update

支持生成自签SSL证书
28 changed files with 785 additions and 514 deletions
--- a/app/command/Clean.php
+++ b/app/command/Clean.php
@ -68,37 +68,10 @@ class Clean extends Command
            if($file == '.' || $file == '..') continue;
            if(!in_array($file, $file_list)){
                $filepath = $data_dir . 'folder/' . $file;
-                $this->delete_dir($filepath);
+                deleteDir($filepath);
                $count++;
            }
        }
        $output->writeln($os.'成功清理'.$count.'个历史版本插件目录');
    }
-
-    // 删除文件夹
-    private function delete_dir($dir){
-        $rd = opendir($dir);
-        if (!$rd) {
-            return false;
-        }
-
-        while (($file = readdir($rd)) !== false) {
-            if ($file == '.' || $file == '..') {
-                continue;
-            }
-
-            $file = $dir . '/' . $file;
-
-            if (is_dir($file)) {
-                $this->delete_dir($file);
-            }
-            else {
-                unlink($file);
-            }
-        }
-
-        closedir($rd);
-        rmdir($dir);
-        return true;
-    }
 }
--- a/app/common.php
+++ b/app/common.php
@ -180,6 +180,11 @@ function checkIfActive($string) {
 		return null;
 }

+function checkDomain($domain){
+	if(empty($domain) || !preg_match('/^[-$a-z0-9_*.]{2,512}$/i', $domain) || (stripos($domain, '.') === false) || substr($domain, -1) == '.' || substr($domain, 0 ,1) == '.' || substr($domain, 0 ,1) == '*' && substr($domain, 1 ,1) != '.' || substr_count($domain, '*')>1 || strpos($domain, '*')>0 || strlen($domain)<4) return false;
+	return true;
+}
+
 function errorlog($msg){
 	$handle = fopen(app()->getRootPath()."record.txt", 'a');
 	fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n");
@ -224,4 +229,95 @@ function pemToBase64($pem){
        }
    }
    return $encoded;
+}
+
+function makeSelfSignSSL(string $commonName, array $domainList, $validity = 3650){
+	// 加载 CA 证书和私钥
+	$dir = app()->getBasePath().'script/';
+	$caCert = file_get_contents($dir.'ca.crt');
+	$caPrivateKey = file_get_contents($dir.'ca.key');
+
+	$opensslConfigFile = sys_get_temp_dir().'/openssl'.time().mt_rand(1000, 9999).'.cnf';
+	$opensslConfigContent = <<<EOF
+[req]
+req_extensions = extension_section
+x509_extensions	= extension_section
+distinguished_name = dn
+
+[dn]
+
+[extension_section]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+EOF;
+	$ip_index = 1;
+	$dns_index = 1;
+	foreach ($domainList as $value) {
+		if(empty($value)) continue;
+		if(filter_var($value, FILTER_VALIDATE_IP)){
+			$opensslConfigContent .= sprintf("\nIP.%d = %s", $ip_index, $value);
+			$ip_index++;
+		}else{
+			$opensslConfigContent .= sprintf("\nDNS.%d = %s", $dns_index, $value);
+			$dns_index++;
+		}
+	}
+
+	if(!file_put_contents($opensslConfigFile, $opensslConfigContent)) return false;
+
+	// 生成域名证书的私钥和 CSR
+	$domainPrivateKey = openssl_pkey_new([
+		'private_key_bits' => 2048,
+		'private_key_type' => OPENSSL_KEYTYPE_RSA,
+	]);
+	if(!$domainPrivateKey) return false;
+
+	$csrConfig = ['digest_alg' => 'sha256', 'config' => $opensslConfigFile];
+
+	$domainCsr = openssl_csr_new([
+		'commonName' => $commonName
+	], $domainPrivateKey, $csrConfig);
+	if(!$domainCsr) return false;
+
+	// 生成域名证书
+	$domainCertificate = openssl_csr_sign($domainCsr, $caCert, $caPrivateKey, $validity, $csrConfig);
+	if(!$domainCertificate) return false;
+
+	// 导出域名证书
+	openssl_x509_export($domainCertificate, $certificate);
+	openssl_pkey_export($domainPrivateKey, $privateKey);
+	$certificate .= $caCert;
+
+	unlink($opensslConfigFile);
+
+	return ['cert' => $certificate, 'key' => $privateKey];
+}
+
+function deleteDir($dir){
+	$rd = opendir($dir);
+	if (!$rd) {
+		return false;
+	}
+
+	while (($file = readdir($rd)) !== false) {
+		if ($file == '.' || $file == '..') {
+			continue;
+		}
+
+		$file = $dir . '/' . $file;
+
+		if (is_dir($file)) {
+			deleteDir($file);
+		}
+		else {
+			unlink($file);
+		}
+	}
+
+	closedir($rd);
+	rmdir($dir);
+	return true;
 }
--- a/app/controller/Admin.php
+++ b/app/controller/Admin.php
@ -400,4 +400,37 @@ class Admin extends BaseController
        Cache::clear();
        return json(['code'=>0,'msg'=>'succ']);
    }
+
+    public function ssl(){
+        if(request()->isAjax()){
+            $domain_list = input('post.domain_list', null, 'trim');
+            $common_name = input('post.common_name', null, 'trim');
+            $validity = input('post.validity/d');
+            if(empty($domain_list) || empty($validity)){
+                return json(['code'=>-1, 'msg'=>'参数不能为空']);
+            }
+            $array = explode("\n", $domain_list);
+            $domain_list = [];
+            foreach($array as $domain){
+                $domain = trim($domain);
+                if(empty($domain)) continue;
+                if(!checkDomain($domain)) return json(['code'=>-1, 'msg'=>'域名或IP格式不正确:'.$domain]);
+                $domain_list[] = $domain;
+            }
+            if(empty($domain_list)) return json(['code'=>-1, 'msg'=>'域名列表不能为空']);
+            if(empty($common_name)) $common_name = $domain_list[0];
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['code'=>-1, 'msg'=>'生成证书失败']);
+            }
+            return json(['code'=>0, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key']]);
+        }
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $ssl_path_mac = app()->getRootPath().'public/ssl/baota_root.crt';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path) && file_exists($ssl_path_mac);
+        View::assign('isca', $isca);
+        return view();
+    }
 }
--- a/app/controller/Api.php
+++ b/app/controller/Api.php
@ -48,7 +48,7 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
        if(file_exists($filepath)){
            $filename = $plugin_name.'.zip';
@ -70,19 +70,21 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
-        $filepath = get_data_dir($os).'plugins/main/'.$plugin_name.'-'.$version.'.dat';
-        if(file_exists($filepath)){
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
+        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
+        $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+        if(file_exists($mainfilepath)){
            $filename = $plugin_name.'_main.py';
-            $this->output_file($filepath, $filename);
-        }else{
-            $filepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
-            if(file_exists($filepath)){
-                $filename = $plugin_name.'_main.py';
-                $this->output_file($filepath, $filename);
+            $this->output_file($mainfilepath, $filename);
+        }elseif(file_exists($filepath)){
+            $zip = new \ZipArchive;
+            if ($zip->open($filepath) === true){
+                echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
            }else{
-                return '云端不存在该插件主文件';
+                return '插件包解压缩失败';
            }
+        }else{
+            return '云端不存在该插件主文件';
        }
    }

@ -464,4 +466,36 @@ class Api extends BaseController
        fclose($handle);
        return json(['status'=>false, 'msg'=>'不支持当前操作']);
    }
+
+    //生成自签名SSL证书
+    public function bt_cert(){
+        $data = input('post.data');
+        $param = json_decode($data, true);
+        if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
+        if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
+
+        if($param['action'] == 'get_domain_cert'){
+            if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
+            $domain = $param['domain'];
+            if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
+            $domain_list = explode(',', $domain);
+            foreach($domain_list as $d){
+                if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
+            }
+            $common_name = $domain_list[0];
+            $validity = 3650;
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['status'=>false, 'msg'=>'生成证书失败']);
+            }
+            $ca_pfx = base64_encode(file_get_contents($ssl_path));
+            return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
+        }else{
+            return json(['status'=>false, 'msg'=>'不支持当前操作']);
+        }
+    }
 }
--- a/app/lib/BtPlugins.php
+++ b/app/lib/BtPlugins.php
@ -11,7 +11,7 @@ class BtPlugins
    private $os;
    
    //需屏蔽的插件名称列表
-    private static $block_plugins = ['dns'];
+    private static $block_plugins = ['dns','bt_boce','ssl_verify'];

    public function __construct($os){
        $this->os = $os;
@ -72,9 +72,10 @@ class BtPlugins
                    $zip = new ZipArchive;
                    if ($zip->open($filepath) === true)
                    {
-                        $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
+                        $plugins_dir = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version;
+                        $zip->extractTo($plugins_dir, $plugin_name.'/'.$plugin_name.'_main.py');
                        $zip->close();
-                        $main_filepath = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+                        $main_filepath = $plugins_dir.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
                        if(file_exists($main_filepath) && filesize($main_filepath)>10){
                            if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件，需要解密
                                $this->decode_plugin_main($plugin_name, $version, $main_filepath);
@ -84,6 +85,7 @@ class BtPlugins
                                $zip->close();
                            }
                        }
+                        deleteDir($plugins_dir);
                    }else{
                        unlink($filepath);
                        throw new Exception('插件包解压缩失败');
@ -197,6 +199,8 @@ class BtPlugins
        $data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
+        $data = str_replace('\'http://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);
+        $data = str_replace('\'https://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);

        file_put_contents($main_filepath, $data);
    }
--- a/app/lib/Btapi.php
+++ b/app/lib/Btapi.php
@ -1,243 +1,243 @@
-<?php
-
-namespace app\lib;
-
-use Exception;
-
-class Btapi
-{
-    private $BT_KEY; //接口密钥
-  	private $BT_PANEL; //面板地址
-	
-	public function __construct($bt_panel, $bt_key){
-		$this->BT_PANEL = $bt_panel;
-		$this->BT_KEY = $bt_key;
-	}
-	
-    //获取面板配置信息
-	public function get_config(){
-		$url = $this->BT_PANEL.'/config?action=get_config';
-		
-		$p_data = $this->GetKeyData();
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//获取已登录用户信息
-	public function get_user_info(){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_user_info';
-		
-		$p_data = $this->GetKeyData();
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//从云端获取插件列表
-	public function get_plugin_list(){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_plugin_list';
-		
-		$p_data = $this->GetKeyData();
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//下载插件包，返回文件路径
-	public function get_plugin_filename($plugin_name, $version){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['plugin_name'] = $plugin_name;
-		$p_data['version'] = $version;
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//下载插件主程序文件，返回文件路径
-	public function get_plugin_main_filename($plugin_name, $version){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_main';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['plugin_name'] = $plugin_name;
-		$p_data['version'] = $version;
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//解密插件主程序py代码，返回文件路径
-	public function get_decode_plugin_main($plugin_name, $version){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=decode_plugin_main';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['plugin_name'] = $plugin_name;
-		$p_data['version'] = $version;
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//下载插件其他文件，返回文件路径
-	public function get_plugin_other_filename($fname){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_other';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['fname'] = $fname;
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//下载文件
-	public function download($filename, $localpath){
-		$url = $this->BT_PANEL.'/download';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['filename'] = $filename;
-
-		$result = $this->curl_download($url.'?'.http_build_query($p_data), $localpath);
-
-      	return $result;
-	}
-
-	//获取文件base64
-	public function get_file($filename){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_file';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['filename'] = $filename;
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//购买第三方插件
-	public function create_plugin_other_order($pid){
-		$url = $this->BT_PANEL.'/auth?action=create_plugin_other_order';
-		
-		$p_data = $this->GetKeyData();
-		$p_data['pid'] = $pid;
-		$p_data['cycle'] = '999';
-		$p_data['type'] = '0';
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//获取一键部署列表
-	public function get_deplist(){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_deplist';
-		
-		$p_data = $this->GetKeyData();
-		
-		$result = $this->curl($url,$p_data);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-
-	//BTWAF-获取蜘蛛列表
-	public function btwaf_getspiders(){
-		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=btwaf_getspiders';
-		
-		$p_data = $this->GetKeyData();
-		
-		$result = $this->curl($url,$p_data);
-		$result = str_replace("\u0000", '', $result);
-		
-		$data = json_decode($result,true);
-      	return $data;
-	}
-	
-
-  	private function GetKeyData(){
-  		$now_time = time();
-    	$p_data = array(
-			'request_token'	=>	md5($now_time.''.md5($this->BT_KEY)),
-			'request_time'	=>	$now_time
-		);
-    	return $p_data;    
-    }
-  	
-  
-    private function curl($url, $data = null, $timeout = 60)
-    {
-    	//定义cookie保存位置
-        $cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
-        if(!file_exists($cookie_file)){
-            touch($cookie_file);
-        }
-		
-        $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $url);
-        curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
-		if($data){
-			curl_setopt($ch, CURLOPT_POST, 1);
-			curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
-		}
-        curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
-        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-        $output = curl_exec($ch);
-        curl_close($ch);
-        return $output;
-    }
-
-	private function curl_download($url, $localpath, $timeout = 300)
-    {
-    	//定义cookie保存位置
-        $cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
-        if(!file_exists($cookie_file)){
-            touch($cookie_file);
-        }
-		
-        $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $url);
-        curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
-        curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
-        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
-		$fp = fopen($localpath, 'w+');
-		curl_setopt($ch, CURLOPT_FILE, $fp);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-        curl_exec($ch);
-		if (curl_errno($ch)) {
-			$message = curl_error($ch);
-			curl_close($ch);
-			fclose($fp);
-			throw new Exception('下载文件失败：'.$message);
-		}
-		$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-		if($httpcode>299){
-			curl_close($ch);
-			fclose($fp);
-			throw new Exception('下载文件失败：HTTPCODE-'.$httpcode);
-		}
-        curl_close($ch);
-		fclose($fp);
-        return true;
-    }
+<?php
+
+namespace app\lib;
+
+use Exception;
+
+class Btapi
+{
+    private $BT_KEY; //接口密钥
+  	private $BT_PANEL; //面板地址
+	
+	public function __construct($bt_panel, $bt_key){
+		$this->BT_PANEL = $bt_panel;
+		$this->BT_KEY = $bt_key;
+	}
+	
+    //获取面板配置信息
+	public function get_config(){
+		$url = $this->BT_PANEL.'/config?action=get_config';
+		
+		$p_data = $this->GetKeyData();
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//获取已登录用户信息
+	public function get_user_info(){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_user_info';
+		
+		$p_data = $this->GetKeyData();
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//从云端获取插件列表
+	public function get_plugin_list(){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_plugin_list';
+		
+		$p_data = $this->GetKeyData();
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//下载插件包，返回文件路径
+	public function get_plugin_filename($plugin_name, $version){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['plugin_name'] = $plugin_name;
+		$p_data['version'] = $version;
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//下载插件主程序文件，返回文件路径
+	public function get_plugin_main_filename($plugin_name, $version){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_main';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['plugin_name'] = $plugin_name;
+		$p_data['version'] = $version;
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//解密插件主程序py代码，返回文件路径
+	public function get_decode_plugin_main($plugin_name, $version){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=decode_plugin_main';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['plugin_name'] = $plugin_name;
+		$p_data['version'] = $version;
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//下载插件其他文件，返回文件路径
+	public function get_plugin_other_filename($fname){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=download_plugin_other';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['fname'] = $fname;
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//下载文件
+	public function download($filename, $localpath){
+		$url = $this->BT_PANEL.'/download';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['filename'] = $filename;
+
+		$result = $this->curl_download($url.'?'.http_build_query($p_data), $localpath);
+
+      	return $result;
+	}
+
+	//获取文件base64
+	public function get_file($filename){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_file';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['filename'] = $filename;
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//购买第三方插件
+	public function create_plugin_other_order($pid){
+		$url = $this->BT_PANEL.'/auth?action=create_plugin_other_order';
+		
+		$p_data = $this->GetKeyData();
+		$p_data['pid'] = $pid;
+		$p_data['cycle'] = '999';
+		$p_data['type'] = '0';
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//获取一键部署列表
+	public function get_deplist(){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=get_deplist';
+		
+		$p_data = $this->GetKeyData();
+		
+		$result = $this->curl($url,$p_data);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+
+	//BTWAF-获取蜘蛛列表
+	public function btwaf_getspiders(){
+		$url = $this->BT_PANEL.'/plugin?action=a&name=kaixin&s=btwaf_getspiders';
+		
+		$p_data = $this->GetKeyData();
+		
+		$result = $this->curl($url,$p_data);
+		$result = str_replace("\u0000", '', $result);
+		
+		$data = json_decode($result,true);
+      	return $data;
+	}
+	
+
+  	private function GetKeyData(){
+  		$now_time = time();
+    	$p_data = array(
+			'request_token'	=>	md5($now_time.''.md5($this->BT_KEY)),
+			'request_time'	=>	$now_time
+		);
+    	return $p_data;    
+    }
+  	
+  
+    private function curl($url, $data = null, $timeout = 60)
+    {
+    	//定义cookie保存位置
+        $cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
+        if(!file_exists($cookie_file)){
+            touch($cookie_file);
+        }
+		
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $url);
+        curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+		if($data){
+			curl_setopt($ch, CURLOPT_POST, 1);
+			curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+		}
+        curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
+        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+        $output = curl_exec($ch);
+        curl_close($ch);
+        return $output;
+    }
+
+	private function curl_download($url, $localpath, $timeout = 300)
+    {
+    	//定义cookie保存位置
+        $cookie_file=app()->getRuntimePath().md5($this->BT_PANEL).'.cookie';
+        if(!file_exists($cookie_file)){
+            touch($cookie_file);
+        }
+		
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $url);
+        curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+        curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
+        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
+		$fp = fopen($localpath, 'w+');
+		curl_setopt($ch, CURLOPT_FILE, $fp);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+        curl_exec($ch);
+		if (curl_errno($ch)) {
+			$message = curl_error($ch);
+			curl_close($ch);
+			fclose($fp);
+			throw new Exception('下载文件失败：'.$message);
+		}
+		$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+		if($httpcode>299){
+			curl_close($ch);
+			fclose($fp);
+			throw new Exception('下载文件失败：HTTPCODE-'.$httpcode);
+		}
+        curl_close($ch);
+		fclose($fp);
+        return true;
+    }
 }
--- a/app/lib/ThirdPlugins.php
+++ b/app/lib/ThirdPlugins.php
@ -65,7 +65,6 @@ class ThirdPlugins
                $zip = new ZipArchive;
                if ($zip->open($filepath) === true)
                {
-                    $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
                    $zip->close();
                    return true;
                }else{
--- a/app/middleware/AuthAdmin.php
+++ b/app/middleware/AuthAdmin.php
@ -1,26 +1,26 @@
-<?php
-declare (strict_types=1);
-
-namespace app\middleware;
-
-
-class AuthAdmin
-{
-    public function handle($request, \Closure $next)
-    {
-        $islogin = false;
-        $cookie = cookie('admin_token');
-        if($cookie){
-            $token=authcode($cookie, 'DECODE', config_get('syskey'));
-            if($token){
-                list($user, $sid, $expiretime) = explode("\t", $token);
-                $session=md5(config_get('admin_username').config_get('admin_password'));
-                if($session==$sid && $expiretime>time()) {
-                    $islogin = true;
-                }
-            }
-        }
-        request()->islogin = $islogin;
-        return $next($request);
-    }
-}
+<?php
+declare (strict_types=1);
+
+namespace app\middleware;
+
+
+class AuthAdmin
+{
+    public function handle($request, \Closure $next)
+    {
+        $islogin = false;
+        $cookie = cookie('admin_token');
+        if($cookie){
+            $token=authcode($cookie, 'DECODE', config_get('syskey'));
+            if($token){
+                list($user, $sid, $expiretime) = explode("\t", $token);
+                $session=md5(config_get('admin_username').config_get('admin_password'));
+                if($session==$sid && $expiretime>time()) {
+                    $islogin = true;
+                }
+            }
+        }
+        request()->islogin = $islogin;
+        return $next($request);
+    }
+}
--- a/app/middleware/CheckAdmin.php
+++ b/app/middleware/CheckAdmin.php
@ -1,19 +1,19 @@
-<?php
-declare (strict_types=1);
-
-namespace app\middleware;
-
-
-class CheckAdmin
-{
-    public function handle($request, \Closure $next)
-    {
-        if (!request()->islogin) {
-            if ($request->isAjax() || !$request->isGet()) {
-                return json(['code'=>-1, 'msg'=>'未登录'])->code(401);
-            }
-            return redirect((string)url('/admin/login'));
-        }
-        return $next($request);
-    }
-}
+<?php
+declare (strict_types=1);
+
+namespace app\middleware;
+
+
+class CheckAdmin
+{
+    public function handle($request, \Closure $next)
+    {
+        if (!request()->islogin) {
+            if ($request->isAjax() || !$request->isGet()) {
+                return json(['code'=>-1, 'msg'=>'未登录'])->code(401);
+            }
+            return redirect((string)url('/admin/login'));
+        }
+        return $next($request);
+    }
+}
--- a/app/middleware/LoadConfig.php
+++ b/app/middleware/LoadConfig.php
@ -5,6 +5,7 @@ namespace app\middleware;

 use think\facade\Db;
 use think\facade\Config;
+use think\facade\View;

 class LoadConfig
 {
@ -31,6 +32,7 @@ class LoadConfig
        $res = Db::name('config')->cache('configs',0)->column('value','key');
        Config::set($res, 'sys');

+        View::assign('cdnpublic', '//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/');
        return $next($request)->header([
            'Cache-Control' => 'no-store, no-cache, must-revalidate',
            'Pragma' => 'no-cache',
--- a/app/middleware/RefererCheck.php
+++ b/app/middleware/RefererCheck.php
@ -1,24 +1,24 @@
-<?php
-declare (strict_types=1);
-
-namespace app\middleware;
-
-use think\facade\View;
-
-class RefererCheck
-{
-    /**
-     * 处理请求
-     *
-     * @param \think\Request $request
-     * @param \Closure $next
-     * @return Response
-     */
-    public function handle($request, \Closure $next)
-    {
-        if(!checkRefererHost()){
-            return response('Access Denied', 403);
-        }
-        return $next($request);
-    }
-}
+<?php
+declare (strict_types=1);
+
+namespace app\middleware;
+
+use think\facade\View;
+
+class RefererCheck
+{
+    /**
+     * 处理请求
+     *
+     * @param \think\Request $request
+     * @param \Closure $next
+     * @return Response
+     */
+    public function handle($request, \Closure $next)
+    {
+        if(!checkRefererHost()){
+            return response('Access Denied', 403);
+        }
+        return $next($request);
+    }
+}
--- a/app/script/cacert.sh
+++ b/app/script/cacert.sh
@ -0,0 +1,31 @@
+#!/bin/bash
+
+OPENSSL_CHECK=$(which openssl)
+if [ "$?" != "0" ]; then
+	echo "未安装OpenSSL"
+	exit 1
+fi
+
+if [ ! -f ca.key ] && [ ! -f ca.crt ]; then
+	openssl genrsa -out ca.key 2048
+	openssl req -new -x509 -utf8 -days 3650 -extensions v3_ca -subj "/C=CN/O=宝塔面板/CN=宝塔面板" -key ca.key -out ca.crt
+fi
+
+openssl genrsa -out server.key 2048
+openssl req -new -nodes -key server.key -subj "/C=CN/O=BTPanel/CN=BTPanel" -out server.csr
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 -extensions req_ext
+
+cat ca.crt >> server.crt
+
+openssl pkcs12 -export -out baota_root.pfx -inkey server.key -in server.crt -password pass:
+if [ "$?" != "0" ]; then
+	echo "生成CA根证书失败"
+	exit 1
+fi
+
+mkdir -p ../../public/ssl
+\cp baota_root.pfx ../../public/ssl/baota_root.pfx
+\cp ca.crt ../../public/ssl/baota_root.crt
+rm -f server.crt server.key server.csr
+
+echo "生成CA根证书成功"
--- a/app/view/admin/deplist.html
+++ b/app/view/admin/deplist.html
@ -16,7 +16,7 @@
 	</div>
 </div>
 </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function refresh_deplist(os){
    var confirm = layer.confirm('是否确定从宝塔官方获取最新一键部署列表？', {
--- a/app/view/admin/index.html
+++ b/app/view/admin/index.html
@ -1,60 +1,60 @@
-{extend name="admin/layout" /}
-{block name="title"}宝塔第三方云端管理中心{/block}
-{block name="main"}
-<style>
-.table>tbody>tr>td{white-space: normal;}
-.query-title {
-    background-color:#f5fafe;
-    word-break: keep-all;
-}
-.query-result{
-    word-break: break-all;
-}
-</style>
-<div class="container" style="padding-top:70px;">
-    <div class="col-xs-12 col-sm-10 col-md-8 center-block" style="float: none;">
-        <div class="panel panel-primary">
-<div class="panel-heading"><h3 class="panel-title">后台管理首页</h3></div>
-<div class="list-group">
-    <div class="list-group-item"><span class="glyphicon glyphicon-stats"></span> <b>宝塔插件统计：</b>共有 {$stat.total} 个，其中免费插件 {$stat.free} 个，专业版插件 {$stat.pro} 个，企业版插件 {$stat.ltd} 个，第三方插件 {$stat.third} 个</div>
-    <div class="list-group-item"><span class="glyphicon glyphicon-tint"></span> <b>使用记录统计：</b>历史总共数量：{$stat.record_total}，正在使用数量：{$stat.record_isuse}</div>
-    <div class="list-group-item"><span class="glyphicon glyphicon-time"></span> <b>任务运行情况：</b>上次运行时间：{$stat.runtime|raw}&nbsp;&nbsp;<a href="/admin/set/mod/task" class="btn btn-xs btn-info">查看详情</a></div>
-    <div class="list-group-item"><span class="glyphicon glyphicon-cog"></span> <b>常用功能入口：</b><a href="/admin/plugins" class="btn btn-xs btn-default">插件列表</a>&nbsp;<a href="/admin/record" class="btn btn-xs btn-default">使用记录</a>&nbsp;<a href="/admin/list" class="btn btn-xs btn-default">黑白名单</a>&nbsp;<a href="/download" class="btn btn-xs btn-default" target="_blank">安装脚本</a></div>
-</div>
-</div>
-<div class="panel panel-info">
-	<div class="panel-heading">
-		<h3 class="panel-title">服务器信息</h3>
-	</div>
-    <table class="table table-bordered">
-        <tbody>
-        <tr>
-            <td class="query-title">框架版本</td>
-            <td class="query-result">{$info.framework_version}</td>
-        </tr>
-        <tr>
-            <td class="query-title">PHP版本</td>
-            <td class="query-result">{$info.php_version}</td>
-        </tr>
-        <tr>
-            <td class="query-title">MySQL版本</td>
-            <td class="query-result">{$info.mysql_version}</td>
-        </tr>
-        <tr>
-            <td class="query-title">WEB软件</td>
-            <td class="query-result">{$info.software}</td>
-        </tr>
-        <tr>
-            <td class="query-title">操作系统</td>
-            <td class="query-result">{$info.os}</td>
-        </tr>
-        <tr>
-            <td class="query-title">服务器时间</td>
-            <td class="query-result">{$info.date}</td>
-        </tr>
-        </tbody>
-    </table>
-</div>
-    </div>
-  </div>
+{extend name="admin/layout" /}
+{block name="title"}宝塔第三方云端管理中心{/block}
+{block name="main"}
+<style>
+.table>tbody>tr>td{white-space: normal;}
+.query-title {
+    background-color:#f5fafe;
+    word-break: keep-all;
+}
+.query-result{
+    word-break: break-all;
+}
+</style>
+<div class="container" style="padding-top:70px;">
+    <div class="col-xs-12 col-sm-10 col-md-8 center-block" style="float: none;">
+        <div class="panel panel-primary">
+<div class="panel-heading"><h3 class="panel-title">后台管理首页</h3></div>
+<div class="list-group">
+    <div class="list-group-item"><span class="glyphicon glyphicon-stats"></span> <b>宝塔插件统计：</b>共有 {$stat.total} 个，其中免费插件 {$stat.free} 个，专业版插件 {$stat.pro} 个，企业版插件 {$stat.ltd} 个，第三方插件 {$stat.third} 个</div>
+    <div class="list-group-item"><span class="glyphicon glyphicon-tint"></span> <b>使用记录统计：</b>历史总共数量：{$stat.record_total}，正在使用数量：{$stat.record_isuse}</div>
+    <div class="list-group-item"><span class="glyphicon glyphicon-time"></span> <b>任务运行情况：</b>上次运行时间：{$stat.runtime|raw}&nbsp;&nbsp;<a href="/admin/set/mod/task" class="btn btn-xs btn-info">查看详情</a></div>
+    <div class="list-group-item"><span class="glyphicon glyphicon-cog"></span> <b>常用功能入口：</b><a href="/admin/plugins" class="btn btn-xs btn-default">插件列表</a>&nbsp;<a href="/admin/record" class="btn btn-xs btn-default">使用记录</a>&nbsp;<a href="/admin/list" class="btn btn-xs btn-default">黑白名单</a>&nbsp;<a href="/download" class="btn btn-xs btn-default" target="_blank">安装脚本</a></div>
+</div>
+</div>
+<div class="panel panel-info">
+	<div class="panel-heading">
+		<h3 class="panel-title">服务器信息</h3>
+	</div>
+    <table class="table table-bordered">
+        <tbody>
+        <tr>
+            <td class="query-title">框架版本</td>
+            <td class="query-result">{$info.framework_version}</td>
+        </tr>
+        <tr>
+            <td class="query-title">PHP版本</td>
+            <td class="query-result">{$info.php_version}</td>
+        </tr>
+        <tr>
+            <td class="query-title">MySQL版本</td>
+            <td class="query-result">{$info.mysql_version}</td>
+        </tr>
+        <tr>
+            <td class="query-title">WEB软件</td>
+            <td class="query-result">{$info.software}</td>
+        </tr>
+        <tr>
+            <td class="query-title">操作系统</td>
+            <td class="query-result">{$info.os}</td>
+        </tr>
+        <tr>
+            <td class="query-title">服务器时间</td>
+            <td class="query-result">{$info.date}</td>
+        </tr>
+        </tbody>
+    </table>
+</div>
+    </div>
+  </div>
 {/block}
--- a/app/view/admin/layout.html
+++ b/app/view/admin/layout.html
@ -5,15 +5,15 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
  <title>{block name="title"}标题{/block}</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
  <link href="/static/css/bootstrap-table.css" rel="stylesheet" />
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
+  <script src="{$cdnpublic}twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@ -51,6 +51,9 @@
          <li class="{:checkIfActive('log')}">
            <a href="/admin/log"><i class="fa fa-calendar"></i> 操作日志</a>
          </li>
+          <li class="{:checkIfActive('ssl')}">
+            <a href="/admin/ssl"><i class="fa fa-expeditedssl"></i> 自签SSL</a>
+          </li>
          <li class="{:checkIfActive('set')}">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> 系统设置<b
                class="caret"></b></a>
--- a/app/view/admin/list.html
+++ b/app/view/admin/list.html
@ -42,9 +42,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>
 function setEnable(id,enable) {
--- a/app/view/admin/log.html
+++ b/app/view/admin/log.html
@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/login.html
+++ b/app/view/admin/login.html
@ -5,12 +5,12 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1"/>
  <title>管理员登录</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@ -63,7 +63,7 @@
      </div>
    </div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function submitlogin(){
    var user = $("input[name='user']").val();
--- a/app/view/admin/plugins.html
+++ b/app/view/admin/plugins.html
@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

@ -157,8 +157,13 @@ function download_item(){
        layer.alert('成功下载'+$.downloadCount+'个插件包！', {icon:1}, function(){layer.closeAll();searchSubmit();});
        return;
    }
-    $.downloadCount++;
    var plugin = $.preDownload[0];
+    if(plugin.name == 'firewall'){
+        $.preDownload.shift();
+		download_item();
+        return;
+    }
+    $.downloadCount++;
    var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0});
    $.ajax({
 		type : 'POST',
--- a/app/view/admin/pluginswin.html
+++ b/app/view/admin/pluginswin.html
@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/record.html
+++ b/app/view/admin/record.html
@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/set.html
+++ b/app/view/admin/set.html
@ -279,7 +279,7 @@ $("select[name='wbt_type']").change(function(){
 	</div>
 </div>
 {/if}
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 $(document).ready(function(){
 	var items = $("select[default]");
--- a/app/view/admin/ssl.html
+++ b/app/view/admin/ssl.html
@ -0,0 +1,86 @@
+{extend name="admin/layout" /}
+{block name="title"}自签名SSL证书生成{/block}
+{block name="main"}
+<style>
+.control-label[is-required]:before {
+    content: "*";
+    color: #f56c6c;
+    margin-right: 4px;
+}
+</style>
+<div class="container" style="padding-top:70px;">
+<div class="col-sm-12 col-md-10 col-lg-8 center-block" style="float: none;">
+<div class="panel panel-primary">
+<div class="panel-heading"><h3 class="panel-title">自签名SSL证书生成</h3></div>
+<div class="panel-body">
+    {if $isca}
+    <div class="alert alert-warning" style="word-break:break-all;">下载CA证书并导入，可解决浏览器不安全提醒。<br/>Windows：<a href="/ssl/baota_root.pfx">baota_root.pfx</a>（密码为空），Mac/Linux：<a href="/ssl/baota_root.crt">baota_root.crt</a></div>
+  <form onsubmit="return makeSSL(this)" method="post" class="form" role="form">
+	<div class="form-group">
+      <label is-required="true" class="control-label">域名列表：</label>
+      <textarea class="form-control" name="domain_list" rows="6" placeholder="每行一个域名/IP，支持通配符" required></textarea>
+    </div>
+	<div class="form-group">
+      <label class="control-label">通用名称：</label>
+      <input type="text" name="common_name" value="" placeholder="留空则为域名列表第一个域名" class="form-control"/>
+    </div>
+    <div class="form-group">
+      <label is-required="true" class="control-label">有效天数：</label>
+      <input type="number" name="validity" value="3650" class="form-control" required/>
+    </div>
+	<div class="form-group text-center">
+	  <input type="submit" name="submit" value="生成自签名证书" class="btn btn-success btn-block"/>
+	</div>
+    <div class="form-group row" id="result" style="display:none;">
+        <div class="col-md-6">
+            <label class="control-label">SSL证书：</label>
+            <textarea class="form-control" name="ssl_cert" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+        <div class="col-md-6">
+            <label class="control-label">SSL证书私钥：</label>
+            <textarea class="form-control" name="ssl_key" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+    </div>
+  </form>
+    {else}
+    <div class="alert alert-danger" role="alert">你还没有生成CA证书，无法生成SSL证书！</div>
+    <div class="alert alert-info" style="word-break:break-all;">执行以下命令，生成自签名CA证书。然后，可通过接口或当前页面生成SSL证书，用于面板访问。</div>
+    <div class="list-group-item" style="word-break:break-all;">cd {:app()->getRootPath()}app/script && chmod +x cacert.sh && ./cacert.sh</div><br/>
+    {/if}
+</div>
+</div>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script>
+function makeSSL(obj){
+    var ii = layer.load(2, {shade:[0.1,'#fff']});
+	$.ajax({
+		type : 'POST',
+		url : '/admin/ssl',
+		data : $(obj).serialize(),
+		dataType : 'json',
+		success : function(data) {
+			layer.close(ii);
+			if(data.code == 0){
+                $("textarea[name='ssl_cert']").val(data.cert);
+                $("textarea[name='ssl_key']").val(data.key);
+                $("#result").show();
+                layer.msg('SSL证书生成成功', {icon:1, time:800});
+			}else{
+				layer.alert(data.msg, {icon: 2})
+			}
+		},
+		error:function(data){
+            layer.close(ii);
+			layer.msg('服务器错误');
+		}
+	});
+    return false;
+}
+function copy(obj){
+    if($(obj).val() == '') return;
+    $(obj).select();
+    document.execCommand("Copy");
+    layer.msg('复制成功', {icon:1, time:500});
+}
+</script>
+{/block}
--- a/app/view/dispatch_jump.html
+++ b/app/view/dispatch_jump.html
@ -1,60 +1,60 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>温馨提示</title>
-    <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
-    <meta name="renderer" content="webkit"/>
-    <style type="text/css">
-        *{box-sizing:border-box;margin:0;padding:0;font-family:Lantinghei SC,Open Sans,Arial,Hiragino Sans GB,Microsoft YaHei,"微软雅黑",STHeiti,WenQuanYi Micro Hei,SimSun,sans-serif;-webkit-font-smoothing:antialiased}
-        body{padding:70px 0;background:#edf1f4;font-weight:400;font-size:1pc;-webkit-text-size-adjust:none;color:#333}
-        a{outline:0;color:#3498db;text-decoration:none;cursor:pointer}
-        .system-message{margin:20px 5%;padding:40px 20px;background:#fff;box-shadow:1px 1px 1px hsla(0,0%,39%,.1);text-align:center}
-        .system-message h1{margin:0;margin-bottom:9pt;color:#444;font-weight:400;font-size:40px}
-        .system-message .jump,.system-message .image{margin:20px 0;padding:0;padding:10px 0;font-weight:400}
-        .system-message .jump{font-size:14px}
-        .system-message .jump a{color:#333}
-        .system-message p{font-size:9pt;line-height:20px}
-        .system-message .btn{display:inline-block;margin-right:10px;width:138px;height:2pc;border:1px solid #44a0e8;border-radius:30px;color:#44a0e8;text-align:center;font-size:1pc;line-height:2pc;margin-bottom:5px;}
-        .success .btn{border-color:#69bf4e;color:#69bf4e}
-        .error .btn{border-color:#ff8992;color:#ff8992}
-        .info .btn{border-color:#3498db;color:#3498db}
-        .copyright p{width:100%;color:#919191;text-align:center;font-size:10px}
-        .system-message .btn-grey{border-color:#bbb;color:#bbb}
-        .clearfix:after{clear:both;display:block;visibility:hidden;height:0;content:"."}
-        @media (max-width:768px){body {padding:20px 0;}}
-            @media (max-width:480px){.system-message h1{font-size:30px;}}
-    </style>
-</head>
-<body>
-<div class="system-message {$code}">
-    <div class="image">
-        <img src="/static/images/{$code}.svg" alt="" width="150" />
-    </div>
-    <h1>{$msg}</h1>
-    {if $url}
-        <p class="jump">
-            页面将在 <span id="wait">{$wait}</span> 秒后自动跳转
-        </p>
-    {/if}
-    <p class="clearfix">
-        <a href="javascript:history.go(-1);" class="btn btn-grey">返回上一页</a>
-        {if $url}
-            <a href="{$url}" class="btn btn-primary">立即跳转</a>
-        {/if}
-    </p>
-</div>
-    <script type="text/javascript">
-        (function () {
-            var wait = document.getElementById('wait');
-            var interval = setInterval(function () {
-                var time = --wait.innerHTML;
-                if (time <= 0) {
-                    location.href = "{$url}";
-                    clearInterval(interval);
-                }
-            }, 1000);
-        })();
-    </script>
-</body>
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <title>温馨提示</title>
+    <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
+    <meta name="renderer" content="webkit"/>
+    <style type="text/css">
+        *{box-sizing:border-box;margin:0;padding:0;font-family:Lantinghei SC,Open Sans,Arial,Hiragino Sans GB,Microsoft YaHei,"微软雅黑",STHeiti,WenQuanYi Micro Hei,SimSun,sans-serif;-webkit-font-smoothing:antialiased}
+        body{padding:70px 0;background:#edf1f4;font-weight:400;font-size:1pc;-webkit-text-size-adjust:none;color:#333}
+        a{outline:0;color:#3498db;text-decoration:none;cursor:pointer}
+        .system-message{margin:20px 5%;padding:40px 20px;background:#fff;box-shadow:1px 1px 1px hsla(0,0%,39%,.1);text-align:center}
+        .system-message h1{margin:0;margin-bottom:9pt;color:#444;font-weight:400;font-size:40px}
+        .system-message .jump,.system-message .image{margin:20px 0;padding:0;padding:10px 0;font-weight:400}
+        .system-message .jump{font-size:14px}
+        .system-message .jump a{color:#333}
+        .system-message p{font-size:9pt;line-height:20px}
+        .system-message .btn{display:inline-block;margin-right:10px;width:138px;height:2pc;border:1px solid #44a0e8;border-radius:30px;color:#44a0e8;text-align:center;font-size:1pc;line-height:2pc;margin-bottom:5px;}
+        .success .btn{border-color:#69bf4e;color:#69bf4e}
+        .error .btn{border-color:#ff8992;color:#ff8992}
+        .info .btn{border-color:#3498db;color:#3498db}
+        .copyright p{width:100%;color:#919191;text-align:center;font-size:10px}
+        .system-message .btn-grey{border-color:#bbb;color:#bbb}
+        .clearfix:after{clear:both;display:block;visibility:hidden;height:0;content:"."}
+        @media (max-width:768px){body {padding:20px 0;}}
+            @media (max-width:480px){.system-message h1{font-size:30px;}}
+    </style>
+</head>
+<body>
+<div class="system-message {$code}">
+    <div class="image">
+        <img src="/static/images/{$code}.svg" alt="" width="150" />
+    </div>
+    <h1>{$msg}</h1>
+    {if $url}
+        <p class="jump">
+            页面将在 <span id="wait">{$wait}</span> 秒后自动跳转
+        </p>
+    {/if}
+    <p class="clearfix">
+        <a href="javascript:history.go(-1);" class="btn btn-grey">返回上一页</a>
+        {if $url}
+            <a href="{$url}" class="btn btn-primary">立即跳转</a>
+        {/if}
+    </p>
+</div>
+    <script type="text/javascript">
+        (function () {
+            var wait = document.getElementById('wait');
+            var interval = setInterval(function () {
+                var time = --wait.innerHTML;
+                if (time <= 0) {
+                    location.href = "{$url}";
+                    clearInterval(interval);
+                }
+            }, 1000);
+        })();
+    </script>
+</body>
 </html>
--- a/app/view/index/download.html
+++ b/app/view/index/download.html
@ -193,10 +193,10 @@
 			</div>
 		</div>
 		 
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
 		
-<script type="text/javascript" src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/clipboard.js/1.7.1/clipboard.min.js"></script>
+<script type="text/javascript" src="{$cdnpublic}clipboard.js/1.7.1/clipboard.min.js"></script>
 <script type="text/javascript" src="/static/js/dx.js"></script>
 <script>
 	$(function () {
--- a/app/view/install/index.html
+++ b/app/view/install/index.html
@ -217,7 +217,7 @@
        </form>
    </div>
 </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
+<script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
 <script>
    $(function () {
        $('form').on('submit', function (e) {
--- a/install.sql
+++ b/install.sql
@ -12,15 +12,15 @@ INSERT INTO `cloud_config` (`key`, `value`) VALUES
 ('bt_key', ''),
 ('whitelist', '0'),
 ('download_page', '1'),
-('new_version', '8.0.5'),
+('new_version', '9.1.0'),
 ('update_msg', '暂无更新日志'),
-('update_date', '2024-01-12'),
-('new_version_win', '7.9.0'),
+('update_date', '2024-07-15'),
+('new_version_win', '8.1.0'),
 ('update_msg_win', '暂无更新日志'),
-('update_date_win', '2023-07-20'),
-('new_version_btm', '2.2.9'),
+('update_date_win', '2024-07-17'),
+('new_version_btm', '2.3.0'),
 ('update_msg_btm', '暂无更新日志'),
-('update_date_btm', '2023-08-11'),
+('update_date_btm', '2024-04-24'),
 ('updateall_type', '0'),
 ('syskey', 'UqP94LtI8eWAIgCP');

--- a/route/app.php
+++ b/route/app.php
@ -12,7 +12,7 @@ Route::post('/down/download_plugin', 'api/download_plugin');
 Route::post('/down/download_plugin_main', 'api/download_plugin_main');
 Route::post('/panel/get_soft_list_status', 'api/return_success');
 Route::post('/panel/get_unbinding', 'api/return_success');
-Route::post('/bt_cert', 'api/return_error');
+Route::post('/bt_cert', 'api/bt_cert');
 Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
 Route::post('/Auth/GetBindCode', 'api/return_error');
 Route::any('/bt_monitor/update_history', 'api/btm_update_history');
@ -119,6 +119,10 @@ Route::group('api', function () {
    Route::post('/bt_waf/reportInterceptFail', 'api/return_empty');
    Route::any('/panel/get_spider', 'api/get_spider');

+    Route::post('/Auth/GetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SubmitScore', 'api/get_ssl_list');
+
    Route::miss('api/return_error');
 });

@ -146,6 +150,7 @@ Route::group('admin', function () {
    Route::get('/deplist', 'admin/deplist');
    Route::get('/refresh_deplist', 'admin/refresh_deplist');
    Route::get('/cleancache', 'admin/cleancache');
+    Route::any('/ssl', 'admin/ssl');

 })->middleware(\app\middleware\CheckAdmin::class);
Author	SHA1	Message	Date
flucout	aba885f434	update	3 months ago
flucout	5e1f19de53	支持生成自签SSL证书	3 months ago