feat: sync httpdns sdk/platform updates without large binaries

2026-03-04 17:59:14 +08:00
parent 853897a6f8
commit 532891fad0
700 changed files with 6096 additions and 2712 deletions
--- a/EdgeAPI/internal/rpc/services/httpdns/converters.go
+++ b/EdgeAPI/internal/rpc/services/httpdns/converters.go
@@ -2,9 +2,12 @@ package httpdns

 import (
 	"encoding/json"
+	"log"

 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
+	"github.com/iwind/TeaGo/dbs"
 )

 func toPBCluster(cluster *models.HTTPDNSCluster) *pb.HTTPDNSCluster {
@@ -25,9 +28,94 @@ func toPBCluster(cluster *models.HTTPDNSCluster) *pb.HTTPDNSCluster {
 		UpdatedAt:         int64(cluster.UpdatedAt),
 		AutoRemoteStart:   cluster.AutoRemoteStart,
 		AccessLogIsOn:     cluster.AccessLogIsOn,
+		TimeZone:          cluster.TimeZone,
 	}
 }

+// toPBClusterWithResolvedCerts 转换集群并解析证书引用为实际 PEM 数据
+// 供节点调用的 RPC 使用，确保节点能拿到完整的证书内容
+func toPBClusterWithResolvedCerts(tx *dbs.Tx, cluster *models.HTTPDNSCluster) *pb.HTTPDNSCluster {
+	pbCluster := toPBCluster(cluster)
+	if pbCluster == nil {
+		return nil
+	}
+	resolved := resolveTLSPolicyCerts(tx, cluster.TLSPolicy)
+	if resolved != nil {
+		pbCluster.TlsPolicyJSON = resolved
+	}
+	return pbCluster
+}
+
+// resolveTLSPolicyCerts 将 tlsPolicyJSON 中的 certRefs 解析为带实际 PEM 数据的 certs
+func resolveTLSPolicyCerts(tx *dbs.Tx, tlsPolicyJSON []byte) []byte {
+	if len(tlsPolicyJSON) == 0 {
+		return nil
+	}
+
+	// 解析外层结构: {"listen": [...], "sslPolicy": {...}}
+	var tlsConfig map[string]json.RawMessage
+	if err := json.Unmarshal(tlsPolicyJSON, &tlsConfig); err != nil {
+		return nil
+	}
+
+	sslPolicyData, ok := tlsConfig["sslPolicy"]
+	if !ok || len(sslPolicyData) == 0 {
+		return nil
+	}
+
+	var sslPolicy sslconfigs.SSLPolicy
+	if err := json.Unmarshal(sslPolicyData, &sslPolicy); err != nil {
+		return nil
+	}
+
+	// 检查 certs 是否已经有实际数据
+	for _, cert := range sslPolicy.Certs {
+		if cert != nil && len(cert.CertData) > 128 && len(cert.KeyData) > 128 {
+			return nil // 已有完整 PEM 数据，无需处理
+		}
+	}
+
+	// 从 certRefs 解析实际证书数据
+	if len(sslPolicy.CertRefs) == 0 {
+		return nil
+	}
+
+	var resolvedCerts []*sslconfigs.SSLCertConfig
+	for _, ref := range sslPolicy.CertRefs {
+		if ref == nil || ref.CertId <= 0 {
+			continue
+		}
+		certConfig, err := models.SharedSSLCertDAO.ComposeCertConfig(tx, ref.CertId, false, nil, nil)
+		if err != nil {
+			log.Println("[HTTPDNS]resolve cert", ref.CertId, "failed:", err.Error())
+			continue
+		}
+		if certConfig == nil || len(certConfig.CertData) == 0 || len(certConfig.KeyData) == 0 {
+			continue
+		}
+		resolvedCerts = append(resolvedCerts, certConfig)
+	}
+
+	if len(resolvedCerts) == 0 {
+		return nil
+	}
+
+	// 把解析后的证书写回 sslPolicy.Certs
+	sslPolicy.Certs = resolvedCerts
+
+	newPolicyData, err := json.Marshal(&sslPolicy)
+	if err != nil {
+		return nil
+	}
+	tlsConfig["sslPolicy"] = newPolicyData
+
+	result, err := json.Marshal(tlsConfig)
+	if err != nil {
+		return nil
+	}
+	return result
+}
+
 func toPBNode(node *models.HTTPDNSNode) *pb.HTTPDNSNode {
 	if node == nil {
 		return nil