diff --git a/packages/core/acme-client/package.json b/packages/core/acme-client/package.json index 01e88030..4feb8dba 100644 --- a/packages/core/acme-client/package.json +++ b/packages/core/acme-client/package.json @@ -26,7 +26,8 @@ "http-proxy-agent": "^7.0.2", "https-proxy-agent": "^7.0.5", "lodash-es": "^4.17.21", - "node-forge": "^1.3.1" + "node-forge": "^1.3.1", + "punycode": "^2.3.1" }, "devDependencies": { "@types/node": "^20.14.10", diff --git a/packages/core/acme-client/src/index.js b/packages/core/acme-client/src/index.js index acc95e48..99cb041f 100644 --- a/packages/core/acme-client/src/index.js +++ b/packages/core/acme-client/src/index.js @@ -46,3 +46,5 @@ export * from './axios.js' export * from './logger.js' export * from './verify.js' export * from './error.js' + +export * from './util.js' \ No newline at end of file diff --git a/packages/core/acme-client/src/util.js b/packages/core/acme-client/src/util.js index 1c578501..bc373835 100644 --- a/packages/core/acme-client/src/util.js +++ b/packages/core/acme-client/src/util.js @@ -340,5 +340,6 @@ export { formatResponseError, getAuthoritativeDnsResolver, retrieveTlsAlpnCertificate, + resolveDomainBySoaRecord }; diff --git a/packages/core/acme-client/types/index.d.ts b/packages/core/acme-client/types/index.d.ts index 09179f21..4ae05a48 100644 --- a/packages/core/acme-client/types/index.d.ts +++ b/packages/core/acme-client/types/index.d.ts @@ -204,4 +204,6 @@ export function setLogger(fn: (message: any, ...args: any[]) => void): void; export function walkTxtRecord(record: any): Promise; -export const CancelError: typeof CancelError; \ No newline at end of file +export const CancelError: typeof CancelError; + +export function resolveDomainBySoaRecord(domain: string): Promise; \ No newline at end of file diff --git a/packages/plugins/plugin-cert/package.json b/packages/plugins/plugin-cert/package.json index e8dda165..cc82dd32 100644 --- a/packages/plugins/plugin-cert/package.json +++ b/packages/plugins/plugin-cert/package.json @@ -24,6 +24,7 @@ "jszip": "^3.10.1", "lodash-es": "^4.17.21", "psl": "^1.9.0", + "punycode": "^2.3.1", "rimraf": "^5.0.5" }, "devDependencies": { diff --git a/packages/plugins/plugin-cert/src/dns-provider/api.ts b/packages/plugins/plugin-cert/src/dns-provider/api.ts index f2781e4b..70d38767 100644 --- a/packages/plugins/plugin-cert/src/dns-provider/api.ts +++ b/packages/plugins/plugin-cert/src/dns-provider/api.ts @@ -35,6 +35,8 @@ export interface IDnsProvider { createRecord(options: CreateRecordOptions): Promise; removeRecord(options: RemoveRecordOptions): Promise; setCtx(ctx: DnsProviderContext): void; + //中文域名是否需要punycode转码,如果返回True,则使用punycode来添加解析记录,否则使用中文域名添加解析记录 + usePunyCode(): boolean; } export interface ISubDomainsGetter { diff --git a/packages/plugins/plugin-cert/src/dns-provider/base.ts b/packages/plugins/plugin-cert/src/dns-provider/base.ts index b1ccdc17..e262c605 100644 --- a/packages/plugins/plugin-cert/src/dns-provider/base.ts +++ b/packages/plugins/plugin-cert/src/dns-provider/base.ts @@ -8,6 +8,10 @@ export abstract class AbstractDnsProvider implements IDnsProvider { http!: HttpClient; logger!: ILogger; + usePunyCode(): boolean { + return false; + } + setCtx(ctx: DnsProviderContext) { this.ctx = ctx; this.logger = ctx.logger; diff --git a/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts b/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts index 752795bc..08f48785 100644 --- a/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts +++ b/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts @@ -1,6 +1,8 @@ import { IDomainParser, ISubDomainsGetter } from "./api"; //@ts-ignore import psl from "psl"; +import { resolveDomainBySoaRecord } from "@certd/acme-client"; +import { logger, utils } from "@certd/basic"; export class DomainParser implements IDomainParser { subDomainsGetter: ISubDomainsGetter; @@ -17,16 +19,38 @@ export class DomainParser implements IDomainParser { } async parse(fullDomain: string) { - const subDomains = await this.subDomainsGetter.getSubDomains(); - if (subDomains && subDomains.length > 0) { - for (const subDomain of subDomains) { - if (fullDomain.endsWith(subDomain)) { - //找到子域名托管 - return subDomain; - } + logger.info(`查找主域名:${fullDomain}`); + const cacheKey = `domain_parse:${fullDomain}`; + const value = utils.cache.get(cacheKey); + if (value) { + logger.info(`从缓存获取到主域名:${fullDomain}->${value}`); + return value; + } + try { + const mainDomain = await resolveDomainBySoaRecord(fullDomain); + if (mainDomain) { + utils.cache.set(cacheKey, mainDomain, { + ttl: 2 * 60 * 1000, + }); + logger.info(`获取到主域名:${fullDomain}->${mainDomain}`); + return mainDomain; } + } catch (e) { + logger.error("从SOA获取主域名失败", e.message); } - return this.parseDomain(fullDomain); + // const subDomains = await this.subDomainsGetter.getSubDomains(); + // if (subDomains && subDomains.length > 0) { + // for (const subDomain of subDomains) { + // if (fullDomain.endsWith(subDomain)) { + // //找到子域名托管 + // return subDomain; + // } + // } + // } + + const res = this.parseDomain(fullDomain); + logger.info(`从psl获取主域名:${fullDomain}->${res}`); + return res; } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 4286cb03..f5907d93 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -46,7 +46,7 @@ importers: packages/core/acme-client: dependencies: '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../basic '@peculiar/x509': specifier: ^1.11.0 @@ -72,6 +72,9 @@ importers: node-forge: specifier: ^1.3.1 version: 1.3.1 + punycode: + specifier: ^2.3.1 + version: 2.3.1 devDependencies: '@types/node': specifier: ^20.14.10 @@ -204,10 +207,10 @@ importers: packages/core/pipeline: dependencies: '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../basic '@certd/plus-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../pro/plus-core dayjs: specifier: ^1.11.7 @@ -412,7 +415,7 @@ importers: packages/libs/lib-k8s: dependencies: '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@kubernetes/client-node': specifier: 0.21.0 @@ -452,16 +455,16 @@ importers: packages/libs/lib-server: dependencies: '@certd/acme-client': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@certd/plus-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../pro/plus-core '@midwayjs/cache': specifier: ~3.14.0 @@ -604,16 +607,16 @@ importers: packages/plugins/plugin-cert: dependencies: '@certd/acme-client': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@certd/plugin-lib': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../plugin-lib '@google-cloud/publicca': specifier: ^1.3.0 @@ -630,6 +633,9 @@ importers: psl: specifier: ^1.9.0 version: 1.15.0 + punycode: + specifier: ^2.3.1 + version: 2.3.1 rimraf: specifier: ^5.0.5 version: 5.0.10 @@ -680,10 +686,10 @@ importers: specifier: ^1.7.10 version: 1.8.0 '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@kubernetes/client-node': specifier: 0.21.0 @@ -771,19 +777,19 @@ importers: packages/pro/commercial-core: dependencies: '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/lib-server': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-server '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@certd/plugin-plus': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../plugin-plus '@certd/plus-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../plus-core '@midwayjs/core': specifier: ~3.20.3 @@ -868,22 +874,22 @@ importers: specifier: ^1.0.2 version: 1.0.2 '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/lib-k8s': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-k8s '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@certd/plugin-cert': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../plugins/plugin-cert '@certd/plugin-lib': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../plugins/plugin-lib '@certd/plus-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../plus-core ali-oss: specifier: ^6.21.0 @@ -980,7 +986,7 @@ importers: packages/pro/plus-core: dependencies: '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic dayjs: specifier: ^1.11.7 @@ -1270,10 +1276,10 @@ importers: version: 0.1.3(zod@3.24.2) devDependencies: '@certd/lib-iframe': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-iframe '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@rollup/plugin-commonjs': specifier: ^25.0.7 @@ -1453,43 +1459,43 @@ importers: specifier: ^3.705.0 version: 3.758.0(aws-crt@1.25.3) '@certd/acme-client': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/basic '@certd/commercial-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../pro/commercial-core '@certd/jdcloud': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-jdcloud '@certd/lib-huawei': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-huawei '@certd/lib-k8s': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-k8s '@certd/lib-server': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/lib-server '@certd/midway-flyway-js': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../libs/midway-flyway-js '@certd/pipeline': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../core/pipeline '@certd/plugin-cert': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../plugins/plugin-cert '@certd/plugin-lib': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../plugins/plugin-lib '@certd/plugin-plus': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../pro/plugin-plus '@certd/plus-core': - specifier: ^1.33.6 + specifier: ^1.33.7 version: link:../../pro/plus-core '@corsinvest/cv4pve-api-javascript': specifier: ^8.3.0 @@ -20676,13 +20682,13 @@ snapshots: resolve: 1.22.10 semver: 6.3.1 - eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8): + eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8): dependencies: eslint: 7.32.0 prettier: 2.8.8 prettier-linter-helpers: 1.0.0 optionalDependencies: - eslint-config-prettier: 8.10.0(eslint@7.32.0) + eslint-config-prettier: 8.10.0(eslint@8.57.0) eslint-plugin-prettier@4.2.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@8.57.0)(prettier@2.8.8): dependencies: @@ -23396,7 +23402,7 @@ snapshots: eslint: 7.32.0 eslint-config-prettier: 8.10.0(eslint@7.32.0) eslint-plugin-node: 11.1.0(eslint@7.32.0) - eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8) + eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8) execa: 5.1.1 inquirer: 7.3.3 json5: 2.2.3