From f5f9d2637af89011d202f50769b4b24fdb3e9269 Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Sat, 31 Dec 2022 17:12:39 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E8=AF=81=E4=B9=A6=E6=95=B0?= =?UTF-8?q?=E9=87=8F=E5=BE=88=E5=A4=9A=E6=97=B6=E7=9A=84=E9=A1=B5=E9=9D=A2?= =?UTF-8?q?=E5=8A=A0=E8=BD=BD=E9=80=9F=E5=BA=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/db/models/api_node_model_ext.go | 6 +++--- internal/db/models/node_dao.go | 2 +- internal/db/models/origin_dao.go | 2 +- internal/db/models/server_dao.go | 10 +++++----- internal/db/models/ssl_cert_dao.go | 15 +++++++++------ internal/db/models/ssl_policy_dao.go | 14 +++++++------- internal/db/models/user_node_model_ext.go | 2 +- internal/rpc/services/service_server.go | 14 +++++++------- internal/rpc/services/service_ssl_cert.go | 4 ++-- internal/rpc/services/service_ssl_policy.go | 2 +- 10 files changed, 37 insertions(+), 34 deletions(-) diff --git a/internal/db/models/api_node_model_ext.go b/internal/db/models/api_node_model_ext.go index a801e787..8d0b32ec 100644 --- a/internal/db/models/api_node_model_ext.go +++ b/internal/db/models/api_node_model_ext.go @@ -43,9 +43,9 @@ func (this *APINode) DecodeHTTPS(tx *dbs.Tx, cacheMap *utils.CacheMap) (*serverc } if config.SSLPolicyRef != nil { - policyId := config.SSLPolicyRef.SSLPolicyId + var policyId = config.SSLPolicyRef.SSLPolicyId if policyId > 0 { - sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, policyId, cacheMap) + sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, policyId, false, cacheMap) if err != nil { return nil, err } @@ -143,7 +143,7 @@ func (this *APINode) DecodeRestHTTPS(tx *dbs.Tx, cacheMap *utils.CacheMap) (*ser if config.SSLPolicyRef != nil { policyId := config.SSLPolicyRef.SSLPolicyId if policyId > 0 { - sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, policyId, cacheMap) + sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, policyId, false, cacheMap) if err != nil { return nil, err } diff --git a/internal/db/models/node_dao.go b/internal/db/models/node_dao.go index eb064a4d..af3a8b85 100644 --- a/internal/db/models/node_dao.go +++ b/internal/db/models/node_dao.go @@ -978,7 +978,7 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils } for _, server := range servers { - serverConfig, err := SharedServerDAO.ComposeServerConfig(tx, server, cacheMap, true, false) + serverConfig, err := SharedServerDAO.ComposeServerConfig(tx, server, false, cacheMap, true, false) if err != nil { return nil, err } diff --git a/internal/db/models/origin_dao.go b/internal/db/models/origin_dao.go index 2359af07..e67a4c46 100644 --- a/internal/db/models/origin_dao.go +++ b/internal/db/models/origin_dao.go @@ -403,7 +403,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap } config.CertRef = ref if ref.CertId > 0 { - certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, cacheMap) + certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, false, cacheMap) if err != nil { return nil, err } diff --git a/internal/db/models/server_dao.go b/internal/db/models/server_dao.go index 635b1db4..f2400ed4 100644 --- a/internal/db/models/server_dao.go +++ b/internal/db/models/server_dao.go @@ -1001,7 +1001,7 @@ func (this *ServerDAO) FindServerNodeFilters(tx *dbs.Tx, serverId int64) (isOk b } // ComposeServerConfigWithServerId 构造服务的Config -func (this *ServerDAO) ComposeServerConfigWithServerId(tx *dbs.Tx, serverId int64, forNode bool) (*serverconfigs.ServerConfig, error) { +func (this *ServerDAO) ComposeServerConfigWithServerId(tx *dbs.Tx, serverId int64, ignoreCertData bool, forNode bool) (*serverconfigs.ServerConfig, error) { server, err := this.FindEnabledServer(tx, serverId) if err != nil { return nil, err @@ -1009,12 +1009,12 @@ func (this *ServerDAO) ComposeServerConfigWithServerId(tx *dbs.Tx, serverId int6 if server == nil { return nil, ErrNotFound } - return this.ComposeServerConfig(tx, server, nil, forNode, false) + return this.ComposeServerConfig(tx, server, ignoreCertData, nil, forNode, false) } // ComposeServerConfig 构造服务的Config // forNode 是否是节点请求 -func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap *utils.CacheMap, forNode bool, forList bool) (*serverconfigs.ServerConfig, error) { +func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, ignoreCertData bool, cacheMap *utils.CacheMap, forNode bool, forList bool) (*serverconfigs.ServerConfig, error) { if server == nil { return nil, ErrNotFound } @@ -1111,7 +1111,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap // SSL if httpsConfig.SSLPolicyRef != nil && httpsConfig.SSLPolicyRef.SSLPolicyId > 0 { - sslPolicyConfig, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, httpsConfig.SSLPolicyRef.SSLPolicyId, cacheMap) + sslPolicyConfig, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, httpsConfig.SSLPolicyRef.SSLPolicyId, ignoreCertData, cacheMap) if err != nil { return nil, err } @@ -1143,7 +1143,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap // SSL if tlsConfig.SSLPolicyRef != nil { - sslPolicyConfig, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, tlsConfig.SSLPolicyRef.SSLPolicyId, cacheMap) + sslPolicyConfig, err := SharedSSLPolicyDAO.ComposePolicyConfig(tx, tlsConfig.SSLPolicyRef.SSLPolicyId, ignoreCertData, cacheMap) if err != nil { return nil, err } diff --git a/internal/db/models/ssl_cert_dao.go b/internal/db/models/ssl_cert_dao.go index d2a88265..fb0b9dee 100644 --- a/internal/db/models/ssl_cert_dao.go +++ b/internal/db/models/ssl_cert_dao.go @@ -200,7 +200,8 @@ func (this *SSLCertDAO) UpdateCert(tx *dbs.Tx, } // ComposeCertConfig 组合配置 -func (this *SSLCertDAO) ComposeCertConfig(tx *dbs.Tx, certId int64, cacheMap *utils.CacheMap) (*sslconfigs.SSLCertConfig, error) { +// ignoreData 是否忽略证书数据,避免因为数据过大影响传输 +func (this *SSLCertDAO) ComposeCertConfig(tx *dbs.Tx, certId int64, ignoreData bool, cacheMap *utils.CacheMap) (*sslconfigs.SSLCertConfig, error) { if cacheMap == nil { cacheMap = utils.NewCacheMap() } @@ -218,15 +219,17 @@ func (this *SSLCertDAO) ComposeCertConfig(tx *dbs.Tx, certId int64, cacheMap *ut return nil, nil } - config := &sslconfigs.SSLCertConfig{} + var config = &sslconfigs.SSLCertConfig{} config.Id = int64(cert.Id) config.IsOn = cert.IsOn config.IsCA = cert.IsCA config.IsACME = cert.IsACME config.Name = cert.Name config.Description = cert.Description - config.CertData = cert.CertData - config.KeyData = cert.KeyData + if !ignoreData { + config.CertData = cert.CertData + config.KeyData = cert.KeyData + } config.ServerName = cert.ServerName config.TimeBeginAt = int64(cert.TimeBeginAt) config.TimeEndAt = int64(cert.TimeEndAt) @@ -239,7 +242,7 @@ func (this *SSLCertDAO) ComposeCertConfig(tx *dbs.Tx, certId int64, cacheMap *ut config.OCSPError = cert.OcspError if IsNotNull(cert.DnsNames) { - dnsNames := []string{} + var dnsNames = []string{} err := json.Unmarshal(cert.DnsNames, &dnsNames) if err != nil { return nil, err @@ -248,7 +251,7 @@ func (this *SSLCertDAO) ComposeCertConfig(tx *dbs.Tx, certId int64, cacheMap *ut } if cert.CommonNames.IsNotNull() { - commonNames := []string{} + var commonNames = []string{} err := json.Unmarshal(cert.CommonNames, &commonNames) if err != nil { return nil, err diff --git a/internal/db/models/ssl_policy_dao.go b/internal/db/models/ssl_policy_dao.go index 7ddb272b..492434c8 100644 --- a/internal/db/models/ssl_policy_dao.go +++ b/internal/db/models/ssl_policy_dao.go @@ -77,7 +77,7 @@ func (this *SSLPolicyDAO) FindEnabledSSLPolicy(tx *dbs.Tx, id int64) (*SSLPolicy } // ComposePolicyConfig 组合配置 -func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, cacheMap *utils.CacheMap) (*sslconfigs.SSLPolicy, error) { +func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, ignoreData bool, cacheMap *utils.CacheMap) (*sslconfigs.SSLPolicy, error) { if cacheMap == nil { cacheMap = utils.NewCacheMap() } @@ -95,7 +95,7 @@ func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, cacheM if policy == nil { return nil, nil } - config := &sslconfigs.SSLPolicy{} + var config = &sslconfigs.SSLPolicy{} config.Id = int64(policy.Id) config.IsOn = policy.IsOn config.ClientAuthType = int(policy.ClientAuthType) @@ -104,14 +104,14 @@ func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, cacheM // certs if IsNotNull(policy.Certs) { - refs := []*sslconfigs.SSLCertRef{} + var refs = []*sslconfigs.SSLCertRef{} err = json.Unmarshal(policy.Certs, &refs) if err != nil { return nil, err } if len(refs) > 0 { for _, ref := range refs { - certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, cacheMap) + certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, ignoreData, cacheMap) if err != nil { return nil, err } @@ -126,14 +126,14 @@ func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, cacheM // client CA certs if IsNotNull(policy.ClientCACerts) { - refs := []*sslconfigs.SSLCertRef{} + var refs = []*sslconfigs.SSLCertRef{} err = json.Unmarshal(policy.ClientCACerts, &refs) if err != nil { return nil, err } if len(refs) > 0 { for _, ref := range refs { - certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, cacheMap) + certConfig, err := SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, ignoreData, cacheMap) if err != nil { return nil, err } @@ -159,7 +159,7 @@ func (this *SSLPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64, cacheM // hsts if IsNotNull(policy.Hsts) { - hstsConfig := &sslconfigs.HSTSConfig{} + var hstsConfig = &sslconfigs.HSTSConfig{} err = json.Unmarshal(policy.Hsts, hstsConfig) if err != nil { return nil, err diff --git a/internal/db/models/user_node_model_ext.go b/internal/db/models/user_node_model_ext.go index 41d9393f..6a2e020d 100644 --- a/internal/db/models/user_node_model_ext.go +++ b/internal/db/models/user_node_model_ext.go @@ -44,7 +44,7 @@ func (this *UserNode) DecodeHTTPS(cacheMap *utils.CacheMap) (*serverconfigs.HTTP if config.SSLPolicyRef != nil { policyId := config.SSLPolicyRef.SSLPolicyId if policyId > 0 { - sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(nil, policyId, cacheMap) + sslPolicy, err := SharedSSLPolicyDAO.ComposePolicyConfig(nil, policyId, false, cacheMap) if err != nil { return nil, err } diff --git a/internal/rpc/services/service_server.go b/internal/rpc/services/service_server.go index 40ab7078..04a7e6ee 100644 --- a/internal/rpc/services/service_server.go +++ b/internal/rpc/services/service_server.go @@ -846,7 +846,7 @@ func (this *ServerService) ListEnabledServersMatch(ctx context.Context, req *pb. } // 配置 - config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, nil, false, true) + config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, false, nil, false, true) if err != nil { return nil, err } @@ -969,9 +969,9 @@ func (this *ServerService) FindEnabledServer(ctx context.Context, req *pb.FindEn } // 分组信息 - pbGroups := []*pb.ServerGroup{} + var pbGroups = []*pb.ServerGroup{} if len(server.GroupIds) > 0 { - groupIds := []int64{} + var groupIds = []int64{} err = json.Unmarshal(server.GroupIds, &groupIds) if err != nil { return nil, err @@ -1009,7 +1009,7 @@ func (this *ServerService) FindEnabledServer(ctx context.Context, req *pb.FindEn } // 配置 - config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, nil, userId > 0, false) + config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, req.IgnoreSSLCertData, nil, userId > 0, false) if err != nil { return nil, err } @@ -1069,7 +1069,7 @@ func (this *ServerService) FindEnabledServerConfig(ctx context.Context, req *pb. } } - config, err := models.SharedServerDAO.ComposeServerConfigWithServerId(tx, req.ServerId, false) + config, err := models.SharedServerDAO.ComposeServerConfigWithServerId(tx, req.ServerId, false, false) if err != nil { return nil, err } @@ -1520,7 +1520,7 @@ func (this *ServerService) ComposeAllUserServersConfig(ctx context.Context, req var configs = []*serverconfigs.ServerConfig{} var cacheMap = utils.NewCacheMap() for _, server := range servers { - config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, cacheMap, true, false) + config, err := models.SharedServerDAO.ComposeServerConfig(tx, server, false, cacheMap, true, false) if err != nil { return nil, err } @@ -2227,7 +2227,7 @@ func (this *ServerService) ComposeServerConfig(ctx context.Context, req *pb.Comp return &pb.ComposeServerConfigResponse{ServerConfigJSON: nil}, nil } - serverConfig, err := models.SharedServerDAO.ComposeServerConfigWithServerId(tx, req.ServerId, true) + serverConfig, err := models.SharedServerDAO.ComposeServerConfigWithServerId(tx, req.ServerId, false, true) if err != nil { if err == models.ErrNotFound { return &pb.ComposeServerConfigResponse{ServerConfigJSON: nil}, nil diff --git a/internal/rpc/services/service_ssl_cert.go b/internal/rpc/services/service_ssl_cert.go index 246be1e3..b587228f 100644 --- a/internal/rpc/services/service_ssl_cert.go +++ b/internal/rpc/services/service_ssl_cert.go @@ -92,7 +92,7 @@ func (this *SSLCertService) FindEnabledSSLCertConfig(ctx context.Context, req *p } } - config, err := models.SharedSSLCertDAO.ComposeCertConfig(tx, req.SslCertId, nil) + config, err := models.SharedSSLCertDAO.ComposeCertConfig(tx, req.SslCertId, false, nil) if err != nil { return nil, err } @@ -179,7 +179,7 @@ func (this *SSLCertService) ListSSLCerts(ctx context.Context, req *pb.ListSSLCer certConfigs := []*sslconfigs.SSLCertConfig{} for _, certId := range certIds { - certConfig, err := models.SharedSSLCertDAO.ComposeCertConfig(tx, certId, nil) + certConfig, err := models.SharedSSLCertDAO.ComposeCertConfig(tx, certId, false, nil) if err != nil { return nil, err } diff --git a/internal/rpc/services/service_ssl_policy.go b/internal/rpc/services/service_ssl_policy.go index 64bf3a66..9d8e3605 100644 --- a/internal/rpc/services/service_ssl_policy.go +++ b/internal/rpc/services/service_ssl_policy.go @@ -88,7 +88,7 @@ func (this *SSLPolicyService) FindEnabledSSLPolicyConfig(ctx context.Context, re var tx = this.NullTx() - config, err := models.SharedSSLPolicyDAO.ComposePolicyConfig(tx, req.SslPolicyId, nil) + config, err := models.SharedSSLPolicyDAO.ComposePolicyConfig(tx, req.SslPolicyId, req.IgnoreData, nil) if err != nil { return nil, err }