From dcfc5456089096493e94fa92d9df1b39d034f071 Mon Sep 17 00:00:00 2001 From: net909 Date: Sun, 22 Dec 2024 10:07:56 +0800 Subject: [PATCH] fix --- app/controller/Cert.php | 1 + app/lib/deploy/aws.php | 28 +++++++++++++------------- app/lib/deploy/baidu.php | 14 ++++++------- app/lib/deploy/ftp.php | 4 ++-- app/lib/deploy/huawei.php | 40 +++++++++++++++++++------------------- app/lib/deploy/huoshan.php | 2 +- app/lib/deploy/local.php | 14 ++++++------- app/lib/deploy/qiniu.php | 6 +++--- app/lib/deploy/tencent.php | 6 +++--- 9 files changed, 58 insertions(+), 57 deletions(-) diff --git a/app/controller/Cert.php b/app/controller/Cert.php index 36bec3f..649f1f8 100644 --- a/app/controller/Cert.php +++ b/app/controller/Cert.php @@ -251,6 +251,7 @@ class Cert extends BaseController 'keytype' => input('post.keytype'), 'keysize' => input('post.keysize'), 'addtime' => date('Y-m-d H:i:s'), + 'issuer' => '', 'status' => 0, ]; $domains = array_map('trim', $domains); diff --git a/app/lib/deploy/aws.php b/app/lib/deploy/aws.php index e783212..b721d22 100644 --- a/app/lib/deploy/aws.php +++ b/app/lib/deploy/aws.php @@ -21,7 +21,7 @@ class aws implements DeployInterface public function check() { if (empty($this->AccessKeyId) || empty($this->SecretAccessKey)) throw new Exception('必填参数不能为空'); - $client = new AWSClient($this->AccessKeyId, $this->SecretAccessKey, 'iam.amazonaws.com', 'iam','2010-05-08', 'us-east-1'); + $client = new AWSClient($this->AccessKeyId, $this->SecretAccessKey, 'iam.amazonaws.com', 'iam', '2010-05-08', 'us-east-1'); $client->requestXml('GET', 'GetUser'); return true; } @@ -33,28 +33,28 @@ class aws implements DeployInterface if (!$certInfo) throw new Exception('证书解析失败'); $config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t']; - if(isset($info['cert_id']) && isset($info['cert_name']) && $info['cert_name'] == $config['cert_name']){ + if (isset($info['cert_id']) && isset($info['cert_name']) && $info['cert_name'] == $config['cert_name']) { $cert_id = $info['cert_id']; $this->log('证书已上传:' . $cert_id); - }else{ + } else { $cert_id = $this->get_cert_id($fullchain, $privatekey); $this->log('证书上传成功:' . $cert_id); $info['cert_id'] = $cert_id; $info['cert_name'] = $config['cert_name']; usleep(500000); } - + $client = new \app\lib\client\AWS($this->AccessKeyId, $this->SecretAccessKey, 'cloudfront.amazonaws.com', 'cloudfront', '2020-05-31', 'us-east-1'); - try{ - $data = $client->requestXmlN('GET', '/distribution/'.$config['distribution_id'].'/config', [], null, true); - }catch(Exception $e){ - throw new Exception('获取分配信息失败:'.$e->getMessage()); + try { + $data = $client->requestXmlN('GET', '/distribution/' . $config['distribution_id'] . '/config', [], null, true); + } catch (Exception $e) { + throw new Exception('获取分配信息失败:' . $e->getMessage()); } - + $data['ViewerCertificate']['ACMCertificateArn'] = $cert_id; $data['ViewerCertificate']['CloudFrontDefaultCertificate'] = false; $xml = new \SimpleXMLElement(''); - $client->requestXmlN('PUT', '/distribution/'.$config['distribution_id'].'/config', $data, $xml); + $client->requestXmlN('PUT', '/distribution/' . $config['distribution_id'] . '/config', $data, $xml); $this->log('分配ID: ' . $config['distribution_id'] . ' 证书部署成功!'); } @@ -65,13 +65,13 @@ class aws implements DeployInterface 'Certificate' => base64_encode($cert), 'PrivateKey' => base64_encode($privatekey), ]; - + $client = new \app\lib\client\AWS($this->AccessKeyId, $this->SecretAccessKey, 'acm.us-east-1.amazonaws.com', 'acm', '', 'us-east-1'); - try{ + try { $data = $client->request('POST', 'CertificateManager.ImportCertificate', $param); $cert_id = $data['CertificateArn']; - }catch(Exception $e){ - throw new Exception('上传证书失败:'.$e->getMessage()); + } catch (Exception $e) { + throw new Exception('上传证书失败:' . $e->getMessage()); } return $cert_id; } diff --git a/app/lib/deploy/baidu.php b/app/lib/deploy/baidu.php index 89140a6..366c106 100644 --- a/app/lib/deploy/baidu.php +++ b/app/lib/deploy/baidu.php @@ -32,18 +32,18 @@ class baidu implements DeployInterface $certInfo = openssl_x509_parse($fullchain, true); if (!$certInfo) throw new Exception('证书解析失败'); $config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t']; - + $client = new BaiduCloud($this->AccessKeyId, $this->SecretAccessKey, 'cdn.baidubce.com'); - try{ - $data = $client->request('GET', '/v2/'.$config['domain'].'/certificates'); - if(isset($data['certName']) && $data['certName'] == $config['cert_name']){ + try { + $data = $client->request('GET', '/v2/' . $config['domain'] . '/certificates'); + if (isset($data['certName']) && $data['certName'] == $config['cert_name']) { $this->log('CDN域名 ' . $config['domain'] . ' 证书已存在,无需重复部署'); return; } - }catch(Exception $e){ + } catch (Exception $e) { $this->log($e->getMessage()); } - + $param = [ 'httpsEnable' => 'ON', 'certificate' => [ @@ -52,7 +52,7 @@ class baidu implements DeployInterface 'certPrivateData' => $privatekey, ], ]; - $data = $client->request('PUT', '/v2/'.$config['domain'].'/certificates', null, $param); + $data = $client->request('PUT', '/v2/' . $config['domain'] . '/certificates', null, $param); $info['cert_id'] = $data['certId']; $this->log('CDN域名 ' . $config['domain'] . ' 证书部署成功!'); } diff --git a/app/lib/deploy/ftp.php b/app/lib/deploy/ftp.php index 2503d2d..cfff989 100644 --- a/app/lib/deploy/ftp.php +++ b/app/lib/deploy/ftp.php @@ -81,12 +81,12 @@ class ftp implements DeployInterface throw new Exception('端口不合法'); } - if($this->config['secure'] == '1'){ + if ($this->config['secure'] == '1') { $conn_id = ftp_ssl_connect($this->config['host'], intval($this->config['port']), 10); if (!$conn_id) { throw new Exception('FTP服务器无法连接(SSL)'); } - }else{ + } else { $conn_id = ftp_connect($this->config['host'], intval($this->config['port']), 10); if (!$conn_id) { throw new Exception('FTP服务器无法连接'); diff --git a/app/lib/deploy/huawei.php b/app/lib/deploy/huawei.php index a53d5b4..da390a9 100644 --- a/app/lib/deploy/huawei.php +++ b/app/lib/deploy/huawei.php @@ -31,11 +31,11 @@ class huawei implements DeployInterface $certInfo = openssl_x509_parse($fullchain, true); if (!$certInfo) throw new Exception('证书解析失败'); $config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t']; - if($config['product'] == 'cdn'){ + if ($config['product'] == 'cdn') { $this->deploy_cdn($fullchain, $privatekey, $config); - }elseif($config['product'] == 'elb'){ + } elseif ($config['product'] == 'elb') { $this->deploy_elb($fullchain, $privatekey, $config); - }elseif($config['product'] == 'waf'){ + } elseif ($config['product'] == 'waf') { $this->deploy_waf($fullchain, $privatekey, $config); } } @@ -56,7 +56,7 @@ class huawei implements DeployInterface ], ], ]; - $client->request('PUT', '/v1.1/cdn/configuration/domains/'.$config['domain'].'/configs', null, $param); + $client->request('PUT', '/v1.1/cdn/configuration/domains/' . $config['domain'] . '/configs', null, $param); $this->log('CDN域名 ' . $config['domain'] . ' 部署证书成功!'); } @@ -65,15 +65,15 @@ class huawei implements DeployInterface if (empty($config['project_id'])) throw new Exception('项目ID不能为空'); if (empty($config['region_id'])) throw new Exception('区域ID不能为空'); if (empty($config['cert_id'])) throw new Exception('证书ID不能为空'); - $endpoint = 'elb.'.$config['region_id'].'.myhuaweicloud.com'; + $endpoint = 'elb.' . $config['region_id'] . '.myhuaweicloud.com'; $client = new HuaweiCloud($this->AccessKeyId, $this->SecretAccessKey, $endpoint); - try{ - $data = $client->request('GET', '/v3/'.$config['project_id'].'/elb/certificates/'.$config['cert_id']); - }catch(Exception $e){ - throw new Exception('证书详情查询失败:'.$e->getMessage()); + try { + $data = $client->request('GET', '/v3/' . $config['project_id'] . '/elb/certificates/' . $config['cert_id']); + } catch (Exception $e) { + throw new Exception('证书详情查询失败:' . $e->getMessage()); } - if(isset($data['certificate']['certificate']) && trim($data['certificate']['certificate']) == trim($fullchain)){ - $this->log('ELB证书ID '.$config['cert_id'].' 已存在,无需重复部署'); + if (isset($data['certificate']['certificate']) && trim($data['certificate']['certificate']) == trim($fullchain)) { + $this->log('ELB证书ID ' . $config['cert_id'] . ' 已存在,无需重复部署'); return; } $param = [ @@ -83,7 +83,7 @@ class huawei implements DeployInterface 'domain' => implode(',', $config['domainList']), ], ]; - $client->request('PUT', '/v3/'.$config['project_id'].'/elb/certificates/'.$config['cert_id'], null, $param); + $client->request('PUT', '/v3/' . $config['project_id'] . '/elb/certificates/' . $config['cert_id'], null, $param); $this->log('ELB证书ID ' . $config['cert_id'] . ' 更新证书成功!'); } @@ -92,15 +92,15 @@ class huawei implements DeployInterface if (empty($config['project_id'])) throw new Exception('项目ID不能为空'); if (empty($config['region_id'])) throw new Exception('区域ID不能为空'); if (empty($config['cert_id'])) throw new Exception('证书ID不能为空'); - $endpoint = 'waf.'.$config['region_id'].'.myhuaweicloud.com'; + $endpoint = 'waf.' . $config['region_id'] . '.myhuaweicloud.com'; $client = new HuaweiCloud($this->AccessKeyId, $this->SecretAccessKey, $endpoint); - try{ - $data = $client->request('GET', '/v1/'.$config['project_id'].'/waf/certificates/'.$config['cert_id']); - }catch(Exception $e){ - throw new Exception('证书详情查询失败:'.$e->getMessage()); + try { + $data = $client->request('GET', '/v1/' . $config['project_id'] . '/waf/certificates/' . $config['cert_id']); + } catch (Exception $e) { + throw new Exception('证书详情查询失败:' . $e->getMessage()); } - if(isset($data['content']) && trim($data['content']) == trim($fullchain)){ - $this->log('WAF证书ID '.$config['cert_id'].' 已存在,无需重复部署'); + if (isset($data['content']) && trim($data['content']) == trim($fullchain)) { + $this->log('WAF证书ID ' . $config['cert_id'] . ' 已存在,无需重复部署'); return; } $param = [ @@ -108,7 +108,7 @@ class huawei implements DeployInterface 'content' => $fullchain, 'key' => $privatekey, ]; - $client->request('PUT', '/v1/'.$config['project_id'].'/waf/certificates/'.$config['cert_id'], null, $param); + $client->request('PUT', '/v1/' . $config['project_id'] . '/waf/certificates/' . $config['cert_id'], null, $param); $this->log('WAF证书ID ' . $config['cert_id'] . ' 更新证书成功!'); } diff --git a/app/lib/deploy/huoshan.php b/app/lib/deploy/huoshan.php index b663758..dd35579 100644 --- a/app/lib/deploy/huoshan.php +++ b/app/lib/deploy/huoshan.php @@ -71,7 +71,7 @@ class huoshan implements DeployInterface try { $data = $client->request('POST', 'AddCertificate', $param); } catch (Exception $e) { - if(strpos($e->getMessage(), '证书已存在,ID为')!==false){ + if (strpos($e->getMessage(), '证书已存在,ID为') !== false) { $cert_id = trim(getSubstr($e->getMessage(), '证书已存在,ID为', '。')); $this->log('证书已存在 CertId=' . $cert_id); return $cert_id; diff --git a/app/lib/deploy/local.php b/app/lib/deploy/local.php index 71b7027..d51458c 100644 --- a/app/lib/deploy/local.php +++ b/app/lib/deploy/local.php @@ -20,8 +20,8 @@ class local implements DeployInterface } if ($config['format'] == 'pem') { $dir = dirname($config['pem_cert_file']); - if (!is_dir($dir)) throw new Exception($dir.' 目录不存在'); - if (!is_writable($dir)) throw new Exception($dir.' 目录不可写'); + if (!is_dir($dir)) throw new Exception($dir . ' 目录不存在'); + if (!is_writable($dir)) throw new Exception($dir . ' 目录不可写'); if (file_put_contents($config['pem_cert_file'], $fullchain)) { $this->log('证书已保存到:' . $config['pem_cert_file']); @@ -35,8 +35,8 @@ class local implements DeployInterface } } elseif ($config['format'] == 'pfx') { $dir = dirname($config['pfx_file']); - if (!is_dir($dir)) throw new Exception($dir.' 目录不存在'); - if (!is_writable($dir)) throw new Exception($dir.' 目录不可写'); + if (!is_dir($dir)) throw new Exception($dir . ' 目录不存在'); + if (!is_writable($dir)) throw new Exception($dir . ' 目录不可写'); $pfx = \app\lib\CertHelper::getPfx($fullchain, $privatekey, $config['pfx_pass'] ? $config['pfx_pass'] : null); if (file_put_contents($config['pfx_file'], $pfx)) { @@ -47,10 +47,10 @@ class local implements DeployInterface } if (!empty($config['cmd'])) { $cmds = explode("\n", $config['cmd']); - foreach($cmds as $cmd){ + foreach ($cmds as $cmd) { $cmd = trim($cmd); - if(empty($cmd)) continue; - $this->log('执行命令:'.$cmd); + if (empty($cmd)) continue; + $this->log('执行命令:' . $cmd); $output = []; $ret = 0; exec($cmd, $output, $ret); diff --git a/app/lib/deploy/qiniu.php b/app/lib/deploy/qiniu.php index 1bc2c07..5a25dde 100644 --- a/app/lib/deploy/qiniu.php +++ b/app/lib/deploy/qiniu.php @@ -38,11 +38,11 @@ class qiniu implements DeployInterface $cert_id = $this->get_cert_id($fullchain, $privatekey, $certInfo['subject']['CN'], $cert_name); - if($config['product'] == 'cdn'){ + if ($config['product'] == 'cdn') { $this->deploy_cdn($domain, $cert_id); - }elseif($config['product'] == 'oss'){ + } elseif ($config['product'] == 'oss') { $this->deploy_oss($domain, $cert_id); - }else{ + } else { throw new Exception('未知的产品类型'); } $info['cert_id'] = $cert_id; diff --git a/app/lib/deploy/tencent.php b/app/lib/deploy/tencent.php index 1cde46a..6f2b5c8 100644 --- a/app/lib/deploy/tencent.php +++ b/app/lib/deploy/tencent.php @@ -58,7 +58,7 @@ class tencent implements DeployInterface if (empty($config['domain'])) throw new Exception('绑定的域名不能为空'); if ($config['product'] == 'waf') { $this->client = new TencentCloud($this->SecretId, $this->SecretKey, 'ssl.tencentcloudapi.com', 'ssl', '2019-12-05', $config['region']); - } elseif (in_array($config['product'], ['tse','scf'])) { + } elseif (in_array($config['product'], ['tse', 'scf'])) { if (empty($config['regionid'])) throw new Exception('所属地域ID不能为空'); $this->client = new TencentCloud($this->SecretId, $this->SecretKey, 'ssl.tencentcloudapi.com', 'ssl', '2019-12-05', $config['regionid']); } @@ -219,12 +219,12 @@ class tencent implements DeployInterface throw new Exception('获取云函数自定义域名失败:' . $e->getMessage()); } - if(isset($data['CertConfig']['CertificateId']) && $data['CertConfig']['CertificateId'] == $cert_id){ + if (isset($data['CertConfig']['CertificateId']) && $data['CertConfig']['CertificateId'] == $cert_id) { $this->log('云函数自定义域名 ' . $config['domain'] . ' 已部署证书,无需重复部署'); return; } $data['CertConfig']['CertificateId'] = $cert_id; - if($data['Protocol'] == 'HTTP') $data['Protocol'] = 'HTTP&HTTPS'; + if ($data['Protocol'] == 'HTTP') $data['Protocol'] = 'HTTP&HTTPS'; $param = [ 'Domain' => $config['domain'],