更新账户时间字段类型并添加ACME地址配置

将Account结构体中的RegisterTime和ExpirationTime字段从time.Time改为int64，并在多个文件中更新相关代码以适应这一更改。同时，新增了ACMEAddress变量及相关配置，用于指定ACME证书请求的监听地址。

src/certssl/account/data.go

@@ -13,8 +13,8 @@ const DefaultAccountExp = 24 * time.Hour
 type Account struct {
 	Resource       registration.Resource // 避免使用指针
 	Email          string
-	RegisterTime   time.Time
-	ExpirationTime time.Time
+	RegisterTime   int64
+	ExpirationTime int64
 }
 
 func newAccount(email string, client *lego.Client) (Account, error) {
@@ -29,7 +29,7 @@ func newAccount(email string, client *lego.Client) (Account, error) {
 	return Account{
 		Resource:       *res,
 		Email:          email,
-		RegisterTime:   now,
-		ExpirationTime: now.Add(DefaultAccountExp),
+		RegisterTime:   now.Unix(),
+		ExpirationTime: now.Add(DefaultAccountExp).Unix(),
 	}, nil
 }

src/certssl/account/load.go

@@ -28,7 +28,7 @@ func loadAccount(dir string, email string) (Account, error) {
 		return Account{}, fmt.Errorf("decode account failed: %s", err.Error())
 	}
 
-	if time.Now().After(account.ExpirationTime) {
+	if time.Now().After(time.Unix(account.ExpirationTime, 0)) {
 		return Account{}, ErrExpiredAccount
 	}
 

src/certssl/applycert/main.go

@@ -13,7 +13,7 @@ import (
 	"time"
 )
 
-func ApplyCert(basedir string, email string, httpsAddress string, domain string) (crypto.PrivateKey, *certificate.Resource, error) {
+func ApplyCert(basedir string, email string, acmeAddress string, domain string) (crypto.PrivateKey, *certificate.Resource, error) {
 	privateKey, err := certcrypto.GeneratePrivateKey(certcrypto.RSA4096)
 	if err != nil {
 		return nil, nil, fmt.Errorf("generate private key failed: %s", err.Error())
@@ -29,14 +29,14 @@ func ApplyCert(basedir string, email string, httpsAddress string, domain string)
 		return nil, nil, fmt.Errorf("new client failed: %s", err.Error())
 	}
 
-	iface, port, err := net.SplitHostPort(httpsAddress)
+	host, port, err := net.SplitHostPort(acmeAddress)
 	if err != nil {
 		return nil, nil, fmt.Errorf("split host port failed: %s", err.Error())
 	} else if port == "" {
 		port = "443"
 	}
 
-	err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer(domain, port))
+	err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer(host, port))
 	if err != nil {
 		return nil, nil, fmt.Errorf("set http01 provider failed: %s", err.Error())
 	}
@@ -50,7 +50,7 @@ func ApplyCert(basedir string, email string, httpsAddress string, domain string)
 	user.setRegistration(reg)
 
 	if domain == "" {
-		domain = iface
+		domain = host
 	}
 
 	request := certificate.ObtainRequest{

src/certssl/main.go

@@ -9,7 +9,7 @@ import (
 	"time"
 )
 
-func GetCertificateAndPrivateKey(basedir string, email string, httpsAddress string, domain string) (crypto.PrivateKey, *x509.Certificate, error) {
+func GetCertificateAndPrivateKey(basedir string, email string, acmeAddress string, domain string) (crypto.PrivateKey, *x509.Certificate, error) {
 	if email == "" {
 		email = "no-reply@example.com"
 	}
@@ -27,7 +27,7 @@ func GetCertificateAndPrivateKey(basedir string, email string, httpsAddress stri
 		return privateKey, cert, nil
 	}
 
-	privateKey, resource, err := applycert.ApplyCert(basedir, email, httpsAddress, domain)
+	privateKey, resource, err := applycert.ApplyCert(basedir, email, acmeAddress, domain)
 	if err != nil {
 		return nil, nil, fmt.Errorf("apply cert failed: %s", err.Error())
 	} else if privateKey == nil || cert == nil {
@@ -48,7 +48,7 @@ type NewCert struct {
 	Error       error
 }
 
-func WatchCertificateAndPrivateKey(dir string, email string, httpsAddress string, domain string, oldPrivateKey crypto.PrivateKey, oldCert *x509.Certificate, stopchan chan bool, newchan chan NewCert) error {
+func WatchCertificateAndPrivateKey(dir string, email string, acmeAddress string, domain string, oldCert *x509.Certificate, stopchan chan bool, newchan chan NewCert) error {
 	for {
 		select {
 		case <-stopchan:
@@ -60,7 +60,7 @@ func WatchCertificateAndPrivateKey(dir string, email string, httpsAddress string
 			close(stopchan)
 			return nil
 		default:
-			privateKey, cert, err := watchCertificateAndPrivateKey(dir, email, httpsAddress, domain, oldPrivateKey, oldCert)
+			privateKey, cert, err := watchCertificateAndPrivateKey(dir, email, acmeAddress, domain, oldCert)
 			if err != nil {
 				newchan <- NewCert{
 					Error: fmt.Errorf("watch cert failed: %s", err.Error()),
@@ -75,7 +75,7 @@ func WatchCertificateAndPrivateKey(dir string, email string, httpsAddress string
 	}
 }
 
-func watchCertificateAndPrivateKey(dir string, email string, httpsAddress string, domain string, oldPrivateKey crypto.PrivateKey, oldCert *x509.Certificate) (crypto.PrivateKey, *x509.Certificate, error) {
+func watchCertificateAndPrivateKey(dir string, email string, acmeAddress string, domain string, oldCert *x509.Certificate) (crypto.PrivateKey, *x509.Certificate, error) {
 	if email == "" {
 		email = "no-reply@example.com"
 	}
@@ -92,7 +92,7 @@ func watchCertificateAndPrivateKey(dir string, email string, httpsAddress string
 		return nil, nil, nil
 	}
 
-	privateKey, resource, err := applycert.ApplyCert(dir, email, httpsAddress, domain)
+	privateKey, resource, err := applycert.ApplyCert(dir, email, acmeAddress, domain)
 	if err != nil {
 		return nil, nil, fmt.Errorf("apply cert fail: %s", err.Error())
 	}

src/flagparser/data.go

@@ -7,6 +7,7 @@ var HttpsAddress string = ""
 var HttpsDomain = ""
 var HttpsEmail = ""
 var HttpsCertDir = "./ssl-certs"
+var ACMEAddress = ""
 var DryRun = false
 
 func Print() {
@@ -15,4 +16,5 @@ func Print() {
 	fmt.Println("HttpsDomain:", HttpsDomain)
 	fmt.Println("HttpsEmail:", HttpsEmail)
 	fmt.Println("HttpsCertDir:", HttpsCertDir)
+	fmt.Println("ACMEAddress:", ACMEAddress)
 }

src/flagparser/flag.go

@@ -14,16 +14,17 @@ func InitFlag() (err error) {
 		}
 	}()
 
-	flag.StringVar(&HttpAddress, "address", HttpAddress, "http server address")
-	flag.StringVar(&HttpAddress, "a", HttpAddress, "http server address")
+	flag.StringVar(&HttpAddress, "address", HttpAddress, "http server listen address")
+	flag.StringVar(&HttpAddress, "a", HttpAddress, "http server listen address")
 
-	flag.StringVar(&HttpAddress, "http-address", HttpAddress, "http server address")
-	flag.StringVar(&HttpAddress, "h", HttpAddress, "http server address")
+	flag.StringVar(&HttpAddress, "http-address", HttpAddress, "http server listen address")
+	flag.StringVar(&HttpAddress, "h", HttpAddress, "http server listen address")
 
-	flag.StringVar(&HttpsAddress, "https-address", HttpsAddress, "https server address")
+	flag.StringVar(&HttpsAddress, "https-address", HttpsAddress, "https server listen address")
 	flag.StringVar(&HttpsDomain, "https-domain", HttpsDomain, "https server domain")
 	flag.StringVar(&HttpsEmail, "https-email", HttpsEmail, "https cert email")
 	flag.StringVar(&HttpsCertDir, "https-cert-dir", HttpsCertDir, "https cert save dir")
+	flag.StringVar(&ACMEAddress, "acme-address", ACMEAddress, "acme https cert listen address")
 
 	flag.BoolVar(&DryRun, "dry-run", DryRun, "only parser the options")
 

src/httpsslserver/server.go

@@ -20,6 +20,7 @@ var HttpSSLAddress string
 var HttpSSLDomain string
 var HttpSSLEmail string
 var HttpSSLCertDir string
+var ACMEAddress string
 
 var PrivateKey crypto.PrivateKey
 var Certificate *x509.Certificate
@@ -32,10 +33,11 @@ func InitHttpSSLServer() (err error) {
 	HttpSSLDomain = flagparser.HttpsDomain
 	HttpSSLEmail = flagparser.HttpsEmail
 	HttpSSLCertDir = flagparser.HttpsCertDir
+	ACMEAddress = flagparser.ACMEAddress
 
-	PrivateKey, Certificate, err = certssl.GetCertificateAndPrivateKey(HttpSSLCertDir, HttpSSLEmail, HttpSSLAddress, HttpSSLDomain)
+	PrivateKey, Certificate, err = certssl.GetCertificateAndPrivateKey(HttpSSLCertDir, HttpSSLEmail, ACMEAddress, HttpSSLDomain)
 	if err != nil {
-		return fmt.Errorf("Init htttps error: %s", err.Error())
+		return fmt.Errorf("init htttps error: %s", err.Error())
 	}
 
 	return initHttpSSLServer()
@@ -90,7 +92,7 @@ func WatchCert(stopchan chan bool) {
 	newchan := make(chan certssl.NewCert)
 
 	go func() {
-		err := certssl.WatchCertificateAndPrivateKey(HttpSSLCertDir, HttpSSLEmail, HttpSSLAddress, HttpSSLDomain, PrivateKey, Certificate, stopchan, newchan)
+		err := certssl.WatchCertificateAndPrivateKey(HttpSSLCertDir, HttpSSLEmail, HttpSSLAddress, HttpSSLDomain, Certificate, stopchan, newchan)
 		if err != nil {
 			fmt.Printf("watch https cert server error: %s", err.Error())
 		}