LeonMMcoset/leonwww
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

awa

Browse Source
This commit is contained in:
Leonmmcoset
2025-11-08 15:24:48 +08:00
parent e28e885e66
commit fa139208a2
3 changed files with 10 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dns/src/gurt_server.rs
View File

@@ -19,12 +19,12 @@ impl warp::reject::Reject for CertificateError {}
#[derive(Clone)] #[derive(Clone)]
pub(crate) struct AppState { pub(crate) struct AppState {
config: Config, config: Config,
db: sqlx::PgPool, db: sqlx::MySqlPool,
jwt_secret: String, jwt_secret: String,
} }
impl AppState { impl AppState {
pub fn new(config: Config, db: sqlx::PgPool, jwt_secret: String) -> Self { pub fn new(config: Config, db: sqlx::MySqlPool, jwt_secret: String) -> Self {
Self { Self {
config, config,
db, db,

8
dns/src/gurt_server/ca.rs
View File

@@ -1,13 +1,13 @@
use crate::crypto; use crate::crypto;
use anyhow::Result; use anyhow::Result;
use sqlx::PgPool; use sqlx::MySqlPool;
pub struct CaCertificate { pub struct CaCertificate {
pub ca_cert_pem: String, pub ca_cert_pem: String,
pub ca_key_pem: String, pub ca_key_pem: String,
} }
pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> { pub async fn get_or_create_ca(db: &MySqlPool) -> Result<CaCertificate> {
if let Some(ca_cert) = get_active_ca(db).await? { if let Some(ca_cert) = get_active_ca(db).await? {
return Ok(ca_cert); return Ok(ca_cert);
} }
@@ -16,7 +16,7 @@ pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> {
let (ca_key_pem, ca_cert_pem) = crypto::generate_ca_cert()?; let (ca_key_pem, ca_cert_pem) = crypto::generate_ca_cert()?;
sqlx::query( sqlx::query(
"INSERT INTO ca_certificates (ca_cert_pem, ca_key_pem, is_active) VALUES ($1, $2, TRUE)" "INSERT INTO ca_certificates (ca_cert_pem, ca_key_pem, is_active) VALUES (?, ?, TRUE)"
) )
.bind(&ca_cert_pem) .bind(&ca_cert_pem)
.bind(&ca_key_pem) .bind(&ca_key_pem)
@@ -31,7 +31,7 @@ pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> {
}) })
} }
async fn get_active_ca(db: &PgPool) -> Result<Option<CaCertificate>> { async fn get_active_ca(db: &MySqlPool) -> Result<Option<CaCertificate>> {
let result: Option<(String, String)> = sqlx::query_as( let result: Option<(String, String)> = sqlx::query_as(
"SELECT ca_cert_pem, ca_key_pem FROM ca_certificates WHERE is_active = TRUE ORDER BY created_at DESC LIMIT 1" "SELECT ca_cert_pem, ca_key_pem FROM ca_certificates WHERE is_active = TRUE ORDER BY created_at DESC LIMIT 1"
) )

13
dns/src/gurt_server/routes.rs
View File

@@ -972,7 +972,7 @@ pub(crate) async fn get_certificate(
let token = path_parts[3]; let token = path_parts[3];
let challenge: Option<(String, String, String, Option<String>, chrono::DateTime<chrono::Utc>)> = sqlx::query_as( let challenge: Option<(String, String, String, Option<String>, chrono::DateTime<chrono::Utc>)> = sqlx::query_as(
"SELECT domain, challenge_type, verification_data, csr_pem, expires_at FROM certificate_challenges WHERE token = $1" "SELECT domain, challenge_type, verification_data, csr_pem, expires_at FROM certificate_challenges WHERE token = ?"
) )
.bind(token) .bind(token)
.fetch_optional(&app_state.db) .fetch_optional(&app_state.db)
@@ -984,14 +984,9 @@ pub(crate) async fn get_certificate(
None => return Ok(GurtResponse::not_found().with_string_body("Challenge not found")), None => return Ok(GurtResponse::not_found().with_string_body("Challenge not found")),
}; };
let csr_pem = match csr_pem { let csr_pem = csr_pem.ok_or_else(|| {
Some(csr) => csr, GurtResponse::bad_request().with_string_body("CSR not found for this challenge")
None => { })?;
return Ok(
GurtResponse::bad_request().with_string_body("CSR not found for this challenge")
)
}
};
if chrono::Utc::now() > expires_at { if chrono::Utc::now() > expires_at {
return Ok(GurtResponse::bad_request().with_string_body("Challenge expired")); return Ok(GurtResponse::bad_request().with_string_body("Challenge expired"));