优化代码

server/dbdata/cert_client.go

@@ -345,7 +345,7 @@ func ValidateClientCert(cert *x509.Certificate, userAgent string) bool {
 
 	// 检查证书状态
 	if clientCertData.GetStatus() != CertStatusActive {
-		base.Error("证书验证失败：证书状态为", clientCertData.GetStatusText())
+		base.Error("证书验证失败：", user.Username, "证书状态为", clientCertData.GetStatusText())
 		return false
 	}
 

server/handler/link_auth.go

@@ -108,7 +108,6 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
 				ua.Status = dbdata.UserAuthFail
 				dbdata.UserActLogIns.Add(*ua, userAgent)
 
-				w.WriteHeader(http.StatusForbidden)
 				return
 			}
 		}

server/handler/server.go

@@ -75,6 +75,7 @@ func startTls() {
 	if base.Cfg.AuthAloneCert {
 		tlsConfig.ClientAuth = tls.VerifyClientCertIfGiven // 验证客户端证书
 		tlsConfig.ClientCAs = dbdata.LoadClientCAPool()    // 加载客户端CA证书
+		base.Info("已启用独立证书验证")
 	}
 	srv := &http.Server{
 		Addr:         addr,