mirror of
https://gitee.com/mirrors/AllinSSL.git
synced 2026-03-07 23:31:10 +08:00
【修复】部分方法数据链接没有正常关闭
【调整】升级lego最新版本v4.25.2 【调整】ca列表支持层级筛选
This commit is contained in:
v-me-50
@@ -44,6 +44,7 @@ func CreateIntermediateCA(c *gin.Context) {
|
||||
func GetCAList(c *gin.Context) {
|
||||
var form struct {
|
||||
Search string `form:"search"`
|
||||
Level string `form:"level"`
|
||||
Page int64 `form:"p"`
|
||||
Limit int64 `form:"limit"`
|
||||
}
|
||||
@@ -52,7 +53,7 @@ func GetCAList(c *gin.Context) {
|
||||
public.FailMsg(c, err.Error())
|
||||
return
|
||||
}
|
||||
data, count, err := private_ca.ListCAs(form.Search, form.Page, form.Limit)
|
||||
data, count, err := private_ca.ListCAs(form.Search, form.Level, form.Page, form.Limit)
|
||||
if err != nil {
|
||||
public.FailMsg(c, err.Error())
|
||||
return
|
||||
|
||||
@@ -139,6 +139,7 @@ func AddAccount(email, ca, Kid, HmacEncoded, CADirURL string) error {
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get sqlite: %w", err)
|
||||
}
|
||||
defer db.Close()
|
||||
now := time.Now().Format("2006-01-02 15:04:05")
|
||||
if (ca == "sslcom" || ca == "google") && (Kid == "" || HmacEncoded == "") {
|
||||
return fmt.Errorf("Kid and HmacEncoded are required for %s CA", ca)
|
||||
@@ -166,6 +167,7 @@ func UpdateAccount(id, email, ca, Kid, HmacEncoded, CADirURL string) error {
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get sqlite: %w", err)
|
||||
}
|
||||
defer db.Close()
|
||||
account := map[string]interface{}{
|
||||
"email": email,
|
||||
"type": ca,
|
||||
@@ -186,6 +188,7 @@ func DelAccount(id string) error {
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get sqlite: %w", err)
|
||||
}
|
||||
defer db.Close()
|
||||
_, err = db.Where("id=?", []any{id}).Delete()
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to delete account: %w", err)
|
||||
@@ -198,6 +201,7 @@ func GetAccountList(search, ca string, p, limit int64) ([]map[string]interface{}
|
||||
if err != nil {
|
||||
return nil, 0, fmt.Errorf("failed to get sqlite: %w", err)
|
||||
}
|
||||
defer db.Close()
|
||||
whereSql := "1=1"
|
||||
var whereArgs []any
|
||||
limits := []int64{0, 100}
|
||||
@@ -247,6 +251,7 @@ func GetCaList() ([]string, int, error) {
|
||||
if err != nil {
|
||||
return nil, 0, fmt.Errorf("failed to get sqlite: %w", err)
|
||||
}
|
||||
defer db.Close()
|
||||
data, err := db.Field([]string{"type"}).GroupBy("type").Select()
|
||||
if err != nil {
|
||||
return nil, 0, fmt.Errorf("failed to get CA list: %w", err)
|
||||
|
||||
@@ -31,6 +31,7 @@ import (
|
||||
"github.com/go-acme/lego/v4/providers/dns/namesilo"
|
||||
"github.com/go-acme/lego/v4/providers/dns/ns1"
|
||||
"github.com/go-acme/lego/v4/providers/dns/route53"
|
||||
"github.com/go-acme/lego/v4/providers/dns/spaceship"
|
||||
"github.com/go-acme/lego/v4/providers/dns/tencentcloud"
|
||||
"github.com/go-acme/lego/v4/providers/dns/volcengine"
|
||||
"github.com/go-acme/lego/v4/providers/dns/westcn"
|
||||
@@ -151,6 +152,7 @@ func GetDNSProvider(providerName string, creds map[string]string, httpClient *ht
|
||||
config := route53.NewDefaultConfig()
|
||||
config.AccessKeyID = creds["access_key_id"]
|
||||
config.SecretAccessKey = creds["secret_access_key"]
|
||||
config.Region = creds["region"]
|
||||
config.PropagationTimeout = maxWait
|
||||
return route53.NewDNSProviderConfig(config)
|
||||
case "azure":
|
||||
@@ -208,6 +210,14 @@ func GetDNSProvider(providerName string, creds map[string]string, httpClient *ht
|
||||
config := webhook.NewConfig(creds)
|
||||
config.PropagationTimeout = maxWait
|
||||
return webhook.NewDNSProviderConfig(config)
|
||||
case "spaceship":
|
||||
config := spaceship.NewDefaultConfig()
|
||||
config.APIKey = creds["api_key"]
|
||||
config.APISecret = creds["api_secret"]
|
||||
config.PropagationTimeout = maxWait
|
||||
return spaceship.NewDNSProviderConfig(config)
|
||||
//case "edgeone":
|
||||
//config :=
|
||||
|
||||
default:
|
||||
return nil, fmt.Errorf("不支持的 DNS Provider: %s", providerName)
|
||||
|
||||
@@ -27,6 +27,7 @@ func CreateRootCA(name, commonName, organization, organizationalUnit, country, p
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer s.Close()
|
||||
|
||||
_, err = s.Insert(public.StructToMap(data, true))
|
||||
if err != nil {
|
||||
@@ -40,6 +41,7 @@ func CreateIntermediateCA(name, commonName, organization, organizationalUnit, co
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer s.Close()
|
||||
|
||||
issuers, err := s.Where("id=?", []interface{}{rootId}).Select()
|
||||
if err != nil {
|
||||
@@ -84,7 +86,7 @@ func DeleteCA(id int64) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer s.Close()
|
||||
// 检查是否有子证书
|
||||
children, err := s.Where("root_id=?", []interface{}{id}).Select()
|
||||
if err != nil {
|
||||
@@ -94,18 +96,19 @@ func DeleteCA(id int64) error {
|
||||
return fmt.Errorf("cannot delete CA with id %d: it has child CAs", id)
|
||||
}
|
||||
|
||||
_, err = s.Where("root_id=?", []interface{}{id}).Delete()
|
||||
_, err = s.Where("id=?", []interface{}{id}).Delete()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func ListCAs(search string, p, limit int64) ([]map[string]interface{}, int, error) {
|
||||
func ListCAs(search, level string, p, limit int64) ([]map[string]interface{}, int, error) {
|
||||
s, err := GetSqlite()
|
||||
if err != nil {
|
||||
return nil, 0, err
|
||||
}
|
||||
defer s.Close()
|
||||
var data []map[string]any
|
||||
var count int64
|
||||
var limits []int64
|
||||
@@ -117,14 +120,22 @@ func ListCAs(search string, p, limit int64) ([]map[string]interface{}, int, erro
|
||||
limits[1] = limit
|
||||
}
|
||||
}
|
||||
|
||||
whereStr := "1=1"
|
||||
var params []interface{}
|
||||
if search != "" {
|
||||
data, err = s.Where("name like ? or cn like ?", []interface{}{"%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Where("name like ? or cn like ?", []interface{}{"%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Count()
|
||||
} else {
|
||||
data, err = s.Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Limit(limits).Order("create_time", "desc").Count()
|
||||
whereStr += " and (name like ? or cn like ?)"
|
||||
params = append(params, "%"+search+"%", "%"+search+"%")
|
||||
}
|
||||
if level == "root" {
|
||||
whereStr += " and root_id is null"
|
||||
}
|
||||
if level == "intermediate" {
|
||||
whereStr += " and root_id is not null"
|
||||
}
|
||||
|
||||
data, err = s.Where(whereStr, params).Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Where(whereStr, params).Limit(limits).Count()
|
||||
|
||||
if err != nil {
|
||||
return data, int(count), err
|
||||
}
|
||||
@@ -146,8 +157,12 @@ func CreateLeafCert(caId, usage, keyBits, validDays int64, cn, san string) (*Lea
|
||||
if cn == "" {
|
||||
if len(sans.DNSNames) > 0 {
|
||||
cn = sans.DNSNames[0]
|
||||
} else {
|
||||
} else if len(sans.IPAddresses) > 0 {
|
||||
cn = string(sans.IPAddresses[0])
|
||||
} else if len(sans.EmailAddresses) > 0 {
|
||||
cn = sans.EmailAddresses[0]
|
||||
} else {
|
||||
return nil, fmt.Errorf("CN和SAN不能为空")
|
||||
}
|
||||
}
|
||||
s, err := GetSqlite()
|
||||
@@ -206,30 +221,44 @@ func ListLeafCerts(caId int64, search string, p, limit int64) ([]map[string]inte
|
||||
var count int64
|
||||
var limits []int64
|
||||
|
||||
if p >= 0 && limit >= 0 {
|
||||
sql := `
|
||||
select leaf.*, ca.name as ca_name, ca.cn as ca_cn
|
||||
from leaf
|
||||
left join ca on leaf.ca_id = ca.id
|
||||
where 1=1
|
||||
`
|
||||
// 拼接查询条件
|
||||
var params []interface{}
|
||||
if caId > 0 {
|
||||
sql += " and leaf.ca_id = ?"
|
||||
params = append(params, caId)
|
||||
}
|
||||
if search != "" {
|
||||
sql += " and (leaf.cn like ? or leaf.san like ?)"
|
||||
params = append(params, "%"+search+"%", "%"+search+"%")
|
||||
}
|
||||
sql += " order by leaf.create_time desc"
|
||||
sqlCount := "select count(id) as count from (" + sql + ")"
|
||||
if p > 0 && limit > 0 {
|
||||
limits = []int64{0, limit}
|
||||
if p > 1 {
|
||||
limits[0] = (p - 1) * limit
|
||||
limits[1] = limit
|
||||
}
|
||||
sql += fmt.Sprintf(" limit %d offset %d", limits[1], limits[0])
|
||||
}
|
||||
data, err = s.Query(sql, params...)
|
||||
if err != nil {
|
||||
return data, 0, err
|
||||
}
|
||||
countResult, err := s.Query(sqlCount, params...)
|
||||
if err != nil {
|
||||
return data, 0, err
|
||||
}
|
||||
if len(countResult) > 0 {
|
||||
count = countResult[0]["count"].(int64)
|
||||
}
|
||||
|
||||
if caId > 0 && search != "" {
|
||||
data, err = s.Where("ca_id=? and (cn like ? or san like ?)", []interface{}{caId, "%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Where("ca_id=? and (cn like ? or san like ?)", []interface{}{caId, "%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Count()
|
||||
} else if caId > 0 {
|
||||
data, err = s.Where("ca_id=?", []interface{}{caId}).Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Where("ca_id=?", []interface{}{caId}).Limit(limits).Order("create_time", "desc").Count()
|
||||
} else if search != "" {
|
||||
data, err = s.Where("cn like ? or san like ?", []interface{}{"%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Where("cn like ? or san like ?", []interface{}{"%" + search + "%", "%" + search + "%"}).Limit(limits).Order("create_time", "desc").Count()
|
||||
} else {
|
||||
data, err = s.Limit(limits).Order("create_time", "desc").Select()
|
||||
count, err = s.Limit(limits).Order("create_time", "desc").Count()
|
||||
}
|
||||
if err != nil {
|
||||
return data, int(count), err
|
||||
}
|
||||
return data, int(count), nil
|
||||
}
|
||||
|
||||
|
||||
@@ -370,6 +370,61 @@ create table monitor
|
||||
on err_record (monitor_id);
|
||||
`)
|
||||
|
||||
dbPrivateCa, err := sql.Open("sqlite", "data/private_ca.db")
|
||||
if err != nil {
|
||||
// fmt.Println("创建 private_ca 数据库失败:", err)
|
||||
return
|
||||
}
|
||||
defer dbPrivateCa.Close()
|
||||
// 创建表
|
||||
_, err = dbPrivateCa.Exec(`
|
||||
PRAGMA journal_mode=WAL;
|
||||
create table if not exists ca
|
||||
(
|
||||
id integer not null
|
||||
constraint ca_pk
|
||||
primary key autoincrement,
|
||||
root_id integer,
|
||||
name TEXT not null,
|
||||
cn TEXT not null,
|
||||
o TEXT not null,
|
||||
c TEXT not null,
|
||||
cert TEXT not null,
|
||||
key TEXT not null,
|
||||
en_cert TEXT,
|
||||
en_key TEXT,
|
||||
algorithm TEXT not null,
|
||||
key_length integer,
|
||||
not_before TEXT not null,
|
||||
not_after TEXT not null,
|
||||
create_time TEXT not null
|
||||
);
|
||||
create index ca_root_id_index
|
||||
on ca (root_id);
|
||||
create table leaf
|
||||
(
|
||||
id integer not null
|
||||
constraint leaf_pk
|
||||
primary key autoincrement,
|
||||
ca_id integer not null,
|
||||
cn TEXT not null,
|
||||
san TEXT not null,
|
||||
usage integer not null,
|
||||
cert TEXT not null,
|
||||
key TEXT not null,
|
||||
en_cert TEXT,
|
||||
en_key TEXT,
|
||||
algorithm TEXT not null,
|
||||
key_length integer,
|
||||
not_before TEXT not null,
|
||||
not_after TEXT not null,
|
||||
create_time TEXT not null
|
||||
);
|
||||
|
||||
create index leaf_ca_id_index
|
||||
on leaf (ca_id);
|
||||
`)
|
||||
|
||||
}
|
||||
|
||||
func insertDefaultData(db *sql.DB, table, insertSQL string) {
|
||||
|
||||
Reference in New Issue
Block a user