lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-14 20:40:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复ipv6作为证书域名申请证书校验失败的bug

Browse Source
This commit is contained in:
xiaojunnuo
2025-12-15 23:34:47 +08:00
parent e4c21c4d5c
commit e4e16bc6a6
8 changed files with 59 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/core/acme-client/src/verify.js
View File

@@ -8,7 +8,7 @@ import {log as defaultLog} from './logger.js'
import axios from './axios.js'
import * as util from './util.js'
import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
import {utils} from '@certd/basic'
const dns = dnsSdk.promises
@@ -60,11 +60,15 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
}
const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
let host = authz.identifier.value;
if(utils.domain.isIpv6(host)){
host = `[${host}]`;
}
const challengeUrl = `http://${host}:${httpPort}${suffix}`;
if (!await doQuery(challengeUrl)) {
const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
const res = await doQuery(httpsChallengeUrl)
if (!res) {
throw new Error(`[error] 验证失败请检查以上测试url是否可以正常访问`);

1
packages/core/basic/.gitignore vendored
View File

@@ -26,3 +26,4 @@ dist-ssr
test/user.secret.*
test/**/*.js
src/**/*.spec.ts
test.mjs

2
packages/core/basic/src/utils/util.domain.ts
View File

@@ -58,7 +58,7 @@ function isIpv6(d: string) {
if (!d) {
return false;
}
const isIPv6Regex = /^([\da-f]{1,4}:){2,7}[\da-f]{1,4}$/i;
const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
return isIPv6Regex.test(d);
}

28
packages/core/basic/test.mjs
View File

@@ -1,14 +1,18 @@
import { random } from "lodash-es";
import { locker } from "./dist/utils/util.lock.js";
// import { random } from "lodash-es";
// import { locker } from "./dist/utils/util.lock.js";
async function testLocker() {
for (let i = 0; i < 10; i++) {
await locker.execute("test", async () => {
console.log("test", i);
await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
throw new Error("test error");
});
}
}
// async function testLocker() {
// for (let i = 0; i < 10; i++) {
// await locker.execute("test", async () => {
// console.log("test", i);
// await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
// throw new Error("test error");
// });
// }
// }
await testLocker();
// await testLocker();
import { domainUtils } from "./dist/utils/util.domain.js";
console.log(domainUtils.isIpv6("::0:0:0:FFFF:129.144.52.38"));