Refactorized main entry function

- Moved constants to def.go - Added acme close function (not used for now) - Added robots.txt to prevent webmin panel being scanned by search engine
2025-08-11 23:55:24 +02:00 · 2024-11-19 20:30:36 +08:00
parent 293a527ffc
commit c5170bcb94
12 changed files with 264 additions and 134 deletions
--- a/src/mod/acme/acme.go
+++ b/src/mod/acme/acme.go
@@ -86,6 +86,13 @@ func (a *ACMEHandler) Logf(message string, err error) {
 	a.Logger.PrintAndLog("ACME", message, err)
 }

+// Close closes the ACMEHandler.
+// ACME Handler does not need to close anything
+// Function defined for future compatibility
+func (a *ACMEHandler) Close() error {
+	return nil
+}
+
 // ObtainCert obtains a certificate for the specified domains.
 func (a *ACMEHandler) ObtainCert(domains []string, certificateName string, email string, caName string, caUrl string, skipTLS bool, useDNS bool, propagationTimeout int) (bool, error) {
 	a.Logf("Obtaining certificate for: "+strings.Join(domains, ", "), nil)
--- a/src/mod/acme/autorenew.go
+++ b/src/mod/acme/autorenew.go
@@ -354,6 +354,7 @@ func (a *AutoRenewer) CheckAndRenewCertificates() ([]string, error) {
 	return a.renewExpiredDomains(expiredCertList)
 }

+// Close the auto renewer
 func (a *AutoRenewer) Close() {
 	if a.TickerstopChan != nil {
 		a.TickerstopChan <- true
@@ -439,7 +440,7 @@ func (a *AutoRenewer) HanldeSetEAB(w http.ResponseWriter, r *http.Request) {
 }

 // Handle update auto renew DNS configuration
-func (a *AutoRenewer) HanldeSetDNS(w http.ResponseWriter, r *http.Request) {
+func (a *AutoRenewer) HandleSetDNS(w http.ResponseWriter, r *http.Request) {
 	dnsProvider, err := utils.PostPara(r, "dnsProvider")
 	if err != nil {
 		utils.SendErrorResponse(w, "dnsProvider not set")
--- a/src/mod/dynamicproxy/domainsniff/domainsniff.go
+++ b/src/mod/dynamicproxy/domainsniff/domainsniff.go
@@ -9,6 +9,7 @@ package domainsniff

 */
 import (
+	"crypto/tls"
 	"net"
 	"time"
 )
@@ -25,6 +26,30 @@ func DomainReachableWithError(domain string) error {
 	return nil
 }

+// Check if a domain have TLS but it is self-signed or expired
+func DomainIsSelfSigned(domain string) (bool, error) {
+	//Get the certificate
+	conn, err := net.Dial("tcp", domain)
+	if err != nil {
+		return false, err
+	}
+	defer conn.Close()
+
+	//Connect with TLS using insecure skip verify
+	config := &tls.Config{
+		InsecureSkipVerify: true,
+	}
+	tlsConn := tls.Client(conn, config)
+	err = tlsConn.Handshake()
+	if err != nil {
+		return false, err
+	}
+
+	//Check if the certificate is self-signed
+	cert := tlsConn.ConnectionState().PeerCertificates[0]
+	return cert.Issuer.CommonName == cert.Subject.CommonName, nil
+}
+
 // Check if domain reachable
 func DomainReachable(domain string) bool {
 	return DomainReachableWithError(domain) == nil