github
/
certd
mirror of https://github.com/certd/certd
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

perf: http方式支持校验443端口

pull/409/head
xiaojunnuo 2025-05-06 17:01:20 +08:00
parent 826be45b6a
commit d75fcb7fec
2 changed files with 43 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
packages/core/acme-client/src/verify.js
View File

@ -24,22 +24,46 @@ const dns = dnsSdk.promises
*/ */
async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) { async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
async function doQuery(challengeUrl){
log(`正在测试请求 ${challengeUrl} `)
// const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
// const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
/* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
const httpsAgent = new https.Agent({ rejectUnauthorized: false });
log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
let data = ""
try{
const resp = await axios.get(challengeUrl, { httpsAgent });
data = (resp.data || '').replace(/\s+$/, '');
}catch (e) {
log(`[error] HTTP request error from ${authz.identifier.value}`,e);
return false
}
if (!data || (data !== keyAuthorization)) {
log(`[error] Authorization not found in HTTPS response from ${authz.identifier.value}`);
return false
}
return true
}
const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80; const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`; const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
/* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */ if (!await doQuery(challengeUrl)) {
const httpsAgent = new https.Agent({ rejectUnauthorized: false }); const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`); const res = await doQuery(httpsChallengeUrl)
const resp = await axios.get(challengeUrl, { httpsAgent }); if (!res) {
const data = (resp.data || '').replace(/\s+$/, ''); throw new Error(`[error] 验证失败请检查以上测试url是否可以正常访问`);
}
log(`Query successful, HTTP status code: ${resp.status}`);
if (!data || (data !== keyAuthorization)) {
throw new Error(`Authorization not found in HTTP response from ${authz.identifier.value}`);
} }
log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`); log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
return true; return true;
} }

12
packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts
View File

@ -52,9 +52,11 @@ export class AliossClient {
} }
} }
async uploadFile(filePath: string, content: Buffer | string) { async uploadFile(filePath: string, content: Buffer | string, timeout = 1000 * 60 * 60) {
await this.init(); await this.init();
return await this.client.put(filePath, content); return await this.client.put(filePath, content, {
timeout,
});
} }
async removeFile(filePath: string) { async removeFile(filePath: string) {
@ -62,9 +64,11 @@ export class AliossClient {
return await this.client.delete(filePath); return await this.client.delete(filePath);
} }
async downloadFile(key: string, savePath: string) { async downloadFile(key: string, savePath: string, timeout = 1000 * 60 * 60) {
await this.init(); await this.init();
return await this.client.get(key, savePath); return await this.client.get(key, savePath, {
timeout,
});
} }
async listDir(dirKey: string) { async listDir(dirKey: string) {