From d75fcb7fec421a9a638eaa27fe9378c84b5e0f19 Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Tue, 6 May 2025 17:01:20 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20http=E6=96=B9=E5=BC=8F=E6=94=AF?= =?UTF-8?q?=E6=8C=81=E6=A0=A1=E9=AA=8C443=E7=AB=AF=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/core/acme-client/src/verify.js | 46 ++++++++++++++----- .../plugin-lib/src/aliyun/lib/oss-client.ts | 12 +++-- 2 files changed, 43 insertions(+), 15 deletions(-) diff --git a/packages/core/acme-client/src/verify.js b/packages/core/acme-client/src/verify.js index 2334331a..f148194c 100644 --- a/packages/core/acme-client/src/verify.js +++ b/packages/core/acme-client/src/verify.js @@ -24,22 +24,46 @@ const dns = dnsSdk.promises */ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) { + + async function doQuery(challengeUrl){ + log(`正在测试请求 ${challengeUrl} `) + // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443; + // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`; + + /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */ + const httpsAgent = new https.Agent({ rejectUnauthorized: false }); + + log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`); + let data = "" + try{ + const resp = await axios.get(challengeUrl, { httpsAgent }); + data = (resp.data || '').replace(/\s+$/, ''); + }catch (e) { + log(`[error] HTTP request error from ${authz.identifier.value}`,e); + return false + } + + if (!data || (data !== keyAuthorization)) { + log(`[error] Authorization not found in HTTPS response from ${authz.identifier.value}`); + return false + } + return true + + } + const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80; const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`; - /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */ - const httpsAgent = new https.Agent({ rejectUnauthorized: false }); - - log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`); - const resp = await axios.get(challengeUrl, { httpsAgent }); - const data = (resp.data || '').replace(/\s+$/, ''); - - log(`Query successful, HTTP status code: ${resp.status}`); - - if (!data || (data !== keyAuthorization)) { - throw new Error(`Authorization not found in HTTP response from ${authz.identifier.value}`); + if (!await doQuery(challengeUrl)) { + const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443; + const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`; + const res = await doQuery(httpsChallengeUrl) + if (!res) { + throw new Error(`[error] 验证失败,请检查以上测试url是否可以正常访问`); + } } + log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`); return true; } diff --git a/packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts b/packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts index 362abc9b..9b23309d 100644 --- a/packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts +++ b/packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts @@ -52,9 +52,11 @@ export class AliossClient { } } - async uploadFile(filePath: string, content: Buffer | string) { + async uploadFile(filePath: string, content: Buffer | string, timeout = 1000 * 60 * 60) { await this.init(); - return await this.client.put(filePath, content); + return await this.client.put(filePath, content, { + timeout, + }); } async removeFile(filePath: string) { @@ -62,9 +64,11 @@ export class AliossClient { return await this.client.delete(filePath); } - async downloadFile(key: string, savePath: string) { + async downloadFile(key: string, savePath: string, timeout = 1000 * 60 * 60) { await this.init(); - return await this.client.get(key, savePath); + return await this.client.get(key, savePath, { + timeout, + }); } async listDir(dirKey: string) {