From 4dbbf59c82e887613face99bf8480db2427b9625 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Sun, 29 Jun 2025 18:44:11 +0800
Subject: [PATCH] Fix logger for acme

---
 Makefile                 |  2 +-
 common/tls/acme.go       | 49 +++++++++++++++++++++++++++++++++-------
 common/tls/acme_stub.go  |  3 ++-
 common/tls/std_server.go |  2 +-
 4 files changed, 45 insertions(+), 11 deletions(-)

diff --git a/Makefile b/Makefile
index ea633673..0561fa3c 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 NAME = sing-box
 COMMIT = $(shell git rev-parse --short HEAD)
-TAGS_GO120 = with_gvisor,with_dhcp,with_wireguard,with_reality_server,with_clash_api,with_quic,with_utls
+TAGS_GO120 = with_gvisor,with_dhcp,with_wireguard,with_reality_server,with_clash_api,with_quic,with_utls,with_acme
 TAGS_GO121 = with_ech
 TAGS ?= $(TAGS_GO118),$(TAGS_GO120),$(TAGS_GO121)
 TAGS_TEST ?= with_gvisor,with_quic,with_wireguard,with_grpc,with_ech,with_utls,with_reality_server
diff --git a/common/tls/acme.go b/common/tls/acme.go
index 08b24ed2..52172c9c 100644
--- a/common/tls/acme.go
+++ b/common/tls/acme.go
@@ -5,13 +5,13 @@ package tls
 import (
 	"context"
 	"crypto/tls"
-	"os"
 	"strings"
 
 	"github.com/sagernet/sing-box/adapter"
 	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/option"
 	E "github.com/sagernet/sing/common/exceptions"
+	"github.com/sagernet/sing/common/logger"
 
 	"github.com/caddyserver/certmagic"
 	"github.com/libdns/alidns"
@@ -37,7 +37,38 @@ func (w *acmeWrapper) Close() error {
 	return nil
 }
 
-func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Config, adapter.Service, error) {
+type acmeLogWriter struct {
+	logger logger.Logger
+}
+
+func (w *acmeLogWriter) Write(p []byte) (n int, err error) {
+	logLine := strings.ReplaceAll(string(p), "	", ": ")
+	switch {
+	case strings.HasPrefix(logLine, "error: "):
+		w.logger.Error(logLine[7:])
+	case strings.HasPrefix(logLine, "warn: "):
+		w.logger.Warn(logLine[6:])
+	case strings.HasPrefix(logLine, "info: "):
+		w.logger.Info(logLine[6:])
+	case strings.HasPrefix(logLine, "debug: "):
+		w.logger.Debug(logLine[7:])
+	default:
+		w.logger.Debug(logLine)
+	}
+	return len(p), nil
+}
+
+func (w *acmeLogWriter) Sync() error {
+	return nil
+}
+
+func encoderConfig() zapcore.EncoderConfig {
+	config := zap.NewProductionEncoderConfig()
+	config.TimeKey = zapcore.OmitKey
+	return config
+}
+
+func startACME(ctx context.Context, logger logger.Logger, options option.InboundACMEOptions) (*tls.Config, adapter.Service, error) {
 	var acmeServer string
 	switch options.Provider {
 	case "", "letsencrypt":
@@ -58,14 +89,15 @@ func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Con
 	} else {
 		storage = certmagic.Default.Storage
 	}
+	zapLogger := zap.New(zapcore.NewCore(
+		zapcore.NewConsoleEncoder(encoderConfig()),
+		&acmeLogWriter{logger: logger},
+		zap.DebugLevel,
+	))
 	config := &certmagic.Config{
 		DefaultServerName: options.DefaultServerName,
 		Storage:           storage,
-		Logger: zap.New(zapcore.NewCore(
-			zapcore.NewConsoleEncoder(zap.NewProductionEncoderConfig()),
-			os.Stderr,
-			zap.InfoLevel,
-		)),
+		Logger:            zapLogger,
 	}
 	acmeConfig := certmagic.ACMEIssuer{
 		CA:                      acmeServer,
@@ -75,7 +107,7 @@ func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Con
 		DisableTLSALPNChallenge: options.DisableTLSALPNChallenge,
 		AltHTTPPort:             int(options.AlternativeHTTPPort),
 		AltTLSALPNPort:          int(options.AlternativeTLSPort),
-		Logger:                  config.Logger,
+		Logger:                  zapLogger,
 	}
 	if dnsOptions := options.DNS01Challenge; dnsOptions != nil && dnsOptions.Provider != "" {
 		var solver certmagic.DNS01Solver
@@ -103,6 +135,7 @@ func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Con
 		GetConfigForCert: func(certificate certmagic.Certificate) (*certmagic.Config, error) {
 			return config, nil
 		},
+		Logger: zapLogger,
 	})
 	config = certmagic.New(cache, *config)
 	var tlsConfig *tls.Config
diff --git a/common/tls/acme_stub.go b/common/tls/acme_stub.go
index d97d0540..f32f9e8d 100644
--- a/common/tls/acme_stub.go
+++ b/common/tls/acme_stub.go
@@ -9,8 +9,9 @@ import (
 	"github.com/sagernet/sing-box/adapter"
 	"github.com/sagernet/sing-box/option"
 	E "github.com/sagernet/sing/common/exceptions"
+	"github.com/sagernet/sing/common/logger"
 )
 
-func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Config, adapter.Service, error) {
+func startACME(ctx context.Context, logger logger.Logger, options option.InboundACMEOptions) (*tls.Config, adapter.Service, error) {
 	return nil, nil, E.New(`ACME is not included in this build, rebuild with -tags with_acme`)
 }
diff --git a/common/tls/std_server.go b/common/tls/std_server.go
index 949521d7..27986003 100644
--- a/common/tls/std_server.go
+++ b/common/tls/std_server.go
@@ -157,7 +157,7 @@ func NewSTDServer(ctx context.Context, logger log.Logger, options option.Inbound
 	var err error
 	if options.ACME != nil && len(options.ACME.Domain) > 0 {
 		//nolint:staticcheck
-		tlsConfig, acmeService, err = startACME(ctx, common.PtrValueOrDefault(options.ACME))
+		tlsConfig, acmeService, err = startACME(ctx, logger, common.PtrValueOrDefault(options.ACME))
 		if err != nil {
 			return nil, err
 		}