【调整】创建ca方法部分字段非必填

【调整】spaceship
2025-09-04 15:50:41 +08:00 · 2025-09-04 15:50:41 +08:00 · e4dcc97389
parent e9515bb6ae
commit e4dcc97389
4 changed files with 105 additions and 104 deletions
--- a/backend/internal/cert/apply/lego/webhook/lego.go
+++ b/backend/internal/cert/apply/lego/webhook/lego.go
@ -55,7 +55,6 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 }

 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fmt.Println(d.config.WebhookConfig.Url)
 	configData = d.config.WebhookConfig.Data
 	return d.send(domain, token, keyAuth, "present")
 }
--- a/backend/internal/cert/deploy/plugin/plugin.go
+++ b/backend/internal/cert/deploy/plugin/plugin.go
@ -109,7 +109,7 @@ func CallPlugin(name, action string, params map[string]interface{}, logger *publ
 	// 如果是插件或 action 不存在，则刷新插件列表并再试一次
 	if errors.Is(err, ErrPluginNotFound) || errors.Is(err, ErrActionNotFound) {
 		logger.Debug("插件或插件内方法不存在，尝试刷新插件列表...")
-		_, scanErr := scanPlugins("plugins")
+		_, scanErr := GetPlugins()
 		if scanErr != nil {
 			logger.Error("插件刷新失败", scanErr)
 			return nil, fmt.Errorf("插件刷新失败: %v", scanErr)
--- a/backend/internal/private_ca/ca.go
+++ b/backend/internal/private_ca/ca.go
@ -39,23 +39,28 @@ func GenerateRootCAStandard(name, commonName, organization, organizationalUnit,
 	if validDays <= 0 {
 		expire = now.AddDate(10, 0, 0)
 	}
+	subject := pkix.Name{
+		// 通用名称
+		CommonName: commonName,
+		// 国家代码
+		Country: []string{country},
+	}
+	if organization != "" {
+		subject.Organization = []string{organization}
+	}
+	if organizationalUnit != "" {
+		subject.OrganizationalUnit = []string{organizationalUnit}
+	}
+	if province != "" {
+		subject.Province = []string{province}
+	}
+	if locality != "" {
+		subject.Locality = []string{locality}
+	}

 	tmpl := &x509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano()),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano()),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
@ -103,23 +108,29 @@ func GenerateRootCASM2(name, commonName, organization, organizationalUnit, count
 		expire = now.AddDate(10, 0, 0)
 	}

+	subject := pkix.Name{
+		// 通用名称
+		CommonName: commonName,
+		// 国家代码
+		Country: []string{country},
+	}
+	if organization != "" {
+		subject.Organization = []string{organization}
+	}
+	if organizationalUnit != "" {
+		subject.OrganizationalUnit = []string{organizationalUnit}
+	}
+	if province != "" {
+		subject.Province = []string{province}
+	}
+	if locality != "" {
+		subject.Locality = []string{locality}
+	}
+
 	// 2. 创建根签名证书模板
 	signTmpl := &gmx509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano()),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano()),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
@ -130,21 +141,8 @@ func GenerateRootCASM2(name, commonName, organization, organizationalUnit, count

 	// 3. 创建根加密证书模板
 	encryptTmpl := &gmx509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano() + 1),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano() + 1),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
@ -213,22 +211,28 @@ func GenerateIntermediateCAStandard(name, commonName, organization, organization
 		expire = now.AddDate(5, 0, 0)
 	}

+	subject := pkix.Name{
+		// 通用名称
+		CommonName: commonName,
+		// 国家代码
+		Country: []string{country},
+	}
+	if organization != "" {
+		subject.Organization = []string{organization}
+	}
+	if organizationalUnit != "" {
+		subject.OrganizationalUnit = []string{organizationalUnit}
+	}
+	if province != "" {
+		subject.Province = []string{province}
+	}
+	if locality != "" {
+		subject.Locality = []string{locality}
+	}
+
 	tmpl := &x509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano()),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano()),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
@ -288,23 +292,29 @@ func GenerateIntermediateCASM2(name, commonName, organization, organizationalUni
 		expire = now.AddDate(5, 0, 0)
 	}

+	subject := pkix.Name{
+		// 通用名称
+		CommonName: commonName,
+		// 国家代码
+		Country: []string{country},
+	}
+	if organization != "" {
+		subject.Organization = []string{organization}
+	}
+	if organizationalUnit != "" {
+		subject.OrganizationalUnit = []string{organizationalUnit}
+	}
+	if province != "" {
+		subject.Province = []string{province}
+	}
+	if locality != "" {
+		subject.Locality = []string{locality}
+	}
+
 	// 2. 创建中间签名证书模板
 	signTmpl := &gmx509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano()),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano()),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
@ -315,21 +325,8 @@ func GenerateIntermediateCASM2(name, commonName, organization, organizationalUni

 	// 3. 创建中间加密证书模板
 	encryptTmpl := &gmx509.Certificate{
-		SerialNumber: big.NewInt(now.UnixNano() + 1),
-		Subject: pkix.Name{
-			// 通用名称
-			CommonName: commonName,
-			// 组织名称
-			Organization: []string{organization},
-			// 组织单位名称
-			OrganizationalUnit: []string{organizationalUnit},
-			// 国家代码
-			Country: []string{country},
-			// 省份名称
-			Province: []string{province},
-			// 城市名称
-			Locality: []string{locality},
-		},
+		SerialNumber:          big.NewInt(now.UnixNano() + 1),
+		Subject:               subject,
 		NotBefore:             now,
 		NotAfter:              expire,
 		IsCA:                  true,
--- a/backend/migrations/init.go
+++ b/backend/migrations/init.go
@ -185,6 +185,11 @@ func init() {
 	InsertIfNotExists(db, "access_type", map[string]any{"name": "constellix", "type": "dns"}, []string{"name", "type"}, []any{"constellix", "dns"})
 	InsertIfNotExists(db, "access_type", map[string]any{"name": "lecdn", "type": "host"}, []string{"name", "type"}, []any{"lecdn", "host"})

+	InsertIfNotExists(db, "access_type", map[string]any{"name": "spaceship", "type": "dns"}, []string{"name", "type"}, []any{"spaceship", "dns"})
+
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "dns"}, []string{"name", "type"}, []any{"webhook", "dns"})
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "host"}, []string{"name", "type"}, []any{"webhook", "host"})
+
 	err = sqlite_migrate.EnsureDatabaseWithTables(
 		"data/site_monitor.db",
 		"data/data.db",
@ -379,25 +384,25 @@ create table monitor
 	// 创建表
 	_, err = dbPrivateCa.Exec(`
 	PRAGMA journal_mode=WAL;
-	create table if not exists ca
+	create table ca
 	(
-		id          integer not null
+		id          integer         not null
 			constraint ca_pk
 				primary key autoincrement,
 		root_id     integer,
-		name        TEXT    not null,
-		cn          TEXT    not null,
-		o           TEXT    not null,
-		c           TEXT    not null,
-		cert        TEXT    not null,
-		key         TEXT    not null,
+		name        TEXT            not null,
+		cn          TEXT            not null,
+		o           TEXT default '' not null,
+		c           TEXT            not null,
+		cert        TEXT            not null,
+		key         TEXT            not null,
 		en_cert     TEXT,
 		en_key      TEXT,
-		algorithm   TEXT    not null,
+		algorithm   TEXT            not null,
 		key_length  integer,
-		not_before  TEXT    not null,
-		not_after   TEXT    not null,
-		create_time TEXT    not null
+		not_before  TEXT            not null,
+		not_after   TEXT            not null,
+		create_time TEXT            not null
 	);
 	create index ca_root_id_index
 		on ca (root_id);