From d56567c9def8af761031f949e8a19c253a20043c Mon Sep 17 00:00:00 2001
From: xiaojunnuo <xiaojunnuo@qq.com>
Date: Thu, 13 Nov 2025 01:11:04 +0800
Subject: [PATCH] =?UTF-8?q?chore:=20teo=20dns=20=E6=B5=8B=E8=AF=95?=
 =?UTF-8?q?=E6=88=90=E5=8A=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 packages/core/acme-client/src/client.js       |  9 +++--
 packages/core/acme-client/src/util.js         | 36 +++++++++----------
 packages/core/acme-client/src/verify.js       |  3 +-
 .../dns-provider/teo-dns-provider.ts          |  3 +-
 4 files changed, 28 insertions(+), 23 deletions(-)

diff --git a/packages/core/acme-client/src/client.js b/packages/core/acme-client/src/client.js
index 54a5ee33..4313d99a 100644
--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -492,7 +492,7 @@ class AcmeClient {
             throw new Error('Unable to verify ACME challenge, URL not found');
         }
 
-        const {challenges} = createChallengeFn({logger:this.opts.logger});
+        const {challenges} = createChallengeFn({logger:this.logger});
  
         const verify = challenges
         if (typeof verify[challenge.type] === 'undefined') {
@@ -510,7 +510,12 @@ class AcmeClient {
         };
 
         this.log('Waiting for ACME challenge verification（等待ACME检查验证）');
-        return util.retry(verifyFn, this.backoffOpts);
+
+
+        const log = (...args)=>{
+            this.logger.info(...args)
+        }
+        return util.retry(verifyFn, this.backoffOpts,log);
     }
 
     /**
diff --git a/packages/core/acme-client/src/util.js b/packages/core/acme-client/src/util.js
index bc373835..cdfde034 100644
--- a/packages/core/acme-client/src/util.js
+++ b/packages/core/acme-client/src/util.js
@@ -48,7 +48,7 @@ class Backoff {
  * @returns {Promise}
  */
 
-async function retryPromise(fn, attempts, backoff) {
+async function retryPromise(fn, attempts, backoff, logger = log) {
     let aborted = false;
 
     try {
@@ -60,12 +60,12 @@ async function retryPromise(fn, attempts, backoff) {
             throw e;
         }
 
-        log(`Promise rejected: ${e.message}`);
+        logger(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
+        logger(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
-        return retryPromise(fn, attempts, backoff);
+        return retryPromise(fn, attempts, backoff, logger);
     }
 }
 
@@ -80,9 +80,9 @@ async function retryPromise(fn, attempts, backoff) {
  * @returns {Promise}
  */
 
-function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
+function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}, logger = log) {
     const backoff = new Backoff({ min, max });
-    return retryPromise(fn, attempts, backoff);
+    return retryPromise(fn, attempts, backoff, logger);
 }
 
 /**
@@ -216,21 +216,21 @@ function formatResponseError(resp) {
  * @returns {Promise<string>} Root domain name
  */
 
-async function resolveDomainBySoaRecord(recordName) {
+async function resolveDomainBySoaRecord(recordName, logger = log) {
     try {
         await dns.resolveSoa(recordName);
-        log(`找到${recordName}的SOA记录`);
+        logger(`找到${recordName}的SOA记录`);
         return recordName;
     }
     catch (e) {
-        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
+        logger(`找不到${recordName}的SOA记录,继续往主域名查找`);
         const parentRecordName = recordName.split('.').slice(1).join('.');
 
         if (!parentRecordName.includes('.')) {
             throw new Error('SOA record查找失败');
         }
 
-        return resolveDomainBySoaRecord(parentRecordName);
+        return resolveDomainBySoaRecord(parentRecordName,logger);
     }
 }
 
@@ -241,18 +241,18 @@ async function resolveDomainBySoaRecord(recordName) {
  * @returns {Promise<dns.Resolver>} DNS resolver
  */
 
-async function getAuthoritativeDnsResolver(recordName) {
-    log(`获取域名${recordName}的权威NS服务器: `);
+async function getAuthoritativeDnsResolver(recordName, logger = log) {
+    logger(`获取域名${recordName}的权威NS服务器: `);
     const resolver = new dns.Resolver();
 
     try {
         /* Resolve root domain by SOA */
-        const domain = await resolveDomainBySoaRecord(recordName);
+        const domain = await resolveDomainBySoaRecord(recordNam,logger);
 
         /* Resolve authoritative NS addresses */
-        log(`获取到权威NS服务器name: ${domain}`);
+        logger(`获取到权威NS服务器name: ${domain}`);
         const nsRecords = await dns.resolveNs(domain);
-        log(`域名权威NS服务器：${nsRecords}`);
+        logger(`域名权威NS服务器：${nsRecords}`);
         const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
         const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);
 
@@ -261,16 +261,16 @@ async function getAuthoritativeDnsResolver(recordName) {
         }
 
         /* Authoritative NS success */
-        log(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
+        logger(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
         resolver.setServers(nsAddresses);
     }
     catch (e) {
-        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
+        logger(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
     }
 
     /* Return resolver */
     const addresses = resolver.getServers();
-    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
+    logger(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
 
     return resolver;
 }
diff --git a/packages/core/acme-client/src/verify.js b/packages/core/acme-client/src/verify.js
index 708f1d16..6d94d739 100644
--- a/packages/core/acme-client/src/verify.js
+++ b/packages/core/acme-client/src/verify.js
@@ -144,7 +144,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
     try{
         /* Authoritative DNS resolver */
         log(`从域名权威服务器获取TXT解析记录`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
         const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
         if (res && res.length > 0) {
             for (const item of res) {
@@ -182,7 +182,6 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
     log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
         const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
-        log(err);
         throw new Error(err);
     }
 
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/teo-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/teo-dns-provider.ts
index 96ede718..5554f52a 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/teo-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/teo-dns-provider.ts
@@ -60,7 +60,8 @@ export class TencentEoDnsProvider extends AbstractDnsProvider {
             "ZoneId": zoneId,
             "Name": fullRecord,
             "Type": type,
-            "Content": value
+            "Content": value,
+            "TTL": 60,
         };
 
         try {