【修复】修复长期持有tcp连接未关闭

【修复】修复生成新的acme账号时有概率覆盖所有账号【修复】修复新旧let账号不统一的兼容性问题
2025-08-18 15:58:01 +08:00 · 2025-08-18 15:58:01 +08:00 · bf0971f405
parent e939724f37
commit bf0971f405
8 changed files with 39 additions and 19 deletions
--- a/backend/internal/cert/apply/account.go
+++ b/backend/internal/cert/apply/account.go
@ -50,12 +50,18 @@ func SaveUserToDB(db *public.Sqlite, user *MyUser, Type string) error {
 		Bytes: keyBytes,
 	})
 	now := time.Now().Format("2006-01-02 15:04:05")
-	data, err := db.Where(`email=? and type=?`, []interface{}{user.Email, Type}).Select()
+	var data []map[string]interface{}
+	if Type == "letsencrypt" || Type == "Let's Encrypt" {
+		data, err = db.Where(`email=? and type in ('letsencrypt','Let''s Encrypt')`, []interface{}{user.Email}).Select()
+	} else {
+		data, err = db.Where(`email=? and type=?`, []interface{}{user.Email, Type}).Select()
+	}
+
 	if err != nil {
 		return err
 	}
 	if len(data) > 0 {
-		_, err = db.Update(map[string]interface{}{
+		_, err = db.Where(`id = ?`, []interface{}{data[0]["id"]}).Update(map[string]interface{}{
 			"private_key": string(pemBytes),
 			"reg":         regBytes,
 			"update_time": now,
@ -112,7 +118,13 @@ func GetAcmeUser(email string, logger *public.Logger, accData map[string]any) (u
 }

 func GetAccount(db *public.Sqlite, email, ca string) (map[string]interface{}, error) {
-	data, err := db.Where(`email=? and type=?`, []interface{}{email, ca}).Select()
+	var data []map[string]interface{}
+	var err error
+	if ca == "letsencrypt" || ca == "Let's Encrypt" {
+		data, err = db.Where(`email=? and type in ('letsencrypt','Let''s Encrypt')`, []interface{}{email}).Select()
+	} else {
+		data, err = db.Where(`email=? and type=?`, []interface{}{email, ca}).Select()
+	}
 	if err != nil {
 		return nil, err
 	}
@ -204,11 +216,12 @@ func GetAccountList(search, ca string, p, limit int64) ([]map[string]interface{}
 		if ca == "custom" {
 			whereSql += `and type not in ('Let's Encrypt','buypass', 'google', 'sslcom', 'zerossl')`
 		} else {
-			if ca == "letsencrypt" {
-				ca = "Let's Encrypt"
+			if ca == "letsencrypt" || ca == "Let's Encrypt" {
+				whereSql += " and type in ('Let''s Encrypt', 'letsencrypt')"
+			} else {
+				whereSql += " and type=?"
+				whereArgs = append(whereArgs, ca)
 			}
-			whereSql += " and type=?"
-			whereArgs = append(whereArgs, ca)
 		}
 	}
 	count, err := db.Where(whereSql, whereArgs).Count()
--- a/backend/internal/cert/apply/apply.go
+++ b/backend/internal/cert/apply/apply.go
@ -495,7 +495,8 @@ func Apply(cfg map[string]any, logger *public.Logger) (map[string]any, error) {
 		}
 		httpClient = &http.Client{
 			Transport: &http.Transport{
-				Proxy: http.ProxyURL(proxyURL),
+				Proxy:             http.ProxyURL(proxyURL),
+				DisableKeepAlives: true,
 			},
 			Timeout: 30 * time.Second,
 		}
--- a/backend/internal/cert/deploy/1panel.go
+++ b/backend/internal/cert/deploy/1panel.go
@ -91,7 +91,8 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@ -269,7 +270,7 @@ func OnePanelSiteList(providerID string) ([]response.AccessSiteList, error) {
 	if err != nil {
 		return nil, fmt.Errorf("获取网站列表失败 %v", err)
 	}
-	
+
 	var result []response.AccessSiteList
 	sites, ok := siteList["data"].(map[string]any)["items"].([]any)
 	if !ok {
--- a/backend/internal/cert/deploy/btpanel.go
+++ b/backend/internal/cert/deploy/btpanel.go
@ -65,7 +65,8 @@ func RequestBt(data *url.Values, method, providerID, requestUrl string) (map[str
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
--- a/backend/internal/cert/deploy/btwaf.go
+++ b/backend/internal/cert/deploy/btwaf.go
@ -65,7 +65,8 @@ func RequestBtWaf(data *map[string]any, method, providerID, requestUrl string) (
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@ -207,4 +208,4 @@ func BtWafAPITest(providerID string) error {
 		return fmt.Errorf("测试请求失败: %v", err)
 	}
 	return nil
-}
+}
--- a/backend/internal/cert/deploy/lecdn/lecdn.go
+++ b/backend/internal/cert/deploy/lecdn/lecdn.go
@ -53,7 +53,8 @@ func requestLecdn(url, method, token string, params map[string]any, ignoreSsl bo

 	client := &http.Client{
 		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+			TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+			DisableKeepAlives: true,
 		},
 	}

--- a/backend/internal/cert/deploy/safelinewaf.go
+++ b/backend/internal/cert/deploy/safelinewaf.go
@ -50,7 +50,8 @@ func RequestSafeLineWaf(data *map[string]any, method, providerID, requestUrl str
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@ -211,4 +212,4 @@ func SafeLineAPITest(providerID string) error {
 		return fmt.Errorf("测试请求失败: %v", err)
 	}
 	return nil
-}
+}
--- a/backend/internal/monitor/check.go
+++ b/backend/internal/monitor/check.go
@ -69,8 +69,8 @@ func Check(certs []*x509.Certificate, host string, advanceDay int) (result *Cert
 	}

 	result.CommonName = leafCert.Subject.CommonName
-	result.NotBefore = leafCert.NotBefore.Format("2006-01-02 15:04:05")
-	result.NotAfter = leafCert.NotAfter.Format("2006-01-02 15:04:05")
+	result.NotBefore = leafCert.NotBefore.In(time.Local).Format("2006-01-02 15:04:05")
+	result.NotAfter = leafCert.NotAfter.In(time.Local).Format("2006-01-02 15:04:05")
 	result.DaysLeft = int(leafCert.NotAfter.Sub(time.Now()).Hours() / 24)
 	result.SANs = strings.Join(leafCert.DNSNames, ",")
 	result.SignatureAlgo = leafCert.SignatureAlgorithm.String()
@ -141,8 +141,9 @@ func CheckHttps(target string, advanceDay int) (result *CertInfo, err error) {
 			TLSClientConfig: &tls.Config{
 				InsecureSkipVerify: true,
 			},
+			DisableKeepAlives: true,
 		},
-		//Timeout: 5 * time.Second,
+		Timeout: 30 * time.Second,
 	}

 	// 发送请求