修复AnyTLS无法配置证书的错误

service/xboard/service_test.go

@@ -3,6 +3,7 @@ package xboard
 import (
 	"testing"
 
+	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing/common/json/badoption"
 )
@@ -158,11 +159,11 @@ func TestApplyACMEConfigFromAutoTLS(t *testing.T) {
 	if len(tlsOptions.ACME.Domain) != 1 || tlsOptions.ACME.Domain[0] != "example.com" {
 		t.Fatalf("ACME domains = %+v", tlsOptions.ACME.Domain)
 	}
-	if tlsOptions.ACME.AlternativeTLSPort != 8443 {
-		t.Fatalf("AlternativeTLSPort = %d, want 8443", tlsOptions.ACME.AlternativeTLSPort)
+	if tlsOptions.ACME.DisableHTTPChallenge {
+		t.Fatal("DisableHTTPChallenge should be false for auto_tls/http mode")
 	}
-	if !tlsOptions.ACME.DisableHTTPChallenge {
-		t.Fatal("DisableHTTPChallenge should be true for inline ACME")
+	if !tlsOptions.ACME.DisableTLSALPNChallenge {
+		t.Fatal("DisableTLSALPNChallenge should be true for auto_tls/http mode")
 	}
 }
 
@@ -193,6 +194,71 @@ func TestApplyACMEConfigFromDNSCertMode(t *testing.T) {
 	}
 }
 
+func TestApplyACMEConfigFromTencentCloudDNSCertMode(t *testing.T) {
+	var tlsOptions option.InboundTLSOptions
+	ok := applyACMEConfig(&tlsOptions, &XCertConfig{
+		CertMode:    "dns",
+		Domain:      "code.littlediary.cn",
+		DNSProvider: "tencentcloud",
+		DNSEnv: map[string]string{
+			"TENCENTCLOUD_SECRET_ID":  "sid",
+			"TENCENTCLOUD_SECRET_KEY": "skey",
+		},
+	}, false, "code.littlediary.cn", 45365)
+	if !ok {
+		t.Fatal("applyACMEConfig() returned false")
+	}
+	if tlsOptions.ACME == nil || tlsOptions.ACME.DNS01Challenge == nil {
+		t.Fatal("DNS01Challenge not configured")
+	}
+	if tlsOptions.ACME.DNS01Challenge.Provider != C.DNSProviderTencentCloud {
+		t.Fatalf("DNS provider = %q", tlsOptions.ACME.DNS01Challenge.Provider)
+	}
+	if tlsOptions.ACME.DNS01Challenge.TencentCloudOptions.SecretID != "sid" {
+		t.Fatalf("TencentCloud SecretID = %q", tlsOptions.ACME.DNS01Challenge.TencentCloudOptions.SecretID)
+	}
+	if tlsOptions.ACME.DNS01Challenge.TencentCloudOptions.SecretKey != "skey" {
+		t.Fatalf("TencentCloud SecretKey = %q", tlsOptions.ACME.DNS01Challenge.TencentCloudOptions.SecretKey)
+	}
+	if tlsOptions.ACME.AlternativeTLSPort != 45365 {
+		t.Fatalf("AlternativeTLSPort = %d, want 45365", tlsOptions.ACME.AlternativeTLSPort)
+	}
+}
+
+func TestApplyACMEConfigFromDNSPodAliasWithTencentCredentials(t *testing.T) {
+	var tlsOptions option.InboundTLSOptions
+	ok := applyACMEConfig(&tlsOptions, &XCertConfig{
+		CertMode:    "dns",
+		Domain:      "code.littlediary.cn",
+		DNSProvider: "dnspod",
+		DNSEnv: map[string]string{
+			"TENCENTCLOUD_SECRET_ID":  "sid",
+			"TENCENTCLOUD_SECRET_KEY": "skey",
+		},
+	}, false, "code.littlediary.cn", 443)
+	if !ok {
+		t.Fatal("applyACMEConfig() returned false")
+	}
+	if tlsOptions.ACME == nil || tlsOptions.ACME.DNS01Challenge == nil {
+		t.Fatal("DNS01Challenge not configured")
+	}
+	if tlsOptions.ACME.DNS01Challenge.Provider != C.DNSProviderTencentCloud {
+		t.Fatalf("DNS provider = %q, want %q", tlsOptions.ACME.DNS01Challenge.Provider, C.DNSProviderTencentCloud)
+	}
+}
+
+func TestMergedTLSSettingsUsesTopLevelServerName(t *testing.T) {
+	tlsSettings := mergedTLSSettings(XInnerConfig{}, &XNodeConfig{
+		ServerName: "code.littlediary.cn",
+	})
+	if tlsSettings == nil {
+		t.Fatal("mergedTLSSettings() returned nil")
+	}
+	if tlsSettings.ServerName != "code.littlediary.cn" {
+		t.Fatalf("ServerName = %q, want %q", tlsSettings.ServerName, "code.littlediary.cn")
+	}
+}
+
 func TestHasUsableServerTLS(t *testing.T) {
 	if hasUsableServerTLS(option.InboundTLSOptions{}) {
 		t.Fatal("empty TLS options should not be usable")