Feature/v2.8.0 (#231)

支持Imap协议升级所有依赖修复部分bug
2026-04-23 00:17:16 +08:00 · 2025-01-04 16:23:07 +08:00
parent 6697d2b229
commit 5af46b32f6
82 changed files with 4149 additions and 345 deletions
@@ -15,6 +15,7 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cast"
 	"os"
+	"strings"
 	"time"

 	"github.com/go-acme/lego/v4/certcrypto"
@@ -39,7 +40,7 @@ func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
 }

 func GetSSL() string {
-	cfg, err := setup.ReadConfig()
+	cfg, err := config.ReadConfig()
 	if err != nil {
 		panic(err)
 	}
@@ -51,7 +52,7 @@ func GetSSL() string {
 }

 func SetSSL(sslType, priKey, crtKey string) error {
-	cfg, err := setup.ReadConfig()
+	cfg, err := config.ReadConfig()
 	if err != nil {
 		panic(err)
 	}
@@ -68,7 +69,7 @@ func SetSSL(sslType, priKey, crtKey string) error {
 		cfg.HttpsEnabled = 2
 	}

-	err = setup.WriteConfig(cfg)
+	err = config.WriteConfig(cfg)
 	if err != nil {
 		return errors.Wrap(err)
 	}
@@ -124,6 +125,7 @@ func renewCertificate(privateKey *ecdsa.PrivateKey, cfg *config.Config) error {
 	for _, domain := range cfg.Domains {
 		domains = append(domains, "smtp."+domain)
 		domains = append(domains, "pop."+domain)
+		domains = append(domains, "imap."+domain)
 	}

 	request := certificate.ObtainRequest{
@@ -203,6 +205,7 @@ func generateCertificate(privateKey *ecdsa.PrivateKey, cfg *config.Config, newAc
 	for _, domain := range cfg.Domains {
 		domains = append(domains, "smtp."+domain)
 		domains = append(domains, "pop."+domain)
+		domains = append(domains, "imap."+domain)
 	}

 	request := certificate.ObtainRequest{
@@ -243,7 +246,7 @@ func generateCertificate(privateKey *ecdsa.PrivateKey, cfg *config.Config, newAc

 func GenSSL(update bool) error {

-	cfg, err := setup.ReadConfig()
+	cfg, err := config.ReadConfig()
 	if err != nil {
 		panic(err)
 	}
@@ -267,38 +270,47 @@ func GenSSL(update bool) error {
 }

 // CheckSSLCrtInfo 返回证书过期剩余天数
-func CheckSSLCrtInfo() (int, time.Time, error) {
+func CheckSSLCrtInfo() (int, time.Time, bool, error) {

-	cfg, err := setup.ReadConfig()
+	cfg, err := config.ReadConfig()
 	if err != nil {
 		panic(err)
 	}
 	// load cert and key by tls.LoadX509KeyPair
 	tlsCert, err := tls.LoadX509KeyPair(cfg.SSLPublicKeyPath, cfg.SSLPrivateKeyPath)
 	if err != nil {
-		return -1, time.Now(), errors.Wrap(err)
+		return -1, time.Now(), true, errors.Wrap(err)
 	}

 	cert, err := x509.ParseCertificate(tlsCert.Certificate[0])

 	if err != nil {
-		return -1, time.Now(), errors.Wrap(err)
+		return -1, time.Now(), true, errors.Wrap(err)
+	}
+
+	nameMatchFail := true
+	for _, name := range cert.DNSNames {
+		if strings.Contains("imap", name) {
+			nameMatchFail = false
+			break
+		}
 	}

 	// 检查过期时间
 	hours := cert.NotAfter.Sub(time.Now()).Hours()

 	if hours <= 0 {
-		return -1, time.Now(), errors.New("Certificate has expired")
+		return -1, time.Now(), nameMatchFail, errors.New("Certificate has expired")
 	}

-	return cast.ToInt(hours / 24), cert.NotAfter, nil
+	return cast.ToInt(hours / 24), cert.NotAfter, nameMatchFail, nil
 }

 func Update(needRestart bool) {
 	if config.Instance != nil && config.Instance.IsInit && (config.Instance.SSLType == config.SSLTypeAutoHTTP || config.Instance.SSLType == config.SSLTypeAutoDNS) {
-		days, _, err := CheckSSLCrtInfo()
-		if days < 30 || err != nil {
+		days, _, nameMatchFail, err := CheckSSLCrtInfo()
+
+		if days < 30 || err != nil || nameMatchFail {
 			if err != nil {
 				log.Errorf("SSL Check Error, Update SSL Certificate. Error Info :%+v", err)
 			} else {