From 9243a664fa86b8d999e5a6730c42d72677373a1e Mon Sep 17 00:00:00 2001 From: virusdefender Date: Wed, 16 Aug 2023 16:51:59 +0800 Subject: [PATCH] tiny fix --- .github/workflows/go.yml | 2 +- .gitignore | 1 + go.mod | 4 ++-- main.go | 35 ++++++++++++++++++++--------------- 4 files changed, 24 insertions(+), 18 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 7675b45..5d9e397 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -17,7 +17,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v2 with: - go-version: 1.17 + go-version: "1.21.0" - name: Build run: | diff --git a/.gitignore b/.gitignore index 40f9ac2..f904ccc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ *.crt *.key .idea/ +certs/ \ No newline at end of file diff --git a/go.mod b/go.mod index 021cfbe..fa5ce1b 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,3 @@ -module github.com/virusdefender/cert-copier +module github.com/virusdefender/copy-cert -go 1.17 +go 1.21 diff --git a/main.go b/main.go index c71e41d..3ed3c68 100644 --- a/main.go +++ b/main.go @@ -8,11 +8,13 @@ import ( "crypto/x509" "encoding/pem" "fmt" - "io/ioutil" "log" "os" "path/filepath" "regexp" + "slices" + "strings" + "time" ) type certPair struct { @@ -25,7 +27,7 @@ type certPair struct { func getCertsFromNetwork(addr string) ([]*x509.Certificate, error) { conf := &tls.Config{ - InsecureSkipVerify: true, + InsecureSkipVerify: false, } conn, err := tls.Dial("tcp", addr, conf) if err != nil { @@ -35,12 +37,6 @@ func getCertsFromNetwork(addr string) ([]*x509.Certificate, error) { return conn.ConnectionState().PeerCertificates, nil } -func reverse(s []*certPair) { - for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 { - s[i], s[j] = s[j], s[i] - } -} - func makeCerts(originCerts []*x509.Certificate) ([]*certPair, error) { certs := make([]*certPair, len(originCerts)) // the origin order: website cert, intermediate ca, root ca @@ -48,7 +44,7 @@ func makeCerts(originCerts []*x509.Certificate) ([]*certPair, error) { log.Printf("got cert: %s", cert.Subject.CommonName) certs[idx] = &certPair{originCert: cert} } - reverse(certs) + slices.Reverse(certs) for idx, pair := range certs { var pub interface{} @@ -120,14 +116,20 @@ func main() { if err != nil { log.Fatal(err) } - reverse(newCerts) + slices.Reverse(newCerts) + + dir := filepath.Join("certs", time.Now().Local().Format("2006_01_02_15_04_05")) + err = os.MkdirAll(dir, 0o744) + if err != nil { + log.Fatal(err) + } - bundleCert, err := os.OpenFile("bundle.crt", os.O_WRONLY|os.O_CREATE, 0o744) + bundleCert, err := os.OpenFile(filepath.Join(dir, "bundle.crt"), os.O_WRONLY|os.O_CREATE, 0o744) if err != nil { log.Fatal(err) } defer bundleCert.Close() - bundleKey, err := os.OpenFile("bundle.key", os.O_WRONLY|os.O_CREATE, 0o744) + bundleKey, err := os.OpenFile(filepath.Join(dir, "bundle.key"), os.O_WRONLY|os.O_CREATE, 0o744) if err != nil { log.Fatal(err) } @@ -135,8 +137,10 @@ func main() { for _, pair := range newCerts { log.Printf("going to write new cert and key: %s", pair.newCert.Subject.CommonName) - pathBase := fileNameRegex.ReplaceAllString(pair.newCert.Subject.CommonName, "_") - err = ioutil.WriteFile(pathBase+".crt", pair.newCertPem, 0o744) + // 担心星号在 Windows 上是不合法的文件名(当然我也没测试),但是被替换为下换线又很奇怪,所以替换成 __wildcard__ + pathBase := strings.ReplaceAll(pair.newCert.Subject.CommonName, "*", "__wildcard__") + pathBase = fileNameRegex.ReplaceAllString(pathBase, "_") + err = os.WriteFile(filepath.Join(dir, pathBase+".crt"), pair.newCertPem, 0o744) if err != nil { log.Fatal(err) } @@ -145,7 +149,7 @@ func main() { log.Fatal(err) } - err = ioutil.WriteFile(pathBase+".key", pair.privPem, 0o744) + err = os.WriteFile(filepath.Join(dir, pathBase+".key"), pair.privPem, 0o744) if err != nil { log.Fatal(err) } @@ -154,4 +158,5 @@ func main() { log.Fatal(err) } } + log.Printf("certs save to %s", dir) }