forked from TrueCloudLab/lego
Add workaround for new-authz rate limits (#357)
This commit is contained in:
parent
6cac0ea7d8
commit
45beff7ed3
1 changed files with 16 additions and 2 deletions
|
@ -23,8 +23,15 @@ var (
|
||||||
Logger *log.Logger
|
Logger *log.Logger
|
||||||
)
|
)
|
||||||
|
|
||||||
// maxBodySize is the maximum size of body that we will read.
|
const (
|
||||||
const maxBodySize = 1024 * 1024
|
// maxBodySize is the maximum size of body that we will read.
|
||||||
|
maxBodySize = 1024 * 1024
|
||||||
|
|
||||||
|
// overallRequestLimit is the overall number of request per second limited on the
|
||||||
|
// “new-reg”, “new-authz” and “new-cert” endpoints. From the documentation the
|
||||||
|
// limitation is 20 requests per second, but using 20 as value doesn't work but 18 do
|
||||||
|
overallRequestLimit = 18
|
||||||
|
)
|
||||||
|
|
||||||
// logf writes a log entry. It uses Logger if not
|
// logf writes a log entry. It uses Logger if not
|
||||||
// nil, otherwise it uses the default log.Logger.
|
// nil, otherwise it uses the default log.Logger.
|
||||||
|
@ -522,7 +529,14 @@ func (c *Client) chooseSolvers(auth authorization, domain string) map[int]solver
|
||||||
func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[string]error) {
|
func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[string]error) {
|
||||||
resc, errc := make(chan authorizationResource), make(chan domainError)
|
resc, errc := make(chan authorizationResource), make(chan domainError)
|
||||||
|
|
||||||
|
var delay time.Duration
|
||||||
|
if len(domains) > overallRequestLimit {
|
||||||
|
delay = time.Second / overallRequestLimit
|
||||||
|
}
|
||||||
|
|
||||||
for _, domain := range domains {
|
for _, domain := range domains {
|
||||||
|
time.Sleep(delay)
|
||||||
|
|
||||||
go func(domain string) {
|
go func(domain string) {
|
||||||
authMsg := authorization{Resource: "new-authz", Identifier: identifier{Type: "dns", Value: domain}}
|
authMsg := authorization{Resource: "new-authz", Identifier: identifier{Type: "dns", Value: domain}}
|
||||||
var authz authorization
|
var authz authorization
|
||||||
|
|
Loading…
Reference in a new issue