTP server will just hang and not respond let recievedCount = 0; @@ -219,7 +286,7 @@ describe(ForwardProxy.name, () => { await utpSocketHangListen(0, '127.0.0.1'); const utpSocketHangPort = utpSocketHang.address().port; await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdABC, '127.0.0.1' as Host, utpSocketHangPort as Port, @@ -229,7 +296,7 @@ describe(ForwardProxy.name, () => { // Can override the timer const timer = timerStart(2000); await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdABC, '127.0.0.1' as Host, utpSocketHangPort as Port, @@ -240,8 +307,8 @@ describe(ForwardProxy.name, () => { expect(recievedCount).toBe(2); await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `127.0.0.1:${utpSocketHangPort}?nodeId=${encodeURIComponent( nodeIdABCEncoded, @@ -251,18 +318,20 @@ describe(ForwardProxy.name, () => { expect(recievedCount).toBe(3); utpSocketHang.close(); utpSocketHang.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('connection reset due to ending remote', async () => { - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy connection reset'), + logger: logger.getChild('Proxy connection reset'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); // This UTP Server will immediately end and destroy // the connection upon receiving a connection @@ -278,7 +347,7 @@ describe(ForwardProxy.name, () => { await utpSocketEndListen(0, '127.0.0.1'); const utpSocketEndPort = utpSocketEnd.address().port; await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdABC, '127.0.0.1' as Host, utpSocketEndPort as Port, @@ -287,7 +356,7 @@ describe(ForwardProxy.name, () => { expect(recievedCount).toBe(1); // The actual error is UTP_ECONNRESET to be precise await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdABC, '127.0.0.1' as Host, utpSocketEndPort as Port, @@ -297,8 +366,8 @@ describe(ForwardProxy.name, () => { // 502 Bad Gateway on HTTP Connect await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `127.0.0.1:${utpSocketEndPort}?nodeId=${encodeURIComponent( nodeIdABCEncoded, @@ -308,21 +377,23 @@ describe(ForwardProxy.name, () => { expect(recievedCount).toBe(3); utpSocketEnd.close(); utpSocketEnd.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('open connection fails due to missing certificates', async () => { - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy missing certificates'), + logger: logger.getChild('Proxy missing certificates'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteClosedP, resolveP: resolveRemoteClosedP } = promise(); @@ -380,16 +451,16 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); // This is a TLS handshake failure await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdRandom, utpSocketHost as Host, utpSocketPort as Port, @@ -412,21 +483,23 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT fails due to missing certificates', async () => { - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy missing certificates'), + logger: logger.getChild('Proxy missing certificates'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteClosedP, resolveP: resolveRemoteClosedP } = promise(); @@ -484,18 +557,18 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); // This is an TLS handshake failure await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( nodeIdSomeEncoded, @@ -519,7 +592,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('open connection fails due to invalid node id', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -531,18 +604,20 @@ describe(ForwardProxy.name, () => { 86400, ); const serverCertPem = keysUtils.certToPem(serverCert); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy invalid node id'), + logger: logger.getChild('Proxy invalid node id'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteClosedP, resolveP: resolveRemoteClosedP } = promise(); @@ -603,15 +678,15 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(() => - fwdProxy.openConnection( + proxy.openConnectionForward( nodeIdRandom, utpSocketHost as Host, utpSocketPort as Port, @@ -619,7 +694,7 @@ describe(ForwardProxy.name, () => { ).rejects.toThrow(networkErrors.ErrorCertChainUnclaimed); await expect(remoteReadyP).resolves.toBeUndefined(); expect(secured).toBe(true); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(remoteClosedP).resolves.toBeUndefined(); expect(utpConnError.mock.calls.length).toBe(0); // No TLS socket errors this time @@ -633,7 +708,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT fails due to invalid node id', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -645,18 +720,20 @@ describe(ForwardProxy.name, () => { 86400, ); const serverCertPem = keysUtils.certToPem(serverCert); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, - logger: logger.getChild('ForwardProxy invalid node id'), + logger: logger.getChild('Proxy invalid node id'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteClosedP, resolveP: resolveRemoteClosedP } = promise(); @@ -717,17 +794,17 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(() => httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( nodeIdSomeEncoded, @@ -736,7 +813,7 @@ describe(ForwardProxy.name, () => { ).rejects.toThrow('526'); await expect(remoteReadyP).resolves.toBeUndefined(); expect(secured).toBe(true); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(remoteClosedP).resolves.toBeUndefined(); expect(utpConnError.mock.calls.length).toBe(0); // No TLS socket errors this time @@ -750,7 +827,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('open connection success - forward initiates end', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -763,20 +840,22 @@ describe(ForwardProxy.name, () => { ); const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger: logger.getChild( - 'ForwardProxy open connection success - forward initiates end', + 'Proxy open connection success - forward initiates end', ), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -839,14 +918,14 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); - await fwdProxy.openConnection( + expect(proxy.getConnectionForwardCount()).toBe(0); + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, @@ -854,17 +933,17 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); // Opening a duplicate connection is noop - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(1); - await fwdProxy.closeConnection( + expect(proxy.getConnectionForwardCount()).toBe(1); + await proxy.closeConnectionForward( utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(remoteClosedP).resolves.toBeUndefined(); expect(utpConnError.mock.calls.length).toBe(0); expect(tlsSocketError.mock.calls.length).toBe(0); @@ -874,7 +953,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('open connection success - reverse initiates end', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -887,21 +966,23 @@ describe(ForwardProxy.name, () => { ); const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, connEndTime: 5000, logger: logger.getChild( - 'ForwardProxy open connection success - reverse initiates end', + 'Proxy open connection success - reverse initiates end', ), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -967,14 +1048,14 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); - await fwdProxy.openConnection( + expect(proxy.getConnectionForwardCount()).toBe(0); + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, @@ -982,12 +1063,12 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); // Opening a duplicate connection is noop - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(1); + expect(proxy.getConnectionForwardCount()).toBe(1); // Start the graceful ending of the tls socket logger.debug('Reverse: begins tlsSocket ending'); const { p: endP, resolveP: resolveEndP } = promise(); @@ -1003,7 +1084,7 @@ describe(ForwardProxy.name, () => { await expect( poll( async () => { - return fwdProxy.getConnectionCount(); + return proxy.getConnectionForwardCount(); }, (_, result) => { if (result === 0) return true; @@ -1022,7 +1103,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT success - forward initiates end', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1036,20 +1117,22 @@ describe(ForwardProxy.name, () => { const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; const serverNodeIdEncoded = nodesUtils.encodeNodeId(serverNodeId); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger: logger.getChild( - 'ForwardProxy HTTP CONNECT success - forward initiates end', + 'Proxy HTTP CONNECT success - forward initiates end', ), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1112,16 +1195,16 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); const clientSocket = await httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( serverNodeIdEncoded, @@ -1130,8 +1213,8 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); expect(clientSocket).toBeInstanceOf(net.Socket); - expect(clientSocket.remoteAddress).toBe(fwdProxy.getProxyHost()); - expect(clientSocket.remotePort).toBe(fwdProxy.getProxyPort()); + expect(clientSocket.remoteAddress).toBe(proxy.getForwardHost()); + expect(clientSocket.remotePort).toBe(proxy.getForwardPort()); const { p: localClosedP, resolveP: resolveLocalClosedP } = promise(); // Normal sockets defaults to `allowHalfOpen: false` // Therefore this isn't strictly necessary @@ -1147,17 +1230,17 @@ describe(ForwardProxy.name, () => { resolveLocalClosedP(); }); // Opening a duplicate connection is noop - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(1); - await fwdProxy.closeConnection( + expect(proxy.getConnectionForwardCount()).toBe(1); + await proxy.closeConnectionForward( utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); expect(clientSocketEnd.mock.calls.length).toBe(1); await expect(localClosedP).resolves.toBeUndefined(); await expect(remoteClosedP).resolves.toBeUndefined(); @@ -1169,7 +1252,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT success - reverse initiates end', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1183,20 +1266,22 @@ describe(ForwardProxy.name, () => { const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; const serverNodeIdEncoded = nodesUtils.encodeNodeId(serverNodeId); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger: logger.getChild( - 'ForwardProxy HTTP CONNECT success - reverse initiates end', + 'Proxy HTTP CONNECT success - reverse initiates end', ), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1262,16 +1347,16 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); const clientSocket = await httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( serverNodeIdEncoded, @@ -1280,8 +1365,8 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); expect(clientSocket).toBeInstanceOf(net.Socket); - expect(clientSocket.remoteAddress).toBe(fwdProxy.getProxyHost()); - expect(clientSocket.remotePort).toBe(fwdProxy.getProxyPort()); + expect(clientSocket.remoteAddress).toBe(proxy.getForwardHost()); + expect(clientSocket.remotePort).toBe(proxy.getForwardPort()); const { p: localClosedP, resolveP: resolveLocalClosedP } = promise(); // Normal sockets defaults to `allowHalfOpen: false` // Therefore this isn't strictly necessary @@ -1297,12 +1382,12 @@ describe(ForwardProxy.name, () => { resolveLocalClosedP(); }); // Opening a duplicate connection is noop - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(1); + expect(proxy.getConnectionForwardCount()).toBe(1); // Start the graceful ending of the tls socket logger.debug('Reverse: begins tlsSocket ending'); const { p: endP, resolveP: resolveEndP } = promise(); @@ -1320,7 +1405,7 @@ describe(ForwardProxy.name, () => { await expect( poll( async () => { - return fwdProxy.getConnectionCount(); + return proxy.getConnectionForwardCount(); }, (_, result) => { if (result === 0) return true; @@ -1339,7 +1424,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT success - client initiates end', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1353,20 +1438,22 @@ describe(ForwardProxy.name, () => { const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; const serverNodeIdEncoded = nodesUtils.encodeNodeId(serverNodeId); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger: logger.getChild( - 'ForwardProxy HTTP CONNECT success - client initiates end', + 'Proxy HTTP CONNECT success - client initiates end', ), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1429,16 +1516,16 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); const clientSocket = await httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( serverNodeIdEncoded, @@ -1447,19 +1534,19 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); expect(clientSocket).toBeInstanceOf(net.Socket); - expect(clientSocket.remoteAddress).toBe(fwdProxy.getProxyHost()); - expect(clientSocket.remotePort).toBe(fwdProxy.getProxyPort()); + expect(clientSocket.remoteAddress).toBe(proxy.getForwardHost()); + expect(clientSocket.remotePort).toBe(proxy.getForwardPort()); const { p: localClosedP, resolveP: resolveLocalClosedP } = promise(); clientSocket.on('close', () => { resolveLocalClosedP(); }); // Opening a duplicate connection is noop - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(1); + expect(proxy.getConnectionForwardCount()).toBe(1); const { p: endP, resolveP: resolveEndP } = promise(); // By default net sockets have `allowHalfOpen: false` // Here we override the behaviour by removing the end listener @@ -1479,7 +1566,7 @@ describe(ForwardProxy.name, () => { await expect( poll( async () => { - return fwdProxy.getConnectionCount(); + return proxy.getConnectionForwardCount(); }, (_, result) => { if (result === 0) return true; @@ -1496,7 +1583,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT success by opening connection first', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1510,18 +1597,20 @@ describe(ForwardProxy.name, () => { const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; const serverNodeIdEncoded = nodesUtils.encodeNodeId(serverNodeId); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1583,13 +1672,13 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, @@ -1597,21 +1686,21 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); const clientSocket = await httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( serverNodeIdEncoded, )}`, ); expect(clientSocket).toBeInstanceOf(net.Socket); - expect(clientSocket.remoteAddress).toBe(fwdProxy.getProxyHost()); - expect(clientSocket.remotePort).toBe(fwdProxy.getProxyPort()); + expect(clientSocket.remoteAddress).toBe(proxy.getForwardHost()); + expect(clientSocket.remotePort).toBe(proxy.getForwardPort()); const { p: localClosedP, resolveP: resolveLocalClosedP } = promise(); clientSocket.on('close', () => { resolveLocalClosedP(); }); - await fwdProxy.closeConnection( + await proxy.closeConnectionForward( utpSocketHost as Host, utpSocketPort as Port, ); @@ -1625,7 +1714,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('open connection keepalive timeout', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1638,20 +1727,22 @@ describe(ForwardProxy.name, () => { ); const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, connKeepAliveTimeoutTime: 1000, connKeepAliveIntervalTime: 100, - logger: logger.getChild('ForwardProxy open connection keepalive timeout'), + logger: logger.getChild('Proxy open connection keepalive timeout'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1714,21 +1805,21 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); - await fwdProxy.openConnection( + expect(proxy.getConnectionForwardCount()).toBe(0); + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); - expect(fwdProxy.getConnectionCount()).toBe(1); + expect(proxy.getConnectionForwardCount()).toBe(1); // When ErrorConnectionTimeout is triggered // This results in the destruction of the socket await expect(remoteClosedP).resolves.toBeUndefined(); @@ -1740,7 +1831,7 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); test('HTTP CONNECT keepalive timeout', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); @@ -1754,20 +1845,22 @@ describe(ForwardProxy.name, () => { const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; const serverNodeIdEncoded = nodesUtils.encodeNodeId(serverNodeId); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, connKeepAliveTimeoutTime: 1000, connKeepAliveIntervalTime: 100, - logger: logger.getChild('ForwardProxy HTTP CONNECT keepalive timeout'), + logger: logger.getChild('Proxy HTTP CONNECT keepalive timeout'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1830,16 +1923,16 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); const clientSocket = await httpConnect( - fwdProxy.getProxyHost(), - fwdProxy.getProxyPort(), + proxy.getForwardHost(), + proxy.getForwardPort(), authToken, `${utpSocketHost}:${utpSocketPort}?nodeId=${encodeURIComponent( serverNodeIdEncoded, @@ -1848,13 +1941,13 @@ describe(ForwardProxy.name, () => { await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); expect(clientSocket).toBeInstanceOf(net.Socket); - expect(clientSocket.remoteAddress).toBe(fwdProxy.getProxyHost()); - expect(clientSocket.remotePort).toBe(fwdProxy.getProxyPort()); + expect(clientSocket.remoteAddress).toBe(proxy.getForwardHost()); + expect(clientSocket.remotePort).toBe(proxy.getForwardPort()); const { p: localClosedP, resolveP: resolveLocalClosedP } = promise(); clientSocket.on('close', () => { resolveLocalClosedP(); }); - expect(fwdProxy.getConnectionCount()).toBe(1); + expect(proxy.getConnectionForwardCount()).toBe(1); // When ErrorConnectionTimeout is triggered // This results in the destruction of the socket await expect(localClosedP).resolves.toBeUndefined(); @@ -1863,7 +1956,7 @@ describe(ForwardProxy.name, () => { await expect( poll( async () => { - return fwdProxy.getConnectionCount(); + return proxy.getConnectionForwardCount(); }, (_, result) => { if (result === 0) return true; @@ -1880,9 +1973,9 @@ describe(ForwardProxy.name, () => { utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); - await fwdProxy.stop(); + await proxy.stop(); }); - test('stopping the proxy with open connections', async () => { + test('stopping the proxy with open forward connections', async () => { const serverKeyPair = await keysUtils.generateKeyPair(1024); const serverKeyPairPem = keysUtils.keyPairToPem(serverKeyPair); const serverCert = keysUtils.generateCertificate( @@ -1893,18 +1986,20 @@ describe(ForwardProxy.name, () => { ); const serverCertPem = keysUtils.certToPem(serverCert); const serverNodeId = keysUtils.certNodeId(serverCert)!; - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); const { p: remoteReadyP, resolveP: resolveRemoteReadyP } = promise(); const { p: remoteSecureP, resolveP: resolveRemoteSecureP } = promise(); @@ -1953,23 +2048,23 @@ describe(ForwardProxy.name, () => { utpSocket.on('message', handleMessage); const send = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen = promisify(utpSocket.listen).bind(utpSocket); await utpSocketListen(0, '127.0.0.1'); const utpSocketHost = utpSocket.address().address; const utpSocketPort = utpSocket.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); - await fwdProxy.openConnection( + expect(proxy.getConnectionForwardCount()).toBe(0); + await proxy.openConnectionForward( serverNodeId, utpSocketHost as Host, utpSocketPort as Port, ); await expect(remoteReadyP).resolves.toBeUndefined(); await expect(remoteSecureP).resolves.toBeUndefined(); - expect(fwdProxy.getConnectionCount()).toBe(1); - await fwdProxy.stop(); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(1); + await proxy.stop(); + expect(proxy.getConnectionForwardCount()).toBe(0); utpSocket.off('message', handleMessage); utpSocket.close(); utpSocket.unref(); @@ -1998,18 +2093,20 @@ describe(ForwardProxy.name, () => { ); const serverCertPem2 = keysUtils.certToPem(serverCert2); const serverNodeId2 = keysUtils.certNodeId(serverCert2)!; - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken, logger, }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, }, + serverHost: localHost, + serverPort: port, }); - const egressHost = fwdProxy.getEgressHost(); - const egressPort = fwdProxy.getEgressPort(); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); // First signals const { p: remoteReadyP1, resolveP: resolveRemoteReadyP1 } = promise(); @@ -2057,7 +2154,7 @@ describe(ForwardProxy.name, () => { utpSocket1.on('message', handleMessage1); const send1 = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket1.send).bind(utpSocket1); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen1 = promisify(utpSocket1.listen).bind(utpSocket1); await utpSocketListen1(0, '127.0.0.1'); @@ -2100,35 +2197,35 @@ describe(ForwardProxy.name, () => { utpSocket2.on('message', handleMessage2); const send2 = async (data: Buffer) => { const utpSocketSend = promisify(utpSocket2.send).bind(utpSocket2); - await utpSocketSend(data, 0, data.byteLength, egressPort, egressHost); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); }; const utpSocketListen2 = promisify(utpSocket2.listen).bind(utpSocket2); await utpSocketListen2(0, '127.0.0.1'); const utpSocketHost2 = utpSocket2.address().address; const utpSocketPort2 = utpSocket2.address().port; - expect(fwdProxy.getConnectionCount()).toBe(0); - await fwdProxy.openConnection( + expect(proxy.getConnectionForwardCount()).toBe(0); + await proxy.openConnectionForward( serverNodeId1, utpSocketHost1 as Host, utpSocketPort1 as Port, ); - await fwdProxy.openConnection( + await proxy.openConnectionForward( serverNodeId2, utpSocketHost2 as Host, utpSocketPort2 as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(2); + expect(proxy.getConnectionForwardCount()).toBe(2); await expect(remoteReadyP1).resolves.toBeUndefined(); await expect(remoteReadyP2).resolves.toBeUndefined(); - await fwdProxy.closeConnection( + await proxy.closeConnectionForward( utpSocketHost1 as Host, utpSocketPort1 as Port, ); - await fwdProxy.closeConnection( + await proxy.closeConnectionForward( utpSocketHost2 as Host, utpSocketPort2 as Port, ); - expect(fwdProxy.getConnectionCount()).toBe(0); + expect(proxy.getConnectionForwardCount()).toBe(0); await expect(remoteClosedP1).resolves.toBeUndefined(); await expect(remoteClosedP2).resolves.toBeUndefined(); utpSocket1.off('message', handleMessage1); @@ -2137,6 +2234,696 @@ describe(ForwardProxy.name, () => { utpSocket2.off('message', handleMessage2); utpSocket2.close(); utpSocket2.unref(); - await fwdProxy.stop(); + await proxy.stop(); + }); + + test('open connection to port 0 fails', async () => { + const proxy = new Proxy({ + logger: logger.getChild('Proxy port 0'), + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + await expect( + proxy.openConnectionReverse('127.0.0.1' as Host, 0 as Port), + ).rejects.toThrow(networkErrors.ErrorConnectionStart); + await expect(serverConnP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + await proxy.stop(); + await serverClose(); + }); + test('open connection timeout due to lack of ready signal', async () => { + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + // This UTP client will just hang and not respond + const utpSocket = UTP(); + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + const timer = timerStart(3000); + await expect( + proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + timer, + ), + ).rejects.toThrow(networkErrors.ErrorConnectionStartTimeout); + timerStop(timer); + await expect(serverConnP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('open connection success', async () => { + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + const utpSocket = UTP(); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(1); + await proxy.closeConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + await expect(serverConnP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('open connection to multiple clients', async () => { + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + // First client + const utpSocket1 = UTP(); + const handleMessage1 = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send1(networkUtils.pongBuffer); + } + }; + utpSocket1.on('message', handleMessage1); + const send1 = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket1.send).bind(utpSocket1); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + const utpSocketBind1 = promisify(utpSocket1.bind).bind(utpSocket1); + await utpSocketBind1(0, '127.0.0.1'); + const utpSocketPort1 = utpSocket1.address().port; + // Second client + const utpSocket2 = UTP(); + const handleMessage2 = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send2(networkUtils.pongBuffer); + } + }; + utpSocket2.on('message', handleMessage2); + const send2 = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket2.send).bind(utpSocket2); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + const utpSocketBind2 = promisify(utpSocket2.bind).bind(utpSocket2); + await utpSocketBind2(0, '127.0.0.1'); + const utpSocketPort2 = utpSocket2.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort1 as Port, + ); + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort2 as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(2); + await proxy.closeConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort1 as Port, + ); + await proxy.closeConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort2 as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(0); + await expect(serverConnP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + utpSocket1.off('message', handleMessage1); + utpSocket1.close(); + utpSocket1.unref(); + utpSocket2.off('message', handleMessage2); + utpSocket2.close(); + utpSocket2.unref(); + await proxy.stop(); + await serverClose(); + }); + test('closed connection due to ending server', async () => { + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + // This server will force end + const { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(true); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + const utpSocket = UTP(); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(1); + await expect(serverConnP).resolves.toBeUndefined(); + // The server receives the end confirmation for graceful exit + await expect(serverConnEndP).resolves.toBeUndefined(); + // The server is closed + await expect(serverConnClosedP).resolves.toBeUndefined(); + // The rev proxy won't have this connection + expect(proxy.getConnectionReverseCount()).toBe(0); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('connect timeout due to hanging client', async () => { + // `connConnectTime` will affect ErrorConnectionComposeTimeout + // `connKeepAliveTimeoutTime` will affect ErrorConnectionTimeout which is needed + // This should trigger both ErrorConnectionComposeTimeout and ErrorConnectionTimeout + // ErrorConnectionComposeTimeout results in a failed composition + // ErrorConnectionTimeout results in stopping the connection + // Failing to connect to the open connection doesn't + // automatically mean the connection is destroyed + const proxy = new Proxy({ + connConnectTime: 3000, + connKeepAliveTimeoutTime: 3000, + logger: logger, + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + const utpSocket = UTP(); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(1); + // This retries multiple times + // This will eventually fail and trigger a ErrorConnectionComposeTimeout + const utpConn = utpSocket.connect(proxyPort, proxyHost); + utpConn.setTimeout(2000, () => { + utpConn.emit('error', new Error('TIMED OUT')); + }); + const { p: utpConnClosedP, resolveP: resolveUtpConnClosedP } = + promise(); + const { p: utpConnErrorP, rejectP: rejectUtpConnErrorP } = promise(); + utpConn.on('error', (e) => { + rejectUtpConnErrorP(e); + utpConn.destroy(); + }); + utpConn.on('close', () => { + resolveUtpConnClosedP(); + }); + // The client connection times out + await expect(utpConnErrorP).rejects.toThrow(/TIMED OUT/); + await utpConnClosedP; + await expect(serverConnP).resolves.toBeUndefined(); + await expect(serverConnEndP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + // Connection count should reach 0 eventually + await expect( + poll( + async () => { + return proxy.getConnectionReverseCount(); + }, + (_, result) => { + if (result === 0) return true; + return false; + }, + 100, + ), + ).resolves.toBe(0); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('connect fails due to missing client certificates', async () => { + // `connKeepAliveTimeoutTime` will affect ErrorConnectionTimeout + // Note that failing to connect to the open connection + // doesn't automatically mean the connection is destroyed + // reverse proxy keeps the connection alive until `connKeepAliveTimeoutTime` expires + const proxy = new Proxy({ + connKeepAliveTimeoutTime: 2000, + logger: logger, + authToken: '', + }); + const { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + proxyHost: localHost, + }); + const externalHost = proxy.getProxyHost(); + const externalPort = proxy.getProxyPort(); + const utpSocket = UTP(); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, externalPort, externalHost); + }; + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(1); + const { p: tlsSocketClosedP, resolveP: resolveTlsSocketClosedP } = + promise(); + const utpConn = utpSocket.connect(externalPort, externalHost); + // This will send an empty certificate chain + // Expect `ErrorCertChainEmpty` + let secureConnection = false; + const tlsSocket = tls.connect( + { + socket: utpConn, + rejectUnauthorized: false, + }, + () => { + secureConnection = true; + }, + ); + let errored = false; + tlsSocket.on('error', () => { + errored = true; + tlsSocket.destroy(); + }); + tlsSocket.on('end', () => { + if (utpConn.destroyed) { + tlsSocket.destroy(); + } else { + tlsSocket.end(); + tlsSocket.destroy(); + } + }); + tlsSocket.on('close', () => { + resolveTlsSocketClosedP(); + }); + // Reverse proxy will close the connection + await tlsSocketClosedP; + // We won't receive an error because it will be closed + expect(errored).toBe(false); + expect(secureConnection).toBe(true); + await expect(serverConnP).resolves.toBeUndefined(); + // Eventually `ErrorConnectionTimeout` occurs, and these will be gracefully closed + await expect(serverConnEndP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + // Connection count should reach 0 eventually + await expect( + poll( + async () => { + return proxy.getConnectionReverseCount(); + }, + (_, result) => { + if (result === 0) return true; + return false; + }, + 100, + ), + ).resolves.toBe(0); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('connect success', async () => { + const clientKeyPair = await keysUtils.generateKeyPair(1024); + const clientKeyPairPem = keysUtils.keyPairToPem(clientKeyPair); + const clientCert = keysUtils.generateCertificate( + clientKeyPair.publicKey, + clientKeyPair.privateKey, + clientKeyPair.privateKey, + 86400, + ); + const clientCertPem = keysUtils.certToPem(clientCert); + const { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0, '127.0.0.1'); + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + proxyHost: localHost, + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + const { p: clientReadyP, resolveP: resolveClientReadyP } = promise(); + const { p: clientSecureConnectP, resolveP: resolveClientSecureConnectP } = + promise(); + const { p: clientCloseP, resolveP: resolveClientCloseP } = promise(); + const utpSocket = UTP({ allowHalfOpen: true }); + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + resolveClientReadyP(); + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + const utpConn = utpSocket.connect(proxyPort, proxyHost); + const tlsSocket = tls.connect( + { + key: Buffer.from(clientKeyPairPem.privateKey, 'ascii'), + cert: Buffer.from(clientCertPem, 'ascii'), + socket: utpConn, + rejectUnauthorized: false, + }, + () => { + resolveClientSecureConnectP(); + }, + ); + let tlsSocketEnded = false; + tlsSocket.on('end', () => { + tlsSocketEnded = true; + if (utpConn.destroyed) { + tlsSocket.destroy(); + } else { + tlsSocket.end(); + tlsSocket.destroy(); + } + }); + tlsSocket.on('close', () => { + resolveClientCloseP(); + }); + await send(networkUtils.pingBuffer); + expect(proxy.getConnectionReverseCount()).toBe(1); + await clientReadyP; + await clientSecureConnectP; + await serverConnP; + await proxy.closeConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + expect(proxy.getConnectionReverseCount()).toBe(0); + await clientCloseP; + await serverConnEndP; + await serverConnClosedP; + expect(tlsSocketEnded).toBe(true); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await proxy.stop(); + await serverClose(); + }); + test('stopping the proxy with open reverse connections', async () => { + const clientKeyPair = await keysUtils.generateKeyPair(1024); + const clientKeyPairPem = keysUtils.keyPairToPem(clientKeyPair); + const clientCert = keysUtils.generateCertificate( + clientKeyPair.publicKey, + clientKeyPair.privateKey, + clientKeyPair.privateKey, + 86400, + ); + const clientCertPem = keysUtils.certToPem(clientCert); + const { + serverListen, + serverClose, + serverConnP, + serverConnEndP, + serverConnClosedP, + serverHost, + serverPort, + } = tcpServer(); + await serverListen(0, '127.0.0.1'); + const proxy = new Proxy({ + logger: logger, + authToken: '', + }); + await proxy.start({ + serverHost: serverHost(), + serverPort: serverPort(), + proxyHost: localHost, + tlsConfig: { + keyPrivatePem: keyPairPem.privateKey, + certChainPem: certPem, + }, + }); + const proxyHost = proxy.getProxyHost(); + const proxyPort = proxy.getProxyPort(); + const { p: clientReadyP, resolveP: resolveClientReadyP } = promise(); + const { p: clientSecureConnectP, resolveP: resolveClientSecureConnectP } = + promise(); + const { p: clientCloseP, resolveP: resolveClientCloseP } = promise(); + const utpSocket = UTP({ allowHalfOpen: true }); + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + const handleMessage = async (data: Buffer) => { + const msg = networkUtils.unserializeNetworkMessage(data); + if (msg.type === 'ping') { + resolveClientReadyP(); + await send(networkUtils.pongBuffer); + } + }; + utpSocket.on('message', handleMessage); + const send = async (data: Buffer) => { + const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); + await utpSocketSend(data, 0, data.byteLength, proxyPort, proxyHost); + }; + await utpSocketBind(0, '127.0.0.1'); + const utpSocketPort = utpSocket.address().port; + await proxy.openConnectionReverse( + '127.0.0.1' as Host, + utpSocketPort as Port, + ); + const utpConn = utpSocket.connect(proxyPort, proxyHost); + const tlsSocket = tls.connect( + { + key: Buffer.from(clientKeyPairPem.privateKey, 'ascii'), + cert: Buffer.from(clientCertPem, 'ascii'), + socket: utpConn, + rejectUnauthorized: false, + }, + () => { + resolveClientSecureConnectP(); + }, + ); + let tlsSocketEnded = false; + tlsSocket.on('end', () => { + tlsSocketEnded = true; + if (utpConn.destroyed) { + tlsSocket.destroy(); + } else { + tlsSocket.end(); + tlsSocket.destroy(); + } + }); + tlsSocket.on('close', () => { + resolveClientCloseP(); + }); + await send(networkUtils.pingBuffer); + expect(proxy.getConnectionReverseCount()).toBe(1); + await clientReadyP; + await clientSecureConnectP; + await serverConnP; + // Stopping with 1 active connection (not just opened) + await proxy.stop(); + expect(proxy.getConnectionReverseCount()).toBe(0); + await clientCloseP; + await expect(serverConnEndP).resolves.toBeUndefined(); + await expect(serverConnClosedP).resolves.toBeUndefined(); + expect(tlsSocketEnded).toBe(true); + utpSocket.off('message', handleMessage); + utpSocket.close(); + utpSocket.unref(); + await serverClose(); }); }); diff --git a/tests/network/ReverseProxy.test.ts b/tests/network/ReverseProxy.test.ts deleted file mode 100644 index 8f0f3550c..000000000 --- a/tests/network/ReverseProxy.test.ts +++ /dev/null @@ -1,782 +0,0 @@ -import type { AddressInfo } from 'net'; -import type { Host, Port } from '@/network/types'; -import type { KeyPairPem } from '@/keys/types'; -import net from 'net'; -import tls from 'tls'; -import UTP from 'utp-native'; -import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; -import { - ReverseProxy, - utils as networkUtils, - errors as networkErrors, -} from '@/network'; -import * as keysUtils from '@/keys/utils'; -import { promisify, promise, timerStart, timerStop, poll } from '@/utils'; -import * as testUtils from '../utils'; - -/** - * Mock TCP server - * This is the server that the ReverseProxy will be proxying to - */ -function tcpServer(end: boolean = false) { - const { p: serverConnP, resolveP: resolveServerConnP } = promise(); - const { p: serverConnEndP, resolveP: resolveServerConnEndP } = - promise(); - const { p: serverConnClosedP, resolveP: resolveServerConnClosedP } = - promise(); - const server = net.createServer( - { - allowHalfOpen: false, - }, - (conn) => { - resolveServerConnP(); - conn.on('end', () => { - resolveServerConnEndP(); - conn.end(); - conn.destroy(); - }); - conn.once('close', () => { - resolveServerConnClosedP(); - }); - if (end) { - conn.removeAllListeners('end'); - conn.on('end', () => { - resolveServerConnEndP(); - conn.destroy(); - }); - conn.end(); - } - }, - ); - const serverClose = promisify(server.close).bind(server); - const serverListen = promisify(server.listen).bind(server); - const serverHost = () => { - return (server.address() as AddressInfo).address as Host; - }; - const serverPort = () => { - return (server.address() as AddressInfo).port as Port; - }; - return { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - }; -} - -describe(ReverseProxy.name, () => { - const logger = new Logger(`${ReverseProxy.name} test`, LogLevel.WARN, [ - new StreamHandler(), - ]); - let keyPairPem: KeyPairPem; - let certPem: string; - beforeAll(async () => { - const globalKeyPair = await testUtils.setupGlobalKeypair(); - keyPairPem = keysUtils.keyPairToPem(globalKeyPair); - const cert = keysUtils.generateCertificate( - globalKeyPair.publicKey, - globalKeyPair.privateKey, - globalKeyPair.privateKey, - 86400, - ); - certPem = keysUtils.certToPem(cert); - }); - test('reverseProxy readiness', async () => { - const revProxy = new ReverseProxy({ - logger: logger, - }); - // Should be a noop - await revProxy.stop(); - await revProxy.start({ - serverHost: '::1' as Host, - serverPort: 1 as Port, - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - expect(typeof revProxy.getServerHost()).toBe('string'); - expect(typeof revProxy.getServerPort()).toBe('number'); - expect(revProxy.getServerPort()).toBeGreaterThan(0); - expect(typeof revProxy.getIngressHost()).toBe('string'); - expect(typeof revProxy.getIngressPort()).toBe('number'); - expect(revProxy.getIngressPort()).toBeGreaterThan(0); - // Should be a noop (already started) - await revProxy.start({ - serverHost: '::1' as Host, - serverPort: 1 as Port, - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - await revProxy.stop(); - expect(() => { - revProxy.getIngressHost(); - }).toThrow(networkErrors.ErrorReverseProxyNotRunning); - expect(() => { - revProxy.getConnectionInfoByProxy('::1' as Host, 1 as Port); - }).toThrow(networkErrors.ErrorReverseProxyNotRunning); - // Start it again - await revProxy.start({ - serverHost: '::1' as Host, - serverPort: 1 as Port, - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - expect(revProxy.getServerHost()).toBe('::1'); - await revProxy.stop(); - }); - test('open connection to port 0 fails', async () => { - const revProxy = new ReverseProxy({ - logger: logger.getChild('ReverseProxy port 0'), - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - await expect( - revProxy.openConnection('127.0.0.1' as Host, 0 as Port), - ).rejects.toThrow(networkErrors.ErrorConnectionStart); - await expect(serverConnP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - await revProxy.stop(); - await serverClose(); - }); - test('open connection timeout due to lack of ready signal', async () => { - const revProxy = new ReverseProxy({ - logger: logger, - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - // This UTP client will just hang and not respond - const utpSocket = UTP(); - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - const timer = timerStart(3000); - await expect( - revProxy.openConnection( - '127.0.0.1' as Host, - utpSocketPort as Port, - timer, - ), - ).rejects.toThrow(networkErrors.ErrorConnectionStartTimeout); - timerStop(timer); - await expect(serverConnP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('open connection success', async () => { - const revProxy = new ReverseProxy({ - logger: logger, - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const utpSocket = UTP(); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - expect(revProxy.getConnectionCount()).toBe(1); - await revProxy.closeConnection('127.0.0.1' as Host, utpSocketPort as Port); - await expect(serverConnP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('open connection to multiple clients', async () => { - const revProxy = new ReverseProxy({ - logger: logger, - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - // First client - const utpSocket1 = UTP(); - const handleMessage1 = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send1(networkUtils.pongBuffer); - } - }; - utpSocket1.on('message', handleMessage1); - const send1 = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket1.send).bind(utpSocket1); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind1 = promisify(utpSocket1.bind).bind(utpSocket1); - await utpSocketBind1(0, '127.0.0.1'); - const utpSocketPort1 = utpSocket1.address().port; - // Second client - const utpSocket2 = UTP(); - const handleMessage2 = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send2(networkUtils.pongBuffer); - } - }; - utpSocket2.on('message', handleMessage2); - const send2 = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket2.send).bind(utpSocket2); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind2 = promisify(utpSocket2.bind).bind(utpSocket2); - await utpSocketBind2(0, '127.0.0.1'); - const utpSocketPort2 = utpSocket2.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort1 as Port); - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort2 as Port); - expect(revProxy.getConnectionCount()).toBe(2); - await revProxy.closeConnection('127.0.0.1' as Host, utpSocketPort1 as Port); - await revProxy.closeConnection('127.0.0.1' as Host, utpSocketPort2 as Port); - expect(revProxy.getConnectionCount()).toBe(0); - await expect(serverConnP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - utpSocket1.off('message', handleMessage1); - utpSocket1.close(); - utpSocket1.unref(); - utpSocket2.off('message', handleMessage2); - utpSocket2.close(); - utpSocket2.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('closed connection due to ending server', async () => { - const revProxy = new ReverseProxy({ - logger: logger, - }); - // This server will force end - const { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(true); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const utpSocket = UTP(); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - expect(revProxy.getConnectionCount()).toBe(1); - await expect(serverConnP).resolves.toBeUndefined(); - // The server receives the end confirmation for graceful exit - await expect(serverConnEndP).resolves.toBeUndefined(); - // The server is closed - await expect(serverConnClosedP).resolves.toBeUndefined(); - // The rev proxy won't have this connection - expect(revProxy.getConnectionCount()).toBe(0); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('connect timeout due to hanging client', async () => { - // `connConnectTime` will affect ErrorConnectionComposeTimeout - // `connKeepAliveTimeoutTime` will affect ErrorConnectionTimeout which is needed - // This should trigger both ErrorConnectionComposeTimeout and ErrorConnectionTimeout - // ErrorConnectionComposeTimeout results in a failed composition - // ErrorConnectionTimeout results in stopping the connection - // Failing to connect to the open connection doesn't - // automatically mean the connection is destroyed - const revProxy = new ReverseProxy({ - connConnectTime: 3000, - connKeepAliveTimeoutTime: 3000, - logger: logger, - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const utpSocket = UTP(); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - expect(revProxy.getConnectionCount()).toBe(1); - // This retries multiple times - // This will eventually fail and trigger a ErrorConnectionComposeTimeout - const utpConn = utpSocket.connect(ingressPort, ingressHost); - utpConn.setTimeout(2000, () => { - utpConn.emit('error', new Error('TIMED OUT')); - }); - const { p: utpConnClosedP, resolveP: resolveUtpConnClosedP } = - promise(); - const { p: utpConnErrorP, rejectP: rejectUtpConnErrorP } = promise(); - utpConn.on('error', (e) => { - rejectUtpConnErrorP(e); - utpConn.destroy(); - }); - utpConn.on('close', () => { - resolveUtpConnClosedP(); - }); - // The client connection times out - await expect(utpConnErrorP).rejects.toThrow(/TIMED OUT/); - await utpConnClosedP; - await expect(serverConnP).resolves.toBeUndefined(); - await expect(serverConnEndP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - // Connection count should reach 0 eventually - await expect( - poll( - async () => { - return revProxy.getConnectionCount(); - }, - (_, result) => { - if (result === 0) return true; - return false; - }, - 100, - ), - ).resolves.toBe(0); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('connect fails due to missing client certificates', async () => { - // `connKeepAliveTimeoutTime` will affect ErrorConnectionTimeout - // Note that failing to connect to the open connection - // doesn't automatically mean the connection is destroyed - // reverse proxy keeps the connection alive until `connKeepAliveTimeoutTime` expires - const revProxy = new ReverseProxy({ - connKeepAliveTimeoutTime: 2000, - logger: logger, - }); - const { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const utpSocket = UTP(); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - expect(revProxy.getConnectionCount()).toBe(1); - const { p: tlsSocketClosedP, resolveP: resolveTlsSocketClosedP } = - promise(); - const utpConn = utpSocket.connect(ingressPort, ingressHost); - // This will send an empty certificate chain - // Expect `ErrorCertChainEmpty` - let secureConnection = false; - const tlsSocket = tls.connect( - { - socket: utpConn, - rejectUnauthorized: false, - }, - () => { - secureConnection = true; - }, - ); - let errored = false; - tlsSocket.on('error', () => { - errored = true; - tlsSocket.destroy(); - }); - tlsSocket.on('end', () => { - if (utpConn.destroyed) { - tlsSocket.destroy(); - } else { - tlsSocket.end(); - tlsSocket.destroy(); - } - }); - tlsSocket.on('close', () => { - resolveTlsSocketClosedP(); - }); - // Reverse proxy will close the connection - await tlsSocketClosedP; - // We won't receive an error because it will be closed - expect(errored).toBe(false); - expect(secureConnection).toBe(true); - await expect(serverConnP).resolves.toBeUndefined(); - // Eventually `ErrorConnectionTimeout` occurs, and these will be gracefully closed - await expect(serverConnEndP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - // Connection count should reach 0 eventually - await expect( - poll( - async () => { - return revProxy.getConnectionCount(); - }, - (_, result) => { - if (result === 0) return true; - return false; - }, - 100, - ), - ).resolves.toBe(0); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('connect success', async () => { - const clientKeyPair = await keysUtils.generateKeyPair(1024); - const clientKeyPairPem = keysUtils.keyPairToPem(clientKeyPair); - const clientCert = keysUtils.generateCertificate( - clientKeyPair.publicKey, - clientKeyPair.privateKey, - clientKeyPair.privateKey, - 86400, - ); - const clientCertPem = keysUtils.certToPem(clientCert); - const { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0, '127.0.0.1'); - const revProxy = new ReverseProxy({ - logger: logger, - }); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const { p: clientReadyP, resolveP: resolveClientReadyP } = promise(); - const { p: clientSecureConnectP, resolveP: resolveClientSecureConnectP } = - promise(); - const { p: clientCloseP, resolveP: resolveClientCloseP } = promise(); - const utpSocket = UTP({ allowHalfOpen: true }); - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - resolveClientReadyP(); - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - const utpConn = utpSocket.connect(ingressPort, ingressHost); - const tlsSocket = tls.connect( - { - key: Buffer.from(clientKeyPairPem.privateKey, 'ascii'), - cert: Buffer.from(clientCertPem, 'ascii'), - socket: utpConn, - rejectUnauthorized: false, - }, - () => { - resolveClientSecureConnectP(); - }, - ); - let tlsSocketEnded = false; - tlsSocket.on('end', () => { - tlsSocketEnded = true; - if (utpConn.destroyed) { - tlsSocket.destroy(); - } else { - tlsSocket.end(); - tlsSocket.destroy(); - } - }); - tlsSocket.on('close', () => { - resolveClientCloseP(); - }); - await send(networkUtils.pingBuffer); - expect(revProxy.getConnectionCount()).toBe(1); - await clientReadyP; - await clientSecureConnectP; - await serverConnP; - await revProxy.closeConnection('127.0.0.1' as Host, utpSocketPort as Port); - expect(revProxy.getConnectionCount()).toBe(0); - await clientCloseP; - await serverConnEndP; - await serverConnClosedP; - expect(tlsSocketEnded).toBe(true); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await revProxy.stop(); - await serverClose(); - }); - test('stopping the proxy with open connections', async () => { - const clientKeyPair = await keysUtils.generateKeyPair(1024); - const clientKeyPairPem = keysUtils.keyPairToPem(clientKeyPair); - const clientCert = keysUtils.generateCertificate( - clientKeyPair.publicKey, - clientKeyPair.privateKey, - clientKeyPair.privateKey, - 86400, - ); - const clientCertPem = keysUtils.certToPem(clientCert); - const { - serverListen, - serverClose, - serverConnP, - serverConnEndP, - serverConnClosedP, - serverHost, - serverPort, - } = tcpServer(); - await serverListen(0, '127.0.0.1'); - const revProxy = new ReverseProxy({ - logger: logger, - }); - await revProxy.start({ - serverHost: serverHost(), - serverPort: serverPort(), - ingressHost: '127.0.0.1' as Host, - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - const ingressHost = revProxy.getIngressHost(); - const ingressPort = revProxy.getIngressPort(); - const { p: clientReadyP, resolveP: resolveClientReadyP } = promise(); - const { p: clientSecureConnectP, resolveP: resolveClientSecureConnectP } = - promise(); - const { p: clientCloseP, resolveP: resolveClientCloseP } = promise(); - const utpSocket = UTP({ allowHalfOpen: true }); - const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); - const handleMessage = async (data: Buffer) => { - const msg = networkUtils.unserializeNetworkMessage(data); - if (msg.type === 'ping') { - resolveClientReadyP(); - await send(networkUtils.pongBuffer); - } - }; - utpSocket.on('message', handleMessage); - const send = async (data: Buffer) => { - const utpSocketSend = promisify(utpSocket.send).bind(utpSocket); - await utpSocketSend(data, 0, data.byteLength, ingressPort, ingressHost); - }; - await utpSocketBind(0, '127.0.0.1'); - const utpSocketPort = utpSocket.address().port; - await revProxy.openConnection('127.0.0.1' as Host, utpSocketPort as Port); - const utpConn = utpSocket.connect(ingressPort, ingressHost); - const tlsSocket = tls.connect( - { - key: Buffer.from(clientKeyPairPem.privateKey, 'ascii'), - cert: Buffer.from(clientCertPem, 'ascii'), - socket: utpConn, - rejectUnauthorized: false, - }, - () => { - resolveClientSecureConnectP(); - }, - ); - let tlsSocketEnded = false; - tlsSocket.on('end', () => { - tlsSocketEnded = true; - if (utpConn.destroyed) { - tlsSocket.destroy(); - } else { - tlsSocket.end(); - tlsSocket.destroy(); - } - }); - tlsSocket.on('close', () => { - resolveClientCloseP(); - }); - await send(networkUtils.pingBuffer); - expect(revProxy.getConnectionCount()).toBe(1); - await clientReadyP; - await clientSecureConnectP; - await serverConnP; - // Stopping with 1 active connection (not just opened) - await revProxy.stop(); - expect(revProxy.getConnectionCount()).toBe(0); - await clientCloseP; - await expect(serverConnEndP).resolves.toBeUndefined(); - await expect(serverConnClosedP).resolves.toBeUndefined(); - expect(tlsSocketEnded).toBe(true); - utpSocket.off('message', handleMessage); - utpSocket.close(); - utpSocket.unref(); - await serverClose(); - }); -}); diff --git a/tests/network/index.test.ts b/tests/network/index.test.ts index 17759511a..0adbd00f1 100644 --- a/tests/network/index.test.ts +++ b/tests/network/index.test.ts @@ -2,7 +2,7 @@ import type { Host, Port } from '@/network/types'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import grpc from '@grpc/grpc-js'; import { utils as keysUtils } from '@/keys'; -import { ForwardProxy, ReverseProxy } from '@/network'; +import Proxy from '@/network/Proxy'; import * as utilsPB from '@/proto/js/polykey/v1/utils/utils_pb'; import { sleep } from '@/utils'; import { openTestServer, closeTestServer, GRPCClientTest } from '../grpc/utils'; @@ -44,47 +44,59 @@ describe('network index', () => { serverNodeId = keysUtils.certNodeId(serverCert)!; }); let server; - let revProxy; - let fwdProxy; + let server2; + let localProxy: Proxy; + let remoteProxy: Proxy; let client; beforeEach(async () => { let serverPort; + let serverPort2; [server, serverPort] = await openTestServer(authenticate, logger); - revProxy = new ReverseProxy({ - logger: logger.getChild('ReverseProxy integration'), + [server2, serverPort2] = await openTestServer(authenticate, logger); + remoteProxy = new Proxy({ + authToken: 'abc', + logger: logger.getChild('Proxy integration'), }); - await revProxy.start({ - serverHost: '127.0.0.1' as Host, - serverPort: serverPort as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + remoteProxy = new Proxy({ + authToken: 'abc', + logger: logger.getChild('Proxy integration'), + }); + await remoteProxy.start({ tlsConfig: { keyPrivatePem: serverKeyPairPem.privateKey, certChainPem: serverCertPem, }, + forwardHost: '127.0.0.1' as Host, + forwardPort: 0 as Port, + proxyHost: '127.0.0.1' as Host, + proxyPort: 0 as Port, + serverHost: '127.0.0.1' as Host, + serverPort: serverPort as Port, }); - fwdProxy = new ForwardProxy({ + localProxy = new Proxy({ authToken: 'abc', - logger: logger.getChild('ForwardProxy integration'), + logger: logger.getChild('Proxy integration'), }); - await fwdProxy.start({ + await localProxy.start({ tlsConfig: { keyPrivatePem: clientKeyPairPem.privateKey, certChainPem: clientCertPem, }, + forwardHost: '127.0.0.1' as Host, + forwardPort: 0 as Port, proxyHost: '127.0.0.1' as Host, proxyPort: 0 as Port, - egressHost: '127.0.0.1' as Host, - egressPort: 0 as Port, + serverHost: '127.0.0.1' as Host, + serverPort: serverPort2 as Port, }); client = await GRPCClientTest.createGRPCClientTest({ nodeId: serverNodeId, - host: revProxy.getIngressHost(), - port: revProxy.getIngressPort(), + host: remoteProxy.getProxyHost(), + port: remoteProxy.getProxyPort(), proxyConfig: { - host: fwdProxy.getProxyHost(), - port: fwdProxy.getProxyPort(), - authToken: fwdProxy.authToken, + host: localProxy.getForwardHost(), + port: localProxy.getForwardPort(), + authToken: localProxy.authToken, }, logger, }); @@ -93,9 +105,10 @@ describe('network index', () => { // All calls here are idempotent // they will work even when they are already shutdown await client.destroy(); - await fwdProxy.stop(); - await revProxy.stop(); + await remoteProxy.stop(); + await localProxy.stop(); await closeTestServer(server); + await closeTestServer(server2); }); test('grpc integration with unary and stream calls', async () => { const m = new utilsPB.EchoMessage(); @@ -129,31 +142,31 @@ describe('network index', () => { expect(duplexStreamResponse.value.getChallenge()).toBe(m.getChallenge()); } // Ensure that the connection count is the same - expect(fwdProxy.getConnectionCount()).toBe(1); - expect(revProxy.getConnectionCount()).toBe(1); + expect(localProxy.getConnectionForwardCount()).toBe(1); + expect(remoteProxy.getConnectionReverseCount()).toBe(1); expect( - fwdProxy.getConnectionInfoByIngress(client.host, client.port), + localProxy.getConnectionInfoByProxy(client.host, client.port), ).toEqual( expect.objectContaining({ - nodeId: serverNodeId, - egressHost: fwdProxy.getEgressHost(), - egressPort: fwdProxy.getEgressPort(), - ingressHost: revProxy.getIngressHost(), - ingressPort: revProxy.getIngressPort(), + remoteNodeId: serverNodeId, + localHost: localProxy.getProxyHost(), + localPort: localProxy.getProxyPort(), + remoteHost: remoteProxy.getProxyHost(), + remotePort: remoteProxy.getProxyPort(), }), ); expect( - revProxy.getConnectionInfoByEgress( - fwdProxy.getEgressHost(), - fwdProxy.getEgressPort(), + remoteProxy.getConnectionInfoByProxy( + localProxy.getProxyHost(), + localProxy.getProxyPort(), ), ).toEqual( expect.objectContaining({ - nodeId: clientNodeId, - egressHost: fwdProxy.getEgressHost(), - egressPort: fwdProxy.getEgressPort(), - ingressHost: revProxy.getIngressHost(), - ingressPort: revProxy.getIngressPort(), + remoteNodeId: clientNodeId, + remoteHost: localProxy.getProxyHost(), + remotePort: localProxy.getProxyPort(), + localHost: remoteProxy.getProxyHost(), + localPort: remoteProxy.getProxyPort(), }), ); }); @@ -179,14 +192,14 @@ describe('network index', () => { test('forward initiates end', async () => { // Wait for network to settle await sleep(100); - await fwdProxy.stop(); + await localProxy.stop(); // Wait for network to settle await sleep(100); }); test('reverse initiates end', async () => { // Wait for network to settle await sleep(100); - await revProxy.stop(); + await remoteProxy.stop(); // Wait for network to settle await sleep(100); }); diff --git a/tests/nodes/NodeConnection.test.ts b/tests/nodes/NodeConnection.test.ts index 16dee5e65..558e2852d 100644 --- a/tests/nodes/NodeConnection.test.ts +++ b/tests/nodes/NodeConnection.test.ts @@ -9,8 +9,8 @@ import * as child_process from 'child_process'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import { DB } from '@matrixai/db'; import { destroyed } from '@matrixai/async-init'; -import ReverseProxy from '@/network/ReverseProxy'; -import ForwardProxy from '@/network/ForwardProxy'; + +import Proxy from '@/network/Proxy'; import NodeConnection from '@/nodes/NodeConnection'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; @@ -90,14 +90,14 @@ describe(`${NodeConnection.name} test`, () => { let serverGestaltGraph: GestaltGraph; let serverDb: DB; let serverNotificationsManager: NotificationsManager; - let serverRevProxy: ReverseProxy; + let serverProxy: Proxy; // Client let clientDataDir: string; let sourceNodeId: NodeId; let clientKeyManager: KeyManager; const authToken = 'AUTH'; - let clientFwdProxy: ForwardProxy; + let clientproxy: Proxy; let agentServer: GRPCServer; let tlsConfig: TLSConfig; @@ -218,15 +218,11 @@ describe(`${NodeConnection.name} test`, () => { logger: logger, }); - const serverFwdProxy = new ForwardProxy({ + serverProxy = new Proxy({ authToken: '', logger: logger, }); - serverRevProxy = new ReverseProxy({ - logger: logger, - }); - serverNodeGraph = await NodeGraph.createNodeGraph({ db: serverDb, keyManager: serverKeyManager, @@ -236,8 +232,7 @@ describe(`${NodeConnection.name} test`, () => { serverNodeConnectionManager = new NodeConnectionManager({ keyManager: serverKeyManager, nodeGraph: serverNodeGraph, - fwdProxy: serverFwdProxy, - revProxy: serverRevProxy, + proxy: serverProxy, logger, }); await serverNodeConnectionManager.start(); @@ -281,7 +276,7 @@ describe(`${NodeConnection.name} test`, () => { notificationsManager: serverNotificationsManager, acl: serverACL, gestaltGraph: serverGestaltGraph, - revProxy: serverRevProxy, + proxy: serverProxy, }); agentServer = new GRPCServer({ logger: logger, @@ -290,13 +285,13 @@ describe(`${NodeConnection.name} test`, () => { services: [[AgentServiceService, agentService]], host: localHost, }); - await serverRevProxy.start({ + await serverProxy.start({ serverHost: localHost, serverPort: agentServer.getPort(), - ingressHost: localHost, + proxyHost: localHost, tlsConfig: serverTLSConfig, }); - targetPort = serverRevProxy.getIngressPort(); + targetPort = serverProxy.getProxyPort(); targetNodeId = serverKeyManager.getNodeId(); // Client setup @@ -316,16 +311,18 @@ describe(`${NodeConnection.name} test`, () => { }; sourceNodeId = clientKeyManager.getNodeId(); - clientFwdProxy = new ForwardProxy({ + clientproxy = new Proxy({ authToken: authToken, logger: logger, }); - await clientFwdProxy.start({ - proxyHost: localHost, + await clientproxy.start({ + forwardHost: localHost, tlsConfig: clientTLSConfig, - egressHost: localHost, + proxyHost: localHost, + serverHost: localHost, + serverPort: 0 as Port, }); - sourcePort = clientFwdProxy.getEgressPort(); + sourcePort = clientproxy.getProxyPort(); // Other setup const globalKeyPair = await testUtils.setupGlobalKeypair(); @@ -342,7 +339,7 @@ describe(`${NodeConnection.name} test`, () => { }, global.polykeyStartupTimeout * 2); afterEach(async () => { - await clientFwdProxy.stop(); + await clientproxy.stop(); await clientKeyManager.stop(); await clientKeyManager.destroy(); await fs.promises.rm(clientDataDir, { @@ -364,7 +361,7 @@ describe(`${NodeConnection.name} test`, () => { await serverNotificationsManager.stop(); await serverNotificationsManager.destroy(); await agentServer.stop(); - await serverRevProxy.stop(); + await serverProxy.stop(); await serverKeyManager.stop(); await serverKeyManager.destroy(); await serverDb.stop(); @@ -381,7 +378,7 @@ describe(`${NodeConnection.name} test`, () => { targetNodeId: targetNodeId, targetHost: localHost, targetPort: targetPort, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback, @@ -395,9 +392,9 @@ describe(`${NodeConnection.name} test`, () => { nodeConnection.getRootCertChain(); }).toThrow(nodesErrors.ErrorNodeConnectionDestroyed); // Explicitly close the connection such that there's no interference in next test - await serverRevProxy.closeConnection( + await serverProxy.closeConnectionReverse( localHost, - clientFwdProxy.getEgressPort(), + clientproxy.getProxyPort(), ); }); test('connects to its target (via direct connection)', async () => { @@ -405,7 +402,7 @@ describe(`${NodeConnection.name} test`, () => { targetNodeId: targetNodeId, targetHost: localHost, targetPort: targetPort, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback, @@ -417,7 +414,7 @@ describe(`${NodeConnection.name} test`, () => { // attempt to acquire the connection info, we need to wait and poll it const connInfo = await poll( async () => { - return serverRevProxy.getConnectionInfoByEgress(localHost, sourcePort); + return serverProxy.getConnectionInfoByProxy(localHost, sourcePort); }, (e) => { if (e instanceof networkErrors.ErrorConnectionNotComposed) return false; @@ -427,12 +424,12 @@ describe(`${NodeConnection.name} test`, () => { ); expect(connInfo).toBeDefined(); expect(connInfo).toMatchObject({ - nodeId: sourceNodeId, - certificates: expect.any(Array), - egressHost: localHost, - egressPort: sourcePort, - ingressHost: localHost, - ingressPort: targetPort, + remoteNodeId: sourceNodeId, + remoteCertificates: expect.any(Array), + localHost: localHost, + localPort: targetPort, + remoteHost: localHost, + remotePort: sourcePort, }); await conn.destroy(); }); @@ -449,14 +446,14 @@ describe(`${NodeConnection.name} test`, () => { const killSelf = jest.fn(); nodeConnection = await NodeConnection.createNodeConnection({ connConnectTime: 500, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback: killSelf, - targetHost: polykeyAgent.revProxy.getIngressHost(), + targetHost: polykeyAgent.proxy.getProxyHost(), targetNodeId: polykeyAgent.keyManager.getNodeId(), - targetPort: polykeyAgent.revProxy.getIngressPort(), + targetPort: polykeyAgent.proxy.getProxyPort(), clientFactory: (args) => GRPCClientAgent.createGRPCClientAgent(args), }); @@ -484,7 +481,7 @@ describe(`${NodeConnection.name} test`, () => { targetHost: '128.0.0.1' as Host, targetPort: 12345 as Port, connConnectTime: 300, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback, @@ -500,7 +497,7 @@ describe(`${NodeConnection.name} test`, () => { targetNodeId: targetNodeId, targetHost: localHost, targetPort: targetPort, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback, @@ -521,7 +518,7 @@ describe(`${NodeConnection.name} test`, () => { targetNodeId: targetNodeId, targetHost: localHost, targetPort: targetPort, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback, @@ -539,33 +536,34 @@ describe(`${NodeConnection.name} test`, () => { } }); test('should call `killSelf if connection is closed based on bad certificate', async () => { - let revProxy: ReverseProxy | undefined; + let proxy: Proxy | undefined; let nodeConnection: NodeConnection | undefined; let server; try { server = tcpServer(); - revProxy = new ReverseProxy({ + proxy = new Proxy({ logger: logger, + authToken: '', }); await server.serverListen(0); - await revProxy.start({ + await proxy.start({ serverHost: server.serverHost(), serverPort: server.serverPort(), - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig, }); // Have a nodeConnection try to connect to it const killSelf = jest.fn(); const nodeConnectionP = NodeConnection.createNodeConnection({ connConnectTime: 500, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback: killSelf, - targetHost: revProxy.getIngressHost(), + targetHost: proxy.getProxyHost(), targetNodeId: targetNodeId, - targetPort: revProxy.getIngressPort(), + targetPort: proxy.getProxyPort(), clientFactory: (args) => GRPCClientAgent.createGRPCClientAgent(args), }); @@ -577,37 +575,38 @@ describe(`${NodeConnection.name} test`, () => { // Resolves if the shutdownCallback was called } finally { await server?.serverClose(); - await revProxy?.stop(); + await proxy?.stop(); await nodeConnection?.destroy(); } }); test('should call `killSelf if connection is closed before TLS is established', async () => { - let revProxy: ReverseProxy | undefined; + let proxy: Proxy | undefined; let server; try { server = tcpServer(false, true); - revProxy = new ReverseProxy({ + proxy = new Proxy({ logger: logger, + authToken: '', }); await server.serverListen(0); - await revProxy.start({ + await proxy.start({ serverHost: server.serverHost(), serverPort: server.serverPort(), - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig, }); // Have a nodeConnection try to connect to it const killSelf = jest.fn(); const nodeConnectionP = NodeConnection.createNodeConnection({ connConnectTime: 500, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback: killSelf, - targetHost: revProxy.getIngressHost(), + targetHost: proxy.getProxyHost(), targetNodeId: targetNodeId, - targetPort: revProxy.getIngressPort(), + targetPort: proxy.getProxyPort(), clientFactory: (args) => GRPCClientAgent.createGRPCClientAgent(args), }); @@ -619,7 +618,7 @@ describe(`${NodeConnection.name} test`, () => { // Resolves if the shutdownCallback was called } finally { await server?.serverClose(); - await revProxy?.stop(); + await proxy?.stop(); } }); test('should call `killSelf if the Agent is stopped.', async () => { @@ -635,14 +634,14 @@ describe(`${NodeConnection.name} test`, () => { const killSelf = jest.fn(); nodeConnection = await NodeConnection.createNodeConnection({ connConnectTime: 500, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, destroyCallback: killSelf, - targetHost: polykeyAgent.revProxy.getIngressHost(), + targetHost: polykeyAgent.proxy.getProxyHost(), targetNodeId: polykeyAgent.keyManager.getNodeId(), - targetPort: polykeyAgent.revProxy.getIngressPort(), + targetPort: polykeyAgent.proxy.getProxyPort(), clientFactory: (args) => GRPCClientAgent.createGRPCClientAgent(args), }); @@ -666,7 +665,7 @@ describe(`${NodeConnection.name} test`, () => { let nodeConnection: | NodeConnection | undefined; - let testRevProxy: ReverseProxy | undefined; + let testProxy: Proxy | undefined; let testProcess: child_process.ChildProcessWithoutNullStreams | undefined; try { const testProcess = child_process.spawn('ts-node', [ @@ -681,11 +680,14 @@ describe(`${NodeConnection.name} test`, () => { // TestProcess.stderr.on('data', data => console.log(data.toString())); // Lets make a reverse proxy - testRevProxy = new ReverseProxy({ logger: logger }); - await testRevProxy.start({ + testProxy = new Proxy({ + authToken: '', + logger: logger, + }); + await testProxy.start({ serverHost: '127.0.0.1' as Host, serverPort: Number(await waitP.p) as Port, - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig: serverTLSConfig, }); @@ -694,7 +696,7 @@ describe(`${NodeConnection.name} test`, () => { const killSelfP = promise(); nodeConnection = await NodeConnection.createNodeConnection({ connConnectTime: 2000, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, @@ -703,8 +705,8 @@ describe(`${NodeConnection.name} test`, () => { killSelfP.resolveP(null); }, targetNodeId: serverKeyManager.getNodeId(), - targetHost: testRevProxy.getIngressHost(), - targetPort: testRevProxy.getIngressPort(), + targetHost: testProxy.getProxyHost(), + targetPort: testProxy.getProxyPort(), clientFactory: (args) => grpcTestUtils.GRPCClientTest.createGRPCClientTest(args), }); @@ -721,7 +723,7 @@ describe(`${NodeConnection.name} test`, () => { expect(killSelfCheck).toHaveBeenCalled(); } finally { testProcess?.kill(9); - await testRevProxy?.stop(); + await testProxy?.stop(); await nodeConnection?.destroy(); } }, @@ -732,7 +734,7 @@ describe(`${NodeConnection.name} test`, () => { let nodeConnection: | NodeConnection | undefined; - let testRevProxy: ReverseProxy | undefined; + let testProxy: Proxy | undefined; let testProcess: child_process.ChildProcessWithoutNullStreams | undefined; try { const testProcess = child_process.spawn('ts-node', [ @@ -747,11 +749,14 @@ describe(`${NodeConnection.name} test`, () => { // TestProcess.stderr.on('data', data => console.log(data.toString())); // Lets make a reverse proxy - testRevProxy = new ReverseProxy({ logger: logger }); - await testRevProxy.start({ + testProxy = new Proxy({ + authToken: '', + logger: logger, + }); + await testProxy.start({ serverHost: '127.0.0.1' as Host, serverPort: Number(await waitP.p) as Port, - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig: serverTLSConfig, }); @@ -760,7 +765,7 @@ describe(`${NodeConnection.name} test`, () => { const killSelfP = promise(); nodeConnection = await NodeConnection.createNodeConnection({ connConnectTime: 2000, - fwdProxy: clientFwdProxy, + proxy: clientproxy, keyManager: clientKeyManager, logger: logger, nodeConnectionManager: dummyNodeConnectionManager, @@ -769,8 +774,8 @@ describe(`${NodeConnection.name} test`, () => { killSelfP.resolveP(null); }, targetNodeId: serverKeyManager.getNodeId(), - targetHost: testRevProxy.getIngressHost(), - targetPort: testRevProxy.getIngressPort(), + targetHost: testProxy.getProxyHost(), + targetPort: testProxy.getProxyPort(), clientFactory: (args) => grpcTestUtils.GRPCClientTest.createGRPCClientTest(args), }); @@ -790,7 +795,7 @@ describe(`${NodeConnection.name} test`, () => { expect(killSelfCheck).toHaveBeenCalled(); } finally { testProcess?.kill(9); - await testRevProxy?.stop(); + await testProxy?.stop(); await nodeConnection?.destroy(); } }, diff --git a/tests/nodes/NodeConnectionManager.general.test.ts b/tests/nodes/NodeConnectionManager.general.test.ts index f0a5576f9..5fac8e30a 100644 --- a/tests/nodes/NodeConnectionManager.general.test.ts +++ b/tests/nodes/NodeConnectionManager.general.test.ts @@ -10,8 +10,8 @@ import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import GRPCClientAgent from '@/agent/GRPCClientAgent'; import * as nodesUtils from '@/nodes/utils'; import * as nodesErrors from '@/nodes/errors'; @@ -51,6 +51,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { 'vi3et1hrpv2m2lrplcm7cu913kr45v51cak54vm68anlbvuf83ra0', )!; + const localHost = '127.0.0.1' as Host; const serverHost = '127.0.0.1' as Host; const serverPort = 55555 as Port; @@ -73,8 +74,8 @@ describe(`${NodeConnectionManager.name} general test`, () => { let dataDir2: string; let keyManager: KeyManager; let db: DB; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let nodeGraph: NodeGraph; let remoteNode1: PolykeyAgent; @@ -188,28 +189,23 @@ describe(`${NodeConnectionManager.name} general test`, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: keysUtils.certToPem(keyManager.getRootCert()), }; - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', - logger: logger.getChild('fwdProxy'), + logger: logger.getChild('proxy'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig, - }); - revProxy = new ReverseProxy({ - logger: logger.getChild('revProxy'), - }); - await revProxy.start({ serverHost, serverPort, - tlsConfig, + proxyHost: localHost, }); await nodeGraph.setNode(remoteNodeId1, { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }); await nodeGraph.setNode(remoteNodeId2, { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }); }); @@ -220,8 +216,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); }); // General functionality @@ -230,8 +225,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -258,8 +252,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -276,8 +269,8 @@ describe(`${NodeConnectionManager.name} general test`, () => { logger: nodeConnectionManagerLogger, }); await nodeGraph.setNode(server.keyManager.getNodeId(), { - host: server.revProxy.getIngressHost(), - port: server.revProxy.getIngressPort(), + host: server.proxy.getProxyHost(), + port: server.proxy.getProxyPort(), } as NodeAddress); await server.nodeGraph.setNode(nodeId, nodeAddress); const foundAddress2 = await nodeConnectionManager.findNode(nodeId); @@ -297,8 +290,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -311,8 +303,8 @@ describe(`${NodeConnectionManager.name} general test`, () => { logger: nodeConnectionManagerLogger, }); await nodeGraph.setNode(server.keyManager.getNodeId(), { - host: server.revProxy.getIngressHost(), - port: server.revProxy.getIngressPort(), + host: server.proxy.getProxyHost(), + port: server.proxy.getProxyPort(), } as NodeAddress); // Add a dummy node to the server node graph database // Server will not be able to connect to this node (the only node in its @@ -338,8 +330,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -364,8 +355,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -410,8 +400,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -471,16 +460,15 @@ describe(`${NodeConnectionManager.name} general test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: logger.getChild('NodeConnectionManager'), }); await nodeConnectionManager.start(); const targetNodeId = serverPKAgent.keyManager.getNodeId(); await nodeGraph.setNode(targetNodeId, { - host: serverPKAgent.revProxy.getIngressHost(), - port: serverPKAgent.revProxy.getIngressPort(), + host: serverPKAgent.proxy.getProxyHost(), + port: serverPKAgent.proxy.getProxyPort(), }); // Now generate and add 20 nodes that will be close to this node ID @@ -541,8 +529,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -579,8 +566,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -592,7 +578,7 @@ describe(`${NodeConnectionManager.name} general test`, () => { relayMessage.setSrcId(nodesUtils.encodeNodeId(sourceNodeId)); relayMessage.setTargetId(nodesUtils.encodeNodeId(remoteNodeId1)); relayMessage.setSignature(''); - relayMessage.setEgressAddress(''); + relayMessage.setProxyAddress(''); await nodeConnectionManager.relayHolePunchMessage(relayMessage); expect(mockedNodesHolePunchMessageSend).toHaveBeenCalled(); diff --git a/tests/nodes/NodeConnectionManager.lifecycle.test.ts b/tests/nodes/NodeConnectionManager.lifecycle.test.ts index c3f0378a8..867fe77b6 100644 --- a/tests/nodes/NodeConnectionManager.lifecycle.test.ts +++ b/tests/nodes/NodeConnectionManager.lifecycle.test.ts @@ -10,8 +10,8 @@ import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as nodesUtils from '@/nodes/utils'; import * as nodesErrors from '@/nodes/errors'; import * as keysUtils from '@/keys/utils'; @@ -47,6 +47,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { 'vi3et1hrpv2m2lrplcm7cu913kr45v51cak54vm68anlbvuf83ra0', )!; + const localHost = '127.0.0.1' as Host; const serverHost = '127.0.0.1' as Host; const serverPort = 55555 as Port; @@ -70,8 +71,8 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { let dataDir2: string; let keyManager: KeyManager; let db: DB; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let nodeGraph: NodeGraph; let remoteNode1: PolykeyAgent; @@ -146,28 +147,23 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: keysUtils.certToPem(keyManager.getRootCert()), }; - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', - logger: logger.getChild('fwdProxy'), + logger: logger.getChild('proxy'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig, - }); - revProxy = new ReverseProxy({ - logger: logger.getChild('revProxy'), - }); - await revProxy.start({ serverHost, + proxyHost: localHost, serverPort, - tlsConfig, }); await nodeGraph.setNode(remoteNodeId1, { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }); await nodeGraph.setNode(remoteNodeId2, { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }); }); @@ -178,8 +174,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); }); // Connection life cycle @@ -190,8 +185,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -218,8 +212,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -262,8 +255,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -297,8 +289,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -362,8 +353,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connConnectTime: 500, logger: nodeConnectionManagerLogger, }); @@ -400,8 +390,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -429,8 +418,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -465,8 +453,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); @@ -503,8 +490,7 @@ describe(`${NodeConnectionManager.name} lifecycle test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); diff --git a/tests/nodes/NodeConnectionManager.seednodes.test.ts b/tests/nodes/NodeConnectionManager.seednodes.test.ts index 974f3dd48..d0fd1c9ca 100644 --- a/tests/nodes/NodeConnectionManager.seednodes.test.ts +++ b/tests/nodes/NodeConnectionManager.seednodes.test.ts @@ -10,8 +10,8 @@ import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as nodesUtils from '@/nodes/utils'; import * as keysUtils from '@/keys/utils'; import * as grpcUtils from '@/grpc/utils'; @@ -42,6 +42,7 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { 'vi3et1hrpv2m2lrplcm7cu913kr45v51cak54vm68anlbvuf83ra0', )!; + const localHost = '127.0.0.1' as Host; const serverHost = '127.0.0.1' as Host; const serverPort = 55555 as Port; @@ -63,8 +64,8 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { let dataDir2: string; let keyManager: KeyManager; let db: DB; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let nodeGraph: NodeGraph; let remoteNode1: PolykeyAgent; @@ -139,28 +140,23 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: keysUtils.certToPem(keyManager.getRootCert()), }; - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', - logger: logger.getChild('fwdProxy'), - }); - await fwdProxy.start({ - tlsConfig, - }); - revProxy = new ReverseProxy({ - logger: logger.getChild('revProxy'), + logger: logger.getChild('proxy'), }); - await revProxy.start({ + await proxy.start({ serverHost, serverPort, + proxyHost: localHost, tlsConfig, }); await nodeGraph.setNode(remoteNodeId1, { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }); await nodeGraph.setNode(remoteNodeId2, { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }); }); @@ -171,8 +167,7 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); }); // Seed nodes @@ -182,8 +177,7 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes: dummySeedNodes, logger: logger, }); @@ -206,8 +200,7 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { const nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes: dummySeedNodes, logger: logger, }); @@ -227,18 +220,17 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { try { const seedNodes: SeedNodes = {}; seedNodes[nodesUtils.encodeNodeId(remoteNodeId1)] = { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }; seedNodes[nodesUtils.encodeNodeId(remoteNodeId2)] = { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }; nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes, logger: logger, }); @@ -264,12 +256,12 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { try { const seedNodes: SeedNodes = {}; seedNodes[nodesUtils.encodeNodeId(remoteNodeId1)] = { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }; seedNodes[nodesUtils.encodeNodeId(remoteNodeId2)] = { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }; seedNodes[nodesUtils.encodeNodeId(dummyNodeId)] = { host: serverHost, @@ -287,8 +279,7 @@ describe(`${NodeConnectionManager.name} seed nodes test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, seedNodes, connConnectTime: 500, logger: logger, diff --git a/tests/nodes/NodeConnectionManager.termination.test.ts b/tests/nodes/NodeConnectionManager.termination.test.ts index b616ac147..8538ee7a3 100644 --- a/tests/nodes/NodeConnectionManager.termination.test.ts +++ b/tests/nodes/NodeConnectionManager.termination.test.ts @@ -13,8 +13,8 @@ import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as nodesUtils from '@/nodes/utils'; import * as nodesErrors from '@/nodes/errors'; import * as keysUtils from '@/keys/utils'; @@ -51,6 +51,7 @@ describe(`${NodeConnectionManager.name} termination test`, () => { 'vi3et1hrpv2m2lrplcm7cu913kr45v51cak54vm68anlbvuf83ra0', )!; + const localHost = '127.0.0.1' as Host; const serverHost = '127.0.0.1' as Host; const serverPort = 55555 as Port; @@ -75,8 +76,7 @@ describe(`${NodeConnectionManager.name} termination test`, () => { let nodePath: string; let keyManager: KeyManager; let db: DB; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let defaultProxy: Proxy; let nodeGraph: NodeGraph; let tlsConfig2: TLSConfig; @@ -122,22 +122,16 @@ describe(`${NodeConnectionManager.name} termination test`, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: keysUtils.certToPem(keyManager.getRootCert()), }; - fwdProxy = new ForwardProxy({ + defaultProxy = new Proxy({ authToken: 'auth', - logger: logger.getChild('fwdProxy'), - }); - await fwdProxy.start({ - tlsConfig, + logger: logger.getChild('proxy'), }); - revProxy = new ReverseProxy({ - logger: logger.getChild('revProxy'), - }); - await revProxy.start({ + await defaultProxy.start({ serverHost, serverPort, + proxyHost: localHost, tlsConfig, }); - // Other setup const globalKeyPair = await testUtils.setupGlobalKeypair(); const cert = keysUtils.generateCertificate( @@ -159,13 +153,12 @@ describe(`${NodeConnectionManager.name} termination test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await revProxy.stop(); - await fwdProxy.stop(); + await defaultProxy.stop(); }); /** * Mock TCP server - * This is the server that the ReverseProxy will be proxying to + * This is the server that the Proxy will be proxying to */ function tcpServer(end: boolean = false, fastEnd: boolean = false) { const { p: serverConnP, resolveP: resolveServerConnP } = promise(); @@ -229,28 +222,28 @@ describe(`${NodeConnectionManager.name} termination test`, () => { test('closed based on bad certificate during createConnection ', async () => { let server; let nodeConnectionManager: NodeConnectionManager | undefined; - let revProxy: ReverseProxy | undefined; + let proxy: Proxy | undefined; try { server = tcpServer(); - revProxy = new ReverseProxy({ + proxy = new Proxy({ logger: logger, + authToken: '', }); await server.serverListen(0); - await revProxy.start({ + await proxy.start({ serverHost: server.serverHost(), serverPort: server.serverPort(), - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig: tlsConfig2, }); await nodeGraph.setNode(dummyNodeId, { - host: revProxy.getIngressHost(), - port: revProxy.getIngressPort(), + host: proxy.getProxyHost(), + port: proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: logger, connConnectTime: 2000, }); @@ -262,35 +255,35 @@ describe(`${NodeConnectionManager.name} termination test`, () => { ).rejects.toThrow(nodesErrors.ErrorNodeConnectionTimeout); } finally { await nodeConnectionManager?.stop(); - await revProxy?.stop(); + await proxy?.stop(); await server?.serverClose(); } }); test('closed based on bad certificate during withConnection', async () => { let server; let nodeConnectionManager: NodeConnectionManager | undefined; - let revProxy: ReverseProxy | undefined; + let proxy: Proxy | undefined; try { server = tcpServer(); - revProxy = new ReverseProxy({ + proxy = new Proxy({ logger: logger, + authToken: '', }); await server.serverListen(0); - await revProxy.start({ + await proxy.start({ serverHost: server.serverHost(), serverPort: server.serverPort(), - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig: tlsConfig2, }); await nodeGraph.setNode(dummyNodeId, { - host: revProxy.getIngressHost(), - port: revProxy.getIngressPort(), + host: proxy.getProxyHost(), + port: proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: logger, connConnectTime: 2000, }); @@ -305,35 +298,35 @@ describe(`${NodeConnectionManager.name} termination test`, () => { ); } finally { await nodeConnectionManager?.stop(); - await revProxy?.stop(); + await proxy?.stop(); await server?.serverClose(); } }); test('closed before TLS is established', async () => { let server; let nodeConnectionManager: NodeConnectionManager | undefined; - let revProxy: ReverseProxy | undefined; + let proxy: Proxy | undefined; try { server = tcpServer(false, true); - revProxy = new ReverseProxy({ + proxy = new Proxy({ logger: logger, + authToken: '', }); await server.serverListen(0); - await revProxy.start({ + await proxy.start({ serverHost: server.serverHost(), serverPort: server.serverPort(), - ingressHost: '127.0.0.1' as Host, + proxyHost: localHost, tlsConfig: tlsConfig2, }); await nodeGraph.setNode(dummyNodeId, { - host: revProxy.getIngressHost(), - port: revProxy.getIngressPort(), + host: proxy.getProxyHost(), + port: proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: logger, connConnectTime: 2000, }); @@ -351,7 +344,7 @@ describe(`${NodeConnectionManager.name} termination test`, () => { ); } finally { await nodeConnectionManager?.stop(); - await revProxy?.stop(); + await proxy?.stop(); await server?.serverClose(); } }); @@ -367,14 +360,13 @@ describe(`${NodeConnectionManager.name} termination test`, () => { const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); @@ -420,15 +412,14 @@ describe(`${NodeConnectionManager.name} termination test`, () => { }); const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); @@ -497,14 +488,13 @@ describe(`${NodeConnectionManager.name} termination test`, () => { const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); @@ -566,14 +556,13 @@ describe(`${NodeConnectionManager.name} termination test`, () => { const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); @@ -640,14 +629,13 @@ describe(`${NodeConnectionManager.name} termination test`, () => { const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); @@ -714,14 +702,13 @@ describe(`${NodeConnectionManager.name} termination test`, () => { const agentNodeId = polykeyAgent.keyManager.getNodeId(); await nodeGraph.setNode(agentNodeId, { - host: polykeyAgent.revProxy.getIngressHost(), - port: polykeyAgent.revProxy.getIngressPort(), + host: polykeyAgent.proxy.getProxyHost(), + port: polykeyAgent.proxy.getProxyPort(), }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy: defaultProxy, logger: logger, connConnectTime: 2000, }); diff --git a/tests/nodes/NodeConnectionManager.timeout.test.ts b/tests/nodes/NodeConnectionManager.timeout.test.ts index 970c02156..2f3a1c7cc 100644 --- a/tests/nodes/NodeConnectionManager.timeout.test.ts +++ b/tests/nodes/NodeConnectionManager.timeout.test.ts @@ -10,8 +10,8 @@ import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as nodesUtils from '@/nodes/utils'; import * as keysUtils from '@/keys/utils'; import * as grpcUtils from '@/grpc/utils'; @@ -43,6 +43,7 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { 0, 0, 0, 0, 0, 0, 124, ]); + const localHost = '127.0.0.1' as Host; const serverHost = '127.0.0.1' as Host; const serverPort = 55555 as Port; @@ -62,15 +63,12 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { const nop = async () => {}; - // let dataDir: string; let dataDir2: string; let keyManager: KeyManager; let db: DB; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let nodeGraph: NodeGraph; - let remoteNode1: PolykeyAgent; let remoteNode2: PolykeyAgent; let remoteNodeId1: NodeId; @@ -143,28 +141,23 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: keysUtils.certToPem(keyManager.getRootCert()), }; - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', - logger: logger.getChild('fwdProxy'), + logger: logger.getChild('proxy'), }); - await fwdProxy.start({ + await proxy.start({ tlsConfig, - }); - revProxy = new ReverseProxy({ - logger: logger.getChild('revProxy'), - }); - await revProxy.start({ serverHost, serverPort, - tlsConfig, + proxyHost: localHost, }); await nodeGraph.setNode(remoteNodeId1, { - host: remoteNode1.revProxy.getIngressHost(), - port: remoteNode1.revProxy.getIngressPort(), + host: remoteNode1.proxy.getProxyHost(), + port: remoteNode1.proxy.getProxyPort(), }); await nodeGraph.setNode(remoteNodeId2, { - host: remoteNode2.revProxy.getIngressHost(), - port: remoteNode2.revProxy.getIngressPort(), + host: remoteNode2.proxy.getProxyHost(), + port: remoteNode2.proxy.getProxyPort(), }); }); @@ -175,8 +168,7 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); }); // Timeouts @@ -187,8 +179,7 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connTimeoutTime: 500, logger: nodeConnectionManagerLogger, }); @@ -225,8 +216,7 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, connTimeoutTime: 1000, logger: nodeConnectionManagerLogger, }); @@ -279,8 +269,7 @@ describe(`${NodeConnectionManager.name} timeout test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger: nodeConnectionManagerLogger, }); await nodeConnectionManager.start(); diff --git a/tests/nodes/NodeGraph.test.ts b/tests/nodes/NodeGraph.test.ts index 1960c02d3..6b9eec700 100644 --- a/tests/nodes/NodeGraph.test.ts +++ b/tests/nodes/NodeGraph.test.ts @@ -11,13 +11,15 @@ import NodeGraph from '@/nodes/NodeGraph'; import * as nodesErrors from '@/nodes/errors'; import KeyManager from '@/keys/KeyManager'; import * as keysUtils from '@/keys/utils'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as nodesUtils from '@/nodes/utils'; import Sigchain from '@/sigchain/Sigchain'; import * as nodesTestUtils from './utils'; describe(`${NodeGraph.name} test`, () => { + const localHost = '127.0.0.1' as Host; + const port = 0 as Port; const password = 'password'; let nodeGraph: NodeGraph; let nodeId: NodeId; @@ -33,8 +35,7 @@ describe(`${NodeGraph.name} test`, () => { const logger = new Logger(`${NodeGraph.name} test`, LogLevel.ERROR, [ new StreamHandler(), ]); - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let dataDir: string; let keyManager: KeyManager; let db: DB; @@ -62,16 +63,13 @@ describe(`${NodeGraph.name} test`, () => { keysPath, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', logger: logger, }); - - revProxy = new ReverseProxy({ - logger: logger, - }); - - await fwdProxy.start({ + await proxy.start({ + serverHost: localHost, + serverPort: port, tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), @@ -102,8 +100,7 @@ describe(`${NodeGraph.name} test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager: keyManager, nodeGraph: nodeGraph, - fwdProxy: fwdProxy, - revProxy: revProxy, + proxy: proxy, logger: logger, }); await nodeConnectionManager.start(); @@ -117,7 +114,7 @@ describe(`${NodeGraph.name} test`, () => { await nodeConnectionManager.stop(); await nodeGraph.stop(); await keyManager.stop(); - await fwdProxy.stop(); + await proxy.stop(); await fs.promises.rm(dataDir, { force: true, recursive: true, diff --git a/tests/nodes/NodeManager.test.ts b/tests/nodes/NodeManager.test.ts index cbca0e52e..a50fe9637 100644 --- a/tests/nodes/NodeManager.test.ts +++ b/tests/nodes/NodeManager.test.ts @@ -6,38 +6,39 @@ import path from 'path'; import fs from 'fs'; import Logger, { LogLevel, StreamHandler } from '@matrixai/logger'; import { DB } from '@matrixai/db'; +import UTP from 'utp-native'; import PolykeyAgent from '@/PolykeyAgent'; import KeyManager from '@/keys/KeyManager'; import * as keysUtils from '@/keys/utils'; import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; import Sigchain from '@/sigchain/Sigchain'; import * as claimsUtils from '@/claims/utils'; -import { sleep } from '@/utils'; +import { promisify, sleep } from '@/utils'; import * as nodesUtils from '@/nodes/utils'; describe(`${NodeManager.name} test`, () => { const password = 'password'; - const logger = new Logger(`${NodeManager.name} test`, LogLevel.ERROR, [ + const logger = new Logger(`${NodeManager.name} test`, LogLevel.WARN, [ new StreamHandler(), ]); let dataDir: string; let nodeGraph: NodeGraph; let nodeConnectionManager: NodeConnectionManager; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; let keyManager: KeyManager; let keyPairPem: KeyPairPem; let certPem: CertificatePem; let db: DB; let sigchain: Sigchain; + let utpSocket: UTP; const serverHost = '::1' as Host; - const serverPort = 1 as Port; - ``; + const externalHost = '127.0.0.1' as Host; + const serverPort = 0 as Port; + const externalPort = 0 as Port; const mockedGenerateDeterministicKeyPair = jest.spyOn( keysUtils, 'generateDeterministicKeyPair', @@ -62,23 +63,18 @@ describe(`${NodeManager.name} test`, () => { keyPairPem = keyManager.getRootKeyPairPem(); certPem = keysUtils.certToPem(cert); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'abc', logger: logger, }); - revProxy = new ReverseProxy({ - logger: logger, - }); - - await fwdProxy.start({ - tlsConfig: { - keyPrivatePem: keyPairPem.privateKey, - certChainPem: certPem, - }, - }); - await revProxy.start({ + utpSocket = new UTP({ allowHalfOpen: true }); + const utpSocketBind = promisify(utpSocket.bind).bind(utpSocket); + await utpSocketBind(55555, '127.0.0.1'); + await proxy.start({ serverHost, serverPort, + proxyHost: externalHost, + proxyPort: externalPort, tlsConfig: { keyPrivatePem: keyPairPem.privateKey, certChainPem: certPem, @@ -106,8 +102,7 @@ describe(`${NodeManager.name} test`, () => { nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy, + proxy, logger, }); await nodeConnectionManager.start(); @@ -122,8 +117,9 @@ describe(`${NodeManager.name} test`, () => { await db.destroy(); await keyManager.stop(); await keyManager.destroy(); - await fwdProxy.stop(); - await revProxy.stop(); + await proxy.stop(); + utpSocket.close(); + utpSocket.unref(); await fs.promises.rm(dataDir, { force: true, recursive: true, @@ -144,8 +140,8 @@ describe(`${NodeManager.name} test`, () => { }); const serverNodeId = server.keyManager.getNodeId(); let serverNodeAddress: NodeAddress = { - host: server.revProxy.getIngressHost(), - port: server.revProxy.getIngressPort(), + host: server.proxy.getProxyHost(), + port: server.proxy.getProxyPort(), }; await nodeGraph.setNode(serverNodeId, serverNodeAddress); @@ -168,8 +164,8 @@ describe(`${NodeManager.name} test`, () => { await server.start({ password: 'password' }); // Update the node address (only changes because we start and stop) serverNodeAddress = { - host: server.revProxy.getIngressHost(), - port: server.revProxy.getIngressPort(), + host: server.proxy.getProxyHost(), + port: server.proxy.getProxyPort(), }; await nodeGraph.setNode(serverNodeId, serverNodeAddress); // Check if active @@ -207,8 +203,8 @@ describe(`${NodeManager.name} test`, () => { }); const serverNodeId = server.keyManager.getNodeId(); const serverNodeAddress: NodeAddress = { - host: server.revProxy.getIngressHost(), - port: server.revProxy.getIngressPort(), + host: server.proxy.getProxyHost(), + port: server.proxy.getProxyPort(), }; await nodeGraph.setNode(serverNodeId, serverNodeAddress); @@ -267,8 +263,8 @@ describe(`${NodeManager.name} test`, () => { xNodeId = x.keyManager.getNodeId(); xNodeAddress = { - host: x.revProxy.getIngressHost(), - port: x.revProxy.getIngressPort(), + host: externalHost, + port: x.proxy.getProxyPort(), }; xPublicKey = x.keyManager.getRootKeyPairPem().publicKey; @@ -285,8 +281,8 @@ describe(`${NodeManager.name} test`, () => { }); yNodeId = y.keyManager.getNodeId(); yNodeAddress = { - host: y.revProxy.getIngressHost(), - port: y.revProxy.getIngressPort(), + host: externalHost, + port: y.proxy.getProxyPort(), }; yPublicKey = y.keyManager.getRootKeyPairPem().publicKey; diff --git a/tests/nodes/TestNodeConnection.ts b/tests/nodes/TestNodeConnection.ts index dd42788e3..6dd583a6b 100644 --- a/tests/nodes/TestNodeConnection.ts +++ b/tests/nodes/TestNodeConnection.ts @@ -2,7 +2,7 @@ import type { PublicKeyPem } from '@/keys/types'; import type { AbstractConstructorParameters } from '@/types'; import type { Host, Port } from '@/network/types'; -import type ForwardProxy from '@/network/ForwardProxy'; +import type Proxy from '@/network/Proxy'; import type GRPCClientAgent from '@/agent/GRPCClientAgent'; import Logger from '@matrixai/logger'; import NodeConnection from '@/nodes/NodeConnection'; @@ -19,14 +19,14 @@ class TestNodeConnection extends NodeConnection { publicKey, targetHost, targetPort, - fwdProxy, + proxy, destroyCallback, logger, }: { publicKey: PublicKeyPem | null; targetHost: Host; targetPort: Port; - fwdProxy: ForwardProxy; + proxy: Proxy; destroyCallback: () => Promise; logger?: Logger; }): Promise { @@ -37,7 +37,7 @@ class TestNodeConnection extends NodeConnection { host: targetHost, port: targetPort, destroyCallback, - fwdProxy, + proxy, }); } diff --git a/tests/nodes/utils.ts b/tests/nodes/utils.ts index 74b8a6f67..fca9ad53b 100644 --- a/tests/nodes/utils.ts +++ b/tests/nodes/utils.ts @@ -51,13 +51,13 @@ function generateNodeIdForBucket( async function nodesConnect(localNode: PolykeyAgent, remoteNode: PolykeyAgent) { // Add remote node's details to local node await localNode.nodeManager.setNode(remoteNode.keyManager.getNodeId(), { - host: remoteNode.revProxy.getIngressHost(), - port: remoteNode.revProxy.getIngressPort(), + host: remoteNode.proxy.getProxyHost(), + port: remoteNode.proxy.getProxyPort(), } as NodeAddress); // Add local node's details to remote node await remoteNode.nodeManager.setNode(localNode.keyManager.getNodeId(), { - host: localNode.revProxy.getIngressHost(), - port: localNode.revProxy.getIngressPort(), + host: localNode.proxy.getProxyHost(), + port: localNode.proxy.getProxyPort(), } as NodeAddress); } diff --git a/tests/notifications/NotificationsManager.test.ts b/tests/notifications/NotificationsManager.test.ts index 8153178a0..f644dab0d 100644 --- a/tests/notifications/NotificationsManager.test.ts +++ b/tests/notifications/NotificationsManager.test.ts @@ -16,8 +16,8 @@ import NodeConnectionManager from '@/nodes/NodeConnectionManager'; import NodeGraph from '@/nodes/NodeGraph'; import NodeManager from '@/nodes/NodeManager'; import NotificationsManager from '@/notifications/NotificationsManager'; -import ForwardProxy from '@/network/ForwardProxy'; -import ReverseProxy from '@/network/ReverseProxy'; +import Proxy from '@/network/Proxy'; + import * as notificationsErrors from '@/notifications/errors'; import * as vaultsUtils from '@/vaults/utils'; import * as nodesUtils from '@/nodes/utils'; @@ -54,8 +54,8 @@ describe('NotificationsManager', () => { let nodeManager: NodeManager; let keyManager: KeyManager; let sigchain: Sigchain; - let fwdProxy: ForwardProxy; - let revProxy: ReverseProxy; + let proxy: Proxy; + let receiver: PolykeyAgent; beforeAll(async () => { const globalKeyPair = await testUtils.setupGlobalKeypair(); @@ -95,24 +95,17 @@ describe('NotificationsManager', () => { keyManager, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'abc123', logger, }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, - }); - revProxy = new ReverseProxy({ logger }); - await revProxy.start({ serverHost: '127.0.0.1' as Host, - serverPort: 55555 as Port, - tlsConfig: { - keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, - certChainPem: await keyManager.getRootCertChainPem(), - }, + serverPort: 0 as Port, }); nodeGraph = await NodeGraph.createNodeGraph({ db, @@ -122,8 +115,7 @@ describe('NotificationsManager', () => { nodeConnectionManager = new NodeConnectionManager({ nodeGraph, keyManager, - fwdProxy, - revProxy, + proxy, logger, }); await nodeConnectionManager.start(); @@ -145,16 +137,15 @@ describe('NotificationsManager', () => { logger, }); await nodeGraph.setNode(receiver.keyManager.getNodeId(), { - host: receiver.revProxy.getIngressHost(), - port: receiver.revProxy.getIngressPort(), + host: receiver.proxy.getProxyHost(), + port: receiver.proxy.getProxyPort(), }); }, global.defaultTimeout); afterAll(async () => { await receiver.stop(); await nodeConnectionManager.stop(); await nodeGraph.stop(); - await revProxy.stop(); - await fwdProxy.stop(); + await proxy.stop(); await sigchain.stop(); await acl.stop(); await db.stop(); diff --git a/tests/status/Status.test.ts b/tests/status/Status.test.ts index 8a158febe..710ddc0ee 100644 --- a/tests/status/Status.test.ts +++ b/tests/status/Status.test.ts @@ -69,8 +69,8 @@ describe('Status', () => { nodeId: nodeId1, clientHost: '::1' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyHost: '::1' as Host, + proxyPort: 0 as Port, grpcHost: 'localhost', grpcPort: 12345, anything: 'something', @@ -141,8 +141,8 @@ describe('Status', () => { nodeId: nodeId1, clientHost: '::1' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyPort: 0 as Port, + proxyHost: '::1' as Host, grpcHost: 'localhost', grpcPort: 12345, anything: 'something', @@ -207,8 +207,8 @@ describe('Status', () => { await status.finishStart({ clientHost: '' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyHost: '' as Host, + proxyPort: 0 as Port, nodeId: nodeId3, pid: 0, }); @@ -252,8 +252,8 @@ describe('Status', () => { status.finishStart({ clientHost: '' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 3425 as Port, + proxyHost: '127.0.0.1' as Host, + proxyPort: 3425 as Port, nodeId: nodeId3, pid: 0, }), @@ -264,8 +264,8 @@ describe('Status', () => { status.finishStart({ clientHost: '' as Host, clientPort: 3445 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyHost: '127.0.0.1' as Host, + proxyPort: 0 as Port, nodeId: nodeId3, pid: 0, }), @@ -276,8 +276,8 @@ describe('Status', () => { status.finishStart({ clientHost: '' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyHost: '127.0.0.1' as Host, + proxyPort: 0 as Port, nodeId: nodeId3, pid: 0, }), @@ -310,8 +310,8 @@ describe('Status', () => { const p1 = status.finishStart({ clientHost: '' as Host, clientPort: 0 as Port, - ingressHost: '127.0.0.1' as Host, - ingressPort: 0 as Port, + proxyHost: '127.0.0.1' as Host, + proxyPort: 0 as Port, nodeId: nodeId3, pid: 0, }); diff --git a/tests/utils.ts b/tests/utils.ts index 450e580ea..3f446b465 100644 --- a/tests/utils.ts +++ b/tests/utils.ts @@ -116,8 +116,7 @@ async function setupGlobalAgent( nodePath: globalAgentDir, networkConfig: { proxyHost: '127.0.0.1' as Host, - egressHost: '127.0.0.1' as Host, - ingressHost: '127.0.0.1' as Host, + forwardHost: '127.0.0.1' as Host, agentHost: '127.0.0.1' as Host, clientHost: '127.0.0.1' as Host, }, diff --git a/tests/vaults/VaultManager.test.ts b/tests/vaults/VaultManager.test.ts index fe5cd97b8..89c81c0e8 100644 --- a/tests/vaults/VaultManager.test.ts +++ b/tests/vaults/VaultManager.test.ts @@ -6,7 +6,6 @@ import type { VaultName, } from '@/vaults/types'; import type NotificationsManager from '@/notifications/NotificationsManager'; -import type ReverseProxy from '@/network/ReverseProxy'; import type { Host, Port, TLSConfig } from '@/network/types'; import fs from 'fs'; import os from 'os'; @@ -25,7 +24,7 @@ import VaultManager from '@/vaults/VaultManager'; import * as vaultsErrors from '@/vaults/errors'; import NodeGraph from '@/nodes/NodeGraph'; import * as nodesUtils from '@/nodes/utils'; -import ForwardProxy from '@/network/ForwardProxy'; +import Proxy from '@/network/Proxy'; import * as vaultsUtils from '@/vaults/utils'; import * as keysUtils from '@/keys/utils'; import { sleep } from '@/utils'; @@ -39,6 +38,8 @@ const mockedGenerateDeterministicKeyPair = jest }); describe('VaultManager', () => { + const localHost = '127.0.0.1' as Host; + const port = 0 as Port; const logger = new Logger('VaultManager Test', LogLevel.WARN, [ new StreamHandler(), ]); @@ -466,7 +467,7 @@ describe('VaultManager', () => { describe('With remote agents', () => { let allDataDir: string; let keyManager: KeyManager; - let fwdProxy: ForwardProxy; + let proxy: Proxy; let nodeGraph: NodeGraph; let nodeConnectionManager: NodeConnectionManager; let remoteKeynode1: PolykeyAgent, remoteKeynode2: PolykeyAgent; @@ -496,12 +497,12 @@ describe('VaultManager', () => { // Adding details to each agent await remoteKeynode1.nodeGraph.setNode(remoteKeynode2Id, { - host: remoteKeynode2.revProxy.getIngressHost(), - port: remoteKeynode2.revProxy.getIngressPort(), + host: remoteKeynode2.proxy.getProxyHost(), + port: remoteKeynode2.proxy.getProxyPort(), }); await remoteKeynode2.nodeGraph.setNode(remoteKeynode1Id, { - host: remoteKeynode1.revProxy.getIngressHost(), - port: remoteKeynode1.revProxy.getIngressPort(), + host: remoteKeynode1.proxy.getProxyHost(), + port: remoteKeynode1.proxy.getProxyPort(), }); await remoteKeynode1.gestaltGraph.setNode({ @@ -536,7 +537,7 @@ describe('VaultManager', () => { keyManager: dummyKeyManager, logger, }); - fwdProxy = new ForwardProxy({ + proxy = new Proxy({ authToken: 'auth', logger, }); @@ -554,34 +555,33 @@ describe('VaultManager', () => { certChainPem: await keyManager.getRootCertChainPem(), }; - await fwdProxy.start({ tlsConfig }); - const dummyRevProxy = { - getIngressHost: () => 'localhost' as Host, - getIngressPort: () => 0 as Port, - } as ReverseProxy; + await proxy.start({ + tlsConfig, + serverHost: localHost, + serverPort: port, + }); nodeConnectionManager = new NodeConnectionManager({ keyManager, nodeGraph, - fwdProxy, - revProxy: dummyRevProxy, + proxy, logger, }); await nodeConnectionManager.start(); await nodeGraph.setNode(remoteKeynode1Id, { - host: remoteKeynode1.revProxy.getIngressHost(), - port: remoteKeynode1.revProxy.getIngressPort(), + host: remoteKeynode1.proxy.getProxyHost(), + port: remoteKeynode1.proxy.getProxyPort(), }); await nodeGraph.setNode(remoteKeynode2Id, { - host: remoteKeynode2.revProxy.getIngressHost(), - port: remoteKeynode2.revProxy.getIngressPort(), + host: remoteKeynode2.proxy.getProxyHost(), + port: remoteKeynode2.proxy.getProxyPort(), }); }); afterEach(async () => { await remoteKeynode1.vaultManager.destroyVault(remoteVaultId); await nodeConnectionManager.stop(); - await fwdProxy.stop(); + await proxy.stop(); await nodeGraph.stop(); await nodeGraph.destroy(); await keyManager.stop(); @@ -1440,7 +1440,7 @@ describe('VaultManager', () => { keyManager: dummyKeyManager, logger, }); - const fwdProxy = new ForwardProxy({ + const proxy = new Proxy({ authToken: 'auth', logger, }); @@ -1449,18 +1449,19 @@ describe('VaultManager', () => { password: 'password', logger, }); - await fwdProxy.start({ + await proxy.start({ tlsConfig: { keyPrivatePem: keyManager.getRootKeyPairPem().privateKey, certChainPem: await keyManager.getRootCertChainPem(), }, + serverHost: localHost, + serverPort: port, }); const nodeConnectionManager = new NodeConnectionManager({ keyManager, logger, nodeGraph, - fwdProxy, - revProxy: {} as ReverseProxy, + proxy, connConnectTime: 1000, }); await nodeConnectionManager.start(); @@ -1482,7 +1483,7 @@ describe('VaultManager', () => { // Letting nodeGraph know where the remote agent is await nodeGraph.setNode(targetNodeId, { host: 'localhost' as Host, - port: remoteAgent.revProxy.getIngressPort(), + port: remoteAgent.proxy.getProxyPort(), }); await remoteAgent.gestaltGraph.setNode({ @@ -1545,7 +1546,7 @@ describe('VaultManager', () => { await vaultManager.stop(); await vaultManager.destroy(); await nodeConnectionManager.stop(); - await fwdProxy.stop(); + await proxy.stop(); await nodeGraph.stop(); await nodeGraph.destroy(); await gestaltGraph.stop();