From d8c384411d04a5951c7be7523e236ffca64b3b16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=9F=D0=B8=D1=87=D1=83=D0=B3=D0=B8=D0=BD=20=D0=9A=D0=BE?= =?UTF-8?q?=D0=BD=D1=81=D1=82=D0=B0=D0=BD=D1=82=D0=B8=D0=BD?= Date: Sat, 27 Sep 2025 02:14:53 +0300 Subject: [PATCH] fix: fix russian comments, tls cert verify default true --- go.mod | 2 +- util/ldap/ldap.go | 4 ++-- web/job/ldap_sync_job.go | 51 +++++++--------------------------------- 3 files changed, 12 insertions(+), 45 deletions(-) diff --git a/go.mod b/go.mod index 02c21246..b57a7673 100644 --- a/go.mod +++ b/go.mod @@ -104,7 +104,7 @@ require ( lukechampine.com/blake3 v1.4.1 // indirect ) -// Локальные подмены модулей +// Local module replacements replace github.com/mhsanaei/3x-ui/v2/util/ldap => ./util/ldap replace github.com/mhsanaei/3x-ui/v2/web/service => ./web/service replace github.com/mhsanaei/3x-ui/v2/web/job => ./web/job diff --git a/util/ldap/ldap.go b/util/ldap/ldap.go index 6b081908..1c7a20e7 100644 --- a/util/ldap/ldap.go +++ b/util/ldap/ldap.go @@ -27,7 +27,7 @@ func FetchVlessFlags(cfg Config) (map[string]bool, error) { var conn *ldap.Conn var err error if cfg.UseTLS { - conn, err = ldap.DialTLS("tcp", addr, &tls.Config{InsecureSkipVerify: true}) + conn, err = ldap.DialTLS("tcp", addr, &tls.Config{InsecureSkipVerify: false}) } else { conn, err = ldap.Dial("tcp", addr) } @@ -94,7 +94,7 @@ func AuthenticateUser(cfg Config, username, password string) (bool, error) { var conn *ldap.Conn var err error if cfg.UseTLS { - conn, err = ldap.DialTLS("tcp", addr, &tls.Config{InsecureSkipVerify: true}) + conn, err = ldap.DialTLS("tcp", addr, &tls.Config{InsecureSkipVerify: false}) } else { conn, err = ldap.Dial("tcp", addr) } diff --git a/web/job/ldap_sync_job.go b/web/job/ldap_sync_job.go index 9de4c0a4..326123a6 100644 --- a/web/job/ldap_sync_job.go +++ b/web/job/ldap_sync_job.go @@ -13,13 +13,15 @@ import ( "strconv" ) +var DefaultTruthyValues = []string{"true", "1", "yes", "on"} + type LdapSyncJob struct { settingService service.SettingService inboundService service.InboundService xrayService service.XrayService } -// --- Вспомогательные функции для mustGet --- +// --- Helper functions for mustGet --- func mustGetString(fn func() (string, error)) string { v, err := fn() if err != nil { @@ -172,7 +174,7 @@ func (j *LdapSyncJob) Run() { func splitCsv(s string) []string { if s == "" { - return []string{"true", "1", "yes", "on"} + return DefaultTruthyValues } parts := strings.Split(s, ",") out := make([]string, 0, len(parts)) @@ -186,7 +188,7 @@ func splitCsv(s string) []string { } -// buildClient собирает нового клиента для auto-create +// buildClient creates a new client for auto-create func (j *LdapSyncJob) buildClient(ib *model.Inbound, email string, defGB, defExpiryDays, defLimitIP int) model.Client { c := model.Client{ Email: email, @@ -206,7 +208,7 @@ func (j *LdapSyncJob) buildClient(ib *model.Inbound, email string, defGB, defExp return c } -// batchSetEnable массово включает/выключает клиентов через один вызов +// batchSetEnable enables/disables clients in batch through a single call func (j *LdapSyncJob) batchSetEnable(ib *model.Inbound, emails []string, enable bool) { if len(emails) == 0 { return @@ -226,7 +228,7 @@ func (j *LdapSyncJob) batchSetEnable(ib *model.Inbound, emails []string, enable Settings: j.clientsToJSON(clients), } - // Используем один вызов AddInboundClient для обновления enable + // Use a single AddInboundClient call to update enable if _, err := j.inboundService.AddInboundClient(payload); err != nil { logger.Warningf("Batch set enable failed for inbound %s: %v", ib.Tag, err) return @@ -236,7 +238,7 @@ func (j *LdapSyncJob) batchSetEnable(ib *model.Inbound, emails []string, enable j.xrayService.SetToNeedRestart() } -// deleteClientsNotInLDAP массовое удаление клиентов, которых нет в LDAP +// deleteClientsNotInLDAP performs batch deletion of clients not in LDAP func (j *LdapSyncJob) deleteClientsNotInLDAP(inboundTag string, ldapEmails map[string]struct{}) { inbounds, err := j.inboundService.GetAllInbounds() if err != nil { @@ -257,7 +259,7 @@ func (j *LdapSyncJob) deleteClientsNotInLDAP(inboundTag string, ldapEmails map[s toDelete := []model.Client{} for _, c := range clients { if _, ok := ldapEmails[c.Email]; !ok { - // В зависимости от протокола используем нужное поле + // Use appropriate field depending on protocol client := model.Client{Email: c.Email, ID: c.ID, Password: c.Password} toDelete = append(toDelete, client) } @@ -354,41 +356,6 @@ func (j *LdapSyncJob) ensureClientExists(inboundTag string, email string, defGB } } -// deleteClientsNotInLDAP removes clients from inbound tag that are not in ldapEmails -// func (j *LdapSyncJob) deleteClientsNotInLDAP(inboundTag string, ldapEmails map[string]struct{}) { -// inbounds, err := j.inboundService.GetAllInbounds() -// if err != nil { -// return -// } -// for _, ib := range inbounds { -// if ib.Tag != inboundTag { -// continue -// } -// clients, err := j.inboundService.GetClients(ib) -// if err != nil { -// continue -// } -// for _, c := range clients { -// if _, ok := ldapEmails[c.Email]; !ok { -// // determine clientId per protocol -// clientId := c.ID -// if ib.Protocol == model.Trojan { -// clientId = c.Password -// } else if ib.Protocol == model.Shadowsocks { -// clientId = c.Email -// } -// needRestart, err := j.inboundService.DelInboundClient(ib.Id, clientId) -// if err == nil { -// if needRestart { -// j.xrayService.SetToNeedRestart() -// } -// logger.Infof("LDAP auto-delete: %s from %s", c.Email, inboundTag) -// } -// } -// } -// } -// } - // clientToJSON serializes minimal client fields to JSON object string without extra deps func (j *LdapSyncJob) clientToJSON(c model.Client) string { // construct minimal JSON manually to avoid importing json for simple case