更新证书处理和路由配置

修改了证书读写逻辑，增加了对域名的支持，并在多个文件中更新了相关函数。同时，在路由配置中添加了新的路径以打印请求信息。

README.md

@@ -34,8 +34,12 @@ HTTPS默认使用acme的DNS-01调整申请HTTPS证书，因此你需要配置：
 ## 路由
 `/` - 打印请求信息
 
+`/message` - 打印请求信息
+
 `/ip` - 打印接收请求时对方的IP地址，未必为请求人的IP地址，可能是代理的地址。
 
+`/remote/ip` - 打印接收请求时对方的IP地址，未必为请求人的IP地址，可能是代理的地址。
+
 `/client/ip` - 请取人的地址，通过请求头X-Forwarder-For等获取
 
 `/timestamp` - 当前时间戳

src/certssl/applycert/main.go

@@ -8,7 +8,6 @@ import (
 	"github.com/go-acme/lego/v4/certificate"
 	"github.com/go-acme/lego/v4/lego"
 	"github.com/go-acme/lego/v4/providers/dns/alidns"
-	"path"
 	"time"
 )
 
@@ -74,12 +73,17 @@ func ApplyCert(basedir string, email string, aliyunAccessKey string, aliyunAcces
 		return nil, fmt.Errorf("save account error after obtain: %s", err.Error())
 	}
 
-	err = writerWithDate(path.Join(basedir, "cert-backup"), resource)
+	cert, err := utils.ReadCertificate(resource.Certificate)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read certificate: %s", err.Error())
+	}
+
+	err = writerWithDate(basedir, cert, resource)
 	if err != nil {
 		return nil, fmt.Errorf("writer certificate backup failed: %s", err.Error())
 	}
 
-	err = writer(basedir, resource)
+	err = writer(basedir, cert, resource)
 	if err != nil {
 		return nil, fmt.Errorf("writer certificate failed: %s", err.Error())
 	}

src/certssl/applycert/read.go

@@ -10,18 +10,19 @@ import (
 	"path"
 )
 
-func ReadLocalCertificateAndPrivateKey(basedir string) (crypto.PrivateKey, *x509.Certificate, *x509.Certificate, error) {
-	cert, err := readCertificate(basedir)
+func ReadLocalCertificateAndPrivateKey(basedir string, domain string) (crypto.PrivateKey, *x509.Certificate, *x509.Certificate, error) {
+	dir := path.Join(basedir, domain)
+	cert, err := readCertificate(dir)
 	if err != nil {
 		return nil, nil, nil, fmt.Errorf("read certificate failed: %s", err.Error())
 	}
 
-	cacert, err := readCACertificate(basedir)
+	cacert, err := readCACertificate(dir)
 	if err != nil {
 		return nil, nil, nil, fmt.Errorf("read certificate failed: %s", err.Error())
 	}
 
-	privateKey, err := readPrivateKey(basedir)
+	privateKey, err := readPrivateKey(dir)
 	if err != nil {
 		return nil, nil, nil, fmt.Errorf("read private key failed: %s", err.Error())
 	}
@@ -29,8 +30,8 @@ func ReadLocalCertificateAndPrivateKey(basedir string) (crypto.PrivateKey, *x509
 	return privateKey, cert, cacert, nil
 }
 
-func readCertificate(basedir string) (*x509.Certificate, error) {
-	filepath := path.Join(basedir, filename.FileCertificate)
+func readCertificate(dir string) (*x509.Certificate, error) {
+	filepath := path.Join(dir, filename.FileCertificate)
 	data, err := os.ReadFile(filepath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read certificate file: %v", err)
@@ -44,8 +45,8 @@ func readCertificate(basedir string) (*x509.Certificate, error) {
 	return cert, nil
 }
 
-func readCACertificate(basedir string) (*x509.Certificate, error) {
-	filepath := path.Join(basedir, filename.FileIssuerCertificate)
+func readCACertificate(dir string) (*x509.Certificate, error) {
+	filepath := path.Join(dir, filename.FileIssuerCertificate)
 	data, err := os.ReadFile(filepath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read certificate file: %v", err)
@@ -59,8 +60,8 @@ func readCACertificate(basedir string) (*x509.Certificate, error) {
 	return cert, nil
 }
 
-func readPrivateKey(basedir string) (crypto.PrivateKey, error) {
-	filepath := path.Join(basedir, filename.FilePrivateKey)
+func readPrivateKey(dir string) (crypto.PrivateKey, error) {
+	filepath := path.Join(dir, filename.FilePrivateKey)
 	data, err := os.ReadFile(filepath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read key file: %v", err)

src/certssl/applycert/write.go

@@ -1,20 +1,15 @@
 package applycert
 
 import (
+	"crypto/x509"
 	"fmt"
 	"github.com/SongZihuan/http-demo/src/certssl/filename"
-	"github.com/SongZihuan/http-demo/src/utils"
 	"github.com/go-acme/lego/v4/certificate"
 	"os"
 	"path"
 )
 
-func writerWithDate(dir string, resource *certificate.Resource) error {
-	cert, err := utils.ReadCertificate(resource.Certificate)
-	if err != nil {
-		return fmt.Errorf("failed to read certificate: %s", err.Error())
-	}
-
+func writerWithDate(basedir string, cert *x509.Certificate, resource *certificate.Resource) error {
 	domain := cert.Subject.CommonName
 	if domain == "" && len(cert.DNSNames) == 0 {
 		return fmt.Errorf("no domains in certificate")
@@ -25,8 +20,8 @@ func writerWithDate(dir string, resource *certificate.Resource) error {
 	month := fmt.Sprintf("%d", cert.NotBefore.Month())
 	day := fmt.Sprintf("%d", cert.NotBefore.Day())
 
-	backupdir := path.Join(dir, domain, year, month, day)
-	err = os.MkdirAll(backupdir, 0775)
+	backupdir := path.Join(basedir, "cert-backup", domain, year, month, day)
+	err := os.MkdirAll(backupdir, 0775)
 	if err != nil {
 		return err
 	}
@@ -54,28 +49,35 @@ func writerWithDate(dir string, resource *certificate.Resource) error {
 	return nil
 }
 
-func writer(basedir string, resource *certificate.Resource) error {
-	err := os.MkdirAll(basedir, 0775)
+func writer(basedir string, cert *x509.Certificate, resource *certificate.Resource) error {
+	domain := cert.Subject.CommonName
+	if domain == "" && len(cert.DNSNames) == 0 {
+		return fmt.Errorf("no domains in certificate")
+	}
+	domain = cert.DNSNames[0]
+
+	dir := path.Join(basedir, domain)
+	err := os.MkdirAll(dir, 0775)
 	if err != nil {
-		return fmt.Errorf("failed to create directory %s: %s", basedir, err.Error())
+		return fmt.Errorf("failed to create directory %s: %s", dir, err.Error())
 	}
 
-	err = os.WriteFile(path.Join(basedir, filename.FilePrivateKey), resource.PrivateKey, os.ModePerm)
+	err = os.WriteFile(path.Join(dir, filename.FilePrivateKey), resource.PrivateKey, os.ModePerm)
 	if err != nil {
 		return err
 	}
 
-	err = os.WriteFile(path.Join(basedir, filename.FileCertificate), resource.Certificate, os.ModePerm)
+	err = os.WriteFile(path.Join(dir, filename.FileCertificate), resource.Certificate, os.ModePerm)
 	if err != nil {
 		return err
 	}
 
-	err = os.WriteFile(path.Join(basedir, filename.FileIssuerCertificate), resource.IssuerCertificate, os.ModePerm)
+	err = os.WriteFile(path.Join(dir, filename.FileIssuerCertificate), resource.IssuerCertificate, os.ModePerm)
 	if err != nil {
 		return err
 	}
 
-	err = os.WriteFile(path.Join(basedir, filename.FileCSR), resource.CSR, os.ModePerm)
+	err = os.WriteFile(path.Join(dir, filename.FileCSR), resource.CSR, os.ModePerm)
 	if err != nil {
 		return err
 	}

src/certssl/main.go

@@ -24,7 +24,7 @@ func GetCertificateAndPrivateKey(basedir string, email string, aliyunAccessKey s
 		return nil, nil, nil, fmt.Errorf("not a valid domain")
 	}
 
-	privateKey, cert, cacert, err := applycert.ReadLocalCertificateAndPrivateKey(basedir)
+	privateKey, cert, cacert, err := applycert.ReadLocalCertificateAndPrivateKey(basedir, domain)
 	if err == nil && utils.CheckCertWithDomain(cert, domain) && utils.CheckCertWithTime(cert, 5*24*time.Hour) {
 		return privateKey, cert, cacert, nil
 	}

src/engine/engine.go

@@ -14,7 +14,9 @@ func InitEngine() error {
 	Engine.Use(gin.Logger(), gin.Recovery())
 
 	Engine.GET("/", handler.HandlerMessage)
+	Engine.GET("/message", handler.HandlerMessage)
 	Engine.GET("/ip", handler.HandlerRemoteIP)
+	Engine.GET("/remote/ip", handler.HandlerRemoteIP)
 	Engine.GET("/client/ip", handler.HandlerClientIP)
 	Engine.GET("/timestamp", handler.HandlerTimestamp)
 	Engine.GET("/datetime", handler.HandlerDatetime)

src/handler/message.go

@@ -37,7 +37,6 @@ func HandlerMessage(c *gin.Context) {
 	res.WriteString(fmt.Sprintf("X-Forwarded-For: %s\n", c.Request.Header.Get(RequestsXForwardedFor)))
 	res.WriteString(fmt.Sprintf("X-Forwarded-Proto: %s\n", c.Request.Header.Get(RequestsXForwardedProto)))
 	res.WriteString(fmt.Sprintf("X-Forwarded-Host: %s\n", c.Request.Header.Get(RequestsXForwardedHost)))
-	res.WriteString(fmt.Sprintf("X-Forwarded-Host: %s\n", c.Request.Header.Get(RequestsXForwardedHost)))
 	res.WriteString(fmt.Sprintf("X-Message: %s\n", strings.Join(c.Request.Header.Values(RequestsXMessage), " ")))
 
 	str := res.String()