update

支持生成自签SSL证书
28 changed files with 785 additions and 514 deletions
--- a/app/command/Clean.php
+++ b/app/command/Clean.php
@ -68,37 +68,10 @@ class Clean extends Command
            if($file == '.' || $file == '..') continue;
            if(!in_array($file, $file_list)){
                $filepath = $data_dir . 'folder/' . $file;
-                $this->delete_dir($filepath);
+                deleteDir($filepath);
                $count++;
            }
        }
        $output->writeln($os.'成功清理'.$count.'个历史版本插件目录');
    }
-
-    // 删除文件夹
-    private function delete_dir($dir){
-        $rd = opendir($dir);
-        if (!$rd) {
-            return false;
-        }
-
-        while (($file = readdir($rd)) !== false) {
-            if ($file == '.' || $file == '..') {
-                continue;
-            }
-
-            $file = $dir . '/' . $file;
-
-            if (is_dir($file)) {
-                $this->delete_dir($file);
-            }
-            else {
-                unlink($file);
-            }
-        }
-
-        closedir($rd);
-        rmdir($dir);
-        return true;
-    }
 }
--- a/app/common.php
+++ b/app/common.php
@ -180,6 +180,11 @@ function checkIfActive($string) {
 		return null;
 }

+function checkDomain($domain){
+	if(empty($domain) || !preg_match('/^[-$a-z0-9_*.]{2,512}$/i', $domain) || (stripos($domain, '.') === false) || substr($domain, -1) == '.' || substr($domain, 0 ,1) == '.' || substr($domain, 0 ,1) == '*' && substr($domain, 1 ,1) != '.' || substr_count($domain, '*')>1 || strpos($domain, '*')>0 || strlen($domain)<4) return false;
+	return true;
+}
+
 function errorlog($msg){
 	$handle = fopen(app()->getRootPath()."record.txt", 'a');
 	fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n");
@ -225,3 +230,94 @@ function pemToBase64($pem){
    }
    return $encoded;
 }
+
+function makeSelfSignSSL(string $commonName, array $domainList, $validity = 3650){
+	// 加载 CA 证书和私钥
+	$dir = app()->getBasePath().'script/';
+	$caCert = file_get_contents($dir.'ca.crt');
+	$caPrivateKey = file_get_contents($dir.'ca.key');
+
+	$opensslConfigFile = sys_get_temp_dir().'/openssl'.time().mt_rand(1000, 9999).'.cnf';
+	$opensslConfigContent = <<<EOF
+[req]
+req_extensions = extension_section
+x509_extensions	= extension_section
+distinguished_name = dn
+
+[dn]
+
+[extension_section]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+EOF;
+	$ip_index = 1;
+	$dns_index = 1;
+	foreach ($domainList as $value) {
+		if(empty($value)) continue;
+		if(filter_var($value, FILTER_VALIDATE_IP)){
+			$opensslConfigContent .= sprintf("\nIP.%d = %s", $ip_index, $value);
+			$ip_index++;
+		}else{
+			$opensslConfigContent .= sprintf("\nDNS.%d = %s", $dns_index, $value);
+			$dns_index++;
+		}
+	}
+
+	if(!file_put_contents($opensslConfigFile, $opensslConfigContent)) return false;
+
+	// 生成域名证书的私钥和 CSR
+	$domainPrivateKey = openssl_pkey_new([
+		'private_key_bits' => 2048,
+		'private_key_type' => OPENSSL_KEYTYPE_RSA,
+	]);
+	if(!$domainPrivateKey) return false;
+
+	$csrConfig = ['digest_alg' => 'sha256', 'config' => $opensslConfigFile];
+
+	$domainCsr = openssl_csr_new([
+		'commonName' => $commonName
+	], $domainPrivateKey, $csrConfig);
+	if(!$domainCsr) return false;
+
+	// 生成域名证书
+	$domainCertificate = openssl_csr_sign($domainCsr, $caCert, $caPrivateKey, $validity, $csrConfig);
+	if(!$domainCertificate) return false;
+
+	// 导出域名证书
+	openssl_x509_export($domainCertificate, $certificate);
+	openssl_pkey_export($domainPrivateKey, $privateKey);
+	$certificate .= $caCert;
+
+	unlink($opensslConfigFile);
+
+	return ['cert' => $certificate, 'key' => $privateKey];
+}
+
+function deleteDir($dir){
+	$rd = opendir($dir);
+	if (!$rd) {
+		return false;
+	}
+
+	while (($file = readdir($rd)) !== false) {
+		if ($file == '.' || $file == '..') {
+			continue;
+		}
+
+		$file = $dir . '/' . $file;
+
+		if (is_dir($file)) {
+			deleteDir($file);
+		}
+		else {
+			unlink($file);
+		}
+	}
+
+	closedir($rd);
+	rmdir($dir);
+	return true;
+}
--- a/app/controller/Admin.php
+++ b/app/controller/Admin.php
@ -400,4 +400,37 @@ class Admin extends BaseController
        Cache::clear();
        return json(['code'=>0,'msg'=>'succ']);
    }
+
+    public function ssl(){
+        if(request()->isAjax()){
+            $domain_list = input('post.domain_list', null, 'trim');
+            $common_name = input('post.common_name', null, 'trim');
+            $validity = input('post.validity/d');
+            if(empty($domain_list) || empty($validity)){
+                return json(['code'=>-1, 'msg'=>'参数不能为空']);
+            }
+            $array = explode("\n", $domain_list);
+            $domain_list = [];
+            foreach($array as $domain){
+                $domain = trim($domain);
+                if(empty($domain)) continue;
+                if(!checkDomain($domain)) return json(['code'=>-1, 'msg'=>'域名或IP格式不正确:'.$domain]);
+                $domain_list[] = $domain;
+            }
+            if(empty($domain_list)) return json(['code'=>-1, 'msg'=>'域名列表不能为空']);
+            if(empty($common_name)) $common_name = $domain_list[0];
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['code'=>-1, 'msg'=>'生成证书失败']);
+            }
+            return json(['code'=>0, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key']]);
+        }
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $ssl_path_mac = app()->getRootPath().'public/ssl/baota_root.crt';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path) && file_exists($ssl_path_mac);
+        View::assign('isca', $isca);
+        return view();
+    }
 }
--- a/app/controller/Api.php
+++ b/app/controller/Api.php
@ -48,7 +48,7 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
        if(file_exists($filepath)){
            $filename = $plugin_name.'.zip';
@ -70,21 +70,23 @@ class Api extends BaseController
        if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){
            return '参数不正确';
        }
-        if(!$this->checklist()) '你的服务器被禁止使用此云端';
-        $filepath = get_data_dir($os).'plugins/main/'.$plugin_name.'-'.$version.'.dat';
-        if(file_exists($filepath)){
+        if(!$this->checklist()) return '你的服务器被禁止使用此云端';
+        $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip';
+        $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+        if(file_exists($mainfilepath)){
            $filename = $plugin_name.'_main.py';
-            $this->output_file($filepath, $filename);
+            $this->output_file($mainfilepath, $filename);
+        }elseif(file_exists($filepath)){
+            $zip = new \ZipArchive;
+            if ($zip->open($filepath) === true){
+                echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py');
            }else{
-            $filepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
-            if(file_exists($filepath)){
-                $filename = $plugin_name.'_main.py';
-                $this->output_file($filepath, $filename);
+                return '插件包解压缩失败';
+            }
        }else{
            return '云端不存在该插件主文件';
        }
    }
-    }

    //下载插件其他文件
    public function download_plugin_other(){
@ -464,4 +466,36 @@ class Api extends BaseController
        fclose($handle);
        return json(['status'=>false, 'msg'=>'不支持当前操作']);
    }
+
+    //生成自签名SSL证书
+    public function bt_cert(){
+        $data = input('post.data');
+        $param = json_decode($data, true);
+        if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']);
+
+        $dir = app()->getBasePath().'script/';
+        $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx';
+        $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path);
+        if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']);
+
+        if($param['action'] == 'get_domain_cert'){
+            if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']);
+            $domain = $param['domain'];
+            if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']);
+            $domain_list = explode(',', $domain);
+            foreach($domain_list as $d){
+                if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]);
+            }
+            $common_name = $domain_list[0];
+            $validity = 3650;
+            $result = makeSelfSignSSL($common_name, $domain_list, $validity);
+            if(!$result){
+                return json(['status'=>false, 'msg'=>'生成证书失败']);
+            }
+            $ca_pfx = base64_encode(file_get_contents($ssl_path));
+            return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']);
+        }else{
+            return json(['status'=>false, 'msg'=>'不支持当前操作']);
+        }
+    }
 }
--- a/app/lib/BtPlugins.php
+++ b/app/lib/BtPlugins.php
@ -11,7 +11,7 @@ class BtPlugins
    private $os;
    
    //需屏蔽的插件名称列表
-    private static $block_plugins = ['dns'];
+    private static $block_plugins = ['dns','bt_boce','ssl_verify'];

    public function __construct($os){
        $this->os = $os;
@ -72,9 +72,10 @@ class BtPlugins
                    $zip = new ZipArchive;
                    if ($zip->open($filepath) === true)
                    {
-                        $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
+                        $plugins_dir = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version;
+                        $zip->extractTo($plugins_dir, $plugin_name.'/'.$plugin_name.'_main.py');
                        $zip->close();
-                        $main_filepath = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
+                        $main_filepath = $plugins_dir.'/'.$plugin_name.'/'.$plugin_name.'_main.py';
                        if(file_exists($main_filepath) && filesize($main_filepath)>10){
                            if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件，需要解密
                                $this->decode_plugin_main($plugin_name, $version, $main_filepath);
@ -84,6 +85,7 @@ class BtPlugins
                                $zip->close();
                            }
                        }
+                        deleteDir($plugins_dir);
                    }else{
                        unlink($filepath);
                        throw new Exception('插件包解压缩失败');
@ -197,6 +199,8 @@ class BtPlugins
        $data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
        $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data);
+        $data = str_replace('\'http://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);
+        $data = str_replace('\'https://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data);

        file_put_contents($main_filepath, $data);
    }
--- a/app/lib/ThirdPlugins.php
+++ b/app/lib/ThirdPlugins.php
@ -65,7 +65,6 @@ class ThirdPlugins
                $zip = new ZipArchive;
                if ($zip->open($filepath) === true)
                {
-                    $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version);
                    $zip->close();
                    return true;
                }else{
--- a/app/middleware/LoadConfig.php
+++ b/app/middleware/LoadConfig.php
@ -5,6 +5,7 @@ namespace app\middleware;

 use think\facade\Db;
 use think\facade\Config;
+use think\facade\View;

 class LoadConfig
 {
@ -31,6 +32,7 @@ class LoadConfig
        $res = Db::name('config')->cache('configs',0)->column('value','key');
        Config::set($res, 'sys');

+        View::assign('cdnpublic', '//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/');
        return $next($request)->header([
            'Cache-Control' => 'no-store, no-cache, must-revalidate',
            'Pragma' => 'no-cache',
--- a/app/script/cacert.sh
+++ b/app/script/cacert.sh
@ -0,0 +1,31 @@
+#!/bin/bash
+
+OPENSSL_CHECK=$(which openssl)
+if [ "$?" != "0" ]; then
+	echo "未安装OpenSSL"
+	exit 1
+fi
+
+if [ ! -f ca.key ] && [ ! -f ca.crt ]; then
+	openssl genrsa -out ca.key 2048
+	openssl req -new -x509 -utf8 -days 3650 -extensions v3_ca -subj "/C=CN/O=宝塔面板/CN=宝塔面板" -key ca.key -out ca.crt
+fi
+
+openssl genrsa -out server.key 2048
+openssl req -new -nodes -key server.key -subj "/C=CN/O=BTPanel/CN=BTPanel" -out server.csr
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 -extensions req_ext
+
+cat ca.crt >> server.crt
+
+openssl pkcs12 -export -out baota_root.pfx -inkey server.key -in server.crt -password pass:
+if [ "$?" != "0" ]; then
+	echo "生成CA根证书失败"
+	exit 1
+fi
+
+mkdir -p ../../public/ssl
+\cp baota_root.pfx ../../public/ssl/baota_root.pfx
+\cp ca.crt ../../public/ssl/baota_root.crt
+rm -f server.crt server.key server.csr
+
+echo "生成CA根证书成功"
--- a/app/view/admin/deplist.html
+++ b/app/view/admin/deplist.html
@ -16,7 +16,7 @@
 	</div>
 </div>
 </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function refresh_deplist(os){
    var confirm = layer.confirm('是否确定从宝塔官方获取最新一键部署列表？', {
--- a/app/view/admin/layout.html
+++ b/app/view/admin/layout.html
@ -5,15 +5,15 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
  <title>{block name="title"}标题{/block}</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet" />
+  <link href="{$cdnpublic}font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" />
  <link href="/static/css/bootstrap-table.css" rel="stylesheet" />
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
+  <script src="{$cdnpublic}twitter-bootstrap/3.4.1/js/bootstrap.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@ -51,6 +51,9 @@
          <li class="{:checkIfActive('log')}">
            <a href="/admin/log"><i class="fa fa-calendar"></i> 操作日志</a>
          </li>
+          <li class="{:checkIfActive('ssl')}">
+            <a href="/admin/ssl"><i class="fa fa-expeditedssl"></i> 自签SSL</a>
+          </li>
          <li class="{:checkIfActive('set')}">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> 系统设置<b
                class="caret"></b></a>
--- a/app/view/admin/list.html
+++ b/app/view/admin/list.html
@ -42,9 +42,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>
 function setEnable(id,enable) {
--- a/app/view/admin/log.html
+++ b/app/view/admin/log.html
@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/login.html
+++ b/app/view/admin/login.html
@ -5,12 +5,12 @@
  <meta name="renderer" content="webkit">
  <meta name="viewport" content="width=device-width, initial-scale=1"/>
  <title>管理员登录</title>
-  <link href="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/modernizr/2.8.3/modernizr.min.js"></script>
-  <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
+  <link href="{$cdnpublic}twitter-bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet"/>
+  <script src="{$cdnpublic}modernizr/2.8.3/modernizr.min.js"></script>
+  <script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
  <!--[if lt IE 9]>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/html5shiv/3.7.3/html5shiv.min.js"></script>
-    <script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/respond.js/1.4.2/respond.min.js"></script>
+    <script src="{$cdnpublic}html5shiv/3.7.3/html5shiv.min.js"></script>
+    <script src="{$cdnpublic}respond.js/1.4.2/respond.min.js"></script>
  <![endif]-->
 </head>
 <body>
@ -63,7 +63,7 @@
      </div>
    </div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 function submitlogin(){
    var user = $("input[name='user']").val();
--- a/app/view/admin/plugins.html
+++ b/app/view/admin/plugins.html
@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

@ -157,8 +157,13 @@ function download_item(){
        layer.alert('成功下载'+$.downloadCount+'个插件包！', {icon:1}, function(){layer.closeAll();searchSubmit();});
        return;
    }
-    $.downloadCount++;
    var plugin = $.preDownload[0];
+    if(plugin.name == 'firewall'){
+        $.preDownload.shift();
+		download_item();
+        return;
+    }
+    $.downloadCount++;
    var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0});
    $.ajax({
 		type : 'POST',
--- a/app/view/admin/pluginswin.html
+++ b/app/view/admin/pluginswin.html
@ -69,9 +69,9 @@ td{overflow: hidden;text-overflow: ellipsis;white-space: nowrap;max-width:340px;
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/record.html
+++ b/app/view/admin/record.html
@ -23,9 +23,9 @@
 	  </table>
 	</div>
  </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/bootstrap-table.min.js"></script>
+<script src="{$cdnpublic}bootstrap-table/1.19.1/extensions/page-jump-to/bootstrap-table-page-jump-to.min.js"></script>
 <script src="/static/js/custom.js"></script>
 <script>

--- a/app/view/admin/set.html
+++ b/app/view/admin/set.html
@ -279,7 +279,7 @@ $("select[name='wbt_type']").change(function(){
 	</div>
 </div>
 {/if}
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js"></script>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
 <script>
 $(document).ready(function(){
 	var items = $("select[default]");
--- a/app/view/admin/ssl.html
+++ b/app/view/admin/ssl.html
@ -0,0 +1,86 @@
+{extend name="admin/layout" /}
+{block name="title"}自签名SSL证书生成{/block}
+{block name="main"}
+<style>
+.control-label[is-required]:before {
+    content: "*";
+    color: #f56c6c;
+    margin-right: 4px;
+}
+</style>
+<div class="container" style="padding-top:70px;">
+<div class="col-sm-12 col-md-10 col-lg-8 center-block" style="float: none;">
+<div class="panel panel-primary">
+<div class="panel-heading"><h3 class="panel-title">自签名SSL证书生成</h3></div>
+<div class="panel-body">
+    {if $isca}
+    <div class="alert alert-warning" style="word-break:break-all;">下载CA证书并导入，可解决浏览器不安全提醒。<br/>Windows：<a href="/ssl/baota_root.pfx">baota_root.pfx</a>（密码为空），Mac/Linux：<a href="/ssl/baota_root.crt">baota_root.crt</a></div>
+  <form onsubmit="return makeSSL(this)" method="post" class="form" role="form">
+	<div class="form-group">
+      <label is-required="true" class="control-label">域名列表：</label>
+      <textarea class="form-control" name="domain_list" rows="6" placeholder="每行一个域名/IP，支持通配符" required></textarea>
+    </div>
+	<div class="form-group">
+      <label class="control-label">通用名称：</label>
+      <input type="text" name="common_name" value="" placeholder="留空则为域名列表第一个域名" class="form-control"/>
+    </div>
+    <div class="form-group">
+      <label is-required="true" class="control-label">有效天数：</label>
+      <input type="number" name="validity" value="3650" class="form-control" required/>
+    </div>
+	<div class="form-group text-center">
+	  <input type="submit" name="submit" value="生成自签名证书" class="btn btn-success btn-block"/>
+	</div>
+    <div class="form-group row" id="result" style="display:none;">
+        <div class="col-md-6">
+            <label class="control-label">SSL证书：</label>
+            <textarea class="form-control" name="ssl_cert" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+        <div class="col-md-6">
+            <label class="control-label">SSL证书私钥：</label>
+            <textarea class="form-control" name="ssl_key" rows="5" onclick="copy(this)" title="点击复制"></textarea>
+        </div>
+    </div>
+  </form>
+    {else}
+    <div class="alert alert-danger" role="alert">你还没有生成CA证书，无法生成SSL证书！</div>
+    <div class="alert alert-info" style="word-break:break-all;">执行以下命令，生成自签名CA证书。然后，可通过接口或当前页面生成SSL证书，用于面板访问。</div>
+    <div class="list-group-item" style="word-break:break-all;">cd {:app()->getRootPath()}app/script && chmod +x cacert.sh && ./cacert.sh</div><br/>
+    {/if}
+</div>
+</div>
+<script src="{$cdnpublic}layer/3.5.1/layer.js"></script>
+<script>
+function makeSSL(obj){
+    var ii = layer.load(2, {shade:[0.1,'#fff']});
+	$.ajax({
+		type : 'POST',
+		url : '/admin/ssl',
+		data : $(obj).serialize(),
+		dataType : 'json',
+		success : function(data) {
+			layer.close(ii);
+			if(data.code == 0){
+                $("textarea[name='ssl_cert']").val(data.cert);
+                $("textarea[name='ssl_key']").val(data.key);
+                $("#result").show();
+                layer.msg('SSL证书生成成功', {icon:1, time:800});
+			}else{
+				layer.alert(data.msg, {icon: 2})
+			}
+		},
+		error:function(data){
+            layer.close(ii);
+			layer.msg('服务器错误');
+		}
+	});
+    return false;
+}
+function copy(obj){
+    if($(obj).val() == '') return;
+    $(obj).select();
+    document.execCommand("Copy");
+    layer.msg('复制成功', {icon:1, time:500});
+}
+</script>
+{/block}
--- a/app/view/index/download.html
+++ b/app/view/index/download.html
@ -193,10 +193,10 @@
 			</div>
 		</div>
 		 
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
-		<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}jquery/3.6.0/jquery.min.js" type="text/javascript" charset="utf-8"></script>
+		<script src="{$cdnpublic}layer/3.5.1/layer.js" type="text/javascript" charset="utf-8"></script>
 		
-<script type="text/javascript" src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/clipboard.js/1.7.1/clipboard.min.js"></script>
+<script type="text/javascript" src="{$cdnpublic}clipboard.js/1.7.1/clipboard.min.js"></script>
 <script type="text/javascript" src="/static/js/dx.js"></script>
 <script>
 	$(function () {
--- a/app/view/install/index.html
+++ b/app/view/install/index.html
@ -217,7 +217,7 @@
        </form>
    </div>
 </div>
-<script src="//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.4/jquery.min.js"></script>
+<script src="{$cdnpublic}jquery/2.1.4/jquery.min.js"></script>
 <script>
    $(function () {
        $('form').on('submit', function (e) {
--- a/install.sql
+++ b/install.sql
@ -12,15 +12,15 @@ INSERT INTO `cloud_config` (`key`, `value`) VALUES
 ('bt_key', ''),
 ('whitelist', '0'),
 ('download_page', '1'),
-('new_version', '8.0.5'),
+('new_version', '9.1.0'),
 ('update_msg', '暂无更新日志'),
-('update_date', '2024-01-12'),
-('new_version_win', '7.9.0'),
+('update_date', '2024-07-15'),
+('new_version_win', '8.1.0'),
 ('update_msg_win', '暂无更新日志'),
-('update_date_win', '2023-07-20'),
-('new_version_btm', '2.2.9'),
+('update_date_win', '2024-07-17'),
+('new_version_btm', '2.3.0'),
 ('update_msg_btm', '暂无更新日志'),
-('update_date_btm', '2023-08-11'),
+('update_date_btm', '2024-04-24'),
 ('updateall_type', '0'),
 ('syskey', 'UqP94LtI8eWAIgCP');

--- a/route/app.php
+++ b/route/app.php
@ -12,7 +12,7 @@ Route::post('/down/download_plugin', 'api/download_plugin');
 Route::post('/down/download_plugin_main', 'api/download_plugin_main');
 Route::post('/panel/get_soft_list_status', 'api/return_success');
 Route::post('/panel/get_unbinding', 'api/return_success');
-Route::post('/bt_cert', 'api/return_error');
+Route::post('/bt_cert', 'api/bt_cert');
 Route::post('/Auth/GetAuthToken', 'api/get_auth_token');
 Route::post('/Auth/GetBindCode', 'api/return_error');
 Route::any('/bt_monitor/update_history', 'api/btm_update_history');
@ -119,6 +119,10 @@ Route::group('api', function () {
    Route::post('/bt_waf/reportInterceptFail', 'api/return_empty');
    Route::any('/panel/get_spider', 'api/get_spider');

+    Route::post('/Auth/GetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SetSocre', 'api/get_ssl_list');
+    Route::post('/Auth/SubmitScore', 'api/get_ssl_list');
+
    Route::miss('api/return_error');
 });

@ -146,6 +150,7 @@ Route::group('admin', function () {
    Route::get('/deplist', 'admin/deplist');
    Route::get('/refresh_deplist', 'admin/refresh_deplist');
    Route::get('/cleancache', 'admin/cleancache');
+    Route::any('/ssl', 'admin/ssl');

 })->middleware(\app\middleware\CheckAdmin::class);
Author	SHA1	Message	Date
flucout	aba885f434	update	3 months ago
flucout	5e1f19de53	支持生成自签SSL证书	3 months ago